Menu
▾
▴
astlinux-commits — Commits to the AstLinux SVN repository
You can subscribe to this list here.
| 2006 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
(6) |
Jul
(14) |
Aug
(156) |
Sep
(35) |
Oct
(48) |
Nov
(55) |
Dec
(16) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2007 |
Jan
(24) |
Feb
(154) |
Mar
(139) |
Apr
(175) |
May
(87) |
Jun
(34) |
Jul
(42) |
Aug
(68) |
Sep
(41) |
Oct
(76) |
Nov
(77) |
Dec
(50) |
| 2008 |
Jan
(98) |
Feb
(43) |
Mar
(102) |
Apr
(27) |
May
(55) |
Jun
(13) |
Jul
(58) |
Aug
(62) |
Sep
(61) |
Oct
(43) |
Nov
(87) |
Dec
(134) |
| 2009 |
Jan
(175) |
Feb
(106) |
Mar
(58) |
Apr
(41) |
May
(74) |
Jun
(123) |
Jul
(252) |
Aug
(192) |
Sep
(69) |
Oct
(38) |
Nov
(117) |
Dec
(95) |
| 2010 |
Jan
(146) |
Feb
(76) |
Mar
(90) |
Apr
(60) |
May
(23) |
Jun
(19) |
Jul
(208) |
Aug
(140) |
Sep
(103) |
Oct
(114) |
Nov
(50) |
Dec
(47) |
| 2011 |
Jan
(59) |
Feb
(47) |
Mar
(61) |
Apr
(58) |
May
(41) |
Jun
(11) |
Jul
(17) |
Aug
(49) |
Sep
(34) |
Oct
(166) |
Nov
(38) |
Dec
(70) |
| 2012 |
Jan
(87) |
Feb
(37) |
Mar
(28) |
Apr
(25) |
May
(29) |
Jun
(30) |
Jul
(43) |
Aug
(27) |
Sep
(46) |
Oct
(27) |
Nov
(51) |
Dec
(70) |
| 2013 |
Jan
(92) |
Feb
(34) |
Mar
(58) |
Apr
(37) |
May
(46) |
Jun
(9) |
Jul
(38) |
Aug
(22) |
Sep
(28) |
Oct
(42) |
Nov
(44) |
Dec
(34) |
| 2014 |
Jan
(63) |
Feb
(39) |
Mar
(48) |
Apr
(31) |
May
(21) |
Jun
(43) |
Jul
(36) |
Aug
(69) |
Sep
(53) |
Oct
(56) |
Nov
(46) |
Dec
(49) |
| 2015 |
Jan
(63) |
Feb
(35) |
Mar
(30) |
Apr
(38) |
May
(27) |
Jun
(42) |
Jul
(42) |
Aug
(63) |
Sep
(18) |
Oct
(45) |
Nov
(65) |
Dec
(71) |
| 2016 |
Jan
(54) |
Feb
(79) |
Mar
(59) |
Apr
(38) |
May
(32) |
Jun
(46) |
Jul
(42) |
Aug
(30) |
Sep
(58) |
Oct
(33) |
Nov
(98) |
Dec
(59) |
| 2017 |
Jan
(79) |
Feb
(12) |
Mar
(43) |
Apr
(32) |
May
(76) |
Jun
(59) |
Jul
(44) |
Aug
(14) |
Sep
|
Oct
|
Nov
|
Dec
|
|
From: <abe...@us...> - 2016-06-15 13:04:05
|
Revision: 7720
http://sourceforge.net/p/astlinux/code/7720
Author: abelbeck
Date: 2016-06-15 13:04:02 +0000 (Wed, 15 Jun 2016)
Log Message:
-----------
pcre, version bump to 8.39, security fixes:
CVE-2016-1283 - Heap Buffer Overflow Vulnerability.
CVE-2016-3191 - workspace overflow for (*ACCEPT) with deeply nested
Modified Paths:
--------------
branches/1.0/package/pcre/pcre.mk
Modified: branches/1.0/package/pcre/pcre.mk
===================================================================
--- branches/1.0/package/pcre/pcre.mk 2016-06-12 19:45:42 UTC (rev 7719)
+++ branches/1.0/package/pcre/pcre.mk 2016-06-15 13:04:02 UTC (rev 7720)
@@ -4,7 +4,7 @@
#
#############################################################
-PCRE_VERSION = 8.38
+PCRE_VERSION = 8.39
PCRE_SITE = ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre
PCRE_SOURCE = pcre-$(PCRE_VERSION).tar.bz2
PCRE_INSTALL_STAGING = YES
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-06-12 19:45:45
|
Revision: 7719
http://sourceforge.net/p/astlinux/code/7719
Author: abelbeck
Date: 2016-06-12 19:45:42 +0000 (Sun, 12 Jun 2016)
Log Message:
-----------
arnofw, optimize by only adding to FORWARD if LAN_LAN_FORWARD_CHAIN contains rules
Modified Paths:
--------------
branches/1.0/package/arnofw/arnofw-0004-add-LAN_LAN_FORWARD_CHAIN.patch
Modified: branches/1.0/package/arnofw/arnofw-0004-add-LAN_LAN_FORWARD_CHAIN.patch
===================================================================
--- branches/1.0/package/arnofw/arnofw-0004-add-LAN_LAN_FORWARD_CHAIN.patch 2016-06-12 14:55:41 UTC (rev 7718)
+++ branches/1.0/package/arnofw/arnofw-0004-add-LAN_LAN_FORWARD_CHAIN.patch 2016-06-12 19:45:42 UTC (rev 7719)
@@ -1,20 +1,20 @@
diff --git a/README b/README
-index 093151a..93641a4 100644
+index 093151a..802ce61 100644
--- a/README
+++ b/README
@@ -480,6 +480,7 @@ INT_FORWARD_IN_CHAIN - Internal-net FORWARD chain for INcoming traffic
INT_FORWARD_OUT_CHAIN - Internal-net FORWARD chain for OUTcoming traffic
INT_INPUT_CHAIN - Internal-net INPUT chain
INT_OUTPUT_CHAIN - Internal-net OUTPUT chain
-+LAN_LAN_FORWARD_CHAIN - LAN to LAN (Inter-LAN) forward chain
++LAN_LAN_FORWARD_CHAIN - LAN to LAN (Inter-LAN) forward chain (AIF private use only)
LAN_INET_FORWARD_CHAIN - LAN to internet (external net) forward chain
POST_INPUT_CHAIN - This chain is always processed last(post) in the
INPUT chain
diff --git a/bin/arno-iptables-firewall b/bin/arno-iptables-firewall
-index b02a85f..67d79ec 100755
+index b02a85f..beee62d 100755
--- a/bin/arno-iptables-firewall
+++ b/bin/arno-iptables-firewall
-@@ -2263,6 +2263,72 @@ setup_int_input_chain()
+@@ -2263,6 +2263,79 @@ setup_int_input_chain()
}
@@ -23,6 +23,8 @@
+##################################################
+setup_lan_lan_forward_chain()
+{
++ local rtn_val=1
++
+ echo " Setting up LAN->LAN policy"
+
+ # TCP ports to ALLOW for certain Inter-LAN hosts
@@ -38,6 +40,7 @@
+ for dhost in `ip_range "$dhosts"`; do
+ for port in $ports; do
+ iptables -A LAN_LAN_FORWARD_CHAIN -s $shost -d $dhost -p tcp --dport $port -j ACCEPT
++ rtn_val=0
+ done
+ done
+ done
@@ -57,6 +60,7 @@
+ for dhost in `ip_range "$dhosts"`; do
+ for port in $ports; do
+ iptables -A LAN_LAN_FORWARD_CHAIN -s $shost -d $dhost -p udp --dport $port -j ACCEPT
++ rtn_val=0
+ done
+ done
+ done
@@ -76,41 +80,54 @@
+ for dhost in `ip_range "$dhosts"`; do
+ for proto in $protos; do
+ iptables -A LAN_LAN_FORWARD_CHAIN -s $shost -d $dhost -p $proto -j ACCEPT
++ rtn_val=0
+ done
+ done
+ done
+ fi
+ done
++
++ return $rtn_val
+}
+
+
###################################################
# Setup chain for the LAN-to-INET forward traffic #
###################################################
-@@ -4803,7 +4869,8 @@ setup_firewall_rules()
+@@ -4803,7 +4876,10 @@ setup_firewall_rules()
echo " Logging of denied LAN->INET FORWARD connections disabled"
fi
- # Setup helper chain for the LAN:
+ # Setup helper chains for the LAN:
+ setup_lan_lan_forward_chain;
++ lan_lan_forward_result=$?
++
setup_lan_inet_forward_chain;
IFS=' ,'
-@@ -4813,6 +4880,12 @@ setup_firewall_rules()
+@@ -4813,10 +4889,20 @@ setup_firewall_rules()
# Always make subnets on the SAME interface trust each other
iptables -A FORWARD -i $iif -o $iif -j ACCEPT
-+ for output_if in $INT_IF; do
-+ if [ "$iif" != "$output_if" ]; then
-+ iptables -A FORWARD -i $iif -o $output_if -j LAN_LAN_FORWARD_CHAIN
-+ fi
-+ done
++ # Optimize by only adding to FORWARD if LAN_LAN_FORWARD_CHAIN contains rules
++ if [ $lan_lan_forward_result -eq 0 ]; then
++ for output_if in $INT_IF; do
++ if [ "$iif" != "$output_if" ]; then
++ iptables -A FORWARD -i $iif -o $output_if -j LAN_LAN_FORWARD_CHAIN
++ fi
++ done
++ fi
+
for eif in $EXT_IF; do
iptables -A FORWARD -i $iif -o $eif -j LAN_INET_FORWARD_CHAIN
done
-@@ -5035,6 +5108,7 @@ create_user_chains()
+ done
++ unset lan_lan_forward_result
+ fi
+
+
+@@ -5035,6 +5121,7 @@ create_user_chains()
iptables -N DMZ_LAN_FORWARD_CHAIN
iptables -N INET_DMZ_FORWARD_CHAIN
iptables -N DMZ_INET_FORWARD_CHAIN
@@ -118,7 +135,7 @@
iptables -N LAN_INET_FORWARD_CHAIN
# Chains for the external interface
-@@ -5091,6 +5165,7 @@ flush_user_chains()
+@@ -5091,6 +5178,7 @@ flush_user_chains()
iptables -F DMZ_LAN_FORWARD_CHAIN
iptables -F INET_DMZ_FORWARD_CHAIN
iptables -F DMZ_INET_FORWARD_CHAIN
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-06-12 14:55:43
|
Revision: 7718
http://sourceforge.net/p/astlinux/code/7718
Author: abelbeck
Date: 2016-06-12 14:55:41 +0000 (Sun, 12 Jun 2016)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2016-06-12 14:39:30 UTC (rev 7717)
+++ branches/1.0/docs/ChangeLog.txt 2016-06-12 14:55:41 UTC (rev 7718)
@@ -98,6 +98,8 @@
-- arnofw (AIF), add NAT_FOREIGN_NETWORK rc.conf variable to support a downstream router with NAT disabled.
More Info: http://doc.astlinux.org/userdoc:tt-internal-downstream-router
+-- arnofw (AIF), add support for LAN_LAN_HOST_OPEN_xxx firewall rules.
+
-- Email Notifications, now automatically define a 'a@b.tld' From header in the form: "<action>-<hostname>" <a@b.tld>
The current <action> values are: SIP, Asterisk, Monit, Test, UPS, WAN
@@ -120,7 +122,11 @@
-- Network and Edit tab, add support for Avahi mDNS/DNS-SD Service Discovery.
