Activity
From 02/14/2005 to 03/15/2005
03/15/2005
- 11:43 PM Revision 87362af3: * Introduce is_package_instaleld()
- * Use is_package_installed to figure out if we should install a squid rule
- 07:18 PM Revision f38dea08: Add reply-to (aka return gateway) rule support for multiple WAN support.
- And the crowd goes nuts!
- 03:08 PM Revision ade51705: Fix get_pkg_depends() description.
- 04:39 AM Revision 80933129: static arp entries are interface specific now - no longer tied to only LAN interface
- added warning that this will break communications with hosts not in dhcp table
I fully expect we'll want to move thi... - 04:05 AM Revision ee9f992c: extra </table>
- 04:04 AM Revision f1da88f6: Move static arp code around to present it cleaner
- 03:32 AM Revision 5c0538e0: Support for static ARP from Mircea Rimbu
- 03:11 AM Revision b7597d4e: Support for static ARP from Mircea Rimbu
- 02:39 AM Revision a88883ee: Add a little comment describing why you might want the gateway option
- 02:37 AM Revision f9261419: Let users change the gateway that dhcpd assigns
- Hoba, this commit is for you
03/14/2005
- 11:16 PM Revision 9620d290: Add pfsync and carp protocols
- 09:57 PM Revision 303831c6: *REALLY* convert LAN and WAN to their real interface.
- 07:26 PM Revision 58d58eb1: Version bump
- 06:04 PM Revision 6d501961: Accept the area that will be backed up instead of deafulting to filter.
- 05:34 PM Revision 014beac3: Say hello to firewall rules syncing!
- 04:41 PM Revision 435011b4: Correctly convert real interfaces to friendly names.
- 04:41 PM Revision 68d4b725: Show the interface friendly name and real interface name in interface column.
- 04:20 PM Revision a7f5febb: Correctly return lan or wan interface.
- 04:23 AM Revision 9c0ad6b1: Version bump
- 03:33 AM Revision aa1f4636: Write out all javascript updates in one batch instead of updating the uptime before the sleep statements.
- 03:06 AM Revision 09b4b95a: Correctly return lan and wan interfaces.
- 01:57 AM Revision 33f0abb1: Restore 1.2b5's captive portal. 1.2b7 + radius == boom.
- 01:40 AM Revision 12ee8fe4: * Restore pfSense custom portal page
- * Add back pre 1.2b6 headers in each file
- 01:37 AM Revision ec920231: Restore 1.2b6's captive portal.
- 01:21 AM Revision 27537c5a: Restore pfSense's custom starting page.
- 01:17 AM Revision 78b4f90f: Version bump.
- 01:08 AM Revision 1cdb8423: You've -> You have (breaks Komodos syntax highlighting for some reason)
- 01:06 AM Revision 05879a72: Sync with Pascal's latest
- 12:48 AM Revision 12bd7e25: Allowed IP addresses -> User Manager
- 12:36 AM Revision 8fc27770: Correctly display optional interfaces
- 12:34 AM Revision 2613e1cd: Sync with pascals latest
- 12:30 AM Revision 2d6c7764: Add user manager tab.
- 12:27 AM Revision 75b927d1: Add back header after Pascals sync
- 12:09 AM Revision 381118b7: * Update build time and version
- * Remove extra <br>
- 12:09 AM Revision e0092d61: Surround Base Url and Filename options in a table
- 12:04 AM Revision e54448e6: Fix new package syncing code.
- 12:01 AM Revision db7f4f2b: Use class vtable so that the bottom table element has a line drawn on it.
03/13/2005
- 11:55 PM Revision c177d6ad: Return false until the php fork bomb fiasco is solved.
- 11:39 PM Revision e0dcab6a: Oops, forgot to increment the counter.
- 11:38 PM Revision 068b8784: Have sync_all_package_configs_bootup() use the new package syncing code (it's tiny!) ;)
- 11:33 PM Revision 0e8aec0c: Move /etc/rc.prunecaptiveportal from minicron to cron
- 11:32 PM Revision 5a0c39fe: Update get_pkg_depends() to use pkgid code.
- 11:25 PM Revision f01a0942: * Call is_numeric() to determine whether $pkg_name is already a pkgid or if get_pkg_id() must be called.
- 11:14 PM Revision 879be199: * Streamline sync_package().
- * Use pkg_id instead of package name if possible (speed up calling).
* Use get_pkg_id() to provide additional... - 11:09 PM Revision 9607c2a4: Use /bin/tcsh for console option #8
- 11:08 PM Revision cc890351: Those that don't have Soekris boxes shouldn't be getting temp updates!
- 10:45 PM Revision 0b448a0b: Change default for $show_message on sync_package() from "true" to "false".
- 10:44 PM Revision 5c52313f: Add sync_package().
- 10:40 PM Revision 7197df7d: Correct the enourmous amount of bugs in php_check_syntax that was taken from .php.net
- 10:29 PM Revision fcae741f: shell_exec -> system
- 10:28 PM Revision da237b75: Back out php_check_syntax() checking of package XML before sync (still fixing bugs).
- 09:57 PM Revision df81a909: Add missing $errormessage argument.
- 09:56 PM Revision 4f30944e: use $text
- 09:54 PM Revision 677e0880: Use php_check_syntax on code before eval()
- 09:54 PM Revision a1f1ebb4: resync_package_configs_bootup(): Check code syntax with eval before syncing.
- 09:47 PM Revision 713abf34: Allow option 8 (shell) with moved /etc/rc.initial
- 09:46 PM Revision d362e213: Move /etc/rc.initial to .shrc
- 09:40 PM Revision ee8f4a58: * Add php_check_syntax()
- * Add php_check_filename_syntax()
- 08:58 PM Revision 89388840: We now use .shrc instead of .tschrc
- 08:57 PM Revision 46624b94: MIssing ;
- 08:48 PM Revision b31effd8: Add MPD l2tpd netgraph module.
- 08:15 PM Revision 69067dd8: Version bump
- 08:13 PM Revision 87c8f2c9: Sync with Pascal's latest versin
- 08:01 PM Revision 3aed9904: * Change .img -> .tgz
- * Break between Invoke pfSense auto and Manual sections
- 06:02 PM Revision e99d11e3: Add nf@bigpond.net.au http_post function.
