Merge remote branch 'upstream/master'
Conflicts: etc/inc/interfaces.inc etc/inc/system.inc
Ticket #802. During a config restore detect if the vlan interfaces need reassignment too. This might be problematic for other type of interfaces on 2.0!
Conflicts: etc/inc/interfaces.inc etc/inc/vslb.inc usr/local/www/interfaces.php
Add log_auth() which with send items to syslogd using LOG_AUTH facilities. Use this new log_authh() for login error and success entries
Do not spam console with useless messages. Also remove killall not needed anymore.
Ensure returned item is an array.
Return CARP IP Addresses in get_configured_ip_addresses()
Conflicts: etc/inc/filter.inc etc/inc/system.inc usr/local/www/interfaces.php usr/local/www/interfaces_gif_edit.php
Fix filter_rules_sort's compare function to know about floating rules so it won't change their order.
Remove trailing carriage return
This will prevent HTML pages from crafting HTML GETs against the web interface and will prevent firewall admins from being "tricked" into clicking on links that may be harmful to their firewall.
Protect from strange situations on bootup by testing for is_array(). Do not add anymore the 127.0.0.2 route its not needed anymore. Also during bootup bring up all interfaces so the assignment process can deal with them(Possibly should be done in another code flow!).
Conflicts: etc/inc/filter.inc
Add function for generating ipv6 subnet mask end, hook into ipv4 subnet mask check as well.
Make isvalidpid() know about pidfile the same as the other *pid functions do.(consistency)
Switch over the IPv6 functions from IPv6.inc, these are from the PHP PEAR library
Change the firewall rule generation to look for the ipprotocol tag which defines inet or inet6. This makes sure that we use ipv6 addresses and change to the correct ipv6-icmp tag.
Allow for configuring a IPv6 address on the interfaces page.Add code to verify a ipv6 addressLet is_ipaddr() return true on a v4 and v6 address.Change system gateways edit to fetch the global ipv6 interface ipv6 addresses and subnetsThe current ipv6 function might need folding into filter_var() when that catches some documented corner cases....
Make safe_mkdir() create directories recursively
If we fail to send an event to check_reload_status consider its not running and try restarting it.
Return list with WAN and LAN interfaces in the configured order rather than giving special treatment, as is already done with the OPTx interfaces.
Revert "Reorder the way this list (get_configured_interface_list) is generated to make it more beautiful."
This reverts commit 144d0e793de61366340758b28f169c3afeeba922.
Reorder the way this list (get_configured_interface_list) is generated to make it more beautiful.
I know you guys said don't bother, but it's just cosmetic, and it took 10 seconds.
Do stricter validation of host names and domain names.
Use the new events mechanisms to dispatch events.
Use exec() for is_process_running since system() displays command output(not sure why). Also handle captiveportal specially and use proper function to start/stop it.
Ticket #485. Correct code and use pkill/pgrep to match or kill process. Since these utilities know how to handle pidfiles and exact matches on process names.
Add l2tp where missing. Also add l2tp and igb to altq capable interfaces.
Add sysctl functions that support getting/setting multiple values in a single call.
use more efficient is_macaddr from bblacey on forum
This code returned the size in kilobytes, while the part usually used returns megabytes.
Be more strict when doing checks for empty values.
Add array_merge_recursive_unique which was called in xmlrpc.php but did not yet exist. Fixes #645
Do not show ipfw0 for assignment.
Various fixes to usage of ip2long, long2ip, and negated subnet masks, mostly affecting 64-bit. Ticket #459
Ticket #544. Restore locking, seems w+ migh already lock the file sometimes. While there improve the locking to a read/write locking schema. Make the default locking a read only lock and if explicitly specified a write locking can be specified through LOCK_EX optional parameter to lock(). During config manipulation do the filesystem mounting in rw, if needed, before doing any locking to avoid possible problems and also to be consistent through out the code on the method used. Also update calls to config to lock exclusively where required.
Ensure the URL table file is not empty at this step.
Add a new alias type, urltable, which downloads a file of IP/CIDR addresses and loads them into a pf persist table instead of importing the addresses directly into a traditional alias. This allows for using huge tables of addresses that would otherwise break the GUI and/or fail to load into pf. Part of ticket #512
Remove bogus char. Spotted-by:gnoahb@
Restore tun interface because it is still used by openvpn.
