[prev in list] [next in list] [prev in thread] [next in thread]
List: ipfire-scm
Subject: [git.ipfire.org] IPFire 2.x development tree branch, next, updated. a1484cc31a0f80c0cae7c6585fc6655c
From: Arne Fitzenreiter <git () ipfire ! org>
Date: 2021-11-24 10:27:38
Message-ID: 4Hzcdl47cKz2xWZ () people01 ! haj ! ipfire ! org
[Download RAW message or body]
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, next has been updated
via a1484cc31a0f80c0cae7c6585fc6655c8f31996d (commit)
via a2b127c3e102c58030b7d2920ae36a14d1726c9e (commit)
via 20371c8294f44f6bd06bc97c1c03db94f0722afa (commit)
via 30edf752e21f5d27972a891ca69424570a36c049 (commit)
via c56eb6cbeff97451baecdb5a2fb6087be24fac60 (commit)
via ac36f9f2c1f11e8c998448e4dc57c5abe1e30f51 (commit)
via 82760a506b0c8753cdcead81ec1f7579edb46745 (commit)
via f48544ef43f80e70b6100a45d2c7688bbf04a71c (commit)
via d07fb5668d3df68931d9cedab59e8ac2aac22e72 (commit)
via 0b95de5cbfc7a5fd6deb2d4e43bbd442f4823378 (commit)
via 8799c54e989288643bb2ef90074423a3b9c41e15 (commit)
via 7b30673be3e3006ea915c08b6b2669021b01a81b (commit)
via 549f5294c34855354e1983cc3440425eb3305b77 (commit)
via c43d3a12ae5204bd19212cc29211e84d135bc03e (commit)
via 496dfedfa2df5c30187f0b35ce017929fdc7413b (commit)
via 689246f594ceb0e99da7b364c8fe1fda7f46088d (commit)
via 405e359ee694530e473106f8960bfcf1dff83e9a (commit)
via 1a654c6269e8ed6cc62cd7b516683bb4acb641df (commit)
via 0deb3dacdaede1e99dd4a92a789a2b8264eb04b7 (commit)
via 91a29ffc1607a430ad0b00d0559e3d55bdfad601 (commit)
via fddcbfd4f5020f59ae48207f140d9fe52cde93ec (commit)
via 85d5f26fa947c77d465a177a58f3a240fdb0daae (commit)
via 45221cc614eb9bccf779d79d01f7dbce6b705045 (commit)
via af048d4bf184af129e70586a5e7ed2ac71275621 (commit)
via 241d8a753a8deefb3c1db604612a0ae5a0d0d638 (commit)
via 2ae78be0817c9e2f667171cfa7e1c87655a28000 (commit)
via 73d18835c0a4609fd46e81c4a8b43270bd9b6bc8 (commit)
via 9268cddfd284f82df51fd76c48b1810f5980620e (commit)
via c5c1f3044708de445b27139776e2c0054b2190df (commit)
via eab7754d1e8b7f487ad12556c95f74c9a7cc046c (commit)
via 112441db22d07e43c1f6b5e55d9c60f65916ed3a (commit)
via 30f411694c8100086ff836a6d13140acdc68d9dd (commit)
via f542b163281b8bdd877d2b8e93945f271b2aca50 (commit)
via d3a4c2fc5015bad251f0ed608b4d91b701f742f5 (commit)
via 5c581bbb87b2245f2c020ee3782a35e2dbe4cbe3 (commit)
via db584cb746ba562bcddf1a5adb27770e2aef5f0e (commit)
via d5b7826ee84de1920078c032bfe54dd057b16060 (commit)
via 58d399710b5cf73f15e5ea6b7cd34717cc5f0a45 (commit)
via efcd60effbc93d4fd958d5d3e81ca01ac1844ce9 (commit)
via d4df452e1b79007ae5855c78266b22ca3b4fd5b5 (commit)
via 654eb3c3c539cfb601b2e620b2819bc15df85563 (commit)
via cd26578fc91a68f26866d693e5dc334356733d8e (commit)
via 90aa2574773c0ede7ed4e700c4ae22578a30e350 (commit)
from 2a8a964609dff38bda7433bae5eecb1f5ecdfa7d (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit a1484cc31a0f80c0cae7c6585fc6655c8f31996d
Author: Peter Müller <peter.mueller@ipfire.org>
Date: Tue Nov 23 21:11:31 2021 +0100
Core Update 162: Ship ddns
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
commit a2b127c3e102c58030b7d2920ae36a14d1726c9e
Author: Peter Müller <peter.mueller@ipfire.org>
Date: Tue Nov 23 21:10:57 2021 +0100
Core Update 162: Ship and restart OpenVPN
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
commit 20371c8294f44f6bd06bc97c1c03db94f0722afa
Author: Peter Müller <peter.mueller@ipfire.org>
Date: Tue Nov 23 23:48:32 2021 +0100
Core Update 162: Remove jwhois, ship currently maintained whois client
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
commit 30edf752e21f5d27972a891ca69424570a36c049
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Fri Aug 6 13:16:42 2021 +0200
jwhois: Remove jwhois and all associated patches
- jwhois being replaced with whois
- Removal of jwhois lfs, rootfile and assoicated patch files.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
commit c56eb6cbeff97451baecdb5a2fb6087be24fac60
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Fri Aug 6 13:16:41 2021 +0200
whois: Installation of aan actively maintained whois client
- This whois client is being actively maintained. This version 5.5.10 was \
released on
June 6th 2021 and regular updates have been ocurring several times per year.
- This client has all of its default whois servers compiled into it. These can be \
seen by reading the source files in the tarball.
- Therefore the whois.conf file is available for any additional servers that are \
decided to be required but as provided is empty.
- Installed on a vm testbed and worked to identify the details of ip addresses. \
Selecting
an IP in the WUI logs screen also gets the ip information provided so it is \
working well with the WUI.
Tested-by:Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
commit ac36f9f2c1f11e8c998448e4dc57c5abe1e30f51
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Fri Aug 6 13:16:40 2021 +0200
make.sh: Remove jwhois and replace with whois
- jwhois is no longer being maintained. The last release was from 2005 and the \
last commit was in 2015. https://github.com/jonasob/jwhois
- Debian switched to another whois client which is being actively maintained.
https://github.com/rfc1036/whois
- This patch series is the removal of jwhois and the installation of whois
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
commit 82760a506b0c8753cdcead81ec1f7579edb46745
Author: Peter Müller <peter.mueller@ipfire.org>
Date: Tue Nov 23 23:42:58 2021 +0100
Core Update 162: Ship dhcpcd
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
commit f48544ef43f80e70b6100a45d2c7688bbf04a71c
Author: Matthias Fischer <matthias.fischer@ipfire.org>
Date: Mon Nov 1 18:30:53 2021 +0100
dhcpcd: Update to 9.4.1
For details see:
https://roy.marples.name/git/dhcpcd/shortlog/refs/heads/dhcpcd-9
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
commit d07fb5668d3df68931d9cedab59e8ac2aac22e72
Author: Peter Müller <peter.mueller@ipfire.org>
Date: Tue Nov 23 23:39:28 2021 +0100
Core Update 162: Ship slang
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
commit 0b95de5cbfc7a5fd6deb2d4e43bbd442f4823378
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Tue Sep 28 23:21:39 2021 +0200
slang: Update to version 2.3.2
- Update from 2.3.0 to 2.3.2
- Update rootfile
- Changelog is too large to include here. Details can be found in the changes.txt \
file in the source tarball.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
commit 8799c54e989288643bb2ef90074423a3b9c41e15
Author: Peter Müller <peter.mueller@ipfire.org>
Date: Tue Nov 23 23:37:29 2021 +0100
Core Update 162: Ship sshfs
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
commit 7b30673be3e3006ea915c08b6b2669021b01a81b
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Tue Sep 28 23:21:56 2021 +0200
sshfs: Update to version 3.7.2
- Update from 3.7.1 to 3.7.2
- Update of rootfile not required
- Changelog
Release 3.7.2 (2021-06-08)
* Added a secondary check so if a mkdir request fails with EPERM an access \
request will be tried - returning EEXIST if the access was successful.
Fixes: https://github.com/libfuse/sshfs/issues/243
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
commit 549f5294c34855354e1983cc3440425eb3305b77
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Tue Sep 28 23:22:10 2021 +0200
sslh: Update to version 1.22c
- Update from 1.7a (2013) to 1.22c (2021)
- Update rootfile
- Changelog is too large to include here. Full details can be read in the \
ChangeLog file in the source tarball
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
commit c43d3a12ae5204bd19212cc29211e84d135bc03e
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Tue Sep 28 23:22:32 2021 +0200
strace: Update to version 5.14
- Update from 5.11 to 5.14
- Update of rootfile not required
- Changelog
Noteworthy changes in release 5.14 (2021-09-02)
* Improvements
* Implemented decoding of memfd_secret and quotactl_fd syscalls,
introduced in Linux 5.14.
* Enhanced prctl syscall decoding.
* Enhanced decoding of IFLA_* netlink attributes.
* Enhanced decoding of MDBA_ROUTER_PATTR_* mdb router port netlink \
attributes.
* Updated lists of BPF_*, IORING_*, MADV_*, MOUNT_ATTR_*, SCTP_*,
and UFFD_* constants.
* Updated lists of ioctl commands from Linux 5.14.
* Bug fixes
* Fixed build using bionic libc.
Noteworthy changes in release 5.13 (2021-07-18)
* Improvements
* Print netlink data in a more structured way.
* Implemented decoding of NT_PRSTATUS and NT_FPREGSET regsets
of PTRACE_GETREGSET and PTRACE_SETREGSET requests.
* Implemented decoding of regs argument of PTRACE_GETREGS, \
PTRACE_GETREGS64,
PTRACE_SETREGS, PTRACE_SETREGS64, PTRACE_GETFPREGS, and PTRACE_SETFPREGS
requests.
* Implemented powerpc System Call Vectored ABI support.
* Implemented decoding of landlock_add_rule, landlock_create_ruleset,
and landlock_restrict_self syscalls introduced in Linux 5.13.
* Enhanced decoding of perf_event_open syscall.
* Updated lists of BPF_*, IORING_*, KEXEC_*, KEY_*, KVM_*, NT_*, PR_*,
PTRACE_*, RTM_*, RTPROT_*, TRAP_*, UFFD_*, UFFDIO_*, and V4L2_* \
constants.
* Updated lists of ioctl commands from Linux 5.13.
* Portability
* On powerpc and powerpc64, linux kernel >= 2.6.23 is required.
Older versions without a decent PTRACE_GETREGS support will not work.
Noteworthy changes in release 5.12 (2021-04-26)
* Improvements
* Implemented --secontext[=full] option to display SELinux contexts.
* Implemented decoding of mount_setattr syscall introduced in Linux 5.12.
* Updated decoding of IFLA_BRPORT_* netlink attributes to match Linux 5.12.
* Updated lists of DEVCONF_*, IORING_*, KVM_*, MPOL_*, MTD_*, NFT_MSG_*,
RESOLVE_*, RTM_*, ST_*, and V4L2_* constants.
* Updated lists of ioctl commands from Linux 5.12.
* Bug fixes
* Fixed build using bionic libc.
* Portability
* Added binutils 2.36 support to --enable-mpers builds.
- More details of the above changes can be found in the ChangeLog file in the \
source tarball
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
commit 496dfedfa2df5c30187f0b35ce017929fdc7413b
Author: Peter Müller <peter.mueller@ipfire.org>
Date: Tue Nov 23 23:35:06 2021 +0100
Core Update 162: Ship bind and libuv
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
commit 689246f594ceb0e99da7b364c8fe1fda7f46088d
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Thu Nov 11 09:14:49 2021 +0100
libuv: Required for build and run of bind utilities
- Install libuv lfs and rootfile
- Add libuv to make.sh
- Tested by running bind utilities on a vm testbed
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
commit 405e359ee694530e473106f8960bfcf1dff83e9a
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Thu Nov 11 09:14:48 2021 +0100
bind: Update to version 9.16.22
- Update from 9.11.32 to 9.16.22
- 9.11 is an ESV (Extended Support Version) that will go EOL in December 2021
9.16 is the replacement ESV whose EOL is not yet defined but will be at least 4 \
years
so should be supported until at least March 2024 as the 9.16 branch was \
started in 2020
- Update rootfile
- libuv is now required both to build the bind libraries and for the running of \
the utilities.
- Changelog is difficult to define here as this is a change of branch from 9.11 \
to 9.16
both of which have been running in parallel. However all the changes from the \
start of 9.16.0 can be found in the CHANGES file in the source tarball.
- nslookup, host and dig utilities tested out by installing this on a vm testbed. \
All these utilities worked as the previous version
nsupdate was not able to be tested other than confirming that running nsupdate
opened an interactive session. This utility would be good to be tested by \
someone familiar with how to run it.
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
commit 1a654c6269e8ed6cc62cd7b516683bb4acb641df
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Wed Oct 20 09:21:35 2021 +0000
Run "./make.sh lang"
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 0deb3dacdaede1e99dd4a92a789a2b8264eb04b7
Author: Peter Müller <peter.mueller@ipfire.org>
Date: Tue Nov 23 23:25:13 2021 +0100
Core Update 162: Ship changed firewall initscript
Restarting the firewall is not necessary during the upgrade procedure,
and the user is asked to reboot the machine afterwards either way.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
commit 91a29ffc1607a430ad0b00d0559e3d55bdfad601
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Thu Jun 24 17:44:35 2021 +0000
firewall: Remove unused CONNTRACK chain in raw table
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Acked-by: Peter Müller <peter.mueller@ipfire.org>
commit fddcbfd4f5020f59ae48207f140d9fe52cde93ec
Author: Peter Müller <peter.mueller@ipfire.org>
Date: Tue Nov 23 23:22:52 2021 +0100
Core Update 162: Ship vpnmain.cgi
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
commit 85d5f26fa947c77d465a177a58f3a240fdb0daae
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Mon Jun 14 10:33:46 2021 +0100
ipsec: Prefer curve448 over curve25519
Curve448 provides better cryptographic security. For more details see:
https://bugzilla.ipfire.org/show_bug.cgi?id=12634
Fixes: #12634
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 45221cc614eb9bccf779d79d01f7dbce6b705045
Author: Peter Müller <peter.mueller@ipfire.org>
Date: Tue Nov 23 23:17:29 2021 +0100
Core Update 162: Ship proxy.cgi
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
commit af048d4bf184af129e70586a5e7ed2ac71275621
Author: Peter Müller <peter.mueller@ipfire.org>
Date: Sun Oct 10 21:49:49 2021 +0200
proxy.cgi: Fix translation string mix-up
"advproxy advanced web proxy" was meant to be used in the first place,
followed by "advproxy advanced web proxy configuration", as it is done
in other CGIs.
This patch also fixes a missing German translation, and improves
translations of "one X per line" ("eines" != "eins"). :-)
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
commit 241d8a753a8deefb3c1db604612a0ae5a0d0d638
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Wed Oct 20 22:29:23 2021 +0200
meson: Update to version 0.59.2
- Update from 0.58.0 to 0.59.2
- Update rootfile
- Changelog is too long to include here.
Full details can be read at \
https://mesonbuild.com/Release-notes-for-0-59-0.html
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
commit 2ae78be0817c9e2f667171cfa7e1c87655a28000
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Wed Oct 20 22:27:58 2021 +0200
bison: Update to version 3.8.2
- Update from 3.7.6 to 3.8.2
- Update rootfile
- Changelog
Noteworthy changes in release 3.8.2 (2021-09-25) [stable]
Fixed portability issues of bison on Cygwin.
Improvements in glr2.cc: add support for custom error messages (`%define
parse.error custom`), allow linking several parsers together.
Noteworthy changes in release 3.8.1 (2021-09-11) [stable]
The generation of prototypes for yylex and yyerror in Yacc mode is
breaking existing grammar files. To avoid breaking too many grammars, the
prototypes are now generated when `-y/--yacc` is used *and* the
`POSIXLY_CORRECT` environment variable is defined.
Avoid using `-y`/`--yacc` simply to comply with Yacc's file name
conventions, rather, use `-o y.tab.c`. Autoconf's AC_PROG_YACC macro uses
`-y`. Avoid it if possible, for instance by using gnulib's gl_PROG_BISON.
Noteworthy changes in release 3.8 (2021-09-07) [stable]
** Backward incompatible changes
In conformance with the recommendations of the Graphviz team
(https://marc.info/?l=graphviz-devel&m=129418103126092), `-g`/`--graph`
now generates a *.gv file by default, instead of *.dot. A transition
started in Bison 3.4.
To comply with the latest POSIX standard, in Yacc compatibility mode
(options `-y`/`--yacc`) Bison now generates prototypes for yyerror and
yylex. In some situations, this is breaking compatibility: if the user
has already declared these functions but with some differences (e.g., to
declare them as static, or to use specific attributes), the generated
parser will fail to compile. To disable these prototypes, #define yyerror
(to `yyerror`), and likewise for yylex.
** Deprecated features
Support for the YYPRINT macro is removed. It worked only with yacc.c and
only for tokens. It was obsoleted by %printer, introduced in Bison 1.50
(November 2002).
It has always been recommended to prefer `%define api.value.type foo` to
`#define YYSTYPE foo`. The latter is supported in C for compatibility
with Yacc, but not in C++. Warnings are now issued if `#define YYSTYPE`
is used in C++, and eventually support will be removed.
In C++ code, prefer value_type to semantic_type to denote the semantic
value type, which is specified by the `api.value.type` %define variable.
** New features
*** A skeleton for the D programming language
The "lalr1.d" skeleton is now officially part of Bison.
It was originally contributed by Oliver Mangold, based on Paolo Bonzini's
lalr1.java, and was improved by H. S. Teoh. Adela Vais then took over
maintenance and invested a lot of efforts to complete, test and document
it.
It now supports all the bells and whistles of the other deterministic
parsers, which include: pull/push interfaces, verbose and custom error
messages, lookahead correction, token constructors, internationalization,
locations, printers, token and symbol prefixes, etc.
Two examples demonstrate the D parsers: a basic one (examples/d/simple),
and an advanced one (examples/d/calc).
*** Option -H, --header and directive %header
The option `-H`/`--header` supersedes the option `--defines`, and the
directive %header supersedes %defines. Both `--defines` and `%defines`
are, of course, maintained for backward compatibility.
*** Option --html
Since version 2.4 Bison can be used to generate HTML reports. However it
was a two-step process: first bison must be invoked with option `--xml`,
and then xsltproc must be run to the convert the XML reports into HTML.
The new option `--html` combines these steps. The xsltproc program must
be available.
*** A C++ native GLR parser
A new version of the C++ GLR parser was added: "glr2.cc". It generates
"true C++11", instead of a C++ wrapper around a C parser as does the
existing "glr.cc" parser. As a first significant consequence, it supports
`%define api.value.type variant`, contrary to glr.cc.
It should be upward compatible in terms of interface, feature and
performance to "glr.cc". To try it out, simply use
%skeleton "glr2.cc"
It will eventually replace "glr.cc". However we need user feedback on
this skeleton. _Please_ report your results and comments about it.
*** Counterexamples
Counterexamples now show the rule numbers, and always show ε for rules
with an empty right-hand side. For instance
exp
↳ 1: e1 e2 "a"
↳ 3: ε • ↳ 1: ε
instead of
exp
↳ e1 e2 "a"
↳ • ↳ ε
*** Lookahead correction in Java
The Java skeleton (lalr1.java) now supports LAC, via the `parse.lac`
%define variable.
*** Abort parsing for memory exhaustion (C)
User actions may now use `YYNOMEM` (similar to `YYACCEPT` and `YYABORT`)
to abort the current parse with memory exhaustion.
*** Printing locations in debug traces (C)
The `YYLOCATION_PRINT(File, Loc)` macro prints a location. It is defined
when (i) locations are enabled, (ii) the default type for locations is
used, (iii) debug traces are enabled, and (iv) `YYLOCATION_PRINT` is not
already defined.
Users may define `YYLOCATION_PRINT` to cover other cases.
*** GLR traces
There were no debug traces for deferred calls to user actions. They are
logged now.
