fix for: Output from CSRF magic mangles files in Diagnostics > Edit File
http://redmine.pfsense.org/issues/2294
Use a better link here.
Don't skip over wrap_vga here.
Print a nice large warning on the PPTP page about it no longer being considered secure.
Simplify schedules code and some styly nits
Be consistent on formatting to easy reading
Restructure these IP/subnet tests so they don't break transport mode
It's time...
Remove extra curly to allow checking braces closure easily in vi[m]
Ensure this gets a set default value or things can break
Protect against a potential infinite loop here.
Move to RC4... almost there.
Silence tar command to not garble console
Try to keep existing files rather than unlinking/replacing when restoring the package libraries during a package removal. Needs some testing, but for NanoBSD it fixes #1049
Supress the error message if the ldap bind doesnt happen
Make use of product_name
Put fix for IE 8/9 url handling bug
99./8 is not private IP space
Expand cipher list and remove a cipher that Safari on iOS does not like after recent lighttpd changes. Fixes #2553
Correctly handle getopt so notifications are sent
Make sure one_pass i selected when CP is active
OpenVPN servers can start on carp vips, just not clients.
CP Radius accounting wants bcmod() so we need to activate bcmath.
Bump 2.0.2 to RC3
LAN is not special here anymore. Do not remove the interface again (it was alraedy removed before this block), do not remove NAT and such (OPTs may still need it!) and no need to remove shaper. Improve DHCP check and generalize it to work on any interface, not just LAN.
Add missing global
This apparently is breaking reinstalls. Revert "Actually make reinstallpkg remove the bionaries and really reinstall them"
This reverts commit 3ddb92a6a52e2345684c11da72ef6853b82d2915.
Revert "Remove missed line"
This reverts commit 2b52fee241484b1d52b2435e1716461ba2e36486.
Remove missed line
Actually make reinstallpkg remove the bionaries and really reinstall them
This should have been 2.1 only, and it's just causing some odd package behavior on 2.0.2 (blank lines in squid's interface selection, for one). 2.1 has different code here anyhow. Revert "Added "interface_selection" type to enable interface selection in tinydns server"...
Remove extra spaces and add closing <tr> tag
Put configured limits on rules.limits file and load them before loading the ruleset. To avoid any issues with large rulests and options being loaded not first
Provide a way to disable the pkg info link
Actually do not try to reload everything during bootup since it will be done by bootup code
Do not blindly startup check_reload_status check first
Make lock files availble to all users for usage from php process
Wrong branch
Revert "Import OpenVPN cisco style radius attributes applying policy to logged in users. Feature #2100"
This reverts commit 477cc2bc24b4b0a36b2bc765c1bb4d79a2eacaed.
Import OpenVPN cisco style radius attributes applying policy to logged in users. Feature #2100
Revert "Make the ppp-linkup script understand both address families."
This reverts commit 310c29c6a6089f1766ac052572b532e736a2251b.
Do not allow empty passwords since this might cause problems for some authentication servers like ldap. Fixes #2326
Rather than doig a string search do a proper matching of selected interfaces. Fixes #2378
Clarify comment. Fixes #2270
Fix copy/paste-o
Fix input validation and import test.
Switch to ntpd from ports, add Services > NTP to select interfaces for binding. Respect old ntp settings in the process.
Conflicts:
etc/inc/system.inc usr/local/www/fbegin.inc
Don't display a "mobile" user without a username.
Bump to 2.0.2-RC2 after FreeBSD-SA-12:01 v1.1 and FreeBSD-SA-12:02
Up the default for tables to 3000
Add a knob to tune the maximum number of tables that can be defined, the pf default of 1000 is too low for systems with >500 aliases.
Add missing div tag
do a direct return, it will not find the PinReady command
Adjust the +CPIN? cmd so it works for huawei 3G sticks too
List logged-in IPsec xauth users and provide a mechanism to disconnect them. Implements #1986
usr/local/www/diag_ipsec.php
Switch to a common function to determine anti-lockout ports, and fix a bug that was getting the ports wrong with custom https+redirect on.
Don't resolve on ipsec_get_phase1_dst() results, because ipsec_get_phase1_dst() already does that before returning output.
etc/inc/ipsec.inc
Test for empty here, rather than !, so a blank value (as from mobile clients) doesn't fall to the other tests.