- 07:12 AM Revision 2e564f1a: memusagemeter not memmeter
- 06:45 AM Revision 71bceee7: Created functions for most graphs (memory isn't done yet) to remove some code duplication
- Temp graph, mem graph, and uptime are now dynamic (inline with cpu usage)
swap still needs to be done (maybe config c... - 05:46 AM Revision 75616b00: stub in net4801 temp monitor - this needs work
- touch /etc/48xx if you want to play
- 12:24 AM Revision 013c1fb0: * Use /bin/sh for root login
- * Use /bin/csh for option 8 shell to avoid respawning the /etc/rc.inintial script
* Allow scp to firewall now correctly - 12:05 AM Revision 3f458b41: Use su -f root to enable shell mode now that we have changed how /etc/rc.initial is started
03/12/2005
- 11:45 PM Revision 0f0d41dd: Use CSH since its more flexible with su.
- 11:44 PM Revision cdcfa555: ...and a ).
- 11:43 PM Revision 2696882b: Whoops, missed a ;.
- 11:41 PM Revision 5f9be1c6: Add $return_nosync argument to get_pkg_depends() to properly detect <nosync> flag in <additional_files_needed>.
- 11:30 PM Revision 2f93431c: Use isset() instead of != "".
- 11:28 PM Revision fe82bc16: Add <nosync> flag to <packagegui> and <additional_files_needed>.
- 11:21 PM Revision 3a91da2d: Use regular shell and call console menu from .shrc
- 09:07 PM Revision 2b2bab8d: Newline after Starting INETD and FTP Helpers for FTP-PROXY... message
- 09:06 PM Revision b2981d7a: No need for duplicate starting ssh messages
- 08:46 PM Revision 8abafff5: Version bump.
- 08:22 PM Revision 832f1b83: Correctly backup and restore config sections.
- 07:26 PM Revision 009c7905: Add <prefix> and <suffix> tags to <adddeleteeditfields>.
- 07:19 PM Revision f4a90903: touch up alternate firmware option a little
- 07:06 PM Revision a509ff63: custom firmware URLs
- 07:05 PM Revision aaae6e26: When assigning the array back to $config, use the pointer on the source.
- 07:02 PM Revision f8891a0f: * Add backup_config_section which returns as an array a portion of the xml configuration.
- * Add restore_config_section which accepts a config array and will write out the overwritten section
- 06:02 PM Revision 8840eb5f: Helps to test first :-/
- 05:52 PM Revision f1b02597: Stub in changes that will allow for custom firmware URLs
- 06:08 AM Revision dc1c5504: Version bump
- 05:46 AM Revision 03fb5c37: use relative url
- 05:44 AM Revision 6bb5c9aa: Client side input validation for the wizard
- Fix invalid domain name bug
- 05:34 AM Revision 0d34044c: Fix get_pkg_depends() (and add a few more features).
- 04:01 AM Revision aa08f46b: Make auto upgrade more obvious and make firmware screen a little cleaner
- 03:45 AM Revision b9e255dd: Remove some code duplication
- 03:38 AM Revision e95c754f: more variable cleanup
- 03:24 AM Revision b7f01f59: variable cleanup
- 03:03 AM Revision 128f6a3e: Let user SSH in as admin instead of root only (requested for consistency)
- Full path to sshd
- 01:25 AM Revision 099fa54a: Make sure item is an array.
- 12:08 AM Revision d86e29e5: Do not foreach item unless its an array.
- 12:04 AM Revision 3960e556: get_package_depends() -> get_pkg_depends (shorter and more consistent)
- 12:02 AM Revision 5dac430f: Use lowercase interface name
- 12:00 AM Revision dd9e33d1: Fix bugginess and change get_pkg_xml_depends -> get_pkg_depends.
03/11/2005
- 11:58 PM Revision 2bccc5fc: Properly handle a mix of both package XML and other package dependencies.
- 11:39 PM Revision 5ffe0815: get_package_xml_depends() -> get_package_depends() (add handling of different filetypes, chmods, prefixes, etc)
- 11:25 PM Revision b39f5ac4: Populate interface drop down with the correct selected interface when editing a package record.
- 10:52 PM Revision 2c72155e: Version bump
- 10:50 PM Revision 401e59a9: Return optional interfaces correctly in convert_friendly_interface_to_real_interface_name
- 09:41 PM Revision bc5d2a26: Simplify filter_translate_type_to_real_interface
- 09:41 PM Revision 4471b3a1: Move filter_translate_type_to_real_interface to pfsense-utils.inc
- 09:21 PM Revision 0ad0f98c: Correctly return the wan interface.
- 07:23 PM Revision 3f852e00: Use scrub on {$wanif} reassemble tcp random-id
- 06:32 PM Revision 2bdbc899: fix typo (must have been asleep randing?) and removed extra sysctl that we already do
- 05:57 PM Revision df9f94d6: Add Greg's sysctl suggestions sent to discussion group.
- 04:10 PM Revision 1ab20834: Do not define redeclare execute_command_return_output() in this file.
- It has been moved to pfsense-utils.inc.
03/10/2005
- 06:10 PM Revision 8728dfcf: Version bump
- 05:50 PM Revision 5c60c947: Mark booting as done at the end of rc.bootup
- 05:45 AM Revision fea323ac: Correct System tab url
- 05:39 AM Revision 824b7b12: Swap ipsec and filtter urls
- 05:19 AM Revision 88f66e13: Move default gateway out of wan config to system config (leave in gui though)
- Remove scheduler config from interfaces
Bump config file version to 1.5 - 04:09 AM Revision 2f948e1c: * Update get_package_xml_depends() with code that actually works ;)
- 04:03 AM Revision 3b7fa3d8: remove unused vars
- 03:40 AM Revision e04de720: Use depend name from package XML instead of (possibly inaccurate) stripped filename.
- 03:37 AM Revision d0e48055: * Update get_package_xml_depends($pkg_name, $format) to output dependencies as filenames or names.
- 03:22 AM Revision 7ebb7114: Add `grep -v grep` to is_service_running() and change threshold to >0.
- 03:20 AM Revision be132052: Change resync_all_package_configs_bootup() to display the package being synced before it beings calling eval().
- 03:16 AM Revision fbc24b62: * get_package_xml_depends($pkg_name): Return a package's XML dependencies (additional tabs etc)
- * reverse_strrchr($haystack, $needle): Return everything in $haystack up to the *last* instance of $needle.
