pfSense

Fix the spamming of warnings about ttyv0 not being available on ARM64 devices.

While here, use a more meaningful name for the function.

Initialized entries variable before use. Fixes #9359

Use only sshguard table for blocking ssh/gui attacks. Issue #9223

Fix output buffering when downloading config backups. Fixes #9390

Update SMART status page with more detail/commands. Implements #9367

Fix more illegal offset errors. Issue #9366

Target the proper loop in switch statements. Issue #9365

Fix some illegal offset errors. Issue #9366

Remove all calls to conf_mount_r[ow]

Update loader.conf when maximumtableentries changes

On Firewall -> Advanced -> Firewall, when maximumtableentries item
changes, make sure /boot/loader.conf is changed accordingly. If the
value is bigger than sysctl net.pf.request_maxcount, then warn user that...

Update translation files

Regenerate pot

Update privileges

Fix OU Name DN entry when creating a user cert. Fixes #9317

Correct syntax error in diag_backup.php. Fixes #9316

Force the <enableserial> on when restoring a backup on a device with serial only console.

Affects multiple devices.

Ticket #1547

Fix limiter selection validation.

Test $sform before use, fixes #9313

Ticket #9308: Replace use of /etc/ca_countries by get_cert_country_codes()

Make get_countr_code() parameter default to 'ALL'

Add back DNS over TLS host verification code. Fixes #8602

Requires Unbound 1.9.0_1 from pfsense/freebsd-ports, which fixes a bug
in Unbound 1.9.0 which did not fully implement OpenSSL 1.0.2 host
validation support. See https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=4206#c5

Add validation and encoding to various firewall advanced values. Issue #9294

Input validation and encoding of IGMP proxy addresses. Issue #9294

Validate NTP GPS type, encode output. Issue #9294

Encode traceroute error message. Issue #9294

Validate submitted interfaces. Issue #9294

Fix input validation of webguiproto. Issue #9294

type cast traffic graph inputs to fix #9072

status.php optimizations. Implements #9290

• Rewrites the command output so it is first written to files, then read through line-by-line to PHP. Should be much more efficient and consume less memory, making the previously "too large" commands viable.
• Increase verboseness of ifconfig output, add supported media...

Fix desc of OpenVPN sync to show that it also syncs certs. Fixes #9283

Packet capture page fixes. Fixes #9239

• Add "None" output level
• Detect large files and refuse to print them in the GUI textarea
• Ensure output buffering is off before doing readfile to avoid PHP
  consuming memory while downloading a large capture.

Init array for 6o4 tunneling Fixes #9264

Allow a trailing dot in a hostname on diag_dns.php. Fixes #9276

Remove links to DNSStuf tools. Fixes #9275

Fix saving IPv6 over IPv4 tunneling NAT setting. Fixes #9264

Update copyright notices to 2019. Happy New Year

Change alias name/pf keyword check to be case insensitive. Fixes #9231

Init filter rules in firewall_nat.php. Fixes #9193

Merge pull request #4019 from GrantSheehan/master

Rework cert keylen/digest validation. Fixes #9180

Fix DigitalOcean DynDNS client

Fixes the check on the return value since it's been updated to use
HTTP/2 syntax. Also adds logic to allow using `@` to denote updating the
root domain A record as well.

Fix array init in setup_wizard.xml. Fixes #9170

Update translation files

Regenerate pot

Do not call interfaces_vlan_configure() every time an interface is edited in GUI.

This is just necessary when a parent interface is changed and we have to propagate the changes to all clones (MTU, FLAGS and others).

Add a logic to detect when a parent interface is changed and only then call interfaces_vlan_configure()....

Make the WF2Q+ the default scheduler for the dummynet limiters.

The WF2Q+ was the default scheduler in previous versions, it is well tested and support dynamic queues.

Add a note for the FIFO scheduler to make clear that it does not support dynamic queues (by design) and as such, it is working as intended....

Allow no username for FreeDNS-v6

Also include that and Digital Ocean in the help text.

Fix #9121: Initialize arrays to prevent PHP 7 errors

Minor fixes related to #9121

Fix #8937: Show hwaddr for LAGG members

Merge pull request #4016 from Augustin-FL/captiveportal-spelling

Merge pull request #4014 from Augustin-FL/captiveportal-blocked-mac

Merge pull request #4004 from NanoCaiordo/js-warnings

Fix few spelling issues
Ticket #9134

Remove obsolete OLSRD code. Implements #9117

Fix #9071: Make sure pkg metadata is updated when repo config changes

Remove unused variable

Simplify logic to remove packages section from backup

Redirect Blocked MAC without requiring credentials if Blocked MAC URL has been entered.

Redmine #9114

Initialize QinQ arrays before use. Fixes #9109

Fix change detection of GUI web server toggles. Fixes #9105

Add checkbox to disable SMTP SSL cert verification. Implements #9001

The default action is to validate the certificate. If the user knows the
server does not have a valid certificate (e.g. self-signed), this option
will allow encryption to be used without validating the identity of the...

Prevent CRL from using too large a lifetime on ARM. Fixes #9098

Improve handling of empty cert tags. Fixes #9099

Prevent log size from being too large, which breaks clog. Fixes #9081

Prevent PHP error when saving log config. Fixes #9095

Update src/usr/local/www/vendor/d3/d3.min.js

Restored d3.min.js

Update translation files

Regenerate pot

Update src/usr/local/www/vendor/d3/d3.min.js

make sure to only pass valid options when supported by the browser

Removed js warnings

Add help text to sshguard whitelist
Reduce delete button size
Change label text to "Add address"

Fix #8864: Let users modify sshguard parameters and whitelist

Array initialization in NAT pages. Fixes #9080

Validate and protect powerd option values. Fixes #9061

Merge pull request #4000 from Augustin-FL/patch-cp-3

Fixes to ssh agent forwarding setting

Restore the RADIUS NAS ID option to Captive Portal. Fixes #8998

Keeps the default of using CaptivePortal-<zonename> when not set,
otherwise uses the value supplied by the user as with older versions.

Implement login fallback for RADIUS MAC authentication

Merge pull request #3996 from Augustin-FL/cp-logout-patch-1

Merge pull request #3993 from ssbarnea/master_ssh_forward

Add help.php entry for AWS VPC wizard.

Wording changes for PTI disable option. Fixes #9026

Only display "you are connected" if :
- Logout popup is disabled and no custom logout page is set
- Logout popup is enabled and logout_id is missing

Added #8976 Allow traffic graph settings to be saved

Init schedules before use. Fixes #9009

Review fix.

Review fixes.

Unify and improve crash report checking. Fixes #8915

Disable display of Diagnostics->AutoConfigBackup menu item if config is restored from pfSense < 2.4.4
Fixed #8959

Add top buttons if table > 24 rows

Enable setting AllowAgentForwarding value

Fixes #8590

Signed-off-by: Sorin Sbarnea <ssbarnea@redhat.com>

Fix German translation error. Also fixed in Zanata

Fixed #9002 - PPPoE Service Name may contain ':'

Avoid creating or parsing a second empty rrddata tag. Fixes #8994

Change the method used by status.php to mask sensitive info.

Also add a few new tags to be masked. See Factory #1170

Issue #8974

ssh settings alignment. Fixes #8974

Remove redundant settings stored in the wrong place
Store all ssh settings in the same place
Initialize this array before use

Merge pull request #3990 from luckman212/draggin-v2

Fix typo