More Info: http://doc.astlinux.org/userdoc:tt_avahi_mdns
+-- Network -> Firewall sub-tab, add support for "Pass LAN->LAN" action
+ Example: Allow any LAN subnet access to a LAN printer at 192.168.101.8 serving LPD, IPP and JetDirect
+ == Action: Pass LAN->LAN | Protocol: TCP | Source: 0/0 | Destination: 192.168.101.8 | Port: 515,631,9100
+
Additions for AstLinux 1.2.6.1:
==============================
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-06-12 14:39:33
|
Revision: 7717
http://sourceforge.net/p/astlinux/code/7717
Author: abelbeck
Date: 2016-06-12 14:39:30 +0000 (Sun, 12 Jun 2016)
Log Message:
-----------
web interface, Network -> Firewall sub-tab, add support for 'Pass LAN->LAN' action
Modified Paths:
--------------
branches/1.0/package/webinterface/altweb/admin/firewall.php
Modified: branches/1.0/package/webinterface/altweb/admin/firewall.php
===================================================================
--- branches/1.0/package/webinterface/altweb/admin/firewall.php 2016-06-11 20:31:25 UTC (rev 7716)
+++ branches/1.0/package/webinterface/altweb/admin/firewall.php 2016-06-12 14:39:30 UTC (rev 7717)
@@ -1,6 +1,6 @@
<?php
-// Copyright (C) 2008-2014 Lonnie Abelbeck
+// Copyright (C) 2008-2016 Lonnie Abelbeck
// This is free software, licensed under the GNU General Public License
// version 3 as published by the Free Software Foundation; you can
// redistribute it and/or modify it under the terms of the GNU
@@ -20,6 +20,7 @@
// 07-16-2012, Added "Pass LAN->EXT" and "Pass DMZ->EXT" actions
// 01-27-2014, Added "Log Denied DMZ interface packets"
// 06-08-2014, Added support for multiple "Allow OpenVPN" LAN interfaces
+// 06-12-2016, Added "Pass LAN->LAN" action
//
// System location of /mnt/kd/rc.conf.d directory
$FIREWALLCONFDIR = '/mnt/kd/rc.conf.d';
@@ -40,6 +41,7 @@
'PASS_EXT_DMZ' => 'Pass EXT->DMZ',
'PASS_DMZ_LOCAL' => 'Pass DMZ->Local',
'PASS_DMZ_LAN' => 'Pass DMZ->LAN',
+ 'PASS_LAN_LAN' => 'Pass LAN->LAN',
'DENY_LAN_EXT' => 'Deny LAN->EXT',
'DENY_LAN_LOCAL' => 'Deny LAN->Local',
'DENY_LOCAL_EXT' => 'Deny Local->EXT',
@@ -59,6 +61,7 @@
'PASS_EXT_DMZ' => 'INET_DMZ_HOST_OPEN_xxx',
'PASS_DMZ_LOCAL' => 'DMZ_HOST_OPEN_xxx',
'PASS_DMZ_LAN' => 'DMZ_LAN_HOST_OPEN_xxx',
+ 'PASS_LAN_LAN' => 'LAN_LAN_HOST_OPEN_xxx',
'DENY_LAN_EXT' => 'LAN_INET_HOST_DENY_xxx',
'DENY_LAN_LOCAL' => 'LAN_HOST_DENY_xxx',
'DENY_LOCAL_EXT' => 'HOST_DENY_xxx_OUTPUT',
@@ -172,6 +175,7 @@
case 'DENY_EXT_DMZ':
case 'DENY_DMZ_EXT':
case 'PASS_DMZ_LAN':
+ case 'PASS_LAN_LAN':
case 'PASS_LAN_EXT':
case 'PASS_DMZ_EXT':
if ($is_ip) {
@@ -499,6 +503,7 @@
case 'DENY_EXT_DMZ':
case 'DENY_DMZ_EXT':
case 'PASS_DMZ_LAN':
+ case 'PASS_LAN_LAN':
case 'PASS_LAN_EXT':
case 'PASS_DMZ_EXT':
if ($s_addr === '' || $d_addr === '') {
@@ -681,8 +686,8 @@
break;
case 3: // PASS_EXT_LOCAL
case 6: // PASS_DMZ_LOCAL
- case 9: // DENY_LAN_LOCAL
- case 16: // LOG_LOCAL_IN
+ case 10: // DENY_LAN_LOCAL
+ case 17: // LOG_LOCAL_IN
form.s_addr.disabled = 0;
form.s_lport.disabled = 0;
form.s_uport.disabled = 0;
@@ -710,11 +715,12 @@
case 4: // PASS_EXT_LAN
case 5: // PASS_EXT_DMZ
case 7: // PASS_DMZ_LAN
- case 8: // DENY_LAN_EXT
- case 11: // DENY_EXT_DMZ
- case 12: // DENY_DMZ_EXT
- case 13: // PASS_LAN_EXT
- case 14: // PASS_DMZ_EXT
+ case 8: // PASS_LAN_LAN
+ case 9: // DENY_LAN_EXT
+ case 12: // DENY_EXT_DMZ
+ case 13: // DENY_DMZ_EXT
+ case 14: // PASS_LAN_EXT
+ case 15: // PASS_DMZ_EXT
form.s_addr.disabled = 0;
form.d_addr.disabled = 0;
form.d_lport.disabled = 0;
@@ -726,8 +732,8 @@
form.s_uport.disabled = 1;
nat_ext.style.visibility = "hidden";
break;
- case 10: // DENY_LOCAL_EXT
- case 15: // LOG_LOCAL_OUT
+ case 11: // DENY_LOCAL_EXT
+ case 16: // LOG_LOCAL_OUT
form.d_addr.disabled = 0;
form.d_lport.disabled = 0;
form.d_uport.disabled = 0;
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-06-11 20:31:28
|
Revision: 7716
http://sourceforge.net/p/astlinux/code/7716
Author: abelbeck
Date: 2016-06-11 20:31:25 +0000 (Sat, 11 Jun 2016)
Log Message:
-----------
arnofw, Add LAN to LAN filtering rules (AIF issue #28), bump serial number for updated default firewall.conf
Ref: https://github.com/arno-iptables-firewall/aif/issues/28
Modified Paths:
--------------
branches/1.0/package/arnofw/arnofw.serial
Added Paths:
-----------
branches/1.0/package/arnofw/arnofw-0001-do-not-reset-accept_ra.patch
branches/1.0/package/arnofw/arnofw-0002-icmpv6-add-MLD-cleanup-logging.patch
branches/1.0/package/arnofw/arnofw-0003-pptp-vpn-passthrough.patch
branches/1.0/package/arnofw/arnofw-0004-add-LAN_LAN_FORWARD_CHAIN.patch
Removed Paths:
-------------
branches/1.0/package/arnofw/arnofw-do-not-reset-accept_ra.patch
branches/1.0/package/arnofw/arnofw-icmpv6-add-MLD-cleanup-logging.patch
branches/1.0/package/arnofw/arnofw-pptp-vpn-passthrough.patch
Copied: branches/1.0/package/arnofw/arnofw-0001-do-not-reset-accept_ra.patch (from rev 7715, branches/1.0/package/arnofw/arnofw-do-not-reset-accept_ra.patch)
===================================================================
--- branches/1.0/package/arnofw/arnofw-0001-do-not-reset-accept_ra.patch (rev 0)
+++ branches/1.0/package/arnofw/arnofw-0001-do-not-reset-accept_ra.patch 2016-06-11 20:31:25 UTC (rev 7716)
@@ -0,0 +1,11 @@
+--- arno-iptables-firewall_2.0.1f/bin/arno-iptables-firewall.orig 2015-10-30 15:52:23.000000000 -0500
++++ arno-iptables-firewall_2.0.1f/bin/arno-iptables-firewall 2015-10-30 16:00:37.000000000 -0500
+@@ -495,7 +495,7 @@
+ sysctl_set_all "net.ipv6.conf" "forwarding" 1
+ echo " Disabling Local IPv6 Auto-Configuration"
+ sysctl_set_all "net.ipv6.conf" "autoconf" 0
+- sysctl_set_all "net.ipv6.conf" "accept_ra" 0
++ ## Setting accept_ra=0 is not needed with forwarding=1, don't overwrite any existing accept_ra=2 values
+ fi
+ elif [ "$IP_FORWARDING" = "0" ]; then
+ echo " DISABLING packet forwarding"
Copied: branches/1.0/package/arnofw/arnofw-0002-icmpv6-add-MLD-cleanup-logging.patch (from rev 7715, branches/1.0/package/arnofw/arnofw-icmpv6-add-MLD-cleanup-logging.patch)
===================================================================
--- branches/1.0/package/arnofw/arnofw-0002-icmpv6-add-MLD-cleanup-logging.patch (rev 0)
+++ branches/1.0/package/arnofw/arnofw-0002-icmpv6-add-MLD-cleanup-logging.patch 2016-06-11 20:31:25 UTC (rev 7716)
@@ -0,0 +1,75 @@
+From 7bd64927a401050769b7da18fd2ae52370cc2390 Mon Sep 17 00:00:00 2001
+From: Lonnie Abelbeck <lo...@ab...>
+Date: Sat, 13 Feb 2016 16:16:16 -0600
+Subject: [PATCH] changed: added support for ICMPv6 Multicast Listener
+ Discovery, disabled by default with OPEN_ICMPV6_MLD=0. Additionally make sure
+ all un-needed ICMPv6 packets are dropped so they don't appear as annoying
+ logs, more common with native IPv6 support by ISP's. Thanks to David Kerr for
+ pointing out the issue and testing a solution.
+
+---
+ bin/arno-iptables-firewall | 10 ++++++++++
+ etc/arno-iptables-firewall/firewall.conf | 6 ++++++
+ share/arno-iptables-firewall/environment | 4 ++++
+ 3 files changed, 20 insertions(+)
+
+diff --git a/bin/arno-iptables-firewall b/bin/arno-iptables-firewall
+index f5095a5..b02a85f 100755
+--- a/bin/arno-iptables-firewall
++++ b/bin/arno-iptables-firewall
+@@ -4574,6 +4574,11 @@ setup_firewall_rules()
+ for icmpv6_type in $ICMPV6_SPECIAL_TYPES; do
+ ip6tables -A INPUT -i $interface -p icmpv6 --icmpv6-type $icmpv6_type -m hl --hl-eq 255 -j ACCEPT
+ done
++ if [ "$OPEN_ICMPV6_MLD" = "1" ]; then
++ for icmpv6_type in $ICMPV6_MLD_TYPES; do
++ ip6tables -A INPUT -i $interface -p icmpv6 --icmpv6-type $icmpv6_type -s fe80::/10 -m hl --hl-eq 1 -j ACCEPT
++ done
++ fi
+ fi
+
+ # Apply external (internet) interface policy for the input chain:
+@@ -4592,6 +4597,11 @@ setup_firewall_rules()
+
+ # ICMP traffic (flood)
+ iptables -A INPUT -i $interface -p icmp -m state --state NEW -j EXT_ICMP_FLOOD_CHAIN
++
++ # Drop any remaining ICMPv6 traffic
++ if [ "$IPV6_SUPPORT" = "1" ]; then
++ ip6tables -A INPUT -i $interface -p icmpv6 -j POST_INPUT_DROP_CHAIN
++ fi
+ done
+
+
+diff --git a/etc/arno-iptables-firewall/firewall.conf b/etc/arno-iptables-firewall/firewall.conf
+index 9e80e20..2291916 100644
+--- a/etc/arno-iptables-firewall/firewall.conf
++++ b/etc/arno-iptables-firewall/firewall.conf
+@@ -1158,6 +1158,12 @@ OPEN_ICMP=0
+ # -----------------------------------------------------------------------------
+ OPEN_ICMPV6=1
+
++# Enable (1) to make the default policy allow IPv6 ICMPv6
++# Multicast Listener Discovery (RFC 2710, 3810) for INET access
++# Note: Requires setting OPEN_ICMPV6=1 to apply.
++# -----------------------------------------------------------------------------
++OPEN_ICMPV6_MLD=0
++
+ # Put in the following variables which ports or IP protocols you want to leave
+ # open to the whole world.
+ # -----------------------------------------------------------------------------
+diff --git a/share/arno-iptables-firewall/environment b/share/arno-iptables-firewall/environment
+index 5728e4c..616c29c 100644
+--- a/share/arno-iptables-firewall/environment
++++ b/share/arno-iptables-firewall/environment
+@@ -1698,6 +1698,10 @@ fi
+ ######################################################################
+ ICMPV6_SPECIAL_TYPES="133 134 135 136"
+
++# IPv6 ICMPv6 Multicast Listener Discovery (RFC 2710, 3810)
++######################################################################
++ICMPV6_MLD_TYPES="130 131 132 143"
++
+ # Check plugin bin path and fallback in case it's empty
+ #######################################################
+ if [ -z "$PLUGIN_BIN_PATH" ]; then
Copied: branches/1.0/package/arnofw/arnofw-0003-pptp-vpn-passthrough.patch (from rev 7715, branches/1.0/package/arnofw/arnofw-pptp-vpn-passthrough.patch)
===================================================================
--- branches/1.0/package/arnofw/arnofw-0003-pptp-vpn-passthrough.patch (rev 0)
+++ branches/1.0/package/arnofw/arnofw-0003-pptp-vpn-passthrough.patch 2016-06-11 20:31:25 UTC (rev 7716)
@@ -0,0 +1,186 @@
+From ade2e3fd17771b861f97dd3adb5307e4da16dc4e Mon Sep 17 00:00:00 2001
+From: Lonnie Abelbeck <lo...@ab...>
+Date: Sat, 9 Jan 2016 10:04:46 -0600
+Subject: [PATCH] added: PPTP VPN Passthrough plugin, Issue #27
+
+---
+ .../plugins/pptp-vpn-passthrough.conf | 14 +++
+ .../plugins/50pptp-vpn-passthrough.plugin | 135 +++++++++++++++++++++
+ .../plugins/pptp-vpn-passthrough.CHANGELOG | 4 +
+ 3 files changed, 153 insertions(+)
+ create mode 100644 etc/arno-iptables-firewall/plugins/pptp-vpn-passthrough.conf
+ create mode 100644 share/arno-iptables-firewall/plugins/50pptp-vpn-passthrough.plugin
+ create mode 100644 share/arno-iptables-firewall/plugins/pptp-vpn-passthrough.CHANGELOG
+
+diff --git a/etc/arno-iptables-firewall/plugins/pptp-vpn-passthrough.conf b/etc/arno-iptables-firewall/plugins/pptp-vpn-passthrough.conf
+new file mode 100644
+index 0000000..250bc0d
+--- /dev/null
++++ b/etc/arno-iptables-firewall/plugins/pptp-vpn-passthrough.conf
+@@ -0,0 +1,14 @@
++# ------------------------------------------------------------------------------
++# -= Arno's iptables firewall - PPTP VPN Passthrough plugin =-
++# ------------------------------------------------------------------------------
++
++# To actually enable this plugin make ENABLED=1:
++# ------------------------------------------------------------------------------
++ENABLED=0
++
++# PPTP uses the GRE protocol for transport, as such, when PPTP VPN clients
++# have NAT between them and the PPTP VPN server special packet handling must be performed.
++# This plugin loads the required Linux Kernel modules to handle that situation.
++#
++# No configuration options
++# ------------------------------------------------------------------------------
+diff --git a/share/arno-iptables-firewall/plugins/50pptp-vpn-passthrough.plugin b/share/arno-iptables-firewall/plugins/50pptp-vpn-passthrough.plugin
+new file mode 100644
+index 0000000..379a1dd
+--- /dev/null
++++ b/share/arno-iptables-firewall/plugins/50pptp-vpn-passthrough.plugin
+@@ -0,0 +1,135 @@
++# ------------------------------------------------------------------------------
++# -= Arno's iptables firewall - PPTP VPN Passthrough plugin =-
++#
++PLUGIN_NAME="PPTP VPN Passthrough plugin"
++PLUGIN_VERSION="1.00"
++PLUGIN_CONF_FILE="pptp-vpn-passthrough.conf"
++#
++# Last changed : January 9, 2016
++# Requirements : AIF 2.0.0+ and ip_nat_pptp
++# Comments : This plugin loads the required kernel modules for PPTP VPN Clients
++# to access remote PPTP VPN Server(s) when NAT is enabled.
++#
++# Author : (C) Copyright 2016 by Lonnie Abelbeck & Arno van Amersfoort
++# Homepage : http://rocky.eld.leidenuniv.nl/
++# Email : a r n o v a AT r o c k y DOT e l d DOT l e i d e n u n i v DOT n l
++# (note: you must remove all spaces and substitute the @ and the .
++# at the proper locations!)
++# ------------------------------------------------------------------------------
++# This program is free software; you can redistribute it and/or
++# modify it under the terms of the GNU General Public License
++# version 2 as published by the Free Software Foundation.
++#
++# This program is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++# GNU General Public License for more details.
++#
++# You should have received a copy of the GNU General Public License
++# along with this program; if not, write to the Free Software
++# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
++# ------------------------------------------------------------------------------
++
++# Plugin start function
++plugin_start()
++{
++
++ if [ "$NAT" = "1" ]; then
++ echo "${INDENT}Enable PPTP NAT helper module"
++ modprobe_multi nf_nat_pptp ip_nat_pptp
++ else
++ echo "${INDENT}ERROR: NAT is not enabled, this plugin will be ignored."