- 02:00 AM Revision 30310ccb: Versino bump
- 01:58 AM Revision 9a4bda51: Update ipsec url
- 01:56 AM Revision 2cb1eb4e: Adjust tab ordering
- 01:54 AM Revision 32887d33: * Add IPSEC logging tab.
- * Do not log IPSEC in System any longer
- 01:14 AM Revision 00aab3df: Really correctly output correct number of records chosen on "pretty" rules mode
- 01:07 AM Revision e6869816: Correctly output correct number of records chosen on "pretty" rules mode
- 01:00 AM Revision 530347ed: Do not include rules where the destination is HBH
03/09/2005
- 11:44 PM Revision 1bf88d39: Version bump
- 11:09 PM Revision 61c25e53: Ignore interface mistmatch checks if either interface uses a vlan
- 10:48 PM Revision 257ff0ff: Missing colon
- 10:24 PM Revision 8d568a9b: global $g is needed here.
- 10:23 PM Revision 705f8b3b: * Correctly start inetd
- * Version bump
- 09:02 PM Revision 44dc32e4: Add is_service_running()
- 07:00 PM Revision 54f4caed: Correctly convert a friendly interface name (DESCRIPTION) to the real interface id for optional interfaces
- 06:49 PM Revision 31a82233: Only setup link0 during booting process.
- 06:36 PM Revision 1df2c915: Version bump
03/08/2005
- 10:15 PM Revision 5e2dee07: Correct the logic that decides if a queue is a parent.
- 06:28 PM Revision 480d71dc: Sync with 1.2b6 which would extended radius patch requires.
- 06:19 PM Revision 269239d7: Revert back to 1.2b3 now that we are using a different radius patch.
- 05:49 PM Revision dd78523c: Add ftp-sesame ftp helper.
- 04:43 PM Revision 01b64593: Restore the pfSense default captive portal page.
- 04:27 PM Revision 6c764823: Remove invalid priority name emerg.*
- 04:02 PM Revision 0bd2b2fe: Version bump
- 07:14 AM Revision 186a42b0: DHCP on wan interface should now work
- dhclient is nice and creates /etc/resolv.conf, which we used to just blow away
- 04:02 AM Revision 908ee218: * Add enable_peruserbw() to determine whether or not per-user bandwidth fields should be grayed out.
- * Call this from enable_change() to set these values when the page is first accessed.
- 03:56 AM Revision 7b4b2eb7: * Add enable_https() to determine whether or not https-specific fields should be grayed out.
- * Call enable_https() from enable_change() to set these values when the page is first accessed.
- 03:46 AM Revision 0d9985d2: * Modify auth_method_change() to determine whether or not RADIUS-specific fields should be grayed out.
- * Call auth_method_change() along with enable_change() to set these values when the page is first accessed.
- 03:25 AM Revision cb7d3b13: Properly gray out all fields when captive portal is disabled.
- 03:18 AM Revision 56961bd8: bwauthmacdn -> bwauthmacup (accidentally defined twice)
- 03:10 AM Revision 5bc18ff3: Proofreading.
- 03:03 AM Revision 68bf6021: Add Dsiable Rendevouz option
- 02:34 AM Revision 3f345054: Update email address at the request of the author.
- 02:07 AM Revision a35e2c45: Adding mDNSResponder. Apple's "Rendevouz" aka "Bonjour" technology.
03/07/2005
- 11:40 PM Revision 3d8deb41: Add pfSense header back. 1.2b6 has moved the header information to fbegin.inc
- 11:18 PM Revision c50411a2: Add User Manager link since I opted to not import fbegin.inc from Pascal's copy
- 11:16 PM Revision c2f1cad3: Versin bump
- 11:12 PM Revision 9699028a: Add local user manager code imported from Pascal Suter's m0n0wall developers group message.
- 09:22 PM Revision 90b7aa76: No need to kill pfctl
- 09:21 PM Revision a58f93ad: Woops, redirec to index.cgi
- 09:19 PM Revision df5eae58: Redirect back to the main status page after 120 updates
- 06:43 AM Revision 27ce9664: Version bump
- 05:20 AM Revision 206b778b: text formatting, right alignment looks better
- 04:43 AM Revision 27a84244: Load the bogon list after fetching
- 03:30 AM Revision 9bec0abc: Remove bash from /etc/shells (it isn't installed).
- 03:27 AM Revision 4cab8af9: Trim rc.packages output.
- 03:15 AM Revision efc68cca: break text fields out a bit
- 03:05 AM Revision 1dc18caa: Fix additional item syncing.
- 02:58 AM Revision e4ae3e09: Take queue names for edit
- 02:40 AM Revision 54405438: no pipes, just queues
- 02:37 AM Revision 6f3f9da6: queues, not pipes
- 02:36 AM Revision d1e3f40f: We don't use pipes, just queues
- 02:26 AM Revision 9c0ad35c: * If style cleanups
- * Break comment into multiple lines
* Full path to sleep and killall - 02:22 AM Revision 122a9c39: |${drops} -> |{$drops}
- 02:19 AM Revision fa35df12: * Full path to killall
- * Extra i in regex
- 02:08 AM Revision e93903c7: Add checking of additional item XML.
- 02:02 AM Revision 04e6e7b7: Add dropped packet stats
- 01:38 AM Revision 81ae6cb0: Change table to not have a width 100% flag
- 01:37 AM Revision 4bed294c: add suspend stats
- 01:16 AM Revision 05eeface: Increase the size so we can see all the borrows :)
- 01:07 AM Revision 95736b54: Add note field
- 12:57 AM Revision c5d63426: Merge in firewall_shaper_queues updates
- 12:54 AM Revision a82f5c1e: Version bump
- 12:51 AM Revision d62682bd: And make visible
- 12:50 AM Revision aa280d10: Add queue graphs to a status page
- 12:46 AM Revision 4f335a1b: Add reset link that kills pfctl and php
- 12:24 AM Revision efc110cf: cut at 15 chars not 14
- 12:21 AM Revision 801d649b: Don't let the user enter more than 15 characters if we only expect 15 characters (even if this is enforced in the backend)
03/06/2005
- 11:25 PM Revision 8e8588e1: Version bump.
