summaryrefslogtreecommitdiffstats
path: root/etc
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #1744 from phil-davis/patch-5Renato Botelho2015-07-151-1/+1
|\
| * Avoid error loading rules for numeric host name in aliasPhil Davis2015-07-121-1/+1
| | | | | | | | | | | | | | | | | | | | Create a host-type alias. Put just a number in "IP or FQDN" - e.g. I made alias name "Zqw" and a single host "23". The webGUI reports: There were error(s) loading the rules: /tmp/rules.debug:44: syntax error - The line in question reads [44]: table { 23 } and /tmp/rules.debug has: table <Zqw> { 23 } Zqw = "<Zqw>" which pf does not cope with. It is possible to have a host name that is a number, and end up with a domain name like 23.mycompany.com - unfortunately some Wally allowed such things in standards many years ago, so it can be rather difficult to tell the difference between a number and a host name. This change improves the check when looking through alias entries and deciding if they are meant to be a name or a "bottom-level" value (address, subnet, port, port range). Anything that ends up looking like a host name gets given to filterdns to sort out. "Names" like "23" now get given to filterdns instead of being put directly into the table in pf. This makes things happier. Even if filterdns cannot resolve "23", at least it tries and nothing barfs.
* | Fix GratisDNS supportmortencombat2015-07-141-2/+2
|/ | | The current implementation is not working for me, maybe the interface was changed by GratisDNS? I tested the update URL manually with the IP added ("&i=<ip>") which fixed the issue for me. Code adjusted to include IP.
* fix fsync, thanks Phil Davis for noticingChris Buechler2015-07-101-1/+1
|
* fix fsyncChris Buechler2015-07-101-1/+1
|
* fsync after fclose here, clean up some white space while here.Chris Buechler2015-07-101-2/+9
| | | | | Conflicts: etc/inc/config.lib.inc
* fsync conf_path here tooChris Buechler2015-07-101-0/+1
|
* fix typoChris Buechler2015-07-101-1/+1
|
* Make sure config.xml is safe on disk when restoring a backup, ticket #4803Renato Botelho2015-07-061-0/+1
|
* Make sure temporary config file is safe on disk before rename, ticket #4803Renato Botelho2015-07-061-1/+1
|
* Remove reference to vfs.forcesyncRenato Botelho2015-07-061-1/+0
|
* Use right function pfSense_fsync to make sure config file is safe on disk, ↵Renato Botelho2015-07-061-4/+2
| | | | ticket #4803
* fix includes so shellsession restartipsec works.Chris Buechler2015-07-051-0/+2
|
* remove debug.pfftpproxy, it no longer exists.Chris Buechler2015-07-041-1/+0
|
* Fix keyid identifers, and go back to using %any in ipsec.secrets as in ↵Chris Buechler2015-07-031-2/+4
| | | | previous versions, fixing a variety of other ID issues. Latter will break some mobile IPsec circumstances, fix for that to come after more testing. Ticket #4811
* Improve handling of port ranges in relayd, fixes #4810jim-p2015-07-011-1/+5
|
* Remove the unnecessary deletion of rc.conf. Add an empty rc.conf with aChris Buechler2015-07-013-6/+1
| | | | note so people don't think they should be using it.
