Switch domain overrides from stub-zone to forward-zone. Ticket #6065
Comment out no longer used function. Remove after next release.
Merge pull request #2872 from phil-davis/dpinger-params-check
Setup HTTP_PROXY environment variable for pkg when it's called from the GUI and also for pfSense-upgrade
Merge branch 'patch-7' of https://github.com/phil-davis/pfsense
Merge pull request #2886 from phil-davis/patch-6
Escape username before use in CP SQL
A maybe "better" version to try.
Handle single quotes in user names for CP
Forum: https://forum.pfsense.org/index.php?topic=110243.0This is a trial - make sure it really works before committing.
Fix trivial GUI typo.
TRB should be TBR for "Token Bucket Regulator".
chmod +x on rc.backup_aliastables.sh. Ticket #6189
Merge pull request #2878 from NOYB/Alias_Tables_RAM_Disk_Store
Merge pull request #2877 from phil-davis/dns_get_record
Trim the OpenVPN tunnel network before use, and on save. Fixes #6198
Fix #6187 Handle Growl IP Address problems
Alias Tables RAM Disk Store
If ramdisk is enabled keep a copy of the alias tables to restore at boot time. Otherwise unpredictable behavior may occur due to some aliases not being available when the firewall rules load.
Because alias tables are typically somewhat static, the following strategies are employed to keep write cycles to a minimum for SSD and flash drive type devices friendliness....
Fix sshd can't load key log spam
Closes [6143](https://redmine.pfsense.org/issues/6143)
Fixed #6174
Add checks in case there are dpinger param problems
in 2.3 installations that were upgraded from 2.2.* when the apinger todpinger params conversion code in upgrade_130_to_131() was not so good.
Merge pull request #2869 from phil-davis/dpinger-upgrade
Unset dhcpdv6 on LAN here as well. Ticket #6152
Add lock in vpn_ipsec_configure. Ticket #6160
Add table.css to Obsoleted files list
Fix #6142 validate and adjust dpinger params on upgrade
1) The previous "down" value was being converted to msec and put into"loss_interval". It should go into "time_period".2) loss_interval must always be at least latencyhigh - make it so iflatencyhigh is big....
Correct OpenVPN upgrade code for topology subnet.
Put gateway name and group around the correct way
Redmine #6134Forum: https://forum.pfsense.org/index.php?topic=109781.0Originally broken by commit: https://github.com/pfsense/pfsense/commit/d18f3f6e09b86359395cd78db2e19f721818b992
Update RRD Script - Comments
Correct units in conversion comments.
Merge pull request #2861 from NOYB/Easyrule_Block_Firewall_Separators_Update
Merge pull request #2857 from phil-davis/patch-6
Merge pull request #2853 from NOYB/Miscellaneous_II_-_Remove_Personalizations
Easyrule Block Firewall Separators Update
Update firewall rule separators positions when adding an easyrule block.
Always use sprintf with log_error
I noticed this while looking at other stuff in notices.incIf this log_error() call ever happened, it would not have done anything useful.
Miscellaneous II - Remove Personalizations
Remove "you" personalizations.
Miscellaneous - Remove Personalizations
Do not try to register pre-installed packages on read-only media
Respect all Class attributes returned by the RADIUS server, not only the last one received. Fixes #6086
Teach get_user_privileges how to retrieve groups from LDAP/RADIUS, and have getUserEntry fall back to a format that will allow it to function. Net result is that now userHasPrivilege() will respect remote groups as well as local groups, which fixes #6088
Deprecate references to modulate state. Remove rule allowing TCP 1723 inbound when PPTP client is in use, as that's unnecessary.
Clarify log when skipping v6 bogons update.
Use PHP cli to silence output garbage
Rework the way repo packages work
- Distribute only a single pfSense-repo package containing all templates- Create a symlink pointing to selected repo- Do not limit it only to pfSense-repo and pfSense-repo-devel
(cherry picked from commit a90f1c9b12c4d31ea845fa04188e599ba28dbaf1)
Remove "we" personalizations from config.console.inc
I changed "we" to "the system" - if someone thinks so, it could be changed to "pfSense" or $g["product_name"]\If you want to do something different to what I did here, then feel free to close this and make the required changes.
Ticket #6053
- Do not call ntpdate before start ntpd, ntpd g parameter is enough Deprecate /usr/local/sbin/ntpdate_sync_once.sh- Remove system_ntp_configure parameter and always start ntpd
(cherry picked from commit 5a758355ec9a20ff75c9191b6915df64255fb8be)
Remove unused function sync_system_time()
(cherry picked from commit 67c934440521e8081d90850f4a10a40e82603db3)
Merge pull request #2831 from NOYB/Includes_-_Remove_Personalizations
Includes - Remove Personalizations
Remove dead note from OpenVPN widget
This note is never going to display, because $DisplayNote is only set ina function and is not global.In any case, I don't think the message is true (maybe it was true in thepast?).