- 11:19 PM Revision 63562b76: Really upgrade m0n0wall -> pfsense during configuration restore
- 11:11 PM Revision 1717b51f: is_subqueue returns 1 if an item is a subqueue
- 08:17 PM Revision 89cc63ee: shaper, not filter is dirty
- 08:09 PM Revision a722f381: missed a cell
- 08:07 PM Revision 0ceb8927: Wheee...shaper rule movage :)
- 07:41 PM Revision 2854d35a: Simplify is_subqueue if logic
- 07:40 PM Revision 90779bf7: is_subqueue() returns 1 if the item is a subqeueu
- 06:57 PM Revision e1807fbf: Version bump
- 06:50 PM Revision 01e8633b: Do not redirect if preoutput is setup
- 06:43 PM Revision b630b62d: Use /tmp
- 06:41 PM Revision 609384f6: Bump maximum upload size to 16 megs
- 07:01 AM Revision 2e0bd0ad: Back out periodic package sweeping until I can test it.
- 06:48 AM Revision c8e6c4ef: Add periodic package sweeping to crontab.
- 06:31 AM Revision b7c502bb: * Minor style cleanups.
- * Add sweep_package_processes() to workaround those packages that do not automatically kill processes (iperf and neti...
- 05:50 AM Revision 13c37b77: Version bump
- 05:34 AM Revision 83a43b5f: Update our default SSL certificate
- 04:54 AM Revision 107eb8b0: Meta refresh every 40 * 5 seconds
- 04:00 AM Revision e90bc39f: Kill any running pfctl before extracting stats
- 03:59 AM Revision 8563e5de: Revert this commit. It broke ALTQ!
- 03:51 AM Revision 75333cf9: Recover from hung pfctl
- 03:34 AM Revision 5de92d20: Hide table if pf is disabled
- 03:33 AM Revision 18d4df52: Only show fast routing option if pf is disabled (routing only mode).
- 03:27 AM Revision 58eb3a73: Make sure the graph and status text cannot break
- 03:22 AM Revision e4d2f651: Version bump
- 03:20 AM Revision 02e5eeff: Kill pfctl during redirect
- 03:19 AM Revision ff0e10d8: Lower redirect cycles to 100
- 03:19 AM Revision 8217e5e0: Add borrows indicators
- 03:10 AM Revision b9000512: Add Flags column
- 02:53 AM Revision d3b645fc: * Link Priority based queueing to OpenBSD's pf faq
- * Link Class based queueing to OpenBSD's faq
- 02:49 AM Revision 7bfea962: * Link Random Early Detection to OpenBSD's pf faq
- * Link Random Early Detection In and Out to OpenBSD's faq
* Link Explicit Congestion Notification to OpenBSD's faq - 02:45 AM Revision 1866bb19: Increase the size of the graph status column to 17 to allow the / to become /s
- 02:37 AM Revision 6a153733: Add a flag to gather_altq_queue_stats to allow the returning of the root queues
- 02:28 AM Revision 76177335: * Kill any occurance of pfctl before invoking pfctl
- * Fix spelling mistake in comment
- 01:38 AM Revision 97f6d48f: Add ICMP6 as a supported porotocol type.
03/05/2005
- 11:35 PM Revision c4ced4c1: Note that the first value in queue graph is pps
- 10:54 PM Revision fccb044c: * Modify queue graph to show the amount of bandwidth going through each queue compared to total bandwidth
- * Add current queue traffic speed
- 10:03 PM Revision b45ea709: Add queue graph support.
- TODO: Show parent / child relationship and graph upon the total of the parent/child.
- 09:08 PM Revision 257306c0: Add Basic LB support (and altq rulenum changes)
- 09:04 PM Revision 08443c7a: Update arp table before decide for a missing arp entry
- 07:47 PM Revision 00bcbdd0: inbound nat can now be reordered
- 07:36 PM Revision 3364bed4: missing </td>
- 07:29 PM Revision e8c2c890: whitespace cleanup
- 07:10 PM Revision bac92999: Version bump
- 03:47 PM Revision 3f57ceee: Merge in firewall_rules changes
- 03:40 PM Revision e5d26806: remove hard coded value now that we have a better more dynamic way to detect the "right" cell
- 03:06 PM Revision d0ae0d04: dynamic detection of cell count
- 04:07 AM Revision 6a8d35ca: Move row selecting javascript into it's own file so we can use it in other screens
- 03:28 AM Revision 3830eba6: Switch DiffServ over to lowdelay
- 02:06 AM Revision ac8e667c: Version bump
- 02:04 AM Revision 6f175144: Add diffserv support.
- 01:17 AM Revision d498aad1: Get rid of extra space at the end of the file that Komodo likes to install on its own from time to time.
- 01:16 AM Revision c99b621a: Do not send carp traffic through the packet shaper.
03/04/2005
- 10:49 PM Revision 8e9b111f: Classify incoming LAN traffic from the WAN interrface
- 07:57 PM Revision 45049884: Version bump
- 07:33 PM Revision ca32eee9: Echo done when booting.
- 07:18 PM Revision b68486c8: Missing ;
- 06:38 PM Revision 8ce98650: Version bump
- 04:51 PM Revision 36fcb5d4: move ssh lockout outside of the foreach user rule loop so we only have one instance of the rule
- 04:47 PM Revision 355229d0: typo
- 04:44 PM Revision 38560a25: Make RFC959 data port workaround configurable - default to disabled
- 03:22 PM Revision 7fbc79b1: broke ftp rule with last commit - fix
- 03:22 PM Revision b471fd16: Fix ssh lockout rule
- 02:54 PM Revision 28536efd: Fix ftp servers that violate RFC 959 (we aren't Checkpoint, we've got better technology) - this should be a flag under "advanced" though I think
- 12:25 AM Revision bd4469ce: Move ssh-disable rule to end of the ruleset.
03/03/2005
- 11:20 PM Revision 65465a3c: Toggle OS dropdown off and on when a TCP rule is enabled or disabled.
- 10:28 PM Revision d2adfedd: Version bump
- 10:24 PM Revision 37e2071c: * Add header with CSS at top (m0n0wall apparently moved this to fbeing.inc)
- * Change the colors to pfSense
* Thanks to Colin for doing all the hard work :) - 09:59 PM Revision 4442414b: Add needed newline
- 07:47 PM Revision 48111b40: -e -> -r
- 07:47 PM Revision cbd61550: If /tmp/custom.tgz exists, allow it to overwrite the upgrade. This can be useful if you do not wish to upgrade a certain part of pfSense.
- 06:37 PM Revision 5205ac4c: Turn console off even though it was commented out
- 06:26 PM Revision 8f7a54cf: Correct sshlockout_pf location.
