Project

General

Profile

Statistics
| Branch: | Tag: | Revision:

# Date Author Comment
3afcc238 11/14/2013 02:34 PM Renato Botelho

Split automatic to nat hosts fill into a function to be able to call it from other place, ticket #2416

c39c8b8f 11/14/2013 12:38 PM Renato Botelho

Remove unused variables and fix automatic nat to alias-address

34f95977 11/14/2013 10:19 AM Renato Botelho

Merge pull request #854 from icyfork/provides_empty_STDIN_to_pw_command

local_sync_accounts: provides empty STDIN to pw userdel command

eef01b14 11/13/2013 09:45 AM Renato Botelho

Add hybrid and disabled outbound NAT, fixes #2416:

- Add 2 new outbound NAT modes, hybrid and disabled, manual and advanced
keep working the same way
- Hybrid mode applies manual rules first, automatic after
- Disabled do no create any outbound NAT rules...

c6b156bf 11/12/2013 11:29 PM Ky-Anh Huynh

local_sync_accounts: provides empty STDIN to pw userdel command

The /usr/sbin/pw command may wait for user input. For example,
if there is a manual crontab settings for :foobar account, then
when this account is requested to be deleted, the command will
ask if user wants to delete crontab settings for the account....

7facbef7 11/12/2013 05:05 PM Renato Botelho

Merge pull request #850 from phil-davis/master

Handle comma-separated list of remote networks when making vpn_networks table

c4421dfa 11/12/2013 12:45 PM Renato Botelho

Add an option to set no-sync on rules to keep states from being synced via pfsync. Fix #2501

6186cdc4 11/11/2013 09:29 PM Jim Pingle

Rework the usage of the shell i/o during stop_packages(), fixes the "Syntax error: bad fd number" for the remaining people who still saw it on shutdown

62c5794d 11/09/2013 04:03 PM Phil Davis

Handle comma-separated list of remote networks when making vpn_networks table

If remote_networks for an OpenVPN instance is a list of more than 1 network then none of the networks gets added to the vpn_networks table. The code simply did not address this new comma-separated list feature. Now it does, and the vpn_networks table contains all the remote networks listed....

6d5fcf57 11/07/2013 07:35 PM Ermal LUÇI

Unset this variable used in the loop to avoid having wrong information

8194f288 11/07/2013 07:26 PM Ermal LUÇI

Do not forget the trace in the pf.conf that something went wrong during rules generation to be able to at least detect what is going on

70da4172 11/07/2013 02:15 AM Jean Cyr

Give clients the IPV6 address of the DNS server

For IPV6 WAN tracking interfaces, dhcpdv6 does not provide an IPV6
address for the DNS server... fix that.

23b5b16a 11/02/2013 10:48 AM Renato Botelho

Revert "Add conf_mount_rw calls on functions that changes user/groups. It fixes #3294"

This reverts commit b1e5a286bb47d7e4a5b3d589cc27b557b3b13c41.

c5d4d97b 11/01/2013 02:43 PM Jim Pingle

Prevent a Fall Back Pool from being selected when the DNS protocol is in use. If one is present in the config, ignore it. Fixes #3300

add913b1 11/01/2013 02:23 PM Renato Botelho

Teach system_timezone_configure() to deal with symlinks to avoid having timezone misconfigured. This fixes #3293

b1e5a286 11/01/2013 12:55 PM Renato Botelho

Add conf_mount_rw calls on functions that changes user/groups. It fixes #3294

9ed52990 10/31/2013 07:03 PM Jim Pingle

Unset value should be '' and not 'none'

edba1982 10/31/2013 06:50 PM Jim Pingle

Change OpenVPN Compression settings to cover the full range of allowed settings on OpenVPN (unset, off, on, adaptive) rather than a simple off/on switch that either doesn't set the value or enables it with adaptive (OpenVPN's default).

97d5b59b 10/30/2013 07:47 PM Jim Pingle

Add an Authentication Digest Algorithm drop-down to OpenVPN server/client (SHA1 is the default since that is OpenVPN's default)

204bec28 10/29/2013 09:35 AM Renato Botelho

Revert "Define dynamic gateway for GRE interfaces and do not user to define IP address to the interface. Fixes #3280"

Another solution will be implemented

This reverts commit 6721d6d0443bd7e697bd6ca33f470c801608df7e.

