From: Michael Tremer <git@ipfire.org>
To: ipfire-scm@lists.ipfire.org
Subject: [git.ipfire.org] IPFire 2.x development tree branch, next, updated. a087f4f586d7b2d86641493f699af154e4a37024
Date: Mon, 20 May 2019 21:56:26 +0100 [thread overview]
Message-ID: <20190520205628.1F7EE84FDBF@people01.i.ipfire.org> (raw)
[-- Attachment #1: Type: text/plain, Size: 93871 bytes --]
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, next has been updated
via a087f4f586d7b2d86641493f699af154e4a37024 (commit)
via 1cbcd044afc8e4895bea1a68537f64fbe5dde03f (commit)
via f238e251720bc0df01714facbf5c0979edb25871 (commit)
via 6f626b9ba0dbc2ff8a73d3c3fe97876f03878b87 (commit)
via 6a83dbb4518fae7fe7089266b78e0adceed17c35 (commit)
via 65871d1a0c97823a3f47184b533154a6daebd625 (commit)
from db3451fe72518d7875e52db51315e7d3a87d9eaa (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit a087f4f586d7b2d86641493f699af154e4a37024
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Mon May 20 21:55:55 2019 +0100
core132: Ship vulnerabilities.cgi
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 1cbcd044afc8e4895bea1a68537f64fbe5dde03f
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Mon May 20 21:54:05 2019 +0100
SMT: Show status on vulnerabilities.cgi
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit f238e251720bc0df01714facbf5c0979edb25871
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Mon May 20 21:39:03 2019 +0100
vulnerabilities.cgi: Disable debugging output
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 6f626b9ba0dbc2ff8a73d3c3fe97876f03878b87
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Mon May 20 21:38:20 2019 +0100
Add the new vulnerabilities CGI file to the System menu
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 6a83dbb4518fae7fe7089266b78e0adceed17c35
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Mon May 20 21:30:26 2019 +0100
SMT: Apply settings according to configuration
SMT can be forced on.
By default, all systems that are vulnerable to RIDL/Fallout
will have SMT disabled by default.
Systems that are not vulnerable to that will keep SMT enabled.
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
commit 65871d1a0c97823a3f47184b533154a6daebd625
Author: Michael Tremer <michael.tremer(a)ipfire.org>
Date: Mon May 20 21:17:17 2019 +0100
Add new CGI file to show CPU vulnerability status
This is supposed to help users to have an idea about
the status of the used hardware.
Additionally, it allows users to enable/disable SMT.
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
-----------------------------------------------------------------------
Summary of changes:
config/menu/10-system.menu | 8 +-
config/rootfiles/common/aarch64/initscripts | 2 +
config/rootfiles/common/armv5tel/initscripts | 2 +
config/rootfiles/common/i586/initscripts | 2 +
config/rootfiles/common/x86_64/initscripts | 2 +
config/rootfiles/core/132/filelists/files | 4 +
doc/language_issues.de | 19 ++
doc/language_issues.en | 21 ++-
doc/language_issues.es | 21 ++-
doc/language_issues.fr | 19 ++
doc/language_issues.it | 21 ++-
doc/language_issues.nl | 21 ++-
doc/language_issues.pl | 21 ++-
doc/language_issues.ru | 21 ++-
doc/language_issues.tr | 19 ++
doc/language_missings | 133 +++++++++++++-
html/cgi-bin/vulnerabilities.cgi | 250 +++++++++++++++++++++++++++
langs/en/cgi-bin/en.pl | 20 ++-
lfs/initscripts | 1 +
src/initscripts/system/smt | 40 +++++
20 files changed, 634 insertions(+), 13 deletions(-)
create mode 100644 html/cgi-bin/vulnerabilities.cgi
create mode 100644 src/initscripts/system/smt
Difference in files:
diff --git a/config/menu/10-system.menu b/config/menu/10-system.menu
index 3b84e31c0..b142bfbac 100644
--- a/config/menu/10-system.menu
+++ b/config/menu/10-system.menu
@@ -45,7 +45,13 @@
'title' => "$Lang::tr{'system information'}",
'enabled' => 1,
};
- $subsystem->{'42.shutdown'} = {
+ $subsystem->{'42.hwvuln'} = {
+ 'caption' => $Lang::tr{'hardware vulnerabilities'},
+ 'uri' => '/cgi-bin/vulnerabilities.cgi',
+ 'title' => "$Lang::tr{'hardware vulnerabilities'}",
+ 'enabled' => 1,
+ };
+ $subsystem->{'43.shutdown'} = {
'caption' => $Lang::tr{'shutdown'},
'uri' => '/cgi-bin/shutdown.cgi',
'title' => "$Lang::tr{'shutdown'}",
diff --git a/config/rootfiles/common/aarch64/initscripts b/config/rootfiles/common/aarch64/initscripts
index ed4f727d9..cc23cd7fe 100644
--- a/config/rootfiles/common/aarch64/initscripts
+++ b/config/rootfiles/common/aarch64/initscripts
@@ -75,6 +75,7 @@ etc/rc.d/init.d/rngd
etc/rc.d/init.d/sendsignals
etc/rc.d/init.d/setclock
etc/rc.d/init.d/smartenabler
+etc/rc.d/init.d/smt
etc/rc.d/init.d/squid
etc/rc.d/init.d/sshd
etc/rc.d/init.d/static-routes
@@ -184,6 +185,7 @@ etc/rc.d/rcsysinit.d/S30checkfs
etc/rc.d/rcsysinit.d/S40mountfs
etc/rc.d/rcsysinit.d/S42fsresize
etc/rc.d/rcsysinit.d/S43mounttmpfs
+etc/rc.d/rcsysinit.d/S44smt
etc/rc.d/rcsysinit.d/S45udev_retry
etc/rc.d/rcsysinit.d/S50cleanfs
etc/rc.d/rcsysinit.d/S60setclock
diff --git a/config/rootfiles/common/armv5tel/initscripts b/config/rootfiles/common/armv5tel/initscripts
index ed4f727d9..cc23cd7fe 100644
--- a/config/rootfiles/common/armv5tel/initscripts
+++ b/config/rootfiles/common/armv5tel/initscripts
@@ -75,6 +75,7 @@ etc/rc.d/init.d/rngd
etc/rc.d/init.d/sendsignals
etc/rc.d/init.d/setclock
etc/rc.d/init.d/smartenabler
+etc/rc.d/init.d/smt
etc/rc.d/init.d/squid
etc/rc.d/init.d/sshd
etc/rc.d/init.d/static-routes
@@ -184,6 +185,7 @@ etc/rc.d/rcsysinit.d/S30checkfs
etc/rc.d/rcsysinit.d/S40mountfs
etc/rc.d/rcsysinit.d/S42fsresize
etc/rc.d/rcsysinit.d/S43mounttmpfs
+etc/rc.d/rcsysinit.d/S44smt
etc/rc.d/rcsysinit.d/S45udev_retry
etc/rc.d/rcsysinit.d/S50cleanfs
etc/rc.d/rcsysinit.d/S60setclock
diff --git a/config/rootfiles/common/i586/initscripts b/config/rootfiles/common/i586/initscripts
index 07a123a48..c0c6cf8a9 100644
--- a/config/rootfiles/common/i586/initscripts
+++ b/config/rootfiles/common/i586/initscripts
@@ -75,6 +75,7 @@ etc/rc.d/init.d/rngd
etc/rc.d/init.d/sendsignals
etc/rc.d/init.d/setclock
etc/rc.d/init.d/smartenabler
+etc/rc.d/init.d/smt
etc/rc.d/init.d/squid
etc/rc.d/init.d/sshd
etc/rc.d/init.d/static-routes
@@ -183,6 +184,7 @@ etc/rc.d/rcsysinit.d/S30checkfs
etc/rc.d/rcsysinit.d/S40mountfs
etc/rc.d/rcsysinit.d/S42fsresize
etc/rc.d/rcsysinit.d/S43mounttmpfs
+etc/rc.d/rcsysinit.d/S44smt
etc/rc.d/rcsysinit.d/S45udev_retry
etc/rc.d/rcsysinit.d/S50cleanfs
etc/rc.d/rcsysinit.d/S60setclock
diff --git a/config/rootfiles/common/x86_64/initscripts b/config/rootfiles/common/x86_64/initscripts
index 07a123a48..c0c6cf8a9 100644
--- a/config/rootfiles/common/x86_64/initscripts
+++ b/config/rootfiles/common/x86_64/initscripts
@@ -75,6 +75,7 @@ etc/rc.d/init.d/rngd
etc/rc.d/init.d/sendsignals
etc/rc.d/init.d/setclock
etc/rc.d/init.d/smartenabler
+etc/rc.d/init.d/smt
etc/rc.d/init.d/squid
etc/rc.d/init.d/sshd
etc/rc.d/init.d/static-routes
@@ -183,6 +184,7 @@ etc/rc.d/rcsysinit.d/S30checkfs
etc/rc.d/rcsysinit.d/S40mountfs
etc/rc.d/rcsysinit.d/S42fsresize
etc/rc.d/rcsysinit.d/S43mounttmpfs
+etc/rc.d/rcsysinit.d/S44smt
etc/rc.d/rcsysinit.d/S45udev_retry
etc/rc.d/rcsysinit.d/S50cleanfs
etc/rc.d/rcsysinit.d/S60setclock
diff --git a/config/rootfiles/core/132/filelists/files b/config/rootfiles/core/132/filelists/files
index cd6938878..22065cfdf 100644
--- a/config/rootfiles/core/132/filelists/files
+++ b/config/rootfiles/core/132/filelists/files
@@ -2,8 +2,10 @@ etc/system-release
etc/issue
etc/mime.types
etc/httpd/conf/vhosts.d/ipfire-interface-ssl.conf
+etc/rc.d/init.d/smt
etc/rc.d/init.d/suricata
etc/rc.d/init.d/unbound
+etc/rc.d/rcsysinit.d/S44smt
etc/suricata/suricata.yaml
etc/unbound/unbound.conf
opt/pakfire/lib/functions.pl
@@ -16,6 +18,7 @@ srv/web/ipfire/cgi-bin/ovpnmain.cgi
srv/web/ipfire/cgi-bin/proxy.cgi
srv/web/ipfire/cgi-bin/routing.cgi
srv/web/ipfire/cgi-bin/urlfilter.cgi
+srv/web/ipfire/cgi-bin/vulnerabilities.cgi
srv/web/ipfire/cgi-bin/zoneconf.cgi
usr/lib/firewall/rules.pl
usr/local/bin/backupiso
@@ -23,5 +26,6 @@ usr/local/bin/update-ids-ruleset
usr/sbin/convert-snort
var/ipfire/ids-functions.pl
var/ipfire/langs
+var/ipfire/menu.d/10-system.menu
var/ipfire/menu.d/30-network.menu
var/ipfire/network-functions.pl
diff --git a/doc/language_issues.de b/doc/language_issues.de
index 6bc94f798..e72ad7e2b 100644
--- a/doc/language_issues.de
+++ b/doc/language_issues.de
@@ -752,10 +752,15 @@ WARNING: untranslated string: Scan for Songs = unknown string
WARNING: untranslated string: addons = Addons
WARNING: untranslated string: bytes = unknown string
WARNING: untranslated string: community rules = Snort/VRT GPLv2 Community Rules
+WARNING: untranslated string: dangerous = Dangerous
WARNING: untranslated string: dead peer detection = Dead Peer Detection
WARNING: untranslated string: default IP address = Default IP Address
WARNING: untranslated string: emerging pro rules = Emergingthreats.net Pro Rules
WARNING: untranslated string: emerging rules = Emergingthreats.net Community Rules
+WARNING: untranslated string: enable smt = Enable Simultaneous Multi-Threading (SMT)
+WARNING: untranslated string: fallout zombieload ridl = Fallout/ZombieLoad/RIDL
+WARNING: untranslated string: force enable = Forced
+WARNING: untranslated string: foreshadow = Foreshadow
WARNING: untranslated string: fwhost cust geoipgrp = unknown string
WARNING: untranslated string: fwhost err hostip = unknown string
WARNING: untranslated string: guardian = Guardian
@@ -788,16 +793,30 @@ WARNING: untranslated string: guardian logtarget_file = unknown string
WARNING: untranslated string: guardian logtarget_syslog = unknown string
WARNING: untranslated string: guardian no entries = unknown string
WARNING: untranslated string: guardian service = unknown string
+WARNING: untranslated string: hardware vulnerabilities = Hardware Vulnerabilities
WARNING: untranslated string: ids hide = Hide
WARNING: untranslated string: ids rules update = Ruleset
WARNING: untranslated string: ids show = Show
WARNING: untranslated string: ike lifetime should be between 1 and 8 hours = unknown string
WARNING: untranslated string: info messages = unknown string
WARNING: untranslated string: interface mode = Interface
+WARNING: untranslated string: meltdown = Meltdown
+WARNING: untranslated string: mitigated = Mitigated
WARNING: untranslated string: no data = unknown string
+WARNING: untranslated string: not affected = Not Affected
+WARNING: untranslated string: please reboot to apply your changes = Please reboot to apply your changes
+WARNING: untranslated string: processor vulnerability mitigations = Processor Vulnerability Mitigations
WARNING: untranslated string: route config changed = unknown string
WARNING: untranslated string: routing config added = unknown string
WARNING: untranslated string: routing config changed = unknown string
WARNING: untranslated string: routing table = unknown string
WARNING: untranslated string: show tls-auth key = Show tls-auth key
+WARNING: untranslated string: smt disabled = unknown string
+WARNING: untranslated string: smt enabled = unknown string
+WARNING: untranslated string: smt not supported = unknown string
+WARNING: untranslated string: spectre variant 1 = Spectre Variant 1
+WARNING: untranslated string: spectre variant 2 = Spectre Variant 2
+WARNING: untranslated string: spectre variant 4 = Spectre Variant 4
