pfSense

Remove left-over from copy-pasto

Correct the variable to the modem device output.

Import OpenVPN cisco style radius attributes applying policy to logged in users. Feature #2100

Import OpenVPN cisco style radius attributes applying policy to logged in users. Feature #2100

Make sure to return the Null route gateways too for looking up a gateway entry

Also include gwlb.inc in interfaces.inc

Some minor enhancements from renaming the Gathering Data to Pending.
When it doesn't exist in the array it's really unknown. Make that lightblue. show a ~

Fix Typo, although the host might indeed be loca. We'll just keep it local instead.

Allow for Null routes

Always add a link-local of fe80::1:1 when the interface is set to track6. This allows webui access over IPv6 to a easy address.
Make a shortcut in the get_failover_interface() function to get_real_interface() if we find the interface in $config.

Teach rc.initial.ping at least a little bit about ipv6.

Unbreak php errors on login form

Include the gateway functions in rc.banner to prevent throwing a error

Add Gateway Group support to the IPsec interface drop down.
Edit of gateway group correctly reflects the new IP Address.
We need to make a blacklist for interface names in the gateway group edit page.
Redmine ticket #1965

Allow for failover DynDNS hostnames.
replace get_real_interface() calls with get_failover_interface. If it isn't a group we call get_real_interface() anyhow.
We can't put the logic inside get_real_interface() as this would create a recursion
Redmine ticket #1965

The gateway groups array now knows about vips to be tied into that gateway group so we can tie the groups into services.
Redmine ticket #1965

Add statistic functions for the ZTE modems

Add support for the ZTE modem stats
Should be generic enough for other modems too.

Unbreak tree, add }

We are on FreeBSD 8.3 now

Escape the shell variable

Fixes #2428. Reference limiters in rules by name to avoid issues. Also put upgrade code for existing configs. The same fix is necessary for 2.0.x though not sure how this should be committed there.

Include util.inc and IPv6.inc before config.lib.inc.
Several parts of the config upgrade relay on functions in these.

Make sure we include "util.inc" during config upgrade. We need is_ipaddrv4() during upgrade which is triggered from gwlb.inc

Make sure to get the real interface in case we get passed a friendly interface
Redmine ticket #2463

Actually save the IPprotocol variable into the config, otherwise it stil won't work.
People will likely need to edit and save their gateways now if they have double entries.
e.g. both manual and automatically added entries, these will dissapear as soon as you save....

Rename old RRD quality database to the new GW name so we continue the graph.

Add a inet46 filter type on the firewall rules page. I have locked down a few of the most common limitations.
Still arguing if we should lock this down even further to aliases only.
Redmine ticket #2466

Finally give in and sprout a Internet Protocol drop down on the gateways edit screen.
With added validation and multiple detection parts to work when the value is not set yet.
Redmine ticket #2463

Do not allow empty passwords since this might cause problems for some authentication servers like ldap. Fixes #2326

Fix input validation and import test.

Switch to ntpd from ports, add Services > NTP to select interfaces for binding. Respect old ntp settings in the process.

Bump to 2.1-BETA0, let the fun begin.

Don't display a "mobile" user without a username.

Up the default for tables to 3000

Add a knob to tune the maximum number of tables that can be defined, the pf default of 1000 is too low for systems with >500 aliases.

Conflicts:

etc/inc/filter.inc

Do not add link-local address on carp interface manually. It causes them to go double master.
Redmine ticket #2278

More validation for ejecting CDrom devices for 3G sticks, needs extra manufacturers. Less typos in variable names also helps a lot.

Only attempt to remove stale LCK files if they exist.

List logged-in IPsec xauth users and provide a mechanism to disconnect them. Implements #1986

Allow for atleast 15 seconds before considering it a timeout, 60 would mean try once, since it would immediately hit the 60 second timeout

Switch to a common function to determine anti-lockout ports, and fix a bug that was getting the ports wrong with custom https+redirect on.

Don't do resolve_retry on ipsec_get_phase1_dst() results, because ipsec_get_phase1_dst() already does that before returning output.

Test for empty here, rather than !, so a blank value (as from mobile clients) doesn't fall to the other tests.