- 06:25 PM Revision 8065a016: Hook in sshlockout_pf
- 05:24 PM Revision 17c5de59: Version bump. Fixes PPPOE issues reported by Illu
- 05:23 PM Revision 1e292fc1: Be more careful with MTU value. Extract the integer value and ensure the item IS a integer before using the value.
- 04:51 PM Revision 2711dca0: If no ip is assigned, wrap the second interface with ()
- 04:16 PM Revision 2cb454db: Version bump
- 04:14 PM Revision 9886adc8: Do not setup an outgoing rule if an interface lacks an ip address.
- 04:10 PM Revision b1990640: Do a better check on $config['interfaces']['wan']['mtu'], making sure an actual value exists
- 02:32 AM Revision f7ad479f: Backout this commit until I can further control the outgoing ip.
- 02:16 AM Revision 3216d4ba: Racoon interface listen selection
- 02:15 AM Revision b73cc056: Allow setting of racoon listening interface on the ipsec vpn screen. This allows failover vpn!
- 12:53 AM Revision 7e98bb78: * Output more diagnostic messages during sync.
- * Only call the packages custom_php_resync_config_command
- 12:50 AM Revision 05d7b2ec: Show which packages we are syncing
- 12:48 AM Revision a1d461d6: Turn dns resolution off on SSHD
- 12:39 AM Revision 393c55ad: Seperate the outputting of /tmp/rules.debug into its own statement
- 12:08 AM Revision 4194a9a6: Version bump.
- 12:07 AM Revision ceff1717: * Use additional is_array checking
- * Full path to cat
- 12:04 AM Revision 833f94fc: Treat line_split as an array
03/02/2005
- 11:30 PM Revision ac55a709: Version bump
- 11:27 PM Revision 559911e1: Add LAN option for redirects aka inbound nat.
- 11:13 PM Revision cae1695e: m0n0wall homepage -> pfSense handbook
- 11:08 PM Revision 7c603497: Correctly sync package configurations on bootup.
- 09:34 PM Revision e913e572: Pass true to resync_all_package_configs_bootup
- 08:35 PM Revision 8be60f21: Do not update os type unless its defined in the rule.
- 08:28 PM Revision 038aa597: Try to output the line # that errors out.
- 06:32 PM Revision 55be70e6: * Add convert_friendly_interface_to_real_interface_name
- 06:24 PM Revision 4831ce13: Instead of hard coding an interface address, use the friendly name in packages.
- 06:04 PM Revision 0d7c85a6: Correctly handle additional_files_needed now that its an array type.
- 05:46 PM Revision e0f91f5f: Missing } on newly added resync_all_package_configs_bootup()
- 05:18 PM Revision 1641e931: Bump version to 0.45
- 05:17 PM Revision 3c338e4d: * Reset $pkg_chmod variable on each loop
- * Actually invoke chmod command if needed
- 03:41 AM Revision ab0a8f88: Whoops, forgot to add rc.packages before commit.
- 03:40 AM Revision 238f6962: * rc_packages -> rc.packages (hooks changed appropriately)
- * resync_all_packages_config -> resync_all_package_configs (hooks changed appropriately)
* Add fetching of missing pa... - 02:22 AM Revision c410cf55: Use connection_aborted to detect if client still has index.php open. Use a 3 second sleep loop to DYNAMICALLY update the cpu status meter. Who needs SVG?
- 02:18 AM Revision 4d943b2f: Version bump. Include a subversion, too!
- 02:11 AM Revision 7b8d63bd: Show user that the cpu percentage will automatically be updated in 3 seconds
- 02:03 AM Revision 795ca78b: Turn the stats line into a comment for further debugging if need be.
- 02:02 AM Revision 275c4932: Add 1 to each value to make sure we dont divide by 0. grape's math teacher thanks us.
- 01:43 AM Revision a30afc6a: Do not interate installedpackages if they dont exist.
- 01:26 AM Revision d4022785: * Add prefix option to additional_files_needed
- * Add chmod option to additional_files_needed
- 01:19 AM Revision 3e08b3c1: Hook in rc_packages
- 01:18 AM Revision 4fa9d187: Move resync_all_packages_config to our utilities area
- 12:56 AM Revision 8d8f27a1: Correctly return the number of created carp interfaces.
- 12:11 AM Revision 8dbbc3ed: Do not sleep for 3 seconds during the pages initial load. Instead sleep after the entire page has been rendered to find the cpu usage and use some javascript kung-fu to set the graphs accordingly
03/01/2005
- 08:27 PM Revision 17f1b3b4: Version bump
- 05:32 PM Revision 2b2de692: If an error occurs, exit with 1, not 0
- 05:23 PM Revision 99970541: Add proxy_auth_username and proxy_auth_password system tags which will control the auto upgrade process if a proxy server is involved.
- Currently this is a hidden variable (similar to the way m0n0wall functions) but will have a GUI written if there is e...
- 05:49 AM Revision f3d37000: Detect when either md5 cannot be downloaded, log a message to syslog and bail.
- 04:46 AM Revision 5c436a44: Fix boolean mistake for rules using OS signatures
- 04:44 AM Revision fc5e6f70: it helps if you use the write sysctl to enable bridging
- bridging should now work
- 04:07 AM Revision 6bc14bfb: Better way to run ftp-proxy - works for people with wierd NAT configs (like me)
- 02:55 AM Revision 1fc6d183: Seperate autodetection out of previous function
- 02:26 AM Revision d8dc587b: vlan_setup needs an interface list
- 01:59 AM Revision e522f83c: Correct the vlan_setup function.
- 01:32 AM Revision baf888d1: Tighten up column sizes. Do not show a port : seperator if the entry does not contain a port.
- 01:27 AM Revision c6279195: Convert the period seperator on the port to :
- 01:21 AM Revision d8aba9c4: Remove stray , in some records
- 01:19 AM Revision 2fbde004: Speed up convert_real_interface_to_friendly_interface_name
- 12:33 AM Revision 539d3633: Further cleanup firewall logs
- 12:29 AM Revision f6a7ef1f: Do not rely on ifconfig to discover a friendly interface name
02/28/2005
- 11:30 PM Revision 2d34d9c6: Version bump
- 11:29 PM Revision 740dac81: Insert a non-breaking space to make sure the border does not get broken.
