pfSense

Skip any numeric-only aliases in the ruleset to prevent errors from those
who configured them on previous versions where that was allowed. Ticket

Add missing comma. Fixes #4485

Enable UnicastOnly in radvd for ovpn* interfaces. Ticket #4455

Tweak the carp demotion factors slightly to avoid CARP transitions that are most likely unnecessary.

Be safe use require_once in zeromq

I was testing code and just doing stuff like:
require_once("zeromq.inc");
in Diagnostics->Command Prompt, PHP Execute
That brings an error because underneath that PHP Execute code it has already included auth.inc
I guess zeromq.inc is used quite separately to the rest of the system, and must be OK just having a "require" here. But it seems safer to always use require_once, just in case it gets called in a new way/sequence....

Remove "Prefer old SA" option, and ignore it in all existing configurations. Breaks things in many cases with strongSwan. For the very rare circumstances where this is actually desirable, it's just a sysctl that can be set in tunables.

Ancient bug on upgrade_014_to_015

This code looked silly the way it was, with the construct:
$var = $var;
unset($var);

Seems it was accidentally changed to this way many years ago by https://github.com/pfsense/pfsense/commit/588a183b0e58f09932ffef35cc0003cca2313aba...

Fix type (trime->trim)

interface_netgraph_needed can miss setting found equals true

This routine seems to go looking to see if the passed-in interface is PPP-style. At the end, if it is not PPP-style then it calls pfsense_ngctl_detach.
This foreach loop in its current state will always exit after the first iteration that is not mode "server". But it looks like it should look through all the 'pppoe' entries until it finds the interface or gets to the end....

remove unused legacy code