summaryrefslogtreecommitdiffstats
path: root/etc/inc/system.inc
Commit message (Collapse)AuthorAgeFilesLines
* Make this a bit more efficientErmal2014-03-111-3/+5
|
* Remove broken 'dynamic6' gateway, we already have ipprotocol to tell us the ↵Renato Botelho2014-03-031-2/+2
| | | | IP version, leave it more simple using only 'dynamic'. It helps #3484
* * Correct logging to syslog and proper file for ipsec from strongswanErmal2014-02-251-2/+2
| | | | * Use proper commands to reload strongswan rather than just the daemon
* silence any errorsErmal2014-02-201-1/+1
|
* More code fixes for ntpdErmal2014-02-191-6/+14
|
* Update system.incnagyrobi2014-02-181-2/+2
| | | Corrections made as requested
* Update system.incnagyrobi2014-02-181-29/+243
| | | Add new NTPd functions
* Really need the interface where v6 is running toa dd the gateway/route ↵Ermal2014-02-181-2/+2
| | | | rather than the one used for the configuration. This Fixes #3357
* Check for tmp captiveportal dir before making itPhil Davis2014-02-101-1/+2
| | | | | In forum: https://forum.pfsense.org/index.php/topic,72483.0.html Warning: mkdir(): File exists in /etc/inc/system.inc on line 878 Not sure if you would rather call safe_mkdir here?
* Add escapeshellarg() calls on exec parameters. While I'm here, replace some ↵Renato Botelho2014-02-041-4/+3
| | | | exec() calls by php functions like symlink, copy, unlink, mkdir
* Using "limited" for ntp in this way denies client access. Issue #3384jim-p2014-02-031-2/+2
|
* Add EDNS support for to resolv.confWarren Baker2014-01-291-1/+5
|
* Fix typo on variable name, it fixes #3414Renato Botelho2014-01-281-2/+2
|
* Fix openssl pathRenato Botelho2014-01-241-2/+2
|
* ports ntp moved to sbin, followjim-p2014-01-151-3/+3
|
* Use "disable monitor" in NTP config to mitigate CVE-2013-5211.jim-p2014-01-101-1/+1
|
* Add 'limited' to ntpd restrict list to workaround CVE-2013-5211. It fixes #3384Renato Botelho2014-01-071-2/+2
|
* Add a setting to allow the user to specify the clog file size so more (or ↵jim-p2013-12-261-2/+2
| | | | less) entries may be kept in the raw logs. Retain previous default size values if the user has not specified a preferred size. Files can only be resized when initialized, so provide a "Reset All Logs" button as well to force clear all logs and set them up at the new size.
* Mute the output of the command since its not really usefulErmal2013-12-141-2/+2
|
* Switch to php-fpm for lighty and check_reload_status will use it. Step by ↵Ermal2013-12-141-6/+20
| | | | step will migrate the other calls
* Teach system_timezone_configure() to deal with symlinks to avoid having ↵Renato Botelho2013-11-011-1/+11
| | | | timezone misconfigured. This fixes #3293
* Add source address selection to syslog settings, so it can work more ↵jim-p2013-10-241-1/+17
| | | | effectively over a VPN. Fixes #355
* Use new names for get_memory parametersPhil Davis2013-08-281-6/+6
|
* Use ntpdate from ports also and obsolete base oneRenato Botelho2013-08-161-2/+2
|
* use correct domain names when registering static DHCP entries in DNSDaniel Becker2013-07-291-2/+10
| | | | | | When registering static DHCP entries in DNS, we first try to use the domain name configured for the static entry (if any), then the domain name configured in the DHCP server settings for the corresponding interface (if any), and as a last resort the system domain name. This change was proposed by user TechSmurf on the pfSense boards; see <http://forum.pfsense.org/index.php/topic,64934.msg352331.html#msg352331>.
* Disable the BEAST protection by default because the GUI *will* break if you ↵jim-p2013-07-181-2/+21
| | | | use this and have a Hifn card installed. Others may break similarly. Change it into a checkbox option, off by default, and automatically disable it if a conflicting card has been detected.
* support mitigating BEAST attackdhatz2013-07-141-1/+2
| | | | | | | | | | According to http://redmine.lighttpd.net/projects/lighttpd/wiki/Release-1_4_30 "...by setting ssl.cipher-list = "ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4-SHA:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM" you can mitigate BEAST attacks."
* Add independent logging choices to disable logging of bogon network rules ↵jim-p2013-07-091-2/+9
| | | | and private network rules. Add upgrade code to obey the existing behavior for users (if default block logging was disabled, so is bogon/private rule blocking). Also add a checkbox to disable the lighttpd log for people who don't want their system log spammed by lighty.
* Use family parameter for v6 to get correct interfaceErmal2013-06-171-2/+2
|
* Provide full path to route binaryErmal2013-06-171-2/+2
|
* Actually try to get the real interface for v6 family to correctly get ↵Ermal2013-06-121-1/+1
| | | | stf(virtual) interfaces
* Fixes to get routes + dns working:Renato Botelho2013-05-271-65/+58
| | | | | | . Simplify code using new parameter of get_staticroutes() . Check for subnets instead of ip addrs . Avoid touch filterdns when we are just updating dns
* Use filterdns to update static routes using hostnamesRenato Botelho2013-05-271-1/+24
|
* Split system_routing_configure() and teach it to deal with hostnamesRenato Botelho2013-05-271-14/+63
|
* Simplify logicRenato Botelho2013-05-271-14/+8
|
* Replace all linklocal checks by is_linklocal()Renato Botelho2013-05-091-1/+1
|
* Shuffle some more logs around to more appropriate places.jim-p2013-05-081-3/+3
|
* Send filterdns logs to the resolver log.jim-p2013-05-081-2/+2
|
* Fix dnsmasq host overrides 'enabled' check.PiBa-NL2013-05-051-1/+1
|
* Fix dnsmasq host overrides and dhcp integrationRenato Botelho2013-05-011-37/+37
| | | | | | | | | | | . Do not execute following actions when dnsmasq is disabled: . Add host overrides to /etc/hosts . Register DHCP leases in DNS Forwarder . Register DHCP static mappings in DNS forwarder It should fix issue reported at following forum post: http://forum.pfsense.org/index.php?topic=58871
* Show IPv6 link-local IPs as specific sources for ping, traceroute, and port ↵jim-p2013-04-261-3/+11
| | | | testing.
* Make fe80: addresses check case insensitiveRenato Botelho2013-04-141-1/+1
|
* Move some code to a function to avoid future duplication. Allow autocomplete ↵jim-p2013-04-021-0/+17
| | | | on ping page. Add more escaping to command.
* Remove *_defaultgwv6 alsoRenato Botelho2013-03-011-1/+1
|
* Make sure captiveportal section of config is an array, reported on ticket #2838Renato Botelho2013-02-251-1/+1
|
* Avoid Warning: Invalid argument supplied for foreach() in /etc/inc/system.incJean Cyr2013-02-171-3/+5
| | | | | | Warning: Invalid argument supplied for foreach() in /etc/inc/system.inc Don't use captiveportal configuration option variable if it isn't set
* add support for RADIUS NAS accounting, fixes redmine feature request 2143Michael Newton2013-02-141-1/+6
|
* Keep Unbound here for syslog messagesWarren Baker2013-02-141-2/+2
|
* Backout Unbound for now bring back in 2.2. Fixes #2817Warren Baker2013-02-141-2/+2
|
* Set $interfacegw properly and avoid losing default route in some circumstancesRenato Botelho2013-02-141-0/+2
|
OpenPOWER on IntegriCloud