summaryrefslogtreecommitdiffstats
path: root/src/etc
Commit message (Collapse)AuthorAgeFilesLines
* add dhcpd rrd graphheper2015-11-061-1/+42
|
* Removed simplepie files (and update obsoleted files list)Stephen Beaver2015-11-063-13689/+2
|
* Copyright updates ( 3 of 3)Stephen Beaver2015-11-062-2/+6
|
* A new fix for #4130:Renato Botelho2015-11-031-2/+10
| | | | | | | | | | | | The fix added for this bug, that check xml file size is < 200 to decide if file must or not be read created a new issue, single entry is not showed. Instead of doing this, check parse_xml_config() return and return empty array when it's -1 While here, prevent errors saying parse_xml_config() doesn't exist and make sure xmlparse.inc is required
* Only call pfSense_ipsec_list_sa() when IPsec is enabledRenato Botelho2015-11-031-0/+13
|
* changes for #5219 accidentally reverted unrelated changes made by other ↵Matt Smith2015-11-031-30/+6
| | | | commits. Restore those & remove some dead code that was commented out.
* Don't allow IPsec mobile clients user auth source to not be a RADIUS server ifMatt Smith2015-11-031-6/+43
| | | | | the phase1 auth method is EAP-RADIUS. Properly handle selection of multiple RADIUS servers when using EAP-RADIUS. Fixes #5219.
* Restore ipsec_dump_spd() accidentally removed on ↵Renato Botelho2015-11-031-0/+54
| | | | 7fcd5ea8bb2e7c9c94e1f38008fc3da440eb14e8. Pointy hat to: garga
* Retire ipsec_smp_dump_status()Renato Botelho2015-11-031-101/+0
|
* Filter log dynamic pass/block buttonPhil Davis2015-11-031-4/+6
| | | | | This should fix up the last bits here: 1) Make the button be red cross, green tick depending and block or pass rule. 2) Put all the necessary bits in the getURL - now the rule display popup works when the button is clicked.
* Dynamism restored, but etc/inc/filter_log.inc still needs work around line 455Stephen Beaver2015-11-021-1/+4
|
* Fix firewall log dynamic rule lookup masterPhil Davis2015-11-021-2/+2
| | | | | | for rows that are dynamically added as time goes by. See https://github.com/pfsense/pfsense/pull/2014 for version for RELENG_2_2. This is theoretically the fix. But due to other issues that mean dynamic updates to not happen at all in 2.3-ALPHA, I haven't been able to actually test it just yet.
* It is not necessary manually disable the IPSEC processing when not used.Luiz Otavio O Souza2015-10-311-3/+1
| | | | | | | With the recent IPSEC changes by gnn@, there is no more performance penalty for 1G networks if you have IPSEC compiled in kernel but not used. TAG: tryforward
* The net.inet.ip.fastforward sysctl is retired now.Luiz Otavio O Souza2015-10-312-4/+0
| | | | | | Tryforward instead, is always on and is compatible with IPSEC. TAG: tryforward
* Apply a different fix to issue #2993.Luiz Otavio O Souza2015-10-311-2/+2
| | | | | | | | | Instead of forcing the encrypted traffic in transport mode as ENC_AFTER, just change the mask to allow ENC_BEFORE events. Theoretically, this eliminate the need of ipsec_transport_filterfix.diff. Issue: #2993
* Obsolete strongswan SMP filesRenato Botelho2015-10-301-0/+4
|
* Set leftsendcert=always for IKEv2 configurations with certificates to better ↵jim-p2015-10-281-0/+5
| | | | accommodate OS X and iOS manual configurations. Fixes #5353
* Include www/classes and www/classes/Form in the PHP include pathStephen Beaver2015-10-271-1/+1
|
* Require notices.inc only if it's going to be usedRenato Botelho2015-10-271-1/+3
|
* IKE auto mode is back, remove this config upgrade code unsetting it.Chris Buechler2015-10-241-4/+0
|
* Rework the way GUI reads packages tabs, it fixes #5311Renato Botelho2015-10-221-0/+22
|
* Remove more references to theme, ticket #5333Renato Botelho2015-10-222-1/+4
|
* Fix function name, spotted by mgsmithRenato Botelho2015-10-221-1/+1
|
* Remove config stuff for WEP. on upgrade, disable WEP on interfaces that have ↵Matt Smith2015-10-223-24/+25
| | | | it configured and disable those interfaces and generate a notice. Fixes #5123.
