Introduce two new functions to be used on locking.
- try_lock: used for trying to get an EXCLUSIVE lock for a specified timeout by default of 5- unlock_force: which just releases any locks held on a specified lock
Use this new functions on rc.openvpn to avoid spurious stale locks around.
Fix #3004:
. Create a function to replace strings on deep associative arrays. Use the recent created function array_replace_values_recursive to fix VIP interface names instead of touch config.xml directly
Improve var names in get_memory
realmem is the amount of actual (real) memory installed - the size of the RAM card - e.g. 256MBphysmem is the amount of memory available to FreeBSD after BIOS, video... has stolen some of realmem.The variable names currently used are not very helpful for code readability. This standardises them. No functional change here.
Add scope to target when it is a link-local, it helps ticket #3150
Handle link local addresses with embedded interface scope on is_ipaddrv6 and also on dnsmasq which is not yet there for these addresses
Use pfSense module functions for finding interface v6 addresses. The addresses will be not in friendly format as returned by getnameinfo
Implement URL Table aliases for ports instead of IP addresses
Add a new alias type, URLs containing Ports
Add group_ports()
If the script_name is blank, try another method to locate what our filename is so we don't log an empty script name.
Add extra param, off by default, to make get_staticroutes() return hostnames too
Fix whitespace and indent
Create is_linklocal() to validate ll addresses
Make get_static routes behave correctly with aliases
Added IE mobile for WP8
Also do checks for ipv6 on is_ipaddr_configured
Check for the right function name since the previous was present in util.inc not interfaces.inc
Restore require_once(interfaces.inc) on get_configured_ip_addresses(), it's required by get_interface_ip()
Two interfaces, carp, ip aliases might be on the same subnet as their parent. What needs to be checked is the ip itself
Use full path to nohup
Assign the output of exec to a var to avoid any issues
Check interfaces and VIP IP address overlap
- Check if interface IP overlaps other interfaces or localip from mpd based services- Check if VIPs IP overlaps interfaces or other VIPs address
It fixes #1723
Correct name of function call and use directly its return value as its boolean as needed. Also correct the function to be more readble and put a note for v4 checks that might be needed
Make gen_subnetv6 return a compressed form IPv6 address/net representation. This removes some issues reported during Ticket #2746 and solve the issue on some cases
IPv6 subnet check
Add check_subnetsv6_overlap()
Make more strict checks during is_ip* functions. Helps http://forum.pfsense.org/index.php/topic,58399.0.html and http://forum.pfsense.org/index.php/topic,58273.0.html
Add option filter to return_dir_as_array()
- Add a 2nd parameter, default empty, that allows to pass a regex to filter files it'll return- While I'm here, simplify code removinf $canadd var
Move is_inrange() to util.inc and rename it to is_inrange_v6()
Move is_inrange() to util.inc and rename it to is_inrange_v4()
Forgotten -n option
Use sysctl for this since its better rather than going thorugh dmesg
Prevent no such file message when pid file does not exist
Add the PPPoE Server IP addresses to the locally configured addresses, this prevents the HTTP_REFERER check from triggering.
Just check the file_exists let pkill decide if its a vaild file or not.
code comment typo ('log_error' should have been 'log_auth')
Add refcount_read to util.inc
Add refcount_read so other code can easily find out how many things have the file system mounted.
Make a function to get the current theme and use it everywhere rather than duplicating code or missing functions. (Fixes forced themes using the wrong theme for login screen)
Allow/deny access to DHCP by partial MAC matching.
Unlock on return
There is no need to remove the @ from function names. Also properly unlock in case of exception. Size is constant and we know it no need for extra call to shmop. Put some more error checking just in case
Make access to shared memory atomic
Use lock and unlock to make sure that all incrementing and decrementing of the reference count in the shared memory section is atomic. This ensures that there are not unusual timing conditions that could see 2 callers trying to update the reference count at the same time, which could result in the count never returning to zero. If that happened, then the filesystems would never be restored to read-only. (this is really just relevant to nanobsd) (note that shmop_* calls in php do not do any locking themselves - callers must coordinate their own access to the shared memory section)...
Fix negative test
Pad data when adding to refcount reference, to avoid some oddities with how php handles such data. http://forum.pfsense.org/index.php/topic,51188.msg278141.html#msg278141
Fix get_staticroutes() function to handle IPv6 subnets properly
Do not directly print out a message when checking the interfaces, instead saving the list to use later. Display this list before the interface mismatch message. Fixes #2468 and fixes #2531
Catch libraries from subdirectories of PBI lib dirs too
Setup library paths to include /usr/pbi/*/lib as a last resort to make sure things can find libraries. We may eventually replace this with a better method as this can lead to conflicts, but for now it will allow packages to find their proper libraries.