Bump master version to 2.4-DEVELOPMENT
Bring back radvd start/stop to carpmaster/backup. Ticket #6043
Bring back rainterface, add config upgrade to convert to new _vip format. Ticket #6043
fix style
Don't modify the group file for scope remote. Ticket #6012
Rather than renaming groups with spaces, mark their scope as remote. Ticket #6012
Revert part of 475f0b6db committed by accident
Stop processing when find it
Add missing PHP modules, it should fix #6041
Simplify logic
Merge pull request #2800 from phil-davis/r1
Specify the zone in the PORTAL_ACTION URL. Ticket #6037
Add brackets for clarity
Add some extra brackets for clarity, rather than relying on the operatorprecedence rules. IMHO this makes it more readable, and no need for thereader to wonder if anything might go wrong with the operatorprecedence.
Set the ALTQ root queue bandwidth.
Whenever possible set it to 1Gb, if the sum of child queues if higher than 1Gb, set it the correct value so we do not break any existing setup.
Ticket #5721
Fix the sum of child bandwidth.
Now percentages are correctly handled.
Remove commented and unused old code supposed to do the same.
Implement system_get_serial()
Remove dead code
Identify specific hardware models of some Netgate products
Rename variable to a name that make sense
Unset this as well, or else it spams the log needlessly (no actual problem). Fixes #6034
Don't log 404s for captive portal. Ticket #6027
Do not allow empty elements in IPv6 addresses
Redmine #6024Upstream pull request https://github.com/pear/Net_IPv6/pull/14At this point in the checkIPv6 processing the string should be an uncompressed IPv6 addressed - all the elements should have something in them, a "0" if that element is zero. So any zero-length element is a problem.
Disable the check of subqueues bandwidth until it is fixed.
Pass the correct variable to get_interface_bandwidth(). Fixes the boot crash reported by JimP.
Spotted by: Jorge OliveiraTicket #5721
Fix display of gateway IP address and gateway/group descriptions in firewall_rules_edit.php.
Band-aid to stop this from breaking the firewall. Ticket #5721
HTML Compliance - Vertical Align
pkg.php and functions.inc
Add paren here for clarity, suggested by Phil Davis.
Force the existence of bandwidth on root queue.
If the bandwidth is not set the speed of root queue is set by media status.
In this case a ruleset which contains queues with speeds higher than 100Mb/s will fail to be loaded when the root interface is connected to a fast ethernet port (100Mb/s) - but works fine on a gigabit ethernet port....
Remove ssl_stapling. Ticket #6020
Re-run priv script to pick up changes.
Detect default config flavor
HTML Compliance - Captiveportal
Text Align & Background Color
Don't log to filter.log when local logging is disabled. Ticket #6018
Have recovery mode go to a shell as intended.
Read return code from right command
If there was a group with a space, delete all the user-defined groups before hitting local_sync_accounts so pw doesn't get hung up. Ticket #6012
Merge pull request #2766 from jlduran/nginx-ssl-parameter-on-listen-directive
Check whether group exists using GID rather than name. Users can change the name, but not the GID. Check return code of pw for whether group exists. Ticket #6013
Save changes to config in 148 config upgrade. Ticket #6012
Ensure replacement group name is unique
Cleanup nginx configuration file
- Fix indentations- Use the `ssl` parameter of the `listen` directive [1]- Change the rewrite rule to use the recommended syntax [2]
[1]: http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl[2]: http://nginx.org/en/docs/http/converting_rewrite_rules.html
Fixed #6012Config upgrade function replaces space with underscore in group names
fix rrd error on boot
Seems to be a copy/paste error remain from when i initially created the dhcpd rrd thingy. Just noticed this now ;)
Mar 17 22:33:34 php-cgi rc.bootup: The command '/usr/bin/nice -n20 /usr/local/bin/rrdtool update /var/db/rrd/opt3-dhcpd.rrd N:U:U:U:U:U:U:U:U' returned exit code '1', the output was 'ERROR: /var/db/rrd/opt3-dhcpd.rrd: found extra data on update argument: U:U:U:U:U'
FIlebrowser package moved to vendor direcroty
Relocated tree directory to vendors/tree
Update file_exists check to full path as done in other files
Fix CSS paths missed by 9d1be24ef72c0c27fe7a297bf79ec5e4f552a390
remove extra slash
point css files to the new location
remove old depricated location
organize assets and put 3rd party into vendor folder
Remove workaround introduced in a2febf9a0. It reduces download timeout to 10s and break update from 2.2 to 2.3
Add an option to define extra env vars to pkg_call() and pkg_exec()