Add pkg_version_compare()
Remove fifo debug from internal functions
Check whether the P2 or its associated P1 are disabled before adding NATrules. Ticket #5320
Cleanup unused code:
- Remove xmlrpcbaseurl from globals- Remove xmlrpcpath from globals- Remove embeddedbootupslice from globals- Remove call_pfsense_method()- Remove check_firmware_version()- Remove get_active_xml_rpc_base_url()- Remove zeromq.inc...
Disable zero copy buffers in bpf.
This was a no-op before my changes (so this was never really enabled) andnow it is known to cause issues with tcpdump and hostapd.
Disable this until we fix all the raised issues.
Issue: #5257
Fix the captive portal rules after 98bf4991dc31f97fc7315a6b8aba433de9d39cea.
The malformed rules breaks the parsing of initialisation rules.
Issue: #4746
Fixed bogus "Beginning package installation" message from the install_package_XML() function
Add 'caref' attribute to the ca object passed into ca_inter_create so arelationship to the signing CA can be maintained. Fixes #5313.
Limit strongswan trusted CA certificates to those required for authentication ofthe configured IPsec SA's instead of trusting all known CA's. Fixes #5243.
only use daemon and not auth for strongswan logging. As it was, all logs were duplicated. Ticket #5242
fix comparison here. Ticket #4558
Set rightca for IPsec phase 1 using Mutual RSA, Mutual RSA + xauth, or EAP-TLS. Fixes #5241.
Disable repo auto update
Merge pull request #1689 from jlduran/l2tp-mschapv2
Run pkg update once one time every hour, like upgrade script does
s/ip/IP/ it got lost on revert. Spotted by @phil-davis
Revert "remove the destination server's interface(s) from dhcrelay. Ticket #4908"
This reverts commit f791f28d6794c3b0601259f0de7acdebf6a367a8
Auto-add firewall rules for DHCP Relay, same as is done for DHCP Server. Add filter reload to DHCP Relay config so rules are immediately added/removed. Ticket #4558
Make sure timezones listed on first level directory is also grabbed by system_get_timezone_list(). It fixes #5303
Remove strongswan's cert directories and repopulate them, to ensure no removed CAs, certs, or CRLs remain. Ticket #5238
Fix up strongswan logging levels. Remove charondebug since strongswan.conf settings take precedence. Set logging levels in strongswan.conf to match what's set on a running system via 'ipsec stroke loglevel', and remove log levels that were hard coded in strongswan.conf. Ticket #5242
Do curl_init above any curl_setopt, and take it out of that if block since it applies to all types.
https://redmine.pfsense.org/issues/5207change auth methods for both peers when using hybrid RSA + xauth with IKEv1
Add support for an IPv6 pool for mobile clients.
Fixed #5277
improve spacing for non form panels
Partial fix for #5263Added timeout to pkg_call function to prevent GUI lockup when beta.pfsense.org is not available
Merge pull request #1572 from stilez/patch-5
Page converted to POST operation
Where doing a dynamic DNS update on IPv4, force curl to resolve IPv4 IPs. Ticket #3858
Fix typo
Specify PSK for mobile configurations without the leading ID selectors. Fixes PSK mismatches from iOS clients.
When using eap-radius, if the virtual address pool is left blank, pull the IP addresses from RADIUS instead. (Will need an IP address defined for each account.)Doesn't seem to be possible to pull from either RADIUS or a local pool that I can see from experimenting and looking at strongSwan's docs.
Specify %any where identifier is "any", so the note on these pagesactually works.
Only need to check 'vip' here.
fix comment typo Phil Davis noted
Can't use continue here as it continues the foreach, which skips the "ipfw zone" command, breaking CP for any system that doesn't have VIPs defined.
Remove /usr/share/zoneinfo.tgz and use FreeBSD stock zoneinfo. It fixes #4726
Use product_name global variable in more places
Use the appropriate parent interface with gateway groups using CARP VIPs.Ticket #4990
Disable DHS as a dynamic DNS provider option. It's never worked, andfixing is more complex than just fixing the variable screw up anddisabling cert validation for their SSLLabs F-graded site. Updates made ontheir site even take quite some time to be reflected, seems to be a...
Use self rather than any in auto-added IPsec rules to preventover-matching. Ticket #5211
Redmine #5200 be less aggressive about DHCP Pool Notice V2
This one will log_error() the DHCP pool message when it detects the inconsistency at the end of the setup wizard during reload all.That way it can still be seen in the system log that this happened, and one day someone might chase down all the steps in the "reload all" process....
Fix comment language
Remove syslog.conf entries on package uninstall (Bug #5210)
The remove_text_from_file() is not needed at all. However, system_syslogd_start() must be run after the package entries are gone from config.xml, otherwise system_syslogd_start() just re-adds the (now almost removed) package logging configuration from there.
