| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Check unbound root.key file contents, and remove it if invalid, before ↵ | Chris Buechler | 2015-10-21 | 1 | -0/+9 |
| | | | | | unbound-anchor runs otherwise it will fail and unbound will fail to start. fsync the file after writing to prevent the problem. Ticket #5334 | ||||
| * | Make setting charon.plugins.attr.subnet conditional on net_list being set. Set | Matt Smith | 2015-10-21 | 1 | -3/+1 |
| | | | | | it's value to list of subnets configured as P2's for mobile IPsec. Fixes #5327. | ||||
| * | Merge pull request #1971 from doktornotor/patch-5 | Chris Buechler | 2015-10-20 | 2 | -0/+9 |
| |\ | |||||
| | * | Point people to 'Clear Package Lock' if the reinstall of packages got stuck ↵ | doktornotor | 2015-10-20 | 1 | -0/+8 |
| | | | | | | | | | (RELENG_2_2) | ||||
| | * | Point people to 'Clear Package Lock' if the reinstall of packages got stuck ↵ | doktornotor | 2015-10-20 | 1 | -0/+1 |
| | | | | | | | | | (RELENG_2_2) | ||||
| * | | Disable strongswan logging under auth since it's all logged under daemon, | Chris Buechler | 2015-10-20 | 1 | -0/+5 |
| | | | | | | | | | so nothing is duplicated. Ticket #5242 | ||||
| * | | Check whether the P2 or its associated P1 are disabled before adding NAT | Chris Buechler | 2015-10-20 | 1 | -1/+8 |
| | | | | | | | | | rules. Ticket #5320 | ||||
| * | | Limit the auth methods where "My Certificate Authority" is displayed/saved for | Matt Smith | 2015-10-20 | 1 | -12/+7 |
| |/ | | | | mobile clients. Fixes #5323. | ||||
| * | Disable zero copy buffers in bpf. | Luiz Otavio O Souza | 2015-10-19 | 1 | -1/+0 |
| | | | | | | | | | | This was a no-op before my changes (so this was never really enabled) and now it is known to cause issues with tcpdump and hostapd. Disable this until we fix all the raised issues. Issue: #5257 | ||||
| * | Validate that the Mobile Client settings have a valid RADIUS server selected | Matt Smith | 2015-10-19 | 1 | -0/+11 |
| | | | | | | as the source for user authentication when EAP-RADIUS is selected as the phase 1 authentication method for mobile IPsec. Fixes #5219. | ||||
| * | Cherry-pick 98bf4991dc31f97fc7315a6b8aba433de9d39cea: | Luiz Otavio O Souza | 2015-10-19 | 1 | -20/+14 |
| | | | | | | | | | | | | | Fixes #4150. Move to tables to accomodate unlimited number of interfaces. Cherry-pick 52fe0465b463dd8b8f4b2099d562254da320e704: Fix the captive portal rules after 98bf4991dc31f97fc7315a6b8aba433de9d39cea. The malformed rules breaks the parsing of initialisation rules. Issue: #4746 | ||||
| * | Add 'caref' attribute to the ca object passed into ca_inter_create so a | Matt Smith | 2015-10-16 | 1 | -0/+1 |
| | | | | | relationship to the signing CA can be maintained. Fixes #5313. | ||||
| * | Limit strongswan trusted CA certificates to those required for authentication of | Matt Smith | 2015-10-16 | 1 | -22/+46 |
| | | | | | the configured IPsec SA's instead of trusting all known CA's. Fixes #5243. | ||||
| * | only use daemon and not auth for strongswan logging. As it was, all logs ↵ | Chris Buechler | 2015-10-15 | 1 | -6/+0 |
| | | | | | were duplicated. Ticket #5242 | ||||
| * | fix comparison here. Ticket #4558 | Chris Buechler | 2015-10-15 | 1 | -1/+1 |
| | | |||||
| * | Set rightca for IPsec phase 1 using Mutual RSA, Mutual RSA + xauth, or ↵ | Matt Smith | 2015-10-15 | 1 | -0/+24 |
