summaryrefslogtreecommitdiffstats
path: root/etc
Commit message (Collapse)AuthorAgeFilesLines
...
* use descriptionScott Ullrich2008-04-271-1/+1
|
* Move easyrsapath to globalsScott Ullrich2008-04-271-0/+1
|
* touch up textChris Buechler2008-04-271-16/+16
|
* Integrate patch sent to m0n0wall-dev by Peter Allgeyer:Scott Ullrich2008-04-271-0/+25
| | | | | | | | | | | | | | | we have configured the captive portal to authenticate users against a Radius server with reauthentication every minute. When using the MAC Pass-Through feature, we have problems reaching hosts on the WAN side on other ports then port 80. The log says, that the connections passes the filter, but tcpdump tells me that the packet never reaches the next hop router. I've found some messages in the captive portal log, which make me believe, that it has something to do with radius reauthentication: Apr 22 18:18:20 RADIUS_DISCONNECT: unauthenticated, 00:02:a5:fa:b9:35, 192.168.1.198
* Bump config version to 4.4Scott Ullrich2008-04-271-1/+1
|
* Return OpenVPN IP addresses when the alias type is openvpn.Scott Ullrich2008-04-271-4/+21
|
* Disable this rules alltogether with the note that tap(4) devices do not need ↵Ermal Luçi2008-04-231-1/+3
| | | | | | | | any special treatment other than get exposed to the GUI of OpenVPN. This will come incrementally. For rules a note would be added to the OpenVPN page as it is currently for PPTP/PPPoE to create filter rules themselves to allow traffic to flow. NOTE: This is as a code cleanup as a security fix since it opened people firewalls under their hood.
* Merge other missed fixes regarding FAIRQ.Ermal Luçi2008-04-221-8/+10
|
* Missed commit to make FAIRQ visible on the GUI.Ermal Luçi2008-04-221-6/+10
|
* Set limit of queue name to 15 chars.Ermal Luçi2008-04-211-1/+1
|
* Copy correct parameters when cloning queue.Ermal Luçi2008-04-211-1/+2
|
* Provide backend support for FAIRQ and apply some style to whitespacesErmal Luçi2008-04-211-8/+256
|
* fix whitespaceChris Buechler2008-04-211-14/+14
|
* don't prompt to remove LAN config if booting (you likely never assigned one, ↵Chris Buechler2008-04-211-9/+33
| | | | | | just remove it) fix error when unset config items don't exist
* add space to not errpr out while starting ftpseasameErmal Luçi2008-04-171-2/+2
|
* First try to cope with the new ability of mpd to rename its interfaces.Ermal Luçi2008-04-163-11/+15
| | | | | | | This is just a s/ng0/typeof connection0/ for now. The major work should be done to allow all optX and lan to be pppoe or pptp interafaces and take just assign the network interface accordingly. It simplifies a lot o things but this has to be done. This would propperly identifying interfaces and not hardcoding names around.
* Only iterate variable if it is an array to silence error.Scott Ullrich2008-04-161-4/+6
|
* Tune PHP_FCGI_CHILDREN and PHP_FCGI_MAX_REQUESTS depending on how muchScott Ullrich2008-04-151-3/+16
| | | | | | | | ram is installed for the captive portal operations. Idea semi taken from http://forum.pfsense.org/index.php/topic,8861.new.html#new NOTE: The forumula could probably be revised a bit but this is a good start.
* Change the renaming of openvpn tun devices to ovpnX so netstat copes with ↵Ermal Luçi2008-04-142-5/+5
| | | | | | the names. Better do this than patch netstat to allow space for IFNAMSIZ in the interface column.
* add IP alias supportChris Buechler2008-04-141-1/+4
| | | | | | TODO: Remove IP aliases upon deletion Add "type" icon
* add IP alias supportChris Buechler2008-04-141-1/+16
| | | | | | TODO: Remove IP aliases upon deletion Add "type" icon
* correct logic.Ermal Luçi2008-04-111-6/+8
|
* Differentiate between shared key and pki on the GUI.Ermal Luçi2008-04-111-22/+33
| | | | Fix some errors with the javascript
* Fix some typos.Ermal Luçi2008-04-111-3/+5
|
* Destroy the interface before creating a new one.Ermal Luçi2008-04-111-0/+2
|
* ticket#1700: comment out the fix, it does not work for editing existing ↵Martin Fuchs2008-04-101-1/+3
| | | | entries. $_GET['act'] is not passed from pkg_edit to openvpn.inc... else the check would be easy...
* Destroy the interface propperly to not have problems when recreating them.Ermal Luçi2008-04-101-2/+2
|
* Bump dpd from 20 to 120Seth Mos2008-04-101-2/+2
|
* Really check isset() correctly.Scott Ullrich2008-04-101-1/+1
|
* Damn you textmate.Scott Ullrich2008-04-101-2/+2
|
* Add pointtopoint style interfaces to get_interfaces_with_gateway()Scott Ullrich2008-04-101-0/+4
|
* Add missing ppp array item.Scott Ullrich2008-04-101-1/+1
|
* fix ticket#1700 and also check for protocolMartin Fuchs2008-04-091-6/+5
|
* fix ticket#1700Martin Fuchs2008-04-091-1/+6
|
* If gateway isn't an IP (ie. it's in the gateways array), then get the IPBill Marquette2008-04-081-0/+2
|
* Make recently commited code readable.Scott Ullrich2008-04-081-31/+29
|
* fix typo.Ermal Luçi2008-04-081-1/+1
|
* Convert old openvpn server configs to new the new config way.Ermal Luçi2008-04-081-2/+50
|
* Change back to the interface naming for tun(4) devices to openvpnX.Ermal Luçi2008-04-081-5/+9
| | | | | | Openvpn allows this with the --dev-type and --dev-node arguments. Better read the manual page throughly next time thugh i would like it to be handled automatically but is not possible in Openvpn and FreeBSD devfs(5) currently.
* Propperly fix certificate file creation for openvpn in client mode.Ermal Luçi2008-04-071-1/+2
|
* Fix a double '/' in the pathname for which openvpn seems to error out.Ermal Luçi2008-04-071-2/+2
|
* Comment out for now the renaming of tun interfaces to openvpn.Ermal Luçi2008-04-071-3/+4
| | | | | Seems like openvpn code has "tun"/"tap" hardcoded and FreeBSD devfs does not keep track of such interface renaming thus you cannot get a file descriptor to renamed device as openvpn like application do. NOTE: devfs(5) seems to need a listener for network interface events so does the tun/tap device driver code.
* Remove debug messages that gave away info on why the login failedBill Marquette2008-04-071-10/+19
| | | | add failed and successful login messages to syslog
* Use DPD and frag support we already haveSeth Mos2008-04-051-0/+4
|
* OpenVPN: remove keepalive, its already hardcodedMartin Fuchs2008-04-051-2/+0
|
* OpenVPN: added keepalive and infinite resolver optionsMartin Fuchs2008-04-051-1/+5
|
* Make loginpage more themeable. Only theme that uses this so far is ↵Holger Bauer2008-04-051-318/+282
| | | | the_wall. Other themes look ugly now (only loginpage) but are usable. Will be fixed within the next day(s).
* OpenVPN: redirect-gateway: override instead of overwriteMartin Fuchs2008-04-041-2/+2
|
* OpenVPN: my fault... now its correct... the server pushes the commands...Martin Fuchs2008-04-041-2/+1
|
* OpenVPN: redirect-gateway added [for CSC]Martin Fuchs2008-04-031-1/+1
|
OpenPOWER on IntegriCloud