Fix RAM disk support for ZFS layout changes related to BEs. Fixes #13182
Captive Portal hostname pipes delete fix. Issue #13193
captiveportal: Only apply per-user default bw to pipes for user auth. Fixes #13192
captiveportal_pipe_configure() was unaware of the context of the pipes it wascreating (user auth vs. allowed mac/ip/host), and always applied the defaultpipe bandwidths in the absence of form specified values. This change allows the...
captiveportal: Correct errors in passthru mac deletion. Fixes #13192
Correct identifier mismatches in captiveportal_passthrumac_delete_entry()($hostent vs $mac)
Correct and rename captiveportal_get_dn_passthru_ruleno() tocaptiveportal_get_dn_passthru_pipes. This function was called to retrieve a...
Revert "Destroy deleted/disabled IPsec SA. Fixes #13102"
This appears to be causing a pileup of swanctl processes on systems witha significant number of disabled tunnels.
This reverts commit d90552c59e51fb13c712b6a96a51ca2462424156.
Fix pf rule for 'any' proto. Fixes #4259
Close earlier to avoid overlap. Fixes 12870
Gather the information we need from curl and close the handle earlierrather than passing around the handle unnecessarily. This avoidscreating multiple overlapping curl requests that don't share a handle.
Fix rule label order and optimize. Fixes #13155
captiveportal_ether_delete_entry() anchors/pipes delete fix. Issue #13169
DSCP usage optimization. Fixes #13178
mkdir before restoring extra data. Fixes #13157
check_dnsavailable() improvement. Fixes #13162
Print correct pkg name. Fixes #13163
pfSense: Fix missing global decl in captiveportal_get_last_activity. Fixes #13147
Captive Portal per user bandwidths fix. Issue #13150
Captive Portal host remove fix. Issue #13146
Add default value to $ipv6type argument of restart_interface_services(). Fixes #13134
Remove topology keyword from openvpn_cc file. Fixes #13133
OpenVPN status improvements. Implements #13129
Use dnctl(8) to control limiter rules. Feature #12579
Allow to assign L2TP VPN server interface. Issue #13099
VPN restart on Gateway options change. Issue #13076
Merge pull request #4579 from luckman212/store-dnsmasq-opts-as-base64
Restart DNS Resolver after OpenVPN config save. Fixes #13117
Suppress php warning when using unlink. Fixes #13112
pfSense: Correct typo in buffer_rules_load 'labels' -> 'label' - R12977
pfSense: Get rule descs for syslog.inc via pfSense_get_pf_rules() - Regression #12977
Correct CP status function call. Fixes #13123
Correct CP status function call. Fixes #13122
Improve OpenVPN "tls-client"/"pull". Fixes #13116
"tls-client" and "client" are redundant, so only use "tls-client" and"pull". Omit "pull" in cases where it is known to be incompatible.
pfSense: Utilize pf captiveportal funcs from php-pfSense - Feature #12945
Use mpd embedded bandwidth control to reconnect. Fixes #13092
store dnsmasq custom_options as base64
Destroy deleted/disabled IPsec SA. Fixes #13102
Captive Portal remove unused ipfw code. Todo #13100
Captive Portal ipfw->pf transition. Todo #13100
USB NIC handling improvements. Fixes #12606 #9393
Update config 215 to 216 fix. Issue #13097
LDAP authentication extended query fix. Issue #13093
Add no noretry to PPPoE mpd configuration. Fixes #13092
Fix typo. Issue #13076
Slow rule generation regression. Fix #13049
Port forward NAT rules with Any protocol. Implements #4259
Restart L2TP VPN on interface change. Fixes #13082
Reconfigure stacked IP Aliases on XMLRPC sync and Virtual IP change only. Fixes #12961
Reload IPsec and OpenVPN on gateway IP or force_down option change. Issue #13076
NPT manual prefix fix. Issue #13070
Restart L2TP VPN on interface IP change. Fixes #13066
Allow auto prefix with manual prefix-length in NPT. Implements #13070
Do not restart IPv4 OpenVPN on IPv6 gateway events and vice versa. Fixes #13061
Reject multiple IPv6 compressions. Fixes #13069
Having :: in an IPv6 address more than once is not valid, even if itexpands to an unambiguous result.
