pfSense

11/30/2022

08:37 PM Revision 04d726ac: Disable MTU input for a bridged interface

Bridge member interfaces cannot have their MTU configured independently from a
bridge, this change disables the MTU i... Reid Linnemann

08:37 PM Revision 51b682d9: Add ovpn qinqs to bridges instead of rebuilding them. Fixes #13666

qinq interfaces defined with parent openvpn interfaces are configured late in
rc.bootup, after qinqs for other physic... Reid Linnemann

11/29/2022

05:54 PM Revision f67c3ec2: rc.ipsec: Strip bonus quotes. Fixes #13076

The string was coming from check_reload_status wrapped in quotes that
were not necessary, and were causing the string... Jim Pingle

04:55 PM Revision 8de9ebba: $usedmacs should never be a string, default should be an array. For #13705

Christian McDonald

03:51 PM Revision 829322b3: Rector some direct config gets with complex paths.

Christian McDonald

11/28/2022

09:04 PM Revision 8e88bd48: Pass reloadall flag to dhcp6c config. Fixes #13253

This ensures that if the interface is being configured in a way that requires a reload, that the DHCP6 client is also... Jim Pingle

08:09 PM Revision 7e3ea4a8: Rector some config unsets with complex paths.

Christian McDonald

05:29 PM Revision 02d6ca03: DDNS Save+Force timeout improvements. Fixes #12870

* In PHP8, curl_close is a no-op, so remove it.
* Now that curl_close does nothing, we have to set CURLOPT_FORBID_REU... Jim Pingle

05:21 PM Revision f4970dcd: Update Rector config with pfSense-specific tweaks and notes

Christian McDonald

05:03 PM Revision 75c2fbf0: Update namespace for custom Rectors to better align with on-disk hierarchy.

Christian McDonald

03:04 PM Revision 721fafba: Rector some direct config sets with pure scalar paths.

Christian McDonald

11/23/2022

04:34 PM Revision 522e3f91: DHCP6 Adv field validation errors. Fixes #13493

A few fields were being validated but not informing the user when the
values were bad. This commit lets the user know... Jim Pingle

02:06 PM Revision 1e45d13f: Rector some direct config gets with pure scalar paths.

Christian McDonald

11/22/2022

08:38 PM Revision 88774881: Rector some more direct config unsets with pure scalar paths

Christian McDonald

06:45 PM Revision 6e081414: Rector some direct config unsets with pure scalar string paths.

Christian McDonald

05:04 PM Revision fa323663: IPsec cert SAN improvements. Fixes #13373

* Improve descriptions of IPsec P1 cert fields.
* Allow using a cert with a wildcard SAN so long as there is at least... Jim Pingle

03:43 PM Revision f16d3f4d: Add CA/Cert invalid descr char list to help. Fixes #13387

Jim Pingle

03:10 PM Revision af613468: Fix regression in URL alias parsing. Fixes #13685

Jim Pingle

11/21/2022

09:29 PM Revision 824ab9c4: Correct special net NPt dst prefix handling. Fixes #13240

Disables prefix length drop-down when using a special net (e.g. track6
delegated prefix) because that already has its... Jim Pingle

08:06 PM Revision 749af017: Use 'ip' when copying+converting addr rules. Fixes #13364

Jim Pingle

07:59 PM Revision 2e534ffe: Ensure copied rules get unique IDs. Fixes #13507

Jim Pingle

07:15 PM Revision ad040b70: Omit RAM disk size check when disabled. Fixes #13479

Jim Pingle

07:03 PM Revision 7d087f60: Remove unused deprecated code from dhclient script. Fixes #13501

Jim Pingle

07:01 PM Revision 54115a67: Add CDATA protection to "hint". Fixes #13388

Jim Pingle

06:43 PM Revision 31c37082: rc.linkup code refresh and fixes. Fixes #13254

* Update code to be more compatible with PHP 8.1
* Consistency changes to code and logging so every path has similar
... Jim Pingle

03:28 PM Revision 877cff6f: Fix more Rector foreach fallout

Jim Pingle

02:48 PM Revision 7a3637b1: Restore unintentionally removed line. Issue NG 9247

Jim Pingle

11/19/2022

09:43 AM Revision c0f216b9: captiveportal: actually allocate a pipe number for new clients

When a client authenticates to the captive portal we generate a pipe
number (actually two) for it. However, we did th... Kristof Provost

