Login  Register

Hotfix 160301 - FINAL

Posted by hans2 on Feb 24, 2016; 4:09pm
URL: https://itus.accessinnov.com/Hotfix-160301-FINAL-tp157.html

Hi all

i've been working on another hotfix that may interest you.

WARNING #1: THIS UPDATE IS NOT YET READY FOR ALL NOVICE USERS! USE AT OWN RISK (for factory reset)
WARNING #2: THESE UPDATES ASUME 1.51SP1 IS INSTALLED ON YOUR SHIELD

all transactions to install and run scripts need to be done from the CLI root.

Download the hotfix: hotfix_160309-FINAL.tgz
Download the change log: hotfix_160309-FINAL.txt
MD5SUM for this hotfix: 85a06650bfe47bf4d0c0bf641c0c35b7

12) 	= DAILY UPDATE SCRIPT FOR IPS AND WF - version 6
	> /sbin/fw_upgrade /etc/init.d/dnsmasq /etc/itus/update_blacklist.sh /etc/itus/write-categories.sh
	- added the ramdisk functionality so that temporary files are kept in memory only.
	- ref: http://itus.accessinnov.com/Update-script-fw-upgrade-td43.html


13) 	= UPDATE TO SP1 
	> /tmp/upgrade_rc_to_sp1.sh
	- updated script to use dropbox as source of updates
	- ref: http://itus.accessinnov.com/Upgrade-to-1-51SP1-td10.html

14) 	= LUCI - LAST UPDATE DISPLAY
	> /.hf_date /usr/lib/lua/luci/view/admin_status/index.htm
	- added hotfix date visiblity to LuCI
	- check Status > Overview > Firmware Version line

15) 	= LUCI - DIAGNOSTICS
	> /usr/lib/lua/luci/view/admin_network/diagnostics.htm
	- change the default diagnostics URL from itusnetworks.com to www.msftncsi.com
	- check Network > Diagnostics

16) 	= CLI - CLEANING OF OBSOLETE FILES
	> /tmp/cleanup.sh /tmp/cleanup_list CHANGED
	- archives files listed in cleanup_list into cleanup_archive.tgz
	- deletes files if the archive is created correctly
	- restarts snort to download new rules
	- run with "sh /tmp/cleanup.sh" 

17)	= BOOT - NTP AND DROPBEAR
	>  /etc/rc.local
	- force a dropbear restart 30 seconds after last bood command
	- restart NTP client after dropbear

18) 	= INIT - NTP CRON
	> /etc/init.d/ntpclient
	- set the cron job to run at midnight instead of every 10 minutes.
	- check system > scheduled tasks

19) 	= OPKG - ARCH
	> /etc/opkg.conf
	- adds the architectures for cn70xx and octeon to the package list.

20) 	= IPS - LOG PROBLEM
	> /etc/snort/snort.conf
	- disabled preproc_rules for preprocessor, decoder and sensitive date
	- ref http://itus.accessinnov.com/Speed-issue-due-to-log-size-too-big-SOLUTION-td189.html

21) 	= LUCI WF - CONTENT FILTERING OPTIONS
	> /usr/lib/lua/luci/model/cbi/e2guardian.lua
	- removed all but Ads, Malicious and Drugs from option list 
	- this is related due to limitations of fw_upgrade script

22) 	= LUCI - UTM MODE DISPLAY
	> /usr/lib/lua/luci/view/admin_status/index.htm /etc/rc.local /.shield_mode /etc/itus/detect_mode.sh
	- runs at startup detect-mode script. This determines router/bridge/gateway mode
No more: Shield Pro v1, Chaos Calmer, FW 1.51 SP1