From mboxrd@z Thu Jan 1 00:00:00 1970 From: Arne Fitzenreiter To: ipfire-scm@lists.ipfire.org Subject: [git.ipfire.org] IPFire 2.x development tree branch, core129, created. 9deeda77b6fc4d62dce279b9854094ae8fcf4a4a Date: Wed, 13 Mar 2019 14:21:04 +0000 Message-ID: <20190313142104.C7DA684FDD6@people01.i.ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============0421094638712382589==" List-Id: --===============0421094638712382589== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, core129 has been created at 9deeda77b6fc4d62dce279b9854094ae8fcf4a4a (commit) - Log ----------------------------------------------------------------- commit 9deeda77b6fc4d62dce279b9854094ae8fcf4a4a Author: Arne Fitzenreiter Date: Wed Mar 13 15:18:52 2019 +0100 core129: finish update =20 Signed-off-by: Arne Fitzenreiter commit 668119063c630ff3fd7e8b6f1b608374c6c43f60 Author: Arne Fitzenreiter Date: Wed Mar 13 15:17:28 2019 +0100 u-boot: try to boot without ramdisk if the system cannot load it =20 Signed-off-by: Arne Fitzenreiter commit eaf004a4683518d80a1ad1ab0d0666aed34408cc Author: Arne Fitzenreiter Date: Wed Mar 13 15:06:23 2019 +0100 knot: update to 2.8.0 and build/install only kdig =20 This fix compile errors on small arm boards. (cc1 internal error) =20 Signed-off-by: Arne Fitzenreiter commit b57220aacdc2868f2ffab38348cf6f04af5c02a0 Author: Arne Fitzenreiter Date: Wed Mar 13 15:04:40 2019 +0100 groff: update to 1.22.4 =20 This fix compile problems on small arm boards. (cc1 internal error) =20 Signed-off-by: Arne Fitzenreiter commit c448474fc7032d9c522ba468b532d7920e0da6f4 Author: Arne Fitzenreiter Date: Wed Mar 13 09:38:21 2019 +0100 Revert "kernel: cleanup unused rpi patch" =20 This reverts commit a2d49659f3947e5a5a77cbc1bf384eb0b2760ca9. =20 The patch is still needed to prevent strange crashes =20 Signed-off-by: Arne Fitzenreiter commit beac5489627eafefcc6dd3adabfd1c74ffacc4d0 Author: Michael Tremer Date: Mon Mar 11 15:58:45 2019 +0000 Update list of contributors =20 Signed-off-by: Michael Tremer commit e26e86dcaa2b35d7e6500c088d4f2afba4c4ddd8 Author: Michael Tremer Date: Mon Mar 11 15:58:04 2019 +0000 core129: Ship updated dnsforward.cgi =20 Signed-off-by: Michael Tremer commit 56947acb12176f397cbd5078c5544cdc4f19b27b Merge: f1042a5d4 1ececb67a Author: Michael Tremer Date: Mon Mar 11 15:57:15 2019 +0000 Merge remote-tracking branch 'ms/dns-forwarding' into next commit f1042a5d4401ff6feb16eb18f1fcd48936e8c878 Author: Michael Tremer Date: Mon Mar 11 09:54:19 2019 +0000 core129: Ship updated dhcp.cgi =20 Signed-off-by: Michael Tremer commit 8288c0394bb96f5aa3878ea86c05c2d92d677347 Merge: 04f932195 31672dc8b Author: Michael Tremer Date: Mon Mar 11 09:53:56 2019 +0000 Merge remote-tracking branch 'ms/dhcp' into next commit 04f9321955606822aad7719fed4e80e26a1f82f9 Author: Peter M=C3=BCller Date: Fri Mar 8 19:17:00 2019 +0000 Tor WebUI: drop relay bandwith options < 1 MBit/s =20 Tor requires at least 1 MBit/s in order to participate. =20 Fixes #12001 =20 Signed-off-by: Peter M=C3=BCller Signed-off-by: Michael Tremer commit 199db95a705e059972d34b578b55606a65851904 Author: Michael Tremer Date: Mon Mar 11 09:38:56 2019 +0000 dnsdist: Limit to fewer concurrent build processes =20 Signed-off-by: Michael Tremer commit 61424e9c67334f2940ec8be66612b0a6b4df7adb Author: Michael Tremer Date: Sun Mar 10 18:23:22 2019 +0000 core129: Ship updated less =20 Signed-off-by: Michael Tremer commit 9f7524c8b0832353838255d4b64cf36555e92d56 Author: Peter M=C3=BCller Date: Fri Mar 8 19:19:00 2019 +0000 less: update to 530 =20 Signed-off-by: Peter M=C3=BCller Signed-off-by: Michael Tremer commit e29c6d29c9b800ca9c8b818f16e571672cd90a9f Author: Peter M=C3=BCller Date: Fri Mar 8 19:22:00 2019 +0000 Postfix: update to 