summaryrefslogtreecommitdiffstats
path: root/src/etc
Commit message (Collapse)AuthorAgeFilesLines
* Since we moved to stream related function on xmlrpc_client, we should use ↵Renato Botelho2016-01-261-2/+6
| | | | tcp:// as protocol for http. Fix issue reported at https://forum.pfsense.org/index.php?topic=105890.0
* Fix #5816 (re)start of IPsecPhil Davis2016-01-261-5/+7
|
* handle bridge interface IPs so they don't get added in the wrong order. ↵Chris Buechler2016-01-261-1/+4
| | | | Matches behavior to what "apply changes" on interfaces.php does. Ticket #3997
* Add uniqid tag to CARP VIPs that don't have one upon upgrade. Ticket #4858Chris Buechler2016-01-252-1/+15
|
* Fix up config setting for killing states on gateway failure. Enable this ↵Chris Buechler2016-01-254-6/+17
| | | | option where gw_down_kill_states is set. Flip setting accordingly during config upgrade to not use confusing 'kill_states' tag to not kill states. Ticket #5815
* Fixes the other uses of SERVER_NAME in tree.Luiz Otavio O Souza2016-01-252-3/+3
| | | | The SERVER_NAME variable is not available anymore, use HTTP_HOST instead.
* Merge pull request #2025 from apilloud/dhcp-ignoreunknownRenato Botelho2016-01-251-3/+7
|\
| * Make DHCP deny action configurableAndrew Pilloud2015-11-051-3/+7
| |
* | interface_bridge_add_member is inadequate for adding a bridge member that ↵Chris Buechler2016-01-231-1/+7
| | | | | | | | may have not existed at the time of bridge interface's creation. interface_bridge_configure on the interface's bridge ensures all settings (private, etc.) are applied. Ticket #4312
* | Switch to disabling strongswan unity plugin by default. Ticket #4178Chris Buechler2016-01-233-2/+14
| |
* | Replace default passwd hash for root/admin using blowfishRenato Botelho2016-01-221-2/+2
| |
* | Fix #5794 remove print_info_box_np chackes for gettext("apply")Phil Davis2016-01-221-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 1) Get rid of the stristr() checks to "guess" if an apply button should be used. 2) Change print_info_box() so it can take a button name of "close" , "apply" or none to decide which button to show. 3) Delete function print_info_box_np_undo() - nothing calls it. 4) Add new function print_apply_box() to provide an easy wrapper for print_info_box() with the parameters to be 'warning' level and 'apply' button. 5) Change print_info_box_np() calls to just print_info_box() or print_apply_box() as appropriate. There is 1 direct call to print_info_box_np() from vpn_ipsec_mobile.php remaining. That tries to make a "create" button. It was not working before this change. It needs to be sorted out and fixed separately. After this change there is no dependency on a string containing text like "apply" to make the apply button appear. Then we can work on re-engineering the internal code of print_info_box_np() print_info_box() and print_apply_box() to fit together however we like. It should be easy to preserving the current API to print_info_box() and print_apply_box().
* | Somehow missed this in the committed version.jim-p2016-01-221-1/+1
| |
* | Relocate subnet mask drop-down to a more sensible place on the PPPoE server, ↵jim-p2016-01-221-1/+6
| | | | | | | | add a user login count option.
* | Make sure LANG = C for pkg callsRenato Botelho2016-01-221-0/+1
| |
* | Move set_language() call back to guiconfig.inc since it's causing trouble on ↵Renato Botelho2016-01-221-5/+0
| | | | | | | | console
* | Remove attributions of return code not being used at allRenato Botelho2016-01-221-4/+4
| |
* | Follow FreeBSD steps (r294560) and stop creating rsa1 and dsa keys by defaultRenato Botelho2016-01-221-2/+0
| |
* | Fix #5690:Renato Botelho2016-01-213-14/+18
| | | | | | | | | | | | - Remove parameters from set_language() - Add a global variable for default language - add env var for LANG, otherwise it won't work
* | Fixed #5789Stephen Beaver2016-01-211-2/+2
| |
* | Use tab instead of spacesDenny Page2016-01-211-1/+1
| |
* | Use a single call to dpinger for a coherent view of latency/stddev/loss.Denny Page2016-01-211-5/+5
| |
* | The topology line also must be skipped if an SSL/TLS mode is used with a ↵jim-p2016-01-211-1/+2
| | | | | | | | CIDR less than 30.
* | Initialize $stop_time inside foreach to make sure it resets to proper value ↵Renato Botelho2016-01-201-1/+1
| | | | | | | | each iteration since it's changed inside loop. Reported on https://github.com/pfsense/pfsense/pull/2487
* | Obsolete libstrongswan-unity.MOVEDRenato Botelho2016-01-201-0/+1
| |
* | Fix #4178:Renato Botelho2016-01-201-13/+9
| | | | | | | | | | | | | | - Stop moving unity .so file around to make it not being loaded - Include all modules default .conf file from strongswan.d/charon - After default files are included, define custom settings - When unity is disabled, add a rule to make strongswan to not load it
* | Fix strongswan.conf indent levelRenato Botelho2016-01-201-1/+1
| |
* | Fix strongswan.conf indent levelRenato Botelho2016-01-201-22/+22
| |
* | Merge pull request #2472 from dennypage/masterChris Buechler2016-01-191-0/+1
|\ \
| * | Add standard deviation to gateway status and widgetDenny Page2016-01-181-0/+1
| | |
* | | Remove ORIGINAL_PORTAL_IP, it was never used.Chris Buechler2016-01-191-2/+0
| | |
* | | Revert chmod change from 9219378b588ce968702be2a7e153aa984504b6aaNewEraCracker2016-01-191-0/+0
| | |
* | | Merge pull request #2450 from hexaclock/masterRenato Botelho2016-01-191-5/+29
|\ \ \
| * | | Update auth.incDan Vinakovsky2016-01-181-1/+1
| | | | | | | | | | | | add XXX prefix.
| * | | add note about r284483Daniel Vinakovsky2016-01-181-4/+4
| | | |
| * | | more style fixes. unset old fieldsDaniel Vinakovsky2016-01-181-4/+3
| | | |
| * | | style fixesDaniel Vinakovsky2016-01-181-4/+2
| | | |
| * | | Merge remote-tracking branch 'upstream/master'Daniel Vinakovsky2016-01-1646-813/+2804
| |\ \ \
| * | | | compatibility with freebsdDaniel Vinakovsky2016-01-161-0/+9
| | | | |
| * | | | switched to bcrypt as per #4120daniel2016-01-141-5/+23
| | | | | | | | | | | | | | | | | | | | added bcrypt auth as per #4120
* | | | | Update smtp.inc to 2016-01-18Renato Botelho2016-01-191-5/+5
| | | | |
* | | | | autocapitalize off is deprecated, use none instead. Ticket #5776Chris Buechler2016-01-181-1/+1
| |_|/ / |/| | |
* | | | Bring text to current realityRenato Botelho2016-01-181-1/+1
| | | |
* | | | Merge pull request #2421 from stilez/patch-8Renato Botelho2016-01-181-23/+31
|\ \ \ \
| * | | | should be min($bits1, $bits2) for 'largest subnet'stilez2016-01-181-2/+2
| | | | |
| * | | | 5 or 6stilez2016-01-131-1/+1
| | | | |
| * | | | fix $subnet1 should be $subnet2, thanks rbgarbastilez2016-01-131-2/+2
| | | | |
| * | | | fix 4 should be 6 (thanks, good catch)stilez2016-01-131-3/+3
| | | | |
| * | | | Fix logic for subnet overlap check + canonical for IPv6stilez2016-01-131-24/+32
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The subnet overlap functions came up as a concern while fixing redmine 5702. Specifically - The "canonical" function check_subnets_overlap() doesn't handle IPv6 (util.inc has standardised on v4/v6/agnostic versions, but this doesn't fit). Fixed by adding transparent detection of v4/v6 and a specific IPv4-only version The IPv6 version is wrong (if sub1 *contains* sub2 then neither of sub1's endpoints will be detected as "inrange" of sub2 and result will be incorrect: this logic error has been fixed recently in other code too) Bad data isn't detected - this still isn't detected for compatibility and is tagged "FIXME" instead to look at in future. Reason - not to break anything, at present always returns "overlap = true/false", not "true/false/invalid input". because CIDR overlap implies containment, the IPv4 version uses a very efficient logic, namely calculates largest size subnet and checks this is same for both. Adopting this for both, and simplifying, makes these functions far "neater" The old v4 version allowed for non-numeric $bits which doesn't make sense and I've omitted. Cannot think of a single situation where we would provide empty or bad data when we actually mean a /32 single IP. Solution in this commit - a canonical "overlap" test (IPv4/IPv6 agnostic), IPv4/v6 "overlap" versions that actually do the work, in each case using the same logic as the old v4 (identify largest bit size and test if subnets created are valid and identical), and tag lack of "bad data" detection as fixme for now, returning FALSE instead to avoid breaking anything until fixed. Should be transparent from outside.
* | | | | Respect smtp debug settingRenato Botelho2016-01-181-2/+4
| | | | |
OpenPOWER on IntegriCloud