RAM Disk Management - Config Upgrade
Update OpenVPN protocol preferences to match the new behavior of OpenVPN 2.4. Fixes #7062
Revise define values for address types to allow an easier transition in validateipaddr()
Added a function validateipaddr() use as:// Validate a network address// $addr: the address to validate// $type: IPV4|IPV6|IPV4V6// $label: the label used by the GUI to display this value. Required to compose an error message// $err_msg: pointer to the callers error message array so that error messages can be added to it here...
Fix unset glxsb
This bit of upgrade_config code needs a global reference to $config
Ticket #6770: Update wireless regex to match FreeBSD 11
Store Dynamic DNS passwords in Base64 to protect special characters. Fixes #6688
Convert CloudFlare and GratisDNS dynamic DNS over to split hostname and domain name fields, like Namecheap. Otherwise they could both break with subdomains or international TLDs with many parts. Fixes #6778
Rework captive portal to run with stock IPFW (round 1)
- Remove use of IPFW context- Create a rule that will skip to proper rule for each cp zone- Use new PHP module functions wherever is possible
Deprecate nanobsd platform and remove all conditionals that uses it
Define a single value for 'default_config_backup_count'
Remove unused global var 'hidebackupbeforeupgrade'
Remove unused global config item 'update_manifest'
Remove hideplatform global config and all uses of it
Remove unused global item 'nopkg_platform'
Move copyright from ESF to Netgate
Remove some obsolete code from globals.inc
Remove references to glxsb as it is not relevant to current supported platforms. Fixes #6755
Move to Apache License 2.0
Review license / copyright on all files (1st round)
Add upgrade code to clean up the old GRE/GIF flags that are no longer used. Ticket #6586 and Ticket #6587
Merge pull request #3037 from NOYB/Check_IP_Services
Check IP Services
Configurable check IP services.Used by Dynamic DNS services to check IP addresses.Configure as many check IP services as desired. The first (highest in the list) that is enabled will be used as the default.A future possibility could be to add an option to the Dynamic DNS entires to use a specific check IP service....
Update include() to include_once()
For safety, use include_once() when including various "side" files.There are a couple of instances of include("guiconfig,inc") that Ichanges to use require_once() to be consistent with everywhere else.The remaining cases of include() are just (hundreds of) head.inc and...
Merge pull request #2982 from stilez/patch-26
Set kern.corefile, fixes #6510
set default_config_backup_count based on platform
At the same time the platform is being detected for PHP/GUI purposes, set the default number of backups. Also handle the case where (for any reason) detection fails, which it shouldn't, so the variables are still created
Tweak upgrade - Remove unused code and document changes better
This will ensure a smooth upgrade for those running config 15.4 to any next version.
Revert "Add config upgrade code to update package names. Ticket #6118"
This reverts commit 297ace668e4a4ffbf1fb1581e7c765e2ed158e29.
Add config upgrade code to update package names. Ticket #6118
Bump net.inet.raw.recvspace and net.inet.raw.maxdgram by default. Ticket #6223
Show patchlevel together with product version on banners and system information widget
Bump net.raw.recvspace and sendspace defaults. Ticket #6223
Update VIPs CARP parent on upgrade. Ticket #6164
Rebase / Update config version.
Add checks in case there are dpinger param problems
in 2.3 installations that were upgraded from 2.2.* when the apinger todpinger params conversion code in upgrade_130_to_131() was not so good.
Bring back rainterface, add config upgrade to convert to new _vip format. Ticket #6043
Set the ALTQ root queue bandwidth.
Whenever possible set it to 1Gb, if the sum of child queues if higher than 1Gb, set it the correct value so we do not break any existing setup.
Ticket #5721
Detect default config flavor
Fixed #6012Config upgrade function replaces space with underscore in group names
Respect globals_override.inc
Read xml files from /usr/local/share/pfSense/menu and load menu entries
Add the upgrade code for OpenBGPd and Quagga OSPF packages.
Ticket #5884
Merge branch 'master' of github.com:dennypage/pfsense
Add config upgrade code to enable and configure DHCPv6 server and radvd where track6 is in use, as they were automatically configured previously. Add same config to default config.xml to retain existing behavior there. Ticket #3029
Merge branch 'master' of https://github.com/pfsense/pfsense
Quote the 1st parameter (constant name) when calling define()
Update config version to trigger upgrade of rrd files
Add the configuration upgrade code to make sure the existent settings will work after the last changes.
