Improve readability
Do not call gettext() for the string used to match the place in file to start rewriting it
Use 0 here if specified. Ticket #6413
Fix this missed one.
(cherry picked from commit f42ef69ab518237260a2e129cbdf391549c003ad)
Firewall / Aliases / Edit - New URL Table Alias Type
Make the code cleaner and easier to follow by using the same alias type designations as config.
(cherry picked from commit ebe833f6a9463b0e4add1d97c360af4a682d1add)
Need to pass alias type to process_alias_urltable() function when creating a new url table alias because it is not yet set/available from config. So the alias_get_type() function can't be successfully used yet....
Lower default LDAP timeout to 5 seconds. Idea from Sandeep1991 in PR 2971. Ticket #6367
Set PHP's memory limit to 512M on 64 bit. Ticket #6364
URL Table (Ports) File Comments
Fix for Bug #6395 that keeps full line comments of the downloaded file but strips them for the pf rules load.
(cherry picked from commit e7e1e514607e7b017e5407326cfd7ddb439963d0)
Remove calls which rely in uninitizalized vars
After analyzing implementations in RELENG_2_1 and RELENG_2_2, this code seems to be a left over after code rewrite
Also remove a trailing space from comment
(cherry picked from commit 0120cad84ea4dddd0c1501ecb41f2a082ea1e7d9)
Add freeDNS v6 support
FreeDNS IPv6 support confirmed working using same method as v4 with v6 source address. Simple second service with _useIPv6(cherry picked from commit ac16181a2cfefec293e0562a7bfe8e2f7140e191)
Add menu item for freeDNS v6(cherry picked from commit d102e2d5d3f238fa4f35a1d935366a2e6153804e)
Removed global variables used on the version 2.2
(cherry picked from commit d4af7f9e4a332278a80ba2a9c56df2064dc579d9)
Customize limiter info message
The $dn_default_shaper_msg is what is displayed on the Limiters tab. It needs to talk about "limiter" rather than "queue".This code builds up each message using the same base template sentences, inserting "queue" or "limiter" in the appropriate place....
Fix script name in error log
Fix misspellings.
Disable ipcomp regardless of config setting to avoid problem. Ticket #6167
Silence mwexec output. Now that the groupdel actually works, it spams the log when group isn't found. Ticket #6352
Unbound and dnsmasq can both be enabled so restart both if need be
Fix scope for IPv6 link local gateway IPs. Ticket #6353
Handle link local IPv6 gateways and default gateway switching correctly. Ticket #6258
Don't start unbound in track6 config if system is booting. Add dnsmasq here as well. Based on PR 2943. Ticket #6186
Use -g with groupdel when passing a GID. Ticket #6352
Fix #6278
$cpzone is always in lowercase, it's used as the array key used inconfig.xml. Use it in two cases where the $cp['zone'] was being wronglyused:
- To find out zoneid- To replace PORTAL_ACTION url
Store notices safely to prevent potential XSS when notices are displayed locally or by remote systems where they're shipped. Ticket #6154
Fix package_reinstall_all post-upgrade when packages have been removed in pre_upgrade. Ticket #6137
Tweak upgrade - Remove unused code and document changes better
This will ensure a smooth upgrade for those running config 15.4 to any next version.
Prefer index.php over index.html where both exist.
Only execute remote search operation on first call of get_pkg_info(), this should fix #6177
Revert "Add config upgrade code to update package names. Ticket #6118"
This reverts commit 291fad43870bdb39ef0ab32125b022e268a29cf7.
Check for is_array here to avoid possible issues if the config.cache is invalid. Adapted from PR 2925
A simple fix for #6120
- Retire system_console_configure()- Replace above call on rc.bootup by setup_serial_port()
Update L7 config upgrade code removal. Only file notice if it was actually in use, otherwise it just confuses people.
