Correct mod_evasive setting per CP to confirm to what the CP page description says. Resolves #2270
Refine test
Correct generation of lighty config for CP now that zone is passed as parameter
Expand cipher list and remove a cipher that Safari on iOS does not like after recent lighttpd changes. Fixes #2553
Fix for this crash report, received after resetting a test system to factory defaults and setting up initila stuff:i3868.3-RELEASE-p3FreeBSD 8.3-RELEASE-p3 #0: Sat Jul 7 21:34:19 EDT 2012 root@FreeBSD_8.3_pfSense_2.1.snaps.pfsense.org:/usr/obj./usr/pfSensesrc/src/sys/pfSense_wrap.8.i386...
Fix system_routing_configure() function so it does not try to add static routes ipv6 subnets to ipv4 gateways or ipv4 subnets to ipv6 gateways while using aliases that includes both ipv4 and ipv6 subnets.
maxprocperip is defined per zone
Add blackhole to Null routesRedmine ticket #2471
Allow for Null routes
Fix input validation and import test.
Switch to ntpd from ports, add Services > NTP to select interfaces for binding. Respect old ntp settings in the process.
On its own, ntpd does not sync fast enough at bootup, so bring back the ntpdate sync but improve it so it can't get stuck forever.
Clear process signals before exec() or ntpd misbehaves if called from PHP on i386.
Use FreeBSD's ntpd instead in the backend
max_procs adjustments for small memory systems, attempt 2
Per Jim P's feedback, move max_procs completely out ofsystem_webgui_start() and move all of the memory/procs decision logicto system_generate_lighty_config().
Adjust the captive portal max_procs to reflect the low memory...
Test if this is an array before using it as an array.
Add support for aliases in DNS Forwarder, fixes #2410
Move routing (radvd, routed, ospf, bgp) to its own log since these daemons can be really spammy at times.
Move the stop_packages code to a function, and call the function from the shell script, and call the function directly for a reboot. Fixes #2402 and ticket #1564
Include the ntp facility also, should fix ntp logging
Prevent a invalid argument on a empty array
Fix missing - on route parameter
Merge pull request #90 from vizvayu/master
Mode selection options for PowerD
Enable verbosity to actually put something in the logs
Add brackets to a syslog server if it's an IPv6 IP. (Though FreeBSD's syslogd still won't send to it ... http://www.freebsd.org/cgi/query-pr.cgi?pr=150530&cat=misc )
Add alias support to static routes (needs some testing) Ticket #2239
Conflicts:
etc/inc/filter.inc etc/inc/util.inc usr/local/www/system_routes_edit.php
Added mode selection options for PowerD.
Expand these checks to include 'dynamic' or they'll never match dynamic gateways, leading to issues with routing.
Move some of the log file tabs around.Add seperate tabs for dnsmasq,unbound as well as gateways.
fix for: Captive Portal cannot work on master branch
reverting to listening on 0.0.0.0 seems to work just fine
mostly fixes #1700 .
http://redmine.pfsense.org/issues/1700
Set FCGI_CHILDREN to 0 since it does not make sense php to manage itself when lighttpd is doing so. This makes it possible to recover from 550-Internal... error.
Ermal says the new openntpd binary fixes this instead -- Revert "Start ntpd in the background since we don't need to care about its return data. Speeds up GUI with broken DNS."
This reverts commit 89d291ec25c12ed5744c63679270d1a13b5c6b3a.
Start ntpd in the background since we don't need to care about its return data. Speeds up GUI with broken DNS.
Add the ability to disable static routes without deleting them
Correctly match ntpd syslog messages
only skip adding default gateway if OLSR is actually enabled, and log why you're skipping it, otherwise it's tons of "fun" to dig in and figure out what's going on.
Change SNMP binding option to work on any eligible interface/VIP. Fixes #2158
Ensure timezone is set
Include DHCPDv6 static maps when generating hosts file. Fixes #2017
Fix up syslog settings a bit, add some missing options, fix formatting of syslog.conf, correct behavior of 'everything', code cleanup.
Change the way syslogd is killed/restarted a bit. Fixes log related pages hanging when logs are reset (or saving syslog settings)
Move hostapd to its own log and tab, so it stops spamming the system log.
Exclude relayd from main system log, it's really spammy, and is already in relayd.log
Add the multi instance CP to master branch. This allows to define CP with different properties on different interfaces.
