Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Handle start/stop of OpenVPN client instances bound to gateway groups using ↵ | Chris Buechler | 2016-02-06 | 2 | -2/+26 |
| | | | | CARP IPs. Ticket #4858 | ||||
* | clean up text | Chris Buechler | 2016-02-06 | 2 | -4/+4 |
| | |||||
* | Fix get_interface_ip to return correct IP for CARP VIPs. Ticket #4858 | Chris Buechler | 2016-02-06 | 1 | -0/+4 |
| | |||||
* | Fix find_interface_ip for gateway groups with VIPs. Ticket #4858 | Chris Buechler | 2016-02-05 | 1 | -3/+3 |
| | |||||
* | Merge pull request #2585 from k-paulius/patch-pkg-syslog-v2 | Chris Buechler | 2016-02-04 | 1 | -1/+2 |
|\ | |||||
| * | Adding ability to run dhcp6c in debug mode. | k-paulius | 2016-02-04 | 1 | -1/+2 |
| | | |||||
* | | Set gif interface MTU in interface_gif_configure if it's not already ↵ | Chris Buechler | 2016-02-04 | 1 | -0/+14 |
|/ | | | | correct. Ticket #5842 | ||||
* | Return blank rather than 0ms/0% for unmonitored gateways latency and loss. ↵ | Chris Buechler | 2016-02-04 | 1 | -2/+2 |
| | | | | Show on dashboard widget when a gateway is unmonitored. Ticket #2226 | ||||
* | Remove rc.restore_full_backup, remainder of full backup components were ↵ | Chris Buechler | 2016-02-04 | 2 | -20/+1 |
| | | | | removed already. | ||||
* | Enable gzip compression in nginx. | Chris Buechler | 2016-02-04 | 1 | -0/+3 |
| | |||||
* | Allow gateway weights up to 30, and add a check in filter.inc to prevent ↵ | Chris Buechler | 2016-02-04 | 1 | -0/+8 |
| | | | | creating too long of a route-to line. Related to pull request 1614 | ||||
* | Fix multi-session time counting for the FreeRADIUS start/stop case. Ticket #2164 | jim-p | 2016-02-04 | 1 | -1/+8 |
| | |||||
* | Merge pull request #2584 from schinken/radvd-lifetime-defaults | Renato Botelho | 2016-02-04 | 1 | -0/+4 |
|\ | |||||
| * | Add defaults to radvd valid and preferred lifetime | schinken | 2016-02-04 | 1 | -0/+4 |
| | | |||||
* | | Merge pull request #2435 from stilez/patch-7 | Renato Botelho | 2016-02-04 | 1 | -7/+39 |
|\ \ | |/ |/| | |||||
| * | variable | stilez | 2016-01-14 | 1 | -4/+4 |
| | | | | | | Used explode to array rather than to a list, and tested array size, so as not to assume it has exactly 2 parts separated by "/". | ||||
| * | fixing comment | stilez | 2016-01-14 | 1 | -10/+7 |
| | | |||||
| * | Subnet size logic | stilez | 2016-01-14 | 1 | -7/+42 |
| | | |||||
* | | Simplify is_linklocal() | Renato Botelho | 2016-02-04 | 1 | -20/+9 |
| | | |||||
* | | Merge pull request #2320 from stilez/patch-3 | Renato Botelho | 2016-02-04 | 1 | -14/+33 |
|\ \ | |||||
| * | | REBASE of #1786 and #1788, tightening three IP functions | stilez | 2015-12-23 | 1 | -14/+33 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Resubmit of two PRs that couldn't be merged due to basecode conflicts is_linklocal() - tightened and made correctly IPv4/v6 agnostic per RFCs is_literalipaddrv6() - simplified is_hostnamewithport() - simplified IS_LINKLOCAL() is_linklocal has a few issues, including validating as linklocal, addresses that aren't linklocal according to RFC 4291, validating as a linklocal address input that could contain arbitrary text/no validation of reasonableness on any %(scope/interface) present, and appearing from its function name to be suitable for all linklocal addresses but actually not IPv4/v6 agnostic. 1) IPv4/6 agnostic: while IPv4 linklocal testing isn't much needed, not it should probably be recognised because some code handling linklocal may reasonably expect is_linklocal() to be IPv4/IPv6 agnostic. 2) For IPv6, it tests at least, that the purported scope/interface is [0-9a-z]+ otherwise user input or other text such as "fe80::%\n;ARBIRARYTEXT;" would be validated as a linklocal address and inserted into pf and perhaps other places without further detection, leading to possible vulnerabilities. Also tests scope/interface for a reasonable length of <= 64 chars "just in case". But it doesn't test more than this (and probably should test for valid scope/interface if present). 3) Follows RFC 4291 exactly: IPv6 linklocal isn't just "fe80::", it requires the rest of the first 64 bits to be zero too. The RFC defines it as '1111111010' + 54 zeros (Ref: https://tools.ietf.org/html/rfc4291#section-2.5.6 ) 4) Returns 4 or 6 to give a more exact response to the calling function as to whether the match was an IPv4 linklocal or IPv6 linklocal address (both evaluate to True for Boolean test purposes such as "if (is_linklocal(...))") Note: Net_IPv6::_Ip2Bin() can return shorter binary strings for IPv4 or "junk" input. So this code tests that it returned a 128 bit length, which ensure it was meaningful IPv6. IS_HOSTNAMEWITHPORT() simplified - we don't need to pop() or assign a new variable just to test 2nd member of the array IS_LITERALIPADDRV6() simplified - we don't need an expensive preg_match() to test if it's a valid IPv6 wrapped in "[" ... "]" | ||||
