Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Add defualt pass rule on lan interface and remove it from config. | Ermal Luçi | 2008-02-01 | 1 | -0/+5 |
| | | | | It is a default policy so lets keep it with defaults and let the user override it when pleases. | ||||
* | Update to racoon-0.7-cvs with Timo Teras patches. | Seth Mos | 2008-02-01 | 1 | -14/+4 |
| | | | | Use setkey -f because spd loading works normally now. | ||||
* | Latest eDir / Active Directory tweaks from Mark Batchelor. | Scott Ullrich | 2008-01-31 | 2 | -1272/+1333 |
| | | | | Thanks again for him helping us with this project! | ||||
* | Fix a bug with regex matching. | Ermal Luçi | 2008-01-29 | 1 | -2/+2 |
| | |||||
* | Changes to allow Novell eDir to authenticate via LDAP. | Scott Ullrich | 2008-01-28 | 1 | -11/+16 |
| | | | | Thanks to Mark Batchelor for all of his help with these changes. | ||||
* | reply-to logic needed some touchups to handle the new gateway code also | Bill Marquette | 2008-01-27 | 1 | -2/+9 |
| | |||||
* | fix route-to rule generation with new gateways code | Bill Marquette | 2008-01-27 | 1 | -1/+7 |
| | |||||
* | Change regex to match valid bandwidth to allow bandwidth with decimal point ↵ | Ermal Luçi | 2008-01-27 | 1 | -2/+2 |
| | | | | to be specified. | ||||
* | Fix some bugs and typos. | Ermal Luçi | 2008-01-27 | 1 | -23/+19 |
| | |||||
* | Add input validation for bandwidths and HFSC scheduler. | Ermal Luçi | 2008-01-22 | 1 | -240/+253 |
| | |||||
* | Revert dhclient timeout to the default of 60 seconds (originally didn't ↵ | Chris Buechler | 2008-01-22 | 1 | -2/+2 |
| | | | | realize it was in there two more times). | ||||
* | Add support for the "Remove Shaper " button on the backend. | Ermal Luçi | 2008-01-21 | 1 | -11/+22 |
| | |||||
* | Remove a duplicated entry slipped in accidentally. | Ermal Luçi | 2008-01-21 | 1 | -9/+0 |
| | | | | Remove uneeded check on default policy. | ||||
* | Revert dhclient timeout to the default of 60 seconds. | Chris Buechler | 2008-01-21 | 1 | -1/+1 |
| | |||||
* | More changes in the attempt to change the logic on filter.inc | Ermal Luçi | 2008-01-20 | 1 | -10/+10 |
| | |||||
* | Please don't force commit! | Bill Marquette | 2008-01-19 | 1 | -2/+2 |
| | | | | Re-apply fix from commit [20700] that got reverted in [20706] | ||||
* | Unbreak filter_rules_generate broked by previous wrong commit which was ↵ | Ermal Luçi | 2008-01-18 | 1 | -396/+485 |
| | | | | | | against HEAD. Second attempt at reorganizing the logic of pfSense rules. | ||||
* | First attempt at changing the logic of the default rules of pfSense. | Ermal Luçi | 2008-01-18 | 1 | -462/+384 |
| | | | | This allows for the default rules to be overriden in the GUI. | ||||
* | Forgotten filter.inc support for Floating tab on the Rules section. | Ermal Luçi | 2008-01-17 | 1 | -8/+18 |
| | |||||
* | Remove both Bill and myself from the (C). Looks like Ermal has | Scott Ullrich | 2008-01-17 | 1 | -2/+0 |
| | | | | done a rewrite. | ||||
* | Add back Bill to the (C) header, he did far more work on the shaper | Scott Ullrich | 2008-01-17 | 1 | -1/+2 |
| | | | | previously than I did. | ||||
* | Move $rule portion out of the ng0 check that accidently slipped in. This | Scott Ullrich | 2008-01-17 | 1 | -1/+1 |
| | | | | | | | combined with my earlier change unbreaks traffic from the firewall itself and also unbreaks nat redirect traffic. Found-by: Billm | ||||
* | Unbreak traffic from the firewall itself. | Scott Ullrich | 2008-01-17 | 1 | -1/+1 |
| | |||||
* | * Fix many bugs itroduced with the new shaper code import. | Ermal Luçi | 2008-01-16 | 2 | -1118/+1420 |
| | | | | | | | * Introduce a new tab to the Firewall - Rules section called "floating rules" where you can create rules with direction/tag/tagged/quick keywords of PF. * Improve input validation on the shaper code and the wizard. * Change the logic in filter.inc by allowing the rules without the quick keyword to work propperly. * ALso begin changing the logic of filter.inc default rulesto not use the quick keyword so they can be overriden in the GUI. | ||||
