| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|\ |
|
| |
| |
| |
| | |
Redmine #4859 fix for RELENG_2_2
|
| |
| |
| |
| | |
To be consistent with the checks in the rest of this code.
|
| |
| |
| |
| |
| | |
LAN subnet to LAN IP. Same end result except it'll work for VIPs on same
interface now.
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If the Advanced Settings are saved before any other IPsec is set up then $config['ipsec'] can be just the empty string. As a result you can get:
a) If you select some debug settings then those are not saved. The code to save those settings was only executed when $config['ipsec'] was already an array. Actually the code already did the necessary "if isset() then unset()" stuuf. So I just took the the "if is_array()" away from the code block.
b) Some potential unset() can go wrong with errors like:
Fatal error: Cannot unset string offsets in /usr/local/www/vpn_ipsec_settings.php on line 168
This is corrected by adding more "if (isset())" checks.
Fixes Redmine #4865
Conflicts:
usr/local/www/vpn_ipsec_settings.php
|
|/ |
|
|
|
|
| |
Unset any old CA and Cert in the system section that might still be there from when upgrade_066_to_067 did not unset them. That will tidy up old configs that had the conversion done originally but these old sections were left behind.
|
|
|
|
| |
It would be quite unusual to have no filter rules array, but if that is indeed the case then the first part of this code that sets dnpipe and dnqueue numbers should execute anyway.
|
|
|
| |
With the typo, this empty() test would always have been true. So maybe on upgrade some existing captive portal zoneid values have been getting overwritten by this even number counter? Or?
|
| |
|
|
|
|
| |
exec.php. Setup a link to download the status output.tgz in status.php
|
| |
|
|
|
|
| |
already added suffices for Windows clients, though strongswan docs suggest setting this as well.
|
| |
|
| |
|
|
|
| |
Clarify that this applies to DNS Resolver as well. Update the translations template.
|
|
|
|
| |
Clarify that this applies to DNS Resolver as well.
|
|
|
|
| |
Clarify that this applies to DNS Resolver as well.
|
|\ |
|
| |
| |
| | |
... so that people can get useful descriptions in the System Logs - Firewall GUI, instead of useless tracker numbers.
|
|\ \ |
|
| | |
| | |
| | |
| | |
| | | |
Reduces useless CPU use on the pfSense box when the dashboard is
displayed with the Traffic Graphs widget.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Create a host-type alias. Put just a number in "IP or FQDN" - e.g. I made alias name "Zqw" and a single host "23". The webGUI reports:
There were error(s) loading the rules: /tmp/rules.debug:44: syntax error - The line in question reads [44]: table { 23 }
and /tmp/rules.debug has:
table { 23 }
Zqw = ""
which pf does not cope with.
This change will differentiate between a number in the context of a port alias and a number that is_hostname.
This time I think it really works :) The call to alias_get_type() needed to send the alias name as parameter. alias_get_type() is a bit expensive - it scans through the whole list of aliases looking for a match on the name. So I made this code just call it once for the name and then use that $alias_type var each time as it loops through all the addresses in an alias.
I have tried this successfully with a few combinations of nested port/host/network aliases. But maybe there is some wacky combination of nested aliases possible that could still break this? I don't see how, but it needs testing on some configs that have all sorts of nested alias types.
|
|\ \ \
| |_|/
|/| | |
|
| | |
| | |
| | |
| | |
| | | |
The GUI should show descriptions according to what's selected from the dropdown, but currently does not for URL Table (IPs) and URL Table (Ports) type of aliases.
This is for RELENG_2_2 branch.
|
|/ /
| |
| |
| | |
rc.carpmaster/backup. Ticket #4854
|
| |
| |
| |
| |
| |
| | |
- Do not add leftid to confir when value is empty
- When asn1dn param is in binary form, explicit type
- Always add double quotes for asn1dn
|
| | |
|
| |
| |
| |
| |
| | |
- Add a upgrade code to fix asn1dn string format to match strongSwan needs
- Bump config version to 11.8
|
| |
| |
| |
| |
| |
| | |
mandatory. Revert "myid_data and peerid_data fields are not relevant with asn1dn."
This reverts commit b8754cc85db7e92322f605bbb4b2f90bde90bb7f.
|
| | |
|
| |
| |
| | |
Improve this a little more to match only alpha after /dev/cua (/dev/cuau for example)
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
It originally coped with things like cuau1 cuau1.1
Then I made it cope with things like cuau1 cuau11 but it stopped working for cuau1.1
This one copes with:
cuau1
cuau1.1
cuau1.11
cuau11
cuau11.1
cuau11.11
That should allow for all sorts of reasonable device name files without matching other stuff in /dev (like cuau1.init cuau1.lock) that we need to ignore.
Please think if I have covered the bases here.
|
| |
| |
| |
| | |
is asn1dn. Ticket #4792
|
| | |
|
| |
| |
| |
| | |
This reverts commit 6605035f9d2a04d1d4b724f6e993bc3f5c6d173d.
|
|\ \ |
|
|/ /
| |
| | |
Cherry pick of https://github.com/pfsense/pfsense/commit/90ad3a76edae543bcc63252b14660ac4baee291e
|
|\ \ |
|
| | | |
|
| | |
| | |
| | | |
Actually there was no real problem, but having a mis-spelling like this means that English speakers will waste time (like I did) double-checking to see if the mis-spelling would cause a real problem.
|
| | |
| | |
| | |
| | |
| | | |
If you open firewall_aliases_import and enter just an invalid Alias Name (e.g. a$b) and press save or press save with all fields empty, then the screen redraws but the input error(s) is not displayed.
This fixes it.
|
| | |
| | |
| | |
| | |
| | |
| | | |
If you click "+" to add an alias, then press Save without entering anything, you get:
Warning: Invalid argument supplied for foreach() in /usr/local/www/firewall_aliases_edit.php on line 402
as well as the various messages related to $input_errors.
This change ensures that $input_addresses array always exists (even if it has no real entries) so that the foreach() warning does not happen.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Create a host-type alias. Put just a number in "IP or FQDN" - e.g. I made alias name "Zqw" and a single host "23". The webGUI reports:
There were error(s) loading the rules: /tmp/rules.debug:44: syntax error - The line in question reads [44]: table { 23 }
and /tmp/rules.debug has:
table <Zqw> { 23 }
Zqw = "<Zqw>"
which pf does not cope with.
It is possible to have a host name that is a number, and end up with a domain name like 23.mycompany.com - unfortunately some Wally allowed such things in standards many years ago, so it can be rather difficult to tell the difference between a number and a host name.
This change improves the check when looking through alias entries and deciding if they are meant to be a name or a "bottom-level" value (address, subnet, port, port range). Anything that ends up looking like a host name gets given to filterdns to sort out. "Names" like "23" now get given to filterdns instead of being put directly into the table in pf. This makes things happier. Even if filterdns cannot resolve "23", at least it tries and nothing barfs.
|
| | |
| | |
| | | |
Make the required fields be correct and match thier text names, which should each have their own gettext() cal so as to build a proper array at line 81. Basically it was all broken and the errors displayed when field/s were left empty were rubbish.
|
| | |
| | |
| | |
| | |
| | | |
The reqdfields had only 4 entries but reqdfieldsn has 5 entries and the field names to text descriptions did not match up.
Fixed it.
|
|/ /
| |
| |
| |
| | |
If you go to Interfaces, assign, PPPs, press "+" to add an entry, then press Save without entering anything then you get a warning about the foreach() here.
The is_array() check fixes it.
|