Fix #6590 NTPd Leapfile Upload
Leave this to 2.4 only for now. Revert "Omit non-qualified hostnames from unbound's local-data. Ticket #6064"
This reverts commit cde0ef17a60cffa4a54f3ab4922b77bc0447d068.
Omit non-qualified hostnames from unbound's local-data. Ticket #6064
Call filter_configure in rc.linkup. Ticket #6297
Verify a valid IPv6 subnet is going to be used before including in radvd's config. Ticket #6581
Missing closing quote
Create /var/run/dmesg.boot symlink for vm-bhyve (Feature #6573)
See https://redmine.pfsense.org/issues/6573
Fix indent and spaces
Remove stray '
Fix #6582 Allow import of ports
This change does:1) Allow bulk import of a port alias. That happens when the Importbutton is pressed from the Ports tab of the firewall_aliases screen.2) Allow bulk import of an IP alias, automatically determine if theimported data fits a host or network alias type. That happens when the...
Improve patterns to read dhcpd6.leases to prevent leases containing '}' in ia-na line not showing up. It fixes #6543
Fix #6585 Do not use [] syntax for lookups
IPv6 address plus port is displayed with the format [1:2::3]:80 - the address is in square brackets followed by colon and the port number. This is necessary to disambiguate the port from the address, a good thing. But it messes up the use of the IPv6 address for reverse lookup....
Show "cannot delete alias" message as error
If I try to delete an alias that is in use, the "cannot delete alias" message was being displayed as the "success" color.(cherry picked from commit 04b571e836077c436d109d982be5a8e710ff8aab)
Do not check platform to decide if enableserial and primaryconsole fields will be hidden, global parameters are the rule to decide it. Fixes #6291
Fix PTR lookups on diag_dns.php. Ticket #6561
Change group labels s/MAC controls/MAC Address/
Add missing -R parameter to pkg call
Correct spacing
(cherry picked from commit a0b0acd1540764d5221ea54ea596d569bbe2df2a)
Remove debug
Fixed #6577 - Preserve user input on error
(cherry picked from commit a654d899cd5d288501fea1ec52dba2e3f0e479ba)
Make sure resolv.conf is present during nanobsd upgrade. Fixes #6557
Leave an empty file for URL Table aliases that return an empty file, and include it in the ruleset regardless so it doesn't generate any filter errors. Ticket #6181
Protect get_dir from causing PHP errors
https://forum.pfsense.org/index.php?topic=114570.0
webgui tables, doubleclick event to perform 'edit' action, part 2
(cherry picked from commit 1c10ce9750f3702f433a91754f79e637e1c3369b)
webgui tables, doubleclick event to perform 'edit' action
(cherry picked from commit 54691fc663eae7c6e92e4eaad596906758d7ebea)
ipsec widget, check for valid array
(cherry picked from commit 658180daffe0fe5f005b6fe6b528c758309dffef)
spdns.de renamed to spdyn.de
Forgot to update the select description and values
The service renamed there addresses
Clarify Negate option description on firewall_nat_out.php.
Change button order on diag_dns.php so hitting enter in the field does a lookup rather than update alias. semi-related to Ticket #6561
Update system_usermanager_settings.php
Use of undefined constant min - assumed 'min'
Update system_crlmanager.php
Use of undefined constant min - assumed 'min'Use of undefined constant max - assumed 'max'
Fix undefined constant
Notice: Use of undefined constant min - assumed 'min'Notice: Use of undefined constant max - assumed 'max'
startsWith Polyfill
Fixes hidding of custom individual settings when not in use on user manager page.
Diag Tables Last Update
Use correct Thursday abbreviation (s/Thr/Thu/).
Fix Redmine #6011
This will add linklocal fallback where no IPv6 is otherwise configured to allow login using this IPs
Allow wildcard for hostname with Namecheap DDNS. Ticket #6260
Whitespace cleanup
Make model_number customizable
Make presentation_url customizable
GitSync Diff Only Option
Diff Option--diffSSD FriendlierSame as default but only copies files that are different, instead of every thing even though identical.
Verbose Option--verboseDisplay constructed command.In combination with the --diff option, display the array of different and missing files....
Get modulus keysize
Useful utility function when it's necessary to verify that existing keys meets current practices
Feature #6388 custom GUI preference settings per user
Handle more invalid IPv6 formats
Rationalize System Update GUI messages
At present, when doing a System Update, there is a message box that says:"Please wait while the installation of completes.This may take several minutes."
Between "of" and "completes" is the package name, which is blank in the case of a System Update....
Diagnostics - DNS Lookup, also query for IPv6 addresses
Add playback files for disabling and enabling CARP maintenance mode. Ticket #6560
Omit <secret> tags from L2TP in status.php config.xml dump.
Restore 2.2.x and prior means of obtaining pfsync nodes to avoid exhausting memory on systems with large state tables. Ticket #6364
Flush link-local IPs so we do not get stale data and do not waste time deleting IP if it is already set to fe80::1:1
Rename item #12 in console menu
The console menu item #12 ("pfSense/$product developer shell") has a pointless title that doesn't help users much. It also actively obscures from router admins the useful tools it contains which is a negative side-effect....
Update include() to include_once()
For safety, use include_once() when including various "side" files.There are a couple of instances of include("guiconfig,inc") that Ichanges to use require_once() to be consistent with everywhere else.The remaining cases of include() are just (hundreds of) head.inc and...
Shorten gwifip if whole socket path exceeds 100 chars
dpinger stopps with an error when the socketname exceeds over(around) 100 characters. The dpinger will not start and not delivermonitoring results to the WebUI.
These long socket names can get created when using link-local addresses...
Use a different delimiter for dpinger socket names
Currently underscores are used to seperate gwifip, monitorip, etc, butunderscors are also used in vlan subinterfaces like em0_vlan10 andtherefore can't be used because the interface scope is appended to IPv6...
Set pipe_slot_limit to the maximum configured qlimit value. Move the set_sysctl out if the block where it only gets run if dummynet isn't already loaded. Ticket #6553
Clean up limiter text. Remove old commented out bit.
Fix matching of chars in IPv6 address segments
The existing regex here is wrong, it matches 0 or more of the hex digits but then there can be other rubbish in the string, in fact anything at all! It matches "az", "z", "qwerty" and so on. So the "return false" inside this "if" never happens....
Remove a-f from IPv4 address pattern
It seems to me that a through f should not be part of the pattern for the "V4" case.(cherry picked from commit 1f49dd8a3a49b724ded5840c1db6c168ed466aae)
Always use require_once
The usage of require() and require_once() throughout the system isinconsistent, and "bugs" come up now and then when the order of"requires" is a bit different and some require() happens after theinclude file is already included/required....
Run generate-privdefs.php to update priv.defs.inc
bring back subnetv4_expand function used by pfblockerng
Use the translated destination for kill_states if one exists. Ticket #6531
Correct/clarify column header. Ticket #6530
Fix style
pfSense_get_pf_states always returns source as src and dest as dst, this flipping based on direction is wrong. Ticket #6530
Add include of functions.inc for declaration of gettext
Revert "Incorporated ssl changes"
It's a specific 2.4 change, only in master branch
This reverts commit 00a7688401c15015c3f43735b2b1536ebfec7e92.
Include interface scope on IPv6 static routes to link local gateway IPs. Ticket #6506
Comment typo
(cherry picked from commit b069f77e0a5e355e811dd7bd4a4d17a802a3f682)
Revert "adding privileges and separating DNS Resolver overrides from general settings"
This reverts commit fc76a1e390c8ce9579df31457c74d1d0e572b78d.
Shouldn't the priv match here be set to "services_rfc2136_edit.php*"?
(cherry picked from commit 5c403f843291bdc670dcdb45e1e097f2eb7f36ab)
Load actual value of webguihostnamemenu
This is a string from a list of valid values (empty, "hostonly", "fqdn"). So it is not correct to just gather a true/false value here.(cherry picked from commit e93242eb2ad5a45fb6ab1526f0b6ddcc716e5b96)
Restored countdown functionality and menu refresh on successful update/remove/installAdded comments to clarify operation of the page
(cherry picked from commit 18295ff2f907f638afa9f7c665cc16e4262e6899)
Clarify ports alias hint. Ticket #6523
% and / are also allowed in values
Fix Bug #6394 - Incorrect Output of Translation
Apparently gettext() does not behave correctly when passed an empty string, this commit ensures gettext() is called only with non-empty strings
(cherry picked from commit 6ae99aba5cab12440d88dd9ddaa6535c3b9b5d82)
Remove duplicate listtags() entry 'member'.
(cherry picked from commit 40d7e4bee91246db09cc88141869abcd37390bc7)
Remove subnet_expand()
Function isn't used in main or packages repo, and in any case would need a complete rewrite to handle IPv6.(cherry picked from commit 6215902c4043726e633fcfac1c37c710ac398653)
Fix #6482 OpenVPN Redirect Gateway Option Causes GUI Issue
This fixes the GUI inconsistency reported in the referenced bug. On edit of an OpenVPN server that has tun mode, not shared key, and the gwredir checkbox checked, the local_network fields are shown, but actually they should be hidden (because that is what happens on first data entry when gwredir is checked)....
added missing div.content wrapper when reloading filters
(cherry picked from commit e8406abe627675db2c2f77a81c1bb883f5158bb6)
Fix PHP Warning about invalid argument supplied for foreach
If _POST['members'] or _POST['groups'] is not set / none selected at GUI, it would give a warning on crash reporter (dev versions)
(cherry picked from commit 9f4722022f0e8114741e8cf1a421520fded8be1f)
Fix bad escapeshellarg logic on mpd execution
With this change single-quotes are applied in correct places
(cherry picked from commit 08cd022545be58a46b860500ff81bbe7438b6304)
Do not allow deleting your own user name
Currently if you delete your own user name, then the config ends up with a blank user tag in it. Rather than fix that up, it seems dangerous to be able to delete yourself anyway, because if you are the last user with admin privs for which you know the password (i.e. if you have not recorded the password for "admin" somewhere), then you can lock yourself out. That would require console access to fix, which for some people is a pain....
missing "(" (cherry picked from commit 70381d4803b9424c1a3f3ef518d8243062452d77)
optional arg for old behaviour(cherry picked from commit cf63f1638aab685cc956502f5ddd862a10bf3ff8)
function name hms -> dhms
to match edit to util.inc(cherry picked from commit c57e936a6596550619f7261e85b633ca5016cbf2)
Simplify convert_seconds_to_hms() and show days for large numbers of hours
1) Function can be simplified and all "if" statements removed, using intdiv (or casting result as int for PHP < 7) and % for calcs and sprintf for padding.2) Input validity check before trying to convert format...
Add "delete entry" for ARP table
Useful function in some circumstances - seems no reason not to have it.
Uses IP rather than hostname since not all ARP entries have hostnames.
Probably should also have "delete all" but not done that.(cherry picked from commit 6ea0d41e3c094a0977e7f0d022ec74276280b8ff)
Fix NTP PPS. It had 'None' option available on 2.2.x.
(cherry picked from commit ceabd66d57f7199602d3a23cb8a60080bcfa67ea)
Fix "Unable to remove NTP GPS from configuration"
https://forum.pfsense.org/index.php?topic=112771.msg627573(cherry picked from commit 55de528cbb177b4a1f40554ad1a567198bbeebb3)
redundant check - is_numericint() tests for >= 0(cherry picked from commit f208e9690e2ec4089cf3d3fe5f5f03fed5a36e6f)
Use global backup count instead of hardcoded value and remove redundant function(cherry picked from commit 01b5410ae8391998ba560d40f447c7f556472c5b)
fix logic and replace hard coded value by global
backups should be a numeric int.text hint for number of backups can now refer to the global value for this platform (and explains how to get that default, by leaving blank)(cherry picked from commit 16b17c15f9fc29e9480431b5bc7bebe2bd4b6230)
set default_config_backup_count based on platform
At the same time the platform is being detected for PHP/GUI purposes, set the default number of backups. Also handle the case where (for any reason) detection fails, which it shouldn't, so the variables are still created...
Give settings section a more helpful/standard title to match other GUI settings tabs(cherry picked from commit ca55edc39342865816feef390616be8b770c889b)
Self correcting - poor english(cherry picked from commit b56769c30a23af9f575ee4a5f056558ef8322f95)
Accuracy
Large keys are not "slower to use" in many cases, since they are only used to validate or set up a session. An ongoing session usually transfers to a symmetric algorithm once established, and the user won't notice the short extra delay in session startup....
missed a comment I added and shouldn't have - removed(cherry picked from commit 7c684f3b95f641134496bc1210cfb2d814468767)
Update OpenVPN Wizard to include missing key sizes
...and add some useful info to guide the user.(cherry picked from commit 49810252681df9bd553e2221c885ceffaa2c4c7f)