summaryrefslogtreecommitdiffstats
path: root/src/etc
Commit message (Collapse)AuthorAgeFilesLines
* adding privileges and separating DNS Resolver overrides from general settingsJoe2016-06-221-0/+8
| | | | (cherry picked from commit fc76a1e390c8ce9579df31457c74d1d0e572b78d)
* Force 4096 RSA keysJose Luis Duran2016-06-221-1/+1
| | | | | | | | Add option `-b 4096` to force the keys to 4096-bit. This parameter is ignored for Ed25519 keys. (cherry picked from commit 971257cbdf687c79943237b6c2f5e37c596318af)
* Harden sshd_configJose Luis Duran2016-06-221-16/+19
| | | | | | | The changes are better explained in the following article: https://stribika.github.io/2015/01/04/secure-secure-shell.html (cherry picked from commit dca77360ffe868327d82c20834eceb1079d5823b)
* Only call interfaces_vips_configure once if it's needed, rather than doing ↵Chris Buechler2016-06-211-1/+5
| | | | the same thing over and over for every VIP on an interface. Ticket #6515
* Fix styleChris Buechler2016-06-211-3/+5
|
* require_once auth.inc in vpn.inc since it uses functions from there, though ↵Chris Buechler2016-06-211-0/+1
| | | | normal use of the system won't require that, those who run certain things manually/custom may require it
* Only omit aggressive line from ipsec.conf where IKEv2. Ticket #6513Chris Buechler2016-06-211-1/+1
|
* Incorporated ssl changesStephen Beaver2016-06-211-0/+9
|
* Set kern.corefile, fixes #6510jim-p2016-06-211-1/+2
|
* Teach rc script to copy custom_logos over default oneRenato Botelho2016-06-201-0/+6
|
* Use escapeshellarg on shell calls in auth.inc. Ticket #6475jim-p2016-06-091-10/+18
|
* Add resetwebgui to developer shellPhil Davis2016-06-081-0/+26
| | | | | | | | | | This might be helpful to people if they have set the theme to something that they are having trouble displaying, reading... or enabled some widget that is not good or... It allows them to get back to a known-working dashboard state, from where they can try again with customizations. Having something like this was suggested by stilez in amongst discussion of features for https://github.com/pfsense/pfsense/pull/2989
* Implement pkg_valid_name()Renato Botelho2016-06-081-0/+8
|
* This needs a newlinejim-p2016-06-061-1/+1
|
* Set keepalive_timeout 0 where captive portal in use, and update otherwise to ↵Chris Buechler2016-06-031-1/+3
| | | | nginx's current default of 75. Ticket #6421
* Add a check to see if the file exists before running filesize on it, to ↵Chris Buechler2016-05-311-0/+5
| | | | avoid PHP error.
* Improve readabilityRenato Botelho2016-05-311-2/+10
|
* Do not call gettext() for the string used to match the place in file to ↵Renato Botelho2016-05-311-1/+1
| | | | start rewriting it
* Use 0 here if specified. Ticket #6413Chris Buechler2016-05-271-1/+1
|
* Fix this missed one.NOYB2016-05-251-1/+1
| | | | (cherry picked from commit f42ef69ab518237260a2e129cbdf391549c003ad)
* Firewall / Aliases / Edit - New URL Table Alias TypeNOYB2016-05-252-12/+12
| | | | | | Make the code cleaner and easier to follow by using the same alias type designations as config. (cherry picked from commit ebe833f6a9463b0e4add1d97c360af4a682d1add)
* Firewall / Aliases / Edit - New URL Table Alias TypeNOYB2016-05-252-3/+4
| | | | | | Need to pass alias type to process_alias_urltable() function when creating a new url table alias because it is not yet set/available from config. So the alias_get_type() function can't be successfully used yet. (cherry picked from commit 3b07f4feaf35e70700082240ef03966f74f5df97)
* Lower default LDAP timeout to 5 seconds. Idea from Sandeep1991 in PR 2971. ↵Chris Buechler2016-05-241-4/+4
| | | | Ticket #6367
* Set request_terminate_timeout to the same as max_execution_time in case ↵Chris Buechler2016-05-241-0/+1
| | | | something executed externally doesn't respond, to avoid hanging up all of php-fpm eventually. Ticket #6318 among other similar potential issues.
