summaryrefslogtreecommitdiffstats
path: root/etc
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #1238 from DasTestament/masterRenato Botelho2014-06-251-2/+38
|\
| * Update openvpn.incDmitriy K.2014-06-241-4/+3
| |
| * Update openvpn.incDmitriy K.2014-06-201-1/+6
| | | | | | Added verbosity check in case when verbosity_level is absent in config.xml
| * Update openvpn.incDmitriy K.2014-06-201-2/+0
| | | | | | Removed unnecessary "else {";
| * patchpack1Dmitriy K.2014-06-171-2/+36
| | | | | | | | | | -Fix #3401 (Added tun option "Disable IPv6" -Added new options: route-nopull, route-noexec, verb;
* | Add the AESGCM and XCBC on the list of algos availbleErmal2014-06-241-3/+14
| |
* | Actually use ph1ent ikeid here otherwise will duplicate ids here.Ermal2014-06-241-1/+1
| |
* | Fix dscp values and provide a config upgrade to fix values stored in ↵Renato Botelho2014-06-243-2/+19
| | | | | | | | config.xml. This is a proper fix for #3688
* | Add local/www to the list of directories that needs to be symlink'd to ↵Renato Botelho2014-06-231-0/+1
| | | | | | | | reduce PBI differences between 2.1 and 2.2
* | Merge pull request #1239 from phil-davis/patch-9jim-p2014-06-201-1/+1
|\ \
| * | Only include a scheduled rule if it is strictly before the end timePhil Davis2014-06-191-1/+1
| | | | | | | | | The exact moment of the end time is the end of the schedule. We do not want to include a rule when filter_configure_sync wakes up at 00:15:00 etc and is on a not-slow system that processes this code during the interval 00:15:00 to 00:15:01. This should help intermittent issues with schedules not finishing at the appropriate 15-minute boundary. Might help or fix #3558
* | | Remove extra data after space and fix pf rule syntax. It should fix #3688Renato Botelho2014-06-201-1/+1
| | |
* | | Replace some backticks by exec ans simplify commandsRenato Botelho2014-06-192-2/+2
| | |
* | | Remove more backtick abuseRenato Botelho2014-06-191-5/+9
| | |
* | | Add -n for 2 remaining sysctl calls, also replace backtick by execRenato Botelho2014-06-192-3/+3
| | |
* | | Add full path for dmesg and replace backtick by execRenato Botelho2014-06-191-1/+1
|/ /
* | Change the option for webconfig login autocomplete from opt-in to opt-out, ↵Renato Botelho2014-06-183-3/+12
| | | | | | | | also bump config version and write a function to keep the current status on upgrades
* | Always set httponly attribute on cookiesRenato Botelho2014-06-181-10/+8
| |
* | Add comment I forgot on last commitRenato Botelho2014-06-171-0/+1
| |
* | Re-generate session ID on a successful login to avoid session fixationRenato Botelho2014-06-171-0/+1
|/
* Create some symlinks inside pbi dir to reduce differences between 2.1 and ↵Renato Botelho2014-06-161-1/+22
| | | | 2.2 and avoid the need to change a lot of PBI scripts
* Avoid keeping old files from previous sessions on /tmp/configbakRenato Botelho2014-06-131-0/+1
|
* cf/ dir is removed below, do not need to remove the file hereRenato Botelho2014-06-131-1/+0
|
* Fix path for trigger_initial_wizardRenato Botelho2014-06-131-1/+1
|
* Merge pull request #1034 from vsquared56/masterRenato Botelho2014-06-131-4/+10
|\
| * Return full issuer for DN with multiple attribute valuesvsquared562014-03-241-4/+10
| | | | | | e.g. CN=Some Root CA,OU=Certificates Department,OU=(c) Copyright SomeCorp,O=SomeCorp,C=US
* | Replace Header() calls by lowercaseRenato Botelho2014-06-132-3/+3
| |
* | Merge pull request #1222 from phil-davis/patch-8Renato Botelho2014-06-131-4/+18
|\ \
| * | Handle firewall log filter regex input better bug #3689Phil Davis2014-06-031-4/+18
| | | | | | | | | | | | | | | If the user inputs an invalid regex in any of the filter fields, then a page full of "warning" messages appear in the GUI, about whatever is invalid. If for some reason the user wants to match a forward slash somewhere, then they have to realize to escape it, doing "\/" instead of just "/". Be nice to this special case, because the user does not necessarily know that "/" is being used as the delimiter in the preg_match call. Turn "/" into "\/" (when the "\" is not already put in by the user). For other regex issues, suppress the warning output, using "@". When the user inputs some invalid garbage in a filter field, an empty filtered firewall log table will be displayed, rather than screens full of PHP warning output.
