From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.haj.ipfire.org (localhost [IPv6:::1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4d4vbf23d3z2xh0 for ; Mon, 10 Nov 2025 16:03:42 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail01.haj.ipfire.org", Issuer "R12" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4d4vbf1psPz2xXK for ; Mon, 10 Nov 2025 16:03:42 +0000 (UTC) Received: from people01.haj.ipfire.org (people01.haj.ipfire.org [IPv6:2001:678:b28::161]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature ECDSA (secp384r1) client-digest SHA384) (Client CN "people01.haj.ipfire.org", Issuer "E8" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4d4vbd6KzWzs0 for ; Mon, 10 Nov 2025 16:03:41 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1762790621; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc; bh=/tUF5GYUZvfBX1trfebWF0Fg+M6LWGncBexocyGRzm0=; b=8mzXuBNdDfj0fS3DwYC7FKn0XH4DX7kKOoLWOKFgis/8lyyIiVrlGlX+Bct9vO7DAvqqA/ PW8FsrgYvOAYz6AQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1762790621; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc; bh=/tUF5GYUZvfBX1trfebWF0Fg+M6LWGncBexocyGRzm0=; b=lQ8XKHEMczDKU7dcBhazLLoeYEoYxMcJcDzVMtqSnOFEuzeyE44scGD97x9NO95mhj3KG3 K3yZmTiD3n/3n1LO6y2m2AeD2/SeEIWOeVbe1Oa/V+KUoeJ89Hq6ILwzusVsHz2mTAq/3i D/fRATc5UyE3De6uveXDKEmOfi8vB4LUa6T8/Q/v+HWFRPd6Z7UjjQ8r0hu3br+RtQpmMK gtbKylhZLnmRWC+gkMTr7aDkkoSVSBh2hWuUSAXXw1XXRXAU0Y0Wn5eEvWDDm31TTFYSes YDYnuv34FSBdTP9sLoV8vMeopFT1wlPSBdSqw/PTMOrwEiAJWDHztrRAdBel1w== Received: by people01.haj.ipfire.org (Postfix, from userid 1000) id 4d4vbd3Zcgz2xPM; Mon, 10 Nov 2025 16:03:41 +0000 (UTC) To: ipfire-scm@lists.ipfire.org Subject: [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 2244601d117e57c4b5cc7082a4843fcead167cff X-Git-Refname: refs/heads/next X-Git-Reftype: branch X-Git-Oldrev: cc704b6cbb63bbb946191dc10ade6efc1617c508 X-Git-Newrev: 2244601d117e57c4b5cc7082a4843fcead167cff Message-Id: <4d4vbd3Zcgz2xPM@people01.haj.ipfire.org> Date: Mon, 10 Nov 2025 16:03:41 +0000 (UTC) From: Michael Tremer Precedence: list List-Id: List-Subscribe: , List-Unsubscribe: , List-Post: List-Help: Sender: Mail-Followup-To: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, next has been updated via 2244601d117e57c4b5cc7082a4843fcead167cff (commit) via 0df5d1462e48d87ec966aab57e5d46b124461827 (commit) via 253bd31530838583238fc7ebb13d7db0e7540e52 (commit) via 58726bfbdf320e3f8a253a8a7ea3234e35ad84a7 (commit) via 66a920208bd05e118fccc90a3e0271f1c00152d7 (commit) from cc704b6cbb63bbb946191dc10ade6efc1617c508 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 2244601d117e57c4b5cc7082a4843fcead167cff Author: Michael Tremer Date: Mon Nov 10 16:03:04 2025 +0000 lldpd: Build with the seccomp filter only on x86_64 Signed-off-by: Michael Tremer commit 0df5d1462e48d87ec966aab57e5d46b124461827 Author: Michael Tremer Date: Fri Nov 7 14:44:37 2025 +0000 suricata-reporter: Send reports at 1 am Signed-off-by: Michael Tremer commit 253bd31530838583238fc7ebb13d7db0e7540e52 Author: Michael Tremer Date: Fri Nov 7 14:39:27 2025 +0000 initscripts: dhcp: Tolerate running other dhcp servers Some users have been trying to run multiple instances of the DHCP server and restarting the main server won't work because the initscript refuses to launch the process if there is another one with the same command. Signed-off-by: Michael Tremer commit 58726bfbdf320e3f8a253a8a7ea3234e35ad84a7 Author: Michael Tremer Date: Fri Nov 7 14:35:27 2025 +0000 core199: Ship suricata-reporter Signed-off-by: Michael Tremer commit 66a920208bd05e118fccc90a3e0271f1c00152d7 Author: Michael Tremer Date: Fri Nov 7 14:34:56 2025 +0000 suricata-reporter: Update to version 0.5 Signed-off-by: Michael Tremer ----------------------------------------------------------------------- Summary of changes: config/cron/crontab | 6 +++--- config/rootfiles/core/199/filelists/files | 1 + .../{oldcore/198 => core/199}/filelists/suricata-reporter | 0 config/rootfiles/core/199/update.sh | 3 +++ lfs/lldpd | 11 +++++++++-- lfs/suricata-reporter | 4 ++-- src/initscripts/system/dhcp | 2 +- 7 files changed, 19 insertions(+), 8 deletions(-) copy config/rootfiles/{oldcore/198 => core/199}/filelists/suricata-reporter (100%) Difference in files: diff --git a/config/cron/crontab b/config/cron/crontab index f516bcf35..8df8bc0f6 100644 --- a/config/cron/crontab +++ b/config/cron/crontab @@ -66,9 +66,9 @@ HOME=/ @ 12h [ -f "/var/ipfire/red/active" ] && /usr/local/bin/update-ids-ruleset >/dev/null 2>&1 # Send IPS reports -&nice(5),bootrun 0 9 * * * /usr/bin/suricata-report-cron daily -&nice(5),bootrun 0 9 * * MON /usr/bin/suricata-report-cron weekly -&nice(5),bootrun 0 9 1 * * /usr/bin/suricata-report-cron monthly +&nice(5),bootrun 0 1 * * * /usr/bin/suricata-report-cron daily +&nice(5),bootrun 0 1 * * MON /usr/bin/suricata-report-cron weekly +&nice(5),bootrun 0 1 1 * * /usr/bin/suricata-report-cron monthly # Update Lists for IP-based blocking every 15 minutes. @ 15 [ -f "/var/ipfire/red/active" ] && /usr/local/bin/update-ipblocklists >/dev/null 2>&1 diff --git a/config/rootfiles/core/199/filelists/files b/config/rootfiles/core/199/filelists/files index 1a0a4787f..1a3e0b9c9 100644 --- a/config/rootfiles/core/199/filelists/files +++ b/config/rootfiles/core/199/filelists/files @@ -31,3 +31,4 @@ var/ipfire/header.pl var/ipfire/lldp var/ipfire/menu.d/30-network.menu var/ipfire/qos/bin/makeqosscripts.pl +var/spool/cron/root.orig diff --git a/config/rootfiles/core/199/filelists/suricata-reporter b/config/rootfiles/core/199/filelists/suricata-reporter new file mode 120000 index 000000000..23f2cd87d --- /dev/null +++ b/config/rootfiles/core/199/filelists/suricata-reporter @@ -0,0 +1 @@ +../../../common/suricata-reporter \ No newline at end of file diff --git a/config/rootfiles/core/199/update.sh b/config/rootfiles/core/199/update.sh index ec4116ae2..db017945e 100644 --- a/config/rootfiles/core/199/update.sh +++ b/config/rootfiles/core/199/update.sh @@ -142,6 +142,9 @@ sudo -u nobody /srv/web/ipfire/cgi-bin/ovpnmain.cgi /etc/init.d/sshd restart /etc/init.d/ipsec restart +# Re-import the updated crontab +fcrontab -z + # Build initial ramdisks dracut --regenerate-all --force KVER="xxxKVERxxx" diff --git a/lfs/lldpd b/lfs/lldpd index e84dfaef2..72954fb0d 100644 --- a/lfs/lldpd +++ b/lfs/lldpd @@ -32,6 +32,13 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) +EXTRA_ARGS = + +# The seccomp filter is only available for x86_64 +ifeq "$(BUILD_ARCH)" "x86_64" + EXTRA_ARGS += --with-seccomp +endif + ############################################################################### # Top-level Rules ############################################################################### @@ -78,10 +85,10 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) --sysconfdir=/etc \ --localstatedir=/var \ --disable-static \ - --with-seccomp \ --with-privsep-user=nobody \ --with-privsep-group=nobody \ - --without-embedded-libevent + --without-embedded-libevent \ + $(EXTRA_ARGS) cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install @rm -rf $(DIR_APP) diff --git a/lfs/suricata-reporter b/lfs/suricata-reporter index 839eb7931..98d4f3458 100644 --- a/lfs/suricata-reporter +++ b/lfs/suricata-reporter @@ -24,7 +24,7 @@ include Config -VER = 0.4 +VER = 0.5 THISAPP = suricata-reporter-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = cd7cf23143f09133cd590900a14e30cc02a9fb441287349c982a458e2aa8cb5b0087d55ae4c254b1d9b4b54a8ff8108b380c93119cccf3ae54cf4d8214023430 +$(DL_FILE)_BLAKE2 = b82af742cab7ece8516c755eb06ebfac41a83eecbabb9d065960c2cf02c5579494ae5dd83dc464c03722f6d29f40b72613d7806467bb742d6b0a5a4185f1bc40 install : $(TARGET) diff --git a/src/initscripts/system/dhcp b/src/initscripts/system/dhcp index 826cd2dfe..05c809cab 100644 --- a/src/initscripts/system/dhcp +++ b/src/initscripts/system/dhcp @@ -52,7 +52,7 @@ case "$1" in fi boot_mesg "Starting DHCP Server..." - loadproc /usr/sbin/dhcpd -q ${LISTEN_INTERFACES} + loadproc -f /usr/sbin/dhcpd -q ${LISTEN_INTERFACES} # Start Unbound DHCP Lease Bridge unless RFC2136 is used if [ "${DNS_UPDATE_ENABLED}" != on ]; then hooks/post-receive -- IPFire 2.x development tree