* | Conditional checks use ==, not = ! | Scott Ullrich | 2008-01-16 | 1 | -2/+2 |
| | |||||
* | attempt loading SPD entries 4 times | Seth Mos | 2008-01-15 | 1 | -2/+2 |
| | |||||
* | Somehow sending a SIGHUP before flushing and reloading works better then | Seth Mos | 2008-01-15 | 1 | -4/+6 |
| | | | | after. Technically a SIGHUP to racoon should not do anything. | ||||
* | Flush both SA and SPD entries | Seth Mos | 2008-01-15 | 1 | -0/+1 |
| | |||||
* | Fix copy and pasto. | Scott Ullrich | 2008-01-15 | 1 | -5/+0 |
| | |||||
* | * Use correct package name | Scott Ullrich | 2008-01-15 | 1 | -2/+7 |
| | | | | * Include filter rules | ||||
* | Add sipproxd hooks. | Scott Ullrich | 2008-01-14 | 1 | -1/+7 |
| | |||||
* | repair logic I think. Can we please use more curlies? | Seth Mos | 2008-01-14 | 1 | -4/+4 |
| | |||||
* | Make 3 passes at loading the SPD entries as this will fail on large ↵ | Seth Mos | 2008-01-14 | 1 | -27/+31 |
| | | | | | | configurations > 250 tunnels. Tested by smos@ 399 tunnels, 239 active, ok by sullrich@ | ||||
* | Check that ldap_connect() exists before calling. For some reason on | Scott Ullrich | 2008-01-13 | 1 | -2/+17 |
| | | | | bootup the function does not exist but the module is loaded? | ||||
* | Make sure $d_fwupenabled_path is defined since it is initially defined | Scott Ullrich | 2008-01-12 | 1 | -0/+2 |
| | | | | | in guiconfig.inc. At some point in the future these variables should be moved to globals.inc. | ||||
* | remove DynDNS cache in services_dyndns_reset() | Chris Buechler | 2008-01-12 | 1 | -0/+6 |
| | | | | Ticket #1589 | ||||
* | Bring in the new traffic shaper. | Ermal Luçi | 2008-01-11 | 4 | -720/+1801 |
| | | | | | | It is capable of multi interface shaping. Also bring the wizard up-to-date. Now it is capable of doing multi interface too. | ||||
* | Automatically assume the embedded platform on update if the platform | Scott Ullrich | 2008-01-11 | 1 | -0/+8 |
| | | | | | is set to embedded or wrap. We do not include any kernels outside of embedded anyways for this paticular platform. | ||||
* | * Do not allow the image to go read only during download / upgrade ops | Scott Ullrich | 2008-01-11 | 1 | -0/+4 |
| | | | | | | * If a previous /root/firmware.tgz file exists before download, unlink the file to avoid a out of space error if the prior download operation happens to fail (or if / becomes rw again) | ||||
* | touch up text | Chris Buechler | 2008-01-08 | 4 | -16/+16 |
| | | | | Ticket #1569 | ||||
* | add vr(4) VLAN support | Chris Buechler | 2008-01-05 | 1 | -1/+1 |
| | | | | Ticket #1561 | ||||
* | Add ping-check true; to isc-dhcpd | Scott Ullrich | 2008-01-05 | 1 | -0/+2 |
| | |||||
* | * Missing = | Scott Ullrich | 2008-01-01 | 2 | -13/+35 |
| | | | | * Allow user manager to adhere to admins group | ||||
* | Only check item if it is an array. | Scott Ullrich | 2007-12-31 | 1 | -2/+3 |
| | |||||
* | Correctly return no groups when the user is not a member of a local group. | Scott Ullrich | 2007-12-31 | 1 | -2/+2 |
| | |||||
* | Modify isSystemAdmin() to check LDAP for a "admins" group. | Scott Ullrich | 2007-12-31 | 1 | -0/+6 |
| | |||||
* | Remove the need to define authetnication containers. Now a user can login | Scott Ullrich | 2007-12-31 | 1 | -7/+22 |
| | | | | | | | anywhere in the LDAP tree and will use the groups to deterimine the access privs. Work sponsored-by: Centipede Networks | ||||
* | Only iterate items if it is an array. | Scott Ullrich | 2007-12-31 | 1 | -12/+14 |
| | | | | Work sponsored-by: Centipede Networks | ||||
* | * Return OU=Users which is built-in to active directory | Scott Ullrich | 2007-12-31 | 1 | -0/+2 |
| | | | | | | * Specify that LDAP is Active Directory compatible Work sponsored-by: Centipede Networks | ||||
* | Correct variable check. | Scott Ullrich | 2007-12-31 | 1 | -1/+1 |
| |