++ fi
++
++ return 0
++}
++
++
++# Plugin restart function
++plugin_restart()
++{
++
++ # Skip plugin_stop on a restart
++ plugin_start
++
++ return 0
++}
++
++
++# Plugin stop function
++plugin_stop()
++{
++
++ if [ "$NAT" = "1" ]; then
++ if [ -e /proc/modules -a -x "$MODPROBE" ]; then
++ if ! $MODPROBE -r nf_nat_pptp >/dev/null 2>&1; then
++ $MODPROBE -r ip_nat_pptp >/dev/null 2>&1
++ fi
++ if [ $? -eq 0 ]; then
++ echo "${INDENT}Disabled PPTP NAT helper module"
++ fi
++ fi
++ fi
++
++ return 0
++}
++
++
++# Plugin status function
++plugin_status()
++{
++ return 0
++}
++
++
++# Check sanity of eg. environment
++plugin_sanity_check()
++{
++ return 0
++}
++
++
++############
++# Mainline #
++############
++
++# Check where to find the config file
++CONF_FILE=""
++if [ -n "$PLUGIN_CONF_PATH" ]; then
++ CONF_FILE="$PLUGIN_CONF_PATH/$PLUGIN_CONF_FILE"
++fi
++
++# Preinit to success:
++PLUGIN_RET_VAL=0
++
++# Check if the config file exists
++if [ ! -e "$CONF_FILE" ]; then
++ printf "NOTE: Config file \"$CONF_FILE\" not found!\n Plugin \"$PLUGIN_NAME v$PLUGIN_VERSION\" ignored!\n" >&2
++else
++ # Source the plugin config file
++ . "$CONF_FILE"
++
++ if [ "$ENABLED" = "1" -a "$PLUGIN_CMD" != "stop-restart" ] ||
++ [ "$ENABLED" = "0" -a "$PLUGIN_CMD" = "stop-restart" ] ||
++ [ -n "$PLUGIN_LOAD_FILE" -a "$PLUGIN_CMD" = "stop" ] ||
++ [ -n "$PLUGIN_LOAD_FILE" -a "$PLUGIN_CMD" = "status" ]; then
++ # Show who we are:
++ echo "${INDENT}$PLUGIN_NAME v$PLUGIN_VERSION"
++
++ # Increment indention
++ INDENT="$INDENT "
++
++ # Only proceed if environment ok
++ if ! plugin_sanity_check; then
++ PLUGIN_RET_VAL=1
++ else
++ case $PLUGIN_CMD in
++ start|'') plugin_start; PLUGIN_RET_VAL=$? ;;
++ restart ) plugin_restart; PLUGIN_RET_VAL=$? ;;
++ stop|stop-restart) plugin_stop; PLUGIN_RET_VAL=$? ;;
++ status ) plugin_status; PLUGIN_RET_VAL=$? ;;
++ * ) PLUGIN_RET_VAL=1; printf "\033[40m\033[1;31m${INDENT}ERROR: Invalid plugin option \"$PLUGIN_CMD\"!\033[0m\n" >&2 ;;
++ esac
++ fi
++ fi
++fi
+diff --git a/share/arno-iptables-firewall/plugins/pptp-vpn-passthrough.CHANGELOG b/share/arno-iptables-firewall/plugins/pptp-vpn-passthrough.CHANGELOG
+new file mode 100644
+index 0000000..042b789
+--- /dev/null
++++ b/share/arno-iptables-firewall/plugins/pptp-vpn-passthrough.CHANGELOG
+@@ -0,0 +1,4 @@
++Version 1.00 (January 9, 2016)
++-----------------------------------
+++ Initial version
++
+
Added: branches/1.0/package/arnofw/arnofw-0004-add-LAN_LAN_FORWARD_CHAIN.patch
===================================================================
--- branches/1.0/package/arnofw/arnofw-0004-add-LAN_LAN_FORWARD_CHAIN.patch (rev 0)
+++ branches/1.0/package/arnofw/arnofw-0004-add-LAN_LAN_FORWARD_CHAIN.patch 2016-06-11 20:31:25 UTC (rev 7716)
@@ -0,0 +1,173 @@
+diff --git a/README b/README
+index 093151a..93641a4 100644
+--- a/README
++++ b/README
+@@ -480,6 +480,7 @@ INT_FORWARD_IN_CHAIN - Internal-net FORWARD chain for INcoming traffic
+ INT_FORWARD_OUT_CHAIN - Internal-net FORWARD chain for OUTcoming traffic
+ INT_INPUT_CHAIN - Internal-net INPUT chain
+ INT_OUTPUT_CHAIN - Internal-net OUTPUT chain
++LAN_LAN_FORWARD_CHAIN - LAN to LAN (Inter-LAN) forward chain
+ LAN_INET_FORWARD_CHAIN - LAN to internet (external net) forward chain
+ POST_INPUT_CHAIN - This chain is always processed last(post) in the
+ INPUT chain
+diff --git a/bin/arno-iptables-firewall b/bin/arno-iptables-firewall
+index b02a85f..67d79ec 100755
+--- a/bin/arno-iptables-firewall
++++ b/bin/arno-iptables-firewall
+@@ -2263,6 +2263,72 @@ setup_int_input_chain()
+ }
+
+
++##################################################
++# Setup chain for the LAN-to-LAN forward traffic #
++##################################################
++setup_lan_lan_forward_chain()
++{
++ echo " Setting up LAN->LAN policy"
++
++ # TCP ports to ALLOW for certain Inter-LAN hosts
++ ################################################
++ unset IFS
++ for rule in $LAN_LAN_HOST_OPEN_TCP; do
++ if parse_rule "$rule" LAN_LAN_HOST_OPEN_TCP "shosts:ANYHOST-dhosts-ports:ANYPORT"; then
++
++ echo " Allowing $shosts(LAN) to $dhosts(LAN) for TCP port(s): $ports"
++
++ IFS=','
++ for shost in `ip_range "$shosts"`; do
++ for dhost in `ip_range "$dhosts"`; do
++ for port in $ports; do
++ iptables -A LAN_LAN_FORWARD_CHAIN -s $shost -d $dhost -p tcp --dport $port -j ACCEPT
++ done
++ done
++ done
++ fi
++ done
++
++ # UDP ports to ALLOW for certain Inter-LAN hosts
++ ################################################
++ unset IFS
++ for rule in $LAN_LAN_HOST_OPEN_UDP; do
++ if parse_rule "$rule" LAN_LAN_HOST_OPEN_UDP "shosts:ANYHOST-dhosts-ports:ANYPORT"; then
++
++ echo " Allowing $shosts(LAN) to $dhosts(LAN) for UDP port(s): $ports"
++
++ IFS=','
++ for shost in `ip_range "$shosts"`; do
++ for dhost in `ip_range "$dhosts"`; do
++ for port in $ports; do
++ iptables -A LAN_LAN_FORWARD_CHAIN -s $shost -d $dhost -p udp --dport $port -j ACCEPT
++ done
++ done
++ done
++ fi
++ done
++
++ # IP protocol(s) to ALLOW for certain Inter-LAN hosts
++ #####################################################
++ unset IFS
++ for rule in $LAN_LAN_HOST_OPEN_IP; do
++ if parse_rule "$rule" LAN_LAN_HOST_OPEN_IP "shosts:ANYHOST-dhosts-protos"; then
++
++ echo " Allowing $shosts(LAN) to $dhosts(LAN) for IP protocol(s): $protos"
++
++ IFS=','
++ for shost in `ip_range "$shosts"`; do
++ for dhost in `ip_range "$dhosts"`; do
++ for proto in $protos; do
++ iptables -A LAN_LAN_FORWARD_CHAIN -s $shost -d $dhost -p $proto -j ACCEPT
++ done
++ done
++ done
++ fi
++ done
++}
++
++
+ ###################################################
+ # Setup chain for the LAN-to-INET forward traffic #
+ ###################################################
+@@ -4803,7 +4869,8 @@ setup_firewall_rules()
+ echo " Logging of denied LAN->INET FORWARD connections disabled"
+ fi
+
+- # Setup helper chain for the LAN:
++ # Setup helper chains for the LAN:
++ setup_lan_lan_forward_chain;
+ setup_lan_inet_forward_chain;
+
+ IFS=' ,'
+@@ -4813,6 +4880,12 @@ setup_firewall_rules()
+ # Always make subnets on the SAME interface trust each other
+ iptables -A FORWARD -i $iif -o $iif -j ACCEPT
+
++ for output_if in $INT_IF; do
++ if [ "$iif" != "$output_if" ]; then
++ iptables -A FORWARD -i $iif -o $output_if -j LAN_LAN_FORWARD_CHAIN
++ fi
++ done
++
+ for eif in $EXT_IF; do
+ iptables -A FORWARD -i $iif -o $eif -j LAN_INET_FORWARD_CHAIN
+ done
+@@ -5035,6 +5108,7 @@ create_user_chains()
+ iptables -N DMZ_LAN_FORWARD_CHAIN
+ iptables -N INET_DMZ_FORWARD_CHAIN
+ iptables -N DMZ_INET_FORWARD_CHAIN
++ iptables -N LAN_LAN_FORWARD_CHAIN
+ iptables -N LAN_INET_FORWARD_CHAIN
+
+ # Chains for the external interface
+@@ -5091,6 +5165,7 @@ flush_user_chains()
+ iptables -F DMZ_LAN_FORWARD_CHAIN
+ iptables -F INET_DMZ_FORWARD_CHAIN
+ iptables -F DMZ_INET_FORWARD_CHAIN
++ iptables -F LAN_LAN_FORWARD_CHAIN
+ iptables -F LAN_INET_FORWARD_CHAIN
+
+ # Chains for the external interface
+diff --git a/etc/arno-iptables-firewall/firewall.conf b/etc/arno-iptables-firewall/firewall.conf
+index 2291916..73554d2 100644
+--- a/etc/arno-iptables-firewall/firewall.conf
++++ b/etc/arno-iptables-firewall/firewall.conf
+@@ -696,6 +696,40 @@ LAN_HOST_DENY_IP=""
+
+
+ ###############################################################################
++# LAN_LAN_xxx = LAN->LAN access rules (forward) #
++###############################################################################
++
++# Put in the following variables which LAN hosts you want to allow to certain
++# hosts/services on a different LAN (net).
++#
++# TCP/UDP form:
++# "SRCIP1,SRCIP2,...>DESTIP1~port \
++# SRCIP3,...>DESTIP2~port"
++#
++# IP form:
++# "SRCIP1,SRCIP2,...>DESTIP1~protocol \
++# SRCIP3,...>DESTIP2~protocol"
++#
++# TCP/UDP examples:
++# Simple (Allow port 80 to LAN host 1.2.3.4 from all other LAN hosts(0/0)):
++# LAN_LAN_HOST_OPEN_xxx="0/0>1.2.3.4~80"
++# Advanced (Allow port 20 & 21 to LAN host 1.2.3.4 from all other LAN hosts (0/0) and
++# allow port 80 from LAN host 5.6.7.8 (only) to LAN host 1.2.3.4):
++# LAN_LAN_HOST_OPEN_xxx="0/0>1.2.3.4~20,21 5.6.7.8>1.2.3.4~80"
++#
++# IP protocol example:
++# (Allow protocols 47 & 48 to LAN host 1.2.3.4 from all other LAN hosts(0/0)):
++# LAN_LAN_HOST_OPEN_IP="0/0>1.2.3.4~47,48"
++#
++# NOTE 1: If no SRCIPx is specified, any source host is used
++# NOTE 2: If no port is specified, any port is used
++# -----------------------------------------------------------------------------
++LAN_LAN_HOST_OPEN_TCP=""
++LAN_LAN_HOST_OPEN_UDP=""
++LAN_LAN_HOST_OPEN_IP=""
++
++
++###############################################################################
+ # LAN_INET_xxx = LAN->internet access rules (forward) #
+ # #
+ # Note that when the LAN_INET_OPEN_xxx & LAN_INET_HOST_OPEN_xxx variables are #
Deleted: branches/1.0/package/arnofw/arnofw-do-not-reset-accept_ra.patch
===================================================================
--- branches/1.0/package/arnofw/arnofw-do-not-reset-accept_ra.patch 2016-06-10 13:54:37 UTC (rev 7715)
+++ branches/1.0/package/arnofw/arnofw-do-not-reset-accept_ra.patch 2016-06-11 20:31:25 UTC (rev 7716)
@@ -1,11 +0,0 @@
---- arno-iptables-firewall_2.0.1f/bin/arno-iptables-firewall.orig 2015-10-30 15:52:23.000000000 -0500
-+++ arno-iptables-firewall_2.0.1f/bin/arno-iptables-firewall 2015-10-30 16:00:37.000000000 -0500
-@@ -495,7 +495,7 @@
- sysctl_set_all "net.ipv6.conf" "forwarding" 1
- echo " Disabling Local IPv6 Auto-Configuration"
- sysctl_set_all "net.ipv6.conf" "autoconf" 0
-- sysctl_set_all "net.ipv6.conf" "accept_ra" 0
-+ ## Setting accept_ra=0 is not needed with forwarding=1, don't overwrite any existing accept_ra=2 values
- fi
- elif [ "$IP_FORWARDING" = "0" ]; then
- echo " DISABLING packet forwarding"
Deleted: branches/1.0/package/arnofw/arnofw-icmpv6-add-MLD-cleanup-logging.patch
===================================================================
--- branches/1.0/package/arnofw/arnofw-icmpv6-add-MLD-cleanup-logging.patch 2016-06-10 13:54:37 UTC (rev 7715)
+++ branches/1.0/package/arnofw/arnofw-icmpv6-add-MLD-cleanup-logging.patch 2016-06-11 20:31:25 UTC (rev 7716)
@@ -1,75 +0,0 @@
-From 7bd64927a401050769b7da18fd2ae52370cc2390 Mon Sep 17 00:00:00 2001
-From: Lonnie Abelbeck <lo...@ab...>
-Date: Sat, 13 Feb 2016 16:16:16 -0600
-Subject: [PATCH] changed: added support for ICMPv6 Multicast Listener
- Discovery, disabled by default with OPEN_ICMPV6_MLD=0. Additionally make sure
- all un-needed ICMPv6 packets are dropped so they don't appear as annoying
- logs, more common with native IPv6 support by ISP's. Thanks to David Kerr for
- pointing out the issue and testing a solution.
-
----
- bin/arno-iptables-firewall | 10 ++++++++++
- etc/arno-iptables-firewall/firewall.conf | 6 ++++++
- share/arno-iptables-firewall/environment | 4 ++++
- 3 files changed, 20 insertions(+)
-
-diff --git a/bin/arno-iptables-firewall b/bin/arno-iptables-firewall
-index f5095a5..b02a85f 100755
---- a/bin/arno-iptables-firewall
-+++ b/bin/arno-iptables-firewall
-@@ -4574,6 +4574,11 @@ setup_firewall_rules()
- for icmpv6_type in $ICMPV6_SPECIAL_TYPES; do
- ip6tables -A INPUT -i $interface -p icmpv6 --icmpv6-type $icmpv6_type -m hl --hl-eq 255 -j ACCEPT
- done
-+ if [ "$OPEN_ICMPV6_MLD" = "1" ]; then
-+ for icmpv6_type in $ICMPV6_MLD_TYPES; do
-+ ip6tables -A INPUT -i $interface -p icmpv6 --icmpv6-type $icmpv6_type -s fe80::/10 -m hl --hl-eq 1 -j ACCEPT
-+ done
-+ fi
- fi
-
- # Apply external (internet) interface policy for the input chain:
-@@ -4592,6 +4597,11 @@ setup_firewall_rules()
-
- # ICMP traffic (flood)
- iptables -A INPUT -i $interface -p icmp -m state --state NEW -j EXT_ICMP_FLOOD_CHAIN
-+
-+ # Drop any remaining ICMPv6 traffic
-+ if [ "$IPV6_SUPPORT" = "1" ]; then
-+ ip6tables -A INPUT -i $interface -p icmpv6 -j POST_INPUT_DROP_CHAIN
-+ fi
- done
-
-
-diff --git a/etc/arno-iptables-firewall/firewall.conf b/etc/arno-iptables-firewall/firewall.conf
-index 9e80e20..2291916 100644
---- a/etc/arno-iptables-firewall/firewall.conf
-+++ b/etc/arno-iptables-firewall/firewall.conf
-@@ -1158,6 +1158,12 @@ OPEN_ICMP=0
- # -----------------------------------------------------------------------------
- OPEN_ICMPV6=1
-
-+# Enable (1) to make the default policy allow IPv6 ICMPv6
-+# Multicast Listener Discovery (RFC 2710, 3810) for INET access
-+# Note: Requires setting OPEN_ICMPV6=1 to apply.
-+# -----------------------------------------------------------------------------
-+OPEN_ICMPV6_MLD=0
-+
- # Put in the following variables which ports or IP protocols you want to leave
- # open to the whole world.
- # -----------------------------------------------------------------------------
-diff --git a/share/arno-iptables-firewall/environment b/share/arno-iptables-firewall/environment
-index 5728e4c..616c29c 100644
---- a/share/arno-iptables-firewall/environment
-+++ b/share/arno-iptables-firewall/environment
-@@ -1698,6 +1698,10 @@ fi
- ######################################################################
- ICMPV6_SPECIAL_TYPES="133 134 135 136"
-
-+# IPv6 ICMPv6 Multicast Listener Discovery (RFC 2710, 3810)
-+######################################################################
-+ICMPV6_MLD_TYPES="130 131 132 143"
-+
- # Check plugin bin path and fallback in case it's empty
- #######################################################
- if [ -z "$PLUGIN_BIN_PATH" ]; then
Deleted: branches/1.0/package/arnofw/arnofw-pptp-vpn-passthrough.patch
===================================================================
--- branches/1.0/package/arnofw/arnofw-pptp-vpn-passthrough.patch 2016-06-10 13:54:37 UTC (rev 7715)
+++ branches/1.0/package/arnofw/arnofw-pptp-vpn-passthrough.patch 2016-06-11 20:31:25 UTC (rev 7716)
@@ -1,186 +0,0 @@
-From ade2e3fd17771b861f97dd3adb5307e4da16dc4e Mon Sep 17 00:00:00 2001
-From: Lonnie Abelbeck <lo...@ab...>
-Date: Sat, 9 Jan 2016 10:04:46 -0600
-Subject: [PATCH] added: PPTP VPN Passthrough plugin, Issue #27
-
----
- .../plugins/pptp-vpn-passthrough.conf | 14 +++
- .../plugins/50pptp-vpn-passthrough.plugin | 135 +++++++++++++++++++++
- .../plugins/pptp-vpn-passthrough.CHANGELOG | 4 +
- 3 files changed, 153 insertions(+)
- create mode 100644 etc/arno-iptables-firewall/plugins/pptp-vpn-passthrough.conf
- create mode 100644 share/arno-iptables-firewall/plugins/50pptp-vpn-passthrough.plugin
- create mode 100644 share/arno-iptables-firewall/plugins/pptp-vpn-passthrough.CHANGELOG
-
-diff --git a/etc/arno-iptables-firewall/plugins/pptp-vpn-passthrough.conf b/etc/arno-iptables-firewall/plugins/pptp-vpn-passthrough.conf
-new file mode 100644
-index 0000000..250bc0d
---- /dev/null
-+++ b/etc/arno-iptables-firewall/plugins/pptp-vpn-passthrough.conf
-@@ -0,0 +1,14 @@
-+# ------------------------------------------------------------------------------
-+# -= Arno's iptables firewall - PPTP VPN Passthrough plugin =-
-+# ------------------------------------------------------------------------------
-+
-+# To actually enable this plugin make ENABLED=1:
-+# ------------------------------------------------------------------------------
-+ENABLED=0
-+
-+# PPTP uses the GRE protocol for transport, as such, when PPTP VPN clients
-+# have NAT between them and the PPTP VPN server special packet handling must be performed.
