summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Correct the copy() logicScott Ullrich2007-04-211-1/+1
|
* * Use copy instead of system() * Lock the configuration before doing this ↵Scott Ullrich2007-04-211-2/+6
| | | | operation * Unlink config.cache if it exists * Send the image to RO after this operation
* xmlparse now returns -1 when a file is corrupt. Detect this situation ↵Scott Ullrich2007-04-211-0/+8
| | | | during parse_config() and trigger a backup. Note to the user this occurance.
* xmlparse now returns -1 when a file is corrupt. Detect this situatioon and ↵Scott Ullrich2007-04-211-0/+5
| | | | notify the user that we are unlinking the file.
* When we iterate through the backup cache we call out to parse the ↵Scott Ullrich2007-04-211-1/+2
| | | | configuration file. This can be fatal if the xml contents is corrupted and the process will die out. Instead of dieing, return -1 and let the process continue since we have further logic to detect these issues and restore a previous configuration, etc.
* Do correct locking when cleaning the backup cacheScott Ullrich2007-04-211-0/+2
|
* We really need to lock the configuration when outputting the config.cacheScott Ullrich2007-04-211-0/+2
|
* We should anti spoof on the wan interface as well.Scott Ullrich2007-04-211-0/+1
|
* Block traffic from source port 0 or destination port 0. Some crafty folks ↵Scott Ullrich2007-04-201-0/+4
| | | | try to evade packet filters by using this type of trickery. See http://www.securityfocus.com/archive/75/402099/30/0/threaded for more information.
* Note that we use the username admin when syncing in the error messagesScott Ullrich2007-04-191-2/+2
|
* Correctly define the state timeout value.Scott Ullrich2007-04-191-1/+2
|
* Do not echo out extra text when reloading the filter rules and correctly ↵Scott Ullrich2007-04-181-1/+1
| | | | detect pftpx already started.
* Remove trailing spaceScott Ullrich2007-04-181-1/+1
|
* Do not carriage return in the middle of a shell commandScott Ullrich2007-04-181-2/+1
|
* Don not use round-robin on failover lb poolsSeth Mos2007-04-181-2/+7
| | | | MFC: ASAP
* initialize variable correctlyScott Dale2007-04-181-1/+1
| | | | MFC: asap
* Turn off hard drive write caching correctlyScott Ullrich2007-04-172-2/+5
|
* Show icon when schedule is activeScott Dale2007-04-171-1/+4
| | | | MFC: asap
* Schedule popup on firewall page, stop min 0>00Scott Dale2007-04-173-11/+117
| | | | MFC: asap
* hw.ata.wc is a read-only /boot/loader.conf value. Remove.Scott Ullrich2007-04-171-1/+0
|
* Correctly note the filter configure item when removing the schedule feature ↵Scott Ullrich2007-04-161-1/+2
| | | | from cron
* Add xml sync schedules optionScott Ullrich2007-04-152-5/+14
|
* Remove stray ;Scott Ullrich2007-04-151-1/+1
|
* Uncomment pass rule logic. Fixes a problem report from the forum. ↵Scott Ullrich2007-04-141-2/+2
| | | | Reminded-by: Holger
* Add some text breaks.Scott Ullrich2007-04-141-1/+4
|
* Remove <br/> from schedule strong note.Scott Ullrich2007-04-141-1/+1
|
* Wrap text in <pre></pre>Scott Ullrich2007-04-141-2/+2
|
* Add a note about firewall rule schedule logic that will pop up in a new ↵Scott Ullrich2007-04-142-1/+9
| | | | window describing how pass rules work when they are outside of the schedule window, etc.
* Disable ATA write caching which should help with loosing configuration on ↵Scott Ullrich2007-04-131-0/+1
| | | | invalid power off events.
* Backport usermanager code from HEAD so I can get it in the snaps andBill Marquette2007-04-1312-122/+2638
| | | | | start testing it properly There's still some CSS/HTML fixes needed but the code seems to work
* Hide "ipfw2 (+ipv6) initialized, divert loadable, rule-based forwarding ↵Scott Ullrich2007-04-111-1/+4
| | | | | | enabled, default to accept, logging disabled" while enabling time based rules Noticed-by: Ryan Wagoner
* Check for array type before foreach()Scott Ullrich2007-04-111-4/+5
| | | | Reminded-by: Ryan Wagoner/Seth Mos
* Remove time based rule debugging statements.Scott Ullrich2007-04-111-20/+0
| | | | Reminded-by: Ryan Wagoner
* Do not sort dns server list.Scott Ullrich2007-04-111-1/+0
| | | | Reported-by: Goffredo Andreone
* If we cannot deterimine interrupts a second for an interface, do not recycle ↵Scott Ullrich2007-04-101-0/+3
| | | | last known values.
* Do not show blank openvpn configuration items.Scott Ullrich2007-04-102-0/+8
|
* Set RELENG_1 version to 1.3. 1.2 will be released form RELENG_1_2.Scott Ullrich2007-04-091-1/+1
|
* Time for 1.2-BETA-1Root_RELENG_1_2Scott Ullrich2007-04-091-1/+1
|
* If the interface is "lan" and bridging is enabled then skip creation of the ↵Scott Ullrich2007-04-091-0/+3
| | | | DHCP Server subnet. Ticket #1281
* Remove configuration lock that would be acquired when you login to ssh after ↵Scott Ullrich2007-04-081-0/+2
| | | | a firmware update. Ticket #1258
* Correct sysctl name.. it is movements not movement.Scott Ullrich2007-04-081-2/+2
|
* startup routed on boot if it's enabledBill Marquette2007-04-081-0/+4
|
* Correct rrd_gateway pathSeth Mos2007-04-081-1/+1
|
* Skip rule creation when interface_ip or remote_gateway is unknownScott Ullrich2007-04-071-0/+4
|
* When a 0 byte configuration file is found, remove it (unlink) and continue ↵Scott Ullrich2007-04-071-12/+17
| | | | processing.
* Remove IP Compression box. A lot of further refactoring is going to be ↵Scott Ullrich2007-04-071-6/+0
| | | | required to make this work and we do not have enough time to do so before 1.2 beta.
* Ticket 1280: updatedScott Dale2007-04-071-1/+1
|
* Use -o when loading the pf ruleset. From the pfctl man page: -o ↵Scott Ullrich2007-04-071-1/+1
| | | | | | Enable the ruleset optimizer. The ruleset optimizer attempts to improve rulesets by removing rule duplication and making better use of rule ordering. Specifically, it does four things: 1. remove duplicate rules 2. remove rules that are a subset of another rule 3. combine multiple rules into a table when advantageous 4. re-order the rules to improve evaluation performance A second -o may be specified to use the currently loaded ruleset as a feedback profile to tailor the optimization of the quick rules to the actual network behavior. It is important to note that the ruleset optimizer will modify the ruleset to improve performance. A side effect of the ruleset modification is that per-rule accounting statistics will have different meanings than before. Use -o when loading the pf ruleset. From the pfctl man page: -o Enable the ruleset optimizer. The ruleset optimizer attempts to improve rulesets by removing rule duplication and making better use of rule ordering. Specifically, it does four things: 1. remove duplicate rules 2. remove rules that are a subset of another rule 3. combine multiple rules into a table when advantageous 4. re-order the rules to improve evaluation performance A second -o may be specified to use the currently loaded ruleset as a feedback profile to tailor the optimization of the quick rules to the actual network behavior. It is important to note that the ruleset optimizer will modify the ruleset to improve performance. A side effect of the ruleset modification is that per-rule accounting statistics will have different meanings than before.
* Cleanup IPSEC rules a bit. More work will be performed in this area over ↵Scott Ullrich2007-04-061-15/+3
| | | | the weekend.
* Both -HEAD and -RELENG_1 have had a hidden feature to allow IPSEC ↵Scott Ullrich2007-04-061-1/+9
| | | | compression. Add a checkbox to the screen to allow this hidden value to be toggled.
OpenPOWER on IntegriCloud