summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* | Clarify Negate option description on firewall_nat_out.php.Chris Buechler2016-07-021-1/+1
| |
* | Change button order on diag_dns.php so hitting enter in the field does a ↵Chris Buechler2016-07-021-9/+9
| | | | | | | | lookup rather than update alias. semi-related to Ticket #6561
* | Merge pull request #3035 from BBcan177/patch-1Chris Buechler2016-07-013-6/+6
|\ \
| * | Update system_usermanager_settings.phpBBcan1772016-07-011-1/+1
| | | | | | | | | Use of undefined constant min - assumed 'min'
| * | Update system_crlmanager.phpBBcan1772016-07-011-1/+1
| | | | | | | | | | | | Use of undefined constant min - assumed 'min' Use of undefined constant max - assumed 'max'
| * | Fix undefined constantBBcan1772016-07-011-4/+4
|/ / | | | | | | Notice: Use of undefined constant min - assumed 'min' Notice: Use of undefined constant max - assumed 'max'
* | Merge pull request #3034 from NOYB/startsWith_PolyfillChris Buechler2016-06-301-0/+15
|\ \
| * | startsWith PolyfillNOYB2016-06-301-0/+15
| | | | | | | | | | | | Fixes hidding of custom individual settings when not in use on user manager page.
* | | Merge pull request #3033 from NOYB/Diag_Tables_Last_UpdatedChris Buechler2016-06-301-1/+1
|\ \ \ | |/ / |/| |
| * | Diag Tables Last UpdateNOYB2016-06-301-1/+1
|/ / | | | | | | Use correct Thursday abbreviation (s/Thr/Thu/).
* | Merge pull request #2764 from NewEraCracker/redmine-6011Chris Buechler2016-06-303-5/+6
|\ \
| * | Fix Redmine #6011NewEraCracker2016-06-153-5/+6
| | | | | | | | | | | | This will add linklocal fallback where no IPv6 is otherwise configured to allow login using this IPs
* | | Allow wildcard for hostname with Namecheap DDNS. Ticket #6260Chris Buechler2016-06-301-2/+2
| | |
* | | Merge pull request #2729 from zevlag/BountyRequestTopic106193Chris Buechler2016-06-302-3/+20
|\ \ \
| * | | Whitespace cleanupJosh Galvez (zevlag)2016-03-111-2/+2
| | | |
| * | | Make model_number customizableJosh Galvez (zevlag)2016-03-112-2/+11
| | | |
| * | | Make presentation_url customizableJosh Galvez (zevlag)2016-03-112-1/+9
| | | |
* | | | Merge pull request #3031 from NOYB/GitSync_Diff_Only_OptionChris Buechler2016-06-301-62/+133
|\ \ \ \
| * | | | GitSync Diff Only OptionNOYB2016-06-291-62/+133
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Diff Option --diff SSD Friendlier Same as default but only copies files that are different, instead of every thing even though identical. Verbose Option --verbose Display constructed command. In combination with the --diff option, display the array of different and missing files. Dry Run Option --dry-run Run without syncing files. Fixes Files to copy variable state is used to determine whether or not to run the command. Tar options being passed in the files to copy variable causes the command to always run. Even if there are no files to be copied. Separate out tar options from files to copy variable so command only runs if there are files to be copied. Accommodate providing tar options such as '-C ./src' with the --minimal option. Resolve function redefinition that prevents running gitsync again in same dev shell session (command recall) (function_exists).
* | | | | Merge pull request #2994 from stilez/patch-31Chris Buechler2016-06-301-0/+8
|\ \ \ \ \
| * | | | | Get modulus keysizestilez2016-06-061-0/+8
| | | | | | | | | | | | | | | | | | Useful utility function when it's necessary to verify that existing keys meets current practices
* | | | | | Merge pull request #3018 from phil-davis/usersettingsChris Buechler2016-06-3012-136/+685
|\ \ \ \ \ \
| * | | | | | Feature #6388 custom GUI preference settings per userPhil Davis2016-06-2312-137/+686
| | | | | | |
* | | | | | | Merge pull request #3029 from phil-davis/IPv6colonsChris Buechler2016-06-301-6/+12
|\ \ \ \ \ \ \
| * | | | | | | Handle more invalid IPv6 formatsPhil Davis2016-06-301-6/+12
| | | | | | | |
* | | | | | | | Merge pull request #3030 from phil-davis/patch-1Chris Buechler2016-06-291-16/+7
|\ \ \ \ \ \ \ \ | |_|_|_|/ / / / |/| | | | | | |
| * | | | | | | Rationalize System Update GUI messagesPhil Davis2016-06-301-16/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | At present, when doing a System Update, there is a message box that says: "Please wait while the installation of completes. This may take several minutes." Between "of" and "completes" is the package name, which is blank in the case of a System Update. This should fix that issue by defining $pkg_wait_txt appropriately for the $firmwareupdate case. Note: It was also easy to refactor out a couple of special "if firmwareupdate" tests, as the code "fell out" nicely by defining the other *_txt variables to suitable strings for the $firmwareupdate case.
* | | | | | | | Merge pull request #3028 from PiBa-NL/2.3_dnsV6Chris Buechler2016-06-291-19/+56
|\ \ \ \ \ \ \ \ | |/ / / / / / / |/| | | | | | |
| * | | | | | | Diagnostics - DNS Lookup, also query for IPv6 addressesPiBa-NL2016-06-291-19/+56
| | | | | | | |
* | | | | | | | Add playback files for disabling and enabling CARP maintenance mode. Ticket ↵Chris Buechler2016-06-292-0/+10
| |/ / / / / / |/| | | | | | | | | | | | | | | | | | | | #6560
* | | | | | | Omit <secret> tags from L2TP in status.php config.xml dump.Chris Buechler2016-06-291-0/+1
| | | | | | |
* | | | | | | Restore 2.2.x and prior means of obtaining pfsync nodes to avoid exhausting ↵Chris Buechler2016-06-291-9/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | memory on systems with large state tables. Ticket #6364
* | | | | | | Merge pull request #2934 from k-paulius/patch-14Chris Buechler2016-06-291-2/+2
|\ \ \ \ \ \ \
| * | | | | | | Flush link-local IPs so we do not get stale data and do not waste time ↵k-paulius2016-05-051-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | deleting IP if it is already set to fe80::1:1
* | | | | | | | Merge pull request #2944 from stilez/patch-23Chris Buechler2016-06-284-6/+11
|\ \ \ \ \ \ \ \
| * | | | | | | | Add missing recommended digeststilez2016-05-081-1/+1
| | | | | | | | |
| * | | | | | | | Add missing recommended key lengths/digest to ca managerstilez2016-05-081-2/+2
| | | | | | | | |
| * | | | | | | | Add missing recommended key lengths/digest to certmanagerstilez2016-05-081-2/+2
| | | | | | | | |
| * | | | | | | | Add missing recommended key lengths to user managerstilez2016-05-081-2/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | Add key lengths to user manager options
* | | | | | | | | Merge pull request #3000 from stilez/patch-32Chris Buechler2016-06-281-1/+1
|\ \ \ \ \ \ \ \ \
| * | | | | | | | | Rename item #12 in console menustilez2016-06-081-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The console menu item #12 (_"pfSense/$product developer shell"_) has a pointless title that doesn't help users much. It also actively obscures from router admins the useful tools it contains which is a negative side-effect. * Describing it as a "developer" shell is redundant; it appears to try and obscure the fact it is useful to non-devs too. pfSsh.php isn't any more or less a "developer shell" than any other shell provided. Both shells can be used by developers or by end-user router admins, but its title of "dev tool" suggests it contains nothing of relevance to an end-user admin, which is very incorrect - it contains very useful packaged tools and versatility, to get the router recovered from a bad borking or if the web UI can't be used for any reason. * It also isn't just a "pfSense/$product" shell. It's a full-fledged PHP shell, and obscuring this also hides its usefulness. It's unlikely that non-dev users will "mess things up more with it" or "need protecting from themselves" - any user prone to do so would already have used option #8 and full shell access for that purpose. Renaming the menu item should help end-user admins, as the discoverability and usefulness that pfSsh.php provides will be more readily visible to users who might benefit from it.
* | | | | | | | | | Merge pull request #3024 from phil-davis/include_onceChris Buechler2016-06-2810-15/+15
|\ \ \ \ \ \ \ \ \ \
| * | | | | | | | | | Update include() to include_once()Phil Davis2016-06-2810-15/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | For safety, use include_once() when including various "side" files. There are a couple of instances of include("guiconfig,inc") that I changes to use require_once() to be consistent with everywhere else. The remaining cases of include() are just (hundreds of) head.inc and footer.inc - those are only at the start/end of the ordinary top-level interactive PHP files. There is no nested interaction of those to think about, so that should be fine.
* | | | | | | | | | | Merge pull request #3027 from dhoffend/ticket-6505Chris Buechler2016-06-281-5/+11
|\ \ \ \ \ \ \ \ \ \ \
| * | | | | | | | | | | Shorten gwifip if whole socket path exceeds 100 charsDaniel Hoffend2016-06-291-4/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | dpinger stopps with an error when the socketname exceeds over (around) 100 characters. The dpinger will not start and not deliver monitoring results to the WebUI. These long socket names can get created when using link-local addresses and long gateway names / interface scopes. See Ticket 6505
| * | | | | | | | | | | Use a different delimiter for dpinger socket namesDaniel Hoffend2016-06-291-5/+5
|/ / / / / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently underscores are used to seperate gwifip, monitorip, etc, but underscors are also used in vlan subinterfaces like em0_vlan10 and therefore can't be used because the interface scope is appended to IPv6 link-local addresses.
* | | | | | | | | | | Set pipe_slot_limit to the maximum configured qlimit value. Move the ↵Chris Buechler2016-06-281-5/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | set_sysctl out if the block where it only gets run if dummynet isn't already loaded. Ticket #6553
* | | | | | | | | | | Clean up limiter text. Remove old commented out bit.Chris Buechler2016-06-281-16/+7
| | | | | | | | | | |
* | | | | | | | | | | Merge pull request #3026 from phil-davis/patch-2Stephen Beaver2016-06-281-1/+1
|\ \ \ \ \ \ \ \ \ \ \
| * | | | | | | | | | | Fix matching of chars in IPv6 address segmentsPhil Davis2016-06-281-1/+1
| |/ / / / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The existing regex here is wrong, it matches 0 or more of the hex digits but then there can be other rubbish in the string, in fact anything at all! It matches "az", "z", "qwerty" and so on. So the "return false" inside this "if" never happens. In most cases the later code catches problems, because it converts the string from hex to decimal (and things like "z" end up as decimal 0), then it does some back-conversion of the answer to hex and realizes something is different and so does not count the entry as one of the needed 8 valid segments of the IPv6 address. This goes wrong if the user supplies a string with 8 valid IPv6 hex pieces and 1 or more extra invalid ones anywhere in the list. In that case the code finds 8 good chunks and thinks that all is well. Try using the pfSense is_ipaddrv6() with strings like: $ipaddr = "1:2:3:4:5:6:7:z:a"; $ret = is_ipaddrv6($ipaddr); var_dump($ret); That returns true - which is not good! You can put the invalid items anywhere you like, as long as you have 8 valid items, such as: "1:2:3:xy:4:5:6:7:8" "gh:1:2:3:xy:4:5:6:7:8" "1:2:3:xy:4:5:6:7:8:qw" This change makes this initial validity check on the characters actually work, so it avoids the later code having to deal with that at all.
OpenPOWER on IntegriCloud