summaryrefslogtreecommitdiffstats
path: root/etc/inc
Commit message (Collapse)AuthorAgeFilesLines
* Fix indentRenato Botelho2014-11-031-517/+517
|
* Indent here as wellWarren Baker2014-11-031-7/+7
|
* Properly configure NAT Tranversal setting.Ermal2014-11-011-21/+28
|
* Remove debugging codeErmal2014-11-011-3/+1
|
* Fixes #3938. Do more error checking.Ermal2014-11-011-2/+4
|
* Fixes #3941. When optimizations of the loops were made this brought the ↵Ermal2014-11-011-6/+6
| | | | problems of overriding default gateway by dynamic interfaces. Try to stick to the first found for now!
* Fix two more instances of rrd.tgz renaming.jim-p2014-10-311-2/+2
|
* Allow accept_unencrypted_mainmode_messages to be enabled if neededErmal2014-10-301-0/+5
|
* Hide burst for limiters, since it doesn't do anything. more details inChris Buechler2014-10-291-9/+10
| | | | ticket #3933
* FreeBSD fails to set advskew back to 0 after you set it to any otherChris Buechler2014-10-281-4/+16
| | | | | | | value. That's a separate issue that needs fixing upstream, but in the mean time, we can work around it by removing all CARP VIPs in the same way we do when "Temporarily Disable CARP" is chosen before adding them all back. Ticket #3910
* Remove redundancy as pointed out by phil-davisRenato Botelho2014-10-281-7/+3
|
* Merge pull request #1297 from phil-davis/patch-23Renato Botelho2014-10-281-7/+42
|\
| * Support converting an IP range to an array of addressesPhil Davis2014-10-241-12/+52
| | | | | | so that it can be used for expanding ranges in host alias input.
* | Decode recently created cert and key. It fixes #3964. While here, fix ↵Renato Botelho2014-10-281-3/+3
| | | | | | | | logical condition to create a new cert if crt or key is not present
* | domain and search should not both be defined in resolv.conf per FreeBSD man ↵Chris Buechler2014-10-251-4/+4
| | | | | | | | page and handbook (only the latter is actually used). Change this to just not use domain, and set the search to the system's domain where not using the function that generates the search list for dynamic WANs.
* | Enable unity plugin as per request from ↵Ermal2014-10-241-3/+2
| | | | | | | | https://forum.pfsense.org/index.php?topic=79737.msg452808#msg452808
* | Prevent Internal Server Error if range is backwardsPhil Davis2014-10-211-1/+8
| | | | | | | | Fixes redmine #3950 - ip_range_to_subnet_array can easily swap the input parameters if the caller has passed/entered them the wrong way around. That is both friendly to the caller and ensures that a hostile caller can't blow up the routine. This patch is for master (2.2)
* | hostnames can end with a . (and actually always do, it's just usually ↵Chris Buechler2014-10-211-1/+1
| | | | | | | | implied), so allow that here. Fixes wrong input validation in parts of nsupdate GUI, among other things.
* | Merge pull request #1306 from phil-davis/patch-3Renato Botelho2014-10-201-0/+4
|\ \
| * | Support up to 4 DNS Servers in DHCPPhil Davis2014-10-071-0/+4
| | |
* | | Underscores are valid characters in domains. Fixes #3219Chris Buechler2014-10-191-1/+1
| | |
* | | Ticket #3932 For more than 100 entries create pipes in line with the rules ↵Ermal2014-10-181-7/+21
| | | | | | | | | | | | file to speedup the process
* | | Fix descriptions and cn on generated GUI cert to be consistent.jim-p2014-10-151-3/+3
| | |
* | | Reintroduce the vfs.forcesync systlErmal2014-10-151-1/+2
| | |
* | | Merge pull request #1309 from phil-davis/patch-5Renato Botelho2014-10-151-2/+2
|\ \ \
| * | | Fix #3935 Properly allow WAN without LANPhil Davis2014-10-151-2/+2
| | | | | | | | | | | | Was broken by https://github.com/pfsense/pfsense/commit/bd0b5d2dc7a279d3473a65a11d67efb5e39392be
* | | | Tame the poodle. Disable SSLv3.jim-p2014-10-151-0/+1
|/ / /
* | | rename interfaces_carp_setup to interfaces_sync_setup and call it during ↵Ermal2014-10-152-4/+4
| | | | | | | | | | | | bootup since it does not only relate to carp interfaces.
