Update for-15.05 adblock from 1.2.1 to 1.4.4
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Original commit messages of 1.2.5-1.4.4 commits:
adblock: update 1.2.5
* restructured sources
* fix logical glitches in config handling
* many corner case fixes & cosmetics
* show runtime errors in LuCI (in lastrun section)
adbock: update 1.2.6
* small addition in case of a failed list download
adblock: update 1.2.7
* provide adblock statistics as a separate function
(/etc/init.d/adblock stats)
adblock: update 1.2.8
* fw rule changes:
force_dns now supports multiple lan devices
disable needless force_dns- & forward/output-rules in 'ap mode'
check return codes during adblock chain creation
* simplified the test for a running firewall
* documentation update
adblock: release 1.3.0
* revised hotplug script
* remove wget package dependency
* support uclient-fetch or wget with ssl support
* documentation update
adblock: update 1.3.1
* fix uclient-fetch detection
* cosmetics
adblock: update 1.3.2
* only a few more fixes
adblock: update 1.3.3
* enable automatic restore on empty source downloads
adblock: release 1.4.0
* rework/speed up overall sort
* simplified dns error handling
adblock: update 1.4.1
* fix two possible overflows in adblock statistics
adblock: update 1.4.2
* ad broad blocklist source 'hphosts' https://hosts-file.net
adblock: update 1.4.3
* fix race condition in restricted mode
* cosmetics
adblock: update 1.4.4
* filter non-printable characters/binary data in input stream
* fix IPv4 adblock statistics in CC
* small optimizations & cosmetics
adblock: release 1.2.0
* rework download/backup/restore handling
* rework firewall handling
* refine whitelist parsing
* changed default null-ip to 198.18.0.1 to prevent conflicts with bcp38
* spread traffic from ad servers (port 80/443) on two uhttpd instances,
this fixes timeouts on sites with many ssl ad server connections, i.e.
youtube.com
* provide statistics & last runtime for LuCI interface
* documentation update
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 8ab3d8bdc2)
(cherry picked from commit 672dd10b10)
* change winspy url again
* various cosmetics left out in former release
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit d0eceb6b25)
adblock: update 1.1.16, release 2
* workaround for LuCI search path issue
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 26fa1c5df0)
adblock: update 1.1.16
* new config option 'adb_restricted' to disable updates of the adblock
config during runtime (no flash writes, disabled by default)
* new update function, to apply latest configuration changes if needed
(/etc/init.d/adblock cfgup)
* fix dns redirect rule
* various optimizations
Signed-off-by: Dirk Brenken <dev@brenken.org>
(cherry picked from commit 41b05a5532)
If the liblz4 library exists within the build environment, the openconnect
configure will pick it up and start depending on it, leading to the following
build error:
Package openconnect is missing dependencies for the following libraries:
liblz4.so.1
Disable LZ4 support in configure in order to avoid this implicit,
nondeterministic dependency.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* support more router modes, as long as the firewall and the DNS server
are enabled
* new source sites can be added & changed via awk ruleset in uci config
* source domain count, last update time & overall count will be stored
in uci config
* added 3 new source sites:
ransomware tracker
rolist/easylist
winspy
* switch to minimal inline base64 encoded 1×1 GIF for pixel server
(separate png image no longer needed)
* simplified uci parser
* source download & domain sort optimization
* add whitelist parser with wildcard support
* reduced code size & various cleanups
* updated documentation
Signed-off-by: Dirk Brenken <openwrt@brenken.org>
(cherry picked from commit b9aeb82c95)
A typo in the init file was causing a certain setting to be overwritten on every daemon start.
Signed-off-by: Jonathan Bennett <JBennett@incomsystems.biz>
[RELEASE] Released version 1.5.16
Released version 1.5.16 with the following main changes :
- BUG/BUILD: replace haproxy-systemd-wrapper with $(EXTRA) in install-bin.
- BUG/MINOR: acl: don't use record layer in req_ssl_ver
- BUG: http: do not abort keep-alive connections on server timeout
- BUG/MEDIUM: http: switch the request channel to no-delay once done.
- MINOR: config: extend the default max hostname length to 64 and beyond
- BUG/MEDIUM: http: don't enable auto-close on the response side
- BUG/MEDIUM: stream: fix half-closed timeout handling
- BUG/MEDIUM: cli: changing compression rate-limiting must require admin level
- BUILD: freebsd: double declaration
- BUG/MEDIUM: sample: urlp can't match an empty value
- BUG/MEDIUM: peers: table entries learned from a remote are pushed to others after a random delay.
- BUG/MEDIUM: peers: old stick table updates could be repushed.