WARNING: untranslated string: vpn statistics n2n = unknown string
+WARNING: untranslated string: vulnerability = Vulnerability
+WARNING: untranslated string: vulnerable = Vulnerable
diff --git a/doc/language_issues.en b/doc/language_issues.en
index 9d1c36b35..126803997 100644
--- a/doc/language_issues.en
+++ b/doc/language_issues.en
@@ -5,7 +5,7 @@ WARNING: untranslated string: Add Port Rule = Add port rule
WARNING: untranslated string: Add Rule = Add rule
WARNING: untranslated string: Add a route = Add a route
WARNING: untranslated string: Captive = Captive Portal
-WARNING: untranslated string: Captive ACTIVATE = ACTIVATE
+WARNING: untranslated string: Captive ACTIVATE = unknown string
WARNING: untranslated string: Captive GAIN ACCESS = GAIN ACCESS
WARNING: untranslated string: Captive WiFi coupon = WiFi Coupon
WARNING: untranslated string: Captive activated = Activated
@@ -526,6 +526,7 @@ WARNING: untranslated string: current fixed leases = Current fixed leases
WARNING: untranslated string: current hosts = Current hosts
WARNING: untranslated string: current playlist = Current Playlist
WARNING: untranslated string: current rules = Current rules:
+WARNING: untranslated string: dangerous = Dangerous
WARNING: untranslated string: date = Date
WARNING: untranslated string: date not in logs = No (or only partial) logs exist for the day queried
WARNING: untranslated string: day = Day
@@ -719,6 +720,7 @@ WARNING: untranslated string: emerging rules = Emergingthreats.net Community Rul
WARNING: untranslated string: empty = This field may be left blank
WARNING: untranslated string: empty profile = empty
WARNING: untranslated string: enable ignore filter = Enable ignore filter
+WARNING: untranslated string: enable smt = Enable Simultaneous Multi-Threading (SMT)
WARNING: untranslated string: enabled = Enabled:
WARNING: untranslated string: enabled on = Enabled on
WARNING: untranslated string: encapsulation = Encapsulation
@@ -745,6 +747,7 @@ WARNING: untranslated string: extrahd maybe the device is in use = . Maybe the d
WARNING: untranslated string: extrahd to = to
WARNING: untranslated string: extrahd to root = to root
WARNING: untranslated string: extrahd you cant mount = You can't mount
+WARNING: untranslated string: fallout zombieload ridl = Fallout/ZombieLoad/RIDL
WARNING: untranslated string: false classnumber = The Class-Number does not match the interface.
WARNING: untranslated string: false max bandwith = Maximum bandwith is false.
WARNING: untranslated string: false min bandwith = Minimum bandwith is false.
@@ -791,7 +794,9 @@ WARNING: untranslated string: fixed ip lease added = Fixed IP lease added
WARNING: untranslated string: fixed ip lease modified = Fixed IP lease modified
WARNING: untranslated string: fixed ip lease removed = Fixed IP lease removed
WARNING: untranslated string: flag = Flag
+WARNING: untranslated string: force enable = Forced
WARNING: untranslated string: force user = force all new file to user
+WARNING: untranslated string: foreshadow = Foreshadow
WARNING: untranslated string: four hours = 4 Hours
WARNING: untranslated string: free = Free
WARNING: untranslated string: free memory = Free Memory
@@ -1018,6 +1023,7 @@ WARNING: untranslated string: hangup string = Hangup:
WARNING: untranslated string: harddisk temperature = Harddisk Temperature
WARNING: untranslated string: hardware graphs = Hardware Graphs
WARNING: untranslated string: hardware support = Hardware Support
+WARNING: untranslated string: hardware vulnerabilities = Hardware Vulnerabilities
WARNING: untranslated string: hdd temperature in = Harddisk temperature in
WARNING: untranslated string: help = Help
WARNING: untranslated string: high = High
@@ -1257,6 +1263,7 @@ WARNING: untranslated string: meaning = meaning
WARNING: untranslated string: media = Media
WARNING: untranslated string: media information = Media information
WARNING: untranslated string: medium = Medium
+WARNING: untranslated string: meltdown = Meltdown
WARNING: untranslated string: memory = Memory
WARNING: untranslated string: memory information = Memory information
WARNING: untranslated string: memory usage per = Memory Usage per
@@ -1269,6 +1276,7 @@ WARNING: untranslated string: minimum = Minimum
WARNING: untranslated string: minute = Minute
WARNING: untranslated string: minutes = Minutes
WARNING: untranslated string: misc-options = Miscellaneous options
+WARNING: untranslated string: mitigated = Mitigated
WARNING: untranslated string: mode = Mode
WARNING: untranslated string: model = Model
WARNING: untranslated string: modem = Modem
@@ -1336,6 +1344,7 @@ WARNING: untranslated string: none = none
WARNING: untranslated string: none found = none found
WARNING: untranslated string: not a valid ca certificate = Not a valid CA certificate.
WARNING: untranslated string: not a valid dh key = Not a valid Diffie-Hellman parameters file. Please use a length of 2048, 3072 or 4096 bits and the PKCS#3 format.
+WARNING: untranslated string: not affected = Not Affected
WARNING: untranslated string: not enough disk space = Not enough disk space
WARNING: untranslated string: not present = <b>Not</b> present
WARNING: untranslated string: not running = not running
@@ -1460,6 +1469,7 @@ WARNING: untranslated string: persistent = Persistent
WARNING: untranslated string: pfs yes no = Perfect Forward Secrecy (PFS)
WARNING: untranslated string: pkcs12 file password = PKCS12 File Password
WARNING: untranslated string: play = Play
+WARNING: untranslated string: please reboot to apply your changes = Please reboot to apply your changes
WARNING: untranslated string: policy = Policy
WARNING: untranslated string: port = Port
WARNING: untranslated string: portscans = portscancs
@@ -1482,6 +1492,7 @@ WARNING: untranslated string: printing = Printing
WARNING: untranslated string: printing options = printing options
WARNING: untranslated string: priority = Priority
WARNING: untranslated string: processes = Processes
+WARNING: untranslated string: processor vulnerability mitigations = Processor Vulnerability Mitigations
WARNING: untranslated string: profile = Profile
WARNING: untranslated string: profile deleted = Profile deleted:
WARNING: untranslated string: profile has errors = Profile has errors
@@ -1620,6 +1631,9 @@ WARNING: untranslated string: smartwarn2 = reports S.M.A.R.T. error
WARNING: untranslated string: smbrestart = Restart samba
WARNING: untranslated string: smbstart = Start samba
WARNING: untranslated string: smbstop = Stop samba
+WARNING: untranslated string: smt disabled = unknown string
+WARNING: untranslated string: smt enabled = unknown string
+WARNING: untranslated string: smt not supported = unknown string
WARNING: untranslated string: snat new source ip address = New source IP address
WARNING: untranslated string: socket options = Socket options
WARNING: untranslated string: software version = Software Version
@@ -1634,6 +1648,9 @@ WARNING: untranslated string: source port = Source port
WARNING: untranslated string: source port numbers = Source port must be a valid port number or port range.
WARNING: untranslated string: speaker off = Speaker off:
WARNING: untranslated string: speaker on = Speaker on:
+WARNING: untranslated string: spectre variant 1 = Spectre Variant 1
+WARNING: untranslated string: spectre variant 2 = Spectre Variant 2
+WARNING: untranslated string: spectre variant 4 = Spectre Variant 4
WARNING: untranslated string: src port = Src Port
WARNING: untranslated string: ssh = SSH
WARNING: untranslated string: ssh access = SSH Access
@@ -2094,6 +2111,8 @@ WARNING: untranslated string: vpn statistics n2n = unknown string
WARNING: untranslated string: vpn subjectaltname = Subject Alt Name
WARNING: untranslated string: vpn wait = WAITING
WARNING: untranslated string: vpn weak = Weak
+WARNING: untranslated string: vulnerability = Vulnerability
+WARNING: untranslated string: vulnerable = Vulnerable
WARNING: untranslated string: waiting to synchronize clock = Waiting to synchronize clock
WARNING: untranslated string: warning messages = Warning messages
WARNING: untranslated string: was deleted = was deleted
diff --git a/doc/language_issues.es b/doc/language_issues.es
index 2ffea2f43..f015ac7df 100644
--- a/doc/language_issues.es
+++ b/doc/language_issues.es
@@ -664,7 +664,7 @@ WARNING: translation string unused: year-graph
WARNING: translation string unused: yearly firewallhits
WARNING: untranslated string: 24 hours = 24 Hours
WARNING: untranslated string: Captive = Captive Portal
-WARNING: untranslated string: Captive ACTIVATE = ACTIVATE
+WARNING: untranslated string: Captive ACTIVATE = unknown string
WARNING: untranslated string: Captive GAIN ACCESS = GAIN ACCESS
WARNING: untranslated string: Captive WiFi coupon = WiFi Coupon
WARNING: untranslated string: Captive activated = Activated
@@ -782,6 +782,7 @@ WARNING: untranslated string: country codes and flags = Country Codes and Flags:
WARNING: untranslated string: countrycode = Code
WARNING: untranslated string: crypto error = Cryptographic error
WARNING: untranslated string: crypto warning = Cryptographic warning
+WARNING: untranslated string: dangerous = Dangerous
WARNING: untranslated string: dead peer detection = Dead Peer Detection
WARNING: untranslated string: default = Default
WARNING: untranslated string: default IP address = Default IP Address
@@ -843,9 +844,11 @@ WARNING: untranslated string: email tls = Use TLS
WARNING: untranslated string: email usemail = Activate Mail Service
WARNING: untranslated string: emerging pro rules = Emergingthreats.net Pro Rules
WARNING: untranslated string: emerging rules = Emergingthreats.net Community Rules
+WARNING: untranslated string: enable smt = Enable Simultaneous Multi-Threading (SMT)
WARNING: untranslated string: encryption = Encryption:
WARNING: untranslated string: entropy = Entropy
WARNING: untranslated string: entropy graphs = Entropy Graphs
+WARNING: untranslated string: fallout zombieload ridl = Fallout/ZombieLoad/RIDL
WARNING: untranslated string: fifteen minutes = 15 Minutes
WARNING: untranslated string: fireinfo ipfire version = IPFire version
WARNING: untranslated string: fireinfo is disabled = Fireinfo is disabled
@@ -875,6 +878,8 @@ WARNING: untranslated string: firewall rules = Firewall Rules
WARNING: untranslated string: first = First
WARNING: untranslated string: five minutes = 5 Minutes
WARNING: untranslated string: flag = Flag
+WARNING: untranslated string: force enable = Forced
+WARNING: untranslated string: foreshadow = Foreshadow
WARNING: untranslated string: four hours = 4 Hours
WARNING: untranslated string: fw default drop = Firewall policy
WARNING: untranslated string: fw settings = Firewall settings
@@ -1065,6 +1070,7 @@ WARNING: untranslated string: guardian logtarget_syslog = unknown string
WARNING: untranslated string: guardian no entries = unknown string
WARNING: untranslated string: guardian service = unknown string
WARNING: untranslated string: hardware support = Hardware Support
+WARNING: untranslated string: hardware vulnerabilities = Hardware Vulnerabilities
WARNING: untranslated string: ids apply = Apply
WARNING: untranslated string: ids apply ruleset changes = The ruleset changes are being applied. Please wait until all operations have completed successfully...
