Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | add dhcpd rrd graph | heper | 2015-11-06 | 1 | -1/+42 |
| | |||||
* | Removed simplepie files (and update obsoleted files list) | Stephen Beaver | 2015-11-06 | 3 | -13689/+2 |
| | |||||
* | Copyright updates ( 3 of 3) | Stephen Beaver | 2015-11-06 | 2 | -2/+6 |
| | |||||
* | A new fix for #4130: | Renato Botelho | 2015-11-03 | 1 | -2/+10 |
| | | | | | | | | | | | | The fix added for this bug, that check xml file size is < 200 to decide if file must or not be read created a new issue, single entry is not showed. Instead of doing this, check parse_xml_config() return and return empty array when it's -1 While here, prevent errors saying parse_xml_config() doesn't exist and make sure xmlparse.inc is required | ||||
* | Only call pfSense_ipsec_list_sa() when IPsec is enabled | Renato Botelho | 2015-11-03 | 1 | -0/+13 |
| | |||||
* | changes for #5219 accidentally reverted unrelated changes made by other ↵ | Matt Smith | 2015-11-03 | 1 | -30/+6 |
| | | | | commits. Restore those & remove some dead code that was commented out. | ||||
* | Don't allow IPsec mobile clients user auth source to not be a RADIUS server if | Matt Smith | 2015-11-03 | 1 | -6/+43 |
| | | | | | the phase1 auth method is EAP-RADIUS. Properly handle selection of multiple RADIUS servers when using EAP-RADIUS. Fixes #5219. | ||||
* | Restore ipsec_dump_spd() accidentally removed on ↵ | Renato Botelho | 2015-11-03 | 1 | -0/+54 |
| | | | | 7fcd5ea8bb2e7c9c94e1f38008fc3da440eb14e8. Pointy hat to: garga | ||||
* | Retire ipsec_smp_dump_status() | Renato Botelho | 2015-11-03 | 1 | -101/+0 |
| | |||||
* | Filter log dynamic pass/block button | Phil Davis | 2015-11-03 | 1 | -4/+6 |
| | | | | | This should fix up the last bits here: 1) Make the button be red cross, green tick depending and block or pass rule. 2) Put all the necessary bits in the getURL - now the rule display popup works when the button is clicked. | ||||
* | Dynamism restored, but etc/inc/filter_log.inc still needs work around line 455 | Stephen Beaver | 2015-11-02 | 1 | -1/+4 |
| | |||||
* | Fix firewall log dynamic rule lookup master | Phil Davis | 2015-11-02 | 1 | -2/+2 |
| | | | | | | for rows that are dynamically added as time goes by. See https://github.com/pfsense/pfsense/pull/2014 for version for RELENG_2_2. This is theoretically the fix. But due to other issues that mean dynamic updates to not happen at all in 2.3-ALPHA, I haven't been able to actually test it just yet. | ||||
* | It is not necessary manually disable the IPSEC processing when not used. | Luiz Otavio O Souza | 2015-10-31 | 1 | -3/+1 |
| | | | | | | | With the recent IPSEC changes by gnn@, there is no more performance penalty for 1G networks if you have IPSEC compiled in kernel but not used. TAG: tryforward | ||||
* | The net.inet.ip.fastforward sysctl is retired now. | Luiz Otavio O Souza | 2015-10-31 | 2 | -4/+0 |
| | | | | | | Tryforward instead, is always on and is compatible with IPSEC. TAG: tryforward | ||||
* | Apply a different fix to issue #2993. | Luiz Otavio O Souza | 2015-10-31 | 1 | -2/+2 |
| | | | | | | | | | Instead of forcing the encrypted traffic in transport mode as ENC_AFTER, just change the mask to allow ENC_BEFORE events. Theoretically, this eliminate the need of ipsec_transport_filterfix.diff. Issue: #2993 | ||||
* | Obsolete strongswan SMP files | Renato Botelho | 2015-10-30 | 1 | -0/+4 |
| | |||||
* | Set leftsendcert=always for IKEv2 configurations with certificates to better ↵ | jim-p | 2015-10-28 | 1 | -0/+5 |
| | | | | accommodate OS X and iOS manual configurations. Fixes #5353 | ||||
* | Include www/classes and www/classes/Form in the PHP include path | Stephen Beaver | 2015-10-27 | 1 | -1/+1 |
| | |||||
* | Require notices.inc only if it's going to be used | Renato Botelho | 2015-10-27 | 1 | -1/+3 |
| | |||||
* | IKE auto mode is back, remove this config upgrade code unsetting it. | Chris Buechler | 2015-10-24 | 1 | -4/+0 |
| | |||||
* | Rework the way GUI reads packages tabs, it fixes #5311 | Renato Botelho | 2015-10-22 | 1 | -0/+22 |
| | |||||
* | Remove more references to theme, ticket #5333 | Renato Botelho | 2015-10-22 | 2 | -1/+4 |
| | |||||
* | Fix function name, spotted by mgsmith | Renato Botelho | 2015-10-22 | 1 | -1/+1 |
| | |||||
* | Remove config stuff for WEP. on upgrade, disable WEP on interfaces that have ↵ | Matt Smith | 2015-10-22 | 3 | -24/+25 |
