upstream/opnsense-plugins
1
0
Fork 0
mirror of https://github.com/opnsense/plugins.git synced 2026-04-26 00:27:51 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
2423 commits 26 branches 284 tags 44 MiB
Commit graph

461 commits

Author SHA1 Message Date
Bill Gertz
c46695c030
security/acme-client: Add NSUPDATE_ZONE support to nsupdate DNS-01 Service (#1851) 
Add NSUPDATE_ZONE nsupdate support 

Adds new validation.dns_nsudate_zone field to implement support for NSUPDATE_ZONE. See https://github.com/acmesh-official/acme.sh/pull/1963 for more information.
 2020-05-28 15:21:08 +02:00
Ad Schellevis
72980508a7 security/stunnel prepare release version 2020-05-26 21:02:37 +02:00
Ad Schellevis
1f7654103d stunnel: new revision 2020-05-20 06:13:59 +02:00
Ad Schellevis
e845256b1a stunnel: minor bug fixes 
- used wrong pid for ident status
- reload syslog on service start
- missing condition in syslog template (hence the service reload)

for https://github.com/opnsense/plugins/issues/1829
 2020-05-20 06:11:29 +02:00
Ad Schellevis
84585d959b stunnel: minor cleanups and versioning, closes https://github.com/opnsense/plugins/issues/1829 2020-05-20 00:57:15 +02:00
Ad Schellevis
9510a17266 whitespace 2020-05-20 00:34:04 +02:00
Ad Schellevis
3d4416cf26
Stunnel: add identd (#1845) 
stunnel: add identd service and plumbing
 2020-05-22 13:12:28 +02:00
Franco Fichtner
aa8ff3e508 security/acme-client: also bump revision 2020-05-22 09:18:24 +02:00
Franco Fichtner
ee799d8c75 security/acme-client: fix #1844 2020-05-22 09:17:42 +02:00
Franco Fichtner
5c004cae08 security/tinc: bump revision after changes 2020-05-19 08:55:21 +02:00
Franco Fichtner
7f90141b60 security/stunnel: style and sync 2020-05-18 16:40:47 +02:00
Ad Schellevis
2a8b0a58ed
stunnel: initial release (#1840) 
* stunnel: boilerplate for https://github.com/opnsense/plugins/issues/1829

* stunnel: work in progress for https://github.com/opnsense/plugins/issues/1829

* stunnel: add service control and acl for https://github.com/opnsense/plugins/issues/1829

* stunnel: add cipher selection for https://github.com/opnsense/plugins/issues/1829

Since stunnel uses different parameter pairs for TLSv1.[1,2] and TLSv1.3, we'll try to sort them out in our config template.
When no TLSv1.3 ciphers are allowed, we should limit the sslVersionMax parameter as well as it seems.

* stunnel: set TLS1.2 as minimum

* stunnel: disable rc conf when no services are active https://github.com/opnsense/plugins/issues/1829

* stunnel: CRL support for https://github.com/opnsense/plugins/issues/1829

* stunnel: simplify cert creation, combine cert+key in one file. for https://github.com/opnsense/plugins/issues/1829

* stunnel: syslog and log viewer for https://github.com/opnsense/plugins/issues/1829

* stunnel: add hasync anchor, for https://github.com/opnsense/plugins/issues/1829
 2020-05-18 15:31:18 +02:00
Frank Wall
8611398aaa security/acme-client: bump version 2020-05-18 09:50:05 +02:00
Frank Wall
cf1828bc02 post merge fixes for #1838 2020-05-18 09:49:50 +02:00
Maarten den Braber
6628f93fc1 Tabs to spaces 2020-05-16 23:39:28 +02:00
Maarten den Braber
ce5c6be647 Fix formatting issue 2020-05-16 23:38:14 +02:00
Maarten den Braber
4c79d89c8f Add Acmeproxy DNS provider dialogs 2020-05-16 23:36:37 +02:00
0c67e9db29
snort-vrt: Update rulesfile (#1835) 
Update rulesfile.
2990 does not exist anymore.
29151 works best with suricata 4.1.8 and 5.0.3
 2020-05-15 11:19:53 +02:00
Franco Fichtner
c6de3851f5 plugins: style sweep 2020-05-13 08:42:51 +02:00
Ad Schellevis
faa23ffae9 Syslog-NG: add templates for https://github.com/opnsense/core/issues/4068 2020-05-12 13:55:27 +02:00
vnxme
f2db771984
security/tinc: Fix switch mode (#1733) 
* security/tinc: Allow empty subnet for switch mode

A Host class with empty self._payload['subnet'] is considered invalid (lines 38-39). Thus, we can remove self._payload['subnet'] = None from __init__() and add a check for existance to config_text().

* security/tinc: Allow empty subnet for switch mode

Set network.subnet.required and host.subnet.required to N, add a required constraint for network.subnet if network.mode is router.