3.4.1 =20 Signed-off-by: Peter M=C3=BCller Signed-off-by: Michael Tremer commit 15b1a3e360a277dc7481103f8ddcbf189033e3a6 Author: Matthias Fischer Date: Sun Mar 10 18:04:31 2019 +0100 slang: revert parallelized build =20 This partially reverts https://git.ipfire.org/?p=3Dipfire-2.x.git;a=3Dblo= b;f=3Dlfs/slang;h=3D217e74c77317d4c829913f934458779fd278bf29;hb=3D23164efba5f= 57b3d8ccb07a166b613f2f951e1b6 =20 'slang 2.3.0' doesn't like "$(MAKETUNING)" =20 Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit 50fcec161cb56ceb850d6cbda16d34f43d2d653b Author: Michael Tremer Date: Fri Mar 8 10:11:23 2019 +0000 /etc/group: Order groups by ID =20 Signed-off-by: Michael Tremer commit 3d0a1908438dbb7bd6f19c436bdb91f0b6b8fb81 Author: Michael Tremer Date: Fri Mar 8 10:08:02 2019 +0000 /etc/passwd: Order users by ID =20 Signed-off-by: Michael Tremer commit 7996c5fee9627f4fff0fd910d147341846788408 Author: Michael Tremer Date: Fri Mar 8 10:04:28 2019 +0000 zabbix_agent: Create /var/run/zabbix in initscript =20 Signed-off-by: Michael Tremer commit 661fdb02c28c64748b98a305dc63281a9225bbd8 Author: Michael Tremer Date: Fri Mar 8 09:58:56 2019 +0000 zabbix_agent: Ensure that the user exists on all systems =20 Signed-off-by: Michael Tremer commit 06fc6170a2b8827125977c2f4e9c6f94e7d93c0a Author: Alexander Koch Date: Thu Feb 14 00:06:19 2019 +0100 zabbix_agentd: New addon =20 New addon for monitoring IPFire by Zabbix Monitoring (https://www.zabbix.= com/features). See https://forum.ipfire.org/viewtopic.php?f=3D52&t=3D22039 and https://l= ists.ipfire.org/pipermail/development/2019-February/005324.html for further d= etails. =20 Best regards, Alex =20 Signed-off-by: Alexander Koch Signed-off-by: Michael Tremer commit 57d1564b3efdffb713d915b0dc66a2a24074c5f9 Author: Erik Kapfer Date: Fri Mar 8 05:51:55 2019 +0100 iptables: Commented legacy ip(6)tables entries from ROOTFILE =20 Signed-off-by: Erik Kapfer Signed-off-by: Michael Tremer commit c0ac5ae2a77d85ab4575bbbca022f18898bead5f Author: Michael Tremer Date: Thu Mar 7 11:27:19 2019 +0000 installer: Download ISO via HTTPS =20 Signed-off-by: Michael Tremer commit ea8a02c232835200d5ea37d4c72e75b864beb8b0 Author: Michael Tremer Date: Thu Mar 7 10:29:31 2019 +0000 Revert "boost: Build with -O2 only" =20 This reverts commit 9ff5b381eb8a4e129978c34f969e312c302ea7b1. =20 Boost wants to build with -O3 no matter what =20 Signed-off-by: Michael Tremer commit 1ececb67a1f83dd931e31d66893893ce542d0814 Author: Michael Tremer Date: Tue Mar 5 16:58:29 2019 +0000 unbound: Mark domains as insecure from DNS forwarding =20 Signed-off-by: Michael Tremer commit 025d8e63185e49d252ee6abb37008c8e5c26bf6b Author: Michael Tremer Date: Tue Mar 5 16:10:17 2019 +0000 DNS Forwarding: Add UI to Allow to disable DNSSEC for a zone =20 Signed-off-by: Michael Tremer commit 71a355c3a246a5de886ffee0376d83be942f48df Merge: 26796f3a4 b15b70bc6 Author: Michael Tremer Date: Tue Mar 5 15:25:36 2019 +0000 Merge branch 'ipsec-on-demand' into next commit b15b70bc6b6b5f6d8b62e5b730b68d86f59810e6 Author: Michael Tremer Date: Tue Mar 5 15:24:19 2019 +0000 vpnmain.cgi: Make on-demand mode default for IPsec VPNs =20 Signed-off-by: Michael Tremer commit eb09c90ef47606f616201fddc5e783149aee9228 Author: Michael Tremer Date: Tue Mar 5 15:23:33 2019 +0000 vpnmain.cgi: Carry over START_ACTION attribute correctly =20 This setting was not carried correctly and therefore the default was igno= red. =20 Signed-off-by: Michael Tremer commit 297473d5f4d7ba6734762ec71a8d86c07332a99c Author: Michael Tremer Date: Mon Mar 4 17:21:15 2019 +0000 make.sh: Fit more processes into memory =20 Because we have a good way to limit processes now, we should increase the default size a little bit =20 Signed-off-by: Michael Tremer commit 