Activity
From 09/10/2006 to 10/09/2006
10/09/2006
- 11:54 PM Revision b0bdc06e: Use mod_evasive to limit connections per ip
- 11:48 PM Revision 4362e48a: Add back maxprocperid since we can now control this.
- 08:51 PM Revision 61f1e2ec: Ensure nameserver information is removed at bootup before its discovered again.
- 12:19 AM Revision 36a166de: * Output script correctly using SCRIPT_NAME
- * Fix html arguments
10/08/2006
- 10:34 PM Revision 670ee6ca: Set background color for body
- 10:32 PM Revision 871a7352: Set background color
- 09:53 PM Revision 087ce411: Add missing \n
- 09:43 PM Revision 232374b7: Add missing "
- 08:45 PM Revision c108ec01: Show a big fat warning on every bootup via the notices system if the minimum ram requirements are not met.
- 08:40 PM Revision 65929949: Show a *BIG FAT WARNING* that under 128 megaytes does not work during initial setup if <128 megs of ram detected.
10/07/2006
- 08:48 PM Revision 28f9e493: Notify user that reject style rules only work with the TCP protocol.
- Ticket #1118
- 02:55 AM Revision 59769c23: Save filter state across meta refreshes
- 02:17 AM Revision cf0542ac: Hide RADIUS session timeout, it is indeed even a new option to m0n0wall.
- 02:14 AM Revision bf9ca82a: Hide Allow intra-BSS communication option. It is b0rked and we don't plan on playing dominos any further with the wireless stuff.
- 01:39 AM Revision 0541e302: Add filtering capabilities to system log so that operators can identify information quicker.
- 12:44 AM Revision fa626e70: * Fix status -> slbd
- * Simplify dump_clog() and return_clog() to where a preschooler can read
* Fix main diagnostics logs after the above ... - 12:08 AM Revision 7fdcfdd3: Restore nuked $i variables
10/06/2006
- 11:30 PM Revision c1f46b20: Stop packages before restarting.
- 08:01 PM Revision 0544c27a: s/Load Balancer/OpenNTPD/
- Ticket #1116
- 07:55 PM Revision bb42c780: Check for TAP interfaces as well as TUN. Some people fancy bridging openvpn to TAP which allows for stuff like Bonjour to work across the tunnel.
- 04:44 AM Revision 37502a4a: We need to know memory count and memory free for bug submissions. Include top | head -n5 and sysctl hw.physmem
10/05/2006
- 10:10 PM Revision 8b7fb7ec: Do not log NTPD messages to OpenVPN tab
- 10:04 PM Revision 5c424e3d: Add OpenNTPD logging tab
- 09:50 PM Revision 18330d38: Add OpenNTPD logging tab
- 08:44 PM Revision f06645b1: Version bump.
- 07:48 PM Revision ae544bac: If no virtual ips are defined simply return 0 and avoid a Warning: Invalid argument supplied for foreach() in /etc/inc/pfsense-utils.inc on line 51 warning
- 06:54 PM Revision 5b3fe9a2: Start OpenVPN in the background.
- Suggested-by: Fernando
- 06:02 PM Revision f6f7624a: Only throw a filter error when a filter error really has occured.
- 05:13 PM Revision d2a2ba95: Only install spamd_whitelist if /var/db/whitelist exists
- 04:06 PM Revision 360d815d: Add missing getVolume() function
10/04/2006
- 11:15 PM Revision 2a871f19: Correctly find carp ips by including the first usable
- 08:43 PM Revision 80eb336c: Correctly deterimine if an ip falls within a carp subnet, etc.
10/03/2006
- 10:01 PM Revision d0b3b0b1: Run /tmp/post_upgrade_command after update if it exists
- 09:57 PM Revision 2b61eeb1: if the update firmware unpacks /tmp/no_upgrade_reboot_required then do not reboot after update.
- 08:11 PM Revision 6d80ad3a: Add afterbootupshellcmd that is executed when the system is booted up.
- 04:53 PM Revision 38d42ff4: Do not allow tunX interfaces to be assigned. This royally screws up almost all dynamic providers such as pptp.
- 12:18 AM Revision 5f3e1f12: Misc OpenNTPD changes. Do not restart on wan ip change
10/02/2006
- 09:37 PM Revision b9d28d25: Add _ntp to passwd and group
- 09:31 PM Revision 939aea8c: OpenNTPD requires _ntp user and group
- 09:12 PM Revision 20b90e0a: Switch to OpenNTPD.
- 04:02 PM Revision bc95f193: If our kill by pid fails, issue a killall for bsnmpd
- 12:59 AM Revision e9f147c8: Reset DHCP server after deleting static assignment.
- 12:51 AM Revision 856e58a6: Unbreak radius auth
10/01/2006
- 11:54 PM Revision b7ec2b9e: Add get_interface_mac() needed for Radius
- 11:51 PM Revision 4129df39: Add mac_format() needed for radius
- 10:56 PM Revision 6d8f4f75: Duplicate function for compatibility.
- 05:03 PM Revision 4b7cf204: Uncomment the trap statements. Now CTRL-C will kill the SSH session.
- 01:05 AM Revision 895f6e8c: Restart msntp on ip change
- 12:58 AM Revision 9c2640a0: Start packages on ip change again, in Holgers case all pacakges are exiting during the ip changeover
- 12:57 AM Revision 5be5825e: Use /etc/rc.start_packages
- 12:55 AM Revision 969d7f5e: Add rc.start_packages file
- 12:46 AM Revision dfc95443: require_once() /usr/local/pkg/pf/ files
- 12:12 AM Revision 412611dd: Revert last commit. Note website url of reason.
- 12:05 AM Revision f70f7efe: Change ip.fastforwarding to ip.forwarding
09/30/2006
- 11:16 PM Revision af491fe2: Really run /usr/local/pkg/pf files when needed
- 10:22 PM Revision 557ac55e: Add new loading image that is suitable for usage on top of grey tabs.
- 06:07 PM Revision 302c4885: 1.0-RC3 time
- 01:51 AM Revision 967fcdd0: Change items to read "SNMP Service" and "DHCP Service"
- 01:47 AM Revision 34f7437f: Correctly start services from /usr/local/etc/rc.d/ first before any other method
- 01:44 AM Revision 4685e464: Correctly start services from /usr/local/etc/rc.d/ first before any other method
- 01:41 AM Revision 1dec547b: Wait 5 seconds after stopping or starting a service to give the kill or starting process enough time to do its magic instead of marking the service as up when it really is not.
- 01:32 AM Revision e814de4f: Wait 5 seconds after stopping a service to give the kill process enough time to do its magic instead of marking the service as up when it really is not.
09/29/2006
- 11:56 PM Revision 574a2b47: Call filter_configure() instead of /etc/rc.filter_configure from shell (extra exec call)
- 11:50 PM Revision e4783952: These files are not rc.filter_configure
- 10:11 PM Revision 5d8bcb27: Resolve package descriptions if they are available.
09/28/2006
09/27/2006
- 11:09 PM Revision a0e4bd9f: We cannot tail the initial clog file in return_clog because we are not guaranteed to have that amount of "matching" lines. Instead, build up a grepline that contains all of the grep and grep -v statement. This now allows the tail to chop off the last X lines correctly.
- 11:02 PM Revision 0fcfdd3d: We cannot tail the initial clog file in dump_clog because we are not guaranteed to have that amount of "matching" lines. Instead, build up a grepline that contains all of the grep and grep -v statement. This now allows the tail to chop off the last X lines correctly.
- 10:28 PM Revision 13c24013: Woops, looks like there is a ! in the comparison, and I have it backwards.
- 05:37 PM Revision bf541de9: Be kind, rewind. Restart the package after a reinstallation.
- 05:36 PM Revision 960e61ae: Be kind, rewind. Restart the package after a reinstallation.
- 04:25 PM Revision 58725a51: Version bump
- 03:43 PM Revision 19a14ce7: Invalidate the cache before reloading the filter. On bootup the interface list is being cached and we need to detect tun0 coming up for OpenVPN.
- 04:26 AM Revision 1b0e4b4c: Do not leave trailing spaces before or after the text we are adding or removing.
- 04:17 AM Revision fa3c05aa: Do not leave trailing spaces before or after the text we are adding or removing.
- 03:41 AM Revision f4fc97cd: Only write out $fd_log items if a handle exists
09/26/2006
- 10:49 PM Revision ad6eae25: Allow loading of text from outside scripts such as snort.