- 06:54 PM Revision 24452897: Make sure there are spaces between carp itnerface names
- 06:40 PM Revision 76e89143: revert pptp server back to 16 addresses until we can deterimine why the out of resources (tuning) message appeared for Joerg.
- 06:29 PM Revision cc869478: Cleanup non-raw filter logs so more.
- 03:45 AM Revision e33c8694: We can now put OS filtering in rules
- 02:42 AM Revision ec4940b9: clean up ICMP types
- 02:13 AM Revision 8361098b: Make rules for icmp echo work
- 01:07 AM Revision 011320c6: Bump version to 0.43
- 12:57 AM Revision c1666878: We need to global $config since moving the set lan functions
- 12:53 AM Revision 6395d5fa: Alert user which interface is mismatched
- 12:49 AM Revision 26ad1de1: more path cleanup
- 12:34 AM Revision bc328042: fix
- 12:18 AM Revision 6ee4c02f: Renable interface assignment check code.
- 12:16 AM Revision dc3c40b1: no need to use rm - php has unlink()
02/27/2005
- 11:48 PM Revision c8c2bf0f: more paths
- 11:45 PM Revision 6c9927fd: more path cleanup
- 10:41 PM Revision 0035d7a6: more hardcoded paths cleanup
- 08:51 PM Revision 960e4d4f: CORRECTLY use verifyinstalledpkg tag if defined
- 08:27 PM Revision 3059e7ee: Use Actually use verifyinstalledpkg flag if its defined
- 08:26 PM Revision 131781ba: Add verifyinstalledpkg tag. This tag can be used to verify a different package has been installed veruses always relying on the package name.
- 08:06 PM Revision e49c7b22: more hardcoded paths
- 07:59 PM Revision 0da051a8: cleanup another hardcoded path
- 07:49 PM Revision 1d169baa: Hardcoded /tmp cleanup
- 05:55 AM Revision ac892191: To the moon, alice! We've been in 2005 for some time.
02/26/2005
- 11:24 PM Revision 87f9d450: Notify user when updating filter rules
- 09:47 PM Revision 48b9fcc6: Allow for parent / child queue relationships when using cbq
- 08:33 PM Revision 89d77d88: Remove "Please note that pfSense does not adjust firewall rules when a package is installed. This is left for the end user." warning since its no longer completely true
- 07:49 PM Revision 5cd30ac3: Process before form events
- 07:26 PM Revision 4b4d5996: cat y out to pkg_add to automatically answer any nagging questions
- 07:08 PM Revision e08000ce: Version bump
- 06:22 PM Revision 529d8393: \ -> \n
- 08:50 AM Revision e900059c: Disable auto-configure menu
- 08:36 AM Revision 96e23e3e: Adhere to previous inerface when needed
- 08:21 AM Revision 83661f77: Mor strict false usage
- 07:07 AM Revision 471eea26: Add comments now that we can strip comments :)
- 07:00 AM Revision ec9715f5: add a comment and some minor rule cleanup
- 06:48 AM Revision 2acf6c59: Use <> around table names
- 05:37 AM Revision 70e6ec79: sync passwd file with master.passwd
- make ftp-proxy work
- 04:58 AM Revision 87223375: Fix pppoe
- 04:56 AM Revision 28c72c13: Remove spamd table for the time being
- 04:31 AM Revision 1677823e: Add version to status column
- 04:08 AM Revision cf407317: do not forward requests for the lanip to squid
- 03:55 AM Revision 74799460: Woops, thats a table, not anchor
- 03:52 AM Revision ae3ffcee: Add spamd anchor used by spamd package
- 03:33 AM Revision 264e3091: Version bump to 0.41
- 03:14 AM Revision ae22f4f8: use false paramater
- 03:01 AM Revision ad92c604: fix serial console
- 02:56 AM Revision b82430a4: missing brace
- 02:25 AM Revision 763f6238: Clean up comments
- 02:01 AM Revision cdd6648a: Randomize grabbing the bogons file to 3000 minutes to somewhat distribute all of the pfSense installed base from hitting at the same time ;)
- 01:53 AM Revision 86ef739d: Add custom pfsense crontab
- 01:45 AM Revision ff1955ee: Enable bogon filtering
- 01:41 AM Revision d7375115: * Correctly deterimine if an interface does not exist
- 01:36 AM Revision bb17ff99: * global the $noreboot variable
- * do not tell the user the firewall will reboot if $noreboot is set.
- 01:24 AM Revision 0dd62c88: strip (#) comments out of files
02/25/2005
- 11:43 PM Revision 98b77940: If line begins with #, unset it
- 11:13 PM Revision e3f41a28: * back out \$ interface change
- * do not return () around interfaces
- 11:03 PM Revision 03897028: Macros do not need $ in front of them in the ruleset.
- Pointy-hat-to: me
- 10:43 PM Revision afe53428: * Move the set networking interfaces code into a function in config.inc. Call this function instead of requiring the rc.initial.setports file
- * Alter rc.initial.setports to call the set_networking_interfaces_ports() function
- 10:25 PM Revision b425d956: * Require rc.initial.setports if first boot
- * Do not reboot if setting ports on first boot
- 10:09 PM Revision d8368993: Use system instead of mwexec
- 09:59 PM Revision afde8c22: Extra )
- 09:48 PM Revision 7c231abb: Extra ]
- 09:37 PM Revision aa01f2f2: On bootup, if the interfaces dont exist run the set interface wizard.
- 09:34 PM Revision 9ad7c609: If the wan or lan interface does not match the defined interfaces, ie: one of them doesnt exist, then do not setup the filter rules.
- 09:15 PM Revision 38833ef2: Alert user of final firewall rules pass
- 08:55 PM Revision e3939e20: * Full path to cut and grep
- * global $config in many missed locations
- 08:40 PM Revision b964717d: Do not parse aliases entries unless they are defined
- 05:30 PM Revision c0c8d62c: * Raise upload max filesize to 16M
- * Raise post_max_size to 15M
- 05:19 AM Revision f1bccb83: turn on some of the "security" sysctls
- 04:31 AM Revision 1e137ab5: comment
- 04:28 AM Revision fe693b89: IPSec passthru option is finally here
- 02:56 AM Revision a93456b5: typo - really allow for hardware accel.
- 12:37 AM Revision c9b4da10: * Correct variable mispelling in pfsense-utils.inc
- * Correct a missing brace in interfaces.inc
02/24/2005
- 08:33 PM Revision 7acb6516: Do not create an outgoing rule if there is no ip on the interface.