9ff5b381eb8a4e129978c34f969e312c302ea7b1 Author: Michael Tremer Date: Mon Mar 4 17:20:52 2019 +0000 boost: Build with -O2 only =20 This should increase build speed =20 Signed-off-by: Michael Tremer commit d53537ced9f0c52dbd8446e5e582275ba0053847 Author: Michael Tremer Date: Mon Mar 4 11:57:22 2019 +0000 Config: Builds don't seem to like the space =20 Signed-off-by: Michael Tremer commit a843073c8e93e15fd8e18064abde5e3d3af67368 Author: Michael Tremer Date: Mon Mar 4 11:52:34 2019 +0000 perl: Limit build to 23 parallel processes =20 Signed-off-by: Michael Tremer commit 7691a1bfe73067cb2f3ad3470d0000faf029a24f Author: Michael Tremer Date: Mon Mar 4 11:51:08 2019 +0000 make.sh: Introduce MAX_PARALLELISM =20 This will now adjust MAKETUNING to not launch more processes than MAX_PARALLELISM. Handy to limit builds that use a lot of memory. =20 Signed-off-by: Michael Tremer commit eeee108f183e8d39e27154ee19c1ee0a8b27be11 Author: Michael Tremer Date: Mon Mar 4 11:45:30 2019 +0000 make.sh: Drop MAKETUNING =20 This is now set in lfs/Config =20 Signed-off-by: Michael Tremer commit 77c863a2f113404a7f30b8591b9972291328980b Author: Michael Tremer Date: Mon Mar 4 11:43:47 2019 +0000 make.sh: Introduce DEFAULT_PARALLELISM =20 Signed-off-by: Michael Tremer commit e4ee36fa170d08bccbbd32fe0d56e53f072a2f97 Author: Michael Tremer Date: Mon Mar 4 11:38:38 2019 +0000 make.sh: Use variable instead of calling system_processors function again =20 Signed-off-by: Michael Tremer commit deffc27598806b43ae03a4fb666f2f0254a94066 Author: Michael Tremer Date: Mon Mar 4 11:35:15 2019 +0000 make.sh: Rename HOST_MEM to SYSTEM_MEMORY =20 We had two variables holding the same data =20 Signed-off-by: Michael Tremer commit 85560933590e6ef401216b3b4fba9df917b25a22 Author: Michael Tremer Date: Mon Mar 4 11:33:50 2019 +0000 make.sh: Pass number of processors and total memory so that we can adjust= MAKETUNING =20 Signed-off-by: Michael Tremer commit 23164efba5f57b3d8ccb07a166b613f2f951e1b6 Author: Wolfgang Apolinarski Date: Wed Feb 20 20:18:06 2019 +0100 Parallelized build for several packages =20 Added $(MAKETUNING) to several packages. Marked packages that do not support parallel build. =20 Signed-off-by: Michael Tremer commit ea9cb48ae775a7040edaf58224535b71dcde25ea Author: Michael Tremer Date: Mon Mar 4 09:25:13 2019 +0000 core129: Ship wpa_supplicant =20 Signed-off-by: Michael Tremer commit b2ee5e8aa4056c7ce07fa753b677768b954e8c0b Author: Matthias Fischer Date: Tue Mar 5 19:12:52 2019 +0100 wpa_supplicant: Update to 2.7 =20 For details see: https://w1.fi/cgit/hostap/plain/wpa_supplicant/ChangeLog =20 Best, Matthias =20 Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit d6d5999af1cf53a4a7609935f41e2ca03bf92d6c Author: Matthias Fischer Date: Tue Mar 5 19:12:51 2019 +0100 hostapd: Update to 2.7 =20 For details see: https://w1.fi/cgit/hostap/plain/hostapd/ChangeLog =20 This patch sticks to 'wpa_supplicant: Update to 2.7'. =20 Best, Matthias =20 Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit 146c837e78449c63e858378dfc84cba9d6a490ce Author: Michael Tremer Date: Sun Mar 3 13:33:52 2019 +0000 netsnmp: Fix rootfile to build on other architectures =20 Signed-off-by: Michael Tremer commit 5a3c9ef298b9004876691f95a63905c11cfdab84 Author: Erik Kapfer Date: Wed Feb 27 06:03:48 2019 +0100 netsnmpd: OpenSSL patch is incl. in new version =20 Signed-off-by: Erik Kapfer Signed-off-by: Michael Tremer commit 758a1893a190249e3bd6a0cca7d9ab21be20a4a8 Author: Erik Kapfer Date: Wed Feb 27 06:03:47 2019 +0100 netsnmpd: Update to version 5.8 =20 Overview of the changes can be found in here https://sourceforge.net/p/ne= t-snmp/mailman/message/36386084/ . =20 Signed-off-by: Erik Kapfer Signed-off-by: Michael Tremer commit 