From: "Peter Müller" <git@ipfire.org>
To: ipfire-scm@lists.ipfire.org
Subject: [git.ipfire.org] IPFire 2.x development tree branch, next, updated. bae9b5dcca5aacabab861d4584288cb4ba7fd0c1
Date: Thu, 17 Feb 2022 20:04:22 +0000 [thread overview]
Message-ID: <4K05Py69KLz2xW6@people01.haj.ipfire.org> (raw)
[-- Attachment #1: Type: text/plain, Size: 10683 bytes --]
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, next has been updated
via bae9b5dcca5aacabab861d4584288cb4ba7fd0c1 (commit)
via b67cf71b2de584df24faf4765f2c0647b713003f (commit)
via 26674f2d5cb72699c5594c19cb6eb44de0ed3b2c (commit)
via b84666930e0d3a21fd982ae9203f97bc13b7760a (commit)
via c8ddb9ef1fe7a0f1771be8bec01f43a981a25138 (commit)
from cf5356763f57b9070d2f84200f614af91c3beee2 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit bae9b5dcca5aacabab861d4584288cb4ba7fd0c1
Author: Stefan Schantl <stefan.schantl(a)ipfire.org>
Date: Thu Feb 17 06:40:03 2022 +0100
rules.pl: Adjust check against loading the same lists multiple times.
This check now has been moved to the ipset_restore() function, which
will help to keep the code clean and maintain-able.
Signed-off-by: Stefan Schantl <stefan.schantl(a)ipfire.org>
Reviewed-by: Peter Müller <peter.mueller(a)ipfire.org>
commit b67cf71b2de584df24faf4765f2c0647b713003f
Author: Leo-Andres Hofmann <hofmann(a)leo-andres.de>
Date: Thu Feb 17 13:40:43 2022 +0100
manualpages: Drop p2p-block entry
The p2p-block CGI has been removed. Therefore the link to its
manual page can be removed as well.
Signed-off-by: Leo-Andres Hofmann <hofmann(a)leo-andres.de>
Reviewed-by: Peter Müller <peter.mueller(a)ipfire.org>
commit 26674f2d5cb72699c5594c19cb6eb44de0ed3b2c
Author: Peter Müller <peter.mueller(a)ipfire.org>
Date: Thu Feb 17 19:23:15 2022 +0000
Core Update 165: Fixed symlink after renaming Perl packages
Signed-off-by: Peter Müller <peter.mueller(a)ipfire.org>
commit b84666930e0d3a21fd982ae9203f97bc13b7760a
Author: Peter Müller <peter.mueller(a)ipfire.org>
Date: Thu Feb 17 19:22:49 2022 +0000
Core Update 165: Ship bind
Signed-off-by: Peter Müller <peter.mueller(a)ipfire.org>
commit c8ddb9ef1fe7a0f1771be8bec01f43a981a25138
Author: Matthias Fischer <matthias.fischer(a)ipfire.org>
Date: Thu Feb 17 17:46:26 2022 +0100
bind: Update to 9.16.26
For details see:
https://downloads.isc.org/isc/bind9/9.16.26/doc/arm/html/notes.html#notes-for-bind-9-16-26
"Notes for BIND 9.16.26
Feature Changes
The DLZ API has been updated: EDNS Client-Subnet (ECS) options sent
by a client are now included in the client information sent to DLZ
modules when processing queries. [GL #3082]
Bug Fixes
Previously, recvmmsg support was enabled in libuv 1.35.0 and 1.36.0,
but not in libuv versions 1.37.0 or greater, reducing the maximum
query-response performance. This has been fixed. [GL #3095]
A failed view configuration during a named reconfiguration procedure
could cause inconsistencies in BIND internal structures, causing
a crash or other unexpected errors. This has been fixed. [GL #3060]
Previously, named logged a “quota reached” message when it hit its
hard quota on the number of connections. That message was
accidentally removed but has now been restored. [GL #3125]
Build errors were introduced in some DLZ modules due to an
incomplete change in the previous release. This has been fixed. [GL
#3111]"
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
Reviewed-by: Peter Müller <peter.mueller(a)ipfire.org>
-----------------------------------------------------------------------