Merge pull request #1799 from jlduran/svg-mimetype
Use pkg info -e to check if package is installed, it only returns 0/1 without printing anything
We do not need a blank line on console
Take internal_name into consideration when looking for package id
Unfinished (but better) versions of hte pkg pages and utilities
Do not pass vouchers shorter than 5 characters to voucher application, theyare too short to be a valid voucher.
Discussed with: Jim PIssue: #4985
Add MS-CHAPv2 option to L2TP Configuration
See [#4732](https://redmine.pfsense.org/issues/4732)
Fixed #4978
Merge pull request #1902 from dachande/feature/certmanager_san_wildcard_hostname
GratisDNS support for hosts without subdomains
Resubmit of #1793
Merge pull request #1750 from TarasSavchuk/patch-1
Fix Cloudflare support for Dynamic DNS Updates
Resubmit of #1812
The current implementation isn't working due to API change. Credits: det0nat3 @ https://forum.pfsense.org/index.php?topic=87436.msg534817#msg534817
Merge pull request #1808 from miken32/master
Merge pull request #1905 from doktornotor/patch-2
fix interface assignment menus running off VGA screen
When using VGA console, interface assignment can be a real pain in the ass because of the standard 80 columns width.
Dmesg reports the many interface description names in very long strings that don't fit in a row, this breaks the nice appearance of the interface list in the assignment menu....
pkg-utils.inc typo fix
Partial resubmit of PR #1798 (not really convinced the second part is wanted or correct).
Call conf_mount_ro() in better place
Do not call conf_mount_ro just before call write_config(),write_config() calls conf_mount_(rw|ro), and if filesystem is alreadymounted in rw state, it'll only increase the refcounter
Merge pull request #1895 from doktornotor/patch-9
Make the openvpn-server IP address consistent with CSC overrides behavior
Redmine #5046 UEFI network booting arch 00:09
Fixed is_domain method call
Added the possibility to use wildcard hostnames in certificate manager SAN fields
Merge branch 'bootstrap' of https://github.com/itshari/pfsense into itshari-bootstrap
White space and minor bits in etc
Cleaner version of https://github.com/pfsense/pfsense/pull/1846
Merge pull request #1886 from doktornotor/patch-7
Remove useless log spam. Ticket #4102
Merge pull request #1823 from phil-davis/notices-per-second
Retire PPTP server, fixes #4226:
- Remove PPTP server and all related code- Bump config version 12.2- Write upgrade config code to remove pptpd section and also cleanup firewall and NAT rules using PPTP interface or src/des
Fixed #5137
Used bootstrap progress bar for queues' stats and used glyphicons
Only add 6rd rules if there is an IPv4 IP defined for the gateway,otherwise ruleset ends up invalid. Ticket #4935
Check if our version of roll data is valid and if necessary, initializethe database.
This fix the case where the database is not initialized because the usedfield in backup file is empty.
Add support for LDAP RFC2307 style group membership. Resolves #4923
Provide an LDAP server timeout field. Default to 25 seconds. Resolves #3383
Fix incorrect netmask sent to client with static IP set in RADIUS (Bug #5129)
Merge branch 'master' into bootstrap
pw lock/unlock throws out error messages even when called with -q, send stderr to /dev/null for now
Fix incorrect identification of IPv6 interface with PPP-type interfaces and DHCP6
This has been broken ever since commited in 420aa48
As noted on https://redmine.pfsense.org/issues/3670 - the get_interface_ipv6() function in /etc/inc/interfaces.php incorrectly identifies the interface as the physical hardware interface. As a result, no global IPv6 address can be found (empty $ifcfgipv6) - https://redmine.pfsense.org/issues/3556
bootstrap, small fixes to unbound/dnsmasq edit pages, service icons.+ FIXME item that prevented lots of pages from loading..
Merge pull request #1848 from phil-davis/bootstrap-review
Strip HTML tags from a notice to avoid a potential XSS
Integrate bootstrap etc/inc with master
This applies the little changes in etc/inc master to the bootstrapbranch so that etc/inc in bootstrap will now just have the realdifferences that are due to real bootstrap changes.
Add SVG MIME type
SVG MIME type is `image/svg+xml`.
Fixed bug #5028The page was junk as originally converted. It has been re-written to work as required. Links to certificates have yet to be implemented, but that will be added once testing is complete on this version.
Merge pull request #1824 from phil-davis/dhcp-pools-range
Merge pull request #1826 from phil-davis/v10-bigger-than-v9
Merge pull request #1821 from phil-davis/upgrade-config
Merge pull request #1828 from doktornotor/patch-7
Merge pull request #1830 from doktornotor/patch-6
Declare the harddisks variable only if needed
Indentation fix
Bug #4569 - system_set_harddisk_standby() rewritte for current CAM-based ATA stack
Resubmit of #1767
remove routed service, is being handled by the package
Resubmit of #1817. See pfsense/pfsense-packages#1006