Noteworthy changes in release 3.7.6 (2021-03-08) [stable]
** Bug fixes
*** Reused Push Parsers
When a push-parser state structure is used for multiple parses, it was
possible for some state to leak from one run into the following one.
*** Fix Table Generation
In some very rare conditions, when there are many useless tokens, it was
possible to generate incorrect parsers.
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
commit 73d18835c0a4609fd46e81c4a8b43270bd9b6bc8
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Fri Nov 19 17:44:58 2021 +0000
suricata: Handle retransmitted SYN with TSval
Read more in the patch.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 9268cddfd284f82df51fd76c48b1810f5980620e
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Fri Nov 19 17:44:57 2021 +0000
IPS: Do not try to show rules when stat on rules tarball fails
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit c5c1f3044708de445b27139776e2c0054b2190df
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Fri Nov 19 17:44:55 2021 +0000
suricata: This package is supported on all architectures
There is no need to list them specifically.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit eab7754d1e8b7f487ad12556c95f74c9a7cc046c
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Fri Nov 19 17:44:54 2021 +0000
suricata: Drop extra rootfiles
These are all the same and not different from what is in
config/rootfiles/common/suricata.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 112441db22d07e43c1f6b5e55d9c60f65916ed3a
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Fri Nov 19 17:44:53 2021 +0000
rust: Drop Cargo home directory after build
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 30f411694c8100086ff836a6d13140acdc68d9dd
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Fri Nov 19 17:44:52 2021 +0000
suricata: Include all default rules
These rules do not drop anything, but only alert when internal parts of
the engine trigger an event. This will allow us more insight on what is
happening.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit f542b163281b8bdd877d2b8e93945f271b2aca50
Author: Peter Müller <peter.mueller@ipfire.org>
Date: Tue Nov 23 22:51:55 2021 +0100
Core Update 162: Ship jansson
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
commit d3a4c2fc5015bad251f0ed608b4d91b701f742f5
Author: Adolf Belka <adolf.belka@ipfire.org>
Date: Wed Oct 20 22:29:05 2021 +0200
jansson: Update to version 2.14
- Update from 2.12 to 2.14
- Update rootfile
- Changelog
Version 2.14 Released 2021-09-09
* New Features:
- Add `json_object_getn`, `json_object_setn`, `json_object_deln`, and the
corresponding `nocheck` functions. (#520, by Maxim Zhukov)
* Fixes:
- Handle `sprintf` corner cases (#537, by Tobias Stoeckmann)
* Build:
- Symbol versioning for all exported symbols (#540, by Simon McVittie)
- Fix compiler warnings (#555, by Kelvin Lee)
* Documentation:
- Small fixes (#544, #546, by @i-ky)
- Sphinx 3 compatibility (#543, by Pierce Lopez)
Version 2.13.1 Released 2020-05-07
* Build:
- Include `jansson_version_str()` and `jansson_version_cmp()` in
shared library. (#534)
- Include ``scripts/`` in tarball. (#535)
Version 2.13 Released 2020-05-05
* New Features:
- Add `jansson_version_str()` and `jansson_version_cmp()` for runtime
version checking (#465).
- Add `json_object_update_new()`, `json_object_update_existing_new()`
and `json_object_update_missing_new()` functions (#499).
- Add `json_object_update_recursive()` (#505).
* Build:
- Add ``-Wno-format-truncation`` to suppress format truncation warnings \
(#489).
* Bug fixes:
- Remove ``strtod`` macro definition for MinGW (#498).
- Add infinite loop check in `json_deep_copy()` (#490).
- Add ``pipe`` macro definition for MinGW (#500).
- Enhance ``JANSSON_ATTRS`` macro to support earlier C standard(C89) \
(#501).
- Update version detection for sphinx-build (#502).
* Documentation:
- Fix typos (#483, #494).
- Document that call the custom free function to free the return value
of `json_dumps()` if you have a custom malloc/free (#490).
- Add vcpkg installation instructions (#496).
- Document that non-blocking file descriptor is not supported on
`json_loadfd()` (#503).
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
commit 5c581bbb87b2245f2c020ee3782a35e2dbe4cbe3
Author: Peter Müller <peter.mueller@ipfire.org>
Date: Tue Nov 23 22:49:06 2021 +0100
Core Update 162: Ship libhtp and Suricata, restart the latter
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
commit db584cb746ba562bcddf1a5adb27770e2aef5f0e
Author: Peter Müller <peter.mueller@ipfire.org>
Date: Tue Nov 23 21:13:12 2021 +0100
Core Update 162: Ship libxcrypt
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
commit d5b7826ee84de1920078c032bfe54dd057b16060
Author: Matthias Fischer <matthias.fischer@ipfire.org>
Date: Sat Nov 20 13:47:32 2021 +0100
libhtp: Update to 0.5.39
For details see:
https://github.com/OISF/libhtp/releases/tag/0.5.39
"0.5.39 (16 Nov 2021)
--------------------
- host: ipv6 address is a valid host
- util: one char is not always empty line
- test and fuzz improvements"
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
commit 58d399710b5cf73f15e5ea6b7cd34717cc5f0a45
Author: Matthias Fischer <matthias.fischer@ipfire.org>
Date: Sat Nov 20 13:47:31 2021 +0100
suricata: Update to 5.0.8
For details see:
https://forum.suricata.io/t/suricata-6-0-4-and-5-0-8-released/1942
"Various security, performance, accuracy and stability issues have been fixed,
including two TCP evasion issues. CVE 2021-37592 was assigned."
Changelog:
"5.0.8 -- 2021-11-16
Security #4635: tcp: crafted injected packets cause desync after 3whs
Security #4727: Bypass of Payload Detection on TCP RST with options of MD5header
Bug #4345: Failed assert in TCPProtoDetectCheckBailConditions size_ts > 1000000UL
Bug #4382: fileinfo "stored: false" even if the file is kept on disk
Bug #4626: DNP3: intra structure overflow in DNP3DecodeObjectG70V6
Bug #4628: alert count shows up as 0 when stats are disabled
Bug #4631: Protocol detection : confusion with SMB in midstream
Bug #4639: Failed assertion in SMTP SMTPTransactionComplete
Bug #4646: TCP reassembly, failed assert app_progress > last_ack_abs, both sides \
need to be pruned Bug #4647: rules: Unable to find the sm in any of the sm lists
Bug #4674: rules: mix of drop and pass rules issues
Bug #4676: rules: drop rules with noalert not fully dropping
Bug #4688: detect: too many prefilter engines lead to FNs
Bug #4690: nfs: failed assert self.tx_data.files_logged > 1
Bug #4691: IPv6 : decoder event on invalid fragment length
Bug #4696: lua: file info callback returns wrong value
Bug #4718: protodetect: SEGV due to NULL ptr deref
Bug #4729: ipv6 evasions : fragmentation
Bug #4788: Memory leak in SNMP with DetectEngineState
Bug #4790: af-packet: threads sometimes get stuck in capture
Bug #4794: loopback: different AF_INET6 values per OS
Bug #4816: flow-manager: cond_t handling in emergency mode is broken
Bug #4831: SWF decompression overread
Bug #4833: Wrong list_id with transforms for http_client_body and http file_data
Optimization #3429: improve err msg for dataset rules parsing
Task #4835: libhtp 0.5.39"
Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
commit efcd60effbc93d4fd958d5d3e81ca01ac1844ce9
Author: Arne Fitzenreiter <arne_f@ipfire.org>
Date: Wed Nov 24 08:56:23 2021 +0000
core162: add connections.cgi
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
commit d4df452e1b79007ae5855c78266b22ca3b4fd5b5
Author: Arne Fitzenreiter <arne_f@ipfire.org>
Date: Wed Nov 24 07:54:47 2021 +0000
connections.cgi: fix connection list if green interface is not present
if green interface not exist the cgi adds empty addresses to the arrays and
display nothing.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
commit 654eb3c3c539cfb601b2e620b2819bc15df85563
Author: Arne Fitzenreiter <arne_f@ipfire.org>
Date: Wed Nov 24 07:52:04 2021 +0000
core162: add unbound initskript
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
commit cd26578fc91a68f26866d693e5dc334356733d8e
Author: Arne Fitzenreiter <arne_f@ipfire.org>
Date: Wed Nov 24 07:44:14 2021 +0000
unbound: initskript change server for dns test
if the system time is incorrect DNSSec validation fail but it fails sometimes for \
pool.ntp.org already but not for ping.ipfire.org.
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
commit 90aa2574773c0ede7ed4e700c4ae22578a30e350
Author: Arne Fitzenreiter <arne_f@ipfire.org>
Date: Wed Nov 24 07:42:25 2021 +0000
kernel: update to 5.15.4
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
-----------------------------------------------------------------------
Summary of changes:
config/rootfiles/common/aarch64/suricata | 28 -
config/rootfiles/common/armv6l/suricata | 28 -
config/rootfiles/common/bind | 196 ++----
config/rootfiles/common/bison | 14 +-
config/rootfiles/common/i586/suricata | 28 -
config/rootfiles/common/jansson | 2 +-
config/rootfiles/common/jwhois | 25 -
config/rootfiles/common/libuv | 12 +
config/rootfiles/common/meson | 44 +-
config/rootfiles/common/slang | 6 +-
config/rootfiles/common/suricata | 24 +-
config/rootfiles/common/whois | 4 +
config/rootfiles/common/x86_64/suricata | 28 -
.../{oldcore/100 => core/162}/filelists/bind | 0
.../{oldcore/104 => core/162}/filelists/ddns | 0
.../{oldcore/125 => core/162}/filelists/dhcpcd | 0
config/rootfiles/core/162/filelists/files | 25 +-
config/rootfiles/core/162/filelists/jansson | 1 +
.../{oldcore/131 => core/162}/filelists/libhtp | 0
config/rootfiles/core/162/filelists/libuv | 1 +
.../{oldcore/155 => core/162}/filelists/libxcrypt | 0
.../{oldcore/66 => core/162}/filelists/slang | 0
config/rootfiles/core/162/filelists/sshfs | 1 +
.../{oldcore/131 => core/162}/filelists/suricata | 0
config/rootfiles/core/162/filelists/whois | 1 +
config/rootfiles/core/162/update.sh | 12 +
config/rootfiles/packages/sslh | 1 +
config/suricata/suricata.yaml | 24 +-
doc/language_issues.de | 1 -
doc/language_issues.en | 1 +
doc/language_issues.es | 1 -
doc/language_issues.fr | 1 -
doc/language_issues.it | 1 -
doc/language_issues.nl | 1 -
doc/language_issues.pl | 1 -
doc/language_issues.ru | 1 -
doc/language_issues.tr | 1 -
html/cgi-bin/connections.cgi | 32 +-
html/cgi-bin/ids.cgi | 16 +-
html/cgi-bin/vpnmain.cgi | 4 +-
langs/de/cgi-bin/de.pl | 6 +-
lfs/Config | 5 +-
lfs/bind | 23 +-
lfs/bison | 4 +-
lfs/dhcpcd | 10 +-
lfs/jansson | 4 +-
lfs/jwhois | 92 ---
lfs/libhtp | 4 +-
lfs/{wget => libuv} | 20 +-
lfs/linux | 4 +-
lfs/meson | 4 +-
lfs/slang | 6 +-
lfs/sshfs | 4 +-
lfs/sslh | 8 +-
lfs/strace | 6 +-
lfs/suricata | 9 +-
lfs/{parted => whois} | 24 +-
make.sh | 3 +-
src/initscripts/system/firewall | 2 -
src/initscripts/system/unbound | 2 +-
src/patches/jwhois-4.0-conf_update.patch | 714 ---------------------
src/patches/jwhois-4.0-conf_update2.patch | 163 -----
src/patches/jwhois-4.0-connect.patch | 58 --
src/patches/jwhois-4.0-fclose.patch | 12 -
src/patches/jwhois-4.0-idna.patch | 43 --
src/patches/jwhois-4.0-ipv6match.patch | 15 -
src/patches/jwhois-4.0-multi-homed.patch | 15 -
src/patches/jwhois-4.0-select.patch | 27 -
...m-tcp-Handle-retransmitted-SYN-with-TSval.patch | 55 ++
69 files changed, 358 insertions(+), 1550 deletions(-)
delete mode 100644 config/rootfiles/common/aarch64/suricata
delete mode 100644 config/rootfiles/common/armv6l/suricata
delete mode 100644 config/rootfiles/common/i586/suricata
delete mode 100644 config/rootfiles/common/jwhois
create mode 100644 config/rootfiles/common/libuv
create mode 100644 config/rootfiles/common/whois
delete mode 100644 config/rootfiles/common/x86_64/suricata
copy config/rootfiles/{oldcore/100 => core/162}/filelists/bind (100%)
copy config/rootfiles/{oldcore/104 => core/162}/filelists/ddns (100%)
copy config/rootfiles/{oldcore/125 => core/162}/filelists/dhcpcd (100%)
create mode 120000 config/rootfiles/core/162/filelists/jansson
copy config/rootfiles/{oldcore/131 => core/162}/filelists/libhtp (100%)
create mode 120000 config/rootfiles/core/162/filelists/libuv
copy config/rootfiles/{oldcore/155 => core/162}/filelists/libxcrypt (100%)
copy config/rootfiles/{oldcore/66 => core/162}/filelists/slang (100%)
create mode 120000 config/rootfiles/core/162/filelists/sshfs
copy config/rootfiles/{oldcore/131 => core/162}/filelists/suricata (100%)
create mode 120000 config/rootfiles/core/162/filelists/whois
delete mode 100644 lfs/jwhois
copy lfs/{wget => libuv} (93%)
copy lfs/{parted => whois} (88%)
delete mode 100644 src/patches/jwhois-4.0-conf_update.patch
delete mode 100644 src/patches/jwhois-4.0-conf_update2.patch
delete mode 100644 src/patches/jwhois-4.0-connect.patch
delete mode 100644 src/patches/jwhois-4.0-fclose.patch
delete mode 100644 src/patches/jwhois-4.0-idna.patch
delete mode 100644 src/patches/jwhois-4.0-ipv6match.patch
delete mode 100644 src/patches/jwhois-4.0-multi-homed.patch
delete mode 100644 src/patches/jwhois-4.0-select.patch
create mode 100644 src/patches/suricata-5.0-stream-tcp-Handle-retransmitted-SYN-with-TSval.patch
Difference in files:
diff --git a/config/rootfiles/common/aarch64/suricata \
b/config/rootfiles/common/aarch64/suricata deleted file mode 100644
index 32358483a..000000000
--- a/config/rootfiles/common/aarch64/suricata
+++ /dev/null
@@ -1,28 +0,0 @@
-etc/suricata
-etc/suricata/suricata.yaml
-#root/.cargo
-#root/.cargo/.package-cache
-usr/bin/suricata
-#usr/share/doc/suricata
-#usr/share/doc/suricata/AUTHORS
-#usr/share/doc/suricata/Basic_Setup.txt
-#usr/share/doc/suricata/GITGUIDE
-#usr/share/doc/suricata/INSTALL
-#usr/share/doc/suricata/INSTALL.PF_RING
-#usr/share/doc/suricata/INSTALL.WINDOWS
-#usr/share/doc/suricata/NEWS
-#usr/share/doc/suricata/README
-#usr/share/doc/suricata/Setting_up_IPSinline_for_Linux.txt
-#usr/share/doc/suricata/TODO
-#usr/share/doc/suricata/Third_Party_Installation_Guides.txt
-#usr/share/man/man1/suricata.1
-#usr/share/man/man1/suricatactl-filestore.1
-#usr/share/man/man1/suricatactl.1
-#usr/share/man/man1/suricatasc.1
-var/lib/suricata
-var/lib/suricata/classification.config
-var/lib/suricata/reference.config
-var/lib/suricata/threshold.config
-var/log/suricata
-#var/log/suricata/certs
-#var/log/suricata/files
diff --git a/config/rootfiles/common/armv6l/suricata \
b/config/rootfiles/common/armv6l/suricata deleted file mode 100644
index 32358483a..000000000
--- a/config/rootfiles/common/armv6l/suricata
+++ /dev/null
@@ -1,28 +0,0 @@
-etc/suricata
-etc/suricata/suricata.yaml
-#root/.cargo
-#root/.cargo/.package-cache
-usr/bin/suricata
-#usr/share/doc/suricata
-#usr/share/doc/suricata/AUTHORS
-#usr/share/doc/suricata/Basic_Setup.txt
-#usr/share/doc/suricata/GITGUIDE
-#usr/share/doc/suricata/INSTALL
-#usr/share/doc/suricata/INSTALL.PF_RING
-#usr/share/doc/suricata/INSTALL.WINDOWS
-#usr/share/doc/suricata/NEWS
-#usr/share/doc/suricata/README
-#usr/share/doc/suricata/Setting_up_IPSinline_for_Linux.txt
-#usr/share/doc/suricata/TODO
-#usr/share/doc/suricata/Third_Party_Installation_Guides.txt
-#usr/share/man/man1/suricata.1
-#usr/share/man/man1/suricatactl-filestore.1
-#usr/share/man/man1/suricatactl.1
-#usr/share/man/man1/suricatasc.1
-var/lib/suricata
-var/lib/suricata/classification.config
-var/lib/suricata/reference.config
-var/lib/suricata/threshold.config
-var/log/suricata
-#var/log/suricata/certs
-#var/log/suricata/files
diff --git a/config/rootfiles/common/bind b/config/rootfiles/common/bind
