[prev in list] [next in list] [prev in thread] [next in thread]
List: ipfire-scm
Subject: [git.ipfire.org] IPFire 2.x development tree branch, next, updated. 57521504a89e792336f55e893564a000
From: Michael Tremer <git () ipfire ! org>
Date: 2019-03-18 12:45:12
Message-ID: 20190318124513.0FA0284FDB0 () people01 ! i ! ipfire ! org
[Download RAW message or body]
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, next has been updated
via 57521504a89e792336f55e893564a000bfe4b1d7 (commit)
via 5b4464a94478059ceebf266bc31dee4a4ba18fac (commit)
via a10b0e5b448bf7e4a9bcc334e177ddae09806dc7 (commit)
via a46903cce3863923838c5cc0721f4932adf2175d (commit)
via 6f8b156bf0dcda4a1bb8ccdc8db83a54b2d7d1d0 (commit)
via 2c703afc04448f15f9ad6b9c90be216bad256532 (commit)
via f81c2225198b894c180cf36b6ee2cd6c0ea3849d (commit)
via 728f3d2e8f3d26e80154236c6d67e303e1f7f3b9 (commit)
via 7bf5b0f22194fcb617f3e678c4a1c492b0faf01d (commit)
from e1d9148b61bc973ac1fef063b58500de4d881d7e (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 57521504a89e792336f55e893564a000bfe4b1d7
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Sat Mar 16 12:34:19 2019 +0000
hostapd: Bump package version
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 5b4464a94478059ceebf266bc31dee4a4ba18fac
Author: Peter Müller <peter.mueller@ipfire.org>
Date: Sat Mar 16 14:20:00 2019 +0000
hostapd: make client isolation configurable via WebUI
hostapd supports client-isolation, but this feature could
not be configured via the WebUI so far. Since it might be
desired in public wireless networks, or even private ones,
it makes sense to provide a radio button to let the user
decide on.
Fixes #11974.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit a10b0e5b448bf7e4a9bcc334e177ddae09806dc7
Author: Peter Müller <peter.mueller@ipfire.org>
Date: Fri Mar 15 17:00:00 2019 +0000
ensure Tor daemon files have correct permissions
Set permissions for /var/lib/tor and /var/ipfire/tor to
tor:tor, regardless whether Tor user has been created before
or not.
This ensures Tor starts properly on existing systems after
reinstallation of the add-on. Thanks to Michael for the hint.
Further, a comment for new Tor user in /etc/passwd has been added.
Fixes #11779.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit a46903cce3863923838c5cc0721f4932adf2175d
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Sat Mar 16 12:32:10 2019 +0000
core130: Ship updated unbound
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 6f8b156bf0dcda4a1bb8ccdc8db83a54b2d7d1d0
Author: Matthias Fischer <matthias.fischer@ipfire.org>
Date: Fri Mar 15 19:15:19 2019 +0100
unbound: Update to 1.9.1
For details see:
https://nlnetlabs.nl/pipermail/unbound-users/2019-March/011415.html
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 2c703afc04448f15f9ad6b9c90be216bad256532
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Sat Mar 16 12:30:22 2019 +0000
core130: Ship updated ntp
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit f81c2225198b894c180cf36b6ee2cd6c0ea3849d
Author: Matthias Fischer <matthias.fischer@ipfire.org>
Date: Fri Mar 15 19:10:11 2019 +0100
ntp: Update to 4.2.8p13
For details see:
http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 728f3d2e8f3d26e80154236c6d67e303e1f7f3b9
Author: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Sat Mar 16 13:04:18 2019 +0100
suricata: Fix ownership and file permissions of files inside /var/lib/suricata.
