Prevent a IPv6 address from breaking system routing. This is a hack because we don't have the proper ip validation in 2.0 mainline
Do not put a config entry for dhcpd if we cannot determine the subnet address. Reported-by: http://forum.pfsense.org/index.php/topic,32303.0.html
Better way to determine the username for config descrs
Fix variable name reference
Fix references to what was apparently supposed to be $g['booting'] and not $bootup.
Add a description to this write_config() so it's a little more obvious what it's doing in the logs.
The use of log_error() requires util.inc
No need to set this here, we already set it in config.inc (and it takes precedence)
Add the cron job a different way. There have been a couple reports of losing CAs during the config upgrade and this was the only added function at the time.
Specify the -inet family so that accidental IPv6 addresses here don't break the system routing.
Add the default value for the new tunable debug.pfftpproxy to 0. It allows to disable the pfftpproxy. Also add it to the default config.xml though no upgrade code should be needed since people can create this from the gui and hopefully do not need to know about this anyway.
Really do not deactivate netgraph if the underlying interface is needed by it!
Ticket #1198. Fix code when checking client or server
Remove extra brace
Better test for an empty CA to avoid writing out an empty CA file (some on the forum are seeing this.)
Bail on reinstalling all packages if we can't contact the package repo.
We no longer use /var/run/config.lock - catch up to other progress. Also, use lockf to test if the config is locked now, with a 30 second timeout.
Ticket #621. Sort even csr subject to have the matching go ok during import of externally signed cers.
Only copy 52 chars of a user descr to the pf rule. When added to the "USER_RULE: " prefix (11 chars) we hit the 63 char limit. Fixes #1187
Bump config version, add upgrade code to setup cron job for URL table update script.
Ticket #875. While ldconfig should be called by pkg code itself do it explicitly to have the cache file rebuilt with correct list.
Ticket #317. Unconditionally synchronize users on bootup this might prevent some reports of ssh keys not being there.
Turn back off zlib compression
allow 127.0.0.1 and localhost for HTTP_REFERER checks
Stop spewing backup info on bootup
Add back booting check that existed prior to refcount code. We will improve upon this next week.
Ticket #621. sort the contents of array used for generating subject by keys so whenever we do subject comparison we will not have problem just because of the array keys ordering.
Need to use Unlink in tar
Shorten english
Scroll the textarea to bottom on each update
Take into account< 10 too
When installing packages on console (downloading) only show every 10% meaning 10% 20% 30% instead of 1% 2% 3% 4% 5%, etc
Ensure $pkg is defined. Send pkg_delete errors to /tmp/pkg-delete_errors.txt
Fix package dependency check code now that we no longer nuke /var/db/pkg/ before operating on packages
Strip off the space between @depend and the package name. Otherwise it will return a space in front of the pkgname
Do not unlink file, it's handled by behind the scenes pkg-utils.inc code
Fix typo
Shorten repo download message
Do not show already installed messages which fill up the textarea too many times
Include pkg-utils.inc
Also CDATA protect the detail field. Fixes #1168
Don't run mb_convert_encoding on descr field, it's cdata protected in the config now and this just causes some characters to be lost on input. Ticket #1168
Do not nuke /var/db/pkg now that 2.0 has better handling
Reinstall packages on bootup during console. Ticket #1156
Ticket #491. Correct username/password name fields so upgrade works correctly.
Actually use sigkillbypid.
Send a HUP to racoon which is equivalent to the reload-config racoonctl command which seems to not work in 0.7.3 of ipsec-tools.
Forgot to up the array count.
Add kern.ipc.maxsockbuf to upgrade config and remove extra whitespace.
Unbreak dns server colletion. Pointyhat: myself
Add sysctl for maximum socket buffer sizing. Set to 42621444. This is needed for some heavily loaded servers running unbound, squid, etc
Ticket #943. Sleep 1 second to give dns time to reload.
Ticket #1141. Add missing sasl.inc
Oops remove forgotten line and correct variable name error that seems to have existed from long time. Even though the file read is not used in pfSense this days!
Use glob instead of forking cat with glob patterns. Also use file() instead of forking cat just for reading a file. This might help with the issue reported on Ticket #943 which seems like a timing issue even though the dns events happen before newip events.
Ticket #1152. Call rc.newwanip even on openvpn linkup event to do the correct reloading of gateways and services. Add a safe belt to avoid a recursion in openvpn itself from rc.newwanip.
When the parent interface of a pppoe is assigned do not remove the interface from ng_ether since this will break ppp clients of netgraph with this interface as parent. This solves http://forum.pfsense.org/index.php/topic,31247.75.html
Turn zlib compression back on. Tested by and reminded by Pierre Pomes. Ticket #198 ... Apparently lighttpd was not compressing the php pages so this should be turned back on according to Pierre Pomes (and tested by him).
Remove uncessesary function call.
This function call is extraneous. mpd will automatically shut down existing mpd processesgracefully because we call it with the "-k" command line switch.
In addition, this call causes mpd to be started twice in rapid succession when users have...
Reshuffle code a bit. Prevent potential race condition between one mpd instanceshutting down and the second one starting.
There's no need to kill mpd before restarting it since we always start it withthe "-k" flag which means "wait for existing mpd process to exit gracefully before starting."
Ticket #1141. Typo error, use ->user to enable auth
Ticket #1141. Add necessary stuff for smtp auth using sasl
Improve parse_config to not be recursive for no reason. This fixes some strange cases of config lock being left held and blocking GUI.
Fix PHP warning related to recent update of apc extension.
Allow entering an arbitrary subnet for outbound NAT translations.
Nuke newline
Add address pool support to outbound NAT. Allow specifying a subnet for outbound NAT rules (via a subnet of proxy arp VIPs) or a host-type alias for outbound NAT rules, and give the user a choice of pool options for address selection from within the pool.
Ticket #802. During a config restore detect if the vlan interfaces need reassignment too. This might be problematic for other type of interfaces on 2.0!
Add radius port and radius accounting port to config if supplied.
Ticket #1116: anonymous sainfo may be used only for single phase2 ipsec VPN's
fix text
Don't include rfc1918 in bogons
Allow any port to go out for CP. This should unbreak traffic of CP rdr!
Unlink needs_package_sync after one pkg has installed OK which means that our internet connection is up.
update bogons
More misc pkg install txt fixups
Add newline after restoring libs
backup and restore libs in correct location
misc text formatting fixes (tabs)
Only backup libraries at the beginning of the deinstall cycle.
Add tab
Add newline after installation aborted
s/Trying to download/Downloading
Version bump to 2.0-BETA5. Merry christmas!
Backup system libraries and restore during pkg deinstall.
Instead of replacing the whole array just add the new vlanif member to the config. Should fix issues reported in http://forum.pfsense.org/index.php/topic,28202.15.html
Add some more safe belts and remove code that is commented from long time now. Reported on http://forum.pfsense.org/index.php/topic,28202.15.html
Ticket #1128. Ooops pass the right parameter to unlock.
Hanlde the case when advbase is not present especially on previous 2.0 setups.
Prevent other types of interface for being added to ng_ether(4). It might be the cause of panics reported here http://forum.pfsense.org/index.php/topic,31404.0.html
Ticket #757. Use correct pidfile.
Include captiveportal.inc if captiveportal_syslog() is not defined.
Use captiveportal_syslog()
Fix whitespace.
Typecast second param for array_merge to silent a warning that is breaking build since we check output of test_php.php looking for a string 'FCGI-PASSED PASSED'
nuke trailing carriage returns
Nuke trailing carriage returns
White space fixes and (C) for both Ermal and myself