-+# This plugin loads the required Linux Kernel modules to handle that situation.
-+#
-+# No configuration options
-+# ------------------------------------------------------------------------------
-diff --git a/share/arno-iptables-firewall/plugins/50pptp-vpn-passthrough.plugin b/share/arno-iptables-firewall/plugins/50pptp-vpn-passthrough.plugin
-new file mode 100644
-index 0000000..379a1dd
---- /dev/null
-+++ b/share/arno-iptables-firewall/plugins/50pptp-vpn-passthrough.plugin
-@@ -0,0 +1,135 @@
-+# ------------------------------------------------------------------------------
-+# -= Arno's iptables firewall - PPTP VPN Passthrough plugin =-
-+#
-+PLUGIN_NAME="PPTP VPN Passthrough plugin"
-+PLUGIN_VERSION="1.00"
-+PLUGIN_CONF_FILE="pptp-vpn-passthrough.conf"
-+#
-+# Last changed : January 9, 2016
-+# Requirements : AIF 2.0.0+ and ip_nat_pptp
-+# Comments : This plugin loads the required kernel modules for PPTP VPN Clients
-+# to access remote PPTP VPN Server(s) when NAT is enabled.
-+#
-+# Author : (C) Copyright 2016 by Lonnie Abelbeck & Arno van Amersfoort
-+# Homepage : http://rocky.eld.leidenuniv.nl/
-+# Email : a r n o v a AT r o c k y DOT e l d DOT l e i d e n u n i v DOT n l
-+# (note: you must remove all spaces and substitute the @ and the .
-+# at the proper locations!)
-+# ------------------------------------------------------------------------------
-+# This program is free software; you can redistribute it and/or
-+# modify it under the terms of the GNU General Public License
-+# version 2 as published by the Free Software Foundation.
-+#
-+# This program is distributed in the hope that it will be useful,
-+# but WITHOUT ANY WARRANTY; without even the implied warranty of
-+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-+# GNU General Public License for more details.
-+#
-+# You should have received a copy of the GNU General Public License
-+# along with this program; if not, write to the Free Software
-+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
-+# ------------------------------------------------------------------------------
-+
-+# Plugin start function
-+plugin_start()
-+{
-+
-+ if [ "$NAT" = "1" ]; then
-+ echo "${INDENT}Enable PPTP NAT helper module"
-+ modprobe_multi nf_nat_pptp ip_nat_pptp
-+ else
-+ echo "${INDENT}ERROR: NAT is not enabled, this plugin will be ignored."
-+ fi
-+
-+ return 0
-+}
-+
-+
-+# Plugin restart function
-+plugin_restart()
-+{
-+
-+ # Skip plugin_stop on a restart
-+ plugin_start
-+
-+ return 0
-+}
-+
-+
-+# Plugin stop function
-+plugin_stop()
-+{
-+
-+ if [ "$NAT" = "1" ]; then
-+ if [ -e /proc/modules -a -x "$MODPROBE" ]; then
-+ if ! $MODPROBE -r nf_nat_pptp >/dev/null 2>&1; then
-+ $MODPROBE -r ip_nat_pptp >/dev/null 2>&1
-+ fi
-+ if [ $? -eq 0 ]; then
-+ echo "${INDENT}Disabled PPTP NAT helper module"
-+ fi
-+ fi
-+ fi
-+
-+ return 0
-+}
-+
-+
-+# Plugin status function
-+plugin_status()
-+{
-+ return 0
-+}
-+
-+
-+# Check sanity of eg. environment
-+plugin_sanity_check()
-+{
-+ return 0
-+}
-+
-+
-+############
-+# Mainline #
-+############
-+
-+# Check where to find the config file
-+CONF_FILE=""
-+if [ -n "$PLUGIN_CONF_PATH" ]; then
-+ CONF_FILE="$PLUGIN_CONF_PATH/$PLUGIN_CONF_FILE"
-+fi
-+
-+# Preinit to success:
-+PLUGIN_RET_VAL=0
-+
-+# Check if the config file exists
-+if [ ! -e "$CONF_FILE" ]; then
-+ printf "NOTE: Config file \"$CONF_FILE\" not found!\n Plugin \"$PLUGIN_NAME v$PLUGIN_VERSION\" ignored!\n" >&2
-+else
-+ # Source the plugin config file
-+ . "$CONF_FILE"
-+
-+ if [ "$ENABLED" = "1" -a "$PLUGIN_CMD" != "stop-restart" ] ||
-+ [ "$ENABLED" = "0" -a "$PLUGIN_CMD" = "stop-restart" ] ||
-+ [ -n "$PLUGIN_LOAD_FILE" -a "$PLUGIN_CMD" = "stop" ] ||
-+ [ -n "$PLUGIN_LOAD_FILE" -a "$PLUGIN_CMD" = "status" ]; then
-+ # Show who we are:
-+ echo "${INDENT}$PLUGIN_NAME v$PLUGIN_VERSION"
-+
-+ # Increment indention
-+ INDENT="$INDENT "
-+
-+ # Only proceed if environment ok
-+ if ! plugin_sanity_check; then
-+ PLUGIN_RET_VAL=1
-+ else
-+ case $PLUGIN_CMD in
-+ start|'') plugin_start; PLUGIN_RET_VAL=$? ;;
-+ restart ) plugin_restart; PLUGIN_RET_VAL=$? ;;
-+ stop|stop-restart) plugin_stop; PLUGIN_RET_VAL=$? ;;
-+ status ) plugin_status; PLUGIN_RET_VAL=$? ;;
-+ * ) PLUGIN_RET_VAL=1; printf "\033[40m\033[1;31m${INDENT}ERROR: Invalid plugin option \"$PLUGIN_CMD\"!\033[0m\n" >&2 ;;
-+ esac
-+ fi
-+ fi
-+fi
-diff --git a/share/arno-iptables-firewall/plugins/pptp-vpn-passthrough.CHANGELOG b/share/arno-iptables-firewall/plugins/pptp-vpn-passthrough.CHANGELOG
-new file mode 100644
-index 0000000..042b789
---- /dev/null
-+++ b/share/arno-iptables-firewall/plugins/pptp-vpn-passthrough.CHANGELOG
-@@ -0,0 +1,4 @@
-+Version 1.00 (January 9, 2016)
-+-----------------------------------
-++ Initial version
-+
-
Modified: branches/1.0/package/arnofw/arnofw.serial
===================================================================
--- branches/1.0/package/arnofw/arnofw.serial 2016-06-10 13:54:37 UTC (rev 7715)
+++ branches/1.0/package/arnofw/arnofw.serial 2016-06-11 20:31:25 UTC (rev 7716)
@@ -1 +1 @@
-0002~0026~0000~0000~0000~
+0002~0027~0000~0000~0000~
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-06-10 13:54:39
|
Revision: 7715
http://sourceforge.net/p/astlinux/code/7715
Author: abelbeck
Date: 2016-06-10 13:54:37 +0000 (Fri, 10 Jun 2016)
Log Message:
-----------
build system, workaround 'files.astlinux.org' DNS issues
Modified Paths:
--------------
branches/1.0/crosstool-ng-src/get-files.sh
branches/1.0/toolchain/getter_script.sh
Modified: branches/1.0/crosstool-ng-src/get-files.sh
===================================================================
--- branches/1.0/crosstool-ng-src/get-files.sh 2016-06-10 03:20:38 UTC (rev 7714)
+++ branches/1.0/crosstool-ng-src/get-files.sh 2016-06-10 13:54:37 UTC (rev 7715)
@@ -1,6 +1,7 @@
# shell script to add additional files
-FILES_URL="http://files.astlinux.org"
+#FILES_URL="http://files.astlinux.org"
+FILES_URL="http://d18y2f4fr43xzs.cloudfront.net"
TARBALLS=".build/tarballs"
Modified: branches/1.0/toolchain/getter_script.sh
===================================================================
--- branches/1.0/toolchain/getter_script.sh 2016-06-10 03:20:38 UTC (rev 7714)
+++ branches/1.0/toolchain/getter_script.sh 2016-06-10 13:54:37 UTC (rev 7715)
@@ -2,7 +2,8 @@
# getter_better script from gumstix
# what a great idea...
#SITE="http://astlinuxfiles.s3.amazonaws.com"
-SITE="files.astlinux.org"
+#SITE="files.astlinux.org"
+SITE="d18y2f4fr43xzs.cloudfront.net"
WGET_ARGS="--passive-ftp --timeout=30 -c -t 2"
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-06-10 03:20:41
|
Revision: 7714
http://sourceforge.net/p/astlinux/code/7714
Author: abelbeck
Date: 2016-06-10 03:20:38 +0000 (Fri, 10 Jun 2016)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2016-06-10 03:17:07 UTC (rev 7713)
+++ branches/1.0/docs/ChangeLog.txt 2016-06-10 03:20:38 UTC (rev 7714)
@@ -71,6 +71,8 @@
-- busybox, udhcp: fix a SEGV on malformed RFC1035-encoded domain name: CVE-2016-2148
+-- iperf3, version bump to 3.0.12, security fix: CVE-2016-4303 (ESNET-SECADV-2016-0001)
+
-- OpenVPN, version bump to 2.3.11
-- ca-certificates, added trusted root certificates 2016-04-20, single file bundle, to allow authenticated HTTPS connections.
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-06-10 03:17:10
|
Revision: 7713
http://sourceforge.net/p/astlinux/code/7713
Author: abelbeck
Date: 2016-06-10 03:17:07 +0000 (Fri, 10 Jun 2016)
Log Message:
-----------
iperf3, version bump to 3.0.12, security fix: CVE-2016-4303 (ESNET-SECADV-2016-0001)
Modified Paths:
--------------
branches/1.0/package/iperf3/iperf3-0001-disable-profiling.patch
branches/1.0/package/iperf3/iperf3.mk
Modified: branches/1.0/package/iperf3/iperf3-0001-disable-profiling.patch
===================================================================
--- branches/1.0/package/iperf3/iperf3-0001-disable-profiling.patch 2016-06-09 20:06:45 UTC (rev 7712)
+++ branches/1.0/package/iperf3/iperf3-0001-disable-profiling.patch 2016-06-10 03:17:07 UTC (rev 7713)
@@ -9,7 +9,7 @@
diff -Nura iperf-3.0.10.orig/src/Makefile.in iperf-3.0.10/src/Makefile.in
--- iperf-3.0.10.orig/src/Makefile.in 2014-12-17 07:30:46.878310789 -0300
+++ iperf-3.0.10/src/Makefile.in 2014-12-17 07:33:41.879356643 -0300
-@@ -82,7 +82,7 @@
+@@ -92,7 +92,7 @@
host_triplet = @host@
bin_PROGRAMS = iperf3$(EXEEXT)
noinst_PROGRAMS = t_timer$(EXEEXT) t_units$(EXEEXT) t_uuid$(EXEEXT) \
@@ -17,4 +17,4 @@
+ iperf3$(EXEEXT)
TESTS = t_timer$(EXEEXT) t_units$(EXEEXT) t_uuid$(EXEEXT)
subdir = src
- DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
+ ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
Modified: branches/1.0/package/iperf3/iperf3.mk
===================================================================
--- branches/1.0/package/iperf3/iperf3.mk 2016-06-09 20:06:45 UTC (rev 7712)
+++ branches/1.0/package/iperf3/iperf3.mk 2016-06-10 03:17:07 UTC (rev 7713)
@@ -4,7 +4,7 @@
#
################################################################################
-IPERF3_VERSION = 3.0.11
+IPERF3_VERSION = 3.0.12
IPERF3_SOURCE = iperf-$(IPERF3_VERSION)-source.tar.gz
IPERF3_SITE = https://iperf.fr/download/source
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-06-09 20:06:47
|
Revision: 7712
http://sourceforge.net/p/astlinux/code/7712
Author: abelbeck
Date: 2016-06-09 20:06:45 +0000 (Thu, 09 Jun 2016)
Log Message:
-----------
unbound, version bump to 1.5.9
Modified Paths:
--------------
branches/1.0/package/unbound/unbound.mk
Modified: branches/1.0/package/unbound/unbound.mk
===================================================================
--- branches/1.0/package/unbound/unbound.mk 2016-06-08 03:21:17 UTC (rev 7711)
+++ branches/1.0/package/unbound/unbound.mk 2016-06-09 20:06:45 UTC (rev 7712)
@@ -4,7 +4,7 @@
#
#############################################################
-UNBOUND_VERSION = 1.5.8
+UNBOUND_VERSION = 1.5.9
UNBOUND_SITE = https://www.unbound.net/downloads
UNBOUND_SOURCE = unbound-$(UNBOUND_VERSION).tar.gz
UNBOUND_INSTALL_STAGING = YES
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-06-08 03:21:20
|
Revision: 7711
http://sourceforge.net/p/astlinux/code/7711
Author: abelbeck
Date: 2016-06-08 03:21:17 +0000 (Wed, 08 Jun 2016)
Log Message:
-----------
asterisk 1.8.x, res_srtp: Instead of libSRTP use OpenSSL as random source.
Ref: http://git.asterisk.org/gitweb/?p=asterisk/asterisk.git;a=commit;h=effa207bc420893d7d62e2acc674746b888d09eb
Added Paths:
-----------
branches/1.0/package/asterisk/asterisk-1.8-srtp-openssl-random.patch
Added: branches/1.0/package/asterisk/asterisk-1.8-srtp-openssl-random.patch
===================================================================
--- branches/1.0/package/asterisk/asterisk-1.8-srtp-openssl-random.patch (rev 0)
+++ branches/1.0/package/asterisk/asterisk-1.8-srtp-openssl-random.patch 2016-06-08 03:21:17 UTC (rev 7711)
@@ -0,0 +1,30 @@
+X-Git-Url: http://git.asterisk.org/gitweb/?p=asterisk%2Fasterisk.git;a=blobdiff_plain;f=res%2Fres_srtp.c;h=0193eb6036d2b29b32ffc9a00888503b6c7748b0;hp=54ce9e77d88f43768aedc040f5a52318512cd16a;hb=effa207bc420893d7d62e2acc674746b888d09eb;hpb=99efb23d111f596dadfeaa09c5710987fa03261c
+
+diff --git a/res/res_srtp.c b/res/res_srtp.c
+index 54ce9e7..0193eb6 100644
+--- a/res/res_srtp.c
++++ b/res/res_srtp.c
+@@ -41,6 +41,10 @@
+
+ #include <srtp/srtp.h>
++#ifdef HAVE_OPENSSL
++#include <openssl/rand.h>
++#else
+ #include <srtp/crypto_kernel.h>
++#endif
+
+ #include "asterisk/lock.h"
+ #include "asterisk/sched.h"
+@@ -305,7 +309,11 @@ static int ast_srtp_policy_set_master_key(struct ast_srtp_policy *policy, const
+
+ static int ast_srtp_get_random(unsigned char *key, size_t len)
+ {
++#ifdef HAVE_OPENSSL
++ return RAND_bytes(key, len) > 0 ? 0: -1;
++#else
+ return crypto_get_random(key, len) != err_status_ok ? -1: 0;
++#endif
+ }
+
+ static void ast_srtp_set_cb(struct ast_srtp *srtp, const struct ast_srtp_cb *cb, void *data)
+
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-06-07 18:55:20
|
Revision: 7710
http://sourceforge.net/p/astlinux/code/7710
Author: abelbeck
Date: 2016-06-07 18:55:18 +0000 (Tue, 07 Jun 2016)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2016-06-07 17:48:33 UTC (rev 7709)
+++ branches/1.0/docs/ChangeLog.txt 2016-06-07 18:55:18 UTC (rev 7710)
@@ -29,12 +29,14 @@
-- Firmware and RUNNIX upgrades now support https:// URL's. Additionally, URL's with the host 'mirror.astlinux.org'
will be automatically redirected to the proper HTTPS host using https:// .