Summary of changes:
config/cfgroot/manualpages | 1 -
config/firewall/rules.pl | 43 +++++++++-------------
config/rootfiles/common/bind | 14 +++----
.../{oldcore/100 => core/165}/filelists/bind | 0
config/rootfiles/core/165/filelists/libwww-perl | 1 -
config/rootfiles/core/165/filelists/perl-libwww | 1 +
lfs/bind | 4 +-
7 files changed, 27 insertions(+), 37 deletions(-)
copy config/rootfiles/{oldcore/100 => core/165}/filelists/bind (100%)
delete mode 120000 config/rootfiles/core/165/filelists/libwww-perl
create mode 120000 config/rootfiles/core/165/filelists/perl-libwww
Difference in files:
diff --git a/config/cfgroot/manualpages b/config/cfgroot/manualpages
index 4bfec8ab7..6c2e54b55 100644
--- a/config/cfgroot/manualpages
+++ b/config/cfgroot/manualpages
@@ -61,7 +61,6 @@ firewall=configuration/firewall
fwhosts=configuration/firewall/fwgroups
optionsfw=configuration/firewall/options
ids=configuration/firewall/ips
-p2p-block=configuration/firewall/p2p-block
location-block=configuration/firewall/geoip-block
wireless=configuration/firewall/accesstoblue
iptables=configuration/firewall/iptables
diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl
index 25d01e0e3..927c1f2ba 100644
--- a/config/firewall/rules.pl
+++ b/config/firewall/rules.pl
@@ -404,14 +404,8 @@ sub buildrules {
# Grab location code from hash.
my $loc_src = $$hash{$key}[4];
- # Check if the network list for this country already has been loaded.
- unless($loaded_ipset_lists{$loc_src}) {
- # Call function to load the networks list for this country.
- &ipset_restore($loc_src);
-
- # Store to the hash that this list has been loaded.
- $loaded_ipset_lists{$loc_src} = "1";
- }
+ # Call function to load the networks list for this country.
+ &ipset_restore($loc_src);
push(@source_options, $source);
} elsif($source) {
@@ -424,14 +418,8 @@ sub buildrules {
# Grab location code from hash.
my $loc_dst = $$hash{$key}[6];
- # Check if the network list for this country already has been loaded.
- unless($loaded_ipset_lists{$loc_dst}) {
- # Call function to load the networks list for this country.
- &ipset_restore($loc_dst);
-
- # Store to the hash that this list has been loaded.
- $loaded_ipset_lists{$loc_dst} = "1";
- }
+ # Call function to load the networks list for this country.
+ &ipset_restore($loc_dst);
push(@destination_options, $destination);
} elsif ($destination) {
@@ -677,14 +665,8 @@ sub locationblock {
# is enabled.
foreach my $location (@locations) {
if(exists $locationsettings{$location} && $locationsettings{$location} eq "on") {
- # Check if the network list for this country already has been loaded.
- unless($loaded_ipset_lists{$location}) {
- # Call function to load the networks list for this country.
- &ipset_restore($location);
-
- # Store to the hash that this list has been loaded.
- $loaded_ipset_lists{$location} = "1";
- }
+ # Call function to load the networks list for this country.
+ &ipset_restore($location);
# Call iptables and create rule to use the loaded ipset list.
run("$IPTABLES -A LOCATIONBLOCK -m set --match-set CC_$location src -j DROP");
@@ -906,14 +888,23 @@ sub firewall_is_in_subnet {
}
sub ipset_restore ($) {
- my ($ccode) = @_;
+ my ($list) = @_;
my $file_prefix = "ipset4";
- my $db_file = "$Location::Functions::ipset_db_directory/$ccode.$file_prefix";
+ my $db_file = "$Location::Functions::ipset_db_directory/$list.$file_prefix";
+
+ # Check if the network list already has been loaded.
