Use appropriate interface field description when working with floating rules, it was confusing and potentially incorrect for floating rule purposes.
Merge pull request #1469 from makkbe/master
fix up text
remove CGN from "Block private networks" as it was in 2.0x and earlierreleases since it specifically notes RFC 1918 and CGN is more bogon.Ticket #4379
Fixes #4381 this was a leftover of the change of zoneids to start from 2.
Merge pull request #1458 from xbipin/patch-4
Merge pull request #1472 from bassebaba/master
Merge pull request #1455 from xbipin/patch-2
Use web-gui setting for pap or chap instead of having it hard-coded to chap.
remove empty values
upgrade config
upgrade config code so old entries not lost during upgrade
Merge pull request #1466 from tuyan/master
Merge pull request #1470 from phil-davis/patch-1
Fix restartipsec command line script.
Fixes #3669 Handle properly recording of the ipv6 interface new ip and do not issues commands that cannot succeed.
In last case, use dmesg.boot do detect ALIX boards when hw.model is not enough
Silent kenv when smbios.system.product is not present. While here, add VirtualBox to the list of virtualenvs
Firmware upgrade script text changes
while I am looking at this, might as well correct these.No function problems or impact.
Merge remote-tracking branch 'upstream/master'
Fixed alignment issue.
Added DynDNS support for GleSYS API (www.glesys.com).
fix responder-only IPsec text
fix text
Allow IPseec clients to properly connect and not stomp over each other. Reported-by https://forum.pfsense.org/index.php?topic=87980.0
Fix aliases popup width when fields are hidden when page is loaded. It should fix #4238
Properly calculate the 6rd default gateway honoring netmasks other than /32
Fixed not being able to save custom and custom-v6 dyndnsentries due to "host" being posted empty, and thus failingis_domain() check.
fix indent
Ticket #4353 fix typo on unset var spotted-by: Phil Davis
Merge pull request #1457 from phil-davis/patch-2
Merge pull request #1459 from PiBa-NL/speedup_is_port
Merge pull request #1465 from phil-davis/patch-1
Remove latin-1 encoding of RSS feed
Many thanks to Gertjan in forum https://forum.pfsense.org/index.php?topic=87504.msg484017#msg484017Specifically setting the output encoding to latin-1 was causing the "black diamonds" for special characters in the http://blog.pfsense.org RSS feed (e.g. the registered trademark sign after pfSense did not come out)....
need $g here so product_name is set in user agent
Add input validation to prevent the use of AES > 128 where glxsb is enabled. Ticket #4361
Fixes #4360 allow marking a connection as responder only, the same behviour as mobile connections
Fixes #4359 Allow controlling uniqueids
speedup 'function is_port($port)' speed by skipping calls to getservbyname when possible
Merge pull request #1453 from phil-davis/Upstream-SIP-server
Fixes #4353 Identify when strongswan.conf needs a reload and restart ipsec service.
Fixes #4333 Unset previous defined values before using the new ones
Merge pull request #1456 from phil-davis/patch-1
Fixes #4340 encode username same as with password to avoid issues with special chars.
Update pkg_edit.php
add schedule selection to pkg_edit.php
this allows schedule selection to pkg_edit.php, this can then beutilized by packages to set schedules in many other places. This is thefirst set of changes, will further modify other files to make full useof schedules.
Do not reuse reqid on copy of phase2 Fixes #4349
Unbound domain override IP:port validation
The domain override is IP:port is invalid if either the IP address OR port is invalid.Previously you could put an invalid IP with valid port, or valid IP with invalid port.
unnecessary but lets just add this for safety
Firewall Log does not display logged IGMP packets
If IGMP packets are logged (either pass or block) then parse_filter_line did not set their src and dst IP.Later in the subroutine, it zapped the filter line because it did not have a src and dst.This fixes it. Now the IGMP lines in /var/log/filter.log appear on the Firewall Log GUI.
Set update_url and update_manifest automatically based on version being or not a RELEASE
multiple allow/deny entries for UPnP (rowhelper)
remove old permission box fields
fix input validation, = is OK here
Fixes #4274 same fix as #4302 enclose in double quotes to tell yacc this is a string to be parsed.
Apparently yacc became more strict in FreeBSD 10. Fixes #4302
Fixes #4275 use double quotes on asn1dn specification so strongswan properly interprets it
Accept port range on Outbound NAT. Fixes #4300
Reload filter when IPsec is disabled, fixes #4245
Merge pull request #1440 from wagonza/patch-6
Merge pull request #1421 from phil-davis/patch-4
Fix #4318 - gen_subnetv4_max() not working on 32bit
with this additional change we can allow infinite number of entriesrather than just 500 due to the for loop set to a max of 500 because therowhelper control doesnt post as an array but just adds a number at the...
Merge pull request #1450 from phil-davis/patch-1
Merge pull request #1445 from phil-davis/priv-typos
This patch will allow the web GUI for UPnP to enter more user specifiedentries rather than just 4, I replaced the 4 boxes with one rowhelpercontrol
Traffic Shaper Wizard Upstream SIP Server
Not being remembered and actioned.Bug #4314
Simplify use of other serial ports setting all of them as onifconsole when serial is enabled
Teach ufslabels.sh to deal with DESTDIR, useful on installation
Improve a bit sh syntax and fix it for multiple swap devices
Fix sed syntax, -i requires a space before the parameter. Also fix regex to find swap device
use example.com for examples
these descriptions were flipped. Ticket #4273
Dynamic DNS wildcard typo
Self-explanatory, just a dumb typo bug
Fixes #4257 With the platform_booting() fixes a regression was done on openvpn tap interfaces or dynamic ones that are part of a bridge.
Allow during bootup rc.newwanip to continue up to a ceratin part to handle bridges or other complex interfaces.
Make sure radvd is reconfigured when CARP is enabled/disabled. It should fix #4252
Save the tradition and point to used binaries here
When configuring radvd, check if carp is enabled. Ticket #4252
Do not translate function return string
Fix typo in function name
Strict comparison not necessary here, and makes this fail to work asintended. Fixes #4258
Ticket #4254 do not put duplicate interface names
Ticket #4254 Actually use proper variables allover to have correct route added
Ticket #4254 Actually use proper interface to check if gateway exists
Ticket #4254 Use proper variable
Ticket #4254 actually use the info on the protocol of the vpn sepcification to be more sure on the family to use
Ticket #4254 Handle even hosts specified throguh dns name
Ticket #4524 Bring back static routes on ipsec to make sure charon does not send traffic through wrong iface. This handles properly ipv6
Correct this typo which would make other things break
Be compliant with gatway groups specified on ipsec. Ticket #4254
Ticket #4254 Actually fix this on 2.2 branch since vips are not handled by get_real_interface apparently!
When radvd is configured on a CARP interface, enable it when it is MASTER and disable when go to BACKUP. It should fix #4252
Add missing require for filter.inc since vpn_ipsec_configure() calls filter_configure(). It should fix #4236
Ticket #4254 specify the list of interfaces to be used by charon. This is a workaround for now. Being investigated the fix.
Use the parent NIC rather than the VIP. Fixes part of Ticket #4252
The reset button check should happen on all platforms, not only NanoBSD
Add reset button support for APU and FW7541
Unimportant typos in user and group manager
that do not effect anything.
add detection for 7541, APU
move jquery ui css to theme folders
make master 2.3-DEVELOPMENT
Still missed one mistake on last commit