summaryrefslogtreecommitdiffstats
path: root/conf.default
Commit message (Collapse)AuthorAgeFilesLines
* Add lookup table for sysctl tunable (sysctl.inc). Make config.xml values ↵sullrich2009-12-061-26/+26
| | | | default to value 'default' Ticket #71
* Minor formatting changesullrich2009-12-031-1/+1
|
* Set default protocol to HTTPS. Somehow this commit did not make it last timesullrich2009-12-031-1/+1
|
* Make the default HTTPS. Ticket #63sullrich2009-12-021-8/+0
|
* Default to only system information and interfaces widgets. This reduces ↵Scott Ullrich2009-11-211-0/+3
| | | | load time on RSPRO from 9+ seconds to 2.5
* Add default load balancing monitor types for ICMP, TCP, HTTP, HTTPS and SMTP ↵Scott Ullrich2009-11-021-0/+45
| | | | from BillM
* Revert "add crontab entries for snort auto block and snort update"Scott Ullrich2009-09-091-18/+0
| | | | This reverts commit b0d639a5e7880ee55c671cbabdb01cd0f1ae1b38.
* add crontab entries for snort auto block and snort updaterobiscool2009-09-091-0/+18
|
* Added support for automatically managing firewall rules with NAT rules.unknown2009-08-141-0/+2
|
* Turn off flowtables by defaultScott Ullrich2009-07-131-1/+0
|
* Enable flow table support by default for new installationsScott Ullrich2009-07-121-0/+1
|
* Add enable/disable option for flow table support... Remove configuration option.Scott Ullrich2009-07-121-5/+0
|
* Make pfSense_ng the new default themehoba2009-06-261-1/+1
|
* Nuke snort2cScott Ullrich2009-06-111-10/+1
| | | | Requested-by: rob iscool
* Add L2 L3 Cache lookup by default.Scott Ullrich2009-06-091-1/+6
| | | | | | | | | | | | | - Import infrastructure for caching flows as a means of accelerating L3 and L2 lookups as well as providing stateful load balancing when used with RADIX_MPATH. - Currently compiled in to i386 and amd64 but disabled by default, it can be enabled at runtime with 'sysctl net.inet.flowtable.enable=1'. - Embedded users can remove it entirely from the kernel by adding 'nooption FLOWTABLE' to their kernel config files. - A minimal hookup will be added to ip_output in a subsequent commit. I would like to see more review before bringing in changes that require more churn.
* default to vr0/vr1 rather than sis, since the defaults should be for ALIX, ↵Chris Buechler2009-05-131-2/+2
| | | | not WRAP.
* Remove reset_slbd.sh from cron.Ermal Luçi2009-05-081-9/+0
|
* Catch up with the latest additions.Ermal Luçi2009-05-071-16/+0
|
* Remove ftp-proxy/pftpx/ftpsesame references we handle all of this in kernel ↵Ermal Luçi2009-03-161-1/+0
| | | | now.(yay!)
* Modify IPsec code to allow for transport mode. All existing configurations aremgrooms2009-03-151-1/+1
| | | | | marked as tunnel for backwards compatibility. There are problems with the spd read code which Will likely choke on transport entries. We can fix this later.
* Modify captive portal to use centralized user management. The user manager hasmgrooms2009-03-151-1/+1
| | | | been modified to include an account expiration option to support this service.
* Correct the configuration file IPsec certificate upgrade process.mgrooms2009-03-121-2/+2
|
* Use nice -n20 for common launched itemsScott Ullrich2009-03-111-4/+4
|
* Update config.xml to 5.5 to prevent RRD database updates from triggering.Seth Mos2008-12-231-1/+4
| | | | add rrd tag to default enabled
* change default to enable block bogonsChris Buechler2008-11-301-0/+1
|
* Add TCP TSO = 0 sysctlScott Ullrich2008-11-041-0/+10
|
* Change default icmplim to 750.Scott Ullrich2008-10-251-1/+1
|
* Revise default allow all to any rule text. Remove > and attempt to cleanupScott Ullrich2008-09-101-1/+1
| | | | text to make it more friendly to a new user.
