Improve IPv4 address validation for services_dhcp
The input pattern that goes with Form_IpAddress by default allows for IPv4 and IPv6 valid characters. The back-end validation here is checking for IPv4 addresses, so it seems reasonable that the front-end input pattern checks might as well be restricted to the IPv4 valid characters. Unneeded setPattern have also been removed....
Fix display advanced after input error for system_gateways_edit
Use case:1) Edit a gateway that has no advanced settings (i.e. the Advanced section does not need to open on page load) - that works fine.2) Modify the Gateway IP Address to something invalid like 1:2::z...
Better handle no dhcpv6 leases file
(cherry picked from commit 2355c154b7598f937ba2121429659f5676ce4d96)
Merge pull request #3204 from phil-davis/patch-6
Fix #6872 CP bandwidth 0 is no valid
The front-end validation prevents zero from being entered. "Leave empty" is the way to specify no limit.(cherry picked from commit b7f2ebb5448f7992cceec899504bdd0a29058fb9)
Provide conrol on system.php to allow display of hostname on login banner
(cherry picked from commit a22947a4980a9f8beb294d6bad039495164ff1aa)
Fix #6869 diag_routes resolve names for RELENG_2_3
This code to parse the netstat output and use gethostbyaddr() to reverse resolve names is only needed in RELENG_2_3, so that long names are not truncated. In FreeBSD 10.3 some long resolved names are still being truncated by `netstat`, even though `-W` is specified....
Fix up help text on outbound NAT.
Clarify source port warning when editing a firewall rule.
In the setup wizard, do not change the DHCP range if it is already set inside the new subnet. Otherwise it will overwrite a range set manually from the DHCP settings or the console when the wizard is run later. Fixes #4820
DHCPV6 only check VIPs in range if range valid
If the user has input invalid values into range from and to, then thereis no point checking any IPv6 VIPs to see if they fall in the range.None of them would be "in range" because the specified range is not even...
Allow Hyphens in DHCP NTP Server form validation
Also removes the ability to have underscores `_` in ntp serverFQDNs.
Closes #6806
(cherry picked from commit c68dbfc7580180cd9d47bdbecaeeb6cf835fe210)
Format file_notice alerts in webgui with newline characters as <br/> for easier reading.
(cherry picked from commit 348fae16e4c4735afef619184fba76b97effd875)
lowercasing and sprintf of setHelp(cherry picked from commit 705679339705657832422f5fdc336b5e39d48b79)
label src/dst incorrect - fixed (minor)(cherry picked from commit a309ffa5cc1e8682bb083f9288f73f43a2a9c282)
UI improvement - src port button label and src port help msgs
1. Rename "srcportadv" to "srcporttoggle" - not ideal to have 2 fields both labelled "advanced options". This presentation probably works nicer2. Self-explanatory show/hide button itself doesn't need a label. (If srcports are shown, they will have a label as usual)...
add array index how value for authserver list
(cherry picked from commit db0c1e142c98a6253204d69218557b91a8754337)
Move pfSense-upgrade to FreeBSD-ports
Simplify logic(cherry picked from commit 9a2d3fe1bf9bdad73fbffca44d5c1f02aa9825ae)
Spelling mistake "system_gateways.php"
Fix spelling mistake in "system_gateways.php"
(cherry picked from commit 47180823dc0560801085a227abf512e265363b16)
Remove workarounds to sort extensions.ini since ports tree now has a better solution in place to track PHP modules dependencies
Fix typo: The input field is named source_hash_key
(cherry picked from commit 870b9bc11b993ce8122b448083d29a04bcb30151)
Fixed #6835 by revising Javascript show/hide
(cherry picked from commit 850c3d8b9352e7467beca8502c24ca8d4fbbbd29)
Make serial/UUID bold
Show system platform and serial / UUID
Obscure RADIUS shared secret.
Ensure a mobile P2 is marked as such when saving.
Use wider display for pftop to fill up dead area. Output still looks OK with narrower terminals as well.
Some views were omitting important info at the narrower width
Declare $config as a global in guiconfig.inc csrf_startup() function, to properly respect the timeouts. Ticket #6803
Apply #601 fix to firewall_nat.php
(cherry picked from commit 4b0815f38a8a0f98519ca0c2bff7c81b6464e579)
Fixed #6801
(cherry picked from commit 00098bc80b6f85eb74f2f3bc2b4eb7430614110d)
Do not show certificates in drop-down list that are already contained in this CRL.
Add missing \) and fix syntax
Extra "S" fixed - thanks @rbgarga(cherry picked from commit d20b69c529654f2b5d4adf9ab2bba5116f980c64)
Add OpenVPN key lengths to Wizard - missed in original PRs
Original PRs and rationale:
Sanitize 'zone' parameter on CP pages
Show a little more key info in main info table
Prepare pfSense-upgrade to work with new major OS upgrade
Add 'now' parameter do do_reboot() to force it to happen immediately
Make pkg_lock() and pkg_unlock() work with wildcards
Merge pull request #3137 from NOYB/Secure_SMTP_Connection_Modes_-_Mutually_Exclusive
Correct indentation.
Fixed #6786 by making table sortable
(cherry picked from commit e846d7f882d57331d7ead5fcf593e7e4daf7e247)
Simplify icmp conversion
pprior code "converts" every icmp type - of which only 3 actually get changed (rest keep same value anyhow!). If also uses a SWITCH {} construct rather than lookup + foreach, which is longer and less efficient.(cherry picked from commit 0ce1667bc6fe80ef8e6b4d0d6d38d9859d5f4d94)
Improve handling of source-hash key
- Store the source-hash key in its own config field.- Validate the provided source-hash key. Check that hex string input is of the form "0x" followed by 32 hexadecimal digits. Any other string not starting with "0x" is hashed using md5 and stored as "0x" followed...
Add field to specify source-hash key
The source-hash pool option uses a hash of the source address todetermine the translation address. This hashing algorithm is also fed akey, which unless specified defaults to a random value. This randomvalue is then generated each time pf is reloaded....
Merged #2975
Fixed #6788 by clearing only the first label in the cloned row
(cherry picked from commit d38d215d1d9429d3a1a15708f92b14cf3a15b247)
Secure SMTP Connection Modes - Mutually Exclusive
Secure SMTP Connection modes are mutually exclusive. Select only one.
Code style changes
(cherry picked from commit b2836666a8e7fc021ea750fafc8fc6e8097d52ff)
Allow packages to request syslogd log socket to be created inside chroot by specifying it in /package/logging/logsocket element. Implements #4898.
Example:<package> <logging> <logsocket>/var/appname/var/run/log</logsocket> </logging>...
dnsresolver, make interface boxes resizable, to allow for easier picking/checking of multiple selected interfaces
(cherry picked from commit 57625777c88603f1d2ca55cc981c5ec538c3770f)
Fix diag_dns regressions
After testing diag_dns behaviour some regressions have been noticed.
1) Looking up ipv6.google.com (it only has AAAA records) doesn't work - gethostbyname() only supports v4, ipv6.google.com only has v6 - this bug was recently and inadvertently introduced...
Remove empty concatenation.
(cherry picked from commit a25c797a44e5cd2480947eb5ae427dcb8e0c031c)
Check IP Services - Info Box
Change warning box with dismissal to collapsible info box.
(cherry picked from commit 6f3ac947b2a83f18ade12ad9876fb8d75a9ff3a2)
Fix up/catch up remote syslog areas. Fixes #6780
Remove some more dangling PPTP bits.
Fix description of the VPN remote log setting
Move copyright from ESF to Netgate
Revert "Remove unused file browser.php"
This reverts commit 48ffade7502839380cc6046187e0c1447723d67a.
Remove unused file browser.php
css: Fix jQuery UI widgets' font
Use the main font with jQuery UI widgets (e.g. autocomplete forms)
(cherry picked from commit e540a9d774f5dfcdd18bf51529932f79f78374a0)
[theme] Compact-RED: improve hovered table rows visibility(cherry picked from commit e5bc38d21b6ac6c419758ecab7b31f7c06a5c53d)
[theme] Compact-RED: compact panel titles
(cherry picked from commit 953a88a4482e72764ba6ab7ed9f0ce2b21748506)
[theme] Compact-RED: make drop-down menus not too "compact"
and improve hovered element visibility
(cherry picked from commit b8916dccad084ffaa4b402c535f4047fb7a51f3c)
[theme] Compact-RED: get rid of anti-aliased fonts
(cherry picked from commit 9e1208e5833a81c05f86db31078b0fe6901b70ac)
Obscured password field in system_authservers.php bind sectionFixed #6759
(cherry picked from commit 1c1f08f92e8841f7282280caeed7613edd810453)
Merge pull request #3071 from phil-davis/Check_IP_Services
Call services_dhcpd_configure with the right parameter
Previously code segment for v4 would call both v4 and v6. Fixed to call v4 and v6 where appropriate.
(cherry picked from commit 6756052b595b470ce064a44095ec12ce5abe789c)
Uniformize memory limits and remove old code (revised)
1) Allow setting a memory_limit up to 768M (Suhosin)2) Remove old workarounds. Memory limits on config.inc will be new defaults
(cherry picked from commit 7edcc54b2e9d1de51d5e6d0aedade89bc2cf0699)
Fix diag_dns ipaddr set to use in IP WHOIS and IP Info
- Do not call resolve_host_addresses() when hostname cannot be resolved by gethostbyname(). The old check was considering gethostbyname would return NULL in this case but it returns a string with the hostname...
Removed unused variable $hostname
Input boxes with setPattern validation should not contain escape characters as they are already properly considered 'lists of characters' even when not escaped.
(cherry picked from commit 8ea3fd0569ac2b1681de5ba3fbc2a2cc20981ad6)
Outbound nat overview, show alias popup and edit options on source and destination, for both the address and port.
(cherry picked from commit d98e54b215a7798aa0cd9d8432340d6e6df762f5)
-resolved syntax error(cherry picked from commit 0a6ab475d80b580b09fefaf3ca346b08ec6a23c9)
change traffic graphs to use d3.js
add visibility js
Clean up the text on diag_sockets.php. Fixes #6708
Clarify language on diag_tables.php. Fixes #6713
Use -l with traceroute6 to show both IP Addresses and Hostnames when resolving hops. Add note about max ttl/hop limit in source comment. Fixes #6715
Add output encoding to diag_dns.php for results returned from DNS. Fixes #6737
Fixed #6711
(cherry picked from commit ca3dc6c9ac6b6045430779f407a31ed620f5a32d)
Fixed #6732
(cherry picked from commit e73770057872aa1f78dfff885f89916e446e2e4c)
Fix syntax error on openvpn.widget.php
(cherry picked from commit 516e609ccb7a39fb27f52a69f11eee68f86974df)
Text typos in openvpn.widget.php(cherry picked from commit 8da4847472e03195aeb73a1acedbc27f8af520d1)
Revise widget refresh timing
(cherry picked from commit 134ee13df54280441c25b047b406628eeebbb8db)
Added control to set dashboard widget refresh periodStart each widget refresh system after a short random delay to prevent all widgets hitting the server at the exactsame timeFix issues wherein two widgets were resetting the refresh timer from the AJAX call, not the call-back function, thereby risking stepping on themselves...
Completed #6723\by making the OpenVPN widget update dynamically
(cherry picked from commit f30e6bd49c773de28b5ec143add30fc900e7874d)
Add an option to push "block-outside-dns" to clients of an RA OpenVPN. Fixes #6719
diag-edit.php: Perform "Goto line #" action on pressing enter key within the line number element
(cherry picked from commit 86e94becbec130f9eeca5bc94b497ec1167a640a)
Fix messup caused by 9d3e872
(cherry picked from commit d5b993fc310147d68bc3c3654a512b0ac981ecd2)
Tidy up filenames
Make sure the filenames represent the actual file
(cherry picked from commit 6173d1f5a5ed50b8c8a8523b1eb6824f7c9c1ae6)
Code style and comments
No functional change - just making style consistent
(cherry picked from commit 9d3e8723171c727cf43338bd8e95ab2bb7e6a66c)
Improved solution to #6716
(cherry picked from commit 0ed3b15981b4451efb11839d6ee7b9acf1ed1d84)
Fixed #6716
(cherry picked from commit 4d4782fcd7213b5f279cb372853f5fedb07f6178)
Fixed #6700
(cherry picked from commit 40eca7e3a8abdff768e29e310ba945e74fdcfe17)
Fixed #6710
(cherry picked from commit 13b92290e0fa367a76016a15ccf5e76ff77b0706)
Fixed #6709
(cherry picked from commit 3726918df1dc4744bb7ea694ec5c8f40de59d856)
Fixed #6703
(cherry picked from commit e5343844c6de78feafae9e601b25bdf31f114a50)