Remove leftover debugging menu bypass. Issue #14746
It is not compatible with console autologin, so this shouldn't be kept in place.
Allow users to customize shell init behavior. Implements #14746
Correct program reference in syslog config. Fix #14768
Check all dump devices for crash dumps. Fixes #14767
Rewrite update_repos(). Fixes #14609
Rewrite update_repos() to use process_open() style execution with a fullpkg-style environment. This allows it to fully respect the proxy settingsconfigured in the GUI.
Only log radvd level err and higher by default. Fix #12938Previous behavior can be restored under System > Advanced > Networking
Align indentation in syslogd conf file
Automatically configure the state hash tables size. Implement #14750
Add unbound option sock-queue-timeout to the GUI. Implement #14731
Correct CARP event IPsec VIP tests. Fixes #14738
Intel Speed Shift support. Implements #14047
GUI controls only appear on hardware that supports Speed Shift.
Prioritize the first GUA when selecting the primary IPv6 address. Fix #14725
Validate mixed address family for outbound NAT rules. Fix #14719
services.inc: ensure dhcpd devfs is only ever mounted one time
Mobile IPsec settings PHP refactor corrections. Fixes #14713
Tweak formatting of SMTP notifications
Notification code updates
Return the first interface address instead of the last. Fix #14623
Refactor rule separators. Fix #14691
Correct IPv6 LL addr locate behavior. Fixes #14392
Comments said it should take the first but it was taking the last.
Make that behavior optional but default to taking the first as wasoriginally intended.
Simplify interface_find_child_cfgmtu(). Fixes #13218
Option to require if select before showing fw rules. Implements #13124
Originally submitted in PR 4582 by Chrisc-c-c at GitHub
Add a setting for PHP memory limit in System -> Advanced. Feature #13377
Prevent running upgrade code on first boot. Fixes #14698
Cast to string before ctype_digit() testing. Fixes #14702
pkg-utils.inc: just consider the first line of output from rquery when determining remote version.
Fix var name in ipsec_ikeid_next(). Fixes #14690
Extend support for SCTP in firewall and NAT rules. Implement #14640
Support specialnets in outbound NAT source/destination. Implement #3288Also, show an asterisk in place of 'Any' for the source,and avoid generating oNAT rules with invalid aliases.
Extend alias and VIP checks to outbound NAT
Work around weak certificates for nginx. Implements #14672
Check OpenVPN instances for deprecated items
Certificate digest strength changes
Part of ongoing changes for OpenSSL 3.x
Refactor outbound NAT target config fieldDon't keep a separate target field, and handlesome older configs on upgrade.
Revert "Refactor outbound NAT target config field"
This reverts commit 5557bc594916a5a6ff51ac8ed319a6ad436d3475.
Refactor outbound NAT target config fieldThere's no need to keep a separate target field,and now it's easier to implement #3288.
syslog: filterlog now exports port numbers for SCTP. Implements #14667
Add safety belts around memory size checks. Fixes #14648
Avoid displaying duplicate anchors with pfanchordrill. Fix #14637
Use pf macros for <interface> subnets. Fix #6799This changes the behavior of '<if> subnet' in generated firewall/NATrules. The previous behavior expands '<if> subnet' to a list of subnetsin PHP then generates filter rules with that list. Instead, create a pf...
Correct OpenVPN if IP addr code. Fixes #14646
"OpenVPN clients" is not a valid rule src/dst, remove it.
Revert "dhcp: support simultaneous v4 dhcpd and dhcrelay, Implements #14620"
This reverts commit e9577ebfd7852646a66697a3bde41b712687a4ca.
Allow legacy PKCS#12 export to function (for now). Fixes #14635
Refactor translation target for outbound NAT
Refactor display of special networks
Allow use of interface groups in firewall rule source/destination fields. Implement #14448
Refactor usage of special networksPre-requisite for easier implementation of interface group in firewall rules.