--- igb, version bump to 5.3.4.4, Intel Gigabit Ethernet Network Driver
+-- igb, version bump to 5.3.5.3, Intel Gigabit Ethernet Network Driver
-- php, version bump to 5.5.36, bug and security fixes
--- sqlite, version bump to 3.12.2
+-- sqlite, version bump to 3.13.0
+-- sqliteodbc, version bump to 0.9994
+
-- Monit, version bump to 5.17.1
-- nut, version bump to 2.7.4
@@ -78,8 +80,9 @@
-- unbound, new package adding the libunbound library and unbound-host command. A symlink of 'host' -> 'unbound-host' is also added.
Unbound is a validating, recursive, and caching DNS resolver.
--- avahi, new package adding Bonjour/mDNS Service Discovery. Replaces the old mdnsresponder package.
+-- avahi, new package adding mDNS/DNS-SD Service Discovery (Bonjour). Replaces the old mdnsresponder package.
Enable mDNS/DNS-SD by setting AVAHI_ENABLE="yes", manual configuration stored in /mnt/kd/avahi/ symlinked from /etc/avahi/ .
+ More Info: http://doc.astlinux.org/userdoc:tt_avahi_mdns
-- ntpd/sntp, version bump to 4.2.8p8, security fixes: 15 low/medium-severity vulnerabilities
Now only include the "LOCAL" Reference Clock driver, which reduces the ntpd binary size buy 30% .
@@ -112,7 +115,10 @@
-- Automatically don't use kernel-reboot with 'genx86_64-vm' builds, use reboot instead.
+-- Network and Edit tab, add support for Avahi mDNS/DNS-SD Service Discovery.
+ More Info: http://doc.astlinux.org/userdoc:tt_avahi_mdns
+
Additions for AstLinux 1.2.6.1:
==============================
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-06-07 17:48:35
|
Revision: 7709
http://sourceforge.net/p/astlinux/code/7709
Author: abelbeck
Date: 2016-06-07 17:48:33 +0000 (Tue, 07 Jun 2016)
Log Message:
-----------
web interface, Network and Edit tab, add support for Avahi mDNS/DNS-SD
Modified Paths:
--------------
branches/1.0/package/webinterface/altweb/admin/edit.php
branches/1.0/package/webinterface/altweb/admin/network.php
branches/1.0/package/webinterface/altweb/common/functions.php
Modified: branches/1.0/package/webinterface/altweb/admin/edit.php
===================================================================
--- branches/1.0/package/webinterface/altweb/admin/edit.php 2016-06-06 15:45:38 UTC (rev 7708)
+++ branches/1.0/package/webinterface/altweb/admin/edit.php 2016-06-07 17:48:33 UTC (rev 7709)
@@ -1,6 +1,6 @@
<?php
-// Copyright (C) 2008-2015 Lonnie Abelbeck
+// Copyright (C) 2008-2016 Lonnie Abelbeck
// This is free software, licensed under the GNU General Public License
// version 3 as published by the Free Software Foundation; you can
// redistribute it and/or modify it under the terms of the GNU
@@ -11,6 +11,7 @@
// 12-04-2008, Added Reload/Restart Menu
// 02-18-2013, Added OpenVPN Client Config editing
// 09-06-2013, Added Shortcut support
+// 06-07-2016, Added Avahi mDNS/DNS-SD support
//
$myself = $_SERVER['PHP_SELF'];
@@ -31,6 +32,7 @@
'fossil' => 'Restart Fossil Server',
'ldap' => 'Reload LDAP Client',
'slapd' => 'Restart LDAP Server',
+ 'avahi' => 'Restart mDNS/DNS-SD',
'monit' => 'Restart Monit Monitor',
'darkstat' => 'Restart NetStat Server',
'snmpd' => 'Restart SNMP Server',
@@ -256,6 +258,8 @@
$result = restartPROCESS($process, 46, $result, 'init');
} elseif ($process === 'fossil') {
$result = restartPROCESS($process, 47, $result, 'init');
+ } elseif ($process === 'avahi') {
+ $result = restartPROCESS($process, 48, $result, 'init');
} elseif ($process === 'cron') {
$result = updateCRON('root', 30, $result);
}
@@ -298,6 +302,8 @@
$dir === '/mnt/kd/snmp' ||
$dir === '/mnt/kd/fop2' ||
$dir === '/mnt/kd/kamailio' ||
+ $dir === '/mnt/kd/avahi' ||
+ $dir === '/mnt/kd/avahi/services' ||
$dir === '/mnt/kd/monit' ||
$dir === '/mnt/kd/monit/monit.d' ||
$dir === '/mnt/kd/ups' ||
@@ -392,6 +398,8 @@
putHtml('<p style="color: green;">Monit Monitoring'.statusPROCESS('monit').'.</p>');
} elseif ($result == 47) {
putHtml('<p style="color: green;">Fossil Server'.statusPROCESS('fossil').'.</p>');
+ } elseif ($result == 48) {
+ putHtml('<p style="color: green;">mDNS/DNS-SD (Avahi)'.statusPROCESS('avahi').'.</p>');
} elseif ($result == 99) {
putHtml('<p style="color: red;">Action Failed.</p>');
} elseif ($result == 999) {
@@ -556,6 +564,24 @@
}
putHtml('</optgroup>');
}
+ if (is_dir('/mnt/kd/avahi') && count($globfiles = glob('/mnt/kd/avahi/*')) > 0) {
+ putHtml('<optgroup label="———— Avahi mDNS/DNS-SD Configs ————">');
+ foreach ($globfiles as $globfile) {
+ if (is_file($globfile) && is_writable($globfile)) {
+ $sel = ($globfile === $openfile) ? ' selected="selected"' : '';
+ putHtml('<option value="'.$globfile.'"'.$sel.'>'.basename($globfile).' - Avahi Daemon Configuration</option>');
+ }
+ }
+ if (is_dir('/mnt/kd/avahi/services') && count($globfiles = glob('/mnt/kd/avahi/services/*.service')) > 0) {
+ foreach ($globfiles as $globfile) {
+ if (is_file($globfile) && is_writable($globfile)) {
+ $sel = ($globfile === $openfile) ? ' selected="selected"' : '';
+ putHtml('<option value="'.$globfile.'"'.$sel.'>services/'.basename($globfile).' - Avahi Service</option>');
+ }
+ }
+ }
+ putHtml('</optgroup>');
+ }
if (is_dir('/mnt/kd/ups') && count($globfiles = glob('/mnt/kd/ups/*.conf')) > 0) {
putHtml('<optgroup label="———— UPS Monitoring Configs ————">');
foreach ($globfiles as $globfile) {
Modified: branches/1.0/package/webinterface/altweb/admin/network.php
===================================================================
--- branches/1.0/package/webinterface/altweb/admin/network.php 2016-06-06 15:45:38 UTC (rev 7708)
+++ branches/1.0/package/webinterface/altweb/admin/network.php 2016-06-07 17:48:33 UTC (rev 7709)
@@ -1,6 +1,6 @@
<?php
-// Copyright (C) 2008-2015 Lonnie Abelbeck
+// Copyright (C) 2008-2016 Lonnie Abelbeck
// This is free software, licensed under the GNU General Public License
// version 3 as published by the Free Software Foundation; you can
// redistribute it and/or modify it under the terms of the GNU
@@ -37,6 +37,7 @@
// 12-16-2014, Added Monit Monitoring support
// 08-21-2015, Added Fossil - Software Configuration Management
// 11-01-2015, Added DHCPv6 support
+// 06-07-2016, Added Avahi mDNS/DNS-SD support
//
// System location of rc.conf file
$CONFFILE = '/etc/rc.conf';
@@ -488,6 +489,9 @@
$value = 'UPNP_LISTEN="'.trim($x_value).'"';
fwrite($fp, "### UPnP Listen Interfaces\n".$value."\n");
+ $value = 'AVAHI_ENABLE="'.$_POST['avahi'].'"';
+ fwrite($fp, "### mDNS/DNS-SD\n".$value."\n");
+
$value = 'HTTPDIR="'.tuq($_POST['http_dir']).'"';
fwrite($fp, "### HTTP Server Directory\n".$value."\n");
@@ -954,6 +958,12 @@
$result = saveNETWORKsettings($NETCONFDIR, $NETCONFFILE);
header('Location: /admin/zabbix.php');
exit;
+ } elseif (isset($_POST['submit_avahi'])) {
+ $result = saveNETWORKsettings($NETCONFDIR, $NETCONFFILE);
+ if (is_writable($file = '/mnt/kd/avahi/avahi-daemon.conf')) {
+ header('Location: /admin/edit.php?file='.$file);
+ exit;
+ }
} elseif (isset($_POST['submit_edit_dnsmasq_conf'])) {
$result = saveNETWORKsettings($NETCONFDIR, $NETCONFFILE);
if (is_writable($file = '/mnt/kd/dnsmasq.conf')) {
@@ -1077,6 +1087,8 @@
$result = restartPROCESS($process, 46, $result, 'init');
} elseif ($process === 'fossil') {
$result = restartPROCESS($process, 47, $result, 'init');
+ } elseif ($process === 'avahi') {
+ $result = restartPROCESS($process, 48, $result, 'init');
}
} else {
$result = 2;
@@ -1167,6 +1179,8 @@
putHtml('<p style="color: green;">Monit Monitoring'.statusPROCESS('monit').'.</p>');
} elseif ($result == 47) {
putHtml('<p style="color: green;">Fossil Server'.statusPROCESS('fossil').'.</p>');
+ } elseif ($result == 48) {
+ putHtml('<p style="color: green;">mDNS/DNS-SD (Avahi)'.statusPROCESS('avahi').'.</p>');
} elseif ($result == 99) {
putHtml('<p style="color: red;">Action Failed.</p>');
} elseif ($result == 100) {
@@ -1248,6 +1262,8 @@
putHtml('<option value="ldap"'.$sel.'>Reload LDAP Client</option>');
$sel = ($reboot_restart === 'slapd') ? ' selected="selected"' : '';
putHtml('<option value="slapd"'.$sel.'>Restart LDAP Server</option>');
+ $sel = ($reboot_restart === 'avahi') ? ' selected="selected"' : '';
+ putHtml('<option value="avahi"'.$sel.'>Restart mDNS/DNS-SD</option>');
$sel = ($reboot_restart === 'monit') ? ' selected="selected"' : '';
putHtml('<option value="monit"'.$sel.'>Restart Monit Monitor</option>');
$sel = ($reboot_restart === 'darkstat') ? ' selected="selected"' : '';
@@ -1830,7 +1846,22 @@
$sel = isVARtype('UPNP_LISTEN', $db, $cur_db, 'DMZIF') ? ' checked="checked"' : '';
putHtml('<input type="checkbox" value="upnp_DMZIF" name="upnp_DMZIF"'.$sel.' /> DMZ');
putHtml('</td></tr>');
-
+
+ if (is_file('/etc/init.d/avahi')) {
+ putHtml('<tr class="dtrow1"><td style="text-align: left;" colspan="6">');
+ putHtml('mDNS/DNS-SD Service Discovery:');
+ putHtml('<select name="avahi">');
+ putHtml('<option value="no">disabled</option>');
+ $sel = (getVARdef($db, 'AVAHI_ENABLE', $cur_db) === 'yes') ? ' selected="selected"' : '';
+ putHtml('<option value="yes"'.$sel.'>enabled</option>');
+ putHtml('</select>');
+ if (is_writable('/mnt/kd/avahi/avahi-daemon.conf')) {
+ putHtml('–');
+ putHtml('<input type="submit" value="Configure mDNS/DNS-SD" name="submit_avahi" class="button" />');
+ }
+ putHtml('</td></tr>');
+ }
+
putHtml('<tr class="dtrow1"><td style="text-align: left;" colspan="6">');
$value = getVARdef($db, 'HTTPDIR', $cur_db);
putHtml('HTTP Server Directory:<input type="text" size="45" maxlength="64" value="'.$value.'" name="http_dir" />');
Modified: branches/1.0/package/webinterface/altweb/common/functions.php
===================================================================
--- branches/1.0/package/webinterface/altweb/common/functions.php 2016-06-06 15:45:38 UTC (rev 7708)
+++ branches/1.0/package/webinterface/altweb/common/functions.php 2016-06-07 17:48:33 UTC (rev 7709)
@@ -116,6 +116,12 @@
} else {
$str = $stopped;
}
+ } elseif ($process === 'avahi') {
+ if (is_file($path.'avahi-daemon/pid')) {
+ $str = $running;
+ } else {
+ $str = $stopped;
+ }
} elseif ($process === 'ups') {
if (is_file($path.'upsmon.pid')) {
$str = $running;
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-06-06 15:45:40
|
Revision: 7708
http://sourceforge.net/p/astlinux/code/7708
Author: abelbeck
Date: 2016-06-06 15:45:38 +0000 (Mon, 06 Jun 2016)
Log Message:
-----------
sqlite, version bump to 3.13.0 and sqliteodbc version bump to 0.9994
Modified Paths:
--------------
branches/1.0/package/sqlite/sqlite.mk
branches/1.0/package/sqliteodbc/sqliteodbc.mk
Modified: branches/1.0/package/sqlite/sqlite.mk
===================================================================
--- branches/1.0/package/sqlite/sqlite.mk 2016-06-06 15:23:44 UTC (rev 7707)
+++ branches/1.0/package/sqlite/sqlite.mk 2016-06-06 15:45:38 UTC (rev 7708)
@@ -4,7 +4,7 @@
#
#############################################################
-SQLITE_VERSION = 3120200
+SQLITE_VERSION = 3130000
SQLITE_SOURCE = sqlite-autoconf-$(SQLITE_VERSION).tar.gz
SQLITE_SITE = http://www.sqlite.org/2016
SQLITE_INSTALL_STAGING = YES
Modified: branches/1.0/package/sqliteodbc/sqliteodbc.mk
===================================================================
--- branches/1.0/package/sqliteodbc/sqliteodbc.mk 2016-06-06 15:23:44 UTC (rev 7707)
+++ branches/1.0/package/sqliteodbc/sqliteodbc.mk 2016-06-06 15:45:38 UTC (rev 7708)
@@ -3,7 +3,7 @@
# sqliteodbc
#
#############################################################
-SQLITEODBC_VERSION = 0.9993
+SQLITEODBC_VERSION = 0.9994
SQLITEODBC_SOURCE = sqliteodbc-$(SQLITEODBC_VERSION).tar.gz
SQLITEODBC_SITE = http://www.ch-werner.de/sqliteodbc
SQLITEODBC_SUBDIR = sqliteodbc-$(SQLITEODBC_VERSION)
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-06-06 15:23:46
|
Revision: 7707
http://sourceforge.net/p/astlinux/code/7707
Author: abelbeck
Date: 2016-06-06 15:23:44 +0000 (Mon, 06 Jun 2016)
Log Message:
-----------
igb, version bump to 5.3.5.3
Modified Paths:
--------------
branches/1.0/package/igb/igb.mk
Modified: branches/1.0/package/igb/igb.mk
===================================================================
--- branches/1.0/package/igb/igb.mk 2016-06-04 23:53:44 UTC (rev 7706)
+++ branches/1.0/package/igb/igb.mk 2016-06-06 15:23:44 UTC (rev 7707)
@@ -4,7 +4,7 @@
#
#############################################################
-IGB_VERSION = 5.3.4.4
+IGB_VERSION = 5.3.5.3
IGB_SOURCE:=igb-$(IGB_VERSION).tar.gz
IGB_SITE = http://downloads.sourceforge.net/project/e1000/igb%20stable/$(IGB_VERSION)
IGB_DEPENDENCIES = linux
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-06-04 23:53:46
|
Revision: 7706
http://sourceforge.net/p/astlinux/code/7706
Author: abelbeck
Date: 2016-06-04 23:53:44 +0000 (Sat, 04 Jun 2016)
Log Message:
-----------
update ChangeLog
Modified Paths:
--------------
branches/1.0/docs/ChangeLog.txt
Modified: branches/1.0/docs/ChangeLog.txt
===================================================================
--- branches/1.0/docs/ChangeLog.txt 2016-06-04 23:42:43 UTC (rev 7705)
+++ branches/1.0/docs/ChangeLog.txt 2016-06-04 23:53:44 UTC (rev 7706)
@@ -78,7 +78,10 @@
-- unbound, new package adding the libunbound library and unbound-host command. A symlink of 'host' -> 'unbound-host' is also added.