index 6fb228a5a..a89af5bcb 100644
--- a/config/rootfiles/common/bind
+++ b/config/rootfiles/common/bind
@@ -8,7 +8,6 @@ usr/bin/nsupdate
#usr/include/bind9/getaddresses.h
#usr/include/bind9/version.h
#usr/include/dns
-#usr/include/dns/acache.h
#usr/include/dns/acl.h
#usr/include/dns/adb.h
#usr/include/dns/badcache.h
@@ -29,12 +28,14 @@ usr/bin/nsupdate
#usr/include/dns/dlz.h
#usr/include/dns/dlz_dlopen.h
#usr/include/dns/dns64.h
+#usr/include/dns/dnsrps.h
#usr/include/dns/dnssec.h
#usr/include/dns/dnstap.h
#usr/include/dns/ds.h
#usr/include/dns/dsdigest.h
#usr/include/dns/dyndb.h
#usr/include/dns/ecdb.h
+#usr/include/dns/ecs.h
#usr/include/dns/edns.h
#usr/include/dns/enumclass.h
#usr/include/dns/enumtype.h
@@ -45,11 +46,15 @@ usr/bin/nsupdate
#usr/include/dns/ipkeylist.h
#usr/include/dns/iptable.h
#usr/include/dns/journal.h
+#usr/include/dns/kasp.h
#usr/include/dns/keydata.h
#usr/include/dns/keyflags.h
+#usr/include/dns/keymgr.h
#usr/include/dns/keytable.h
#usr/include/dns/keyvalues.h
#usr/include/dns/lib.h
+#usr/include/dns/librpz.h
+#usr/include/dns/lmdb.h
#usr/include/dns/log.h
#usr/include/dns/lookup.h
#usr/include/dns/master.h
@@ -104,22 +109,32 @@ usr/bin/nsupdate
#usr/include/dns/xfrin.h
#usr/include/dns/zone.h
#usr/include/dns/zonekey.h
+#usr/include/dns/zoneverify.h
#usr/include/dns/zt.h
#usr/include/dst
#usr/include/dst/dst.h
#usr/include/dst/gssapi.h
-#usr/include/dst/lib.h
#usr/include/dst/result.h
+#usr/include/irs
+#usr/include/irs/context.h
+#usr/include/irs/dnsconf.h
+#usr/include/irs/netdb.h
+#usr/include/irs/platform.h
+#usr/include/irs/resconf.h
+#usr/include/irs/types.h
+#usr/include/irs/version.h
#usr/include/isc
#usr/include/isc/aes.h
+#usr/include/isc/align.h
#usr/include/isc/app.h
#usr/include/isc/assertions.h
+#usr/include/isc/astack.h
#usr/include/isc/atomic.h
#usr/include/isc/backtrace.h
+#usr/include/isc/barrier.h
#usr/include/isc/base32.h
#usr/include/isc/base64.h
#usr/include/isc/bind9.h
-#usr/include/isc/boolean.h
#usr/include/isc/buffer.h
#usr/include/isc/bufferlist.h
#usr/include/isc/cmocka.h
@@ -130,7 +145,6 @@ usr/bin/nsupdate
#usr/include/isc/deprecated.h
#usr/include/isc/dir.h
#usr/include/isc/endian.h
-#usr/include/isc/entropy.h
#usr/include/isc/errno.h
#usr/include/isc/error.h
#usr/include/isc/event.h
@@ -138,18 +152,16 @@ usr/bin/nsupdate
#usr/include/isc/file.h
#usr/include/isc/formatcheck.h
#usr/include/isc/fsaccess.h
+#usr/include/isc/fuzz.h
#usr/include/isc/hash.h
#usr/include/isc/heap.h
#usr/include/isc/hex.h
-#usr/include/isc/hmacmd5.h
-#usr/include/isc/hmacsha.h
+#usr/include/isc/hmac.h
+#usr/include/isc/hp.h
#usr/include/isc/ht.h
#usr/include/isc/httpd.h
-#usr/include/isc/int.h
#usr/include/isc/interfaceiter.h
#usr/include/isc/iterated_hash.h
-#usr/include/isc/json.h
-#usr/include/isc/keyboard.h
#usr/include/isc/lang.h
#usr/include/isc/lex.h
#usr/include/isc/lfsr.h
@@ -158,20 +170,21 @@ usr/bin/nsupdate
#usr/include/isc/list.h
#usr/include/isc/log.h
#usr/include/isc/magic.h
-#usr/include/isc/md5.h
+#usr/include/isc/managers.h
+#usr/include/isc/md.h
#usr/include/isc/mem.h
#usr/include/isc/meminfo.h
-#usr/include/isc/msgcat.h
-#usr/include/isc/msgs.h
#usr/include/isc/mutex.h
+#usr/include/isc/mutexatomic.h
#usr/include/isc/mutexblock.h
#usr/include/isc/net.h
#usr/include/isc/netaddr.h
#usr/include/isc/netdb.h
+#usr/include/isc/netmgr.h
#usr/include/isc/netscope.h
+#usr/include/isc/nonce.h
#usr/include/isc/offset.h
#usr/include/isc/once.h
-#usr/include/isc/ondestroy.h
#usr/include/isc/os.h
#usr/include/isc/parseint.h
#usr/include/isc/platform.h
@@ -192,8 +205,6 @@ usr/bin/nsupdate
#usr/include/isc/rwlock.h
#usr/include/isc/safe.h
#usr/include/isc/serial.h
-#usr/include/isc/sha1.h
-#usr/include/isc/sha2.h
#usr/include/isc/siphash.h
#usr/include/isc/sockaddr.h
#usr/include/isc/socket.h
@@ -201,9 +212,8 @@ usr/bin/nsupdate
#usr/include/isc/stats.h
#usr/include/isc/stdatomic.h
#usr/include/isc/stdio.h
-#usr/include/isc/stdlib.h
#usr/include/isc/stdtime.h
-#usr/include/isc/strerror.h
+#usr/include/isc/strerr.h
#usr/include/isc/string.h
#usr/include/isc/symtab.h
#usr/include/isc/syslog.h
@@ -214,17 +224,16 @@ usr/bin/nsupdate
#usr/include/isc/timer.h
#usr/include/isc/tm.h
#usr/include/isc/types.h
+#usr/include/isc/url.h
#usr/include/isc/utf8.h
#usr/include/isc/util.h
#usr/include/isc/version.h
-#usr/include/isc/xml.h
#usr/include/isccc
#usr/include/isccc/alist.h
#usr/include/isccc/base64.h
#usr/include/isccc/cc.h
#usr/include/isccc/ccmsg.h
#usr/include/isccc/events.h
-#usr/include/isccc/lib.h
#usr/include/isccc/result.h
#usr/include/isccc/sexpr.h
#usr/include/isccc/symtab.h
@@ -237,25 +246,26 @@ usr/bin/nsupdate
#usr/include/isccfg/cfg.h
#usr/include/isccfg/dnsconf.h
#usr/include/isccfg/grammar.h
+#usr/include/isccfg/kaspconf.h
#usr/include/isccfg/log.h
#usr/include/isccfg/namedconf.h
#usr/include/isccfg/version.h
-#usr/include/lwres
-#usr/include/lwres/context.h
-#usr/include/lwres/int.h
-#usr/include/lwres/ipv6.h
-#usr/include/lwres/lang.h
-#usr/include/lwres/list.h
-#usr/include/lwres/lwbuffer.h
-#usr/include/lwres/lwpacket.h
-#usr/include/lwres/lwres.h
-#usr/include/lwres/net.h
-#usr/include/lwres/netdb.h
-#usr/include/lwres/platform.h
-#usr/include/lwres/result.h
-#usr/include/lwres/stdlib.h
-#usr/include/lwres/string.h
-#usr/include/lwres/version.h
+#usr/include/ns
+#usr/include/ns/client.h
+#usr/include/ns/hooks.h
+#usr/include/ns/interfacemgr.h
+#usr/include/ns/lib.h
+#usr/include/ns/listenlist.h
+#usr/include/ns/log.h
+#usr/include/ns/notify.h
+#usr/include/ns/query.h
+#usr/include/ns/server.h
+#usr/include/ns/sortlist.h
+#usr/include/ns/stats.h
+#usr/include/ns/types.h
+#usr/include/ns/update.h
+#usr/include/ns/version.h
+#usr/include/ns/xfrout.h
#usr/include/pk11
#usr/include/pk11/constants.h
#usr/include/pk11/internal.h
@@ -263,119 +273,25 @@ usr/bin/nsupdate
#usr/include/pk11/result.h
#usr/include/pk11/site.h
#usr/include/pkcs11
-#usr/include/pkcs11/cryptoki.h
-#usr/include/pkcs11/eddsa.h
#usr/include/pkcs11/pkcs11.h
+usr/lib/libbind9-9.16.22.so
#usr/lib/libbind9.la
#usr/lib/libbind9.so
-usr/lib/libbind9.so.161
-usr/lib/libbind9.so.161.0.4
+usr/lib/libdns-9.16.22.so
#usr/lib/libdns.la
#usr/lib/libdns.so
-usr/lib/libdns.so.1115
-usr/lib/libdns.so.1115.0.0
+usr/lib/libirs-9.16.22.so
+#usr/lib/libirs.la
+#usr/lib/libirs.so
+usr/lib/libisc-9.16.22.so
#usr/lib/libisc.la
#usr/lib/libisc.so
-usr/lib/libisc.so.1107
-usr/lib/libisc.so.1107.0.5
+usr/lib/libisccc-9.16.22.so
#usr/lib/libisccc.la
#usr/lib/libisccc.so
-usr/lib/libisccc.so.161
-usr/lib/libisccc.so.161.0.1
+usr/lib/libisccfg-9.16.22.so
#usr/lib/libisccfg.la
#usr/lib/libisccfg.so
-usr/lib/libisccfg.so.163
-usr/lib/libisccfg.so.163.0.8
-#usr/lib/liblwres.la
-#usr/lib/liblwres.so
-usr/lib/liblwres.so.161
-usr/lib/liblwres.so.161.0.4
-#usr/share/man/man1/dig.1
-#usr/share/man/man1/host.1
-#usr/share/man/man1/nslookup.1
-#usr/share/man/man1/nsupdate.1
-#usr/share/man/man3/lwres.3
-#usr/share/man/man3/lwres_addr_parse.3
-#usr/share/man/man3/lwres_buffer.3
-#usr/share/man/man3/lwres_buffer_add.3
-#usr/share/man/man3/lwres_buffer_back.3
-#usr/share/man/man3/lwres_buffer_clear.3
-#usr/share/man/man3/lwres_buffer_first.3
-#usr/share/man/man3/lwres_buffer_forward.3
-#usr/share/man/man3/lwres_buffer_getmem.3
-#usr/share/man/man3/lwres_buffer_getuint16.3
-#usr/share/man/man3/lwres_buffer_getuint32.3
-#usr/share/man/man3/lwres_buffer_getuint8.3
-#usr/share/man/man3/lwres_buffer_init.3
-#usr/share/man/man3/lwres_buffer_invalidate.3
-#usr/share/man/man3/lwres_buffer_putmem.3
-#usr/share/man/man3/lwres_buffer_putuint16.3
-#usr/share/man/man3/lwres_buffer_putuint32.3
-#usr/share/man/man3/lwres_buffer_putuint8.3
-#usr/share/man/man3/lwres_buffer_subtract.3
-#usr/share/man/man3/lwres_conf_clear.3
-#usr/share/man/man3/lwres_conf_get.3
-#usr/share/man/man3/lwres_conf_init.3
-#usr/share/man/man3/lwres_conf_parse.3
-#usr/share/man/man3/lwres_conf_print.3
-#usr/share/man/man3/lwres_config.3
-#usr/share/man/man3/lwres_context.3
-#usr/share/man/man3/lwres_context_allocmem.3
-#usr/share/man/man3/lwres_context_create.3
-#usr/share/man/man3/lwres_context_destroy.3
-#usr/share/man/man3/lwres_context_freemem.3
-#usr/share/man/man3/lwres_context_initserial.3
-#usr/share/man/man3/lwres_context_nextserial.3
-#usr/share/man/man3/lwres_context_sendrecv.3
-#usr/share/man/man3/lwres_endhostent.3
-#usr/share/man/man3/lwres_endhostent_r.3
-#usr/share/man/man3/lwres_freeaddrinfo.3
-#usr/share/man/man3/lwres_freehostent.3
-#usr/share/man/man3/lwres_gabn.3
-#usr/share/man/man3/lwres_gabnrequest_free.3
-#usr/share/man/man3/lwres_gabnrequest_parse.3
-#usr/share/man/man3/lwres_gabnrequest_render.3
-#usr/share/man/man3/lwres_gabnresponse_free.3
-#usr/share/man/man3/lwres_gabnresponse_parse.3
-#usr/share/man/man3/lwres_gabnresponse_render.3
-#usr/share/man/man3/lwres_gai_strerror.3
-#usr/share/man/man3/lwres_getaddrinfo.3
-#usr/share/man/man3/lwres_getaddrsbyname.3
-#usr/share/man/man3/lwres_gethostbyaddr.3
-#usr/share/man/man3/lwres_gethostbyaddr_r.3
-#usr/share/man/man3/lwres_gethostbyname.3
-#usr/share/man/man3/lwres_gethostbyname2.3
-#usr/share/man/man3/lwres_gethostbyname_r.3
-#usr/share/man/man3/lwres_gethostent.3
-#usr/share/man/man3/lwres_gethostent_r.3
-#usr/share/man/man3/lwres_getipnode.3
-#usr/share/man/man3/lwres_getipnodebyaddr.3
-#usr/share/man/man3/lwres_getipnodebyname.3
-#usr/share/man/man3/lwres_getnamebyaddr.3
-#usr/share/man/man3/lwres_getnameinfo.3
-#usr/share/man/man3/lwres_getrrsetbyname.3
-#usr/share/man/man3/lwres_gnba.3
-#usr/share/man/man3/lwres_gnbarequest_free.3
-#usr/share/man/man3/lwres_gnbarequest_parse.3
-#usr/share/man/man3/lwres_gnbarequest_render.3
-#usr/share/man/man3/lwres_gnbaresponse_free.3
-#usr/share/man/man3/lwres_gnbaresponse_parse.3
-#usr/share/man/man3/lwres_gnbaresponse_render.3
-#usr/share/man/man3/lwres_herror.3
-#usr/share/man/man3/lwres_hstrerror.3
-#usr/share/man/man3/lwres_inetntop.3
-#usr/share/man/man3/lwres_lwpacket_parseheader.3
-#usr/share/man/man3/lwres_lwpacket_renderheader.3
-#usr/share/man/man3/lwres_net_ntop.3
-#usr/share/man/man3/lwres_noop.3
-#usr/share/man/man3/lwres_nooprequest_free.3
-#usr/share/man/man3/lwres_nooprequest_parse.3
-#usr/share/man/man3/lwres_nooprequest_render.3
-#usr/share/man/man3/lwres_noopresponse_free.3
-#usr/share/man/man3/lwres_noopresponse_parse.3
-#usr/share/man/man3/lwres_noopresponse_render.3
-#usr/share/man/man3/lwres_packet.3
-#usr/share/man/man3/lwres_resutil.3
-#usr/share/man/man3/lwres_sethostent.3
-#usr/share/man/man3/lwres_sethostent_r.3
-#usr/share/man/man3/lwres_string_parse.3
+usr/lib/libns-9.16.22.so
+#usr/lib/libns.la
+#usr/lib/libns.so
diff --git a/config/rootfiles/common/bison b/config/rootfiles/common/bison
index 2fc2e6d1d..5cbbc1f8d 100644
--- a/config/rootfiles/common/bison
+++ b/config/rootfiles/common/bison
@@ -9,7 +9,6 @@
#usr/share/bison/m4sugar/foreach.m4
#usr/share/bison/m4sugar/m4sugar.m4
#usr/share/bison/skeletons
-#usr/share/bison/skeletons/README-D.txt
#usr/share/bison/skeletons/bison.m4
#usr/share/bison/skeletons/c++-skel.m4
#usr/share/bison/skeletons/c++.m4
@@ -20,6 +19,7 @@
#usr/share/bison/skeletons/d.m4
#usr/share/bison/skeletons/glr.c
#usr/share/bison/skeletons/glr.cc
+#usr/share/bison/skeletons/glr2.cc
#usr/share/bison/skeletons/java-skel.m4
#usr/share/bison/skeletons/java.m4
#usr/share/bison/skeletons/lalr1.cc
@@ -68,6 +68,10 @@
#usr/share/doc/bison/examples/c/calc/Makefile
#usr/share/doc/bison/examples/c/calc/README.md
#usr/share/doc/bison/examples/c/calc/calc.y
+#usr/share/doc/bison/examples/c/glr
+#usr/share/doc/bison/examples/c/glr/Makefile
+#usr/share/doc/bison/examples/c/glr/README.md
+#usr/share/doc/bison/examples/c/glr/c++-types.y
#usr/share/doc/bison/examples/c/lexcalc
#usr/share/doc/bison/examples/c/lexcalc/Makefile
#usr/share/doc/bison/examples/c/lexcalc/README.md
@@ -90,9 +94,13 @@
#usr/share/doc/bison/examples/c/rpcalc/Makefile
#usr/share/doc/bison/examples/c/rpcalc/rpcalc.y
#usr/share/doc/bison/examples/d
-#usr/share/doc/bison/examples/d/Makefile
#usr/share/doc/bison/examples/d/README.md
-#usr/share/doc/bison/examples/d/calc.y
+#usr/share/doc/bison/examples/d/calc
+#usr/share/doc/bison/examples/d/calc/Makefile
+#usr/share/doc/bison/examples/d/calc/calc.y
+#usr/share/doc/bison/examples/d/simple
+#usr/share/doc/bison/examples/d/simple/Makefile
+#usr/share/doc/bison/examples/d/simple/calc.y
#usr/share/doc/bison/examples/java
#usr/share/doc/bison/examples/java/README.md
#usr/share/doc/bison/examples/java/calc
diff --git a/config/rootfiles/common/i586/suricata \
b/config/rootfiles/common/i586/suricata deleted file mode 100644
index 32358483a..000000000
--- a/config/rootfiles/common/i586/suricata
+++ /dev/null
@@ -1,28 +0,0 @@
-etc/suricata
-etc/suricata/suricata.yaml
-#root/.cargo
-#root/.cargo/.package-cache
-usr/bin/suricata
-#usr/share/doc/suricata
-#usr/share/doc/suricata/AUTHORS
-#usr/share/doc/suricata/Basic_Setup.txt
-#usr/share/doc/suricata/GITGUIDE
-#usr/share/doc/suricata/INSTALL
-#usr/share/doc/suricata/INSTALL.PF_RING
-#usr/share/doc/suricata/INSTALL.WINDOWS
-#usr/share/doc/suricata/NEWS
-#usr/share/doc/suricata/README
-#usr/share/doc/suricata/Setting_up_IPSinline_for_Linux.txt
-#usr/share/doc/suricata/TODO
-#usr/share/doc/suricata/Third_Party_Installation_Guides.txt
-#usr/share/man/man1/suricata.1
-#usr/share/man/man1/suricatactl-filestore.1
-#usr/share/man/man1/suricatactl.1
-#usr/share/man/man1/suricatasc.1
-var/lib/suricata
-var/lib/suricata/classification.config
-var/lib/suricata/reference.config
-var/lib/suricata/threshold.config
-var/log/suricata
-#var/log/suricata/certs
-#var/log/suricata/files
diff --git a/config/rootfiles/common/jansson b/config/rootfiles/common/jansson
index 005bd2ce5..3691f1d8e 100644
--- a/config/rootfiles/common/jansson
+++ b/config/rootfiles/common/jansson
@@ -4,5 +4,5 @@
#usr/lib/libjansson.la
#usr/lib/libjansson.so
usr/lib/libjansson.so.4
-usr/lib/libjansson.so.4.11.1
+usr/lib/libjansson.so.4.14.0
#usr/lib/pkgconfig/jansson.pc
diff --git a/config/rootfiles/common/jwhois b/config/rootfiles/common/jwhois
deleted file mode 100644
index 135b453b9..000000000
--- a/config/rootfiles/common/jwhois
+++ /dev/null
@@ -1,25 +0,0 @@
-etc/jwhois.conf
-usr/bin/jwhois
-usr/bin/whois
-#usr/share/info/jwhois.info
-#usr/share/locale/es/LC_MESSAGES/jwhois.mo
-#usr/share/locale/fr/LC_MESSAGES/jwhois.mo
-#usr/share/locale/hu/LC_MESSAGES/jwhois.mo
-#usr/share/locale/id/LC_MESSAGES/jwhois.mo
-#usr/share/locale/it/LC_MESSAGES/jwhois.mo
-#usr/share/locale/nl/LC_MESSAGES/jwhois.mo
-#usr/share/locale/pl/LC_MESSAGES/jwhois.mo
-#usr/share/locale/pt_BR/LC_MESSAGES/jwhois.mo
-#usr/share/locale/ro
-#usr/share/locale/ro/LC_MESSAGES
-#usr/share/locale/ro/LC_MESSAGES/jwhois.mo
-#usr/share/locale/ru/LC_MESSAGES/jwhois.mo
-#usr/share/locale/rw/LC_MESSAGES/jwhois.mo
-#usr/share/locale/sv/LC_MESSAGES/jwhois.mo
-#usr/share/locale/tr/LC_MESSAGES/jwhois.mo
-#usr/share/locale/vi/LC_MESSAGES/jwhois.mo
-#usr/share/locale/zh_TW/LC_MESSAGES/jwhois.mo
-#usr/share/man/man1/jwhois.1
-#usr/share/man/sv
-#usr/share/man/sv/man1
-#usr/share/man/sv/man1/jwhois.1
diff --git a/config/rootfiles/common/libuv b/config/rootfiles/common/libuv
new file mode 100644
index 000000000..a3a97a974
--- /dev/null
+++ b/config/rootfiles/common/libuv
@@ -0,0 +1,12 @@
+#usr/include/uv
+#usr/include/uv.h
+#usr/include/uv/errno.h
+#usr/include/uv/linux.h
+#usr/include/uv/threadpool.h
