Change output style to follow halt.php and reboot.php so the shutdown output appears in the correct location on the page.
Conflicts:
usr/local/www/diag_defaults.php
Add header to DHCP static mappings table
Add a note about rdr pass not supporting Multi-WAN.
No reason for the ppp log to use this display method, use dump_clog() instead.
Run IPsec logs through htmlspecialchars before display.
Preserve "Idle timeout" parameter on interfaces gui. It fixes a problem pointed out on ticket #2641
Validate passed parameters to smart commands, and the target device. Also escape when used in shell commands even after validation.Discovered-By: Bernhard Thaler
Allow editing an imported CRL, and refresh OpenVPN CRLs when saving. Implements #2652
Bold and note manifest entries that match the current architecture, and add a note cautioning against a cross-architecture upgrade.
Show the hostname if it doesn't match
Stack the queue graphs. Fixes #2692
Make values look a little prettier and prevent a potential problem
In the case that no bandwidth limits are configured for queues but PRIQ is been used then rather set a default otherwise a value of 0 is used in the CDEFs for RRD
Remove diag_backup.js progress.php upload_progress.php since they are not used since long time
Remove upload_progress_meter references not used
Add this fix here too for upnp, set the bits when specifying the listening IP.
This is needed since preload is now gone
Get back to trim() and strip / from left/right but when redirecting properly create the redirurl var
Remove preload.php even here now that is possible to avoid issues during startup of lighty
Always commit the session fast to allow other consumers to proceed to their requests. This unbreaks now the lock up the GUI had allowing only one action from same source per time. Now even if you run a command that blocks indefinitely for example the GUI want lock anymore but allow you to proceed to other actions. Manual cherry-pick of 4111fcf5307829b19b95fbb499addddff46264af
USe rtrim here as that it the meaning. This should unbreak the issues on 2.0.2 with CP
Fix obtaining DNS servers from PPP
Safety belt checks to fix a PHP error that for whatever reason only appeared in Chrome.
remove non-applicable text
Fixup kernel detection during upgrade process to ensure someone can't end up with a kernel that doesn't exist any more.
Resolves #2294. Base64 encode the file when sending to the browser same way it is encoded when sent to us. This prevents csrf from mangling things
Only apply this port check for TCP and UDP.
Allow only post action and not get to avoid security problems
Remoev exec_raw.php since its a dangerous page
To allow limiters to work correctly on mutliwan for now enforce selecting a gateway on outgoing
it was giving error at firebug
Re-add WOL to the services menu, it apparently disappeared in an earlier commit.
fix last commit (#2679)
Resolves #2679. Correct behaviour when port is null to avoid warnings on error log
Resolves #2678. Merge patch suggedted to stop warnings on PHP_errors.log
Use a random exponent for the RSA generation of keys. Its is questionable if its needed to be saved as a value? Ticket #2657
fixed paths
Make a function to get the current theme and use it everywhere rather than duplicating code or missing functions. (Fixes forced themes using the wrong theme for login screen)
etc/inc/util.inc usr/local/www/head.inc
Encode the interface parameter before using it in a redirect
Encode the if parameter before using it in redirects, too.
Encode the if parameter before using it in html
Escape parameters better when managing tables. Fix test to allow deleting subnet entries as well as IPs.
Remove debug output
Set the CSRF Magic timeout to the same as the session timeout, so that if a user sets a lower session time, the CSRF magic tokens do not outlive the user's session.
Update CSRF Magic
Eliminate system calls here, use PHP instead.
Sanitize some variablesDiscovered-By: Yann CAM
Verify posted kernel type against a defined list of good values.Discovered-By: Yann CAM
fix for: Output from CSRF magic mangles files in Diagnostics > Edit File
http://redmine.pfsense.org/issues/2294
Use a better link here.
Print a nice large warning on the PPTP page about it no longer being considered secure.
Protect against a potential infinite loop here.
Make use of product_name
Put fix for IE 8/9 url handling bug
LAN is not special here anymore. Do not remove the interface again (it was alraedy removed before this block), do not remove NAT and such (OPTs may still need it!) and no need to remove shaper. Improve DHCP check and generalize it to work on any interface, not just LAN.
This apparently is breaking reinstalls. Revert "Actually make reinstallpkg remove the bionaries and really reinstall them"
This reverts commit 3ddb92a6a52e2345684c11da72ef6853b82d2915.
