Fix up and enchance the help text for DH parameters, point to the doc wiki for info on how to generate new ones. Also add help text for ECDH Curve. #7063
Fix printing of local/remote host in OpenVPN status for Client Instances. If the client was not connected it was printing a ":" and nothing else in the field which was odd/confusing. Ticket #2766
Fixed #6972I was only able to reproduce tis issue using Chrome, but it should now be resolved
Revert "Theoretical fix for #6972"
This reverts commit 335e63d66ce8af690d1a144d4ec6b385cbe39af4.
Theoretical fix for #6972
Check if array key exist before read its value
Fix indent
Fix up wording of the DUID option.
Merge pull request #3304 from marjohn56/master
Merge pull request #3339 from phil-davis/ovpn
Merge pull request #3334 from phil-davis/patch-2
Merge pull request #3336 from phil-davis/patch-4
Merge pull request #3335 from phil-davis/patch-3
Merge pull request #3322 from phil-davis/pagenames
OpenVPN Client 2.4 save correct protocol
This needs to be fixed the same as vpn_openvpn_server.php
Add OpenVPN ECDH options. Implements #7063
Update OpenVPN protocol preferences to match the new behavior of OpenVPN 2.4. Fixes #7062
Allow OpenVPN DNS servers for clients to be IPv6 as well as IPv4. Implements #7061
Print IPv6 addresses in the widget, too. Ticket #2766
Show IPv6 for static key servers, too. Fixes #2766
Add IPv6 virtual address to SSL/TLS client output, formatting corrections/enhancement for SSL/TLS client and server. Ticket #2766
Update OpenVPN SSL/TLS server status to reflect changes in OpenVPN 2.4. Ticket #2766
Remove redundant gettext() in firewall_rules_edit
The 'helpmsg' here is already translated with gettext() when the 'helpmsg' array entries are set up, so IMHO there is no need to attempt translation again.
firewall_rules_edit whitespace
Fix #7059 Set expected icmptypes format
icmptype is a comma-separated list in the config. When attempting to save, the array in $_POST['icmptype'] needs to be put into this format in $pconfig in case there are input errors and the user-entered data need to be re-displayed for correction.
Standardize privilege name capitalization
While looking at some privilege stuff, I noticed that variouscapitlization looked inconsistent down the list. This makes the listlook more consistent.
Ticket #7054: Remove tun-ipv6 option, deprecated on OpenVPN 2.4.0 and related GUI knobs
Fix IPv4/IPv6 copy paste error in OpenVPN client-specific overrides. Ticket #7053
Merge pull request #3325 from stilez/patch-51
Merge pull request #3139 from stilez/patch-38
Merge pull request #3322 from phil-davis/viewclearnotices
Remove the now unnecessary and commented code.
Ticket #7042
Revert "Instead of ignoring the IP, add it to interface even if we cannot do it with setfirst."
This reverts commit af6248407bae4d476b483dcb3a388744fb74b465.
Not necessary at all.
Pointy hat to: meTicket #7042
capitalise "Any"
Instead of ignoring the IP, add it to interface even if we cannot do it with setfirst.
Only fetch ZFS status if ZFS is loaded. Otherwise it can load it unintentionally on a system that doesn't need it.
Merge pull request #3323 from phil-davis/print_info_box
Changes whuch to which... fat fingers
"Any" moved to top of list in new blank rules
@jim-p wanted this split out from PR 3159 as it wasn't related to that PR.
Puts "any" at the logical place people look for it (top of list not 2/3 down it at random) while ensuring that for new rules default is tcp and extra ports etc fields are visible.
Put print_info_box severity class in quotes
These should be strings in quotes, otherwise PHP looks for them to beconstants and would be issuing notice level "errors" underneath.
Fix variable reference. Ticket #7047
Remove and replace white spaces
Safari doesn't seem to have editing issues (or else they very quickly fixed it). Removed all white spaces and re-entered, hopefully this fixes any incorrect extraneous characters that existed? If not you'll have to let me know where exactly they are.
Put back "any" in same place it came from in dropdown
revert protocol order change (unrelated to PR)
Will pu in separate PR afterwards as requested
Add version and build data to status output. Ticket #7047
Bring status.php up-to-date and add a number of new items as listed on redmine. Fixes #7047
Added: The firewall platform and serial number ARP Table NDP Table Gateway status (See #7046) ZFS disk/pool info gmirror status Limiter info...
Do not output PHP shell starup message unless it is run interactively. Fixes #7045
Add privs to control display of notices
This is a suggested way to allow control of the display and clearing ofnotices. The use case is:1) A user with minimal page privs (e.g. can just change their password,or access a few status pages or...) should not be automatically able to...
Merge pull request #3318 from phil-davis/patch-2
Merge pull request #3319 from phil-davis/patch-3
Change system admin to firewall admin
Remove unused get_notices() from xmlrpc.php
Fix #7043 Do not display crash reporter link when no crash_reporter access
Fix #3454 Do not show Mark All as Read button when no priv
If the user does not have access to index.php then the "Mark All as Read" button for the notices popup does not work for them anyway, so do not show it.This fixes the obvious UI inconsistency - where the user has a button that they press, but it is not effective.
