fix up text
Merge pull request #1458 from xbipin/patch-4
Merge pull request #1455 from xbipin/patch-2
Merge pull request #1466 from tuyan/master
fix responder-only IPsec text
fix text
Fix aliases popup width when fields are hidden when page is loaded. It should fix #4238
Fixed not being able to save custom and custom-v6 dyndnsentries due to "host" being posted empty, and thus failingis_domain() check.
fix indent
Merge pull request #1457 from phil-davis/patch-2
Remove latin-1 encoding of RSS feed
Many thanks to Gertjan in forum https://forum.pfsense.org/index.php?topic=87504.msg484017#msg484017Specifically setting the output encoding to latin-1 was causing the "black diamonds" for special characters in the http://blog.pfsense.org RSS feed (e.g. the registered trademark sign after pfSense did not come out)....
Add input validation to prevent the use of AES > 128 where glxsb is enabled. Ticket #4361
Fixes #4360 allow marking a connection as responder only, the same behviour as mobile connections
Fixes #4359 Allow controlling uniqueids
Merge pull request #1453 from phil-davis/Upstream-SIP-server
Fixes #4353 Identify when strongswan.conf needs a reload and restart ipsec service.
Fixes #4333 Unset previous defined values before using the new ones
Fixes #4340 encode username same as with password to avoid issues with special chars.
Update pkg_edit.php
add schedule selection to pkg_edit.php
this allows schedule selection to pkg_edit.php, this can then beutilized by packages to set schedules in many other places. This is thefirst set of changes, will further modify other files to make full useof schedules.
Do not reuse reqid on copy of phase2 Fixes #4349
Unbound domain override IP:port validation
The domain override is IP:port is invalid if either the IP address OR port is invalid.Previously you could put an invalid IP with valid port, or valid IP with invalid port.
unnecessary but lets just add this for safety
multiple allow/deny entries for UPnP (rowhelper)
remove old permission box fields
fix input validation, = is OK here
Accept port range on Outbound NAT. Fixes #4300
Merge pull request #1440 from wagonza/patch-6
Merge pull request #1421 from phil-davis/patch-4
with this additional change we can allow infinite number of entriesrather than just 500 due to the for loop set to a max of 500 because therowhelper control doesnt post as an array but just adds a number at the...
Merge pull request #1445 from phil-davis/priv-typos
This patch will allow the web GUI for UPnP to enter more user specifiedentries rather than just 4, I replaced the 4 boxes with one rowhelpercontrol
Traffic Shaper Wizard Upstream SIP Server
Not being remembered and actioned.Bug #4314
Teach ufslabels.sh to deal with DESTDIR, useful on installation
Improve a bit sh syntax and fix it for multiple swap devices
Fix sed syntax, -i requires a space before the parameter. Also fix regex to find swap device
use example.com for examples
these descriptions were flipped. Ticket #4273
Make sure radvd is reconfigured when CARP is enabled/disabled. It should fix #4252
Add missing require for filter.inc since vpn_ipsec_configure() calls filter_configure(). It should fix #4236
Unimportant typos in user and group manager
that do not effect anything.
move jquery ui css to theme folders
Merge pull request #1441 from phil-davis/patch-1
Time to let these go
Ticket #3997 s/_vhid/_vip/g
Ticket #3997 Put a uniq identifier on the carp settings.
Ticket #3997, teach code to track carp through uniqids(). Missing carp GUI changes and upgrade code
Firewall Rules Apply be friendly to other languages
Forum: https://forum.pfsense.org/index.php?topic=86808.0Redmine: https://redmine.pfsense.org/issues/3886
print_info_box_np() when called with just the first $msg parameter has some rough tests to decide if the "Apply" button should be displayed. It checks if the translation of "apply", "save" or "create" appears in the $msg string (which is a translated string itself). If the $msg string did not translate, and thus remains in English, but gettext("apply") does translate then the e.g. Turkish word for "apply" is not going to appear in the English $msg string. So things go wrong....
Add support for 0x20 DNS random bit support. Fixes #4205
Add EAP-MSChapv2 implementation for Windows ipsec support as reported here https://forum.pfsense.org/index.php?topic=81657.15
Actually remove rekey/reauth from config to avoid strange issues. Ticket #4208
To avoid issues with clashing SAIDs go back to specifying the reqid in strongswan config.
To be able to manage this first upgrade the config to assign each phase2 an reqidSecond use that during config generation
Ticket #4208
Improving aesthetics.
Make title color more consistent with other pages.Improving aesthetics.
Where the P1 is disabled, show the P2s as disabled since they will be, same as in previous versions.
Fix IPsec widget for multiple P2, it fixes #4164
Improve this part as well
Properly handle large passthrough entries even here.