These files needs to have nobody.nobody as owner but requires read-acces from \
everyone to allow the suricata user reading-in this files during startup.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 7bf5b0f22194fcb617f3e678c4a1c492b0faf01d
Author: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Sat Mar 16 12:57:25 2019 +0100
logs.cgi/ids.dat: Fixup processing dates from logfiles which contains a year
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
-----------------------------------------------------------------------
Summary of changes:
config/rootfiles/common/unbound | 2 +-
config/rootfiles/{oldcore/100 => core/130}/filelists/ntp | 0
.../rootfiles/{oldcore/106 => core/130}/filelists/unbound | 0
config/rootfiles/core/130/update.sh | 1 +
html/cgi-bin/logs.cgi/ids.dat | 9 ++++++++-
html/cgi-bin/wlanap.cgi | 14 ++++++++++++++
lfs/hostapd | 2 +-
lfs/ntp | 6 +++---
lfs/suricata | 8 ++++++--
lfs/unbound | 6 +++---
src/paks/tor/install.sh | 8 ++++----
11 files changed, 41 insertions(+), 15 deletions(-)
copy config/rootfiles/{oldcore/100 => core/130}/filelists/ntp (100%)
copy config/rootfiles/{oldcore/106 => core/130}/filelists/unbound (100%)
Difference in files:
diff --git a/config/rootfiles/common/unbound b/config/rootfiles/common/unbound
index 843e0eeca..a130a059b 100644
--- a/config/rootfiles/common/unbound
+++ b/config/rootfiles/common/unbound
@@ -11,7 +11,7 @@ etc/unbound/unbound.conf
#usr/lib/libunbound.la
#usr/lib/libunbound.so
usr/lib/libunbound.so.8
-usr/lib/libunbound.so.8.1.0
+usr/lib/libunbound.so.8.1.1
#usr/lib/pkgconfig/libunbound.pc
usr/sbin/unbound
usr/sbin/unbound-anchor
diff --git a/config/rootfiles/core/130/filelists/ntp \
b/config/rootfiles/core/130/filelists/ntp new file mode 120000
index 000000000..7542d86cb
--- /dev/null
+++ b/config/rootfiles/core/130/filelists/ntp
@@ -0,0 +1 @@
+../../../common/ntp
\ No newline at end of file
diff --git a/config/rootfiles/core/130/filelists/unbound \
b/config/rootfiles/core/130/filelists/unbound new file mode 120000
index 000000000..66adf0924
--- /dev/null
+++ b/config/rootfiles/core/130/filelists/unbound
@@ -0,0 +1 @@
+../../../common/unbound
\ No newline at end of file
diff --git a/config/rootfiles/core/130/update.sh \
b/config/rootfiles/core/130/update.sh index b4238e7b4..d33321c32 100644
--- a/config/rootfiles/core/130/update.sh
+++ b/config/rootfiles/core/130/update.sh
@@ -77,6 +77,7 @@ ldconfig
# Start services
/etc/init.d/collectd restart
/etc/init.d/firewall restart
+/etc/init.d/unbound restart
/etc/init.d/suricata start
# This update needs a reboot...
diff --git a/html/cgi-bin/logs.cgi/ids.dat b/html/cgi-bin/logs.cgi/ids.dat
index e374f5711..1447a06f0 100644
--- a/html/cgi-bin/logs.cgi/ids.dat
+++ b/html/cgi-bin/logs.cgi/ids.dat
@@ -460,7 +460,14 @@ sub processevent
}
}
$line++;
- unless ($line == 1 || $date ne "$monthstr/$daystr") { &append; }
+
+ # Split the date into single chunks.
+ my ($month, $day, $year) = split('/', $date);
+
+ # Check if all data is collected and the date of the event fits the desired date \
to + # get displayed.
+ if ($line gt 1 || "$month/$day" eq "$monthstr/$daystr") { &append; }
+
close(LOG);
}
}
diff --git a/html/cgi-bin/wlanap.cgi b/html/cgi-bin/wlanap.cgi
index 72c9a1298..cae191101 100644
--- a/html/cgi-bin/wlanap.cgi
+++ b/html/cgi-bin/wlanap.cgi
@@ -75,6 +75,7 @@ $wlanapsettings{'DRIVER'} = 'NL80211';
$wlanapsettings{'HTCAPS'} = '';
$wlanapsettings{'VHTCAPS'} = '';
$wlanapsettings{'NOSCAN'} = 'off';
+$wlanapsettings{'CLIENTISOLATION'} = 'off';
&General::readhash("/var/ipfire/wlanap/settings", \%wlanapsettings);
&Header::getcgihash(\%wlanapsettings);
@@ -252,6 +253,10 @@ $checked{'NOSCAN'}{'off'} = '';
$checked{'NOSCAN'}{'on'} = '';
$checked{'NOSCAN'}{$wlanapsettings{'NOSCAN'}} = "checked='checked'";
+$checked{'CLIENTISOLATION'}{'off'} = '';
+$checked{'CLIENTISOLATION'}{'on'} = '';
+$checked{'CLIENTISOLATION'}{$wlanapsettings{'CLIENTISOLATION'}} = \
"checked='checked'"; +
$selected{'ENC'}{$wlanapsettings{'ENC'}} = "selected='selected'";