WARNING: untranslated string: ids automatic rules update = Automatic Rule Update
@@ -1124,9 +1130,11 @@ WARNING: untranslated string: masquerading = Masquerading
WARNING: untranslated string: masquerading disabled = Masquerading disabled
WARNING: untranslated string: masquerading enabled = Masquerading enabled
WARNING: untranslated string: maximum = Maximum
+WARNING: untranslated string: meltdown = Meltdown
WARNING: untranslated string: messages = Messages
WARNING: untranslated string: minimum = Minimum
WARNING: untranslated string: minute = Minute
+WARNING: untranslated string: mitigated = Mitigated
WARNING: untranslated string: model = Model
WARNING: untranslated string: modem hardware details = Modem Hardware
WARNING: untranslated string: modem information = Modem Information
@@ -1147,6 +1155,7 @@ WARNING: untranslated string: nameserver = Nameserver
WARNING: untranslated string: no data = unknown string
WARNING: untranslated string: none = none
WARNING: untranslated string: not a valid dh key = Not a valid Diffie-Hellman parameters file. Please use a length of 2048, 3072 or 4096 bits and the PKCS#3 format.
+WARNING: untranslated string: not affected = Not Affected
WARNING: untranslated string: notice = Notice
WARNING: untranslated string: one hour = One Hour
WARNING: untranslated string: one month = One Month
@@ -1189,9 +1198,11 @@ WARNING: untranslated string: ovpn warning rfc3280 = Your host certificate is no
WARNING: untranslated string: p2p block = P2P networks
WARNING: untranslated string: p2p block save notice = Please reload the firewall ruleset in order to apply your changes.
WARNING: untranslated string: pakfire ago = ago.
+WARNING: untranslated string: please reboot to apply your changes = Please reboot to apply your changes
WARNING: untranslated string: pptp netconfig = My Net Config
WARNING: untranslated string: pptp peer = Peer
WARNING: untranslated string: pptp route = PPTP Route
+WARNING: untranslated string: processor vulnerability mitigations = Processor Vulnerability Mitigations
WARNING: untranslated string: proxy reports = Proxy Reports
WARNING: untranslated string: proxy reports daily = Daily reports
WARNING: untranslated string: proxy reports monthly = Monthly reports
@@ -1213,9 +1224,15 @@ WARNING: untranslated string: search = Search
WARNING: untranslated string: server restart = You are not able to save any changes while the OpenVPN server is running.
WARNING: untranslated string: show dh = Show Diffie-Hellman parameters
WARNING: untranslated string: show tls-auth key = Show tls-auth key
+WARNING: untranslated string: smt disabled = unknown string
+WARNING: untranslated string: smt enabled = unknown string
+WARNING: untranslated string: smt not supported = unknown string
WARNING: untranslated string: snat new source ip address = New source IP address
WARNING: untranslated string: software version = Software Version
WARNING: untranslated string: source ip country = Source IP Country
+WARNING: untranslated string: spectre variant 1 = Spectre Variant 1
+WARNING: untranslated string: spectre variant 2 = Spectre Variant 2
+WARNING: untranslated string: spectre variant 4 = Spectre Variant 4
WARNING: untranslated string: ssh = SSH
WARNING: untranslated string: ssh active sessions = Active logins
WARNING: untranslated string: ssh agent forwarding = Allow SSH Agent Forwarding
@@ -1311,6 +1328,8 @@ WARNING: untranslated string: vpn statistic rw = VPN: Roadwarrior Statistics
WARNING: untranslated string: vpn statistics n2n = unknown string
WARNING: untranslated string: vpn wait = WAITING
WARNING: untranslated string: vpn weak = Weak
+WARNING: untranslated string: vulnerability = Vulnerability
+WARNING: untranslated string: vulnerable = Vulnerable
WARNING: untranslated string: wireless network = WiFi Network
WARNING: untranslated string: wlan client = Wireless client
WARNING: untranslated string: wlan client advanced settings = Advanced settings
diff --git a/doc/language_issues.fr b/doc/language_issues.fr
index 950e4713d..0503c8241 100644
--- a/doc/language_issues.fr
+++ b/doc/language_issues.fr
@@ -794,8 +794,13 @@ WARNING: untranslated string: advproxy wpad notice = Notice: For WPAD/PAC to wor
WARNING: untranslated string: advproxy wpad title = Web Proxy Auto-Discovery Protocol (WPAD) / Proxy Auto-Config (PAC)
WARNING: untranslated string: advproxy wpad view pac = Open PAC File
WARNING: untranslated string: bytes = unknown string
+WARNING: untranslated string: dangerous = Dangerous
WARNING: untranslated string: dnsforward dnssec disabled = DNSSEC Validation is disabled
WARNING: untranslated string: emerging pro rules = Emergingthreats.net Pro Rules
+WARNING: untranslated string: enable smt = Enable Simultaneous Multi-Threading (SMT)
+WARNING: untranslated string: fallout zombieload ridl = Fallout/ZombieLoad/RIDL
+WARNING: untranslated string: force enable = Forced
+WARNING: untranslated string: foreshadow = Foreshadow
WARNING: untranslated string: fwhost cust geoipgrp = unknown string
WARNING: untranslated string: fwhost err hostip = unknown string
WARNING: untranslated string: generate ptr = Generate PTR
@@ -828,6 +833,7 @@ WARNING: untranslated string: guardian logtarget_file = unknown string
WARNING: untranslated string: guardian logtarget_syslog = unknown string
WARNING: untranslated string: guardian no entries = unknown string
WARNING: untranslated string: guardian service = unknown string
+WARNING: untranslated string: hardware vulnerabilities = Hardware Vulnerabilities
WARNING: untranslated string: ids apply = Apply
WARNING: untranslated string: ids apply ruleset changes = The ruleset changes are being applied. Please wait until all operations have completed successfully...
WARNING: untranslated string: ids automatic rules update = Automatic Rule Update
@@ -847,18 +853,31 @@ WARNING: untranslated string: ids show = Show
WARNING: untranslated string: ids working = Changes are being applied. Please wait until all operations have completed successfully...
WARNING: untranslated string: ike lifetime should be between 1 and 8 hours = unknown string
WARNING: untranslated string: info messages = unknown string
+WARNING: untranslated string: meltdown = Meltdown
+WARNING: untranslated string: mitigated = Mitigated
WARNING: untranslated string: no data = unknown string
+WARNING: untranslated string: not affected = Not Affected
WARNING: untranslated string: ovpn tls auth = TLS Channel Protection:
WARNING: untranslated string: pakfire ago = ago.
+WARNING: untranslated string: please reboot to apply your changes = Please reboot to apply your changes
+WARNING: untranslated string: processor vulnerability mitigations = Processor Vulnerability Mitigations
WARNING: untranslated string: ptr = PTR
WARNING: untranslated string: route config changed = unknown string
WARNING: untranslated string: routing config added = unknown string
WARNING: untranslated string: routing config changed = unknown string
WARNING: untranslated string: routing table = unknown string
+WARNING: untranslated string: smt disabled = unknown string
+WARNING: untranslated string: smt enabled = unknown string
+WARNING: untranslated string: smt not supported = unknown string
+WARNING: untranslated string: spectre variant 1 = Spectre Variant 1
+WARNING: untranslated string: spectre variant 2 = Spectre Variant 2
+WARNING: untranslated string: spectre variant 4 = Spectre Variant 4
WARNING: untranslated string: ssh agent forwarding = Allow SSH Agent Forwarding
WARNING: untranslated string: system is offline = The system is offline.
WARNING: untranslated string: update ruleset = Update ruleset
WARNING: untranslated string: vpn statistics n2n = unknown string
+WARNING: untranslated string: vulnerability = Vulnerability
+WARNING: untranslated string: vulnerable = Vulnerable
WARNING: untranslated string: wlanap auto = Automatic Channel Selection
WARNING: untranslated string: wlanap broadcast ssid = Broadcast SSID
WARNING: untranslated string: wlanap client isolation = Client Isolation
diff --git a/doc/language_issues.it b/doc/language_issues.it
index 3acfd5ba9..ac213f0b1 100644
--- a/doc/language_issues.it
+++ b/doc/language_issues.it
@@ -754,7 +754,7 @@ WARNING: translation string unused: year-graph
WARNING: translation string unused: yearly firewallhits
WARNING: untranslated string: 24 hours = 24 Hours
WARNING: untranslated string: Captive = Captive Portal
-WARNING: untranslated string: Captive ACTIVATE = ACTIVATE
+WARNING: untranslated string: Captive ACTIVATE = unknown string
WARNING: untranslated string: Captive GAIN ACCESS = GAIN ACCESS
WARNING: untranslated string: Captive WiFi coupon = WiFi Coupon
WARNING: untranslated string: Captive activated = Activated
@@ -813,6 +813,7 @@ WARNING: untranslated string: bytes = unknown string
WARNING: untranslated string: check all = Check all
WARNING: untranslated string: crypto error = Cryptographic error
WARNING: untranslated string: crypto warning = Cryptographic warning
+WARNING: untranslated string: dangerous = Dangerous
WARNING: untranslated string: default IP address = Default IP Address
WARNING: untranslated string: dhcp dns enable update = Enable DNS Update (RFC2136):
WARNING: untranslated string: dhcp dns key name = Key Name
@@ -843,6 +844,8 @@ WARNING: untranslated string: email testmail = Send test mail
WARNING: untranslated string: email tls = Use TLS
WARNING: untranslated string: email usemail = Activate Mail Service
WARNING: untranslated string: emerging pro rules = Emergingthreats.net Pro Rules
+WARNING: untranslated string: enable smt = Enable Simultaneous Multi-Threading (SMT)
+WARNING: untranslated string: fallout zombieload ridl = Fallout/ZombieLoad/RIDL
WARNING: untranslated string: fifteen minutes = 15 Minutes
WARNING: untranslated string: firewall graph country = Firewall-Diagram (Country)
WARNING: untranslated string: firewall graph ip = Firewall-Diagram (IP)
@@ -851,6 +854,8 @@ WARNING: untranslated string: firewall log country = Firewall log (Country)
WARNING: untranslated string: firewall log ip = Firewall log (IP)
WARNING: untranslated string: firewall log port = Firewall log (Port)
WARNING: untranslated string: five minutes = 5 Minutes
+WARNING: untranslated string: force enable = Forced
+WARNING: untranslated string: foreshadow = Foreshadow
WARNING: untranslated string: four hours = 4 Hours
WARNING: untranslated string: fwdfw all subnets = All subnets
WARNING: untranslated string: fwdfw err concon = Invalid number for concurrent connections
@@ -904,6 +909,7 @@ WARNING: untranslated string: guardian logtarget_file = unknown string
WARNING: untranslated string: guardian logtarget_syslog = unknown string
WARNING: untranslated string: guardian no entries = unknown string
WARNING: untranslated string: guardian service = unknown string
+WARNING: untranslated string: hardware vulnerabilities = Hardware Vulnerabilities
WARNING: untranslated string: ids apply = Apply
WARNING: untranslated string: ids apply ruleset changes = The ruleset changes are being applied. Please wait until all operations have completed successfully...