11/18/2022

09:46 PM Revision 2b66dafa: Fix gif interface _routerv6 files not being created. Fixes #11545

interface_gif_configure() uses the global variable $g to look up the temp
directory in which to write the router/gate... Reid Linnemann

08:49 PM Revision 1688a960: Add iface to some resolver restarts. Fixes #12612

A few interface-specific calls to restart the resolver were not passing
the interface name to ensure it was only rest... Jim Pingle

06:23 PM Revision b381fa76: Fix PPP reset hr/min blank vs 0. Fixes #13307

Jim Pingle

06:08 PM Revision bef138fa: Replace direct config accesses in services_dhcpv6_relay.php. Fixes #13676

Reid Linnemann

06:06 PM Revision efe80217: Fix PPP interface regression

Jim Pingle

04:58 PM Revision 13ae614b: Correct console set IP addr script. Fixes #12632

* Prompt to replace default gateway instead of only setting if it was
empty before.
* Correct faulty assumptions ab... Jim Pingle

04:03 PM Revision b03e0c60: Fix descr for unbound network ifs. Fixes #13453

Jim Pingle

03:58 PM Revision 29f367a0: Fix Adv DHCP6 f/multiple interfaces. Fixes #13462

Jim Pingle

03:54 PM Revision 9b391783: Improve set_ipv6routes_mtu checks. Fixes #13675

Christopher Cope

02:35 PM Revision 8b4e0838: Define curl CAPath for trusted CAs. Fixes 12737

Jim Pingle

02:17 PM Revision 410e9b52: Detect/set default primary console. Fixes #12960

If the user has not chosen a primary console, use the current active
console type as the default.
This prevents a us... Jim Pingle

11/17/2022

04:19 PM Revision 5ee97acf: Disabled service status correction. Fixes #13604

Jim Pingle

03:58 PM Revision 12689bb0: Correct QAT active reporting. Fixes #13674

Account for cases where the module(s) are loaded but the driver failed
to attach. Jim Pingle

10:57 AM Revision 1be126b7: fix pciconf output parsing

In FreeBSD 14 the output format of pciconf changed. It now splits up the
device and vendor fields.
Simplify this cod... Kristof Provost

11/16/2022

05:32 PM Revision 9c2b9b78: Replace direct config accesses to system/webgui paths in system_advanced_admin.inc. Fixes #13659

Also move default assignment of $pconfig['webguiproto'] to 'http' from
system_advanced_admin.php to system_advanced_a... Reid Linnemann

11/15/2022

08:36 PM Revision 9d6fc9e4: Merge pull request #4604 from luckman212/fix-func-args-in-gwlb.inc

Jim Pingle

08:30 PM Revision 3ae365f4: Removed unused filter_flush_nat_table, fix typo. Fixes #12757

Jim Pingle

07:50 PM Revision 6628b730: More Rector integration

Christian McDonald

07:46 PM Revision 0a960600: Add support for custom Rectors.

Christian McDonald

07:21 PM Revision d35a18fc: RemoveUnusedForeachKeyRector runresults

Christian McDonald

07:14 PM Revision 1eba2bc4: Remove dead statement as per rector

Christian McDonald

06:49 PM Revision bd9c894d: Update `Submitting a Pull Request via GitHub` link

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> Josh Soref

06:49 PM Revision 4864d7f6: Spelling fixes. Fix #13357

Bugs:
* Incorrect input validation for `dhcp6c` `keyinfo expire` `forever` keyword in `interfaces.inc`.
* Incorrect i... Josh Soref

06:46 PM Revision 6eaada18: Cleanup some unreachable statements as per Rector.

Christian McDonald

06:45 PM Revision 585d63b4: Merge pull request #4596 from luckman212/update-rc.initial-202206

Jim Pingle

06:41 PM Revision 9e3798fb: Merge pull request #4606 from KoenZomers/DNSExitFix

Jim Pingle

06:39 PM Revision 4a1354d1: Merge pull request #4605 from kaedros/master

Jim Pingle

06:03 PM Revision a637e8ec: Remove duplicate reserved alias names. Fix #13524

Marcos M

06:03 PM Revision c77e381e: Respect bind interfaces in unbound. Fix #13393

Marcos M

05:59 PM Revision e289a583: Also create DHCPv6 rules for interfaces with static IPv6. Fix #13633

Marcos M

05:23 PM Revision bfa54b82: Add initial support for Rector dev tooling.

