Improve input validation for services_dhcpv6_relay
Make the same imrovements as was done for services_dhcp_relay in commit https://github.com/pfsense/pfsense/commit/ac999f3b7894bd8d5fc35419a22cc2df39416e42
Do not allow a group name to start with 'pkg-', reserve it for packages use (e.g. tinc)
Update interface group name validation rules to match ifconfig
Fix #6976: Make sure interface description, interface name and alias don't have the same name
Ticket #6976: Check disabled interfaces
Fix CA input validation to (again) allow an import without a key. Fixes #7001
Update services_captiveportal.php
fixes https://redmine.pfsense.org/issues/6391
Improve input validation for services_dhcp_relay
While looking at interactions between DHCP Relay and DHCP Server, I noticed a few annoying/inconsistent things in driving the UI:1) If there were validation errors on the Destination Server IP Addresses that the user input, messages would be given about invalid addresses but the data in the Destination Server row(s) would be reset to what it was before the user started editing, losing whatever they changes they had been trying to make so far....
move export button to heading for status monitoring page
Fix #6472: Enable/Disable associated firewall rule when NAT rule changes
Ticket #6472: Respect disabled field
Respect disabled field when creating firewall associated rule
Do not set disabled or nordr fields when they are not selected. Checks are using isset() and not its boolean value
Rule type icon should not change to 'X' when disabled
Fix copy/paste error in variable test.
Change (assign) to Assignments in Interfaces menuAdd HTML divider in Interfaces menu to separate actions form the interface list
Fix log file deletion
Remove destination self from NAT 1:1
It is not needed and caused problems if used and was not remembered onedit anyway.
Merge pull request #3257 from phil-davis/patch-7
Feature #3151 Disable gateway monitoring actions
without disabling gateway monitoring.
This allows the user to continue to monitor the gateway with dpinger, sothey can see how it is performing, but for the system not to take anyreal action if the latency/loss exceeds the given limits....
Merge pull request #3256 from phil-davis/patch-5
Merge pull request #3249 from plumbeo/idletime-in-sessiontime
Merge pull request #3240 from derelict-pf/ldap_starttls
Fix #6224 NAT edit - preserve user selections when input errors
1) Edit a NAT Port Forward rule, change the destination type to "Network", but do not input any network address/mask.2) Press Save, an input error is reported telling that the network destination address/mask is required - good....
NAT 1:1 edit - preserve user selections on edit-save with input errors
1) Edit a NAT 1:1 rule, change the source and/or destination type to "Network", but do not input any network address/mask.2) Press Save, input errors are reported telling that the network source and/or destination address/mask is required - good....
Tidy input errors in services_ntpd_acls
1) If there are multiple rows with invalid IP addresses then the same message was displayed multiple times. We might as well let the use know which row(s) have the problem.2) The section that checks is_subnet stuff was first using is_ipaddr() (redundantly given it is already in the else of !is_ipaddr() ), and then is_subnet() - these would have handled both the IPv4 and IPv6 cases, so the other IPv6 tests would never have happened....
Merge pull request #4815 from doktornotor/patch-2
Merge pull request #3159 from stilez/patch-46
Merge pull request #3181 from moisseev/master
remove bogus debug
Fixed #6454Fixed #6984
Do not truncate IPv6 addresss in NTP widget (Bug #4815)
Captive portal: add option to include idle time in total session time
Add an option to choose whether the time spent idle by a user disconnected for exceeding the idle timeout must be included in the total session time sent to the RADIUS server or not.
Remove the PHP limit from diag_dump_states(), it is now managed on pfSense_get_pf_state().
OpenVPN populates IPv6 env vars now, so we can fetch them for the IPv6 gateway. Fixes #6016
Merge pull request #3145 from skrude61/master
Standardize and fix 'other' type VIP display on NAT pages. Fixes #6094
Fix 'Other' type VIP options. Ticket #6094While here, remove some defunct 'range' code that was never used.
Merge pull request #3213 from PiBa-NL/interfaces-gateway-message
Merge pull request #3246 from overhacked/dhcpd-dyndns-force-hostname
Add decoration to "On latest version" message
Revise status messages. Adjust PID file timeout to accommodate slower systems
Remove the broken e-mail options from diag_smart.php. Fixes #6393
Print a message about SMART not working on uFW/SG-1000 (smartmontools is not available there)
Remove extraneous )
Correct "not ready" flag
Allow for slower uFW by removing log file before upgrading, and allowing more time for the PID to appear
Clarified help text for ddnsforcehostname option.