WARNING: untranslated string: ids automatic rules update = Automatic Rule Update
@@ -950,10 +956,13 @@ WARNING: untranslated string: masquerade orange = Masquerade ORANGE
WARNING: untranslated string: masquerading = Masquerading
WARNING: untranslated string: masquerading disabled = Masquerading disabled
WARNING: untranslated string: masquerading enabled = Masquerading enabled
+WARNING: untranslated string: meltdown = Meltdown
WARNING: untranslated string: messages = Messages
+WARNING: untranslated string: mitigated = Mitigated
WARNING: untranslated string: mtu = MTU
WARNING: untranslated string: no data = unknown string
WARNING: untranslated string: none = none
+WARNING: untranslated string: not affected = Not Affected
WARNING: untranslated string: one hour = One Hour
WARNING: untranslated string: one month = One Month
WARNING: untranslated string: one week = One Week
@@ -965,9 +974,11 @@ WARNING: untranslated string: ovpn error dh = The Diffie-Hellman parameter needs
WARNING: untranslated string: ovpn error md5 = You host certificate uses MD5 for the signature which is not accepted anymore. <br>Please update to the latest IPFire version and generate a new root and host certificate.</br><br>All OpenVPN clients needs then to be renewed!</br>
WARNING: untranslated string: ovpn tls auth = TLS Channel Protection:
WARNING: untranslated string: ovpn warning rfc3280 = Your host certificate is not RFC3280 compliant. <br>Please update to the latest IPFire version and generate as soon as possible a new root and host certificate.</br><br>All OpenVPN clients needs then to be renewed!</br>
+WARNING: untranslated string: please reboot to apply your changes = Please reboot to apply your changes
WARNING: untranslated string: pptp netconfig = My Net Config
WARNING: untranslated string: pptp peer = Peer
WARNING: untranslated string: pptp route = PPTP Route
+WARNING: untranslated string: processor vulnerability mitigations = Processor Vulnerability Mitigations
WARNING: untranslated string: ptr = PTR
WARNING: untranslated string: rdns = rDNS
WARNING: untranslated string: required field = Required field
@@ -978,6 +989,12 @@ WARNING: untranslated string: routing table = unknown string
WARNING: untranslated string: samba join a domain = Join a domain
WARNING: untranslated string: samba join domain = Join domain
WARNING: untranslated string: search = Search
+WARNING: untranslated string: smt disabled = unknown string
+WARNING: untranslated string: smt enabled = unknown string
+WARNING: untranslated string: smt not supported = unknown string
+WARNING: untranslated string: spectre variant 1 = Spectre Variant 1
+WARNING: untranslated string: spectre variant 2 = Spectre Variant 2
+WARNING: untranslated string: spectre variant 4 = Spectre Variant 4
WARNING: untranslated string: ssh active sessions = Active logins
WARNING: untranslated string: ssh agent forwarding = Allow SSH Agent Forwarding
WARNING: untranslated string: ssh login time = Logged in since
@@ -1012,6 +1029,8 @@ WARNING: untranslated string: vpn statistic rw = VPN: Roadwarrior Statistics
WARNING: untranslated string: vpn statistics n2n = unknown string
WARNING: untranslated string: vpn wait = WAITING
WARNING: untranslated string: vpn weak = Weak
+WARNING: untranslated string: vulnerability = Vulnerability
+WARNING: untranslated string: vulnerable = Vulnerable
WARNING: untranslated string: wireless network = WiFi Network
WARNING: untranslated string: wlan client anonymous identity = Anonymous Identity
WARNING: untranslated string: wlan client auth auto = Auto
diff --git a/doc/language_issues.nl b/doc/language_issues.nl
index ac0093776..741c1c39f 100644
--- a/doc/language_issues.nl
+++ b/doc/language_issues.nl
@@ -748,7 +748,7 @@ WARNING: translation string unused: year-graph
WARNING: translation string unused: yearly firewallhits
WARNING: untranslated string: 24 hours = 24 Hours
WARNING: untranslated string: Captive = Captive Portal
-WARNING: untranslated string: Captive ACTIVATE = ACTIVATE
+WARNING: untranslated string: Captive ACTIVATE = unknown string
WARNING: untranslated string: Captive GAIN ACCESS = GAIN ACCESS
WARNING: untranslated string: Captive WiFi coupon = WiFi Coupon
WARNING: untranslated string: Captive activated = Activated
@@ -809,6 +809,7 @@ WARNING: untranslated string: capabilities = Capabilities
WARNING: untranslated string: check all = Check all
WARNING: untranslated string: crypto error = Cryptographic error
WARNING: untranslated string: crypto warning = Cryptographic warning
+WARNING: untranslated string: dangerous = Dangerous
WARNING: untranslated string: default = Default
WARNING: untranslated string: default IP address = Default IP Address
WARNING: untranslated string: dh = Diffie-Hellman parameters
@@ -852,6 +853,8 @@ WARNING: untranslated string: email testmail = Send test mail
WARNING: untranslated string: email tls = Use TLS
WARNING: untranslated string: email usemail = Activate Mail Service
WARNING: untranslated string: emerging pro rules = Emergingthreats.net Pro Rules
+WARNING: untranslated string: enable smt = Enable Simultaneous Multi-Threading (SMT)
+WARNING: untranslated string: fallout zombieload ridl = Fallout/ZombieLoad/RIDL
WARNING: untranslated string: fifteen minutes = 15 Minutes
WARNING: untranslated string: firewall graph country = Firewall-Diagram (Country)
WARNING: untranslated string: firewall graph ip = Firewall-Diagram (IP)
@@ -861,6 +864,8 @@ WARNING: untranslated string: firewall log ip = Firewall log (IP)
WARNING: untranslated string: firewall log port = Firewall log (Port)
WARNING: untranslated string: firewall logs country = Fw-Loggraphs (Country)
WARNING: untranslated string: five minutes = 5 Minutes
+WARNING: untranslated string: force enable = Forced
+WARNING: untranslated string: foreshadow = Foreshadow
WARNING: untranslated string: four hours = 4 Hours
WARNING: untranslated string: fwdfw all subnets = All subnets
WARNING: untranslated string: fwdfw err concon = Invalid number for concurrent connections
@@ -915,6 +920,7 @@ WARNING: untranslated string: guardian logtarget_file = unknown string
WARNING: untranslated string: guardian logtarget_syslog = unknown string
WARNING: untranslated string: guardian no entries = unknown string
WARNING: untranslated string: guardian service = unknown string
+WARNING: untranslated string: hardware vulnerabilities = Hardware Vulnerabilities
WARNING: untranslated string: ids apply = Apply
WARNING: untranslated string: ids apply ruleset changes = The ruleset changes are being applied. Please wait until all operations have completed successfully...
WARNING: untranslated string: ids automatic rules update = Automatic Rule Update
@@ -963,7 +969,9 @@ WARNING: untranslated string: masquerade orange = Masquerade ORANGE
WARNING: untranslated string: masquerading = Masquerading
WARNING: untranslated string: masquerading disabled = Masquerading disabled
WARNING: untranslated string: masquerading enabled = Masquerading enabled
+WARNING: untranslated string: meltdown = Meltdown
WARNING: untranslated string: messages = Messages
+WARNING: untranslated string: mitigated = Mitigated
WARNING: untranslated string: model = Model
WARNING: untranslated string: modem hardware details = Modem Hardware
WARNING: untranslated string: modem information = Modem Information
@@ -983,6 +991,7 @@ WARNING: untranslated string: nameserver = Nameserver
WARNING: untranslated string: no data = unknown string
WARNING: untranslated string: none = none
WARNING: untranslated string: not a valid dh key = Not a valid Diffie-Hellman parameters file. Please use a length of 2048, 3072 or 4096 bits and the PKCS#3 format.
+WARNING: untranslated string: not affected = Not Affected
WARNING: untranslated string: one hour = One Hour
WARNING: untranslated string: one month = One Month
WARNING: untranslated string: one week = One Week
@@ -1001,9 +1010,11 @@ WARNING: untranslated string: ovpn generating the root and host certificates = G
WARNING: untranslated string: ovpn ha = Hash algorithm
WARNING: untranslated string: ovpn tls auth = TLS Channel Protection:
WARNING: untranslated string: ovpn warning rfc3280 = Your host certificate is not RFC3280 compliant. <br>Please update to the latest IPFire version and generate as soon as possible a new root and host certificate.</br><br>All OpenVPN clients needs then to be renewed!</br>
+WARNING: untranslated string: please reboot to apply your changes = Please reboot to apply your changes
WARNING: untranslated string: pptp netconfig = My Net Config
WARNING: untranslated string: pptp peer = Peer
WARNING: untranslated string: pptp route = PPTP Route
+WARNING: untranslated string: processor vulnerability mitigations = Processor Vulnerability Mitigations
WARNING: untranslated string: ptr = PTR
WARNING: untranslated string: random number generator daemon = Random Number Generator Daemon
WARNING: untranslated string: rdns = rDNS
@@ -1017,8 +1028,14 @@ WARNING: untranslated string: samba join domain = Join domain
WARNING: untranslated string: search = Search
WARNING: untranslated string: show dh = Show Diffie-Hellman parameters
WARNING: untranslated string: show tls-auth key = Show tls-auth key
+WARNING: untranslated string: smt disabled = unknown string
+WARNING: untranslated string: smt enabled = unknown string
+WARNING: untranslated string: smt not supported = unknown string
WARNING: untranslated string: software version = Software Version
WARNING: untranslated string: source ip country = Source IP Country
+WARNING: untranslated string: spectre variant 1 = Spectre Variant 1
+WARNING: untranslated string: spectre variant 2 = Spectre Variant 2
+WARNING: untranslated string: spectre variant 4 = Spectre Variant 4
WARNING: untranslated string: ssh active sessions = Active logins
WARNING: untranslated string: ssh agent forwarding = Allow SSH Agent Forwarding
WARNING: untranslated string: ssh login time = Logged in since
@@ -1056,6 +1073,8 @@ WARNING: untranslated string: vpn statistic rw = VPN: Roadwarrior Statistics
WARNING: untranslated string: vpn statistics n2n = unknown string
WARNING: untranslated string: vpn wait = WAITING
WARNING: untranslated string: vpn weak = Weak
+WARNING: untranslated string: vulnerability = Vulnerability
+WARNING: untranslated string: vulnerable = Vulnerable
WARNING: untranslated string: wireless network = WiFi Network
WARNING: untranslated string: wlan client anonymous identity = Anonymous Identity
WARNING: untranslated string: wlan client auth auto = Auto
diff --git a/doc/language_issues.pl b/doc/language_issues.pl
index 2ffea2f43..f015ac7df 100644
--- a/doc/language_issues.pl
+++ b/doc/language_issues.pl
@@ -664,7 +664,7 @@ WARNING: translation string unused: year-graph
WARNING: translation string unused: yearly firewallhits
WARNING: untranslated string: 24 hours = 24 Hours
WARNING: untranslated string: Captive = Captive Portal
-WARNING: untranslated string: Captive ACTIVATE = ACTIVATE
+WARNING: untranslated string: Captive ACTIVATE = unknown string
WARNING: untranslated string: Captive GAIN ACCESS = GAIN ACCESS
WARNING: untranslated string: Captive WiFi coupon = WiFi Coupon
WARNING: untranslated string: Captive activated = Activated
@@ -782,6 +782,7 @@ WARNING: untranslated string: country codes and flags = Country Codes and Flags:
WARNING: untranslated string: countrycode = Code
WARNING: untranslated string: crypto error = Cryptographic error
WARNING: untranslated string: crypto warning = Cryptographic warning
+WARNING: untranslated string: dangerous = Dangerous
WARNING: untranslated string: dead peer detection = Dead Peer Detection
WARNING: untranslated string: default = Default
WARNING: untranslated string: default IP address = Default IP Address
@@ -843,9 +844,11 @@ WARNING: untranslated string: email tls = Use TLS
WARNING: untranslated string: email usemail = Activate Mail Service
WARNING: untranslated string: emerging pro rules = Emergingthreats.net Pro Rules
WARNING: untranslated string: emerging rules = Emergingthreats.net Community Rules
+WARNING: untranslated string: enable smt = Enable Simultaneous Multi-Threading (SMT)
WARNING: untranslated string: encryption = Encryption:
WARNING: untranslated string: entropy = Entropy
WARNING: untranslated string: entropy graphs = Entropy Graphs
+WARNING: untranslated string: fallout zombieload ridl = Fallout/ZombieLoad/RIDL
WARNING: untranslated string: fifteen minutes = 15 Minutes
WARNING: untranslated string: fireinfo ipfire version = IPFire version
WARNING: untranslated string: fireinfo is disabled = Fireinfo is disabled
@@ -875,6 +878,8 @@ WARNING: untranslated string: firewall rules = Firewall Rules
WARNING: untranslated string: first = First
WARNING: untranslated string: five minutes = 5 Minutes
WARNING: untranslated string: flag = Flag
+WARNING: untranslated string: force enable = Forced
+WARNING: untranslated string: foreshadow = Foreshadow
WARNING: untranslated string: four hours = 4 Hours
WARNING: untranslated string: fw default drop = Firewall policy
WARNING: untranslated string: fw settings = Firewall settings
@@ -1065,6 +1070,7 @@ WARNING: untranslated string: guardian logtarget_syslog = unknown string
WARNING: untranslated string: guardian no entries = unknown string
WARNING: untranslated string: guardian service = unknown string
WARNING: untranslated string: hardware support = Hardware Support
+WARNING: untranslated string: hardware vulnerabilities = Hardware Vulnerabilities
WARNING: untranslated string: ids apply = Apply
WARNING: untranslated string: ids apply ruleset changes = The ruleset changes are being applied. Please wait until all operations have completed successfully...
