Activity
From 04/04/2007 to 05/03/2007
05/03/2007
- 10:16 PM Revision 407868d8: Do not attempt to touch /needs_package_sync on CDROM platform.
- 10:15 PM Revision 447c8e03: Do not attempt to touch /needs_package_sync on CDROM platform.
- 05:43 AM Revision 4d72788f: Move help / common usage scenarios to the "help" command.
- 05:42 AM Revision 46d53988: Move help / common usage scenarios to the "help" command.
- 05:21 AM Revision 53f32329: Add hidden command to disable authoritative mode (dhcp server). To utilize do something like this in php pfSense shell: $config['dhcpd']['optx']['disableauthoritative'] = true; write_config();
- 04:51 AM Revision 4fca174c: Show how to output the wireless options such as channels, modes, etc.
- 04:51 AM Revision efb9a19c: Show how to output the wireless options such as channels, modes, etc.
- 04:17 AM Revision 94e2459b: Clarify DHCP server comment
- 04:17 AM Revision f49c8ada: Clarify DHCP server comment
- 03:55 AM Revision 8ea3c329: * Correct printr typo. * Show how to output the interfaces and dhcpd portions of the configuration
- 03:54 AM Revision c5f17b2b: * Correct printr typo. * Show how to output the interfaces and dhcpd portions of the configuration
- 03:49 AM Revision c64bccc0: Show the reboot command as well for php pfSense shell Sponsored-by: Bluegrass.net
- 03:49 AM Revision 3c09eaf5: Show the reboot command as well for php pfSense shell Sponsored-by: Bluegrass.net
- 03:38 AM Revision 73b2c799: Minor text updates
- 03:38 AM Revision 6b703652: Minor text updates
- 03:37 AM Revision 2ae83127: Minor text updates
- 03:37 AM Revision c97a4133: Minor text updates
- 03:32 AM Revision 03b85ded: Show common commands in the php pfsense shell such as: * Enabling SSH * Enabling wireless on an interface (hostap, channel, ssid, etc) * Enabling DHCP Server on an interface * Disable firewall filter * Set up an interface for DHCP and enable * Set up an interface for static and enable These commands come in handy when configuring a 1 port ethernet wrap with 2 wireless cards. Sponsored-by: Bluegrass.net
- 03:32 AM Revision 0968a06e: Show common commands in the php pfsense shell such as: * Enabling SSH * Enabling wireless on an interface (hostap, channel, ssid, etc) * Enabling DHCP Server on an interface * Disable firewall filter * Set up an interface for DHCP and enable * Set up an interface for static and enable These commands come in handy when configuring a 1 port ethernet wrap with 2 wireless cards. Sponsored-by: Bluegrass.net
05/02/2007
- 10:36 PM Revision 5a6f3ca0: * Do not allow duplicate entries by default in add_text_to_file() * Add option which allows duplicates Submitted-by: Uranellus via IRC
- 09:57 PM Revision 1e50f7ff: Fix spelling mistake Pointed-out-by: Summat via IRC
- 09:57 PM Revision b1ed5356: Fix spelling mistake Pointed-out-by: Summat via IRC
- 09:46 PM Revision d3819fcb: Import smtp.inc which allows sending e-mails from PHP. This will be used later down the road for the automatic logging/emailing system. This will also allow pfSense developers to begin e-mail equipping portions of the system as well.
- 09:34 PM Revision 2645bb54: Add a note that you do not use Synchronize IP and password option on backup cluster members.
- 09:34 PM Revision a3ed7f70: Add a note that you do not use Synchronize IP and password option on backup cluster members.
- 08:56 PM Revision a58113dd: Snapshot version bump
- 04:01 PM Revision 55491d50: Install frickin pptp proxy rules correctly.
- 04:00 PM Revision 0f7a319b: Install frickin pptp proxy rules correctly.
- 12:43 PM Revision 06439b7d: Do not allow - in aliases. This breaks port aliases.
- tables are fine with the - and the _. Ports only work with _.
- 12:42 PM Revision d87fc50b: Do not allow - in aliases. This breaks port aliases.
- tables are fine with the - and the _. Ports only work with _.
- 12:25 AM Revision b55d122c: Fetch the filesize initially and compare it. In addition we compare MD5 to be absolutely sure.
- 12:25 AM Revision e1f1691f: Fetch the filesize initially and compare it. In addition we compare MD5 to be absolutely sure.
- 12:09 AM Revision 35870220: * Do not close a buffer that has failed * Automatically retry failed connection
- 12:08 AM Revision 4cc6345e: * Do not close a buffer that has failed * Automatically retry failed connection
05/01/2007
- 10:26 PM Revision b65aeb25: Exit if URL or PATH is blank.
- 10:26 PM Revision 9b5d2d24: Exit if URL or PATH is blank.
- 10:24 PM Revision 24e99fe0: Launch file correctly
- 10:23 PM Revision 47944c7c: Launch file correctly
- 10:17 PM Revision b83c330b: Add md5 support if the site is storing the value.
- 10:17 PM Revision 1d2ac3a5: Add md5 support if the site is storing the value.
