XHTML Compliance
DHCP Logs Status
Queues Status
Merge pull request #940 from N0YB/RELENG_2_1
Package Logs Status
Sprinkle ob_flush to avoid some warnings on 2.1
Fix issue with CSR generation. Ticket #2820
Fixes #3460. Ask for validation when real operation will be done and ask for the operation with POST to get protection from CRSF.
Take single and double quotes into consideration
Fixes #3461. Remove any special char that can lead to shell/XSS compromises from submitted input.
Do not call rc.newwanip when pppoe gets a v6 ip.
Open VPN Status
NTP Status
XHMTL Compliance
Load Balancer Status
Move this global declaration to the proper file rather than backend code
IPsec Status TabsMostly element closings and minimizations (nowrap), empty table row.
Help ticket #3449:
Improve data validation to avoid save a host/subnet or a IPv4 withinvalid mask. The reported error is on javascript and only happen onIE8,but this fix will prevent the same issue happening in the future ona different browser.
RRD Graphs UpdateUse CDATA section instead of clunky decode hex value for ampersand in script.
Use correct parameter (bootfile-url) to configure netboot on DHCPdv6, it fixes #3421
Use htmlspecialchars(), a better solution for #2952
Merge pull request #921 from phil-davis/RELENG_2_1
Enhanced validation of general DNS servers and gateways
Use descr as the field name for voucher description so it gets CDATA protection. Fixes #3441
Filter Reload StatusMark script as CDATA section to avoid expansion of the begin tag entity (<).
Filter Reload Status
System Logs Wireless Tab
System Logs Routing Tab
Status DHCPv6 Leases
Add a knob to let the user select which console (video or serial) is preferred in cases where there are multiple consoles present. Also provide a way to force this preference.
Add a mechanism by which the serial port can be forced on always regardless of the config setting. (useful for nano+vga setups)
Fix #2952, escape necessary chars to avoid xss injection
Respect g['tmp_path']
Status DHCP Leases
Create an empty row in tbody if there are no log entries displayed.
Create an empty row in tbody when there are no firewall log entries displayed.
Catch a validation issue reported on the mailing list thread: IPv6 address data validation from: Brian Candler. It prevents putting a subnet in the address field since it then breaks the whole filter generation process
When adding ip aliases on top of carp not in the subnet of the carp configured address but an ip alias of the real interface do not error out but accept this as a valid configuration.
Merge pull request #910 from phil-davis/RELENG_2_1
Releng 2 1 Standardize LAN net display
Standardise LAN net display
for 2.1.1
Merge pull request #909 from phil-davis/RELENG_2_1
Releng 2 1 Return all stats when all or remote is selected on Traffic Graph
Reorder Traffic Graph filter options so Local is default
Return all stats when all or remote is selected on Traffic Graph
and make the default query return "Local" traffic.
XHTML Compliance - RRD Graphs
Close input tag
Add specific permission for easyrule.
Remove this sort. It's unnecessary and causes problems when editing and saving privileges, it can reorder users and cause edits to the wrong account.
s/http/https/ for doc.pfsense.org
Fix some wrong escapeshellarg() calls
Conflicts: etc/inc/filter_log.inc etc/inc/pkg-utils.inc
Simplify logic calling grep less times, as done on mail_reports.inc on 2c6efc9
Use unlink_if_exists or @unlink to avoid PHP errors when file doesn't exist
Conflicts: usr/local/www/firewall_aliases_edit.php
Merge pull request #901 from Klaws--/patch-2
Added previously missing DSCP VA (requires kernel patch patch submitted ...
Add escapeshellarg() calls on exec parameters. While I'm here, replace some exec() calls by php functions like symlink, copy, unlink, mkdir
Conflicts: usr/local/www/diag_logs_vpn.php usr/local/www/firewall_aliases_edit.php usr/local/www/guiconfig.inc
Fix an obvious typo on var name
Added previously missing DSCP VA (requires kernel patch patch submitted by me)
Merge pull request #897 from N0YB/RELENG_2_1
XHTML Compliance - Status: System logs: Firewall
Update shortcuts.inc
XHTML ComplianceShortcuts edit link - r/&id/&id
Couple style vertical-align corrections
Include these check boxes.
Really fix #3376
Thanks to Grischa Zengel for spotting the semi-colon at the end of the "if" line that was the real cause. Please also back merge this to 2.1 branch.
An attribute value specification must be an attribute value literal unless SHORTTAG YES is specifiedQuote (or escape) the quotes so they show up in the HTML.Use style where attribute not supported.Relocate tfoot to supported location and add tbody....
Also make the dialog_output query string option XHTML compliant.