+#usr/include/uv/unix.h
+#usr/include/uv/version.h
+#usr/lib/libuv.la
+#usr/lib/libuv.so
+usr/lib/libuv.so.1
+usr/lib/libuv.so.1.0.0
+#usr/lib/pkgconfig/libuv.pc
diff --git a/config/rootfiles/common/meson b/config/rootfiles/common/meson
index b655121f1..1abb13713 100644
--- a/config/rootfiles/common/meson
+++ b/config/rootfiles/common/meson
@@ -1,13 +1,15 @@
#usr/bin/meson
-#usr/lib/python3.8/site-packages/meson-0.58.0-py3.8.egg-info
-#usr/lib/python3.8/site-packages/meson-0.58.0-py3.8.egg-info/PKG-INFO
-#usr/lib/python3.8/site-packages/meson-0.58.0-py3.8.egg-info/SOURCES.txt
-#usr/lib/python3.8/site-packages/meson-0.58.0-py3.8.egg-info/dependency_links.txt
-#usr/lib/python3.8/site-packages/meson-0.58.0-py3.8.egg-info/entry_points.txt
-#usr/lib/python3.8/site-packages/meson-0.58.0-py3.8.egg-info/requires.txt
-#usr/lib/python3.8/site-packages/meson-0.58.0-py3.8.egg-info/top_level.txt
+#usr/lib/python3.8/site-packages/meson-0.59.2-py3.8.egg-info
+#usr/lib/python3.8/site-packages/meson-0.59.2-py3.8.egg-info/PKG-INFO
+#usr/lib/python3.8/site-packages/meson-0.59.2-py3.8.egg-info/SOURCES.txt
+#usr/lib/python3.8/site-packages/meson-0.59.2-py3.8.egg-info/dependency_links.txt
+#usr/lib/python3.8/site-packages/meson-0.59.2-py3.8.egg-info/entry_points.txt
+#usr/lib/python3.8/site-packages/meson-0.59.2-py3.8.egg-info/requires.txt
+#usr/lib/python3.8/site-packages/meson-0.59.2-py3.8.egg-info/top_level.txt
#usr/lib/python3.8/site-packages/mesonbuild
#usr/lib/python3.8/site-packages/mesonbuild/__init__.py
+#usr/lib/python3.8/site-packages/mesonbuild/_pathlib.py
+#usr/lib/python3.8/site-packages/mesonbuild/_typing.py
#usr/lib/python3.8/site-packages/mesonbuild/arglist.py
#usr/lib/python3.8/site-packages/mesonbuild/ast
#usr/lib/python3.8/site-packages/mesonbuild/ast/__init__.py
@@ -21,6 +23,8 @@
#usr/lib/python3.8/site-packages/mesonbuild/backend/backends.py
#usr/lib/python3.8/site-packages/mesonbuild/backend/ninjabackend.py
#usr/lib/python3.8/site-packages/mesonbuild/backend/vs2010backend.py
+#usr/lib/python3.8/site-packages/mesonbuild/backend/vs2012backend.py
+#usr/lib/python3.8/site-packages/mesonbuild/backend/vs2013backend.py
#usr/lib/python3.8/site-packages/mesonbuild/backend/vs2015backend.py
#usr/lib/python3.8/site-packages/mesonbuild/backend/vs2017backend.py
#usr/lib/python3.8/site-packages/mesonbuild/backend/vs2019backend.py
@@ -44,7 +48,9 @@
#usr/lib/python3.8/site-packages/mesonbuild/compilers/cpp.py
#usr/lib/python3.8/site-packages/mesonbuild/compilers/cs.py
#usr/lib/python3.8/site-packages/mesonbuild/compilers/cuda.py
+#usr/lib/python3.8/site-packages/mesonbuild/compilers/cython.py
#usr/lib/python3.8/site-packages/mesonbuild/compilers/d.py
+#usr/lib/python3.8/site-packages/mesonbuild/compilers/detect.py
#usr/lib/python3.8/site-packages/mesonbuild/compilers/fortran.py
#usr/lib/python3.8/site-packages/mesonbuild/compilers/java.py
#usr/lib/python3.8/site-packages/mesonbuild/compilers/mixins
@@ -73,12 +79,19 @@
#usr/lib/python3.8/site-packages/mesonbuild/dependencies/__init__.py
#usr/lib/python3.8/site-packages/mesonbuild/dependencies/base.py
#usr/lib/python3.8/site-packages/mesonbuild/dependencies/boost.py
+#usr/lib/python3.8/site-packages/mesonbuild/dependencies/cmake.py
#usr/lib/python3.8/site-packages/mesonbuild/dependencies/coarrays.py
+#usr/lib/python3.8/site-packages/mesonbuild/dependencies/configtool.py
#usr/lib/python3.8/site-packages/mesonbuild/dependencies/cuda.py
+#usr/lib/python3.8/site-packages/mesonbuild/dependencies/detect.py
#usr/lib/python3.8/site-packages/mesonbuild/dependencies/dev.py
+#usr/lib/python3.8/site-packages/mesonbuild/dependencies/dub.py
+#usr/lib/python3.8/site-packages/mesonbuild/dependencies/factory.py
+#usr/lib/python3.8/site-packages/mesonbuild/dependencies/framework.py
#usr/lib/python3.8/site-packages/mesonbuild/dependencies/hdf5.py
#usr/lib/python3.8/site-packages/mesonbuild/dependencies/misc.py
#usr/lib/python3.8/site-packages/mesonbuild/dependencies/mpi.py
+#usr/lib/python3.8/site-packages/mesonbuild/dependencies/pkgconfig.py
#usr/lib/python3.8/site-packages/mesonbuild/dependencies/platform.py
#usr/lib/python3.8/site-packages/mesonbuild/dependencies/qt.py
#usr/lib/python3.8/site-packages/mesonbuild/dependencies/scalapack.py
@@ -89,11 +102,24 @@
#usr/lib/python3.8/site-packages/mesonbuild/interpreter
#usr/lib/python3.8/site-packages/mesonbuild/interpreter/__init__.py
#usr/lib/python3.8/site-packages/mesonbuild/interpreter/compiler.py
+#usr/lib/python3.8/site-packages/mesonbuild/interpreter/dependencyfallbacks.py
#usr/lib/python3.8/site-packages/mesonbuild/interpreter/interpreter.py
#usr/lib/python3.8/site-packages/mesonbuild/interpreter/interpreterobjects.py
+#usr/lib/python3.8/site-packages/mesonbuild/interpreter/kwargs.py
#usr/lib/python3.8/site-packages/mesonbuild/interpreter/mesonmain.py
-#usr/lib/python3.8/site-packages/mesonbuild/interpreterbase.py
-#usr/lib/python3.8/site-packages/mesonbuild/linkers.py
+#usr/lib/python3.8/site-packages/mesonbuild/interpreterbase
+#usr/lib/python3.8/site-packages/mesonbuild/interpreterbase/__init__.py
+#usr/lib/python3.8/site-packages/mesonbuild/interpreterbase/_unholder.py
+#usr/lib/python3.8/site-packages/mesonbuild/interpreterbase/baseobjects.py
+#usr/lib/python3.8/site-packages/mesonbuild/interpreterbase/decorators.py
+#usr/lib/python3.8/site-packages/mesonbuild/interpreterbase/disabler.py
+#usr/lib/python3.8/site-packages/mesonbuild/interpreterbase/exceptions.py
+#usr/lib/python3.8/site-packages/mesonbuild/interpreterbase/helpers.py
+#usr/lib/python3.8/site-packages/mesonbuild/interpreterbase/interpreterbase.py
+#usr/lib/python3.8/site-packages/mesonbuild/linkers
+#usr/lib/python3.8/site-packages/mesonbuild/linkers/__init__.py
+#usr/lib/python3.8/site-packages/mesonbuild/linkers/detect.py
+#usr/lib/python3.8/site-packages/mesonbuild/linkers/linkers.py
#usr/lib/python3.8/site-packages/mesonbuild/mcompile.py
#usr/lib/python3.8/site-packages/mesonbuild/mconf.py
#usr/lib/python3.8/site-packages/mesonbuild/mdevenv.py
diff --git a/config/rootfiles/common/slang b/config/rootfiles/common/slang
index 71802d443..072e1baf4 100644
--- a/config/rootfiles/common/slang
+++ b/config/rootfiles/common/slang
@@ -4,7 +4,7 @@
#usr/include/slcurses.h
#usr/lib/libslang.so
usr/lib/libslang.so.2
-usr/lib/libslang.so.2.3.0
+usr/lib/libslang.so.2.3.2
#usr/lib/pkgconfig/slang.pc
#usr/lib/slang
#usr/lib/slang/v2
@@ -158,6 +158,10 @@ usr/lib/slang/v2/modules/zlib-module.so
#usr/share/slsh/slsmg.sl
#usr/share/slsh/socket.sl
#usr/share/slsh/stats.sl
+#usr/share/slsh/statslib
+#usr/share/slsh/statslib/ad_test.sl
+#usr/share/slsh/statslib/ks_test.sl
+#usr/share/slsh/statslib/kuiper.sl
#usr/share/slsh/stkcheck.sl
#usr/share/slsh/structfuns.sl
#usr/share/slsh/sysconf.sl
diff --git a/config/rootfiles/common/suricata b/config/rootfiles/common/suricata
index 32358483a..7c512b033 100644
--- a/config/rootfiles/common/suricata
+++ b/config/rootfiles/common/suricata
@@ -1,7 +1,5 @@
etc/suricata
etc/suricata/suricata.yaml
-#root/.cargo
-#root/.cargo/.package-cache
usr/bin/suricata
#usr/share/doc/suricata
#usr/share/doc/suricata/AUTHORS
@@ -19,6 +17,28 @@ usr/bin/suricata
#usr/share/man/man1/suricatactl-filestore.1
#usr/share/man/man1/suricatactl.1
#usr/share/man/man1/suricatasc.1
+usr/share/suricata/
+#usr/share/suricata/classification.config
+#usr/share/suricata/reference.config
+#usr/share/suricata/rules
+#usr/share/suricata/rules/app-layer-events.rules
+#usr/share/suricata/rules/decoder-events.rules
+#usr/share/suricata/rules/dhcp-events.rules
+#usr/share/suricata/rules/dnp3-events.rules
+#usr/share/suricata/rules/dns-events.rules
+#usr/share/suricata/rules/files.rules
+#usr/share/suricata/rules/http2-events.rules
+#usr/share/suricata/rules/http-events.rules
+#usr/share/suricata/rules/ipsec-events.rules
+#usr/share/suricata/rules/kerberos-events.rules
+#usr/share/suricata/rules/modbus-events.rules
+#usr/share/suricata/rules/mqtt-events.rules
+#usr/share/suricata/rules/nfs-events.rules
+#usr/share/suricata/rules/ntp-events.rules
+#usr/share/suricata/rules/smb-events.rules
+#usr/share/suricata/rules/smtp-events.rules
+#usr/share/suricata/rules/stream-events.rules
+#usr/share/suricata/rules/tls-events.rules
var/lib/suricata
var/lib/suricata/classification.config
var/lib/suricata/reference.config
diff --git a/config/rootfiles/common/whois b/config/rootfiles/common/whois
new file mode 100644
index 000000000..c5a16daf1
--- /dev/null
+++ b/config/rootfiles/common/whois
@@ -0,0 +1,4 @@
+etc/whois.conf
+usr/bin/whois
+#usr/share/man/man1/whois.1
+#usr/share/man/man5/whois.conf.5
diff --git a/config/rootfiles/common/x86_64/suricata \
b/config/rootfiles/common/x86_64/suricata deleted file mode 100644
index 32358483a..000000000
--- a/config/rootfiles/common/x86_64/suricata
+++ /dev/null
@@ -1,28 +0,0 @@
-etc/suricata
-etc/suricata/suricata.yaml
-#root/.cargo
-#root/.cargo/.package-cache
-usr/bin/suricata
-#usr/share/doc/suricata
-#usr/share/doc/suricata/AUTHORS
-#usr/share/doc/suricata/Basic_Setup.txt
-#usr/share/doc/suricata/GITGUIDE
-#usr/share/doc/suricata/INSTALL
-#usr/share/doc/suricata/INSTALL.PF_RING
-#usr/share/doc/suricata/INSTALL.WINDOWS
-#usr/share/doc/suricata/NEWS
-#usr/share/doc/suricata/README
-#usr/share/doc/suricata/Setting_up_IPSinline_for_Linux.txt
-#usr/share/doc/suricata/TODO
-#usr/share/doc/suricata/Third_Party_Installation_Guides.txt
-#usr/share/man/man1/suricata.1
-#usr/share/man/man1/suricatactl-filestore.1
-#usr/share/man/man1/suricatactl.1
-#usr/share/man/man1/suricatasc.1
-var/lib/suricata
-var/lib/suricata/classification.config
-var/lib/suricata/reference.config
-var/lib/suricata/threshold.config
-var/log/suricata
-#var/log/suricata/certs
-#var/log/suricata/files
diff --git a/config/rootfiles/core/162/filelists/bind \
b/config/rootfiles/core/162/filelists/bind new file mode 120000
index 000000000..48a0ebaef
--- /dev/null
+++ b/config/rootfiles/core/162/filelists/bind
@@ -0,0 +1 @@
+../../../common/bind
\ No newline at end of file
diff --git a/config/rootfiles/core/162/filelists/ddns \
b/config/rootfiles/core/162/filelists/ddns new file mode 120000
index 000000000..739516420
--- /dev/null
+++ b/config/rootfiles/core/162/filelists/ddns
@@ -0,0 +1 @@
+../../../common/ddns
\ No newline at end of file
diff --git a/config/rootfiles/core/162/filelists/dhcpcd \
b/config/rootfiles/core/162/filelists/dhcpcd new file mode 120000
index 000000000..1e799dabb
--- /dev/null
+++ b/config/rootfiles/core/162/filelists/dhcpcd
@@ -0,0 +1 @@
+../../../common/dhcpcd
\ No newline at end of file
diff --git a/config/rootfiles/core/162/filelists/files \
b/config/rootfiles/core/162/filelists/files index 49ebb7481..96b65142a 100644
--- a/config/rootfiles/core/162/filelists/files
+++ b/config/rootfiles/core/162/filelists/files
@@ -1,10 +1,15 @@
-/etc/rc.d/init.d/mountkernfs
-/srv/web/ipfire/cgi-bin/fwhosts.cgi
-/srv/web/ipfire/cgi-bin/logs.cgi/log.dat
-/srv/web/ipfire/cgi-bin/ovpnmain.cgi
-/srv/web/ipfire/html/themes/ipfire/include/css/style.css
-/srv/web/ipfire/html/themes/ipfire/include/functions.pl
-/var/ipfire/general-functions.pl
-/var/ipfire/header.pl
-/var/ipfire/location-functions.pl
-/var/ipfire/qos/bin/makeqosscripts.pl
+etc/rc.d/init.d/firewall
+etc/rc.d/init.d/mountkernfs
+etc/rc.d/init.d/unbound
+srv/web/ipfire/cgi-bin/connections.cgi
+srv/web/ipfire/cgi-bin/fwhosts.cgi
+srv/web/ipfire/cgi-bin/logs.cgi/log.dat
+srv/web/ipfire/cgi-bin/ovpnmain.cgi
+srv/web/ipfire/cgi-bin/proxy.cgi
+srv/web/ipfire/cgi-bin/vpnmain.cgi
+srv/web/ipfire/html/themes/ipfire/include/css/style.css
+srv/web/ipfire/html/themes/ipfire/include/functions.pl
+var/ipfire/general-functions.pl
+var/ipfire/header.pl
+var/ipfire/location-functions.pl
+var/ipfire/qos/bin/makeqosscripts.pl
diff --git a/config/rootfiles/core/162/filelists/jansson \
b/config/rootfiles/core/162/filelists/jansson new file mode 120000
index 000000000..21f73bd0c
--- /dev/null
+++ b/config/rootfiles/core/162/filelists/jansson
@@ -0,0 +1 @@
+../../../common/jansson
\ No newline at end of file
diff --git a/config/rootfiles/core/162/filelists/libhtp \
b/config/rootfiles/core/162/filelists/libhtp new file mode 120000
index 000000000..676e2c5e8
--- /dev/null
+++ b/config/rootfiles/core/162/filelists/libhtp
@@ -0,0 +1 @@
+../../../common/libhtp
\ No newline at end of file
diff --git a/config/rootfiles/core/162/filelists/libuv \
b/config/rootfiles/core/162/filelists/libuv new file mode 120000
index 000000000..c74f52510
--- /dev/null
+++ b/config/rootfiles/core/162/filelists/libuv
@@ -0,0 +1 @@
+../../../common/libuv
\ No newline at end of file
diff --git a/config/rootfiles/core/162/filelists/libxcrypt \
b/config/rootfiles/core/162/filelists/libxcrypt new file mode 120000
index 000000000..ad93616b5
--- /dev/null
+++ b/config/rootfiles/core/162/filelists/libxcrypt
@@ -0,0 +1 @@
+../../../common/libxcrypt
\ No newline at end of file
diff --git a/config/rootfiles/core/162/filelists/slang \
b/config/rootfiles/core/162/filelists/slang new file mode 120000
index 000000000..228e45ed4
--- /dev/null
+++ b/config/rootfiles/core/162/filelists/slang
@@ -0,0 +1 @@
+../../../common/slang
\ No newline at end of file
diff --git a/config/rootfiles/core/162/filelists/sshfs \
b/config/rootfiles/core/162/filelists/sshfs new file mode 120000
index 000000000..d451748c3
--- /dev/null
+++ b/config/rootfiles/core/162/filelists/sshfs
@@ -0,0 +1 @@
+../../../common/sshfs
\ No newline at end of file
diff --git a/config/rootfiles/core/162/filelists/suricata \
b/config/rootfiles/core/162/filelists/suricata new file mode 120000
index 000000000..f671f6993
--- /dev/null
+++ b/config/rootfiles/core/162/filelists/suricata
@@ -0,0 +1 @@
+../../../common/suricata
\ No newline at end of file
diff --git a/config/rootfiles/core/162/filelists/whois \
b/config/rootfiles/core/162/filelists/whois new file mode 120000
index 000000000..60cbd1894
--- /dev/null
+++ b/config/rootfiles/core/162/filelists/whois
@@ -0,0 +1 @@
+../../../common/whois
\ No newline at end of file
diff --git a/config/rootfiles/core/162/update.sh \
b/config/rootfiles/core/162/update.sh index dd52d09d5..0bceb17cf 100644
--- a/config/rootfiles/core/162/update.sh
+++ b/config/rootfiles/core/162/update.sh
@@ -83,7 +83,15 @@ rm -rf /boot/uInit-*-ipfire-*
rm -rf /boot/dtb-*-ipfire-*
rm -rf /lib/modules
+# Remove files
+rm -rf \
+ /etc/jwhois.conf \
+ /usr/bin/jwhois \
+ /usr/bin/whois
+
# Stop services
+/usr/local/bin/openvpnctrl -k
+/usr/local/bin/openvpnctrl -kn2n
# Extract files
extract_files
@@ -110,7 +118,11 @@ ldconfig
/usr/local/bin/sshctrl
# Start services
+/usr/local/bin/openvpnctrl -s
+/usr/local/bin/openvpnctrl -sn2n
/etc/init.d/sshd restart
+/etc/init.d/suricata restart
+/etc/init.d/unbound restart
# remove lm_sensor config after collectd was started
# to reserch sensors at next boot with updated kernel
diff --git a/config/rootfiles/packages/sslh b/config/rootfiles/packages/sslh
index 2c67aad3a..21a1b155b 100644
--- a/config/rootfiles/packages/sslh
+++ b/config/rootfiles/packages/sslh
@@ -1,2 +1,3 @@
etc/rc.d/init.d/sslh
usr/sbin/sslh
+#usr/share/man/man8/sslh.8.gz
diff --git a/config/suricata/suricata.yaml b/config/suricata/suricata.yaml
index 6f37671c8..0ad36e705 100644
--- a/config/suricata/suricata.yaml
+++ b/config/suricata/suricata.yaml
@@ -46,8 +46,28 @@ vars:
##
default-rule-path: /var/lib/suricata
rule-files:
- # Include enabled ruleset files from external file.
