Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Fix indent | Renato Botelho | 2014-11-03 | 1 | -517/+517 |
| | |||||
* | Indent here as well | Warren Baker | 2014-11-03 | 1 | -7/+7 |
| | |||||
* | Properly configure NAT Tranversal setting. | Ermal | 2014-11-01 | 1 | -21/+28 |
| | |||||
* | Remove debugging code | Ermal | 2014-11-01 | 1 | -3/+1 |
| | |||||
* | Fixes #3938. Do more error checking. | Ermal | 2014-11-01 | 1 | -2/+4 |
| | |||||
* | Fixes #3941. When optimizations of the loops were made this brought the ↵ | Ermal | 2014-11-01 | 1 | -6/+6 |
| | | | | problems of overriding default gateway by dynamic interfaces. Try to stick to the first found for now! | ||||
* | Fix two more instances of rrd.tgz renaming. | jim-p | 2014-10-31 | 1 | -2/+2 |
| | |||||
* | Allow accept_unencrypted_mainmode_messages to be enabled if needed | Ermal | 2014-10-30 | 1 | -0/+5 |
| | |||||
* | Hide burst for limiters, since it doesn't do anything. more details in | Chris Buechler | 2014-10-29 | 1 | -9/+10 |
| | | | | ticket #3933 | ||||
* | FreeBSD fails to set advskew back to 0 after you set it to any other | Chris Buechler | 2014-10-28 | 1 | -4/+16 |
| | | | | | | | value. That's a separate issue that needs fixing upstream, but in the mean time, we can work around it by removing all CARP VIPs in the same way we do when "Temporarily Disable CARP" is chosen before adding them all back. Ticket #3910 | ||||
* | Remove redundancy as pointed out by phil-davis | Renato Botelho | 2014-10-28 | 1 | -7/+3 |
| | |||||
* | Merge pull request #1297 from phil-davis/patch-23 | Renato Botelho | 2014-10-28 | 1 | -7/+42 |
|\ | |||||
| * | Support converting an IP range to an array of addresses | Phil Davis | 2014-10-24 | 1 | -12/+52 |
| | | | | | | so that it can be used for expanding ranges in host alias input. | ||||
* | | Decode recently created cert and key. It fixes #3964. While here, fix ↵ | Renato Botelho | 2014-10-28 | 1 | -3/+3 |
| | | | | | | | | logical condition to create a new cert if crt or key is not present | ||||
* | | domain and search should not both be defined in resolv.conf per FreeBSD man ↵ | Chris Buechler | 2014-10-25 | 1 | -4/+4 |
| | | | | | | | | page and handbook (only the latter is actually used). Change this to just not use domain, and set the search to the system's domain where not using the function that generates the search list for dynamic WANs. | ||||
* | | Enable unity plugin as per request from ↵ | Ermal | 2014-10-24 | 1 | -3/+2 |
| | | | | | | | | https://forum.pfsense.org/index.php?topic=79737.msg452808#msg452808 | ||||
* | | Prevent Internal Server Error if range is backwards | Phil Davis | 2014-10-21 | 1 | -1/+8 |
| | | | | | | | | Fixes redmine #3950 - ip_range_to_subnet_array can easily swap the input parameters if the caller has passed/entered them the wrong way around. That is both friendly to the caller and ensures that a hostile caller can't blow up the routine. This patch is for master (2.2) | ||||
* | | hostnames can end with a . (and actually always do, it's just usually ↵ | Chris Buechler | 2014-10-21 | 1 | -1/+1 |
| | | | | | | | | implied), so allow that here. Fixes wrong input validation in parts of nsupdate GUI, among other things. | ||||
* | | Merge pull request #1306 from phil-davis/patch-3 | Renato Botelho | 2014-10-20 | 1 | -0/+4 |
|\ \ | |||||
| * | | Support up to 4 DNS Servers in DHCP | Phil Davis | 2014-10-07 | 1 | -0/+4 |
| | | | |||||
* | | | Underscores are valid characters in domains. Fixes #3219 | Chris Buechler | 2014-10-19 | 1 | -1/+1 |
| | | | |||||
* | | | Ticket #3932 For more than 100 entries create pipes in line with the rules ↵ | Ermal | 2014-10-18 | 1 | -7/+21 |
| | | | | | | | | | | | | file to speedup the process | ||||
* | | | Fix descriptions and cn on generated GUI cert to be consistent. | jim-p | 2014-10-15 | 1 | -3/+3 |
| | | | |||||
* | | | Reintroduce the vfs.forcesync systl | Ermal | 2014-10-15 | 1 | -1/+2 |
| | | | |||||
* | | | Merge pull request #1309 from phil-davis/patch-5 | Renato Botelho | 2014-10-15 | 1 | -2/+2 |
|\ \ \ | |||||
| * | | | Fix #3935 Properly allow WAN without LAN | Phil Davis | 2014-10-15 | 1 | -2/+2 |
| | | | | | | | | | | | | Was broken by https://github.com/pfsense/pfsense/commit/bd0b5d2dc7a279d3473a65a11d67efb5e39392be | ||||
* | | | | Tame the poodle. Disable SSLv3. | jim-p | 2014-10-15 | 1 | -0/+1 |
|/ / / | |||||
* | | | rename interfaces_carp_setup to interfaces_sync_setup and call it during ↵ | Ermal | 2014-10-15 | 2 | -4/+4 |
| | | | | | | | | | | | | bootup since it does not only relate to carp interfaces. | ||||
* | | | Fixes #3213. Allow up to 2900 limiters. This was set to 30 since limiters ↵ | Ermal | 2014-10-15 | 1 | -2/+4 |
| | | | | | | | | | | | | are to be controlled by mask and not created manually! | ||||