Unbound is a validating, recursive, and caching DNS resolver.
--- ntpd/sntp, version bump to 4.2.8p7, security fixes: 11 low/medium-severity vulnerabilities
+-- avahi, new package adding Bonjour/mDNS Service Discovery. Replaces the old mdnsresponder package.
+ Enable mDNS/DNS-SD by setting AVAHI_ENABLE="yes", manual configuration stored in /mnt/kd/avahi/ symlinked from /etc/avahi/ .
+
+-- ntpd/sntp, version bump to 4.2.8p8, security fixes: 15 low/medium-severity vulnerabilities
Now only include the "LOCAL" Reference Clock driver, which reduces the ntpd binary size buy 30% .
-- msmtp, version bump to 1.6.5
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-06-04 23:42:45
|
Revision: 7705
http://sourceforge.net/p/astlinux/code/7705
Author: abelbeck
Date: 2016-06-04 23:42:43 +0000 (Sat, 04 Jun 2016)
Log Message:
-----------
web interface, add avahi license and Basic Backup for /mnt/kd/avahi/
Modified Paths:
--------------
branches/1.0/package/webinterface/altweb/admin/system.php
branches/1.0/package/webinterface/altweb/common/license-packages.txt
Modified: branches/1.0/package/webinterface/altweb/admin/system.php
===================================================================
--- branches/1.0/package/webinterface/altweb/admin/system.php 2016-06-04 23:05:46 UTC (rev 7704)
+++ branches/1.0/package/webinterface/altweb/admin/system.php 2016-06-04 23:42:43 UTC (rev 7705)
@@ -197,7 +197,7 @@
$srcfile .= ' -e "s/^blocked-hosts$/&/p" -e "s/^dnsmasq.static$/&/p" -e "s/^hosts$/&/p" -e "s/^ethers$/&/p"';
$srcfile .= ' -e "s/^rc.local$/&/p" -e "s/^rc.local.stop$/&/p" -e "s/^rc.elocal$/&/p" -e "s/^rc.ledcontrol$/&/p"';
$srcfile .= ' -e "s/^wan-failover.script$/&/p" -e "s/^phoneprov-reload.script$/&/p"';
- $srcfile .= ' -e "s/^custom-agi$/&/p"';
+ $srcfile .= ' -e "s/^custom-agi$/&/p" -e "s/^avahi$/&/p"';
$srcfile .= ' -e "s/^crontabs$/&/p" -e "s/^snmp$/&/p" -e "s/^fop2$/&/p" -e "s/^kamailio$/&/p" -e "s/^monit$/&/p"';
$srcfile .= ' -e "s/^openvpn$/&/p" -e "s/^ipsec$/&/p" -e "s/^dahdi$/&/p" -e "s/^ssl$/&/p" -e "s/^ups$/&/p")';
$srcfile .= $firewall;
Modified: branches/1.0/package/webinterface/altweb/common/license-packages.txt
===================================================================
--- branches/1.0/package/webinterface/altweb/common/license-packages.txt 2016-06-04 23:05:46 UTC (rev 7704)
+++ branches/1.0/package/webinterface/altweb/common/license-packages.txt 2016-06-04 23:42:43 UTC (rev 7705)
@@ -29,7 +29,6 @@
libjpeg~Copyright (c) 1991-2014, Thomas G. Lane, Guido Vollbeding.
iptables~Copyright (c) 2000-2013 by the netfilter coreteam <cor...@ne...>
curl~Copyright (c) 1996-2016 Daniel Stenberg, <da...@ha...>.
-mDNS~Copyright (c) 2002-2004 Apple Computer, Inc. All rights reserved.
rp-pppoe~Copyright (c) 2001-2012 Roaring Penguin Software Inc.
zabbix~Copyright (c) 2000-2015 SIA Zabbix.
zlib~Copyright (c) 1995-2013 Jean-loup Gailly.
@@ -59,3 +58,4 @@
dhcp6c~Copyright (c) 1998-2008 WIDE Project.
htop~Copyright (c) 2004-2012 Hisham Muhammad.
unbound~Copyright (c) 2007-2016, NLnet Labs. All rights reserved.
+avahi~Copyright (c) 2004-2016 Lennart Poettering, Trent Lloyd, Avahi developers.
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-06-04 23:05:49
|
Revision: 7704
http://sourceforge.net/p/astlinux/code/7704
Author: abelbeck
Date: 2016-06-04 23:05:46 +0000 (Sat, 04 Jun 2016)
Log Message:
-----------
Add /mnt/kd/avahi to fossil's default directories and the web interface's Restore Basic Configuration
Modified Paths:
--------------
branches/1.0/package/fossil/scripts/fossil-commit
branches/1.0/project/astlinux/target_skeleton/usr/sbin/restore-basic-conf
Modified: branches/1.0/package/fossil/scripts/fossil-commit
===================================================================
--- branches/1.0/package/fossil/scripts/fossil-commit 2016-06-04 22:55:30 UTC (rev 7703)
+++ branches/1.0/package/fossil/scripts/fossil-commit 2016-06-04 23:05:46 UTC (rev 7704)
@@ -35,7 +35,7 @@
if [ -n "$FOSSIL_DEFAULT_DIRS" ]; then
dirs="$FOSSIL_DEFAULT_DIRS"
else
- dirs="rc.conf.d crontabs arno-iptables-firewall/plugins monit/monit.d openvpn/ccd"
+ dirs="rc.conf.d crontabs avahi arno-iptables-firewall/plugins monit/monit.d openvpn/ccd"
if [ "$ASTERISK_DAHDI_DISABLE" != "yes" ]; then
dirs="$dirs asterisk dahdi fop2 phoneprov/templates"
fi
Modified: branches/1.0/project/astlinux/target_skeleton/usr/sbin/restore-basic-conf
===================================================================
--- branches/1.0/project/astlinux/target_skeleton/usr/sbin/restore-basic-conf 2016-06-04 22:55:30 UTC (rev 7703)
+++ branches/1.0/project/astlinux/target_skeleton/usr/sbin/restore-basic-conf 2016-06-04 23:05:46 UTC (rev 7704)
@@ -70,7 +70,7 @@
# Restore basic configuration directories, clearing target directory
#
-if ! restore_dirs rc.conf.d ssh_keys asterisk dahdi openvpn ipsec crontabs ups snmp fop2 kamailio monit; then
+if ! restore_dirs rc.conf.d ssh_keys asterisk dahdi openvpn ipsec crontabs avahi ups snmp fop2 kamailio monit; then
exit 2
fi
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-06-04 22:55:32
|
Revision: 7703
http://sourceforge.net/p/astlinux/code/7703
Author: abelbeck
Date: 2016-06-04 22:55:30 +0000 (Sat, 04 Jun 2016)
Log Message:
-----------
Migrate from mdnsresponder to avahi for mDNS support
Modified Paths:
--------------
branches/1.0/astlinux-ast11.config
branches/1.0/astlinux-ast13.config
branches/1.0/astlinux18.config
branches/1.0/package/avahi/avahi.init
branches/1.0/package/mdnsresponder/Config.in
branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf
branches/1.0/x86_64-configs/astlinux-ast11.config
branches/1.0/x86_64-configs/astlinux-ast13.config
branches/1.0/x86_64-configs/astlinux18.config
Modified: branches/1.0/astlinux-ast11.config
===================================================================
--- branches/1.0/astlinux-ast11.config 2016-06-03 23:33:17 UTC (rev 7702)
+++ branches/1.0/astlinux-ast11.config 2016-06-04 22:55:30 UTC (rev 7703)
@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
-# Buildroot 2011.08-svn7604-dirty Configuration
-# Tue Mar 22 12:22:57 2016
+# Buildroot 2011.08-svn7702-dirty Configuration
+# Sat Jun 4 17:22:10 2016
#
BR2_HAVE_DOT_CONFIG=y
# BR2_arm is not set
@@ -625,7 +625,7 @@
# BR2_PACKAGE_ARGP_STANDALONE is not set
# BR2_PACKAGE_LIBATOMIC_OPS is not set
# BR2_PACKAGE_LIBCAP is not set
-# BR2_PACKAGE_LIBDAEMON is not set
+BR2_PACKAGE_LIBDAEMON=y
BR2_PACKAGE_LIBELF=y
# BR2_PACKAGE_LIBEVENT is not set
# BR2_PACKAGE_LIBFB is not set
@@ -682,7 +682,10 @@
# BR2_PACKAGE_ARGUS is not set
BR2_PACKAGE_ARNOFW=y
BR2_PACKAGE_ARP_SCAN=y
-# BR2_PACKAGE_AVAHI is not set
+BR2_PACKAGE_AVAHI=y
+# BR2_PACKAGE_AVAHI_AUTOIPD is not set
+BR2_PACKAGE_AVAHI_DAEMON=y
+# BR2_PACKAGE_AVAHI_LIBDNSSD_COMPATIBILITY is not set
# BR2_PACKAGE_AXEL is not set
# BR2_PACKAGE_BLUEZ_UTILS is not set
# BR2_PACKAGE_BIND is not set
@@ -733,7 +736,6 @@
# BR2_PACKAGE_LIGHTTPD_WEBDAV is not set
# BR2_PACKAGE_LINKS is not set
# BR2_PACKAGE_LRZSZ is not set
-BR2_PACKAGE_MDNSRESPONDER=y
# BR2_PACKAGE_MII_DIAG is not set
BR2_PACKAGE_MINIUPNPD=y
# BR2_PACKAGE_MROUTED is not set
Modified: branches/1.0/astlinux-ast13.config
===================================================================
--- branches/1.0/astlinux-ast13.config 2016-06-03 23:33:17 UTC (rev 7702)
+++ branches/1.0/astlinux-ast13.config 2016-06-04 22:55:30 UTC (rev 7703)
@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
-# Buildroot 2011.08-svn7604-dirty Configuration
-# Tue Mar 22 12:22:57 2016
+# Buildroot 2011.08-svn7702-dirty Configuration
+# Sat Jun 4 17:22:15 2016
#
BR2_HAVE_DOT_CONFIG=y
# BR2_arm is not set
@@ -625,7 +625,7 @@
# BR2_PACKAGE_ARGP_STANDALONE is not set
# BR2_PACKAGE_LIBATOMIC_OPS is not set
# BR2_PACKAGE_LIBCAP is not set
-# BR2_PACKAGE_LIBDAEMON is not set
+BR2_PACKAGE_LIBDAEMON=y
BR2_PACKAGE_LIBELF=y
# BR2_PACKAGE_LIBEVENT is not set
# BR2_PACKAGE_LIBFB is not set
@@ -682,7 +682,10 @@
# BR2_PACKAGE_ARGUS is not set
BR2_PACKAGE_ARNOFW=y
BR2_PACKAGE_ARP_SCAN=y
-# BR2_PACKAGE_AVAHI is not set
+BR2_PACKAGE_AVAHI=y
+# BR2_PACKAGE_AVAHI_AUTOIPD is not set
+BR2_PACKAGE_AVAHI_DAEMON=y
+# BR2_PACKAGE_AVAHI_LIBDNSSD_COMPATIBILITY is not set
# BR2_PACKAGE_AXEL is not set
# BR2_PACKAGE_BLUEZ_UTILS is not set
# BR2_PACKAGE_BIND is not set
@@ -733,7 +736,6 @@
# BR2_PACKAGE_LIGHTTPD_WEBDAV is not set
# BR2_PACKAGE_LINKS is not set
# BR2_PACKAGE_LRZSZ is not set
-BR2_PACKAGE_MDNSRESPONDER=y
# BR2_PACKAGE_MII_DIAG is not set
BR2_PACKAGE_MINIUPNPD=y
# BR2_PACKAGE_MROUTED is not set
Modified: branches/1.0/astlinux18.config
===================================================================
--- branches/1.0/astlinux18.config 2016-06-03 23:33:17 UTC (rev 7702)
+++ branches/1.0/astlinux18.config 2016-06-04 22:55:30 UTC (rev 7703)
@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
-# Buildroot 2011.08-svn7604-dirty Configuration
-# Tue Mar 22 12:22:57 2016
+# Buildroot 2011.08-svn7702-dirty Configuration
+# Sat Jun 4 17:22:04 2016
#
BR2_HAVE_DOT_CONFIG=y
# BR2_arm is not set
@@ -625,7 +625,7 @@
# BR2_PACKAGE_ARGP_STANDALONE is not set
# BR2_PACKAGE_LIBATOMIC_OPS is not set
# BR2_PACKAGE_LIBCAP is not set
-# BR2_PACKAGE_LIBDAEMON is not set
+BR2_PACKAGE_LIBDAEMON=y
BR2_PACKAGE_LIBELF=y
# BR2_PACKAGE_LIBEVENT is not set
# BR2_PACKAGE_LIBFB is not set
@@ -682,7 +682,10 @@
# BR2_PACKAGE_ARGUS is not set
BR2_PACKAGE_ARNOFW=y
BR2_PACKAGE_ARP_SCAN=y
-# BR2_PACKAGE_AVAHI is not set
+BR2_PACKAGE_AVAHI=y
+# BR2_PACKAGE_AVAHI_AUTOIPD is not set
+BR2_PACKAGE_AVAHI_DAEMON=y
+# BR2_PACKAGE_AVAHI_LIBDNSSD_COMPATIBILITY is not set
# BR2_PACKAGE_AXEL is not set
# BR2_PACKAGE_BLUEZ_UTILS is not set
# BR2_PACKAGE_BIND is not set
@@ -733,7 +736,6 @@
# BR2_PACKAGE_LIGHTTPD_WEBDAV is not set
# BR2_PACKAGE_LINKS is not set
# BR2_PACKAGE_LRZSZ is not set
-BR2_PACKAGE_MDNSRESPONDER=y
# BR2_PACKAGE_MII_DIAG is not set
BR2_PACKAGE_MINIUPNPD=y
# BR2_PACKAGE_MROUTED is not set
Modified: branches/1.0/package/avahi/avahi.init
===================================================================
--- branches/1.0/package/avahi/avahi.init 2016-06-03 23:33:17 UTC (rev 7702)
+++ branches/1.0/package/avahi/avahi.init 2016-06-04 22:55:30 UTC (rev 7703)
@@ -8,9 +8,48 @@
exit
fi
+gen_initial_setup_mdns()
+{
+ echo "## Autogenerated. Do not edit.
+[server]
+use-ipv4=yes
+use-ipv6=no
+ratelimit-interval-usec=1000000
+ratelimit-burst=1000
+
+[wide-area]
+enable-wide-area=no
+
+[publish]
+publish-hinfo=no
+publish-workstation=no
+publish-aaaa-on-ipv4=no
+publish-a-on-ipv6=no
+
+[reflector]
+enable-reflector=no
+
+[rlimits]
+rlimit-core=0
+rlimit-data=4194304
+rlimit-fsize=0
+rlimit-nofile=768
+rlimit-stack=4194304
+rlimit-nproc=3
+"
+}
+
init ()
{
if [ "$AVAHI_ENABLE" != "yes" ]; then
+ if [ -n "$ADNAME" ]; then
+ if [ -d /tmp/etc/avahi ]; then
+ rm -rf /tmp/etc/avahi
+ fi
+ mkdir -p /tmp/etc/avahi/services
+ gen_initial_setup_mdns > /tmp/etc/avahi/avahi-daemon.conf
+ return
+ fi
exit
fi
@@ -21,13 +60,19 @@
fi
fi
+ if [ -d /tmp/etc/avahi ]; then
+ rm -rf /tmp/etc/avahi
+ fi
ln -snf /mnt/kd/avahi /tmp/etc/avahi
}
start ()
{
- if [ "$AVAHI_ENABLE" = "yes" ] && ! $DAEMON --check; then
+ if [ "$AVAHI_ENABLE" = "yes" -o -n "$ADNAME" ] && ! $DAEMON --check; then
echo "Starting Avahi mDNS/DNS-SD..."
