Tidy "gateway name - IP" in dropdown list
While I notice this also, for a plain gateway, the current IP address is also listed in the dropdown list text, like "WAN_DHCP - 10.42.11.1". If there is no IP address currently, it might say "WAN_DHCP - dynamic". But for some DHCP gateways that have not had any non-default manual settings done, it can say "OPT1_DHCP ". This gets rid of the silly-looking ""
Use return_gateway_groups_array() to build correct GWG list
Now return_gateway_groups_array() always returns at least the IP version 'ipprotocol' of each GWG, even if all its members are down at present. It is better to use this to check what IP version the GWG is. The previous check was using the IP address of the first member of the GWG to deduce 'ipprotocol'. That would fail if the WAN was DHCP and was down.
Add a function to read the status of connections/SAs/SPDs from smp plugin of StrongSWAN. No need to go through the setkey dumps
Port dropdowns: Put port no. after descrip
At the moment, even if a port number is entered, it's re-displayed only as a port name when editing. Users who don't have port names -> numbers lookup memorised can't easily confirm when editing a rule, that the port is as intended. Then, when they return to firewall_rules.php the same rules have ports displayed as numbers not names (inconsistent)....
Push log changes for IPSec and fix generation of strongswan.conf and ipsec.secrets to be properly considered
Fix #2302, save custom uploaded l7 pattern files on config.xml and replicate it to slave
Fix whitespaces and indent
This one too.
Element id's are to be unique. 'provider' used is elsewhere.
Better done globally here in the function.
XHTML Compliance
Interfaces
Update firewall_rules_edit.php
PIM protocol for firewall rules.
These are remenants of old 1.2 remove them from the wizard
Make a good copy of PHP_errors.log for crash reporter
Forum report https://forum.pfsense.org/index.php/topic,72877.0.html
Merge pull request #938 from nagyrobi/patch-12
Create ntp_status.widget.php
Merge pull request #937 from nagyrobi/patch-11
Create ntp_status.inc
Merge pull request #936 from nagyrobi/patch-10
Update status_rrd_graph_settings.php
Merge pull request #935 from nagyrobi/patch-9
Update status_rrd_graph_img.php
Merge pull request #934 from nagyrobi/patch-8
Update status_rrd_graph.php
Merge pull request #933 from nagyrobi/patch-7
Update status_ntpd.php
Make this usable
Merge pull request #932 from nagyrobi/patch-6
Create services_ntpd_pps.php
Correct some issues on status
Merge pull request #931 from nagyrobi/patch-5
Create services_ntpd_gps.php
Another fix even for XHTML compliance and proper selection
Fix some obvious problems in the code
Merge pull request #930 from nagyrobi/patch-4
Update services_ntpd.php
Merge pull request #947 from stilez/patch-2
Filter log - ensure IPv6 AJAX resolve works too
Using str_replace(array('.', ':') as asked
Filter log - ensure IPv6 works too
Remove old webguiport code
webguiport is managed in system_advanced_admin.php these days, not here in system.php. This validation is never executed, so might a well clean up old unused code.
Merge pull request #945 from phildd/master
Enhance interface gateway data entry descriptions
Merge pull request #939 from phil-davis/master
Dodgy-looking stuff in graph calculations
Merge pull request #659 from mss/extended-query-example-work
Improve LDAP DN examples
Merge pull request #943 from stilez/patch-1
AJAX-ify DNS lookups in standard firewall/filter
The msgbox is no longer needed since there will be a validation process per se
The standard firewall log has lookup ability but these open in a new tab/window, they don't show in the log, other places the same IP appears in the log aren't visibly resolved, - basically its begging for AJAX-ing....
Take single and double quotes into consideration
Fix issue with CSR generation. Ticket #2820
fixed tail path
Update ntp_status.widget.php
Fixes #3460. Ask for validation when real operation will be done and ask for the operation with POST to get protection from CRSF.
Remove code that is commented
I noticed that the graphs in this post - https://forum.pfsense.org/index.php/topic,72794.0.html - had numbers for in-block and out-block that had similar numbers to in-pass and out-pass. That seemed hard to believe. Found these calculations that look wrong.
Updated errorneous paths. Sorry.
Dedicated widget which has a javascript clock showing the server time accurately, and based on NTP's running state displays information about sync source, GPS state etc. It refreshes contents every minute, without reloading the entire page.
NTP widget helper
Add NTP graph to settings
Add NTP graph drawing
Add NTP graphing
A bit more informative NTP status page...
Separate page for other PPS sources config
Separate page to set GPS receiver pps sync
Extended options for NTPd
Fixes #3461. Remove any special char that can lead to shell/XSS compromises from submitted input.
Merge pull request #890 from N0YB/Gateway_Monitor
Gateway Monitor Advanced Settings
Move this global declaration to the proper file rather than backend code
Help ticket #3449:
Improve data validation to avoid save a host/subnet or a IPv4 withinvalid mask. The reported error is on javascript and only happen onIE8,but this fix will prevent the same issue happening in the future ona different browser.
Use correct parameter (bootfile-url) to configure netboot on DHCPdv6, it fixes #3421
Use htmlspecialchars(), a better solution for #2952
Some tweaking to handle when switching off dhcpv6.
Use descr as the field name for voucher description so it gets CDATA protection. Fixes #3441
Merge pull request #917 from phil-davis/master
Enhanced validation of general DNS servers and gateways
Improve processing of DNS server changes
What a pain this was. The user can blank out a DNS server from a position in the middle of the list. e.g. they had all 4 entries previously filled, and then they blank out DNS server #3. The way the DNS servers are stored in the config, they are just the defined ones in an "un-indexed" array. So actually entries 1, 2 and 4 on the screen become 1st, 2nd and 3rd in the config. The selected gateways for 1, 2 and 4 then have to end up in positions 1, 2 and 3 to match the stored DNS servers....
Add a knob to let the user select which console (video or serial) is preferred in cases where there are multiple consoles present. Also provide a way to force this preference.
Add a mechanism by which the serial port can be forced on always regardless of the config setting. (useful for nano+vga setups)
Fix #2952, escape necessary chars to avoid xss injection
Respect g['tmp_path']
Change string to "Maximum new connections per host / per second(s)"
Clarifying the setting's meaning.
As suggested by forum member "Senser" onhttps://forum.pfsense.org/index.php/topic,65472.msg356024.html#msg356024
Catch a validation issue reported on the mailing list thread: IPv6 address data validation from: Brian Candler. It prevents putting a subnet in the address field since it then breaks the whole filter generation process
Fixup pkg_nochecksig option
Fix for #3416
Correct javascript error which prevents PPP/PPPoE per-link settings frombeing displayed (bandwidth, MTU, MRU, MRRU).
Make Local the default filter for Traffic Graph
to preserve the previous standard behavior that shows "Local" when Traffic Graph starts.
to preserve the old behavior, that it shows "Local" traffic when first started.
Return all when all or remote is selected on Traffic Graph
Add specific permission for easyrule.
Remove this sort. It's unnecessary and causes problems when editing and saving privileges, it can reorder users and cause edits to the wrong account.
s/http/https/ for doc.pfsense.org
Add support for signed PBI, help ticket #3365:
- Add an option to allow user to accept unsigned packages- The only missing part is public key, that needs to be added to/var/db/pbi/keys/pfSense.ssl
Standardise LAN net display
On the main firewall rules multi-rule display it shows "LAN net" "WAN net" etc. But on the edit screen it shows "LAN subnet" "WAN subnet" etc. Make the edit screen have the same text as the main screen - this has ben a source of enough little questions/queries on the forum.
First swing at converting from racoon to StrongSWAN.It allows to use existing configurations on xml to generate StrongSWAN configurations.So its only IKEv1
Fix some wrong escapeshellarg() calls
Simplify logic calling grep less times, as done on mail_reports.inc on 2c6efc9
Use unlink_if_exists or @unlink to avoid PHP errors when file doesn't exist
Merge pull request #900 from Klaws--/patch-1
Added previously missing DSCP VA (requires kernel patch patch submitted ...
Add escapeshellarg() calls on exec parameters. While I'm here, replace some exec() calls by php functions like symlink, copy, unlink, mkdir
Added previously missing DSCP VA (requires kernel patch patch submitted by me)
Add link to Unbound under the menu item name of 'DNS Resolver'
Dig is no longer available, drill is now the tool
Some grammer fixes spotted by Phil Davis
Make sure ACLs are saved correctly
Reference right service reconfig function
More html formatting
Formatting
Table summary fix