Do not restart IPv4 IPsec on IPv6 gateway events and vice versa. Issue #3132
WebGUI option for IPsec <dns-interval> option. Feature #13057
Skip IPsec VTI interface if remote FQDN gateway is not resolved. Issue #12763
Reload filter on OpenVPN instance delete. Fixes #13055
Restart services on interface configuration changes. Todo #12619
Do not create negate rules if <negate_networks> is empty. Fixes #13049
IPSec IKEv2 Mobile INTERNAL_DNS_DOMAIN (value 25) attribute. Fixes #12975
Option to keep serial f/renew cert Fixes #13010
Defaults to keep serial for CA but not for certs.
Unbound option to keep probing when servers are down. Implements #13023
Do not generate duplicate ``no nat on`` rules for port forwards with a destination of ``Any``. Fixes #13015
Regenerate link-local address on MAC change. Fixes #12794
Do not generate duplicate NAT Reflection rules. Fixes #13012
write_rcfile() restart fix. Issue #13025
CLI history option optimization. Fixes #12675
There is no longer a need to use the ~/.keephistory flag file. Scriptscan check the config.xml value for a user directly.
Fix syntax error
write_rcfile() restart support. Issue #13004
Improve unbound DNSSEC option check. Issue #12985
OpenVPN unbound restart fixes. Issue #12991
Add option to limit concurrent connections per OpenVPN user. Implements #12267
Use OpenVPN deferred client-connect. Implements #12407
Duplicate wireless interfaces fix. Issue #12999
OpenVPN shared key warning. Implements #12981.
Adds a warning to the OpenVPN client and server list and edit pageswarning the user about shared key mode being deprecated by OpenVPN.
Warning only displays on the instance lists if there is an existingshared key instance. Warning only displays when editing an instance...
Restart unbound to update ACL on OpenVPN change. Issue #12991
Convert IPv6 with IPv4 mapping to hex on prefix merge. Fixes #12440
Unset $filename variable. Fixes #12986
Do not sync root.key file if DNSSEC is not enabled. Issue #12985
Skip unresolved OpenVPN alias DNS entries. Fixes #12984
Fix syntax errors. Issue #12940
Always change .ssh directory permission. Issue #12940
Delete user home directory on user delete XMLRPC sync. Fixes #12940
OpenVPN FQDN in alias netmask fix. Issue #12925
pf host ID support. Issue #12702
Add user opt to keep history. Implements #12675
Remember dyn GW when if is down. Issue #12931
Revert "Skip gateway if interface is down. Fixes #12920"
This breaks some gateway operations because the gateways disappearentirely when the interface loses link.
This reverts commit c07c5cf5f2387cb2b9efdf25545bafebfa414f00.
New methods for killing states. Implements #12092
OpenVPN FQDN in alias support. Fixes #12925
DHCPD: deny MAC Deny entries instead of ignore. Fixes #12923
Do not add HTTPClient entries if netboot is disabled. Issue #12892
Skip gateway if interface is down. Fixes #12920
OpenVPN status TAP mode double entries fix. Issue #12884
Restart gateways monitor on dynamic interface down. Fixes #12920
Status Interfaces SPF details fix. Feature #8861
Encrypt/Decrypt Robustness & Testing. Issue #12897
OpenVPN status incorrect TAP mode RA server+empty tunnel. Fixes #12884
Define dnsmasq upstream DNS via --server option. Fixes #12902
Show SFP module details on status_interfaces.php. Implements #8861
Fix infinite CPU loop on failed restore
When restoring a backup with wrong password or a user custom iterations count different than 10k or 500k, GUI timed out in an infinite CPU loop
Revert "captiveportal: fix ipfw rules"
This reverts commit 9dac41af43a5b977a604098688776987c4f76722.