Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Use 1-6 rather than 0-5 for IPsec logging levels, to stay away from ↵ | Chris Buechler | 2015-10-26 | 1 | -1/+1 |
| | | | | complications of 0 due to PHP stupidity. Upgrade config to add 1 to any configured log levels. Default to 1 as log level where none is configured by the user. Ticket #5340 | ||||
* | Upgrade config to 11.9. Changes IPsec peer ID for EAP types to "any", to ↵ | Chris Buechler | 2015-07-25 | 1 | -1/+1 |
| | | | | retain previous behavior. | ||||
* | Fix #4794: | Renato Botelho | 2015-07-17 | 1 | -1/+1 |
| | | | | | - Add a upgrade code to fix asn1dn string format to match strongSwan needs - Bump config version to 11.8 | ||||
* | dns_split was a comma separated list and moved to use space as separator, ↵ | Renato Botelho | 2015-03-06 | 1 | -1/+1 |
| | | | | provide upgrade code to make sure old configs are converted. Since there was a config upgrade version 11.7 only on master, I pushed it to 11.8 and used dns_split one as 11.7 to be able to backport it to RELENG_2_2. Ticket #4418 | ||||
* | Remove the harden-glue option entirely and hard code it to yes. Ticket #4402 | Chris Buechler | 2015-03-05 | 1 | -1/+0 |
| | |||||
* | Update Unbound defaults | Chris Buechler | 2015-02-09 | 1 | -0/+4 |
| | |||||
* | To avoid issues with clashing SAIDs go back to specifying the reqid in ↵ | Ermal LUÇI | 2015-01-13 | 1 | -1/+1 |
| | | | | | | | | | strongswan config. To be able to manage this first upgrade the config to assign each phase2 an reqid Second use that during config generation Ticket #4208 | ||||
* | Fix #4090: | Renato Botelho | 2015-01-05 | 1 | -1/+1 |
| | | | | | | | | | - Unbound advanced options may contain double quotes and it breaks the syntax when a backup is restored because newlines are trimmed. Save it in base64 format is a safe way to prevent it - Bump config version to 11.5 - Provide upgrade code to encode current config or the one that came from unbound package on 2.1.5 | ||||
* | Add config upgrade code to make sure iketype is set, bump config version to ↵ | Renato Botelho | 2014-12-31 | 1 | -1/+1 |
| | | | | 11.4. It fixes #4163 | ||||
* | Add config upgrade code to validate changes made on c2fe67eb and d269747b. ↵ | Renato Botelho | 2014-12-22 | 1 | -1/+1 |
| | | | | It fixes #4134 | ||||
* | Add a cron item to expire items from webConfiguratorlockout, also add config ↵ | Renato Botelho | 2014-12-17 | 1 | -1/+10 |
| | | | | upgrade code. This fixes #4122 | ||||
* | Update default config.xml for 2.2. Disable dnsmasq, enable Unbound. Remove | Chris Buechler | 2014-11-14 | 1 | -370/+33 |
| | | | | | | | outdated comments that used to sort of document the config file, but had been neglected for quite some time and aren't all that useful anyway. Change default NICs from vr to em, given vr is on the way out and em is the most common NIC in use today. partially re: Ticket #3396 | ||||
* | Do not require the default sysctl items to be set on the config.xml but ↵ | Ermal | 2014-11-10 | 1 | -152/+0 |
| | | | | rather extract the definitions from the sysctl tree. Also to reduce config.xml size | ||||
* | Put the new sysctl on the config as needed. | Ermal | 2014-11-10 | 1 | -0/+5 |
| | |||||
* | Add powerd normal mode flag (-n) | Steven Selph | 2014-10-05 | 1 | -0/+1 |
| | |||||
* | Insert tracker ids for the default LAN rules | Ermal | 2014-04-14 | 1 | -0/+2 |
| | |||||
* | Added support for UEFI booting to Network Booting configuration. | Charlie Root | 2014-03-02 | 1 | -0/+2 |
| | | | | | | modified: conf.default/config.xml modified: etc/inc/services.inc modified: usr/local/www/services_dhcp.php | ||||
* | Remove deprecated sysctls. vfs.forcesync needs to be seen if the patch needs ↵ | Ermal | 2013-12-14 | 1 | -10/+0 |
| | | | | to be put in place again! | ||||
* | Add hybrid and disabled outbound NAT, fixes #2416: | Renato Botelho | 2013-11-13 | 1 | -22/+19 |
| | | | | | | | | | | | | | - Add 2 new outbound NAT modes, hybrid and disabled, manual and advanced keep working the same way - Hybrid mode applies manual rules first, automatic after - Disabled do no create any outbound NAT rules - Remove ipsecpassthru config field and rename advancedoutbound to outbound - Save mode on $config['nat']['outbound']['mode'] to simplify the logic - Modify config.default to reflect changes - Add code to upgrade config, and change latest_version to 10.3 - Use html to align modes and remove some hacks to align using | ||||
* | We do not use nor include newsyslog, so remove the cron job. | jim-p | 2013-10-09 | 1 | -9/+0 |
| | |||||
* | Set action = pass for configured mac addresses on CP passtrumac | Renato Botelho | 2013-09-14 | 1 | -1/+1 |