Add config upgrade code to update package names. Ticket #6118
Miscellaneous Textual Correction - Firewall / Shaper
(cherry picked from commit c3ebf3470402080bbddb709325611e7120eb3c0f)
Workaound fixes #6320
(cherry picked from commit d1c57eb8e1699f36a3ccda53cef2e28b10eeca92)
Bump net.inet.raw.recvspace and net.inet.raw.maxdgram by default. Ticket #6223
Only try to chown files that still exist. Ticket #6131
This was right to begin with. Revert "Allow uppercase letters in is_unqualified_hostname as well."
This reverts commit 3d5fb131796ba6d9c5d53efe77080d7ddb334f22.
Allow uppercase letters in is_unqualified_hostname as well.
Bug fixes to Route53 DynDNS
Fixed a bug regarding a leading space in $ZoneID that causes an AWS 505 error. Also adds support for updating DNS if TTL changes.(cherry picked from commit a4bda7563136a7b47a1d090cededdb1b1a076019)
Skip ro mounting to make nanobsd permanent rw mode regardless of config. Ticket #6184
Show patchlevel together with product version on banners and system information widget
Ensure $nat_if_list is always an array before it is used as one. Fixes #6307
Bump net.raw.recvspace and sendspace defaults. Ticket #6223
Fix extrat return statement
(cherry picked from commit 09c7fae46d2757815c1e4e5ead7c9896783e7013)
Fix #6137:
- Uninstall all packages on current system before upgrade usingpre_upgrade_command script- Create a file containing all packages previously installed andreinstall them on first boot after upgrade
Test for internet connection 3 times trying to reinstall packages after upgrade or config restore. Fixes #6180
Omit local identifier for mobile PSKs. Ticket #6286
Provide better messages for invalid alias name errors
(cherry picked from commit e1f5381f4ecae20922a379b75820af1c9e57927e)
Reduce values of FETCH_TIMEOUT and FETCH_RETRY to help ticket #6177
Don't foreach unless it's an array. Ticket #6142
Similar thing to https://github.com/pfsense/pfsense/commit/13dab3538fe8b6c1688142c89a017520ad0aaac6 should be done here in upgrade_130_to_131()
Use leftsendcert=always where leftcert is defined. Ticket #6082
Add Hyper-V support to system_identify_specific_platform, and disable S.M.A.R.T. actions in Hyper-V guests. Ticket #6147
fix indent on dhcpdv6 sntp-servers
Prevent configuring the same parent and VLAN ID multiple times. Ticket #6183
Add config upgrade code for CARP IPs on gateway groups, GRE and gif. Ticket #6222
Update VIPs CARP parent on upgrade. Ticket #6164
Rebase / Update config version.
Periodic RRD & DHCP Leases RAM Disk Backup
Remove these cron jobs on full install if not using ramdisk.
Switch domain overrides from stub-zone to forward-zone. Ticket #6065
Comment out no longer used function. Remove after next release.
(cherry picked from commit 69b8328d8596392d9d6049f304dd6da6ecbe1622)
Add checks in case there are dpinger param problems
in 2.3 installations that were upgraded from 2.2.* when the apinger todpinger params conversion code in upgrade_130_to_131() was not so good.
(cherry picked from commit f8f2eae491ac44ac5cdbd1fd3d38d7c2c36f48f8)
Setup HTTP_PROXY environment variable for pkg when it's called from the GUI and also for pfSense-upgrade
Escape username before use in CP SQL
A maybe "better" version to try.(cherry picked from commit 0a02fc5eefb265e0684d4447bf0a7c2a9687a188)
Handle single quotes in user names for CP
Forum: https://forum.pfsense.org/index.php?topic=110243.0This is a trial - make sure it really works before committing.(cherry picked from commit 6fb36cdd74dd005a9a2bc799889978b4897e6dcf)
Fix trivial GUI typo.
TRB should be TBR for "Token Bucket Regulator".(cherry picked from commit e643627c833ce12fa00a682c66929aaad95760eb)
Alias Tables RAM Disk Store
If ramdisk is enabled keep a copy of the alias tables to restore at boot time. Otherwise unpredictable behavior may occur due to some aliases not being available when the firewall rules load.
