interface_bridge_add_member is inadequate for adding a bridge member that may have not existed at the time of bridge interface's creation. interface_bridge_configure on the interface's bridge ensures all settings (private, etc.) are applied. Ticket #4312
Switch to disabling strongswan unity plugin by default. Ticket #4178
Replace default passwd hash for root/admin using blowfish
Fix #5794 remove print_info_box_np chackes for gettext("apply")
1) Get rid of the stristr() checks to "guess" if an apply button shouldbe used.2) Change print_info_box() so it can take a button name of "close" , "apply" or none to decide which button to show....
Somehow missed this in the committed version.
Relocate subnet mask drop-down to a more sensible place on the PPPoE server, add a user login count option.
Make sure LANG = C for pkg calls
Move set_language() call back to guiconfig.inc since it's causing trouble on console
Remove attributions of return code not being used at all
Follow FreeBSD steps (r294560) and stop creating rsa1 and dsa keys by default
Fix #5690:
- Remove parameters from set_language()- Add a global variable for default language- add env var for LANG, otherwise it won't work
Fixed #5789
Use tab instead of spaces
Use a single call to dpinger for a coherent view of latency/stddev/loss.
The topology line also must be skipped if an SSL/TLS mode is used with a CIDR less than 30.
Initialize $stop_time inside foreach to make sure it resets to proper value each iteration since it's changed inside loop. Reported on https://github.com/pfsense/pfsense/pull/2487
Obsolete libstrongswan-unity.MOVED
Fix #4178:
- Stop moving unity .so file around to make it not being loaded- Include all modules default .conf file from strongswan.d/charon- After default files are included, define custom settings- When unity is disabled, add a rule to make strongswan to not load it
Fix strongswan.conf indent level
Merge pull request #2472 from dennypage/master
Remove ORIGINAL_PORTAL_IP, it was never used.
Revert chmod change from 9219378b588ce968702be2a7e153aa984504b6aa
Merge pull request #2450 from hexaclock/master
Update smtp.inc to 2016-01-18
Update auth.inc
add XXX prefix.
autocapitalize off is deprecated, use none instead. Ticket #5776
Add standard deviation to gateway status and widget
add note about r284483
Bring text to current reality
more style fixes. unset old fields
style fixes
Merge pull request #2421 from stilez/patch-8
should be min($bits1, $bits2) for 'largest subnet'
Respect smtp debug setting
Revert "add all of /usr/local/lib/lighttpd to obsoletedfiles"
pfBlockerNG is going to use lighttpd
This reverts commit c74719cde73c8ce19465e1887f8c519c4818147c.
Revert "Add more lighttpd pieces to obsoletedfiles list"
This reverts commit 4bebb56a23658eac8791df7c1a44927e66c6d51c.
fix Bug #5776
Fix dns test for localhost inclusion, when saving now the port value can be set but empty. Fixes #5775
Merge remote-tracking branch 'upstream/master'
compatibility with freebsd
Do not allow certificate to be deleted if it's been used by a package. Fixes #4142
Silence stream_socket_enable_crypto() warning when CN doesn't match. Fixes #5604
Encode DHCP/DHCPv6 server additional BOOTP text options before save to XML to preserve data. It fixes #5623
Update license on files from /etc/inc
Update sasl classes to last version and remove all style customizations - http://www.phpclasses.org/package/1888-PHP-Single-API-for-standard-authentication-mechanisms.html
Update smtp class to latest version, fixes #5604
- SMTP class from http://www.phpclasses.org/package/14-PHP-Sends-e-mail-messages-via-SMTP-protocol.html- Adapt code to current version, only change was tls parameter became start_tls
Respect force parameter even if message is the same of last sent
Add config upgrade code to remove L7 config pieces, and file a notice where found. Ticket #5508
switched to bcrypt as per #4120
added bcrypt auth as per #4120
Simplify logic and fixes on interface_vlan_adapt_mtu()
- Remove some redundant code and define $if_mtu respecting the order - Assinged interface - PPP - default- When interface is a VLAN and parent is LAGG, it must be re-created
When parent of a VLAN is LAGG and need to set a different MTU, interface must be re-created
Use proper variable ($wantedmtu) to get vlan MTU
All lagg members are exclusive, set the same MTU defined on interface instead of consider what is currently set on members
Rename variables to make more sense
Simplify logic
Merge pull request #2422 from phil-davis/patch-2
5 or 6
fix $subnet1 should be $subnet2, thanks rbgarba
Revise binat rule when nobinat is set
Fix no binat checkbox
Fixed #3887
Fix #5767 config validation errors when first enabling DNS Resolver
Generate a complete set of test conf files in /var/unbound/test subdir when doing the validation of the tentative config that is being saved.This avoids any dependency on any of the "real" files already existing in /var/unbound and also avoids the chance of overwriting a live file that is currently in use by the running unbound....
