Fix system_routing_configure() so that that it also passes the interface scope with the IPv6 address on route changes. This is required for link local gateways to work.
Update the system.inc code that sets up the static routes for DNS servers to reflect the interface to gateway name conversion
Make initial changes to allow pfSense to work in a jail.
This mostly avoids starting things that will not work and gets theinitial config. Most of the pfSense functionality will not work(pf rules, routing, etc) but it can be used for testing.
Also only add 127.0.0.1 as a DNS server if dnsmasq (DNS Forwarder) is enabled.
Allow disabling having localhost in resolv.conf. There are some special setups that might need this.
When clicked allow overriding of dns servers by dynamic WANs still configure the other dns servers so in multi-WAN environments dns has a chance to work still.
Tell the local system to use the locally running dns forwarder as a primary source. This should help ticket #1407
Start hostid
Max procs should be 1 when using an op code cacher
Use route change here as well to avoid leaving the routing table without a destination for a short period.
Rework rc.stop_packages a little. Fixes #1564
Correct check as per http://forum.pfsense.org/index.php/topic,39155.0.html
Correct issue with adding IPv6 default gateway reported http://forum.pfsense.org/index.php/topic,39344.0/topicseen.html
Resolve issues that made php core dump or eat a lot of memory when big routing tables are present.
Merge pull request #5 from smos/master
Welcome IPv6!
Allow a ZMQ syslog address
Merge remote-tracking branch 'upstream/master'
Conflicts: etc/inc/easyrule.inc etc/inc/filter.inc etc/inc/interfaces.inc etc/inc/services.inc etc/inc/xmlrpc_client.inc usr/local/www/fbegin.inc usr/local/www/services_dhcp.php
Allow DHCP mappings to be resolved first for reverse lookups.
This was affecting a kerberos installation where the first DNS alias wasgiven for the PTR instead of the static DHCP mapping name, breaking thekerberos tokens.
Merge remote branch 'upstream/master'
Conflicts: etc/version
Merge remote-tracking branch 'mainline/master' into inc
Do not create blank domain lines if domain is gone from config.xml. It breaks tools such as dig when troubleshooting, etc.
Fix formatting of fastcgi params in lighty config.
Add a GUI field to adjust the max number of processes for lighttpd.
Allow OpenNTPD to listen on Virtual IPs, not just interfaces. Fixes #342
Conflicts: etc/inc/voucher.inc usr/local/www/fbegin.inc
Conflicts: etc/inc/openvpn.inc
Disable this until it can be properly fixed.
Conflicts: conf.default/config.xml etc/inc/filter.inc etc/inc/globals.inc etc/inc/pfsense-utils.inc etc/inc/upgrade_config.inc usr/local/www/interfaces.php
Prevent races on resovlconf generation as well by adding a lock.
Ticket #1534. Try to stop packages during reboot of system.
Conflicts: etc/inc/interfaces.inc etc/inc/upgrade_config.inc etc/inc/vpn.inc
Comment out the interface_gif_configure(). It is causing more issues then it is solving.
Conflicts: etc/inc/pfsense-utils.inc
Don't just blindly echo to the ntpd.log, it's a clog file and that will break it.
Harden SSL settings a bit. Verified OK with Chris Buechler and Bill Marquette
Conflicts: etc/inc/gwlb.inc
Drop the ntpdate sync in favor of using ntpd -s, which should have the same net effect without needing the shell script that has been prone to hanging.
Fix variable name
Conflicts: etc/inc/interfaces.inc etc/inc/priv.defs.inc etc/inc/shaper.inc etc/inc/system.inc
Conflicts: etc/inc/rrd.inc usr/local/www/interfaces.php
Generate the config file in a variable then write it as a whole to a file.
Properly configure lighty with the configured port when attached to the v6 socket. It was previously hardcoded to https
Correct one more variable in the process
Fix broken gateway logic that mixed up v4 and v6
Merge branch 'master' into inc
Conflicts: etc/inc/captiveportal.inc etc/inc/config.console.inc etc/inc/config.lib.inc etc/inc/easyrule.inc etc/inc/filter.inc etc/inc/ipsec.inc etc/inc/pkg-utils.inc etc/inc/shaper.inc...
