Prevent "Ignore denied clients" and "Failover Peer IP" from being combined in the DHCP server settings for IPv4. The daemon fails to start when configured in this way, it apparently only allows "allow" or "deny" in failover mode. Fixes #5898
Fix link_interface_to_vips() to account for IP alias over CARP.
Simplify and correct the comments in get_carp_interface_status().
Simplify the code with the use the newly introduced function to list CARP addresses.
Fix the return value if no matching VIP was found.
Implement a switch that allows get_configured_vip_list() return only the selected type of VIP addresses: CARP, IP alias or all VIPs (default).
It seems that a few packages still rely on this.
Ticket #5885
Call conf_mount_rw() before run pfSense-upgrade to avoid doing it twice
Break long lines
This seems to have negatively impacted LAGG/VLAN configs. Revert "Only set IFCAPS where they're not already set correctly. Ticket #5887"
This reverts commit 7f283fab1b18bb575537bb8498b16a6b1b6d0251.
Fix interface write_config message for dhclient_update_gateway_groups_defaultroute
Typo in var name.
gmirror widget fixes
1) Internationalize the table column headings.2) End the tbody and table tags.
Merge pull request #2637 from k-paulius/patch-6
Whitespace functions.inc
while I am here looking at other stuff.
Add support for multiple span ports on bridge.
While here, fix and improve the error detection for the selected ports.
Inspired by pull request #2613 from heper/patch-1
Ticket #5871
Rename 'Backup/Restore' to 'Backup & Restore' so it does not clash with breadcrumb separator.
Rename NTP tab to Settings to be more user friendly.
Review alert wording. End sentence with period, remove redundant 'Warning', 'Error', etc. prefixes, since alerts are now color coded. Remove <b> tags.
Use print_info_box() to generate alerts
Merge pull request #2634 from nwholloway/eclfix_2_3
Merge pull request #2625 from NewEraCracker/inc-ipv6-fix
Logic correction
From my understanding ppp['mtu'] and ppp['ports'] are directly related with each other and they correlate information about mtu and ports. This specific commit doesn't introduce anything new other than simplifying the code slightly
Fix #5890 find disk slices as candidates for loading "config.xml" at boot
In commit 873c1701, the call to "/bin/ls /dev/{$disk}s*" was surroundedwith "escapeshellarg" so the wildcard is not expanded.
Use "glob" to find the slices for a disk instead.
Internationalize dyndns.class
I tried to consolidate and make some of the message logging more consistent along the way.
Make a couple changes to PPP default gateway handling to address issues with default gateway switching. Fixes #1837Tested with default gateway switching on and off, by rebooting, manually disconnecting the PPP link, and manually disconnecting the NIC link, worked each time, though still possible some issues remain. Feedback appreciated.
Renamed SMART to S.M.A.R.T.
Synchronize page titles with tab titles. Rename some titles in order to be more consistent.
Renamed 'Wake on LAN' to 'Wake-on-LAN'
Synchronize page titles with tab titles. Rename some titles in order to be more consistent. Convert page title to title case.
Synchronize page titles with tab titles; Rename few titles in order to be more consistent.
Fix the returned string when no status is found for this CARP.
No functional change.
Only set IFCAPS where they're not already set correctly. Ticket #5887
Refine the way the DNS Forwarder and DNS Resolver are handled via XMLRPC. Fixes #5882
Remove German from English message text
Merge pull request #2626 from phil-davis/patch-1
Merge pull request #2624 from NOYB/Firewall_/_Rules_-_Prevent_Separator_Orphanage
Merge pull request #2623 from NOYB/Firewall_/_Rules_-_Consolidate_Move_Separators_Function
Synchronize page title with tab title. Convert page title to title case.
Synchronize page title with tab title. Renamed GRE to GREs, GIF to GIFs and LAGG to LAGGs to match VLANs, QinQs, etc.
Remove duplicated line in config.inc
This had been duplicated way back in https://github.com/pfsense/pfsense/commit/10e91486fa5c2d467135bcaa887aee83458442a0
Add check of IPv4 only IPs on IPv6 SplitV64
Will prevent access to wrong string offset
Firewall / Rules - Prevent Separator Orphanage
Prevent orphaning separator(s) at the bottom when deleting the rule at bottom of the list.
If URL table file size is 0, force update. Ticket #5848
Firewall / Rules - Consolidate Move Separators Function
Consolidate the moving of separators for add/copy/dup/delete into a generic function.
add an option to only validate URL tables, so stray files aren't left behind when input validation fails. Ticket #5848
Parse URL Table alias downloads with parse_aliases_file to ensure only valid contents. Ticket #5848
Prefer dnsmasq's host overrides when it's enabled. Ticket #5883
Merge pull request #2620 from NewEraCracker/inc-ipv6-docs
Merge pull request #2619 from NOYB/Firewall_/_Rules_-_Display_Separators_Efficiency
Merge pull request #2616 from k-paulius/captions
Fix typo which caused broken syntax highlighting
Add support for IPsec TFC. Ticket #4688
Firewall / Rules - Display Separators Efficiency
Use a list of separator rows to call the display separator function only for rows which there are separator(s). More efficient than looping through the list of separators on every row.
