Indicate if a certificate has been revoked, both in the cert list and the user manager list.
Add ability to select reason codes for revocation. Reformat CRL edit screen a bit. Ticket #555
Refresh OpenVPN CRL files when a CRL has a cert added/removed. Ticket #555
Add support for deleting a cert from a CRL (unrevoke). As of this point basic CRL functionality does work: Revoke a cert and it cannot connect. Remove it from the CRL and it can. (Have to edit/save OpenVPN server instance to update/refresh CRL though). Ticket #555
Change OpenVPN wizard to set input_errors when there is a fatal condition that will require preventing a config save.
Add these error/info box classes to the wizard.css file.
Add a patch to wizard.php to support input_errors from sullrich (with some modifications).
Reject special characters in CA/Cert field names during OpenVPN wizard. Fixes #900
Add more CRL functionality. Needs to wait on a new build for further testing.
Fix some forgotten name->descr changes.
Traffic shaper wizards remove redirection before final step. This seems a forgotten item.
Generalize the "low res" user agent detection so it isn't Apple-specific. Include Android in the detection, and also provide a mechanism so that the "low res" theme can be set in globals.inc.
Rename 'name' to 'descr' for CA, Certificates, and CRLs, to gain CDATA protection and standardize field names. Ticket #320.
Convert fullname field on users to descr, so it gains CDATA protection.
desc to descr in Load Balancer config, so they gain CDATA protection and standardize field names. Ticket #320.
Change the description field on sysctl tunables to be 'descr' and not 'desc' so they will gain CDATA protection. Ticket #320
Fix the dedicated and multi_all wizards. They had typos in variable names and some remaining unused code which caused problems!
Disable the bandwidth speed selection field also to avoid errors/problems when the catch all is not activated.
Ticket #868. Add Connection: close to the header to be proxy friendly. See http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html for reference.
Character '#' is invalid in string fields of SNMP service screen. Ticket #956
Do not include 'remoteid' javascript functions for mobile ipsec. Ticket #797
Do not run anymore the cron job for monitoring check_reload_status since it has a monitoring process that does this through kqueue.
Ticket #934. Perform test only for ldap backend. Also tell the user through a message when they click it for other backends.
Resolves #879. Commit patch referenced in ticket to properly parse rate output.
Ticket #950. Correctly handle failures while installing packages which might leave stale information behind. Also do not try to startup services twice. Rename uninstall_package_from_name to uninstall_package because the operation on packages is only done through package names.
Hide ports when protocol does not use ports. Ticket #953
Hide translation section when "Do not NAT" is checked. Fixes #952
Don't clear the source port when changing source address type to any. Also update source when editing a rule with source type any.
Add GUI checkbox to enable strict username/common name matching for SSL/TLS+User Auth mode. Fixes #887
Resolves #947. Blacklist lagg interfaces from the list of possible lagg members.
Correct this note, on at least one card (mxge) it defaults to an MTU of 9000, so we can't always say the default will be 1500.
Fix graph staggering, the old method was causing the graphs to diverge in update intervals over time.
Whitespace fixes
Fixup comments a little.
Correct and cleanup this input validation logic for IPsec Phase 1 PSK/Cert config. In some cases the test was not being evaluated as expected.
Unset the end time if we are graphing for the "current" period. That makes the graphs refresh correctly.
Unfortunately, using variables in this way in strings passed to gettext doesn't work well with translations. Replacing with sprintf for now.
Update this text to match the current default.
Replace hard coded pfSense with product_name
Replace hard coded pfSense with product_name.
Show the product_name as the slice "name" for rebrands. Cosmetic only.
Remove unnecessary variable and fix loop test. Corrects AJAX update of last gateway status table cell (it was never updated before)
Fix AJAX update of gateway status when the status is "Gathering Data".
Replace hardcoded pfSense with product_name.
Simplify this code so it's obvious what we're really testing for.
Should be no functional change here.
Remove unused variable.
Add contributed patch to allow certain IPsec mobile clients to save Xauth passwords. Fixes #933.
Print the theme correctly.
Fix OpenVPN client kill. Reported at http://forum.pfsense.org/index.php/topic,28784.0.html
Mark subsystem as dirty.
Bring l2tp users page back to latest world of 2.0 to avoid errors. Reported-by: http://forum.pfsense.org/index.php/topic,28829.0.html
Fix intended behaviour when the default gateway changes interface.
This breaks the code because the ASSUMPTION is to reload the gateway interface that was a defaultgw previously and not the interface that just became defaultgw. Mostly for dynamic connections like dhcp/ppp*
Pointy-hat: gnhb
Revert "Update code to actually accomplish the intended behavior of NOT reloading the interface"...
Update code to actually accomplish the intended behavior of NOT reloading the interfaceif not necessary when a GW record is saved.
Fix height of plus button, reported at http://forum.pfsense.org/index.php/topic,28764.0.html
Do not allow a gateway to be renamed. Possibly a better solution is to rename the gateway in all pointed places!
Handle the cases to not save data on config better.
Make sure we do not overwrite the gateway stored in config with a dynamic gateway info. Correct POST var name(Found by ghnb). Also correctly reload only the defaultgw interface changed only if it is different than the present one.
Fix the problem of not saving data when most of the information is not being posted. Also do not disable any field anymore to allow people to choose static gateways for dynamic interfaces. Also do not save any information when the user Clicks save but has not posted any information not known already. Do not prevent to post a dynamic value for gateway on an interface that is configured with static ip.
We don't store monitor ip in the <interfaces> config any more.
Requested by cbuechler in ticket #919.
When a dynamic interface is up, we still need to report that it's "dynamic" to this GUI in system_gateways_edit.php.
If user edits a dynamic gateway that is up, the gateway IP address (reported by return_gateways_array) will end upin the "Gateway" field, and then the gateway will get saved as a static gateway unless user manually changes field...
Catch up with gateway changes on static routes.
Revert previous change to enter a hidden value when interface is disabled. GHNB broke this on revision 58611e3a1da07a33c6cf65401ad3edf278190e75 and it does not make sense.
Remove forgotten code.
Initialize variable properly. Handle the case when the interfaces select box is disabled and it will not be posted(Reported-by: ghnb
Fix state sorting
Update serviceproviders.xml to a newer version
Clean up Firewall: NAT: 1:1: Edit page.
- Change order of fields to be more consistent with the old order and the order shown on the rule listing, placing more relevant fields nearer to the top.- Make appearance of source and destination fields consistent....
Fix input validation with "no rdr" for ticket #570
Hide redirect and filter rule association fields when "no rdr" is checked. Ticket #570
Unhide the source port options on firewall rules when they are not at the defaults.
Revert "Shows source ports when they are already defined" - this only made it so they were never hidden.
This reverts commit d886ebd6d438cf9b397face67ed4f254de661a94.
Simplify the logic here so that it only uses this conditional expression once.
Revert "Remove unnecessary JS variable" - it had a purpose.
This reverts commit ec325889dc8a9a9ee4476bea6cb17cc4b63e28fe.
Rename to pass-through credits and improve descriptions.
Separate this control structure from the one before it, change the order, and rename the function.
Display the correct state when the new checkbox has been checked.
Add an option for allowing clients to pass through the captive portal a limited number of times before requiring login.
Fix description for upload of logout page.
Restore this code so the redirect after logging into the captive portal will work again. Ticket #918
Fix Status > Services display and sorting, plus some HTML formatting and cleanup.
Add a note to the Gateway Groups page reminding users that they must be used in firewall rules, and don't work just by defining the groups. Also, add thead/tbody/tfoot.
Spelling of 'Access'.
Fixes #919 by properly saving <gateway> field as "dynamic"
`
Bring gitsync to the new check_reload_status behaviour.
Properly check and set "Prefer older IPsec SAs" setting in the config and its associated sysctl. Move setting the sysctl to its own function to avoid code duplication.
Another CRL delete fix.
Fix delete action for CRLs, and other cleanup.
Allow selecting an OpenVPN Server CRL if we are in an SSL mode.
Don't list a cert count for external CRLs since we can't tell what they are.
Add CRL manager tab to other Cert Manager pages
Add a work-in-progress CRL manager page
Ensure that the value is returned as 'selected' when using a multiple select list.
Fix white spaces
If column['fieldname'] is a description then change html class to listbg to conform to rest of GUI description table columns.
Make OpenVPN client list sortable.
Properly segment the OpenVPN server list table so it will sort properly.
Update wizard files for setup wizard to write proper config for current ppp architecture.
I also allowed selection of physical interface from the wizard screen. This is crucialbecause if the user has the WAN set to anything other than the same phyical interface used...
Fix the gateway status widget ajax update when there is loss/day.
Fix braindead code!