VTI input validation. Fixes #8674
Add input validation to prevent switching away from VTI or deleting aVTI P1/P2 which belongs to an assigned interface, since this would breakthe interface assignment and cause an interface mismatch at the nextboot.
Remove unneeded VTIs in IPsec sync. Issue #8674
Still needs input validation to prevent changes that would remove anassigned interface.
Fix PHP error when adding a gateway from interfaces.php. Fixes #8680
Fix PHP7 error due to lack of int casting for gateway weight when making rules.
Fix PHP7 array issue in array_merge_recursive_unique()
Teach DynDNS to use custom IP check services. Fixes #8664
Fixes #8661 PHP7 illegal string offset
PHP7 fixed illegal argument supplied foreach()
Revert "Add fields for DNS server hostnames for TLS verification. Implements #8602"
Per https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=658 the verificationrequires OpenSSL 1.1.x, and FreeBSD 11.2 base OpenSSL is 1.0.x.
This reverts commit ad08a8242ca45907e0486712d218a5f8f34c7332.
Fixed #8654Fixed PHP7 issue causing separators not to work at all
Integrate ACB into core. Add config migration.
Escape LDAP username when searching. Fixes #8626
Fix PHP7 errors in the Dynamic DNS widget. Fixes #8648
Fix #8646
Fix shaper "non-numeric value" errors
Fixed #8640 PHP7 initialize variable as array instead of string
PHP7 initialize as array instead of string
Removed debug statement
Make sure /var/etc/openvpn-csc directory is created
Changed it to just use the variable name
Fixed #8633 PHP7 issue use of undefined constant, Should work as it did before.
Fixed a warning on status > dhcpv6 leases parameter 2 expected to be a string.
Fix 8553: When creating a new user, make sure it's added to desired groups
Add fields for DNS server hostnames for TLS verification. Implements #8602
Merge pull request #3951 from whislock/dh-rfc
Merge pull request #3958 from PiBa-NL/20180702-gateway-none
Add missing global $g declaration
Create pkg_conf_setup() to setup pkg.conf
It will be necessary in near future for thoth setup
Fix #7024: Fix Radius include extension
Add gettext() and other cosmetic changes
Fixed #8048 now properly removes dhcpv6 for lan if lan is not configured
Add legacy encrytopn password support
Update $config references
Fix #7024: Deprecate /etc/inc/radius.inc in favor of pear-Auth_RADIUS port
Initial commit of ACB core functionality
routing, add option 'automatic' for gateway selection, and allow manual ordering of gateways
Merge pull request #3941 from mattund/master
Fixing @jim-p's change requests
Make GUI/config values for gateway groups match what the backend code expects. Fixes #8586
Fixing GitHub reported issues
Fixed #7013Added warning requiring reboot if group scope is changed
Do not generate a NAT reflection rule with an interface source if that interface has no IP address. Fixes #8604
Deprecate the copy of simplepie, use the port instead
Remove RFC 7919 from DH group titles
Nothing is preventing the user from overwriting them, which would mean they're no longer the RFC groups.
Added new DH groups to valid groups list
PHP7 fixed illegal string offset
Merge pull request #3949 from Hobby-Student/master
Merge pull request #3947 from PiBa-NL/20180609-fix-default-route-for-dynamic-gateway-pppoe
Merge https://github.com/pfsense/pfsense into http2
fixed wrong if conditionsadded support of dns server
misspelled ldap bind username variable
Fixed #8515 fixed error in queue defintion where it would repeat
It should now create a new definition for each queue. Queues shouldnow show up under status > queues.
Validate NPt IPv6 address input and do not use invalid stored settings in rules. Fixes #8575
1. I rewound src/etc/inc/config.inc back to you guys' base. It was some funny EOL stuff that happened.2. Unwrapped gettext()3. Agreed. Sanitized.4. Unwrapped gettext()5. Took out input_errors item6. Took out input_errors item7. I like the idea of this. I would love to add heavier validation; unless I just affix for datatype I would need to know the constraints on which the parameters live for the AQM/scheds. Maybe that's documented. I can revisit this....
