Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Use subnet address in OPT net rules | Phil Davis | 2015-03-16 | 1 | -9/+11 |
| | | | | | | | | | Example: LAN IP 10.0.1.1/24 OPT1 IP 10.0.2.1/24 Rules with SRC or DST LANnet correctly have 10.0.0.0/24 (the subnet base address) in /tmp/rules.debug Rules with SRC or DST OPT1net have 10.0.2.1/24 (the OPT1 IP address with OPT1 net mask) in /tmp/rules.debug It still works (I think) because actually 10.0.2.1/24 and 10.0.2.0/24 interpreted as a subnet still describes the same set of IP addresses, but it looks odd, as reported by: https://forum.pfsense.org/index.php?topic=90096.msg498474#msg498474 Same issue with IPv6 for OPT1net rules. This fixes the rule generation to that OPT1net uses the base subnet address in the rule, in the same way that LANnet and WANnet does. | ||||
* | pfSsh.php readline function return value | Phil Davis | 2015-03-16 | 1 | -1/+1 |
| | | | | This just looks wrong. But I guess the code path never comes through here because function readline() already exists in the environment of this script. | ||||
* | It's time for 2.2.1-RELEASERELENG_2_2_1 | Renato Botelho | 2015-03-13 | 1 | -1/+1 |
| | |||||
* | txpower was disabled for good reason it would appear, it triggers syntax ↵ | Chris Buechler | 2015-03-13 | 2 | -2/+6 |
| | | | | errors in some configurations. Disable it again since it's been disabled for years, and comment out the user-facing config portion for now since it doesn't do anything. Ticket #4516 | ||||
* | Apply WME input validation to all modes, not just hostap. Ticket #4516 | Chris Buechler | 2015-03-13 | 1 | -5/+5 |
| | |||||
* | Default to 11ng if an option hasn't been configured. Previously we let the ↵ | Chris Buechler | 2015-03-13 | 1 | -1/+7 |
| | | | | browser pick the first in the list (the first the card reported as available), which ended up being 802.11b. Ticket #4516 | ||||
* | Default to WPA2, AES for new wireless interface configs. Ticket #4516 | Chris Buechler | 2015-03-13 | 1 | -2/+2 |
| | |||||
* | Auto-size the interface box on the bridge edit page. | Chris Buechler | 2015-03-13 | 1 | -1/+2 |
| | |||||
* | touch up interfaces.php text | Chris Buechler | 2015-03-13 | 7 | -10/+10 |
| | |||||
* | Require WPA PSK where WPA-PSK is enabled. Clean up some other text. Ticket #4516 | Chris Buechler | 2015-03-12 | 7 | -10/+15 |
| | |||||
* | clean up input errors text | Chris Buechler | 2015-03-12 | 7 | -9/+9 |
| | |||||
* | add missing double == in ipsec.inc | Chris Buechler | 2015-03-12 | 1 | -1/+1 |
| | |||||
* | Missin double equals in captiveportal.inc | Phil Davis | 2015-03-12 | 1 | -1/+1 |
| | | | | | | Looking at where this is nested inside various if statements, I do not think this error did too much harm - only to the $mac['descr'] - in this particular code flow $username is not used for important stuff after this point. Conflicts: etc/inc/captiveportal.inc | ||||
* | Fix up text, remove "only for Atheros" since the option is only shown if a ↵ | Chris Buechler | 2015-03-12 | 7 | -5/+5 |
| | | | | compatible card exists. | ||||
* | "Auto" channel with hostap doesn't work correctly at the moment, force ↵ | Chris Buechler | 2015-03-12 | 1 | -0/+4 |
| | | | | choosing a specific channel with hostap mode for now. | ||||
* | Set txpower since that seems to work fine now. Explicitly set authmode wpa ↵ | Chris Buechler | 2015-03-12 | 1 | -2/+5 |
| | | | | here, though it's also handled by the supplicant/authenticator. Ticket #4516 | ||||
* | Do not start filterdns during boot until a proper fix is done. Ticket #4296 | Renato Botelho | 2015-03-12 | 2 | -18/+22 |
| | |||||
* | add more wireless validation. Ticket #4516 | Chris Buechler | 2015-03-12 | 1 | -1/+4 |
| | |||||
* | Add more validation for wireless config settings. Ticket #4516 | Chris Buechler | 2015-03-12 | 1 | -0/+22 |
| | |||||
* | Add more input validation for wireless parameters. Ticket #4516 | Chris Buechler | 2015-03-12 | 1 | -0/+36 |
| | |||||
* | Touch up wifi text | Chris Buechler | 2015-03-12 | 7 | -12/+12 |
| | |||||
* | If we bail not being able to find the P1 source, log an error. | Chris Buechler | 2015-03-12 | 1 | -1/+3 |
| | |||||
* | White space in ipsec.inc | Phil Davis | 2015-03-12 | 1 | -10/+10 |
| | |||||
* | White space in filter.inc | Phil Davis | 2015-03-12 | 1 | -44/+44 |
| | | | | | Conflicts: etc/inc/filter.inc | ||||
* | use-compression is no longer a valid config option in lighttpd, it can't be ↵ | Chris Buechler | 2015-03-12 | 1 | -3/+0 |
| | | | | enabled. This just throws an error in the log, remove it. | ||||
* | Fix IPsec on CARP IPs, broken when fixing IPsec with gateway groups and VIPs. | Chris Buechler | 2015-03-12 | 1 | -5/+9 |
