Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | passive should always be on for mobile clients per racoon man page | Chris Buechler | 2011-05-06 | 1 | -1/+1 |
| | |||||
* | Reorder where inetd gets started to after where the package rules are ↵ | jim-p | 2011-05-06 | 1 | -8/+9 |
| | | | | generated, so that a package can add a line to inetd.conf using that process. | ||||
* | If we have deleted the last cert from the CRL, blank out the text. | jim-p | 2011-05-05 | 1 | -1/+4 |
| | |||||
* | Ticket #CZH-831780. If gif(4) is part of a bridge and its mtu is smaller ↵ | Ermal | 2011-05-05 | 1 | -0/+2 |
| | | | | than 1500(ethernet standard) do not consider it in finding the smaller mtu because we have a patch to allow gif(4) be member of a bridge with smaller mtu. See https://rcs.pfsense.org/projects/pfsense-tools/repos/mainline/commits/67d3135722db4a3c911761ead5c881ccaef02c65 for details. | ||||
* | Timeout is either a global option and/or a table stanza option. For now made ↵ | Warren Baker | 2011-05-05 | 1 | -4/+5 |
| | | | | | | it a global option. For the future each pool should probably have a configurable timeout. | ||||
* | Fixes #1394. Create a function get_itnerface_default_mtu and use it for ↵ | Ermal | 2011-05-04 | 1 | -0/+26 |
| | | | | resetting the mtu of a interface to default when needed. This adds the overhead of fetching the interface mtu and comparing with the default one every interface configuration run. | ||||
* | Disable this log message, as it can be extremely spammy in the logs. | jim-p | 2011-05-04 | 1 | -1/+1 |
| | |||||
* | Some more whitespace fixes. | Warren Baker | 2011-05-03 | 1 | -53/+52 |
| | |||||
* | Use correct config variable and fix some whitespaces. | Warren Baker | 2011-05-03 | 1 | -11/+11 |
| | |||||
* | Give time to filterdns to exit gracefully and after that start a new process. | Ermal | 2011-05-02 | 1 | -0/+1 |
| | |||||
* | Resolves #1486. When sticky option is selected under advanced->misc honor it ↵ | Ermal | 2011-05-02 | 1 | -1/+4 |
| | | | | even in the relayd.conf setting. | ||||
* | Bring back the optimization on max-packets at pf(4) level now that the ↵ | Ermal | 2011-05-02 | 1 | -1/+1 |
| | | | | issues with daemon have been identified. | ||||
* | Bring back the optimization on max-packets at pf(4) level now that the ↵ | Ermal | 2011-05-02 | 1 | -0/+3 |
| | | | | issues with daemon have been identified. | ||||
* | Now that layer7 daemon issues are resolved bring back this optimization. | Ermal | 2011-05-02 | 1 | -2/+2 |
| | | | | | | Revert "Do not write ont rules anymore max-packets. This apparently was done by me in a previous commit, it helps with Ticket #636." This reverts commit c8703797e5c24e6619ad14819fc62b3cb8a6ae3d. | ||||
* | Add a newline to the igmpproxy config to resolve issues of it not parsing ↵ | Ermal | 2011-05-02 | 1 | -0/+1 |
| | | | | correctly the file. Reported-by: http://forum.pfsense.org/index.php/topic,36279.0.html | ||||
* | Correct saving of qinq specified members and also correctly destroy parent ↵ | Ermal | 2011-04-28 | 1 | -0/+1 |
| | | | | vlan when deleteing the interfaces. Also take care of attaching to netgraph now that we detach by default. | ||||
* | Remove rndtest sysctl since the kernel module is not anymore part of our ↵ | Ermal | 2011-04-28 | 1 | -4/+0 |
| | | | | kernels. Leftover noticed by: Jim | ||||
* | Remove rndtest sysctl since the kernel module is not anymore part of our ↵ | Ermal | 2011-04-28 | 1 | -1/+0 |
| | | | | kernels. | ||||
* | Bring comment up-to-date | Ermal | 2011-04-28 | 1 | -4/+1 |
| | |||||
* | Make sure that openvpn tunnels are not impacted by hitting 'Save' on the ↵ | Ermal | 2011-04-28 | 1 | -1/+2 |
| | | | | Interface->Configuration page when assigned. | ||||
* | Use the needed variable here so hitting 'Save' from Interface->Configuration ↵ | Ermal | 2011-04-28 | 1 | -1/+1 |
| | | | | section does not leave the assigned gif interfaces without tunnel addresses. | ||||
* | Some configurations might have gre/gif on top of carp. Make sure to handle ↵ | Ermal | 2011-04-28 | 1 | -10/+37 |
| | | | | this configurations and to bring the tunnel correctly up. | ||||
* | Don't just blindly echo to the ntpd.log, it's a clog file and that will ↵ | jim-p | 2011-04-26 | 1 | -1/+1 |