- 07:22 PM Revision 9996eff6: Detect if stored item in config.xml is an array. If it's an array simply pass array along, if its not then attempt to explode the array.
- 07:15 PM Revision 3c616886: Fix interfaces selection widget. Now selections are restored.
- 06:44 PM Revision 7ed60b4e: Version bump
- 06:42 PM Revision 36eab901: Invalidate the cache before reloading filter.
- OpenVPN will bring up a tunX interface and we need to be able to see it to add the correct filter rules.
09/25/2006
- 11:38 PM Revision cb589a49: Set implicit_flush = true as well. Now downloading and slow tasks actually update the progress bar, etc in real time.
- 11:35 PM Revision 79c05ed9: output_buffering needs to be set to 0
- 06:56 PM Revision d017ef26: Output buffering needs to be off.
- 04:20 AM Revision 864210cb: Output buffer so that progress bar, etc works
- 04:18 AM Revision 43db85f8: Output buffer so that progress bar, etc works
- 12:51 AM Revision fc23fbfe: Cleanup file
- 12:45 AM Revision 31ef2e70: Automatically expire snort2c table every 60 minutes. This can also be used by other system components for temporary blocking.
- 12:41 AM Revision e99e9804: * Move snort2c to top of rules section
- * Block snort2c hosts
- 12:34 AM Revision f3af8b4a: Shhh... Be vewy qwiet. We are adding snort2c table.
09/24/2006
- 11:38 PM Revision 759cfd0c: Version bump
- 11:31 PM Revision e9be1e7f: Move FTP helper pass rules after USER defined rules so that the operator can tweak FTP items.
- Patch submitted by: Chris Dionissopoulos <chdio@debug.gr> (pfSense commiter)
- 11:17 PM Revision d690d2c9: MFC 14473
- Make sure we test for databases without interface information. e.g. spamd. Fixes report made in forum.
09/22/2006
- 11:31 PM Revision 265ccfc3: Ensure space after vpns list
- 11:22 PM Revision c52719a8: Do not destroy previous items, whiping out the listen directive.
- 09:49 PM Revision 70a6aeb0: do not unlink sh commands.txt, simply unlink commands.txt
- Pointy-hat-to: ME
- 08:27 PM Revision 76252260: * Fix MFC error where nat rules are blown out
- * Fix optional interface + carp
- 07:48 PM Revision 3f6fd1f3: Correct filenames in (C) header
- 07:45 PM Revision fb2a6c76: Correctly associate carp interfaces with optional interfaces as well. This should hopefully fix CARP failover on optional interfaces
- 06:41 PM Revision 2f0a7613: MFC openvpn fixes by Fernando
- 06:29 PM Revision c4b76267: Introduce rc.filter_configure and rc.filter_configure_sync.
- 05:51 PM Revision 45d7fb39: Use /etc/rc.filter_figure instead of 2 command touch /tmp/filter_dirty which does the absolute same thing but prevents openvpn from being tricked due to quoting.
- 04:20 PM Revision 3582e210: Inctroduce another snapshot before RC3
- 04:01 PM Revision 4b31e652: nve will support altq in just a moment.
- Reminded-numerous-times-by: Christos Dionissopoulos <chdio@debug.gr>
- 02:39 PM Revision 920cafaf: Move helper function to correct area
- 03:06 AM Revision e7933a2b: -HEAD wasn't working. Unify both tree's.
- 02:53 AM Revision e88adead: --ipchange silently didnt allow openvpn to run
- 02:47 AM Revision c1fdf93b: --up only needs one argument
09/21/2006
- 09:16 PM Revision 763ce2e6: RC3 time. Party on, excellent.
- 08:45 PM Revision 18ea86eb: MFC 14433
- Move miniupnpd anchor to the end of the NAT rules so they have precedence.
- 08:23 PM Revision e8ad9d31: Do not allow openvpn and ipsec entries to run together.
- 07:34 PM Revision ed3ccdc7: Set net.link.tap.user_open to 1 by default.
- 03:16 AM Revision d42d2184: 512K is enough for 1000 rows. Back out previous commit.
- 03:08 AM Revision 66f8efe7: Version bump
- 02:29 AM Revision 4fa1ffbb: Increase filter log space to 784K so that it can accept 999 entries
- 02:20 AM Revision 3deb0883: Default to TCP
- 02:11 AM Revision d87e27e0: When a failover ipsec ip address is defined, use it as the ip address endpoint for ipsec.