6721d6d0 10/29/2013 09:06 AM Renato Botelho

Define dynamic gateway for GRE interfaces and do not user to define IP address to the interface. Fixes #3280

1dc0e7f4 10/28/2013 04:20 PM Renato Botelho

Make return_gateways_array() return all disabled gateways when $disabled is true, it should fix #3291

20623f57 10/28/2013 12:35 PM Renato Botelho

Fix an attempt to read unset variable $rtent

cbe12b8d 10/24/2013 08:33 PM Jim Pingle

Add source address selection to syslog settings, so it can work more effectively over a VPN. Fixes #355

b8250344 10/24/2013 08:07 PM Renato Botelho

Fix #3235

. diag_nanobsd.php:
. Since conf_mount_ro() is always being called, always call
conf_mount_rw to keep refcount correct
. Do not show refcount_read() return when it's -1
. config.lib.inc
. Increment and decrement refcount even if nanobsd_force_rw is set....

a4e4b560 10/23/2013 01:58 PM Renato Botelho

Make sure pf rule labels never have more than 63 chars. It should fix #3208

10d9290f 10/22/2013 06:49 PM Ermal LUÇI

Prepend ipsec_ here as well for better protection

7b95ffdd 10/22/2013 06:46 PM Ermal LUÇI

Use the pid of the process for the tmp file also prepend ovpn_ here to make it clear

45758be4 10/22/2013 06:44 PM Ermal LUÇI

Correct even here the routes from cisco-avpair processing

eb7d43c0 10/22/2013 06:42 PM Ermal LUÇI

Use the pid of the process for the tmp file

9f293b1c 10/22/2013 03:45 PM Jim Pingle

Fix cisco-avpair processing, and route processing from avpair replies.

edc56e48 10/22/2013 01:31 PM Renato Botelho

Add missing privileges to the list, it fixes #3279

c03d4be1 10/22/2013 01:31 PM Renato Botelho

Fix typo and whitespace

dda9c67f 10/21/2013 12:59 PM Renato Botelho

Fix #3259. Save 'packet loss rate' and 'bucket size' for limiter queues

40a8f669 10/18/2013 08:32 PM Renato Botelho

Prevent a possible division by zero. it fixes #3212

ea108447 10/18/2013 01:40 PM Renato Botelho

Make sure vlan interface exist when it's being configured, it fixes #3270

c48fdaa4 10/16/2013 12:18 PM Renato Botelho

Fix #3268 - avoid pf table names conflict:

. Create a list of reserved table names for the hardcoded ones
. Use this list to validate aliases and load balance pool names
. Check if alias names don't conflict with LB pool names and vice-versa

c858a035 10/15/2013 01:30 PM Renato Botelho

Merge pull request #817 from stephanel/master

Added OVH DynHOST in dynamic DNS services

8deaf333 10/14/2013 06:53 PM Renato Botelho

Add Captive Portal Zones privileges definition. Fix #3216

b4a62651 10/11/2013 01:59 PM Renato Botelho

Allow special chars to be used on IPSec mobile login banner. Fixes #3247

2d72659a 10/11/2013 12:19 PM Renato Botelho

Set default value to radius_protocol during upgrade, it should fix #3226

0f0f7b2c 10/11/2013 11:25 AM Renato Botelho

Fix 'Packet loss rate' and 'Bucket Size' range checking

aa0753e3 10/10/2013 04:59 PM Jim Pingle

Needs parens

a3cc1409 10/10/2013 04:47 PM Jim Pingle

Add upgrade code to change the DHCP next-server value to nextserver since it was renamed sometime in 2.1 but upgrade code didn't follow. Also shuffle the upgrade code blocks a bit since we need these on 2.1.x and nobody should be on 2.2 yet, so the impact should be minimal to renumber the one bit specific to 2.2.

a4a56eb0 10/09/2013 07:01 PM Stéphane

Added OVH DynHOST in dynamic DNS services

04761344 10/09/2013 02:02 PM Jim Pingle

Perform a much more accurate comparison between two certificates to determine if they are identical when checking their revocation status. Fixes #3237

090b9a4a 10/09/2013 12:54 PM Jim Pingle

Remove newsyslog cron job on upgrade, if present.

