pfSense

Show Unbound used certificate on the Certificate Manager page. Fixes #11678

Note says that gateway or failover gatewaygroup are valid options #11164

OpenVPN Cisco AVPair {clientipv6} template. Implements #11596

Fix #11760: Make sure log file exist

Prevent PHP complaining about log file not found and create an empty
file when it doesn't exist. In this case return code will not be read
and it will not break the loop, trying one more time.

Firewall Schedules edit fix. Issue #11747

Upgrade: Improve information when it fails

Since first version after pfSense-upgrade, pkg_mgr_install.php waits for
pkg socket to start presenting information to users. This socket is
responsible for providing needed data to make progress bar to work.

When socket never shows up, usually because pfSense-upgrade aborted...

Display a suitable message in the textarea if the update process aborts for any reason. Tighten up timing so that update attempts that complete very quickly are not missed.

Find IPsec IKEv1 SAs widget fix. Issue #11435

Update translation files

Regenerate pot

Regenerate pot

Remove WireGuard support

Out of an abundance of caution while we investigate the claims about
WireGuard in public, we need to remove it from pfSense Plus and CE in
order to shield customers from potential risk.

Fix user cert parameters when creating user+cert. Fixes #11705

Fixed #11702 by revising ramdisk code

Merge pull request #4503 from nraven777/patch-1

set_curlproxy() fixes. Issue #11476

Finish refactoring firewall_NAT* for MVC

Reject IPv4-mapped IPv6 addresses on Mobile IPsec DNS server input validation. Fixes #11446

Change OpenVPN auth to php-cgi for the time being. Fixes #4521

Refine help/error text for system domain. Fixes #11658

IPsec IKEv1 mixed Phase 2 IP protocols support. Issue #11643

OpenVPN auth sources strlen validation. Issue #11104

route_del() optimization. Issue #11475

Reverse x509 escape cert subjects on renewal page. Fixes #11654

Revise firewall_nat_edit for MVC

Remove obsolete vars for MVC

Revise firewall_nat.php for MVC

Typo fix. Issue #11624

Rework WOL page a bit. Fixes #11616

• Eliminate duplicate code
• Fix output encoding
• Additional validation
• Use POST when waking all devices

Move custom IPSEC NAT-T port settings to Advanced Options. Todo #11518

Set explicit-exit-notify to 1 for new OpenVPN Client instances. Implements #11521

OpenVPN data-ciphers option length validation. Issue #11559

OpenVPN ncp_enable checkbox fix. Issue #11554

WPA Enterprise PAP inner method support. Issue #2400

Show changed NAT timeouts on the system_advanced_firewall page. Issue #11565

CaptivePortal: Redirect back to Login Page on Logout

Currently (i.e when a custom logout page is present) when a user clicks on logout , a window with the logout message is shown which closes automatically after a few seconds , this is both visually unappealing and can close the browser if the user only has the pfsense logout tab open , it therefore would be a good move to redirect the user back to the login page when they click on logout....

Use set_curlproxy() function for cURL proxy configuration. Issue #11476

System Information widget fix. Issue #11443

Allow to use OpenVPN provided DNS servers. Implements #11140

WPA Enterprise (PEAP/TLS/TTLS) client mode. Feature #2400

Merge pull request #4491 from dsmackie/issue-9887

Merge pull request #4500 from bitscher/master

Fix IPsec connect/disconnect for all tunnels. Fixes #11486

Fixed #11464 by adding proxy configuration to web service calls

Merge branch 'master' into master

Revised firewall_virtual_ip_edit for MVC

Fix broken help link.

firewall_virtual_ip refactored fro MVC

Refactored system_advanced_misc for MVC

Show switch tagging ports on status_interfaces page. Implements #10804

Replace HTTP links to HTTPS. Implemets #11228

Hide MAC address field for pseudo-interfaces. Issue #11387

Authentication Servers copy button. Feature #11390

aliasmod shell script. Implements #11380

Set correct TCP MSS for IPv6. Fixes #11409

L2TP VPN MTU option. Feature #11406

Display negotiated cipher on Status / OpenVPN page. Implements #7077

Hide Shared Key field on OpenVPN client page in SSL/TLS mode. Fixes #11382

Mythic-Beasts.com DynDNS provider support. Implements #7842

RADIUS Advanced parameters. Feature #11211

Show gateway groups in OpenVPN Wizard. Fixes #11141

Randomize ACB cron minutes. Implements #10811

Do not restart unchanged services on XMLRPC sync. Fixes #11082

Improve the handling of crypto offload hardware.

Remove support to deprecated hardware.

Task: #11426

Find IPsec IKE SAs by their full name. Issue #11435

Find IPsec IKE SAs by their full name. Issue #11435

Revised system_advanced_notificaions for MVC

Merged system_advanced_network for MVC

Fix hnaltqenable setting

Split system_admin.inc into separate files per tab

Completed networking section, subject to testing

Add IPv6 support for Gandi LiveDNS dynamic DNS handler

• Simplify the use of the LiveDNS API by using another API call that
  handles both creating and updating for a given name and record type
  instead of the former two step operation that was fetching the whole...

Revised system_advanced_notifications for MVC

Fix WireGuard add/next name behavior. Fixes #11407

• No need to set index when creating a new entry
• WireGuard interface name label was assuming array index=wg if name
  which was incorrect

Revert copyright symbols

Add option to set IPsec filtering mode. Implements #11395

User can choose between filtering enc (tunnel+VTI) or filtering on
assigned VTI interface tabs (VTI only, drops all tunnel mode traffic).
See https://redmine.pfsense.org/issues/11395 for details.

Revert "Refactor system_advanced_misc for MVC"

This reverts commit c33b0ab6c2fcd4c9786d1b5e7903c01fa1fafa7d.

Refactor system_advanced_misc for MVC

Add registered trdemark symbol where appropriate

Check RA service on interface IPv6 type change. Fixes #11367

OpenVPN User Auth fix. Issue #11368

OpenVPN input validation fix. Issue #11362

Fixed #11328 by fixing jQuery and error when 'protocol' is undefined

Captive Portal custom logo fix. Issue #11360

Refactored system_advanced_* pages for MVC

Sanitize PKCS11 PIN from swanctl.conf. Issue #11348

Sanitize securiteinfo_id. Issue #11344

Sanitize DHCP DDNS keys. Issue #11342

Sanitize WireGuard PresharedKey from config. Fixes #11341

Issue #11340
Hide WireGuard interfaces on DHCP/DHCPv6 Relay pages,
Hide mediaopt field for WireGuard interfaces on interfaces.php page

Hide TLS keydir for p2p openvpn mode. Issue #11336

Clarify that Peer WireGuard Address can be multiple addrs.

Update vpn_wg_edit.php

• Text edits
• Formatting
• Remove debug console.log()

OpenVPN Server page fields hide fix. #11272

WireGuard: Make pubkey read only, populate automatically. Fixes #11322

While here, add a link to copy the public key to the clipboard.

Merge branch 'viktor/pfSense-ipsecmobileinperror'

Mobile IPsec certificate validation. Issue #11319

Fix PHP error in Mobile IPsec validation if Group Auth is selected. Fixes #11212

Update OpenVPN Wizard to match current server options. Fixes #10919

Fix WG Keep Alive field variable name. Fixes #11288