Woops, set $int before calling!
Pointy-hat-to: me
Do not pass opt1, pass 1 instead.
This fixes dhclient on optional interfaces.
Ticket #970
Cleanup pptp / pppoe code. Do not allow all traffic when pptp and pppoe are enabled.
Wrong IPSEC filter rules if using any interface other than WAN
Ticket #981
Change to:
$rule .="pass out quick on tun{$x} all keep state label \"let out anything from firewall host itself openvpn\"\n"; $rule .="pass in quick on tun{$x} all keep state label \"let out anything from firewall host itself openvpn\"\n";
Only install default pass out rule (needed for pptp wan) if traffic shaper is disabled. The traffic shaper code will deal with this rule otherwrise.
Suggested-by: Leon
Strip out Hna4 { ... } when announce dynamic route is off
Generate correct subnet mask
Latest OLSR changes.
Ensure symlink is correct on compact flash / embedded platforms
Always keep one config.xml backup on hand for embedded platform
Back out last commit. Restore CTRL-C behavior.
Kill off scalar array errors. This is not the 100% correct fix but will do until Seth returns from vacation.
Use correct variable to enable plugin options
Unset default route if dynamic gateway support is enabled in OLSR
PPTP on WAN fixes
http://forum.pfsense.org/index.php?topic=1184.new;topicseen#new
BETA4
Turn off previous ath settings.
Detective-work-done-by: Holger
Turn off pureg if its enabled so that the wireless interface can change settings
Work around the fact that the HAL expects commands to be issued in a certain order. This is quite annoying.
MFC 12193Mixes ticket #955
Time to put out one more snapshot before beta4.
Don't echo out line, send it to the system logs
We need R/W access to config.xml
Ticket #954
MFC DYNDNS fixes
Block the overload tables!!
Add "re" interface to altq. This is a realtek 1000 gigabit card.
Remove logging on target nodes, the primary is keeping track.
Log bad XMLRPC login attempts on target sync node.
Translate to alias name correctly
Do not trap on rc.inital menu
Fix DHCP when no rules exist on a bridged interface. Even if no allow rules exist, DHCP should be allowed to get an address through the bridge.
Fix bridge support by adding the bridge item to the alias group
return if no olsr or installed package configuration exists
Sync bridging code from m0n0 in relation to spoof checks, etc. A number of items where fixed in their tree after we forked.
Thanks to Chris Buechler for the heads up.
Do not enable olsrd unless it is enabled
Fix a number of bugs
Add HNA4 directive
Only allow a-z -0-9 on sync'd hosts
Load spamd-white table correctly
Don't start from interfaces.inc. We're moving to rc.bootup
Add watchdogd support for Soekris and WRAP platforms.
OLSR fixes
Synch with -HEAD.
Start check_reload_status at a nice value of 20
MFC logic fixUse == for comparison, not =.
MFC 11099Allow WAN and LAN address in shaper rules
MFC enable_rrd_graphing()
MFC RRD cdrom changes
When a rule is marked for NOSYNC, don't simply elminate the "nosync" part, eliminate the entire rule.
Major-pointy-hat-with-a-propellerhead-on-top-to: ME
Wrap a BETA4 release today due to the amount of fixes in Load Balancing code, etc.
Just check for lack of ip to run ftpsesame.
Remove openvpn. We now have a CoreGUI version.
webGUI -> webConfigurator
Alert to user we are changing default username back to admin on reset password.
Do not spew booting items during reload_all_sync()
When assigning interfaces if a previous description is found for a optiona interface, show a blurb of the info above the line.
Example. In this case the optiona description name was WIRELESS
Optional interface 1 description found: WIRELESSEnter the Optional 1 interface name or 'a' for auto-detection...
Correct date.
Version bumps
Correctly check if SpamD enablerrd is set.
MFC 11682Remove spurious " from filter.inc. Not sure where this one crept in.
Add UpNp anchor
Nuke spaces in carp passwords, it doesnt work too well with them.
stristr() may return > 1 (true)
Surround carp password with ""
Nuke a c/r if included.
Correctly enable / disable console lockout.
Ticket #920
When resetting the password from the console, reset the username to "admin".
Needless to say I waisted way more time than I should have finding this issue.
Make sure RRD is running after a cvs_sync.sh. Gary reported that RRD is stopping after EVERY cvs_sync.sh
MFC 11604Don't create a pass out rule for a queue if it is not on an interface or not used in a rule. This will cut queue pass out rules by the number of interfaces enabled.
MFC 11600Only setup route-to {} syntax if at least one available gateway was found
MFC 11598Only use route-to if the discovered gateway is a real IP
Do not install blank rules.
Found by Slayback on the forum.
MFC 11532random-id can't be included twice
Do not setup carp pfsync interface unless pfsync is enabled
Really not sure how this fell through the cracks. Grr.
Start slbd right before first filter_configure_sync()
backout last commit
Reload filter on boot.
MFC 11519Restore RRD files from tgz on boot. If this works on the first attempt I'm a code monkey. MFC: Soon, needs testing.
MFC 11521Mount config area rw before tar and then ro after tar.
MFC 11520Save the RRD files! MFC: Soon, testing with hoba now.Tickets:
MFC 11518Save the rrd databases to the config space on reboot.
MFC 11516squid now rdr to its chosen interface. also swat default pass in rules to allow firewall rules to dictate its behaviour (already tested by me).
MFC later RRD changes since patch failed
MFC 11509JavaScript now works for Gecko-based browsers as well (http://forum.pfsense.org/index.php?topic=1041.0).
MFC 11506Tweaked rra values for the databases so the graphs suck less. (especially the 14 days graph).
Remove option 12. It doesn't work on Embedded.
BETA3 time
MFC 11431need to use the gateway ip, not the monitor ip
MFC 11474kill slbd if there are no pools or virtual servers
MFC 11471don't wrap curlies around destination host in port forward - this fixes the destination "any" issue reported on the forum
MFC 11470Don't force a rrd spamd.rrd create since not everyone has spamd installed. It correctly triggers when you have it installed though.
Add random-id
Ticket #907
Redirect scripts output to /tmp/firmware_update.log
Do not process custom image unless it really exists.
Before it was detecting an image of "" and triggering the -C error.