0b5636fc 10/09/2013 12:50 PM Jim Pingle

Remove this check, the value can be 0 here if the target is the first item in the array.

c3b9bcb2 10/04/2013 11:40 AM Chris Buechler

use (self) instead of any for web lockout

b762e3dc 10/04/2013 06:46 AM Chris Buechler

use (self) rather than any as the destination for the lockout rules

9f6919e6 09/28/2013 12:12 PM Richard Connon

Fix codel not being applied on non-priq queue types

c27edf55 09/28/2013 11:37 AM Richard Connon

Fixed typo in CoDel wiki link

58e1f8f2 09/27/2013 10:37 AM Scavy

Update to include GratisDNS dynDNS service

5458bc59 09/27/2013 09:29 AM Scavy

Update to include GratisDNS dynDNS service

d2399f99 09/25/2013 03:49 PM Jim Pingle

Make sure no extra spaces end up in the parsed IP, it can lead to issues in other places (Easy Rule, etc)

6f969455 09/23/2013 07:27 PM Jim Pingle

Add patch from Ermal to fix ifconfig error on gif in certain cases.

9e378421 09/23/2013 01:56 PM Jim Pingle

Fix CP stats generation for concurrent users. Fixes #3225

c13a7052 09/18/2013 10:14 AM Renato Botelho

Merge pull request #795 from razzfazz/ia-pd-hint

add option to send prefix hint for requesting desired prefix length for delegation (for master branch)

819a603c 09/17/2013 07:13 PM Jim Pingle

Switch to rw mode before file operations on RFC2136 cache. Fixes #3201

2e9d9ede 09/16/2013 07:57 PM Renato Botelho

Merge pull request #803 from PiBa-NL/outboundnat_disable_checkbox

outboundnat, disable rule checkbox

6ae8c4f2 09/16/2013 06:46 PM Pi Ba

outboundnat, disable checkbox

1cddd59c 09/16/2013 01:13 PM Warren Baker

Split SSL/TLS into separate checkboxes so that plaintext connections can be made secured by using STARTTLS. Support for SMTPS connections should probably be done away with in future. Fixes #3180

73c569ea 09/15/2013 05:45 PM Xon

Alix 2D6 crashes upgrade process withou out of diskspace

Updating the the RRD graphs causes two copies of each RRD's XML file to be stored in /tmp.

On Nanobsd, the default /tmp size is 40mb. It doesn't require very many RRD XML dumps before this is exhausted.

67e5e3c6 09/14/2013 02:17 PM Renato Botelho

Set action = pass for configured mac addresses on CP passtrumac

81ce28d8 09/14/2013 01:54 PM Renato Botelho

Remove unecessary blockedmacs db and read it directly from config

ea51e9f8 09/12/2013 02:29 PM Renato Botelho

Remove call-time pass by reference from traffic shaper files, it should fix #2565

a413e743 09/12/2013 12:43 PM Renato Botelho

Do not add a ipfw rule to block mac since auth can take care of block or redirect it

3b2769be 09/12/2013 11:44 AM Renato Botelho

Make sure db doesn't exist when start to configure macs

0d33f1fc 09/12/2013 11:44 AM Renato Botelho

When block a MAC address, add it to a DB to make it possible to redirect it to a URL

6b1cb3fd 09/12/2013 11:44 AM Renato Botelho

Add action to auto created passtru mac rule

0bf1e925 09/12/2013 11:44 AM Renato Botelho

Remove unused variable $macdb

5eee3755 09/12/2013 11:44 AM Renato Botelho

Make captiveportal_passthrumac_delete_entry() return rules instead of execute them as other similar functions do

6ffb064f 09/12/2013 11:44 AM Renato Botelho

Add action to auto created passtru mac rule

666f88e0 09/12/2013 11:44 AM Renato Botelho

Add actions (block or pass) to Captive Portal passtrumac

90a27e64 09/11/2013 10:12 PM Chris Buechler

s/BSDP/ESF/

9633e518 09/10/2013 01:08 PM Jim Pingle

Simplify the update URL definition in globals.inc and add some comments to it.