| | |||||
* | clean up unique IDs text a bit. | Chris Buechler | 2015-03-11 | 1 | -2/+2 |
| | |||||
* | Move libstrongswan-unity.so when Unity plugin is disabled so it can't modify ↵ | Chris Buechler | 2015-03-11 | 1 | -3/+13 |
| | | | | | | | the P2. Workaround for Ticket #4178 Conflicts: etc/inc/vpn.inc | ||||
* | Proper fix #4443, do not unset carp entry when content differ, also set ↵ | Renato Botelho | 2015-03-11 | 1 | -3/+7 |
| | | | | correct real interface and use subnet to check IP protocol | ||||
* | Detect when broken rc.firmware is running, fix it and restart. This should ↵ | Renato Botelho | 2015-03-11 | 1 | -0/+21 |
| | | | | fix #4328 | ||||
* | Remove -U from mtree call used to restore files permissions, this is ↵ | Renato Botelho | 2015-03-11 | 1 | -1/+1 |
| | | | | replacing symlink targets by the old values. Ticket #4328 | ||||
* | Save vip interface and subnet to use to delete old vips from secondary ↵ | Renato Botelho | 2015-03-11 | 1 | -13/+14 |
| | | | | nodes. Fixes #4446 | ||||
* | Revert "Use a consistent variable name here. related to Ticket #4446" | Renato Botelho | 2015-03-11 | 1 | -4/+4 |
| | | | | This reverts commit 0e7954b8a333d7ca92f56c86c74e2d9d7457b546. | ||||
* | add granular control of state timeouts. Ticket #4509 | Chris Buechler | 2015-03-11 | 2 | -3/+246 |
| | |||||
* | Explicit disable ssl.use-compression on lighty config. It should fix #4230 | Renato Botelho | 2015-03-11 | 1 | -0/+3 |
| | |||||
* | Remove BEAST protection option since default cipher is now good and works ↵ | Renato Botelho | 2015-03-11 | 2 | -57/+2 |
| | | | | with hifn cards | ||||
* | Add a log message when hostres SNMP module is ignored on APU boards | Renato Botelho | 2015-03-11 | 1 | -5/+9 |
| | |||||
* | Disable SNMP hostres module on APU boards until we figure out why it's ↵ | Renato Botelho | 2015-03-11 | 1 | -1/+5 |
| | | | | crashing on this specific board. Ticket #4403 | ||||
* | Fix password box cursor position | Phil Davis | 2015-03-11 | 4 | -29/+29 |
| | | | | | | | | | | | | | | | Similar to https://github.com/pfsense/pfsense/commit/dedc40f7ded5f88aee4720aa8a3a57667b975254 The password field shows the little lock icon, but the text input area starts over the top of the icon and as I type in the field the password "dots" go over the lock icon in each of these data entry places. Changing the field name/id to not be "password" but to be "passwordfld", "passwordfld1" "passwordfld2" and the like fixes it. Something does not like the field being called just "password". In interfaces.php I also changed the field "username" to be "ppp_username". This standardized it to work in a similar way to pppoe_username pptp_username fields. It looks easier to understand for me. | ||||
* | Pencil symbols | Phil Davis | 2015-03-11 | 9 | -16/+16 |
| | | | | | | | | | These are places in the GUI where the cursor sits not in the far left side of the input box and there is odd-looking white space to the left of the cursor. Normally there would be a little input graphic in the white space to the left of the cursor (a pencil, a computer screen, a lock symbol...) This change makes the pencil be displayed in all those places. | ||||
* | update description after adaptive start/end default change. | Chris Buechler | 2015-03-11 | 1 | -1/+1 |
| | |||||
* | Leave adaptive.start and end at their defaults (60% and 120% of the state ↵ | Chris Buechler | 2015-03-11 | 1 | -2/+0 |
| | | | | limit, respectively) if not user-overridden. | ||||
* | Update cipher-list in web interface to prefer PFS. Ticket #4230 | Chris Buechler | 2015-03-11 | 1 | -2/+4 |
| | |||||
* | Check for not up, rather than down, as there are a variety of potential | Chris Buechler | 2015-03-10 | 1 | -3/+3 |
| | | | | statuses that are not up. Ticket #4502 | ||||
* | Need global $ipsec_idhandling here. | Chris Buechler | 2015-03-10 | 1 | -2/+2 |
| | |||||
* | Use a consistent variable name here. related to Ticket #4446 | Chris Buechler | 2015-03-10 | 1 | -4/+4 |
| | |||||
* | Don't enable interfaces_use by default. Add checkbox to enable on Advanced | Chris Buechler | 2015-03-10 | 2 | -3/+27 |
| | | | | | | | tab, in case there are scenarios where it's desirable. Ticket #4341 Conflicts: etc/inc/vpn.inc | ||||
* | Fixes #4427 Correct traffic shaper wizard to properly save and use Voip ↵ | Ermal LUÇI | 2015-03-10 | 1 | -2/+6 |
| | | | | provided settings | ||||
* | Fixes #4427 Correct traffic shaper wizard to properly save and use Voip ↵ | Ermal LUÇI | 2015-03-10 | 1 | -2/+6 |
| | | | | provided settings | ||||
* | Fixes #4446 Correct ipalias removal on top of carp during configuration sync. | Ermal LUÇI | 2015-03-09 | 1 | -1/+5 |
| |