| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
|
|
| |
It is not necessary to check, as the only times a gateway event should trigger the VPN to restart are when the current and new devices differ.
This also allows us to simplify the code a bit and eliminate some single-use variables.
See the discussion at https://github.com/pfsense/pfsense/commit/4aefcf915112b38784b06abc8dd9a26d9a4960b3
|
|
|
|
|
| |
If the interface is the same, this test will fail, and that's the one case that should not need a resync.
The logic in this test has been flipped and reversed a few times over the years and without comments it's difficult to discern its true purpose.
|
|
|
|
|
|
|
|
|
|
|
|
| |
Forum: https://forum.pfsense.org/index.php?topic=91075.0
For DNS Forwarder (dnsmasq)
1) dnsmasq is the name of the service
2) DNS Forwarder is the text description
Make Unbound consistent with that, so that menu names and services status display and... work in the same way:
1) unbound is the name of the service
2) DNS Resolver is the text description
|
|
|
|
| |
because empty() does not allow 0, which is a valid value.
|
|
|
|
| |
hint' flag is checked to avoid generating invalid dhcp6c configuration file.
|
|
|
|
|
| |
This code just looked wrong. It was considering 10.1-RELEASE-p6 to be release number "1" and comparing it to "9".
These changes to do what it seems to intend. This will make that UFS+J stuff appear, if that is of any consequence.
|
|
|
|
| |
Use the `none` keyword instead of a whitespace to disable the FreeBSD version in sshd_config.
|
|
|
|
| |
ifconfig. This shouldn't be necessary, but specifying mode has proven to trigger driver problems that don't exist if it's left unspecified (such as FreeBSD PR 198680). Chosing "auto" fixes ath(4) BSS mode issues otherwise preventing it from connecting.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1) Only attempt to delete the oldusername if it actually was non-empty - at the moment errors are logged in the system log when adding a new user, because the code was trying to delete the user name "".
2) Call local_user_set() first to create (change, whatever) the user record. This makes the user record exist for a new user. Then call local_user_set_groups() to sort out what groups the user should be in or not in. The existing code would fail to add a new user to the specified group/s because local_user_set_groups() was called too early, before the user actually existed.
Typical system log errors from the old code:
Mar 18 17:10:31 php-fpm[9542]: /system_usermanager.php: Tried to remove user but got user pw instead. Bailing.
Mar 18 17:10:31 php-fpm[9542]: /system_usermanager.php: The command '/usr/sbin/pw groupmod admins -g 1999 -M '0,2003,2006,2008' 2>&1' returned exit code '67', the output was 'pw: user `2008' does not exist'
From looking at the code history, I think this has been this way for a long time, not a new bug at all.
Discussed in forum: https://forum.pfsense.org/index.php?topic=90700.msg501766#msg501766
|
|
|
|
|
| |
At the moment you can make a VLAN with tag 0. The input validation does not catch it because when $_POST['tag'] = "0" that evaluates to false by PHP.
Always make the checks on 'tag' value whenever the 'tag' key is set at all. If the (required) 'tag' key is not set, then that is already checked for by do_input_validation().
|
|
|
|
|
|
|
|
|
| |
Example: LAN IP 10.0.1.1/24 OPT1 IP 10.0.2.1/24
Rules with SRC or DST LANnet correctly have 10.0.0.0/24 (the subnet base address) in /tmp/rules.debug
Rules with SRC or DST OPT1net have 10.0.2.1/24 (the OPT1 IP address with OPT1 net mask) in /tmp/rules.debug
It still works (I think) because actually 10.0.2.1/24 and 10.0.2.0/24 interpreted as a subnet still describes the same set of IP addresses, but it looks odd, as reported by: https://forum.pfsense.org/index.php?topic=90096.msg498474#msg498474
Same issue with IPv6 for OPT1net rules.
This fixes the rule generation to that OPT1net uses the base subnet address in the rule, in the same way that LANnet and WANnet does.
|
|
|
|
| |
This just looks wrong. But I guess the code path never comes through here because function readline() already exists in the environment of this script.
|
| |
|
|
|
|
| |
errors in some configurations. Disable it again since it's been disabled for years, and comment out the user-facing config portion for now since it doesn't do anything. Ticket #4516
|
| |
|
|
|
|
| |
browser pick the first in the list (the first the card reported as available), which ended up being 802.11b. Ticket #4516
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
Looking at where this is nested inside various if statements, I do not think this error did too much harm - only to the $mac['descr'] - in this particular code flow $username is not used for important stuff after this point.
Conflicts:
etc/inc/captiveportal.inc
|
|
|
|
| |
compatible card exists.
|
|
|
|
| |
choosing a specific channel with hostap mode for now.
|
|
|
|
| |
here, though it's also handled by the supplicant/authenticator. Ticket #4516
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
Conflicts:
etc/inc/filter.inc
|
|
|
|
| |
enabled. This just throws an error in the log, remove it.
|
| |
|
| |
|
|
|
|
|
|
|
| |
the P2. Workaround for Ticket #4178
Conflicts:
etc/inc/vpn.inc
|
|
|
|
| |
correct real interface and use subnet to check IP protocol
|
|
|
|
| |
fix #4328
|
|
|
|
| |
replacing symlink targets by the old values. Ticket #4328
|
|
|
|
| |
nodes. Fixes #4446
|
|
|
|
| |
This reverts commit 0e7954b8a333d7ca92f56c86c74e2d9d7457b546.
|
| |
|
| |
|
|
|
|
| |
with hifn cards
|
| |
|
|
|
|
| |
crashing on this specific board. Ticket #4403
|