Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Teach the certificate generation code how to make a self-signed certificate, and | jim-p | 2014-10-21 | 2 | -38/+69 |
| | | | | | | | | | | change the GUI cert generation code to use it. Also, move the GUI cert generation code to its own function so we can add a GUI option to regenerate it later. Also use some more sane defaults for the contents of the default self- signed certificate's fields so it will be more unique and less likely to trigger problems in browser certificate storage handling. Also add a CLI script to regenerate a new GUI certificate. Several master commits rolled into one patch for 2.1.x. | ||||
* | Tame the poodle. Disable SSLv3. | jim-p | 2014-10-15 | 1 | -0/+1 |
| | |||||
* | Correct evaluation for "Acct-Interim-Interval" from RADIUS | dariomas | 2014-09-19 | 1 | -1/+1 |
| | | | | | | | Setting "Acct-Interim-Interval :=600" in FreeRadius2 evaluates to 'random' values with PfSense 2.1. Possibly a bug related to: https://forum.pfsense.org/index.php?topic=60079.0 https://forum.pfsense.org/index.php?topic=60262.0 | ||||
* | Fix #3866 Firewall Log Filtering | Phil Davis | 2014-09-16 | 1 | -1/+1 |
| | | | on 2.1 branch | ||||
* | Add pages missing from the Status > Traffic Graph privilege that are ↵ | jim-p | 2014-09-11 | 1 | -0/+2 |
| | | | | required for the full page to load | ||||
* | igmpproxy param -d doesn't like the space before optarg. Fixes #3852 | Renato Botelho | 2014-09-08 | 1 | -2/+2 |
| | |||||
* | delete the dhcpd.pid file before starting dhcpd. Fixes bug where on rare ↵ | Chris Buechler | 2014-08-22 | 1 | -0/+8 |
| | | | | occasions a stale PID file could prevent dhcpd from starting until it's manually deleted. | ||||
* | Move dhcp6c log to dhcpd.log, it fixes #3799 | Renato Botelho | 2014-08-11 | 1 | -2/+2 |
| | |||||
* | Fix #3798 - 'IPsec phase 2 pinghost is not used if the source IP should be a ↵ | Matt Smith | 2014-08-08 | 1 | -4/+17 |
| | | | | virtual IP address' | ||||
* | Avoid generating an invalid racoon config if the user specified a mobile ↵ | jim-p | 2014-08-08 | 1 | -0/+5 |
| | | | | pool that is too small. | ||||
* | Avoid a "Cannot use string offset as an array" error if the packages section ↵ | jim-p | 2014-08-08 | 1 | -4/+7 |
| | | | | of the config is missing. | ||||
* | Per the dhcpd.conf man page and other documentation from ISC, mclt must not ↵ | Chris Buechler | 2014-08-06 | 1 | -3/+2 |
| | | | | be defined on the secondary. | ||||
* | Escape the individual dnsmasq advanced/custom options | jim-p | 2014-08-06 | 1 | -1/+1 |
| | |||||
* | no () around qlength here | Chris Buechler | 2014-07-09 | 1 | -1/+1 |
| | |||||
* | qlimit must be included here | Chris Buechler | 2014-07-08 | 1 | -0/+2 |
| | |||||
* | use HTTPS for dyndns providers that support it | Chris Buechler | 2014-07-05 | 1 | -6/+6 |
| | |||||
* | Fix #3725: | Renato Botelho | 2014-06-30 | 1 | -13/+21 |
| | | | | | | | - Fix match_filter_field() and also simplify logic - Fix $filterfieldsarray initialization - Avoid to have double spaces on filterfieldsarray['act'] - Fix filter on Firewall Logs | ||||
* | Merge pull request #1244 from phil-davis/patch-11 | Renato Botelho | 2014-06-27 | 1 | -0/+4 |
|\ | |||||
| * | Handle no dhcpd settings when upgrading | Phil Davis | 2014-06-26 | 1 | -0/+4 |
| | | | | | | | | | | This minor fix was in master but not 2.1 branch. I noticed the warning message when doing a fresh install/test of 2.1.4-release. It prevents the warning message: Warning: Invalid argument supplied for foreach() in /etc/inc/upgrade_config.inc on line 3153 Might as well fix it it 2.1-branch also, in case there is another 2.1.n release. | ||||
* | | Fix a regression introduced on 8d6c5f6621 that broke CARP+IP alias | Renato Botelho | 2014-06-26 | 1 | -15/+30 |
|/ | |||||
* | Only include a scheduled rule if it is strictly before the end timeRELENG_2_1_4 | Phil Davis | 2014-06-20 | 1 | -1/+1 |
| | | | | The exact moment of the end time is the end of the schedule. We do not want to include a rule when filter_configure_sync wakes up at 00:15:00 etc and is on a not-slow system that processes this code during the interval 00:15:00 to 00:15:01. This should help intermittent issues with schedules not finishing at the appropriate 15-minute boundary. Might help or fix #3558 | ||||
* | Remove extra data after space and fix pf rule syntax. It should fix #3688 | Renato Botelho | 2014-06-20 | 1 | -1/+1 |
| | |||||
* | Always set httponly attribute on cookies | Renato Botelho | 2014-06-18 | 1 | -10/+8 |
| | |||||
* | Add comment I forgot on last commit | Renato Botelho | 2014-06-17 | 1 | -0/+1 |
| | |||||
* | Re-generate session ID on a successful login to avoid session fixation | Renato Botelho | 2014-06-17 | 1 | -0/+1 |
| | |||||
* | Revert "Revert "Fix #3700 and other syntax issues:"" | Renato Botelho | 2014-06-10 | 1 | -1/+2 |
| | | | | This reverts commit 4cc2ae78d3027c349969437f08a88b1fb88c9de8. | ||||
* | Revert "Fix #3700 and other syntax issues:" | Renato Botelho | 2014-06-10 | 1 | -2/+1 |
| | | | | This reverts commit e912bfae186b6b657daf52607f9d027f46be0478. | ||||
* | Fix #3700 and other syntax issues: | Renato Botelho | 2014-06-10 | 1 | -1/+2 |
| | | | | | | | | | - Remove -G parameter from pfctl since it doesn't exist anymore - Initialize $old_router - Fix sh syntax on variable assign, it couldn't have space before = - Simplify logic - Avoid flush states twice, if it was done on IP change, don't do it again if router also has changed | ||||
* | Escape argument on call to is_process_running too, also remove some ↵ | Renato Botelho | 2014-06-06 | 1 | -3/+3 |
| | | | | unecessary mwexec() calls | ||||
* | Add some protection to parameters that come through _GET | Renato Botelho | 2014-06-06 | 1 | -9/+9 |
| | |||||
* | Escape this before running. | jim-p | 2014-06-06 | 1 | -1/+1 |
| | |||||
* | allow ipaliases to be configured on lo0 | Matt Smith | 2014-06-03 | 1 | -2/+2 |
| | |||||
* | remove openbgpd bits from system_gateways_edit and system.inc. The package | Chris Buechler | 2014-05-30 | 1 | -2/+2 |
| | | | | | | match is case-sensitive and hasn't matched the openbgpd package's name in at least 5 years, so it doesn't do anything. It's far from functional in any useful manner even fixing that issue. | ||||
* | client-config-dir is also useful when using OpenVPN's internal DHCP while ↵ | jim-p | 2014-05-30 | 1 | -0/+1 |
| | | | | bridging. | ||||
* | Convert protocol ssl:// to https:// when creating http headers | Manuel Silvoso | 2014-05-28 | 1 | -1/+1 |
| | |||||
* | Properly handle this rename, and squelch errors if it fails. | jim-p | 2014-05-21 | 1 | -1/+1 |
| | |||||
* | Delete all ip aliases when interface is disabled, it should fix #3650 | Renato Botelho | 2014-05-21 | 1 | -7/+21 |
| | |||||
* | /etc/version_kernel and /etc/version_base no longer exist, use php_uname to ↵ | jim-p | 2014-05-16 | 1 | -2/+4 |
| | | | | get the info instead. | ||||
* | Remove units from burst as it is always specified in bytes. (Per ipfw(8)). | jim-p | 2014-05-06 | 1 | -2/+2 |
| | | | | Worked for me in testing, I watched a file briefly burst until and then be clamped down to the limiter's rate. | ||||
* | Merge the forgotten Ticket #3062 patch for CP pipeno leaking issue which ↵ | Ermal | 2014-05-03 | 1 | -1/+6 |
| | | | | leads to the 'Maximum login reached' on CP | ||||
* | Signal a reload if anything got updated | Ermal | 2014-04-30 | 1 | -1/+3 |
| | |||||
* | Merge the patch suggested in Ticket #3629. It also Fixes #3629. The question ↵ | Ermal | 2014-04-30 | 1 | -1/+1 |
| | | | | is why this is using config lock? Also where is filter configure called here? | ||||
* | Move clog from /usr to /usr/local | Renato Botelho | 2014-04-28 | 2 | -3/+3 |
| | | | | | | | | Conflicts: etc/inc/filter_log.inc etc/inc/system.inc etc/rc usr/local/www/guiconfig.inc | ||||
* | Correct the ridirection URL to unbreak ones passed through Radius attributes ↵ | Ermal | 2014-04-28 | 1 | -1/+1 |
| | | | | and repsect user choices. Reported-by: Antoine Guillemot | ||||
* | Merge pull request #1105 from florian-asche/RELENG_2_1 | Renato Botelho | 2014-04-25 | 2 | -8/+13 |
|\ | |||||
| * | Update services.inc | Florian Asche | 2014-04-25 | 1 | -7/+6 |
| | | | | | | fix | ||||
| * | Moved my changes from Pull Request #1025 , #1019 , #1018 , #1012 (master) to ↵ | Florian Asche | 2014-04-18 | 2 | -9/+15 |
| | | | | | | | | | | | | RELENG_2_1 * Added missing usepublicip with dyndnsCheckIP * Added missing CURL setops | ||||
* | | Resolver has no option for remote syslog, remove wrong copy/paste that was ↵ | Renato Botelho | 2014-04-24 | 1 | -2/+0 |
| | | | | | | | | adding it when apinger was enabled | ||||
* | | Merge pull request #1119 from phil-davis/patch-4 | Renato Botelho | 2014-04-24 | 1 | -1/+1 |
|\ \ | |||||
| * | | Cut paste bug fix in Remote Syslog DHCP events | Phil Davis | 2014-04-20 | 1 | -1/+1 |
| |/ | | | | | | | | | | | This version for 2.1 branch. apinger is repeated here from the code above, but it should be dhcp. Forum https://forum.pfsense.org/index.php?topic=73734.0 Selecting to remote syslog "Gateway Monitor events" would also switch on "DHCP service events" unintentionally. |