Conflicts: etc/inc/system.inc
Fix url. Do not include mod_accesslog twice
Unbreak static routesAdd initial NPt Network Prefix Translation pages
Add the empty check otherwise all static routes are skipped. Reported-by: Seth
This logic was reversed fix it. Reported-by: Seth
Prevent a IPv6 address from breaking system routing. This is a hack because we don't have the proper ip validation in 2.0 mainline
Fix broken merge, change variable name to define inet family
Conflicts: etc/inc/interfaces.inc etc/inc/system.inc
Specify the -inet family so that accidental IPv6 addresses here don't break the system routing.
Remove extra brace
Better test for an empty CA to avoid writing out an empty CA file (some on the forum are seeing this.)
Unbreak dns server colletion. Pointyhat: myself
Oops remove forgotten line and correct variable name error that seems to have existed from long time. Even though the file read is not used in pfSense this days!
Use glob instead of forking cat with glob patterns. Also use file() instead of forking cat just for reading a file. This might help with the issue reported on Ticket #943 which seems like a timing issue even though the dns events happen before newip events.
call interfaces_gif_configure() before proceeding with system routing configure so that the tunnel is up when adding routes.
nuke trailing carriage returns
Make the CP locking more granular and make use correctly of exclusive/shared locks where appripriate. This speeds up CP login process.
Conflicts: etc/inc/interfaces.inc etc/inc/vslb.inc usr/local/www/interfaces.php
Do not spam console, spam log
use is_dir(). Sometimes php lack of uniform function names can be annoying.
Ensure log directory exists before invoking syslogd
Add missing - in syslogd command line parameters, fixes #1111
Merge remote branch 'mainline/master' into inc
Conflicts: etc/inc/auth.inc etc/inc/config.lib.inc etc/inc/filter.inc etc/inc/gwlb.inc etc/inc/interfaces.inc etc/inc/pfsense-utils.inc etc/inc/pkg-utils.inc...
Hard code maxlockouts to 15 until GUI portion is ready
Correct webConfgurator auth/error messages
Get rid of fastforwarding since it is not maintained from long time. Courtesy-of: battlez_ IRC
If a pkg has logging enabled in syslog, then correctly ensure that it does not get logged to one of the other logs but only to its specified log file.
Syslog.conf would end up with multiple pkg facility names on the same line. So multiple pkgs with logging enabled would end up with the previous pkg prepended to its syslog entry.
Revert "Use -ss for syslogd. Suggested-by: Ermal"
This reverts commit c57e0d704ac08afee31e1e79f0b8228f5eb66cb1.
Use -ss for syslogd. Suggested-by: Ermal
Use -l
Unbreak Status -> System Logs -> DHCP due to chroot and new version of DHCPD.
Use pfSense_sync()
Reintroduce this optimization, but use the correct return value this time.
Unbreak sysctl handling.
No need to go through the array when the key can be tested directly.
Nuke trailing c/r
Conflicts: etc/inc/PEAR.inc etc/inc/filter.inc
Conflicts: etc/inc/filter.inc etc/inc/system.inc usr/local/www/interfaces.php usr/local/www/interfaces_gif_edit.php
Make sure that we enable SSL properly for the ipv6 vhost as well
Fix more typos, I can't code for toffees
Fix the syntax error
Use the information from the wiki about letting lighty listen on v4 and v6 together.http://redmine.lighttpd.net/projects/lighttpd/wiki/IPv6-Config
Enable IPv6 binding for Lighttpd
Not sure why sometimes works sometimes does not work when bound to localhost the lighttpd instance of CP. Back to previous setup! Though security of it is debatble.
Remove trailing carriage return
check the correct routing table array otherwise we can never change the default route
Conflicts: etc/inc/pkg-utils.inc etc/inc/system.inc
Kill dhcplease before writing the hosts file so that it does not scramble the content from kqueue events.
Conflicts: etc/inc/services.inc