| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Fix a theoretical/potential XSS in the http_referer check warning. | jim-p | 2010-11-12 | 1 | -1/+1 |
| | | |||||
| * | Fix XSS in notices. | jim-p | 2010-11-12 | 1 | -2/+2 |
| | | |||||
| * | Bring in XSS id fixes from m0n0wall | Scott Ullrich | 2010-11-12 | 39 | -50/+50 |
| | | |||||
| * | Add whitespace to avoid breaking the resulting rule. | Ermal | 2010-11-12 | 1 | -1/+1 |
| | | |||||
| * | Whitespace fixes. | Ermal | 2010-11-12 | 1 | -11/+10 |
| | | |||||
| * | Make sure there is a direction specified otherwise errors might occur. | Ermal | 2010-11-12 | 1 | -1/+1 |
| | | |||||
| * | Initialize rule keeping array to avoid possible caching effects on php. | Ermal | 2010-11-12 | 1 | -0/+2 |
| | | |||||
| * | Clarify these descriptions a bit more on 1:1 edit. | Erik Fonnesbeck | 2010-11-12 | 1 | -3/+3 |
| | | |||||
| * | Handle AJAX | Scott Ullrich | 2010-11-11 | 1 | -0/+4 |
| | | |||||
| * | NiftyCheck already included in bottom-loader.js otherwise div mainarea gets ↵ | Warren Baker | 2010-11-11 | 1 | -5/+0 |
| | | | | | rounded twice. | ||||
| * | Separate this into the original case with the floating rule cases above it ↵ | Erik Fonnesbeck | 2010-11-11 | 1 | -1/+3 |
| | | | | | to fix some scenarios where the order was still wrong. | ||||
| * | Small rework of code for applying drag and drop reordering of rules and some ↵ | Erik Fonnesbeck | 2010-11-11 | 1 | -19/+18 |
| | | | | | | | extra checks added to fix some potential bugs. Ticket #878 Also minimizes the extent of the changes performed (useful when comparing config.xml files from before and after). | ||||
| * | Fix handling of floating rules in the drag and drop reordering code. Fix for ↵ | Erik Fonnesbeck | 2010-11-11 | 1 | -4/+11 |
| | | | | | part of ticket #878 | ||||
| * | Move this function to allow removing it from easyrule. | Erik Fonnesbeck | 2010-11-10 | 3 | -48/+26 |
| | | |||||
| * | Fix filter_rules_sort's compare function to know about floating rules so it ↵ | Erik Fonnesbeck | 2010-11-10 | 3 | -24/+28 |
| | | | | | won't change their order. | ||||
| * | Use this sort before saving, so the rule just added is sorted into the ↵ | Erik Fonnesbeck | 2010-11-10 | 1 | -0/+1 |
| | | | | | proper category like the rest. | ||||
| * | Unbreak graphs | Scott Ullrich | 2010-11-10 | 2 | -2/+3 |
| | | |||||
| * | Copy logic for when to show the cellular tab from status_rrd_graph.php. ↵ | jim-p | 2010-11-10 | 1 | -1/+1 |
| | | | | | Fixes #714 | ||||
| * | Return this field to its old name to prevent a conflict of names and since ↵ | Erik Fonnesbeck | 2010-11-10 | 1 | -1/+1 |
| | | | | | | | the code that uses it still refers to it by that name. Issue reported at http://forum.pfsense.org/index.php/topic,29985.0.html This caused the full name field to be ignored when creating a user and prevented making a certificate at the creation of the user (either could still be changed afterward). | ||||
| * | Take into account if we have redirection active to allow even port 443. | Ermal | 2010-11-10 | 1 | -0/+2 |
| | | |||||
| * | Make the antilockout rule match the webgui and ssh(if enabled) rather than ↵ | Ermal | 2010-11-10 | 1 | -3/+12 |
| | | | | | any traffic destined to pfSense itself. | ||||
| * | Only use escapeshellarg when passing the arguments to the shell. Fixes #1005 | jim-p | 2010-11-10 | 1 | -5/+3 |
| | | |||||
| * | * Call get_configured_interface_* functions only once in the code | Ermal | 2010-11-10 | 2 | -43/+47 |
| | | | | | | | * Optimize the test if the passed interface is a vaild one * Fix the apply settings to actually do something rather than do nothing at all * Some style and whitespace fixes | ||||
| * | Small improvement no functional change. | Ermal | 2010-11-10 | 1 | -8/+8 |
| | | |||||
| * | Use php calls rather than forking to shell. | Ermal | 2010-11-10 | 1 | -12/+3 |
| | | |||||
| * | Use exec and check return value of command to avoid priting messages of ↵ | Ermal | 2010-11-10 | 1 | -4/+4 |
| | | | | | stderr to console. | ||||
| * | Not sure why sometimes works sometimes does not work when bound to localhost ↵ | Ermal | 2010-11-10 | 1 | -9/+1 |
| | | | | | the lighttpd instance of CP. Back to previous setup! Though security of it is debatble. | ||||
| * | Bring interfaces up only if there is a mismatch to allow them to be reassigned. | Ermal | 2010-11-10 | 2 | -6/+5 |
| | | |||||
| * | Ticket #904. Hmm fix the interface_has_gateway() too. | Ermal | 2010-11-10 | 1 | -2/+2 |
| | | |||||
| * | Ticket #904. Actually correctly handle the assigned openvpn client as a ↵ | Ermal | 2010-11-10 | 1 | -5/+3 |
| | | | | | dynamic gateway rather than breaking the behaviour of the system. Strange nobody has noticed broken gateway behaviour with openvpn assigned! | ||||
| * | Actually was coorect before. 3rd parameter is length not index. | Ermal | 2010-11-10 | 1 | -1/+1 |
| | | | | | | | Revert "Correct this to make it actually work. This is also mentioned in Ticket #904 though it was already implemented." This reverts commit 6f2cc3a680f984ccbb387301a26d022e6969e665. | ||||
| * | Correct HTTP_REFERER check when using an IP Address vs the Firewalls hostname | Scott Ullrich | 2010-11-10 | 1 | -1/+1 |
| | | |||||
| * | Note that this textbox controls HTTP_REFERER hostname checks as well | Scott Ullrich | 2010-11-10 | 1 | -1/+1 |
| | | |||||
| * | Remove trailing carriage return | Scott Ullrich | 2010-11-10 | 36 | -34/+41 |
| | | |||||
| * | * Adding function get_configured_ip_addresses() which returns all interfaces ↵ | Scott Ullrich | 2010-11-10 | 4 | -2/+61 |
| | | | | | | | | | | and their configured IP address * Add checkbox to System -> Advanced -> Admin for HTTP_REFERER checks * Add and enforce HTTP_REFERER check if checkbox is not checked. This will prevent HTML pages from crafting HTML GETs against the web interface and will prevent firewall admins from being "tricked" into clicking on links that may be harmful to their firewall. | ||||
| * | Fix misc XSS issues from davey b | Scott Ullrich | 2010-11-10 | 7 | -22/+22 |
| | | |||||
| * | Add option to System: Firmware: Settings for running gitsync after ↵ | Erik Fonnesbeck | 2010-11-10 | 3 | -5/+58 |
| | | | | | installing an update, hidden/disabled if git has not been installed yet. | ||||
| * | Remove csrf-magic include from functions.inc -- it was causing problems with ↵ | Erik Fonnesbeck | 2010-11-10 | 1 | -1/+0 |
| | | | | | console PHP scripts. | ||||
| * | Correct this to make it actually work. This is also mentioned in Ticket #904 ↵ | Ermal | 2010-11-09 | 1 | -1/+1 |
| | | | | | though it was already implemented. | ||||
| * | Use a shell script rather than bad hack to execute php code for pppoe ↵ | Ermal | 2010-11-09 | 1 | -1/+7 |
| | | | | | periodic reset. | ||||
| * | Fix display of queues on rules and layer7 containers. | Ermal | 2010-11-09 | 1 | -1/+1 |
| | | |||||
| * | Ensure csrf magic is loaded | Scott Ullrich | 2010-11-09 | 1 | -0/+1 |
| | | |||||
| * | Fix Misc XSS issues | Scott Ullrich | 2010-11-09 | 3 | -7/+6 |
| | | |||||
| * | Revert | Scott Ullrich | 2010-11-09 | 1 | -1/+0 |
| | | |||||
| * | Testing csrf-magic | Scott Ullrich | 2010-11-09 | 3 | -0/+550 |
| | | |||||
| * | Set session.use_trans_sid to true | Scott Ullrich | 2010-11-09 | 1 | -0/+1 |
| | | |||||
| * | Add a setting for the data type of values used with DHCP option numbers and ↵ | Erik Fonnesbeck | 2010-11-09 | 2 | -9/+68 |
| | | | | | input validation for each type. Fixes #962 | ||||
| * | Add a function type to the field types allowed, to allow more field types ↵ | Erik Fonnesbeck | 2010-11-09 | 2 | -2/+6 |
| | | | | | without directly adding all of them to row helper. | ||||
| * | fix input validation for GRE | Chris Buechler | 2010-11-08 | 1 | -2/+2 |
| | | |||||
| * | Kill dhcplease before writing the hosts file so that it does not scramble ↵ | Ermal | 2010-11-08 | 1 | -7/+15 |
| | | | | | the content from kqueue events. | ||||
 |
index : pfsense | |
| Raptor Engineering's fork of the main repository for pfSense | Raptor Engineering, LLC |
| summaryrefslogtreecommitdiffstats |
|