summaryrefslogtreecommitdiffstats
path: root/etc
Commit message (Collapse)AuthorAgeFilesLines
* - correct behaviour of dhcpd.conf creationMartin Fuchs2007-08-021-2/+6
| | | | - enable root-path
* DHCP remove duplicate option domain-name ind dhcpd.confMartin Fuchs2007-08-021-3/+0
|
* DHCP: domainname / HEAD > RELENG_1Martin Fuchs2007-08-021-0/+3
|
* Add TFTP and LDAP server options to dhcpdMartin Fuchs2007-08-011-0/+7
|
* Users that have specific page access can now loginBill Marquette2007-08-011-5/+10
|
* * Remove trailing space * Remove duplicate command accidently commitedScott Ullrich2007-07-311-4/+2
|
* Increase timeouts when using a 1000 hz. From the FreeBSD commit message: ↵Scott Ullrich2007-07-311-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ÊChange TCPTV_MIN to be independent of HZ. ÊWhile it was documented to Êbe in ticks "for algorithm stability" when originally committed, it turns Êout that it has a significant impact in timing out connections. ÊWhen we Êchanged HZ from 100 to 1000, this had a big effect on reducing the time Êbefore dropping connections. ÊTo demonstrate, boot with kern.hz=100. Êssh to a box on local ethernet Êand establish a reliable round-trip-time (ie: type a few commands). ÊThen unplug the ethernet and press a key. ÊTime how long it takes to Êdrop the connection. ÊThe old behavior (with hz=100) caused the connection to typically drop Êbetween 90 and 110 seconds of getting no response. ÊNow boot with kern.hz=1000 (default). ÊThe same test causes the ssh session Êto drop after just 9-10 seconds. ÊThis is a big deal on a wifi connection. ÊWith kern.hz=1000, change sysctl net.inet.tcp.rexmit_min from 3 to 30. ÊNote how it behaves the same as when HZ was 100. ÊAlso, note that when Êbooting with hz=100, net.inet.tcp.rexmit_min *used* to be 30. ÊThis commit changes TCPTV_MIN to be scaled with hz. Êrexmit_min should Êalways be about 30. ÊIf you set hz to Really Slow(TM), there is a safety Êfeature to prevent a value of 0 being used. ÊThis may be revised in the future, but for the time being, it restores the Êold, pre-hz=1000 behavior, which is significantly less annoying. ÊAs a workaround, to avoid rebooting or rebuilding a kernel, you can run Ê"sysctl net.inet.tcp.rexmit_min=30" and add "net.inet.tcp.rexmit_min=30" Êto /etc/sysctl.conf. ÊThis is safe to run from 6.0 onwards. ÊApproved by: Êre (rwatson) ÊReviewed by: Êandre, silby
* -move upnp_action to services.incRyan Wagoner2007-07-231-4/+31
| | | | | -make sure to clear rules when stopping miniupnpd -fix status_upnp and status_services pages so they use upnp_action and not the rcfile
* remove previous commit, moving function to index.php to support package ↵Scott Dale2007-07-231-35/+0
| | | | installation
* add tab for widgets functionScott Dale2007-07-231-0/+34
|
* Add rrd graph settings page.Seth Mos2007-07-212-9/+14
| | | | | Bump config out of line with 1.2 Add rrd config upgrade code.
* Keep longer archives, allow for a 4 year spanSeth Mos2007-07-161-4/+14
|
* Axe unused archives, correct average times.Seth Mos2007-07-151-27/+3
|
* Start DHCPD before DNSMASQ to avoid this error on embedded: Jul 12 01:34:39 ↵Scott Ullrich2007-07-121-3/+3
| | | | dnsmasq[588]: failed to access /var/dhcpd/var/db/dhcpd.leases: No such file or directory
* Commit missed checkin, supress debug messageSeth Mos2007-07-091-3/+5
|
* Unbreak IPSEC, correct pathnamesSeth Mos2007-07-081-6/+6
|
* CAPS kills. Literally. Do not set the description to upper case LAN when ↵Scott Ullrich2007-07-071-1/+1
| | | | we are looking for lower case.
* Kill off old pftpx processes correctlyScott Ullrich2007-07-071-12/+12
|
* Improve the load balancing pool edit screen. Submitted-by: Chris DanielScott Ullrich2007-07-061-1/+1
|
* Remove extra PasswordAuthentication line. Ticket #1374Scott Ullrich2007-07-061-1/+0
|
* Use $lanif for lan anti-lockout ruleScott Ullrich2007-07-051-1/+1
|
* Escape $lan correctlyScott Ullrich2007-07-051-1/+1
|
* Do not use $iface as source or destination as it may be a member of a bridge ↵Scott Ullrich2007-07-051-10/+10
| | | | without an ip address and pfctl will complain.
* Since we are matching traffic on incoming interface, do not link wan or lan ↵Scott Ullrich2007-07-051-4/+4
| | | | to bridgeX
* Only pass anti-lockout traffic on $lanScott Ullrich2007-07-051-1/+1
|
* Fix loading and reloading config for IPSEC.Seth Mos2007-07-041-16/+18
| | | | MFC: Possible candidate, works for seth. Needs test.
* Supress debug loggingSeth Mos2007-07-041-8/+15
|
* Cleanup IPSEC rules. We where blocking port = 500 UDP on CARP interfaces, ↵Scott Ullrich2007-07-011-6/+6
| | | | for one.
* Be more verbose on logging so that we can correctly deterimine protocol, ↵Scott Ullrich2007-07-011-2/+2
| | | | etc. Ticket #1348
* $config needs to be globalScott Ullrich2007-06-301-0/+1
|
* unbreak policy routing rules network access to LAN IP Ticket #1320Scott Ullrich2007-06-301-1/+1
|
* Correctly move upnp to base since LiveCD cannot write files to ↵Scott Ullrich2007-06-302-0/+8
| | | | /usr/local/etc or /usr/local/etc/rc.d/ Ticket #1342
* Kill trailing spaceScott Ullrich2007-06-301-1/+1
|
* Remove openvpn csc file when option is disabled. Ticket #1339Scott Ullrich2007-06-301-2/+6
|
* Add ASN1DN identities support to IPSEC. Subbmitted-by: Nic Bernstein ↵Scott Ullrich2007-06-301-1/+10
| | | | <nic_AT_onlight.com>
* Do not antispoof on wan when it is bridged. Ticket #1352Scott Ullrich2007-06-301-3/+12
|
* Move CARP and PFSYNC allow traffic before USER_RULES section. If a person ↵Scott Ullrich2007-06-291-2/+2
| | | | has a restrictive ruleset then it is possible to disallow traffic.
* Add Type-Of-Service-passthru for server and clientMartin Fuchs2007-06-241-1/+3
|
* remove part of solution of problem solved elsewhereTimo Boettcher2007-06-211-4/+1
|
* Make OpenVPN usable in status_service.phpTimo Boettcher2007-06-211-43/+52
|
* Default to nat-reflection inactivity of 2000 which is roughtly 33 minutes.Scott Ullrich2007-06-191-1/+1
|
* Correct location of use_rrd_gateway.Scott Ullrich2007-06-181-1/+1
|
* Make sure we are writable for /etc/crontabScott Ullrich2007-06-091-2/+1
|
* Unbreak captive portal images.Scott Ullrich2007-06-091-13/+17
|
* Cleanup logging line so that it is more readable.Scott Ullrich2007-06-091-1/+1
|
* find_interface_ip() requires a real interfaceScott Ullrich2007-06-091-1/+1
|
* correct code formattingMartin Fuchs2007-06-071-33/+33
|
* Add OpenVPN CSC-DHCP Options (override per Client), add TLS-Authentication, ↵Martin Fuchs2007-06-071-5/+121
| | | | add connection-limit for server
* Restore previous PPTP changes.Scott Ullrich2007-06-041-5/+5
|
* With the tweaks that have occured today fastcgi can now run again on 64 ↵Scott Ullrich2007-06-031-4/+0
| | | | megabyte machines.
OpenPOWER on IntegriCloud