Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Backport usermanager code from HEAD so I can get it in the snaps and | Bill Marquette | 2007-04-13 | 6 | -120/+1071 |
| | | | | | start testing it properly There's still some CSS/HTML fixes needed but the code seems to work | ||||
* | Hide "ipfw2 (+ipv6) initialized, divert loadable, rule-based forwarding ↵ | Scott Ullrich | 2007-04-11 | 1 | -1/+4 |
| | | | | | | enabled, default to accept, logging disabled" while enabling time based rules Noticed-by: Ryan Wagoner | ||||
* | Check for array type before foreach() | Scott Ullrich | 2007-04-11 | 1 | -4/+5 |
| | | | | Reminded-by: Ryan Wagoner/Seth Mos | ||||
* | Remove time based rule debugging statements. | Scott Ullrich | 2007-04-11 | 1 | -20/+0 |
| | | | | Reminded-by: Ryan Wagoner | ||||
* | Do not sort dns server list. | Scott Ullrich | 2007-04-11 | 1 | -1/+0 |
| | | | | Reported-by: Goffredo Andreone | ||||
* | Set RELENG_1 version to 1.3. 1.2 will be released form RELENG_1_2. | Scott Ullrich | 2007-04-09 | 1 | -1/+1 |
| | |||||
* | Time for 1.2-BETA-1Root_RELENG_1_2 | Scott Ullrich | 2007-04-09 | 1 | -1/+1 |
| | |||||
* | If the interface is "lan" and bridging is enabled then skip creation of the ↵ | Scott Ullrich | 2007-04-09 | 1 | -0/+3 |
| | | | | DHCP Server subnet. Ticket #1281 | ||||
* | Remove configuration lock that would be acquired when you login to ssh after ↵ | Scott Ullrich | 2007-04-08 | 1 | -0/+2 |
| | | | | a firmware update. Ticket #1258 | ||||
* | Correct sysctl name.. it is movements not movement. | Scott Ullrich | 2007-04-08 | 1 | -2/+2 |
| | |||||
* | startup routed on boot if it's enabled | Bill Marquette | 2007-04-08 | 1 | -0/+4 |
| | |||||
* | Correct rrd_gateway path | Seth Mos | 2007-04-08 | 1 | -1/+1 |
| | |||||
* | Skip rule creation when interface_ip or remote_gateway is unknown | Scott Ullrich | 2007-04-07 | 1 | -0/+4 |
| | |||||
* | When a 0 byte configuration file is found, remove it (unlink) and continue ↵ | Scott Ullrich | 2007-04-07 | 1 | -12/+17 |
| | | | | processing. | ||||
* | Use -o when loading the pf ruleset. From the pfctl man page: -o ↵ | Scott Ullrich | 2007-04-07 | 1 | -1/+1 |
| | | | | | | Enable the ruleset optimizer. The ruleset optimizer attempts to improve rulesets by removing rule duplication and making better use of rule ordering. Specifically, it does four things: 1. remove duplicate rules 2. remove rules that are a subset of another rule 3. combine multiple rules into a table when advantageous 4. re-order the rules to improve evaluation performance A second -o may be specified to use the currently loaded ruleset as a feedback profile to tailor the optimization of the quick rules to the actual network behavior. It is important to note that the ruleset optimizer will modify the ruleset to improve performance. A side effect of the ruleset modification is that per-rule accounting statistics will have different meanings than before. Use -o when loading the pf ruleset. From the pfctl man page: -o Enable the ruleset optimizer. The ruleset optimizer attempts to improve rulesets by removing rule duplication and making better use of rule ordering. Specifically, it does four things: 1. remove duplicate rules 2. remove rules that are a subset of another rule 3. combine multiple rules into a table when advantageous 4. re-order the rules to improve evaluation performance A second -o may be specified to use the currently loaded ruleset as a feedback profile to tailor the optimization of the quick rules to the actual network behavior. It is important to note that the ruleset optimizer will modify the ruleset to improve performance. A side effect of the ruleset modification is that per-rule accounting statistics will have different meanings than before. | ||||