- CLEANUP: haproxy: using _GNU_SOURCE instead of __USE_GNU macro.
- BUG/MINOR: chunk: make chunk_dup() always check and set dst->size
- MINOR: chunks: ensure that chunk_strcpy() adds a trailing zero
- MINOR: chunks: add chunk_strcat() and chunk_newstr()
- MINOR: chunk: make chunk_initstr() take a const string
- BUG/MEDIUM: config: Adding validation to stick-table expire value.
- BUG/MEDIUM: sample: http_date() doesn't provide the right day of the week
- BUG/MEDIUM: channel: fix miscalculation of available buffer space.
- BUG/MINOR: stream: don't force retries if the server is DOWN
- MINOR: unix: don't mention free ports on EAGAIN
- BUG/CLEANUP: CLI: report the proper field states in "show sess"
- MINOR: stats: send content-length with the redirect to allow keep-alive
- BUG: stream_interface: Reuse connection even if the output channel is empty
- DOC: remove old tunnel mode assumptions
- DOC: add server name at rate-limit sessions example
- BUG/MEDIUM: ssl: fix off-by-one in ALPN list allocation
- BUG/MEDIUM: ssl: fix off-by-one in NPN list allocation
- BUG/MEDIUM: stats: stats bind-process doesn't propagate the process mask correctly
- BUG/MINOR: http: Be sure to process all the data received from a server
- BUG/MEDIUM: chunks: always reject negative-length chunks
- BUG/MINOR: systemd: ensure we don't miss signals
- BUG/MINOR: systemd: report the correct signal in debug message output
- BUG/MINOR: systemd: propagate the correct signal to haproxy
- MINOR: systemd: ensure a reload doesn't mask a stop
- CLEANUP: stats: Avoid computation with uninitialized bits.
- CLEANUP: pattern: Ignore unknown samples in pat_match_ip().
- CLEANUP: map: Avoid memory leak in out-of-memory condition.
- BUG/MINOR: tcpcheck: conf parsing error when no port configured on server and last rule is a CONNECT with no port
- BUG/MINOR: tcpcheck: fix incorrect list usage resulting in failure to load certain configs
- MINOR: cfgparse: warn when uid parameter is not a number
- MINOR: cfgparse: warn when gid parameter is not a number
- BUG/MINOR: standard: Avoid free of non-allocated pointer
- BUG/MINOR: pattern: Avoid memory leak on out-of-memory condition
- CLEANUP: http: fix a build warning introduced by a recent fix
- BUG/MINOR: log: GMT offset not updated when entering/leaving DST
Signed-off-by: heil <heil@terminal-consulting.de>
- Fix auto-callout
(http://vcs.pcre.org/viewvc?view=rev&revision=1611)
- Fix negated POSIX class within negated overall class UCP
(git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1612 2f5784b3-3f2a-0410-8824-cb99058d5e15)
- Fix bug for isolated \E between an item and its qualifier when auto callout is set.
(git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1613 2f5784b3-3f2a-0410-8824-cb99058d5e15)
- Give error for regexec with pmatch=NULL and REG_STARTEND set
(git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1614 2f5784b3-3f2a-0410-8824-cb99058d5e15)
- Fix \Q\E before qualifier bug when auto callouts are
(git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1616 2f5784b3-3f2a-0410-8824-cb99058d5e15)
- Fix /x bug when pattern starts with white space and (?-x)
(git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1617 2f5784b3-3f2a-0410-8824-cb99058d5e15)
- Fix copy named substring bug.
(git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1618 2f5784b3-3f2a-0410-8824-cb99058d5e15)
- Fix (by hacking) another length computation issue.
(git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1619 2f5784b3-3f2a-0410-8824-cb99058d5e15
- Fix get_substring_list() bug when \K is used in an assertion.
(git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1620 2f5784b3-3f2a-0410-8824-cb99058d5e15
- Fix pcretest bad behaviour for callout in lookbehind.
(git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1625 2f5784b3-3f2a-0410-8824-cb99058d5e15
- Fix workspace overflow for (*ACCEPT) with deeply nested
(git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1631 2f5784b3-3f2a-0410-8824-cb99058d5e15
fixes CVE-2016-3191
- Fix Yet another duplicate name bugfix by overestimating the memory needed (i.e. another hack - PCRE2 has this "properly" fixed).
(git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1636 2f5784b3-3f2a-0410-8824-cb99058d5e15
- Fix pcretest loop for global matching with an ovector size
(git-svn-id: svn://vcs.exim.org/pcre/code/trunk@1637 2f5784b3-3f2a-0410-8824-cb99058d5e15
Signed-off-by: heil <heil@terminal-consulting.de>