+ if [ "$AVAHI_ENABLE" != "yes" -a -n "$ADNAME" ]; then
+ echo " Warning: ADNAME is active."
+ fi
$DAEMON --daemonize
fi
}
Modified: branches/1.0/package/mdnsresponder/Config.in
===================================================================
--- branches/1.0/package/mdnsresponder/Config.in 2016-06-03 23:33:17 UTC (rev 7702)
+++ branches/1.0/package/mdnsresponder/Config.in 2016-06-04 22:55:30 UTC (rev 7703)
@@ -1,4 +1,5 @@
config BR2_PACKAGE_MDNSRESPONDER
+ depends on !BR2_PACKAGE_AVAHI
bool "mdnsresponder"
default n
help
Modified: branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf
===================================================================
--- branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf 2016-06-03 23:33:17 UTC (rev 7702)
+++ branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf 2016-06-04 22:55:30 UTC (rev 7703)
@@ -492,11 +492,14 @@
#STUNNEL_DEBUGLEVEL="5" # "0" is no debug, "2" is critical, "3" is errors, "5" is notice, "7" is full debugging
#STUNNELUSER="root" # defaults to "nobody", do not change unless binding fails
-## Service Advertisement (mDNS)
-## If you define ADNAME, I will advertise all of the available services on
-## your AstLinux machine in a way that is compatible with bonjour/rendezvous.
-## THIS IS VERY INSECURE, THIS SHOULD BE THE FIRST THING YOU DISABLE
-## ADNAME is automatically (always) disabled whenever the web interface Network Tab is saved.
+## Bonjour/mDNS Service Discovery (Avahi)
+## Configuration stored in /mnt/kd/avahi/ symlinked from /etc/avahi/
+## Enable mDNS/DNS-SD by setting AVAHI_ENABLE="yes"
+#AVAHI_ENABLE="yes"
+##
+## Defining ADNAME when AVAHI_ENABLE="no" (or undefined) will advertise pbx.local on all interfaces.
+## Use only for initial setup. THIS IS VERY INSECURE, THIS SHOULD BE THE FIRST THING YOU DISABLE
+## Note: ADNAME is automatically (always) disabled whenever the web interface Network Tab is saved.
ADNAME="AstLinux PBX"
## Universal Plug and Play (UPnP)
@@ -907,10 +910,9 @@
#UPS_NOTIFY_FROM="up...@my..." # Optional, From: email address
## Additionally, custom files in /mnt/kd/ups/ will override auto-generated 'ups*' files if any exist.
-## NetJet Emulation (P910ND)
+## NetJet Emulation (P910ND) - Non-spooling printer daemon using 9100/tcp to USB printer
+## Note: Enable Bonjour/mDNS discovery with AVAHI_ENABLE="yes" and configuring /mnt/kd/avahi/
#P910ND_DEVICE0="/dev/usblp0"
-## Enable Bonjour/mDNS Broadcasts
-#P910ND_ADNAME0="HP Officejet 6200"
## Redfone foneBRIDGE (PRI-to-Ethernet bridge)
## If the package "fonulator" is built, Redfone foneBRIDGE configuration support is added.
Modified: branches/1.0/x86_64-configs/astlinux-ast11.config
===================================================================
--- branches/1.0/x86_64-configs/astlinux-ast11.config 2016-06-03 23:33:17 UTC (rev 7702)
+++ branches/1.0/x86_64-configs/astlinux-ast11.config 2016-06-04 22:55:30 UTC (rev 7703)
@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
-# Buildroot 2011.08-svn7604-dirty Configuration
-# Tue Mar 22 12:22:58 2016
+# Buildroot 2011.08-svn7702-dirty Configuration
+# Sat Jun 4 17:22:35 2016
#
BR2_HAVE_DOT_CONFIG=y
BR2_ARCH_IS_64=y
@@ -606,7 +606,7 @@
# BR2_PACKAGE_ARGP_STANDALONE is not set
# BR2_PACKAGE_LIBATOMIC_OPS is not set
# BR2_PACKAGE_LIBCAP is not set
-# BR2_PACKAGE_LIBDAEMON is not set
+BR2_PACKAGE_LIBDAEMON=y
BR2_PACKAGE_LIBELF=y
# BR2_PACKAGE_LIBEVENT is not set
# BR2_PACKAGE_LIBFB is not set
@@ -663,7 +663,10 @@
# BR2_PACKAGE_ARGUS is not set
BR2_PACKAGE_ARNOFW=y
BR2_PACKAGE_ARP_SCAN=y
-# BR2_PACKAGE_AVAHI is not set
+BR2_PACKAGE_AVAHI=y
+# BR2_PACKAGE_AVAHI_AUTOIPD is not set
+BR2_PACKAGE_AVAHI_DAEMON=y
+# BR2_PACKAGE_AVAHI_LIBDNSSD_COMPATIBILITY is not set
# BR2_PACKAGE_AXEL is not set
# BR2_PACKAGE_BLUEZ_UTILS is not set
# BR2_PACKAGE_BIND is not set
@@ -714,7 +717,6 @@
# BR2_PACKAGE_LIGHTTPD_WEBDAV is not set
# BR2_PACKAGE_LINKS is not set
# BR2_PACKAGE_LRZSZ is not set
-BR2_PACKAGE_MDNSRESPONDER=y
# BR2_PACKAGE_MII_DIAG is not set
BR2_PACKAGE_MINIUPNPD=y
# BR2_PACKAGE_MROUTED is not set
Modified: branches/1.0/x86_64-configs/astlinux-ast13.config
===================================================================
--- branches/1.0/x86_64-configs/astlinux-ast13.config 2016-06-03 23:33:17 UTC (rev 7702)
+++ branches/1.0/x86_64-configs/astlinux-ast13.config 2016-06-04 22:55:30 UTC (rev 7703)
@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
-# Buildroot 2011.08-svn7604-dirty Configuration
-# Tue Mar 22 12:22:58 2016
+# Buildroot 2011.08-svn7702-dirty Configuration
+# Sat Jun 4 17:22:37 2016
#
BR2_HAVE_DOT_CONFIG=y
BR2_ARCH_IS_64=y
@@ -606,7 +606,7 @@
# BR2_PACKAGE_ARGP_STANDALONE is not set
# BR2_PACKAGE_LIBATOMIC_OPS is not set
# BR2_PACKAGE_LIBCAP is not set
-# BR2_PACKAGE_LIBDAEMON is not set
+BR2_PACKAGE_LIBDAEMON=y
BR2_PACKAGE_LIBELF=y
# BR2_PACKAGE_LIBEVENT is not set
# BR2_PACKAGE_LIBFB is not set
@@ -663,7 +663,10 @@
# BR2_PACKAGE_ARGUS is not set
BR2_PACKAGE_ARNOFW=y
BR2_PACKAGE_ARP_SCAN=y
-# BR2_PACKAGE_AVAHI is not set
+BR2_PACKAGE_AVAHI=y
+# BR2_PACKAGE_AVAHI_AUTOIPD is not set
+BR2_PACKAGE_AVAHI_DAEMON=y
+# BR2_PACKAGE_AVAHI_LIBDNSSD_COMPATIBILITY is not set
# BR2_PACKAGE_AXEL is not set
# BR2_PACKAGE_BLUEZ_UTILS is not set
# BR2_PACKAGE_BIND is not set
@@ -714,7 +717,6 @@
# BR2_PACKAGE_LIGHTTPD_WEBDAV is not set
# BR2_PACKAGE_LINKS is not set
# BR2_PACKAGE_LRZSZ is not set
-BR2_PACKAGE_MDNSRESPONDER=y
# BR2_PACKAGE_MII_DIAG is not set
BR2_PACKAGE_MINIUPNPD=y
# BR2_PACKAGE_MROUTED is not set
Modified: branches/1.0/x86_64-configs/astlinux18.config
===================================================================
--- branches/1.0/x86_64-configs/astlinux18.config 2016-06-03 23:33:17 UTC (rev 7702)
+++ branches/1.0/x86_64-configs/astlinux18.config 2016-06-04 22:55:30 UTC (rev 7703)
@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
-# Buildroot 2011.08-svn7604-dirty Configuration
-# Tue Mar 22 12:22:58 2016
+# Buildroot 2011.08-svn7702-dirty Configuration
+# Sat Jun 4 17:22:30 2016
#
BR2_HAVE_DOT_CONFIG=y
BR2_ARCH_IS_64=y
@@ -606,7 +606,7 @@
# BR2_PACKAGE_ARGP_STANDALONE is not set
# BR2_PACKAGE_LIBATOMIC_OPS is not set
# BR2_PACKAGE_LIBCAP is not set
-# BR2_PACKAGE_LIBDAEMON is not set
+BR2_PACKAGE_LIBDAEMON=y
BR2_PACKAGE_LIBELF=y
# BR2_PACKAGE_LIBEVENT is not set
# BR2_PACKAGE_LIBFB is not set
@@ -663,7 +663,10 @@
# BR2_PACKAGE_ARGUS is not set
BR2_PACKAGE_ARNOFW=y
BR2_PACKAGE_ARP_SCAN=y
-# BR2_PACKAGE_AVAHI is not set
+BR2_PACKAGE_AVAHI=y
+# BR2_PACKAGE_AVAHI_AUTOIPD is not set
+BR2_PACKAGE_AVAHI_DAEMON=y
+# BR2_PACKAGE_AVAHI_LIBDNSSD_COMPATIBILITY is not set
# BR2_PACKAGE_AXEL is not set
# BR2_PACKAGE_BLUEZ_UTILS is not set
# BR2_PACKAGE_BIND is not set
@@ -714,7 +717,6 @@
# BR2_PACKAGE_LIGHTTPD_WEBDAV is not set
# BR2_PACKAGE_LINKS is not set
# BR2_PACKAGE_LRZSZ is not set
-BR2_PACKAGE_MDNSRESPONDER=y
# BR2_PACKAGE_MII_DIAG is not set
BR2_PACKAGE_MINIUPNPD=y
# BR2_PACKAGE_MROUTED is not set
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-06-03 23:33:19
|
Revision: 7702
http://sourceforge.net/p/astlinux/code/7702
Author: abelbeck
Date: 2016-06-03 23:33:17 +0000 (Fri, 03 Jun 2016)
Log Message:
-----------
avahi, add a default p910nd service file named with a trailing '.disabled' so it will be disabled by default
Modified Paths:
--------------
branches/1.0/package/avahi/avahi.mk
Added Paths:
-----------
branches/1.0/package/avahi/services/
branches/1.0/package/avahi/services/p910nd.service.disabled
Modified: branches/1.0/package/avahi/avahi.mk
===================================================================
--- branches/1.0/package/avahi/avahi.mk 2016-06-03 16:13:06 UTC (rev 7701)
+++ branches/1.0/package/avahi/avahi.mk 2016-06-03 23:33:17 UTC (rev 7702)
@@ -172,8 +172,9 @@
$(SED) 's:^#*use-ipv6=.*$$:use-ipv6=no:' \
-e 's:^#*allow-interfaces=.*$$:allow-interfaces=:' \
$(TARGET_DIR)/stat/etc/avahi/avahi-daemon.conf
+ rm -f $(TARGET_DIR)/stat/etc/avahi/avahi-dnsconfd.action
rm -f $(TARGET_DIR)/stat/etc/avahi/services/*.service
- rm -f $(TARGET_DIR)/stat/etc/avahi/avahi-dnsconfd.action
+ cp -a package/avahi/services/*.service* $(TARGET_DIR)/stat/etc/avahi/services/
endef
AVAHI_POST_INSTALL_TARGET_HOOKS += AVAHI_INSTALL_DAEMON_INIT_SYSV
Added: branches/1.0/package/avahi/services/p910nd.service.disabled
===================================================================
--- branches/1.0/package/avahi/services/p910nd.service.disabled (rev 0)
+++ branches/1.0/package/avahi/services/p910nd.service.disabled 2016-06-03 23:33:17 UTC (rev 7702)
@@ -0,0 +1,17 @@
+<?xml version="1.0" standalone='no'?><!--*-nxml-*-->
+<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
+
+<service-group>
+ <name replace-wildcards="yes">AstLinux Printer on %h</name>
+ <service>
+ <type>_pdl-datastream._tcp</type>
+ <port>9100</port>
+ <txt-record>qtotal=1</txt-record>
+ <txt-record>note=USB connected to AstLinux</txt-record>
+ <txt-record>ty=Generic Printer</txt-record>
+ <txt-record>product=(Generic Printer)</txt-record>
+ <txt-record>usb_MFG=Generic</txt-record>
+ <txt-record>usb_MDL=Generic</txt-record>
+ <txt-record>pdl=application/octet-stream,application/pdf,application/postscript,application/vnd.hp-PCL</txt-record>
+ </service>
+</service-group>
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-06-03 16:13:09
|
Revision: 7701
http://sourceforge.net/p/astlinux/code/7701
Author: abelbeck
Date: 2016-06-03 16:13:06 +0000 (Fri, 03 Jun 2016)
Log Message:
-----------
build system, check for native 'intltool-extract' command available from 'intltool' package on Debian/Ubuntu/CentOS, also check for 'perl' and 'gettext'
Modified Paths:
--------------
branches/1.0/scripts/build
Modified: branches/1.0/scripts/build
===================================================================
--- branches/1.0/scripts/build 2016-06-03 13:45:51 UTC (rev 7700)
+++ branches/1.0/scripts/build 2016-06-03 16:13:06 UTC (rev 7701)
@@ -6,7 +6,7 @@
# Max image size in 1024 (k) bytes
MAX_IMAGEFS_SIZE=196608 # 192m
-REQUIRED_CMDS="which zcat bzcat make gcc bison flex msgfmt makeinfo autoconf nasm wget rsync sed"
+REQUIRED_CMDS="which zcat bzcat make gcc bison flex msgfmt makeinfo autoconf nasm wget rsync sed perl gettext intltool-extract"
ROOTFS_SQUASHFS="output/images/rootfs.squashfs"
ROOTFS_EXT2="output/images/rootfs.ext2"
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-06-03 13:45:54
|
Revision: 7700
http://sourceforge.net/p/astlinux/code/7700
Author: abelbeck
Date: 2016-06-03 13:45:51 +0000 (Fri, 03 Jun 2016)
Log Message:
-----------
libdaemon, build tweaks, no functional change
Modified Paths:
--------------
branches/1.0/package/libdaemon/libdaemon.mk
Modified: branches/1.0/package/libdaemon/libdaemon.mk
===================================================================
--- branches/1.0/package/libdaemon/libdaemon.mk 2016-06-03 13:37:09 UTC (rev 7699)
+++ branches/1.0/package/libdaemon/libdaemon.mk 2016-06-03 13:45:51 UTC (rev 7700)
@@ -1,17 +1,17 @@
#############################################################
#
-# libdaemon (UNIX daemon library)
+# libdaemon
#
#############################################################
LIBDAEMON_VERSION = 0.14
LIBDAEMON_SOURCE = libdaemon-$(LIBDAEMON_VERSION).tar.gz
-LIBDAEMON_SITE = http://0pointer.de/lennart/projects/libdaemon/
-LIBDAEMON_AUTORECONF = NO
+LIBDAEMON_SITE = http://0pointer.de/lennart/projects/libdaemon
LIBDAEMON_INSTALL_STAGING = YES
+LIBDAEMON_DEPENDENCIES = host-pkg-config
+
LIBDAEMON_CONF_ENV = ac_cv_func_setpgrp_void=no
+
LIBDAEMON_CONF_OPT = --disable-lynx
-LIBDAEMON_DEPENDENCIES = host-pkg-config
-
$(eval $(call AUTOTARGETS,package,libdaemon))
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-06-03 13:37:11
|
Revision: 7699
http://sourceforge.net/p/astlinux/code/7699
Author: abelbeck
Date: 2016-06-03 13:37:09 +0000 (Fri, 03 Jun 2016)
Log Message:
-----------
mdnsresponder, move runlevel symlinks to the package makefile