| | | | | it configured and disable those interfaces and generate a notice. Fixes #5123. | ||||
* | Remove a leftover from merge | Renato Botelho | 2015-10-22 | 1 | -1/+0 |
| | |||||
* | Completed #5333 | Stephen Beaver | 2015-10-22 | 5 | -200/+268 |
| | |||||
* | Check unbound root.key file contents, and remove it if invalid, before ↵ | Chris Buechler | 2015-10-21 | 1 | -0/+9 |
| | | | | unbound-anchor runs otherwise it will fail and unbound will fail to start. fsync the file after writing to prevent the problem. Ticket #5334 | ||||
* | Make setting charon.plugins.attr.subnet conditional on net_list being set. Set | Matt Smith | 2015-10-21 | 1 | -3/+1 |
| | | | | it's value to list of subnets configured as P2's for mobile IPsec. Fixes #5327. | ||||
* | Disable strongswan logging under auth since it's all logged under daemon, | Chris Buechler | 2015-10-20 | 1 | -0/+5 |
| | | | | so nothing is duplicated. Ticket #5242 | ||||
* | Sort return of get_pkg_info() | Renato Botelho | 2015-10-20 | 1 | -0/+5 |
| | |||||
* | Change get_pkg_info() to also return installed_version | Renato Botelho | 2015-10-20 | 1 | -0/+13 |
| | |||||
* | Make get_pkg_info() add a tag saying when package is installed | Renato Botelho | 2015-10-20 | 1 | -0/+4 |
| | |||||
* | Remove unnecessary functions verify_all_package_servers() and ↵ | Renato Botelho | 2015-10-20 | 1 | -10/+0 |
| | | | | check_package_server_ssl() | ||||
* | Teach get_pkg_info() to deal with an array of packages | Renato Botelho | 2015-10-20 | 1 | -1/+10 |
| | |||||
* | Remove WWW: line from pkg desc | Renato Botelho | 2015-10-20 | 1 | -0/+2 |
| | |||||
* | Add pkg_version_compare() | Renato Botelho | 2015-10-20 | 1 | -0/+20 |
| | |||||
* | Remove fifo debug from internal functions | Renato Botelho | 2015-10-20 | 1 | -18/+0 |
| | |||||
* | Check whether the P2 or its associated P1 are disabled before adding NAT | Chris Buechler | 2015-10-20 | 1 | -1/+8 |
| | | | | rules. Ticket #5320 | ||||
* | Cleanup unused code: | Renato Botelho | 2015-10-20 | 6 | -458/+9 |
| | | | | | | | | | | | | | | | | - Remove xmlrpcbaseurl from globals - Remove xmlrpcpath from globals - Remove embeddedbootupslice from globals - Remove call_pfsense_method() - Remove check_firmware_version() - Remove get_active_xml_rpc_base_url() - Remove zeromq.inc - Remove pkg_mgr_settings.php - Remove pkg_mgr_settings.php privilege definitions - Bump config version to 12.3 - Write upgrade code to cleanup $config['altpkgrepo'] - Remove check_firmware_version method from xmlrpc.php - Fix pfSense_firmware_version_doc text | ||||
* | Rework installpkg and uninstallpkg scripts to use pfSense-upgrade | Renato Botelho | 2015-10-20 | 2 | -39/+18 |
| | |||||
* | Disable zero copy buffers in bpf. | Luiz Otavio O Souza | 2015-10-19 | 1 | -1/+0 |
| | | | | | | | | | This was a no-op before my changes (so this was never really enabled) and now it is known to cause issues with tcpdump and hostapd. Disable this until we fix all the raised issues. Issue: #5257 | ||||
* | Fix the captive portal rules after 98bf4991dc31f97fc7315a6b8aba433de9d39cea. | Luiz Otavio O Souza | 2015-10-19 | 1 | -10/+4 |
| | | | | | | The malformed rules breaks the parsing of initialisation rules. Issue: #4746 | ||||
* | Fixed bogus "Beginning package installation" message from the ↵ | Stephen Beaver | 2015-10-16 | 1 | -2/+0 |
| | | | | install_package_XML() function | ||||
* | Add 'caref' attribute to the ca object passed into ca_inter_create so a | Matt Smith | 2015-10-16 | 1 | -0/+1 |
| | | | | relationship to the signing CA can be maintained. Fixes #5313. | ||||
* | Limit strongswan trusted CA certificates to those required for authentication of | Matt Smith | 2015-10-16 | 1 | -22/+46 |
| | | | | the configured IPsec SA's instead of trusting all known CA's. Fixes #5243. | ||||
* | only use daemon and not auth for strongswan logging. As it was, all logs ↵ | Chris Buechler | 2015-10-15 | 1 | -6/+0 |
| | | | | were duplicated. Ticket #5242 | ||||
* | fix comparison here. Ticket #4558 | Chris Buechler | 2015-10-15 | 1 | -1/+1 |
| | |||||
* | Set rightca for IPsec phase 1 using Mutual RSA, Mutual RSA + xauth, or ↵ | Matt Smith | 2015-10-15 | 1 | -0/+24 |
| | | | | EAP-TLS. Fixes #5241. | ||||
* | Disable repo auto update | Renato Botelho | 2015-10-14 | 1 | -2/+4 |
| | |||||
* | Merge pull request #1689 from jlduran/l2tp-mschapv2 | Matt Smith | 2015-10-14 | 1 | -4/+10 |
|\ |