3f2341da8d3b517466f42338956342fde6e45eec Author: Erik Kapfer Date: Sun Mar 3 09:09:18 2019 +0100 iptables: Update to 1.8.2 =20 netfilter-layer7 has also been updated to v2.23 . =20 Signed-off-by: Erik Kapfer Signed-off-by: Michael Tremer commit 26796f3a4b9f6900e46812fc91090894b1d75658 Author: Michael Tremer Date: Sat Mar 2 14:55:04 2019 +0000 Unpack intel microcode before initramfs images are being built =20 Previously, the microcode updates were not packaged in the shipped initramfs images which causes that Intel processors are still running on outdated microcode. =20 This patch moves intel-microcode before we build the initramfs images. =20 Signed-off-by: Michael Tremer commit a079f7aaeefbb66283a10466e80be5695828217a Author: Michael Tremer Date: Sat Mar 2 14:14:14 2019 +0000 core129: Ship updated proxy.cgi =20 Signed-off-by: Michael Tremer commit d50a78220d220d755d5d86fe0dcfc249f8dd2afb Author: Matthias Fischer Date: Sun Mar 3 09:37:01 2019 +0100 Bug 12008 - Typo in 'proxy.cgi' leads to wrong path for 'basic_ldap_auth' =20 Hi, =20 This should fix https://bugzilla.ipfire.org/show_bug.cgi?id=3D12008 =20 Best, Matthias =20 Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit 3d01a8f1a66d84024f3c9472dfda749d8c224a34 Author: Michael Tremer Date: Sat Mar 2 14:12:18 2019 +0000 core129: Ship updated ipset =20 Signed-off-by: Michael Tremer commit 46a073f1b5538d3606c8f3b67787be6d0f29f03a Author: Erik Kapfer Date: Sun Mar 3 09:22:50 2019 +0100 ipset: Update to version 7.1 =20 Signed-off-by: Erik Kapfer Signed-off-by: Michael Tremer commit 7c57cbe24b4a48dbce6cdede9f0211bca9707890 Author: Michael Tremer Date: Sat Mar 2 14:11:02 2019 +0000 core129: Ship updated tar =20 Signed-off-by: Michael Tremer commit 6ca3265c41d5cfa0232a6c2c87d244fc159a0453 Author: Matthias Fischer Date: Sat Mar 2 21:24:15 2019 +0100 tar: Update to 1.32 =20 For details see: http://git.savannah.gnu.org/cgit/tar.git/log/ =20 Best, Matthias =20 Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit 15c71234ca3762c0565f96507e17fc4d6397f254 Author: Michael Tremer Date: Sat Mar 2 14:10:21 2019 +0000 core129: Ship updated bind =20 Signed-off-by: Michael Tremer commit ae45fb5193d1e45acf9b4405064571edaafb0b31 Author: Matthias Fischer Date: Sat Mar 2 21:19:03 2019 +0100 bind: Update to 9.11.6 =20 For details see: http://ftp.isc.org/isc/bind9/9.11.6/RELEASE-NOTES-bind-9.11.6.html =20 Best, Matthias =20 Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit ae4ca7ef1305a66937a98c687375032c74b1429c Author: Michael Tremer Date: Sat Mar 2 14:09:00 2019 +0000 core129: Ship updated squid =20 Signed-off-by: Michael Tremer commit aa88b2ef592401863585d7f6fc1eb7b63849f7d0 Author: Matthias Fischer Date: Sat Mar 2 21:08:06 2019 +0100 squid: Update to 4.6 =20 For details see: http://www.squid-cache.org/Versions/v4/changesets/ =20 The 'configure'-option "--disable-ipv6" was removed, it is no longer nece= ssary. =20 See: https://lists.ipfire.org/pipermail/development/2016-April/002046.html =20 "The --disable-ipv6 build option is now deprecated. ... Squid-3.5.7 and later will perform IPv6 availability tests on startup in all builds. =20 - Where IPv6 is unavailable Squid will continue exactly as it would have had the build option not been used. =20 These Squid can have the build option removed now." =20 The warning message concerning a "BCP 177 violation" while starting 'squid' can be ignored. =20 Best, Matthias =20 Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit e1982c695c6faf86fb74c48c151985acb1f9250e Author: Michael Tremer Date: Sat Mar 2 13:24:44 2019 +0000 spectre-meltdown-checker: New package =20 This makes it easy to install the script and check the vulnerability stat= us of a system IPFire is running on. =20 Signed-off-by: Michael Tremer