OpenVPN Wizard: Enable exit_notify by default
Follow up with fix for ticket #11684 and also enable it on servertunnels created using wizard
(cherry picked from commit e6389f634a25f6c391531d779e147883568a3e83)
Simplify logic: no functional changes
(cherry picked from commit a314c6c846406115c426ed20b102daf6e206b420)
Outbound NAT: Fix rule duplication - #11981
- firewall_nat_out.inc: Declare $after as a global variable otherwise duplicate rule will always end up at the bottom- Do not set $id and $after with dup parameter value when save button was pressed or it will replace rule instead of duplicate it...
AutoConfigBackup schedule custom hour value fix. Issue #11946
(cherry picked from commit 806d5c497497476e92568e168c302275e576e25c)
Duplicating Outbound NAT rule fix. Issue #11981
(cherry picked from commit 68be10e63195d399089092149e119de30ae6a639)
FRR help links. Fixes #11943
(cherry picked from commit be659aff5a3a52c1e08481a00eb697ecd86a9899)
Allow to use numeric with decimal point for RADIUS Advanced Parameters. Feature #11211
(cherry picked from commit f5ab9736059e616e4a037591ef6f89d1c14e23ed)
Welcome pfSense CE 2.5.2-BETA
Observe 'after' value when creating a new rule
Make VLAN table sortable. Implements #11968
Move globals to include file
ipsec: Normalize ipsec_lookup_phase1()
- $ph2ent doesn't need to be a pointer- Return true when $ph1ent is found since $ph1ent is a pointer and is filled with proper content in this case
Fix PHP error when changing Sys Info Widget. Fixes #11939
Avoid attempting to use $crypto when it's empty/undefined.
Refactor firewall_nat_out for MVC
Refactor firewall_nat_npt for MVC
Refactor firewall_nat_1to1_edit for MVC
Refactor 1 to 1 NAT for MVC
One.com, NIC.RU, Yandex DynDNS support. Implements #11293 #11294 #11358
Set explicit-exit-notify to 1 for new OpenVPN Server instances. Issue #11684
NTP status widget fix. Issue #11495
Set default OpenVPN inactive timeout to 300. Issue #11699
Set default_socket_timeout on XMLRPC sync. Fixes #11718
Include Chelsio temperature values.
https://redmine.pfsense.org/issues/11787
Merge pull request #4518 from bauerstefan/master
Refactor hide logic for fields on DynDNS edit page. Fixes #11840
The page included hide/show logic for username field only for fewproviders, which meant that if a provider with the hide logic wasselected, then the field was lost for all others too. This commit...
Merge pull request #4517 from vajonam/fix_address_clone
IPsec Dashboard widget improvement. Fixes #11893
Change firmware update message text. Issue #11897
Merge branch 'viktor/pfSense-nat11ipsecfix'
Merge branch 'viktor/pfSense-ng6255fix'
Merge branch 'viktor/pfSense-11850fix'
Merge branch 'viktor/pfSense-ipsecvtidisable'
Merge branch 'viktor/pfSense-sanitize_pass_radmac_secret'
Merge branch 'viktor/pfSense-noticeshtmlencfix'
Merge branch 'viktor/pfSense-tcpflagsinputvalidation'
Merge branch 'danilo/pfSense-bug11754fix'
Show Export P12 icon if certificate is not locally renewable. Fixes #11884
Radvd config page reload/logs buttons. Fixes NG #6255
NTP Authentication key input validation fix. Issue #11850
1:1 NAT IPsec/OpenVPN/L2TP/PPPoE and interface groups input validation fix. Issue #11751
Firewall Rule TCP flags input validation. Fixes #11762
Notices modal window HTML encoding fix. Issue #11765
Sanitize pass and radmac_secret. Fixes #11767 and #11769
Allow to disable IPsec PH1 when related P2s are in VTI mode and enabled. Fixes #11792
IPsec multiple identical P1 tunnels input validation improvement. Fixes NG #6010
Do not try to display too large PHP_errors.log file. Fixes #11685
Remove unused killall qstats command. Issue #11229
Reroot is safe on ZFS now, so allow it. Fixes NG 6304
Update services_dyndns_edit.php
Fix additional typo in description.