Merge pull request #2 from TheBlueMatt/master

Custom Dynamic DNS

Fix reference updating for when more than one carp vip exists. Skip the upgrade code if no carp vip defined. Ticket #2445

Disable logging for now since it will spam every 60secs * #users * #zones

Add missing declaration for global variable $g where it is used.

Fix name of the config section for virtual IPs in upgrade code. Ticket #2445

Check the surrounding characters to not allow partial matches. Ticket #2445

Revert "Rather do a fix by going through vips in reverse order"

This reverts commit d996dfeab2ec40cf3fb44b51811333b40ed5073f.

Fixes #2364. On busy pppoe servers it might take some time before mpd exits. Check for this before trying to restart

Do this only for carp type vips

Rather do a fix by going through vips in reverse order

Reflect naming changes, work around broken media type for wireless

Since this is an interface to avoid issues arising from vip1 and vip11 existing and replacing vip1 will replace even vip11, put on the regex <(starting close tag).

Fixes #2209. Obey the mtu value set on the interfaces.php page. Though this value will be overwritten if there is a configuration under PPP settings tab. Maybe a good idea is to set MRU at the same value if not set?

Unset the IP protocol tag while processing this array. This prevents a log message

Be a bit smarter about the stats interface for the huawei cards. Some of the K series have the stats on 0.2, the E series on 0.3
Some of the older E series only have 0.2 too. The new K3770 I got today is too new.

Move vip upgrade code to be later, since it was backed out of 2.0.x it no longer needs to be so early, and otherwise there can be some breakage/fallout. Ticket #2445

Ooops use correct name for vips

Add more functions and expand the 3G status interfaces screen.
List the SIM state, service, speeds and mode

Oops this should be sed and not sh. Fixes #2445

clean up old lock files for modem ports if a stale is left behind

Specify correct attribute where to read the setting from.

If specified use the default settings for bw limitation rather than 0

Prevent 2 instances of rc.prunecaptiveportal from running in parallell since this might be a bad thing

Make file names match to make this work. Also use zone name in the file to not mix things

Add the 3G mode display, really needs a function that translates these into sane display numbers for strength and mode.
The mode is actually a combination of LED color 4 = blue(idle), 5 = cyan(connected), and submode 7 = HSDPA
I need to find some proper documentation, really.

Fix command, remove spurious '

Kill the old 3gstats collector. Clarify the log message

Remove dead code.

Fix DynDNS issue introduced by f3b2b2a (_dnsIP was not set).

Add the option to use a custom Dynamic DNS Provider via an Update URL and Result Match.

If extra bw attributes are supplied during reauthentication apply and log them

Unlock if error occurs

Make sure that we match multiple characters.
Ticket #2415

First round of CARP vip renaming changes
Ticket #2415

Add the address family tag to the gateway groups array

Correct the rrd update command

Read in the correct interface file

Add 3G statistics for Huawei modems, split the Cellular stats out to per interface instead of global.

Modify the tar parameters to exclude .git

Allow saving on system.php if the gateways are down.

Attempt to Eject the CD device on 3G sticks for Huawei and ZTE devices.

Act on wireless interfaces too for linkup.
Redmine ticket #2440

Fix variable test

Initialize variable if it's not set

Prevent duplicate gateways from showing up if the interface is down. Redmine ticket #2442

Set the retry value to 60 seconds, this is not attempts, this is seconds before it needs a reply. So if the DHCP server was any sort of slow it would fail to aquire a lease. This was true for my wireless network at home. Plus, on various other lossy links, even cable modems this could be true....

Add the PPP automatic interface type. This would show the _PPP gateways.

Allow 802.1p tags to be controlled from firewall rules edit screen

feature #2413 Allow IPv6 interface configuration from the menu

normalize indentation

- also rename $section arg to $section_name in some functions to clarify

- also robustify parsing for <tagname> and bulletproof the handling of
certain errors

allow null to be passed as 2nd arg to parse_config_xml*

in which case entire config is returned

fix 'XML error: no Array object found!' errors

log_error if rrdtool restore calls fail

add -f to 'rrdtool restore' call

Teach mwexec and mwexec_bg how to optionally clear signal masks, and use that when launching ntp or ntpdate.