Update get_possible_traffic_source_addresses returned array format
With this change it looks to me like the way it is intended to be, basedon what was done to get_possible_listen_ips()Please review and check if this is what was intended for the code. With...
txpower was disabled for good reason it would appear, it triggers syntax errors in some configurations. Disable it again since it's been disabled for years, and comment out the user-facing config portion for now since it doesn't do anything. Ticket #4516
Apply WME input validation to all modes, not just hostap. Ticket #4516
Default to 11ng if an option hasn't been configured. Previously we let the browser pick the first in the list (the first the card reported as available), which ended up being 802.11b. Ticket #4516
Default to WPA2, AES for new wireless interface configs. Ticket #4516
Auto-size the interface box on the bridge edit page.
touch up interfaces.php text
Require WPA PSK where WPA-PSK is enabled. Clean up some other text. Ticket #4516
clean up input errors text
correct missing == in ipsec.inc
Merge pull request #1557 from phil-davis/patch-3
Fix up text, remove "only for Atheros" since the option is only shown if a compatible card exists.
"Auto" channel with hostap doesn't work correctly at the moment, force choosing a specific channel with hostap mode for now.
Set txpower since that seems to work fine now. Explicitly set authmode wpa here, though it's also handled by the supplicant/authenticator. Ticket #4516
Conflicts: etc/inc/interfaces.inc
Missin double equals in captiveportal.inc
Looking at where this is nested inside various if statements, I do not think this error did too much harm - only to the $mac['descr'] - in this particular code flow $username is not used for important stuff after this point.
Do not start filterdns during boot until a proper fix is done. Ticket #4296
add more wireless validation. Ticket #4516
Add more validation for wireless config settings. Ticket #4516
Add more input validation for wireless parameters. Ticket #4516
Touch up wifi text
If we bail not being able to find the P1 source, log an error.
Conflicts: etc/inc/vpn.inc
Merge pull request #1556 from phil-davis/patch-5
Merge pull request #1554 from phil-davis/patch-3
White space in ipsec.inc
use-compression is no longer a valid config option in lighttpd, it can't be enabled. This just throws an error in the log, remove it.
Fix IPsec on CARP IPs, broken when fixing IPsec with gateway groups and VIPs.
clean up unique IDs text a bit.
Move libstrongswan-unity.so when Unity plugin is disabled so it can't modify the P2. Workaround for Ticket #4178
White space in filter.inc
Proper fix #4443, do not unset carp entry when content differ, also set correct real interface and use subnet to check IP protocol
Detect when broken rc.firmware is running, fix it and restart. This should fix #4328
Remove -U from mtree call used to restore files permissions, this is replacing symlink targets by the old values. Ticket #4328
Merge pull request #1547 from phil-davis/Code-Style-etc-inc-vwx3
Save vip interface and subnet to use to delete old vips from secondary nodes. Fixes #4446
Revert "Use a consistent variable name here. related to Ticket #4446"
This reverts commit 309162b96d6ad0db09c132cc0aabc890bfe1909f.
add granular control of state timeouts. Ticket #4509
Conflicts: etc/inc/filter.inc
Explicit disable ssl.use-compression on lighty config. It should fix #4230
Remove BEAST protection option since default cipher is now good and works with hifn cards
Revert "Enable beast protection by default for new installations, there is a code in place to disable it when a hifn card is present"
This reverts commit 23645bf703578919ba52e857ed2e221db08ef61a.
Revert "Remove double // on config tag"
This reverts commit 8df86e1fc6cb5a8b0d39bfe7f790c6df6dede222.
Remove double // on config tag
Spotted by: BBCan177
Merge branch 'master' into Code-Style-etc-inc-vwx3
Add a log message when hostres SNMP module is ignored on APU boards
Disable SNMP hostres module on APU boards until we figure out why it's crashing on this specific board. Ticket #4403
Merge pull request #1549 from phil-davis/patch-2
Merge pull request #1550 from phil-davis/password-lock-symbol
Merge pull request #1548 from phil-davis/pencils
Enable beast protection by default for new installations, there is a code in place to disable it when a hifn card is present
update description after adaptive start/end default change.
Leave adaptive.start and end at their defaults (60% and 120% of the state limit, respectively) if not user-overridden.
Update cipher-list in web interface to prefer PFS. Ticket #4230
Check for not up, rather than down, as there are a variety of potentialstatuses that are not up. Ticket #4502
Need global $ipsec_idhandling here.
Use a consistent variable name here. related to Ticket #4446
Conflicts: usr/local/www/xmlrpc.php
Don't enable interfaces_use by default. Add checkbox to enable on Advancedtab, in case there are scenarios where it's desirable. Ticket #4341
Fixes #4427 Correct traffic shaper wizard to properly save and use Voip provided settings
Fix password box cursor position
Similar tohttps://github.com/pfsense/pfsense/commit/dedc40f7ded5f88aee4720aa8a3a57667b975254The password field shows the little lock icon, but the text input areastarts over the top of the icon and as I type in the field the password...
Fix SNMP Bind Interface list in master
The format of the array returned by get_possible_listen_ips() was changed.This use of the returned array was not quite changed correctly. This fixes it so the drop-down list of SNMP Bind Interfaces is displayed correctly....
Revert "Fixes #4446 Correct ipalias removal on top of carp during configuration sync."
master works differently and get_real_interface() resolves vips as well.
This reverts commit 8896fe1cebdc97dcbeb59249f3bb2abd1601b979.
Fixes #4446 Correct ipalias removal on top of carp during configuration sync.
Pencil symbols
These are places in the GUI where the cursor sits not in the far leftside of the input box and there is odd-looking white space to the leftof the cursor. Normally there would be a little input graphic in thewhite space to the left of the cursor (a pencil, a computer screen, a...
Code style etc inc vwx3
rebased version with conflicts resolved due to a bunch of recent changesin vpn.inc
Allow reassignment from PPP types to DHCP. From testing, it appears to work OK, this input validation appears to be outdated.If there is some edge case that this catches, perhaps it needs to be a more specific test.
Add missing 'break' statement that broke switching from a PPP type to 'none'.
Merge pull request #1544 from phil-davis/patch-4
Merge pull request #1542 from phil-davis/patch-2
Merge pull request #1541 from phil-davis/Code-Style-etc-inc-z
Merge pull request #1545 from k-paulius/fix-syntax
Add missing opening bracket
Remove extra closing brackets
$ldescr variable is not assigned a value and all 'Outgoing Network Interfaces' show Localhost as a name on UI
Missing $
Update help to current config structure, touch up text while here. Fixes #4492
Check for console="comconsole* rather than just comconsole in loader.conf, so it doesn't match just having comconsole_speed in loader.conf. Ticket #4464
Expand CARP demotion error, add button to reset demotion status.
Check if it's an array before call foreach(). Ticket
Stop trying to fix dns_split during strongswan config generation, we have an upgrade code in place for that, it should fix #4418
dns_split was a comma separated list and moved to use space as separator, provide upgrade code to make sure old configs are converted. Since there was a config upgrade version 11.7 only on master, I pushed it to 11.8 and used dns_split one as 11.7 to be able to backport it to RELENG_2_2. Ticket #4418
Remove multiple spaces from dns_split as a seatbelt, also fix the message since field is expected to be space separated and not comma. Ticket #4418
DNS Forwarder Host Override Edit make the pencil symbols appear
In most places in the GUI a little pencil symbol appears before text input fields. For example it already appears for the Host, Domain and Description fields in this very form when you "Enter additional names for this host."...
touch up text
Use get_failover_interface here to find appropriate interface. Ticket #4482
same change as previous commit, for IPv6. Ticket #4482
Use the parent interface, not the _vip for interfaces_use. Part of Ticket #4482
Destroy stf interface when 6rd or 6to4 tunnel is disabled. Fixes #4471
Merge pull request #1543 from phil-davis/patch-3
Be nicer when checking if alias is numeric
Because an ordinary port can be numeric here.Forum https://forum.pfsense.org/index.php?topic=89906.0
fix up text
Don't save config if input validation fails. Add input validation preventing "Harden DNSSEC Data" from being enabled if DNSSEC support isn't enabled.
Remove the harden-glue option entirely and hard code it to yes. Ticket #4402
Encode and check values for filtering variables in diag_logs_filter.php
Do not render the services_unbound_acls page with an invalid ID.
Stricter validation and encoding for traffic shaper queues.
Jettison unused dragtable code from firewall_rules.php, it was broken and inactive and only causing trouble.
Improve validation and encoding of the zone for Captive Portal Status
Be more strict about the file to restore or delete when working with full backups.
allow enabling Unbound when dnsmasq is enabled, if they're using diffports. Ticket #4332
Skip any numeric-only aliases in the ruleset to prevent errors from thosewho configured them on previous versions where that was allowed. Ticket