Fixes a bug in primary DHCPD host detection for failover.
Properly detect the master host based on CARP skew at setup time when used with HA.
Merge pull request #3862 from marjohn56/pfsense
fix typos
Merge pull request #6400 from loonylion/master
Merge pull request #3898 from alistair23/alistair/master
Add an update source control to RFC2136 dynamic DNS updates. Implements #8278
Add ospf6d to routing logs.
Merge pull request #3889 from kangtastic/master
Merge pull request #3900 from PiBa-NL/20180111-pf-busy
pf, device-busy, add another item DIOCADDRULE to the list of results to retry
Add an option to push a gatewy address to bridged tap clients. Implements #8267
upgrade_config.inc: Remove all restore_rrd() calls
Commit 0869605131ba3e5d7e502af7a799e54f27d2e7f6 removed therestore_rrd() function. To avoid errors when restoring older configsremove all callers to it.
Bug: https://redmine.pfsense.org/issues/8231Signed-off-by: Alistair Francis <alistair@alistair23.me>
re-adding changes made to fix bug#6400, includes fixes for bug#8222 and bug#8223 that were introduced with the initial commit of this code.
original pull request was #3868
Fix foreach error on hosts that have no dyndns entries.
Update the Copyright notice for pfSense.
Merge pull request #3893 from JoeriCapens/ddns-rfc2136-algorithm-choice
Delete keytype field from config, remove unnecessary file cleanup.
Change how SANs are generated from the CN, considering that not all CNs will produce a valid SAN. Fixes #8252
Do not make a bypasslan IPsec config block when it should be disable/empty. Fixes #8239
Update language selections
Remove old dnssec-keygen style files during upgrade
Add RFC 2136 Client key algorithm choice. Implements #8244
Replace Dynamic DNS dnssec-keygen style files with simpler ddns-confgen style file.
Merge pull request #3887 from JoeriCapens/dhcp-ddns-algorithm-choice
Add missing $cpzone declaration. Fixes #8238
Merge pull request #3792 from PiBa-NL/20170731-status_queues-realtime
Merge pull request #3866 from PiBa-NL/20171104-pkg-reinstallmissingpackage
Revert "Merge pull request #3868 from loonylion/master" Caused issues reported in https://redmine.pfsense.org/issues/8223This reverts commit 74c55258b21ada7a542965c2470fbaa45ce19689, reversingchanges made to 2acb4025ee7fef074a67d1021a5e62a0aff9fd37.
Merge pull request #3890 from JoeriCapens/master
Add a missing return when no NIC is found.
Abort the initial interface setup when no interfaces are found.
Remove endianness checking
all pfSense builds are little-endian
Code cleanupAdd a check to Copy DUID button on system_advanced_network.php
Set default key algorithm to hmac-md5
Fix #6319 again by adding missing dns-servers
Support for configuring additional DUID types
dhcp6c stores the entirety of the OPTION_CLIENTID option in DHCPv6 datagrams inits DUID file (named dhcp6c_duid), except for the option code itself. The firsttwo octets in the DUID file are the option-len field, and are saved according to...
Pretty up the new smtp notification header.
Fix auth_check.inc so it conforms to the rest of the session management code. While here, make sure it performs a commit to avoid PHP session gc from reaping the session. Fixes occasional timeouts when sitting on pages that only fetch AJAX for prolonged periods. Fixes #8116
Add DHCP Dynamic DNS key algorithm choice. Implements #6621
Remove ix from the ALTQ interface list. See ticket #7378
Merge pull request #6319 from JoeriCapens/master
Fix logging for L2TP and PPPoE server login/logout events. Fixes #8164
See https://redmine.pfsense.org/issues/8164 for the reasoning about why it was done this way.
Fix #6319 by setting ptr-domain and key variables correctly for dhcpdzones()
Merge pull request #3884 from stilez/patch-71
Fix typo
When retrieving a public key for a certificate, private key, or signing request, write the certificate data out to a temp file instead of echoing it through a pipe. Fixes #8153
Revert "Mitigate possible vuln in cert manager"
This reverts commit 1a68f4badd58de8694ac6a4208e11d7265c97df3.
Mitigate possible vuln in cert manager
Add isset, other vars seem to use it
Doesn't seem to have a point though :)
typo
Unbound: Disable IPv6 outgoing queries if IPv6 blocked in firewall, as they can never go anywhere
If IPv6 is disallowed in system->advanced->network, then any IPv6 lookups by Unbound will always be blocked, so there's no point sending them.
