summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Backport #5512 RADIUS secretPhil Davis2015-11-231-1/+1
| | | Another little easy thing to backport just in case.
* Merge pull request #2014 from phil-davis/patch-1Renato Botelho2015-11-191-2/+2
|\
| * Fix firewall log dynamic rule lookupPhil Davis2015-11-021-2/+2
| | | | | | for rows that are dynamically added as time goes by.
* | Merge pull request #2069 from jean-m-cyr/RELENG_2_2Renato Botelho2015-11-191-0/+4
|\ \
| * | Add missing stratum parameterJean Cyr2015-11-151-0/+4
| | | | | | | | | | | | | | | Add missing stratum parameter in ntpd.conf when specified on Serial GPS page.
* | | Merge pull request #2049 from phil-davis/patch-4Renato Botelho2015-11-191-1/+1
|\ \ \
| * | | Unbound advanced Invoming TCP Buffers validationPhil Davis2015-11-101-1/+1
| | | | | | | | | | | | | | | | There is a variable cut-paste error here. Actually it never makes any difference in practice because outgoing_num_tcp and incoming_num_tcp are both set, so the logic comes out the same. I noticed this while reviewing stuff in master for 2.3-ALPHA - might as well back-port stuff like this so that nobody who notices will worry about it in RELENG_2_2.
* | | | Merge pull request #2064 from phil-davis/patch-3Renato Botelho2015-11-191-1/+1
|\ \ \ \
| * | | | Ticket #5451 for RELENG_2_2Phil Davis2015-11-151-1/+1
| | |/ / | |/| | | | | | | | | | | | | | Actually this can be fixed by adding just a space after "from any". The code here builds up $tmprule and each time it adds a new clause it puts a space at the end, ready for if there is another clause to come. The "from any" here was the only offender in this scheme. It seems good to me to still backport little easy fixes to RELENG_2_2. That way production users can get them easily if they like (with system patches or...).
* | | | Merge pull request #2083 from phil-davis/patch-10Renato Botelho2015-11-191-1/+1
|\ \ \ \
| * | | | Make block bogon rule display consistent - RELENG_2_2Phil Davis2015-11-181-1/+1
| |/ / / | | | | | | | | | | | | The block private networks and anti-lockout rules display in the firewall rules display with the schedule column blank. But the block bogon networks has an asterisk. That looks odd. I noticed it just now when looking at firewall rules in 2.3. Might as well fix it here in RELENG_2_2.
* | | | Merge pull request #2082 from phil-davis/patch-9Renato Botelho2015-11-191-1/+1
|\ \ \ \
| * | | | Backport fix #5467 to RELENG_2_2Phil Davis2015-11-181-1/+1
| |/ / /
* | | | Merge pull request #2065 from phil-davis/patch-6Renato Botelho2015-11-191-0/+8
|\ \ \ \ | |/ / / |/| | |
| * | | Backport Redmine #5440 to RELENG_2_2Phil Davis2015-11-151-0/+8
|/ / / | | | | | | | | | The code in RELENG_2_2 for system_usermanager_settings.php seems to work OK in RELENG_2_2 so I did not touch anything there. But diag_authentication.php had nothing about $pconfig on initial page load. This extra code makes it select a reasonable default auth server when the page first loads. After that, each time the user does "Test", the page comes back with the previously selected auth server, user name and password (like it did already) - so that seems good.
* | | diag_ipsec.php - show button for child SAs only when some are established. ↵Matt Smith2015-11-101-2/+2
|/ / | | | | | | Fix ID used by child SA disconnect button.
* | Fix syntaxRenato Botelho2015-11-091-2/+2
| |
* | Let the code ready for strongswan 5.3.4, where key used to track nat were ↵Renato Botelho2015-11-091-2/+14
| | | | | | | | committed with a different name
* | Change version to 2.2.6-DEVELOPMENTRenato Botelho2015-11-061-1/+1
| |
* | A new fix for #4130:RELENG_2_2_5Renato Botelho2015-11-031-2/+10
| | | | | | | | | | | | | | | | | | | | | | | | The fix added for this bug, that check xml file size is < 200 to decide if file must or not be read created a new issue, single entry is not showed. Instead of doing this, check parse_xml_config() return and return empty array when it's -1 While here, prevent errors saying parse_xml_config() doesn't exist and make sure xmlparse.inc is required
* | Only call pfSense_ipsec_list_sa() when IPsec is enabledRenato Botelho2015-11-033-2/+15
| |
* | bump to 2.2.5-RELEASEChris Buechler2015-11-021-1/+1
| |
* | fix whitespaceChris Buechler2015-11-021-5/+5
|/
* Remove a redundant if and fix indentation accordingly. Fix is_array that ↵Matt Smith2015-10-301-51/+49
| | | | should be an isset on the remote SPI field.