Make select option XHTML compliant for "Number of lines to display".
http://validator.w3.org/check"SELECTED" is not a member of a group specified for any attribute<option value="7" SELECTED >7</option>
The name and VI delimiter can be omitted from an attribute specification only if SHORTTAG YES is specified...
Missing a couple table element end tags.
The service status icon (get_service_status_icon) is not always in a table.
So the caller should apply table td element, rather than the function.
Document type does not allow element "td" here <td class="listr" align="center">The element named above was found in a context where it is not allowed.
Do not list the same CARP ip as an option for Interface
Revert "Fix #3350. Do not destroy an interface when it's being disabled"
Ermal reported issues when changes are made on VLAN parent interfacewith this patch. He did other changes and interface_configure() will nowbe able to re-create VLAN interface
This reverts commit f70a140fe18cb80012e53f82c268788fbcae5436.
ports ntp moved to sbin, follow
updates to license.php
Should to go master, not RELENG_2_1. Revert "Merge pull request #882 from derelict-pf/cp-nohttpsforwards"
This reverts commit f8d1587b6e2cd8441fa16733a02af25257fc7708, reversingchanges made to 51922cb793b83bf7d22fdaa47205fd59b4d70e87.
Merge pull request #882 from derelict-pf/cp-nohttpsforwards
Add checkbox and logic to disable forwarding HTTPS/SSL (Port 443)
Update reserved_keywords checks to match firewall_aliases_edit
firewall_aliases_import should have the same checks for reserved names as firewall_aliases_editThis code should really be in a function in a common include file, but which one is the appropriate one?...
Fix display of CIDR/Update Freq in Alias Edit
Fixes #3376. I have no idea what the "^" characters were meant to do, but removing them makes the CIDR/Update Freq value be displayed correctly when editing. Will there be some other side-effect from removing the "^"?
Validate IP address ranges correctly on Alias Bulk Import
The code was there to attempt to validate and implement IP address range lines in Alias Bulk Import e.g.10.20.0.0-10.21.22.0should produce a bunch of smaller ranges with appropriate CIDRs.This fixes the code so IP address ranges actually make it through into the resulting Alias.
Remove not needed code
Make sense of interface mtu handling code. No need to do unneeded operations. This fixes slow boot times and proper handling of mtu for vlans though some work or better model is needed for other interface types.
Delete static route when monitor IP is removed, also save monitor IP even when it's disabled
When WANTIME is empty, there is nothing to do here
test only does integer comparison, use bc to compare float
Save status even if no script is executed
On first run REVIOUSSTATUS doesn't exist, so it cannot be UP or DOWN, invert the logic to fix this. While I'm here, check if file exists before cat it
Fix DHCP lease time display, strftime already convert it to local timezone, so we no need to calc offset
Remove 'deny unknown clients' option from DHCPv6 since it's not supported, it fixes #3364
Avoid dashboard divide by zero errors
Add checkbox and logic to disable forwarding HTTPS/SSL (Port 443)connections to the captive portal if HTTPS logins is enabled.
Fix saving of voucher sync settings.
Fix vpn_pppoe_get_id and stop duplicating pppoeid for multiple servers, it fixes #2286
Merge pull request #860 from iamzam/RELENG_2_1
Allow setting a default scale type preference for the traffic graphs wid...
Also account for a widget being null/not defined, and not just closed/open.
added missing quotes
thx rbgarga
Allow setting a default scale type preference for the traffic graphs widget
I originally submitted this at https://redmine.pfsense.org/issues/2994but it seems that is not used for commits now so I am adding it here.It works great on my box, and I can't see these changes causing any...
Prevent network or broadcast address to be set on interface (console, GUI and wizard). It should fix #3196
Fix #3350. Do not destroy an interface when it's being disabled
One more typo on Alternative Names fill, that was setting type field with $value
Fix a (probably) copy/paste issue that is making all Alternative Names disapear when an input error is detected
Allow an "empty" CRL to be exported, since this is still a valid action.
Fix an issue that changes wrong gateway entry when items are hidden
Many fixes on privileges, ticket #3216:
- Remove unused privilege page-diagnostics-logs-wireless- Remove duplicated privileges- Fix limiter-info, pf-info and system-pftop that were using wrong name- Add privs for services-igmpproxy-edit- Fix ID for acptiveportal allowedhostnames and editallowedhostnames...
system_camanager init $input_errors so array_push works
Fixes input validation when creating an internal certificate. Reported in forum http://forum.pfsense.org/index.php/topic,68849.0.html
Simplify the code.
No need to worry about the second column, we only need to pad the first one.