Add Unbound read function for /etc/hosts
Swop dns xml tag for unbound
Make space for Unbound custom options
Handle domain overrides and adjust config order
Add Unbound statistics
Add include fore remote control and change files .conf extension
Add static host entries to separate file and include in main config
Merge branch 'master' of github.com:bsdperimeter/pfsense
Various Unbound functions for configuration
Use the new daemon for status->queues until a proper chart javascript library is availble
add ability to get root hints file
Create symlinks for packages config files into the PBI directory
Fix pbi_info path
Remove line forgotten last commit
Start for various Unbound functions
Change the way syslogd is killed/restarted a bit. Fixes log related pages hanging when logs are reset (or saving syslog settings)
Move hostapd to its own log and tab, so it stops spamming the system log.
Add Unbound chroot directory path
Exclude relayd from main system log, it's really spammy, and is already in relayd.log
Add some missing ;'s.
Show session detail in Virtual Server status
remove symlinks for PBI binaries
remove PBI even when packages depends on only one PBI package
Create symlinks for bin and sbin directories on /usr/local/ after installing a PBI
Try to send the xmlrpc errors to the system log
Check that we have user password otherwise strange things happen if tehre is nothing stored in the config
Combine is_subnet to check for both v4 and v6 subnets
Add is_subnetv6 for checking of IPv6 subnets
Add relayd to Status > Services and widget. Add capability to kill when restarting instead of a simple reload. Implements #1913
install/remove packages using PBI
Fixup relayd to handle DNS load balancing as well as standard TCP load balancing.
Add global to hide download tab
Unbreak the firewall rules, I accidentally reset the variable.
Show friendly interface names
Add support for multiple radius server to be used during authentication
Remove duplicated occurence during merging
Remove references to undeclared table
Add the multi instance CP to master branch. This allows to define CP with different properties on different interfaces.
Match pftop page exatly with privilege, there is no other page that glob would catch. Fixes #1845
Add proper validation to the services_rtadvd_configure() to only pick up the IPv6 nameservers if anyTicket #1836
Also add the new RDNSS fields to the rtadvd config for prefix delegation cases.
Now that our rtadvd binary supports RDNSS we can tack the search domain and DNS servers onto the stack.Ticket #1836
Encapsulate in curlies for safety
Unbreak system_routing_configure();
Only add the Interface scope on link local addresses
Add a / for the prefix length value. As suggested onhttp://forum.pfsense.org/index.php/topic,40377.msg209028.html#msg209028
Only do cookie check if the form has already been posted. The cookie check is not accurate for the first page load after a browser has been opened, has to be at least one refresh/post first.
Unlink the failed downloaded file if present. Since it might contain harmful and not expected content
Add a find_interface_ipv6_ll() to find the link local address of a interface.Use this link local address for the apinger srcip otherwise we might try using the DHCP6 /128 address which will fail.We need to extend apinger or any replacement thereoff to understand the %{$realif} scope suffix for link local addresses so that these are always correct. This is important since link local gateway addresses are a normal thing and FreeBSD will complain otherwise.
fix unknown-clients on DHCPv6
Fix system_routing_configure() so that that it also passes the interface scope with the IPv6 address on route changes. This is required for link local gateways to work.
Remove stray print_r debugging from the dhcp6 client function
If a user's browser does not support cookies, print an error on the login form telling them so.
Conflicts:
etc/inc/authgui.inc
Further fix up the DHCPv6 client support, launch rtsol to figure out our gateway and add this into the interface router file in /tmp.This will then be picked up by the rest of the system. My testlab happens to block ping showing it down but should otherwise work.
Revert "Make the webConfigurator lockout rule to catch even edp protocol so that xmlrpc bruteforce is caught as well."
This reverts commit 8a4f3015e44007dad22a6e1821f678293cf703a4.
Make the webConfigurator lockout rule to catch even edp protocol so that xmlrpc bruteforce is caught as well.
Fix several issues in pppoe code and remove duplicated code.