Put the value of password under double quotes(") to avoid issues with special characters in passwords. Ticket #4177
Prevent echo to insert a newline(\n) at the secret string. Fixes #4177
Fix typos and set needed variable
properly apply the passthrough entries when apply is hitr.
Fix inherent issues with isset and empty values set as true by our parser. This made the piep configuration to be wrong at least for passthrough entries. Ticket #3932
Bring back showing of default value like previous versions.
Remove debug code
Fix POST typo in interfaces_assign.php
Obviously a typo. But this section is inside:if (isset($_POST['add_x']) && isset($_POST['if_add'])) {and I cannot find where 'add_x' is ever sent here, so I do not see how this whole code section is ever executed (and that will be why this typo bug has no symptoms). What is the history here? Can the whole block of code be removed?...
Fixes #4177 convert password to base64 to be submitted to avoid issues with special chars in shell and HTTP GET parameter passing. Probably should add POST support to fcgicli.
Properly rename the var Ticket #4164
Default to only AES and SHA1 for new P2s.
Default IPsec to AES
Default IPsec to main mode, unless mobile client.
Do not count twice the phase2 entries
Just some reshufling and cleanup
This broke a variety of things. Revert "Deprecated and non-static method messages"
This reverts commit 91b9a02fb131746c67fdf9f34282f123a13f1b13.
Make this code less memory hungry and fix route command generation
Deprecated and non-static method messages
Fix various files that can emit messages like:PHP Strict Standards: Non-static method SimplePie_Misc::array_unique()should not be called statically, assuming $this from incompatiblecontext in /etc/inc/simplepie/simplepie.inc on line 5508...
Improve URL and URL ports alias update data:
- Move redundant code to a function parse_aliases_file(). Before the maxnumber of items was not being respected when URL content is updated,only when alias was saved. Same was happening with ip/subnet/portvalidation and user could end up with a bad pf.conf...
Also include /127 for IPv6, it works fine. Ticket #3657
Allow for configuring /31 masks on interfaces.php. The rest of the code was updated accordingly some time ago, and an employee with Cox Communications has confirmed this allows things to work on their circuits deployed with /31s. Ticket #4190
Provide an advanced setting to be able to disable Unity Plugin(Cisco extensions)
split is deprecated move to explode
fix spelling of compression
Fixes #4182 by properly managing IPcomp on ipsec tunnels.Also retires IPsec force reloading advanced sysctl since its useless nowdays with strongswan and remove its call on rc.newipsecdns.
OpenVPN backend authentication fix key and translation
The array returned by auth_get_authserver_list() has key as the fixed name of each available authentication mode - e.g. "Local Database".The array value ["name"] has the name string translated into the selected GUI language....
Fix #4090:
- Unbound advanced options may contain double quotes and it breaks thesyntax when a backup is restored because newlines are trimmed. Save itin base64 format is a safe way to prevent it- Bump config version to 11.5- Provide upgrade code to encode current config or the one that came...
Make it possible to backup/restore 'DNS Resolver' section individually
Support for Office365 Mail
https://redmine.pfsense.org/issues/4176Allow the user to choose SMTP authentication mechanism PLAIN or LOGIN.For existing configs with this option not set, PLAIN is the default, and will appear first in the dropdown box, so next time the user saves the SMTP Notification settings, PLAIN will be the value selected and saved.
Fix track6 prefix id range check, reported by jimp
Allow blank source port in diag_testport
Reported by forum https://forum.pfsense.org/index.php?topic=86146.0Also, if there are input validation errors, save the user-entered data and re-display it, making it easier for the user to just correct the data in error and press Test again. It was blanking out all the entered data.
Merge pull request #1416 from phil-davis/Copyright-format
Fix lineup of copyright lines
and module names and other bits of formatting and typos in headercomment sections.
Remove duplicate copyright
Noticed these had the copyright twice
Welcome 2015
Merge pull request #1412 from phil-davis/patch-2
Allow for old settings that have no iketype
This bit of code looks like it could do with the same test as https://github.com/pfsense/pfsense/pull/1412This is executed when the "Connect" button is pressed from Status->IPsecSomebody with these problematic old IPsec entries could test this - with current code I suspect that disconnect followed by connect - it will not connect. With this change it will (might?) connect again.
IPsec Widget allow for old settings that have no iketype
as mentioned in https://forum.pfsense.org/index.php?topic=84527.msg471919#msg471919This change makes it work like similar if tests in /usr/local/wwwvpn_ipsec.php, and code in /etc/inc/vpn.inc that effectively defaults to ikev1 when iketype is not specified....
Captive portal spelling
Merge pull request #1408 from ExolonDX/master