Remove other potential places where someone could select a kernel we no longer ship. Try to improve kernel detection a little more.
Add these file so they get added during regeneration
Resolves #2294. Base64 encode the file when sending to the browser same way it is encoded when sent to us. This prevents csrf from mangling things
While I'm here, allow an ICMP rdr.
Only apply this port check for TCP and UDP.
Allow only post action and not get to avoid security problems
Remoev exec_raw.php since its a dangerous page
Commit a revised version of https://github.com/bsdperimeter/pfsense/pull/264.diff
Fix: Repopulate field
updated pfSense.pot
Removing unnecessary gettext function calls
To allow limiters to work correctly on mutliwan for now enforce selecting a gateway on outgoing
Update usr/local/www/vpn_ipsec_phase1.php
Correct missing $
Add extra safety belts here.
Remove none per Jim since it is confusing
Remove preload.php which warmed the caches. IT hurts on embedded and really does not help that much
Not sure why this has been hidden so deep but putting that in the right place should help with error displayed related to HEADER already sent in PHP errors.log
Enhance reporting read-write setting
If the user has already selected Current Read/Write Status to be Read-Write, then they also choose Permanent Read/Write the mount refcount becomes 2. Then if they turn off Permanent Read/Write the setting is saved, but the refcount goes back to 1. This results in the file system still being mounted Read-Write....
Allow not setting group authentication
Remove accidental copy/pasto
Correct Select button when no ca_ref is defined
Allow other system authentication types to be used with ipsec. LDAP/RADIUS/local acc
Add button to switch between read/write and read-only on Diag > NanoBSD; Add setting to keep the media read/write at all times; Add indication of ro/rw status on Dashboard.
Fix variable reference, ticket #2679
Resolves #2679. Correct behaviour when port is null to avoid warnings on error log
Resolves #2678. Merge patch suggedted to stop warnings on PHP_errors.log
Cleanup/standardize labels on L2TP config
Adds "Sort by direction" in the Traffic Graph page
Added the option to sort IPs by direction in the Traffic Graph page, andimproved the detection of the local network to monitor (before theresults could not be realistic because of too many "local IPs" were...
Use a random exponent for the RSA generation of keys. Its is questionable if its needed to be saved as a value?
table javascript sorting improvement sorttable 1.2.3.4:123 and *:1234 now sort properly.
Make a function to get the current theme and use it everywhere rather than duplicating code or missing functions. (Fixes forced themes using the wrong theme for login screen)
Include shaper.inc here to have all the function dependency work.
Fix this browser check
And more encoding...
Still more encoding...
More encoding...
Encode this before showing it.
Encode parameters before showing them to users.
Encode some more parameters before showing them to users.
Encode the interface parameter before using it in a redirect
Encode the if parameter before using it in redirects, too.
Conflicts:
usr/local/www/firewall_rules.php
Encode the if parameter before using it in html
Escape parameters better when managing tables. Fix test to allow deleting subnet entries as well as IPs.
usr/local/www/diag_tables.php
Remove debug output
Set the CSRF Magic timeout to the same as the session timeout, so that if a user sets a lower session time, the CSRF magic tokens do not outlive the user's session.
Update CSRF Magic
Replace deprecated split with explode
now works again
most likely fixes #2638
fix #2639 (country interface selector in interfaces_ppps_edit.php)
also make ppps_edit more jslint ready for good measure
Make the size of the group privilege list the same size as the user privilege list.
Standardize hypenation and capitalization of Pre-Shared Key
restrict '/' from virtual server name field
fixes #2656
Fix warning when no gateway groups
If there are no gateway groups defined, and you save a rule that has an ordinary gateway selected in "Advanced Features - Gateway", then a warning is emitted when trying to traverse an empty gateway groups array at line 214.
Throw an error when invalid configuration is posted(address->network).
Correct issues with limiters. 1. correct spelling of config option 2. avoid duplicating javascript
Fix limiter error
Fix spelling
Fix syntax error
Refine saving/applying on more pages - don't show apply or take an action unless the user is allowed to do that.
Make limiters have a schedule specified which applie bandwidth limits during that period
Don't offer to apply changes if no changes actually happened.
Allow editing an imported CRL, and refresh OpenVPN CRLs when saving. Implements #2652
Check against _address since that is the field inputed _type is always there.
Properly set address type selection
Do not make natlocalid required
This field isn't required, so only check it if there is a value
Add a NAT entry for configuring NAT on ipsec phase2. It will add nat rules on enc interface
Eliminate system calls here, use PHP instead.
Sanitize some variablesDiscovered-By: Yann CAM
Verify posted kernel type against a defined list of good values.Discovered-By: Yann CAM
Only attempt to unset this if it has been set.
Merge pull request #235 from PiBa-NL/master
openvpn-widget layout drawing fix
another openvpn-widget layout drawing fix, sorry.
Merge pull request #233 from bcyrill/rfc3168_flags
Add ECE and CWR TCP flags as defined in RFC 3168
firewall log, show cell border when using 'column descriptions'
Allow for changing OpenVPN TUN to TAP device mode without reboot.
Merge branch 'master' of git://github.com/bsdperimeter/pfsense
Firewall log, allow filtering by interface.
Add UA support for BB PlayBook - patch by Pho Bia. Fixes #2648
Revert "Allow for changing OpenVPN TUN to TAP device mode without reboot." -- Adds blank OpenVPN servers, see ticket #2643
This reverts commit c8bb7f1527a99c69784ab6c01d9050adcde6a8a0.
CARP notifications show vip description, 'Virtual IP Addresses' page shows interface.
Add option to disable the dashboard auto-update check
Add option to separately specify the split dns domain list for IPsec mobile clients.
Refine LB entry deletion to make sure blank entries can be removed.
Due to the DHCP pool tag needing to be an array, rename the old LB "pool" variable to something else so it's not interpreted as an array.
Try a little harder to clear the states for the old PPP gateway
Refine OpenVPN client/server deletion to allow for removing invalid empty entries. Fixes #2643
Make tables sortable
Separate backend keywords from GUI language display in captive portal
When the GUI language was set to Portuguese, keywords like "default" and "unformatted" would be translated into Portuguese and written to config.xml - causing problems downstream in starting Captive Portal. Now the displayed values are in the GUI language but the underlying keywords stay in "computer-speak" in config.xml - forum http://forum.pfsense.org/index.php/topic,51988.msg281131.html#msg281131
fix warning message for CARP /32 /128 masks added /31 /127 as these are also not applicable for carp which needs at least 3 IP's to function.
fix for breaking editing carp edit selection setting.
Diagnose\Sockets page renamed and now also has button to show all socket connections, explanation moved to bottom.
Add a "Sockets listening" page to the Diagnostics menu.This for easy viewing of what services are bound to which interface and port.( based on the file diag_sockets.php from forum member 'bardelot' http://forum.pfsense.org/index.php/topic,53070.msg284360.html#msg284360 )
changed "Firewall: Virtual IP Address: Edit" page to always have the same options available (if applicable) for IPalias/CARP/ProxyArp/other