Fix style
require_once auth.inc in vpn.inc since it uses functions from there, though normal use of the system won't require that, those who run certain things manually/custom may require it
Fixed #6514 by requiring string starts with letter ot underscore
(cherry picked from commit f0a053846d6cde2724c47b5553e1395cfd21445c)
Only omit aggressive line from ipsec.conf where IKEv2. Ticket #6513
Create openssl.cnf symlink during boot
(cherry picked from commit 5051739d72d31f8bd250148dfa65213723275310)
Fixed #6498 by providing new address type argument to Form_IpAddress(). In this case it is specified as "V6".
Set kern.corefile, fixes #6510
Fix typo
Fix redundant phrasing.
Teach rc script to copy custom_logos over default one
Fix #6468 Do not allow edit of day and times
in rows of time ranges for a schedule.The code was always intended that the user uses the calendar pad and start hour/minute stop hour/minute drop-down fields to enter days and time range. If an existing day-time-range is wrong, then the workflow is to delete the row and then enter the correct day-time-range using the calendar pad and start hour/minute stop hour/minute drop-down fields....
Use escapeshellarg on shell calls in auth.inc. Ticket #6475
Validate submitted groups when editing a user. Ticket #6475
Add input validation to system_groupmanager.php to prevent invalid members from being submitted. Ticket #6475
Fix #6463 Dest net alias matching on page load
Do not set destination field to use customarrayNote: dstbeginport_cust does not exist on this page, so I got removed it here also to avoid future confusion.
Fix #6460 Interface mismatch apply changes button
Rework pkg_mgr_install.php:
- Stop using id parameter for additional packages, keep using it only for firmware upgrades- Created to control variables $completed and $confirmed to check all the stages and make it easy to understand what is happening- Stop using $pkgid and use $pkgname instead...
Implement pkg_valid_name()
Fix variable name s/POST/_POST/ and also parameter name s/complete/completed/
Fix indent
Improve readability
Simplify mode parameter validation
Remove redundant check since pkgcancel is never set
Validate mode parameter and use sanitized variable on other places
Set keepalive_timeout 0 where captive portal in use, and update otherwise to nginx's current default of 75. Ticket #6421
Fix save and reset buttons on status_lb_pool.php. Ticket #6254
Fix #6440 RADIUS issued IPs
This is a checkbox - the state in the config is stored as set or not set.This should fix the reported issue. I don;t have a system right now to test, but the bug seems obvious.
Allow - and _ in sysctl values. Ticket #6438
Don't override type so changing it is possible. Ticket #6439
Allow - in TFTP Server field. Ticket #6433
Link to correct schedule from firewall_rules.php. Ticket #6428
Use 0 here if specified. Ticket #6413
Fix this missed one.
(cherry picked from commit f42ef69ab518237260a2e129cbdf391549c003ad)
Firewall / Aliases / Edit - New URL Table Alias Type
Make the code cleaner and easier to follow by using the same alias type designations as config.
(cherry picked from commit ebe833f6a9463b0e4add1d97c360af4a682d1add)
Need to pass alias type to process_alias_urltable() function when creating a new url table alias because it is not yet set/available from config. So the alias_get_type() function can't be successfully used yet....
Fixed #6401
(cherry picked from commit fe68a6a2b28c897cb3a8f8fda452c25f649556f1)
Handle mode correctly with Auto IKE. Ticket #6360
Firewall / Rules / Edit - URL (IP) Alias
Make alias type URL (IP) available for selection in firewall rules.
Lower default LDAP timeout to 5 seconds. Idea from Sandeep1991 in PR 2971. Ticket #6367
Set request_terminate_timeout to the same as max_execution_time in case something executed externally doesn't respond, to avoid hanging up all of php-fpm eventually. Ticket #6318 among other similar potential issues.
Relax Suhosin to allow a 512M memory limit
Set PHP's memory limit to 512M on 64 bit. Ticket #6364
Fix #6381 ipv6nat_ipaddr
Fix quoting in diag_routes.php, see ticket #6371
Better fix for escaping in ticket #6371
Fix up diag_smart e-mail handling, and the backend config code was broken/making false assumption about the config file as well. Fixes #6371
Welcome 2.3.1-RELEASE
Miscellaneous Textual Corrections - System / Advanced / Firewall & NAT
Section panel header title.
(cherry picked from commit 5414794c12fbcd6455a48f81428e0457a9cf0c95)
Make limiters info box work same as By Interface
The info box displayed on Firewall->Shaper, By Interface come down the bottom with and info icon and can be shown/hidden by the user.The similar info box on Firewall->Shaper, Limiters sits in the main body with no info icon and cannot be shown/hidden, but can be dismissed....
Customize limiter info message
The $dn_default_shaper_msg is what is displayed on the Limiters tab. It needs to talk about "limiter" rather than "queue".This code builds up each message using the same base template sentences, inserting "queue" or "limiter" in the appropriate place....
Miscellaneous Textual Corrections - System / Advanced / Networking
(cherry picked from commit 542d14be063e0a90b9182ee3dac9dc3fdb52d04d)
Miscellaneous Textual Corrections - System / User Manager / Settings
(cherry picked from commit 850211423b3486353b2419b02211213196d8c36e)
Miscellanous Textual Corrections - Add missing dots, normalize case
(cherry picked from commit cb6c20a997eeb77b3529e157cd512fabb4ff69f0)
Sanitize notice output here as well. Ticket #6154
Correct force updates when chosen. Ticket #6359
Fix script name in error log
Fix misspellings.
Disable ipcomp regardless of config setting to avoid problem. Ticket #6167
Silence mwexec output. Now that the groupdel actually works, it spams the log when group isn't found. Ticket #6352
Make rule_columns_with_alias end params optional
Stops PHP warnings like reported in forum https://forum.pfsense.org/index.php?topic=111768.0
Unbound and dnsmasq can both be enabled so restart both if need be
Fix scope for IPv6 link local gateway IPs. Ticket #6353
Handle link local IPv6 gateways and default gateway switching correctly. Ticket #6258
Miscellaneous Textual Corrections - System Advanced
Miscellaneous Textual Corrections - Services NTP PPS
Don't start unbound in track6 config if system is booting. Add dnsmasq here as well. Based on PR 2943. Ticket #6186
Use -g with groupdel when passing a GID. Ticket #6352
Fixed #6349
Use proper IPsec enable test. Fixes #6351
Add alias display to target host and target port columns
(cherry picked from commit 474e70a2d178de50060c6e5f1114bb5b6963a6b6)
Add a safebelt to makesure $cpzone is always in lowercase. Ticket #6278
Fix #6278
$cpzone is always in lowercase, it's used as the array key used inconfig.xml. Use it in two cases where the $cp['zone'] was being wronglyused:
- To find out zoneid- To replace PORTAL_ACTION url
Store notices safely to prevent potential XSS when notices are displayed locally or by remote systems where they're shipped. Ticket #6154
Fix package_reinstall_all post-upgrade when packages have been removed in pre_upgrade. Ticket #6137
Tweak upgrade - Remove unused code and document changes better
This will ensure a smooth upgrade for those running config 15.4 to any next version.
Prefer index.php over index.html where both exist.
Only execute remote search operation on first call of get_pkg_info(), this should fix #6177
Do not call pkg_update() here since pkg_switch_repo() aldready does it
Miscellanous Textual Corrections - Add missing dots to phrases
(cherry picked from commit e4c7d45fc7a294817325354e13f4d5bc4987739e)
Miscellaneous Textual Corrections - Services / Dynamic DNS
(cherry picked from commit 1c4e2ed053a04f7768a21129171a27e6804dbb0c)
Hide CIDR for alias types that do not use it
Suggested/discussed in forumhttps://forum.pfsense.org/index.php?topic=111593.0
hideMask only modify input-group on first parent
Otherwise when unhiding (e.g. for Network type alias), input-group getsadded to every div up the DM hierarchy and the layout gets messed up.
Rename OSPF and System Patches packages in pre_upgrade_command. Ticket #6118
Revert "Add config upgrade code to update package names. Ticket #6118"
This reverts commit 291fad43870bdb39ef0ab32125b022e268a29cf7.
Check for is_array here to avoid possible issues if the config.cache is invalid. Adapted from PR 2925
Spaces->tabs
(cherry picked from commit e1caefc74fba6cbbb680288c1f8d930e4f0ad474)
Fix tab highlighting when editing mobile IPsec P1. Fixes #6341
Adding missing spaces between punctuation
(cherry picked from commit 0e63fe1f372584a03a6c84aeb6268fde8de75b3a)
Miscellaneous Textual Corrections - Services Load Balancer
(cherry picked from commit f3817766671915583074465aa725152c7a293568)
theme Compact-RED, added a few more tweaks to look a bit more aligned.
(cherry picked from commit ec18e589f123595c34cf8e1a84313394bb909250)
just exit for v6, gateways setup above.
fix booting check
Add Compact-RED theme and update system.php to sort available themes by pfSense, then BETA, then user supplied themes.
(cherry picked from commit 6a5c6661960e1cd39e3caf66a3caaeb2678d27b1)
Revert "Fix #6120"
This reverts commit 4cbe0b132f0d60b71a20052fae1155210a1f5a16.
Revert "Require system.inc to fix /etc/rc.console_setup. Ticket #6120"
This reverts commit 32f0ee884632aba5ab38485a7c25c190bb5bccce.
Require system.inc to fix /etc/rc.console_setup. Ticket #6120
A simple fix for #6120
- Retire system_console_configure()- Replace above call on rc.bootup by setup_serial_port()
Miscellaneous Textual Corrections - Services DNS Resolver
(cherry picked from commit 0cb4d4a63585f500329616be6ee2bbb2274975c6)
Miscellaneous Textual Corrections - Services DNS Forwarder
(cherry picked from commit 3d7aaa1a3fac45271bfa50190496be6d70d7f296)