Filter properly the know variables in loader.conf.
The know variables should be used as prefix not as literals.
Initialize DHCP settings in setup wizard. Fixes #8889
Rather than assume they are present, create the arrays before use.
Fix a PHP erorr when a CRL has no certificates
Fix typo
Update translation files
Regenerate pot
Fixed #8880
Merge branch 'master' of gitlab.netgate.com:pfsense/pfsense
Revert "Default VTI remote to Address but allow it to change. Fixes #8859"
This reverts commit da54e84ae79328a87b4a319239bb1b14d7ed2ce6.
Prevent a user from selecting VTI for mobile IPsec. Fixes #8877
Changes on the parent interfaces will create new interfaces and the existing VLANs needs to be redone.
Ticket #8527
IPsec VTI requires a manually specified network/address. Issue #8877
Prevent a user from selecting an interface macro like "LAN Network" which cannot be used with VTI since it does not work like traditionalIPsec Phase 2 definitions.
Fix a PHP error when upgrading gateways
Init gateway group array before use. Fixes #8876
Bump version to 2.4.5-DEVELOPMENT and add 2.4.4 RC repository
Fix #8806: Configure captive portal on secondary identical as master HA node
Fix #8721: Call proper filter_configure function from this class
Change status.php to use "ifconfig -v". Implements #8860
Revise async_crypto setting
Default VTI remote to Address but allow it to change. Fixes #8859
Make async_crypto explicit enabled/disabled rather than current isset
Move IPsec VTI interface cleanup list. Fixes #8858
Generate the cleanup list before the P1 loop but after the initialinterface configuration.
Use safe_mkdir() for IPsec dirs. Fixes #8856
Simplifies the process of making IPsec dirs, though it may not correctthe original reported issue since that appears to be a disk problem,it's still better/safer than what was done here before.
Initialize IPsec logging array before use. Fixes #8857
Fix #7694: Replace sshlockout_pf by sshguard
Missing line to fix #8850
Set default new CA/Cert action to Create Internal. Implements #8851
Allow packages to opt out of a forced start. Fixes #8850
If a package performs its own service start during its sync process,then add <starts_on_sync/> to its service definition in the package XMLfile. Then when rc.start_packages is called, the forced start will not...
Fixes #8767 PHP7 syntax error
Fix Minnowboard Turbot model names. SG-2320 -> MBT-2220, SG-2340 -> MBT-4220
fixes #8837 part 2, initialize as array instead of string for PHP7
Bug was fixed in pfsense module and this code is no longer needed so removing.
$wancfg is not a reference to $config. Set $random_mac properly on config and break long lines while here
Revert ticket #1337
FreeBSD is not happy with simple set VLAN to use a different MACaddress. Revert it for now and prevent users to change VLAN interfaceMAC address.
Fix some integer assumptions with calculate_ipv6_delegation_length()
Escape arguments when relinquishing a DHCP lease. Fixes #8843
Fix extra braces
Fixed #8838
Fixed #8837
Add missing break in IpAddress form class. Fixes #8834
Fixed #8812
Perople were misunderstanding "hint" so changed it to "identifier"
PHP7 fixes: Use of undefined constants
Implement #1335:
Let VLANs to have a different MAC address than its parent.
While here also fixes #8138 and do not ignore <spoofmac> for interfaceswithout hwaddr field
Do not let users change QinQ mac address
Remove not used 'Copy my MAC' button code
Merge pull request #3974 from Augustin-FL/patch-passthrough
Merge pull request #3973 from PiBa-NL/20180821-getarraybyref
Fix syntax and use unlink_if_exists()
Merge pull request #3965 from Hobby-Student/master
Fixed #8823
Use ctype_xdigit() instead of is_numeric() to validate hex. Issue #8824
Add the GUI support to set the VLAN Priority for the DHCP requests.
Ticket #7425
Automatically store username of the MAC created pass-through
Fixes #8800 Interfaces will show up in the group edit page even if disabled so they can be removed
Handle HTTP_REFERER better when changing IP addr. Fixes #8822
Fall back to probing active interface addresses rather than config.xml to allow changed addresses that have not yet been applied.
Redact lightsquid pw in status output. Fixes #8819
Add a missed case for auth source detection. Fixes #8817
Add "select all" control to remaining NAT pages
Make config_array_from_str() function more general
Fixed #8803
add getarraybyref() utility function for general use (used also to avoid php7 'Cannot create references to/from string offsets' messages)
Fixed #8803Don't attempt to access $config elements that don't exist. PHP7 doesn't like it
Only show the DHCP6 VLAN Priority settings for VLAN interfaces.
Certs: Fix CA subject assumptions. Fixes #8801
Several areas made assumptions about the number and order of CA subjectfields that were no longer correct after issue #8381 was corrected.
While here, also remove some outdated references to fields that are no...
Declare variable out of loop
Try to run upgrade script 3 times
Fix #8519
- Remove possible leftover sockfile before call pfSense-upgrade- Wait until sockfile exists while process is still running- Make sure to start polling only if process is running and sockfile exists
Remove leftover
Make sure to use string starting at __RC= position
on arm and arm64 machines, set kern.shutdown.secure_halt = 1
the arm systems leave enough running after halt to forward packets.this is a bad thing. on arm systems, set this sysctl so that whena halt command is issued, it is severely stopped and no packet...
Do not use gettext() on default LAN interface name
Add logged in user to Dashboard sysinfo widget. Implements #8817
User login source & proxy fwd addr to user data. Fixes #8813 Fixes #8816
While here, use this info more consistently across log messages andplaces where user info is recorded when making changes.
Fixes #8805 Refresh captive portal zone when vouchers are changed to regenerate captive portal login page
Revise T&C text area height
Fix syntax
Added "select all" controlFixed #8812
Merge pull request #3972 from Augustin-FL/patch-passthrough
Add interface_is_lagg(), improve interface_is_vlan() and make get_parent_interface() work with laggs.
Added PORTAL_MESSAGE to template, fixed some wording and styling
Readded second authentication type to default captiveportal login
Disconnect and remove previous Pass-Through MAC address when both Disable concurrent logins and passthrough MAC addition are enabled
Merge branch 'master' of gitlab.netgate.com:pfSense/pfSense
Updated captive portal to use a template with customizable image uploads
Co-authored-by: Felix Häberle <felixhaeberle@users.noreply.github.com>
Do not blindly unset values that may not exist in OpenVPN wizard. Fixes #8792
Add default ICMPv6 rule for unspecified src per RFC4861. Fixes #8791
Merge pull request #3971 from Augustin-FL/captiveportal
fix failed implode when auth_server2 is empty
Disable OpenVPN compression for new instances by default. Fixes #8788
Also add warning text that cautions against enabling compression.
While here, also add missing "stub-v2" compression mode.
Merge pull request #3970 from Grapsus/master
Fix #8785: Add CDATA to auth_prompt field
Revise setup wizard link
Fixed #8745 by trimming nulls from bridgeif