Fix the DNS rebind Check for IPv6 addresses Ticket #1583
Fix copy paste error which cleared args
Make sure to wait for the interface to be really created before letting the function return for PPP interfaces.
Make sure that we disable accepting router advertisements unless we explicitly enable them
Add a log message when we enable router advertisements for a interface
Disable the rc.newwanipv6 script called from the dhcp6 client, this causes a recursing configure.
Add debugging to interface down function, add support for the type6 = dhcp6.This really needs to be sorted out in a better way taking both v4 and v6 into consideration simultaneously.
Add the dhcp6 firewall rules so the client can get out.Add a type6 field so that we can distinguish the ipv6 configuration types
Ticket #1279. Decrease the refcount even though we're in booting phase. This helps the refcount to work as intended and help in making filesystem read only correctly on embedded platfroms. While here put some exceptions to refcount API and silent any related errors that might trigger. Also take not of the NOTE on the php manual that after a share memory is opened further references to it for size and access mode should be 0.
Include the rate output in the privilege for the traffic graph.
Make initial changes to allow pfSense to work in a jail.
This mostly avoids starting things that will not work and gets theinitial config. Most of the pfSense functionality will not work(pf rules, routing, etc) but it can be used for testing.
Allow custom dnsmasq options so ppl can set SRV records and such for xmpp/kerberos
Fix the filter rules to trigger for the right address family
Unbreak filter.inc. Pointy-hat ?
Resolves #1731. Correctly handle nested alias that have hostnames. While here prevent putting duplicated dns hostnames under the same table to prevent possible hickups and save double work.
Another roll at fixing the voucher sync problems.
Fix broken static route bypass rules
Reflect the changes in the UI page that IPv4 and IPv6 are no lounger coupled together. They are now 2 seperate switch() statements.This should also allow for toggling the dhcp6 client on a PPPoE interface
Also only add 127.0.0.1 as a DNS server if dnsmasq (DNS Forwarder) is enabled.
Correct the link generation. Reported-by: http://forum.pfsense.org/index.php/topic,39855.0.html
Remove a slipped in text that confuses people
Allow disabling having localhost in resolv.conf. There are some special setups that might need this.
Resolves #1193. Properly warn about duplicate default queue
Fix description
Move these permissions to user.priv.inc so they don't get blasted when priv.defs.inc is automatically regenerated.
Conflicts:
etc/inc/priv.defs.inc
Fix missing $ on variable.
Sort user privileges so dashboard/index.php come first, so if a user has those permissions, they get redirected there first and not to another page.
Add Dashboard privilege which is a collection of all required pages for the dashboard. Partial fix for ticket #620 - may do something more for 2.1
Fix privilege matching so that it respects wildcards better, especially when leading.
Syncrhonize the information with the wizards xml. Reported-by: http://forum.pfsense.org/index.php/topic,39176.msg205359.html#msg205359
Fix priv name
Add privilege to directly access dashboard widgets if needed for ajax.
If a user has access to RRD graphs, also let them access the actual RRD graph images.
Log when a user tries to access an unauthorized page.
Correct world of wordcraft rule description array. Reported-by: http://forum.pfsense.org/index.php/topic,39176.0.html
When clicked allow overriding of dns servers by dynamic WANs still configure the other dns servers so in multi-WAN environments dns has a chance to work still.
Tell the local system to use the locally running dns forwarder as a primary source. This should help ticket #1407
Correct array key typo mistake. Ticket #1052
Remove trailing newline
Move seting up of tabs/menus/service entries after custom php commands. Seems there is something tripping config vars that make these steps not work.
Correct the ambiguity caused by missing curlies
Remove this write_config call seems to be causing grief.
Add yet another intermediate config write during pacakge processing which breaks some installation steps.
Oops fix variable name
Blacklist lan as being used as default gateway when auto switching is on. This prevents some problems in general functionality with services.
If no pppoe service name is configured, send a null service name. Seems to help clients especially when reconnecting.
