summaryrefslogtreecommitdiffstats
path: root/conf.default
Commit message (Collapse)AuthorAgeFilesLines
* removed the timeformate change and putting it in the dhcpd and dhcpdv6 which ↵Joecowboy2012-02-251-2/+0
| | | | will be generated by interface code. New XML tags will be <dhcpleaseinlocaltime/> and <dhcpv6leaseinlocaltime/>
* Added Time format change XML tag for both DHCP and DHCPv6 if you want to use ↵Joecowboy2012-02-251-0/+2
| | | | local time instead of UTC for leases.
* Fix default SMTP monitor parameters so they will properly check to see if an ↵jim-p2011-11-011-2/+2
| | | | SMTP banner is received.
* load balance monitor type send/expect must have a '' when using more then ↵marcelloc2011-09-021-1/+1
| | | | one argument.
* Add DHCP6 to the default configurationsmos2011-08-181-0/+1
|
* Fix conf.default versionjim-p2011-05-191-1/+1
|
* Add the ipv6 allow tag to the default config.Seth Mos2011-05-061-1/+21
| | | | | | Add a default allow rule for the LAN with IPv6 Add a dhcp-pd sla-id of 0 for the WAN. Add a dhcp-pd length of 0 for the WAN
* Merge remote branch 'upstream/master'Seth Mos2011-05-031-5/+0
|\ | | | | | | | | Conflicts: usr/local/www/status_rrd_graph_img.php
| * Remove rndtest sysctl since the kernel module is not anymore part of our ↵Ermal2011-04-281-5/+0
| | | | | | | | kernels. Leftover noticed by: Jim
* | Add the IPv6 tag to the version so that BSD perimeter can seen these ↵Seth Mos2011-03-091-1/+1
|/ | | | installs from a mile away
* Add the default value for the new tunable debug.pfftpproxy to 0. It allows ↵Ermal2011-01-171-0/+5
| | | | to disable the pfftpproxy. Also add it to the default config.xml though no upgrade code should be needed since people can create this from the gui and hopefully do not need to know about this anyway.
* Update config.xml to a more recent version, include a cron job for URL table ↵jim-p2011-01-101-96/+49
| | | | aliases updates.
* Add sysctl for maximum socket buffer sizing. Set to 42621444. This is ↵Scott Ullrich2011-01-041-0/+5
| | | | needed for some heavily loaded servers running unbound, squid, etc
* Remove bce item it is loader.conf only per jimpScott Ullrich2010-11-211-5/+0
|
* Add missing </item>Scott Ullrich2010-11-201-0/+1
|
* oops, typoScott Ullrich2010-11-201-1/+1
|
* Increase vfs.read_max to 32. See ↵Scott Ullrich2010-11-201-0/+4
| | | | http://ivoras.sharanet.org/blog/tree/2010-11-19.ufs-read-ahead.html .. This can help dramatically if using Squid or any other packae that does a lot of hard disk reads.
* Convert fullname field on users to descr, so it gains CDATA protection.jim-p2010-10-191-1/+1
|
* desc to descr in Load Balancer config, so they gain CDATA protection and ↵jim-p2010-10-191-5/+5
| | | | standardize field names. Ticket #320.
* Change the description field on sysctl tunables to be 'descr' and not 'desc' ↵jim-p2010-10-191-26/+26
| | | | so they will gain CDATA protection. Ticket #320
* Upgrade code for pppoe.Ermal2010-09-021-1/+1
|
* Disable TSO and LRO in the default config.jim-p2010-08-041-0/+2
|
* Remove these from the default config. They moved into other sections and do ↵jim-p2010-08-031-20/+0
| | | | not need to exist by default.
* Fix variable name for consistency.jim-p2010-07-271-1/+1
|
* Remove associated rule-id from default config they confuse rule edit page.Ermal2010-04-131-2/+0
|
* Remove bandwidth tags from default config they are not used.Ermal2010-04-121-4/+0
|
* Don't use "local" as a domain. It breaks DNS resolution for hosts running mDNS.gnhb2010-04-061-1/+1
| | | | | | | | | | | | | | | | | | | | | The "local" search domain signifies to local hosts that are running mDNS (bonjour or avahi) that mDNS is to be used to look up local hosts instead of doing a normal DNS query to the server listed in /etc/resolv.conf on the local host. Also, hosts running bonjour or avahi can not ping or reach *any* other host by name if it is not running some mDNS implementation. Essentially, if DHCP tells the local host that it's search domain is "local" then hosts running mDNS will not query the pfsense DNS server for any local lan DNS lookups. See here on apple's website: http://support.apple.com/kb/TA20999?viewlocale=en_US Quote from above link: "To indicate that the name should be looked up using local multicast instead of a standard DNS query, all Bonjour host names end with the extension ".local."
