Add an option for adding rules based on source interface.
The default 0.0.0.0/0 src and destination ip addresses has been removed. It is unclear
how the 'any' family of rules would have worked, as it appears each rule always required an
ipv4 or ipv6 address src and destination address. With this change, the any family will work
again.
I also cleaned up a bunch of repeated code around adding the iptables rules for
ipv4/ipv6/any in making the change.
Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
init script would error:
procd: /etc/rc.d/S99acpid: /etc/rc.common: /etc/rc.d/S99acpid: line 18: procd_send_signal: not found
procd: /etc/rc.d/S99acpid: /etc/rc.common: /etc/rc.d/S99acpid: line 19: syntax error: unexpected "}"
Signed-off-by: Rob Mosher <nyt-openwrt@countercultured.net>
The pycrypto package is not maintained; the last stable release was in
2013.
This also updates python3-cryptodome, from conflicting with
python3-crypto, to providing python3-crypto.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This is needed since openvswitch 2.13 commit 2a97891eb23b
("Documentation: Work with sphinx-build for Python 3 also.")
The 4th patch was also reworked to serve as another guard
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
This took a while to get running.
It turns out, the fix is mostly in libxslt.
lxml uses the xsltGetProfileInformation() function, which is disabled from
libxslt via --without-profiler.
This causes a runtime error, since it cannot find the symbol.
So, libxslt is also updated to re-enable the profiler.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
The lxml package depends on the xsltGetProfileInformation() symbol to be
available.
Without it, the library is unusable at newer versions.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
The config symbol SSP_SUPPORT is ambiguous and means different
things to different packages: either "toolchain is compiled
with ssp support" or "toolchain uses gcc libssp". The use of the
symbol should be deprecated and the appropriate symbol used
instead.
Signed-off-by: Ian Cooper <iancooper@hotmail.com>
Compile with USELIBCAP=1 to make use of POSIX capabilities. This will
save the required capabilities needed for transparent proxying for
unprivileged processes.
Signed-off-by: Gabor Seljan <sgabe@users.noreply.github.com>
* fix regex capture (to conform std)
* fix issues for Clang/libcxx (warnings/includes)
* fix CONFLICTS in the Makefile
* use /bin/sh in host scripts and shellcheck them
* add callback for setting arguments in ubus::call
Signed-off-by: Peter Stadler <peter.stadler@student.uibk.ac.at>
Add alternative to busybox nslookup. Busybox throws an error when
the host does not have an AAAA record.
Signed-off-by: Ian Cooper <iancooper@hotmail.com>
Build is failing because HWTSTAMP_TX_ONESTEP_P2P is defined anymore on
linux net_tstamp.h.
Moreover, the usual way of linuxptp build is looking for system includes
unless user defines differently. That also was tried to fix.
PKG_RELEASE bumped to 3.
Signed-off-by: Paulo Machado <pffmachado@yahoo.com>
Updates pdns-recursor to latest release in the 4.2 series.
Includes backported fixes for CVE-2020-10995, CVE-2020-12244 and
CVE-2020-10030, plus avoid a crash when loading an invalid RPZ.
Full change log for this release is available at:
https://doc.powerdns.com/recursor/changelog/4.2.html#change-4.2.2
Signed-off-by: James Taylor <james@jtaylor.id.au>