- include: /var/ipfire/suricata/suricata-used-rulefiles.yaml
+ # Default rules
+ - /usr/share/suricata/rules/app-layer-events.rules
+ - /usr/share/suricata/rules/decoder-events.rules
+ - /usr/share/suricata/rules/dhcp-events.rules
+ - /usr/share/suricata/rules/dnp3-events.rules
+ - /usr/share/suricata/rules/dns-events.rules
+ - /usr/share/suricata/rules/files.rules
+ - /usr/share/suricata/rules/http2-events.rules
+ - /usr/share/suricata/rules/http-events.rules
+ - /usr/share/suricata/rules/ipsec-events.rules
+ - /usr/share/suricata/rules/kerberos-events.rules
+ - /usr/share/suricata/rules/modbus-events.rules
+ - /usr/share/suricata/rules/mqtt-events.rules
+ - /usr/share/suricata/rules/nfs-events.rules
+ - /usr/share/suricata/rules/ntp-events.rules
+ - /usr/share/suricata/rules/smb-events.rules
+ - /usr/share/suricata/rules/smtp-events.rules
+ - /usr/share/suricata/rules/stream-events.rules
+ - /usr/share/suricata/rules/tls-events.rules
+
+ # Include enabled ruleset files from external file
+ - !include: /var/ipfire/suricata/suricata-used-rulefiles.yaml
classification-file: /var/lib/suricata/classification.config
reference-config-file: /var/lib/suricata/reference.config
diff --git a/doc/language_issues.de b/doc/language_issues.de
index d1aacc1e6..d0275b5ef 100644
--- a/doc/language_issues.de
+++ b/doc/language_issues.de
@@ -522,7 +522,6 @@ WARNING: translation string unused: noservicename
WARNING: translation string unused: not set
WARNING: translation string unused: o-no
WARNING: translation string unused: o-yes
-WARNING: translation string unused: online help en
WARNING: translation string unused: only red
WARNING: translation string unused: open to all
WARNING: translation string unused: openvpn disabled
diff --git a/doc/language_issues.en b/doc/language_issues.en
index 34a95b358..e2d131a8e 100644
--- a/doc/language_issues.en
+++ b/doc/language_issues.en
@@ -1349,6 +1349,7 @@ WARNING: untranslated string: one hour = One Hour
WARNING: untranslated string: one month = One Month
WARNING: untranslated string: one week = One Week
WARNING: untranslated string: one year = One Year
+WARNING: untranslated string: online help en = Online help (in english)
WARNING: untranslated string: only digits allowed in holdoff field = Only digits \
allowed in holdoff field WARNING: untranslated string: only digits allowed in max \
retries field = Only digits allowed in max retries field. WARNING: untranslated \
string: only digits allowed in the idle timeout = Only digits allowed in the idle \
timeout.
diff --git a/doc/language_issues.es b/doc/language_issues.es
index 55d46c597..39b9bef48 100644
--- a/doc/language_issues.es
+++ b/doc/language_issues.es
@@ -493,7 +493,6 @@ WARNING: translation string unused: not set
WARNING: translation string unused: notes
WARNING: translation string unused: o-no
WARNING: translation string unused: o-yes
-WARNING: translation string unused: online help en
WARNING: translation string unused: only red
WARNING: translation string unused: open to all
WARNING: translation string unused: optional data
diff --git a/doc/language_issues.fr b/doc/language_issues.fr
index 632eaa891..6a300858d 100644
--- a/doc/language_issues.fr
+++ b/doc/language_issues.fr
@@ -557,7 +557,6 @@ WARNING: translation string unused: notes
WARNING: translation string unused: o-no
WARNING: translation string unused: o-yes
WARNING: translation string unused: okay
-WARNING: translation string unused: online help en
WARNING: translation string unused: only red
WARNING: translation string unused: open to all
WARNING: translation string unused: openvpn disabled
diff --git a/doc/language_issues.it b/doc/language_issues.it
index a97016dcc..993c76b82 100644
--- a/doc/language_issues.it
+++ b/doc/language_issues.it
@@ -526,7 +526,6 @@ WARNING: translation string unused: not set
WARNING: translation string unused: notes
WARNING: translation string unused: o-no
WARNING: translation string unused: o-yes
-WARNING: translation string unused: online help en
WARNING: translation string unused: only red
WARNING: translation string unused: open to all
WARNING: translation string unused: openvpn disabled
diff --git a/doc/language_issues.nl b/doc/language_issues.nl
index 6c2715bc4..664a2dd62 100644
--- a/doc/language_issues.nl
+++ b/doc/language_issues.nl
@@ -523,7 +523,6 @@ WARNING: translation string unused: not set
WARNING: translation string unused: notes
WARNING: translation string unused: o-no
WARNING: translation string unused: o-yes
-WARNING: translation string unused: online help en
WARNING: translation string unused: only red
WARNING: translation string unused: open to all
WARNING: translation string unused: openvpn disabled
diff --git a/doc/language_issues.pl b/doc/language_issues.pl
index 79d2045d3..f10f9ff4a 100644
--- a/doc/language_issues.pl
+++ b/doc/language_issues.pl
@@ -466,7 +466,6 @@ WARNING: translation string unused: not set
WARNING: translation string unused: notes
WARNING: translation string unused: o-no
WARNING: translation string unused: o-yes
-WARNING: translation string unused: online help en
WARNING: translation string unused: only red
WARNING: translation string unused: open to all
WARNING: translation string unused: optional data
diff --git a/doc/language_issues.ru b/doc/language_issues.ru
index 52b116c60..2e889e41e 100644
--- a/doc/language_issues.ru
+++ b/doc/language_issues.ru
@@ -462,7 +462,6 @@ WARNING: translation string unused: not set
WARNING: translation string unused: notes
WARNING: translation string unused: o-no
WARNING: translation string unused: o-yes
-WARNING: translation string unused: online help en
WARNING: translation string unused: only red
WARNING: translation string unused: open to all
WARNING: translation string unused: optional data
diff --git a/doc/language_issues.tr b/doc/language_issues.tr
index 019dd7be0..5e216f765 100644
--- a/doc/language_issues.tr
+++ b/doc/language_issues.tr
@@ -555,7 +555,6 @@ WARNING: translation string unused: not set
WARNING: translation string unused: notes
WARNING: translation string unused: o-no
WARNING: translation string unused: o-yes
-WARNING: translation string unused: online help en
WARNING: translation string unused: only red
WARNING: translation string unused: open to all
WARNING: translation string unused: openvpn disabled
diff --git a/html/cgi-bin/connections.cgi b/html/cgi-bin/connections.cgi
index 00038f1a0..10ac8748c 100644
--- a/html/cgi-bin/connections.cgi
+++ b/html/cgi-bin/connections.cgi
@@ -2,7 +2,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2012 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2021 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -154,19 +154,21 @@ push(@network, $netsettings{'GREEN_ADDRESS'});
push(@masklen, "255.255.255.255" );
push(@colour, ${Header::colourfw} );
-# Add Green Network to Array
-push(@network, $netsettings{'GREEN_NETADDRESS'});
-push(@masklen, $netsettings{'GREEN_NETMASK'} );
-push(@colour, ${Header::colourgreen} );
-
-# Add Green Routes to Array
-my @routes = grep (/$netsettings{'GREEN_DEV'}/, @all_routes);
-foreach my $route (@routes) {
- chomp($route);
- my @temp = split(/[\t ]+/, $route);
- push(@network, $temp[0]);
- push(@masklen, $temp[2]);
+if ($netsettings{'GREEN_DEV'}) {
+ # Add Green Network to Array
+ push(@network, $netsettings{'GREEN_NETADDRESS'});
+ push(@masklen, $netsettings{'GREEN_NETMASK'} );
push(@colour, ${Header::colourgreen} );
+
+ # Add Green Routes to Array
+ my @routes = grep (/$netsettings{'GREEN_DEV'}/, @all_routes);
+ foreach my $route (@routes) {
+ chomp($route);
+ my @temp = split(/[\t ]+/, $route);
+ push(@network, $temp[0]);
+ push(@masklen, $temp[2]);
+ push(@colour, ${Header::colourgreen} );
+ }
}
# Add Blue Firewall Interface
@@ -181,7 +183,7 @@ if ($netsettings{'BLUE_DEV'}) {
push(@colour, ${Header::colourblue} );
# Add Blue Routes to Array
- @routes = grep(/$netsettings{'BLUE_DEV'}/, @all_routes);
+ my @routes = grep(/$netsettings{'BLUE_DEV'}/, @all_routes);
foreach my $route (@routes) {
chomp($route);
my @temp = split(/[\t ]+/, $route);
@@ -202,7 +204,7 @@ if ($netsettings{'ORANGE_DEV'}) {
push(@masklen, $netsettings{'ORANGE_NETMASK'} );
push(@colour, ${Header::colourorange} );
# Add Orange Routes to Array
- @routes = grep(/$netsettings{'ORANGE_DEV'}/, @all_routes);
+ my @routes = grep(/$netsettings{'ORANGE_DEV'}/, @all_routes);
foreach my $route (@routes) {
chomp($route);
my @temp = split(/[\t ]+/, $route);
diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi
index 85c5ddd86..4e8b28fd8 100644
--- a/html/cgi-bin/ids.cgi
+++ b/html/cgi-bin/ids.cgi
@@ -1091,13 +1091,14 @@ if (%idsrules) {
# Call stat on the rulestarball.
my $stat = stat("$IDS::rulestarball");
- # Get timestamp the file creation.
- my $mtime = $stat->mtime;
+ if (defined $stat) {
+ # Get timestamp the file creation.
+ my $mtime = $stat->mtime;
- # Convert into human read-able format.
- my $rulesdate = strftime('%Y-%m-%d %H:%M:%S', localtime($mtime));
+ # Convert into human read-able format.
+ my $rulesdate = strftime('%Y-%m-%d %H:%M:%S', localtime($mtime));
- &Header::openbox('100%', 'LEFT', "$Lang::tr{'intrusion detection system rules'} \
($rulesdate)" ); + &Header::openbox('100%', 'LEFT', "$Lang::tr{'intrusion detection \
system rules'} ($rulesdate)" );
print"<form method='POST' action='$ENV{'SCRIPT_NAME'}'>\n";
@@ -1189,7 +1190,7 @@ if (%idsrules) {
# Close display table
print "</table>";
-print <<END
+ print <<END
<table width='100%'>
<tr>
<td width='100%' align='right'><input type='submit' name='RULESET' \
value='$Lang::tr{'ids apply'}'></td> @@ -1198,7 +1199,8 @@ print <<END
</form>
END
;
- &Header::closebox();
+ &Header::closebox();
+ }
}
&Header::closebigbox();
diff --git a/html/cgi-bin/vpnmain.cgi b/html/cgi-bin/vpnmain.cgi
index 7bb0d1b35..004e3ad1f 100644
--- a/html/cgi-bin/vpnmain.cgi
+++ b/html/cgi-bin/vpnmain.cgi
@@ -2360,11 +2360,11 @@ END
#use default advanced value
$cgiparams{'IKE_ENCRYPTION'} = \
'chacha20poly1305|aes256gcm128|aes256gcm96|aes256gcm64|aes256|aes192gcm128|aes192gcm96|aes192gcm64|aes192|aes128gcm128|aes128gcm96|aes128gcm64|aes128'; \
#[18]; $cgiparams{'IKE_INTEGRITY'} = 'sha2_512|sha2_256'; #[19];
- $cgiparams{'IKE_GROUPTYPE'} = 'curve448|curve25519|4096|3072|2048'; #[20];
+ $cgiparams{'IKE_GROUPTYPE'} = 'curve448|curve448|4096|3072|2048'; \
#[20]; $cgiparams{'IKE_LIFETIME'} = '3'; #[16];
$cgiparams{'ESP_ENCRYPTION'} = \
'chacha20poly1305|aes256gcm128|aes256gcm96|aes256gcm64|aes256|aes192gcm128|aes192gcm96|aes192gcm64|aes192|aes128gcm128|aes128gcm96|aes128gcm64|aes128'; \
#[21]; $cgiparams{'ESP_INTEGRITY'} = 'sha2_512|sha2_256'; #[22];
- $cgiparams{'ESP_GROUPTYPE'} = 'curve448|curve25519|4096|3072|2048'; #[23];
+ $cgiparams{'ESP_GROUPTYPE'} = 'curve448|curve25519|4096|3072|2048'; \
#[23]; $cgiparams{'ESP_KEYLIFE'} = '1'; #[17];
$cgiparams{'COMPRESSION'} = 'off'; #[13];
$cgiparams{'ONLY_PROPOSED'} = 'on'; #[24];
diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl
index cbc3f7b6c..e350bc651 100644
--- a/langs/de/cgi-bin/de.pl
+++ b/langs/de/cgi-bin/de.pl
@@ -251,9 +251,9 @@
'advproxy access' => 'Zugriff',
'advproxy admin mail' => 'Cache-Administrator E-Mail-Adresse',
'advproxy advanced proxy' => 'Advanced Proxy',
-'advproxy advanced web proxy' => 'Advanced Web Proxy',
-'advproxy advanced web proxy configuration' => 'Proxy-Konfiguration',
-'advproxy allowed subnets' => 'Erlaubte Subnetze (eins pro Zeile)',
+'advproxy advanced web proxy' => 'Web-Proxy',
+'advproxy advanced web proxy configuration' => 'Web Proxy-Einstellungen',
+'advproxy allowed subnets' => 'Erlaubte Subnetze (eines pro Zeile)',
'advproxy allowed web browsers' => 'Zulässige Clients für Web-Zugriffe',
'advproxy asbased anomaly detection' => 'Anomalieerkennungen auf Basis Autonomer \
Systeme', 'advproxy back to main page' => 'Zurück zur Hauptseite',
diff --git a/lfs/Config b/lfs/Config
index a2d3cddc5..8b2e5dabb 100644
--- a/lfs/Config
+++ b/lfs/Config
@@ -143,6 +143,9 @@ ifeq "$(BUILD_ARCH)" "aarch64"
GOARCH = arm64
endif
+# Rust
+export CARGOPATH = $(HOME)/.cargo
+
###############################################################################
# Common Macro Definitions
###############################################################################
@@ -184,7 +187,7 @@ define POSTBUILD
@echo "Updating linker cache..."
@type -p ldconfig >/dev/null && ldconfig || :
@echo "Install done; saving file list to $(TARGET) ..."
- @rm -rf $(GOPATH)
+ @rm -rf $(GOPATH) $(CARGOPATH)
@$(FIND_FILES) > $(DIR_SRC)/lsalrnew
@diff $(DIR_SRC)/lsalr $(DIR_SRC)/lsalrnew | grep '^> ' | sed 's/^> //' > \
$(TARGET)_diff @cp -f $(DIR_SRC)/lsalrnew $(DIR_SRC)/lsalr
diff --git a/lfs/bind b/lfs/bind
index 0545066b7..8544f0f1f 100644
--- a/lfs/bind
+++ b/lfs/bind
@@ -25,10 +25,10 @@
include Config
-VER = 9.11.32
+VER = 9.16.22
THISAPP = bind-$(VER)
-DL_FILE = $(THISAPP).tar.gz
+DL_FILE = $(THISAPP).tar.xz
DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
@@ -43,7 +43,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 0d029dd06ca60c6739c3189c999ef757
+$(DL_FILE)_MD5 = 6a45478b33c04c830d4263635d8cd137
install : $(TARGET)
@@ -72,7 +72,7 @@ $(subst %,%_MD5,$(objects)) :
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
- @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+ @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
$(UPDATE_AUTOMAKE)
cd $(DIR_APP) && STD_CDEFINES="$(CPPFLAGS)" \
./configure \
@@ -80,25 +80,28 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
--enable-threads \
--with-libtool \
--without-python \
+ --disable-linux-caps \
--disable-static
- # Build everything
+ # Build required libraries
cd $(DIR_APP) && make -C lib/isc $(MAKETUNING)
- cd $(DIR_APP) && make -C lib/dns $(MAKETUNING)
cd $(DIR_APP) && make -C lib/isccc $(MAKETUNING)
+ cd $(DIR_APP) && make -C lib/dns $(MAKETUNING)
+ cd $(DIR_APP) && make -C lib/ns $(MAKETUNING)
cd $(DIR_APP) && make -C lib/isccfg $(MAKETUNING)
cd $(DIR_APP) && make -C lib/bind9 $(MAKETUNING)
- cd $(DIR_APP) && make -C lib/lwres $(MAKETUNING)
+ cd $(DIR_APP) && make -C lib/irs $(MAKETUNING)
cd $(DIR_APP) && make -C bin/dig $(MAKETUNING)
cd $(DIR_APP) && make -C bin/nsupdate $(MAKETUNING)
- # Install everything
+ # Install utility programs
cd $(DIR_APP) && make -C lib/isc install
- cd $(DIR_APP) && make -C lib/dns install
cd $(DIR_APP) && make -C lib/isccc install
+ cd $(DIR_APP) && make -C lib/dns install
+ cd $(DIR_APP) && make -C lib/ns install
cd $(DIR_APP) && make -C lib/isccfg install
cd $(DIR_APP) && make -C lib/bind9 install
- cd $(DIR_APP) && make -C lib/lwres install
+ cd $(DIR_APP) && make -C lib/irs install
cd $(DIR_APP) && make -C bin/dig install
cd $(DIR_APP) && make -C bin/nsupdate install
diff --git a/lfs/bison b/lfs/bison
index 3a2681406..26df21aa8 100644
--- a/lfs/bison
+++ b/lfs/bison
@@ -24,7 +24,7 @@
include Config
-VER = 3.7.6
+VER = 3.8.2
THISAPP = bison-$(VER)
DL_FILE = $(THISAPP).tar.xz
@@ -45,7 +45,7 @@ objects =$(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = d61aa92e3562cb7292b004ce96173cf7
+$(DL_FILE)_MD5 = c28f119f405a2304ff0a7ccdcc629713
install : $(TARGET)
diff --git a/lfs/dhcpcd b/lfs/dhcpcd
index 352308692..8c4a593ad 100644
--- a/lfs/dhcpcd
+++ b/lfs/dhcpcd
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2020 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2021 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -24,7 +24,7 @@
include Config
-VER = 9.4.0
+VER = 9.4.1
THISAPP = dhcpcd-$(VER)
DL_FILE = $(THISAPP).tar.xz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = c36715fc629bc40aa94aae06fa1724c2
+$(DL_FILE)_MD5 = 2b2f46648bc96979f96127f0e0e07d9b
install : $(TARGET)
@@ -70,7 +70,9 @@ $(subst %,%_MD5,$(objects)) :
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
- cd $(DIR_APP) && ./configure --prefix="" --sysconfdir=/var/ipfire/dhcpc \
+ cd $(DIR_APP) && ./configure \
+ --prefix="" \
+ --sysconfdir=/var/ipfire/dhcpc \
--dbdir=/var/ipfire/dhcpc \
--libexecdir=/var/ipfire/dhcpc \
--mandir=/usr/share/man
diff --git a/lfs/jansson b/lfs/jansson
index 2c95c62ef..b2b02ff26 100644
--- a/lfs/jansson
+++ b/lfs/jansson
@@ -24,7 +24,7 @@
include Config
-VER = 2.12
+VER = 2.14
THISAPP = jansson-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 0ed1f3a924604aae68067c214b0010ef
+$(DL_FILE)_MD5 = 6cbfc54c2ab3b4d7284e188e185c2b0b
install : $(TARGET)
diff --git a/lfs/libhtp b/lfs/libhtp
index 242953254..95264df09 100644
--- a/lfs/libhtp
+++ b/lfs/libhtp
@@ -24,7 +24,7 @@
include Config
-VER = 0.5.38
+VER = 0.5.39
THISAPP = libhtp-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 4d3bee196a8adcb10bfd874ec6bd9ca0
+$(DL_FILE)_MD5 = f18e1a3f36b97beb63616ad1a5c2a9d8
install : $(TARGET)
diff --git a/lfs/jwhois b/lfs/libuv
similarity index 76%
rename from lfs/jwhois
rename to lfs/libuv
index ed12681c7..515fc80a6 100644
--- a/lfs/jwhois
+++ b/lfs/libuv
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2018 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2021 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -18,20 +18,22 @@
# #
###############################################################################
+
###############################################################################
# Definitions
###############################################################################
include Config
-VER = 4.0
+VER = 1.42.0
-THISAPP = jwhois-$(VER)
+THISAPP = libuv-v$(VER)
DL_FILE = $(THISAPP).tar.gz
DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
+
###############################################################################
# Top-level Rules
###############################################################################
@@ -40,7 +42,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 977d0ba90ee058a7998c94d933fc9546
+$(DL_FILE)_MD5 = 484dec4a06e183c20be815019ce9ddd0
install : $(TARGET)
@@ -71,22 +73,11 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
$(UPDATE_AUTOMAKE)
-
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/jwhois-4.0-conf_update.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/jwhois-4.0-conf_update2.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/jwhois-4.0-connect.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/jwhois-4.0-fclose.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/jwhois-4.0-idna.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/jwhois-4.0-ipv6match.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/jwhois-4.0-multi-homed.patch
- cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/jwhois-4.0-select.patch
-
- cd $(DIR_APP) && ./configure --prefix=/usr --sysconfdir=/etc
+ cd $(DIR_APP) && ./autogen.sh
+ cd $(DIR_APP) && ./configure \
+ --prefix=/usr \
+ --disable-static
cd $(DIR_APP) && make $(MAKETUNING)
cd $(DIR_APP) && make install
-
- # Add alias for whois command.