- 09:57 PM Revision 741fe28d: Add firmware update menu option which can fetch a URL from the internet or use a already fetched file from the file system.
- 09:56 PM Revision f4feb493: Add firmware update menu option which can fetch a URL from the internet or use a already fetched file from the file system.
- 09:53 PM Revision 2b7729d7: Woops, actually use $url Noticed-by: Seth
- 09:53 PM Revision 3264c13b: Woops, actually use $url Noticed-by: Seth
- 09:48 PM Revision b554dc43: Add does_url_exist() which can verify a URL exists before downloading.
- 09:48 PM Revision 10387862: Add does_url_exist() which can verify a URL exists before downloading.
- 05:47 PM Revision ff664954: Prevent a configuration sync loop from occuring when a cluster has two nodes.
- 05:47 PM Revision 3274f985: Prevent a configuration sync loop from occuring when a cluster has two nodes.
- 04:40 PM Revision c6c029ba: Allow synchornize to ip to be blank.
- 04:40 PM Revision c24a651d: Allow synchornize to ip to be blank.
04/30/2007
- 09:57 PM Revision c297886b: Install the package, deinstall and reinstall to ensure it is in a proper state.
- 09:57 PM Revision f898cf33: Install the package, deinstall and reinstall to ensure it is in a proper state.
- 09:43 PM Revision b0b9fb50: Woops, use delete_package_xml() instead of delete_package()
- 09:43 PM Revision a902a5d7: Woops, use delete_package_xml() instead of delete_package()
- 09:35 PM Revision b57c9e08: Delete package before reinstalling to avoid multiple service entries, etc.
- 09:34 PM Revision cf577b5a: Delete package before reinstalling to avoid multiple service entries, etc.
- 09:04 PM Revision a5ac7b85: * add comments about scheduler logic * correct one case where the logic was not correct
- 09:04 PM Revision 4303fbff: * add comments about scheduler logic * correct one case where the logic was not correct
- 09:01 PM Revision 34e73d65: Capitalize IP
- 09:01 PM Revision 27ecd06e: Capitalize IP
- 08:58 PM Revision 4a8dbe79: Take into account the DHCP wan ip address as well
- 08:58 PM Revision 9764f470: Take into account the DHCP wan ip address as well
- 08:48 PM Revision e17b828d: Do not forget VIP's as well.
- 08:48 PM Revision a8963d26: Do not forget VIP's as well.
- 08:43 PM Revision 36dd13f2: Do not allow the setting of the carp sync ip to be an ip address on the same firewall. This leads to a sync loop.
- 08:42 PM Revision 5980fbbe: Do not allow the setting of the carp sync ip to be an ip address on the same firewall. This leads to a sync loop.
- 07:39 PM Revision 834a6772: Disable interrupt total box. We need a better parsing algo.
- 04:43 PM Revision 6f606691: Back on the snapshot building program
- 05:34 AM Revision 136fc45a: Clean backup cache before starting php environment
- 05:34 AM Revision 9afe0d5a: Clean backup cache before starting php environment
- 04:35 AM Revision ac0dcb50: Keep 5 backups on embedded. Keep 30 on full installations.
- 04:35 AM Revision 889044ca: Keep 5 backups on embedded. Keep 30 on full installations.
- 12:51 AM Revision 40a1b7af: Add multiline support for multi-line mini programs/scripts.
- 12:51 AM Revision 05a85e29: Add multiline support for multi-line mini programs/scripts.
04/29/2007
- 11:58 PM Revision 123bfdac: Show that exit is a valid command
- 11:58 PM Revision 5a7e9d2d: Show that exit is a valid command
- 11:57 PM Revision 3c2972b3: Add pfSense php shell option. This will be used by developers to tell operators how to remove blank config options and many other things that will be easier than instructing someone to edit config.xml directly, etc.
- 11:57 PM Revision 838abde9: Add pfSense php shell option. This will be used by developers to tell operators how to remove blank config options and many other things that will be easier than instructing someone to edit config.xml directly, etc.
- 11:51 PM Revision 6855dff0: Escape $ so that it does not try to print out the variable
- 11:51 PM Revision cddfb5a4: Escape $ so that it does not try to print out the variable
- 11:49 PM Revision d776e077: Add a pfSense interactive php shell for developers.
- 11:49 PM Revision 93f9f5b1: Add a pfSense interactive php shell for developers.
- 11:24 PM Revision 07cae4b2: Switch over to mpd4 Code-submitted-by: alan_AT_radiowave.ie
- 11:13 PM Revision 28b0b1a7: $config needs to be a global. Someone needs a pointy-hat!
- 11:13 PM Revision 34dcf690: $config needs to be a global. Someone needs a pointy-hat!
- 11:02 PM Revision 0be64575: Change Miniupnp to UPNP
- 11:01 PM Revision a0ee264a: Change Miniupnp to UPNP
- 11:00 PM Revision d131e83d: Use $_SERVER['argvc'] and $_SERVER['argv'][$x]. This fixes the linkup issues (hotplug)
- 11:00 PM Revision 07957e3a: Use $_SERVER['argvc'] and $_SERVER['argv'][$x]. This fixes the linkup issues (hotplug)
- 08:31 PM Revision e91a7706: It is time for 1.2-BETA-1. Agree'd by: smos, hoba
- 08:10 PM Revision 761902b0: Correctly output the package name that we are attempting to reinstall instead of the package array number.
- 08:10 PM Revision f940213c: Correctly output the package name that we are attempting to reinstall instead of the package array number.
- 08:06 PM Revision 26a26ef7: Add missing / directory seperator. This should hopefully fix squid from reinstalling itself a million times on bootup.
- 08:06 PM Revision bdfccc00: Add missing / directory seperator. This should hopefully fix squid from reinstalling itself a million times on bootup.
- 02:15 AM Revision 4bf3f3f1: Note missing file before reinstalling package
- 02:14 AM Revision 13525730: Note missing file before reinstalling package
- 12:03 AM Revision bc497221: Move TDR pruning routines to the correct location.
04/28/2007
- 11:51 PM Revision 578ce7c3: Delete the 2nd and 3rd rules as well
- 11:51 PM Revision fdcf03c2: Delete the 2nd and 3rd rules as well
- 11:42 PM Revision 6254c1be: Correctly delete old rules from TDR using set 9
- 11:42 PM Revision b7019cfb: Correctly delete old rules from TDR using set 9
- 09:06 PM Revision 4eabbe87: Add upnp status link in the menu
- 09:05 PM Revision f9c17c3e: Add upnp status link in the menu
- 07:44 PM Revision b7cb6042: MFC
- The aliases edit page says we allow the - and _ but the pattern did not match.
- 04:46 PM Revision d73b38c4: * Add status virtual servers screen from Seth Mos * Add tab code to the original LB pool status screen
04/27/2007
- 10:58 PM Revision f852d17b: Add tab interface.
- MFC: Together with the newly added status_slbd_vs.php this hould make a
whole. For 1.2 - 08:21 PM Revision 47facba8: PPPoE server fixes
- Ticket #1283
- 08:19 PM Revision 6bc17e95: PPPoE server fixes
- Ticket #1283
- 07:51 PM Revision 39b11811: Trim carriage return off of the $old_ip so that the <> comparison works.
- This should fix the packages from always being restarted even if the ip was the same.
- 07:51 PM Revision bd90c782: Trim carriage return off of the $old_ip so that the <> comparison works.
- This should fix the packages from always being restarted even if the ip was the same.
- 07:44 PM Revision 9f241a6d: Quiet down the dhclient log files in preperation for 1.-2-BETA-1 release.
- 07:14 PM Revision 5c88e187: Write out an entry to the logging system when we write_config() on bootup.
- This will help us track down stray items writing out on bootup.
- 07:14 PM Revision d1f73cef: Write out an entry to the logging system when we write_config() on bootup.
- This will help us track down stray items writing out on bootup.
- 07:11 PM Revision 85cf85dc: Do not writeout tdr_cron_install() entries on bootup. Somehow doing so adds a stray load balancing and openvpn entries.
- 07:11 PM Revision 029d5e00: Do not writeout tdr_cron_install() entries on bootup. Somehow doing so adds a stray load balancing and openvpn entries.
- 05:08 PM Revision 2c7242ff: Only deinstall filter reload item if it is presently installed
- 05:08 PM Revision e33e17d8: Only deinstall filter reload item if it is presently installed
- 02:29 PM Revision bf903e99: Make sure is_validaliasname uses the same match rules as described in
- the aliases edit page. e.g. support the use of - and _ as the error
message states and HEAD also supports.
MFC: Yes
04/26/2007
- 09:47 PM Revision 12415bd8: OpenVPN bandwidth fix from Martin Fuchs
- 09:47 PM Revision df3f9675: OpenVPN bandwidth fix from Martin Fuchs
- 08:37 PM Revision 6b09131e: Add server pools status page.
- Someone needs to add tabs for the status pages?!
MFC: Probably - 08:33 PM Revision c3da9072: Process gateway pools only.
- MFC: Probably
- 02:43 PM Revision 8d900185: MFC
- 3rd pass nat rules generation. Also process lan subnets with OPT gateway properly.
- 09:46 AM Revision b520ec9a: 3rd pass nat rules generation. Also process lan subnets with OPT gateway properly.
- MFC: Soon
- 03:51 AM Revision 3e4e94ce: closable graphs
- 02:55 AM Revision 93588e1a: correct the html structure, and show errors properly
- MFC: asap
04/25/2007
- 09:30 PM Revision 4e4770c1: MFC Alter outbound nat descriptions to match operation
- 08:34 PM Revision 53bf5f1d: Alter outbound nat descriptions to match operation
- MFC: Soon?
- 08:27 PM Revision c8ccb72f: MFC Merge 2nd pass NAT rule generation. Take ipsec and voip into account.
- 08:22 PM Revision bdee20c6: Merge 2nd pass NAT rule generation. Take ipsec and voip into account.
- MFC: Soon?
- 08:05 PM Revision 427b1cea: Remove hack that checks for blank protocol. We need to fix the upstream bug that is causing the blank entries. This bug is also appearing in the load balancing area now.
- 08:04 PM Revision 3f8b8065: Remove hack that checks for blank protocol. We need to fix the upstream bug that is causing the blank entries. This bug is also appearing in the load balancing area now.
- 06:52 PM Revision 515ad7e7: Correctly map static routes.
- Work done by Seth Mos
TODO: Port to -HEAD. - 06:52 PM Revision b6068df1: Correctly map static routes.
- Work done by Seth Mos
TODO: Port to -HEAD. - 06:10 PM Revision 2f6fb323: Add is_private_ip function which will return true if an ip address falls within a private subnet range.
- 06:10 PM Revision 5928bd75: Add is_private_ip function which will return true if an ip address falls within a private subnet range.
- 04:20 PM Revision 09662e45: Increase the size of the openvpn custom options box.
- 04:19 PM Revision 975a40cc: Increase the size of the openvpn custom options box.
- 02:47 AM Revision 78ee2cf8: verify interface is enabled before drawing graph
- 02:16 AM Revision 5db160dd: Give user option to display multiple graphs. Note: need a better play button for Scott's bling blingin request.
04/24/2007
- 11:20 PM Revision f5cfdc98: New flashy index page. Just some snippets from various other pages
- 11:18 PM Revision 6189988d: Move interface info function for global use
- 09:27 PM Revision 0975fe8a: Unbreak status graph. Someone is going to need to submit *WORKING* patches that work with FireFox, IE and Opera for this to get changed again! Ticket #1290
- 09:25 PM Revision 3c748d04: Unbreak status graph. Someone is going to need to submit *WORKING* patches that work with FireFox, IE and Opera for this to get changed again! Ticket #1290
- 07:54 PM Revision 5b95638a: File a notice when we restore a previous configuration file.
- 07:54 PM Revision 0bfd6d77: File a notice when we restore a previous configuration file.
- 06:15 PM Revision 1b07cd63: Detect 0 byte config.xml cases and attempt to restore a previous backup. With this change my wrap that has been panicing for 30 hours straight boots right back off and we will continue the panic torture test.
- 06:15 PM Revision c4dfa47b: Detect 0 byte config.xml cases and attempt to restore a previous backup. With this change my wrap that has been panicing for 30 hours straight boots right back off and we will continue the panic torture test.
- 05:52 PM Revision be973d8c: Detect 0 byte config.xml cases and attempt to restore a previous backup.
- 05:52 PM Revision aac9905d: Detect 0 byte config.xml cases and attempt to restore a previous backup.
- 01:00 AM Revision f71531ed: s/resolved/resolve/
- 01:00 AM Revision 52bddb2e: s/resolved/resolve/
- 12:47 AM Revision 914a762d: * Use is_interface_mismatch() function * Do not allow configuration to continue until the interfaces are setup correctly * When restoring a configuration via the webConfigurator detect that a interface mismatch has occured and redirect the user to the assign interface screen. Once the assign interface Save button has been pressed go ahead and reboot. This might just prevent someone from throwing a fit since they do not have console access.
- 12:43 AM Revision 8ce97a08: check if schedule config is array first
- MFC: asap
- 12:27 AM Revision 9ce38409: The earlier fix from today that fixed get_interfaces_with_gateways() created new problem where all interfaces would show up in assign_interfaces screen and other places. Instead of showing them all by default teach get_interfaces_with_gateways() how to extract the complete list.
- 12:27 AM Revision 8b1f5806: The earlier fix from today that fixed get_interfaces_with_gateways() created new problem where all interfaces would show up in assign_interfaces screen and other places. Instead of showing them all by default teach get_interfaces_with_gateways() how to extract the complete list.
- 12:11 AM Revision c35e12af: Actually show when we are rebooting to avoid confusion.
04/23/2007
- 11:47 PM Revision abb1798d: MFC 17588 Bug fix: Menu now shows on top of traffic graph instead of underneath
- 11:40 PM Revision 23be6f1b: When restoring a configuration via the webConfigurator detect that a interface mismatch has occured and redirect the user to the assign interface screen. Once the assign interface Save button has been pressed go ahead and reboot. This might just prevent someone from throwing a fit since they do not have console access.
- 11:32 PM Revision 8cd7e1fa: * Use is_interface_mismatch() function * Do not allow configuration to continue until the interfaces are setup correctly
- 11:30 PM Revision 92d24260: Backport is_interface_mismatch() function
- 11:00 PM Revision f6a311bd: Turn back off TDR debugging statements.
- 09:51 PM Revision 8ae8a3ef: Dont check-state on the rules.
- 09:51 PM Revision e6123bd4: Dont check-state on the rules.
- 09:49 PM Revision 45fda8b8: Use check-state on all TDR rules
- 09:49 PM Revision 60a8d6d4: Use check-state on all TDR rules
- 09:47 PM Revision 9b7ea7db: check-state at the beginning of the tdr set
- 09:47 PM Revision 19f6ca3e: check-state at the beginning of the tdr set
- 09:31 PM Revision dda39c4a: Detect when schedules are present and install non schedule rule correctly
- 09:30 PM Revision d3924217: Detect when schedules are present and install non schedule rule correctly
- 08:58 PM Revision 1d136eeb: Add more well known ports to the protocols drop down. Patch-submitted-by: Martin Fuchs
- 08:58 PM Revision 21c49335: Add more well known ports to the protocols drop down. Patch-submitted-by: Martin Fuchs
- 08:48 PM Revision d82bf7d5: Ensure that old time based rules get deleted during reload
- 08:48 PM Revision 0b77c211: Ensure that old time based rules get deleted during reload
- 06:58 PM Revision 5430501d: Version bump
- 06:42 PM Revision bac28e1c: use <object> instead of <embed>
- Ironically this was already fixed in HEAD!
Ticket #1290 - 06:42 PM Revision d639db56: use <object> instead of <embed>
- Ironically this was already fixed in HEAD!
Ticket #1290 - 06:20 PM Revision 71c08f25: * Fix get_interface_list()
- * Backout Seth's changes. The bug was up the stack in get_interface_list()
- 06:19 PM Revision 37327d23: * Fix get_interface_list()
- * Backout Seth's changes. The bug was up the stack in get_interface_list()
- 06:03 PM Revision 2b04c3b5: MFC 17596
- Correctly use all interfaces.
- 06:01 PM Revision 8d9305b6: Correctly use all interfaces.
- Credits-go-to: sullrich
Might fix PPPoE and vlans WAN and or load balancing
MFC: ASAP - 05:18 PM Revision 67fe4c47: Add trailing slashes to upload directory
- 05:18 PM Revision 465a9d10: Add trailing slashes to upload directory
- 05:13 PM Revision db9aabe2: Apply OpenVPN patch from Martin Fuchs which adds outgoing tunnel bandwidthg control.
- 05:11 PM Revision b7639e4a: Apply OpenVPN patch from Martin Fuchs which adds outgoing tunnel bandwidthg control.
- 11:44 AM Revision 2779b49b: Bug fix: Menu now shows on top of traffic graph instead of underneath
- MFC: asap
- 12:36 AM Revision 3fb0b9c1: Move sync schedules underneath firewall rules section for cosmetic bling bling. Suggested-mulitple-times-by: Holger
- 12:36 AM Revision 8df70377: Move sync schedules underneath firewall rules section for cosmetic bling bling. Suggested-mulitple-times-by: Holger
- 12:14 AM Revision 1edfe47e: Only foreach through valid arrays.
- 12:12 AM Revision c0a64f18: MFC Show schedule indicator.
04/22/2007
- 11:32 PM Revision d12cfab1: 0 -> 00 for start time for consistency
- 10:55 PM Revision 774c288f: Show icon when schedule is active
- 10:50 PM Revision c4223edf: Do not reload ipfw if it is already loaded.
- 10:49 PM Revision 54e36b9a: Do not reload ipfw if it is already loaded.
- 10:35 PM Revision 7ab7895a: If $config['system']['dummynetshaper'] is set then load ipfw and dummynet early on
- 10:35 PM Revision 30566f8f: If $config['system']['dummynetshaper'] is set then load ipfw and dummynet early on
- 10:11 PM Revision 103a98ad: Make the ordering of the IPFW time based rules exactly the same as PF so there are no strange "gotchas" or "caveats" that the user would have to abide by.
- 10:11 PM Revision 7b0e865b: Make the ordering of the IPFW time based rules exactly the same as PF so there are no strange "gotchas" or "caveats" that the user would have to abide by.
- 09:31 PM Revision 8bbeb09d: Correctly incriment skipto rule number.
- 09:31 PM Revision 22c9fc09: Correctly incriment skipto rule number.
- 09:28 PM Revision d1d16ec7: Fix tdr_get_next_ipfw_rule to not return 2 every time.
- 09:27 PM Revision 98aa3eb6: Fix tdr_get_next_ipfw_rule to not return 2 every time.
- 09:17 PM Revision e78c0771: Add anti-lockout rule to ipfw so that you cannot lock yourself out of the GUI. This is tunable via system -> advanced
- 09:17 PM Revision 703714fe: Add anti-lockout rule to ipfw so that you cannot lock yourself out of the GUI. This is tunable via system -> advanced
- 07:14 PM Revision 469d6893: Bootstrap php.ini on non-cdrom platforms to *GUARANTEE* that we can invoke php correctly.
- 07:14 PM Revision 6a63742f: Bootstrap php.ini on non-cdrom platforms to *GUARANTEE* that we can invoke php correctly.
- 07:03 PM Revision 418a8484: Do proper locking when writing out php.ini. Sync the disk contents to force the write to disk after closing the file. Hopefully this will help solve the php.ini from disappearing on bootup when a panic occurs.
- 07:03 PM Revision e9624a0a: Do proper locking when writing out php.ini. Sync the disk contents to force the write to disk after closing the file. Hopefully this will help solve the php.ini from disappearing on bootup when a panic occurs.
- 06:30 PM Revision 460851c6: Add a blurb that the IP change in the system logs and that we are restarting the packages. This is debug for the time being.
- 06:25 PM Revision 8f8f9721: When dhclient renews the ip address and the ip has not changed then old_ip_address will not be set. Ignore this and do not reload all packages when the ip has not changed.
- 06:25 PM Revision 4a9dfa44: When dhclient renews the ip address and the ip has not changed then old_ip_address will not be set. Ignore this and do not reload all packages when the ip has not changed.
- 03:59 AM Revision d8f4eede: Call sync with the lock held before allowing a new party to come along and start writing to config.xml.
- 03:59 AM Revision cffd2ea4: Call sync with the lock held before allowing a new party to come along and start writing to config.xml.
- 12:55 AM Revision f94d6c80: Handle dhclient case on optX interfaces and map nat correctly.
- 12:55 AM Revision db15769e: Handle dhclient case on optX interfaces and map nat correctly.
- 12:52 AM Revision 987fa119: Correctly setup nat interface mappings when AON is disabled and a gateway is present. Ticket #1289
- 12:52 AM Revision 5f17fb7e: Correctly setup nat interface mappings when AON is disabled and a gateway is present. Ticket #1289
04/21/2007
- 11:41 PM Revision ea951e6f: Correct is_array() check. Make sure all 3 branches are the same. Suggested-by: Bill M
- 11:39 PM Revision 94b2820c: Correct is_array() check. Suggested-by: Bill M
- 11:39 PM Revision a9ec14c2: Correct is_array() check. Suggested-by: Bill M
- 11:22 PM Revision ffecf891: Use skipto type ipfw rules so that the pass type rules will not bail out of the ipfw ruleset and keep processing at the next rule.
- 11:22 PM Revision 130ccec2: Use skipto type ipfw rules so that the pass type rules will not bail out of the ipfw ruleset and keep processing at the next rule.
- 11:05 PM Revision b18e3f2e: Fix another major bug in time based rules. When a * * * rule is in affect on the wan interface we where killing outgoing traffic from the firewall itself.
- 11:05 PM Revision c24f4008: Fix another major bug in time based rules. When a * * * rule is in affect on the wan interface we where killing outgoing traffic from the firewall itself.
- 10:54 PM Revision 7f0b40d3: Fix a major time based rule bug. We need to match packets *INCOMING* to the interface similar to how pf works.
- 10:53 PM Revision 6f727b3b: Fix a major time based rule bug. We need to match packets *INCOMING* to the interface similar to how pf works.
- 10:49 PM Revision a1a9ce87: Debug out when a lock recursion issue is present. This might expose some missing unlocks and lead to performance speedups.
- 09:28 PM Revision 8857d411: Set tcsh autologout to 0
- 09:28 PM Revision 54aa1a51: Set tcsh autologout to 0
- 09:15 PM Revision 5c379f6f: Use the correct array path to deterimine if a false entry exists.
- 09:15 PM Revision 01c0ece6: Use the correct array path to deterimine if a false entry exists.
- 08:44 PM Revision 9c223153: Only check for server or client respectively instead of checking for both. Otherwise if a operator is only running server or client openvpn entries we do not show the configuration.
- 08:44 PM Revision 4e505707: Only check for server or client respectively instead of checking for both. Otherwise if a operator is only running server or client openvpn entries we do not show the configuration.
- 08:09 PM Revision 604eed79: Correct the copy() logic
- 08:09 PM Revision 568d818c: Correct the copy() logic
- 08:08 PM Revision 8008038a: * Use copy instead of system() * Lock the configuration before doing this operation * Unlink config.cache if it exists * Send the image to RO after this operation
- 08:08 PM Revision e3461aa1: * Use copy instead of system() * Lock the configuration before doing this operation * Unlink config.cache if it exists * Send the image to RO after this operation
- 08:03 PM Revision 3e1aaa57: xmlparse now returns -1 when a file is corrupt. Detect this situation during parse_config() and trigger a backup. Note to the user this occurance.
- 08:02 PM Revision d75c7f7e: xmlparse now returns -1 when a file is corrupt. Detect this situation during parse_config() and trigger a backup. Note to the user this occurance.
- 07:58 PM Revision 7fb87dbe: xmlparse now returns -1 when a file is corrupt. Detect this situatioon and notify the user that we are unlinking the file.
- 07:58 PM Revision d09d9e45: xmlparse now returns -1 when a file is corrupt. Detect this situatioon and notify the user that we are unlinking the file.
- 07:53 PM Revision 2c1689fd: When we iterate through the backup cache we call out to parse the configuration file. This can be fatal if the xml contents is corrupted and the process will die out. Instead of dieing, return -1 and let the process continue since we have further logic to detect these issues and restore a previous configuration, etc.
- 07:53 PM Revision 1d5a6e18: When we iterate through the backup cache we call out to parse the configuration file. This can be fatal if the xml contents is corrupted and the process will die out. Instead of dieing, return -1 and let the process continue since we have further logic to detect these issues and restore a previous configuration, etc.
- 07:43 PM Revision e7e7584b: Do correct locking when cleaning the backup cache
- 07:42 PM Revision 98e9940a: Do correct locking when cleaning the backup cache
- 07:39 PM Revision 51db4c34: We really need to lock the configuration when outputting the config.cache
- 07:38 PM Revision e2846808: We really need to lock the configuration when outputting the config.cache
- 07:07 PM Revision 9936b4fe: We should anti spoof on the wan interface as well.
- 07:05 PM Revision f2d532ec: We should anti spoof on the wan interface as well.
- 05:49 PM Revision a4cf412b: Snapshot 1.2-BETA-1. We need to get a new version out for testing before 1.2-BETA-1.
04/20/2007
- 08:39 PM Revision 172e3474: Block traffic from source port 0 or destination port 0. Some crafty folks try to evade packet filters by using this type of trickery. See http://www.securityfocus.com/archive/75/402099/30/0/threaded for more information.
- 08:36 PM Revision 66119c8a: Block traffic from source port 0 or destination port 0. Some crafty folks try to evade packet filters by using this type of trickery. See http://www.securityfocus.com/archive/75/402099/30/0/threaded for more information.
04/19/2007
- 09:08 PM Revision 73924eee: Note that we use the username admin when syncing in the error messages
- 09:08 PM Revision 38e5cd1e: Note that we use the username admin when syncing in the error messages
- 04:39 PM Revision 4a622e95: Correctly define the state timeout value.
- 04:39 PM Revision a67fed0d: Correctly define the state timeout value.
04/18/2007
- 10:32 PM Revision 3e894216: Silence ftp proxy debugging statements for 1.2.
- 10:29 PM Revision 5dc2f2ba: Silence setting up route log error
- 10:25 PM Revision ac98c6f4: Woops, we need to show this error. Reminded-by: Seth
- 10:22 PM Revision 8a4b82cd: Do not output TDR debug information to system logs
- 10:22 PM Revision a4e0f751: Load balancing seems to be fairly stable. Stop outputting so much debug information to the system logs.
- 09:31 PM Revision 8bb70fd3: Do not echo out extra text when reloading the filter rules and correctly detect pftpx already started.
- 09:31 PM Revision a72c07bc: Do not echo out extra text when reloading the filter rules and correctly detect pftpx already started.
- 08:05 PM Revision 1a4c8964: Remove trailing space
- 08:04 PM Revision 56dfb51e: Remove trailing space
- 07:50 PM Revision fa15ea86: Do not carriage return in the middle of a shell command
- 07:49 PM Revision d57e19dc: Do not carriage return in the middle of a shell command
- 07:29 PM Revision 4e3cb6c6: MFC 17445
- Don't round-robin on failover lb pools
- 07:26 PM Revision ccf95b5a: Don not use round-robin on failover lb pools
- MFC: ASAP
- 02:27 AM Revision eace1363: initialize variable correctly
- MFC: asap
04/17/2007
- 09:26 PM Revision 5014eab1: Turn off hard drive write caching correctly
- 09:26 PM Revision d6240d7f: Turn off hard drive write caching correctly
- 07:38 PM Revision 3b907eb1: Show icon when schedule is active
- MFC: asap
- 06:51 PM Revision 2a113ca9: Schedule popup on firewall page, stop min 0>00
- MFC: asap
- 06:11 PM Revision f89e550c: hw.ata.wc is a read-only /boot/loader.conf value. Remove.
- 06:11 PM Revision 2f17ee86: hw.ata.wc is a read-only /boot/loader.conf value. Remove.
04/16/2007
- 11:09 PM Revision d48ccbcd: Correctly note the filter configure item when removing the schedule feature from cron
- 11:09 PM Revision e85212d9: Correctly note the filter configure item when removing the schedule feature from cron
04/15/2007
- 07:37 PM Revision 2c57ec50: Add xml sync schedules option
- 07:37 PM Revision e130cfd3: Add xml sync schedules option
- 05:59 PM Revision 8476b3b3: Remove stray ;
- 05:59 PM Revision 530b5e46: Remove stray ;
04/14/2007
- 10:37 PM Revision 89f10d65: Uncomment pass rule logic. Fixes a problem report from the forum. Reminded-by: Holger
- 10:36 PM Revision 2d2d95e1: Uncomment pass rule logic. Fixes a problem report from the forum. Reminded-by: Holger
- 10:28 PM Revision e9f661b9: Add some text breaks.
- 10:28 PM Revision 1fa1ddc7: Add some text breaks.
- 10:25 PM Revision 099ab77e: Remove <br/> from schedule strong note.
- 10:25 PM Revision 49decb66: Remove <br/> from schedule strong note.
- 10:23 PM Revision 72067762: Wrap text in <pre></pre>
- 10:23 PM Revision 0618f66b: Wrap text in <pre></pre>
- 10:08 PM Revision 7f7ad501: Add a note about firewall rule schedule logic that will pop up in a new window describing how pass rules work when they are outside of the schedule window, etc.
- 10:08 PM Revision 4cf2b7fd: Add a note about firewall rule schedule logic that will pop up in a new window describing how pass rules work when they are outside of the schedule window, etc.
04/13/2007
- 08:50 PM Revision 752d210b: Disable ATA write caching which should help with loosing configuration on invalid power off events.
- 08:50 PM Revision 92f86ca6: Disable ATA write caching which should help with loosing configuration on invalid power off events.
- 03:26 AM Revision fab7ff44: Backport usermanager code from HEAD so I can get it in the snaps and
- start testing it properly
There's still some CSS/HTML fixes needed but the code seems to work
04/11/2007
- 05:02 PM Revision 6d838c83: Hide "ipfw2 (+ipv6) initialized, divert loadable, rule-based forwarding enabled, default to accept, logging disabled" while enabling time based rules
- Noticed-by: Ryan Wagoner
- 05:02 PM Revision 5472fbdb: Hide "ipfw2 (+ipv6) initialized, divert loadable, rule-based forwarding enabled, default to accept, logging disabled" while enabling time based rules
- Noticed-by: Ryan Wagoner
- 04:59 PM Revision d85052a3: Check for array type before foreach()
- Reminded-by: Ryan Wagoner/Seth Mos
- 04:59 PM Revision 4df064d4: Check for array type before foreach()
- Reminded-by: Ryan Wagoner/Seth Mos
- 04:57 PM Revision 16696fbb: Remove time based rule debugging statements.
- Reminded-by: Ryan Wagoner
- 04:57 PM Revision 228ac087: Remove time based rule debugging statements.
- Reminded-by: Ryan Wagoner
- 04:54 PM Revision 06dae605: Do not sort dns server list.
- Reported-by: Goffredo Andreone
- 04:54 PM Revision 96a33933: Do not sort dns server list.
- Reported-by: Goffredo Andreone
04/10/2007
- 06:04 PM Revision 7dddd075: If we cannot deterimine interrupts a second for an interface, do not recycle last known values.
- 06:04 PM Revision aa8f9947: If we cannot deterimine interrupts a second for an interface, do not recycle last known values.
- 05:19 PM Revision 2fb4c391: Do not show blank openvpn configuration items.
- 05:19 PM Revision 5f7bb797: Do not show blank openvpn configuration items.
04/09/2007
- 05:03 PM Revision afd0cbb4: Set RELENG_1 version to 1.3. 1.2 will be released form RELENG_1_2.
- 12:48 AM Revision 84dd057a: Time for 1.2-BETA-1
- 12:01 AM Revision d254fe7b: If the interface is "lan" and bridging is enabled then skip creation of the DHCP Server subnet. Ticket #1281
04/08/2007
- 11:46 PM Revision 8f798977: Remove configuration lock that would be acquired when you login to ssh after a firmware update. Ticket #1258
- 11:22 PM Revision 89f4b6a3: Correct sysctl name.. it is movements not movement.
- 06:22 PM Revision 011bff69: startup routed on boot if it's enabled
- 11:50 AM Revision 530c0044: Correct rrd_gateway path
04/07/2007
- 08:58 PM Revision ecd43b7f: Skip rule creation when interface_ip or remote_gateway is unknown
- 07:52 PM Revision 6ec72f51: When a 0 byte configuration file is found, remove it (unlink) and continue processing.
- 07:24 PM Revision 33a0c37d: Remove IP Compression box. A lot of further refactoring is going to be required to make this work and we do not have enough time to do so before 1.2 beta.
- 05:00 AM Revision cd110adf: Ticket 1280: updated
- 02:10 AM Revision be58a5d1: Use -o when loading the pf ruleset. From the pfctl man page: -o Enable the ruleset optimizer. The ruleset optimizer attempts to improve rulesets by removing rule duplication and making better use of rule ordering. Specifically, it does four things: 1. remove duplicate rules 2. remove rules that are a subset of another rule 3. combine multiple rules into a table when advantageous 4. re-order the rules to improve evaluation performance A second -o may be specified to use the currently loaded ruleset as a feedback profile to tailor the optimization of the quick rules to the actual network behavior. It is important to note that the ruleset optimizer will modify the ruleset to improve performance. A side effect of the ruleset modification is that per-rule accounting statistics will have different meanings than before.
- Use -o when loading the pf ruleset. From the pfctl man page:
-o Enable the ruleset optimizer. The rulese...
04/06/2007
- 05:56 PM Revision 3d8e2f77: Cleanup IPSEC rules a bit. More work will be performed in this area over the weekend.
- 05:55 PM Revision 91f1378c: Both -HEAD and -RELENG_1 have had a hidden feature to allow IPSEC compression. Add a checkbox to the screen to allow this hidden value to be toggled.
04/05/2007
- 05:23 PM Revision e801f662: Add UDP bit torrent traffic rule to wizard
- 02:13 PM Revision 914b7021: Fix bad paths resulting from move of routed package
- Reported-by: Samer Chaer <samerchaer at gmail.com>
04/04/2007
- 09:17 PM Revision d49ef3af: Comment out what appears to be non-needed code.
- 08:17 PM Revision 1318f78b: Allow multiple stacked rules (allow) to work correctly in the time based new world order. How deep this rabbit hole is yet to be deterimined.
- 02:07 PM Revision 3595b631: highlight schedule column on single clicks
Also available in: Atom