* Relax Suhosin to allow a 512M memory limitNewEraCracker2016-05-241-1/+1
|
* Set PHP's memory limit to 512M on 64 bit. Ticket #6364Chris Buechler2016-05-241-2/+2
|
* URL Table (Ports) File CommentsNOYB2016-05-241-1/+2
| | | | | | Fix for Bug #6395 that keeps full line comments of the downloaded file but strips them for the pf rules load. (cherry picked from commit e7e1e514607e7b017e5407326cfd7ddb439963d0)
* Remove calls which rely in uninitizalized varsNewEraCracker2016-05-201-3/+1
| | | | | | | | After analyzing implementations in RELENG_2_1 and RELENG_2_2, this code seems to be a left over after code rewrite Also remove a trailing space from comment (cherry picked from commit 0120cad84ea4dddd0c1501ecb41f2a082ea1e7d9)
* Add freeDNS v6 supportTechSmurf2016-05-201-1/+8
| | | | | FreeDNS IPv6 support confirmed working using same method as v4 with v6 source address. Simple second service with _useIPv6 (cherry picked from commit ac16181a2cfefec293e0562a7bfe8e2f7140e191)
* Add menu item for freeDNS v6TechSmurf2016-05-201-2/+2
| | | | (cherry picked from commit d102e2d5d3f238fa4f35a1d935366a2e6153804e)
* Removed global variables used on the version 2.2SilvioGiunge2016-05-201-17/+0
| | | | (cherry picked from commit d4af7f9e4a332278a80ba2a9c56df2064dc579d9)
* Bump version to 2.3.2-DEVELOPMENTRenato Botelho2016-05-161-1/+1
|
* Customize limiter info messagePhil Davis2016-05-161-3/+8
| | | | | | The $dn_default_shaper_msg is what is displayed on the Limiters tab. It needs to talk about "limiter" rather than "queue". This code builds up each message using the same base template sentences, inserting "queue" or "limiter" in the appropriate place. (cherry picked from commit aadc135856a0dc2cb131aeda3fd7bc44c11ab123)
* Fix script name in error logChris Buechler2016-05-151-1/+1
|
* Fix misspellings.Chris Buechler2016-05-151-3/+3
|
* Disable ipcomp regardless of config setting to avoid problem. Ticket #6167Chris Buechler2016-05-131-1/+2
|
* Silence mwexec output. Now that the groupdel actually works, it spams the ↵Chris Buechler2016-05-131-1/+1
| | | | log when group isn't found. Ticket #6352
* Unbound and dnsmasq can both be enabled so restart both if need bek-paulius2016-05-131-4/+6
|
* Fix scope for IPv6 link local gateway IPs. Ticket #6353Chris Buechler2016-05-131-1/+1
|
* Handle link local IPv6 gateways and default gateway switching correctly. ↵Chris Buechler2016-05-131-0/+11
| | | | Ticket #6258
* Don't start unbound in track6 config if system is booting. Add dnsmasq here ↵Chris Buechler2016-05-121-1/+5
| | | | as well. Based on PR 2943. Ticket #6186
* Use -g with groupdel when passing a GID. Ticket #6352Chris Buechler2016-05-121-1/+1
|
* Use proper IPsec enable test. Fixes #6351jim-p2016-05-121-1/+1
|
* Fix #6278Renato Botelho2016-05-121-3/+3
| | | | | | | | | $cpzone is always in lowercase, it's used as the array key used in config.xml. Use it in two cases where the $cp['zone'] was being wrongly used: - To find out zoneid - To replace PORTAL_ACTION url
* Store notices safely to prevent potential XSS when notices are displayed ↵Chris Buechler2016-05-121-5/+5
| | | | locally or by remote systems where they're shipped. Ticket #6154
* Fix package_reinstall_all post-upgrade when packages have been removed in ↵Chris Buechler2016-05-121-5/+5
| | | | pre_upgrade. Ticket #6137
* Tweak upgrade - Remove unused code and document changes betterNewEraCracker2016-05-112-10/+8
| | | | This will ensure a smooth upgrade for those running config 15.4 to any next version.
* Prefer index.php over index.html where both exist.Chris Buechler2016-05-111-1/+1
|
* Only execute remote search operation on first call of get_pkg_info(), this ↵Renato Botelho2016-05-111-0/+18
| | | | should fix #6177
* Revert "Add config upgrade code to update package names. Ticket #6118"Chris Buechler2016-05-112-14/+1
| | | | This reverts commit 291fad43870bdb39ef0ab32125b022e268a29cf7.
OpenPOWER on IntegriCloud