summaryrefslogtreecommitdiffstats
path: root/etc/inc
Commit message (Collapse)AuthorAgeFilesLines
* Concatenate array, using array_merge() will clobber numerical gateway group ↵smos2011-11-271-1/+1
| | | | entries.
* Fix for redmine ticket #1993. Allow saving multiple dynamic entries.smos2011-11-271-0/+26
| | | | Make sure that return_gateways_status() also returns all gateways that have monitoring disabled as up.
* Ecnlose the host-name in quotes so that numerical values work.smos2011-11-221-1/+1
| | | | Fixes ticket #2020
* Select the newest of processes to make the command betterErmal2011-11-211-2/+2
|
* Ticket #1052. Merge patch referenced in ticket.Ermal2011-11-141-5/+5
|
* Fix order of client/server IPs and add a note, and clarify variable names. ↵jim-p2011-11-101-3/+4
| | | | Fixes #2004.
* When creating an internal certificate, offer the user a choice of what ↵jim-p2011-11-091-2/+15
| | | | constraints to place upon the certificate (CA, Server, or User).
* Prevent link cycling when spoofing mac + DHCP. Fixes #1572jim-p2011-11-081-2/+6
|
* Fixes #1976. Correct passthrough mac entries to not overwrite each other ↵Ermal2011-11-021-5/+2
| | | | this is different from allowed ips that used tables.
* Convert MTU from 1.2.3 to MSS on 2.0, fixes #1886jim-p2011-11-011-0/+11
|
* Fix SMTP monitor check in upgrade code, too.jim-p2011-11-011-2/+2
|
* Relayd expects send/expect arguments to be quoted strings. (And expect must ↵jim-p2011-11-011-2/+2
| | | | be a pattern, not just a partial string)
* Assume a default value of 1 for cert_depth to disallow chaining.jim-p2011-10-271-0/+2
|
* Add GUI option to limit the certificate depth allowed when OpenVPN clients ↵jim-p2011-10-272-0/+95
| | | | are connecting.
* Specify full path to openssl.cnf, and select the relevant section to use ↵jim-p2011-10-271-0/+6
| | | | when generating certificates.
* Fix up syslog settings a bit, add some missing options, fix formatting of ↵jim-p2011-10-261-128/+79
| | | | syslog.conf, correct behavior of 'everything', code cleanup.
* Increase the GROW for the 60 minute RRA so that we have atleast 2160 entries ↵smos2011-10-261-1/+1
| | | | for 3 months worth of data.
* Add back the accidentally removed xml rrd restore line, otherwise we still ↵smos2011-10-261-0/+2
| | | | | | don't have the new RRD file Ticket #1758
* Correct typo in command.smos2011-10-251-1/+1
| | | | Ticket #1758
* Ok, let's try not to corrupt the RRD files on upgrade. Leave the RRA ↵smos2011-10-251-2/+7
| | | | | | | archives for the 720 minutes average at 1000. Then run a rrdtool resize command to grow the RRA by 1000 and 2000 for the 60 and 720 average respectively. Attempts to further fix ticket #1758
* Do not pass the ldap port separately, but add it to the LDAP URL. PHP's ↵jim-p2011-10-251-24/+19
| | | | ldap_connect() ignores the passed port parameter if the first parameter is a URL instead of a hostname.