Added title to ddnsforcehostname checkbox
Add ddnsforcehostname option to DHCP6 Server configuration editor
Add ddnsforcehostname option to DHCP Server configuration editor
Add ddnsforcehostname option to Static Mapping editor
If there are input errors when creating a user certificate from the user manager, stop and show the errors rather than appearing to fail silently. Fixes #6953
Ensure that the submitted private key matches the certificate or CA when importing. Ticket #6953
When deleting a CA, do not delete all certificates from this CA, only remove the CA reference from certificates that used this CA, as the relationship can be rebuilt if needed. Also, prevent in-use CAs from being deleted and print a list of places a CA is used, similar to the output on certificates. Fixes #6947
Fix the static ARP test
Merge pull request #3219 from NonSecwitter/patch-2
Merge pull request #3241 from phil-davis/patch-2
Merge pull request #3243 from plumbeo/term-cause
Merge pull request #3244 from NonSecwitter/patch-3
Improve input validation on static ARP for DHCP static mapping entries, also prevent the backend from attempting to apply entries with insufficient information stored. Fixes #6969
clarified input format hint for expiration date
Captive portal: use "Admin Reset" as termination cause when disconnecting a user from admin UI
When a user is disconnected by the administrator using the pfSense captive portal status page or widget set the value of the Acct-Terminate-Cause in the RADIUS accounting stop packet to "Admin Reset" (6) as per RFC 2866.
Reword/rework wireless note on assignment page. Ticket #6770
Fix System Update link
Update setup_wizard.xml
IPv6 address can contain a dot
When requiring the entry of an IPv6 address, the regex pattern should still allow a dot, so that an IPv6 address can be entered in the format that has an IPv4-address-like part at the end:aa:bb:cc:dd:ee:ff:1.2.3.4which is a valid way to choose to specify an IPv6 address.
Merge pull request #3216 from seanm/master
Merge pull request #3231 from phil-davis/patch-8
Merge pull request #3230 from phil-davis/patch-7
Merge pull request #3226 from phil-davis/patch-3
Merge pull request #3224 from phil-davis/patch-2
Added addrtolower() to interface pages
Add a note that wireless clones must be created before they can be assigned. This should fix #6770
Start wireless clone count from 0
Change wireless interface description
Fix typo. Ticket #6770
Ticket #6770: Create a function to list available wireless interfaces and include model description
Ticket #6770: Detect wlan interfaces from sysctl net.wlan.devices
Added addrtolower calls to force IPv6 addresses to lower caseFirst of many
Revise filter_reload page to display entire reload_filter_status contents, not just last line
Revise shaper wizards to support multi-line filter_reload_status
Revise update_filter_relaod_status() function to append status messages rather than overwrite the file
Merge branch 'master' of git.netgate.com:pfsense/pfsense
Fixed #6922Added code for IPv6 Dynamic DNS
Remove config files symlinks from /etc to /var/etc. Fixes #5538
Fixed #6939 by moving CSS only to the two pages that require it
Fixed #6931
Revise host and domain sorting so that the index is not lost
Revert "Fix #6864 automatically convert IPv6 input to lowercase"
This reverts commit d461ff40e364fc0ecc003b9f673cbad7c6a08f2f.
Revert "Fix #6918 Allow aliases with capital letters in rules"
This reverts commit 9444a281f051e11d5456cc37b2a3f56fc8a7bc33.
DHCPv6 ddnsdomainprimary must currently be IPv4
This field is currently validated to allow only an IPv4 address to be entered, so it may as well be consistent client-side so the user knows that only an IPv4 address is allowed.
services_dhcp_edit add extra IPv4 validation
a) Validate that ipaddr must be IPv4 (note if you enter an IPv6 address, it will fail other later tests of being in the subnet etc, but it is nice to give the user an explicit message that they must enter an IPv4 address)...
Specify the IP address family in interfaces.php
Where it is known what sort of IP address is required, we can specify it in the call to Form_IpAddress. That will make the hover text reflect what is really required as input, and make the client-side regex pattern also match only the allowed chars.
Fix #6918 Allow aliases with capital letters in rules
Expand the types of Form_IpAddress so that the caller can specifyexactly what combination of IPv4, IPv6 address and alias is allowed forthe field.Set the appropriate input pattern and hover help text....
Keep the rule type selection after input errors on firewall rule
If the user:a) Edit a firewall ruleb) Select "single host or alias" c) Enter an invalid IP address that is not an aliasd) Press "Save" The error is displayed "1.2.3.999 is not a valid source IP address or alias"...
Use the ntpd "pool" command for more robust timekeeping. Attempting to automatically determine if we are using a pool, and allow it to be set optionally otherwise. Implements #5985
Revert change to row delete button
Revert "Suppress delete button if only one row"
This reverts commit 75ac7cab1dfb3e8148a27a13369bbb08219e8c3a.
Suppress delete button if only one row
Fixed #6916