Make mac_format aware of cpzone but also friendly to previous code!
Revert "Make mac_format aware of multiple Captiveportal instances"
This reverts commit 54df925b9ea447bdd10f88a886e2ef11d44c3059.
Revert "Make sure mac_format is always defined"
This reverts commit 56f9032170d3130c2066e5eebbe18b96398073ca.
Make sure mac_format is always defined
Make mac_format aware of multiple Captiveportal instances
Get rid of carpdev, it will never be
Catch up with multiple events sending. Also do not blindly startup check_reload_status check first
Make lock files availble to all users for usage from php process
Teach mwexec and mwexec_bg how to optionally clear signal masks, and use that when launching ntp or ntpdate.
cleanup: code for building arrays for autocompleted fields
prep work: function get_alias_list()
I wrote this function primarily to remove a lot of duplicate codethat's there because of a lot of those autocomplete fields.
Revert change to get_interface_list()'s $vfaces list for now. Interfaces in this list that are supposed to be listed on Interfaces: Assign need special logic on that page, which has not been added yet.
Add message stating which interfaces are missing.
Suggestion from http://forum.pfsense.org/index.php/topic,48366.0.html
Add some missing interface types in is_interface_mismatch() and get_interface_list()'s $vfaces. Fixes #2384
Fix constant. LOG_ERROR should be LOG_ERR
Update etc/inc/util.inc
Add modified version of user https://github.com/bcyrill patch that requires a IPv6 literal when used with a port.
Revert "Also validate IPv6 literals."
This reverts commit 21b586aa12ca35ccf54d4ddf66b0305e12e62a4d.
Modify get_configured_ip_aliases_list to optionally return the full vip entry and use this information to get the subnet and not just the IP in filter_get_direct_networks_list.
Also validate IPv6 literals.
Add alias support to static routes (needs some testing) Ticket #2239
Conflicts:
etc/inc/filter.inc etc/inc/util.inc usr/local/www/system_routes_edit.php
use existing filter_expand_alias (well, via a wrapper) instead ofreinventing it
Make vips vhid be unique per parent interface!
Load Balancer: allow port aliases in Pools and Virtual Servers. (PEV-394754)
load balancer: allow IPv4 subnets up to 64 addresses in Pools and Virtual Servers (PEV-394754)
Remove unused code
fix for: Spanning Tree interface priority options do not alter Bridge
http://redmine.pfsense.org/issues/2261
Use the latest functions from pfSense module for getting interface list
Correct send_multiple_events to conform with new check_reload_status behaviour
Fix gen_subnetv6_max(), used to display the end of available range in dhcp server ipv6
While we're at it, allow hostnames for syslog servers, since that is also valid.
Allow users to enter a port number when adding a remote syslog server.
Select the newest of processes to make the command better
Combine is_subnet to check for both v4 and v6 subnets
Add is_subnetv6 for checking of IPv6 subnets
Implement correct gen_subnetv6_max function that you can throw random prefix lengths in. Fixes Ticket #1725
Fix the referrer checks for IPv6 addresses Ticket #1583
Ticket #1279. Decrease the refcount even though we're in booting phase. This helps the refcount to work as intended and help in making filesystem read only correctly on embedded platfroms. While here put some exceptions to refcount API and silent any related errors that might trigger. Also take not of the NOTE on the php manual that after a share memory is opened further references to it for size and access mode should be 0.
Make initial changes to allow pfSense to work in a jail.
This mostly avoids starting things that will not work and gets theinitial config. Most of the pfSense functionality will not work(pf rules, routing, etc) but it can be used for testing.
Remove trailing newline
Merge remote-tracking branch 'upstream/master'
Conflicts: etc/inc/easyrule.inc etc/inc/filter.inc etc/inc/interfaces.inc etc/inc/services.inc etc/inc/xmlrpc_client.inc usr/local/www/fbegin.inc usr/local/www/services_dhcp.php
Merge remote branch 'upstream/master'
Merge remote-tracking branch 'mainline/master' into inc
Feature #1603. Correct nested urltable alias code to be more fullproof to errors and does not break the ruleset on large lists of urltables. Though this needs a revisit to work properly since it breaks urltable alias property of reloading contents.
Conflicts: etc/inc/filter.inc etc/inc/util.inc
More whitespace fixes.
If no event_address in globals.inc specified assume the default. Also fixed whitespaces.
Conflicts: etc/version
Do not check dynamic and special interfaces for a complete interface mismatch error