Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Add missing ; and also mute chmod | Renato Botelho | 2015-10-13 | 1 | -1/+1 |
| | |||||
* | Preserve /tmp permission, it fixes #5298 | Renato Botelho | 2015-10-13 | 1 | -0/+1 |
| | |||||
* | Update zoneinfo to 2015f, it fixes #5254 | Renato Botelho | 2015-10-13 | 1 | -0/+0 |
| | |||||
* | Remove strongswan's cert directories and repopulate them, to ensure no ↵ | Chris Buechler | 2015-10-12 | 1 | -0/+5 |
| | | | | removed CAs, certs, or CRLs remain. Ticket #5238 | ||||
* | Fix up strongswan logging levels. Remove charondebug since strongswan.conf ↵ | Chris Buechler | 2015-10-12 | 1 | -7/+11 |
| | | | | settings take precedence. Set logging levels in strongswan.conf to match what's set on a running system via 'ipsec stroke loglevel', and remove log levels that were hard coded in strongswan.conf. Ticket #5242 | ||||
* | Merge pull request #1962 from davidjwood/RELENG_2_2-ppp-ipv6 | Chris Buechler | 2015-10-12 | 3 | -34/+170 |
|\ | |||||
| * | Use named variables for ppp-linkup command line parameters | David Wood | 2015-10-11 | 1 | -32/+40 |
| | | |||||
| * | Make route deletions quiet - it may well be the routes have already disappeared | David Wood | 2015-10-11 | 1 | -2/+2 |
| | | |||||
| * | Make code dealing with the IPv4 default gateway conditional on the IPv4 link ↵ | David Wood | 2015-10-11 | 1 | -1/+1 |
| | | | | | | | | going down | ||||
| * | Connect ppp-ipv6 helper script to ppp-linkdown and ppp-linkup | David Wood | 2015-10-11 | 2 | -0/+5 |
| | | |||||
| * | Add /usr/local/sbin/ppp-ipv6 helper script | David Wood | 2015-10-11 | 1 | -0/+123 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | /usr/local/sbin/ppp-ipv6 <real interface> up|down Interface using SLAAC or DHCP6 going down: * bring down dhcp6c if it is running * disable router advertisements (and therefore SLAAC) * remove any autoconfigured IPv6 addresses Interface using SLAAC or DHCP6 coming up: * call interface_dhcpv6_configure() if dhcp6c not running and router advertisements off interface_dhcpv6_configure() will enable router advertisements, configure rtsold and dhcp6c, then set rtsold to prime dhcp6c as required. | ||||
* | | Merge pull request #1958 from phil-davis/patch-11 | Renato Botelho | 2015-10-12 | 1 | -8/+18 |
|\ \ | |||||
| * | | Redmine #5294 Do not delete a system group | Phil Davis | 2015-10-11 | 1 | -8/+18 |
| | | | | | | | | | | | | This code checks if the user has somehow posted a group deletion for a group that has "system" scope. If so, then the delete is not done and an input error is displayed. Note that in normal use the group manager page does not display a delete button for "system" groups, so normally this does not happen - only if the user manually messes with the $POST variables. | ||||
* | | | Merge pull request #1957 from phil-davis/patch-10 | Renato Botelho | 2015-10-12 | 1 | -8/+18 |
|\ \ \ | |/ / |/| | | |||||
| * | | Redmine #5294 Do not delete a system user | Phil Davis | 2015-10-11 | 1 | -8/+18 |
|/ / | | | | | | | This code checks if the user has somehow posted a user deletion for a user that has "system" scope. If so, then the delete iscnot done and an input error is displayed. Note that in normal use the user manager page does not display a delete button for "system" users, so normally this does not happen - only if the user manually messes with the $POST variables. | ||||
* | | Merge pull request #1954 from doktornotor/patch-2 | Renato Botelho | 2015-10-09 | 1 | -0/+1 |
|\ \ | |||||
| * | | Add SVG MIME type - RELENG_2_2 | doktornotor | 2015-10-09 | 1 | -0/+1 |
|/ / | | | | | Because it breaks traffic graphs for people.https://forum.pfsense.org/index.php?topic=87390.0 | ||||
* | | Do curl_init above any curl_setopt, and take it out of that if block since ↵ | Chris Buechler | 2015-10-08 | 1 | -1/+2 |
| | | | | | | | | it applies to all types. | ||||
* | | Merge pull request #1953 from phil-davis/patch-10 | Chris Buechler | 2015-10-07 | 1 | -1/+1 |
|\ \ | |||||
| * | | Wording of alias_info_popup tip | Phil Davis | 2015-10-08 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | | | I noticed this while comparing alias popup behavior between 2.2.5-DEVELOPMENT and 2.3 Might as well fix the grammar here for 2.2.5 This tip does not exist in 2.3 because the popup works more nicely there and so this text is not needed. Therefore this change does not need to be ported forward to master. | ||||
* | | | correct htmlentities unintentionally removed by earlier commit | Chris Buechler | 2015-10-07 | 1 | -1/+1 |
|/ / | |||||
* | | https://redmine.pfsense.org/issues/5207 | Matt Smith | 2015-10-07 | 1 | -2/+1 |
| | | | | | | | | change auth methods for both peers when using hybrid RSA + xauth with IKEv1 | ||||
* | | Add support for an IPv6 pool for mobile clients. | Matt Smith | 2015-10-07 | 2 | -5/+72 |
| | | |||||
* | | Don't enforce the use of only IPv4 or IPv6 when using IKEv2 since it works ↵ | jim-p | 2015-10-07 | 1 | -1/+1 |
| | | | | | | | | fine with IKEv2 | ||||
* | | Where doing a dynamic DNS update on IPv4, force curl to resolve IPv4 IPs. ↵ | Chris Buechler | 2015-10-03 | 1 | -0/+4 |
| | | | | | | | | Ticket #3858 | ||||
* | | Fix typo | Chris Buechler | 2015-10-02 | 1 | -1/+1 |
| | | |||||
* | | Specify PSK for mobile configurations without the leading ID selectors. ↵ | Chris Buechler | 2015-10-02 | 1 | -0/+3 |
| | | | | | | | | Fixes PSK mismatches from iOS clients. | ||||
* | | When using eap-radius, if the virtual address pool is left blank, pull the ↵ | jim-p | 2015-10-01 | 1 | -2/+6 |
| | | | | | | | | IP addresses from RADIUS instead. (Will need an IP address defined for each account.) Doesn't seem to be possible to pull from either RADIUS *or* a local pool that I can see from experimenting and looking at strongSwan's docs. | ||||
* | | Specify %any where identifier is "any", so the note on these pages | Chris Buechler | 2015-10-01 | 3 | -2/+5 |
|/ | | | | actually works. | ||||
* | Only need to check 'vip' here. | Chris Buechler | 2015-09-30 | 1 | -1/+1 |
| | |||||
* | Can't use continue here as it continues the foreach, which skips the | Chris Buechler | 2015-09-30 | 1 | -6/+5 |
| | | | | | "ipfw zone" command, breaking CP for any system that doesn't have VIPs defined. | ||||
* | Fix up IKE auto mode | Chris Buechler | 2015-09-29 | 2 | -3/+3 |
| | |||||
* | Correctly show v1/v2/auto on vpn_ipsec.php | Chris Buechler | 2015-09-29 | 1 | -2/+5 |
| | |||||
* | Bring this back, I'll fix issues afterwards. Revert "Remove "auto", it's ↵ | Chris Buechler | 2015-09-29 | 2 | -4/+6 |
| | | | | | | just a synonym for IKEv2. Ticket #4873" This reverts commit 47f802694a1e1dfbbd011d7ec431c0948358b5c3. | ||||
* | Use the appropriate parent interface with gateway groups using CARP VIPs. | Chris Buechler | 2015-09-29 | 1 | -2/+9 |
| | | | | Ticket #4990 | ||||
* | Do a service reload of dyndns when changing gateways in case something has | Chris Buechler | 2015-09-29 | 1 | -0/+2 |
| | | | | changed. Ticket #5214 | ||||
* | Disable DHS as a dynamic DNS provider option. It's never worked, and | Chris Buechler | 2015-09-29 | 2 | -5/+6 |
| | | | | | | | fixing is more complex than just fixing the variable screw up and disabling cert validation for their SSLLabs F-graded site. Updates made on their site even take quite some time to be reflected, seems to be a largely abandoned service. | ||||
* | Use self rather than any in auto-added IPsec rules to prevent | Chris Buechler | 2015-09-28 | 1 | -8/+8 |
| | | | | over-matching. Ticket #5211 | ||||
* | Ensure this only contains a partial name, not a path, before attempting to ↵ | jim-p | 2015-09-28 | 1 | -0/+1 |
| | | | | craft a full name and read the file. Fixes #5203. | ||||
* | Merge pull request #1938 from phil-davis/patch-5 | Renato Botelho | 2015-09-28 | 1 | -2/+21 |
|\ | |||||
| * | Redmine #5200 be less aggressive about DHCP Pool Notice V2 | Phil Davis | 2015-09-26 | 1 | -2/+21 |
| | | | | | | | | | | This one will log_error() the DHCP pool message when it detects the inconsistency at the end of the setup wizard during reload all. That way it can still be seen in the system log that this happened, and one day someone might chase down all the steps in the "reload all" process. Compare this with https://github.com/pfsense/pfsense/pull/1935 and choose which way you would like to go. | ||||
* | | Merge pull request #1939 from doktornotor/patch-5 | Renato Botelho | 2015-09-28 | 1 | -3/+10 |
|\ \ | |/ |/| | |||||
| * | Fix comment language | doktornotor | 2015-09-28 | 1 | -1/+1 |
| | | |||||
| * | Remove syslog.conf entries on package uninstall (Bug #5210) - RELENG_2_2 | doktornotor | 2015-09-27 | 1 | -3/+10 |
|/ | | | The remove_text_from_file() is not needed at all. However, system_syslogd_start() must be run after the package entries are gone from config.xml, otherwise system_syslogd_start() just re-adds the (now almost removed) package logging configuration from there. | ||||
* | Reset the value of a package field before this test in case it has no ↵ | jim-p | 2015-09-24 | 1 | -0/+1 |
| | | | | default. Fixes #5199 | ||||
* | Merge pull request #1933 from phil-davis/patch-4 | Renato Botelho | 2015-09-24 | 1 | -10/+14 |
|\ | |||||
| * | Redmine #5196 Remove incorrect text about DNS servers - RELENG_2_2 | Phil Davis | 2015-09-24 | 1 | -10/+14 |
|/ | | | | The correct text is already displayed under the DNS server boxes at line 892. This should also be done to master once the conversion of services_dhcp.php to bootstrap is stable. | ||||
* | Use get_interface rather than find_interface here. It'll work for VIPs on ↵ | Chris Buechler | 2015-09-23 | 1 | -2/+2 |
| | | | | gateway groups this way, and cache doesn't really matter here. Partial fix for Ticket #4990 | ||||
* | Do not pass vouchers shorter than 5 characters to voucher application, they | Luiz Otavio O Souza | 2015-09-22 | 1 | -2/+4 |
| | | | | | | | are too short to be a valid voucher. Discussed with: Jim P Issue: #4985 | ||||
* | Merge pull request #1928 from phil-davis/patch-1 | Renato Botelho | 2015-09-22 | 1 | -14/+27 |
|\ |