From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4ZkSyb5JwBz331C for ; Fri, 25 Apr 2025 10:00:39 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail01.haj.ipfire.org", Issuer "R10" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4ZkSyb4zYqz32dy for ; Fri, 25 Apr 2025 10:00:39 +0000 (UTC) Received: from people01.haj.ipfire.org (people01.haj.ipfire.org [172.28.1.161]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature ECDSA (secp384r1) client-digest SHA384) (Client CN "people01.haj.ipfire.org", Issuer "E6" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4ZkSyb1K68z1Gx for ; Fri, 25 Apr 2025 10:00:39 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1745575239; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc; bh=/J4F22XhtW/sQhwfjwX+tMim0RzP3PGFgygvPv97P/0=; b=3kUuAEmo3BmQ5orJ79jgYMCT/BpUppEgR60Tk6W7M+F8Zw7zRMp2ljz8+jNYQMeGU6mhl/ t3p5aV2mxRS24vAQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1745575239; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc; bh=/J4F22XhtW/sQhwfjwX+tMim0RzP3PGFgygvPv97P/0=; b=cDPld15JluhsM5nCBhdZyQ3z2+Bz+ZxUu2amIX7TNSTbYSFVQliQu/y1BhWYTsEtZ/Om2b HdQR2z8Puds4PB2qBVWjG1EJ+prbDDq8j+g1rbY6fwF3WhQBM3AzhaL8E5iTUTOvMCtJ14 +0PkV3+tVBbvc1JhNfeDFjZCmdI6wFwufomGcvIy0dLtzTnB1Ff4IilzPQXqyyP+us3bz3 n1oGYE46SXOZnw30Z+A2VhZOt48MtYhv395FC0As+UXbxGIiG07GpKrD/LL0C92BUAFICU YMzh0120pXpbASPQnX57NPVDOXaAiVsQbUgXw3zjkrT6KVHrLAFbDtWwB2noiw== Received: by people01.haj.ipfire.org (Postfix, from userid 1000) id 4ZkSyZ6K47z2y6T; Fri, 25 Apr 2025 10:00:38 +0000 (UTC) To: ipfire-scm@lists.ipfire.org Subject: [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 9638ab6ea9223e41dc21bc52ee189ab760c02327 X-Git-Refname: refs/heads/next X-Git-Reftype: branch X-Git-Oldrev: 3757b8ef10377e422f2c7b98d34f728ab0977809 X-Git-Newrev: 9638ab6ea9223e41dc21bc52ee189ab760c02327 Message-Id: <4ZkSyZ6K47z2y6T@people01.haj.ipfire.org> Date: Fri, 25 Apr 2025 10:00:38 +0000 (UTC) From: Michael Tremer Precedence: list List-Id: List-Subscribe: , List-Unsubscribe: , List-Post: List-Help: Sender: Mail-Followup-To: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, next has been updated via 9638ab6ea9223e41dc21bc52ee189ab760c02327 (commit) via c55ed9a6022109ccc2a69d3d9066125ac862ff82 (commit) via 8afbef0fce2fde7d12ddbab26390c6a71c173bdc (commit) via dfb7062fba3bcac4a422f8d473d3fbe001cd1c65 (commit) via 7a735a765e91efd2b25dfade31056522796867b0 (commit) via 0ef81845d8be2c869c227f76477337d8e27226fb (commit) via 5e93cd834b2f203d6adafc80a9eac603a116efd7 (commit) from 3757b8ef10377e422f2c7b98d34f728ab0977809 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 9638ab6ea9223e41dc21bc52ee189ab760c02327 Author: Michael Tremer Date: Fri Apr 25 10:00:10 2025 +0000 core195: Ship gzip Signed-off-by: Michael Tremer commit c55ed9a6022109ccc2a69d3d9066125ac862ff82 Author: Adolf Belka Date: Thu Apr 24 15:43:47 2025 +0200 gzip: Update to version 1.14 - Update from version 1.13 to 1.14 - Update of rootfile not required - Changelog 1.14 ** Bug fixes 'gzip -d' no longer omits the last partial output buffer when the input ends unexpectedly on an IBM Z platform. [bug introduced in gzip-1.11] 'gzip -l' no longer misreports lengths of multimember inputs. [bug introduced in gzip-1.12] 'gzip -S' now rejects suffixes containing '/'. [bug present since the beginning] ** Changes in behavior The GZIP environment variable is now silently ignored except for the options -1 (--fast) through -9 (--best), --rsyncable, and --synchronous. This brings gzip into line with more-cautious compressors like zstd that limit environment variables' effect to relatively innocuous performance issues. You can continue to use scripts to specify whatever gzip options you like. 'zmore' is no longer installed on platforms lacking 'more'. ** Performance improvements gzip now decompresses significantly faster by computing CRCs via a slice by 8 algorithm, and faster yet on x86-64 platforms that support pclmul instructions. Signed-off-by: Adolf Belka Signed-off-by: Michael Tremer commit 8afbef0fce2fde7d12ddbab26390c6a71c173bdc Author: Michael Tremer Date: Fri Apr 25 11:56:20 2025 +0200 wireguard-functions.pl: Fix array dereference when generating the client configuration Signed-off-by: Michael Tremer commit dfb7062fba3bcac4a422f8d473d3fbe001cd1c65 Author: Michael Tremer Date: Fri Apr 25 11:52:01 2025 +0200 wireguard-functions.pl: Don't crash when configuration files don't exist This should never really happen, but since we include this file in pretty much everything Perl, we should not fail. Signed-off-by: Michael Tremer commit 7a735a765e91efd2b25dfade31056522796867b0 Author: Michael Tremer Date: Fri Apr 25 11:51:42 2025 +0200 core195: Create an empty set of wireguard configuration files Signed-off-by: Michael Tremer commit 0ef81845d8be2c869c227f76477337d8e27226fb Author: Michael Tremer Date: Fri Apr 25 09:59:19 2025 +0000 core195: Ship ids.cgi Signed-off-by: Michael Tremer commit 5e93cd834b2f203d6adafc80a9eac603a116efd7 Author: Michael Tremer Date: Wed Apr 23 12:45:44 2025 +0200 ids.cgi: Show graph only when all RRDs exist Signed-off-by: Michael Tremer ----------------------------------------------------------------------- Summary of changes: config/cfgroot/wireguard-functions.pl | 12 +++++++++--- config/rootfiles/core/195/filelists/files | 1 + config/rootfiles/{oldcore/111 => core/195}/filelists/gzip | 0 config/rootfiles/core/195/update.sh | 8 +++++++- html/cgi-bin/ids.cgi | 4 +++- lfs/gzip | 6 +++--- 6 files changed, 23 insertions(+), 8 deletions(-) copy config/rootfiles/{oldcore/111 => core/195}/filelists/gzip (100%) Difference in files: diff --git a/config/cfgroot/wireguard-functions.pl b/config/cfgroot/wireguard-functions.pl index 79b3bb097..8fd873d74 100644 --- a/config/cfgroot/wireguard-functions.pl +++ b/config/cfgroot/wireguard-functions.pl @@ -33,11 +33,17 @@ our $DEFAULT_KEEPALIVE = 25; # Read the global configuration our %settings = (); -&General::readhash("/var/ipfire/wireguard/settings", \%settings); + +if (-e "/var/ipfire/wireguard/settings") { + &General::readhash("/var/ipfire/wireguard/settings", \%settings); +} # Read all peers our %peers = (); -&General::readhasharray("/var/ipfire/wireguard/peers", \%peers); + +if (-e "/var/ipfire/wireguard/peers") { + &General::readhasharray("/var/ipfire/wireguard/peers", \%peers); +} # Set