WARNING: untranslated string: ids automatic rules update = Automatic Rule Update
@@ -1124,9 +1130,11 @@ WARNING: untranslated string: masquerading = Masquerading
WARNING: untranslated string: masquerading disabled = Masquerading disabled
WARNING: untranslated string: masquerading enabled = Masquerading enabled
WARNING: untranslated string: maximum = Maximum
+WARNING: untranslated string: meltdown = Meltdown
WARNING: untranslated string: messages = Messages
WARNING: untranslated string: minimum = Minimum
WARNING: untranslated string: minute = Minute
+WARNING: untranslated string: mitigated = Mitigated
WARNING: untranslated string: model = Model
WARNING: untranslated string: modem hardware details = Modem Hardware
WARNING: untranslated string: modem information = Modem Information
@@ -1147,6 +1155,7 @@ WARNING: untranslated string: nameserver = Nameserver
WARNING: untranslated string: no data = unknown string
WARNING: untranslated string: none = none
WARNING: untranslated string: not a valid dh key = Not a valid Diffie-Hellman parameters file. Please use a length of 2048, 3072 or 4096 bits and the PKCS#3 format.
+WARNING: untranslated string: not affected = Not Affected
WARNING: untranslated string: notice = Notice
WARNING: untranslated string: one hour = One Hour
WARNING: untranslated string: one month = One Month
@@ -1189,9 +1198,11 @@ WARNING: untranslated string: ovpn warning rfc3280 = Your host certificate is no
WARNING: untranslated string: p2p block = P2P networks
WARNING: untranslated string: p2p block save notice = Please reload the firewall ruleset in order to apply your changes.
WARNING: untranslated string: pakfire ago = ago.
+WARNING: untranslated string: please reboot to apply your changes = Please reboot to apply your changes
WARNING: untranslated string: pptp netconfig = My Net Config
WARNING: untranslated string: pptp peer = Peer
WARNING: untranslated string: pptp route = PPTP Route
+WARNING: untranslated string: processor vulnerability mitigations = Processor Vulnerability Mitigations
WARNING: untranslated string: proxy reports = Proxy Reports
WARNING: untranslated string: proxy reports daily = Daily reports
WARNING: untranslated string: proxy reports monthly = Monthly reports
@@ -1213,9 +1224,15 @@ WARNING: untranslated string: search = Search
WARNING: untranslated string: server restart = You are not able to save any changes while the OpenVPN server is running.
WARNING: untranslated string: show dh = Show Diffie-Hellman parameters
WARNING: untranslated string: show tls-auth key = Show tls-auth key
+WARNING: untranslated string: smt disabled = unknown string
+WARNING: untranslated string: smt enabled = unknown string
+WARNING: untranslated string: smt not supported = unknown string
WARNING: untranslated string: snat new source ip address = New source IP address
WARNING: untranslated string: software version = Software Version
WARNING: untranslated string: source ip country = Source IP Country
+WARNING: untranslated string: spectre variant 1 = Spectre Variant 1
+WARNING: untranslated string: spectre variant 2 = Spectre Variant 2
+WARNING: untranslated string: spectre variant 4 = Spectre Variant 4
WARNING: untranslated string: ssh = SSH
WARNING: untranslated string: ssh active sessions = Active logins
WARNING: untranslated string: ssh agent forwarding = Allow SSH Agent Forwarding
@@ -1311,6 +1328,8 @@ WARNING: untranslated string: vpn statistic rw = VPN: Roadwarrior Statistics
WARNING: untranslated string: vpn statistics n2n = unknown string
WARNING: untranslated string: vpn wait = WAITING
WARNING: untranslated string: vpn weak = Weak
+WARNING: untranslated string: vulnerability = Vulnerability
+WARNING: untranslated string: vulnerable = Vulnerable
WARNING: untranslated string: wireless network = WiFi Network
WARNING: untranslated string: wlan client = Wireless client
WARNING: untranslated string: wlan client advanced settings = Advanced settings
diff --git a/doc/language_issues.ru b/doc/language_issues.ru
index 8923c2705..f8f4e1051 100644
--- a/doc/language_issues.ru
+++ b/doc/language_issues.ru
@@ -666,7 +666,7 @@ WARNING: translation string unused: yearly firewallhits
WARNING: untranslated string: 24 hours = 24 Hours
WARNING: untranslated string: Add a route = Add a route
WARNING: untranslated string: Captive = Captive Portal
-WARNING: untranslated string: Captive ACTIVATE = ACTIVATE
+WARNING: untranslated string: Captive ACTIVATE = unknown string
WARNING: untranslated string: Captive GAIN ACCESS = GAIN ACCESS
WARNING: untranslated string: Captive WiFi coupon = WiFi Coupon
WARNING: untranslated string: Captive activated = Activated
@@ -785,6 +785,7 @@ WARNING: untranslated string: country codes and flags = Country Codes and Flags:
WARNING: untranslated string: countrycode = Code
WARNING: untranslated string: crypto error = Cryptographic error
WARNING: untranslated string: crypto warning = Cryptographic warning
+WARNING: untranslated string: dangerous = Dangerous
WARNING: untranslated string: dead peer detection = Dead Peer Detection
WARNING: untranslated string: default = Default
WARNING: untranslated string: default IP address = Default IP Address
@@ -847,6 +848,7 @@ WARNING: untranslated string: email tls = Use TLS
WARNING: untranslated string: email usemail = Activate Mail Service
WARNING: untranslated string: emerging pro rules = Emergingthreats.net Pro Rules
WARNING: untranslated string: emerging rules = Emergingthreats.net Community Rules
+WARNING: untranslated string: enable smt = Enable Simultaneous Multi-Threading (SMT)
WARNING: untranslated string: encryption = Encryption:
WARNING: untranslated string: entropy = Entropy
WARNING: untranslated string: entropy graphs = Entropy Graphs
@@ -857,6 +859,7 @@ WARNING: untranslated string: extrahd maybe the device is in use = . Maybe the d
WARNING: untranslated string: extrahd to = to
WARNING: untranslated string: extrahd to root = to root
WARNING: untranslated string: extrahd you cant mount = You can't mount
+WARNING: untranslated string: fallout zombieload ridl = Fallout/ZombieLoad/RIDL
WARNING: untranslated string: fifteen minutes = 15 Minutes
WARNING: untranslated string: firewall graph country = Firewall-Diagram (Country)
WARNING: untranslated string: firewall graph ip = Firewall-Diagram (IP)
@@ -869,6 +872,8 @@ WARNING: untranslated string: firewall rules = Firewall Rules
WARNING: untranslated string: first = First
WARNING: untranslated string: five minutes = 5 Minutes
WARNING: untranslated string: flag = Flag
+WARNING: untranslated string: force enable = Forced
+WARNING: untranslated string: foreshadow = Foreshadow
WARNING: untranslated string: four hours = 4 Hours
WARNING: untranslated string: fw default drop = Firewall policy
WARNING: untranslated string: fw settings = Firewall settings
@@ -1066,6 +1071,7 @@ WARNING: untranslated string: guardian logtarget_syslog = unknown string
WARNING: untranslated string: guardian no entries = unknown string
WARNING: untranslated string: guardian service = unknown string
WARNING: untranslated string: hardware support = Hardware Support
+WARNING: untranslated string: hardware vulnerabilities = Hardware Vulnerabilities
WARNING: untranslated string: ids apply = Apply
WARNING: untranslated string: ids apply ruleset changes = The ruleset changes are being applied. Please wait until all operations have completed successfully...
WARNING: untranslated string: ids automatic rules update = Automatic Rule Update
@@ -1126,9 +1132,11 @@ WARNING: untranslated string: masquerading = Masquerading
WARNING: untranslated string: masquerading disabled = Masquerading disabled
WARNING: untranslated string: masquerading enabled = Masquerading enabled
WARNING: untranslated string: maximum = Maximum
+WARNING: untranslated string: meltdown = Meltdown
WARNING: untranslated string: messages = Messages
WARNING: untranslated string: minimum = Minimum
WARNING: untranslated string: minute = Minute
+WARNING: untranslated string: mitigated = Mitigated
WARNING: untranslated string: model = Model
WARNING: untranslated string: modem hardware details = Modem Hardware
WARNING: untranslated string: modem information = Modem Information
@@ -1149,6 +1157,7 @@ WARNING: untranslated string: nameserver = Nameserver
WARNING: untranslated string: no data = unknown string
WARNING: untranslated string: none = none
WARNING: untranslated string: not a valid dh key = Not a valid Diffie-Hellman parameters file. Please use a length of 2048, 3072 or 4096 bits and the PKCS#3 format.
+WARNING: untranslated string: not affected = Not Affected
WARNING: untranslated string: notice = Notice
WARNING: untranslated string: one hour = One Hour
WARNING: untranslated string: one month = One Month
@@ -1185,9 +1194,11 @@ WARNING: untranslated string: ovpn tls auth = TLS Channel Protection:
WARNING: untranslated string: ovpn warning rfc3280 = Your host certificate is not RFC3280 compliant. <br>Please update to the latest IPFire version and generate as soon as possible a new root and host certificate.</br><br>All OpenVPN clients needs then to be renewed!</br>
WARNING: untranslated string: p2p block = P2P networks
WARNING: untranslated string: p2p block save notice = Please reload the firewall ruleset in order to apply your changes.
+WARNING: untranslated string: please reboot to apply your changes = Please reboot to apply your changes
WARNING: untranslated string: pptp netconfig = My Net Config
WARNING: untranslated string: pptp peer = Peer
WARNING: untranslated string: pptp route = PPTP Route
+WARNING: untranslated string: processor vulnerability mitigations = Processor Vulnerability Mitigations
WARNING: untranslated string: proxy reports = Proxy Reports
WARNING: untranslated string: proxy reports daily = Daily reports
WARNING: untranslated string: proxy reports monthly = Monthly reports
@@ -1209,9 +1220,15 @@ WARNING: untranslated string: search = Search
WARNING: untranslated string: server restart = You are not able to save any changes while the OpenVPN server is running.
WARNING: untranslated string: show dh = Show Diffie-Hellman parameters
WARNING: untranslated string: show tls-auth key = Show tls-auth key
+WARNING: untranslated string: smt disabled = unknown string
+WARNING: untranslated string: smt enabled = unknown string
+WARNING: untranslated string: smt not supported = unknown string
WARNING: untranslated string: snat new source ip address = New source IP address
WARNING: untranslated string: software version = Software Version
WARNING: untranslated string: source ip country = Source IP Country
+WARNING: untranslated string: spectre variant 1 = Spectre Variant 1
+WARNING: untranslated string: spectre variant 2 = Spectre Variant 2
+WARNING: untranslated string: spectre variant 4 = Spectre Variant 4
WARNING: untranslated string: ssh = SSH
WARNING: untranslated string: ssh active sessions = Active logins
WARNING: untranslated string: ssh agent forwarding = Allow SSH Agent Forwarding
@@ -1306,6 +1323,8 @@ WARNING: untranslated string: vpn statistic rw = VPN: Roadwarrior Statistics
WARNING: untranslated string: vpn statistics n2n = unknown string
WARNING: untranslated string: vpn wait = WAITING
WARNING: untranslated string: vpn weak = Weak
+WARNING: untranslated string: vulnerability = Vulnerability
+WARNING: untranslated string: vulnerable = Vulnerable
WARNING: untranslated string: wireless network = WiFi Network
WARNING: untranslated string: wlan client = Wireless client
WARNING: untranslated string: wlan client advanced settings = Advanced settings
diff --git a/doc/language_issues.tr b/doc/language_issues.tr
index 42c7811bf..2f1699d59 100644
--- a/doc/language_issues.tr
+++ b/doc/language_issues.tr
@@ -796,12 +796,17 @@ WARNING: untranslated string: advproxy wpad view pac = Open PAC File
WARNING: untranslated string: bytes = unknown string
WARNING: untranslated string: crypto error = Cryptographic error
WARNING: untranslated string: crypto warning = Cryptographic warning
+WARNING: untranslated string: dangerous = Dangerous
WARNING: untranslated string: default IP address = Default IP Address
WARNING: untranslated string: dns forward disable dnssec = Disable DNSSEC (dangerous)
WARNING: untranslated string: dns forwarding dnssec disabled notice = (DNSSEC disabled)
WARNING: untranslated string: dnsforward dnssec disabled = DNSSEC Validation is disabled
WARNING: untranslated string: dnsforward forward_servers = Nameservers
WARNING: untranslated string: emerging pro rules = Emergingthreats.net Pro Rules
+WARNING: untranslated string: enable smt = Enable Simultaneous Multi-Threading (SMT)
+WARNING: untranslated string: fallout zombieload ridl = Fallout/ZombieLoad/RIDL
+WARNING: untranslated string: force enable = Forced
+WARNING: untranslated string: foreshadow = Foreshadow
WARNING: untranslated string: fwdfw all subnets = All subnets
WARNING: untranslated string: fwhost cust geoipgrp = unknown string
WARNING: untranslated string: fwhost err hostip = unknown string
@@ -835,6 +840,7 @@ WARNING: untranslated string: guardian logtarget_file = unknown string
WARNING: untranslated string: guardian logtarget_syslog = unknown string
WARNING: untranslated string: guardian no entries = unknown string
WARNING: untranslated string: guardian service = unknown string
+WARNING: untranslated string: hardware vulnerabilities = Hardware Vulnerabilities
WARNING: untranslated string: ids apply = Apply
WARNING: untranslated string: ids apply ruleset changes = The ruleset changes are being applied. Please wait until all operations have completed successfully...
WARNING: untranslated string: ids automatic rules update = Automatic Rule Update
@@ -869,17 +875,28 @@ WARNING: untranslated string: ipsec mode transport = Transport
WARNING: untranslated string: ipsec mode tunnel = Tunnel
WARNING: untranslated string: ipsec settings = IPsec Settings
WARNING: untranslated string: local ip address = Local IP Address
+WARNING: untranslated string: meltdown = Meltdown
+WARNING: untranslated string: mitigated = Mitigated
WARNING: untranslated string: mtu = MTU
WARNING: untranslated string: no data = unknown string
+WARNING: untranslated string: not affected = Not Affected
WARNING: untranslated string: ovpn error dh = The Diffie-Hellman parameter needs to be in minimum 2048 bit! <br>Please generate or upload a new Diffie-Hellman parameter, this can be made below in the section "Diffie-Hellman parameters options".</br>
WARNING: untranslated string: ovpn error md5 = You host certificate uses MD5 for the signature which is not accepted anymore. <br>Please update to the latest IPFire version and generate a new root and host certificate.</br><br>All OpenVPN clients needs then to be renewed!</br>
WARNING: untranslated string: ovpn tls auth = TLS Channel Protection:
WARNING: untranslated string: ovpn warning rfc3280 = Your host certificate is not RFC3280 compliant. <br>Please update to the latest IPFire version and generate as soon as possible a new root and host certificate.</br><br>All OpenVPN clients needs then to be renewed!</br>
+WARNING: untranslated string: please reboot to apply your changes = Please reboot to apply your changes
+WARNING: untranslated string: processor vulnerability mitigations = Processor Vulnerability Mitigations
WARNING: untranslated string: ptr = PTR
WARNING: untranslated string: route config changed = unknown string
WARNING: untranslated string: routing config added = unknown string
WARNING: untranslated string: routing config changed = unknown string
WARNING: untranslated string: routing table = unknown string
+WARNING: untranslated string: smt disabled = unknown string
+WARNING: untranslated string: smt enabled = unknown string
+WARNING: untranslated string: smt not supported = unknown string
+WARNING: untranslated string: spectre variant 1 = Spectre Variant 1
+WARNING: untranslated string: spectre variant 2 = Spectre Variant 2
+WARNING: untranslated string: spectre variant 4 = Spectre Variant 4
WARNING: untranslated string: ssh active sessions = Active logins
WARNING: untranslated string: ssh agent forwarding = Allow SSH Agent Forwarding
WARNING: untranslated string: ssh login time = Logged in since
@@ -892,6 +909,8 @@ WARNING: untranslated string: update ruleset = Update ruleset
WARNING: untranslated string: vpn start action add = Wait for connection initiation
WARNING: untranslated string: vpn statistics n2n = unknown string
WARNING: untranslated string: vpn wait = WAITING
+WARNING: untranslated string: vulnerability = Vulnerability
+WARNING: untranslated string: vulnerable = Vulnerable
WARNING: untranslated string: wlanap auto = Automatic Channel Selection
WARNING: untranslated string: wlanap broadcast ssid = Broadcast SSID
WARNING: untranslated string: wlanap client isolation = Client Isolation
diff --git a/doc/language_missings b/doc/language_missings
index 7b779054d..3f4d41394 100644
--- a/doc/language_missings
+++ b/doc/language_missings
@@ -29,6 +29,7 @@
< community rules
< could not connect to www ipfire org
< cryptographic settings
+< dangerous
< dead peer detection
< default IP address
< dhcp server disabled on blue interface
@@ -37,26 +38,41 @@
< done
< emerging pro rules
< emerging rules
+< enable smt
+< fallout zombieload ridl
+< force enable
+< foreshadow
< g.dtm
< g.lite
< guardian
+< hardware vulnerabilities
< ids hide
< ids rules update
< ids show
< insert removable device
< interface mode
+< meltdown
+< mitigated
+< not affected
< notes
+< please reboot to apply your changes
+< processor vulnerability mitigations
< quick control
< shaping add options
< show areas
< show lines
< show tls-auth key
+< spectre variant 1
+< spectre variant 2
+< spectre variant 4
< teovpn_fragment
< tor bridge enabled
< tor errmsg invalid node id
< updxlrtr used by
< upload fcdsl.o
< vpn configuration main
+< vulnerability
+< vulnerable
############################################################################
# Checking cgi-bin translations for language: es #
############################################################################
@@ -100,7 +116,6 @@
< Captive 1month
< Captive 1week
< Captive activate
-< Captive ACTIVATE
< Captive activated
< Captive active on
< Captive agree tac
@@ -202,6 +217,7 @@
< cryptographic settings
< crypto warning
< Daily
+< dangerous
< dead peer detection
< default
< default ip
@@ -271,10 +287,12 @@
< email usemail
< emerging pro rules
< emerging rules
+< enable smt
< encryption
< entropy
< entropy graphs
< error
+< fallout zombieload ridl
< fifteen minutes
< fireinfo ipfire version
< fireinfo is disabled
@@ -304,6 +322,8 @@
< first
< five minutes
< flag
+< force enable
+< foreshadow
< forward firewall
< four hours
< fw default drop
@@ -507,6 +527,7 @@
< grouptype
< guardian
< hardware support
+< hardware vulnerabilities
< ids apply
< ids apply ruleset changes
< ids automatic rules update
@@ -568,9 +589,11 @@
< maximum
< MB read
< MB written
+< meltdown
< messages
< minimum
< minute
+< mitigated
< model
< modem hardware details
< modem information
@@ -592,6 +615,7 @@
< never
< no hardware random number generator
< none
+< not affected
< not a valid dh key
< notice
< Number of Countries for the pie chart
@@ -659,9 +683,11 @@
< ovpn warning rfc3280
< p2p block
< p2p block save notice
+< please reboot to apply your changes
< pptp netconfig
< pptp peer
< pptp route
+< processor vulnerability mitigations
< proxy reports
< proxy reports daily
< proxy reports monthly
@@ -684,6 +710,9 @@
< snat new source ip address
< software version
< source ip country
+< spectre variant 1
+< spectre variant 2
+< spectre variant 4
< ssh
< ssh active sessions
< ssh agent forwarding
@@ -791,6 +820,8 @@
< vpn statistic rw
< vpn wait
< vpn weak
+< vulnerability
+< vulnerable
< Weekly
< wireless network
< wlanap
@@ -875,11 +906,17 @@
< advproxy wpad view pac
< Captive delete logo
< Daily
+< dangerous
< Disabled
< dnsforward dnssec disabled
< emerging pro rules
+< enable smt
< error
+< fallout zombieload ridl
+< force enable
+< foreshadow
< generate ptr
+< hardware vulnerabilities
< ids apply
< ids apply ruleset changes
< ids automatic rules update
@@ -898,12 +935,22 @@
< ids show
< ids working
< intrusion prevention system
+< meltdown
+< mitigated
+< not affected
< ovpn tls auth
+< please reboot to apply your changes
+< processor vulnerability mitigations
< ptr
< runmode
+< spectre variant 1
+< spectre variant 2
+< spectre variant 4
< ssh agent forwarding