Use the correct index when saving rule separators. Fix #14619Also fix displaying rule separators with an out of range index.
dhcp: support simultaneous v4 dhcpd and dhcrelay, Implements #14620
Add dynamic DNS support for Porkbun DNS, closes #14402
Signed-off-by: Nita Vesa <nita.vesa@elektrik.link>
Restore and continue to support dhcpleases6 until Kea migration is complete. Fixes #14502
dhcpd: re-add devfs to dhcpd chroot (BPF needs it)
dhcpd: remove unnecessary paths from dhcpd chroot
Validate all URL alias types when expanding URL aliases. Fix #13068
/etc/inc/syslog.inc: Update accessor method formatting. Fixes #14563
ipsec: refactor config access
Fix static ARP interface check. Fixes #14374
Update util.inc
Add additional check to correctly display "Alias-on-CARP"-style Virtual IPs in Gateway Group VIP dropdown selection. Fixes #14524
Use correct per-log settings path. Fixes #14545
Improve GIF/GRE interface handling. Fixes #14549
Add option to invalidate GUI login on IP address change. Implements #14265
Bump to 2.8.0-DEVELOPMENT
Fix invalid log rotation setup test. Fixes #14517
Add "ixv" to the list of capable ALTQ interfaces.
Ticket: #14408
Read pkg plugins more carefully. Fixes #14474
Don't use LED functions without the expected LED count. Fixes #14482
Use the dynamic repos help text instead of the old 'custom' repo.
Remove the old 'pfupdate' endpoint support.
Disable the support for old style 'custom' repo.
The Plus migration will be handled by the dynamic repos now.
Use the new notation from 877e6b53c7e76f0bcb02621d290a4e325941fd1c.
No functional changes.
Add the missing 'pkg_repos_path' global.
Rerported and tested by: KrisM
Add the dynamic repos support.
Load the repository settings dynamically from Netgate, allowing for moreflexibility and direct support to update for the Plus repositories.
Don't modify routes when adding or removing DNS IP addresses that exist on interfaces. Fix #14288
Fix references to 'disable_carp' introduced in 62fb07c816. #2218
The original commit had some lingering references to a function 'disable_carp'that had been abandoned in favor of a single 'enable_carp' function with enablearg. This commit corrects these lingering references.
resolves issue #13940 by adding a default statement to handle any protocol layout
Correct the filter when validating URLs. Fix #14356
CP fix check for used mac db content. Fixes #14446
Ignore ngeth and wg interfaces when performing interface mismatch detection. For #14410
Correct 6o4 addr variable name. Fixes #14415
Correct alias bulk import regression. Fixes #14412
While here, ensure that a broken alias configuration does not cause PHPerrors which prevent users from using the GUI or console.
inc/upgrade_config: PHP 8.x issues. Fixes #14400
Fix ipsec_ikeid_next() copy/paste errors
The content of ipsec_ikeid_next() had some references to undefined variablesstemming from a change of nomenclature between 'ike', 'req', and 'key'. Thisseems to stem from content in ipsec_ikeid_next() originating as a copy/paste...
Disable CARP until services have started and before shutdown/reboot. Fixes #2218
CARP has historically been enabled as part of interface bringup and sync setupfairly early in rc.bootup. This change intentionally shuts down CARP frominterface bringup all the way until services have been started to ensure that a...
Relocate ConfigLibTest.php to new tests directory
To correctly handle running test in situ, add set_include_path() call to addrelative src/etc/inc path to the include path string
Work around PHP var ref scope weirdness. Fixes #14363
Revert "Correct RAM disk swap calculation. Issue #13508"
This reverts commit b10998b1951b3e0d1cb74449a6b6dd333b9d292a.
Correct RAM disk swap calculation. Issue #13508
It was not factored into the shell version as it should be (still aproblem here, see Redmine).
It was also returning a bogus small value on systems that have no swapconfigured.
Fix PHP 8.x issues in separator functions. Fixes #14338
Remove unnecessary utf8_encode'ing to pfSense_kill_states arguments. Partial #9270
Use first label, not last. Fixes #14336
Have rtsold always call the script, even if 'M' or 'O' bits are not set
Update method of finding rule labels. Fixes #14336
The way rule labels are returned from pfSense_get_pf_rules() changed, sothis code needs to follow the new format.
Correct array_path_enabled syntax for nosync check. Fixes #14316
Expose new utility function to validate ethertype. redmine #14308
refactor is_module_loaded to first check by module name, then by file name
refactor format_number and eliminate trailing space on unitless numbers
Load if_gif if needed when creating a gif interface. Fixes #14035
rc.carpmaster: remove openlog() call which changes php-fpm log facility
In commit 0eae38cd2511e304c4660f8aeead751564f9dfc9, this call was addedalongside other changes to the rc.carpmaster script intended to reconfigurecaptiveportals upon promotion to master. When php-fpm executes rc.carpmaster,...
Remove invalid syslog test. Fixes #14283
Having an empty syslog config section is valid, as is not having asection at all. We should always generate the configuration since wealways start the syslog daemon.
If we want to eventually allow not configuring or running the daemon at...