ssh settings alignment. Fixes #8974
Remove redundant settings stored in the wrong placeStore all ssh settings in the same placeInitialize this array before use
Fix #7694: Replace sshlockout_pf by sshguard
Add the GUI support to set the VLAN Priority for the DHCP requests.
Ticket #7425
on arm and arm64 machines, set kern.shutdown.secure_halt = 1
the arm systems leave enough running after halt to forward packets.this is a bad thing. on arm systems, set this sysctl so that whena halt command is issued, it is severely stopped and no packet...
Upgrade config : Move captiveportal authentication to use user manager
Revise page footer text and centralize footer output for consistency
FEC LAGG is deprecated, remove from GUI and change on upgrade. Fixes #8734
Preliminary footer revisions. Pending link targets
Integrate ACB into core. Add config migration.
routing, add option 'automatic' for gateway selection, and allow manual ordering of gateways
Make GUI/config values for gateway groups match what the backend code expects. Fixes #8586
Merge pull request #3781 from PiBa-NL/20170712-defaultgateway-group
Enable support for php72 variant
Add a global to keep valid meta package suffixes
Gateways, allow for configuring a gatewaygroup as the default gateway.-Avoid changing routes by just visiting a webgui page.-Avoid change some unneeded events when nothing changed.
Replace incomplete list of pf reserved words with a list of pf tokens pulled from the pf source. Fixes #8445
Also, move the list to a central location so it does not need to be duplicated.
Captive portal: add option to choose whether to use the bandwidth limits retrieved from RADIUS or not
Automatically upgrade config to preserve old RADIUS bandwidth limits behaviour on existing installations.
Fix #8417
- Changed default value for Maximum Table Entries to 400000 in order to make bogonsv6 to work- Added code to upgrade config and set default value on systems where it's not defined- Changed default config to match new default and version 18.0...
Bump up the XML config version.
Revise picture widget to store image on file system, not in XML config
Revise picture widget to store inamge on file system, not in XML config
igmp, Add option to disable the igmp service, bump global.inc version
Fix config version # arrising from merging older PR
Update the Copyright notice for pfSense.
Remove old dnssec-keygen style files during upgrade
Feature #8123: Add GoDaddy as a Dynamic DNS provider
Update the system sysctls to not harvest data from interrupts, point-to-point interfaces and ethernet devices.
The sysctl names changed in FreeBSD 11.
Allow the use of mbuf tags to set the VLAN pcp on output packets.
This is necessary for use with the pf 'set prio'.
Ticket #7973
Merge pull request #3811 from trunet/add-cloudns-to-dynamicdns
Fix #7981: Convert PPP ports interface names to new VLAN notation using dots
Fix the QinQ support.
Bring the QinQ support to the VLAN dotted format.
To avoid breaks third party software (such as dhcpd), we silently ignore the interfaces with names bigger than the maximum size in FreeBSD.
Ticket #7942
Change the VLAN inteface names to use the 'dotted' format of FreeBSD, which is shorter and helps to keep the interface name smaller than the limit (16).
This fixes the 4 digit VLAN issues when the NIC name is 6 bytes long.
Ticket #294
dyndns: Adding support for ClouDNS (https://www.cloudns.net)
Bump config revision, fix comment. Ticket #7809
Refresh cache every 2h when using GUI
Use cache file to show pfSense version information
Make sure pkg metadata is updated at least once daily. It will be used to speedup GUI parts related to pkg update
Update config version
Force the support widget to show when a user upgrades to this version
Fix OpenVPN Auth Digest Algorithm selection so it does not use duplicate/alias names in the list, and fix existing entries on upgrade so they use the actual digest name and not an alias.
create global for user code dir, in diag_command.php
Going to try and stop user code generating notices, by putting it in a specific dir which doesn't give notices for syntax errors.
Add upgrade code to work around broken shaper rules from old wizard code. Ticket #7434
Bump config rev for widget preference setting changes
This should have been bumped along with https://github.com/pfsense/pfsense/commit/071d8a610047fe1994c9fa28e339fe93f4498c73
Remove siproxd from globals
It was accidentally put back by a dodgy merge that missed the commit that removed this line.
Upgrade code to convert old Traffic Graphs Widget settings
Remove unused base_packages variable from globals
Add GUI components for loading cryptodev as a module, and upgrade code so users have it on upgrade since it was in-kernel before. Fixes #5976Having both aesni and cryptodev loaded at the same time appears to only negatively impact performance, no gains, so at the moment there is no need to load them at the same time.
RAM Disk Management - Config Upgrade
Update OpenVPN protocol preferences to match the new behavior of OpenVPN 2.4. Fixes #7062
Revise define values for address types to allow an easier transition in validateipaddr()
Added a function validateipaddr() use as:// Validate a network address// $addr: the address to validate// $type: IPV4|IPV6|IPV4V6// $label: the label used by the GUI to display this value. Required to compose an error message// $err_msg: pointer to the callers error message array so that error messages can be added to it here...