< system is offline
< update ruleset
+< vulnerability
+< vulnerable
< Weekly
< wlanap auto
< wlanap broadcast ssid
@@ -950,7 +997,6 @@
< Captive 1month
< Captive 1week
< Captive activate
-< Captive ACTIVATE
< Captive activated
< Captive active on
< Captive agree tac
@@ -1005,6 +1051,7 @@
< cryptographic settings
< crypto warning
< Daily
+< dangerous
< default IP address
< dhcp dns enable update
< dhcp dns key name
@@ -1040,7 +1087,9 @@
< email tls
< email usemail
< emerging pro rules
+< enable smt
< error
+< fallout zombieload ridl
< fifteen minutes
< firewall graph country
< firewall graph ip
@@ -1049,6 +1098,8 @@
< firewall log ip
< firewall log port
< five minutes
+< force enable
+< foreshadow
< four hours
< fwdfw all subnets
< fwdfw err concon
@@ -1075,6 +1126,7 @@
< geoipblock flag
< guaranteed bandwith
< guardian
+< hardware vulnerabilities
< ids apply
< ids apply ruleset changes
< ids automatic rules update
@@ -1120,10 +1172,13 @@
< masquerading
< masquerading disabled
< masquerading enabled
+< meltdown
< messages
+< mitigated
< mtu
< MTU settings
< none
+< not affected
< Number of Countries for the pie chart
< one hour
< one month
@@ -1136,9 +1191,11 @@
< ovpn error md5
< ovpn tls auth
< ovpn warning rfc3280
+< please reboot to apply your changes
< pptp netconfig
< pptp peer
< pptp route
+< processor vulnerability mitigations
< ptr
< rdns
< required field
@@ -1146,6 +1203,9 @@
< samba join a domain
< samba join domain
< search
+< spectre variant 1
+< spectre variant 2
+< spectre variant 4
< ssh active sessions
< ssh agent forwarding
< ssh login time
@@ -1179,6 +1239,8 @@
< vpn statistic rw
< vpn wait
< vpn weak
+< vulnerability
+< vulnerable
< Weekly
< wireless network
< wlanap
@@ -1247,7 +1309,6 @@
< Captive 1month
< Captive 1week
< Captive activate
-< Captive ACTIVATE
< Captive activated
< Captive active on
< Captive agree tac
@@ -1302,6 +1363,7 @@
< cryptographic settings
< crypto warning
< Daily
+< dangerous
< default
< default IP address
< dh
@@ -1352,7 +1414,9 @@
< email tls
< email usemail
< emerging pro rules
+< enable smt
< error
+< fallout zombieload ridl
< fifteen minutes
< firewall graph country
< firewall graph ip
@@ -1362,6 +1426,8 @@
< firewall log port
< firewall logs country
< five minutes
+< force enable
+< foreshadow
< four hours
< fwdfw all subnets
< fwdfw err concon
@@ -1389,6 +1455,7 @@
< geoipblock enable feature
< geoipblock flag
< guardian
+< hardware vulnerabilities
< ids apply
< ids apply ruleset changes
< ids automatic rules update
@@ -1436,7 +1503,9 @@
< masquerading
< masquerading disabled
< masquerading enabled
+< meltdown
< messages
+< mitigated
< model
< modem hardware details
< modem information
@@ -1456,6 +1525,7 @@
< nameserver
< never
< none
+< not affected
< not a valid dh key
< Number of Countries for the pie chart
< one hour
@@ -1478,9 +1548,11 @@
< ovpn reneg sec
< ovpn tls auth
< ovpn warning rfc3280
+< please reboot to apply your changes
< pptp netconfig
< pptp peer
< pptp route
+< processor vulnerability mitigations
< ptr
< random number generator daemon
< rdns
@@ -1493,6 +1565,9 @@
< show tls-auth key
< software version
< source ip country
+< spectre variant 1
+< spectre variant 2
+< spectre variant 4
< ssh active sessions
< ssh agent forwarding
< ssh login time
@@ -1530,6 +1605,8 @@
< vpn statistic rw
< vpn wait
< vpn weak
+< vulnerability
+< vulnerable
< Weekly
< wireless network
< wlanap
@@ -1611,7 +1688,6 @@
< Captive 1month
< Captive 1week
< Captive activate
-< Captive ACTIVATE
< Captive activated
< Captive active on
< Captive agree tac
@@ -1714,6 +1790,7 @@
< cryptographic settings
< crypto warning
< Daily
+< dangerous
< dead peer detection
< default
< default ip
@@ -1783,6 +1860,7 @@
< email usemail
< emerging pro rules
< emerging rules
+< enable smt
< encryption
< entropy
< entropy graphs
@@ -1796,6 +1874,7 @@
< extrahd unable to read
< extrahd unable to write
< extrahd you cant mount
+< fallout zombieload ridl
< fifteen minutes
< firewall graph country
< firewall graph ip
@@ -1808,6 +1887,8 @@
< first
< five minutes
< flag
+< force enable
+< foreshadow
< forward firewall
< four hours
< fw default drop
@@ -2021,6 +2102,7 @@
< grouptype
< guardian
< hardware support
+< hardware vulnerabilities
< ids apply
< ids apply ruleset changes
< ids automatic rules update
@@ -2082,9 +2164,11 @@
< maximum
< MB read
< MB written
+< meltdown
< messages
< minimum
< minute
+< mitigated
< model
< modem hardware details
< modem information
@@ -2106,6 +2190,7 @@
< never
< no hardware random number generator
< none
+< not affected
< not a valid dh key
< notice
< Number of Countries for the pie chart
@@ -2159,9 +2244,11 @@
< ovpn warning rfc3280
< p2p block
< p2p block save notice
+< please reboot to apply your changes
< pptp netconfig
< pptp peer
< pptp route
+< processor vulnerability mitigations
< proxy reports
< proxy reports daily
< proxy reports monthly
@@ -2183,6 +2270,9 @@
< snat new source ip address
< software version
< source ip country
+< spectre variant 1
+< spectre variant 2
+< spectre variant 4
< ssh
< ssh active sessions
< ssh agent forwarding
@@ -2289,6 +2379,8 @@
< vpn statistic rw
< vpn wait
< vpn weak
+< vulnerability
+< vulnerable
< Weekly
< wireless network
< wlanap
@@ -2403,7 +2495,6 @@
< Captive 1month
< Captive 1week
< Captive activate
-< Captive ACTIVATE
< Captive activated
< Captive active on
< Captive agree tac
@@ -2506,6 +2597,7 @@
< cryptographic settings
< crypto warning
< Daily
+< dangerous
< day-graph
< dead peer detection
< default
@@ -2578,6 +2670,7 @@
< email usemail
< emerging pro rules
< emerging rules
+< enable smt
< encryption
< entropy
< entropy graphs
@@ -2591,6 +2684,7 @@
< extrahd unable to read
< extrahd unable to write
< extrahd you cant mount
+< fallout zombieload ridl
< fifteen minutes
< firewall graph country
< firewall graph ip
@@ -2603,6 +2697,8 @@
< first
< five minutes
< flag
+< force enable
+< foreshadow
< forward firewall
< four hours
< frequency
@@ -2817,6 +2913,7 @@
< grouptype
< guardian
< hardware support
+< hardware vulnerabilities
< hour-graph
< ids apply
< ids apply ruleset changes
@@ -2880,9 +2977,11 @@
< maximum
< MB read
< MB written
+< meltdown
< messages
< minimum
< minute
+< mitigated
< model
< modem hardware details
< modem information
@@ -2905,6 +3004,7 @@
< never
< no hardware random number generator
< none
+< not affected
< not a valid dh key
< notice
< Number of Countries for the pie chart
@@ -2955,9 +3055,11 @@
< ovpn warning rfc3280
< p2p block
< p2p block save notice
+< please reboot to apply your changes
< pptp netconfig
< pptp peer
< pptp route
+< processor vulnerability mitigations
< proxy reports
< proxy reports daily
< proxy reports monthly
@@ -2979,6 +3081,9 @@
< snat new source ip address
< software version
< source ip country
+< spectre variant 1
+< spectre variant 2
+< spectre variant 4
< ssh
< ssh active sessions
< ssh agent forwarding
@@ -3085,6 +3190,8 @@
< vpn statistic rw
< vpn wait
< vpn weak
+< vulnerability
+< vulnerable
< week-graph
< Weekly
< wireless network
@@ -3174,6 +3281,7 @@
< cryptographic settings
< crypto warning
< Daily
+< dangerous
< default IP address
< Disabled
< dns forward disable dnssec
@@ -3181,9 +3289,14 @@
< dnsforward forward_servers
< dns forwarding dnssec disabled notice
< emerging pro rules
+< enable smt
< error
+< fallout zombieload ridl
+< force enable
+< foreshadow
< fwdfw all subnets
< generate ptr
+< hardware vulnerabilities
< ids apply
< ids apply ruleset changes
< ids automatic rules update
@@ -3217,13 +3330,21 @@
< ipsec mode tunnel
< ipsec settings
< local ip address
+< meltdown
+< mitigated
< mtu
+< not affected
< ovpn error dh
< ovpn error md5
< ovpn tls auth
< ovpn warning rfc3280
+< please reboot to apply your changes
+< processor vulnerability mitigations
< ptr
< runmode
+< spectre variant 1
+< spectre variant 2
+< spectre variant 4
< ssh active sessions
< ssh agent forwarding
< ssh login time
@@ -3235,6 +3356,8 @@
< update ruleset
< vpn start action add
< vpn wait
+< vulnerability
+< vulnerable
< Weekly
< wlanap auto
< wlanap broadcast ssid
diff --git a/html/cgi-bin/vulnerabilities.cgi b/html/cgi-bin/vulnerabilities.cgi
new file mode 100644
index 000000000..371ffa547
--- /dev/null
+++ b/html/cgi-bin/vulnerabilities.cgi
@@ -0,0 +1,250 @@
+#!/usr/bin/perl
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2007-2019 IPFire Team <info(a)ipfire.org> #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+use strict;
+
+# enable only the following on debugging purpose
+#use warnings;
+#use CGI::Carp 'fatalsToBrowser';
+
+require '/var/ipfire/general-functions.pl';
+require "${General::swroot}/lang.pl";
+require "${General::swroot}/header.pl";
+
+my %VULNERABILITIES = (
+ "l1tf" => "$Lang::tr{'foreshadow'} (CVE-2018-3620)",
+ "mds" => "$Lang::tr{'fallout zombieload ridl'} (CVE-2018-12126, CVE-2018-12130, CVE-2018-12127, CVE-2019-11091)",
+ "meltdown" => "$Lang::tr{'meltdown'} (CVE-2017-5754)",
+ "spec_store_bypass" => "$Lang::tr{'spectre variant 4'} (CVE-2018-3639)",
+ "spectre_v1" => "$Lang::tr{'spectre variant 1'} (CVE-2017-5753)",
+ "spectre_v2" => "$Lang::tr{'spectre variant 2'} (CVE-2017-5715)",
+);
+
+my $errormessage = "";
+my $notice = "";
+
+my %mainsettings = ();
+my %color = ();
+&General::readhash("${General::swroot}/main/settings", \%mainsettings);
+&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
+
+my %settings = (
+ "ENABLE_SMT" => "auto",
+);
+&General::readhash("${General::swroot}/main/security", \%settings);
+
+&Header::showhttpheaders();
+
+&Header::getcgihash(\%settings);
+
+if ($settings{'ACTION'} eq $Lang::tr{'save'}) {
+ if ($settings{'ENABLE_SMT'} !~ /^(auto|on)$/) {
+ $errormessage = $Lang::tr{'invalid input'};
+ }
+
+ unless ($errormessage) {
+ &General::writehash("${General::swroot}/main/security", \%settings);
+ $notice = $Lang::tr{'please reboot to apply your changes'};
+ }
+}
+
+my %checked = ();
+$checked{'ENABLE_SMT'}{'auto'} = '';
+$checked{'ENABLE_SMT'}{'on'} = '';
+$checked{'ENABLE_SMT'}{$settings{'ENABLE_SMT'}} = "checked";
+
+&Header::openpage($Lang::tr{'processor vulnerability mitigations'}, 1, '');
+
+&Header::openbigbox("100%", "left", "", $errormessage);
+
+if ($errormessage) {
+ &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
+ print "<font color='red'>$errormessage</font>";
+ &Header::closebox();
+}
+
+if ($notice) {
+ &Header::openbox('100%', 'left', $Lang::tr{'notice'});