Declare the arrays as global since that is what they are. Correct the name of asterisk in the global defniition.
Correct battlenet data to not be overriden. Reported-by: http://forum.pfsense.org/index.php/topic,39176.0.html
Start hostid
Max procs should be 1 when using an op code cacher
Silence pfctl -d errors
Add an override for default interval to send icmp
Add a new option to allow disabling of gateway monitoring. This gateways will always be reported as up.
Use route change here as well to avoid leaving the routing table without a destination for a short period.
Rework rc.stop_packages a little. Fixes #1564
Also escape \ in pptp passwords.
Do not add any reply-to information to rules with action match. Reported-by: http://forum.pfsense.org/index.php/topic,39247.msg202728.html#msg202728
Correct check as per http://forum.pfsense.org/index.php/topic,39155.0.html
Correct whitespace and some problems in the just merged ldap auth sorce for racoon
Merge pull request #8 from ninja76/master
IPSec xAuth allowing LDAP to be used as a backend
Prevent php from coring if the wrong parameters are passed to ip2long
Relax PPTP password restrictions, just prevent starting with a !, and limit to common printable/keyboard characters so it doesn't result in invalid xml. Fixes #1720
Correct issue with adding IPv6 default gateway reported http://forum.pfsense.org/index.php/topic,39344.0/topicseen.html
Rework OpenVPN status, show status for shared key servers.
Improved ipsec ldap xauth
Resolves #1719. Prevent disabled client/servers from being displayed on the widget.
Always send the route delete command even if it fails its ok. This avoids having to dump the routing table.
Use the new change to be less distuptive
Use change here to be cleaner and less disruptive.
Resolve issues that made php core dump or eat a lot of memory when big routing tables are present.
Add a flag that defaults to on allowing the control of delete states from external callers such as pfCenter
Switch back to the default gateway configured when possible when gateway switching is active
Correct check for the gif mtu during an interface readdition to bridge.
Only apply remote_network setting for p2p modes, since it is not valid for remote access modes. Fixes #1707
format error
More sanity checking
Ipsec xAuth patch
Revert wrong fix of Bug #1711.
Correctly restart the SSL lighty instance when running.
Remove 'maxproc' since its unused in the code and correctly use maxprocperip to allow the GUI setting to be actually usable. Reported-by: http://forum.pfsense.org/index.php/topic,39155.0.html
Bug #1711. Acct-x-Octets are always 0 in Captive Portal -> Radius acct messages.
Correct the check for mtu 1500 to inlcude it. Also add the check on bridge_add_member function
Fix php behaviour on xmlrpc sync and vouchers starting with a number. Apparently php uses that to deduce the type of var and gets confused.
removes variables concatenation on gettext strings
makes correct use of printf and gettext
removes variables names and replace it with '%s'
Ticket #1552. Do not allow route-to to be set on block/reject rules for now. The issue is in the kernel but for 2.0 this protection is enough.
Ticket #1193. Do not show default queue checkbox when another queue has it selected.
Ticket #1052. Enforce certificates if they are present for authenticating to ldap. Allow to select a CA under ldap type authentication backend to be used for this.
Fix missing " in gettext line
CRL fixes for empty CRLs (so they don't kill OpenVPN)
Fix merge conflict
Merge pull request #5 from smos/master
Welcome IPv6!
fix missing "
Allow a ZMQ syslog address
Merge remote-tracking branch 'upstream/master'
Conflicts: etc/inc/easyrule.inc etc/inc/filter.inc etc/inc/interfaces.inc etc/inc/services.inc etc/inc/xmlrpc_client.inc usr/local/www/fbegin.inc usr/local/www/services_dhcp.php
Allow DHCP mappings to be resolved first for reverse lookups.
This was affecting a kerberos installation where the first DNS alias wasgiven for the PTR instead of the static DHCP mapping name, breaking thekerberos tokens.
Enable the pfsync checking unconditionally
Actually give pfsync time to catch up.
If the sync has not finished do not start carp yet
Fix gettext