Unspecified vulnerability in vsftp 3.0.2 and earlier allows remote attackers to bypass access restrictions via unknown vectors, related to deny_file parsing.
simple.qos had accidentally set up the egress shaper twice, once
with the true egress parameters and a second time using the ingress
parameters, effectively misconfiguring both directions. This bub
only affected situations where 3-tier ingress classification was
used.
Signed-off-by: Sebastian Moeller <moeller0@gmx.de>
sqm_logger tried tro wait indefinitely if passed an empty string.
This in turn makes sqm-scripts hang. Quoting the input argument in sqm_logger
seems to fix the problem.
Signed-off-by: Sebastian Moeller <moeller0@gmx.de>
The last batch of changes tried to teach the GUI to pass link layer
options to cake but forgot to actually call the function that parses
the GUI variables and used it as a string insteead. So this fixes that
it also tries to allow the use of the tc_stab link layer adjustment
method with cake so the implementations can be validated against each other
easily. Needs testing...
Signed-off-by: Sebastian Moeller <moeller0@gmx.de>
The cake traffic-shaper qdisc omne stop solution knows how to handle
link layer adjustments for ATM and can account for per packet overhead.
This commit adds cake as link layer adjustment mechanism in the GUI and
passes numerically specified overhead as well as the ATM linklayer
keywords on to cake. This change also passes the "advanced option strings"
from the Queue Discipline tab to cake. But as before no error checking.
This needs testing, as I have no working cake qdisc available so
caveat emptor...
Signed-off-by: Sebastian Moeller <moeller0@gmx.de>
Make clear that configuration options guarded by checkboxes are only
effective as long as those boxes are checked.
The sqm gui has giarded some advanced configuration options behind exposing
checkboxes, meaning these optiopn's values were only used as long
as those boxes were checked. This commit just improves the description of
the checkboxes to included this useage instruction...
Signed-off-by: Sebastian Moeller <moeller0@gmx.de>
The SQM gui has confused its users with an enable button, that only served to
selecively activate/de-activate sqm instances instead of controlling sqm's
initscript (which needs to be enabled so the sqm properly starts up after a reboot
and also for hotplug to work properly). luci-app-sqm will now enable sqm's
initscript when a single sqm instance get enabled. It also informs the user about
this fact in the top margin of the sqm page. Note sqm will not disable the
initscript behind the user's back if sqm instances get disabled.
While I would have prefered this notice to be more prominent an attentive user
should notice, and most users should not care anyway. This also increases the
package release number.
Signed-off-by: Sebastian Moeller <moeller0@gmx.de>
Fixed two issues in Chaos Calmer and trunk:
-troubleshooting page not displaying
-UCI arguments out of order because of switch to musl c library from uclibc
Signed-off-by: Aedan "arfett" Renner <chipdankly@gmail.com>
- BUILD/MINOR: tools: rename popcount to my_popcountl
- BUG/MAJOR: buffers: make the buffer_slow_realign() function respect output data
Signed-off-by: heil <heil@terminal-consulting.de>
fixed sed when filtering IP address from nslookup output
because "Server:" block might have multiple address lines.
Thanks to Arjen de Korte
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Released version 1.5.13 with the following main changes :
- BUG/MINOR: check: fix tcpcheck error message
- CLEANUP: deinit: remove codes for cleaning p->block_rules
- DOC: Update doc about weight, act and bck fields in the statistics
- MINOR: ssl: add a destructor to free allocated SSL ressources
- BUG/MEDIUM: ssl: fix tune.ssl.default-dh-param value being overwritten
- MEDIUM: ssl: replace standards DH groups with custom ones
- BUG/MINOR: debug: display (null) in place of "meth"
- BUG/MINOR: cfgparse: fix typo in 'option httplog' error message
- BUG/MEDIUM: cfgparse: segfault when userlist is misused
- BUG/MEDIUM: stats: properly initialize the scope before dumping stats
- BUG/MEDIUM: http: don't forward client shutdown without NOLINGER except for tunnels
- CLEANUP: checks: fix double usage of cur / current_step in tcp-checks
- BUG/MEDIUM: checks: do not dereference head of a tcp-check at the end
- CLEANUP: checks: simplify the loop processing of tcp-checks
- BUG/MAJOR: checks: always check for end of list before proceeding
- BUG/MEDIUM: checks: do not dereference a list as a tcpcheck struct
- BUG/MEDIUM: peers: apply a random reconnection timeout
- BUG/MINOR: ssl: fix smp_fetch_ssl_fc_session_id
- MEDIUM: init: don't stop proxies in parent process when exiting
- MINOR: peers: store the pointer to the signal handler
- MEDIUM: peers: unregister peers that were never started
- MEDIUM: config: propagate the table's process list to the peers sections
- MEDIUM: init: stop any peers section not bound to the correct process
- MEDIUM: config: validate that peers sections are bound to exactly one process
- MAJOR: peers: allow peers section to be used with nbproc > 1
- DOC: relax the peers restriction to single-process
- CLEANUP: config: fix misleading information in error message.
- MINOR: config: report the number of processes using a peers section in the error case
- BUG/MEDIUM: config: properly compute the default number of processes for a proxy
Signed-off-by: heil <heil@terminal-consulting.de>
That allows to restart transmission when it crashes, to limit
the memory used by it, as well as be jailed in the directories
it is supposed to access.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
sqm-scripts for a long time interprets a "Down- or Upload speed" of zero as
an indication that the shaper should be disabled. Note that really shaping
an individual direction down o zero will make the link effectively dead
for tcp (think reverse ACK traffic). Son instead of allowing the user to
configure something broken, 0 was "over-loaded" to denote no shaping
since several years, but that information has not been documented visibly
to the users. This commit aims at fixing that oversight.
Signed-off-by: Sebastian Moeller <moeller0@gmx.de>
- [PATCH 1/2] BUG/MEDIUM: stats: properly initialize the scope before
- [PATCH 2/2] BUG/MEDIUM: http: don't forward client shutdown without
- [PATCH 3/8] BUG/MINOR: check: fix tcpcheck error message
- [PATCH 4/8] CLEANUP: checks: fix double usage of cur / current_step
- [PATCH 5/8] BUG/MEDIUM: checks: do not dereference head of a
- [PATCH 6/8] CLEANUP: checks: simplify the loop processing of
- [PATCH 7/8] BUG/MAJOR: checks: always check for end of list before
- [PATCH 8/8] BUG/MEDIUM: checks: do not dereference a list as a
- [PATCH 09/10] BUG/MEDIUM: peers: apply a random reconnection timeout
- [PATCH 10/10] DOC: Update doc about weight, act and bck fields in the
- [PATCH 11/14] MINOR: ssl: add a destructor to free allocated SSL
- [PATCH 12/14] BUG/MEDIUM: ssl: fix tune.ssl.default-dh-param value
- [PATCH 13/14] BUG/MINOR: cfgparse: fix typo in 'option httplog' error
- [PATCH 14/14] BUG/MEDIUM: cfgparse: segfault when userlist is misused
Signed-off-by: heil <heil@terminal-consulting.de>
