summaryrefslogtreecommitdiffstats
path: root/etc/inc
Commit message (Collapse)AuthorAgeFilesLines
* Teach the certificate generation code how to make a self-signed certificate, andjim-p2014-10-212-38/+69
| | | | | | | | | | change the GUI cert generation code to use it. Also, move the GUI cert generation code to its own function so we can add a GUI option to regenerate it later. Also use some more sane defaults for the contents of the default self- signed certificate's fields so it will be more unique and less likely to trigger problems in browser certificate storage handling. Also add a CLI script to regenerate a new GUI certificate. Several master commits rolled into one patch for 2.1.x.
* Tame the poodle. Disable SSLv3.jim-p2014-10-151-0/+1
|
* Correct evaluation for "Acct-Interim-Interval" from RADIUSdariomas2014-09-191-1/+1
| | | | | | | Setting "Acct-Interim-Interval :=600" in FreeRadius2 evaluates to 'random' values with PfSense 2.1. Possibly a bug related to: https://forum.pfsense.org/index.php?topic=60079.0 https://forum.pfsense.org/index.php?topic=60262.0
* Fix #3866 Firewall Log FilteringPhil Davis2014-09-161-1/+1
| | | on 2.1 branch
* Add pages missing from the Status > Traffic Graph privilege that are ↵jim-p2014-09-111-0/+2
| | | | required for the full page to load
* igmpproxy param -d doesn't like the space before optarg. Fixes #3852Renato Botelho2014-09-081-2/+2
|
* delete the dhcpd.pid file before starting dhcpd. Fixes bug where on rare ↵Chris Buechler2014-08-221-0/+8
| | | | occasions a stale PID file could prevent dhcpd from starting until it's manually deleted.
* Move dhcp6c log to dhcpd.log, it fixes #3799Renato Botelho2014-08-111-2/+2
|
* Fix #3798 - 'IPsec phase 2 pinghost is not used if the source IP should be a ↵Matt Smith2014-08-081-4/+17
| | | | virtual IP address'
* Avoid generating an invalid racoon config if the user specified a mobile ↵jim-p2014-08-081-0/+5
| | | | pool that is too small.
* Avoid a "Cannot use string offset as an array" error if the packages section ↵jim-p2014-08-081-4/+7
| | | | of the config is missing.
* Per the dhcpd.conf man page and other documentation from ISC, mclt must not ↵Chris Buechler2014-08-061-3/+2
| | | | be defined on the secondary.
* Escape the individual dnsmasq advanced/custom optionsjim-p2014-08-061-1/+1
|
* no () around qlength hereChris Buechler2014-07-091-1/+1
|
* qlimit must be included hereChris Buechler2014-07-081-0/+2
|
* use HTTPS for dyndns providers that support itChris Buechler2014-07-051-6/+6
|
* Fix #3725:Renato Botelho2014-06-301-13/+21
| | | | | | | - Fix match_filter_field() and also simplify logic - Fix $filterfieldsarray initialization - Avoid to have double spaces on filterfieldsarray['act'] - Fix filter on Firewall Logs
* Merge pull request #1244 from phil-davis/patch-11Renato Botelho2014-06-271-0/+4
|\
| * Handle no dhcpd settings when upgradingPhil Davis2014-06-261-0/+4
| | | | | | | | | | This minor fix was in master but not 2.1 branch. I noticed the warning message when doing a fresh install/test of 2.1.4-release. It prevents the warning message: Warning: Invalid argument supplied for foreach() in /etc/inc/upgrade_config.inc on line 3153 Might as well fix it it 2.1-branch also, in case there is another 2.1.n release.
* | Fix a regression introduced on 8d6c5f6621 that broke CARP+IP aliasRenato Botelho2014-06-261-15/+30
|/
* Only include a scheduled rule if it is strictly before the end timeRELENG_2_1_4Phil Davis2014-06-201-1/+1
| | | | The exact moment of the end time is the end of the schedule. We do not want to include a rule when filter_configure_sync wakes up at 00:15:00 etc and is on a not-slow system that processes this code during the interval 00:15:00 to 00:15:01. This should help intermittent issues with schedules not finishing at the appropriate 15-minute boundary. Might help or fix #3558
* Remove extra data after space and fix pf rule syntax. It should fix #3688Renato Botelho2014-06-201-1/+1
|
* Always set httponly attribute on cookiesRenato Botelho2014-06-181-10/+8
|
* Add comment I forgot on last commitRenato Botelho2014-06-171-0/+1
|
* Re-generate session ID on a successful login to avoid session fixationRenato Botelho2014-06-171-0/+1
|
* Revert "Revert "Fix #3700 and other syntax issues:""Renato Botelho2014-06-101-1/+2
| | | | This reverts commit 4cc2ae78d3027c349969437f08a88b1fb88c9de8.
* Revert "Fix #3700 and other syntax issues:"Renato Botelho2014-06-101-2/+1
| | | | This reverts commit e912bfae186b6b657daf52607f9d027f46be0478.
* Fix #3700 and other syntax issues:Renato Botelho2014-06-101-1/+2
| | | | | | | | | - Remove -G parameter from pfctl since it doesn't exist anymore - Initialize $old_router - Fix sh syntax on variable assign, it couldn't have space before = - Simplify logic - Avoid flush states twice, if it was done on IP change, don't do it again if router also has changed
* Escape argument on call to is_process_running too, also remove some ↵Renato Botelho2014-06-061-3/+3
| | | | unecessary mwexec() calls
* Add some protection to parameters that come through _GETRenato Botelho2014-06-061-9/+9
|
* Escape this before running.jim-p2014-06-061-1/+1
|
* allow ipaliases to be configured on lo0Matt Smith2014-06-031-2/+2
|
* remove openbgpd bits from system_gateways_edit and system.inc. The packageChris Buechler2014-05-301-2/+2
| | | | | | match is case-sensitive and hasn't matched the openbgpd package's name in at least 5 years, so it doesn't do anything. It's far from functional in any useful manner even fixing that issue.
* client-config-dir is also useful when using OpenVPN's internal DHCP while ↵jim-p2014-05-301-0/+1
| | | | bridging.
* Convert protocol ssl:// to https:// when creating http headersManuel Silvoso2014-05-281-1/+1
|
* Properly handle this rename, and squelch errors if it fails.jim-p2014-05-211-1/+1
|
* Delete all ip aliases when interface is disabled, it should fix #3650Renato Botelho2014-05-211-7/+21
|
* /etc/version_kernel and /etc/version_base no longer exist, use php_uname to ↵jim-p2014-05-161-2/+4
| | | | get the info instead.
* Remove units from burst as it is always specified in bytes. (Per ipfw(8)).jim-p2014-05-061-2/+2
| | | | Worked for me in testing, I watched a file briefly burst until and then be clamped down to the limiter's rate.
* Merge the forgotten Ticket #3062 patch for CP pipeno leaking issue which ↵Ermal2014-05-031-1/+6
| | | | leads to the 'Maximum login reached' on CP
* Signal a reload if anything got updatedErmal2014-04-301-1/+3
|
* Merge the patch suggested in Ticket #3629. It also Fixes #3629. The question ↵Ermal2014-04-301-1/+1
| | | | is why this is using config lock? Also where is filter configure called here?
* Move clog from /usr to /usr/localRenato Botelho2014-04-282-3/+3
| | | | | | | | Conflicts: etc/inc/filter_log.inc etc/inc/system.inc etc/rc usr/local/www/guiconfig.inc
* Correct the ridirection URL to unbreak ones passed through Radius attributes ↵Ermal2014-04-281-1/+1
| | | | and repsect user choices. Reported-by: Antoine Guillemot
* Merge pull request #1105 from florian-asche/RELENG_2_1Renato Botelho2014-04-252-8/+13
|\
| * Update services.incFlorian Asche2014-04-251-7/+6
| | | | | | fix
| * Moved my changes from Pull Request #1025 , #1019 , #1018 , #1012 (master) to ↵Florian Asche2014-04-182-9/+15
| | | | | | | | | | | | RELENG_2_1 * Added missing usepublicip with dyndnsCheckIP * Added missing CURL setops
* | Resolver has no option for remote syslog, remove wrong copy/paste that was ↵Renato Botelho2014-04-241-2/+0
| | | | | | | | adding it when apinger was enabled
* | Merge pull request #1119 from phil-davis/patch-4Renato Botelho2014-04-241-1/+1
|\ \
| * | Cut paste bug fix in Remote Syslog DHCP eventsPhil Davis2014-04-201-1/+1
| |/ | | | | | | | | | | This version for 2.1 branch. apinger is repeated here from the code above, but it should be dhcp. Forum https://forum.pfsense.org/index.php?topic=73734.0 Selecting to remote syslog "Gateway Monitor events" would also switch on "DHCP service events" unintentionally.
OpenPOWER on IntegriCloud