* | | Bring the code of captiveportal up to speed with its module counterpart ↵Ermal2014-06-121-9/+9
| | | | | | | | | | | | requirments
* | | Fix i386 default URL for snapshotsRenato Botelho2014-06-121-1/+1
| | |
* | | Do not expire already disabled users, it fixes #3644Renato Botelho2014-06-121-1/+1
| | |
* | | Fix #3665, show IPSec tunnel description on status pageRenato Botelho2014-06-121-0/+24
| | |
* | | Fix #3702, make sure tunnel inside IP is set when interface changesRenato Botelho2014-06-111-1/+1
| | |
* | | Fix #3700 and other syntax issues:Renato Botelho2014-06-101-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | - Remove -G parameter from pfctl since it doesn't exist anymore - Initialize $old_router - Fix sh syntax on variable assign, it couldn't have space before = - Simplify logic - Avoid flush states twice, if it was done on IP change, don't do it again if router also has changed
* | | Add some protection to parameters that come through _GETRenato Botelho2014-06-061-9/+9
| | |
* | | Fix #3691, use curl instead of fetch to download update filesRenato Botelho2014-06-051-17/+13
| | |
* | | Allow the user to select "None" for OpenVPN client certificate, so long as ↵jim-p2014-06-041-7/+14
| | | | | | | | | | | | they supply and auth user/pass. Ticket #3633
* | | Silent pbi_infoRenato Botelho2014-06-031-1/+1
| | |
* | | Reduce possible noiseRenato Botelho2014-06-031-1/+1
|/ /
* | allow ipaliases to be configured on lo0Matt Smith2014-06-021-2/+2
| |
* | Fix variable namejim-p2014-05-311-1/+2
| |
* | remove openbgpd bits from system_gateways_edit and system.inc. The packageChris Buechler2014-05-301-2/+2
| | | | | | | | | | | | match is case-sensitive and hasn't matched the openbgpd package's name in at least 5 years, so it doesn't do anything. It's far from functional in any useful manner even fixing that issue.
* | Bring in proper gmirror support for the GUI and notifications.jim-p2014-05-302-0/+322
| | | | | | | | | | | | Made a general gmirror library to perform various gmirror tasks and get information, using some of the former widget logic to start. Updated widget to use this new code. Added a Diag > GEOM Mirrors page that displays information about existing mirrors and perform various management tasks. Current actions include rebuilding a drive, forgetting disconnected mirror drives, insert/remove, deactivate/activate, clearing medatada. It's now possible to use the GUI to rebuild a failed mirror by performing a forget, then insert action to replace a missing/dead drive. Also included is a notification setup. Mirror status is polled every 60 seconds, and if any aspect of the mirror changes, notifications are issues that alert in the GUI and by SMTP, etc.
* | glob() is already called by unlink_if_existsRenato Botelho2014-05-301-2/+2
| |
* | client-config-dir is also useful when using OpenVPN's internal DHCP while ↵jim-p2014-05-301-0/+1
| | | | | | | | bridging.
* | Add @ to silent any possible return of posix_killRenato Botelho2014-05-301-1/+1
| |
* | Fix typoRenato Botelho2014-05-301-1/+1
| |
* | Improve /etc/sshd:Renato Botelho2014-05-301-24/+36
| | | | | | | | | | | | | | | | . Create ed25519 key for ssh and silent daemon . Remove some exec() calls . We do not need to re-create all keys if /root/.ssh/authorized_keys is empty . Remove some redundancy and declare a single array with all keys
* | Include the v4 prefix on the v6 netmask to make routing more sane and alos ↵Ermal2014-05-291-0/+4
| | | | | | | | tracking interface configurations work!
OpenPOWER on IntegriCloud