| | | | | | EAP-TLS. Fixes #5241. | ||||
| * | s/ip/IP/ it got lost on revert. Spotted by @phil-davis | Renato Botelho | 2015-10-14 | 1 | -1/+1 |
| | | |||||
| * | This is necessary for dhcrelay to function. Revert "remove the destination ↵ | Chris Buechler | 2015-10-14 | 1 | -6/+132 |
| | | | | | | | server's interface(s) from dhcrelay" This reverts commit 97613114b5b74c334609d7fcd79c94741b111793. | ||||
| * | Auto-add firewall rules for DHCP Relay, same as is done for DHCP Server. Add ↵ | Chris Buechler | 2015-10-14 | 2 | -0/+15 |
| | | | | | filter reload to DHCP Relay config so rules are immediately added/removed. Ticket #4558 | ||||
| * | Remove original rightsourceip. Ticket #5284 | Chris Buechler | 2015-10-13 | 1 | -1/+0 |
| | | |||||
| * | set enabled/disabled status accordingly on initial page load. Ticket #5284 | Chris Buechler | 2015-10-13 | 1 | -0/+1 |
| | | |||||
| * | clean up empty lines | Chris Buechler | 2015-10-13 | 1 | -2/+0 |
| | | |||||
| * | Add all remaining log types to status.php. Ticket #5304 | Chris Buechler | 2015-10-13 | 1 | -6/+30 |
| | | |||||
| * | PHP chmod() doesn't like 1777, gives it 01777 then | Renato Botelho | 2015-10-13 | 1 | -1/+1 |
| | | |||||
| * | Add missing ; and also mute chmod | Renato Botelho | 2015-10-13 | 1 | -1/+1 |
| | | |||||
| * | Preserve /tmp permission, it fixes #5298 | Renato Botelho | 2015-10-13 | 1 | -0/+1 |
| | | |||||
| * | Update zoneinfo to 2015f, it fixes #5254 | Renato Botelho | 2015-10-13 | 1 | -0/+0 |
| | | |||||
| * | Remove strongswan's cert directories and repopulate them, to ensure no ↵ | Chris Buechler | 2015-10-12 | 1 | -0/+5 |
| | | | | | removed CAs, certs, or CRLs remain. Ticket #5238 | ||||
| * | Fix up strongswan logging levels. Remove charondebug since strongswan.conf ↵ | Chris Buechler | 2015-10-12 | 1 | -7/+11 |
| | | | | | settings take precedence. Set logging levels in strongswan.conf to match what's set on a running system via 'ipsec stroke loglevel', and remove log levels that were hard coded in strongswan.conf. Ticket #5242 | ||||
| * | Merge pull request #1962 from davidjwood/RELENG_2_2-ppp-ipv6 | Chris Buechler | 2015-10-12 | 3 | -34/+170 |
| |\ | |||||
| | * | Use named variables for ppp-linkup command line parameters | David Wood | 2015-10-11 | 1 | -32/+40 |
| | | | |||||
| | * | Make route deletions quiet - it may well be the routes have already disappeared | David Wood | 2015-10-11 | 1 | -2/+2 |
| | | | |||||
| | * | Make code dealing with the IPv4 default gateway conditional on the IPv4 link ↵ | David Wood | 2015-10-11 | 1 | -1/+1 |
| | | | | | | | | | going down | ||||
| | * | Connect ppp-ipv6 helper script to ppp-linkdown and ppp-linkup | David Wood | 2015-10-11 | 2 | -0/+5 |
| | | | |||||
| | * | Add /usr/local/sbin/ppp-ipv6 helper script | David Wood | 2015-10-11 | 1 | -0/+123 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | /usr/local/sbin/ppp-ipv6 <real interface> up|down Interface using SLAAC or DHCP6 going down: * bring down dhcp6c if it is running * disable router advertisements (and therefore SLAAC) * remove any autoconfigured IPv6 addresses Interface using SLAAC or DHCP6 coming up: * call interface_dhcpv6_configure() if dhcp6c not running and router advertisements off interface_dhcpv6_configure() will enable router advertisements, configure rtsold and dhcp6c, then set rtsold to prime dhcp6c as required. | ||||
| * | | Merge pull request #1958 from phil-davis/patch-11 | Renato Botelho | 2015-10-12 | 1 | -8/+18 |
| |\ \ | |||||
| | * | | Redmine #5294 Do not delete a system group | Phil Davis | 2015-10-11 | 1 | -8/+18 |
| | | | | | | | | | | | | | This code checks if the user has somehow posted a group deletion for a group that has "system" scope. If so, then the delete is not done and an input error is displayed. Note that in normal use the group manager page does not display a delete button for "system" groups, so normally this does not happen - only if the user manually messes with the $POST variables. | ||||
| * | | | Merge pull request #1957 from phil-davis/patch-10 | Renato Botelho | 2015-10-12 | 1 | -8/+18 |
| |\ \ \ | |/ / |/| | | |||||
| | * | | Redmine #5294 Do not delete a system user | Phil Davis | 2015-10-11 | 1 | -8/+18 |
| |/ / | | | | | | | This code checks if the user has somehow posted a user deletion for a user that has "system" scope. If so, then the delete iscnot done and an input error is displayed. Note that in normal use the user manager page does not display a delete button for "system" users, so normally this does not happen - only if the user manually messes with the $POST variables. | ||||
| * | | Merge pull request #1954 from doktornotor/patch-2 | Renato Botelho | 2015-10-09 | 1 | -0/+1 |
| |\ \ | |||||
| | * | | Add SVG MIME type - RELENG_2_2 | doktornotor | 2015-10-09 | 1 | -0/+1 |
| |/ / | | | | | Because it breaks traffic graphs for people.https://forum.pfsense.org/index.php?topic=87390.0 | ||||
| * | | Do curl_init above any curl_setopt, and take it out of that if block since ↵ | Chris Buechler | 2015-10-08 | 1 | -1/+2 |
| | | | | | | | | | it applies to all types. | ||||
| * | | Merge pull request #1953 from phil-davis/patch-10 | Chris Buechler | 2015-10-07 | 1 | -1/+1 |
| |\ \ | |||||
| | * | | Wording of alias_info_popup tip | Phil Davis | 2015-10-08 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | | | | I noticed this while comparing alias popup behavior between 2.2.5-DEVELOPMENT and 2.3 Might as well fix the grammar here for 2.2.5 This tip does not exist in 2.3 because the popup works more nicely there and so this text is not needed. Therefore this change does not need to be ported forward to master. | ||||
| * | | | correct htmlentities unintentionally removed by earlier commit | Chris Buechler | 2015-10-07 | 1 | -1/+1 |
| |/ / | |||||
| * | | https://redmine.pfsense.org/issues/5207 | Matt Smith | 2015-10-07 | 1 | -2/+1 |
| | | | | | | | | | change auth methods for both peers when using hybrid RSA + xauth with IKEv1 | ||||
| * | | Add support for an IPv6 pool for mobile clients. | Matt Smith | 2015-10-07 | 2 | -5/+72 |
| | | | |||||
| * | | Don't enforce the use of only IPv4 or IPv6 when using IKEv2 since it works ↵ | jim-p | 2015-10-07 | 1 | -1/+1 |
| | | | | | | | | | fine with IKEv2 | ||||
| * | | Where doing a dynamic DNS update on IPv4, force curl to resolve IPv4 IPs. ↵ | Chris Buechler | 2015-10-03 | 1 | -0/+4 |
| | | | | | | | | | Ticket #3858 | ||||
| * | | Fix typo | Chris Buechler | 2015-10-02 | 1 | -1/+1 |
| | | | |||||
 |
index : pfsense | |
| Raptor Engineering's fork of the main repository for pfSense | Raptor Engineering, LLC |
| summaryrefslogtreecommitdiffstats |
|