Skip to content
Snippets Groups Projects
  1. Nov 04, 2020
  2. Oct 29, 2020
  3. Oct 26, 2020
  4. Oct 25, 2020
  5. Oct 22, 2020
  6. Oct 20, 2020
  7. Oct 06, 2020
  8. Oct 01, 2020
  9. Sep 30, 2020
  10. Sep 29, 2020
  11. Sep 25, 2020
    • Karel Koci's avatar
      tos3to4: add SSH daemon config migration · 23f08031
      Karel Koci authored
      In Turris OS 3.x there was UCI config and integration for sshd. Now
      there is just standard config. Simple fix is to move original generated
      one to appropriate location.
      
      This move only happens if configuration of sshd in UCI is not the
      default one. The second check is if target file exists and that is just
      to make sure but it should always be there.
      
      Thanks to David Hopfmueller for pointing this out.
      Verified
      23f08031
  12. Sep 24, 2020
    • Karel Koci's avatar
      sentinel-firewall: redirect should append instead of insert · daf07151
      Karel Koci authored
      The reason for append is to not overrule rules configured in Luci.
      
      There can potentially be some drop rule as well and that was one of the
      original reasons why insert was used instead of append but until such
      case is discovered this should be enough.
      Verified
      daf07151
    • Karel Koci's avatar
      sentinel-firewall: reorder firewall config on start · 465ba822
      Karel Koci authored
      This checks and reorders sentinel-firewall config on firewall start.
      This is not ideal as this reorder is not applied in firewall run when
      reorder happens and there seems to be no reliable way to request
      firewall reload from firewall script itself (would cause firewall
      nesting with unknown results).
      
      We also does not have to reorder in uci-defaults as new config sections
      are always appended so they are the last one, making that operation
      useless code.
      Verified
      465ba822
    • Karel Koci's avatar
      sentinel-firewall: remove any preserved rules · 30ba26e5
      Karel Koci authored
      This removes any preserved rules from firewall. Firewall3 removes any
      rules in chains and tables it manages but others ignores. This is
      considered as feature (as some lists survive reload) but for our use
      case it is not ideal as scripts just insert rules in appropriate
      location. Instead removing all rules we previously added and were
      preserved is better option in this case.
      
      There is one exception and those are our rules that are terminations for
      chains created by us. We are not removing those chains and so we do not
      want to remove those  rules as well. We prevent that by using slightly
      different comment. We do not add additional commentary and drop colon.
      Because of missing colon this rule is not matched and is not removed.
      For termination rule additional comment about source is not necessary so
      we are not loosing anything.
      Verified
      30ba26e5
  13. Sep 23, 2020
  14. Sep 21, 2020
  15. Sep 17, 2020
  16. Sep 16, 2020
  17. Sep 15, 2020