Fix IKE version "auto". Ticket #5880
Fix ddns domain name Ticket #4366
Return loopback description for friendly interface. noticed as part of Ticket #4450, applicable across a variety of things.
Fix regression with missing 500/4500/ESP rules for IPsec bound to gateway groups. Ticket #4858
Fix RADIUS spelling. It is written in all caps.
Convert section titles to title case
Add is_array test and change !empty test to is_array test.
Fix dyndns breakage after changes on Ticket #4366
Make RRD lists global, validate graph name using whitelist of known values rather than blacklist of characters, beef up validation and escaping of related values while here. Fixes #5874 for 2.3
Fixed #5873
Remove process_alias_unzip, which never worked because of variable typo (at a minimum) and wasn't documented as an available feature so people don't expect to be able to use it.
Return false if download fails in process_alias_urltable so input validation based upon it works. Ticket #5848
Match this to max_input_vars for large aliases
Correct variable in error log
Don't try to process aliases whose downloads have failed in update_alias_url_data(). Ticket #5848
Sync up download_file_with_progress_bar with download_file. The former is no longer used in the base system, but still in some packages.
Further revision to service hiding system
Fix style issues.
Add the configuration upgrade code to make sure the existent settings will work after the last changes.
The CARP part of this code should be added together with the initial uniqid changes.
Fix get_interface_ip[v6]() to try first the IP from our configuration before ask the kernel. The OS will return the first IP it find for the interface and not necessarily the main IP address.
This can cause conflicts where get_interface_ip[v6]() returns a CARP or IP alias for the interface (missing the real IP and generating a duplicated IP address).
Review of CARP uniqid changes.
It turns out that current CARP implementation is not much different from an IP alias.
This commit converts the IP alias to also use the CARP uniqid scheme, this simplify the code in all other places because now we have only two different cases to deal with:...
Return false in download_file rather than the failed status code when a download fails. Return would always evaluate to true previously though other parts of the code expect a false value when a download fails. related to Ticket #5848
Merge pull request #2600 from NOYB/Firewall_/_Rules_-_Page_Efficiency_Upgrade
Merge pull request #2605 from phil-davis/patch-1
Merge pull request #2604 from NewEraCracker/illegal-offset-fix
Make display separators function generic and move to filter.inc.
A little tweak for code consistency. No functional change.
Bring NAT separators into the fold.
Also add config empty test to upgrade script.
Firewall / Rules - Page Efficiency Upgrade
1) Only load the rules of the selected interface instead of loading all the rules of all interfaces and hiding them. Very inefficient and can result in sluggishness. Especially with large number of rules and/or large alias tables....
get_failover_interface returns the parent physical NIC for _lloc interfaces, so make sure it's returning null before it gets to that point.
Use IEC KiB MiB GiB TiB units
See forum https://forum.pfsense.org/index.php?topic=106547.0 for discussion if this is wanted.
This should prevent the possibility of illegal offsets
If you poke pfSense WebGUI you'll find some funny stuff. Username and Password should never be arrays at all.
Add support for TB when reporting bytes
Forum: https://forum.pfsense.org/index.php?topic=106470.0I believe that this should work OK on both 32 and 64 bit systems. A 32-bit system will convert big values of $bytes and big numbers like 1099511627776 to float first, then do the comparison. 64-bit systems will do (int) comparisons. Either way, in the end, the value is sprintf() into a float anyway....
Don't include 127.0.0.0/8 in unbound.conf in forward mode. Ticket #5750
Merge pull request #2587 from davidjwood/preserve-sshd-parent
Merge pull request #2588 from davidjwood/rrd-ntp-offset
Handle start/stop of OpenVPN client instances bound to gateway groups using CARP IPs. Ticket #4858
clean up text
Fix get_interface_ip to return correct IP for CARP VIPs. Ticket #4858
Tell rrd that ntpd offset can be negative as well as positive
Fix find_interface_ip for gateway groups with VIPs. Ticket #4858
Don't kill an sshd parent process on exit from /etc/rc.initial
This stops exiting a shell running in an SSH session from terminating the parent sshd process, which has the unwanted side effect of killing all other sessions running under that sshd process (including cloned shell sessions).
Merge pull request #2585 from k-paulius/patch-pkg-syslog-v2
Set gif interface MTU in interface_gif_configure if it's not already correct. Ticket #5842
Adding ability to run dhcp6c in debug mode.
Return blank rather than 0ms/0% for unmonitored gateways latency and loss. Show on dashboard widget when a gateway is unmonitored. Ticket #2226