commit 771c9b78eeb54a405608884dc3a4e9e5fa961b1a Author: Michael Tremer Date: Sat Mar 2 13:01:42 2019 +0000 binutils: Ship strings & readelf =20 This is needed by the spectre meltdown checker script =20 Signed-off-by: Michael Tremer commit d6af912c83827b231eb989ff1349a3243fd52902 Author: Michael Tremer Date: Sat Mar 2 12:01:06 2019 +0000 Update German translation =20 Mainly adds translation for new IPsec features =20 Signed-off-by: Michael Tremer commit fb47c465e8e46c3a0c22fb9b2575eec2adb3ad82 Author: St=C3=A9phane Pautrel Date: Sat Mar 2 11:48:05 2019 +0000 Update of French translation =20 - Several syntax / vocabulary improvements - A 2 text missing in the French version - Improvement of text offering a donation for the users =20 Signed-off-by: Michael Tremer commit ebda3cb93b2227831ced8e55bdf8c05139304819 Author: Michael Tremer Date: Wed Feb 27 03:52:26 2019 +0000 Update openssl rootfile =20 Signed-off-by: Michael Tremer commit f907865389cb8e0b8cf8ab962dd03a07c4bf04a8 Author: Michael Tremer Date: Tue Feb 26 17:25:11 2019 +0000 core129: Ship updated OpenSSL =20 Signed-off-by: Michael Tremer commit 7c85ff1362c3ebc3d9d54f4ac31dc8eebbc4c530 Author: Michael Tremer Date: Tue Feb 26 16:42:49 2019 +0000 openssl: Update to 1.1.1b =20 This is a bug fix only release =20 Signed-off-by: Michael Tremer commit 31672dc8bdb223ebf425ff96be64318f2d68e0d7 Author: Michael Tremer Date: Tue Feb 26 11:02:56 2019 +0000 DHCP: Fix error when editing a newly added fixed lease =20 They key was remembered but then the array was sorted which resulted the key showing a wrong line. =20 Signed-off-by: Michael Tremer commit 4eb23a91987a39c504e10d96d89bd1de46f9c0fe Author: Michael Tremer Date: Tue Feb 26 10:18:33 2019 +0000 DHCP: Restart server in background =20 This allows for the CGI to return quicker. =20 Signed-off-by: Michael Tremer commit 820ab96c6927c4e3ecbbe2df1342b635cc598ce7 Author: Michael Tremer Date: Tue Feb 26 10:16:21 2019 +0000 DHCP: Escape slashes in filename =20 Fixes: #12006 Signed-off-by: Michael Tremer commit 2f7e8b59a69e3b1ca14a1d6c6b2ccb62e118a1f0 Author: Michael Tremer Date: Mon Feb 25 02:31:23 2019 +0000 core129: Ship updated credits.cgi =20 Signed-off-by: Michael Tremer commit f6a1d9e929041315d122ddd0babed554bdaeb23f Author: Michael Tremer Date: Mon Feb 25 02:30:56 2019 +0000 Update list of contributors =20 Signed-off-by: Michael Tremer commit 97499aa8a3c7b85de7609126f77ec41ab03cf469 Author: Michael Tremer Date: Mon Feb 25 02:29:29 2019 +0000 core129: Ship updated OpenVPN =20 Signed-off-by: Michael Tremer commit ab83c4876a83c643d64d128828f50146710b7799 Author: Erik Kapfer Date: Tue Feb 26 11:56:47 2019 +0100 OpenVPN: Update to version 2.4.7 =20 Changelog can be found in here https://community.openvpn.net/openvpn/wiki= /ChangesInOpenvpn24 . =20 Signed-off-by: Erik Kapfer Signed-off-by: Michael Tremer commit 82b405615f47bb1dc34f4a3b488cb282058e9be3 Author: Peter M=C3=BCller Date: Sat Feb 23 16:54:00 2019 +0000 update Tor to 0.3.5.8 =20 See https://blog.torproject.org/new-releases-tor-0402-alpha-0358-03411-an= d-03312 for release notes. =20 Signed-off-by: Peter M=C3=BCller Signed-off-by: Michael Tremer commit 0675a66d83d8a06f29e33e7c9533cfac676b1720 Author: Peter M=C3=BCller Date: Sat Feb 23 16:54:00 2019 +0000 update metrics links in Tor WebUI =20 https://atlas.torproject.org/ is deprecated in favour of https://metrics.torproject.org/ by now. =20 Fixes #11781. =20 Signed-off-by: Peter M=C3=BCller Signed-off-by: Michael Tremer commit cc0104dce371265e15484d666606b33d924cc609 Author: Michael Tremer Date: Mon Feb 25 00:58:04 2019 +0000 core129: Ship updated libgcrypt =20 Signed-off-by: Michael Tremer commit b66c2faac28aa63d4b8a1275ee9b7d224deeb786 Author: Peter M=C3=BCller Date: Sat Feb 23 16:58:00 