pfSense

Add back accidently deleted line.

Woops, turn back on main console

Lets REALLY turn the serial port on this time. It was previously "off"

Start console on serial port after boot.

Needed-by: Soekris and Wrap users

Do not attempt to generate altq rules if its disabled.

Do not attempt to use a queue if its not associated with a rule.
Change the default queue for magic shaper to be the qHatedDownload on the catch all rule.

Bump to 0.28

Don't forget to \n each firewall rule section.

Add console to ttys

Re-renable rule error detection.

• remove the temporary rule loading workarounds in /etc/rc
• adjust the boot order slightly in rc.bootup
• rename filter_ipmon_start to filter_pflog_start

Bump version to 0.27

Sleep for 10 seconds instead of 5

Sleep for 5 seconds then enable rules. Race condition?

Do not use filter_configure on boot.

make sure we enable the firewall before loading rules

Move alias definitions to top tf the file.

Add labels to lan ipsec rules.

Add "IPSEC: " to each ipsec related rtule

Correct testing behavior for default shell. Previously was tested with bash.

Log upgrade actions to syslog.

If an error occurs during the rule loading, report the error to the user.

only set S/SA on tcp rules

Version bump to 0.26

Convert filter_configure to return the error text from pf if a ruleset is not loaded correctly for any reason

Convert altq ipfw code to use the newer queue types.

Overhaul many functions in the traffic shaper and make them simpler.

Instead of tareting queue numbers, target the queue name.

Bump version to 0.25

Aliases now work for ports. Add autocomplete hint field for aliases box on rules edit form.

Bump version to 0.24

ipfw -f flush before unloading

Since the IPFW module is now compiled with the default to allow all from any to any, take out the code that setup those specific rules.

Missed closing bracket.

Pointy-hat-to: me

Only unload ipfw module if traffic shaper is disabled AND captive portal is disabled.

Do not echo during shaper configuration.

Do not echo commands out when setting up traffic shaper configuration.

move max-mss line to correct spot.

Doh!

Pass targetqueue, not queue.

Add an allow rules immediately following the kldload of the ipfw module.

Fixup ordering. ALTQ rules load out of the box now!

Clean up after major ipfw/altq conversion.

Its now working! w00t!

Add IPFW2+ALTQ traffic shaping. We have now switched the rules portion over to IPFW which will tag the packet accordingly.

Start adding anchors to most common areas of rules so that packages and shell-cmd can furhter modify the system with ease.

Minor comment cleanups, add anchor to altqints and extra welcome text after boot sequence is finally complete.

Remove filter_configure() from late in the process, it interferes with shell-cmd

Add usbd to system startup.

Add anchors for: altq, nat and filter.

altq is where all the shaping rules currently live.

nat is where all of the nat related items live.

filter is where the actual filter rules live.

Version bump to 0.23

Add auto upgrade option to pfSense

Add /etc/rc.filter_configure which can be called from a shell script to configure the filter

Remove ftp-proxy debugging entry.

Alter ftp-proxy rules a little bit. Be sure to let the firewall itself to allow outgoing proxy traffic.

Reset password to pfsense

Woops its /25

Bump PPTP clients up to 128. Oddly running at 64 still used less ram than on 4.X.

Version bump to 0.22 - FTP-PROXY-TIME-EXCELLENT!

Really remove the label from rdr squid rule

Do not label squid transparent proxy rule

Add per rule state timeout option. Good for heavily loaded http servers, etc.

Bump version to 0.21

Fix ftp-proxy ;)

Add debugging entry to syslog

Bump PPTP vpn client count to 64 and the subnet to 26

Increase PPTP vpn maximum connections to 50.

Missing brace

Add IPCOMP (IP Compression) support to IPSEC VPN's

Allow for tcp and udp on ports. Create a proto list in thise case.

Remove extra space after udp ipsec rule

Label user rules as USER_RULE: "rule"

Bump version to 0.20

add rule labels

Remove unused entries. Ensure the vpn only talks on necessary ports on each endpoint.

Redirect sysctl output to /dev/null

Supply full path to sysctl

Do not try to execute *

Supply complete path to sysctl

Welcome to 0.19 - Drum N Bass Madness!

label the custom rules correctly

Load balancing rule should be created in the rules section. Duh!

Add label for custom and traffic shaper rules

Remove frag code.

We do not use the old flags

Add lowthroughtput items to magic shaper

Add iptos support

Add maximum states for the firewall to advanced menu.

Use max-mss on the scrub rule

Dump the custom ipf custom mss clamping options. we can fine tune these in the pf rules.

Allow for the user to customize the pf optimization options in the system -> advanced menu. the default is normal.

Apparently we will need quick for ALTQ rules

Dont use the quick flag when creating ALTQ rules so the user doesnt accidently open up the firewall to something they do not wish to do.

Remove console links browser option. It does not work correctly with wizard.

FIx bug in filter_altq_get_queuename

Update (C)

Bump version to 0.18

Turn off debugging echo

Add support for squid transparent proxy

Add support for priortizing ACK's

Commit what I have so far. Magic shaper now works 100% .. or atleast appears to!

switch xml format over to pfsense header and footer. time to break away from m0n0walls configuration since ours is a little different now.

Bump to 0.17

Add carp entry