$selected{'CHANNEL'}{$wlanapsettings{'CHANNEL'}} = "selected='selected'";
$selected{'COUNTRY'}{$wlanapsettings{'COUNTRY'}} = "selected='selected'";
@@ -377,6 +382,7 @@ print <<END
<tr><td width='25%' class='base'>SSID: </td><td class='base' colspan='3'><input \
type='text' name='SSID' size='30' value='$wlanapsettings{'SSID'}' /></td></tr> \
<!--SSID Broadcast: on => HIDESSID: off --> <tr><td width='25%' class='base'>SSID \
Broadcast: </td><td class='base' colspan='3'>on <input type='radio' \
name='HIDESSID' value='off' $checked{'HIDESSID'}{'off'} /> | <input type='radio' \
name='HIDESSID' value='on' $checked{'HIDESSID'}{'on'} /> off</td></tr> +<tr><td \
width='25%' class='base'>Client Isolation: </td><td class='base' colspan='3'>on \
<input type='radio' name='CLIENTISOLATION' value='off' \
$checked{'CLIENTISOLATION'}{'off'} /> | <input type='radio' name='CLIENTISOLATION' \
value='on' $checked{'CLIENTISOLATION'}{'on'} /> off</td></tr>
<tr><td width='25%' class='base'>$Lang::tr{'wlanap country'}: </td><td \
class='base' colspan='3'> @@ -632,6 +638,14 @@ END
}
+ # https://forum.ipfire.org/viewtopic.php?f=22&t=12274&p=79070#p79070
+ if ( $wlanapsettings{'CLIENTISOLATION'} eq 'on' ){
+ print CONFIGFILE <<END
+ap_isolate=1
+END
+;
+ }
+
if ( $wlanapsettings{'NOSCAN'} eq 'on' ){
print CONFIGFILE <<END
noscan=1
diff --git a/lfs/hostapd b/lfs/hostapd
index 233863646..64ff28e4b 100644
--- a/lfs/hostapd
+++ b/lfs/hostapd
@@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = hostapd
-PAK_VER = 44
+PAK_VER = 45
DEPS = ""
diff --git a/lfs/ntp b/lfs/ntp
index 8f845409c..040a0c2ae 100644
--- a/lfs/ntp
+++ b/lfs/ntp
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2018 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2019 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
-VER = 4.2.8p12
+VER = 4.2.8p13
THISAPP = ntp-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 1522d66574bae14abb2622746dad2bdc
+$(DL_FILE)_MD5 = ea040ab9b4ca656b5229b89d6b822f13
install : $(TARGET)
diff --git a/lfs/suricata b/lfs/suricata
index 0a561ef8b..d7b5b71d6 100644
--- a/lfs/suricata
+++ b/lfs/suricata
@@ -101,8 +101,12 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
# to the rules directory.
mv /etc/suricata/*.config /var/lib/suricata
- # Set correct ownership for /var/lib/suricata
- chown nobody:nobody /var/lib/suricata
+ # Set correct permissions for the files.
+ chmod 644 /var/lib/suricata/*.config
+
+ # Set correct ownership for /var/lib/suricata and the
+ # contained files
+ chown -R nobody:nobody /var/lib/suricata
# Create logging directory.
-mkdir -p /var/log/suricata
diff --git a/lfs/unbound b/lfs/unbound
index b090010d4..87666dfce 100644
--- a/lfs/unbound
+++ b/lfs/unbound
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2018 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2019 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
-VER = 1.9.0
+VER = 1.9.1
THISAPP = unbound-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 1026159991a3883518525bc18e25582f
+$(DL_FILE)_MD5 = 5d954920d192b33f7c88f015dd969940
install : $(TARGET)
diff --git a/src/paks/tor/install.sh b/src/paks/tor/install.sh
index e1ed33331..268bccecd 100644
--- a/src/paks/tor/install.sh
+++ b/src/paks/tor/install.sh
@@ -29,12 +29,12 @@ if ! getent group tor &>/dev/null; then
fi
if ! getent passwd tor; then
- useradd -u 119 -g tor -d /var/empty -s /bin/false tor
-
- # Adjust some folder permission for new UID/GID
- chown -R tor:tor /var/lib/tor /var/ipfire/tor
+ useradd -u 119 -g tor -c "Tor daemon user" -d /var/empty -s /bin/false tor
fi
+# Adjust some folder permission for new UID/GID
+chown -R tor:tor /var/lib/tor /var/ipfire/tor
+
extract_files
restore_backup ${NAME}
start_service --background ${NAME}
hooks/post-receive
--
IPFire 2.x development tree
_______________________________________________
IPFire-SCM mailing list
IPFire-SCM@lists.ipfire.org
https://lists.ipfire.org/mailman/listinfo/ipfire-scm
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic