Router & Proxys

IPCOP

Documentationen (via www.ipcop.org)

IPCop Schnellstartanleitung (v1.x)

Installation Manual (v1.x)

Administration Manual (v1.x)

Netzwerkskizzen

Addon

URL-Filter (via urlfilter.net)

Advanced Proxy (via advproxy.net)

Net-Traffic (via blockouttraffic.de)

Installation von Addons

  • Nach dem Herunterladen des Addons muss es auf den IPCop kopiert werden
  • Kopieren Sie die Datei " Addon_VERSION.tar.gz " auf Ihren IPCop (mit Hilfe von SCP oder WinSCP bzw. FileZilla) nach " /tmp/ "
  • Entpacken des Archivs mit " tar zxvf Addon_VERSION.tar.gz "
  • Wechseln in den Ordner: " cd Addon_VERSION "
  • Installieren mit "./install" bzw. "./setup. (Readme lesen)
  • Nach erfolgreicher Installation kann der Ordner wieder gelöscht werden

IPCop Konfiguration in der internetLOUNGE

Hardware
Fujitsu Siemens
Pentium III
933 MHz
Software
IPCop Version: 1.4.21
Advanced Proxy
URL Filter
Net-Traffic

sonstige

IPCop Hardware Compatibility List (via rkaehler.de)

IPFIRE


Deprecated: Methods with the same name as their class will not be constructors in a future version of PHP; RSSFeed has a deprecated constructor in /kunden/stdj.de/rp-hosting/K144/144/leglos-lichtenberg.de/internetlounge/router-proxys/w2dpluginrssreader.php on line 11
IPFire 2.25 - Core Update 145 is available for testing

Hello everyone,

I hope everyone is making their way okay through this pandemic. In case you got bored, we have a brand new Core Update available for you for testing.
It introduces new metrics for OpenVPN and ships the largest number of package updates that we have ever had, fixing various bugs and carrying plenty of security-related fixes.

OpenVPN Metrics

OpenVPN will from now on collect metrics about connected clients. On an extra page, it will be shown which client has connected when and for how long it was connected.

Misc.

  • The random number generator will be launched earlier in the boot process to see the kernel's pseudo-random number generator as soon as possible. On some systems, this could have blocked the boot process for a couple of minutes.
  • Firewall: Connections that are being NATed will now always be logged in the filter chain, too
  • vnstat, the tool behind the net traffic graphs on the IPFire web user interface has been updated to use a new database format and refreshes its graphs more often, for more detailed and accurate data
  • Pakfire correctly uses upstream proxies now
  • A vast amount of system libraries have been updated. They make the system faster, more robust, and more secure: automake 1.16.2, berkeley 5.3.28, bind 9.11.19, cmake 3.17.0, coreutils 8.32, hyperscan 5.2.1, iproute2 5.6.0, ipset 7.6, knot 2.9.4, libevent2 2.1.11-stable, libhtp 0.5.33, libjpeg 2.0.4, libpng 1.6.37, libseccomp 2.4.3, libusb 1.0.23, libwww-perl 6.43, netpbm 10.73.31, openldap 2.4.29, openvpn 2.4.9, suricata 5.0.3, unbound 1.10.1, vnstat 2.6
  • The translations have been improved by adding new phrases, fixing typos and removing unused translation strings.

Add-ons

Updated packages: borgbackup 1.1.11, clamav 0.102.3, faad2 2.8.8,
ffmpeg 4.4.2, fping 4.2, lame 3.100, libogg 1.3.4, libmpeg2 0.4.1, libshout 2.4.3, libtiff 4.1.0, libvorbis 1.3.6, motion 4.3.0, nano 4.9.2, opus 1.3.1, pcengines-apu-firmware 4.11.0.6, postfix 3.5.1, shairport-sync 3.3.6, sox 14.4.2, strace 5.5, taglib 1.11.1, tmux 3.1, tor 0.4.3.5, tshark 3.2.3, xvid 1.3.7

netatalk has been added as a new package. It provides file-sharing services for Apple devices.

WIO has been updated and shows the connection times for IPsec tunnels.


IPFire 2.25 - Core Update 144 released

This is the official release announcement for IPFire 2.25 - Core Update 144. This contains a number of security fixes in OpenSSL, the squid web proxy, the DHCP client and more. We recommend to install it as soon as possible and reboot.

OpenSSL 1.1.1g

The OpenSSL team has issued a security advisory for the 1.1.1 release with "high" severity.

Applicants on client or service side that call SSL_check_chain() during a TLSv1.3 handshake may crash the application due to incorrect handling of the signature_algorithms_cert" TLS extension.

CVE-2020-1967 has been assigned to track this vulnerability and an immediate installation of this update is recommended.

The DHCP Client (#12354)

Some users using RED in DHCP mode might have seen various crashes of the client. This happened because of attackers sending forged DHCP replies from cloud-hosted networks across the Internet.

After the daemon crashed, the firewall would lose Internet connectivity until it is manually restarted.

Providers normally filter forged DHCP traffic, but some do not seem to do this correctly. We are in touch with them and try to find a solution.

The Squid Web Proxy

The web proxy is vulnerable to cross-site scripting attacks, cache poisoning and access control bypass when processing HTTP request messages.

These problems are known as SQUID-2020:4, SQUID-2019:12, SQUID-2019:4, CVE-2020-11945, CVE-2019-12519, CVE-2019-12521, CVE-2019-12520, CVE-2019-12524 and #12386.

Misc.

  • Updated packages: apache 2.4.43, bind 9.11.18, dhcpcd 9.0.2, squid 4.11
  • The build system has changed the Go compiler from GCCGO to Golang which seems to be introducing fewer bugs into compiled programs

FLI4L

Release der stabilen fli4l Version 3.10.19

Nach gut vier Monaten Entwicklung stellt das fli4l-Team das nächste stabile Release der...

Release der stabilen fli4l Version 3.10.18

Nach gut fünf Monaten Entwicklung stellt das fli4l-Team das nächste stabile Release der...

Release der stabilen fli4l Version 3.10.17

Nach gut drei Monaten Entwicklung stellt das fli4l-Team das nächste stabile Release der...

Release der stabilen fli4l Version 3.10.16

Nach gut drei Monaten Entwicklung stellt das fli4l-Team das nächste stabile Release der...

Release der stabilen fli4l Version 3.10.15

Nach gut drei Monaten Entwicklung stellt das fli4l-Team das nächste stabile Release der...

Release der stabilen fli4l Version 3.10.14

Nach gut drei Monaten Entwicklung stellt das fli4l-Team das nächste stabile Release der...

Release der stabilen fli4l Version 3.10.13

Nach gut drei Monaten Entwicklung stellt das fli4l-Team das nächste stabile Release der...

Release der stabilen fli4l Version 3.10.12

Nach etwas mehr als drei Monaten Entwicklungsphase stellt das fli4l-Team das nächste stabile...

Aktualisierung des wöchentlichen Tarballs verfügbar

Nachdem nun die neue Entwicklungsserver installiert und konfiguriert sind, nochmals vielen Dank an...

Release der stabilen fli4l Version 3.10.11

Nach knapp dreimonatiger Entwicklungsphase stellt das fli4l-Team das nächste stabile Release der...

LEG LOS! Anlaufstelle für Jugendmedienarbeit Berlin-Lichtenberg 2006-2019