* Remove the page locking privileges after discussion with Scott on IRC. TheMatthew Grooms2008-09-031-2/+0
| | | | | | | feature was confusing and offered little utility that I could see. If we really need to provide serialized access to sections of the webui, IMO it should be a global lock option and enabled or disabled manually and not a privilege that is on all the time.
* Modify all the default configuration files to ensure the versions match.Matthew Grooms2008-09-021-1/+1
| | | | | While in globals.inc, remove the easyrsa path and do some whitespace cleanup.
* Set net.inet.icmp.icmplim to 500. Apparently the low setting of 200Scott Ullrich2008-09-011-10/+15
| | | | | wrecked Seths firewall on upgrade due to overwhelming amounts of icmp packets.
* Move WAN interface to appear first now that the interface codeScott Ullrich2008-08-301-14/+14
| | | | | programatically enumerates the interfaces. Not sure if we need upgrade code to move the interface order.
* Disable extended TCP debugging.Scott Ullrich2008-08-111-0/+5
|
* Epose if_bridge(4) sysctl members.Ermal Luçi2008-08-051-0/+10
|
* Rewrite the pfsense privilege system with the following goals in mind ...Matthew Grooms2008-08-011-23/+7
| | | | | | | | 1) Redefine page privileges to not use static urls 2) Accurate generation of privilege definitions from source 3) Merging the user and group privileges into a single set 4) Allow any privilege to be added to users or groups w/ inheritance 5) Cleaning up the related WebUI pages
* * Switch XML tag from </pages> to <pages/>Scott Ullrich2008-07-301-1/+1
| | | | * Sync the all group which appears to be missing
* latest config.xml version is 4.9Scott Ullrich2008-07-281-1/+1
|
* Rewrite portions of the user manager to ensure data is properly synced toMatthew Grooms2008-07-251-4/+10
| | | | | | | | | | | the system password and group databases. This is to provide better support for centralized user management when local account administration is preferred. I also took this opportunity to do some housekeeping. A lot of funtions that were only being used in one place or not at all were removed. The user page privelege checks were also simplified in preperation for future work in this area.
* Add TCP InflightScott Ullrich2008-07-191-0/+5
|
* re-enable the sending of ICMP redirects by defaultChris Buechler2008-06-141-4/+4
|
* Remove unused tag.Scott Ullrich2008-03-101-2/+0
|
* Unbreak package managerScott Ullrich2008-03-101-2/+0
|
* Add missing bits from HEAD.Scott Ullrich2008-02-201-0/+38
|
* Switch over to the newly provisioned 0.pfsense.pool.ntp.org whichScott Ullrich2008-02-181-1/+1
| | | | ntp.org has graciously setup for pfSense.
* Really disable CTRL+ALT+DELETE.Scott Ullrich2008-02-021-1/+1
|
* Disable CTRL+ALT+DELETE reboot sequence on keyboard.Scott Ullrich2008-02-021-0/+5
| | | | | Admnins commonly have to press this sequence to login to winderz boxen and if you have a shared KVM you might accidently reboot your firewall.
* Move update bogons script to 3am.Scott Ullrich2007-11-281-1/+1
| | | | Discussed on pfSense-support@
* * Download bogons entries from pfsense.comScott Ullrich2007-11-271-1/+1
| | | | | * Do not update on every minute on the 1st of the month * Sleep for a random period before updating to avoid killing the server
* Increase net.inet.ip.intr_queue_maxlen to 1000 which is the IP input queue.Scott Ullrich2007-08-221-0/+5
|
* Reset slbd every 140 minutes as opposed to 300 minutes.Scott Ullrich2007-08-021-1/+1
|
OpenPOWER on IntegriCloud