summaryrefslogtreecommitdiffstats
path: root/etc
Commit message (Collapse)AuthorAgeFilesLines
* Add defualt pass rule on lan interface and remove it from config.Ermal Luçi2008-02-011-0/+5
| | | | It is a default policy so lets keep it with defaults and let the user override it when pleases.
* Update to racoon-0.7-cvs with Timo Teras patches.Seth Mos2008-02-011-14/+4
| | | | Use setkey -f because spd loading works normally now.
* Latest eDir / Active Directory tweaks from Mark Batchelor.Scott Ullrich2008-01-312-1272/+1333
| | | | Thanks again for him helping us with this project!
* Fix a bug with regex matching.Ermal Luçi2008-01-291-2/+2
|
* Changes to allow Novell eDir to authenticate via LDAP.Scott Ullrich2008-01-281-11/+16
| | | | Thanks to Mark Batchelor for all of his help with these changes.
* reply-to logic needed some touchups to handle the new gateway code alsoBill Marquette2008-01-271-2/+9
|
* fix route-to rule generation with new gateways codeBill Marquette2008-01-271-1/+7
|
* Change regex to match valid bandwidth to allow bandwidth with decimal point ↵Ermal Luçi2008-01-271-2/+2
| | | | to be specified.
* Fix some bugs and typos.Ermal Luçi2008-01-271-23/+19
|
* Add input validation for bandwidths and HFSC scheduler.Ermal Luçi2008-01-221-240/+253
|
* Revert dhclient timeout to the default of 60 seconds (originally didn't ↵Chris Buechler2008-01-221-2/+2
| | | | realize it was in there two more times).
* Add support for the "Remove Shaper " button on the backend.Ermal Luçi2008-01-211-11/+22
|
* Remove a duplicated entry slipped in accidentally.Ermal Luçi2008-01-211-9/+0
| | | | Remove uneeded check on default policy.
* Revert dhclient timeout to the default of 60 seconds.Chris Buechler2008-01-211-1/+1
|
* More changes in the attempt to change the logic on filter.incErmal Luçi2008-01-201-10/+10
|
* Please don't force commit!Bill Marquette2008-01-191-2/+2
| | | | Re-apply fix from commit [20700] that got reverted in [20706]
* Unbreak filter_rules_generate broked by previous wrong commit which was ↵Ermal Luçi2008-01-181-396/+485
| | | | | | against HEAD. Second attempt at reorganizing the logic of pfSense rules.
* First attempt at changing the logic of the default rules of pfSense.Ermal Luçi2008-01-181-462/+384
| | | | This allows for the default rules to be overriden in the GUI.
* Forgotten filter.inc support for Floating tab on the Rules section.Ermal Luçi2008-01-171-8/+18
|
* Remove both Bill and myself from the (C). Looks like Ermal hasScott Ullrich2008-01-171-2/+0
| | | | done a rewrite.
* Add back Bill to the (C) header, he did far more work on the shaperScott Ullrich2008-01-171-1/+2
| | | | previously than I did.
* Move $rule portion out of the ng0 check that accidently slipped in. ThisScott Ullrich2008-01-171-1/+1
| | | | | | | combined with my earlier change unbreaks traffic from the firewall itself and also unbreaks nat redirect traffic. Found-by: Billm
* Unbreak traffic from the firewall itself.Scott Ullrich2008-01-171-1/+1
|
* * Fix many bugs itroduced with the new shaper code import.Ermal Luçi2008-01-162-1118/+1420
| | | | | | | * Introduce a new tab to the Firewall - Rules section called "floating rules" where you can create rules with direction/tag/tagged/quick keywords of PF. * Improve input validation on the shaper code and the wizard. * Change the logic in filter.inc by allowing the rules without the quick keyword to work propperly. * ALso begin changing the logic of filter.inc default rulesto not use the quick keyword so they can be overriden in the GUI.
* Conditional checks use ==, not = !Scott Ullrich2008-01-161-2/+2
|
* attempt loading SPD entries 4 timesSeth Mos2008-01-151-2/+2
|
* Somehow sending a SIGHUP before flushing and reloading works better thenSeth Mos2008-01-151-4/+6
| | | | after. Technically a SIGHUP to racoon should not do anything.
* Flush both SA and SPD entriesSeth Mos2008-01-151-0/+1
|
* Fix copy and pasto.Scott Ullrich2008-01-151-5/+0
|
* * Use correct package nameScott Ullrich2008-01-151-2/+7
| | | | * Include filter rules
* Add sipproxd hooks.Scott Ullrich2008-01-141-1/+7
|
* repair logic I think. Can we please use more curlies?Seth Mos2008-01-141-4/+4
|
* Make 3 passes at loading the SPD entries as this will fail on large ↵Seth Mos2008-01-141-27/+31
| | | | | | configurations > 250 tunnels. Tested by smos@ 399 tunnels, 239 active, ok by sullrich@
* Check that ldap_connect() exists before calling. For some reason onScott Ullrich2008-01-131-2/+17
| | | | bootup the function does not exist but the module is loaded?
* Make sure $d_fwupenabled_path is defined since it is initially definedScott Ullrich2008-01-121-0/+2
| | | | | in guiconfig.inc. At some point in the future these variables should be moved to globals.inc.
* remove DynDNS cache in services_dyndns_reset()Chris Buechler2008-01-121-0/+6
| | | | Ticket #1589
* Bring in the new traffic shaper.Ermal Luçi2008-01-114-720/+1801
| | | | | | It is capable of multi interface shaping. Also bring the wizard up-to-date. Now it is capable of doing multi interface too.
* Automatically assume the embedded platform on update if the platformScott Ullrich2008-01-111-0/+8
| | | | | is set to embedded or wrap. We do not include any kernels outside of embedded anyways for this paticular platform.
* * Do not allow the image to go read only during download / upgrade opsScott Ullrich2008-01-111-0/+4
| | | | | | * If a previous /root/firmware.tgz file exists before download, unlink the file to avoid a out of space error if the prior download operation happens to fail (or if / becomes rw again)
* touch up textChris Buechler2008-01-084-16/+16
| | | | Ticket #1569
* add vr(4) VLAN supportChris Buechler2008-01-051-1/+1
| | | | Ticket #1561
* Add ping-check true; to isc-dhcpdScott Ullrich2008-01-051-0/+2
|
* * Missing =Scott Ullrich2008-01-012-13/+35
| | | | * Allow user manager to adhere to admins group
* Only check item if it is an array.Scott Ullrich2007-12-311-2/+3
|
* Correctly return no groups when the user is not a member of a local group.Scott Ullrich2007-12-311-2/+2
|
* Modify isSystemAdmin() to check LDAP for a "admins" group.Scott Ullrich2007-12-311-0/+6
|
* Remove the need to define authetnication containers. Now a user can loginScott Ullrich2007-12-311-7/+22
| | | | | | | anywhere in the LDAP tree and will use the groups to deterimine the access privs. Work sponsored-by: Centipede Networks
* Only iterate items if it is an array.Scott Ullrich2007-12-311-12/+14
| | | | Work sponsored-by: Centipede Networks
* * Return OU=Users which is built-in to active directoryScott Ullrich2007-12-311-0/+2
| | | | | | * Specify that LDAP is Active Directory compatible Work sponsored-by: Centipede Networks
* Correct variable check.Scott Ullrich2007-12-311-1/+1
|
OpenPOWER on IntegriCloud