* Simplify logic and use correct calls for install_packageRenato Botelho2015-07-012-21/+12
|
* Fix install_package() return for failureRenato Botelho2015-07-011-1/+1
|
* Stop using undefined variable and create a single package debug fileRenato Botelho2015-07-011-1/+1
|
* Improve debug messagesRenato Botelho2015-07-011-2/+5
|
* Fix call to undefined function read_pkg_configRenato Botelho2015-07-011-1/+1
|
* Only try to remove pkg if it's installed, otherwise just cleanup xml partRenato Botelho2015-07-011-1/+6
|
* Implement get_pkg_info()Renato Botelho2015-07-011-12/+40
|
* Make pkg_delete() more verboseRenato Botelho2015-07-011-2/+3
|
* Remove packages from cache after install, also add debug messagesRenato Botelho2015-07-011-2/+6
|
* Mute call to 'pkg info -e' used to check if pkg is installedRenato Botelho2015-07-011-1/+1
|
* Re-implement pkg_call() using proc_open() and stream_select() and also ↵Renato Botelho2015-07-011-4/+124
| | | | implement pkg_exec()
* pfsense-utils.inc is being required, there is no chance of update_status() ↵Renato Botelho2015-07-011-11/+2
| | | | and update_output_window() don't exist
* Make rc.packages deal with fcgicli callRenato Botelho2015-06-301-4/+16
|
* Use interface-automatic for Unbound when the interfaces list is empty (same ↵jim-p2015-06-261-0/+2
| | | | as All) otherwise it breaks with a default CARP config.
* Add D1540-XG.Matt Smith2015-06-231-0/+3
|
* Introduce Netgate RCC-DFF to the list of known platformsRenato Botelho2015-06-232-2/+8
|
* rereadall is not enough here, restore reload call to make sure everything ↵Renato Botelho2015-06-231-0/+1
| | | | works. Ticket #4785
* Replace ipsec rereadsecrets + reload by single rereadall, that will re-read ↵Renato Botelho2015-06-231-2/+1
| | | | also cert changes. Ticket #4785
* Instead of sending USR1, just call ipsec reload. And before it, call ipsec ↵Renato Botelho2015-06-231-1/+2
| | | | rereadsecrets to make sure new secretes are updated. It should fix #4785
* Partially revert 019ee2bc8c, this workaround is not necessary. Real fix will ↵Renato Botelho2015-06-231-8/+0
| | | | be committed after this
* Add a workaround for ticket #4785:Renato Botelho2015-06-231-4/+17
| | | | | | There was a regression on strongswan between 5.3.0 and 5.3.2 as reported at [1]. To workaround this issue, add an extra line on ipsec.secrets with right fqdn.
* Merge pull request #1728 from devnullity/patch-1Chris Buechler2015-06-231-1/+1
|\
| * Fix var name typo in shaper.inc Ben Cook2015-06-211-1/+1
| | | | | | Fix typo so get_bandwidthtype_scale can do more than default to "1".
* | Don't delete /var/tmp/, that was originally done to clear session data at ↵Chris Buechler2015-06-221-1/+0
| | | | | | | | boot, but no longer applicable as session data is no longer in /var/tmp/. Credit to 'aa' on opnsense forum.
* | Use $myid in ipsec.secrets. Ticket #4785Chris Buechler2015-06-221-2/+2
|/ | | | | Conflicts: etc/inc/vpn.inc
* Specify $myid rather than %any here, otherwise user manager and mobile PSKs ↵Chris Buechler2015-06-211-3/+4
| | | | | | | won't match. Ticket #4781 Conflicts: etc/inc/vpn.inc
* Ticket #4746 Correctly set global variables to be used by hostnames cod epathsErmal LUÇI2015-06-191-2/+2
|
* Add a GUI field to increase the pf frag entries limit. Fixes ticket #4775jim-p2015-06-181-0/+5
|
* chmod +x hostidChris Buechler2015-06-181-0/+0
|
* Blacklist invalid "from" sources since they can be picked up accidentally ↵jim-p2015-06-171-1/+3
| | | | and cause rule errors. Fixes #4772
* Add load_balancer_relay_* to obsolete files. They were removed from the ↵jim-p2015-06-161-0/+4
| | | | master branch already.
* Remove the GUI for the pc-sysinstaller as well and add it to obsoletee filesErmal LUÇI2015-06-151-0/+3
|
* Code spacingPhil Davis2015-06-1534-279/+297
| | | | | | | and other random stuff I noticed. I think this finishes messing with code style. The codebase should match the developer style guide closely enough that 99.9% of changes will not feel the need to also massage the formatting.
OpenPOWER on IntegriCloud