- ln -svf jwhois /usr/bin/whois
-
@rm -rf $(DIR_APP)
@$(POSTBUILD)
diff --git a/lfs/linux b/lfs/linux
index 2378bb6b0..284ca11b2 100644
--- a/lfs/linux
+++ b/lfs/linux
@@ -24,7 +24,7 @@
include Config
-VER = 5.15.3
+VER = 5.15.4
ARM_PATCHES = 5.15-ipfire2
THISAPP = linux-$(VER)
@@ -77,7 +77,7 @@ objects =$(DL_FILE) \
$(DL_FILE) = $(URL_IPFIRE)/$(DL_FILE)
arm-multi-patches-$(ARM_PATCHES).patch.xz = \
$(URL_IPFIRE)/arm-multi-patches-$(ARM_PATCHES).patch.xz
-$(DL_FILE)_MD5 = 3a96b55f9996f442da3fd165d01acefe
+$(DL_FILE)_MD5 = 7ab1a51d6c48fc062e9e33c143dfa825
arm-multi-patches-$(ARM_PATCHES).patch.xz_MD5 = 9cab549a71b19b07e0c5c103ccf3c321
install : $(TARGET)
diff --git a/lfs/meson b/lfs/meson
index 73e73a44d..16b7737ec 100644
--- a/lfs/meson
+++ b/lfs/meson
@@ -24,7 +24,7 @@
include Config
-VER = 0.58.0
+VER = 0.59.2
THISAPP = meson-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 18ac55e3d6a5acb17b5737eb2a15bb5b
+$(DL_FILE)_MD5 = 9d65e09b53b1dfab6339a0982176935d
install : $(TARGET)
diff --git a/lfs/slang b/lfs/slang
index a4ff3a1e3..1166d2d3a 100644
--- a/lfs/slang
+++ b/lfs/slang
@@ -24,10 +24,10 @@
include Config
-VER = 2.3.0
+VER = 2.3.2
THISAPP = slang-$(VER)
-DL_FILE = $(THISAPP).tar.gz
+DL_FILE = $(THISAPP).tar.bz2
DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 80f4e64189b6f28fd420b829b44a6723
+$(DL_FILE)_MD5 = c2d5a7aa0246627da490be4e399c87cb
install : $(TARGET)
diff --git a/lfs/sshfs b/lfs/sshfs
index 23b68c541..f9a585572 100644
--- a/lfs/sshfs
+++ b/lfs/sshfs
@@ -24,7 +24,7 @@
include Config
-VER = 3.7.1
+VER = 3.7.2
THISAPP = sshfs-$(VER)
DL_FILE = $(THISAPP).tar.xz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 22ac23d05ca7c56fb568627f086374d0
+$(DL_FILE)_MD5 = 86dcc81a1381c3e6863c97e684501bb6
install : $(TARGET)
diff --git a/lfs/sslh b/lfs/sslh
index c5e8cdd63..07f419007 100644
--- a/lfs/sslh
+++ b/lfs/sslh
@@ -24,7 +24,7 @@
include Config
-VER = 1.7a
+VER = 1.22c
THISAPP = sslh-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = sslh
-PAK_VER = 5
+PAK_VER = 6
DEPS =
@@ -44,7 +44,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = ee124654412198a5e11fe28acf10634d
+$(DL_FILE)_MD5 = ddfebd2436e4f5e53d1810285d75f1b8
install : $(TARGET)
@@ -78,7 +78,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && make CFLAGS="$(CFLAGS)" $(MAKETUNING) USELIBWRAP=
- cd $(DIR_APP) && install -v -m 755 sslh /usr/sbin
+ cd $(DIR_APP) && make install
#install initscripts
$(call INSTALL_INITSCRIPT,sslh)
diff --git a/lfs/strace b/lfs/strace
index d24918626..82b84e78f 100644
--- a/lfs/strace
+++ b/lfs/strace
@@ -24,7 +24,7 @@
include Config
-VER = 5.11
+VER = 5.14
SUP_ARCHES = x86_64 i586 armv6l aarch64
THISAPP = strace-$(VER)
@@ -33,7 +33,7 @@ DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
PROG = strace
-PAK_VER = 5
+PAK_VER = 6
DEPS = elfutils
@@ -45,7 +45,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = f5a317fd535465cf9130d0547661f5c4
+$(DL_FILE)_MD5 = 36c1c17f31855617b7898d2fd5abb9e2
install : $(TARGET)
diff --git a/lfs/suricata b/lfs/suricata
index c7f189bf4..f5b68da8f 100644
--- a/lfs/suricata
+++ b/lfs/suricata
@@ -24,14 +24,13 @@
include Config
-VER = 5.0.7
+VER = 5.0.8
THISAPP = suricata-$(VER)
DL_FILE = $(THISAPP).tar.gz
DL_FROM = $(URL_IPFIRE)
DIR_APP = $(DIR_SRC)/$(THISAPP)
TARGET = $(DIR_INFO)/$(THISAPP)
-SUP_ARCH = x86_64 i586 aarch64 armv6l
###############################################################################
# Top-level Rules
@@ -41,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = f6ff77e4dcf8035853209ceeba9b530c
+$(DL_FILE)_MD5 = d48387c2e0b5e502852b077369d947c5
install : $(TARGET)
@@ -71,6 +70,7 @@ $(subst %,%_MD5,$(objects)) :
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+ cd $(DIR_APP) && patch -Np1 < \
$(DIR_SRC)/src/patches/suricata-5.0-stream-tcp-Handle-retransmitted-SYN-with-TSval.patch
cd $(DIR_APP) && LDFLAGS="$(LDFLAGS)" ./configure \
--prefix=/usr \
--sysconfdir=/etc \
@@ -96,9 +96,6 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
# Install IPFire related config file.
install -m 0644 $(DIR_SRC)/config/suricata/suricata.yaml /etc/suricata
- # Remove shipped rules.
- rm -rvf /usr/share/suricata
-
# Create emtpy rules directory.
-mkdir -p /var/lib/suricata
diff --git a/lfs/whois b/lfs/whois
new file mode 100644
index 000000000..b526b90f4
--- /dev/null
+++ b/lfs/whois
@@ -0,0 +1,84 @@
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2007-2018 IPFire Team <info@ipfire.org> #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+###############################################################################
+# Definitions
+###############################################################################
+
+include Config
+
+VER = 5.5.10
+
+THISAPP = whois_$(VER)
+DL_FILE = $(THISAPP).tar.xz
+DL_FROM = $(URL_IPFIRE)
+DIR_APP = $(DIR_SRC)/$(THISAPP)
+TARGET = $(DIR_INFO)/$(THISAPP)
+
+PROG = whois
+
+###############################################################################
+# Top-level Rules
+###############################################################################
+
+objects = $(DL_FILE)
+
+$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
+
+$(DL_FILE)_MD5 = 4db48a482a06261ffa358d9f52c9bd7e
+
+install : $(TARGET)
+
+check : $(patsubst %,$(DIR_CHK)/%,$(objects))
+
+download :$(patsubst %,$(DIR_DL)/%,$(objects))
+
+md5 : $(subst %,%_MD5,$(objects))
+
+###############################################################################
+# Downloading, checking, md5sum
+###############################################################################
+
+$(patsubst %,$(DIR_CHK)/%,$(objects)) :
+ @$(CHECK)
+
+$(patsubst %,$(DIR_DL)/%,$(objects)) :
+ @$(LOAD)
+
+$(subst %,%_MD5,$(objects)) :
+ @$(MD5)
+
+###############################################################################
+# Installation Details
+###############################################################################
+
+$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
+ @$(PREBUILD)
+ @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
+ $(UPDATE_AUTOMAKE)
+
+ cd $(DIR_SRC)/$(PROG) && make $(MAKETUNING) \
+ CONFIG_FILE=/etc/whois.conf \
+ whois
+ cd $(DIR_SRC)/$(PROG) && make prefix=/usr install-whois
+ cd $(DIR_SRC)/$(PROG) && install -v -m 644 whois.conf -t /etc/
+
+ @rm -rf $(DIR_APP)
+ @$(POSTBUILD)
diff --git a/make.sh b/make.sh
index 0844e8d34..e6f948ba0 100755
--- a/make.sh
+++ b/make.sh
@@ -1128,7 +1128,7 @@ buildbase() {
lfsmake2 gperf
lfsmake2 gzip
lfsmake2 hostname
- lfsmake2 jwhois
+ lfsmake2 whois
lfsmake2 kbd
lfsmake2 less
lfsmake2 pkg-config
@@ -1217,6 +1217,7 @@ buildipfire() {
lfsmake2 aprutil
lfsmake2 unbound
lfsmake2 gnutls
+ lfsmake2 libuv
lfsmake2 bind
lfsmake2 dhcp
lfsmake2 dhcpcd
diff --git a/src/initscripts/system/firewall b/src/initscripts/system/firewall
index 776e70d6e..75ea8abdf 100644
--- a/src/initscripts/system/firewall
+++ b/src/initscripts/system/firewall
@@ -112,8 +112,6 @@ iptables_init() {
iptables -A CONNTRACK -m conntrack --ctstate ESTABLISHED -j ACCEPT
iptables -A CONNTRACK -m conntrack --ctstate INVALID -j DROP
iptables -A CONNTRACK -p icmp -m conntrack --ctstate RELATED -j ACCEPT
- iptables -t raw -N CONNTRACK
- iptables -t raw -A PREROUTING -j CONNTRACK
# Restore any connection marks
iptables -t mangle -A PREROUTING -j CONNMARK --restore-mark
diff --git a/src/initscripts/system/unbound b/src/initscripts/system/unbound
index b379bf331..1b42ac720 100644
--- a/src/initscripts/system/unbound
+++ b/src/initscripts/system/unbound
@@ -267,7 +267,7 @@ get_memory_amount() {
fix_time_if_dns_fails() {
# If DNS is working, everything is fine
- if resolve "ping.ipfire.org" &>/dev/null; then
+ if resolve "ipfire.pool.ntp.org" &>/dev/null; then
return 0
fi
diff --git a/src/patches/jwhois-4.0-conf_update.patch \
b/src/patches/jwhois-4.0-conf_update.patch deleted file mode 100644
index 512d30006..000000000
--- a/src/patches/jwhois-4.0-conf_update.patch
+++ /dev/null
@@ -1,714 +0,0 @@
-diff -up jwhois-4.0/example/jwhois.conf.orig jwhois-4.0/example/jwhois.conf
---- jwhois-4.0/example/jwhois.conf.orig 2007-03-26 11:12:08.000000000 +0200
-+++ jwhois-4.0/example/jwhois.conf 2010-12-20 14:26:06.450882316 +0100
-@@ -17,6 +17,11 @@ whois-servers {
- type = regex;
-
- #
-+ # Catch ENUM domains
-+ #
-+ "\\([0-9]\\.\\)+e164\\.arpa" = "struct enum-blocks";
-+
-+ #
- # You can use the special value `struct' to redirect the query
- # to another block which optionally can use another type of matching.
- # Here we use it to have IPv4 numbers matched using CIDR blocks instead
-@@ -27,6 +32,7 @@ whois-servers {
- "^CORE-[0-9]+$" = "struct handles";
- "^CO[CH]O-[0-9]+$" = "struct handles";
- ".*-[A-Z]+$" = "struct handles";
-+ ".*-6BONE$" = "struct handles";
-
- #
- # Catch AS numbers
-@@ -81,6 +87,7 @@ whois-servers {
- # Pseudo-ccTLDs must be listed above gTLDs
- #
- "\\.ae\\.org$" = "whois.centralnic.net";
-+ "\\.ar\\.com$" = "whois.centralnic.com";
- "\\.br\\.com$" = "whois.centralnic.net";
- "\\.cn\\.com$" = "whois.centralnic.net";
- "\\.de\\.com$" = "whois.centralnic.net";
-@@ -103,17 +110,30 @@ whois-servers {
- "\\.uy\\.com$" = "whois.centralnic.net";
- "\\.web\\.com$" = "whois.centralnic.net";
- "\\.za\\.com$" = "whois.centralnic.net";
-+ "\\.za\\.net$" = "whois.za.net";
-+ "\\.za\\.org$" = "whois.za.org";
-
- "\\.ac$" = "whois.nic.ac";
-- "\\.ae$" = "whois.uaenic.ae";
-+ "\\.ae$" = "whois.aeda.net.ae";
-+ "\\.co\\.ae$" = "whois.aeda.net.ae";
-+ "\\.net\\.ae$" = "whois.aeda.net.ae";
-+ "\\.org\\.ae$" = "whois.aeda.net.ae";
-+ "\\.sch\\.ae$" = "whois.aeda.net.ae";
-+ "\\.ac\\.ae$" = "whois.aeda.net.ae";
-+ "\\.mil\\.ae$" = "whois.aeda.net.ae";
-+ "\\.gov\\.ae$" = "whois.aeda.net.ae";
-+ "\\.1\\.7\\.9\\.e164\\.arpa$" = "whois.aeda.net.ae";
- "\\.aero$" = "whois.aero";
-- "\\.af$" = "whois.nic.af";
-+ "\\.af$" = "whois.cocca.cx";
- "\\.ag$" = "whois.nic.ag";
-- "\\.ai$" = "whois.offshore.ai";
-- "\\.al$" = "whois.ripe.net";
-+ "\\.ai$" = "whois.ai";
-+ "\\.al$" = "www.ert.gov.al";
- "\\.am$" = "whois.amnic.net";
-+ "\\.edu\\.ar$" = "www.riu.edu.ar";
- "\\.ar$" = "www.nic.ar";
-+ "\\.arpa$" = "whois.iana.org";
- "\\.as$" = "whois.nic.as";
-+ "\\.asia$" = "whois.nic.asia";
- "\\.at$" = "whois.nic.at";
- "\\.asn\\.au$" = "whois.ausregistry.net.au";
- "\\.com\\.au$" = "whois.ausregistry.net.au";
-@@ -125,30 +145,40 @@ whois-servers {
- "\\.ba$" = "whois.ripe.net";
- "\\.be$" = "whois.dns.be";
- "\\.bg$" = "whois.register.bg";
-- "\\.bi$" = "www.nic.bi";
-- "\\.biz$" = "whois.neulevel.biz";
-+ "\\.bi$" = "whois.nic.bi";
-+ "\\.biz$" = "whois.biz";
- "\\.bj$" = "whois.nic.bj";
- "\\.bm$" = "rwhois.ibl.bm 4321";
-+ "\\.bo$" = "whois.nic.bo";
- "\\.br$" = "whois.nic.br";
-+ "\\.bs$" = "www.register.bs";
- "\\.bv$" = "whois.ripe.net";
-- "\\.by$" = "whois.ripe.net";
-+ "\\.by$" = "www.domain.by";
- "\\.bz$" = "whois.belizenic.bz";
-+ "\\.co\\.ca$" = "whois.co.ca";
- "\\.ca$" = "whois.cira.ca";
- "\\.cat$" = "whois.cat";
-- "\\.cc$" = "whois.nic.cc";
-+ "\\.cc$" {
-+ whois-server = "ccwhois.verisign-grs.com";
-+ query-format = "domain $*";
-+ }
- "\\.cd$" = "whois.nic.cd";
- "\\.cg$" = "www.nic.cg";
- "\\.ch$" = "whois.nic.ch";
- "\\.ci$" = "whois.nic.ci";
- "\\.ck$" = "whois.nic.ck";
- "\\.cl$" = "whois.nic.cl";
-+ "\\.co\\.cm$" = "whois.netcom.cm";
-+ "\\.com\\.cm$" = "whois.netcom.cm";
-+ "\\.net\\.cm$" = "whois.netcom.cm";
- "\\.edu\\.cn$" = "whois.edu.cn";
-- "\\.cn$" = "whois.cnnic.net.cn";
-+ "\\.cn$" = "whois.cnnic.cn";
- "\\.com$" {
- whois-server = "whois.verisign-grs.com";
- query-format = "domain $*";
- }
- "\\.coop$" = "whois.nic.coop";
-+ "\\.cu$" = "www.nic.cu";
- "\\.cx$" = "whois.nic.cx";
- "\\.cy$" = "whois.ripe.net";
- "\\.cz$" = "whois.nic.cz";
-@@ -156,12 +186,15 @@ whois-servers {
- whois-server = "whois.denic.de";
- query-format = "-C UTF-8 -T dn,ace $*";
- }
-- "\\.dk$" = "whois.dk-hostmaster.dk";
-+ "\\.dk$" {
-+ whois-server = "whois.dk-hostmaster.dk";
-+ query-format = "--show-handles $*";
-+ }
- "\\.dm$" = "whois.nic.dm";
- "\\.do$" = "whois.nic.do";
-- "\\.dz$" = "whois.ripe.net";
-+ "\\.dz$" = "www.nic.dz";
- "\\.ec$" = "www.nic.ec";
-- "\\.edu$" = "whois.educause.net";
-+ "\\.edu$" = "whois.educause.edu";
- "\\.ee$" = "whois.eenet.ee";
- "\\.eg$" = "whois.ripe.net";
- "\\.es$" = "www.nic.es";
-@@ -171,17 +204,20 @@ whois-servers {
- "\\.fm$" = "www.dot.fm";
- "\\.fo$" = "whois.ripe.net";
- "\\.fr$" = "whois.nic.fr";
-- "\\.gi$" = "www.nic.gi";
-+ "\\.gd$" = "whois.adamsnames.com";
-+ "\\.gi$" = "whois2.afilias-grs.net";
- "\\.gov$" = "whois.nic.gov";
-- "\\.gg$" = "whois.isles.net";
-+ "\\.gg$" = "whois.gg";
- "\\.gm$" = "whois.ripe.net";
- "\\.gp$" = "whois.nic.gp";
- "\\.gr$" = "whois.ripe.net";
-- "\\.gs$" = "203.119.12.22";
-+ "\\.gs$" = "whois.nic.gs";
- "\\.gt$" = "www.gt";
-- "\\.hk$" = "whois.hkdnr.net.hk";
-+ "\\.hk$" = "whois.hkirc.hk";
- "\\.hm$" = "whois.registry.hm";
-+ "\\.hn$" = "whois2.afilias-grs.net";
- "\\.hr$" = "www.dns.hr";
-+ "\\.ht$" = "whois.nic.ht";
- "\\.hu$" = "whois.nic.hu";
- "\\.id$" = "whois.idnic.net.id";
- "\\.ie$" = "whois.domainregistry.ie";
-@@ -195,69 +231,94 @@ whois-servers {
- "\\.is$" = "whois.isnic.is";
- "\\.it$" = "whois.nic.it";
- "\\.je$" = "whois.isles.net";
-+ "\\.jobs$" {
-+ whois-server = "jobswhois.verisign-grs.com";
-+ query-format = "domain $*";
-+ }
- "\\.jp$" {
- whois-server = "whois.jprs.jp";
- query-format = "$* /e";
- }
-+ "\\.ke$" = "whois.kenic.or.ke";
-+ "\\.kp$" = "whois.kcce.kp";
- "\\.kg$" = "whois.domain.kg";
-- "\\.ki$" = "whois.nic.ki";
-+ "\\.ki$" = "whois.cocca.cx";
- "\\.kr$" = "whois.krnic.net";
- "\\.kz$" = "whois.nic.kz";
- "\\.la$" = "whois.nic.la";
- "\\.lb$" = "cgi.aub.edu.lb";
-+ "\\.lc$" = "whois2.afilias-grs.net";
- "\\.li$" = "whois.nic.li";
- "\\.lk$" = "whois.nic.lk";
- "\\.lt$" = "whois.domreg.lt";
- "\\.lu$" = "whois.dns.lu";
- "\\.lv$" = "whois.nic.lv";
- "\\.ly$" = "whois.nic.ly";
-- "\\.ma$" = "whois.ripe.net";
-+ "\\.ma$" = "whois.iam.net.ma";
-+ "\\.md$" = "whois.nic.md";
-+ "\\.me$" = "whois.nic.me";
- "\\.mil$" = "whois.nic.mil";
- "\\.mk$" = "whois.ripe.net";
- "\\.mm$" = "whois.nic.mm";
-+ "\\.mn$" = "whois2.afilias-grs.net";
- "\\.mobi$" = "whois.dotmobiregistry.net";
-- "\\.ms$" = "whois.adamsnames.tc";
-- "\\.mt$" = "www.um.edu.mt";