Fixup OpenVPN status a bit to properly handle SSL servers using a /30 (no server directive) and also be a little more verbose about what is happening, if we can tell.
Disable the rtsol command for now until we have a proper script to handle this.
Correct the path to rtsol
Accept router advertisments for DHCP6 WAN interfaces. Also launch a rtsol process.
renable IPv6 rc.newwanipv6 but comment out reconfigure($if) until we track down how to best handle this.Dhclient does not pass the interface as a argument which makes this really hard.
Unbreak the services.inc Ticket #1663
Added blind coded DHCPv6 relay backend code. Needs to be tested, basic adaption to IPv6 implemented, only works on IPv6 interfaces. Checks inet6 route tables. Adds distinct PID file for dhcrelay -6. Adds to Ticket #1663
Add DHCPv6 relay pages for the DHCPv6 relay. Ticket #1663
Another address family check for dynamic gateways, v4 has dynamic, v6 has dynamic6 as string.
Add a possible "dynamic6 type to differentiate between IPv6 and IPv4 dynamic connections"
Added extended query possibility (for example, group membership)
Add a interface_has_gatewayv6() function to determine if a interface has a IPv6 gateway.Implement that function return_gateways_array() to prevent ghost entries
Add the IP protocol to the configured gateway list to prevent duplicate entries on dynamic interfaces
Remove stray echo statement
Remove stray print_r()
Automatically pick up on dynamic IPv6 interfaces. For Example dhcp6.
Implement correct gen_subnetv6_max function that you can throw random prefix lengths in. Fixes Ticket #1725
DNSMasq was generating the error 'Socket operation on non-socket' and using 100% of the CPU, changing it to mwexec_bg() resolves the issue.
Fix VPN network listing for OpenVPN, and also add tunnel networks to this list.
Update the system.inc code that sets up the static routes for DNS servers to reflect the interface to gateway name conversion
Add a function that allows you to validate the address family on 2 addresses or 1 address and a gateway name. the gateway name must be the 2nd argument.
Unbreak the DNS rebind check when accessing over IPv4
Add router type to rtadvd daemon configuration to only advertise the router without slaac.
Fix the referrer checks for IPv6 addresses Ticket #1583
Fix the DNS rebind Check for IPv6 addresses Ticket #1583
Fix copy paste error which cleared args
Make sure to wait for the interface to be really created before letting the function return for PPP interfaces.
Make sure that we disable accepting router advertisements unless we explicitly enable them
Add a log message when we enable router advertisements for a interface
Disable the rc.newwanipv6 script called from the dhcp6 client, this causes a recursing configure.
Add debugging to interface down function, add support for the type6 = dhcp6.This really needs to be sorted out in a better way taking both v4 and v6 into consideration simultaneously.
Add the dhcp6 firewall rules so the client can get out.Add a type6 field so that we can distinguish the ipv6 configuration types
Ticket #1279. Decrease the refcount even though we're in booting phase. This helps the refcount to work as intended and help in making filesystem read only correctly on embedded platfroms. While here put some exceptions to refcount API and silent any related errors that might trigger. Also take not of the NOTE on the php manual that after a share memory is opened further references to it for size and access mode should be 0.
Include the rate output in the privilege for the traffic graph.
Make initial changes to allow pfSense to work in a jail.
This mostly avoids starting things that will not work and gets theinitial config. Most of the pfSense functionality will not work(pf rules, routing, etc) but it can be used for testing.
Allow custom dnsmasq options so ppl can set SRV records and such for xmpp/kerberos
Fix the filter rules to trigger for the right address family
Unbreak filter.inc. Pointy-hat ?
Resolves #1731. Correctly handle nested alias that have hostnames. While here prevent putting duplicated dns hostnames under the same table to prevent possible hickups and save double work.
Another roll at fixing the voucher sync problems.
Fix broken static route bypass rules
Reflect the changes in the UI page that IPv4 and IPv6 are no lounger coupled together. They are now 2 seperate switch() statements.This should also allow for toggling the dhcp6 client on a PPPoE interface