summaryrefslogtreecommitdiffstats
path: root/src/etc
Commit message (Collapse)AuthorAgeFilesLines
* Handle start/stop of OpenVPN client instances bound to gateway groups using ↵Chris Buechler2016-02-062-2/+26
| | | | CARP IPs. Ticket #4858
* clean up textChris Buechler2016-02-062-4/+4
|
* Fix get_interface_ip to return correct IP for CARP VIPs. Ticket #4858Chris Buechler2016-02-061-0/+4
|
* Fix find_interface_ip for gateway groups with VIPs. Ticket #4858Chris Buechler2016-02-051-3/+3
|
* Merge pull request #2585 from k-paulius/patch-pkg-syslog-v2Chris Buechler2016-02-041-1/+2
|\
| * Adding ability to run dhcp6c in debug mode.k-paulius2016-02-041-1/+2
| |
* | Set gif interface MTU in interface_gif_configure if it's not already ↵Chris Buechler2016-02-041-0/+14
|/ | | | correct. Ticket #5842
* Return blank rather than 0ms/0% for unmonitored gateways latency and loss. ↵Chris Buechler2016-02-041-2/+2
| | | | Show on dashboard widget when a gateway is unmonitored. Ticket #2226
* Remove rc.restore_full_backup, remainder of full backup components were ↵Chris Buechler2016-02-042-20/+1
| | | | removed already.
* Enable gzip compression in nginx.Chris Buechler2016-02-041-0/+3
|
* Allow gateway weights up to 30, and add a check in filter.inc to prevent ↵Chris Buechler2016-02-041-0/+8
| | | | creating too long of a route-to line. Related to pull request 1614
* Fix multi-session time counting for the FreeRADIUS start/stop case. Ticket #2164jim-p2016-02-041-1/+8
|
* Merge pull request #2584 from schinken/radvd-lifetime-defaultsRenato Botelho2016-02-041-0/+4
|\
| * Add defaults to radvd valid and preferred lifetimeschinken2016-02-041-0/+4
| |
* | Merge pull request #2435 from stilez/patch-7Renato Botelho2016-02-041-7/+39
|\ \ | |/ |/|
| * variablestilez2016-01-141-4/+4
| | | | | | Used explode to array rather than to a list, and tested array size, so as not to assume it has exactly 2 parts separated by "/".
| * fixing commentstilez2016-01-141-10/+7
| |
| * Subnet size logicstilez2016-01-141-7/+42
| |
* | Simplify is_linklocal()Renato Botelho2016-02-041-20/+9
| |
* | Merge pull request #2320 from stilez/patch-3Renato Botelho2016-02-041-14/+33
|\ \
| * | REBASE of #1786 and #1788, tightening three IP functionsstilez2015-12-231-14/+33
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Resubmit of two PRs that couldn't be merged due to basecode conflicts is_linklocal() - tightened and made correctly IPv4/v6 agnostic per RFCs is_literalipaddrv6() - simplified is_hostnamewithport() - simplified IS_LINKLOCAL() is_linklocal has a few issues, including validating as linklocal, addresses that aren't linklocal according to RFC 4291, validating as a linklocal address input that could contain arbitrary text/no validation of reasonableness on any %(scope/interface) present, and appearing from its function name to be suitable for all linklocal addresses but actually not IPv4/v6 agnostic. 1) IPv4/6 agnostic: while IPv4 linklocal testing isn't much needed, not it should probably be recognised because some code handling linklocal may reasonably expect is_linklocal() to be IPv4/IPv6 agnostic. 2) For IPv6, it tests at least, that the purported scope/interface is [0-9a-z]+ otherwise user input or other text such as "fe80::%\n;ARBIRARYTEXT;" would be validated as a linklocal address and inserted into pf and perhaps other places without further detection, leading to possible vulnerabilities. Also tests scope/interface for a reasonable length of <= 64 chars "just in case". But it doesn't test more than this (and probably should test for valid scope/interface if present). 3) Follows RFC 4291 exactly: IPv6 linklocal isn't just "fe80::", it requires the rest of the first 64 bits to be zero too. The RFC defines it as '1111111010' + 54 zeros (Ref: https://tools.ietf.org/html/rfc4291#section-2.5.6 ) 4) Returns 4 or 6 to give a more exact response to the calling function as to whether the match was an IPv4 linklocal or IPv6 linklocal address (both evaluate to True for Boolean test purposes such as "if (is_linklocal(...))") Note: Net_IPv6::_Ip2Bin() can return shorter binary strings for IPv4 or "junk" input. So this code tests that it returned a 128 bit length, which ensure it was meaningful IPv6. IS_HOSTNAMEWITHPORT() simplified - we don't need to pop() or assign a new variable just to test 2nd member of the array IS_LITERALIPADDRV6() simplified - we don't need an expensive preg_match() to test if it's a valid IPv6 wrapped in "[" ... "]"
* | | Merge pull request #2574 from tiagobar/masterRenato Botelho2016-02-041-1/+1
|\ \ \
| * | | Dynamic DNS URL for NO-IP needs to be updated.Tiago Barrionuevo2016-01-301-1/+1
| | | |
* | | | Fix #5830Renato Botelho2016-02-041-1/+8
| | | | | | | | | | | | | | | | | | | | Add a new advanced option on gateways to allow user define data payload. Default is 0
* | | | Implement Multi-WAN for RFC2136.jim-p2016-02-031-5/+6
| | | | | | | | | | | | | | | | A failover gateway group may be selected similar to the other DynDNS styles.
* | | | Improvements to the priviledge filter functionalityStephen Beaver2016-02-032-11/+11
| | | |
* | | | Merge pull request #2581 from PiBa-NL/23_silence_syncerrorRenato Botelho2016-02-031-1/+1
|\ \ \ \
| * | | | xmlrpc_client.inc, silence the php 'crash' error, sync errors are reported ↵PiBa-NL2016-02-021-1/+1
| | | | | | | | | | | | | | | | | | | | through file-notices already.
* | | | | Gbps isn't interpreted correctly by ipfw for limiters, remove the option. ↵Chris Buechler2016-02-031-1/+1
| | | | | | | | | | | | | | | | | | | | Ticket #4325
* | | | | Fix easy rule problem when using a non-English language, take 2.jim-p2016-02-021-1/+2
| | | | |
* | | | | Use the NAS IP configured for PPPoE server instances. Ticket #185Chris Buechler2016-02-021-0/+3
| | | | |
* | | | | Remove old pppoerestart cron job if it exists. Ticket #1905Chris Buechler2016-02-021-0/+10
| | | | |
* | | | | Set fastcgi_read_timeout to 180 seconds rather than the default 60 for the ↵Chris Buechler2016-02-011-0/+1
| | | | | | | | | | | | | | | | | | | | occasional long-running page.
* | | | | Change Namecheap dyndns to use split hostname and domain name fields. ↵jim-p2016-02-014-30/+59
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Upgrade existing entries automatically. Implements #4366 Code should be generic enough that if other DynDNS providers would work better with a separate domain field, they can pick up the feature without too much trouble.
* | | | | TypoStephen Beaver2016-02-011-1/+1
| | | | |
* | | | | Fixed #5834Stephen Beaver2016-02-011-15/+14
| | | | |
* | | | | Remove all additional packages from the system before reset to factory ↵Renato Botelho2016-02-013-0/+6
| |/ / / |/| | | | | | | | | | | default. Fixes #5829
* | | | OpenVPN server config upgrade already handled in 129_to_130. Ticket #5764Chris Buechler2016-01-291-9/+1
| | | |
* | | | Fix easy rule problem when using a non-English language.jim-p2016-01-291-1/+2
| | | |
* | | | Minor cleanupNewEraCracker2016-01-291-2/+2
| | | | | | | | | | | | | | | | 1) Undo typos in sasl.inc. 2) Remove unused code from CSS. 3) Correct typos in some comments. 4) Convert short_open_tag to full tags. 5) Make 'else' block look like the others.
* | | | Make sure filter rules have a tracker ID, associated rules were missing it ↵Chris Buechler2016-01-291-2/+15
| | | | | | | | | | | | | | | | previously.
* | | | retain OpenVPN's net30 default topology for upgraded configs so they still ↵Chris Buechler2016-01-292-1/+22
| | | | | | | | | | | | | | | | work. Ticket #5764
* | | | Omit topology for tap OpenVPN, as it has no meaning in that contextChris Buechler2016-01-281-1/+1
| | | |
* | | | Remove stray }Chris Buechler2016-01-281-1/+1
| | | |
* | | | Import David W's patch fixing issues with dhcp6c being launched multiple ↵Chris Buechler2016-01-282-3/+39
| | | | | | | | | | | | | | | | times in some circumstances. Ticket #5621
* | | | Add option for FreeRADIUS-friendly stop/start RADIUS accounting updates.jim-p2016-01-281-3/+16
| | | | | | | | | | | | | | | | It needs a sleep between the stop and start, and it needs slightly different figures for start/stop time in the request.
* | | | services.inc code stylePhil Davis2016-01-281-2/+2
| | | | | | | | | | | | from recently-added code
* | | | Remove static routes to DNS servers when gateway is disabled. It should fix ↵Renato Botelho2016-01-281-8/+14
| | | | | | | | | | | | | | | | #4921
* | | | Simplify logicRenato Botelho2016-01-281-19/+14
| | | |
* | | | Cosmetic changes - part deuxStephen Beaver2016-01-281-1/+1
| | | | | | | | | | | | | | | | | | | | Calculate colspans in casenumber of columns change again "bytes" => "B" to reduce column width
OpenPOWER on IntegriCloud