Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Revert "Revert "Do not put the prefix len on the src ip"" | Ermal | 2012-10-31 | 1 | -1/+1 |
| | | | | | | This reverts commit 16c95ab93bcfb8d59260aa7564a402a6cec3050d. This is how it should be for now. See #2665 | ||||
* | Revert "Do not put the prefix len on the src ip" | Ermal | 2012-10-31 | 1 | -1/+1 |
| | | | | | | It actually makes sense in IPv6 world This reverts commit 3b1385a3febf783f48881b7baf61844f8e91209d. | ||||
* | Do not put the prefix len on the src ip | Ermal | 2012-10-31 | 1 | -1/+1 |
| | |||||
* | Fixes #2394. If an entry of 0.0.0.0/0 is configured than use the first ↵ | Ermal | 2012-10-30 | 1 | -2/+4 |
| | | | | interface ip matching. Also do a microptimization to not retrieve the interface list every ping host entry | ||||
* | Fixes #2300. Take into consideration ip aliases on carp | Ermal | 2012-10-30 | 1 | -5/+8 |
| | |||||
* | Fixes #2300. Add static route even for ip aliases selected to avoid issues. | Ermal | 2012-10-30 | 1 | -1/+4 |
| | |||||
* | use the proper array here for VIPs and use some suggestions from the ticket ↵ | jim-p | 2012-10-30 | 1 | -6/+15 |
| | | | | to fix #2645 | ||||
* | Mark the pipe/queue with zero(unlimited) bandwidth to allow traffic on the ↵ | Ermal | 2012-10-29 | 1 | -1/+5 |
| | | | | state to flow still or new traffic matching the rule to flow. Dummynet blocks traffic not matchign apipe/flow by default. Reported-by: http://forum.pfsense.org/index.php/topic,54595.msg294734.html#msg294734 | ||||
* | To avoid issues with missing removed schedules just do not create the pipe ↵ | Ermal | 2012-10-24 | 1 | -1/+2 |
| | | | | at all | ||||
* | Correct issues with limiters. 1. correct spelling of config option 2. avoid ↵ | Ermal | 2012-10-23 | 1 | -2/+2 |
| | | | | duplicating javascript | ||||
* | Use a proposal check value of obey for all mobile, not just pure-PSK. (The ↵ | jim-p | 2012-10-22 | 1 | -1/+1 |
| | | | | docs recommend setting this, may as well make it the default) | ||||
* | Switch to background launching | smos | 2012-10-18 | 1 | -1/+1 |
| | |||||
* | Check if there is any configuration present before going through it. | Ermal | 2012-10-18 | 1 | -1/+1 |
| | |||||
* | Check if there is any configuration present before going through it. | Ermal | 2012-10-18 | 1 | -5/+7 |
| | |||||
* | Add a few required things here to allow the script to work | jim-p | 2012-10-16 | 1 | -0/+3 |
| | |||||
* | Merge pull request #239 from phil-davis/master | Ermal Luçi | 2012-10-15 | 1 | -2/+2 |
|\ | | | | | Limiter addBwRowTo plus icon syntax | ||||
| * | Limiter addBwRowTo plus icon syntax | Phil Davis | 2012-10-12 | 1 | -2/+2 |
| | | | | | | | | Fix the syntax so that the GUI Limiter, Creat new limiter, Bandwidth "+" icon as the correct title text, and the Mask field gets displayed. Note that clicking the "+" icon still does not make an empty first row when creating a new limiter. | ||||
* | | Ooops fix removed line by accident | Ermal | 2012-10-15 | 1 | -0/+1 |
| | | |||||
* | | Merge changes required for using the ISC dhclient in pfSense with prefix ↵ | smos | 2012-10-12 | 3 | -111/+72 |
|/ | | | | | | | delegation. This should hopefully be a bit more reliable in the long run. The dhclient6-script could be merged with dhclient-script in the future. Still need to cleanup old adresses and prefixes, as well as LAN prefixes when a old prefix dissapears. This needs some thought and clue to strap together. | ||||
* | Fix typo | Erik Fonnesbeck | 2012-10-11 | 1 | -1/+1 |
| | |||||
* | Use only binat so both side can communicate properly. With nat only the side ↵ | Ermal | 2012-10-11 | 1 | -5/+1 |
| | | | | behind nat works | ||||
* | Handle case with no server or no client OpenVPN | Phil Davis | 2012-10-11 | 1 | -6/+12 |