* Shorten the NEGATE rule label as these are too longsmos2011-10-211-1/+1
|
* Modify code to remove memory usage to prevent a Out of Memory condition when ↵smos2011-10-181-12/+14
| | | | | | upgrading the RRD database on a 128MB system. Ticket #1758
* Remove the old direct_networks table which is not used throughout the filter ↵smos2011-10-131-7/+20
| | | | | | | | | | code. Instead we now create a negate_networks table which contains both vpns, directly connected networks (static routes) which should never be tagged for policy routing which breaks traffic. This fixes Ticket #1950 and needs to be MFC to 2.0 for 2.0.1 Conflicts: etc/inc/filter.inc
* Add no nat/rdr rules for carp protocol so people do not screw their setups.Ermal2011-10-131-1/+3
|
* Move the old databases to the backup folder in confsmos2011-10-131-1/+1
| | | | Fixes ticket #1758
* Restore the RRD backup before attempting a migration as this bites the ↵smos2011-10-131-0/+14
| | | | | | | nanobsd users. We immediately backup the new databases to a new rrd.tgz file. The old database will be moved to /root Fix for ticket #1758
* Disable could not find gateway for FOO log message. It is not causing any ↵Scott Ullrich2011-10-111-1/+1
| | | | trouble and is making folks feel like there is something wrong with their install when there really is no issues.
* Correct the updates pathScott Ullrich2011-10-111-2/+2
|
* Fixes issue with l2tp interfaces and altqErmal2011-10-081-0/+2
|
* Include certs.inc before calling lookup_ca in auth.inc. Fixes #1927jim-p2011-10-051-0/+1
|
* Change the way syslogd is killed/restarted a bit. Fixes log related pages ↵jim-p2011-09-301-6/+7
| | | | hanging when logs are reset (or saving syslog settings)
* Move hostapd to its own log and tab, so it stops spamming the system log.jim-p2011-09-301-1/+3
|
* Exclude relayd from main system log, it's really spammy, and is already in ↵jim-p2011-09-291-1/+1
| | | | relayd.log
* Show session detail in Virtual Server statusjim-p2011-09-291-0/+16
|
* Check that we have user password otherwise strange things happen if tehre is ↵Ermal2011-09-281-0/+5
| | | | nothing stored in the config
* Add relayd to Status > Services and widget. Add capability to kill when ↵jim-p2011-09-281-3/+8
| | | | restarting instead of a simple reload. Implements #1913
* Fixup relayd to handle DNS load balancing as well as standard TCP load ↵jim-p2011-09-271-41/+63
| | | | balancing.
* Show friendly interface namesErmal2011-09-081-2/+2
|
* Remove references to undeclared tableErmal2011-09-071-4/+2
|
* Match pftop page exatly with privilege, there is no other page that glob ↵jim-p2011-09-061-1/+1
| | | | would catch. Fixes #1845
* Revert "If a user's browser does not support cookies, print an error on the ↵Ermal2011-09-021-11/+0
| | | | | | login form telling them so." This reverts commit a2e90569ab481bc85f5b3be7a01cc1608b3d065a.
* Unlink the failed downloaded file if present. Since it might contain harmful ↵Ermal2011-09-011-0/+1
| | | | and not expected content
* If a user's browser does not support cookies, print an error on the login ↵jim-p2011-08-311-0/+11
| | | | form telling them so.
* Revert "Make the webConfigurator lockout rule to catch even edp protocol so ↵Ermal2011-08-301-1/+1
| | | | | | that xmlrpc bruteforce is caught as well." This reverts commit cde671805cccb380e60acb35374a23d3a7f48a99.
* Make the webConfigurator lockout rule to catch even edp protocol so that ↵Ermal2011-08-301-1/+1
| | | | xmlrpc bruteforce is caught as well.
* Fix several issues in pppoe code and remove duplicated code.Ermal2011-08-301-2/+2
|
* Fixup OpenVPN status a bit to properly handle SSL servers using a /30 (no ↵jim-p2011-08-301-3/+23
| | | | server directive) and also be a little more verbose about what is happening, if we can tell.
* DNSMasq was generating the error 'Socket operation on non-socket' and using ↵Warren Baker2011-08-241-1/+1
| | | | 100% of the CPU, changing it to mwexec_bg() resolves the issue.
* Fix VPN network listing for OpenVPN, and also add tunnel networks to this list.jim-p2011-08-241-2/+5
|
OpenPOWER on IntegriCloud