* | | Fixes #3213. Allow up to 2900 limiters. This was set to 30 since limiters ↵Ermal2014-10-151-2/+4
| | | | | | | | | | | | are to be controlled by mask and not created manually!
* | | Make proper check hereErmal2014-10-141-1/+1
| | |
* | | Teach the certificate generation code how to make a self-signed certificate, ↵jim-p2014-10-142-38/+70
| | | | | | | | | | | | | | | | | | and change the GUI cert generation code to use it. Also, move the GUI cert generation code to its own function so we can add a GUI option to regenerate it later. Also use some more sane defaults for the contents of the default self-signed certificate's fields so it will be more unique and less likely to trigger problems in browser certificate storage handling.
* | | update comment to reflect breakage caused here and reference associated ↵Chris Buechler2014-10-141-1/+1
| | | | | | | | | | | | redmine ticket, not high priority, can be fixed later
* | | block IPv4 link-local. Per RFC 3927, hosts "MUST NOT send the packet toChris Buechler2014-10-141-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | any router for forwarding", and "any network device receiving such a packet MUST NOT forward it". FreeBSD won't route it (route-to can override in some circumstances), so it can't be in use as a real network anywhere with the possible exception of local-only networks. Unlikely any such situation exists anywhere. Fixes ticket #2073
* | | Properly set MTU for lagg interface, it fixes #3922Renato Botelho2014-10-131-24/+53
| | |
* | | s/removing/omitting/g for gateway monitor log entires. "Removing" is not ↵Chris Buechler2014-10-101-3/+3
| | | | | | | | | | | | necessarily correct, there are many circumstances where this runs where it wasn't there to begin with, and is potentially misleading.
* | | Fix pf syntax s/divert/divert-to/. It should fix #3921Renato Botelho2014-10-101-1/+1
| | |
* | | Fix an error introduced in bd0b5d2dc7 that makes system believe interfaces ↵Renato Botelho2014-10-081-1/+0
| | | | | | | | | | | | always mismatch
* | | Remove the minimum NIC warning, this dates back to when minimum 2 NICs were ↵Chris Buechler2014-10-073-18/+4
| | | | | | | | | | | | supported and it made sense to throw this message at people. It's obvious a network appliance requires at least one NIC.
* | | Update the URL for snapshots updateErmal2014-10-071-1/+1
| | |
* | | Be more strict when checking if olsrd is enabled, otherwise when package is ↵Renato Botelho2014-10-071-3/+7
|/ / | | | | | | deinstalled and configuration is kept dhcpd will consider it's always as enabled
* | Remove function that is not implemented properly. Nothing seems to use it.Ermal2014-10-061-7/+0
| |
* | Merge pull request #1303 from PiBa-NL/carp_without_matching_subnetErmal2014-10-061-9/+8
|\ \
| * | CARP, allow carp ip to be outside interface and alias subnets (FreeBSD10 ↵PiBa-NL2014-10-021-9/+8
| |/ | | | | | | feature)
* | Merge pull request #1304 from sselph/powerd_normal_modeErmal2014-10-061-1/+5
|\ \
| * | Add powerd normal mode flag (-n)Steven Selph2014-10-051-1/+5
| | |
* | | Fix not rules for OPTn network casePhil Davis2014-10-061-10/+7
|/ / | | | | | | | | | | Reported in forum https://forum.pfsense.org/index.php?topic=82319.0 The "if (is_subnet($src)) ... filter_address_add_vips_subnets" code needs to go outside all of the if that checks for opt interfaces (not just in the else part). That makes filter_address_add_vips_subnets get called in all cases, including when optn network is specified. (line 2264, 2265) Then filter_address_add_vips_subnets needs to process the "not" code early, before checking if there are any VIPs (which was causing the routine to exit early in simple cases) - lines 2093-2100 chunk. This should also fix cases of using "LANnet", "WANnet" and "not" in rules on an interface that has just a plain address (no VIPs). Lines 2144 and 2158 are no functional change. The formatting of the multi-line statement was odd, so I put it back all on 1 line.
* | Make proper check if IP address is configured on another interfaces and ↵Renato Botelho2014-10-031-3/+13
| | | | | | | | ignore current one. It fixes #3807
* | get back to our standard RFC-defined capitalization of IPsecChris Buechler2014-10-023-6/+6
|/
* Merge pull request #1290 from jean-m-cyr/masterRenato Botelho2014-09-251-0/+12
|\
| * Support IPV6 in unbound.confJean Cyr2014-09-241-0/+12
| | | | | | | | IPv6 addresses are not included in unbound config and access list
OpenPOWER on IntegriCloud