From: Michael Tremer <git@ipfire.org>
To: ipfire-scm@lists.ipfire.org
Subject: [git.ipfire.org] IPFire 2.x development tree branch, core184, updated. 68c3cfd0be7d840466361fc33901db9f1fb74daa
Date: Mon, 18 Mar 2024 10:14:45 +0000 [thread overview]
Message-ID: <4TyrLs45JJz2xs9@people01.haj.ipfire.org> (raw)
[-- Attachment #1: Type: text/plain, Size: 2775 bytes --]
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, core184 has been updated
via 68c3cfd0be7d840466361fc33901db9f1fb74daa (commit)
from 6d501c05583a4efa513ff4b04a48ef41d5e8170e (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 68c3cfd0be7d840466361fc33901db9f1fb74daa
Author: Adolf Belka <adolf.belka(a)ipfire.org>
Date: Sat Mar 16 10:32:54 2024 +0100
CU184-update.sh: Add drop hostile in & out logging entries
- My drop hostile patch set updated the WUI entries to include in and out logging options
but the values need to be added to the optionsfw entries for existing systems being
upgraded.
- After the existing CU184 update the LOGDROPHOSTILEIN and LOGDROPHO)STILEOUT entries
are not in the settings file which trewats them as being set to off, even though they
are enabled in the WUI update.
- This patch adds the LOGDROPHOSTILEIN and LOGDROPHOSTILEOUT entries into the settings
file and then runs the firewallctrl command to apply to the firewall.
- Ran a CU184 update on a CU183 vm system and then ran the comands added into the update.sh
script and then did a reboot. Entries include and DROP_HOSTILE entries start to be
logged again.
Tested-by: Adolf Belka <adolf.belka(a)ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
-----------------------------------------------------------------------
Summary of changes:
config/rootfiles/core/184/update.sh | 6 ++++++
1 file changed, 6 insertions(+)
Difference in files:
diff --git a/config/rootfiles/core/184/update.sh b/config/rootfiles/core/184/update.sh
index aa593047d..1a0e67c66 100644
--- a/config/rootfiles/core/184/update.sh
+++ b/config/rootfiles/core/184/update.sh
@@ -80,6 +80,12 @@ xz --check=crc32 --lzma2=dict=512KiB /lib/modules/6.6.15-ipfire/extra/wlan/8812a
# Apply local configuration to sshd_config
/usr/local/bin/sshctrl
+# Add the drop hostile in and out logging options
+# into the optionsfw settings file and apply to firewall
+sed -i '$ a\LOGDROPHOSTILEIN=on' /var/ipfire/optionsfw/settings
+sed -i '$ a\LOGDROPHOSTILEOUT=on' /var/ipfire/optionsfw/settings
+/usr/local/bin/firewallctrl
+
# Start services
telinit u
/etc/init.d/vnstat start
hooks/post-receive
--
IPFire 2.x development tree
reply other threads:[~2024-03-18 10:14 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4TyrLs45JJz2xs9@people01.haj.ipfire.org \
--to=git@ipfire.org \
--cc=ipfire-scm@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox