Project

General

Profile

Activity

From 05/18/2009 to 06/16/2009

06/16/2009

11:27 PM Revision 48315e65: s/./_/ for vlans since netgraph does not like .(dots) in the path names.
Ermal Luçi
03:57 PM Revision a0368e6c: Add a few more *'s so that rebrands look OK
Scott Ullrich
03:57 PM Revision 73f0b9dd: Add a few more * so rebrands look OK
Scott Ullrich
03:33 PM Revision 55eb9c44: Remove ^M or \r from this file its impossible to read in vi.
--global

06/15/2009

11:06 PM Revision f0a3b883: Adding Scott Dale's rate package to system -> traffic graphs. Cool stuff!
Scott Ullrich
02:49 PM Revision 45e974c9: Fix ruleset for > 100 OpenVPN connections
clean up the old unused bridge code while here. Chris Buechler
06:30 AM Revision 2f3446db: More vlan interface name change fixes.
Ermal Luçi
06:22 AM Revision 7b5f455b: Now that vlans have different name correct regex.
Ermal Luçi

06/13/2009

05:24 PM Revision 336e3c1c: Port voucher login ability on CaptivePortal from M0n0Wall.
Various locking fixes are done with the import and this means that as of now pfSense has a better performin/behaving ... Charlie

06/12/2009

11:48 PM Revision 67115722: Clarify log error message for pf wedged situations
Scott Ullrich
03:28 AM Revision 1673d04c: Oops, use exec()
Scott Ullrich
03:21 AM Revision bd13f2b1: Reload rules after unwedging
Scott Ullrich
03:17 AM Revision 2c374c02: When PF is busy, do a pfctl -d and pfctl -e. I just ran into a situation where
PF was busy and would only respond to a pfctl -d pfctl -e to reload the rules. Scott Ullrich

06/11/2009

08:36 PM Revision 153958b9: Nuke snort2c
Requested-by: rob iscool Scott Ullrich
08:36 PM Revision 688d49ff: Nuke snort2c
Requested-by: rob iscool Scott Ullrich

06/10/2009

09:47 PM Bug #14 (Resolved): reply-to should not be added when bridging
When bridging to a WAN or OPT WAN with hosts that use a gateway other than the WAN/OPT WAN's gateway, reply-to will b... Chris Buechler
06:03 PM Revision a2286360: Give proper rights to file when creating since php is run as root and might change permissions in dirs while modifying/creating them. Reported-by: http://forum.pfsense.org/index.php/topic,16890.0.html
Ermal Luçi
05:59 PM Revision bb1546f6: Include notices.inc to get the file_notice function.
Ermal Luçi
11:18 AM Bug #3: VPN negation rules not added in 2.0
The idea is to check the phase2 networks and check them with every rule we add if route-to is defined and the src/dst... Ermal Luçi
11:14 AM Todo #5: Don't sync on every filter reload
This is already implemented. Ermal Luçi
11:12 AM Feature #8: Clear states after failover
I have done this for pppoe/pptp/l2tp interfaces through pfctl -b in 2.0.
For the other cases some more code analysis... Ermal Luçi
11:07 AM Bug #9: route-to forwards broadcast and multicast frames in some scenarios
Patch present for 8.0 FreeBSD more testing needed. Ermal Luçi
11:06 AM Bug #12: Editing DNS forwarder overrides does not trigger sync to secondary
This problem is fixed on 2.0 since we now do a sync when writing the config instead of filter reload. Ermal Luçi
06:27 AM Revision 32a22fbb: silence "No such file or directory" error on console upgrade
Chris Buechler
02:38 AM Revision 4ebd7177: Add L2 L3 Cache lookup by default.
- Import infrastructure for caching flows as a means of accelerating L3 and L2 lookups
as well as providing statef... Scott Ullrich
01:07 AM Revision e9bb7c19: use product_name
Chris Buechler

06/09/2009

09:24 AM Feature #13 (Resolved): wireless page to have option to select transmit and receive antennas
in the wireless section this has been talked about and was said it would be added in future releases but nothing so f... Bipin Chandra

06/08/2009

11:56 PM Revision 59c0a670: Add CARP hooks to devd.conf
Jim Pingle
10:35 PM Revision 76b37651: Change even the upgrade code to use new style vlan names.
Ermal Luçi
10:23 PM Revision 305c847d: Use $RealIf.vlan$tag interface names for vlans. This makes them more userfriendly.
Ermal Luçi
10:14 PM Revision e1c449c0: Revert "Do not use tags for vlan interface names since there might be same vlan tags on different parent interfaces and this will break configs and will hide the reason it does not work. Thanks-to: smos@"
This reverts commit 83bdca55920ca6ab3d848f0993d57a1f9b85098f. Ermal Luçi
05:57 PM Revision 83bdca55: Do not use tags for vlan interface names since there might be same vlan tags on different parent interfaces and this will break configs and will hide the reason it does not work. Thanks-to: smos@
Ermal Luçi
05:52 PM Revision ef026950: Remove code from Seth since one code already exists. And fix a bug on the previous upgrade code.
Ermal Luçi
01:20 PM Revision db7f618b: Yank bridge upgrade function as it appears to be a duplicate. I should have checked before making one. Oh well.
Seth Mos
01:18 PM Revision c11ba0d2: Fix bridge upgrade code.
Seth Mos
12:39 PM Revision dbaa0e34: Fix VLAN upgrade code properly. That's what I get for blind coding.
Testing bridging code now Seth Mos
10:49 AM Revision fcf5afa0: Fix butchered upgrade code in the end of the file
Seth Mos
10:49 AM Revision ab235895: Add missing quote
Seth Mos
10:49 AM Revision 21ee12a6: Add missing ; to prevent parse error
Seth Mos
01:43 AM Revision 80dbf623: Forgot to adjust a couple things to fit HEAD again.
Jim Pingle
01:38 AM Revision 43053856: Use saner control flow, and also make the charts each use their own data properly.
Jim Pingle

06/07/2009

10:31 PM Revision 983061e4: Try to fix "key element can not be a reference"
Seth Mos
04:29 PM Revision f421cbcc: Fix laggport configuration. Reported-by: http://forum.pfsense.org/index.php/topic,16734.0.html
Ermal Luçi
03:39 PM Revision 1ae87edd: This should be a relative link
Jim Pingle
05:07 AM Revision 1e9ed00c: fix link
Chris Buechler
12:59 AM Revision 656faad5: Fix some issues that didn't make it into the last commit for some reason.
Jim Pingle

06/06/2009

11:16 PM Revision 8c1b604d: Actually use the counter
Seth Mos
11:07 PM Revision 0105ae3d: Add bridge upgrade code for 1.2 -> 2.0
Like the vlan upgrade code this uses slot 38 to make sure it will not run on a 2.0 configuration.
This is blind coded... Seth Mos
10:45 PM Revision 2523c923: Since we still needed upgrade code for vlans from 1.2 to 2.0 I added the upgrade at spot number 39 which is just before the user manager upgrade code.
This should make sure that we won't accidentally try to convert a 2.0 install. Good thing we left some spots open!
Th... Seth Mos
10:23 PM Revision 2e87b9d9: Remove the duplicated page header.
Jim Pingle
10:02 PM Revision c0b6fdde: Sync my recent stuff to HEAD. Easy Rule, Log parsing tweaks, Firewall Log filter, Firewall Log Summary graphs. Also add ProtoChart.
Jim Pingle
09:01 PM Revision 0edee281: Exclude ppp from interface mismatch check
Scott Ullrich
01:36 AM Revision e1a65ede: it's IPsec
Chris Buechler
12:45 AM Revision a87afa7c: Revert mwexec back to exec. They are very different functions.
mwexec() has a mute flag which can be true or false, exec, returns a
array in the 2nd argument and the return code in... Seth Mos

06/05/2009

11:40 PM Revision 405f7cf5: Prevent javascript errors when possible
Submitted-by: Renato Scott Ullrich
11:40 PM Revision 341d0347: Prevent some javascript errors.
Submitted-by: Renato Scott Ullrich
09:35 PM Revision 347c58b3: Supress foreach warning on empty array()
Seth Mos
05:59 PM Revision 79d45708: Remove unused php file
Renato Botelho
12:28 PM Revision 50e1f1c6: Fix typo: s/tempalte/template/
Renato Botelho
07:04 AM Revision 03b0e855: clarify log message
Chris Buechler
06:32 AM Revision 3142c883: Remove RRD options from the apinger configuration.
They do not make any sense to generate since they are not used anywhere in 1.2 Seth Mos
05:39 AM Revision 250e8c39: correct spelling
Chris Buechler
05:27 AM Revision ca010769: Fix local/remote specification.
touch up text Chris Buechler

06/04/2009

11:42 AM Revision 39fbee97: Fix lagg interfaces creation. Reported-by: http://forum.pfsense.org/index.php/topic,16734.0.html
Ermal Luçi
01:38 AM Bug #12 (Resolved): Editing DNS forwarder overrides does not trigger sync to secondary
Editing any overrides (and possibly other settings) in the DNS forwarder should trigger a sync to the secondary if th... Chris Buechler

06/03/2009

05:58 AM Revision 372d28b0: Eventhough you can set the racoon admin socket to a different path in the configuration it will be ignored by ipsec-tools 0.8+
Align all the sockets into the new path /var/db/racoon so that we can find it.
Remove the old killall -HUP racoon as ... Seth Mos

06/02/2009

11:05 PM Feature #11 (Resolved): Allow multiple syslog servers
Currently only a single syslog server can be specified, it would be nice to allow multiple servers. Chris Buechler
10:37 PM Revision f0c3eea0: Use is_dir, not is_file for detecting directory existance.
Scott Ullrich
10:36 PM Revision 3283437d: Oops, make that /bin/mkdir
Scott Ullrich
06:21 PM Revision 0e0e232b: Avoid errors when a non-existent element is called by a function
Submitted-by: Manoel Carvalho Renato Botelho
06:41 AM Revision 1c163b91: Bump the version number to 1.2.3-RC2.
This to know when people complain about the load balancer we know if
it's the new or the old one. Seth Mos
01:17 AM Revision 2312b0eb: How about some handy links to external IP info sources, with a suitable warning.
Jim Pingle
12:54 AM Revision 737ed7d1: It might help if git was actually tracking the file for this...
Jim Pingle
12:10 AM Revision 145eba30: Add a handy DNS resolution page.
Jim Pingle

06/01/2009

09:57 PM Revision e1d23411: Oops, plip was already there, at the bottom.
Scott Ullrich
09:55 PM Revision adf44688: Exclude plip from get_interface_list
Scott Ullrich
09:54 PM Revision a42d1da2: Add plip exclusion
Scott Ullrich

05/31/2009

10:02 PM Revision 907d8503: it's IPsec, not IPSEC
Chris Buechler
09:23 PM Revision a164029f: Make sure that the apinger messages end up in the load balancer tab
Seth Mos
09:14 PM Revision cb45014a: Select lan interface correctly when editing
Scott Ullrich
08:36 PM Revision 24afa018: Merge branch 'RELENG_1_2' of http://gitweb.pfsense.org/pfsense/mainline into RELENG_1_2
Chris Buechler
08:36 PM Revision 47c13f03: fix static route deletion
Chris Buechler
08:31 PM Revision 52cca3a4: fix route deletion
Chris Buechler
07:55 PM Revision b04eb23b: clarify log message
Chris Buechler
06:51 PM Revision a0793ae4: Add NAT-T ports.
Submitted-by: JimP@ Scott Ullrich
01:44 PM Revision a6d821bc: Update functions to add other anchors for before {nat,rdr} rules and {nat,rdr}early rules. Further more no need to call filter_configure since the anchors can be loaded separately from the main ruleset.
Ermal Luçi
06:32 AM Revision 6bfccde7: Set hostname then call hostid onestart
Scott Ullrich
06:31 AM Revision 30934c59: Set hostname then call hostid
Scott Ullrich

05/30/2009

10:17 PM Revision 4aecfb7a: Set hostid earlier in boot
Scott Ullrich
10:09 PM Revision 76f59429: Setup the host GUID which is required for ZFS
Scott Ullrich
10:08 PM Revision 34bb5b72: Forgotten emergency shell commit.
Scott Ullrich
09:55 PM Revision a2d7d8d5: Run /etc/rc.d/hostid start on startup. This is required by ZFS.
Scott Ullrich
08:51 PM Revision 08d591b5: Ensure /var/db/racoon exists
Scott Ullrich
08:51 PM Revision 202e5379: Ensure /var/db/racoon exists
Scott Ullrich
06:23 PM Revision d02a500d: Fix captive portal multinterface rule gfeneration.
Ermal Luçi
06:27 AM Revision 0e11e138: Unbreak english
Scott Ullrich
04:40 AM Revision ea8a58ea: Unbreak pkg-utils.inc. Extra space made it rather unhappy. Reported on IRC and in the forums.
Jim Pingle
12:02 AM Revision d5b116bb: Add ! support when invoked from the CDROM boot prompt now for recovery console, installer.
Scott Ullrich