f1593bfe 09/10/2013 11:52 AM Phil Davis

Update an existing cron entry for pppoe periodic resets

The array variable name was incorrect in the test, so the existing cron entry was not being matched. Fixes #3192

fa4d4be6 09/10/2013 09:27 AM Ermal LUÇI

Leave a trace that rtsold did fire the dhcp6c client so troubleshooting is easier

a01f8bfc 09/10/2013 09:10 AM Ermal LUÇI

Correctly check the secondary/primary parameter setting on dhcp failover configuration

20809a21 09/10/2013 08:20 AM Ermal LUÇI

Correct typo that prevents dhcp rules from properly being generated.

771c14a3 09/10/2013 02:30 AM Phil Davis

Do not include disabled OpenVPN in vpn_networks and negate_networks

0281db8c 09/09/2013 07:18 PM Jim Pingle

Fix errant display of "0 table deleted" during filter reload on console.

d3b3240b 09/06/2013 05:56 PM Jim Pingle

Remove failover peer IP settings from DHCPv6, DHCPv6 doesn't support failover the way that DHPv4 did. Fixes #3184

af0a477a 09/06/2013 04:58 PM Renato Botelho

Disable kill_states by default on upgrade, it fixes #3183

8346b5c4 09/05/2013 06:27 PM Jim Pingle

Allow for easier override on $g values if needed.

9d7ca11f 09/05/2013 12:39 PM Ermal LUÇI

Correct check to match the right vip based on configured ip. Reported-by: http://forum.pfsense.org/index.php/topic,66234.0.html

36fa13a6 09/05/2013 12:29 PM Ermal LUÇI

Ticket #3181 do the state flushing only on down gateway detection rather than any time.

b9eae2ba 09/04/2013 10:43 AM Ermal LUÇI

Actually the / here is not needed.

8171a2c2 09/04/2013 08:48 AM Ermal LUÇI

Introduce two new functions to be used on locking.

- try_lock: used for trying to get an EXCLUSIVE lock for a specified timeout by default of 5
- unlock_force: which just releases any locks held on a specified lock

Use this new functions on rc.openvpn to avoid spurious stale locks around.

dc8b4c4e 09/04/2013 08:18 AM Ermal LUÇI

Make the operation of saving old rule nearby the writing operation to be logical to spot

b214bf3a 09/04/2013 08:12 AM Ermal LUÇI

Sprinkle some unsets to reduce footprint and correct some whitespaces

3b6596b7 09/04/2013 01:03 AM Phil Davis

filter_generate_port error log function name

Absolutely minor adjustment to make the error log message refer to the new function name.

81d81b94 09/03/2013 06:39 PM Ermal LUÇI

Fixes #3173 if any port information exists on the rule than put it on the NEGATE rule generated.

03131eb9 09/03/2013 06:13 PM Renato Botelho

Remove SPD when disable phase2, it fixes #2719

faf4b1fc 09/03/2013 05:05 PM Chris Buechler

Merge pull request #796 from phil-davis/master

Traffic Shaper GUI text typos

fcb5121d 09/03/2013 05:03 PM Chris Buechler

Merge pull request #793 from shahidsheikh/master

Fix #3174 Handling of gateway groups in openvpn_restart()

32a9eb18 09/03/2013 04:52 PM Ermal LUÇI

Bring back static routes to fix issues reported on Ticext #3179

f2cc3344 09/03/2013 03:37 PM Renato Botelho

Fix #3004:

. Create a function to replace strings on deep associative arrays
. Use the recent created function array_replace_values_recursive to fix
VIP interface names instead of touch config.xml directly

42ec9337 09/03/2013 11:55 AM Renato Botelho

Make sure RRD data is restored from backup before upgrading data and a new backup is done after. It should fix #2159

794195d1 09/03/2013 11:45 AM Phil Davis

Traffic Shaper GUI text typos

and note the Queue Limit is a number of packets (not packets per second)