summaryrefslogtreecommitdiffstats
path: root/etc
Commit message (Collapse)AuthorAgeFilesLines
* Do not apply bw limits if the setting is not enabled in CP. Though still ↵RELENG_2_1Ermal LUÇI2014-12-221-4/+10
| | | | respect radius attributes for now with this setting. Resolves #4127
* Ticket #4053, manually merge improvements on rrd restore handling.Ermal LUÇI2014-12-011-10/+13
|
* Ticket #4053, manually merge improvements on rrd backup handling.Ermal LUÇI2014-12-011-2/+12
|
* Actually an interface is detstroyed here no need for this merge!Ermal LUÇI2014-11-211-7/+2
| | | | | | Revert "Merge e3cffd6cefc - Properly remove IPv6 carp vips as reported from https://forum.pfsense.org/index.php?topic=84392.0" This reverts commit e5e16cfc962bcc98a06b89574309bc2ef0ed3542.
* Merge e3cffd6cefc - Properly remove IPv6 carp vips as reported from ↵Ermal LUÇI2014-11-211-2/+7
| | | | https://forum.pfsense.org/index.php?topic=84392.0
* Fix logic to find available next number for limiters and queues. It fixes #3998Renato Botelho2014-11-131-2/+2
|
* Fix obviously broken test in rc.initial.setlanipPhil Davis2014-11-051-1/+1
| | | | IMO might as well back-port any obviously wrong code to 2.1 branch, just in case anybody on 2.1.n cares for it or there is a need for another 2.1.n release.
* Fixes #3941. When optimizations of the loops were made this brought the ↵Ermal2014-11-011-6/+6
| | | | problems of overriding default gateway by dynamic interfaces. Try to stick to the first found for now!
* Fix two more instances of rrd.tgz renaming.jim-p2014-10-311-2/+2
|
* Remove redundancy as pointed out by phil-davisRenato Botelho2014-10-281-7/+3
|
* Decode recently created cert and key. It fixes #3964. While here, fix ↵Renato Botelho2014-10-281-3/+3
| | | | logical condition to create a new cert if crt or key is not present
* Merge pull request #1312 from phil-davis/patch-8Renato Botelho2014-10-231-1/+8
|\
| * Prevent Internal Server Error if range is backwardsPhil Davis2014-10-211-1/+8
| | | | | | | | Fixes redmine #3950 - ip_range_to_subnet_array can easily swap the input parameters if the caller has passed/entered them the wrong way around. That is both friendly to the caller and ensures that a hostile caller can't blow up the routine. This patches 2.1 branch - will submit pull request for master also.
* | Teach the certificate generation code how to make a self-signed certificate, andjim-p2014-10-213-38/+77
|/ | | | | | | | | | change the GUI cert generation code to use it. Also, move the GUI cert generation code to its own function so we can add a GUI option to regenerate it later. Also use some more sane defaults for the contents of the default self- signed certificate's fields so it will be more unique and less likely to trigger problems in browser certificate storage handling. Also add a CLI script to regenerate a new GUI certificate. Several master commits rolled into one patch for 2.1.x.
* Tame the poodle. Disable SSLv3.jim-p2014-10-151-0/+1
|
* Correct evaluation for "Acct-Interim-Interval" from RADIUSdariomas2014-09-191-1/+1
| | | | | | | Setting "Acct-Interim-Interval :=600" in FreeRadius2 evaluates to 'random' values with PfSense 2.1. Possibly a bug related to: https://forum.pfsense.org/index.php?topic=60079.0 https://forum.pfsense.org/index.php?topic=60262.0
* Fix #3866 Firewall Log FilteringPhil Davis2014-09-161-1/+1
| | | on 2.1 branch
* Add pages missing from the Status > Traffic Graph privilege that are ↵jim-p2014-09-111-0/+2
| | | | required for the full page to load
* igmpproxy param -d doesn't like the space before optarg. Fixes #3852Renato Botelho2014-09-081-2/+2
|
* Hide FreeBSD version from sshd banner. It fixes #3840Renato Botelho2014-08-291-0/+2
|
* pgrep parameters are out of order and it also needs -a to find sshd. While ↵Renato Botelho2014-08-221-2/+1
| | | | I'm here, simplify sh syntax and prevent noise to be printed if pid file doesn't exist
* delete the dhcpd.pid file before starting dhcpd. Fixes bug where on rare ↵Chris Buechler2014-08-221-0/+8
| | | | occasions a stale PID file could prevent dhcpd from starting until it's manually deleted.
* use pgrep here instead, previous way could wrongly show SSH as enabled where ↵Chris Buechler2014-08-221-3/+3
| | | | it isn't.
* Bump version to 2.1.5Renato Botelho2014-08-141-1/+1
|
* Added filter.so to list of extensions loaded for filter_var() support.Matt Smith2014-08-131-0/+3
|
* Move dhcp6c log to dhcpd.log, it fixes #3799Renato Botelho2014-08-111-2/+2
|
* Fix #3798 - 'IPsec phase 2 pinghost is not used if the source IP should be a ↵Matt Smith2014-08-081-4/+17
| | | | virtual IP address'
* Avoid generating an invalid racoon config if the user specified a mobile ↵jim-p2014-08-081-0/+5
| | | | pool that is too small.
* Avoid a "Cannot use string offset as an array" error if the packages section ↵jim-p2014-08-081-4/+7
| | | | of the config is missing.
* Per the dhcpd.conf man page and other documentation from ISC, mclt must not ↵Chris Buechler2014-08-061-3/+2
| | | | be defined on the secondary.
* Escape the individual dnsmasq advanced/custom optionsjim-p2014-08-061-1/+1
|
* no () around qlength hereChris Buechler2014-07-091-1/+1
|
* qlimit must be included hereChris Buechler2014-07-081-0/+2
|
* use HTTPS for dyndns providers that support itChris Buechler2014-07-051-6/+6
|
* Fix #3725:Renato Botelho2014-06-301-13/+21
| | | | | | | - Fix match_filter_field() and also simplify logic - Fix $filterfieldsarray initialization - Avoid to have double spaces on filterfieldsarray['act'] - Fix filter on Firewall Logs
* Merge pull request #1244 from phil-davis/patch-11Renato Botelho2014-06-271-0/+4
|\
| * Handle no dhcpd settings when upgradingPhil Davis2014-06-261-0/+4
| | | | | | | | | | This minor fix was in master but not 2.1 branch. I noticed the warning message when doing a fresh install/test of 2.1.4-release. It prevents the warning message: Warning: Invalid argument supplied for foreach() in /etc/inc/upgrade_config.inc on line 3153 Might as well fix it it 2.1-branch also, in case there is another 2.1.n release.
* | Fix a regression introduced on 8d6c5f6621 that broke CARP+IP aliasRenato Botelho2014-06-261-15/+30
|/
* Only include a scheduled rule if it is strictly before the end timeRELENG_2_1_4Phil Davis2014-06-201-1/+1
| | | | The exact moment of the end time is the end of the schedule. We do not want to include a rule when filter_configure_sync wakes up at 00:15:00 etc and is on a not-slow system that processes this code during the interval 00:15:00 to 00:15:01. This should help intermittent issues with schedules not finishing at the appropriate 15-minute boundary. Might help or fix #3558
* Remove extra data after space and fix pf rule syntax. It should fix #3688Renato Botelho2014-06-201-1/+1
|
* Always set httponly attribute on cookiesRenato Botelho2014-06-181-10/+8
|
* Add comment I forgot on last commitRenato Botelho2014-06-171-0/+1
|
* Re-generate session ID on a successful login to avoid session fixationRenato Botelho2014-06-171-0/+1
|
* Do not expire already disabled users, it fixes #3644Renato Botelho2014-06-121-1/+1
|
* Revert "Revert "Fix #3700 and other syntax issues:""Renato Botelho2014-06-101-1/+2
| | | | This reverts commit 4cc2ae78d3027c349969437f08a88b1fb88c9de8.
* Revert "Fix #3700 and other syntax issues:"Renato Botelho2014-06-101-2/+1
| | | | This reverts commit e912bfae186b6b657daf52607f9d027f46be0478.
* Fix #3700 and other syntax issues:Renato Botelho2014-06-101-1/+2
| | | | | | | | | - Remove -G parameter from pfctl since it doesn't exist anymore - Initialize $old_router - Fix sh syntax on variable assign, it couldn't have space before = - Simplify logic - Avoid flush states twice, if it was done on IP change, don't do it again if router also has changed
* Escape argument on call to is_process_running too, also remove some ↵Renato Botelho2014-06-061-3/+3
| | | | unecessary mwexec() calls
* Add some protection to parameters that come through _GETRenato Botelho2014-06-061-9/+9
|
* Escape this before running.jim-p2014-06-061-1/+1
|
OpenPOWER on IntegriCloud