| | |||||
* | Disable kill_states by default on upgrade, it fixes #3183 | Renato Botelho | 2013-09-06 | 1 | -1/+1 |
| | |||||
* | Disable state killing on gateway failure by default for new configs. | Chris Buechler | 2013-09-03 | 1 | -0/+1 |
| | | | | Clarify the text describing the option while here. | ||||
* | Fixes #2979 | Renato Botelho | 2013-05-29 | 1 | -1/+1 |
| | | | | | | | . Change max value for traffic and packets graphs to 20GigE . Bump config version to 9.6 . Write a config upgrade function to tune current rrd files to the new max value | ||||
* | After some discussions it is better to make this a tunable and allow its ↵ | Ermal | 2013-05-08 | 1 | -0/+5 |
| | | | | value change from administrator. | ||||
* | Fix IPv6 Prefix ID default value | Renato Botelho | 2013-05-06 | 1 | -1/+1 |
| | | | | | | | . Always initialize it to 0 when it's undefined . Remove unecessary initializations and checks . Bump config version to 9.5 . Write an upgrade config function to initialize old configs properly | ||||
* | Upgrade code & config default version | N0YB | 2013-02-09 | 1 | -1/+1 |
| | |||||
* | Update config default with powerd battery mode | N0YB | 2013-02-09 | 1 | -1/+2 |
| | |||||
* | Adjust RRD captive portal graphs for CP zones | Renato Botelho | 2013-02-06 | 1 | -1/+1 |
| | | | | | | | | | - Create RRD configs per zone - Add tabs to see graphs per zone - Migrate existing rrd files to default cpZone - While I'm here, call unset() for $rrdcreate and $rrdupdatesh Resolves #2655 | ||||
* | Make sure default config complies with latest version | Renato Botelho | 2013-01-21 | 1 | -2/+0 |
| | |||||
* | Update the default config.xml to 9.2 so it does not trigger config.xml ↵ | Renato Botelho | 2013-01-21 | 1 | -1/+1 |
| | | | | upgrade during install of a new system | ||||
* | Add IPv6 privacy settings tunables. Keep the default FreeBSD value for them, ↵ | Renato Botelho | 2013-01-21 | 1 | -0/+10 |
| | | | | that is disabled. This implements feature request #2587 | ||||
* | Do not prefer anymore oldsa and recommend it as a better choice | Ermal | 2013-01-10 | 1 | -1/+0 |
| | |||||
* | Add bogons update frequency selection | bcyrill | 2013-01-06 | 1 | -0/+3 |
| | |||||
* | Add the new tunable in the GUI for custommization and its default value | Ermal | 2012-12-11 | 1 | -0/+5 |
| | |||||
* | Added mode selection options for PowerD. | Cristian Feldman | 2012-04-10 | 1 | -0/+1 |
| | |||||
* | Set the IPaddrv6 field for the lan to track6 so it autoconfigures from the WAN. | smos | 2012-04-03 | 1 | -0/+1 |
| | | | | I forgot to remove the link local address it had in it on the original commit. | ||||
* | Fix botched config.xml merge error. Remove duplicate ipaddrv6 tag. | smos | 2012-04-03 | 1 | -1/+0 |
| | |||||
* | Remove this track6 line as it causes an xml error | jim-p | 2012-04-02 | 1 | -1/+0 |
| | |||||
* | Changeout the told dhcp-pd config for the new track6 style autoconfiguration ↵ | smos | 2012-04-02 | 1 | -1/+3 |
| | | | | of the lan interface. | ||||
* | Update the default config.xml to 8.3 so it does not trigger config.xml ↵ | smos | 2012-03-22 | 1 | -1/+1 |
| | | | | upgrade during install of a new system | ||||
* | removed the timeformate change and putting it in the dhcpd and dhcpdv6 which ↵ | Joecowboy | 2012-02-25 | 1 | -2/+0 |
| | | | | will be generated by interface code. New XML tags will be <dhcpleaseinlocaltime/> and <dhcpv6leaseinlocaltime/> | ||||
* | Added Time format change XML tag for both DHCP and DHCPv6 if you want to use ↵ | Joecowboy | 2012-02-25 | 1 | -0/+2 |
| | | | | local time instead of UTC for leases. | ||||
* | Fix default SMTP monitor parameters so they will properly check to see if an ↵ | jim-p | 2011-11-01 | 1 | -2/+2 |
| | | | | SMTP banner is received. | ||||
* | load balance monitor type send/expect must have a '' when using more then ↵ | marcelloc | 2011-09-02 | 1 | -1/+1 |
| | | | | one argument. | ||||
* | Add DHCP6 to the default configuration | smos | 2011-08-18 | 1 | -0/+1 |
| | |||||
* | Fix conf.default version | jim-p | 2011-05-19 | 1 | -1/+1 |
| | |||||
* | Add the ipv6 allow tag to the default config. | Seth Mos | 2011-05-06 | 1 | -1/+21 |
| | | | | | | Add a default allow rule for the LAN with IPv6 Add a dhcp-pd sla-id of 0 for the WAN. Add a dhcp-pd length of 0 for the WAN | ||||
* | Merge remote branch 'upstream/master' | Seth Mos | 2011-05-03 | 1 | -5/+0 |
|\ | | | | | | | | | Conflicts: usr/local/www/status_rrd_graph_img.php | ||||
| * | Remove rndtest sysctl since the kernel module is not anymore part of our ↵ | Ermal | 2011-04-28 | 1 | -5/+0 |
| | | | | | | | | kernels. Leftover noticed by: Jim |