The practical purpose is that they also clog up the log and may fractionally slow down the resolver because the resolver then has to deal with IPv6 not replying, fallback lookups, etc....
routing, support use of recursive network aliases in static routes
Merge pull request #3868 from loonylion/master
interfaces_fast.inc: removed accidental rolling 'r' from comment removed unused parameters from definition of convert_real_interface_to_friendly_interface_name_fast()
interfaces_assign.php: removed profiling code removed unncessary comments...
Merge branch 'master' into master
Merge pull request #3844 from luckman212/ovpn-gw-patch-2
Merge pull request #3769 from PiBa-NL/20170626-phpfpm-status
Merge pull request #3183 from znerol/feature/master/register-openvpn-cn
Changed license as requested and added a missing apostrophe in a comment.
Merge pull request #3875 from LedPighp/dyndns_godaddy
Merge pull request #3872 from jackfagner/patch-1
Merge pull request #3820 from phil-davis/status-if-disabled
Merge pull request #3819 from PiBa-NL/20170910-show-interface-openvpn
Merge pull request #3768 from PiBa-NL/20170625-notices-queue
Merge pull request #3747 from PiBa-NL/20170529-dhcprelay-destination-interface-discovery
Merge pull request #3738 from PiBa-NL/20170521-oneonone-nat-fix-empty-ip
Feature #8123: Add GoDaddy as a Dynamic DNS provider
Bug in get_interface_ip
Global variable $config was not available, and IP was always fetched using find_interface_ip
Ensure that the value passed to ipfw pipes is always an integer, no matter the source. Fixes #8097
Add a separate checkbox for OpenVPN servers to redirect an IPv6 gateway now that OpenVPN has a native flag for it. Implements #8082
While here, since local network boxes are hidden when redirect gateway is enabled, do not use the values in those boxes when crafting the configuration. That way the GUI configuration is consistent with the backend.
refactored interfaces_assign.php to to benefit people with large numbers of VLANs, as requested on the forum at https://forum.pfsense.org/index.php?topic=137391.0. Also contains a minor speedup for interfaces_vlan.php. Modified functions are contained in interfaces_fast.inc. Profiling code is still present but commented out, as is replaced code.
When synchronizing vouchers, avoid allowing null values. Also, fix a missing variable global declaration. Part of ticket #8079
Use a strict check of array_search() result
Remove empty items from output
Detect when system is running a newer version than the one available on remote repository
Always do rquery when pkg search is not used
Fix #7946: Display installed packages missing on remote repo to let user to delete it
Also kill off sshlockout_pf processes when restarting syslogd. Fixes #7984
Several corrections to service sorting to produce output consistent with user expectations. Fixes #8069
Provide mechanism to allow for transition to a new package repository server
Add the XML tags to support the switch entries.
status_queues, provide 'realtime' statistics-retrieve 'current' numbers from pfSense
not using qstats provides the following advantages:-no long lag which requires 18 updates to get 90% accurate values on screen-showing queue's in 2 browsers does not show half the value...
pkg, reinstall missing packagechange the reference from install_package(.) as this function does not exist.
When crafting the CA subject for ipsec.conf, handle component values that are arrays. Fixes #7929
When ntp is bound to specific interfaces, disable listening on wildcard. Fixes #8046
Set VLAN Priority on dhcp6c packets
Add an option for LDAP servers to use the global root CA list as a peer CA. Fixes #8044
Disable HSTS for captive portals
Add option to disable HSTS for nginx (Bug #6650)
Crudely fixed #7786 by eliminating check of parent bandwidth when children are sepcified in %
Merge pull request #3857 from PiBa-NL/20171022-pf-wait-dont-wedge
Merge pull request #3859 from PiBa-NL/20171031-xmlrpc-encodedspace
Merge pull request #3860 from PiBa-NL/20171031-config-backup-check-exception
pf, retry pfctl -f rule loading when pf is 'busy', don't try and fail to force -d -e as that would also fail at this point in time.
Merge pull request #3858 from nagyrobi/patch-25
config, xmlparse throw exception instead of calling die(), so corruption check will properly handle the unlink action of the corrupted config
Fix handling of wildcard CN/SAN entries in certificates. Fixes #7994
Fixed #8035
(cherry picked from commit 9c4e7fd3e155d08911feb0afc527af21d79ce917)
xmlrpc, fix usage of space and + character that need different encoding