Fix get_notices parameter in xmlrpc.php
This looks to me like the var name here should be $categoryNote: I don't see where this get_notices() inside class pfsense_xmlrpc_server is ever unused anyway - so maybe get_notices() can just be deleted from here?
Allow capturing based on MAC address as well.
Disable "setfirst" line in pfSense-dhclient-script for now. Ticket #7042
Changes as requested
Merge pull request #3300 from plumbeo/disconnect-all
Merge pull request #3307 from blkeller/ignore-client-uids
Merge pull request #3266 from PiBa-NL/IPv6-prefixdelegation-size59
PPTP Remote IP is host or V4
Now that Form_IpAddress() supports a range of types of input, this can be specified as HOSTV4.
Merge pull request #3248 from phil-davis/ipaddressnopattern
Merge pull request #3308 from plumbeo/details-popup
Fix DNS Server Gateway Check
If I enter a DNS server IP address that is on a locally connected network, and choose a gateway for it, this code was supposed to give an error message. But no error was given because $_POST[$dnsgwitem] is actually the name of the gateway, but old line 197 called interface_has_gateway() which was expecting an interface to be passed....
Data sanitation - check IP protocol in form data
Code doesn't seem to check that IP protocol is valid (IPv4/6/4+6) or report via $input_errors[] if not. Simple fix. Only spotted recently. Should be fixed whatever else?
Alternate fix for jim-p's point that seems to resolve everything neatly
@jim-p commented on the PR that:
This change is unwarranted. The protocol default should remain TCP, it is set that way on purpose (otherwise people get confused by the lack of port options being visible). It's also not relevant to the other changes being made on this PR....
improve CSS handling for icmp types (overflow/table)
Minor CSS and formatting improvement to layout for icmp types in rules table. With this change, if several icmp types are specified in the rule, if they won't fit into 2 lines the GUI automatically switches to a scrollable overflow instead, to preserve the table layout. Also underlining is per icmptype so commas etc aren't underlined which is much easier to read
Captive portal: add popup with session details to the active sessions list in the status page
Merge pull request #3309 from phil-davis/dhcp31msg
Captive portal: hide empty MAC column in status page
When MAC filtering is disabled the client MAC address isn't recorded and the relative column is empty. In this case, hide it.
Captive portal: add button to disconnect all users
Add a function to disconnect all logged in users and a button to call it in the captive portal status page.
Modify DHCP Server messages
This should be a regular input form since it is no longer using an IP address class input type.
Customize DHCP Server on interfaces message
Change type of L2TP/PPTP WAN remote address to 'text' as it supports hostnames now, and the 'V4' type rejects them. Fixes #6899
Fix field type for TFTP in DHCP server settings
Fix variable name used to pre-fill the NTP orphan mode field, add placeholder with the default while I'm here. Fixes #7034
changed to text to reflect standard text in other options.
format correction
Added real DUID placeholder, new text and call to new get_duid_from_file() function.
Merge pull request #3306 from phil-davis/ovpndhcp
Add new "Ignore client identifiers" DHCP feature
Exposes the underlying dhcpd configuration option "ignore-client-uids" in the pfSense "Services / DHCP Server" GUI by adding an "Ignore clientidentifiers" checkbox.
As of ISC dhcpd version 4.3.0+, there is a new configuration statement...
Be more forthcoming with errors about ALTQ interfaces in relevant areas of the GUI. In particular, note when there are no capable interfaces assigned. Implements #7032
Typo correct
Fix #7031 Allow interfaces that use DHCP for OpenVPN
even though the interface (or gateway group) has not yet actuallyreceived an IP address.This is useful when setting up a new system that is currently offline.
Fix typo in grouping/$grouping
Captive portal: convert tables to sortable tables
Convert the used vouchers table from the old GET order method to a sortable table, and make the other tables (allowed IPs, hostnames, zones) sortable too.
Text change
Fix "<onchange>" tag processing in package XML handling
Merge pull request #3290 from doktornotor/patch-3
Move the Growl section down to the end of the page, SMTP is the most commonly used section.
Print an error when the given URL cannot be fetched instead of just ignoring it.
Fix an use of an uninitialized variable.
Ticket #4766
Add a warning to notify the use why nothing happens when it tries to click on maintenance mode with the CARP disabled.
User Defined DUID
User may define a DUID to use in System->Advanced->Networking. Theentered DUID is validated for composition and length, if valid it isstored in the config.xml. On call of wan_dhcp6_configure() the DUID iswritten to file to be read by dhcp6c on launch.
Merge pull request #3301 from doktornotor/patch-1
Use empty()
Revert manual changes
Fix display of the number of states in the firewall rules page
For numbers greater than 1000 format_number() returns strings formatted like N.NNN K/M/G/T, that get cut to only the integer part if '%d' is used.
Use sprintf()