escapeshellarg()
(cherry picked from commit e43f0619b0f0937689ad78c023dfe077b1f84a10)
more readable
(cherry picked from commit c1c375e6fab9b334af8c290912324bf6aa42591b)
full cmd: route delete $fml $tgt $gw
(cherry picked from commit 3e20d17562406d1735720fe6b083e702cfc43de3)
Revise jquery/jquery-ui in csrf_error page, which needs its own copy
(cherry picked from commit fb249aefa378172d6c246e62d15a8da40d80c5b6)
Correct jQuery include
(cherry picked from commit bb31e48e2c1eea6a7a3925f5398bce17c19f3af4)
Renamed jQuery-ui files for consistency with jQuery naming
(cherry picked from commit b1a3d89a0278ff16c270b86fca8621e5457c05fd)
Fixed #9407
(cherry picked from commit df4262d0e1d8d460ba93b9fcde16476306ee21f6)
Fix #9873: Use pkg-static
When pkg repo points to a new major version pkg is updated, usepkg-static binary to check PHP version and make sure the command works
Don't dedup DNS from dyn sources if override is disabled. Fixes #9963
(cherry picked from commit f829d7e2967d170f09756937e9076e87d5f9e2d7)
traffic-graphs, don't stop drawing graphs when a interface is disabled
(cherry picked from commit 176c7256bd1b13f401c554faae4a6ed55950682a)
simplify queue stats parser
(cherry picked from commit 5a0f6513bfe2ba1da87505dbb7b97c6b4479bf34)
support variable value length in queue stats parser
(cherry picked from commit e5deede539e4164256e5243b22f3ee963fc35ea7)
"don't" -> "doesn't" (typo fix for help text)
(cherry picked from commit 9d6adc62d78f7c0e6dcb6865edf5fb3ca60db1b0)
Search filter log by tracker ID. Implements #8703
(cherry picked from commit 6270bfe22ce283cca18855c5e79a1f4714505177)
Fix UPnP status when using an alternate interface address. Fixes #9961
(cherry picked from commit a8183b25c6bab388206f18acf679d96cd8b60f0e)
OpenVPN server cert default lifetime 825 days
(cherry picked from commit c576842887ac696dd5faf9d86d5447538d316069)
status_ipsec.php improvements
Add packages to version string to support composite update
(cherry picked from commit 725c8134d390eefb4bb258893a27a278176158ac)
Fix is_set/isset
(cherry picked from commit cb442cfa7406e561761a52c826c9c58e7a4ee2bc)
Fix #6846: Properly detect Super Micro C2558/C2758
(cherry picked from commit 4de6f04d5f4eb69e9293dad6f47ce66f7d3baec1)
Add RFC 8031 Group 31 to IPsec. Implements #9531
(cherry picked from commit 4fc267484e604509b072b398642f19cb6797ef21)
Bump version to 2.4.5
Typo fix
(cherry picked from commit 463d5d11726084575b166dffe4b85164b2f5a5c3)
Switch default NTP pool server. Fixes #9931
2.<x> pools contain both IPv4 and IPv6 hosts.
(cherry picked from commit ae132b611439c15003578e38ec338a60eb9ed904)
Make hostname optional for for DNS-O-Matic.This resolves ticket #7601.
(cherry picked from commit 1ccc327f0014d74de501a066df556add28c38e78)
Enforce limiter delay 0<=x<=10000. Fixes #9921
(cherry picked from commit 8afa74bb099d75962a5efb8a603981c0249f91a0)
Add OpenVPN Keepalive/Ping/Inactive input validation. Fixes #3473
(cherry picked from commit 4a5875a1771d286aee1c1e90d7f45991f9892a68)
CDATA escape more auth-related fields. Fixes #9327
(cherry picked from commit 327ad811aa5f965ba805ea78f879c759ca0fdafa)
Correct VTI IPv6 test and syntax. Fixes #9801
(cherry picked from commit 1d9fbb716543110ac245e2749f8c06fc77480a77)
Hide OpenVPN 'interface' when multihome is selected. Fixes #7840
(cherry picked from commit 5a9dc1dc278c6c537bfd5289125607117ceb99df)
OpenVPN page sorting tweaks
(cherry picked from commit 41025f6094ed34406cdf23097656ea7cae4483ae)
OpenVPN status page sent/recv bytes sorting changes. Fixes #7359
(cherry picked from commit f467ea24cb3c3a98b370c2427ff1aa53d25f14a1)
Add copy action to OpenVPN pages. Implements #5851
Added to Server, Client, and Client-Specific Override pages
(cherry picked from commit d86c28bc833cdeb8eb90525d930ff81fa3738cc9)
Change interface disconnect/release button to 'danger'. Fixes #9911
While here, add the interface name to the button text.
Net effect is a confirmation box to ensure the user wants to take thataction, which could be disruptive.
(cherry picked from commit cca21e50e2f97afe09709249975b3adf331fcf9f)
Fix #7791: strings binary can be useful for troubleshooting
Test DNS Hostnames separtely from GWs when storing new values. Fixes #9898
(cherry picked from commit 0d192133299b02efcb1db8f72bdce85a32a96631)
Fix #3743: Allow OpenVPN keepalive configuration
- Remove hardcoded 'keepalive 10 60' configuration- Added 'inactive seconds' option- Let user configure 'keepalive interval timeout'. It defaults to 10 60 as it was hardcoded until now- Let user define ping and chose between ping-exit or ping-restart...
Show DNS server help when server list is empty
(cherry picked from commit 05025e63edf9f85b679de8f99d38d6600e8ad5e3)
Allow packet capture to match IPv4+IPv6 CARP. Fixes #9867
(cherry picked from commit b86891b1d5d62d30bc8f1bf3a7fdfee7030ed82b)
Add clientAuth EKU to Server type certificates. Fixes #9868
(cherry picked from commit 46869dd2b5ebf32e8297d65f98444fb38d314336)
Suppress errors from touch when marking GW down. Fixes #9851
(cherry picked from commit 83794361b7135aaef4e47b35bd27df7da6ce023c)
Fix #9612: Run fsck -z once during upgrade
(cherry picked from commit 7373049764f144b2ea7c891bd60760ab64b41160)
Only redirects the user to the default page if no specific page page was set in the querystring
(cherry picked from commit 57b2f31714a77d86e51e09758e20da372c224826)
making sure my tabs align with upstream
(cherry picked from commit 7e114786e63619aaf803a5db33c55a92e2b34123)
adjust GEOM rebuild notifications to only notify the user when raid rebuild hits 25% increments
When a geom rebuild is occurring, this script by default notices that the device status has changed every time the rebuild hits a new percentage.This results in a user getting 100 separate notifications (emails) every time a new percentage ticks....
Add search/filter to DHCP/DHCPv6 leases, ARP, and NDP. Implements #9791
(cherry picked from commit 9297ad6504618c5ffcee9f8fe02535cb33f570c9)
Removed escaping of CSS classes
(cherry picked from commit c8954c9f0957264a0287d3591b44fab5d52d0998)
Initialize JSON data to avoid warning.
Avoid warning/error for not initialized JSON variable.
(cherry picked from commit 6f2192d44689066e55cb7af6d19323edfc188b91)
Fix malformed JSON
Fix malformed JSON using json_encode().
(cherry picked from commit a9941bf65f82bd0a5491c693a55bc2163a43676d)
Fix OpenVPN keepalive default values. Fixes #3473
(cherry picked from commit 99d7e8c10e96e6f22ad47973d07258cd02426fe6)
Update privilege definitions
Reduce default GUI cert lifetime to 825 days. Issue #9825
Set autocomplete=new-password for auth forms around the GUI. Implements #9864
(cherry picked from commit 659a8a26d12b75399063dae060fa32fa23751dbf)
Add root warning to HA node sync privilege.
(cherry picked from commit 03b8b94ed86ca85510e7d00e035d30eab7e3a43b)
Initialize array to avoid a PHP error in upgrade_144_to_145(). Fixes #9840
(cherry picked from commit 8e0d33ec48792e13839a0181031664261269c220)
Fixes #9362: proxied value must be a boolean
(cherry picked from commit 888635338d63e8b21297e3b25f0ff545fe9c4c41)
Image upload validation improvements. Fixes #9804
(cherry picked from commit 09d597434c9ccb456c8f207649dbe43fd5ff85db)
Create custom CSRF Error page. Implements #9799
(cherry picked from commit da7384c4a42adbcb7c20beba05ff460d0f6da7b3)
Fix oinkmastercode tag in status.php. Fixes #9736
(cherry picked from commit 9adb7806cffdd1393fd9223c17d7a938a37944c4)
Fix #9674: Do not set duplicate-cn in p2p_shared_key mode
Ticket #9674: Do not check password when using shared key
Clarify that error message is about proxy password
Fix #9719: Fix descriptive name field behavior
Redact BandwidthD postgres db password. Fixes #9784
(cherry picked from commit ca3129138b9866f5c82ff80d59eeed3f746367a1)
Initialize array properly
(cherry picked from commit d4393366bc0c30437c234652a2f124e08281acd5)
Redirect to status_captiveportal.php
(cherry picked from commit 15e8ee8621a552eb7d1b1a7749816846a24ae724)
Fix #9722: Change voucher shortcut to point to voucher status page
(cherry picked from commit 4baf532b5b834e659f484fc2b79e73fcfd169e46)
Fix #9756: Fix NCP multiple selection
(cherry picked from commit b0595985418416de4fe87063a1e21ffa1d2d5532)
Setup shortcuts for packages. Fixes #9770
(cherry picked from commit 37213abe96e83884b4a8ffbbbb7cc759cd2799ec)
Allow Dynamic DNS wildcards for Route53 #9053
(cherry picked from commit 0b230bb2957d32059ea4610965a9507346a1d3e9)
Fix #9285: Move ping-check option from global to per-subnet
(cherry picked from commit 5197e3e3a3b0ee048785e2ffb4222d7cba4e6c74)
Add IPsec DH/PFS groups 25/26/27. Implements #9757
(cherry picked from commit 21bee0287caf76bb7ab63ec29b0ecf7435940a06)
Add wizard select_source & use for OpenVPN DH. Fixes #9748
(cherry picked from commit 52f686a97f77cfd00ddb69088bef7164676d4117)
Add additional DHCPv6 prefix delegation size options to dropdown list on interface settings.- implements #9590
(cherry picked from commit 51dc008bfebef50bc4be9ff2a894e176ba013866)
openvpn: cleaning default case handling in switch statements
(cherry picked from commit f93ec3853fc0c01760606994422e9e8fc0d645c9)
change after review
(cherry picked from commit f08369ec248f2733eb2b69db23aa042e27ec04de)
Update text
(cherry picked from commit cef01bcb95add6acc13edb16739e10d7ed8ba6e2)
Added tlsauth keydir options to openvpn client and server
(cherry picked from commit 8698f918d170d3836037d3a39b4e1f8aa6389f6d)
Deduplicate code in openvpn.inc
(cherry picked from commit f7335af377d41262654bdbd7d7cf0e2993fb71d1)
Remove unnecessary variable
(cherry picked from commit 1d13560cb36db0d5f7cec9fa9d6295445333ba95)
Improve efficiency of resync checks.
GW Group changes are checked iff the interface is not the empty string or the interface in question is not the same as the OpenVPN interface.
(cherry picked from commit 15f8062b42b3b2849d5dd7fdde9170d4785e84e4)
Add ability for OpenVPN instances to resync on IP changes and on boot.
OpenVPN instances resync if interface IP change occurs.At boot, the interface is the empty string, so resync is mandatory to generate OpenVPN files in /var/etc/openvpn.
(cherry picked from commit 7071aab3b2c70bbed531e0f82bedab3273484843)
Add else clause for cases when OpenVPN interface file does not exist.
- Prevents potential race condition at startup resulting in failure to start OpenVPN instances.- In cases where interface file is not present the openvpn_resync function handles a restart correctly....
Update openvpn.inc to allow OpenVPN instances to resync when running on a gateway group.
Implementation now checks if OpenVPN client/server running on gateway group should resync when IP changes occur or if cables are unplugged/replugged.
(cherry picked from commit c46d0b12d606b2249f4b5305994e8c3e750634eb)
Remove deprecated comments since username tag got CDATA
(cherry picked from commit 1dcaf2d816721704bfb05ae2587c09e37c873e71)
Ticket #6195: Use CDATA on username tag
After discuss with JimP we agreed it would be a better approach thanbdaa5235d4 if we add username tag to the list of tags that use CDATA
(cherry picked from commit ce76d1e41bf3673e74041c53c230e6880e890dfa)
Fix interface/config alignment on interfaces_ppps_edit.php. Fixes #9741
(cherry picked from commit d81f270454ec66680cb645c0d3c13f9431d9c026)
Fix handing of DNSimple API response
It seems DNSimple started using HTTP/2, which broke the regex the dnsimple updater was using to check for success. I changed it to use the CURLINFO_HTTP_CODE instead.
I noticed several other providers are using the regex status match instead of HTTP_CODE, but I didn't touch those. I haven't written any PHP in 20 years, and I don't use those providers to test them. This change works for me for DNSimple now....
Was failing the check if clicking test notifications twice in a row. So it was saving the asterisks and overwriting the current password.
(cherry picked from commit 6176862f98749e15524e02ccaa705b65c498ceed)
Do not use constructor with the same name of class, it's going to be deprecated
(cherry picked from commit d43154fee7d7c2a5a007f36da7d86a94bd197a85)
Fix PHP warning
(cherry picked from commit b94eb4b90540dfb294376d6578aa9e9cbec63be9)
Fixed #8014
Fixed wildcard variable not being set correctly.Updated CURLOPT_URL according to provider's documentation.Added support for MX records.
(cherry picked from commit cedc8184606a4cfdf6cb7542e43d205205005865)
Add more color choices for login screen
(cherry picked from commit 1fe82d1dc90969fad058819ce6e7b6001382191e)
Make factory test case insensitive
(cherry picked from commit 552a41fbd37aa61f50e62f29876485c9775345cc)
Revise update check to provide a more consistent version string, and to provide it in JSON format
(cherry picked from commit 819165020041ee46f423a7ead5aca855dac28cdb)
IPsec ID type parsing changes. Fixes #9243
(cherry picked from commit 3a73fc74ca54b1167fbecfb679d0e634f5f1ab2e)
Fix CA/Cert search description. Issue #9412
(cherry picked from commit f30da999bc135fe80eda2eeddcc0cc1350a989d3)
Fix bonus closing tag. Issue #9412
(cherry picked from commit dd4fb72cfa8c0904d3cc7eae6ec01c2493f113f7)
Add sorting and search to CA/Certs. Implements #9412
(cherry picked from commit 14973058752f8b19f63af5c45b3f7b42560ae432)
Routing, actually show the "(default)" mark on the default route as it is present on the OS
Most obvious problem was when manually switching from WANGW1 to WANGW2 it showed both as (default) after saving the setting and before applying it. Also after applying it would require another page refresh to show the updated situation. Also add a little information box that shows what (Default) means for the user....