Move this function to allow removing it from easyrule.
Fix filter_rules_sort's compare function to know about floating rules so it won't change their order.
Use this sort before saving, so the rule just added is sorted into the proper category like the rest.
Unbreak graphs
Copy logic for when to show the cellular tab from status_rrd_graph.php. Fixes #714
Return this field to its old name to prevent a conflict of names and since the code that uses it still refers to it by that name. Issue reported at http://forum.pfsense.org/index.php/topic,29985.0.html
This caused the full name field to be ignored when creating a user and prevented making a certificate at the creation of the user (either could still be changed afterward).
Take into account if we have redirection active to allow even port 443.
Make the antilockout rule match the webgui and ssh(if enabled) rather than any traffic destined to pfSense itself.
Only use escapeshellarg when passing the arguments to the shell. Fixes #1005
Small improvement no functional change.
Use php calls rather than forking to shell.
Use exec and check return value of command to avoid priting messages of stderr to console.
Not sure why sometimes works sometimes does not work when bound to localhost the lighttpd instance of CP. Back to previous setup! Though security of it is debatble.
Bring interfaces up only if there is a mismatch to allow them to be reassigned.
Ticket #904. Hmm fix the interface_has_gateway() too.
Ticket #904. Actually correctly handle the assigned openvpn client as a dynamic gateway rather than breaking the behaviour of the system. Strange nobody has noticed broken gateway behaviour with openvpn assigned!
Actually was coorect before. 3rd parameter is length not index.
Revert "Correct this to make it actually work. This is also mentioned in Ticket #904 though it was already implemented."
This reverts commit 6f2cc3a680f984ccbb387301a26d022e6969e665.
Correct HTTP_REFERER check when using an IP Address vs the Firewalls hostname
Note that this textbox controls HTTP_REFERER hostname checks as well
Remove trailing carriage return
This will prevent HTML pages from crafting HTML GETs against the web interface and will prevent firewall admins from being "tricked" into clicking on links that may be harmful to their firewall.
Fix misc XSS issues from davey b
Add option to System: Firmware: Settings for running gitsync after installing an update, hidden/disabled if git has not been installed yet.
Remove csrf-magic include from functions.inc -- it was causing problems with console PHP scripts.
Correct this to make it actually work. This is also mentioned in Ticket #904 though it was already implemented.
Use a shell script rather than bad hack to execute php code for pppoe periodic reset.
Fix display of queues on rules and layer7 containers.
Ensure csrf magic is loaded
Fix Misc XSS issues
Revert
Testing csrf-magic
Set session.use_trans_sid to true
Add a setting for the data type of values used with DHCP option numbers and input validation for each type. Fixes #962
Add a function type to the field types allowed, to allow more field types without directly adding all of them to row helper.
fix input validation for GRE
Kill dhcplease before writing the hosts file so that it does not scramble the content from kqueue events.
Add a button to connect a non-mobile IPsec VPN from Status > IPsec. Sends a ping from a local IP in the p2 subnet (if one exists on the router) to the remote p2 subnet.
Return disabled interfaces as well
Cosmetic issue, add space before 'done', otherwise package XML name and done are combined.
Recent move (d32d3970d58683d02f89073103eb595eaa8f395f) of routed/ items required additional files to be updated to reflect correct path.
Add routed/ items to obsoleted files. Force removal of file so that directories can be included in the future
Ignore /var/etc directory to avoid these kinds of errors: tar: /var/etc/openvpn/client1.sock: tar format cannot archive socket
Do not use sub array
Make sure ipsec is incuded in valid interfaces
Move Note to bottom of page
Show interface description
Interface names should appear as uppercase
Do not escape strings twice
Misc fixes. Use htmlspecialchars() in more places. Use escaped shell argument.
Various CRL fixes.
Define variable a bit earlier in case its shared
Use get_configured_interface_list() so Ermal does not yell at me :)
Fix misc input validation errors. Move routed/* to same dir as pkg items
Ensure passed interface is valid
Use htmlspecialchars() for santitized output
Ensure that we are working with a proper passed interface..
Spelling fix.
If the anti-lockout rule is active, show it in the rules list for the LAN interface (or WAN if the interface count is 1, same rules as in filter.inc for putting the rule in the ruleset)
Warn a user when entering the OpenVPN client/server screens that they need a CA/Cert if none exist.
Use addslashes() here to prevent unescaped quotes from causing PHP errors. Fixes advanced/custom options in OpenVPN wizard.
Use a different variable name here to avoid colliding with another of the same name.
Use != here to avoid a potential issue with empty() testing intermediate arrays.
Add a button to the filter reload screen to force a config sync (only shows up if a config sync peer is defined).
Change the dhcpd startup for isc dhcpd server 4.1
Fix saving of off/disabled PPPoE server instances. Fixes #987
Activate code to allow ipsec to work normally.
Don't show empty user IPsec keys.
Ticket #980. Bring CP widget up to date. Also bind lighty for CP to 127.0.0.1 it should not be accessible otherwise.
Protect from strange situations on bootup by testing for is_array(). Do not add anymore the 127.0.0.2 route its not needed anymore. Also during bootup bring up all interfaces so the assignment process can deal with them(Possibly should be done in another code flow!).
Don't use pconfig in a widget, it can cause issues with other widget settings.
CSS changes, fixes misaligned cursor in some password fields. Fixes item 1 in ticket #830
More VPN log fixes, for consistency. Ticket #912
Fix typo (standart -> standard)
Switch from buttons to tabs, add a mode to view raw mpd logs for each vpn type, and some general cleanup. Fixes #912
Remove these now-obsolete linkup/linkdown scripts.
Fix VPN log page to use the updated log format (again). Ticket #912.
Use a unified vpn-linkup script that detects the type based on interface name.
Switch to a unified vpn-linkup and vpn-linkdown.
Fix l2tp interface naming. Fixes #985
Show login/logout events for pptp, pppoe server, and l2tp. Could use some work to simplify. Ticket #912.
Use individual linkdown scripts.
Add individual linkdown scripts so the service type can be set in the log.
Add service type to vpn log
Sync service status widget code with service status page. Fixes #984
Test for arrays first, should fix #968
Various sync fixes to ensure sections are pushed even if empty, otherwise the last entries of these sections cannot be deleted and have that deletion sync to the secondary.
Make isvalidpid() know about pidfile the same as the other *pid functions do.(consistency)
Make the change here, too.
Also mention that this allows access to the dashboard.
Replace \r from custom options otherwise it breaks config.
Fix logging parameters.
Fix pfctl -b parameters to prevent the killing of unintended states.
Fix formatting
Fix this logic.