Select the device mode to tun if variable device_mode not exist in the configuration
Added option to select the type of device for use in the tunnel openvpn
fix text
Generate the config file in a variable then write it as a whole to a file.
Read data into variables before passing to rrdtool, so it's easier to extend this to store data elsewhere in addition to (or instead of) rrdtool. Also, switch to using cpustats for CPU statistics instead of top.
Up the number of packets that gets sent to divert consumers since this count includes for tcp even the 2way handshake count which might hurt the matching. This should possibly fix layer 7 Ticket #636.
Log the configuration is not the same error message only when this is true. This message would have been shown even when a communication error would occur.
Add Total number of CP users graph
Ticket #1356 use locking here rather than ps to serialize execution.
Fix ticket #1126
Change wording
Hopefully improve the useless ipsec logs with highlighting
Fix ticket #1354
Fix the IPsec ping hosts file generation. This only worked for the lasttunnel
Keep a table of gateways we added for static routes to prevent us from making multiple entries to the same IP address
Add code to allow custom upgrade code to run after the pfSense upgrade code for the same version switching(Just the custom upgrade functions should have _custom at the end of their name.
ipfw is not referenced here.
Make sure we have an ip to kill sessions from.
Do more strict checking if an ppp type interface is assigned before starting the mpd process behind it. Trigered-by: http://forum.pfsense.org/index.php/topic,34377.0.html
Remove comment since the service is not started anymore after installation in 2.0
Prevent the command wol for being called without propper ip information. Reported-by: http://forum.pfsense.org/index.php/topic,34314.0.html
Make sure we do not write stale data during prunning periods.
Fix typo
Clarify text on outbound NAT page.
Correctly generate the interface.
Define only one loginterface since that is what pf(4) allows. This prevents a memory leak from pfctl(1) which may lead to memory depletion if the utility is run frequently with the pfSense generated ruleset.
Remove extra unmatched conf_mount_ro for a potential race condition preventing writes when generating ssh keys in the background. Ticket #673
Remove quick from the filter rule by request of Erik.
Correct the config path to the upnp array, this prevented the filter rule from being generated
Correctly use the WAN macro definition for the interface on 2.0. Though i still insist that people should do this themselves rather than relying on some obscure gui option.
Add {} around foreach contents. Fixes occasional duplication of the easyrule block alias.
Add block rule to the top of the firewall rules.
If PPTP is set for redir, actually add the NAT rules to rdr.
Only delete files in /tmp, not directories. Fixes rm errors on shutdown. (Doing rm -rf might cause it to go across filesystem boundaries again, which we're trying to avoid.)
Teach the console update by url about the default auto update url.
Correct firewall rule, remove flags any
Automatically add a multicast allow rule for miniupnpd so that the Xbox 360 works.
Add the 95th percentile line to the traffic graphs
Possible double RRD process fix.
Add localhost to be natted automagically from auto-generated nat rules. This simplifies loadbalancing from the host itself.
Fix javascript errors reported by: http://forum.pfsense.org/index.php/topic,34139.0.html
Add missing image. Fixes #1339
Keep the output in a variable before passing it to rrdtool in case we also want to pass it to something else.
Only run pfctl once per interface for stats, rather than four times.
Use foreach here to be sure we do not reference unexisting results.
Do a proper test otherwise a override of the total_minutes var might happen.
Properly do testing of voucher existing or not rather than relying on an obscure feature of php. Also do exclusive locking rather than shared one when writing dbs.
Use racoonctl now that ipsec-0.8 is back to reload the config.
Handle the case on some special configs with a gateway of all 1's otherwise strange thing happens.
Add cas(4)
When doing conf_mount_ro/rw on NanoBSD, pass sync,noatime to mount to preserve the options we have already set in fstab. Ticket #1279 and Ticket #444
Enforce session establishment.
Add missing pages to the authentication system.
Be smart and remove the needs package sync toggle since the begining otherwise not behaving packages might mess up the whole thing.
Oops more make code correct.
Oops make code correct.
If the interface triggering rc.newwanip is not assigned just reload packages and the filter and exit.
Check if the protocol is empty, not just if it's set. Fixes #1323
Only change protocol if it's set and not empty.
Add upgrade code to ensure rule protocols are all lower case.
Make this lowercase before checking, or people who ended up with TCP or UDP in their config might end up with rules that have no port specified, leaving them a bit more open than expected.
Make sure we tell the code that the interface exists otherwise multiple laggs might get created.
Not needed anymore.
Ensure the protocol on the firewall rule from the OpenVPN wizard ends up lower case, or it causes some GUI irregularities. Seen http://forum.pfsense.org/index.php/topic,33865.0.html and elsewhere.
lower limit to 101 MB
Simplify is_macaddr regex.
Slight regex fix on is_macaddr - the previous regex was letting through a mac without : separators, leading to improper validation and potentially invalid dhcp configs. Seen here http://forum.pfsense.org/index.php/topic,33830.0.html
Show friendly names of interface for root queues of ALTQ.
Add GUI option to CARP settings for syncing certs. It was in the backend code but not the GUI. Fixes #1316
Attempt to mitigate fork bombs of rc.newipsecdns. Alternatively we should probably bail out with a exit(0);instead.
Always write out the filterdns-ipsec.hosts file, otherwise deleted tunnels will never get removed from thefilterdns-ipsec.hosts
Add the toggle to disable successful login messages, show actual help text for redirect item
Make it possible to turn off successful login messages, this should quiet the console, system logs
Add a check that should prevent configuration of racoon with duplicate phase 1 IP entries.
Fix page title text. Replace "Firewall" with "Interfaces" in title.
Remove custom code for checking ip_addr and use the pfsense provided one.
Do not be so drastic on normal failure.
Since its only called during bootup there is no need to do conditionals here. Always sync config and start the miniupnpd process.
More fixes to comments and code for upnpd. Also bring up to speed the stop/start logic.
Improve logging and some tests during miniupnpd config generation.
This is not true anymore as piece of code.
Correctly get only the interface mac address rather than any other found mac on this interface.
Pass the -a parameters to pgrep to be certain we search ancestors as well. The side effects might be inoquos from the pfSense context.
Use the call to basename to remove the extension rather than trim, since trim takes a list of characters, not the exact string to remove. Suggested by http://forum.pfsense.org/index.php/topic,32967.0.html
This is not NAT, so put it under the Firewall Advanced heading instead.
Fix page title.
Only make gateway changes if we have been given a new gateway IP.
Setup gateway monitoring since we just altered a gateway.
Fix gateway handling in setup wizard.
Only display gitsync settings on supported platforms.
Only show the you can monitor the filter reload process for filter related changes
Flush the buffer
Do a more strict check on the return value of the download function. Fixes #1309
Declare $g a global here.
Ensure the pkg staging area exists on nanobsd before trying to use it.
missing $