+ if($loaded_ipset_lists{$list}) {
+ # It already has been loaded - so there is nothing to do.
+ return;
+ }
# Check if the generated file exists.
if (-f $db_file) {
# Run ipset and restore the list of the given country code.
run("$IPSET restore < $db_file");
+
+ # Store the restored list name to the hash to prevent from loading it again.
+ $loaded_ipset_lists{$list} = "1";
}
}
diff --git a/config/rootfiles/common/bind b/config/rootfiles/common/bind
index 4ea64dc0c..c0e56854a 100644
--- a/config/rootfiles/common/bind
+++ b/config/rootfiles/common/bind
@@ -274,24 +274,24 @@ usr/bin/nsupdate
#usr/include/pk11/site.h
#usr/include/pkcs11
#usr/include/pkcs11/pkcs11.h
-usr/lib/libbind9-9.16.25.so
+usr/lib/libbind9-9.16.26.so
#usr/lib/libbind9.la
#usr/lib/libbind9.so
-usr/lib/libdns-9.16.25.so
+usr/lib/libdns-9.16.26.so
#usr/lib/libdns.la
#usr/lib/libdns.so
-usr/lib/libirs-9.16.25.so
+usr/lib/libirs-9.16.26.so
#usr/lib/libirs.la
#usr/lib/libirs.so
-usr/lib/libisc-9.16.25.so
+usr/lib/libisc-9.16.26.so
#usr/lib/libisc.la
#usr/lib/libisc.so
-usr/lib/libisccc-9.16.25.so
+usr/lib/libisccc-9.16.26.so
#usr/lib/libisccc.la
#usr/lib/libisccc.so
-usr/lib/libisccfg-9.16.25.so
+usr/lib/libisccfg-9.16.26.so
#usr/lib/libisccfg.la
#usr/lib/libisccfg.so
-usr/lib/libns-9.16.25.so
+usr/lib/libns-9.16.26.so
#usr/lib/libns.la
#usr/lib/libns.so
diff --git a/config/rootfiles/core/165/filelists/bind b/config/rootfiles/core/165/filelists/bind
new file mode 120000
index 000000000..48a0ebaef
--- /dev/null
+++ b/config/rootfiles/core/165/filelists/bind
@@ -0,0 +1 @@
+../../../common/bind
\ No newline at end of file
diff --git a/config/rootfiles/core/165/filelists/libwww-perl b/config/rootfiles/core/165/filelists/libwww-perl
deleted file mode 120000
index ad77c8c4a..000000000
--- a/config/rootfiles/core/165/filelists/libwww-perl
+++ /dev/null
@@ -1 +0,0 @@
-../../../common/libwww-perl
\ No newline at end of file
diff --git a/config/rootfiles/core/165/filelists/perl-libwww b/config/rootfiles/core/165/filelists/perl-libwww
new file mode 120000
index 000000000..6b8bff6e1
--- /dev/null
+++ b/config/rootfiles/core/165/filelists/perl-libwww
@@ -0,0 +1 @@
+../../../common/perl-libwww
\ No newline at end of file
diff --git a/lfs/bind b/lfs/bind
index fc6e7654e..72c85f5f5 100644
--- a/lfs/bind
+++ b/lfs/bind
@@ -25,7 +25,7 @@
include Config
-VER = 9.16.25
+VER = 9.16.26
THISAPP = bind-$(VER)
DL_FILE = $(THISAPP).tar.xz
@@ -43,7 +43,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 361a54fc5ebeb3a1af77abec08b33661
+$(DL_FILE)_MD5 = 799696f44e0d61659fa0efaa3c5fe5d8
install : $(TARGET)
hooks/post-receive
--
IPFire 2.x development tree
reply other threads:[~2022-02-17 20:04 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4K05Py69KLz2xW6@people01.haj.ipfire.org \
--to=git@ipfire.org \
--cc=ipfire-scm@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox