pfSense

Fix interface list usage

WARN: Please ask before introducing old code on what have changed!

• Reorganize the 'apply' button infrustructure in the GUI.
  - Present three new functions is/mark/clear_subsystem_dirty('name_of_subsystem'). This makes easier to create such things without needing to introduce new globals.
  - Convert all pages to the new infrustructure...

Modify IPsec code to allow for transport mode. All existing configurations are
marked as tunnel for backwards compatibility. There are problems with the spd
read code which Will likely choke on transport entries. We can fix this later.

Move the IPsec pinghost option from phase1 to phase2. Correct some
bugs that were preventing the local address from being selected.

Reload phase2 tunnel items when adding, remoing or editing a phase 2 entry.

Migrate IPsec certificate management to centralized system.

Cleanup ipsec interfaces a bit and make sure they are displayed in tabs for consistency.

Rewrite the pfsense privilege system with the following goals in mind ...

1) Redefine page privileges to not use static urls
2) Accurate generation of privilege definitions from source
3) Merging the user and group privileges into a single set
4) Allow any privilege to be added to users or groups w/ inheritance...

Fix a few bugs in the IPsec pages HTML output that were causing problems
with IE.

Introduce a new and improved version of IPsec mobile client support. The
mobile client tab is now used to configure user authentication (Xauth) and
client configuration (mode-cfg) options. User authentication is currently
limited to system password file entries. This will be extended to support...

Overhaul IPsec related code. Shared functions have been consolidated into
a new file named /etc/ipsec.inc. Tunnel definitions have been split into
phase1 and phase2. This allows any number of phase2 definitions to be
created for a single phase1 definition. Several facets of configuration...