Change alias name/pf keyword check to be case insensitive. Fixes #9231
(cherry picked from commit 2c5d3b1e5002598cb799a182ccc1d6e66d3aac5d)
Init filter rules in firewall_nat.php. Fixes #9193
(cherry picked from commit 701728c0778cbb4ccf95ebfad30bf56339d1a7e3)
Fix DigitalOcean DynDNS client
Fixes the check on the return value since it's been updated to useHTTP/2 syntax. Also adds logic to allow using `@` to denote updating theroot domain A record as well.
(cherry picked from commit 5878d529949aafef165acdce8e7daae234c9d2c4)
Minor fixes related to #9121
(cherry picked from commit 6f9729c0a53be67ced6d52e6e33dba6b237083ab)
Remove obsolete OLSRD code. Implements #9117
(cherry picked from commit 592bec817f152a7536572a675079776138827cc8)
Rework cert keylen/digest validation. Fixes #9180
(cherry picked from commit ed76624bf01c0d1718d427919145bf4e5f949264)
Fix array init in setup_wizard.xml. Fixes #9170
(cherry picked from commit f5f79fcc24241f0a76f6a7fe9b32917bee64e393)
Update translation files
Regenerate pot
Do not call interfaces_vlan_configure() every time an interface is edited in GUI.
This is just necessary when a parent interface is changed and we have to propagate the changes to all clones (MTU, FLAGS and others).
Add a logic to detect when a parent interface is changed and only then call interfaces_vlan_configure()....
Make the WF2Q+ the default scheduler for the dummynet limiters.
The WF2Q+ was the default scheduler in previous versions, it is well tested and support dynamic queues.
Add a note for the FIFO scheduler to make clear that it does not support dynamic queues (by design) and as such, it is working as intended....
Allow no username for FreeDNS-v6
Also include that and Digital Ocean in the help text.
(cherry picked from commit 92c39e9b923792a58b56323a7e2fb46f608b447f)
Fix #9121: Initialize arrays to prevent PHP 7 errors
Fix #8937: Show hwaddr for LAGG members
Fix few spelling issuesTicket #9134
(cherry picked from commit 85a8f9b0ce0d0fac6f361bc5dfd09c67607020f1)
Redirect Blocked MAC without requiring credentials if Blocked MAC URL has been entered.
Redmine #9114
(cherry picked from commit 83a6f504d6eb4d1925c4745a6457805fbbe308d9)
Update src/usr/local/www/vendor/d3/d3.min.js
Restored d3.min.js
(cherry picked from commit 2dd0ba04705396981dfc6d75ec6910799ba8846d)
make sure to only pass valid options when supported by the browser
(cherry picked from commit 125ae17e59a54c2315c68336a02bf45a7820bf5b)
Removed js warnings
(cherry picked from commit 36742b464a1b4449e52cbd0b539fece507a3b23e)
Fix #9071: Make sure pkg metadata is updated when repo config changes
Remove unused variable
Simplify logic to remove packages section from backup
Initialize QinQ arrays before use. Fixes #9109
(cherry picked from commit 439d9beba0213c96281d8ff6b09ccb8136b1a0aa)
Fix change detection of GUI web server toggles. Fixes #9105
(cherry picked from commit 8207fac69158ad4a56deab4a4b4f6f4c3c361b81)
Add checkbox to disable SMTP SSL cert verification. Implements #9001
The default action is to validate the certificate. If the user knows theserver does not have a valid certificate (e.g. self-signed), this optionwill allow encryption to be used without validating the identity of the...
Prevent CRL from using too large a lifetime on ARM. Fixes #9098
(cherry picked from commit 9aa8f6a864905c0e3738c337a51f0772b0c5eb93)
Improve handling of empty cert tags. Fixes #9099
(cherry picked from commit ca4456b95c53e89cf6b428a999ae15367b753073)
Prevent log size from being too large, which breaks clog. Fixes #9081
(cherry picked from commit 8bd36425b4bc46e5bbcc940a4d20bfbb2a0011ba)
Prevent PHP error when saving log config. Fixes #9095
(cherry picked from commit 4c4e294b0f1523827fa21066521674a435c8f670)
Add help text to sshguard whitelistReduce delete button sizeChange label text to "Add address"
(cherry picked from commit 5514e368421171482e3e5b945f4c999cc0153fa8)
Fix #8864: Let users modify sshguard parameters and whitelist
Array initialization in NAT pages. Fixes #9080
(cherry picked from commit 42ad3b8b51e12b9e4c89b94e2a191495318f42dc)
Validate and protect powerd option values. Fixes #9061
(cherry picked from commit 3be699295e5cb7be24cc5361700be1a8b759e26c)
Implement login fallback for RADIUS MAC authentication
(cherry picked from commit 774ff51ba07f944a39fdc6859ec7d258b95315bf)
Simplify schedule validation
(cherry picked from commit bb7cabdb20e7bad06263d5b3888c71415d6861c1)
Added #8976 Allow traffic graph settings to be saved
(cherry picked from commit dd8a6d75e7a7cadc9a182c0306e8d04799a63338)
Disable display of Diagnostics->AutoConfigBackup menu item if config is restored from pfSense < 2.4.4Fixed #8959
(cherry picked from commit 245bfa559b5d8ebcb13b21feceaa58257ee194da)
Add top buttons if table > 24 rows
(cherry picked from commit e7299fd8c5ad6998aab372dc40f033f1dcb8d605)
Fix German translation error. Also fixed in Zanata
(cherry picked from commit 84dc4a557c911d0a53a861d66021ff7f65400e87)
Fixed #9002 - PPPoE Service Name may contain ':'
(cherry picked from commit dac4cd09699bdafa5bcf1cf7b699438e5f669b26)
Fix typo in error msg
(cherry picked from commit c921665902c0a0bccd2376437a1ab1118009f86f)
Default ACB schedule to every day at midnight
(cherry picked from commit ebbc9e97a62464650684033df7f9cd7c3d32e609)
Fixes #8949 Looks like there was 2 variable names for the same variable shownetboot and netboot. It now just uses the variable name netboot
(cherry picked from commit e46ea2c60986c62371966025ab3068466217fefa)
Added scheduled config backupFixed: #8947
(cherry picked from commit a1aa91dec887ba929be08c993170803396a669b2)
Fixes to ssh agent forwarding setting
(cherry picked from commit 8cc841364132b4fcf24bb314e8f746b01619d54d)
Restore the RADIUS NAS ID option to Captive Portal. Fixes #8998
Keeps the default of using CaptivePortal-<zonename> when not set,otherwise uses the value supplied by the user as with older versions.
(cherry picked from commit b1cc8f3143f7253bb3acdcdf8c18f9effaf3bce5)
Only display "you are connected" if :- Logout popup is disabled and no custom logout page is set- Logout popup is enabled and logout_id is missing
(cherry picked from commit c857583bb95d6d787b3334e5775cfd7921d547fb)
Review fix.
(cherry picked from commit 8b6aae09e9f4607fc27066dff7a8f58c568f61f9)
Review fixes.
(cherry picked from commit 0aa2f5f07ba64c3122b5f01656de3e7b0a673492)
Enable setting AllowAgentForwarding value
Fixes #8590
Signed-off-by: Sorin Sbarnea <ssbarnea@redhat.com>(cherry picked from commit 1d835d945349d3c7b65c88155948e607bcbfdf76)
Add help.php entry for AWS VPC wizard.
(cherry picked from commit 0123cb3202c19fd8ad288545720e3b5e6e56a0f6)
Wording changes for PTI disable option. Fixes #9026
(cherry picked from commit 2ba7026de2c08450fa40d5694f44cbe46a2262e2)
Init schedules before use. Fixes #9009
(cherry picked from commit 4c3669ea8a9acf4657cd84e0ae22fb8809302756)
Unify and improve crash report checking. Fixes #8915
(cherry picked from commit 6e150fc0d022d231c7dc243ba68f4784f58973d5)
Avoid creating or parsing a second empty rrddata tag. Fixes #8994
(cherry picked from commit 9386784480f27d6b04ebf013f691522130a7f013)
Change the method used by status.php to mask sensitive info.
Also add a few new tags to be masked. See Factory #1170
(cherry picked from commit 9858a361b81daa9465e61a93c205bfd9811e9f3a)
Issue #8974
(cherry picked from commit 32a7f1612b79ad04cc252d0a5e217c857b00024d)
ssh settings alignment. Fixes #8974
Remove redundant settings stored in the wrong placeStore all ssh settings in the same placeInitialize this array before use
(cherry picked from commit ec439957ce0f70778d89f57eba9553e2afba874a)
gettext on strings
(cherry picked from commit 988b786d0bc8753a7427aaa693effd6018658770)
don't show drag message if roworderdragging is disabled
(cherry picked from commit fd4dc22e73a43c644e8972923c98abb86a27889c)
Fix typo
(cherry picked from commit f31ef5aa0e777c236fb175778e63b9e26a9d2627)
Init dnsmasq arrays before referencing. Fixes #8967
(cherry picked from commit 651b4dcb4ed2dc1404cd532a2a53190e77cbcbc4)
default to the lan interface on WOL page, unless another if issubmitted in the form data.
(cherry picked from commit c818076d474c45d5da283d20baab6f8a0d67a540)
Removed duplicate line :/
(cherry picked from commit 2e49073226a9795667c79c9f09f0111895b4f2be)
Properly restrict a network when default is open.
Effectively override any default setting.
(cherry picked from commit c2d8c3c8e3e21540f093f69d2ccba6020bc413d0)
Removed is_ipaddr() as ip_in_subnet() does it already.
(cherry picked from commit e0f12d6bfd604c79ac9bf8f7dce5daa68b8c0d1a)
Fixed NTP status page not honouring NTP ACLs
Reported in redmine https://redmine.pfsense.org/issues/7609
(cherry picked from commit d73918f2a241f5b072a8b9fd2e29b82ad0a16ec1)
Fix JSON encoding of gw/gwg params for firewall rule gw list. Fixes #8962
(cherry picked from commit 157aff9e256aa235ba68ccc2168c61fc61e90072)
Fix a display bug in status_gateways.phpThis bug causes the Monitor IP to appear even when a gatewayis unmonitored. The monitor IP from the last gateway in the listto have one will simply get repeated. This patch fixes that bug,and also cleans up a few other things- unused variables, gets...
Underscores never hurt nobodyAlso, i18n
(cherry picked from commit 42c059894a4a521415c35dc048952658f61fad65)
Fix redirect back to user mgmt when editing user 0. Fixes #8920
(cherry picked from commit e2f60597df488cf073d14913d8a523cbb447f733)
Initialize DHCP settings before use. Fixes #8919
(cherry picked from commit 124ca365049368460598621f962ad0b4f5459d7a)
Don't allow deletion when spoofing another userkey
(cherry picked from commit 3fd4f32c344573addea1dbb44dddef63b0e793e3)
Fixed #8901
(cherry picked from commit d33560e8dcba496a553f33c50113877778c3274b)
Fix dashboard update check & gitsync settings. Fixes #8913
(cherry picked from commit 26e1525c153a672457a92d65f9c05d45b43a204d)
Fix #8911: Keep configured pkg repository when restoring config
small change to fixup https://redmine.pfsense.org/issues/8851without this, clicking edit on existing CA goes to wrong screenand breaks Save button
(cherry picked from commit 3319f34dfdec8e09c7b561a0689610c9a4ca3ee2)
Init syslog settings before using the array. Fixes #8905
(cherry picked from commit 508c66ace779a6021b217d055b53587fdb021fec)
Initialize DHCP settings in setup wizard. Fixes #8889
Rather than assume they are present, create the arrays before use.
(cherry picked from commit 7c15c19d76eac725c42133012488cb97e4dcd885)
Fix a PHP erorr when a CRL has no certificates
(cherry picked from commit d9064f0b92452daeaf0cb7f0a0e74561f246ed5b)
(cherry picked from commit 3b55fc639cdea2be20d55113055fd511ba193866)
Revert "Default VTI remote to Address but allow it to change. Fixes #8859"
This reverts commit da54e84ae79328a87b4a319239bb1b14d7ed2ce6.
Prevent a user from selecting VTI for mobile IPsec. Fixes #8877
(cherry picked from commit 885cf6a751f076f43fa89167ba2a79f779244f1b)
Changes on the parent interfaces will create new interfaces and the existing VLANs needs to be redone.
Ticket #8527
(cherry picked from commit 6fd6b8536b80316caf0f3b9221ed6af0b3453571)
IPsec VTI requires a manually specified network/address. Issue #8877
Prevent a user from selecting an interface macro like "LAN Network" which cannot be used with VTI since it does not work like traditionalIPsec Phase 2 definitions.
(cherry picked from commit 02af14942872567362f1761f06a1d754080da074)
Init gateway group array before use. Fixes #8876
(cherry picked from commit b54a1af45c5add4e57253bfa0b562dadf3ae10f7)
Welcome pfSense 2.4.4-RC
Fix #8806: Configure captive portal on secondary identical as master HA node
Fix #8721: Call proper filter_configure function from this class
Change status.php to use "ifconfig -v". Implements #8860
Default VTI remote to Address but allow it to change. Fixes #8859
Make async_crypto explicit enabled/disabled rather than current isset
Initialize IPsec logging array before use. Fixes #8857
Fix #7694: Replace sshlockout_pf by sshguard
Set default new CA/Cert action to Create Internal. Implements #8851
Fixes #8767 PHP7 syntax error