Do not remove route upon radvd shutdown, refs: #11103
Moved web include files from /etc/inc/web to /usr/local/pfSense/include/www
VTI: Fix interface number limit
Code introduced by commit 3b85b43bb4b tried to keep the old way used todecided VTI interface number using reqid and index but it was wrong andallowed numbers bigger than limit (32767) to be used.
This commit removes this logic completely and use incremental numbers...
Show Unbound used certificate on the Certificate Manager page. Fixes #11678
Reload NAT config before testing
Add cronjob only for limiters applied to firewall rules. Fixes #11636
OpenVPN Cisco AVPair {clientipv6} template. Implements #11596
Accommodate 'after' property when creating a NAT rule
Revise MVC provision
Automatic default gateway set fix. Issue #11729
Remove Wireguard reference in header
Allow general access to create_interface_list() for MVC
WireGuard removal: Fix config
Keep `wgpeer` item defined as an array on xmlparse.inc to prevent errorson config files while they already have WG config items. It can besafely removed in the next major version.
Created a new config upgrade code to remove wireguard items from config...
Do not try to include wg.inc
Fix PHP error on Reset Log Files. Issue #11710
route_add_or_change() add linklocal gateway scope. Fixes #11713
Remove WireGuard support
Out of an abundance of caution while we investigate the claims aboutWireGuard in public, we need to remove it from pfSense Plus and CE inorder to shield customers from potential risk.
Fix cert type handling during renewal. Fixes #11706
Add missing word to help text
Fix RA GW for "Do not wait for RA" path. Fixes #11454
Fixed #11702 by revising ramdisk code
Add MVC wrapper to various functions used by firewall_nat*
Merge pull request #4508 from thomasloven/patch-1
Merge pull request #4502 from znerol-forks/fix/master/deprecate-prefix-of-when-ra-srcaddr-set
set_curlproxy() fixes. Issue #11476
Finish refactoring firewall_NAT* for MVC
Only write DHCP6 gw when given a value. Fixes #11454
Set correct WireGuard interface MTU on boot/config changes. Fixes #11482
Reject IPv4-mapped IPv6 addresses on Mobile IPsec DNS server input validation. Fixes #11446
Revise target port error message
Do not delete disabled routes on boot. Fixes #3709
Shell LDAP authentication fix. Issue #11644
Correct local IPv6 address for OpenVPN on 6RD/6to4 interfaces. Fixes #11674
Supress route no found error. Issue #11475
Include wildcard setting in dyndns refresh
Every 25th day, my dyndns forcibly updates, and the wildcard entry is gone.
This should fix that, as far as I can tell. Though I must admit I have not tested it live for 25 days.
WireGuard default route Allowed IPs validation. Issue #11465
OpenVPN auth sources strlen validation. Issue #11104
Do not clean dmesg.boot on Reset Log Files. Fixes #11428
route_del() optimization. Issue #11475
Move interfaces_ipsec_vti_configure() to the end of interfaces_configure(). Issue #11537
Fix removing automatic DNS server route. Issue #11578
Static IPv6 /128 routes fix. Issue #11594
WireGuard default TCP MSS clampling. Issue #11600
DHCP6 interfaces bootup fix. Issue #11633
Correct source IP for IPsec on 6RD/6to4 interfaces. Fixes #11643
Fix handling of renewing cert w/o SAN. Fixes #11652
Use correct parameters when adding WG IPv6 tunnel addr. Fixes #11618
Report full product version, including -pN
Revise firewall_nat_edit for MVC
Correct rsort_log_filename() behavior. Fixes #11639
Revise firewall_nat.php for MVC
Fix typo
Add missing break
route_get() optimization. Fixes #11475
IPsec Mobile users swanctl.conf fix. Issue #11564
IPsec peer ID Any fix. Issue #11555
Cisco AVPair parse {clientip}. Fixes #11561
IPsec VTI interfaces bootup fix. Issue #11537
WPA Enterprise PAP inner method support. Issue #2400
Merge pull request #4504 from bashkarev/master
Update services.inc
Corrects the error in the dynamic DNS widgetwarning: array_combine(): both parameters should have an equal number of elements in /usr/local/www/widgets/widgets/dyn_dns_status.widget.php on line 151
Fixed bug parsing netmask cisco acl
Basic fiurewall_NAT MVC conversion
Correct location and config for Strict CRLs in IPsec. Fixes #11526
Improve CA/Self-Signed serial handling. Fixes #11514
Try parsing four digit years in cert timestamps. Fixes #11504
Do not deprecate prefix if AdvRASrcAddress is specified, refs: #11103
Improve handling of broken/invalid certs. Fixes #11489
On save return virtual IP id
Merge pull request #4501 from mschiegl/patch-1
Use set_curlproxy() function for cURL proxy configuration. Issue #11476
IPsec Mobile EAP-RADIUS additional configuration fix. Issue #11447
Put OpenVPN route-nopull option after custom options. Fixes #11448
WireGuard interface friendly description. Fixes #11437
Allow to use OpenVPN provided DNS servers. Implements #11140
WPA Enterprise (PEAP/TLS/TTLS) client mode. Feature #2400
Fix a typo.
No functional changes.
Merge pull request #4500 from bitscher/master
Merge pull request #4487 from znerol-forks/feature/master/radvd-linklocal-vip
Don't add empty pools line. Fixes #11488
Fix child SA name generation. Fixes #11487
Fix openssl digest algorithm param in openvpn.inc
At least in OpenSSL 1.1.1i-freebsd, used by pfsense 2.5, there is no longer a "list-message-digest-algorithms" parameter. It has been replaced by "list -digest-algorithms".The old parameter results in an error 'Invalid command 'list-message-digest-algorithms'; type "help" for a list' and may even cause an endless loop on startup/migration.
Fixed #5685 - Renaming alias does not update firewall rules containg that alias
Fixed #11464 by adding proxy configuration to web service calls
Merge branch 'master' into master
Add getVIPs() function for MVC
Revised firewall_virtual_ip_edit for MVC
firewall_virtual_ip refactored fro MVC
Fix filename in copyright message
Refactored system_advanced_misc for MVC
Non local gateways fix. Issue #11433
Delete static routes on gateway down. Fixes #11296
Remove unused L2TP VPN directory. Fixes #11299
Unbound ip6.arpa local-zone type. Fixes #11403
Set correct TCP MSS for IPv6. Fixes #11409
Allow to use host portion of IPv6 in firewall rules. Feature #6626
L2TP VPN MTU option. Feature #11406
Xen console support. Feature #11402
Display negotiated cipher on Status / OpenVPN page. Implements #7077
Mythic-Beasts.com DynDNS provider support. Implements #7842