Fix #7024: Deprecate /etc/inc/radius.inc in favor of pear-Auth_RADIUS port
fix #8441;
ipfw rules must be deleted before cp record delete.
Captive portal: add option to choose whether to use the bandwidth limits retrieved from RADIUS or not
Automatically upgrade config to preserve old RADIUS bandwidth limits behaviour on existing installations.
Captive portal: add the explicit reason why a user was disconnected to the log
Captive portal: add option to retrieve the traffic quota value from RADIUS
Add an option to enable retrieving a user's traffic quota from RADIUS. The code uses a new vendor-specific attribute so the RADIUS server must be configured appropriately and load the pfSense dictionary.
Captive portal: add a traffic quota option
Add a new option to disconnect users after they exceed a traffic quota (sum of downloaded data and uploaded data).
Captive portal: always use the RADIUS-provided session timeout value if the option is enabled
Fix #7972
Rework the way Captive Portal vouchers are synchronized on HA:
- When voucher use is enabled on primary, do the same on secondary- When voucher rolls are created/modified/deleted, sync to secondary- When voucher is used, disconnected or expired, sync it in both...
Break some long lines
Fix #8317
Verify if pipes were created in current system before attempt to removethem
Do no try to lock when file doesn't exist
Implement dry_run mode in captiveportal_free_dnrules()
To be used later on a fix for ticket #8317 just return the arraycontaining pipes to be removed without removing them fromcaptiveportaldn.rules
Fixed #8226 Check for MAC duplicates
loop through auto pass MAC addresses for duplicatesbefore automatically adding a pass thru.
Update the Copyright notice for pfSense.
Add missing $cpzone declaration. Fixes #8238
Ensure that the value passed to ipfw pipes is always an integer, no matter the source. Fixes #8097
Disable HSTS for captive portals
Revert "Do not associate IP and MAC on down table. It should help #7813 and #7833"
This reverts commit aa61ecfde0952ed1c3a035ac9489f5a5f9c51425.
Do not associate IP and MAC on down table. It should help #7813 and #7833
Revert "Update translation files"
Bad commit log
This reverts commit ff8d44d194b6a5ada8fcd2aafe8c7ec358a7adae.
Update translation files
Fix #7834: Delete IPFW pipes when disable Captive Portal zone
Remove correct file
Ticket #7834: Add missing global declarations
Make rules that deal with IP+MAC pairs to be layer2 only
Restore calls to pfSense_ipfw_table_zerocnt(), it's fixed now
Remove unused parameters
Do not associate IP and MAC on down table
Fix syntax
Remove leftover debug
Ressurrect nomacfilter option on CP now IPFW supports combined tables with IP and MAC address
Re-introduce Captive Portal statistics
Only cache CP RADIUS Auth credentials when reauthentication is enabled. Fixes #7528
Add reason to write_config() call
Code with multiple %s in etc
Captive portal: make captiveportal_disconnect_all() faster
captiveportal_disconnect_all() removes the users one at a time and in some cases, when many hundreds of users are connected, can take up to several dozens of seconds to complete.Instead of looping through all users, send all the accounting information, reset the user database and delete all the active rules and reinit them. Use locking to prevent new users from logging in until the function ends.
Merge pull request #3315 from plumbeo/accounting-on-disable-reboot
Captive portal: rework logging and RADIUS accounting when disabling a zone or rebooting
Make captiveportal_radius_stop_all() log the disconnections in the system log and fix it so that it works with the zone id parameter and sends complete RADIUS accounting packets....
Captive portal: use locking to avoid race conditions between rc.prunecaptiveportal and captiveportal_disconnect_all()
Convert rc.prunecaptiveportal to lock()/unlock()/try_lock() and use the lock to ensure that there aren't race conditions between it and captiveportal_disconnect_all().
Captive portal: work around race condition between captiveportal_disconnect_all() and captiveportal_prune_old()
Captiveportal_disconnect_all() loops through the active users and disconnects them immediately but doesn't remove them from the user database, only adding them to a list that is processed after the end of the loop....
Captive portal: add button to disconnect all users
Add a function to disconnect all logged in users and a button to call it in the captive portal status page.
Merge pull request #3130 from omnia-dev/master
Captive portal: add option to include idle time in total session time
Add an option to choose whether the time spent idle by a user disconnected for exceeding the idle timeout must be included in the total session time sent to the RADIUS server or not.
Fix reversed accounting style
Always create a pipe for each allowed MAC or IP
host_ips tables is not supposed to use pipes
Make sure filterdns is disabled when CP zone is disabled
Fix the ipfw rule to use the table cp_ifaces and not the interface cp_ifaces.
Stop using -y on filterdns call
Rework captive portal to run with stock IPFW (round 1)
- Remove use of IPFW context- Create a rule that will skip to proper rule for each cp zone- Use new PHP module functions wherever is possible
Remove all calls to conf_mount_r* functions
Move copyright from ESF to Netgate
Fix bandwidth limitation in mac passthrough auth
Move to Apache License 2.0
Review license / copyright on all files (final round)
Review license / copyright on all files (1st round)
Update include() to include_once()
For safety, use include_once() when including various "side" files.There are a couple of instances of include("guiconfig,inc") that Ichanges to use require_once() to be consistent with everywhere else.The remaining cases of include() are just (hundreds of) head.inc and...
Fix #6278
$cpzone is always in lowercase, it's used as the array key used inconfig.xml. Use it in two cases where the $cp['zone'] was being wronglyused:
- To find out zoneid- To replace PORTAL_ACTION url
Escape username before use in CP SQL
A maybe "better" version to try.
Specify the zone in the PORTAL_ACTION URL. Ticket #6037
HTML Compliance - Captiveportal
Text Align & Background Color
Internationalize etc inc a-i files
Fix RADIUS spelling. It is written in all caps.
Fix multi-session time counting for the FreeRADIUS start/stop case. Ticket #2164
Add option for FreeRADIUS-friendly stop/start RADIUS accounting updates.It needs a sleep between the stop and start, and it needs slightly different figures for start/stop time in the request.
Initialize $stop_time inside foreach to make sure it resets to proper value each iteration since it's changed inside loop. Reported on https://github.com/pfsense/pfsense/pull/2487
Remove ORIGINAL_PORTAL_IP, it was never used.
Update license on files from /etc/inc
un-break SVG graphs
start converting CP to nginx
start switching CP to nginx
Flush zone's tables if its db must be reset to avoid leaving behind any table entries. Ticket #5622
Add busytimeout of 60 seconds for CP database access. This matches the default value PHP uses with sqlite 2.x versions (pfSense 2.1.x and earlier) and prevents the issues noted in Ticket #5622
Fix handling of 0-byte files uploaded to the CP file manager.
Remove all pfSense_MODULE and pfSense_BUILDER_BINARIES definitions, whatever was the reason they were added, it was never finished and it's not being used
Code style and white space in etc
Sanitize the session_id/logout_id in captive portal.
Bug #2155
Fix of Bug #2155
Fix the captive portal rules after 98bf4991dc31f97fc7315a6b8aba433de9d39cea.
The malformed rules breaks the parsing of initialisation rules.
Issue: #4746
Only need to check 'vip' here.
Can't use continue here as it continues the foreach, which skips the "ipfw zone" command, breaking CP for any system that doesn't have VIPs defined.
For captive portal, if a user reloads index.php of the portal while already logged in, show the logout page instead if it's custom.
Must be a custom logout page that does not include a redirect.
Move main pfSense content to src/