-+ "\\.ms$" = "whois.nic.ms";
-+ "\\.mt$" = "whois.nic.org.mt";
- "\\.mu$" = "whois.nic.mu";
- "\\.museum$" = "whois.museum";
- "\\.mw$" = "www.tarsus.net";
- "\\.mx$" = "whois.nic.mx";
-- "\\.my$" = "whois.mynic.net.my";
-+ "\\.my$" = "whois.domainregistry.my";
- "\\.na$" = "whois.na-nic.com.na";
-- "\\.name$" = "whois.nic.name";
-+ "\\.name$" {
-+ whois-server = "whois.nic.name";
-+ query-format = "domain = $*";
-+ }
- "\\.net$" {
- whois-server = "whois.verisign-grs.com";
- query-format = "domain $*";
- }
-- "\\.ng$" = "whois.rg.net";
-+ "\\.nf$" = "whois.cocca.cx";
-+ "\\.ng$" = "whois.nic.net.ng";
- "\\.nl$" = "whois.domain-registry.nl";
- "\\.no$" = "whois.norid.no";
- "\\.nu$" = "whois.nic.nu";
- "\\.nz$" = "whois.srs.net.nz";
- "\\.org$" = "whois.publicinterestregistry.net";
-- "\\.pe$" = "whois.nic.pe";
-+ "\\.pa$" = "www.nic.pa";
-+ "\\.pe$" = "kero.yachay.pe";
- "\\.pk$" = "pknic.net.pk";
- "\\.pl$" = "whois.dns.pl";
- "\\.pm$" = "whois.nic.pm";
-+ "\\.pr$" = "whois.nic.pr";
- "\\.pro$" = "whois.registrypro.pro";
-+ "\\.ps$" = "www.nic.ps";
- "\\.pt$" = "whois.dns.pt";
- "\\.pw$" = "whois.nic.pw";
- "\\.re$" = "whois.nic.re";
- "\\.ro$" = "whois.rotld.ro";
-+ "\\.edu\.ru$" = "whois.informika.ru";
- "\\.ru$" = "whois.ripn.net";
- "\\.rw$" = "www.nic.rw";
- "\\.sa$" = "saudinic.net.sa";
-+ "\\.sb$" = "whois.nic.sb";
-+ "\\.sc$" = "whois2.afilias-grs.net";
- "\\.se$" = "whois.iis.se";
-- "\\.sg$" = "whois.nic.net.sg";
-+ "\\.sg$" = "whois.sgnic.sg";
- "\\.sh$" = "whois.nic.sh";
- "\\.si$" = "whois.arnes.si";
- "\\.sj$" = "whois.ripe.net";
-- "\\.sk$" = "whois.ripe.net";
-+ "\\.sk$" = "whois.sk-nic.sk";
-+ "\\.sl$" = "whois.nic.sl";
- "\\.sm$" = "whois.ripe.net";
-+ "\\.sn$" = "whois.nic.sn";
-+ "\\.so$" = "whois.nic.so";
- "\\.sr$" = "whois.register.sr";
- "\\.st$" = "whois.nic.st";
- "\\.su$" = "whois.ripn.net";
-+ "\\.sv$" = "www.svnet.org.sv";
- "\\.tc$" = "whois.adamsnames.tc";
-+ "\\.tel$" = "whois.nic.tel";
- "\\.tf$" = "whois.afnic.fr";
- "\\.tg$" = "www.nic.tg";
- "\\.th$" = "whois.thnic.net";
-@@ -268,8 +329,12 @@ whois-servers {
- "\\.tn$" = "whois.ripe.net";
- "\\.to$" = "whois.tonic.to";
- "\\.tr$" = "whois.nic.tr";
-+ "\\.travel$" = "whois.nic.travel";
- "\\.tt$" = "www.nic.tt";
-- "\\.tv$" = "whois.nic.tv";
-+ "\\.tv$" {
-+ whois-server = "tvwhois.verisign-grs.com";
-+ query-format = "domain $*";
-+ }
- "\\.tw$" = "whois.twnic.net";
- "\\.ua$" = "whois.com.ua";
- "\\.ug$" = "whois.co.ug";
-@@ -279,9 +344,12 @@ whois-servers {
- "\\.fed\\.us$" = "whois.nic.gov";
- "\\.us$" = "whois.nic.us";
- "\\.com\\.uy$" = "dns.antel.net.uy";
-- "\\.uy$" = "www.rau.edu.uy"; # is a whois server
-- "\\.uz$" = "www.noc.uz";
-+ "\\.uy$" = "whois.nic.org.uy";
-+ "\\.co\\.uz$" = "whois.reg.uz";
-+ "\\.com\\.uz$" = "whois.reg.uz";
-+ "\\.uz$" = "whois.cctld.uz";
- "\\.va$" = "whois.ripe.net";
-+ "\\.vc$" = "whois2.afilias-grs.net";
- "\\.ve$" = "whois.nic.ve";
- "\\.vi$" = "www.nic.vi";
- "\\.vg$" = "whois.adamsnames.tc";
-@@ -289,12 +357,15 @@ whois-servers {
- "\\.vu$" = "www.vunic.vu";
- "\\.wf$" = "whois.nic.wf";
- "\\.ws$" = "whois.worldsite.ws";
-+ "\\.xn--mgbaam7a8h$" = "whois.aeda.net.ae";
- "\\.yt$" = "whois.nic.yt";
-- "\\.yu$" = "whois.ripe.net";
-+ "\\.yu$" = "www.nic.yu";
- "\\.ac\\.za$" = "whois.ac.za";
- "\\.org\\.za$" = "rwhois.org.za 4321";
- "\\.co\\.za$" = "whois.co.za";
-+ "\\.nom\\.za$" = "www.nom.za";
- # "\\.za$" = "whois.frd.ac.za";
-+ "\\.co\\.zw$" = "www.zispa.co.zw";
-
- #
- # Specify different port numbers to connect to by postfixing the IP
-@@ -311,6 +382,16 @@ whois-servers {
- }
-
- #
-+# enum-blocks
-+#
-+enum-blocks {
-+ type = regex;
-+
-+ "\\.9\\.4\\.e164\\.arpa$" = "whois.enum.denic.de";
-+ "\\.1\\.6\\.e164\\.arpa$" = "whois-check.enum.com.au";
-+}
-+
-+#
- # cidr-blocks contains a list of all known CIDR blocks assigned to
- # RIPE or APNIC. Default all queries to ARIN which has most other blocks.
- #
-@@ -580,7 +661,7 @@ cidr-blocks {
- cidr6-blocks {
- type = cidr6;
-
-- "2001:0000::/23" = "whois.iana.org";
-+ "2001:0000::/23" = "whois.iana.org"; # correct, but nothing usable is returned
- "2001:0200::/23" = "whois.apnic.net";
- "2001:0400::/23" = "whois.arin.net";
- "2001:0600::/23" = "whois.ripe.net";
-@@ -593,13 +674,13 @@ cidr6-blocks {
- "2001:1600::/23" = "whois.ripe.net";
- "2001:1800::/23" = "whois.arin.net";
- "2001:1A00::/23" = "whois.ripe.net";
-- "2001:1C00::/23" = "whois.ripe.net";
-- "2001:1E00::/23" = "whois.ripe.net";
-+ "2001:1C00::/22" = "whois.ripe.net";
- "2001:2000::/20" = "whois.ripe.net";
- "2001:3000::/21" = "whois.ripe.net";
- "2001:3800::/22" = "whois.ripe.net";
-+ "2001:3C00::/22" = "whois.arin.net"; # not correct, but shows better information
- "2001:4000::/23" = "whois.ripe.net";
-- "2001:4200::/23" = "whois.arin.net";
-+ "2001:4200::/23" = "whois.afrinic.net";
- "2001:4400::/23" = "whois.apnic.net";
- "2001:4600::/23" = "whois.ripe.net";
- "2001:4800::/23" = "whois.arin.net";
-@@ -610,23 +691,47 @@ cidr6-blocks {
- "2001:A000::/20" = "whois.apnic.net";
- "2001:B000::/20" = "whois.apnic.net";
-
-+ "2002:0000::/16" = "whois.arin.net"; # not correct, but shows better information
-+
- "2003:0000::/18" = "whois.ripe.net";
-
-- "2400:0000::/19" = "whois.apnic.net";
-- "2400:2000::/19" = "whois.apnic.net";
-- "2400:4000::/21" = "whois.apnic.net";
-- "2404:0000::/23" = "whois.apnic.net";
--
-- "2600:0000::/22" = "whois.arin.net";
-- "2604:0000::/22" = "whois.arin.net";
-- "2608:0000::/22" = "whois.arin.net";
-- "260C:0000::/22" = "whois.arin.net";
-+ "2400:0000::/12" = "whois.apnic.net";
-+
-+ "2600:0000::/12" = "whois.arin.net";
- "2610:0000::/23" = "whois.arin.net";
-+ "2620:0000::/23" = "whois.arin.net";
-+
-+ "2800:0000::/12" = "whois.lacnic.net";
-
-- "2800:0000::/23" = "whois.lacnic.net";
-+ "2C00:0000::/12" = "whois.afrinic.net";
-
-- "2A00:0000::/21" = "whois.ripe.net";
-- "2A01:0000::/16" = "whois.ripe.net";
-+ #
-+ # IPv6 blocks by carriers used for SixXS;
-+ # see e.g. http://www.sixxs.net/pops/
-+ #
-+ "2001:0610::/32" = "whois.sixxs.net";
-+ "2001:06A0::/32" = "whois.sixxs.net";
-+ "2001:06A8::/32" = "whois.sixxs.net";
-+ "2001:06F8::/32" = "whois.sixxs.net";
-+ "2001:0770::/32" = "whois.sixxs.net";
-+ "2001:07B8::/32" = "whois.sixxs.net";
-+ "2001:0808::/32" = "whois.sixxs.net";
-+ "2001:0838::/32" = "whois.sixxs.net";
-+ "2001:0960::/32" = "whois.sixxs.net";
-+ "2001:0A60::/32" = "whois.sixxs.net";
-+ "2001:0AD0::/32" = "whois.sixxs.net";
-+ "2001:0B18::/32" = "whois.sixxs.net";
-+ "2001:1418::/32" = "whois.sixxs.net";
-+ "2001:14B8::/32" = "whois.sixxs.net";
-+ "2001:15C0::/32" = "whois.sixxs.net";
-+ "2001:16D8::/32" = "whois.sixxs.net";
-+ "2001:1938::/32" = "whois.sixxs.net";
-+ "2001:4830::/32" = "whois.sixxs.net";
-+ "2001:4978::/32" = "whois.sixxs.net";
-+ "2001:41E0::/32" = "whois.sixxs.net";
-+ "2001:4428::/32" = "whois.sixxs.net";
-+ "2A01:0198::/32" = "whois.sixxs.net";
-+ "2A01:0348::/32" = "whois.sixxs.net";
-
- #
- # Experimental IPv6 network 6bone (RFC2471)
-@@ -662,7 +767,7 @@ handles {
- ".*-NICAT$" = "whois.nic.at";
- ".*-CZ$" = "whois.nic.cz";
- ".*-NICIR$" = "whois.nic.ir";
-- ".*-UYNIC$" = "www.rau.edu.uy";
-+ ".*-UYNIC$" = "whois.nic.org.uy";
- ".*-ITNIC$" = "whois.nic.it";
- ".*-FRNIC$" = "whois.nic.fr";
- ".*-LACNIC$" = "whois.lacnic.net";
-@@ -671,6 +776,49 @@ handles {
- whois-server = "saudinic.net.sa";
- query-format = "PERSON $*";
- }
-+ ".*-SIXXS$" = "whois.sixxs.net";
-+ ".*-6BONE$" = "whois.6bone.net";
-+ ".*-IRNIC$" = "whois.nic.ir";
-+ ".*-RIPN$" = "whois.ripn.net";
-+ ".*-AFRINIC$" = "whois.afrinic.net";
-+ "^C[0-9]+-LRMS$" {
-+ whois-server = "whois.afilias.info";
-+ query-format = "CONTACT ID $*";
-+ }
-+ "^D[0-9]+-LRMS$" {
-+ whois-server = "whois.afilias.info";
-+ query-format = "DOMAIN ID $*";
-+ }
-+ "^H[0-9]+-LRMS$" {
-+ whois-server = "whois.afilias.info";
-+ query-format = "HOST ID $*";
-+ }
-+ "^R[0-9]+-LRMS$" {
-+ whois-server = "whois.afilias.info";
-+ query-format = "REGISTRAR ID $*";
-+ }
-+ ".*-KENIC$" = "whois.kenic.or.ke";
-+ ".*-UANIC$" = "whois.com.ua";
-+ ".*-COOP$" {
-+ whois-server = "whois.nic.coop";
-+ query-format = "CONTACT $*";
-+ }
-+ ".*CONTACT-NAME$" {
-+ whois-server = "whois.nic.name";
-+ query-format = "contact = $*";
-+ }
-+ ".*REGISTRAR-NAME$" {
-+ whois-server = "whois.nic.name";
-+ query-format = "registrar = $*";
-+ }
-+ "^C[0-9]+-AERO$" {
-+ whois-server = "whois.aero";
-+ query-format = "CONTACT ID $*";
-+ }
-+ "^D[0-9]+-AERO$" {
-+ whois-server = "whois.aero";
-+ query-format = "DOMAIN ID $*";
-+ }
- }
-
- #
-@@ -678,11 +826,6 @@ handles {
- # each host.
- #
- server-options {
-- "rwhois\\.nic\\.ve" {
-- rwhois = true;
-- rwhois-display = "dump";
-- rwhois-limit = 10;
-- }
- "rwhois\\.exodus\\.net" {
- rwhois = true;
- }
-@@ -754,13 +897,6 @@ server-options {
- form-element = "name";
- }
-
-- "www\\.um\\.edu\\.mt" {
-- http = "true";
-- http-method = "GET";
-- http-action = "/cgi-bin/nic/whois";
-- form-element = "domain";
-- }
--
- "www\\.gt" {
- http = "true";
- http-method = "GET";
-@@ -777,13 +913,6 @@ server-options {
- query-format = "Upit=${+2}"; # All but last domain segment
- }
-
-- "whois\\.offshore\\.ai" {
-- http = "true";
-- http-method = "POST";
-- http-action = "/cgi-bin/whois.pl";
-- form-element = "domain-name";
-- }
--
- "www\\.io\\.io" {
- http = "true";
- http-method = "GET";
-@@ -813,11 +942,12 @@ server-options {
- form-element = "query";
- }
-
-- "www\\.nic\\.bi" {
-- http = "true";
-- http-method = "POST";
-- http-action = "/cgi-bin/whoisbi.pl"; # Formatting problems in Lynx
-- form-element = "DOMAINWHOIS";
-+ "whois\\.nic\\.bi" {
-+ http = "true"; # I can't connect on port 43
-+ http-method = "GET";
-+ http-action = "/register/whois.hei";
-+ form-element = "query";
-+ form-extra = "type=domain";
- }
-
- "www\\.nic\\.cg" {
-@@ -848,13 +978,6 @@ server-options {
- form-element = "name";
- }
-
-- "www\\.noc\\.uz" {
-- http = "true";
-- http-method = "POST";
-- http-action = "/whois.php4";
-- form-element = "dname";
-- }
--
- "www\\.nic\\.vi" {
- http = "true";
- http-method = "POST";
-@@ -878,9 +1001,9 @@ server-options {
-
- "www\\.nic\\.tg" {
- http = "true";
-- http-method = "GET";
-- http-action = "/moteur/info_dom.php";
-- form-element = "domaine";
-+ http-method = "POST";
-+ http-action = "/nictg/indexplus.php?pg=verifdom&op=whois";
-+ query-format = "tosearch=${+2}&typedom=.tg";
- }
-
- "cgi\\.aub\\.edu\\.lb" {
-@@ -910,33 +1033,152 @@ server-options {
- form-element = "nombre";
- }
-
-- "www\\.denic\\.de" {
-- http = "true";
-- http-method = "POST";
-- http-action = "/en/whois/data.jsp";
-- form-element = "domainname";
-- form-extra = "service=WhoisData&lang=en&submit=Accept";
-- }
- "whois\\.denic\\.de" {
- whois-server = "whois.denic.de";
- query-format = "-C UTF-8 -T dn,ace $*";
- answer-charset = "UTF-8";
- }
-+
-+ "whois\\.enum\\.denic\\.de" {
-+ whois-server = "whois.enum.denic.de";
-+ query-format = "-C UTF-8 -T dn $*";
-+ answer-charset = "UTF-8";
-+ }
-+
- "whois\\.nic\\.ad\\.jp" {
- query-format = "$*/e";
- }
-+
- "whois\\.nic\\.ch" {
- answer-charset = "UTF-8";
- }
-+
- "whois\\.nic\\.li" {
- answer-charset = "UTF-8";
- }
-+
- "whois\\.centralnic\\.*" {
- whois-redirect = ".*Whois Server: \\(.*\\)";
- }
-+
- ".*\\.verisign-grs\\.com" {
- whois-redirect = ".*Whois Server: \\(.*\\)";
- }
-+
-+ "whois\\.sixxs\\.net" {
-+ whois-redirect = ".*ReferralServer: whois:\/\/\\(.*\\)";
-+ }
-+
-+ "whois2\\.afilias-grs\\.net" {
-+ whois-redirect = "Whois Server:\\(.*\\)";
-+ }
-+
-+ "whois\\.registrar\\.telekom\\.de" {
-+ query-format = "full $*";
-+ }
-+
-+ "whois\\.rrpproxy\\.net" {
-+ answer-charset = "UTF-8";
-+ }
-+
-+ "www\\.nom\\.za" {
-+ http = "true";
-+ http-method = "POST";
-+ http-action = "/do.php";
-+ query-format = "chkDomain=${+3}&chkAvail=Check";
-+ }
-+
-+ "www\\.nic\\.pa" {
-+ http = "true";
-+ http-method = "GET";
-+ http-action = "/egh/whois.php";
-+ form-element = "nombre_d";
-+ }
-+
-+ "www\\.nic\\.dz" {
-+ http = "true";
-+ http-method = "POST";
-+ http-action = "/index.php?option=com_content&task=view&id=37&Itemid=51";
-+ form-element = "domain_name";
-+ }
-+
-+ "www\\.nic\\.yu" {
-+ http = "true";
-+ http-method = "GET";
-+ http-action = "/cgi-bin/checkavail.cgi";
-+ form-element = "domain";
-+ }
-+
-+ "whois\\.dotster\\.com" {
-+ answer-charset = "UTF-8";
-+ }
-+
-+ "www\\.ert\\.gov\\.al" {
-+ http = "true";
-+ http-method = "POST";
-+ http-action = "/ert_eng/domain_res.html";
-+ query-format = "Domain=${+2}";
-+ }
-+
-+ "www\\.nic\\.cu" {
-+ http = "true";
-+ http-method = "GET";
-+ http-action = "/dom_det.php";
-+ form-element = "domsrch";
-+ }
-+
-+ "www\\.nic\\.ps" {
-+ http = "true";
-+ http-method = "GET";
-+ http-action = "/whois/domain_whois.php";
-+ form-element = "dname";
-+ }
-+
-+ "www\\.svnet\\.org\\.sv" {
-+ http = "true";
-+ http-method = "POST";
-+ http-action = "/registro/consultas/whois.php";
-+ form-element = "subdominio";
-+ }
-+
-+ "www\\.zispa\\.co\\.zw" {
-+ http = "true";
-+ http-method = "GET";
-+ http-action = "/cgi-bin/search";
-+ form-element = "domain";
-+ }
-+
-+ "www\\.riu\\.edu\\.ar" {
-+ http = "true";
-+ http-method = "POST";
-+ http-action = "/cgi-bin/verdom.pl.nuevo";
-+ query-format = "username=${+3}";
-+ }
-+
-+ "www\\.register\\.bs" {
-+ http = "true";
-+ http-method = "POST";
-+ http-action = "/cgi-bin/search.pl";
-+ form-element = "name";
-+ }
-+
-+ "www\\.domain\\.by" {
-+ http = "true";
-+ http-method = "POST";
-+ http-action = "/cgi-bin/registry.cgi";
-+ query-format = "domain=${+2}&lang=e&mode=slquest";
-+ }
-+
-+ "www\\.nic\\.ac" {
-+ http = "true";
-+ http-method = "GET";
-+ http-action = "/cgi-bin/whois";
-+ form-element = "textfield";
-+ }
-+
-+ "whois\\.1api\\.net" {
-+ answer-charset = "UTF-8";
-+ }
- }
-
- #
diff --git a/src/patches/jwhois-4.0-conf_update2.patch \
b/src/patches/jwhois-4.0-conf_update2.patch deleted file mode 100644
index 72dd300ff..000000000
--- a/src/patches/jwhois-4.0-conf_update2.patch
+++ /dev/null
@@ -1,163 +0,0 @@
-Patch by Robert Scheck <robert@fedoraproject.org> for jwhois >= 4.0, which adds \
various new
-IDN top-level-domains, updates some whois servers of ccTLDs and corrects the answer \
charset
-setting for some whois servers, too.