Because alias tables are typically somewhat static, the following strategies are employed to keep write cycles to a minimum for SSD and flash drive type devices friendliness....
Fix #6187 Handle Growl IP Address problems
(cherry picked from commit 642c6023fea2957bb646b1290371ead508f5cc67)
Trim the OpenVPN tunnel network before use, and on save. Fixes #6198
Fixed #6174
(cherry picked from commit d1db3f366180e8df8042dbeb92fa12e5a661d23c)
Fix #6142 validate and adjust dpinger params on upgrade
1) The previous "down" value was being converted to msec and put into"loss_interval". It should go into "time_period".2) loss_interval must always be at least latencyhigh - make it so iflatencyhigh is big....
Unset dhcpdv6 on LAN here as well. Ticket #6152
Add lock in vpn_ipsec_configure. Ticket #6160
Correct OpenVPN upgrade code for topology subnet.
Put gateway name and group around the correct way
Redmine #6134Forum: https://forum.pfsense.org/index.php?topic=109781.0Originally broken by commit: https://github.com/pfsense/pfsense/commit/d18f3f6e09b86359395cd78db2e19f721818b992(cherry picked from commit ebcd8a306c3e89ff3767bfaea03320fa211d8429)
Update RRD Script - Comments
Correct units in conversion comments.
(cherry picked from commit 515887c3779519c37465aef55b22c8bd906d6f05)
Easyrule Block Firewall Separators Update
Update firewall rule separators positions when adding an easyrule block.
Always use sprintf with log_error
I noticed this while looking at other stuff in notices.incIf this log_error() call ever happened, it would not have done anything useful.
Miscellaneous II - Remove Personalizations
Remove "you" personalizations.
Miscellaneous - Remove Personalizations
Respect all Class attributes returned by the RADIUS server, not only the last one received. Fixes #6086
Teach get_user_privileges how to retrieve groups from LDAP/RADIUS, and have getUserEntry fall back to a format that will allow it to function. Net result is that now userHasPrivilege() will respect remote groups as well as local groups, which fixes #6088
Deprecate references to modulate state. Remove rule allowing TCP 1723 inbound when PPTP client is in use, as that's unnecessary.
Rework the way repo packages work
- Distribute only a single pfSense-repo package containing all templates- Create a symlink pointing to selected repo- Do not limit it only to pfSense-repo and pfSense-repo-devel
Merge pull request #2838 from phil-davis/patch-5
(cherry picked from commit 4659cb1aad41c7b37f2c456ecd3ab665897e3a9a)
Ticket #6053
- Do not call ntpdate before start ntpd, ntpd g parameter is enough Deprecate /usr/local/sbin/ntpdate_sync_once.sh- Remove system_ntp_configure parameter and always start ntpd
Remove unused function sync_system_time()
Merge pull request #2831 from NOYB/Includes_-_Remove_Personalizations
(cherry picked from commit 7a2c15f527459cc82aadaf23d06895174c008320)
Merge pull request #2829 from phil-davis/openvpn-widget
(cherry picked from commit 1dae6c0f4184ac72c252fb934d2bfa4fd3a967fe)
Bring back rainterface, add config upgrade to convert to new _vip format. Ticket #6043
fix style
Don't modify the group file for scope remote. Ticket #6012
Rather than renaming groups with spaces, mark their scope as remote. Ticket #6012
Merge pull request #2800 from phil-davis/r1
Specify the zone in the PORTAL_ACTION URL. Ticket #6037
Add brackets for clarity
Add some extra brackets for clarity, rather than relying on the operatorprecedence rules. IMHO this makes it more readable, and no need for thereader to wonder if anything might go wrong with the operatorprecedence.
Set the ALTQ root queue bandwidth.
Whenever possible set it to 1Gb, if the sum of child queues if higher than 1Gb, set it the correct value so we do not break any existing setup.
Ticket #5721
Fix the sum of child bandwidth.
Now percentages are correctly handled.
Remove commented and unused old code supposed to do the same.