| | | | | break it. | ||||
* | Actually call interfaces_carp_setup after the carp interfaces are created so ↵ | Ermal | 2011-04-22 | 1 | -5/+3 |
| | | | | carp traffic can only flow after we have all vips up and running. This prevents premption more early than necessary. Ticket #1432. | ||||
* | correctly unmount drives where a config doesn't exist | Chris Buechler | 2011-04-21 | 1 | -1/+1 |
| | |||||
* | If the bandwidth value is coming from radius scale it up to the requested ↵ | Ermal | 2011-04-21 | 1 | -2/+2 |
| | | | | Kbit/s unit. | ||||
* | Fix PPPoE upgrade, the <pppoe> tag is considered an array these days and the ↵ | jim-p | 2011-04-21 | 1 | -6/+6 |
| | | | | upgrade code wasn't treating it properly, accessing it directly instead of using the first entry ([0]). Fixes #1439 - PPPoE credentials upgrade properly now. | ||||
* | Confirmed working fix for ticket #1417 - with this change I have two-way ↵ | jim-p | 2011-04-21 | 1 | -0/+2 |
| | | | | connectivity on Site-to-Site (SSL/TLS) with iroutes. | ||||
* | Backing out changes from ticket #1417, it was not a valid openvpn config ↵ | jim-p | 2011-04-19 | 1 | -1/+0 |
| | | | | that the user was trying to make. | ||||
* | Harden SSL settings a bit. Verified OK with @cmb and @billm | Scott Ullrich | 2011-04-19 | 1 | -0/+5 |
| | |||||
* | Slightly different fix for #1417 that doesn't mess up other parameters ↵ | jim-p | 2011-04-18 | 1 | -1/+2 |
| | | | | needed by p2p_tls | ||||
* | Block instead of allowing proto carp/pfsync during bootup since this may ↵ | Ermal | 2011-04-18 | 1 | -2/+2 |
| | | | | cause issues. Ticket #1432 | ||||
* | Add an option under advanced->misc to specify a proxy for retreiving pfsense ↵ | Ermal | 2011-04-18 | 1 | -3/+26 |
| | | | | package info or downloading packages. | ||||
* | Don't include RFC1918 in bogons. | jim-p | 2011-04-17 | 1 | -4/+1 |
| | |||||
* | sync bogons | Chris Buechler | 2011-04-16 | 1 | -7/+3 |
| | |||||
* | Save a little space on the interface list for console assignment. | jim-p | 2011-04-14 | 1 | -2/+2 |
| | |||||
* | Add missing fields for l2tp to define dns and wins servers | smos | 2011-04-13 | 1 | -2/+5 |
| | |||||
* | Do not send growl notices twice | Scott Ullrich | 2011-04-12 | 1 | -0/+13 |
| | |||||
* | Remove blank trailing c/r. | Scott Ullrich | 2011-04-12 | 1 | -1/+1 |
| | |||||
* | Notify via smtp as well as growl | Scott Ullrich | 2011-04-12 | 2 | -1/+3 |
| | |||||
* | Drop the ntpdate sync in favor of using ntpd -s, which should have the same ↵ | jim-p | 2011-04-12 | 3 | -7/+1 |
| | | | | net effect without needing the shell script that has been prone to hanging. | ||||
* | Add a toggle under System > Advanced on the misc tab to enable/disable debug ↵ | jim-p | 2011-04-11 | 1 | -1/+2 |
| | | | | mode for racoon. | ||||
* | Add an IPsec xauth permission. Try to use the nologin shell first (just ↵ | jim-p | 2011-04-08 | 2 | -0/+8 |
| | | | | unlock the account). Ticket #1202 | ||||
* | Putting client-config-dir in the config is valid also for p2p_tls servers. ↵ | jim-p | 2011-04-08 | 1 | -1/+1 |
| | | | | Fixes #1417. | ||||
* | Resolves #1391. Bring back VPN auto rule disable advanced setting. | Ermal | 2011-04-06 | 1 | -1/+4 |
| | |||||
* | CRL is read in as an array now, so even in the imported config it will ↵ | jim-p | 2011-04-06 | 1 | -2/+2 |
| | | | | appear to be an array even though it can only have one value. Fixes #1358 | ||||
* | Fixup text. | jim-p | 2011-04-06 | 1 | -2/+2 |
| | |||||
* | Actually re-parse the config if a valid config was not written. (Should help ↵ | jim-p | 2011-04-06 | 1 | -2/+9 |
| | | | | stop installs from blowing up on failed config upgrades). Save the bad config for inspection, and print a message to the console about what was done. | ||||
* | Correct error message for gateways to report down when the gateway is down ↵ | Ermal | 2011-04-06 | 1 | -1/+1 |
| | | | | and not high latency. | ||||
* | Another sweep at keeping the default route always present when the default ↵ | Ermal | 2011-04-06 | 1 | -10/+20 |
| | | | | setup route is marked as down. This now adds checks for configuration where a defaultgw is not specified by the user but deduced automatically. |