pfSense

Make gen_subnetv6 return a compressed form IPv6 address/net representation. This removes some issues reported during Ticket #2746 and solve the issue on some cases

Services: DNS Forwarder

Add DNS query forwarding section with options for sequential and require domain.

Silence error. Maybe the command should be removed completely!

Fixes #2674. Use the interface mtu rather than hardcoded 1280. Needs to be seen if issues with fragmentation can come from this on 6rd/6to4 tunnels

Remove missed line and also improve code for bridge cases

Correct real interface assignment

Correctly generate dhcpleases file to avoid issues with dhcpleases. Also while here correct code and make some optiomizations and corrections

Mostly for testing name relation in github. No functional change

Allow set DHCP options per reservation

Fix some DHCP per pool options that will never be considered because of a wrong check

Fix spelling

Add some backend support for writing out a config so that the dhcp6 server can listen on the required MPD pppoe server interfaces.
Also nuke the failover entries, these don't exist for IPv6, this is handled by 2 servers and differing priorities

Handle null parameter to services_dyndns_configure

When service_dyndns_configure is called with a null parameter, it should check/update the dyndns state of all interfaces configured for dyndns. But actually it is only updating gateway groups. e.g. the daily cron job /etc/rc.dyndns.update does not update an ordinary WAN interface....

Add a couple more (small, optional) snmp modules.

Fix typo

Unbreak install_cron_job function so it is actually usable when config['cron'] has no entry. This should remove all those package hand rolled copy/paste functions

Sprinkle some unsets and s/fopen,fwrite,fclose/file_put_contents/ where it makes sense

Fix reference to gateway in pool config

Add support for multiple DHCP pools within the interface's subnet, and allow most of the settings for the main range to be set specific inside the pool. (e.g. it allows setting different gateways and DNS for different pools). Still needs improved input validation to prevent overlapping ranges/pools.

Add note about mac matching and media type.

Add some safety checks against empty entries

Allow/deny access to DHCP by partial MAC matching.

Make the gateway group member check a boolean, might convert to something else at a later time so we could check group memberships.
Also launch the dyndns configure if the dyndns interface is a gateway group name, could check membership later if we wanted.

Make sure we process dyndns interfaces that use a failover group when processed from rc.newwanip, which just passes a interface.

Construct the arguments to dhcrelay -6 correctly

Implements ticket #1663

Do not try to start igmpproxy when there's no igmpentries configured.

Make sure this check is reversed, that way we only pick up the legacy field if the new one isn't set.

Shorter version of the fix to always set the radvd interface.
Redmine ticket #2477

Make sure to fall through if this tag is not set.
Should fix redmine ticket #2477

If radvd is already running, reload, otherwise start one.
Shut down when there are no prefixes to announce

Add better protection for unknown rapriority

Make sure we still start on older configs where the setting is still called mode, and not ramode.
Add a failsafe for the rapriority

We need to define the default route here, not the advertised prefix.

Correct the syntax, the RemoveRoute needs to end up in route statement

Remove duplicate prefix line

Prevent radvd from telling the clients to remove the route to itself.

Do not send DeprecatePrefix messages for CARP announcements, it causes clients to purge the CARP default route.

Bye, bye olsrd back to packages.

When advertising on a CARP vip, pick the CARP ipv6 address as the RDNSS address
Redmine ticket #1829

Make sure that both the Carp vip interface and the parent interface are in the list.
Redmine ticket #1829

Extra safetynet to prevent duplicate static entries with broken config.xml
Make sure to fil the array that we fill for configured interfaces with the real interface, not just the carp if.
Redmine ticket #1829

Change the DHCPv6 services page into a RA and DHCPv6 section, move some of the variables.
Add drop down to select carp vip for that interface for CARP advertisements
Allow setting the RA priority.
Redmine ticket #1829

Add the option to use a custom Dynamic DNS Provider via an Update URL and Result Match.

Back out duplicated fix from 107e8acc - Ticket #1917 was already fixed before this was added.

fix text. ticket #2399

Make sure to stop the dhcpleases6 process

Add support for SLAAC on the WAN interface, this is required for Stateless autoconf addressing.
Normally this should only apply to Appliances that do not need to route. We automatically hook in the dhcp6 client to request name servers from DHCP6 in a information only mode. It will not attempt to request a address. For that you should use the plain DHCP6 option with a prefix size of none....

Handle multiple IPv6 DNS servers in rc.newwanipv6, remove chunk of broken code in the DHCPv6 server that added duplicate lines. Redmine ticket #2380

Only add the IPv4 gateway in the DHCPv4 config if we have a IPv4 gateway defined on the system at all.
This makes clients trying the IPv4 transport fail a lot faster, and thus more graceful.