- 08:26 PM Revision 387ce517: Revert back to 1.162
- 08:07 PM Revision 86f3fc00: Run custom_php_command_before_form commands before
- custom_php_resync_config_command if they exist
- 07:39 PM Revision 179c1422: Version bump
- 07:24 PM Revision 32d60bd2: * Continue wrapping interfaces around ()
- * Convert $wanif variables to pf macro "wan"
* Convert $lanif variables to pf macro "lan" - 07:06 PM Revision ed059571: * Cleanup carp code. Add a function to show how many carp interfaces are currently created.
- * Add () around interfaces for bridging code
* Add link 0 (hardware acceleration) features for fxp chipsets - 06:36 AM Revision 0abcd86e: Fix rules with state type of "none"
- 05:54 AM Revision bf648679: spelling
- 05:54 AM Revision 87b10bed: spelling mistake and whitespace cleanup
- 05:47 AM Revision 9c96aff5: We can now reorder outbound NATs (just like rules!)
02/23/2005
- 11:17 PM Revision 4983ed8c: Do not query interface if it does not exist.
- 09:18 PM Revision aab57926: Correctly handle the new "Do not backup packages" flag
- 08:12 PM Revision 60e440fa: Move carp rules to carp_rules.sh (in the package) and use the new package framework.
- 08:11 PM Revision 962f7d25: make sure carp interface exists before querying
- 06:37 AM Revision 737ae333: Link aliases to all carp interfaces that are in the same subnet
- 06:02 AM Revision 38e5dd7a: Add packageearly and packagelate anchors
- 05:41 AM Revision a1ad1bc3: Allow package plugins to adjust rules
- 05:09 AM Revision 6944dd73: Bump to 0.39
- 05:07 AM Revision fa65a62b: Automatically assign carp aliases with a ip on the same subnet to a interface.
- Example:
lan = "{ fxp1 carp0 }"
wan = "{ fxp0 carp1 }" - 04:01 AM Revision f8269a6f: Correctly find carp interface
- 03:42 AM Revision ffeca18d: Redirect all errors and package messages to /tmp/bootup_messages
- 03:30 AM Revision 4fd67658: Eliminate extra white space
- 03:18 AM Revision 8c8e6792: Use full path to pfctl
- 03:15 AM Revision dbf71e78: Add a anchor for carp rules
- 02:37 AM Revision a35f1242: Add label to add_rule_to_anchor
- 02:29 AM Revision 0f076aac: use anchor:anchorname when adding rules to anchors
- 12:10 AM Revision 5e9e6ea2: Sync pfSense CSS with m0n0wall latest.
02/22/2005
- 05:59 PM Revision 334d3f76: Version bump to 0.38
- 05:28 PM Revision 802dc5c8: Cleanup extra > shell rc.d system
- 04:47 PM Revision c22767b1: Only allow tcp rules to use alternate keep state methods
- 04:39 PM Revision 0cf0ddc9: fix comment
- 03:23 PM Revision baa9ee83: fix nat port ranges
- 04:59 AM Revision 83590259: Rever last commit
- 04:44 AM Revision ce079950: Fix link autodetection from console.
- 04:23 AM Revision e67f187a: * replace \n with ""
- 03:49 AM Revision 7ceda01f: more /tmp cleanup
- 03:40 AM Revision 5f48ff22: fix typo and found another place /tmp is referenced w/out using global
- 03:40 AM Revision 092e139f: * Bump to 0.37-PRESIDENTS-SPECIAL before midnight.
- 02:00 AM Revision e8074dcd: More standardization
- 01:29 AM Revision cad11f37: Standardization
- 01:26 AM Revision d76f9696: Firewall optimization text was wrong.
- 12:57 AM Revision 10681748: alias table is above, not below note
- 12:45 AM Revision 70069758: Don't disclose SNMP community strings
- 12:21 AM Revision 6f300c68: typo (spoopf -> spoof)
02/21/2005
- 08:14 PM Revision f8ae763c: Remoev rebootbox css. it is not W3C standard.
- 08:09 PM Revision 760c1366: Remove trailing blank lines
- 07:53 PM Revision 5f9b482f: global g$ in fetch_latest_pkg_config()
- 07:48 PM Revision dd62c2d4: Correct form post to url
- 04:02 PM Revision 5b7c423b: Correct deterimine the wan interface and get its ip.
- 05:42 AM Revision 2b246073: Fix package version checking.
- 05:26 AM Revision d66016a3: Fix pkg_config.xml updater.
- 05:21 AM Revision 86437131: Add pkg_config_location to globals.
- 04:37 AM Revision c87c2fb0: * Extra )
- Reported-by: colin
- 12:53 AM Revision 64a7d46a: really make nat port maps work
- 12:44 AM Revision fc2f4559: * Add blank sysctl.conf file
- 12:29 AM Revision 9a720b88: * Update outgoing firewall rule logic.
- Suggested-by: billm
- 12:03 AM Revision 3a003406: * Add version column with upgrade link
02/20/2005
- 10:28 PM Revision 0025d774: Add upgrade package support. Still needs an indicator on the installed packages screen.
- 10:07 PM Revision 0d838955: temp fix for pppoe; physical iface has no IP, rules bound to it fail
- 09:57 PM Revision 89f7e23c: * missing )
- * Typo in mwexec
* Only issue sysctl if it contains a value - 09:41 PM Revision 3ff9d424: Add support for /etc/sysctl.conf
- 09:19 PM Revision 06e2627e: Clean up package manager. Move common functions to /etc/inc/pfsense-utils.inc.
- 08:57 PM Revision 299a0c51: Bump to 0.36 which will be released around 8 pm tonite.
- 08:52 PM Revision 440b6d99: Include full path to .tgz in package manager. Previously broken by me.
- 08:32 PM Revision 82990721: Default to "raw" logging until the loging parsing items are updated.