* Remove a leftover from mergeRenato Botelho2015-10-221-1/+0
|
* Completed #5333Stephen Beaver2015-10-225-200/+268
|
* Check unbound root.key file contents, and remove it if invalid, before ↵Chris Buechler2015-10-211-0/+9
| | | | unbound-anchor runs otherwise it will fail and unbound will fail to start. fsync the file after writing to prevent the problem. Ticket #5334
* Make setting charon.plugins.attr.subnet conditional on net_list being set. SetMatt Smith2015-10-211-3/+1
| | | | it's value to list of subnets configured as P2's for mobile IPsec. Fixes #5327.
* Disable strongswan logging under auth since it's all logged under daemon,Chris Buechler2015-10-201-0/+5
| | | | so nothing is duplicated. Ticket #5242
* Sort return of get_pkg_info()Renato Botelho2015-10-201-0/+5
|
* Change get_pkg_info() to also return installed_versionRenato Botelho2015-10-201-0/+13
|
* Make get_pkg_info() add a tag saying when package is installedRenato Botelho2015-10-201-0/+4
|
* Remove unnecessary functions verify_all_package_servers() and ↵Renato Botelho2015-10-201-10/+0
| | | | check_package_server_ssl()
* Teach get_pkg_info() to deal with an array of packagesRenato Botelho2015-10-201-1/+10
|
* Remove WWW: line from pkg descRenato Botelho2015-10-201-0/+2
|
* Add pkg_version_compare()Renato Botelho2015-10-201-0/+20
|
* Remove fifo debug from internal functionsRenato Botelho2015-10-201-18/+0
|
* Check whether the P2 or its associated P1 are disabled before adding NATChris Buechler2015-10-201-1/+8
| | | | rules. Ticket #5320
* Cleanup unused code:Renato Botelho2015-10-206-458/+9
| | | | | | | | | | | | | | | | - Remove xmlrpcbaseurl from globals - Remove xmlrpcpath from globals - Remove embeddedbootupslice from globals - Remove call_pfsense_method() - Remove check_firmware_version() - Remove get_active_xml_rpc_base_url() - Remove zeromq.inc - Remove pkg_mgr_settings.php - Remove pkg_mgr_settings.php privilege definitions - Bump config version to 12.3 - Write upgrade code to cleanup $config['altpkgrepo'] - Remove check_firmware_version method from xmlrpc.php - Fix pfSense_firmware_version_doc text
* Rework installpkg and uninstallpkg scripts to use pfSense-upgradeRenato Botelho2015-10-202-39/+18
|
* Disable zero copy buffers in bpf.Luiz Otavio O Souza2015-10-191-1/+0
| | | | | | | | | This was a no-op before my changes (so this was never really enabled) and now it is known to cause issues with tcpdump and hostapd. Disable this until we fix all the raised issues. Issue: #5257
* Fix the captive portal rules after 98bf4991dc31f97fc7315a6b8aba433de9d39cea.Luiz Otavio O Souza2015-10-191-10/+4
| | | | | | The malformed rules breaks the parsing of initialisation rules. Issue: #4746
* Fixed bogus "Beginning package installation" message from the ↵Stephen Beaver2015-10-161-2/+0
| | | | install_package_XML() function
* Add 'caref' attribute to the ca object passed into ca_inter_create so aMatt Smith2015-10-161-0/+1
| | | | relationship to the signing CA can be maintained. Fixes #5313.
* Limit strongswan trusted CA certificates to those required for authentication ofMatt Smith2015-10-161-22/+46
| | | | the configured IPsec SA's instead of trusting all known CA's. Fixes #5243.
* only use daemon and not auth for strongswan logging. As it was, all logs ↵Chris Buechler2015-10-151-6/+0
| | | | were duplicated. Ticket #5242
* fix comparison here. Ticket #4558Chris Buechler2015-10-151-1/+1
|
* Set rightca for IPsec phase 1 using Mutual RSA, Mutual RSA + xauth, or ↵Matt Smith2015-10-151-0/+24
| | | | EAP-TLS. Fixes #5241.
* Disable repo auto updateRenato Botelho2015-10-141-2/+4
|
* Merge pull request #1689 from jlduran/l2tp-mschapv2Matt Smith2015-10-141-4/+10
|\
OpenPOWER on IntegriCloud