2019 +0000 libgcrypt: update to 1.8.4 =20 Signed-off-by: Peter M=C3=BCller Signed-off-by: Michael Tremer commit 07b73b195c8c6cf40cd80ed323e7719f77ebb96e Author: Michael Tremer Date: Mon Feb 25 00:56:49 2019 +0000 core129: Ship updated unbound =20 Signed-off-by: Michael Tremer commit 97a238f4bf11d8f1964c764216bc55020a54e3d4 Author: Matthias Fischer Date: Sat Feb 9 10:40:36 2019 +0100 unbound: Update to 1.9.0 =20 For details see: https://nlnetlabs.nl/svn/unbound/tags/release-1.9.0/doc/Changelog =20 Best, Matthias =20 Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit 59db01c753d0a6240ccfd10e3561e88958fc1da0 Author: Michael Tremer Date: Mon Feb 25 00:55:31 2019 +0000 core129: Ship changes from ipsec branch =20 Signed-off-by: Michael Tremer commit 50d1bbf0f56b76148f10bbe2195df45ad3b60cb3 Merge: b5ef99df2 8be516b3b Author: Michael Tremer Date: Mon Feb 25 00:48:08 2019 +0000 Merge branch 'ipsec' into next commit b5ef99df2c34d9e9f614c0b3d57d32a8890139c0 Author: Michael Tremer Date: Mon Feb 25 00:47:28 2019 +0000 Start Core Update 129 =20 Signed-off-by: Michael Tremer commit 8be516b3bcc2b9f30f8d44f44450be57b68d0025 Author: Michael Tremer Date: Mon Feb 4 18:38:24 2019 +0000 strongswan: Do not create any NAT rules when using VTI/GRE =20 Signed-off-by: Michael Tremer commit 41f3351320d603d2445471743c7e1c72e435eda6 Author: Michael Tremer Date: Tue Jan 22 13:19:00 2019 +0000 Drop "OpenVPN" part from VPN N2N stats page =20 Signed-off-by: Michael Tremer commit 1e2b25778909f3e64bdbe67ec81fa5937940a594 Author: Michael Tremer Date: Tue Jan 22 13:15:48 2019 +0000 Add routed IPsec connections to traffic graphs section =20 Signed-off-by: Michael Tremer commit 7ba652af8c16d9d0c84292cdc75f35af5cd628f3 Author: Michael Tremer Date: Tue Jan 22 12:46:53 2019 +0000 firewall: Write correct rules bound to interface for routes IPsec tunnels =20 Signed-off-by: Michael Tremer commit f9dd13464554b7b7915a7f792fcdf0b96381ccf0 Author: Michael Tremer Date: Tue Jan 22 11:34:49 2019 +0000 ipsec-interfaces: Resolve any remote hostnames =20 Signed-off-by: Michael Tremer commit d985ce5ae91b5749b629ad24a028249bfbd76372 Author: Michael Tremer Date: Tue Jan 22 11:26:32 2019 +0000 ipsec-interfaces: Move conditional block into the loop =20 Signed-off-by: Michael Tremer commit 38f6bdb74081bd68493d6636a20cda9b884d6bff Author: Michael Tremer Date: Mon Jan 21 17:40:12 2019 +0000 ipsec: Drop delayed restart setting =20 This is a very bad race-condition situation and is not solved by an unintuitive setting. =20 Signed-off-by: Michael Tremer commit 517683eeb17637acfda9895fd64d9347cde7e08e Author: Michael Tremer Date: Mon Jan 21 17:08:57 2019 +0000 ipsec: Drop VPN_IP setting =20 This is now a per-connection setting =20 Signed-off-by: Michael Tremer commit 26c2cc580b37ee4ae7ad68c874ba844eafa79ae4 Author: Michael Tremer Date: Mon Jan 21 16:52:39 2019 +0000 ipsec: Add translation strings for recent changes =20 Signed-off-by: Michael Tremer commit 68263645802e5eb00350fbd50a90fe2583186ec2 Author: Michael Tremer Date: Mon Jan 21 16:44:03 2019 +0000 ipsec-*: Name some more configuration variables =20 Signed-off-by: Michael Tremer commit 1ca2f88a74caa32f534434f4b095bde6107d7760 Author: Michael Tremer Date: Mon Jan 21 16:41:16 2019 +0000 ipsec-interfaces: Uses local IP address from connection first, then defau= lt =20 Signed-off-by: Michael Tremer commit c32fc72e36daf8510949aa8a0fea695cc080c9d3 Author: Michael Tremer Date: Mon Jan 21 16:33:53 2019 +0000 ipsec-policy: Correct open ports for connections on aliases =20 Signed-off-by: Michael Tremer commit ae0d069827a3ca07b6688869a108d7edce268b32 Author: Michael Tremer Date: Mon Jan 21 16:20:13 2019 +0000 ipsec: Allow to select local IP address used for peer on UI =20 Signed-off-by: Michael