+ print "<font color='red'>$notice</font>";
+ &Header::closebox();
+}
+
+&Header::openbox('100%', 'center', $Lang::tr{'processor vulnerability mitigations'});
+
+print <<END;
+ <table class="tbl" width='100%'>
+ <thead>
+ <tr>
+ <th align="center">
+ <strong>$Lang::tr{'vulnerability'}</strong>
+ </th>
+ <th align="center">
+ <strong>$Lang::tr{'status'}</strong>
+ </th>
+ </tr>
+ </thead>
+ <tbody>
+END
+
+my $id = 0;
+for my $vuln (sort keys %VULNERABILITIES) {
+ my ($status, $message) = &check_status($vuln);
+ next if (!$status);
+
+ my $colour = "";
+ my $bgcolour = "";
+ my $status_message = "";
+
+ # Not affected
+ if ($status eq "Not affected") {
+ $status_message = $Lang::tr{'not affected'};
+ $colour = "white";
+ $bgcolour = ${Header::colourblack};
+
+ # Vulnerable
+ } elsif ($status eq "Vulnerable") {
+ $status_message = $Lang::tr{'vulnerable'};
+ $colour = "white";
+ $bgcolour = ${Header::colourred};
+
+ # Mitigated
+ } elsif ($status eq "Mitigation") {
+ $status_message = $Lang::tr{'mitigated'};
+ $colour = "black";
+ $bgcolour = ${Header::colourorange};
+
+ } else {
+ next;
+ }
+
+ my $table_colour = ($id++ % 2) ? $color{'color22'} : $color{'color20'};
+
+ print <<END;
+ <tr bgcolor="$table_colour">
+ <td align="left">
+ <strong>$VULNERABILITIES{$vuln}</strong>
+ </td>
+
+ <td bgcolor="$bgcolour" align="center">
+ <font color="$colour">
+END
+ if ($message) {
+ print "<strong>$status_message</strong>: $message";
+ } else {
+ print "<strong>$status_message</strong>";
+ }
+
+ print <<END;
+ </font>
+ </td>
+ </tr>
+END
+ }
+
+print <<END;
+ </tbody>
+ </table>
+END
+
+&Header::closebox();
+
+print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n";
+
+&Header::openbox('100%', 'center', $Lang::tr{'settings'});
+
+my $smt_status = &smt_status();
+
+print <<END;
+ <table class="tbl" width="66%">
+ <tbody>
+ <tr>
+ <th colspan="2" align="center">
+ <strong>$smt_status</strong>
+ </th>
+ </tr>
+
+ <tr>
+ <td width="50%" align="left">
+ $Lang::tr{'enable smt'}
+ </td>
+
+ <td width="50%" align="center">
+ <label>
+ <input type="radio" name="ENABLE_SMT"
+ value="auto" $checked{'ENABLE_SMT'}{'auto'}>
+ $Lang::tr{'automatic'}
+ </label> /
+ <label>
+ <input type="radio" name="ENABLE_SMT"
+ value="on" $checked{'ENABLE_SMT'}{'on'}>
+ $Lang::tr{'force enable'} ($Lang::tr{'dangerous'})
+ </label>
+ </td>
+ </tr>
+
+ <tr>
+ <td colspan="2" align="right">
+ <input type="submit" name="ACTION" value="$Lang::tr{'save'}">
+ </td>
+ </tr>
+ </tbody>
+ </table>
+END
+
+&Header::closebox();
+
+print "</form>\n";
+
+&Header::closebigbox();
+
+&Header::closepage();
+
+sub check_status($) {
+ my $vuln = shift;
+
+ open(FILE, "/sys/devices/system/cpu/vulnerabilities/$vuln") or return undef;
+ my $status = <FILE>;
+ close(FILE);
+
+ if ($status =~ /^(Mitigation): (.*)$/) {
+ return ($1, $2);
+ }
+
+ return $status;
+}
+
+sub smt_status() {
+ open(FILE, "/sys/devices/system/cpu/smt/control");
+ my $status = <FILE>;
+ close(FILE);
+
+ chomp($status);
+
+ if ($status eq "on") {
+ return $Lang::tr{'smt enabled'};
+ } elsif (($status eq "off") || ($status eq "forceoff")) {
+ return $Lang::tr{'smt disabled'};
+ } elsif ($status eq "notsupported") {
+ return $Lang::tr{'smt not supported'};
+ }
+
+ return $status;
+}
diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
index 8b43872a3..5f32a7ab1 100644
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -12,12 +12,14 @@
'Captive 1day' => '1 day',
'Captive 1month' => '1 month',
'Captive 1week' => '1 week',
-'Captive ACTIVATE' => 'ACTIVATE',
'Captive GAIN ACCESS' => 'GAIN ACCESS',
'Captive WiFi coupon' => 'WiFi Coupon',
'Captive activate' => 'Activate',
'Captive activated' => 'Activated',
'Captive active on' => 'Activated on',
+'smt enabled' => 'Simultaneous Multi-Threading (SMT) is enabled',
+'smt disabled' => 'Simultaneous Multi-Threading (SMT) is disabled',
+'smt not supported' => 'Simultaneous Multi-Threading (SMT) is not supported',
'Captive agree tac' => 'I agree with the terms & conditions below.',
'Captive auth_lic' => 'License',
'Captive auth_vou' => 'Voucher',
@@ -713,6 +715,7 @@
'custom networks' => 'Custom networks',
'custom services' => 'Custom services',
'daily firewallhits' => 'daily firewallhits',
+'dangerous' => 'Dangerous',
'dat without key' => 'An encrypted archive cannot be restored without the key.',
'date' => 'Date',
'date not in logs' => 'No (or only partial) logs exist for the day queried',
@@ -970,6 +973,7 @@
'empty profile' => 'empty',
'enable ignore filter' => 'Enable ignore filter',
'enable javascript' => 'Enable javascript',
+'enable smt' => 'Enable Simultaneous Multi-Threading (SMT)',
'enable wildcards' => 'Enable wildcards:',
'enabled' => 'Enabled:',
'enabled on' => 'Enabled on',
@@ -1027,6 +1031,7 @@
'extrahd unable to read' => 'Unable to read',
'extrahd unable to write' => 'Unable to write',
'extrahd you cant mount' => 'You can\'t mount',
+'fallout zombieload ridl' => 'Fallout/ZombieLoad/RIDL',
'false classnumber' => 'The Class-Number does not match the interface.',
'false max bandwith' => 'Maximum bandwith is false.',
'false min bandwith' => 'Minimum bandwith is false.',
@@ -1076,8 +1081,10 @@
'fixed ip lease modified' => 'Fixed IP lease modified',
'fixed ip lease removed' => 'Fixed IP lease removed',
'flag' => 'Flag',
+'force enable' => 'Forced',
'force update' => 'Force update',
'force user' => 'force all new file to user',
+'foreshadow' => 'Foreshadow',
'forward firewall' => 'Firewall',
'forwarding rule added' => 'Forwarding rule added; restarting forwarder',
'forwarding rule removed' => 'Forwarding rule removed; restarting forwarder',
@@ -1343,6 +1350,7 @@
'harddisk temperature graphs' => 'HDD Graphs',
'hardware graphs' => 'Hardware Graphs',
'hardware support' => 'Hardware Support',
+'hardware vulnerabilities' => 'Hardware Vulnerabilities',
'hdd temperature in' => 'Harddisk temperature in',
'help' => 'Help',
'high' => 'High',
@@ -1668,6 +1676,7 @@
'media' => 'Media',
'media information' => 'Media information',
'medium' => 'Medium',
+'meltdown' => 'Meltdown',
'memory' => 'Memory',
'memory information' => 'Memory information',
'memory usage per' => 'Memory Usage per',
@@ -1684,6 +1693,7 @@
'misc-options' => 'Miscellaneous options',
'missing dat' => 'Encrypted archive not found',
'missing gz' => 'Unencrypted archive not found',
+'mitigated' => 'Mitigated',
'mode' => 'Mode',
'model' => 'Model',
'modem' => 'Modem',
@@ -1792,6 +1802,7 @@
'noservicename' => 'No Service Name entered',
'not a valid ca certificate' => 'Not a valid CA certificate.',
'not a valid dh key' => 'Not a valid Diffie-Hellman parameters file. Please use a length of 2048, 3072 or 4096 bits and the PKCS#3 format.',
+'not affected' => 'Not Affected',
'not enough disk space' => 'Not enough disk space',
'not present' => '<b>Not</b> present',
'not running' => 'not running',
@@ -1991,6 +2002,7 @@
'ping disabled' => 'Disable ping response',
'pkcs12 file password' => 'PKCS12 File Password',
'play' => 'Play',
+'please reboot to apply your changes' => 'Please reboot to apply your changes',
'polfile' => 'Polfile',
'policy' => 'Policy',
'port' => 'Port',
@@ -2019,6 +2031,7 @@
'printing options' => 'printing options',
'priority' => 'Priority',
'processes' => 'Processes',
+'processor vulnerability mitigations' => 'Processor Vulnerability Mitigations',
'profile' => 'Profile',
'profile deleted' => 'Profile deleted: ',
'profile has errors' => 'Profile has errors',
@@ -2231,6 +2244,9 @@
'source port overlaps' => 'Source port range overlaps an existing port range.',
'speaker off' => 'Speaker off:',
'speaker on' => 'Speaker on:',
+'spectre variant 1' => 'Spectre Variant 1',
+'spectre variant 2' => 'Spectre Variant 2',
+'spectre variant 4' => 'Spectre Variant 4',
'squid extension methods' => 'Your <tt>extension_methods</tt> list',
'squid extension methods invalid' => 'Your \'extension_methods\' list can only contain uppercase words of letters and digits, separated with a space. ',
'squid fix cache' => 'Repair cache',
@@ -2821,6 +2837,8 @@
'vpn wait' => 'WAITING',
'vpn watch' => 'Restart net-to-net vpn when remote peer IP changes (dyndns).',
'vpn weak' => 'Weak',
+'vulnerability' => 'Vulnerability',
+'vulnerable' => 'Vulnerable',
'waiting to synchronize clock' => 'Waiting to synchronize clock',
'warn when traffic reaches' => 'Warn when traffic reaches x %',
'warning messages' => 'Warning messages',
diff --git a/lfs/initscripts b/lfs/initscripts
index 055e106d0..5ed5f9524 100644
--- a/lfs/initscripts
+++ b/lfs/initscripts
@@ -169,6 +169,7 @@ $(TARGET) :
ln -sf ../init.d/mountfs /etc/rc.d/rcsysinit.d/S40mountfs
ln -sf ../init.d/fsresize /etc/rc.d/rcsysinit.d/S42fsresize
ln -sf ../init.d/mounttmpfs /etc/rc.d/rcsysinit.d/S43mounttmpfs
+ ln -sf ../init.d/smt /etc/rc.d/rcsysinit.d/S44smt
ln -sf ../init.d/udev_retry /etc/rc.d/rcsysinit.d/S45udev_retry
ln -sf ../init.d/cleanfs /etc/rc.d/rcsysinit.d/S50cleanfs
ln -sf ../init.d/setclock /etc/rc.d/rcsysinit.d/S60setclock
diff --git a/src/initscripts/system/smt b/src/initscripts/system/smt
new file mode 100644
index 000000000..a31cd7bea
--- /dev/null
+++ b/src/initscripts/system/smt
@@ -0,0 +1,40 @@
+#!/bin/sh
+########################################################################
+# Begin $rc_base/init.d/smt
+########################################################################
+
+. /etc/sysconfig/rc
+. ${rc_functions}
+
+eval $(/usr/local/bin/readhash /var/ipfire/main/security)
+
+case "${1}" in
+ start)
+ # Nothing to do here when SMT is forced on
+ if [ "${ENABLE_SMT}" = "on" ]; then
+ exit 0
+ fi
+
+ # Nothing to do if this processor is not vulnerable
+ # to Fallout/RIDL.
+ if [ -r "/sys/devices/system/cpu/vulnerabilities/mds" ]; then
+ if [ "$(</sys/devices/system/cpu/vulnerabilities/mds)" = "Not affected" ]; then
+ exit 0
+ fi
+
+ # Disable SMT when supported and enabled
+ if [ "$(</sys/devices/system/cpu/smt/control)" = "on" ]; then
+ boot_mesg "Disabling Simultaneous Multi-Threading (SMT)..."
+ echo "forceoff" > /sys/devices/system/cpu/smt/control
+ echo_ok
+ fi
+ fi
+ ;;
+
+ *)
+ echo "Usage: ${0} {start}"
+ exit 1
+ ;;
+esac
+
+# End $rc_base/init.d/smt
hooks/post-receive
--
IPFire 2.x development tree
reply other threads:[~2019-05-20 20:56 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190520205628.1F7EE84FDBF@people01.i.ipfire.org \
--to=git@ipfire.org \
--cc=ipfire-scm@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox