summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Remove exit and also properly close open filesErmal LUÇI2014-12-022-5/+8
|
* Lock rc.linkup based on interface to avoid races in between up/down events ↵Ermal LUÇI2014-12-021-1/+4
| | | | which might create a loop. This is more a timing issue but better enforce serialization here. check_reload_status forces this but not between start and stop but just between similar events. Probably need to bring more inteligence there.
* Avoid calling exit in backend now that fpm is used for php since its a ↵Ermal LUÇI2014-12-021-6/+7
| | | | pesimization and can break calling scripts assumption on locks.
* Comment out copy paste of v4 code. No need to delete arp entries on v6.Ermal LUÇI2014-12-021-1/+1
|
* Comment out copy paste of v4 code. No need to delete arp entries on v6.Ermal LUÇI2014-12-021-1/+1
|
* also take into account the "all" option in Unbound Network Interfaces whenChris Buechler2014-12-011-2/+2
| | | | setting 127.0.0.1 into resolv.conf.
* Revert "/etc/ssl/cert.pem was obsoleted by mistake, remove it"Renato Botelho2014-12-011-0/+1
| | | | | | Since /usr/local/ssl/cert.pem is in place now, it can be obsoleted This reverts commit bb788b8ceb3337b62401819378ec3070deb18966.
* /etc/ssl/cert.pem was obsoleted by mistake, remove itRenato Botelho2014-12-011-1/+0
|
* Unlink temporary xml file to avoid filling up space with junk filesErmal LUÇI2014-12-011-0/+4
|
* Only set i_dont_care_about_security_and_use_aggressive_mode_psk=yes where ↵Chris Buechler2014-11-291-4/+10
| | | | there is a P1 with aggressive+PSK enabled. Log a warning when such a configuration is in use.
* Merge pull request #1356 from phil-davis/patch-3Renato Botelho2014-11-291-1/+1
|\
| * Correctly delete xml file after restore and conversion to rrdPhil Davis2014-11-291-1/+1
|/ | | | When doing "Generating RRD graphs" at bootup, the data is restored from /cf/conf/rrd.tgz into xml format files in /var/db/rrd. Those xml files are then convert to rrd files. After that, the xml files should be deleted - but the xml file path was not quite right, so they were not being deleted. This fixes it.
* Merge pull request #1355 from phil-davis/patch-2Renato Botelho2014-11-291-2/+2
|\
| * Fix bracketing of if statement in unboundPhil Davis2014-11-291-2/+2
|/ | | | | | Stops message: Warning: in_array() expects parameter 2 to be array, null given in /etc/inc/unbound.inc on line 607 The problem was introduced when lines 607-608 were added without adding these brackets. IMHO programming standards should include ALWAYS using brackets for "if" and other similar statements. That way this sort of code addition accident does not happen. But I guess there are others who have different opinions.
* fix syntax on prefix6 for DHCPv6 PDChris Buechler2014-11-281-1/+1
|
* validate MTU and MSS as integers, and don't allow MSS larger than pf will ↵Chris Buechler2014-11-281-4/+7
| | | | accept to avoid broken rulesets.
* Add input validation on vpn_ipsec_settings.php. Fixes #4052.Chris Buechler2014-11-282-2/+58
|
* Skip v6 WANs in Unbound access-control. Ticket #4023Chris Buechler2014-11-281-1/+3
|
* fix v6 access-control in Unbound, Ticket #4023Chris Buechler2014-11-281-1/+2
|
* Ticket #4009 Force serial console whenever the installer told us so.Ermal LUÇI2014-11-281-0/+3
|
* check if Unbound is enabled in addition to dnsmasq for v6 DNS assignment. ↵Chris Buechler2014-11-281-3/+3
| | | | Fixes #4051
* Fix input validation for DNS resolver when localhost is enabled in ↵Chris Buechler2014-11-282-10/+15
| | | | resolv.conf and "all" chosen in Network Interfaces. While here, set something other than '' when all is chosen.
* Merge pull request #1354 from phil-davis/patch-2Ermal2014-11-281-5/+9
|\
| * Process RRD backup compression in varPhil Davis2014-11-281-5/+9
| | | | | | | | | | | | | | | | Prior to this the RRD xml files were added uncompressed to the archive in /cf/conf and then that archive was compressed at the end. My /cf partition is only 50MB. The uncompressed archive of all the xml files is already 35MB. With a few config backups, or a few more VLANs (xml files) I will soon run into the 50MB limit. This change creates each xml from rrd one at a time, then compresses that 1 xml into a tgz in /var/db/rrd, deletes the xml then loops to the next rrd file. At the end of the loop, there are a bunch of /var/db/rrd/*.tgz files, which are small (they take up <2MB on my system, from XMLs that total 35MB). They are then unpacked and put into 1 /cf/conf/rrd.tgz in a single command. Thus there is no time when 35MB of xml content has to be stored anywhere. This should work for systems with a lot of RRD files that turn into XML and then TGZ one at a time.
* | Correct some logic and remove temporary filesErmal LUÇI2014-11-281-1/+2
| |
* | Make restore one by one to help ↵Ermal LUÇI2014-11-281-8/+12
|/ | | | https://forum.pfsense.org/index.php?topic=84693.0
* Process the rrd files one by one to fix ↵Ermal LUÇI2014-11-281-2/+8
| | | | https://forum.pfsense.org/index.php?topic=84693.0. Restore will come after
* Correct typo on variable. Should help ↵Ermal LUÇI2014-11-281-1/+1
| | | | https://forum.pfsense.org/index.php?topic=84451.0
* Add a parameter on platform_booting to help detect if it's on GUI on console ↵Renato Botelho2014-11-283-6/+7
| | | | and use it in appropriate places, it fixes #4049
* Fix sapi name check to detect if it's on console, ticket #4049Renato Botelho2014-11-281-4/+4
|
* Remove the . here they just confuse things as in Ticket #4049. Also check ↵Ermal LUÇI2014-11-281-9/+1
| | | | that the script is called from console to trigger the convertion and mounting of floppy.
* Remove these booting settings since are uselessErmal LUÇI2014-11-281-3/+0
|
* Remove these booting settings since are uselessErmal LUÇI2014-11-281-2/+0
|
* Remove these booting settings since are uselessErmal LUÇI2014-11-282-6/+0
|
* Bring back the old way of waiting for 3 times of 10seconds on bootup for a ↵Ermal LUÇI2014-11-281-6/+4
| | | | ppp type interface to come up. while here also do bringup of virtual interfaces only when not booting
* Use function for determining if its ppp typeErmal LUÇI2014-11-281-7/+1
|
* Cleanup some code and use function for easier managementErmal LUÇI2014-11-281-25/+3
|
* Merge pull request #1352 from phil-davis/patch-8Renato Botelho2014-11-281-1/+1
|\
| * Fixup misleading commentPhil Davis2014-11-281-1/+1
| | | | | | | | This comment was misleading - this is the IP of whatever interface that is being processed, not just WAN IP. Might as well fix while noticed, to save someone else from misunderstanding in future. The curwanip var is really "Current Interface IP" and could be called curinterfaceip, but I was not about to search/replace all that at this point, since it is only a var name.
* | Merge pull request #1351 from phil-davis/patch-7Renato Botelho2014-11-281-1/+1
|\ \
| * | Fix module name in top commentPhil Davis2014-11-281-1/+1
| |/ | | | | A bit of rubbish to update while I notice it.
* | Add input validation to Unbound advanced settings page. Ticket #4050Chris Buechler2014-11-281-0/+40
| |
* | Validate as integers, not just numeric, to prevent possible breakage.Chris Buechler2014-11-281-2/+2
| |
* | Add option to disable auto-added access-control entries for users who want ↵Chris Buechler2014-11-272-39/+54
|/ | | | to manually manage ACLs. Ticket #4023
* Unset any previous datErmal LUÇI2014-11-271-0/+1
|
* Use the pfsense module functions rather than execing. Fixes also possible ↵Ermal LUÇI2014-11-271-6/+6
| | | | attack vectors.
* Fixes #4040 for pppoe use static route with -iface option to help when more ↵Ermal LUÇI2014-11-272-4/+35
| | | | than one pppoe has the same gateway. Also kill states when reloading apinger to catch up with new route
* Use the pfsense module functions rather than execing. Fixes also possible ↵Ermal LUÇI2014-11-273-5/+12
| | | | attack vectors.
* use correct variable hereChris Buechler2014-11-271-1/+1
|
* Make the parsing of setkey -d(SAs) more reliable. Fixes #4043Ermal LUÇI2014-11-271-18/+19
|
OpenPOWER on IntegriCloud