Add alias support to static routes (needs some testing) Ticket #2239

Conflicts:

etc/inc/filter.inc
        etc/inc/util.inc
        usr/local/www/system_routes_edit.php

Also use the prefix calculation function here.

Change the command to reflect the new, just added dhcpleases6 binary for triggering route injection.

it needs to point to a existing file otherwise it will not launch.

Add the -h parameter which is required for dhcpleases, might need to be removed later.

fix a syntax error

Add a dhcpleases monitor to the DHCPv6 server which will trigger automatic creation of routes into the routing table so that prefix delegation will just work.
Redmine ticket #2347

Setup chroot environment for unbound

Remove Extra brace

Use global variable

Specify path to unbound config file

Bail out without a valid IPv6 address so we don't generate a invalid dhcpv6 server config

Merge pull request #71 from ebrandi/r53dyndns

Patch to add Route 53 as new Dynamic DNS provider into dyndns infrastructure

If the end of the prefix6 range does not align with a multiple of the delegation size then dhcpd will not start.
The dhcp6 server page will need input validation for this.

Adjust the delegated prefix length for 6to4 to 16 bits

Remove debugging print_r();

Make sure that we can create a /64 delegation for very short prefixes.

Improve the prefix delegation math somewhat.

Automatically configure DHCPv6 servers for interfaces set to track6 another WAN.
If the prefix length permits it we setup DHPP-PD for the LAN clients so it can be daisy chained.

This patch add Route 53 as new Dynamic DNS provider into dyndns infrastructure.
Due requeriments to handle requests to Amazon AWS API, it need root certificates package (ca_root_nss-3.12.4.tbz) and support to hash_hmac() in PHP (package php52-hash-5.2.13_3.tbz).

Add interface tracking support. With this it is now possible for dynamic IPv6 interfaces to setup the corresponding lan interface for RA.
DHCP6 with prefix delegation to follow later for automatic daisychaining.

Do not process for disabled interfaces

Make sure we only generate entries for radvd when we actually have a IPv6 prefix

Make sure to add a semicolon to indicate end of line syntax

Correct the field name, otherwise we have invalid syntax

Commit the config backend code for the switch to radvd

Make domain search list work for MacOS X clients, by adding

option domain-search "domain1", "domain2", "domain3";

to /var/dhcpd/etc/dhcpd.conf

I reported this as a bug on the pfSense forums here:

http://forum.pfsense.org/index.php/topic,47579.0.html

Enable the NTP server fields for our DHCP6 server.

Remove the DHCP6 service enable check, it's not valid for configuring router advertisements.

Ticket #1917: fix typos, fix domain-search for dhcpv6

Ticket #1917 - DHCP server support for multiple domains in search list

Fixing existing DynDNS force-update feature. Redmine bug #2228

Add builder binary

Support for configuring the configuring Unbound service

If the old bindlan option is there, assume the lan interface for binding.

Change SNMP binding option to work on any eligible interface/VIP. Fixes #2158

Add backend 6RD support. We don't have the required patch yet for our stf driver.
Needs hooks into our gateway code to handle the default gateway since the stf interface does use router solicitations
Adds to ticket #2117

Check to see if the pid file exists before trying to kill anyprocess

Fix multiple keys in a file for RFC2136 dyndns updates. Fixes #2068

Updated DHCP IPv4 and IPv6 to allow global and host based filename and root-path.

Unbreak the tree, pointy hat to me.
Fix for ticket #2022

Enclose the hostname in quotes so that numerical values work too.
Fixes Ticket #2020

Correct logic mismatch, skip on RA mode disabled and dhcp is not enabled.
Fix ticket #2022

Comment out TFTP and NTP UI fields and block the code in services.inc.
ISC dhcpd does not support these yet. See redmine ticket #2016

Declare rtadvdifs as an array before it is used. This prevents an error on dhcpd for ipv6 start.

Update etc/inc/services.inc

Add a comment in the code and a log message to notify the shutdown of rtadvd

Remove the double colon, typo.

Use low router lifetimes of 60, 120 and 180 seconds, make sure that rtadvd stops gracefully as it then will send a RA with a lifetime of 0 so that host pick up network renumbering.

Only create config for enabled DHCPv6 server entries, prevent duplicate network configuration.

Add proper validation to the services_rtadvd_configure() to only pick up the IPv6 nameservers if any
Ticket #1836