* provides an option to transfer log events on remote servers via cgi interface (disabled by default), see readme for details
* refine the allowlist check to support IP intervals as well before adding an IP to the blocklist
Signed-off-by: Dirk Brenken <dev@brenken.org>
* improve allow-listing reliability by running sed from the script-file
instead of the command-line
* fix user for smartdns files ownership
Signed-off-by: Stan Grishin <stangri@melmac.ca>
New features for v1.7.x:
1. Support excluding custom routes
2. `udp_disable_domain_unmapping` for inbound listen option
3. `HTTPUpgrade` transport
4. Migrate multiplex and UoT server to inbound and multiplexing support is no longer enabled by default and needs to be turned on explicitly in inbound options.
5. TCP Brutal support for multiplex
Signed-off-by: Van Waholtz <brvphoenix@gmail.com>
Changelog: https://github.com/snort3/snort3/releases/tag/3.1.76.0
,,_ -*> Snort++ <*-
o" )~ Version 3.1.76.0
'''' By Martin Roesch & The Snort Team
http://snort.org/contact#team
Copyright (C) 2014-2023 Cisco and/or its affiliates. All rights reserved.
Copyright (C) 1998-2013 Sourcefire, Inc., et al.
Using DAQ version 3.0.13
Using LuaJIT version 2.1.0-beta3
Using OpenSSL 3.0.12 24 Oct 2023
Using libpcap version 1.10.4 (with TPACKET_V3)
Using PCRE version 8.45 2021-06-15
Using ZLIB version 1.3
Using Hyperscan version 5.4.2 2023-12-03
Build system: x86/64
Build-tested: x86/64/AMD Cezanne
Run-tested: x86/64/AMD Cezanne
Signed-off-by: John Audia <therealgraysky@proton.me>
* do not use standalone grep-package dependent syntax to get the remote
file size
* various bugfixes to prevent attempts to change/commit if dnsmasq/smartdns
are not installed
Signed-off-by: Stan Grishin <stangri@melmac.ca>
41.0.6 included a fix for CVE-2023-49083 (loading certificates from a
PKCS#7 bundle could lead to a null-pointer-dereference and segfault).
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This also includes a test.sh script for the packages feed CI.
From the README:
When writing desktop application, finding the right location to store
user data and configuration varies per platform. Even for
single-platform apps, there may by plenty of nuances in figuring out the
right location.
This kind of thing is what the platformdirs package is for.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* bugfix: correct URL to config-update file
* bugfix: check if uci configs exist before chacking for changes
* add support for smartdns ipset-based blocking
* add support for smartfns nftset-based blocking
* disallow non-ascii symbols for smartdns blocking
* add check wherever fw4 restart is needed before calling
procd_set_config_changed firewall
* improve clean-up code in resolver()
* improve case code for different resolver settings
* modify load_validate_config to allow smartdns.ipset and smartdns.nftset
Signed-off-by: Stan Grishin <stangri@melmac.ca>
Clixon is a YANG-based configuration manager, with interactive CLI,
NETCONF and RESTCONF interfaces, an embedded database and transaction
mechanism.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
uspot is an OpenWrt-native captive portal system.
It leverages existing OpenWrt tools such as uhttpd, dnsmasq, firewall4,
ucode, without needing any external kernel module.
It can achieve the maximum performance allowed by nftables (flow
offloading works).
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
* add support for smartdns
* switch from using `uci` commands to `uci_` functions
* rename `_resolver_config` to `_dnsmasq_instance_config`
* introduce `_smartdns_instance_config`
* improve resolvers restart code on changes
* update load_validate_config to allow for smartdns option
Signed-off-by: Stan Grishin <stangri@melmac.ca>
If no GSM but only 4G is available and a special APN must be used, it
is necessary to set an inital EPS bearer beforehand. If this is not set,
then modem cannot log in and register in the mobile network.
The new option 'init_epsbearer' could be set to the following options.
* none: No init EPS bearer is used and the old one is deleted (default)
* default: Use init EPS bearer with the following config options
'iptype', 'allowedauth', 'password', 'user' and 'apn' as for the
connection bearer.
* custom: Other parameters are used that do not match those of the
default connection bearer. These have an 'init_' prefix and are named
in the same way as the default connection bearer config options.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
