summaryrefslogtreecommitdiffstats
path: root/etc
Commit message (Collapse)AuthorAgeFilesLines
* Assume a default value of 1 for cert_depth to disallow chaining.jim-p2011-10-271-0/+2
|
* Add GUI option to limit the certificate depth allowed when OpenVPN clients ↵jim-p2011-10-272-0/+95
| | | | are connecting.
* Specify full path to openssl.cnf, and select the relevant section to use ↵jim-p2011-10-271-0/+6
| | | | when generating certificates.
* Fix up syslog settings a bit, add some missing options, fix formatting of ↵jim-p2011-10-261-128/+79
| | | | syslog.conf, correct behavior of 'everything', code cleanup.
* Increase the GROW for the 60 minute RRA so that we have atleast 2160 entries ↵smos2011-10-261-1/+1
| | | | for 3 months worth of data.
* Add back the accidentally removed xml rrd restore line, otherwise we still ↵smos2011-10-261-0/+2
| | | | | | don't have the new RRD file Ticket #1758
* Correct typo in command.smos2011-10-251-1/+1
| | | | Ticket #1758
* Ok, let's try not to corrupt the RRD files on upgrade. Leave the RRA ↵smos2011-10-251-2/+7
| | | | | | | archives for the 720 minutes average at 1000. Then run a rrdtool resize command to grow the RRA by 1000 and 2000 for the 60 and 720 average respectively. Attempts to further fix ticket #1758
* Do not pass the ldap port separately, but add it to the LDAP URL. PHP's ↵jim-p2011-10-251-24/+19
| | | | ldap_connect() ignores the passed port parameter if the first parameter is a URL instead of a hostname.
* Shorten the NEGATE rule label as these are too longsmos2011-10-211-1/+1
|
* Modify code to remove memory usage to prevent a Out of Memory condition when ↵smos2011-10-181-12/+14
| | | | | | upgrading the RRD database on a 128MB system. Ticket #1758
* Remove the old direct_networks table which is not used throughout the filter ↵smos2011-10-131-7/+20
| | | | | | | | | | code. Instead we now create a negate_networks table which contains both vpns, directly connected networks (static routes) which should never be tagged for policy routing which breaks traffic. This fixes Ticket #1950 and needs to be MFC to 2.0 for 2.0.1 Conflicts: etc/inc/filter.inc
* Add no nat/rdr rules for carp protocol so people do not screw their setups.Ermal2011-10-131-1/+3
|
* Move the old databases to the backup folder in confsmos2011-10-131-1/+1
| | | | Fixes ticket #1758
* Restore the RRD backup before attempting a migration as this bites the ↵smos2011-10-131-0/+14
| | | | | | | nanobsd users. We immediately backup the new databases to a new rrd.tgz file. The old database will be moved to /root Fix for ticket #1758
* Disable could not find gateway for FOO log message. It is not causing any ↵Scott Ullrich2011-10-111-1/+1
| | | | trouble and is making folks feel like there is something wrong with their install when there really is no issues.
* Correct the updates pathScott Ullrich2011-10-111-2/+2
|
* Fixes issue with l2tp interfaces and altqErmal2011-10-081-0/+2
|
* Include certs.inc before calling lookup_ca in auth.inc. Fixes #1927jim-p2011-10-051-0/+1
|
* Change the way syslogd is killed/restarted a bit. Fixes log related pages ↵jim-p2011-09-301-6/+7
| | | | hanging when logs are reset (or saving syslog settings)
* Add missing sjim-p2011-09-301-1/+1
|
* Move hostapd to its own log and tab, so it stops spamming the system log.jim-p2011-09-302-1/+6
|
* Exclude relayd from main system log, it's really spammy, and is already in ↵jim-p2011-09-291-1/+1
| | | | relayd.log
* Set a full path to remote package from gitlgcosta2011-09-291-1/+1
|
* Show session detail in Virtual Server statusjim-p2011-09-291-0/+16
|
* Check that we have user password otherwise strange things happen if tehre is ↵Ermal2011-09-281-0/+5
| | | | nothing stored in the config
* Correctly check if it is a valid object or notErmal2011-09-281-1/+1
|
* Add relayd to Status > Services and widget. Add capability to kill when ↵jim-p2011-09-281-3/+8
| | | | restarting instead of a simple reload. Implements #1913
* Fixup relayd to handle DNS load balancing as well as standard TCP load ↵jim-p2011-09-271-41/+63
| | | | balancing.
* tagged 2_0_0 with previous push, now bump version to 2.0.1-DEVELChris Buechler2011-09-161-1/+1
|
* the time has come. Bump to 2.0-RELEASEChris Buechler2011-09-121-1/+1
|
* Correct behaviour of switching from console from any ppp type device to ↵Ermal2011-09-121-3/+26
| | | | other type. This has been broken since new ppp code.
* Show friendly interface namesErmal2011-09-081-2/+2
|
* Remove references to undeclared tableErmal2011-09-071-4/+2
|
* Match pftop page exatly with privilege, there is no other page that glob ↵jim-p2011-09-061-1/+1
| | | | would catch. Fixes #1845
* Revert "If a user's browser does not support cookies, print an error on the ↵Ermal2011-09-021-11/+0
| | | | | | login form telling them so." This reverts commit a2e90569ab481bc85f5b3be7a01cc1608b3d065a.
* Unlink the failed downloaded file if present. Since it might contain harmful ↵Ermal2011-09-011-0/+1
| | | | and not expected content
* Check/set array for $config['staticroutes']['route'] as well, fixes deleting ↵jim-p2011-09-011-0/+2
| | | | of the last static route not syncing to secondary unit.
* If a user's browser does not support cookies, print an error on the login ↵jim-p2011-08-311-0/+11
| | | | form telling them so.
* Revert "Make the webConfigurator lockout rule to catch even edp protocol so ↵Ermal2011-08-301-1/+1
| | | | | | that xmlrpc bruteforce is caught as well." This reverts commit cde671805cccb380e60acb35374a23d3a7f48a99.
* Make the webConfigurator lockout rule to catch even edp protocol so that ↵Ermal2011-08-301-1/+1
| | | | xmlrpc bruteforce is caught as well.
* Fix several issues in pppoe code and remove duplicated code.Ermal2011-08-301-2/+2
|
* Fixup OpenVPN status a bit to properly handle SSL servers using a /30 (no ↵jim-p2011-08-301-3/+23
| | | | server directive) and also be a little more verbose about what is happening, if we can tell.
* Fixes #1666. Check if the interface needs to be added to a bridge during ↵Ermal2011-08-291-0/+5
| | | | rc.newwanip as well.
* force a set path for ioncube loaderlgcosta2011-08-241-4/+4
|
* DNSMasq was generating the error 'Socket operation on non-socket' and using ↵Warren Baker2011-08-241-1/+1
| | | | 100% of the CPU, changing it to mwexec_bg() resolves the issue.
* Fix VPN network listing for OpenVPN, and also add tunnel networks to this list.jim-p2011-08-241-2/+5
|
* USB slices are under-reported even more than CF slices when viewed directly, ↵jim-p2011-08-191-1/+4
| | | | instead of when looking at the entire disk. Compensate by adding a few MB. Fixes NanoBSD upgrades when installed on USB thumbdrives. (Imaged after this fix, someone can apply this fix locally and then upgrade as well.)
* Compensate some more occurencies of write_config() during the pathErmal2011-08-191-0/+2
|
* Make update_status and update_output_window consistent on checking for ↵Ermal2011-08-191-3/+4
| | | | console version or not.
OpenPOWER on IntegriCloud