pfSense

Show how much data has passed on an SAD entry.

Disable this until it can be properly fixed.

Add tunable, by default disabled, to enable the default gateway switching feature when the default one 'disappears'.

Include .inc files for plugin system

Prevent races on resovlconf generation as well by adding a lock.

Only add pppoe to the interfaces list if it both has an entry and is in server mode (i.e. not disabled.)

Some extra protection against putting empty values into the ruleset.

Ticket #1534. Try to stop packages during reboot of system.

Increase timeout to 2 minutes. Ticket #1545.

Ticket #1545. Lock each dnsHost to be updated to prevent running two instances in parallell.

Silence the route changing since it fills the logs with not needed info.

Just use the long reference here instead of creating potential dangerous reference.

Add function header

Adding a new hook system for firewall nat edit and firewall rules edit page.
Basically if the directory exists it will suck in the files to extend these pags.

/usr/local/pkg/firewall_nat/input_validation
/usr/local/pkg/firewall_nat/pre_write_config
/usr/local/pkg/firewall_nat/htmlphpearly...

Rather make use of $global variable for RRD path.

• Add is_ipaddr_configured() so that people do not need to reinvent the wheel for this task
• Check to make sure the administrator is not entering the IP address of the same host preventing a issue where the firewall will sync the voucher database to itself and cause the webConfigurator to crash.

Remove out-dated RRD file as it will cause broken images to appear on RRD graphs page.

Provide a voucher_expire function so that voucher can be expired through a POST.

Put some debug info during dyndns update under debug conditionals.

Actually add more error checking and do not schedule a scan if it is not possible to retreive the wan ip address.

Improve some code and check return value from _checkIP.

Don't overwrite the $target variable. Fixes #1415

Check that the returned ip is an ip_address and not blindly trust the returned information.

Correct dhcpd statement for unknown-clients. Fixes #1555

Update some code to be more readble and more compliant to php5

Correct the interface alias generation. Wrong copy-pasto before.

Correct the interface alias generation.

Correct the interface alias generation.

Use remoteips here.

Resolves #1243. Properly handle pppoe new format of config so correct rulesets are generated.

Fix automatic and manual outbound NAT for PPTP. Fixes #954

Fix syntax error/typo. Fixes #1372

Fixes #1444. Implements the same fix that issue ermal made in #1522 to the console menu

Fixes #1386. Correct unlooping nested port aliases.

Correct code to use correct refernces for proxy settings set in Advanced->misc. Reported-by: http://forum.pfsense.org/index.php/topic,36939.0.html

Correct curl setting for setting a proxy username and password. Reported-by: http://forum.pfsense.org/index.php/topic,36939.0.html

Reject alias names that are too long. Fixes #1510

When uninstalling packages try to remove even any rc files created by packages.

When converting 1.2.3 LB pools to 2.0 gateway groups, strip invalid characters from the group names and update any rules referencing the old name. Fixes #1515

Correct default code disabling! Ponty-hat: myself

Disable the default route switching code since its causing more issues than solving. It needs more work to get re-enabled.

Fix PPTP server radius settings upgrade from 1.2.3. Fixes #1292

When uninstalling a service actually stop it first.

Test for null names passed to these functions as a safety precaution.

Test for null names passed to these functions as a safety precaution.

Ticket #1534. Check if a rc file exists before trying to run it. Also return if we execute a stop command through rc file to be consistent with the start_service function.

Don't put an empty PSK into the file, and try to avoid extra whitespace to be safe.

Remove Total users graph this has become redundant and replaced with a cumulative result.

Fix small typo

MAC prefix to vendor resolution at Status->Interfaces, Status->DHCP leases, Diagnostics->ARP table

Merge branch 'axscode-pfs'

Merge branch 'master' into yakatz-ssl

Merge branch 'drcookie-he.net'

Added HE.net (dns.he.net) to the list of available dyndns services.

Resolves #1529. Check if the file exists before opening it.

Resolves #1524. USe the correct field from netstat parsed output.

Test for array before using variable as one.

This function takes two parameters, fix PHP error. Reported at http://forum.pfsense.org/index.php/topic,36648.0.html

Make autocomplete on the login form optional.

Fix IPsec descr trimming for rule labels. Ticket #1426

Test for array/size before foreach

Various CRL fixes, handle empty internal CRLs better.

passive should always be on for mobile clients per racoon man page

Reorder where inetd gets started to after where the package rules are generated, so that a package can add a line to inetd.conf using that process.

If we have deleted the last cert from the CRL, blank out the text.

Ticket #CZH-831780. If gif(4) is part of a bridge and its mtu is smaller than 1500(ethernet standard) do not consider it in finding the smaller mtu because we have a patch to allow gif(4) be member of a bridge with smaller mtu. See https://rcs.pfsense.org/projects/pfsense-tools/repos/mainline/commits/67d3135722db4a3c911761ead5c881ccaef02c65 for details.

Timeout is either a global option and/or a table stanza option. For now made it a global option.
For the future each pool should probably have a configurable timeout.

Fixes #1394. Create a function get_itnerface_default_mtu and use it for resetting the mtu of a interface to default when needed. This adds the overhead of fetching the interface mtu and comparing with the default one every interface configuration run.

Disable this log message, as it can be extremely spammy in the logs.

Some more whitespace fixes.

Use correct config variable and fix some whitespaces.

Give time to filterdns to exit gracefully and after that start a new process.

Resolves #1486. When sticky option is selected under advanced->misc honor it even in the relayd.conf setting.

Bring back the optimization on max-packets at pf(4) level now that the issues with daemon have been identified.

Bring back the optimization on max-packets at pf(4) level now that the issues with daemon have been identified.

Now that layer7 daemon issues are resolved bring back this optimization.

Revert "Do not write ont rules anymore max-packets. This apparently was done by me in a previous commit, it helps with Ticket #636."

This reverts commit c8703797e5c24e6619ad14819fc62b3cb8a6ae3d.

Add a newline to the igmpproxy config to resolve issues of it not parsing correctly the file. Reported-by: http://forum.pfsense.org/index.php/topic,36279.0.html

Correct saving of qinq specified members and also correctly destroy parent vlan when deleteing the interfaces. Also take care of attaching to netgraph now that we detach by default.

Remove rndtest sysctl since the kernel module is not anymore part of our kernels. Leftover noticed by: Jim

Remove rndtest sysctl since the kernel module is not anymore part of our kernels.

Make sure that openvpn tunnels are not impacted by hitting 'Save' on the Interface->Configuration page when assigned.

Use the needed variable here so hitting 'Save' from Interface->Configuration section does not leave the assigned gif interfaces without tunnel addresses.

Some configurations might have gre/gif on top of carp. Make sure to handle this configurations and to bring the tunnel correctly up.

Don't just blindly echo to the ntpd.log, it's a clog file and that will break it.

Actually call interfaces_carp_setup after the carp interfaces are created so carp traffic can only flow after we have all vips up and running. This prevents premption more early than necessary. Ticket #1432.

If the bandwidth value is coming from radius scale it up to the requested Kbit/s unit.

Merge branch 'master' of http://gitweb.pfsense.org/pfsense/mainline.git

checking moduli of ssl csr request and response

Fix PPPoE upgrade, the <pppoe> tag is considered an array these days and the upgrade code wasn't treating it properly, accessing it directly instead of using the first entry ([0]). Fixes #1439 - PPPoE credentials upgrade properly now.

Confirmed working fix for ticket #1417 - with this change I have two-way connectivity on Site-to-Site (SSL/TLS) with iroutes.

Backing out changes from ticket #1417, it was not a valid openvpn config that the user was trying to make.

Harden SSL settings a bit. Verified OK with Chris Buechler and Bill Marquette

Slightly different fix for #1417 that doesn't mess up other parameters needed by p2p_tls

Block instead of allowing proto carp/pfsync during bootup since this may cause issues. Ticket #1432

Add an option under advanced->misc to specify a proxy for retreiving pfsense package info or downloading packages.

Save a little space on the interface list for console assignment.

Add missing fields for l2tp to define dns and wins servers

Do not send growl notices twice

Remove blank trailing c/r.

Notify via smtp as well as growl