* Update license on diag_ipsec.php. Keep required attributions and referenceMatt Smith2015-10-301-29/+54
| | | | the original m0n0wall BSD 2 clause.
* Remove port information from diag_ipsec.php since it's not available on ↵Renato Botelho2015-10-301-6/+4
| | | | VICI, also use local-nat-t and remote-nat-t to detect when NAT-T is being used
* Deprecate strongswan smp componentsRenato Botelho2015-10-301-0/+4
|
* Remove ipsec_smp_dump_status(), last dependency of strongswan XMP moduleRenato Botelho2015-10-301-47/+0
|
* Rework ipsec widget to use VICIRenato Botelho2015-10-301-17/+7
|
* Remove diag_ipsec_xml.php, not being usedRenato Botelho2015-10-301-82/+0
|
* Make IPsec status page retrieve status with VICI instead of SMPMatt Smith2015-10-301-107/+117
|
* Set leftsendcert=always for IKEv2 configurations with certificates to better ↵jim-p2015-10-281-0/+5
| | | | accommodate OS X and iOS manual configurations. Fixes #5353
* Fix up descriptive text for logging levels. Ticket #5340Chris Buechler2015-10-261-4/+3
|
* Default log level where none is selected should be 3 here. Ticket #5340Chris Buechler2015-10-261-1/+1
|
* Correct available log levels. Ticket #5340Chris Buechler2015-10-261-16/+16
|
* fix logging config upgrade. Ticket #5340Chris Buechler2015-10-261-2/+2
|
* Logging fixes. Ticket #5340Chris Buechler2015-10-261-1/+3
|
* terminate argument parsing before giving the log level. Ticket #5340Chris Buechler2015-10-261-1/+1
|
* Merge pull request #1980 from doktornotor/patch-2Renato Botelho2015-10-261-10/+27
|\
| * Fix external interface variable in input error messagedoktornotor2015-10-241-1/+1
| |
| * Properly validate IPv4 for UPnP - RELENG_2_2doktornotor2015-10-241-10/+27
| | | | | | | | | | Since https://redmine.pfsense.org/issues/1835 got exactly nowhere for the past 4 years, the input should be properly validated, instead of allowing people to configure nonfunctional/broken nonsense. P.S. If you don't plan on fixing the above-linked feature for 2.3, let me know and I'll do the same for 2.3
* | Merge pull request #1986 from phil-davis/patch-6Renato Botelho2015-10-261-2/+2
|\ \
| * | Fix Command Prompt Download and Upload when not in English - Redmine #5343 ↵Phil Davis2015-10-251-2/+2
| |/ | | | | | | for RELENG_2_2
* | Merge pull request #1984 from phil-davis/patch-4Renato Botelho2015-10-261-1/+1
|\ \
| * | Fix multi-lingual save of NAT mode Redmine # for RELENG_2_2Phil Davis2015-10-251-1/+1
| |/ | | | | and forum https://forum.pfsense.org/index.php?topic=101276.0
* | Use 1-6 rather than 0-5 for IPsec logging levels, to stay away from ↵Chris Buechler2015-10-265-8/+31
|/ | | | complications of 0 due to PHP stupidity. Upgrade config to add 1 to any configured log levels. Default to 1 as log level where none is configured by the user. Ticket #5340
* IKE auto mode is back, remove this config upgrade code unsetting it.Chris Buechler2015-10-241-4/+0
|
* Merge pull request #1979 from phil-davis/patch-5Renato Botelho2015-10-231-4/+4
|\
| * interfaces_assign tab_array numberingPhil Davis2015-10-231-4/+4
|/ | | | | This was fixed in master for 2.3 by https://github.com/pfsense/pfsense/commit/50e6c063e6ec148917ff0bcb0bce8b0a08df5792 - in master all of these $tab_array entries, in each file that they appear in, had been modified to just use the $tab_array[] = form. But in RELENG_2_2 that has not happened. So it seems nicer to just fix the numbering here to match what is already in the other interfaces_*.php files in RELENG_2_2. Note that the code works OK without this "fix" - display_top_tabs() just loops through the existing array keys anyhow and so did not notice the missing number.
* Check unbound root.key file contents, and remove it if invalid, before ↵Chris Buechler2015-10-211-0/+9
| | | | unbound-anchor runs otherwise it will fail and unbound will fail to start. fsync the file after writing to prevent the problem. Ticket #5334
OpenPOWER on IntegriCloud