05/29/2009

10:41 PM Revision dc3dedbb: Correct swapped values
Seth Mos
10:36 PM Revision 20afbdfe: Oh dear, looks like I had the values for loss and latency reversed.
That is not very useful. Seth Mos
10:36 PM Revision 0f2bd8e7: Make the apinger rrd files end up in /tmp so they are not seen by the
web ui. Seth Mos
09:49 PM Revision a9b2e638: Present a new package option filter_rules_needed which has a function name to be called if the package needs to create firewall rules. The function should have a switch statement one with 'nat' option wich is called for nat/rdr and one with 'rule' option which is needed for rules. This will help on removing from filter.inc all the packages hardcoded includes and rules and give some more dynamicity. The rules by this function will be included on rules.nat.packages and rules.packages on /tmp partition and called by anchors include file when filter reloads(still this has to come).
Ermal Luçi
09:49 PM Revision 2dcf4150: Move all address handling of rules to the filter_generate_address. Remove checking for addresses on the beggining of generate_user_filter_rule since we have better way of checking this now.
Ermal Luçi
06:31 PM Revision f91bc86f: Fix still the address extraction.
Ermal Luçi
04:38 AM Revision c432da9c: Full path to chmod
Scott Ullrich

05/28/2009

11:04 PM Revision 991eb938: Adding --all-servers flag for DNSMasq which can help when a DNS server is unreachable and in some cases speedup queries since it will ask each known dns server all at once and use the first response that it finds.
Scott Ullrich
10:39 PM Revision 0cc5b3f4: Ooops, clear-on-reload is preenting dnsmasq from starting.
Scott Ullrich
10:34 PM Revision aa5d3ff6: Adding --clear-on-reload:
--clear-on-reload
Whenever /etc/resolv.conf is re-read, clear the DNS cache. This
is use... Scott Ullrich
10:27 PM Revision 739b97d9: Use --all-servers:
--all-servers
By default, when dnsmasq has more than one upstream server
available,... Scott Ullrich
01:01 PM Revision 33bf1874: Fix the issue reported on http://forum.pfsense.org/index.php/topic,16559.0.html. Basically a missing convertion from 'source'/'destination' to target.
Ermal Luçi
07:50 AM Revision 6f255c8b: Change the warning threshold for the apinger delay warning from 100 to 200 ms.
Seth Mos
07:45 AM Revision e1c6b3d6: Backport apinger from 2.0 to 1.2
This removes the gateway support from the slbd load balancer. It will now create a apinger configuration instead.
Cha... Seth Mos
07:22 AM Revision 1bc43e42: Hide errors.
Scott Ullrich
07:20 AM Revision 324d622f: Hide error.
Scott Ullrich
07:03 AM Revision 0aca91d0: Ensure 127.0.0.2 points out 127.0.0.1.
Scott Ullrich

05/27/2009

10:01 PM Revision 857ce5f3: Fix the function that checks if a link is to be included or excluded.
Multiple alarms can be returned which requires different parsing.
Scott will test this Seth Mos
05:13 PM Revision 5cd26039: Start sshd after the interfaces and routing have been configured.
Ermal Luçi

05/26/2009

11:33 PM Revision efea21c4: Description field is not required
Chris Buechler
06:14 AM Revision 29dc1e6e: Added a missing argument in the lighty configuration for captive portal.
Nigel Graham
04:45 AM Revision 023f4180: Found another bug in ca_chain_array.
Nigel Graham
04:23 AM Revision 801247db: Fixed a problem in ca_chain that caused a segmentation fault.
Nigel Graham
03:22 AM Revision faa7e333: Merge branch 'master' of http://gitweb.pfsense.org/pfsense/mainline
Nigel Graham

05/25/2009

11:47 AM Revision 93ed7659: Handle the case when no user has logged in. Reported by: http://forum.pfsense.org/index.php/topic,16382.0.html
Ermal Luçi

05/24/2009

06:36 AM Revision 2cf6ddcb: Added support for certificate chains to manager so that lighty can deliver them via SSL.
Nigel Graham
04:27 AM Revision c224dd9d: MFC Recovery console on CDROM platform
Scott Ullrich

05/23/2009

08:30 PM Revision 41f4fada: Hide errors on sem_get() too
Scott Ullrich
08:26 PM Revision c77050d5: Surpress semaphore errors
Scott Ullrich