* Fix whitespace.Erik Fonnesbeck2010-03-261-7/+7
|
* Enable WAN and LAN in the default configuration.Erik Fonnesbeck2010-03-261-0/+2
|
* Make lan/wan behave as all other interfaces.Ermal2010-03-271-1/+1
|
* ping_hosts.sh is no more in /etc. Remove some unneeded lines.Ermal Luçi2010-02-031-9/+0
|
* Ticket #136.Ermal Luçi2010-01-261-3/+3
| | | | | | | | Fix associated nat rules. Now both the filter rules and the nat ones contain a associated-rule-id tag which helps link the items together. The API to use for this is in itemid.inc. All the issues should be solved now.
* Add patch from lietu (Janne Enberg). Ticket #136pierrepomes2009-12-121-0/+1
| | | | | | | | | | | | | | | | | | | | | 1) Multiple NAT rules can be assigned the same filter rule -> Fixed, added assigned-nat-rule-id to filter rules to keep track of the assignment 2) when removing the link (i.e. switching to "pass" or "none", the linked rule isn't deleted (should it be? probably yes) -> Fixed, when a NAT rule's association is removed, the filter rule is deleted. Added a "create new associated filter rule" option to the dropdown if there is none selected. 3) The destination IP and port of linked rules can be edited in firewall_rules_edit.php and shouldn't be. Source should be editable but not destination, since that should strictly be tied to the NAT rule. -> Fixed, you cannot edit the destination for the filter rules that are linked to NAT rules, this has been disabled both by JavaScript and PHP. 4) If you edit the source in a linked firewall rule, it gets overwritten when you edit the NAT rule. The NAT rule should never touch the firewall rule source after the rule exists. -> Fixed, previously the old rule was deleted and a new one created, now it only updates the old rule and doesn't touch the source. Also added crosslinking from the NAT rule to the filter rule and back, so you can jump to edit the filter rule from the NAT rule and vice-versa.
* Add lookup table for sysctl tunable (sysctl.inc). Make config.xml values ↵sullrich2009-12-061-26/+26
| | | | default to value 'default' Ticket #71
* Minor formatting changesullrich2009-12-031-1/+1
|
* Set default protocol to HTTPS. Somehow this commit did not make it last timesullrich2009-12-031-1/+1
|
* Make the default HTTPS. Ticket #63sullrich2009-12-021-8/+0
|
* Default to only system information and interfaces widgets. This reduces ↵Scott Ullrich2009-11-211-0/+3
| | | | load time on RSPRO from 9+ seconds to 2.5
* Add default load balancing monitor types for ICMP, TCP, HTTP, HTTPS and SMTP ↵Scott Ullrich2009-11-021-0/+45
| | | | from BillM
* Revert "add crontab entries for snort auto block and snort update"Scott Ullrich2009-09-091-18/+0
| | | | This reverts commit b0d639a5e7880ee55c671cbabdb01cd0f1ae1b38.
* add crontab entries for snort auto block and snort updaterobiscool2009-09-091-0/+18
|
* Added support for automatically managing firewall rules with NAT rules.unknown2009-08-141-0/+2
|
* Turn off flowtables by defaultScott Ullrich2009-07-131-1/+0
|
* Enable flow table support by default for new installationsScott Ullrich2009-07-121-0/+1
|
* Add enable/disable option for flow table support... Remove configuration option.Scott Ullrich2009-07-121-5/+0
|
* Make pfSense_ng the new default themehoba2009-06-261-1/+1
|
* Nuke snort2cScott Ullrich2009-06-111-10/+1
| | | | Requested-by: rob iscool
* Add L2 L3 Cache lookup by default.Scott Ullrich2009-06-091-1/+6
| | | | | | | | | | | | | - Import infrastructure for caching flows as a means of accelerating L3 and L2 lookups as well as providing stateful load balancing when used with RADIX_MPATH. - Currently compiled in to i386 and amd64 but disabled by default, it can be enabled at runtime with 'sysctl net.inet.flowtable.enable=1'. - Embedded users can remove it entirely from the kernel by adding 'nooption FLOWTABLE' to their kernel config files. - A minimal hookup will be added to ip_output in a subsequent commit. I would like to see more review before bringing in changes that require more churn.
* default to vr0/vr1 rather than sis, since the defaults should be for ALIX, ↵Chris Buechler2009-05-131-2/+2
| | | | not WRAP.
* Remove reset_slbd.sh from cron.Ermal Luçi2009-05-081-9/+0
|
OpenPOWER on IntegriCloud