Changes to make PPP work again. mpd5 fails to establish a ppp link withoutsome username and password, so defaults are set if user enters nothing.Removed interface_ppp_configure call from interfaces_ppp_edit.php. It wasuseless there with the new structure, and it caused all PPP links to attempt...
Use alias style when creating aliases in wizards.
Ticket #417. Fix installation on embedded by using a refcount system for the mount command.
Generalize.
Use procatat instead of ps as the latter always prints a header, alsouse full paths.
'\b' is not the word boundary on BSD, its actually '[[:<:]]' and '[[:>:]]',change these functions to use better syntax and not grep at all.
Return the data after unreference, it might be needed.
Use shmop module to implement reference count calls.
Adding support for using IP ranges aliases. If you input an IP Range such as 192.168.0.1-192.168.0.254, it will instead turn that into a number of CIDR networks which will completely fill the range.
Till the flock issue is fixed open the races doors, place your bets please!
Do not show pppoe/pptp/l2tp interfaces for assignment.
Change method of displaying wireless clone interfaces on the assignment page.
Move most of the code for dealing with wireless clone interface names to separate functions.
Missing a part of the last change. Also use bssid for the first wireless clone.
For now, don't count any wireless clones as mismatches unless the base interface doesn't exist.
Allow secondary wireless clones in interface list.
Ticket #309. Correctly fix the problems of intermediate config lost because of inclusion of config.inc. This might have speed impacts to be measured.
Ticket #315. Do not show the cloned wireless devices for assignment.
if gzsig is missing, return error verifying signature rather than invalid signature.
Resolves #279. Do not show vlans as parent interfaces for other vlans.
fix typo
Restore interface list for vlan interfaces.
Fix var names/
Ticket #261 Do not consider ports as hostnames. This changes the is_port function to consider ':'(ranges) as ports. This seems a previous feature i do not agree with much, but users decide right?!
Replace some occurrence of /tmp with the propper global variable in attempt to minimize the search for what changes /tmp permissions.
remove notice that unnecessarily appears on every clean install
If the port passed as argument is a range(having - in it) this function would still return true as a bad habit of intval. Fix this so it behaves correctly.
Add IP alias and 'any' support to OpenVPN. Feedback #69
Allow specifying services/ports in firewall rules or nat rules by their /etc/services name.
Revert "Correctly unset rules when switching disabling AON."
This reverts commit 989e5d62da2f7f6dad2bb55d20d2558cfb3fa34a.
Correctly unset rules when switching disabling AON.
Try to prevent empty interfaces.
Ticket #146 Fix typos ansd copy/pasto errors.
Do not output plugin name during boot:
Resolves #146 Add propper validation on alias usage. Allow port type aliases only on port side and other aliases in ip specifications and similar. Introduce a new function is_portoralias to ressemble the is_ipaddroralias to check for the cases.
Fix get_configured_carp_interface_list: use the right interface name using vhid
Add is_URL()
Nuke alert. Resolves #125
Cons25 supports color as well
Update doc header
Allow specifying colors by their name
Return color code, not echo
Add function header markup for doc generation. Add color() function that will output a color ansi sequence if the terminal supports it. No arguments to color will reset the terminal
Rework includes/require. This saves about 4 megabytes.Simplify get_memory(). Tested on mips/i386
Fix proxy ARP VIP addition (was calling old function)
rename function from interfaces_proxyarp... to interface_ to be consistent with the functions for carp, carpdev, and ipalias.
still a problem with proxy ARP, removing VIP doesn't kill off choparp (will open ticket)
Stop spamming the logs with config_unlock() is depricated please use unlock().
Unbreak returning the real mem and web interface in general. Pointy-hat-to: Scott.
Fallback to using hw.realmem and hw.physmem sysctl's when we cannot probe the available memory from bootup log file. RouterStationPRO is an example
Use useland pppd for ppp connections
Carp interfaces are named 'VIP#' now. Make sure this is hidden on interface assignment.
Remove wrong slipped code.
Reviewed-by: scott@ and billm@
If gzsig does not exist then return 1
Remove unecessary calls to semaphores, will try again with them with 8 builds!
Update locking to use Ermals non semaphore patch. I just beat the holy heck out of it with the CP torture scripts and all seems OK
Add pfSense_BUILDER_BINARIES: and pfSense_MODULE: additions
Set auto_release
Add msort() which will sort lower and uppercase items teogether (packages for example). Sort packages by lower/upper. IE: arping, arpwatch, Backup