Allow group authentication for NoIP dyndns service.Extend information for service NoIP to replace ':' in username by '#'.Allow '#' in username.
Correct IPsec P1 Child SA Start Action validation. Fixes #11576
Add spinning icon to IPsec status wait message
fix for missing 0 subnet when clone address entry, needed for vpn's that need two 0 subnets one for ipv4 and ipv6
Add IPsec GUI control for Child SA Start Action. Implements #11576
Improve Captive Portal redirect URL handling.
Moved web include files from /etc/inc/web to /usr/local/pfSense/include/www
Show Unbound used certificate on the Certificate Manager page. Fixes #11678
Note says that gateway or failover gatewaygroup are valid options #11164
Fix #11760: Make sure log file exist
Prevent PHP complaining about log file not found and create an emptyfile when it doesn't exist. In this case return code will not be readand it will not break the loop, trying one more time.
Updates the help text for DigitalOcean client setup. Issue #11754
Firewall Schedules edit fix. Issue #11747
Upgrade: Improve information when it fails
Since first version after pfSense-upgrade, pkg_mgr_install.php waits forpkg socket to start presenting information to users. This socket isresponsible for providing needed data to make progress bar to work.
When socket never shows up, usually because pfSense-upgrade aborted...
Display a suitable message in the textarea if the update process aborts for any reason. Tighten up timing so that update attempts that complete very quickly are not missed.
Find IPsec IKEv1 SAs widget fix. Issue #11435
Remove WireGuard support
Out of an abundance of caution while we investigate the claims aboutWireGuard in public, we need to remove it from pfSense Plus and CE inorder to shield customers from potential risk.
Fix user cert parameters when creating user+cert. Fixes #11705
Fixed #11702 by revising ramdisk code
set_curlproxy() fixes. Issue #11476
Finish refactoring firewall_NAT* for MVC
Reject IPv4-mapped IPv6 addresses on Mobile IPsec DNS server input validation. Fixes #11446
Refine help/error text for system domain. Fixes #11658
IPsec IKEv1 mixed Phase 2 IP protocols support. Issue #11643
OpenVPN auth sources strlen validation. Issue #11104
route_del() optimization. Issue #11475
Reverse x509 escape cert subjects on renewal page. Fixes #11654
Revise firewall_nat_edit for MVC
Remove obsolete vars for MVC
Revise firewall_nat.php for MVC
Typo fix. Issue #11624
Rework WOL page a bit. Fixes #11616
Move custom IPSEC NAT-T port settings to Advanced Options. Todo #11518
Set explicit-exit-notify to 1 for new OpenVPN Client instances. Implements #11521
OpenVPN data-ciphers option length validation. Issue #11559
OpenVPN ncp_enable checkbox fix. Issue #11554
WPA Enterprise PAP inner method support. Issue #2400
Show changed NAT timeouts on the system_advanced_firewall page. Issue #11565
Use set_curlproxy() function for cURL proxy configuration. Issue #11476
System Information widget fix. Issue #11443
Allow to use OpenVPN provided DNS servers. Implements #11140
WPA Enterprise (PEAP/TLS/TTLS) client mode. Feature #2400
Merge pull request #4491 from dsmackie/issue-9887
Merge pull request #4500 from bitscher/master
Fix IPsec connect/disconnect for all tunnels. Fixes #11486
Fixed #11464 by adding proxy configuration to web service calls
Merge branch 'master' into master
Revised firewall_virtual_ip_edit for MVC
Fix broken help link.
firewall_virtual_ip refactored fro MVC
Refactored system_advanced_misc for MVC