Code style usr-local-www back-end
files that do stuff in mostly in the background.
Add support for EAP-RADIUS to IKEv2 Mobile Clients
Merge pull request #1601 from phil-davis/check-overlapping-subnets
Remove pre-check and post-check from Cache-Control
If both `post-check` and `pre-check` are specified and set to `0`, bothare entirely ignored:
http://blogs.msdn.com/b/ieinternals/archive/2009/07/20/using-post_2d00_check-and-pre_2d00_check-cache-directives.aspx
Combine Cache-Control header in one line
Sorted by RFC 2616:
Section 14.9.1 `no-cache`Section 14.9.2 `no-store`Section 14.9.4 `must-revalidate`
Combined into one line with IE's `pre-check` and `post-check`. However,when both set to `0`, both are entirely ignored:...
Merge pull request #1609 from phil-davis/www-bits
Code style for small things in usr-local-www
When deleting a VIP check it is not used by OpenVPN
I noticed this when cleaning up VIPs and OpenVPN server when testing for this forum post https://forum.pfsense.org/index.php?topic=92174.0The system let me delete my test VIP before I deleted the OpenVPN server using, probably not a good thing....
Domain override with multiple authoritative DNS servers
Tell users that this is possible in DNS Resolver and how to achieve it. The code in unbound.inc already supports it and works.I had asked for this in Redmine feature request #4350 and when I went to look at coding to implement it I found code that already did it....
Check for overlapping subnets when saving interface addresses
This checks if a static IP address entered for an interface has a subnetthat overlaps with any other configured subnet. e.g.:LAN is IPv4 10.10.12.1/24Then try to set OPT1 to 10.10.13.1/23 - it overlaps with LAN because...
Allow single interface bridges. Useful with span port option, and when shuffling configuration around.
Merge pull request #1597 from phil-davis/Common-typos
diag_sockets show sockets listening on localhostthis helps pick a free port for services using sockets bound to localhost, and helps determine if the service has at least started and bound the port without needing to go through all 'connected' sockets as well
Fix up Ticket #4504 implementation. Match config style with other areas. Use a config setting to disable, rather than enable, this functionality since it's enabled by default so the tag isn't necessary in the default config. Remove now unnecessary config upgrade code.
Few minor text typos
Note that advertise is spelt with an "s" in other places in the GUI, somaking it consistent in services_ntpd - but maybe Americans do spell it"advertize" these days?
shouldn't need this as its own inc anymore, but only changing in master since 2_2 nearing release
There is no longer any need to restrict protocols for IPv4+IPv6 rules, the appropriate ruleset is generated and problem scenarios that would otherwise break here are prevented by other input validation.
remove dead code, clean up excess white space a bit.
Fixes #4504 use correct key index
Fixes #4504 Allow the bypass policy for LAN to be enabled and prevent traffic sent to lan ip to go to the ipsec tunnel
Fixes #4259 Use proper variable to do calculations
Add SCTP to protocol list for filtering.
Fix IPsec Advanced Settings uniqueids. It was neither set in strongswan config, nor picked up correctly in the UI.
Fix encoding issues in Configuration History list.
Fix a few misc encoding issues in load balancer code.
Fixed minor spelling error
Merge pull request #1578 from Robert-Nelson/rfc2136_ignore_ipv4_ipv6
Change to Record Type with A and AAAA as values.
Merge pull request #1587 from Gertjanpfsense/master
Merge pull request #1581 from phil-davis/patch-1
Use address types instead of addresses.
Merge branch 'master' into rfc2136_ignore_ipv4_ipv6
Merge pull request #1582 from k-paulius/fix-get_possible_traffic_source_addresses
Merge pull request #1559 from phil-davis/status-dhcp-leases
Voucher messages using wrong config field name
https://forum.pfsense.org/index.php?topic=91168.msg505273#msg505273$config['voucher'][$cpzone]['msgnoaccess']and$config['voucher'][$cpzone]['msgexpired']do not exist.These should be$config['voucher'][$cpzone]['descrmsgnoaccess']...
Fixes an issue wherein an alias could be added only if some other alias already exists in the system.
Commit 89f171b changed result returned by get_possible_traffic_source_addresses() from indexed to associative array. Updating affected code.
Use radio buttons to select between IPv4, IPv6 or Both.
RRD Graph Custom Tab display friendly description
The other tabs of Status:RRD Graphs put the friendly description of each interface into the drop-down list for selection.This change makes the Custom tab do that also.
Merge pull request #1577 from k-paulius/fix-dhcp6-validation
Add missing encoding, as suggested by yakar
Add option to not register IPv4 and/or IPv6 addresses.
Use is_numericint() instead of empty() to check if value has been entered because empty() does not allow 0, which is a valid value.
Make sure 'DHCPv6 Prefix Delegation size' is provided if 'Send IPv6 prefix hint' flag is checked to avoid generating invalid dhcp6c configuration file.
Handle release number in installer
This code just looked wrong. It was considering 10.1-RELEASE-p6 to be release number "1" and comparing it to "9".These changes to do what it seems to intend. This will make that UFS+J stuff appear, if that is of any consequence.
Add option for wireless standard "auto", to omit "mode" entirely from ifconfig. This shouldn't be necessary, but specifying mode has proven to trigger driver problems that don't exist if it's left unspecified (such as FreeBSD PR 198680). Chosing "auto" fixes ath(4) BSS mode issues otherwise preventing it from connecting.
change the location of jquery-ui images in each theme's css file
Merge pull request #1571 from phil-davis/patch-2
Cleanup code path when adding a new user
1) Only attempt to delete the oldusername if it actually was non-empty - at the moment errors are logged in the system log when adding a new user, because the code was trying to delete the user name "".2) Call local_user_set() first to create (change, whatever) the user record. This makes the user record exist for a new user. Then call local_user_set_groups() to sort out what groups the user should be in or not in. The existing code would fail to add a new user to the specified group/s because local_user_set_groups() was called too early, before the user actually existed....
Do not allow VLAN tag zero
At the moment you can make a VLAN with tag 0. The input validation does not catch it because when $_POST['tag'] = "0" that evaluates to false by PHP.Always make the checks on 'tag' value whenever the 'tag' key is set at all. If the (required) 'tag' key is not set, then that is already checked for by do_input_validation().
Merge pull request #1562 from phil-davis/usr-review1
Code Style sbin tmp usr
Bits and pieces from sbin tmp and usr but not yet usr/local/www
pfSsh.php readline function return value
This just looks wrong. But I guess the code path never comes through here because function readline() already exists in the environment of this script.
Status DHCP Leases handle expire never
Note: We can let the code pass "never" (or any other unexpected stuff)to adjust_gmt()adjust_gmt() should anyway handle the case when strtotime() cannotunderstand the input string and thus returns false. In that case we...
txpower was disabled for good reason it would appear, it triggers syntax errors in some configurations. Disable it again since it's been disabled for years, and comment out the user-facing config portion for now since it doesn't do anything. Ticket #4516
Apply WME input validation to all modes, not just hostap. Ticket #4516
Default to 11ng if an option hasn't been configured. Previously we let the browser pick the first in the list (the first the card reported as available), which ended up being 802.11b. Ticket #4516
Default to WPA2, AES for new wireless interface configs. Ticket #4516
Auto-size the interface box on the bridge edit page.
touch up interfaces.php text
Require WPA PSK where WPA-PSK is enabled. Clean up some other text. Ticket #4516
clean up input errors text
Fix up text, remove "only for Atheros" since the option is only shown if a compatible card exists.
"Auto" channel with hostap doesn't work correctly at the moment, force choosing a specific channel with hostap mode for now.
add more wireless validation. Ticket #4516
Add more validation for wireless config settings. Ticket #4516
Add more input validation for wireless parameters. Ticket #4516
Touch up wifi text
clean up unique IDs text a bit.
Proper fix #4443, do not unset carp entry when content differ, also set correct real interface and use subnet to check IP protocol
Save vip interface and subnet to use to delete old vips from secondary nodes. Fixes #4446
Revert "Use a consistent variable name here. related to Ticket #4446"
This reverts commit 309162b96d6ad0db09c132cc0aabc890bfe1909f.
add granular control of state timeouts. Ticket #4509
Conflicts: etc/inc/filter.inc
Remove BEAST protection option since default cipher is now good and works with hifn cards
Merge pull request #1549 from phil-davis/patch-2
Merge pull request #1550 from phil-davis/password-lock-symbol
Merge pull request #1548 from phil-davis/pencils
update description after adaptive start/end default change.
Use a consistent variable name here. related to Ticket #4446
Conflicts: usr/local/www/xmlrpc.php
Don't enable interfaces_use by default. Add checkbox to enable on Advancedtab, in case there are scenarios where it's desirable. Ticket #4341
Fixes #4427 Correct traffic shaper wizard to properly save and use Voip provided settings
Fix password box cursor position
Similar tohttps://github.com/pfsense/pfsense/commit/dedc40f7ded5f88aee4720aa8a3a57667b975254The password field shows the little lock icon, but the text input areastarts over the top of the icon and as I type in the field the password...
Fix SNMP Bind Interface list in master
The format of the array returned by get_possible_listen_ips() was changed.This use of the returned array was not quite changed correctly. This fixes it so the drop-down list of SNMP Bind Interfaces is displayed correctly....
Revert "Fixes #4446 Correct ipalias removal on top of carp during configuration sync."
master works differently and get_real_interface() resolves vips as well.
This reverts commit 8896fe1cebdc97dcbeb59249f3bb2abd1601b979.
Fixes #4446 Correct ipalias removal on top of carp during configuration sync.
Pencil symbols
These are places in the GUI where the cursor sits not in the far leftside of the input box and there is odd-looking white space to the leftof the cursor. Normally there would be a little input graphic in thewhite space to the left of the cursor (a pencil, a computer screen, a...
Allow reassignment from PPP types to DHCP. From testing, it appears to work OK, this input validation appears to be outdated.If there is some edge case that this catches, perhaps it needs to be a more specific test.
Add missing 'break' statement that broke switching from a PPP type to 'none'.
Merge pull request #1544 from phil-davis/patch-4
Merge pull request #1542 from phil-davis/patch-2
Add missing opening bracket
Remove extra closing brackets
$ldescr variable is not assigned a value and all 'Outgoing Network Interfaces' show Localhost as a name on UI
Missing $
Update help to current config structure, touch up text while here. Fixes #4492
Check for console="comconsole* rather than just comconsole in loader.conf, so it doesn't match just having comconsole_speed in loader.conf. Ticket #4464
Expand CARP demotion error, add button to reset demotion status.
Remove multiple spaces from dns_split as a seatbelt, also fix the message since field is expected to be space separated and not comma. Ticket #4418
DNS Forwarder Host Override Edit make the pencil symbols appear
In most places in the GUI a little pencil symbol appears before text input fields. For example it already appears for the Host, Domain and Description fields in this very form when you "Enter additional names for this host."...