Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Failover in 10 seconds as opposed to 60 seconds on DHCP Server failover mode. | Scott Ullrich | 2007-11-06 | 1 | -1/+1 |
| | |||||
* | Minor style nitpicks. # should have a space betwen it and the next text. | Scott Ullrich | 2007-11-05 | 1 | -1/+1 |
| | |||||
* | Automatically permit PFTPX traffic behind the scenes. Without this change ↵ | Scott Ullrich | 2007-11-05 | 1 | -6/+17 |
| | | | | multi-wan can break ftp very easily when someone defines rules for the same port range (8020-8029). | ||||
* | IPSEC keep alive pinger using the wrong source IP address | Scott Ullrich | 2007-11-05 | 1 | -8/+8 |
| | | | | Ticket #1482 | ||||
* | multiple vlans + spoofmac result in unexpected behaviour | Scott Ullrich | 2007-11-01 | 1 | -0/+12 |
| | | | | | | | | | | | | | | | | | | | | | Ticket #1514 Introduction I have an acceptable workaround, so the problem is not urgent, but before i fiogured out the workaround, is was severely impacting performance (3 interfaces not operating). I am a network specialist and I am available to assist wherever possible. If the issue si considered seriousenough for a fix, I can assist in more detailed pinpointing using tcpdumps on test-platforms. Symptoms If a interface is using vlan tagging for virtual interfaces and also the untagged interface is using MAC address spoofing, communication fails on the tagged vlans. Description On interface rl1 is untagged the WAN connection. This requires a spoofed MAC address, eg using <spoofmac>00:03:6b:f7:3b:3f</spoofmac>. On interface rl1 is also a vlan/tagged interface, eg vlan0 using rl1 and vlan tag 5. The tagged interface vlan0 expects to use the original MAC address of the interface rl0. But the issue is that interface rl0 is only processing incoming packets with destination mac address spoof_mac_rl1. Workarounds (no code change required) acceptable configure the <spoofmac>00:03:6b:f7:3b:3f</spoofmac> on all vlan interfaces connected to interface rl1 funny start a tcpdump on the vlan interface. This will put the interface in promiscuous mode and it will process all packets. Now the packets destined for the original MAC address (and active on the vlan interface) bypass Do not use tagged interfaces on a interface with spoofmac Remarks It is very confusing that when a vlan is created, the GUI a refernece shows to the physical/original MAC address, even when the MAC addres of the untagged interface is | ||||
* | Adding keep alive host to IPsec causes warning in webGUI | Scott Ullrich | 2007-11-01 | 1 | -1/+1 |
| | | | | Ticket #1509 | ||||
* | Define ifconfig command | Seth Mos | 2007-10-29 | 1 | -0/+1 |
| | |||||
* | Fix typo in variable | Seth Mos | 2007-10-28 | 1 | -1/+1 |
| | |||||
* | Remove private networks | Seth Mos | 2007-10-25 | 1 | -3/+0 |
| | |||||
* | Update bogons list, it is severly out of date | Seth Mos | 2007-10-25 | 1 | -20/+5 |
| | |||||
* | Ticket 1709: fixed typo in OpenVPN cfg-page | Martin Fuchs | 2007-10-24 | 1 | -2/+2 |
| | |||||
* | Improve wireless stats | Seth Mos | 2007-10-21 | 1 | -2/+2 |
| | |||||
* | Commit wireless statistics 1st round | Seth Mos | 2007-10-21 | 1 | -0/+39 |
| | |||||
* | Add function that returns the interface which belongs with the gateway | Seth Mos | 2007-10-19 | 1 | -0/+15 |
| | |||||
* | Ticket #1482 - set the source to an interface that is inside the subnet ↵ | Bill Marquette | 2007-10-19 | 1 | -3/+10 |
| | | | | definition | ||||
* | Lookup the gateway ip for rules which reference gateways by name | Seth Mos | 2007-10-19 | 1 | -4/+4 |
| | |||||
* | Commit function that looks up the gateway ip by name from the Gateways array | Seth Mos | 2007-10-19 | 1 | -0/+15 |
| | |||||
* | Improve fall through logic | Seth Mos | 2007-10-19 | 2 | -11/+13 |
| | |||||
* | Check if array exists | Seth Mos | 2007-10-19 | 2 | -13/+19 |
| | |||||
* | Ticket #1464, only allow y* or n* | Bill Marquette | 2007-10-19 | 1 | -5/+17 |
| | |||||
* | Add prelimenary Routing page. | Seth Mos | 2007-10-19 | 4 | -20/+57 |
| | | | | Allow multiple gateways on one (static) interface | ||||
* | MFC of change [19782] per request from sullrich@ | Bill Marquette | 2007-10-17 | 2 | -0/+12 |
| | | | | Scale state table size with memory, never allocate more than 10% system ram, this leads to 12K states on 128M and 102K on 1G systems - this should be a good default | ||||
* | global s/[wW]ebGUI/webConfigurator/ - brought up via ticket #1427 | Bill Marquette | 2007-10-17 | 4 | -7/+7 |
| | |||||
* | Ticket #1427 - webConfigurator is a better choice, it is used everywhere else | Bill Marquette | 2007-10-16 | 1 | -2/+2 |
| | |||||
* | Ticket #1427 - use webGUI instead of webConfigurator | Bill Marquette | 2007-10-16 | 1 | -2/+2 |
| | |||||
* | Bump global config version to 4.1 for releng_1 | Seth Mos | 2007-10-15 | 1 | -2/+2 |
| | |||||
* | Move RRD upgrade code inline with 1.2 | Seth Mos | 2007-10-15 | 1 | -9/+9 |
| | |||||
* | Make sure we're foreach'ing through an array | Bill Marquette | 2007-10-15 | 1 | -1/+1 |
| | |||||
* | Remove blank c/r | Scott Ullrich | 2007-10-13 | 1 | -1/+1 |
| | |||||
* | Allow the interface assignment code to exit from its strict checking. This ↵ | Scott Ullrich | 2007-10-13 | 1 | -0/+4 |
| | | | | allows Netboot installation services to work correctly. | ||||
* | Do not reconfigure on pptp interfaces. | Seth Mos | 2007-10-09 | 1 | -2/+3 |
| | |||||
* | Check if interface is passed along, otherwise return | Seth Mos | 2007-10-09 | 1 | -0/+4 |
| | |||||
* | Switch on correct argument variable | Seth Mos | 2007-10-09 | 1 | -5/+8 |
| | | | | | Clear arp cache per interface instead of all Clear arp cache for staticly configured interfaces | ||||
* | Ticket #1456 - drop one level of verbosity in tcpdump. Some protocols | Bill Marquette | 2007-10-05 | 1 | -3/+3 |
| | | | | | | | will still decode to multi-line message - not an easy fix. Doesn't appear to break non-raw log display Add VRRP as a protocol type in the decode | ||||
* | Do not handle blank interface names. Ticket #1461 | Scott Ullrich | 2007-10-05 | 1 | -1/+3 |
| | |||||
* | Write out file correctly | Seth Mos | 2007-09-26 | 1 | -1/+3 |
| | |||||
* | Do not match netmasks | Seth Mos | 2007-09-25 | 1 | -3/+6 |
| | |||||
* | Trigger on real hostnames only | Seth Mos | 2007-09-25 | 1 | -2/+2 |
| | |||||
* | Change function add_hostname_to_watch() to use host so we handle multiple IP ↵ | Seth Mos | 2007-09-25 | 1 | -8/+22 |
| | | | | addresses | ||||
* | Add function is_fqdn() | Seth Mos | 2007-09-25 | 1 | -1/+15 |
| | |||||
* | Ticket 1458: Add "option host-name" to dhcpd.conf | Martin Fuchs | 2007-09-25 | 1 | -0/+3 |
| | |||||
* | Start dns cache updater script on bootup | Scott Ullrich | 2007-09-25 | 1 | -1/+1 |
| | |||||
* | Resolve aliases correctly | Scott Ullrich | 2007-09-25 | 1 | -1/+2 |
| | |||||
* | Only record entry if it resolves to an ip address | Scott Ullrich | 2007-09-25 | 1 | -1/+2 |
| | |||||
* | Remove debugging echo | Scott Ullrich | 2007-09-25 | 1 | -1/+0 |
| | |||||
* | Enumerate multiple aliases | Scott Ullrich | 2007-09-25 | 1 | -4/+7 |
| | |||||
* | * Add find_dns_aliases() | Scott Ullrich | 2007-09-25 | 2 | -5/+18 |
| | | | | * Use new function | ||||
* | Start /usr/sbin/update_dns_cache.sh on startup | Scott Ullrich | 2007-09-25 | 1 | -0/+2 |
| | |||||
* | Use gethostbyname() | Scott Ullrich | 2007-09-25 | 1 | -1/+1 |
| | |||||
* | Hush up PHP warnings. | Scott Ullrich | 2007-09-25 | 1 | -0/+2 |
| |