Revert "Remove missed line"
This reverts commit 2b52fee241484b1d52b2435e1716461ba2e36486.
Remove missed line
Actually make reinstallpkg remove the bionaries and really reinstall them
This should have been 2.1 only, and it's just causing some odd package behavior on 2.0.2 (blank lines in squid's interface selection, for one). 2.1 has different code here anyhow. Revert "Added "interface_selection" type to enable interface selection in tinydns server"...
Remove extra spaces and add closing <tr> tag
Provide a way to disable the pkg info link
Wrong branch
Revert "Import OpenVPN cisco style radius attributes applying policy to logged in users. Feature #2100"
This reverts commit 477cc2bc24b4b0a36b2bc765c1bb4d79a2eacaed.
Import OpenVPN cisco style radius attributes applying policy to logged in users. Feature #2100
Revert "Make the ppp-linkup script understand both address families."
This reverts commit 310c29c6a6089f1766ac052572b532e736a2251b.
Rather than doig a string search do a proper matching of selected interfaces. Fixes #2378
Clarify comment. Fixes #2270
Fix copy/paste-o
Fix input validation and import test.
Switch to ntpd from ports, add Services > NTP to select interfaces for binding. Respect old ntp settings in the process.
etc/inc/system.inc usr/local/www/fbegin.inc
Add a knob to tune the maximum number of tables that can be defined, the pf default of 1000 is too low for systems with >500 aliases.
Add missing div tag
do a direct return, it will not find the PinReady command
Adjust the +CPIN? cmd so it works for huawei 3G sticks too
List logged-in IPsec xauth users and provide a mechanism to disconnect them. Implements #1986
usr/local/www/diag_ipsec.php
Switch to a common function to determine anti-lockout ports, and fix a bug that was getting the ports wrong with custom https+redirect on.
Don't skip "lan" as a possible WAN for shaper, since someone could have renamed/repurposed it. Someone may shoot themselves in the foot if they pick it accidentally, but otherwise some valid configs may be prevented accidentally.
Include movable code to reorder list,save button, domtt title messages, also base64 decode option, description and custom text to checkbox fields.
New options need xml config to be included on package xml files, so no changes to packages that do not use these functions....
Fixup halt and reboot to catch the output from the shutdown process properly.
On its own, ntpd does not sync fast enough at bootup, so bring back the ntpdate sync but improve it so it can't get stuck forever.
etc/rc.newwanipv6
Fix syntax here too in case we need to revive it.
Use a text description instead of a code.
Add NTP status page using ntpq.
With FreeBSD's ntpd, the current options are irrelevant, but we can have a nice status page
usr/local/www/fbegin.inc
Fix ntp name here too
etc/inc/priv.defs.inc
s/OpenNTPD/NTP/ for log pages and menu entry, to save space (and make it easier if we switch)
usr/local/www/diag_logs.php usr/local/www/diag_logs_auth.php usr/local/www/diag_logs_dhcp.php usr/local/www/diag_logs_filter.php...
Fix redirect when saving settings in the widget, it was landing on the widget page instead of returning to the dashboard.
Make the ppp-linkup script understand both address families.
Add _ to the list of are allowed characters
fix typo
Revert "Make vips vhid be unique per parent interface!" - per cmb, this should not have been on RELENG_2_0 see ticket #2415
This reverts commit 4d0c032c528b10221a2ef894b5eca34f6fda39a7.
etc/inc/openvpn.inc etc/inc/upgrade_config.inc...
$realif only exists on apply, which this code path would never touch. Change to use the configured interface instead. Fixes #2212
Fix missing description in rowhelper.
When the "OpenVPN" users type was commented out of the drop-down, this function wasn't adjusted so it was off by one in its counts, making the URL table update frequency box disabled.
Fix display of widgets with configuration controls in IE. From Gertjan on the forum. See http://forum.pfsense.org/index.php/topic,42977.0.html
Fix preservation of the selection of interfaces on input errors for floating rules.
When renaming a user, make sure to remove the previous user or it gets left in /etc/passwd.
Add alias support to static routes (needs some testing) Ticket #2239
Merge pull request #77 from Whizkidzz/RELENG_2_0
Releng 2 0
Added "interface_selection" type to enable interface selection in tinydns serverThis is usefull in multiwan setup and to check if a server behind pfsense is still running.So that tinydns can change the corresponding records