-
---- jwhois-4.0/example/jwhois.conf 2011-05-22 20:36:19.000000000 +0200
-+++ jwhois-4.0/example/jwhois.conf.conf_update2 2011-05-22 23:46:21.000000000 +0200
-@@ -122,7 +122,6 @@
- "\\.ac\\.ae$" = "whois.aeda.net.ae";
- "\\.mil\\.ae$" = "whois.aeda.net.ae";
- "\\.gov\\.ae$" = "whois.aeda.net.ae";
-- "\\.1\\.7\\.9\\.e164\\.arpa$" = "whois.aeda.net.ae";
- "\\.aero$" = "whois.aero";
- "\\.af$" = "whois.cocca.cx";
- "\\.ag$" = "whois.nic.ag";
-@@ -192,7 +191,7 @@
- }
- "\\.dm$" = "whois.nic.dm";
- "\\.do$" = "whois.nic.do";
-- "\\.dz$" = "www.nic.dz";
-+ "\\.dz$" = "whois.nic.dz";
- "\\.ec$" = "www.nic.ec";
- "\\.edu$" = "whois.educause.edu";
- "\\.ee$" = "whois.eenet.ee";
-@@ -243,7 +242,7 @@
- "\\.kp$" = "whois.kcce.kp";
- "\\.kg$" = "whois.domain.kg";
- "\\.ki$" = "whois.cocca.cx";
-- "\\.kr$" = "whois.krnic.net";
-+ "\\.kr$" = "whois.kr";
- "\\.kz$" = "whois.nic.kz";
- "\\.la$" = "whois.nic.la";
- "\\.lb$" = "cgi.aub.edu.lb";
-@@ -292,13 +291,14 @@
- "\\.pm$" = "whois.nic.pm";
- "\\.pr$" = "whois.nic.pr";
- "\\.pro$" = "whois.registrypro.pro";
-- "\\.ps$" = "www.nic.ps";
-+ "\\.ps$" = "whois.pnina.ps";
- "\\.pt$" = "whois.dns.pt";
- "\\.pw$" = "whois.nic.pw";
- "\\.re$" = "whois.nic.re";
- "\\.ro$" = "whois.rotld.ro";
-+ "\\.rs$" = "whois.rnids.rs";
- "\\.edu\.ru$" = "whois.informika.ru";
-- "\\.ru$" = "whois.ripn.net";
-+ "\\.ru$" = "whois.tcinet.ru";
- "\\.rw$" = "www.nic.rw";
- "\\.sa$" = "saudinic.net.sa";
- "\\.sb$" = "whois.nic.sb";
-@@ -317,6 +317,7 @@
- "\\.st$" = "whois.nic.st";
- "\\.su$" = "whois.ripn.net";
- "\\.sv$" = "www.svnet.org.sv";
-+ "\\.sy$" = "whois.tld.sy";
- "\\.tc$" = "whois.adamsnames.tc";
- "\\.tel$" = "whois.nic.tel";
- "\\.tf$" = "whois.afnic.fr";
-@@ -335,7 +336,7 @@
- whois-server = "tvwhois.verisign-grs.com";
- query-format = "domain $*";
- }
-- "\\.tw$" = "whois.twnic.net";
-+ "\\.tw$" = "whois.twnic.net.tw";
- "\\.ua$" = "whois.com.ua";
- "\\.ug$" = "whois.co.ug";
- "\\.ac\\.uk$" = "whois.ja.net";
-@@ -357,9 +358,25 @@
- "\\.vu$" = "www.vunic.vu";
- "\\.wf$" = "whois.nic.wf";
- "\\.ws$" = "whois.worldsite.ws";
-+ "\\.xn--3e0b707e$" = "whois.kr";
-+ "\\.xn--90a3ac$" = "whois.rnids.rs";
-+ "\\.xn--clchc0ea0b2g2a9gcd$" = "whois.sgnic.sg";
-+ "\\.xn--fiqs8s$" = "cwhois.cnnic.cn";
-+ "\\.xn--fiqz9s$" = "cwhois.cnnic.cn";
-+ "\\.xn--fzc2c9e2c$" = "whois.nic.lk";
-+ "\\.xn--j6w193g$" = "whois.hkirc.hk";
-+ "\\.xn--kprw13d$" = "whois.twnic.net.tw";
-+ "\\.xn--kpry57d$" = "whois.twnic.net.tw";
-+ "\\.xn--lgbbat1ad8j$" = "whois.nic.dz";
- "\\.xn--mgbaam7a8h$" = "whois.aeda.net.ae";
-+ "\\.xn--mgberp4a5d4ar$" = "whois.nic.net.sa";
-+ "\\.xn--o3cw4h$" = "whois.thnic.co.th";
-+ "\\.xn--ogbpf8fl$" = "whois.tld.sy";
-+ "\\.xn--p1ai$" = "whois.tcinet.ru";
-+ "\\.xn--xkc2al3hye2a$" = "whois.nic.lk";
-+ "\\.xn--yfro4i67o$" = "whois.sgnic.sg";
-+ "\\.xn--ygbi2ammx$" = "whois.pnina.ps";
- "\\.yt$" = "whois.nic.yt";
-- "\\.yu$" = "www.nic.yu";
- "\\.ac\\.za$" = "whois.ac.za";
- "\\.org\\.za$" = "rwhois.org.za 4321";
- "\\.co\\.za$" = "whois.co.za";
-@@ -389,6 +406,7 @@
-
- "\\.9\\.4\\.e164\\.arpa$" = "whois.enum.denic.de";
- "\\.1\\.6\\.e164\\.arpa$" = "whois-check.enum.com.au";
-+ "\\.1\\.7\\.9\\.e164\\.arpa$" = "whois.aeda.net.ae";
- }
-
- #
-@@ -1095,20 +1113,6 @@
- form-element = "nombre_d";
- }
-
-- "www\\.nic\\.dz" {
-- http = "true";
-- http-method = "POST";
-- http-action = "/index.php?option=com_content&task=view&id=37&Itemid=51";
-- form-element = "domain_name";
-- }
--
-- "www\\.nic\\.yu" {
-- http = "true";
-- http-method = "GET";
-- http-action = "/cgi-bin/checkavail.cgi";
-- form-element = "domain";
-- }
--
- "whois\\.dotster\\.com" {
- answer-charset = "UTF-8";
- }
-@@ -1127,13 +1131,6 @@
- form-element = "domsrch";
- }
-
-- "www\\.nic\\.ps" {
-- http = "true";
-- http-method = "GET";
-- http-action = "/whois/domain_whois.php";
-- form-element = "dname";
-- }
--
- "www\\.svnet\\.org\\.sv" {
- http = "true";
- http-method = "POST";
-@@ -1179,6 +1176,26 @@
- "whois\\.1api\\.net" {
- answer-charset = "UTF-8";
- }
-+
-+ "whois\\.kr" {
-+ answer-charset = "EUC-KR";
-+ }
-+
-+ "whois\\.nic\\.or\\.kr" {
-+ answer-charset = "EUC-KR";
-+ }
-+
-+ "whois\\.nic\\.dz" {
-+ answer-charset = "UTF-8";
-+ }
-+
-+ "whois\\.nic\\.lk" {
-+ answer-charset = "ISO-8859-11";
-+ }
-+
-+ "whois\\.iana\\.org" {
-+ answer-charset = "UTF-8";
-+ }
- }
-
- #
diff --git a/src/patches/jwhois-4.0-connect.patch \
b/src/patches/jwhois-4.0-connect.patch deleted file mode 100644
index 2a639d779..000000000
--- a/src/patches/jwhois-4.0-connect.patch
+++ /dev/null
@@ -1,58 +0,0 @@
-This fixes somewhat reversed logic of trying to connect to WHOIS server.
-Tue Nov 20 2007, Lubomir Kundrak <lkundrak@redhat.com>
-
---- jwhois-4.0/src/utils.c.connect 2007-06-26 09:00:20.000000000 +0200
-+++ jwhois-4.0/src/utils.c 2007-11-20 17:05:33.000000000 +0100
-@@ -247,7 +247,7 @@ make_connect(const char *host, int port)
- {
- return -1;
- }
-- while (res)
-+ for (; res; res = res->ai_next)
- {
- sa = res->ai_addr;
- sockfd = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
-@@ -266,15 +266,15 @@ make_connect(const char *host, int port)
- flags = fcntl(sockfd, F_GETFL, 0);
- if (fcntl(sockfd, F_SETFL, flags|O_NONBLOCK) == -1)
- {
-+ close (sockfd);
- return -1;
- }
-
--
- error = connect(sockfd, res->ai_addr, res->ai_addrlen);
--
- if (error < 0 && errno != EINPROGRESS)
- {
-- break;
-+ close (sockfd);
-+ continue;
- }
-
- FD_ZERO(&fdset);
-@@ -283,18 +283,20 @@ make_connect(const char *host, int port)
- error = select(FD_SETSIZE, NULL, &fdset, NULL, &timeout);
- if (error == 0)
- {
-- break;
-+ close (sockfd);
-+ return -1;
- }
-
- retlen = sizeof(retval);
- error = getsockopt(sockfd, SOL_SOCKET, SO_ERROR, &retval, &retlen);
- if (error < 0 || retval)
- {
-- break;
-+ close (sockfd);
-+ return -1;
- }
-- res = res->ai_next;
-+
-+ break;
- }
-- if (error < 0 || retval) return -1;
- #endif
-
- return sockfd;
diff --git a/src/patches/jwhois-4.0-fclose.patch \
b/src/patches/jwhois-4.0-fclose.patch deleted file mode 100644
index e9c896f68..000000000
--- a/src/patches/jwhois-4.0-fclose.patch
+++ /dev/null
@@ -1,12 +0,0 @@
-diff -up jwhois-4.0/src/init.c_old jwhois-4.0/src/init.c
---- jwhois-4.0/src/init.c_old 2007-06-26 08:59:17.000000000 +0200
-+++ jwhois-4.0/src/init.c 2009-01-27 15:49:35.000000000 +0100
-@@ -283,6 +283,8 @@ parse_args(int *argc, char ***argv)
- if (in)
- jconfig_parse_file(in);
-
-+ fclose(in);
-+
- if (verbose>1)
- {
- printf("[Debug: Cache = %s]\n", cache?"On":"Off");
diff --git a/src/patches/jwhois-4.0-idna.patch b/src/patches/jwhois-4.0-idna.patch
deleted file mode 100644
index ff13a4f71..000000000
--- a/src/patches/jwhois-4.0-idna.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-diff -up jwhois-4.0/src/jwhois.c.orig jwhois-4.0/src/jwhois.c
---- jwhois-4.0/src/jwhois.c.orig 2007-06-26 08:59:35.000000000 +0200
-+++ jwhois-4.0/src/jwhois.c 2011-05-24 12:29:37.398892451 +0200
-@@ -98,7 +98,7 @@ main(int argc, char **argv)
-
- /* Parse remaining arguments and place them into the wq
- structure. */
-- while (optind < argc)
-+ while (optind < argc-1)
- {
- count += strlen(argv[optind])+1;
- if (!qstring)
-@@ -116,19 +116,25 @@ main(int argc, char **argv)
- strcat(qstring, " ");
- optind++;
- }
-- qstring[strlen(qstring)-1] = '\0';
- #ifdef LIBIDN
-- rc = idna_to_ascii_lz(qstring, &idn, 0);
-+ rc = idna_to_ascii_lz(argv[optind], &idn, 0);
- if (rc != IDNA_SUCCESS)
- {
-- printf("[IDN encoding of '%s' failed with error code %d]\n", qstring, rc);
-+ printf("[IDN encoding of '%s' failed with error code %d]\n", argv[optind], \
rc);
- exit(1);
- }
-- wq.query = strdup(idn);
-+ qstring = realloc(qstring, count+strlen(idn)+1);
-+ memcpy(qstring+count,
-+ idn,
-+ strlen(idn)+1);
- free(idn);
- #else
-- wq.query = qstring;
-+ qstring = realloc(qstring, count+strlen(argv[optind])+1);
-+ memcpy(qstring+count,
-+ argv[optind],
-+ strlen(argv[optind])+1);
- #endif
-+ wq.query = qstring;
-
- if (ghost)
- {
diff --git a/src/patches/jwhois-4.0-ipv6match.patch \
b/src/patches/jwhois-4.0-ipv6match.patch deleted file mode 100644
index 0e5ad0e9a..000000000
--- a/src/patches/jwhois-4.0-ipv6match.patch
+++ /dev/null
@@ -1,15 +0,0 @@
-When IPv6 address mask did not end on an octed boundary, the the opposite
-part of last byte of host address was taken into account when a match was
-attempted. -- Lubomir Kundrak <lkundrak@redhat.com>
-
---- jwhois-4.0/src/lookup.c.ipv6-match 2007-12-04 17:09:57.000000000 +0100
-+++ jwhois-4.0/src/lookup.c 2007-12-04 17:10:20.000000000 +0100
-@@ -149,7 +149,7 @@ static int ipv6_address_is_in_network(co
- }
- /* i == bits / 8 */
- if (bits % 8 != 0
-- && (addr->s6_addr[i] & (0xFFu << (bits % 8))) != net->s6_addr[i])
-+ && (addr->s6_addr[i] & (0xFFu << 8-(bits % 8))) != net->s6_addr[i])
- return 0;
- return 1;
- }
diff --git a/src/patches/jwhois-4.0-multi-homed.patch \
b/src/patches/jwhois-4.0-multi-homed.patch deleted file mode 100644
index 05d6f46af..000000000
--- a/src/patches/jwhois-4.0-multi-homed.patch
+++ /dev/null
@@ -1,15 +0,0 @@
-diff -up jwhois-4.0/src/utils.c.orig jwhois-4.0/src/utils.c
---- jwhois-4.0/src/utils.c.orig 2010-09-29 16:19:24.453608330 +0200
-+++ jwhois-4.0/src/utils.c 2010-09-29 16:20:10.686608189 +0200
-@@ -292,7 +292,10 @@ make_connect(const char *host, int port)
- if (error < 0 || retval)
- {
- close (sockfd);
-- return -1;
-+ if (retval == ENETUNREACH)
-+ continue;
-+ else
-+ return -1;
- }
-
- break;
diff --git a/src/patches/jwhois-4.0-select.patch \
b/src/patches/jwhois-4.0-select.patch deleted file mode 100644
index b60ec9692..000000000
--- a/src/patches/jwhois-4.0-select.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-diff -ur jwhois-4.0.old/src/whois.c jwhois-4.0/src/whois.c
---- jwhois-4.0.old/src/whois.c 2007-06-26 03:00:29.000000000 -0400
-+++ jwhois-4.0/src/whois.c 2009-04-29 11:42:56.000000000 -0400
-@@ -115,6 +115,7 @@
- unsigned int count, start_count;
- int ret;
- char data[MAXBUFSIZE];
-+ fd_set rfds;
-
- count = 0;
-
-@@ -124,7 +125,15 @@
-
- do
- {
-+ FD_ZERO(&rfds);
-+ FD_SET(fd, &rfds);
-+ ret = select(fd + 1, &rfds, NULL, NULL, NULL);
-+
-+ if (ret <= 0)
-+ return -1;
-+
- ret = read(fd, data, MAXBUFSIZE-1);
-+
- if (ret >= 0)
- {
- count += ret;
diff --git a/src/patches/suricata-5.0-stream-tcp-Handle-retransmitted-SYN-with-TSval.patch \
b/src/patches/suricata-5.0-stream-tcp-Handle-retransmitted-SYN-with-TSval.patch new \
file mode 100644 index 000000000..fcea77cfa
--- /dev/null
+++ b/src/patches/suricata-5.0-stream-tcp-Handle-retransmitted-SYN-with-TSval.patch
@@ -0,0 +1,55 @@
+From 511648b3d7a4b5a5b4d55b92dffd63fcb23903a0 Mon Sep 17 00:00:00 2001
+From: Michael Tremer <michael.tremer@ipfire.org>
+Date: Fri, 19 Nov 2021 17:17:47 +0000
+Subject: [PATCH] stream: tcp: Handle retransmitted SYN with TSval
+
+For connections that use TCP timestamps for which the first SYN packet
+does not reach the server, any replies to retransmitted SYNs will be
+tropped.
+
+This is happening in StateSynSentValidateTimestamp, where the timestamp
+value in a SYN-ACK packet must match the one from the SYN packet.
+However, since the server never received the first SYN packet, it will
+respond with an updated timestamp from any of the following SYN packets.
+
+The timestamp value inside suricata is not being updated at any time
+which should happen. This patch fixes that problem.
+
+This problem was introduced in 9f0294fadca3dcc18c919424242a41e01f3e8318.
+
+Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
+---
+ src/stream-tcp.c | 17 +++++++++++++++++
+ 1 file changed, 17 insertions(+)
+
+diff --git a/src/stream-tcp.c b/src/stream-tcp.c
+index 1cff19fa5..af681760b 100644
+--- a/src/stream-tcp.c
++++ b/src/stream-tcp.c
+@@ -1643,6 +1643,23 @@ static int StreamTcpPacketStateSynSent(ThreadVars *tv, Packet \
*p, + "ssn->client.last_ack %"PRIu32"", ssn,
+ ssn->client.isn, ssn->client.next_seq,
+ ssn->client.last_ack);
++ } else if (PKT_IS_TOSERVER(p)) {
++ /*
++ * On retransmitted SYN packets, the timestamp value must be updated,
++ * to avoid dropping any SYN+ACK packets that respond to a retransmitted SYN
++ * with an updated timestamp in StateSynSentValidateTimestamp.
++ */
++ if ((ssn->client.flags & STREAMTCP_STREAM_FLAG_TIMESTAMP) && \
TCP_HAS_TS(p)) { ++ uint32_t ts_val = TCP_GET_TSVAL(p);
++
++ // Check whether packets have been received in the correct order \
(only ever update) ++ if (ssn->client.last_ts < ts_val) {
++ ssn->client.last_ts = ts_val;
++ ssn->client.last_pkt_ts = p->ts.tv_sec;
++ }
++
++ SCLogDebug("ssn %p: Retransmitted SYN. Updated timestamp from \
packet %"PRIu64, ssn, p->pcap_cnt); ++ }
+ }
+
+ /** \todo check if it's correct or set event */
+--
+2.30.2
+
hooks/post-receive
--
IPFire 2.x development tree
_______________________________________________
IPFire-SCM mailing list
IPFire-SCM@lists.ipfire.org
https://lists.ipfire.org/mailman/listinfo/ipfire-scm
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic