summaryrefslogtreecommitdiffstats
path: root/etc
Commit message (Collapse)AuthorAgeFilesLines
* Correct a typo that could cause problems for openvpn if a client specificMatthew Grooms2008-08-301-1/+1
| | | | | override existed. A space was omitted in the listtags array which was causing the openvpn-csc tag to be merged with the following field.
* When upgrading a configuration, validate openvpn configuration entries asMatthew Grooms2008-08-301-0/+9
| | | | arrays before treating them as such.
* Spelling correctionScott Ullrich2008-08-301-2/+2
|
* * Output if SSH is enabledScott Ullrich2008-08-302-1/+8
| | | | * Kill SSH server but leave open ssh sessions
* Output file we are copying. Somehow it appears that niftyjsCode.jsScott Ullrich2008-08-301-1/+1
| | | | is failing to copy.
* Ignore return text on sysctl commandsScott Ullrich2008-08-301-7/+7
|
* * Add nohaltonerror() (default is to halt on error)Scott Ullrich2008-08-301-7/+16
| | | | | * Add sethaltonerror() * Cleanup error on text handling
* Add $Id: $Scott Ullrich2008-08-301-1/+1
|
* Convert CARP interface related code to use CmdCHAIN for easier debugging.Scott Ullrich2008-08-301-41/+54
|
* Revert commitsScott Ullrich2008-08-291-2/+2
|
* Turn back on consoleScott Ullrich2008-08-291-4/+3
|
* Revert commit, it appears the console is no longer spawningScott Ullrich2008-08-291-2/+2
|
* Store the OpenVPN system DH parameters contents in the config.xml file soMatthew Grooms2008-08-291-6/+29
| | | | | it is not generated each time on embedded systems. Problem reported by Scott.
* Imports ttys changes from m0n0wallScott Ullrich2008-08-291-2/+3
|
* Add rum wireless interface that is supported now in 7.xScott Ullrich2008-08-291-1/+1
| | | | http://forum.pfsense.org/index.php/topic,10581.0.html
* Correct some of the logic in the get_vpns_list() that was committed in theMatthew Grooms2008-08-281-5/+6
| | | | last revision.
* Do not rdr tftp to tftp-proxy for local vpns for both tcp and udp. ThisScott Ullrich2008-08-281-1/+1
| | | | fixes the long standing bug of my voip phones being broken.
* Unbreak FTP when using IPSEC VPN's.Scott Ullrich2008-08-281-6/+6
|
* Bring in relay options for inbound load balancerBill Marquette2008-08-282-20/+88
| | | | | More work pending, this seems to generate proper configs needs much more testing though
* Add support for export and import of encrypted configuration files. A setMatthew Grooms2008-08-282-0/+103
| | | | | of command line utilities for encypting and decrypting the files format is available from the tools/config-crypto directory.
* Replace the old openvpn status page with a new implementation. We now addMatthew Grooms2008-08-271-1/+4
| | | | | | | | a tcp management port option to each OpenVPN server. Instead of rooting through the OpenVPN logs once a minute for status updates, we now submit a request to the management port to obtain informaiton. We probably need to add a pf rule to prevent management ports from being accessed by unwanted processes.
* Correct some problems with the filter code where we were calling foreachMatthew Grooms2008-08-272-63/+79
| | | | | | | | | | | on data that wasn't necessarily a valid array. Modify the OpenVPN code to stop passing the array index around and then immediately obtaining a reference to the array entry. We already have a reference to the data, just pass it instead. Also add some check to make certain tap configuration steps more conditional. Make sure we remove configuration and pid files when they are no longer required. Fix a few other OpenVPN related bugs.
* Set some important default values for the new OpenVPN interface screens.Matthew Grooms2008-08-261-2/+30
| | | | | Add functions and interface code to handle local port conflict detection and resolution.
* Update the privilege definitions using the makepriv utility.Matthew Grooms2008-08-261-122/+116
|
* Dump the per-configuration dh parameters data. It make no sense to keepMatthew Grooms2008-08-262-4/+23
| | | | | | | | | | this information in the configuration as its not specific to the server. It only contains the parameters ( a safe large prime number ) that is used during a DH key exchange. Instead, we now use a system wide dh file that is generated when the /var/etc/openvpn directory is setup. This shaves 10 to 30 seconds off of the server config creation process. Also correct a bug in the hack I added to work around carp related issues that prevented filter re-configuration from working properly.
* Rework most of the OpenVPN support. The interfaces have been updated toMatthew Grooms2008-08-266-684/+564
| | | | | | | | | | not use the pkg system and the configuration has been migrated to an openvpn prefix. The centralized user and certificate manager is now used to support the openvpn configurations. Most of the files removed in this commit were not being referenced. This commit also splits out the certificate management components into a new system menu item.
* Add fourth parameter NOBACKUPScott Ullrich2008-08-231-6/+11
|
* Import format_bytes() from m0n0wallScott Ullrich2008-08-231-1/+13
|
* Update altq capable interfaces for 7.0Scott Ullrich2008-08-231-3/+4
|
* Update spamd entriesScott Ullrich2008-08-231-2/+3
|
* Move is_wan_up() after the routing is configured.Scott Ullrich2008-08-191-3/+3
|
* Move ntpdate function down a bit after routing is configured.Scott Ullrich2008-08-191-3/+3
|
* Eliminate very annoying message on bootup "No process found".Scott Ullrich2008-08-191-2/+3
|
* Fix some bugs in the pf filter generation code. If a user rule specifiedMatthew Grooms2008-08-191-67/+51
| | | | | | | | a destination of lan, pptp or pppoe, generate_user_filter_rule() would overwrite the source address instead of setting the destination address. The OpenVPN interface alias configuration was completely broken which prevented any user defined rules from working correctly. While here, also perform some whitespace and simple code cleanup.
* Commit changes submit by Rajkumar S:Scott Ullrich2008-08-181-9/+15
| | | | Checks for file named /nanobuild and invokes /etc/rc.initdiskless if found, otherwise it follows the normal embedded bootup.
* Enable tcpmssfix option to mpd on pppoe case which allows things like Msn ↵Ermal Luçi2008-08-141-0/+1
| | | | Messenger or site like msn.com to behave correctly otherwise communication problems arise.
* Bring the bridge checks up to date with the bridge changes.Ermal Luçi2008-08-131-6/+8
|
* Remove duplicate function portal_mac_fixed()Scott Ullrich2008-08-121-18/+18
|
* Simplify mod_expire statementScott Ullrich2008-08-121-6/+1
|
* Do a better job of re-assigning admin privileges when the password resetMatthew Grooms2008-08-111-2/+3
| | | | menu option is used. Reported by Scott and Chris.
* Implement a certificate authority and certificate webui that can be usedMatthew Grooms2008-08-093-5/+236
| | | | | | | | | | | | | | | | | | | | | to centrally manage this data. There are no consumers at this time. This interface allow for the following ... Certificate Authority Manager: - List certificates authorities - Import existing certificate authority - Create internal certificate authority Certificate Manager: - List certificates - Import existing certificate - Create internal certificate using an internal CA - Generate certificate signing request for external CAs - Process certificate signing response from external CAs Certificate revocation is not currently implemented. The user system will also be extended to allow for user specific certificate management in a follow-up commit.
* fix typo: http://forum.pfsense.org/index.php/topic,10847.0.htmlMartin Fuchs2008-08-081-1/+1
|
* Now that we have given the mhash extension a bit of time to settle intoMatthew Grooms2008-08-061-6/+5
| | | | the tree, enable nthash password generation.
* Adding php5-opensslScott Ullrich2008-08-061-0/+1
|
* If anybody needs plip(4) notify me!Ermal Luçi2008-08-051-1/+2
|
* This check is needed to prevent php oddities with arrays and strange ↵Ermal Luçi2008-08-051-0/+2
| | | | behaviour of count and empty! As commit fixes errors with not configured openvpn.
* Try to do better sanity checks.Ermal Luçi2008-08-051-5/+7
|
* Rename the bridge knob to bridged so that the upgrade code works correctly ↵Ermal Luçi2008-08-053-5/+5
| | | | and we play by the rules of the parser.
* Silence warnings generated by pw during configuration update. Requested byMatthew Grooms2008-08-052-10/+15
| | | | Scott.
* Update latest config!Ermal Luçi2008-08-051-1/+1
|
OpenPOWER on IntegriCloud