Disable logging for now since it will spam every 60secs * #users
Don't skip "lan" as a possible WAN for shaper, since someone could have renamed/repurposed it. Someone may shoot themselves in the foot if they pick it accidentally, but otherwise some valid configs may be prevented accidentally.
Fixes #2364. On busy pppoe servers it might take some time before mpd exits. Check for this before trying to restart
Fixes #2209. Obey the mtu value set on the interfaces.php page. Though this value will be overwritten if there is a configuration under PPP settings tab. Maybe a good idea is to set MRU at the same value if not set?
If specified use the default settings for bw limitation rather than 0
Prevent 2 instances of rc.prunecaptiveportal from running in parallell since this might be a bad thing
Make file names match to make this work
Oops add forgotten global for config
If extra bw attributes are supplied during reauthentication apply and log them
Unlock if error occurs
Merge pull request #109 from marcelloc/patch-11
Patch 11
Include movable code to reorder list,save button, domtt title messages, also base64 decode option, description and custom text to checkbox fields.
New options need xml config to be included on package xml files, so no changes to packages that do not use these functions....
ntpdate was hanging, use the same hacky fix that works for ntpd and it works too. All happy, even from a cold boot on ALIX 2d3 with no RTC battery.
Fixup halt and reboot to catch the output from the shutdown process properly.
Fixup ntpd logging
On its own, ntpd does not sync fast enough at bootup, so bring back the ntpdate sync but improve it so it can't get stuck forever.
etc/rc.newwanipv6
Hackish workaround for ntpd failing to move away from init when called from within PHP 5.2, PHP 5.3 has a better workaround.
Revert "Clear process signals before exec() or ntpd misbehaves if called from PHP on i386." -- this only works on PHP 5.3
This reverts commit ac4bc5853f75a8f8467f5c53704f33e2066c3da6.
Fix syntax here too in case we need to revive it.
Clear process signals before exec() or ntpd misbehaves if called from PHP on i386.
Update gitsync with latest changes from master branch
feef287ead62815b1a67bac15ebaa2d36226d4e2 - Remove obsolete files after gitsync26b8990538c71c99df8e95fd5fada57f79465d93 - Move some constants in gitsync closer to the top of the source code and add some new ones of potential interest to those reconfiguring gitsync. Also modify messages to indicate that Git URLs are also allowed....
Use a text description instead of a code.
Add NTP status page using ntpq.
Use FreeBSD's ntpd instead in the backend
With FreeBSD's ntpd, the current options are irrelevant, but we can have a nice status page
usr/local/www/fbegin.inc
Fix ntp name here too
etc/inc/priv.defs.inc
s/OpenNTPD/NTP/ for log pages and menu entry, to save space (and make it easier if we switch)
usr/local/www/diag_logs.php usr/local/www/diag_logs_auth.php usr/local/www/diag_logs_dhcp.php usr/local/www/diag_logs_filter.php...
Fix redirect when saving settings in the widget, it was landing on the widget page instead of returning to the dashboard.
Make the ppp-linkup script understand both address families.
make use of the correct file to send notifications
Revert "Bump config version to take care of new vips" - forgot to revert this when I reverted the main vip commit.
This reverts commit ccf346ddb80997a4426484c25e5c3bd8a223990f.
Add _ to the list of are allowed characters
fix typo
Handle HTTPOnly and Secure flags on cookies
Revert "Make vips vhid be unique per parent interface!" - per cmb, this should not have been on RELENG_2_0 see ticket #2415
This reverts commit 4d0c032c528b10221a2ef894b5eca34f6fda39a7.
etc/inc/openvpn.inc etc/inc/upgrade_config.inc...
Update zoneinfo using latest zones from FreeBSD
Pull in fix for Ticket #1917 to RELENG_2_0 as well.
$realif only exists on apply, which this code path would never touch. Change to use the configured interface instead. Fixes #2212
Move the stop_packages code to a function, and call the function from the shell script, and call the function directly for a reboot. Fixes #2402 and ticket #1564
Merge pull request #102 from marcelloc/patch-9
Fix missing description in rowhelper.
Use a better default update url
Whoops, typo. Fixed now.