05/22/2009

06:40 PM Revision 4b4271d3: Do not include shmop twice
Scott Ullrich
05:08 PM Revision 35e4f68e: Merge backup_vip_function to the synchronize code where its only used.
Ermal Luçi
05:07 PM Revision d3b6dd4c: Revert "Include pfsense-utils for backup vip function."
This reverts commit 2ff71279575e0afbac28b9a79a43e81721a4fced. Ermal Luçi
05:06 PM Revision 2ff71279: Include pfsense-utils for backup vip function.
Ermal Luçi
05:02 PM Revision 4fa2be6d: Check for blank lines and ignore them.
Ermal Luçi
05:01 PM Revision f3ebffee: Do not spam the logs. Reported by http://forum.pfsense.org/index.php/topic,16382.0.html.
Ermal Luçi
04:51 PM Revision 6e8f7b53: Move Sync of config from filter.inc filter_reload to write_config and all the code in a new file rc.filter_synchronize. The later is called by check_reload_status with the tmp/filter_sync action triggered with carp_sync_client() function. This solves the excessive syncing of configs on not needed cases and speedups the filter_configure_sync!
Ermal Luçi
04:29 PM Revision caec9484: A better fix to empty lines.
Ermal Luçi
03:49 PM Revision 32822c6e: Propperly check for empty slots. Fix by forum user: itsmorefun!
Ermal Luçi
03:31 PM Revision 3cfb799d: Fix ipfw rule syntax.
Ermal Luçi
03:26 PM Revision fca39472: Fix the rule to actually match on multiple interfaces.
Ermal Luçi
09:55 AM Revision 97edea16: Fix bridge checking missed in previous convert to multi interface capble CP. This is arguably needed since with new bridge the interface might be in full routing mode and be bridged just for SNAP port. Anyway people can run CP on top of the bridge interface itself anyway.
Ermal Luçi
05:33 AM Revision 655e9c79: Correct extension name
Scott Ullrich
05:32 AM Revision 85df6906: Adding sysvsem.so
Scott Ullrich
01:44 AM Revision 032d2dc1: use real if name for get MTU function
Chris Buechler

05/21/2009

11:02 PM Revision b27f1caf: Make the CP interface check code more buller proof.
Ermal Luçi
10:11 PM Revision 5d146d0b: We only need sysvsem for CP locking
Scott Ullrich
09:44 PM Revision f8b11310: Make CP multi-interface capable.
Ermal Luçi
08:41 PM Revision 868a5b99: Adding Ciphers Ciphers aes128-ctr,aes256-ctr,arcfour256,arcfour,aes128-cbc,aes256-cbc for the tin foil hat wearing folks.
Scott Ullrich
08:39 PM Revision 66378510: Adding Ciphers Ciphers aes128-ctr,aes256-ctr,arcfour256,arcfour,aes128-cbc,aes256-cbc for the
tin foil hat wearing folks. Scott Ullrich
04:22 PM Revision 5aa16772: Add needed modules for CP locking
Scott Ullrich
04:16 PM Revision 04442020: Adding php libraries for CP locking
Scott Ullrich

05/20/2009

12:24 AM Revision 8751763c: merge Ermal's CP locking changes
Chris Buechler

05/19/2009

01:39 AM Revision 1e4e8458: Increase timeout to 9. Add chr(8) backspace mojo
Scott Ullrich

05/18/2009

11:19 PM Revision 01cdef6c: Missing "
Scott Ullrich
11:19 PM Revision 49a0eba8: Doh, it's sh, not php
Scott Ullrich
11:18 PM Revision 2bc1456b: Do not keep respawning to shell on exit. Alert box is rebooting in 5, sleep for 5 to allow CTRL-C
Scott Ullrich
11:06 PM Revision 519d2f03: Mount RW for key generation
Scott Ullrich
11:06 PM Revision 03ef91ef: Mount RW for key generation
Scott Ullrich
10:58 PM Revision 3ec9c84a: Use custom prompt for Recovery Shell
Scott Ullrich
10:56 PM Revision b1d04497: Nuke \n's
Scott Ullrich
08:02 PM Bug #10 (Resolved): Enable SSH console menu doesn't work on embedded
Chris Buechler
06:55 PM Bug #10 (Resolved): Enable SSH console menu doesn't work on embedded
Needs to mount rw Chris Buechler
05:17 AM Revision 6785fbfe: Merge branch 'RELENG_1_2' of git@rcs.pfsense.org:pfsense/mainline into RELENG_1_2
Chris Buechler
05:16 AM Revision eccd3813: Kill rrdtool before killing updaterrd, possibly prevent multiple updaterrd from running.
Chris Buechler
01:39 AM Revision a9e92f60: Spawn tcsh instead of sending getty into a DOS loop
Scott Ullrich
 

Also available in: Atom