Static IPv6 /128 routes fix. Issue #11594
WireGuard default TCP MSS clampling. Issue #11600
Unmount var and tmp ZFS on boot. Fixes #11617
DHCP6 interfaces bootup fix. Issue #11633
XMLRPC no section fix. Issue #11638
Correct source IP for IPsec on 6RD/6to4 interfaces. Fixes #11643
Reverse x509 escape cert subjects on renewal page. Fixes #11654
Fix handling of renewing cert w/o SAN. Fixes #11652
Use correct parameters when adding WG IPv6 tunnel addr. Fixes #11618
Do not build node_exporter on armv7 since lang/go14 is broken
Report full product version, including -pN
Revise firewall_nat_edit for MVC
Correct rsort_log_filename() behavior. Fixes #11639
Catch up with rename of Coreboot upgrade package to Firmware
Remove obsolete vars for MVC
Revise firewall_nat.php for MVC
Typo fix. Issue #11624
Do not run post-install during build
Fix typo
Add missing break
Rework WOL page a bit. Fixes #11616
route_get() optimization. Fixes #11475
Set correct DHCP failover peer IP on XMLRPC sync. Fixes #11519
Move custom IPSEC NAT-T port settings to Advanced Options. Todo #11518
Set explicit-exit-notify to 1 for new OpenVPN Client instances. Implements #11521
IPsec Mobile users swanctl.conf fix. Issue #11564
IPsec peer ID Any fix. Issue #11555
Cisco AVPair parse {clientip}. Fixes #11561
OpenVPN data-ciphers option length validation. Issue #11559
OpenVPN ncp_enable checkbox fix. Issue #11554
Restart unbound on interface recover. Fixes #11547
IPsec VTI interfaces bootup fix. Issue #11537
WPA Enterprise PAP inner method support. Issue #2400
Show changed NAT timeouts on the system_advanced_firewall page. Issue #11565
Merge pull request #4504 from bashkarev/master
Merge pull request #4505 from woeperbe/patch-1
Update services.inc
Corrects the error in the dynamic DNS widgetwarning: array_combine(): both parameters should have an equal number of elements in /usr/local/www/widgets/widgets/dyn_dns_status.widget.php on line 151
Fixed bug parsing netmask cisco acl
Basic fiurewall_NAT MVC conversion
Correct location and config for Strict CRLs in IPsec. Fixes #11526
Improve CA/Self-Signed serial handling. Fixes #11514
Try parsing four digit years in cert timestamps. Fixes #11504
Improve handling of broken/invalid certs. Fixes #11489
On save return virtual IP id
Merge pull request #4501 from mschiegl/patch-1
Use set_curlproxy() function for cURL proxy configuration. Issue #11476
IPsec Mobile EAP-RADIUS additional configuration fix. Issue #11447
Put OpenVPN route-nopull option after custom options. Fixes #11448
System Information widget fix. Issue #11443
WireGuard interface friendly description. Fixes #11437
Allow to use OpenVPN provided DNS servers. Implements #11140
WPA Enterprise (PEAP/TLS/TTLS) client mode. Feature #2400
Fix a typo.
No functional changes.
Merge pull request #4491 from dsmackie/issue-9887
Merge pull request #4500 from bitscher/master
Merge pull request #4487 from znerol-forks/feature/master/radvd-linklocal-vip
Don't add empty pools line. Fixes #11488
Fix child SA name generation. Fixes #11487
Fix IPsec connect/disconnect for all tunnels. Fixes #11486
Fix openssl digest algorithm param in openvpn.inc
At least in OpenSSL 1.1.1i-freebsd, used by pfsense 2.5, there is no longer a "list-message-digest-algorithms" parameter. It has been replaced by "list -digest-algorithms".The old parameter results in an error 'Invalid command 'list-message-digest-algorithms'; type "help" for a list' and may even cause an endless loop on startup/migration.
Fixed #5685 - Renaming alias does not update firewall rules containg that alias
Fixed #11464 by adding proxy configuration to web service calls
Merge branch 'master' into master
Add getVIPs() function for MVC
Revised firewall_virtual_ip_edit for MVC
Fix broken help link.
firewall_virtual_ip refactored fro MVC
Fix filename in copyright message
Refactored system_advanced_misc for MVC
Non local gateways fix. Issue #11433
Show switch tagging ports on status_interfaces page. Implements #10804
RTL8153 USB ethernet module. Implements #11125
Replace HTTP links to HTTPS. Implemets #11228
Delete static routes on gateway down. Fixes #11296
Remove unused L2TP VPN directory. Fixes #11299
Hide MAC address field for pseudo-interfaces. Issue #11387
Authentication Servers copy button. Feature #11390
Unbound ip6.arpa local-zone type. Fixes #11403
aliasmod shell script. Implements #11380
Set correct TCP MSS for IPv6. Fixes #11409
Allow to use host portion of IPv6 in firewall rules. Feature #6626
L2TP VPN MTU option. Feature #11406
Xen console support. Feature #11402
Display negotiated cipher on Status / OpenVPN page. Implements #7077
Hide Shared Key field on OpenVPN client page in SSL/TLS mode. Fixes #11382
Mythic-Beasts.com DynDNS provider support. Implements #7842
RADIUS Advanced parameters. Feature #11211
Do not prefix FQDN IPsec IDs with @. Fixes #11442
Show gateway groups in OpenVPN Wizard. Fixes #11141
Check that DHCP has gateway in interface_has_gateway(). Fixes #5135
Randomize ACB cron minutes. Implements #10811
RADVD set AdvRDNSSLifetime. Fixes #11105
Down disabled interfaces on boot. Fixes #11091
Do not restart unchanged services on XMLRPC sync. Fixes #11082
Improve the handling of crypto offload hardware.
Remove support to deprecated hardware.
Task: #11426
Find IPsec IKE SAs by their full name. Issue #11435
Update comments
Provide system_advanced_firewall.inc
Revised system_advanced_notificaions for MVC