Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Tell filterdns to reload the config rather than restart if its running | Ermal | 2013-01-02 | 1 | -3/+6 |
| | |||||
* | Also consider 0.0.0.0/0 here since it fails both these tests but is still a ↵ | jim-p | 2012-12-07 | 1 | -1/+1 |
| | | | | valid/special config. | ||||
* | If the old configuration is present there use the new one for local users | Ermal | 2012-12-06 | 1 | -0/+2 |
| | |||||
* | Fix location of banner file for ipsec and also sprinkle some unset to avoid ↵ | Ermal | 2012-11-21 | 1 | -6/+22 |
| | | | | php keeping data in memory | ||||
* | Correct path even for generated certs for ipsec | Ermal | 2012-11-20 | 1 | -3/+3 |
| | |||||
* | Correct path to certificates as well | Ermal | 2012-11-17 | 1 | -1/+1 |
| | |||||
* | Corrected racoon path to psk.txt. | caseyr232 | 2012-11-17 | 1 | -2/+2 |
| | | | "path pre_shared_key \"{$g['varetc_path']}/psk.txt\";\n\n"; is incorrected, ammended to "path pre_shared_key \"{$g['varetc_path']}/ipsec/psk.txt\";\n\n"; | ||||
* | Remove none per Jim since it is confusing | Ermal | 2012-11-15 | 1 | -1/+1 |
| | |||||
* | Allow other system authentication types to be used with ipsec. ↵ | Ermal | 2012-11-14 | 1 | -126/+75 |
| | | | | LDAP/RADIUS/local acc | ||||
* | Fixes #2394. If an entry of 0.0.0.0/0 is configured than use the first ↵ | Ermal | 2012-10-30 | 1 | -2/+4 |
| | | | | interface ip matching. Also do a microptimization to not retrieve the interface list every ping host entry | ||||
* | Fixes #2300. Take into consideration ip aliases on carp | Ermal | 2012-10-30 | 1 | -5/+8 |
| | |||||
* | Fixes #2300. Add static route even for ip aliases selected to avoid issues. | Ermal | 2012-10-30 | 1 | -1/+4 |
| | |||||
* | Use a proposal check value of obey for all mobile, not just pure-PSK. (The ↵ | jim-p | 2012-10-22 | 1 | -1/+1 |
| | | | | docs recommend setting this, may as well make it the default) | ||||
* | Correct the config generation | Ermal | 2012-10-05 | 1 | -3/+2 |
| | |||||
* | config.xml might have some elusive data so do not fail sainfo section for ↵ | Ermal | 2012-10-05 | 1 | -8/+6 |
| | | | | localside if there is an empty nat address. Just do not put the nat side in there | ||||
* | Correctly build the sainfo to avoid errors | Ermal | 2012-10-05 | 1 | -5/+5 |
| | |||||
* | Use .= for strings rather than += | jim-p | 2012-10-05 | 1 | -4/+4 |
| | |||||
* | Add a NAT entry for configuring NAT on ipsec phase2. It will add nat rules ↵ | Ermal | 2012-10-04 | 1 | -3/+29 |
| | | | | on enc interface | ||||
* | Add forgotten part of the IPsec split dns fix from yesterday | jim-p | 2012-09-27 | 1 | -1/+8 |
| | |||||
* | Ticket #2635: during ipsec reload, do not generate spd for disabled ph1 | Pierre POMES | 2012-09-25 | 1 | -8/+10 |
| | |||||
* | Don't add ldapcfg to racoon.conf since we're not using racoon's built-in ↵ | jim-p | 2012-09-06 | 1 | -24/+27 |
| | | | | LDAP support now. Moving to external script-based auth, see ticket #1112 | ||||
* | Restructure these IP/subnet tests so they don't break transport mode. | jim-p | 2012-08-27 | 1 | -5/+5 |
| | |||||
* | Fixes #2364. On busy pppoe servers it might take some time before mpd exits. ↵ | Ermal | 2012-05-23 | 1 | -0/+4 |
| | | | | Check for this before trying to restart | ||||
* | Make sure that we match multiple characters. | smos | 2012-05-22 | 1 | -1/+1 |
| | | | | Ticket #2415 | ||||
* | First round of CARP vip renaming changes | smos | 2012-05-22 | 1 | -1/+1 |
| | | | | Ticket #2415 | ||||
* | routes should not be skipped when IPsec is on WAN, as WAN may not be the ↵ | Chris Buechler | 2012-04-23 | 1 | -3/+2 |
| | | | | default gateway. | ||||
* | this is only valid in mpd5 (really?...) Revert "RADIUS accounting updates ↵ | Chris Buechler | 2012-04-11 | 1 | -2/+0 |