- 01:41 AM Revision 51fb86f5: * Remove unused variable $do_not_display
- * Do not add entry if we cannot deterimine the protocol
- 01:07 AM Revision f469e606: Treat sack type traffic as TCP
- 12:57 AM Revision b1ad443d: Include Id and copyright headers. Not sure how this slipped past.
- 12:22 AM Revision df477d2b: The interface le absolutely supports ALTQ. Make it so.
09/20/2006
- 11:02 PM Revision 0526354f: When running with verbose mode, tcpdump deocdes sip traffic. Bad boy.
- 05:49 PM Revision 24012690: Ensure filter reloads after openvpn state changes
09/19/2006
09/18/2006
- 08:53 PM Revision 6d17a9b9: Version bump
- 04:41 PM Revision 27b684ca: Note that the shaper is not compatible with bridging in the opening warning
- 01:29 PM Revision 48ce54d0: Disable firmware check, we are not using it in RELENG_1
09/17/2006
- 08:01 PM Revision 6a14ed37: Version bump from outter space
- 04:45 PM Revision 0a33f73e: Dont allow items to run together
- Ticket #1105
- 06:47 AM Revision 45e38645: Add (y/n) hint
- 06:45 AM Revision 2c05cc10: Explain to the user that the developer bootstrap process populates /usr/src, etc.
09/16/2006
- 09:45 PM Revision c195be3f: We log to a ram disk, so change text to read to a local ram disk instead of local disk
- 08:43 PM Revision 75abff95: Don't try to filter records that have strange date / time stamps.
09/15/2006
- 06:10 PM Revision 012472a4: * Only run the commands.txt file if it exists.
- * Unlink afterwards
09/14/2006
- 08:14 PM Revision a78b7955: Execute after commands via sh &
- 04:45 PM Revision 0a6d4110: Version bump
09/13/2006
09/12/2006
- 09:13 PM Revision 5963133d: Woops, only change the first occurance of 19999
- 09:00 PM Revision 2ef857b2: Start at 19000 since we are ++'ing at the end of the loop.
- 08:37 PM Revision 8d896506: Version bump from outter space!
- 08:05 PM Revision fe4d7d52: Match on the beginning of the string so that the 110 network is included
- Submitted-by: XAI via IRC
- 07:06 PM Revision 0a5f89fa: We ++ the starting port at the end of the for loop. Do not ++ it at the beginning leading to power of 2 redirect entries.
- 05:31 PM Revision 0363c100: Correctly deterimine the previous ip address when running under pppoe, as well. Log an error if we cannot deterimine the ip address for any reason.
- 05:26 PM Revision bd572fb6: Clear the filter cache before reloading. Now that Bill has worked his caching magic, this hit is almost nill.
- 01:30 AM Revision b1b1bace: Expand special character descrption search and replace for xmlrpc to all description areas that are sync'd via XMLRPC. Note: this only replaces the special characters on the backup nodes
09/11/2006
- 09:45 PM Revision 0ee99516: $starting_localhost_port++ for tcp/udp rules
- 08:21 PM Revision 1916ddad: Install both tcp and udp reflection helper entries
09/10/2006
- 11:21 PM Revision 796b9b3b: * Whitespace cleanup
- * Add missing counter strike ports
* Shift default queues to 1, instead of 3 - 10:38 PM Revision f29908ad: * Cleanup -u whitespace
- * Actually install the correct protocol in the rule
- 08:26 PM Revision 383d15cc: We already check for $g['booting'] at the beginning of the function. Do not do it twice.
- 06:53 PM Revision 2ebd3617: Version bump
- 05:49 PM Revision 3afe16db: Do not install vpn helper entries on Optional interfaces that are disabled
- 05:42 PM Revision 0e9671ef: Do not install vpn helper entries on Optional interfaces that are disabled
- 01:07 AM Revision b7ba117b: Version bump
- 01:00 AM Revision 0e871eb9: Convert interface to friendly name, actually use it.
- 12:51 AM Revision 785e986a: Actually redirect traffic when no vpn's are defined, too.
- Pointy-hat-to: ME
- 12:01 AM Revision e244be50: Backout last commit
Also available in: Atom