- 08:18 PM Revision a539f08b: advanced nat can now do source port mapping (useful for IPSec traversal)
- 07:29 PM Revision deaec3a4: backend code to enable port mapping in advanced outbound nat
- 06:00 PM Revision aa699908: Clean up extraneous binat rule
- 05:55 PM Revision e397ee62: Make carp rules a little tighter and don't sync to peer (peer will already have same state)
- 05:33 PM Revision f883f1dd: !any is invalid in nat rule
- 05:29 PM Revision b17a19eb: fix dest caching when 'not' is used in outbound filter
- 05:12 PM Revision e9f252fa: Create advanced outbound NAT rules as user intended and fix negation rules
- 07:58 AM Revision 78c80bbc: revert last commit, it breaks non-advanced outbound NAT
- 07:29 AM Revision da6dab7d: Create advanced outbound NAT rules as user intended
- 06:42 AM Revision 7f650919: If a user has chosen a state, correctly setup rules for it
- 06:09 AM Revision 37c54393: * Clean up firewall -> handling code
- 05:49 AM Revision a06db5e0: Pass any proto, not just tcp.
- 05:45 AM Revision 96d73998: Woops stray ;
- 05:43 AM Revision 3fa49e43: Since we are now allowing on IN only we need to allow the firewall itself to talk to its interfaces.
- 02:42 AM Revision 77a82d1a: Use full path to tar
- 02:36 AM Revision 8f39b49b: Handle multiple port redirection correctly
- 02:16 AM Revision dad547ef: Version bump to 0.35
- 02:00 AM Revision ca83c6ea: Update default captive portal page.
- 01:48 AM Revision da410338: Backout unnecessary head command.
- 12:44 AM Revision 8867be52: Change autoboot_delay to 0
- 12:42 AM Revision 63b9188d: Custom loader.conf
- 12:07 AM Revision 968cfa56: Really assign keep state to the rules if no other method is chosen.
02/19/2005
- 11:53 PM Revision 754b5daf: * Make sure nat rules come before rdr rules
- 11:49 PM Revision faa2290d: * Ensure user rules are marked as a direction of IN
- * Make sure rule has keep state if its selected
* Make sure logging is setup on ALL interfaces - 11:16 PM Revision 528cad39: Add option to exclude package configuration from backup.
- 07:48 PM Revision 2ad0b6d2: m0n0wall -> pfSense
- 05:35 PM Revision 441a6a6e: Fix missing space in max-src-nodes
- Submitted-by: Bill Marquette <bill.marquette_AT_gmail.com>
- 05:31 PM Revision fa9af164: Be sure to save and restore state values.
- Submitted-by: Bill Marquette <bill.marquette_AT_gmail.com>
- 05:24 PM Revision 4075d9c1: Log when the package installation untars an archive
- 05:21 PM Revision ee8f7824: Pass full path to firewall rules plugin modules.
- 05:18 PM Revision eb6116e1: Be sure to issue a newline break on logged commands
- 05:15 PM Revision 866d2813: Inform the user during all actions and make sure they are logged.
- 05:08 PM Revision 06e2abdb: Additional logging during installation for additional files needed
- 07:32 AM Revision b7f8003d: Add head to trim output to one line.
- 07:27 AM Revision 2b77cdea: back out .n1 make sure -f2 argument is against -f
- 07:19 AM Revision 86feb886: Only return line #1 from query
- 07:00 AM Revision b3b2c155: use exec-command
- 04:47 AM Revision ca09972d: Additional error checking
- 03:57 AM Revision 3b0ebca2: Eliminate extra <br>
- 03:08 AM Revision 2d512c84: Do not attempt to foreach through the ['adddeleteeditpagefields']['columnitem'] if it does not exist
- 02:27 AM Revision 64fba011: Set the page title to <title>
- 01:32 AM Revision 6b2e9ec2: m0n0wall -> pfSense
- 12:54 AM Revision a33fd568: If a filename is not found, log to syslog and return
- 12:05 AM Revision 167bcf84: Add get_pfsync_interface_status($pfsyncinterface): returns the status of a pfsync
02/18/2005
- 11:46 PM Revision 591afdfd: add get_carp_interface_status($carpinterface): returns the status of a carp ip
- 10:25 PM Revision b04a6ca4: Add find_interface_ip which returns the first found ip on an interface
- 10:16 PM Revision e17ce934: Allow $myurl in the url of the tabs .. $myurl is translated to getenv("HTTP_HOST") on the fly
- 08:08 PM Revision af0506f4: Version bump to 0.34.
- 07:03 PM Revision 3d335c4d: Update tab codef.
- 05:21 PM Revision 7c061036: Add tab code.
- 05:20 AM Revision 628b33c1: Note an area that needs to be cleaned up for emedded platforms
02/17/2005
- 11:47 PM Revision 5ccfea33: Add carp_rules.php which will loop through the carp rules and if an items defined that is not on the wan interface make sure that nat rules are setup by addiing the nat rule to the natrules anchor. This utilizies the new rule framework.
- 07:56 PM Revision 174861fd: Cleanup return_dir_as_array to not return . or .. and make the new firewall plugin system active.
- 07:38 PM Revision a8ac6c98: move is_carp_defined to helper file, convert function to use true/false instead of 0 or 1
- 07:36 PM Revision c4967f1c: remove XXX for integrating a firewall rules plugin system
- 07:34 PM Revision 429b3acd: add firewallules anchor that can be used by the plugin system
- 07:31 PM Revision 1a848f5d: Add plugin system where packages can hook into the ruleset
- 07:31 PM Revision 023c3cc0: Add return_dir_as_array($filenaem): returns $filename contents as a string
- 07:02 PM Revision 622fa35a: add return_dir_as_array: return_dir_as_array($dir): returns $dir contents as an array
- 06:22 PM Revision 378f7d3a: Restore the infterface selection widget in the package manager correctly.
02/16/2005
- 09:11 PM Revision 5e756fe7: Version bump
- 09:09 PM Revision 1772bc72: Correct typo for PPTP rules.
- 08:38 PM Revision 073deb07: Treat the inbound nat rules the same way as 1:1 and server nat.
- 07:32 PM Revision 549912e3: Check that $pkg['adddeleteeditpagefields']['columnitem'] exists before foreaching through it.
02/15/2005
- 10:57 PM Revision b8090060: sleep for 3 seconds on status page giving the machine a little breathing room to calculate cpu usage correctly.
- 07:54 PM Revision 29a5799f: m0n0wall -> pfSense
- 01:53 AM Revision cd9a0cc6: Update PPTP rules and correct binat rules.
- 12:05 AM Revision 564a42cf: No need for 2 carriage returns after rdr rule.
- 12:02 AM Revision 1e024d52: Correctly redirect ports.
02/14/2005
Also available in: Atom