| | | | | | | are needed for PPPoE and L2TP too" This reverts commit 02b14dcb49da8dc278e87785bb3f811336bf1fd0. | ||||
* | RADIUS accounting updates are needed for PPPoE and L2TP too | Chris Buechler | 2012-04-11 | 1 | -0/+2 |
| | |||||
* | Don't let an empty subnet into racoon.conf, it can cause parse errors. ↵ | jim-p | 2012-02-14 | 1 | -0/+9 |
| | | | | Ticket #2201 | ||||
* | Fix reference to PPTP secondary RADIUS server shared secret. | jim-p | 2012-02-13 | 1 | -1/+1 |
| | | | | See http://forum.pfsense.org/index.php/topic,46103.0/topicseen.html | ||||
* | Only do foreach on the p2's if it's actually an array. | jim-p | 2012-01-31 | 1 | -40/+39 |
| | |||||
* | Ensure we always write out a blank spd.conf if there are no phase 2 entries. ↵ | jim-p | 2011-12-09 | 1 | -11/+10 |
| | | | | If you delete the last phase 2 and then apply, it will still be in spd.conf and used by racoon even with no phase 2's configured. | ||||
* | Fix several issues in pppoe code and remove duplicated code. | Ermal | 2011-08-30 | 1 | -2/+2 |
| | |||||
* | Make initial changes to allow pfSense to work in a jail. | Andrew Thompson | 2011-08-17 | 1 | -0/+7 |
| | | | | | | This mostly avoids starting things that will not work and gets the initial config. Most of the pfSense functionality will not work (pf rules, routing, etc) but it can be used for testing. | ||||
* | Also escape \ in pptp passwords. | jim-p | 2011-07-28 | 1 | -1/+2 |
| | |||||
* | Correct whitespace and some problems in the just merged ldap auth sorce for ↵ | Ermal | 2011-07-27 | 1 | -23/+24 |
| | | | | racoon | ||||
* | Merge pull request #8 from ninja76/master | Ermal Luçi | 2011-07-27 | 1 | -1/+25 |
|\ | | | | | IPSec xAuth allowing LDAP to be used as a backend | ||||
| * | Improved ipsec ldap xauth | Bryan Haase | 2011-07-27 | 1 | -2/+3 |
| | | |||||
| * | format error | Bryan Haase | 2011-07-22 | 1 | -2/+2 |
| | | |||||
| * | More sanity checking | Bryan Haase | 2011-07-22 | 1 | -9/+16 |
| | | |||||
| * | Ipsec xAuth patch | Bryan Haase | 2011-07-22 | 1 | -0/+16 |
| | | |||||
* | | Prevent php from coring if the wrong parameters are passed to ip2long | Ermal | 2011-07-27 | 1 | -0/+5 |
| | | |||||
* | | Relax PPTP password restrictions, just prevent starting with a !, and limit ↵ | jim-p | 2011-07-27 | 1 | -2/+4 |
| | | | | | | | | to common printable/keyboard characters so it doesn't result in invalid xml. Fixes #1720 | ||||
* | | Always send the route delete command even if it fails its ok. This avoids ↵ | Ermal | 2011-07-25 | 1 | -10/+3 |
| | | | | | | | | having to dump the routing table. | ||||
* | | Use the new change to be less distuptive | Ermal | 2011-07-25 | 1 | -1/+1 |
|/ | |||||
* | removes variables concatenation on gettext strings | Vinicius Coque | 2011-07-18 | 1 | -1/+1 |
| | |||||
* | Merge remote-tracking branch 'upstream/master' | jim-p | 2011-07-12 | 1 | -31/+31 |
|\ | | | | | | | | | | | | | | | | | | | | | Conflicts: etc/inc/easyrule.inc etc/inc/filter.inc etc/inc/interfaces.inc etc/inc/services.inc etc/inc/xmlrpc_client.inc usr/local/www/fbegin.inc usr/local/www/services_dhcp.php | ||||
| * | Merge remote-tracking branch 'mainline/master' into inc | Vinicius Coque | 2011-06-07 | 1 | -6/+5 |
| |\ | | | | | | | | | | | | | | | | Conflicts: etc/inc/voucher.inc usr/local/www/fbegin.inc | ||||
| * \ | Merge remote-tracking branch 'mainline/master' into inc | Vinicius Coque | 2011-05-23 | 1 | -1/+2 |
| |\ \ | |||||
| * \ \ | Merge remote-tracking branch 'mainline/master' into inc | Vinicius Coque | 2011-05-23 | 1 | -2/+3 |
| |\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: etc/inc/interfaces.inc etc/inc/upgrade_config.inc etc/inc/vpn.inc |