| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
(cherry picked from commit 7bba13e8d53adfe4beb03c8444e60848ae6e25e9)
|
|
|
|
| |
https://forum.pfsense.org/index.php?topic=114570.0
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
dpinger stopps with an error when the socketname exceeds over
(around) 100 characters. The dpinger will not start and not deliver
monitoring results to the WebUI.
These long socket names can get created when using link-local addresses
and long gateway names / interface scopes.
See Ticket 6505
|
|
|
|
|
|
|
| |
Currently underscores are used to seperate gwifip, monitorip, etc, but
underscors are also used in vlan subinterfaces like em0_vlan10 and
therefore can't be used because the interface scope is appended to IPv6
link-local addresses.
|
|
|
|
| |
set_sysctl out if the block where it only gets run if dummynet isn't already loaded. Ticket #6553
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The existing regex here is wrong, it matches 0 or more of the hex digits but then there can be other rubbish in the string, in fact anything at all! It matches "az", "z", "qwerty" and so on. So the "return false" inside this "if" never happens.
In most cases the later code catches problems, because it converts the string from hex to decimal (and things like "z" end up as decimal 0), then it does some back-conversion of the answer to hex and realizes something is different and so does not count the entry as one of the needed 8 valid segments of the IPv6 address.
This goes wrong if the user supplies a string with 8 valid IPv6 hex pieces and 1 or more extra invalid ones anywhere in the list. In that case the code finds 8 good chunks and thinks that all is well.
Try using the pfSense is_ipaddrv6() with strings like:
$ipaddr = "1:2:3:4:5:6:7:z:a";
$ret = is_ipaddrv6($ipaddr);
var_dump($ret);
That returns true - which is not good!
You can put the invalid items anywhere you like, as long as you have 8 valid items, such as:
"1:2:3:xy:4:5:6:7:8"
"gh:1:2:3:xy:4:5:6:7:8"
"1:2:3:xy:4:5:6:7:8:qw"
This change makes this initial validity check on the characters actually work, so it avoids the later code having to deal with that at all.
(cherry picked from commit 8a950b3c3765f5349983130611354bfead0abafb)
|
|
|
|
|
|
|
|
|
| |
The usage of require() and require_once() throughout the system is
inconsistent, and "bugs" come up now and then when the order of
"requires" is a bit different and some require() happens after the
include file is already included/required.
It seems to me that there is no harm at all in always using
require_once().
|
| |
|
| |
|
|
|
|
| |
Ticket #6506
|
|
|
|
|
|
| |
settings"
This reverts commit fc76a1e390c8ce9579df31457c74d1d0e572b78d.
|
|
|
|
| |
(cherry picked from commit 40d7e4bee91246db09cc88141869abcd37390bc7)
|
|
|
|
|
| |
Function isn't used in main or packages repo, and in any case would need a complete rewrite to handle IPv6.
(cherry picked from commit 6215902c4043726e633fcfac1c37c710ac398653)
|
|
|
|
|
|
| |
With this change single-quotes are applied in correct places
(cherry picked from commit 08cd022545be58a46b860500ff81bbe7438b6304)
|
|
|
|
| |
(cherry picked from commit 70381d4803b9424c1a3f3ef518d8243062452d77)
|
|
|
|
| |
(cherry picked from commit cf63f1638aab685cc956502f5ddd862a10bf3ff8)
|
|
|
|
|
|
|
| |
1) Function can be simplified and all "if" statements removed, using intdiv (or casting result as int for PHP < 7) and % for calcs and sprintf for padding.
2) Input validity check before trying to convert format
3) If time represented is large (eg uptime might be several months) then hours becomes unhelpful, it's clearer to show "4921:02:06" as "205d 01:02:06". (Leading "days" value not shown unless >=1 for simplicity)
(cherry picked from commit 0bde6d1057ed39c8ef650a5a505cf9ae5eb7199e)
|
|
|
|
| |
(cherry picked from commit 01b5410ae8391998ba560d40f447c7f556472c5b)
|
|
|
|
|
| |
At the same time the platform is being detected for PHP/GUI purposes, set the default number of backups. Also handle the case where (for any reason) detection fails, which it shouldn't, so the variables are still created
(cherry picked from commit 09a283948eada745bc10b852e63b7dec50fb69d4)
|
|
|
|
|
|
|
|
|
| |
Add key lengths to the OpenVPN options, for asymmetric keys of size 3072 (for current use), 7680, 15360 (for long term resistance), 8192 and 16384 (common binary exponents).
These are both supported by OpenVPN anyhow, and for certain uses are currently recommended (eg long term resistance to replay/decryption). See keylength.com for citations.
This PR would only affect OpenVPN, and OpenVPN supports these key sizes, so should not cause any issue.
(cherry picked from commit 0693c96797f7d5dfa097d24070e2bd4c9528d0e7)
|
|
|
|
| |
(cherry picked from commit 1322ee22354f1a6e184819fb7009a2996b63de97)
|
|
|
|
|
|
| |
(PR 2901)
(cherry picked from commit 2bd0585e30e5ec8fc3b79ca3f579bf9a7c1bcbc8)
|
|
|
|
| |
(cherry picked from commit fc76a1e390c8ce9579df31457c74d1d0e572b78d)
|
|
|
|
| |
the same thing over and over for every VIP on an interface. Ticket #6515
|
| |
|
|
|
|
| |
normal use of the system won't require that, those who run certain things manually/custom may require it
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
nginx's current default of 75. Ticket #6421
|
| |
|
|
|
|
| |
(cherry picked from commit f42ef69ab518237260a2e129cbdf391549c003ad)
|
|
|
|
|
|
| |
Make the code cleaner and easier to follow by using the same alias type designations as config.
(cherry picked from commit ebe833f6a9463b0e4add1d97c360af4a682d1add)
|
|
|
|
|
|
| |
Need to pass alias type to process_alias_urltable() function when creating a new url table alias because it is not yet set/available from config. So the alias_get_type() function can't be successfully used yet.
(cherry picked from commit 3b07f4feaf35e70700082240ef03966f74f5df97)
|
|
|
|
| |
Ticket #6367
|
| |
|
|
|
|
|
|
| |
The $dn_default_shaper_msg is what is displayed on the Limiters tab. It needs to talk about "limiter" rather than "queue".
This code builds up each message using the same base template sentences, inserting "queue" or "limiter" in the appropriate place.
(cherry picked from commit aadc135856a0dc2cb131aeda3fd7bc44c11ab123)
|
| |
|
| |
|
| |
|
|
|
|
| |
log when group isn't found. Ticket #6352
|
| |
|
| |
|
|
|
|
| |
Ticket #6258
|
|
|
|
| |
as well. Based on PR 2943. Ticket #6186
|
| |
|
|
|
|
|
|
|
|
|
| |
$cpzone is always in lowercase, it's used as the array key used in
config.xml. Use it in two cases where the $cp['zone'] was being wrongly
used:
- To find out zoneid
- To replace PORTAL_ACTION url
|