Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Correct a typo that could cause problems for openvpn if a client specific | Matthew Grooms | 2008-08-30 | 1 | -1/+1 |
| | | | | | override existed. A space was omitted in the listtags array which was causing the openvpn-csc tag to be merged with the following field. | ||||
* | When upgrading a configuration, validate openvpn configuration entries as | Matthew Grooms | 2008-08-30 | 1 | -0/+9 |
| | | | | arrays before treating them as such. | ||||
* | Spelling correction | Scott Ullrich | 2008-08-30 | 1 | -2/+2 |
| | |||||
* | * Output if SSH is enabled | Scott Ullrich | 2008-08-30 | 2 | -1/+8 |
| | | | | * Kill SSH server but leave open ssh sessions | ||||
* | Output file we are copying. Somehow it appears that niftyjsCode.js | Scott Ullrich | 2008-08-30 | 1 | -1/+1 |
| | | | | is failing to copy. | ||||
* | Ignore return text on sysctl commands | Scott Ullrich | 2008-08-30 | 1 | -7/+7 |
| | |||||
* | * Add nohaltonerror() (default is to halt on error) | Scott Ullrich | 2008-08-30 | 1 | -7/+16 |
| | | | | | * Add sethaltonerror() * Cleanup error on text handling | ||||
* | Add $Id: $ | Scott Ullrich | 2008-08-30 | 1 | -1/+1 |
| | |||||
* | Convert CARP interface related code to use CmdCHAIN for easier debugging. | Scott Ullrich | 2008-08-30 | 1 | -41/+54 |
| | |||||
* | Revert commits | Scott Ullrich | 2008-08-29 | 1 | -2/+2 |
| | |||||
* | Turn back on console | Scott Ullrich | 2008-08-29 | 1 | -4/+3 |
| | |||||
* | Revert commit, it appears the console is no longer spawning | Scott Ullrich | 2008-08-29 | 1 | -2/+2 |
| | |||||
* | Store the OpenVPN system DH parameters contents in the config.xml file so | Matthew Grooms | 2008-08-29 | 1 | -6/+29 |
| | | | | | it is not generated each time on embedded systems. Problem reported by Scott. | ||||
* | Imports ttys changes from m0n0wall | Scott Ullrich | 2008-08-29 | 1 | -2/+3 |
| | |||||
* | Add rum wireless interface that is supported now in 7.x | Scott Ullrich | 2008-08-29 | 1 | -1/+1 |
| | | | | http://forum.pfsense.org/index.php/topic,10581.0.html | ||||
* | Correct some of the logic in the get_vpns_list() that was committed in the | Matthew Grooms | 2008-08-28 | 1 | -5/+6 |
| | | | | last revision. | ||||
* | Do not rdr tftp to tftp-proxy for local vpns for both tcp and udp. This | Scott Ullrich | 2008-08-28 | 1 | -1/+1 |
| | | | | fixes the long standing bug of my voip phones being broken. | ||||
* | Unbreak FTP when using IPSEC VPN's. | Scott Ullrich | 2008-08-28 | 1 | -6/+6 |
| | |||||
* | Bring in relay options for inbound load balancer | Bill Marquette | 2008-08-28 | 2 | -20/+88 |
| | | | | | More work pending, this seems to generate proper configs needs much more testing though | ||||
* | Add support for export and import of encrypted configuration files. A set | Matthew Grooms | 2008-08-28 | 2 | -0/+103 |
| | | | | | of command line utilities for encypting and decrypting the files format is available from the tools/config-crypto directory. | ||||
* | Replace the old openvpn status page with a new implementation. We now add | Matthew Grooms | 2008-08-27 | 1 | -1/+4 |
| | | | | | | | | a tcp management port option to each OpenVPN server. Instead of rooting through the OpenVPN logs once a minute for status updates, we now submit a request to the management port to obtain informaiton. We probably need to add a pf rule to prevent management ports from being accessed by unwanted processes. | ||||
* | Correct some problems with the filter code where we were calling foreach | Matthew Grooms | 2008-08-27 | 2 | -63/+79 |
| | | | | | | | | | | | on data that wasn't necessarily a valid array. Modify the OpenVPN code to stop passing the array index around and then immediately obtaining a reference to the array entry. We already have a reference to the data, just pass it instead. Also add some check to make certain tap configuration steps more conditional. Make sure we remove configuration and pid files when they are no longer required. Fix a few other OpenVPN related bugs. | ||||
* | Set some important default values for the new OpenVPN interface screens. | Matthew Grooms | 2008-08-26 | 1 | -2/+30 |
| | | | | | Add functions and interface code to handle local port conflict detection and resolution. | ||||
* | Update the privilege definitions using the makepriv utility. | Matthew Grooms | 2008-08-26 | 1 | -122/+116 |
| | |||||
* | Dump the per-configuration dh parameters data. It make no sense to keep | Matthew Grooms | 2008-08-26 | 2 | -4/+23 |
| | | | | | | | | | | this information in the configuration as its not specific to the server. It only contains the parameters ( a safe large prime number ) that is used during a DH key exchange. Instead, we now use a system wide dh file that is generated when the /var/etc/openvpn directory is setup. This shaves 10 to 30 seconds off of the server config creation process. Also correct a bug in the hack I added to work around carp related issues that prevented filter re-configuration from working properly. | ||||
* | Rework most of the OpenVPN support. The interfaces have been updated to | Matthew Grooms | 2008-08-26 | 6 | -684/+564 |
| | | | | | | | | | | not use the pkg system and the configuration has been migrated to an openvpn prefix. The centralized user and certificate manager is now used to support the openvpn configurations. Most of the files removed in this commit were not being referenced. This commit also splits out the certificate management components into a new system menu item. | ||||
* | Add fourth parameter NOBACKUP | Scott Ullrich | 2008-08-23 | 1 | -6/+11 |
| | |||||
* | Import format_bytes() from m0n0wall | Scott Ullrich | 2008-08-23 | 1 | -1/+13 |
| | |||||
* | Update altq capable interfaces for 7.0 | Scott Ullrich | 2008-08-23 | 1 | -3/+4 |
| | |||||
* | Update spamd entries | Scott Ullrich | 2008-08-23 | 1 | -2/+3 |
| | |||||
* | Move is_wan_up() after the routing is configured. | Scott Ullrich | 2008-08-19 | 1 | -3/+3 |
| | |||||
* | Move ntpdate function down a bit after routing is configured. | Scott Ullrich | 2008-08-19 | 1 | -3/+3 |
| | |||||
* | Eliminate very annoying message on bootup "No process found". | Scott Ullrich | 2008-08-19 | 1 | -2/+3 |
| | |||||
* | Fix some bugs in the pf filter generation code. If a user rule specified | Matthew Grooms | 2008-08-19 | 1 | -67/+51 |
| | | | | | | | | a destination of lan, pptp or pppoe, generate_user_filter_rule() would overwrite the source address instead of setting the destination address. The OpenVPN interface alias configuration was completely broken which prevented any user defined rules from working correctly. While here, also perform some whitespace and simple code cleanup. | ||||
* | Commit changes submit by Rajkumar S: | Scott Ullrich | 2008-08-18 | 1 | -9/+15 |
| | | | | Checks for file named /nanobuild and invokes /etc/rc.initdiskless if found, otherwise it follows the normal embedded bootup. | ||||
* | Enable tcpmssfix option to mpd on pppoe case which allows things like Msn ↵ | Ermal Luçi | 2008-08-14 | 1 | -0/+1 |
| | | | | Messenger or site like msn.com to behave correctly otherwise communication problems arise. | ||||
* | Bring the bridge checks up to date with the bridge changes. | Ermal Luçi | 2008-08-13 | 1 | -6/+8 |
| | |||||
* | Remove duplicate function portal_mac_fixed() | Scott Ullrich | 2008-08-12 | 1 | -18/+18 |
| | |||||
* | Simplify mod_expire statement | Scott Ullrich | 2008-08-12 | 1 | -6/+1 |
| | |||||
* | Do a better job of re-assigning admin privileges when the password reset | Matthew Grooms | 2008-08-11 | 1 | -2/+3 |
| | | | | menu option is used. Reported by Scott and Chris. | ||||
* | Implement a certificate authority and certificate webui that can be used | Matthew Grooms | 2008-08-09 | 3 | -5/+236 |
| | | | | | | | | | | | | | | | | | | | | | to centrally manage this data. There are no consumers at this time. This interface allow for the following ... Certificate Authority Manager: - List certificates authorities - Import existing certificate authority - Create internal certificate authority Certificate Manager: - List certificates - Import existing certificate - Create internal certificate using an internal CA - Generate certificate signing request for external CAs - Process certificate signing response from external CAs Certificate revocation is not currently implemented. The user system will also be extended to allow for user specific certificate management in a follow-up commit. | ||||
* | fix typo: http://forum.pfsense.org/index.php/topic,10847.0.html | Martin Fuchs | 2008-08-08 | 1 | -1/+1 |
| | |||||
* | Now that we have given the mhash extension a bit of time to settle into | Matthew Grooms | 2008-08-06 | 1 | -6/+5 |
| | | | | the tree, enable nthash password generation. | ||||
* | Adding php5-openssl | Scott Ullrich | 2008-08-06 | 1 | -0/+1 |
| | |||||
* | If anybody needs plip(4) notify me! | Ermal Luçi | 2008-08-05 | 1 | -1/+2 |
| | |||||
* | This check is needed to prevent php oddities with arrays and strange ↵ | Ermal Luçi | 2008-08-05 | 1 | -0/+2 |
| | | | | behaviour of count and empty! As commit fixes errors with not configured openvpn. | ||||
* | Try to do better sanity checks. | Ermal Luçi | 2008-08-05 | 1 | -5/+7 |
| | |||||
* | Rename the bridge knob to bridged so that the upgrade code works correctly ↵ | Ermal Luçi | 2008-08-05 | 3 | -5/+5 |
| | | | | and we play by the rules of the parser. | ||||
* | Silence warnings generated by pw during configuration update. Requested by | Matthew Grooms | 2008-08-05 | 2 | -10/+15 |
| | | | | Scott. | ||||
* | Update latest config! | Ermal Luçi | 2008-08-05 | 1 | -1/+1 |
| |