summaryrefslogtreecommitdiffstats
path: root/etc
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #1340 from phil-davis/patch-5Renato Botelho2014-11-171-6/+14
|\
| * Improve test in unbound_add_domain_overridesPhil Davis2014-11-171-1/+1
| | | | | | Actually the test condition happened to work OK! But this change makes it easier to understand what is really intended.
| * Handle reverse-lookup zones for unboundPhil Davis2014-11-161-6/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | By default unbound returns nothing for private reverse lookups. Here is some information about that from https://www.unbound.net/documentation/unbound.conf.html -------- The default zones are localhost, reverse 127.0.0.1 and ::1, and the AS112 zones. The AS112 zones are reverse DNS zones for private use and reserved IP addresses for which the servers on the internet cannot pro- vide correct answers. They are configured by default to give nxdomain (no reverse information) answers. The defaults can be turned off by specifying your own local-zone of that name, or using the 'nodefault' type. Below is a list of the default zone contents. -------- Just specifying 'nodefault' did not work. I found other threads where people used this in unbound.conf -------- local-zone: "49.10.in-addr.arpa" typetransparent -------- Note that it works specifying the domain override with or without a final "." So the code here checks for the special cases of ".in-addr.arpa" and ".in-addr.arpa." at the end of a domain override name. With this code my domain override entries for private reverse lookups work.
* | Unbound improvements and fixes, ticket #4011:Renato Botelho2014-11-171-102/+29
| | | | | | | | | | | | | | - Create dhcpleases_entries.conf, feed by dhcpleases - Do not read lines created by dhcpleases from /etc/hosts to populate host_entries.conf - Simplify logic for host_entries.conf creation
* | Take unbound into consideration when creating /etc/hosts, also use new ↵Renato Botelho2014-11-171-10/+16
| | | | | | | | unbound parameters for dhcpleases when it's necessary, helps ticket #4011
* | Use the name entry now that there is a definition for itErmal2014-11-171-1/+1
| |
* | Fix the generation of certificates for rsa type. strpos returns the pos as 0 ↵Ermal2014-11-171-1/+1
| | | | | | | | for rsasig but it php considers that as false anyhow
* | add the last few missed files to obsoletedfiles list. Ticket #3970Chris Buechler2014-11-161-0/+18
| |
* | Properly handle CARP IP binding in dnsmasq post-changes for FreeBSD 10.x ↵Chris Buechler2014-11-161-0/+4
| | | | | | | | CARP. Ticket #4012
* | show tunnelv4 on v4 the same way tunnelv6 is shown on v6Chris Buechler2014-11-161-0/+1
| |
* | show tunnelv4 on v4 the same way tunnelv6 is shown on v6Chris Buechler2014-11-161-1/+2
|/
* Don't try to clear states to gateway, all that does is wipe the entire state ↵Chris Buechler2014-11-161-5/+0
| | | | table unnecessarily. rc.newwanip takes care of killing states appropriately as needed when an IP changes.
* show user that something is actually happening when they choose php-fpm_restartChris Buechler2014-11-151-0/+2
|
* fix Unbound Advanced optionsChris Buechler2014-11-151-1/+2
|
* if unbound is enabled, assign interface IP as DNS, same behavior as dnsmasqChris Buechler2014-11-151-0/+2
|
* fix missing strpos parameterChris Buechler2014-11-151-1/+1
|
* Make sure dhcpleases use correct pid file for dnsmasq or unbound. Fixes #4008Renato Botelho2014-11-141-12/+22
|
* Obsolete a lot of files forgotten during all last pfSense versions. It fixes ↵Renato Botelho2014-11-141-39/+1046
| | | | #3970
* sort obsoletedfilesRenato Botelho2014-11-141-85/+85
|
* geom part list no longer lists empty disks, compensate where needed.jim-p2014-11-131-0/+10
| | | | Also, while I'm here, fixup copyright.
* Merge pull request #1336 from phil-davis/patch-4Renato Botelho2014-11-131-22/+27
|\
| * Implement advanced settings in unbound.confPhil Davis2014-11-131-22/+27
| | | | | | | | The settings are made in the Advanced tab in the GUI and are stored in the config. Now actually implement them in unbound.conf
* | Subnet parameter is mandatory for pfSense_ipfw_Tableaction(), add where it's ↵Renato Botelho2014-11-131-4/+6
|/ | | | missing
* Fix logic to find available next number for limiters and queues. It fixes #3998Renato Botelho2014-11-131-2/+2
|
* Add an extra protection to avoid having an empty group createdRenato Botelho2014-11-131-1/+1
|
* Oops wrong choice the checkbox is only for javascriptErmal2014-11-121-1/+1
|
* Remove redundant code and check for dpd_enable checkbox to be setErmal2014-11-121-3/+2
|
* Only create missing ssh keys, do not overwrite existing ones. It fixes #4003Renato Botelho2014-11-121-40/+39
|
* Use route command directly rather than trying to make a route search on php ↵Ermal2014-11-121-32/+17
| | | | thorugh netstat. It Fixes #4000
* Revert "Make phase1_status function wok whnever there is a smp dump. This ↵Ermal2014-11-121-9/+2
| | | | | | should unbreak Ticket #3955" This reverts commit 694d368d818508a40bdef4f1a3f64b414b11c442.
* remove this log, it's never logged anything useful that I've seen, and ↵Chris Buechler2014-11-121-1/+1
| | | | unnecessarily spams the secondary's system log on every config sync.
* hn(4) is ALTQ-capable, mark as such.Chris Buechler2014-11-111-1/+1
|
* Make phase1_status function wok whnever there is a smp dump. This should ↵Ermal2014-11-111-2/+9
| | | | unbreak Ticket #3955
* Actually require group name!Ermal2014-11-111-1/+1
|
* Do not do operations for empty group membersErmal2014-11-111-1/+4
|
* Do not do this during bootErmal2014-11-111-10/+12
|
* Use leftcert for more options on IPsec authenticationErmal2014-11-111-0/+6
|
* Ticket #3967 also sync other vip types that can be synched.Ermal2014-11-111-1/+1
|
* Fixes #3967, properly resolve interfaceErmal2014-11-111-2/+2
|
* Set proxy env vars on interactive shell and also on crontab to make all ↵Renato Botelho2014-11-111-0/+7
| | | | scripts be able to use it. Ticket #3789
* Revert "Ticket #3789. Put a start at using the proxyurl/proxyport from ↵Renato Botelho2014-11-111-8/+0
| | | | | | system configured settings for bogons. It still does not consider the user/pass configured" This reverts commit 664adf3845cf1df89769bb0ed5fc113048e0912e.
* touch up textChris Buechler2014-11-111-2/+2
|
* Change copyright statement to reflect realityJim Thompson2014-11-106-0/+6
|
* Strengthen checkErmal2014-11-101-1/+1
|
* Compare the right things here.Ermal2014-11-101-3/+5
|
* Do not require the default sysctl items to be set on the config.xml but ↵Ermal2014-11-102-9/+48
| | | | rather extract the definitions from the sysctl tree. Also to reduce config.xml size
* Retire flowtable_configure as a useless code since its not in kernelErmal2014-11-101-30/+0
|
* Actually make default sysctls reside on globals.inc and use those by default ↵Ermal2014-11-102-10/+7
| | | | this allows to trim down the config.xml sysctl and also fixes #3666 by setting set source interface on reply of icmp
* Tighten checks here to avoid overriding the default gw with garbageErmal2014-11-101-8/+8
|
* Make some more useful checks hereErmal2014-11-101-2/+2
|
OpenPOWER on IntegriCloud