Encapsulate in curlies for safety
Unbreak system_routing_configure();
Only add the Interface scope on link local addresses
Fix system_routing_configure() so that that it also passes the interface scope with the IPv6 address on route changes. This is required for link local gateways to work.
Update the system.inc code that sets up the static routes for DNS servers to reflect the interface to gateway name conversion
Make initial changes to allow pfSense to work in a jail.
This mostly avoids starting things that will not work and gets theinitial config. Most of the pfSense functionality will not work(pf rules, routing, etc) but it can be used for testing.
Also only add 127.0.0.1 as a DNS server if dnsmasq (DNS Forwarder) is enabled.
Allow disabling having localhost in resolv.conf. There are some special setups that might need this.
When clicked allow overriding of dns servers by dynamic WANs still configure the other dns servers so in multi-WAN environments dns has a chance to work still.
Tell the local system to use the locally running dns forwarder as a primary source. This should help ticket #1407
Start hostid
Max procs should be 1 when using an op code cacher
Use route change here as well to avoid leaving the routing table without a destination for a short period.
Rework rc.stop_packages a little. Fixes #1564
Correct check as per http://forum.pfsense.org/index.php/topic,39155.0.html
Correct issue with adding IPv6 default gateway reported http://forum.pfsense.org/index.php/topic,39344.0/topicseen.html
Resolve issues that made php core dump or eat a lot of memory when big routing tables are present.
Merge pull request #5 from smos/master
Welcome IPv6!
Allow a ZMQ syslog address
Merge remote-tracking branch 'upstream/master'
Conflicts: etc/inc/easyrule.inc etc/inc/filter.inc etc/inc/interfaces.inc etc/inc/services.inc etc/inc/xmlrpc_client.inc usr/local/www/fbegin.inc usr/local/www/services_dhcp.php
Allow DHCP mappings to be resolved first for reverse lookups.
This was affecting a kerberos installation where the first DNS alias wasgiven for the PTR instead of the static DHCP mapping name, breaking thekerberos tokens.
Merge remote branch 'upstream/master'
Conflicts: etc/version
Merge remote-tracking branch 'mainline/master' into inc
Do not create blank domain lines if domain is gone from config.xml. It breaks tools such as dig when troubleshooting, etc.
Fix formatting of fastcgi params in lighty config.
Add a GUI field to adjust the max number of processes for lighttpd.
Allow OpenNTPD to listen on Virtual IPs, not just interfaces. Fixes #342
Conflicts: etc/inc/voucher.inc usr/local/www/fbegin.inc
Conflicts: etc/inc/openvpn.inc
Disable this until it can be properly fixed.
Conflicts: conf.default/config.xml etc/inc/filter.inc etc/inc/globals.inc etc/inc/pfsense-utils.inc etc/inc/upgrade_config.inc usr/local/www/interfaces.php
Prevent races on resovlconf generation as well by adding a lock.
Ticket #1534. Try to stop packages during reboot of system.
Conflicts: etc/inc/interfaces.inc etc/inc/upgrade_config.inc etc/inc/vpn.inc
Comment out the interface_gif_configure(). It is causing more issues then it is solving.
Conflicts: etc/inc/pfsense-utils.inc
Don't just blindly echo to the ntpd.log, it's a clog file and that will break it.
Harden SSL settings a bit. Verified OK with Chris Buechler and Bill Marquette
Conflicts: etc/inc/gwlb.inc
Drop the ntpdate sync in favor of using ntpd -s, which should have the same net effect without needing the shell script that has been prone to hanging.
Fix variable name
Conflicts: etc/inc/interfaces.inc etc/inc/priv.defs.inc etc/inc/shaper.inc etc/inc/system.inc
Conflicts: etc/inc/rrd.inc usr/local/www/interfaces.php
Generate the config file in a variable then write it as a whole to a file.
Properly configure lighty with the configured port when attached to the v6 socket. It was previously hardcoded to https
Correct one more variable in the process
Fix broken gateway logic that mixed up v4 and v6
Merge branch 'master' into inc
Conflicts: etc/inc/captiveportal.inc etc/inc/config.console.inc etc/inc/config.lib.inc etc/inc/easyrule.inc etc/inc/filter.inc etc/inc/ipsec.inc etc/inc/pkg-utils.inc etc/inc/shaper.inc...
Conflicts: etc/inc/system.inc
Fix url. Do not include mod_accesslog twice
Unbreak static routesAdd initial NPt Network Prefix Translation pages
Add the empty check otherwise all static routes are skipped. Reported-by: Seth