The CARP part of this code should be added together with the initial uniqid changes.
Firewall / Rules - Page Efficiency Upgrade
1) Only load the rules of the selected interface instead of loading all the rules of all interfaces and hiding them. Very inefficient and can result in sluggishness. Especially with large number of rules and/or large alias tables....
Change Namecheap dyndns to use split hostname and domain name fields. Upgrade existing entries automatically. Implements #4366Code should be generic enough that if other DynDNS providers would work better with a separate domain field, they can pick up the feature without too much trouble.
retain OpenVPN's net30 default topology for upgraded configs so they still work. Ticket #5764
Add uniqid tag to CARP VIPs that don't have one upon upgrade. Ticket #4858
Fix up config setting for killing states on gateway failure. Enable this option where gw_down_kill_states is set. Flip setting accordingly during config upgrade to not use confusing 'kill_states' tag to not kill states. Ticket #5815
Switch to disabling strongswan unity plugin by default. Ticket #4178
Fix #5690:
- Remove parameters from set_language()- Add a global variable for default language- add env var for LANG, otherwise it won't work
Encode DHCP/DHCPv6 server additional BOOTP text options before save to XML to preserve data. It fixes #5623
Add config upgrade code to remove L7 config pieces, and file a notice where found. Ticket #5508
add config upgrade code for lighty->nginx logging
Fixed #5714
Experimental: Fixed #5693Added new functionality to PHP classes, and used it ONLY in system_advanced_notifications.php -> smtp password
Disable IPsec phase1 or phase2 using DES and inform user why they were disabled since DES is no longer supported. It should fix #5543
Nuke fifolog support. It was never used or fully implemented, no GUI option, and didn't end up working out.It buffered writes too long, users could never see the most current log data.
Remove all pfSense_MODULE and pfSense_BUILDER_BINARIES definitions, whatever was the reason they were added, it was never finished and it's not being used
globals.inc comment typos
Moved global defines to globals.inc
link to proper license information location
Write upgrade config to replace apinger by dpinger, it should fix #5624
Upgrade code to change topology_subnet checkbox to drop-down. Issue #5526
Move recently added upgrade code to a new config version
Fix old SNMP bindlan setting - Redmine #3883
Remove run-time code in services.inc that referenced "bindlan".Provide upgrade code to convert bindlan to bindip="lan" if needed.Update current config version.
Retire /etc/rc.create_full_backup and usr/local/www/system_firmware_restorefullbackup.php
Fixed #5432
The net.enc.in sysctls should be 2, for only the inner portion of the VPN. Ticket #5421
Fix #5350. Correct issues with strongswan logging (setting changes did not persist across reboots, setting silent did not work).
etc inc delete $Id comments
and bits of white space.Note: There are plenty of files still with old-format copyright sectionsin here.
The net.inet.ip.fastforward sysctl is retired now.
Tryforward instead, is always on and is compatible with IPSEC.
TAG: tryforward
Apply a different fix to issue #2993.
Instead of forcing the encrypted traffic in transport mode as ENC_AFTER,just change the mask to allow ENC_BEFORE events.
Theoretically, this eliminate the need of ipsec_transport_filterfix.diff.
Issue: #2993
Remove more references to theme, ticket #5333
Remove config stuff for WEP. on upgrade, disable WEP on interfaces that have it configured and disable those interfaces and generate a notice. Fixes #5123.
Cleanup unused code:
- Remove xmlrpcbaseurl from globals- Remove xmlrpcpath from globals- Remove embeddedbootupslice from globals- Remove call_pfsense_method()- Remove check_firmware_version()- Remove get_active_xml_rpc_base_url()- Remove zeromq.inc...
Disable zero copy buffers in bpf.
This was a no-op before my changes (so this was never really enabled) andnow it is known to cause issues with tcpdump and hostapd.
Disable this until we fix all the raised issues.
Issue: #5257
Remove /usr/share/zoneinfo.tgz and use FreeBSD stock zoneinfo. It fixes #4726
Retire PPTP server, fixes #4226:
- Remove PPTP server and all related code- Bump config version 12.2- Write upgrade config code to remove pptpd section and also cleanup firewall and NAT rules using PPTP interface or src/des
Merge branch 'master' into bootstrap
update config to rid of nt-hashcredit to: das projekt der goatse
Move main pfSense content to src/