Rework loader.conf(.local) filtering. Fixes #8571
If this isn't aggressive enough, we could remove the "local" changes and onlykeep the new matching method.
routeing, gateways show proper IPv4 IPv6 default, also for dynamic gateways
routing, fix setting the default-route when the configured default gateway is a dynamic pppoe gateway. it doesnt have a gateway-status when it hasn't connected yet.
Fixup ipsec interface static route processing. Issue #8544
Fixed #8515 Queues should now be added either through manually creating them or through the wizard
Make IPsec IKEv2 conn IDs consistent with IKEv1 or IKEv2 split. Also fix vti test for reqid.
Do not put "route-to" on rules for traffic outbound from the firewall itself on ipsecX interfaces. Fixes #8551
8552 - enable http2
Fix IPsec VTI gateway generation to match interface changes. Fixes #8544
Rework how IPsec VTI interfaces and reqid specifications for same are formed. Ticket #8544
IPsec VTI interface refinements/fixes. Ticket #8544
Add the missing new line.
A couple vpn.inc refinements for VTI. Ticket #8544
Add vpn.inc changes for IPsec VTI that missed the previous commit. Ticket #8544
Please welcome routed IPsec using if_ipsec VTI interfaces. Implements #8544
To use, create a P1/P2 and set P2 to VTI using local/remote network as tunnel endpoint addresses, then assign the interface (enable, but IP type = none), and use like any other interface for routing.
Supercede the DHCP server MTU to avoid setting it improperly and/or causing a link state loop. Ticket #8507 Ticket #8506
This requires a patch from https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=206721#c12 which garga has imported into the tree.
PHP 7.2 Migration fixed count() issue
PHP7 - Resolve count() error
Merge pull request #3942 from teicee/master
Do not allow an empty address/mask combination to be used in a VIP rule for outbound host traffic. Ticket #8518
Allow multiple Queues to be displayed for Limiters part of PHP 7.2 Migration
PHP7 - Resolve warnings in pfShs.php playbacks
Fix bug for rules 'permit ip any any' from LDAP/AD
Make SG-2220 to use RCC-DFFresetbtn binary
Improve default gateway upgrade code. Ticket #8504
Suppress route command errors and related debug output. Fixes #8497
PHP7 - Resolve foreach() warning
Use array tests and operations that are more friedly to PHP 7.2 in gwlb.
Change CRL generation to a pure PHP implementation which works with PHP 7.2 (and 5.6)
The old OpenSSL CRL patch we had been using does not work with 7.2, and this way alsoopens up some new possibilities for enhancing the CRL settings we can offer in the...
PHP7 - Resolve illegal null in escapeshellarg() error
PHP7 - Resolve Illegal string offset warning
Also delete scheduler on cleanup
Setters and getters for $aqm/sched params (anticipating a review will request that)
Fix command syntax in format_parameters
CRLF
Fix newlines back
- Fix an incorrect assumption where I thought the sysctls were measured in ms. they appear to be microseconds instead (thanks Harvy66) - Fix a problem where I was recursively assigning parameters in FormatParameters(), but that was not an ideal method (using vsprintf instead)...
Merge branch 'master' of gitlab.netgate.com:pfsense/pfsense
Change back to PHP7 compliance
- Fixed a bug where you could not get an ECN-incapable scheduler or AQM to work: noecn was appended in rules.limiter. - Made a change to an array reference that was breaking my test
Wrote to wrong file.
Revising my PR as it was not PHP7 compliant.
Add dummynet AQM and scheduler configuration support to pfSense Limiters through the GUI. Only shaper.inc was changed.
Presently, the traffic shaper is versatile however outbound shaping can be tricky. This patch aims to solve that, allowing not only outgoing shaping through dummynet pipes but also enabling users to attach configurable shaping to virtually any interface. Right now, altq does not support LAGG ifaces, ixgbe, among others....
Remove references for new classes instances adding a temporary variable. We will revisit it later
PHP7 - Resolve illegal offset error
Check for valid array before call foreach()