* security/tinc: Trigger configctl on tinc-up

In order to support various dual-stack configs (primary IPv4/v6 assigned by VPN/Tinc and any combination of alias IPv4/v6 assigned by Firewall/VIP) we need to trigger configctl:
- Primary IPv4: /usr/local/opnsense/service/configd_ctl.py interface newip $interface
- Primary IPv6: /usr/local/opnsense/service/configd_ctl.py interface newipv6 $interface

* security/tinc: Destroy tun/tap interface on stop

Destroying tun/tap interface each time Tinc daemon stops/restarts resolves the issue of losing IPv6 network routes (see #3972).

* security/Tinc: Add a missing reference constraint

The network.mode field is now linked to the network.subnet field.

* security/Tinc: Refactor tincd.py
 2020-05-12 12:49:01 +02:00
prunkster
65abab88da security/acme-client: add support for dnsapi "Euserv.eu" 
- added option "--insecure"
- increased maximum dns sleep time
 2020-04-16 23:10:48 +02:00
Frank Wall
0b835f2510 securiy/acme-client: bump version 2020-04-14 22:34:55 +02:00
Frank Wall
83ae82d929 securiy/acme-client: add support for Leaseweb, closes #1670 2020-04-14 22:28:34 +02:00
Frank Wall
b539d1ff75 securiy/acme-client: add support for EUserv, closes #1779 2020-04-14 22:20:46 +02:00
Frank Wall
edf3633b94 securiy/acme-client: add support for SchlundTech, closes #1728 2020-04-14 22:08:42 +02:00
Jürgen Kellerer
362edb68ad security/acme-client: Added fullchain.pem filename-template to model & dialog 2020-04-11 17:36:09 +02:00
Michael
08c86edd9d
security/maltrail: disable alienvault, update changelog (#1769) 2020-04-06 18:16:17 +02:00
Jürgen Kellerer
1a06985c08 Applied USER_WHITELIST config syntax change 
Fixes the whitelist config feature in maltrail sensor.
USER_WHITELIST was changed from comma separated list to whitelist file in recent maltrail versions.
 2020-04-06 14:18:00 +02:00
Frank Wall
f1042b463b security/acme-client: bump bersion 2020-03-30 13:00:29 +02:00
Frank Wall
05a4ff8a0c security/acme-client: style fixes, refs #1753 2020-03-30 13:00:00 +02:00
Bjorn Peeters
5e760e1696
letsencrypt/upload_sftp 
add export of fullchain.pem
 2020-03-28 12:54:40 +01:00
Franco Fichtner
15b5864828 security/acme-client: bump revision for minor release 2020-03-18 08:04:24 +01:00
Kyle
4e1c83bf8f Update Github Link to Reflect Repo rename 
Updated Github Web Link to Reflect Github Repository rebrand/rename from: https://github.com/Neilpang/acme.sh to https://github.com/acmesh-official/acme.sh
 2020-03-18 06:58:51 +01:00
Franco Fichtner
c58730761d security/tinc: latest change warrants a version bump 2020-03-04 09:34:37 +01:00
Michael
58c43a9802
security/maltrail: switch python version (#1727) 2020-03-03 13:40:00 +01:00
vnxme
5d448639ed
security/tinc: fix a bug in IPv6 support (#1707) 
closes https://github.com/opnsense/plugins/issues/1686.
 2020-02-20 18:26:09 +01:00
Franco Fichtner
18bc32f3b3 plugins: serious style sweep 2020-02-13 10:42:37 +01:00
Franco Fichtner
d19b35a9d8 plugins: fix shebang foo reported by new lint check 2020-02-12 16:19:34 +01:00
Franco Fichtner
f1a69249f9 plugins: style sweep 2020-02-10 21:12:05 +01:00
Frank Wall
9e45c51384 security/acme-client: use ::1 for safekeeping, refs #1638 2019-12-30 15:29:55 +01:00
Frank Wall
11932d2967
Merge pull request #1638 from fraenki/acme_129 
security/acme-client: release 1.29
 2019-12-30 15:17:27 +01:00
Frank Wall
9e0051766d security/acme-client: add basic IPv6 support for auto port fwd, refs #1590 2019-12-29 22:32:38 +01:00
Ad Schellevis
60b2a8512b ET Pro Telemetry: exit 0 if data not of interest, extend readme a bit while here. closes https://github.com/opnsense/plugins/issues/1642 2019-12-29 11:50:44 +01:00
Michael
2203ac15c5 security/maltrail: fix remoteserver labeling (#1641) 2019-12-28 08:49:27 +01:00
Frank Wall
d00308d048 security/acme-client: prettify 2019-12-26 23:51:04 +01:00
Frank Wall
861b663b0a security/acme-client: more CloudFlare tweaks, refs #1625 2019-12-26 23:48:28 +01:00
Frank Wall
8e00362dcd security/acme-client: add support for variomedia DNS API 2019-12-26 23:36:07 +01:00
stilez
abcbc8d821 security/acme-client: Enable new DNS-01 method "pleskxml" in GUI (#1567) 2019-12-26 23:07:40 +01:00
Bill Gertz
8132099b78 security/acme-client: Add MailinaBox to Let's Encrypt Service Plugin (#1531) 2019-12-26 23:04:47 +01:00