Tremer commit 455fdcb17a1c826f7d979368716def3884a5e590 Author: Michael Tremer Date: Mon Jan 21 15:36:16 2019 +0000 ipsec: Re-arrange inputs for peer addresses, subnets, etc. =20 Signed-off-by: Michael Tremer commit 7e25093d42e4198cc0f0233e5303fa2175672095 Author: Michael Tremer Date: Mon Jan 21 15:32:08 2019 +0000 ipsec: Don't allow to select VTI in transport mode =20 Signed-off-by: Michael Tremer commit 605c391aafd73583edaf4378fca62cae61afa3a0 Author: Michael Tremer Date: Mon Jan 21 14:34:19 2019 +0000 vpnmain.cgi: Don't populate GREEN subnet when green doesn't exist =20 Signed-off-by: Michael Tremer commit c94aa254759e544aa8dd50bb5c4c370ac97e78e6 Author: Michael Tremer Date: Wed Jan 16 20:29:25 2019 +0100 ipsec-interfaces: Fix typo in variable name =20 Signed-off-by: Michael Tremer commit 327d1223f3564660a1d02181e32ae119318fc7a6 Author: Michael Tremer Date: Wed Jan 9 20:23:42 2019 +0100 strongswan: No longer create any routes automatically =20 Signed-off-by: Michael Tremer commit c821440cedffe2a2d464c473130f1991b061b791 Author: Michael Tremer Date: Wed Jan 9 20:10:02 2019 +0100 ipsec: Filter better for GRE/VTI interfaces =20 This tried to delete the GREEN interface before =20 Signed-off-by: Michael Tremer commit 6a45a1f1015ff1d23de0f5b7510b00835243c107 Author: Michael Tremer Date: Wed Jan 9 19:56:01 2019 +0100 ipsec: TTL only applies for GRE interfaces and not VTI =20 Signed-off-by: Michael Tremer commit 54bac01402419bf109be43be8832f2a064af3baf Author: Michael Tremer Date: Wed Jan 9 19:52:46 2019 +0100 ipsec: Find correct RED IP address when using %defaultroute =20 Signed-off-by: Michael Tremer commit 3dc21d43bf5aafc1e34032e30bcf05ff493d62f2 Author: Michael Tremer Date: Wed Jan 9 19:52:24 2019 +0100 ipsec: Log a message when an interface could not be created =20 Signed-off-by: Michael Tremer commit 1a45f9a70abe266938d9e6bd6a6ea8858cbbef7e Author: Michael Tremer Date: Mon Dec 10 16:57:12 2018 +0000 ipsec-interfaces: Don't add any interfaces when IPsec is disabled =20 Signed-off-by: Michael Tremer commit a56357b8be20e4a3d31d2a541518b74d6741d57c Author: Michael Tremer Date: Mon Dec 10 16:55:53 2018 +0000 Revert "ipsec-interfaces: Run when IPsec is disabled" =20 This reverts commit 3c3a1cfdb9b473fae9b792e8c211c9940fafc658. =20 Signed-off-by: Michael Tremer commit 216bd9b389b984dd991d1a9011901e68ef5f0a6b Author: Michael Tremer Date: Mon Dec 10 16:44:06 2018 +0000 vpnmain.cgi: Move advanced IPsec settings to connection page =20 This is required to make the initial setup easier for GRE/VTI connections =20 Signed-off-by: Michael Tremer commit 4cf038dcfeec1cbba5e1453e776d02976eef9524 Author: Michael Tremer Date: Mon Dec 10 16:08:58 2018 +0000 ipsec-interfaces: Run when IPsec is disabled =20 This needs to run even when IPsec is disable to remove and interfaces =20 Signed-off-by: Michael Tremer commit 05af70c2f32988cc38f1c50d37e8d191170a26ce Author: Michael Tremer Date: Mon Dec 10 16:01:00 2018 +0000 ipsec-interfaces: Use correct righthost variable =20 Signed-off-by: Michael Tremer commit f2d45a45ab78d6b2a557d515d84785a8daaa182f Author: Michael Tremer Date: Wed Dec 5 17:10:16 2018 +0000 IPsec: Do not allow 0.0.0.0/0 as remote subnet =20 This renders the whole machine inaccessible =20 Signed-off-by: Michael Tremer commit 68e69b676fa5e588cbf1db951aa9cbc4547e8b55 Author: Michael Tremer Date: Wed Dec 5 16:24:52 2018 +0000 network: Create IPsec interfaces when network is brought up =20 Signed-off-by: Michael Tremer commit 3446a17293bfcbda19a353b755aa9d61530074ad Author: Michael Tremer Date: Wed Dec 5 16:23:06 2018 +0000 ipsecctrl: Call ipsec-interfaces script when turning up/shutting down con= nections =20 Signed-off-by: Michael Tremer commit b8c153bca5064a2e40e5c71be91df30b520e4824 Author: Michael Tremer Date: Wed Dec 5 16:12:48 2018 +0000 IPsec: Add (experimental) script that creates GRE/VTI interfaces =20 Signed-off-by: root commit 90aa4f1083c28a95d74bae58876bbd77c691771c Author: Michael Tremer Date: Mon Dec 3 11:21:29 2018 +0000 IPsec: Use left/rightprotoport in GRE mode =20 Signed-off-by: Michael Tremer commit b89ae1a4e3596153a192da3f220dc54565078cac Author: Michael Tremer Date: Thu Nov 29 16:12:45 2018 +0000 ipsecctrl: Don't wait when a connection is to be started =20 Signed-off-by: Michael Tremer commit 5a9c9ff3127e3266b4dd00dd0a57f9774647db27 Author: Michael Tremer Date: Thu Nov 29 16:00:52 2018 +0000 ipsec-policy: Don't install any block rules for connections with an inter= face =20 Signed-off-by: Michael Tremer commit b54cd874b9c3f566cf65d290f13982c134c5a28b Author: Michael Tremer Date: Thu Nov 29 15:58:55 2018 +0000 ipsec-policy: Permit GRE traffic for GRE connections =20 Signed-off-by: Michael Tremer commit 2704dbbc28c0192d4b3dcd903496c2fb37e87c2e Author: Michael Tremer Date: Thu Nov 29 15:58:39 2018 +0000 ipsec-policy: Variables don't match those from the CGI =20 Signed-off-by: Michael Tremer commit 4cf4f8f62310e508173de650b867ded5933d7d56 Author: Michael Tremer Date: Thu Nov 29 15:45:52 2018 +0000 ipsec-policy: Parse all configuration settings =20 Signed-off-by: Michael Tremer commit 6cf8bc9161c21dd7c274d09473ab46e3094204ac Author: Michael Tremer Date: Thu Nov 29 15:43:39 2018 +0000 IPsec: Move opening ports from ipsecctrl into ipsec-policy script =20 Signed-off-by: Michael Tremer commit 6c920b19cd768445a66f5be58c4701b878d5b943 Author: Michael Tremer Date: Thu Nov 29 15:04:28 2018 +0000 IPsec: Rename ipsec-block script to ipsec-policy =20 This is a more general name for a script that will be extended soon to do more than just add blocking rules. =20 Signed-off-by: Michael Tremer commit b01c17e9d0096c87185dfd1e04d712ec225d25aa Author: Michael Tremer Date: Wed Nov 28 20:37:32 2018 +0000 IPsec: Update ipsec.conf for GRE/VTI changes =20 Signed-off-by: Michael Tremer commit 55842dda690b077eeb3b0ed0af8f06827ef03f43 Author: Michael Tremer Date: Wed Nov 28 14:46:15 2018 +0000 IPsec: Add UI for set interface MTU =20 Signed-off-by: Michael Tremer commit 746413170688bc0e05d689fe539bea716752f34f Author: Michael Tremer Date: Wed Nov 28 14:38:11 2018 +0000 IPsec: Add option to configure IP address for tunnel interface =20 Signed-off-by: Michael Tremer commit 8ebe72541619278f97fc0be145057f5fc59581c6 Author: Michael Tremer Date: Wed Nov 28 14:24:03 2018 +0000 IPsec: Set default inactivity timeout to half an hour =20 Signed-off-by: Michael Tremer commit 1e9457ac6fa032dc9e7d9f01e3780236e544ef6b Author: Michael Tremer Date: Wed Nov 28 14:23:26 2018 +0000 IPsec: New connections should defatul to on-demand mode =20 Signed-off-by: Michael Tremer commit cae1f4a7a82f47703afb0cc25ff71f7585b28c2b Author: Michael Tremer Date: Wed Nov 28 14:21:33 2018 +0000 IPsec: Add dropdown to select tunnel interface mode =20 Signed-off-by: Michael Tremer commit 5e6fa03e1ec00bbecf4c786c9e097617ec7f8aa3 Author: Michael Tremer Date: Wed Nov 28 14:07:30 2018 +0000 vpnmain.cgi: Correctly carry over INACTIVITY_TIMEOUT =20 Signed-off-by: Michael Tremer commit 326728d53d1ed4cedf8d180ab51ddfedb1488045 Author: Michael Tremer Date: Tue Nov 27 18:42:07 2018 +0000 IPsec: Write tunnel/transport mode to strongSwan configuration =20 Signed-off-by: Michael Tremer commit 29f5e0e2b9e0f3996ade9d9ba5a8834ae8480f28 Author: Michael Tremer Date: Tue Nov 27 18:38:51 2018 +0000 IPsec: Add selection for transport/tunnel mode =20 Signed-off-by: Michael Tremer ----------------------------------------------------------------------- hooks/post-receive -- IPFire 2.x development tree --===============0421094638712382589==--