any defaults &General::set_defaults(\%settings, { @@ -421,7 +427,7 @@ sub generate_peer_configuration($$) { push(@conf, "[Interface]", "PrivateKey = $private_key", - "Address = $peer->{'CLIENT_ADDRESS'}", + "Address = @{ $peer->{'CLIENT_ADDRESS'} }", ); # Optionally add DNS servers diff --git a/config/rootfiles/core/195/filelists/files b/config/rootfiles/core/195/filelists/files index cdab4957a..f09b4650e 100644 --- a/config/rootfiles/core/195/filelists/files +++ b/config/rootfiles/core/195/filelists/files @@ -7,6 +7,7 @@ opt/pakfire/lib/functions.pl srv/web/ipfire/cgi-bin/ddns.cgi srv/web/ipfire/cgi-bin/firewall.cgi srv/web/ipfire/cgi-bin/fwhosts.cgi +srv/web/ipfire/cgi-bin/ids.cgi srv/web/ipfire/cgi-bin/pakfire.cgi srv/web/ipfire/cgi-bin/services.cgi srv/web/ipfire/cgi-bin/wireguard.cgi diff --git a/config/rootfiles/core/195/filelists/gzip b/config/rootfiles/core/195/filelists/gzip new file mode 120000 index 000000000..aebcccd87 --- /dev/null +++ b/config/rootfiles/core/195/filelists/gzip @@ -0,0 +1 @@ +../../../common/gzip \ No newline at end of file diff --git a/config/rootfiles/core/195/update.sh b/config/rootfiles/core/195/update.sh index eb7a672b9..d1194ec69 100644 --- a/config/rootfiles/core/195/update.sh +++ b/config/rootfiles/core/195/update.sh @@ -44,7 +44,13 @@ ldconfig # Create the Wireguard configuration directory if [ ! -d "/var/ipfire/wireguard" ]; then mkdir -pv "/var/ipfire/wireguard" - chown nobody:nobody "/var/ipfire/wireguard" + + # Create some configuration files + touch /var/ipfire/wireguard/peers + touch /var/ipfire/wireguard/settings + + # Everything needs to belong to nobody + chown -Rv nobody:nobody "/var/ipfire/wireguard" fi # Update Language cache diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi index 4eaf4911d..960e72ef1 100644 --- a/html/cgi-bin/ids.cgi +++ b/html/cgi-bin/ids.cgi @@ -1102,7 +1102,9 @@ END &Header::closesection(); # Throughput Graph - if (-e "/var/log/rrd/collectd/localhost/iptables-mangle-IPS/ipt_bytes-BYPASSED.rrd") { + if (-e "/var/log/rrd/collectd/localhost/iptables-mangle-IPS/ipt_bytes-BYPASSED.rrd" + && -e "/var/log/rrd/collectd/localhost/iptables-mangle-IPS/ipt_bytes-SCANNED.rrd" + && -e "/var/log/rrd/collectd/localhost/iptables-mangle-IPS/ipt_bytes-WHITELISTED.rrd") { &Header::graph("$Lang::tr{'ips throughput'}", "ids.cgi", "ips-throughput", "day"); } diff --git a/lfs/gzip b/lfs/gzip index 5101df71f..8f036063d 100644 --- a/lfs/gzip +++ b/lfs/gzip @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2023 IPFire Team # +# Copyright (C) 2007-2025 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@ include Config -VER = 1.13 +VER = 1.14 THISAPP = gzip-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -49,7 +49,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = f0e3b4c28bafcd3b59b65ac2d71218dc58d81b52c6921c1be038757c99e99184178c5d0e9674caa5099713b8b64e8c85cf061f4abfa20b73b478288f121fb05d +$(DL_FILE)_BLAKE2 = 32f7241bd9f3b7f73a59905a5bc9abf4e360e787f692cbb00ad28d48abee52744846d10c07ce2f7aaa3e66bc4b6ab9cd4f1b8e98854bb7d1ec010ae0d5146932 install : $(TARGET) hooks/post-receive -- IPFire 2.x development tree