Modified Paths:
--------------
branches/1.0/package/mdnsresponder/mdnsresponder.mk
Removed Paths:
-------------
branches/1.0/project/astlinux/target_skeleton/etc/runlevels/default/K05mdns
branches/1.0/project/astlinux/target_skeleton/etc/runlevels/default/S92mdns
Modified: branches/1.0/package/mdnsresponder/mdnsresponder.mk
===================================================================
--- branches/1.0/package/mdnsresponder/mdnsresponder.mk 2016-06-03 13:25:46 UTC (rev 7698)
+++ branches/1.0/package/mdnsresponder/mdnsresponder.mk 2016-06-03 13:37:09 UTC (rev 7699)
@@ -28,14 +28,18 @@
$(TARGET_DIR)/$(MDNSRESPONDER_TARGET_BINARY): $(MDNSRESPONDER_DIR)/$(MDNSRESPONDER_BINARY)
$(INSTALL) -s -D -m 0755 $(MDNSRESPONDER_DIR)/$(MDNSRESPONDER_BINARY) $(TARGET_DIR)/$(MDNSRESPONDER_TARGET_BINARY)
$(INSTALL) -D -m 0755 package/mdnsresponder/mdns.init $(TARGET_DIR)/etc/init.d/mdns
+ ln -sf ../../init.d/mdns $(TARGET_DIR)/etc/runlevels/default/S92mdns
+ ln -sf ../../init.d/mdns $(TARGET_DIR)/etc/runlevels/default/K05mdns
mdnsresponder: $(TARGET_DIR)/$(MDNSRESPONDER_TARGET_BINARY)
mdnsresponder-source: $(MDNSRESPONDER_DIR)/.source
mdnsresponder-clean:
- rm -rf $(TARGET_DIR)/$(MDNSRESPONDER_TARGET_BINARY)
- rm -rf $(TARGET_DIR)/etc/init.d/mdns
+ rm -f $(TARGET_DIR)/$(MDNSRESPONDER_TARGET_BINARY)
+ rm -f $(TARGET_DIR)/etc/init.d/mdns
+ rm -f $(TARGET_DIR)/etc/runlevels/default/S92mdns
+ rm -f $(TARGET_DIR)/etc/runlevels/default/K05mdns
-$(MAKE) -C $(MDNSRESPONDER_DIR)/mDNSPosix os=linux clean
mdnsresponder-dirclean:
Deleted: branches/1.0/project/astlinux/target_skeleton/etc/runlevels/default/K05mdns
===================================================================
--- branches/1.0/project/astlinux/target_skeleton/etc/runlevels/default/K05mdns 2016-06-03 13:25:46 UTC (rev 7698)
+++ branches/1.0/project/astlinux/target_skeleton/etc/runlevels/default/K05mdns 2016-06-03 13:37:09 UTC (rev 7699)
@@ -1 +0,0 @@
-link ../../init.d/mdns
\ No newline at end of file
Deleted: branches/1.0/project/astlinux/target_skeleton/etc/runlevels/default/S92mdns
===================================================================
--- branches/1.0/project/astlinux/target_skeleton/etc/runlevels/default/S92mdns 2016-06-03 13:25:46 UTC (rev 7698)
+++ branches/1.0/project/astlinux/target_skeleton/etc/runlevels/default/S92mdns 2016-06-03 13:37:09 UTC (rev 7699)
@@ -1 +0,0 @@
-link ../../init.d/mdns
\ No newline at end of file
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-06-03 13:25:49
|
Revision: 7698
http://sourceforge.net/p/astlinux/code/7698
Author: abelbeck
Date: 2016-06-03 13:25:46 +0000 (Fri, 03 Jun 2016)
Log Message:
-----------
p910nd, move runlevel symlinks to the package makefile
Modified Paths:
--------------
branches/1.0/package/p910nd/p910nd.mk
Removed Paths:
-------------
branches/1.0/project/astlinux/target_skeleton/etc/runlevels/default/K08p910nd
branches/1.0/project/astlinux/target_skeleton/etc/runlevels/default/S63p910nd
Modified: branches/1.0/package/p910nd/p910nd.mk
===================================================================
--- branches/1.0/package/p910nd/p910nd.mk 2016-06-03 13:11:52 UTC (rev 7697)
+++ branches/1.0/package/p910nd/p910nd.mk 2016-06-03 13:25:46 UTC (rev 7698)
@@ -23,11 +23,15 @@
define P910ND_INSTALL_TARGET_CMDS
$(INSTALL) -m 0755 -D $(@D)/p910nd $(TARGET_DIR)/usr/sbin/p910nd
$(INSTALL) -m 0755 -D package/p910nd/p910nd.init $(TARGET_DIR)/etc/init.d/p910nd
+ ln -sf ../../init.d/p910nd $(TARGET_DIR)/etc/runlevels/default/S63p910nd
+ ln -sf ../../init.d/p910nd $(TARGET_DIR)/etc/runlevels/default/K08p910nd
endef
define P910ND_UNINSTALL_TARGET_CMDS
rm -f $(TARGET_DIR)/usr/sbin/p910nd
rm -f $(TARGET_DIR)/etc/init.d/p910nd
+ rm -f $(TARGET_DIR)/etc/runlevels/default/S63p910nd
+ rm -f $(TARGET_DIR)/etc/runlevels/default/K08p910nd
endef
$(eval $(call AUTOTARGETS,package,p910nd))
Deleted: branches/1.0/project/astlinux/target_skeleton/etc/runlevels/default/K08p910nd
===================================================================
--- branches/1.0/project/astlinux/target_skeleton/etc/runlevels/default/K08p910nd 2016-06-03 13:11:52 UTC (rev 7697)
+++ branches/1.0/project/astlinux/target_skeleton/etc/runlevels/default/K08p910nd 2016-06-03 13:25:46 UTC (rev 7698)
@@ -1 +0,0 @@
-link ../../init.d/p910nd
\ No newline at end of file
Deleted: branches/1.0/project/astlinux/target_skeleton/etc/runlevels/default/S63p910nd
===================================================================
--- branches/1.0/project/astlinux/target_skeleton/etc/runlevels/default/S63p910nd 2016-06-03 13:11:52 UTC (rev 7697)
+++ branches/1.0/project/astlinux/target_skeleton/etc/runlevels/default/S63p910nd 2016-06-03 13:25:46 UTC (rev 7698)
@@ -1 +0,0 @@
-link ../../init.d/p910nd
\ No newline at end of file
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-06-03 13:11:55
|
Revision: 7697
http://sourceforge.net/p/astlinux/code/7697
Author: abelbeck
Date: 2016-06-03 13:11:52 +0000 (Fri, 03 Jun 2016)
Log Message:
-----------
ntp, version bump to 4.2.8p8, security fixes: 1 high- and 4 low- severity
CVE-2016-4957 - Crypto-NAK crash
CVE-2016-4953 - Bad authentication demobilizes ephemeral associations
CVE-2016-4954 - Processing spoofed server packets
CVE-2016-4955 - Autokey association reset
CVE-2016-4956 - Broadcast interleave
Modified Paths:
--------------
branches/1.0/package/ntp/ntp.mk
Modified: branches/1.0/package/ntp/ntp.mk
===================================================================
--- branches/1.0/package/ntp/ntp.mk 2016-06-01 22:45:05 UTC (rev 7696)
+++ branches/1.0/package/ntp/ntp.mk 2016-06-03 13:11:52 UTC (rev 7697)
@@ -3,7 +3,7 @@
# ntp
#
#############################################################
-NTP_VERSION = 4.2.8p7
+NTP_VERSION = 4.2.8p8
NTP_SOURCE = ntp-$(NTP_VERSION).tar.gz
NTP_SITE = https://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2
NTP_DEPENDENCIES = host-bison host-flex host-pkg-config
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <abe...@us...> - 2016-06-01 22:45:07
|
Revision: 7696
http://sourceforge.net/p/astlinux/code/7696
Author: abelbeck
Date: 2016-06-01 22:45:05 +0000 (Wed, 01 Jun 2016)
Log Message:
-----------
avahi, add a /etc/init.d/avahi service, edit configs from /mnt/kd/avahi symlinked to /etc/avahi in the standard AstLinux fashion
Modified Paths:
--------------
branches/1.0/package/avahi/Config.in
branches/1.0/package/avahi/avahi.mk
Added Paths:
-----------
branches/1.0/package/avahi/avahi.init
Removed Paths:
-------------
branches/1.0/package/avahi/S05avahi-setup.sh
branches/1.0/package/avahi/S50avahi-daemon
Modified: branches/1.0/package/avahi/Config.in
===================================================================
--- branches/1.0/package/avahi/Config.in 2016-05-31 19:52:36 UTC (rev 7695)
+++ branches/1.0/package/avahi/Config.in 2016-06-01 22:45:05 UTC (rev 7696)
@@ -24,6 +24,7 @@
bool "mDNS/DNS-SD daemon"
select BR2_PACKAGE_LIBDAEMON
select BR2_PACKAGE_EXPAT
+ default y
help
The Avahi mDNS/DNS-SD daemon implementing Apple's ZeroConf
architecture (also known as "Rendezvous" or "Bonjour").
Deleted: branches/1.0/package/avahi/S05avahi-setup.sh
===================================================================
--- branches/1.0/package/avahi/S05avahi-setup.sh 2016-05-31 19:52:36 UTC (rev 7695)
+++ branches/1.0/package/avahi/S05avahi-setup.sh 2016-06-01 22:45:05 UTC (rev 7696)
@@ -1,16 +0,0 @@
-#!/bin/sh
-
-case "$1" in
- start|"")
- if [ ! -d /tmp/avahi-autopid ]; then
- rm -rf /tmp/avahi-autoipd
- mkdir /tmp/avahi-autoipd
- chown nobody:nobody /tmp/avahi-autoipd
- fi
- ;;
- stop) ;;
- *)
- echo "Usage: S05avahi-setup.sh {start|stop}" >&2
- exit 1
- ;;
-esac
Deleted: branches/1.0/package/avahi/S50avahi-daemon
===================================================================
--- branches/1.0/package/avahi/S50avahi-daemon 2016-05-31 19:52:36 UTC (rev 7695)
+++ branches/1.0/package/avahi/S50avahi-daemon 2016-06-01 22:45:05 UTC (rev 7696)
@@ -1,20 +0,0 @@
-#!/bin/sh
-#
-# avahi-daemon init script
-
-DAEMON=/usr/sbin/avahi-daemon
-case "$1" in
- start)
- $DAEMON -c || $DAEMON -D
- ;;
- stop)
- $DAEMON -c && $DAEMON -k
- ;;
- reload)
- $DAEMON -c && $DAEMON -r
- ;;
- *)
- echo "Usage: S50avahi-daemon {start|stop|reload}" >&2
- exit 1
- ;;
-esac
Added: branches/1.0/package/avahi/avahi.init
===================================================================
--- branches/1.0/package/avahi/avahi.init (rev 0)
+++ branches/1.0/package/avahi/avahi.init 2016-06-01 22:45:05 UTC (rev 7696)
@@ -0,0 +1,69 @@
+#!/bin/sh
+
+. /etc/rc.conf
+
+DAEMON=/usr/sbin/avahi-daemon
+
+if [ ! -x $DAEMON ]; then
+ exit
+fi
+
+init ()
+{
+ if [ "$AVAHI_ENABLE" != "yes" ]; then
+ exit
+ fi
+
+ if [ ! -d /mnt/kd/avahi ]; then
+ mkdir /mnt/kd/avahi
+ if [ -d /stat/etc/avahi ]; then
+ cp -a /stat/etc/avahi/* /mnt/kd/avahi/
+ fi
+ fi
+
+ ln -snf /mnt/kd/avahi /tmp/etc/avahi
+}
+
+start ()
+{
+ if [ "$AVAHI_ENABLE" = "yes" ] && ! $DAEMON --check; then
+ echo "Starting Avahi mDNS/DNS-SD..."
+ $DAEMON --daemonize
+ fi
+}
+
+stop ()
+{
+ if $DAEMON --check; then
+ echo "Stopping Avahi mDNS/DNS-SD..."
+ $DAEMON --kill
+ fi
+}
+
+case $1 in
+
+init)
+ init
+ start
+ ;;
+
+start)
+ start
+ ;;
+
+stop)
+ stop
+ ;;
+
+restart)
+ stop
+ sleep 2
+ start
+ ;;
+
+*)
+ echo "Usage: start|stop|restart" >&2
+ exit 1
+ ;;
+
+esac
Property changes on: branches/1.0/package/avahi/avahi.init
___________________________________________________________________
Added: svn:executable
## -0,0 +1 ##
+*
\ No newline at end of property
Modified: branches/1.0/package/avahi/avahi.mk
===================================================================
--- branches/1.0/package/avahi/avahi.mk 2016-05-31 19:52:36 UTC (rev 7695)
+++ branches/1.0/package/avahi/avahi.mk 2016-06-01 22:45:05 UTC (rev 7696)
@@ -154,19 +154,30 @@
ln -sf /tmp/avahi-autoipd $(TARGET_DIR)/var/lib/avahi-autoipd
endef
-define AVAHI_INSTALL_AUTOIPD_INIT_SYSV
- $(INSTALL) -D -m 0755 package/avahi/S05avahi-setup.sh $(TARGET_DIR)/etc/init.d/S05avahi-setup.sh
-endef
-
-AVAHI_POST_INSTALL_TARGET_HOOKS += AVAHI_INSTALL_AUTOIPD AVAHI_INSTALL_AUTOIPD_INIT_SYSV
+AVAHI_POST_INSTALL_TARGET_HOOKS += AVAHI_INSTALL_AUTOIPD
endif
ifeq ($(BR2_PACKAGE_AVAHI_DAEMON),y)
define AVAHI_INSTALL_DAEMON_INIT_SYSV
- $(INSTALL) -D -m 0755 package/avahi/S50avahi-daemon $(TARGET_DIR)/etc/init.d/S50avahi-daemon
+ mkdir -p $(TARGET_DIR)/stat/etc/avahi
+ cp -a $(TARGET_DIR)/etc/avahi/* $(TARGET_DIR)/stat/etc/avahi/
+ rm -rf $(TARGET_DIR)/etc/avahi
+ ln -s /tmp/etc/avahi $(TARGET_DIR)/etc/avahi
+ $(INSTALL) -D -m 0755 package/avahi/avahi.init $(TARGET_DIR)/etc/init.d/avahi
+ ln -sf ../../init.d/avahi $(TARGET_DIR)/etc/runlevels/default/S92avahi
+ ln -sf ../../init.d/avahi $(TARGET_DIR)/etc/runlevels/default/K05avahi
endef
+define AVAHI_DAEMON_DEFAULT_FIXUP
+ $(SED) 's:^#*use-ipv6=.*$$:use-ipv6=no:' \
+ -e 's:^#*allow-interfaces=.*$$:allow-interfaces=:' \
+ $(TARGET_DIR)/stat/etc/avahi/avahi-daemon.conf
+ rm -f $(TARGET_DIR)/stat/etc/avahi/services/*.service
+ rm -f $(TARGET_DIR)/stat/etc/avahi/avahi-dnsconfd.action
+endef
+
AVAHI_POST_INSTALL_TARGET_HOOKS += AVAHI_INSTALL_DAEMON_INIT_SYSV
+AVAHI_POST_INSTALL_TARGET_HOOKS += AVAHI_DAEMON_DEFAULT_FIXUP
endif
ifeq ($(BR2_PACKAGE_AVAHI_LIBDNSSD_COMPATIBILITY),y)
@@ -179,4 +190,14 @@
AVAHI_POST_INSTALL_STAGING_HOOKS += AVAHI_STAGING_INSTALL_LIBDNSSD_LINK
endif
+define AVAHI_UNINSTALL_TARGET_CMDS
+ rm -rf $(TARGET_DIR)/stat/etc/avahi
+ rm -f $(TARGET_DIR)/etc/avahi
+ rm -f $(TARGET_DIR)/usr/sbin/avahi-*
+ rm -f $(TARGET_DIR)/var/lib/avahi-autoipd
+ rm -f $(TARGET_DIR)/etc/init.d/avahi
+ rm -f $(TARGET_DIR)/etc/runlevels/default/S92avahi
+ rm -f $(TARGET_DIR)/etc/runlevels/default/K05avahi
+endef
+
$(eval $(call AUTOTARGETS,package,avahi))
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
1 message has been excluded from this view by a project administrator.