* | | | Make proper check here | Ermal | 2014-10-14 | 1 | -1/+1 |
| | | | |||||
* | | | Teach the certificate generation code how to make a self-signed certificate, ↵ | jim-p | 2014-10-14 | 2 | -38/+70 |
| | | | | | | | | | | | | | | | | | | and change the GUI cert generation code to use it. Also, move the GUI cert generation code to its own function so we can add a GUI option to regenerate it later. Also use some more sane defaults for the contents of the default self-signed certificate's fields so it will be more unique and less likely to trigger problems in browser certificate storage handling. | ||||
* | | | update comment to reflect breakage caused here and reference associated ↵ | Chris Buechler | 2014-10-14 | 1 | -1/+1 |
| | | | | | | | | | | | | redmine ticket, not high priority, can be fixed later | ||||
* | | | block IPv4 link-local. Per RFC 3927, hosts "MUST NOT send the packet to | Chris Buechler | 2014-10-14 | 1 | -0/+5 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | any router for forwarding", and "any network device receiving such a packet MUST NOT forward it". FreeBSD won't route it (route-to can override in some circumstances), so it can't be in use as a real network anywhere with the possible exception of local-only networks. Unlikely any such situation exists anywhere. Fixes ticket #2073 | ||||
* | | | Properly set MTU for lagg interface, it fixes #3922 | Renato Botelho | 2014-10-13 | 1 | -24/+53 |
| | | | |||||
* | | | s/removing/omitting/g for gateway monitor log entires. "Removing" is not ↵ | Chris Buechler | 2014-10-10 | 1 | -3/+3 |
| | | | | | | | | | | | | necessarily correct, there are many circumstances where this runs where it wasn't there to begin with, and is potentially misleading. | ||||
* | | | Fix pf syntax s/divert/divert-to/. It should fix #3921 | Renato Botelho | 2014-10-10 | 1 | -1/+1 |
| | | | |||||
* | | | Fix an error introduced in bd0b5d2dc7 that makes system believe interfaces ↵ | Renato Botelho | 2014-10-08 | 1 | -1/+0 |
| | | | | | | | | | | | | always mismatch | ||||
* | | | Remove the minimum NIC warning, this dates back to when minimum 2 NICs were ↵ | Chris Buechler | 2014-10-07 | 3 | -18/+4 |
| | | | | | | | | | | | | supported and it made sense to throw this message at people. It's obvious a network appliance requires at least one NIC. | ||||
* | | | Update the URL for snapshots update | Ermal | 2014-10-07 | 1 | -1/+1 |
| | | | |||||
* | | | Be more strict when checking if olsrd is enabled, otherwise when package is ↵ | Renato Botelho | 2014-10-07 | 1 | -3/+7 |
|/ / | | | | | | | deinstalled and configuration is kept dhcpd will consider it's always as enabled | ||||
* | | Remove function that is not implemented properly. Nothing seems to use it. | Ermal | 2014-10-06 | 1 | -7/+0 |
| | | |||||
* | | Merge pull request #1303 from PiBa-NL/carp_without_matching_subnet | Ermal | 2014-10-06 | 1 | -9/+8 |
|\ \ | |||||
| * | | CARP, allow carp ip to be outside interface and alias subnets (FreeBSD10 ↵ | PiBa-NL | 2014-10-02 | 1 | -9/+8 |
| |/ | | | | | | | feature) | ||||
* | | Merge pull request #1304 from sselph/powerd_normal_mode | Ermal | 2014-10-06 | 1 | -1/+5 |
|\ \ | |||||
| * | | Add powerd normal mode flag (-n) | Steven Selph | 2014-10-05 | 1 | -1/+5 |
| | | | |||||
* | | | Fix not rules for OPTn network case | Phil Davis | 2014-10-06 | 1 | -10/+7 |
|/ / | | | | | | | | | | | Reported in forum https://forum.pfsense.org/index.php?topic=82319.0 The "if (is_subnet($src)) ... filter_address_add_vips_subnets" code needs to go outside all of the if that checks for opt interfaces (not just in the else part). That makes filter_address_add_vips_subnets get called in all cases, including when optn network is specified. (line 2264, 2265) Then filter_address_add_vips_subnets needs to process the "not" code early, before checking if there are any VIPs (which was causing the routine to exit early in simple cases) - lines 2093-2100 chunk. This should also fix cases of using "LANnet", "WANnet" and "not" in rules on an interface that has just a plain address (no VIPs). Lines 2144 and 2158 are no functional change. The formatting of the multi-line statement was odd, so I put it back all on 1 line. | ||||
* | | Make proper check if IP address is configured on another interfaces and ↵ | Renato Botelho | 2014-10-03 | 1 | -3/+13 |
| | | | | | | | | ignore current one. It fixes #3807 | ||||
* | | get back to our standard RFC-defined capitalization of IPsec | Chris Buechler | 2014-10-02 | 3 | -6/+6 |
|/ | |||||
* | Merge pull request #1290 from jean-m-cyr/master | Renato Botelho | 2014-09-25 | 1 | -0/+12 |
|\ | |||||
| * | Support IPV6 in unbound.conf | Jean Cyr | 2014-09-24 | 1 | -0/+12 |
| | | | | | | | | IPv6 addresses are not included in unbound config and access list |