Fix unset glxsb
This bit of upgrade_config code needs a global reference to $config
Ticket #6770: Update wireless regex to match FreeBSD 11
Store Dynamic DNS passwords in Base64 to protect special characters. Fixes #6688
Convert CloudFlare and GratisDNS dynamic DNS over to split hostname and domain name fields, like Namecheap. Otherwise they could both break with subdomains or international TLDs with many parts. Fixes #6778
Rework captive portal to run with stock IPFW (round 1)
- Remove use of IPFW context- Create a rule that will skip to proper rule for each cp zone- Use new PHP module functions wherever is possible
Deprecate nanobsd platform and remove all conditionals that uses it
Define a single value for 'default_config_backup_count'
Remove unused global var 'hidebackupbeforeupgrade'
Remove unused global config item 'update_manifest'
Remove hideplatform global config and all uses of it
Remove unused global item 'nopkg_platform'
Move copyright from ESF to Netgate
Remove some obsolete code from globals.inc
Remove references to glxsb as it is not relevant to current supported platforms. Fixes #6755
Move to Apache License 2.0
Review license / copyright on all files (1st round)
Add upgrade code to clean up the old GRE/GIF flags that are no longer used. Ticket #6586 and Ticket #6587
Merge pull request #3037 from NOYB/Check_IP_Services
Check IP Services
Configurable check IP services.Used by Dynamic DNS services to check IP addresses.Configure as many check IP services as desired. The first (highest in the list) that is enabled will be used as the default.A future possibility could be to add an option to the Dynamic DNS entires to use a specific check IP service....
Update include() to include_once()
For safety, use include_once() when including various "side" files.There are a couple of instances of include("guiconfig,inc") that Ichanges to use require_once() to be consistent with everywhere else.The remaining cases of include() are just (hundreds of) head.inc and...
Merge pull request #2982 from stilez/patch-26
Set kern.corefile, fixes #6510
set default_config_backup_count based on platform
At the same time the platform is being detected for PHP/GUI purposes, set the default number of backups. Also handle the case where (for any reason) detection fails, which it shouldn't, so the variables are still created
Tweak upgrade - Remove unused code and document changes better
This will ensure a smooth upgrade for those running config 15.4 to any next version.
Revert "Add config upgrade code to update package names. Ticket #6118"
This reverts commit 297ace668e4a4ffbf1fb1581e7c765e2ed158e29.
Add config upgrade code to update package names. Ticket #6118
Bump net.inet.raw.recvspace and net.inet.raw.maxdgram by default. Ticket #6223
Show patchlevel together with product version on banners and system information widget
Bump net.raw.recvspace and sendspace defaults. Ticket #6223
Update VIPs CARP parent on upgrade. Ticket #6164
Rebase / Update config version.
Add checks in case there are dpinger param problems
in 2.3 installations that were upgraded from 2.2.* when the apinger todpinger params conversion code in upgrade_130_to_131() was not so good.
Bring back rainterface, add config upgrade to convert to new _vip format. Ticket #6043
Set the ALTQ root queue bandwidth.
Whenever possible set it to 1Gb, if the sum of child queues if higher than 1Gb, set it the correct value so we do not break any existing setup.
Ticket #5721
Detect default config flavor
Fixed #6012Config upgrade function replaces space with underscore in group names
Respect globals_override.inc
Read xml files from /usr/local/share/pfSense/menu and load menu entries
Add the upgrade code for OpenBGPd and Quagga OSPF packages.
Ticket #5884
Merge branch 'master' of github.com:dennypage/pfsense
Add config upgrade code to enable and configure DHCPv6 server and radvd where track6 is in use, as they were automatically configured previously. Add same config to default config.xml to retain existing behavior there. Ticket #3029
Merge branch 'master' of https://github.com/pfsense/pfsense
Quote the 1st parameter (constant name) when calling define()
Update config version to trigger upgrade of rrd files
Add the configuration upgrade code to make sure the existent settings will work after the last changes.
The CARP part of this code should be added together with the initial uniqid changes.
Firewall / Rules - Page Efficiency Upgrade
1) Only load the rules of the selected interface instead of loading all the rules of all interfaces and hiding them. Very inefficient and can result in sluggishness. Especially with large number of rules and/or large alias tables....
Change Namecheap dyndns to use split hostname and domain name fields. Upgrade existing entries automatically. Implements #4366Code should be generic enough that if other DynDNS providers would work better with a separate domain field, they can pick up the feature without too much trouble.
retain OpenVPN's net30 default topology for upgraded configs so they still work. Ticket #5764
Add uniqid tag to CARP VIPs that don't have one upon upgrade. Ticket #4858