| | | | | | If there are OpenVPN servers but not clients, this warning is emitted: Warning: Invalid argument supplied for foreach() in /etc/rc.openvpn on line 55 This fixes handles that case, and the case of OpenVPN clients but no servers. | ||||
* | Tune check so nat rules for single host ips get added | Ermal | 2012-10-10 | 1 | -1/+1 |
| | |||||
* | Make limiters have a schedule specified which applie bandwidth limits during ↵ | Ermal | 2012-10-09 | 3 | -39/+197 |
| | | | | that period | ||||
* | Make sure admin can always write the config | jim-p | 2012-10-09 | 1 | -1/+1 |
| | |||||
* | Add initial support for a privilege that denies write access to the config. | jim-p | 2012-10-09 | 2 | -0/+9 |
| | | | | NOTE: This only prevents writing to config.xml - it does NOT prevent other changes/execution that do not involve writing to config.xml (e.g. applying settings, exec, killing states, etc) | ||||
* | Fix reference to gateway in pool config | jim-p | 2012-10-05 | 1 | -1/+1 |
| | |||||
* | This should fix ipsec status for natted tunnel(s). | Ermal | 2012-10-05 | 1 | -3/+8 |
| | |||||
* | Correct the config generation | Ermal | 2012-10-05 | 1 | -3/+2 |
| | |||||
* | config.xml might have some elusive data so do not fail sainfo section for ↵ | Ermal | 2012-10-05 | 1 | -8/+6 |
| | | | | localside if there is an empty nat address. Just do not put the nat side in there | ||||
* | Correct check since it might be an ip as well | Ermal | 2012-10-05 | 1 | -1/+5 |
| | |||||
* | Correctly build the sainfo to avoid errors | Ermal | 2012-10-05 | 1 | -5/+5 |
| | |||||
* | Be more strict on validation during filter reload | Ermal | 2012-10-05 | 1 | -2/+2 |
| | |||||
* | Fixup easyrule block for IPv6 | jim-p | 2012-10-05 | 1 | -9/+10 |
| | |||||
* | Use .= for strings rather than += | jim-p | 2012-10-05 | 1 | -4/+4 |
| | |||||
* | Don't write a rule out of the natlocal_subnet is blank. | jim-p | 2012-10-05 | 1 | -1/+1 |
| | |||||
* | Safety belt | jim-p | 2012-10-05 | 1 | -1/+2 |
| | |||||
* | show true/false in logged message instead of 1/<nothing> | Bill Marquette | 2012-10-05 | 1 | -2/+1 |
| | |||||
* | Rather use the system constants as defined | Ermal | 2012-10-04 | 1 | -4/+4 |
| | |||||
* | Use integer rather than hex to put these values. AMD64 builds do rather ↵ | Ermal | 2012-10-04 | 1 | -4/+4 |
| | | | | awkward problems | ||||
* | Add a NAT entry for configuring NAT on ipsec phase2. It will add nat rules ↵ | Ermal | 2012-10-04 | 2 | -3/+50 |
| | | | | on enc interface | ||||
* | Add restrict lines to limit what local clients are allowed to do to the ntp ↵ | jim-p | 2012-10-03 | 1 | -0/+2 |
| | | | | server. | ||||
* | Merge pull request #233 from bcyrill/rfc3168_flags | Jim P | 2012-10-01 | 2 | -5/+15 |
|\ | | | | | Add ECE and CWR TCP flags as defined in RFC 3168 | ||||
| * | Fix typo | bcyrill | 2012-10-01 | 1 | -1/+1 |
| | | |||||
| * | Add ECE and CWR TCP flags as defined in RFC 3168 | bcyrill | 2012-10-01 | 2 | -5/+15 |
| | | |||||
* | | Fixup processing of IPv6 IPs for EasyRule. Fixes #2649 | jim-p | 2012-10-01 | 1 | -0/+7 |
| | | |||||
* | | Allow for changing OpenVPN TUN to TAP device mode without reboot. | PiBa-NL | 2012-10-01 | 1 | -1/+6 |
| | | |||||
* | | Merge branch 'master' of git://github.com/bsdperimeter/pfsense | PiBa-NL | 2012-10-01 | 9 | -74/+112 |
|\ \ | |/ | |||||
| * | Revert "Allow for changing OpenVPN TUN to TAP device mode without reboot." ↵ | jim-p | 2012-09-30 | 1 | -6/+1 |
| | | | | | | | | | | | | -- Adds blank OpenVPN servers, see ticket #2643 This reverts commit c8bb7f1527a99c69784ab6c01d9050adcde6a8a0. | ||||
| * | Add forgotten part of the IPsec split dns fix from yesterday | jim-p | 2012-09-27 | 1 | -1/+8 |
| | |