Prevent GIF/GRE from making dummy/unusable gateways that show up for monitoring/routing/etc. Fixes #5766
Fix missing ')'
Accommodate webgui separator bar by ignoring when loading rules
Update copyright notice
Fix whitespace in upgrade_118_to_119
fix 4 should be 6 (thanks, good catch)
Fix logic for subnet overlap check + canonical for IPv6
The subnet overlap functions came up as a concern while fixing redmine 5702.Specifically - The "canonical" function check_subnets_overlap() doesn't handle IPv6 (util.inc has standardised on v4/v6/agnostic versions, but this doesn't fit). Fixed by adding transparent detection of v4/v6 and a specific IPv4-only version...
Merge pull request #2406 from stilez/patch-9
Remove spaces at EOL as requested
Fix attribution. Spotted-by BBcan177
Merge pull request #2407 from stilez/patch-11
Add missing spaces
redmine 5702 - switch to high level IPv4 functions instead of low level ip2long32() etc
redmine 5702 - change to use high level IPv4 functions where low level ip2long32() etc are used
Use case-insensitive regex matching for http_host in nginx captive portal configs.
Update URL for dyns to match their current docs. Reported by GP^ on IRC
Match nginx max body size with PHP's upload_max_filesize
Convert remaining short_open_tag occurances. See PR #2378
set nginx client_max_body_size large enough for config restore and other purposes.
Rework a bit interface_mtu_wanted_for_pppoe(), no functional changes
HTML Compliance - Firewall / Traffic Shaper / Limiter
Bad value button for attribute type on element a: Subtype missing.(only used if href attribute set)
The font element is obsolete. Use CSS instead.
Fix DDNS dhcpd(v6).conf config generation issues. Ticket #5603
Stop all nginx processes before attempt to start new ones. Fixes #5746
Fix reverse DNS zone names on dhcpd conf. It should fix #5041
Merge pull request #2380 from NewEraCracker/php-standards
Account for IP aliases in IPsec firewall rules. Ticket #5500
Strengthen PHP session settings
See https://secure.php.net/manual/en/session.configuration.php#ini.session.hash-function
Revert maximum array depth (aka input nesting level) to default values
This is per default 50 in Suhosin (*.max_array_depth) and 64 in PHP (max_input_nesting_level)
Note: Array depth is not the number of elements within an array.
10m ssl_session_cache is adequate for our use cases.
Do not set PKG_AUTOUPDATE=false anymore and let pkg to update metadata when it's necessary. Some users reported to see issues in cases where update was necessary
Remove /etc/inetd.conf and obsolete inetd related files
Revert "Force update if code reaches this point"
This reverts commit 5bcad0f5ec57858a6713cfbdbfcdf7004621b01b.
Revert "Avoid mounting / rw without need when it's possible"
This reverts commit 0305284cf2d66119d6df8e57cdc52eb3b4d478af.
Use the local dh-parameters for nginx rather than the default.
Fixed up for vpn.log filtering.
Status - System Logs - VPN
Revamp log file selection method to be consistent with the other system logs.Add advanced filter section; only activated for the non-vpn.log files (needs testing with vpn.log file first, continue using dump_clog_vpn until tested)....
Merge pull request #2372 from phil-davis/patch-2