* | | | Merge pull request #2574 from tiagobar/master | Renato Botelho | 2016-02-04 | 1 | -1/+1 |
|\ \ \ | |||||
| * | | | Dynamic DNS URL for NO-IP needs to be updated. | Tiago Barrionuevo | 2016-01-30 | 1 | -1/+1 |
| | | | | |||||
* | | | | Fix #5830 | Renato Botelho | 2016-02-04 | 1 | -1/+8 |
| | | | | | | | | | | | | | | | | | | | | Add a new advanced option on gateways to allow user define data payload. Default is 0 | ||||
* | | | | Implement Multi-WAN for RFC2136. | jim-p | 2016-02-03 | 1 | -5/+6 |
| | | | | | | | | | | | | | | | | A failover gateway group may be selected similar to the other DynDNS styles. | ||||
* | | | | Improvements to the priviledge filter functionality | Stephen Beaver | 2016-02-03 | 2 | -11/+11 |
| | | | | |||||
* | | | | Merge pull request #2581 from PiBa-NL/23_silence_syncerror | Renato Botelho | 2016-02-03 | 1 | -1/+1 |
|\ \ \ \ | |||||
| * | | | | xmlrpc_client.inc, silence the php 'crash' error, sync errors are reported ↵ | PiBa-NL | 2016-02-02 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | | | | | through file-notices already. | ||||
* | | | | | Gbps isn't interpreted correctly by ipfw for limiters, remove the option. ↵ | Chris Buechler | 2016-02-03 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | | | | | Ticket #4325 | ||||
* | | | | | Fix easy rule problem when using a non-English language, take 2. | jim-p | 2016-02-02 | 1 | -1/+2 |
| | | | | | |||||
* | | | | | Use the NAS IP configured for PPPoE server instances. Ticket #185 | Chris Buechler | 2016-02-02 | 1 | -0/+3 |
| | | | | | |||||
* | | | | | Remove old pppoerestart cron job if it exists. Ticket #1905 | Chris Buechler | 2016-02-02 | 1 | -0/+10 |
| | | | | | |||||
* | | | | | Set fastcgi_read_timeout to 180 seconds rather than the default 60 for the ↵ | Chris Buechler | 2016-02-01 | 1 | -0/+1 |
| | | | | | | | | | | | | | | | | | | | | occasional long-running page. | ||||
* | | | | | Change Namecheap dyndns to use split hostname and domain name fields. ↵ | jim-p | 2016-02-01 | 4 | -30/+59 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Upgrade existing entries automatically. Implements #4366 Code should be generic enough that if other DynDNS providers would work better with a separate domain field, they can pick up the feature without too much trouble. | ||||
* | | | | | Typo | Stephen Beaver | 2016-02-01 | 1 | -1/+1 |
| | | | | | |||||
* | | | | | Fixed #5834 | Stephen Beaver | 2016-02-01 | 1 | -15/+14 |
| | | | | | |||||
* | | | | | Remove all additional packages from the system before reset to factory ↵ | Renato Botelho | 2016-02-01 | 3 | -0/+6 |
| |/ / / |/| | | | | | | | | | | | default. Fixes #5829 | ||||
* | | | | OpenVPN server config upgrade already handled in 129_to_130. Ticket #5764 | Chris Buechler | 2016-01-29 | 1 | -9/+1 |
| | | | | |||||
* | | | | Fix easy rule problem when using a non-English language. | jim-p | 2016-01-29 | 1 | -1/+2 |
| | | | | |||||
* | | | | Minor cleanup | NewEraCracker | 2016-01-29 | 1 | -2/+2 |
| | | | | | | | | | | | | | | | | 1) Undo typos in sasl.inc. 2) Remove unused code from CSS. 3) Correct typos in some comments. 4) Convert short_open_tag to full tags. 5) Make 'else' block look like the others. | ||||
* | | | | Make sure filter rules have a tracker ID, associated rules were missing it ↵ | Chris Buechler | 2016-01-29 | 1 | -2/+15 |
| | | | | | | | | | | | | | | | | previously. | ||||
* | | | | retain OpenVPN's net30 default topology for upgraded configs so they still ↵ | Chris Buechler | 2016-01-29 | 2 | -1/+22 |
| | | | | | | | | | | | | | | | | work. Ticket #5764 | ||||
* | | | | Omit topology for tap OpenVPN, as it has no meaning in that context | Chris Buechler | 2016-01-28 | 1 | -1/+1 |
| | | | | |||||
* | | | | Remove stray } | Chris Buechler | 2016-01-28 | 1 | -1/+1 |
| | | | | |||||
* | | | | Import David W's patch fixing issues with dhcp6c being launched multiple ↵ | Chris Buechler | 2016-01-28 | 2 | -3/+39 |
| | | | | | | | | | | | | | | | | times in some circumstances. Ticket #5621 | ||||
* | | | | Add option for FreeRADIUS-friendly stop/start RADIUS accounting updates. | jim-p | 2016-01-28 | 1 | -3/+16 |
| | | | | | | | | | | | | | | | | It needs a sleep between the stop and start, and it needs slightly different figures for start/stop time in the request. | ||||
* | | | | services.inc code style | Phil Davis | 2016-01-28 | 1 | -2/+2 |
| | | | | | | | | | | | | from recently-added code | ||||
* | | | | Remove static routes to DNS servers when gateway is disabled. It should fix ↵ | Renato Botelho | 2016-01-28 | 1 | -8/+14 |
| | | | | | | | | | | | | | | | | #4921 | ||||
* | | | | Simplify logic | Renato Botelho | 2016-01-28 | 1 | -19/+14 |
| | | | | |||||
* | | | | Cosmetic changes - part deux | Stephen Beaver | 2016-01-28 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | | | | | Calculate colspans in casenumber of columns change again "bytes" => "B" to reduce column width |