Christian McDonald

04:41 PM Revision e8c09d18: Update/cleanup DHCP 4/6 server text. Fixes #13250

Jim Pingle

03:00 PM Revision 26da7653: Correct typo. Fixes #13663

Jim Pingle

01:03 PM Revision 231fc598: While here, reduce a few differences with Plus.

Luiz Souza

12:58 PM Revision 2984a4b1: Update the loader.conf filter list.

This remove the duplicate entries for the settings added by pfSense.
Sync with the current Plus defaults. Luiz Souza

12:51 PM Revision ce1cf189: Update the EFI loader from the package installation script.

The simply action of installation the script will perform the loader update. Luiz Souza

11/14/2022

11:44 PM Revision b1972170: Correct codelq shaper input validation for firewall_shaper.php. Fixes #13661

Ensure all bandwidth values are cast to int before applying arithmetic to the
return value of get_bandwidth_typescale... Reid Linnemann

09:02 PM Revision d55227f4: Misc EasyRule updates/fixes.

* Addresses several known issues in EasyRule. Fixes #13445
* Updates syntax to new style for PHP 8.1. Fixes #13627 Jim Pingle

08:52 PM Revision 834732a5: Add devel/pecl-xdebug to poudriere_bulk

Christian McDonald

08:27 PM Revision 9a9a6b3e: Fix config_del_path() if the node doesn't exist

If the node we're trying to delete with config_del_path() doesn't exist
array_del_path() will fail as follows:
Fatal... Kristof Provost

08:27 PM Revision 3f5702a9: Add bxe to the ALTQ capable interfaces list

Redmine: #13304 Kristof Provost

03:58 PM Revision 6600b09f: Backup/Restore fixes for dup SSH/RRD. Issue #13132

Fixes for multiple SSHDATA or RRDDATA sections in config.xml
* On backup, strip out any existing SSH and RRD data se... Jim Pingle

11/11/2022

09:14 PM Revision 0e6c4d62: Rewrite functions for toggle & delete NAT. Fixes #13545

Christopher Cope

07:25 PM Revision 599742b0: Refine IPsec deprecation behavior. Issue #13648

P1 and P2 entries are only disabled if they have no remaining valid combinations of options. This way tunnels that ju... Jim Pingle

11/10/2022

06:28 PM Revision 624aa476: Replace direct config accesses regarding ssh configuration. Fixes #13645

In system_advanced_admin.inc, use config interface funcs instead of direct
$config access regarding ssh configuration... Reid Linnemann

05:24 PM Revision b30acd45: Replace some direct config accesses in util.inc. Fixes #13640

Reid Linnemann

03:51 PM Revision ba97e19f: Remove cxgbe (cc) from the ALTQ capable list

Despite what the relevant man page claimed (now fixed) the cxgbe driver
has not supported ALTQ since 2012. Do not all... Kristof Provost

11/09/2022

11:06 PM Revision 27a52d08: Remove invalid quotes from charon attr plugin attributes. Fixes #13579

Reid Linnemann

05:00 PM Revision b51ea481: Fix setting EFI boot console type. Issue #13080

For some reason the EFI loader is forcing boot_serial=YES when it is not
set in the loader configuration. To work aro... Jim Pingle

02:56 PM Revision 81c792f0: make.conf: enable GCM for strongswan

This will also cause a rebuild, which we need to get chacha20 support
now that the kernel supports it. Kristof Provost

11/08/2022

10:39 AM Revision 807e9117: ipsec: remove warnings about now removed algorithms

Redmine: #9247 Kristof Provost

10:39 AM Revision ee9bbad1: ipsec: disable any tunnels using 3des, blowfish, cast128 or md5 during upgrades

Redmine: #9247 Kristof Provost

09:09 AM Revision f9cfd6bc: ipsec: remove obsolete algorithms

These are no longer supported in FreeBSD main. Ensure they can no longer be configured.
Redmine: #9247 Kristof Provost

09:09 AM Revision 2a8d2eba: ipsec: allow CHACHA20-POLY1305 to be configured

Redmine: #9246 Kristof Provost

11/04/2022

09:10 PM Revision 6115e76b: Replace direct config accesses in firewall_rules_edit.php. Fixes #13614

Reid Linnemann

05:01 PM Revision 758ee42a: Revert "Change OpenVPN auth to php-cgi for the time being. Fixes #4521"

This reverts commit 1bfdb794cb2a06932da0029ca37f9727c3f74274. Reid Linnemann