* | Cleanup IPSEC rules a bit. More work will be performed in this area over ↵ | Scott Ullrich | 2007-04-06 | 1 | -15/+3 |
| | | | | the weekend. | ||||
* | Comment out what appears to be non-needed code. | Scott Ullrich | 2007-04-04 | 1 | -2/+2 |
| | |||||
* | Allow multiple stacked rules (allow) to work correctly in the time based new ↵ | Scott Ullrich | 2007-04-04 | 1 | -0/+3 |
| | | | | world order. How deep this rabbit hole is yet to be deterimined. | ||||
* | Do not zap cron entries with a large hammer. Instead gently use a knife. | Scott Ullrich | 2007-04-03 | 1 | -3/+5 |
| | |||||
* | Also configure loopback. Otherwise filter rules can not be loaded | Seth Mos | 2007-04-03 | 1 | -1/+4 |
| | |||||
* | Deal with block type rules correctly during time based rule operations | Scott Ullrich | 2007-04-03 | 1 | -2/+9 |
| | |||||
* | Do not unset cron entries.. This needs a bit more work. | Scott Ullrich | 2007-04-03 | 1 | -2/+2 |
| | |||||
* | Correctly report false | Scott Ullrich | 2007-04-03 | 1 | -1/+1 |
| | |||||
* | rework the check code to be more readable since it is falsing | Scott Ullrich | 2007-04-03 | 1 | -4/+9 |
| | |||||
* | Add more debugging info | Scott Ullrich | 2007-04-03 | 1 | -0/+3 |
| | |||||
* | Add debugging info for hourstatus | Scott Ullrich | 2007-04-03 | 1 | -1/+5 |
| | |||||
* | Install deny rule correctly | Scott Ullrich | 2007-04-02 | 1 | -2/+1 |
| | |||||
* | Deny rules are already the defeault. Do not switch to allow. | Scott Ullrich | 2007-04-02 | 1 | -2/+0 |
| | |||||
* | * Add more debugging helpers to system logs * Unbreak logic since the recent ↵ | Scott Ullrich | 2007-04-02 | 2 | -3/+6 |
| | | | | traffic shaper 'fix' | ||||
* | Remove openvpn-csc when needed. | Scott Ullrich | 2007-04-02 | 1 | -6/+6 |
| | | | | Submitted-By: Fernando Lemos | ||||
* | Remove trailing space | Scott Ullrich | 2007-04-02 | 1 | -1/+1 |
| | |||||
* | Set /sbin/sysctl -n net.link.ether.inet.log_arp_movement=0 when shared ↵ | Scott Ullrich | 2007-04-02 | 1 | -0/+2 |
| | | | | physical net is checked | ||||
* | Use mwexec() to avoid printing out the sysctl operation | Scott Ullrich | 2007-04-02 | 1 | -1/+1 |
| | |||||
* | * Do no \n * Be consistent on output | Scott Ullrich | 2007-04-01 | 1 | -3/+3 |
| | |||||
* | Add logging helper statements | Scott Ullrich | 2007-04-01 | 1 | -6/+16 |
| | |||||
* | Correctly handle hour and minutes on the dot. | Scott Ullrich | 2007-04-01 | 1 | -1/+1 |
| | |||||
* | Handle port ranges correctly | Scott Ullrich | 2007-03-30 | 1 | -10/+6 |
| | |||||
* | Do not foreach through an item that does not exist | Scott Ullrich | 2007-03-30 | 1 | -5/+7 |
| | |||||
* | corrected schedule_inuse function | Scott Dale | 2007-03-29 | 1 | -3/+2 |
| | |||||
* | Added is_schedule_inuse() | Scott Dale | 2007-03-29 | 1 | -0/+24 |
| | |||||
* | Check that cron items exist before foreach() | Scott Ullrich | 2007-03-29 | 1 | -0/+2 |
| | |||||
* | Remove debugging statement. Remove missed code from HEAD. | Scott Ullrich | 2007-03-29 | 1 | -1/+2 |
| | |||||
* | Remove bogus IPSEC interface checks | Scott Ullrich | 2007-03-29 | 1 | -2/+1 |
| | |||||
* | Correctly check if an alias is in use | Scott Ullrich | 2007-03-29 | 1 | -2/+2 |
| | |||||
* | Correct check | Scott Ullrich | 2007-03-29 | 1 | -1/+1 |
| | |||||
* | Ensure PFTPX is running as it should on filter reloads | Scott Ullrich | 2007-03-29 | 1 | -0/+2 |
| | |||||
* | Unlink pool file only if it exists | Scott Ullrich | 2007-03-29 | 1 | -1/+2 |
| | |||||
* | Fix comment formatting. No functional change. | Scott Ullrich | 2007-03-29 | 1 | -2/+2 |
| | |||||
* | Unlink pool file only if it exists | Scott Ullrich | 2007-03-29 | 1 | -1/+2 |
| | |||||
* | s/!/not/ for not based rules (tdr) | Scott Ullrich | 2007-03-29 | 1 | -4/+4 |
| |