summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* ipsec widget, check for valid arrayPiBa-NL2016-07-031-0/+3
| | | | (cherry picked from commit 658180daffe0fe5f005b6fe6b528c758309dffef)
* Update system_usermanager_settings.phpBBcan1772016-07-011-1/+1
| | | Use of undefined constant min - assumed 'min'
* Update system_crlmanager.phpBBcan1772016-07-011-1/+1
| | | | Use of undefined constant min - assumed 'min' Use of undefined constant max - assumed 'max'
* Fix undefined constantBBcan1772016-07-011-4/+4
| | | | Notice: Use of undefined constant min - assumed 'min' Notice: Use of undefined constant max - assumed 'max'
* Diag Tables Last UpdateNOYB2016-06-301-1/+1
| | | | Use correct Thursday abbreviation (s/Thr/Thu/).
* Handle more invalid IPv6 formatsPhil Davis2016-06-301-6/+12
|
* Add playback files for disabling and enabling CARP maintenance mode. Ticket ↵Chris Buechler2016-06-292-0/+10
| | | | #6560
* Omit <secret> tags from L2TP in status.php config.xml dump.Chris Buechler2016-06-291-0/+1
|
* Restore 2.2.x and prior means of obtaining pfsync nodes to avoid exhausting ↵Chris Buechler2016-06-291-9/+5
| | | | memory on systems with large state tables. Ticket #6364
* Shorten gwifip if whole socket path exceeds 100 charsDaniel Hoffend2016-06-281-4/+10
| | | | | | | | | | | dpinger stopps with an error when the socketname exceeds over (around) 100 characters. The dpinger will not start and not deliver monitoring results to the WebUI. These long socket names can get created when using link-local addresses and long gateway names / interface scopes. See Ticket 6505
* Use a different delimiter for dpinger socket namesDaniel Hoffend2016-06-281-5/+5
| | | | | | | Currently underscores are used to seperate gwifip, monitorip, etc, but underscors are also used in vlan subinterfaces like em0_vlan10 and therefore can't be used because the interface scope is appended to IPv6 link-local addresses.
* Set pipe_slot_limit to the maximum configured qlimit value. Move the ↵Chris Buechler2016-06-281-5/+13
| | | | set_sysctl out if the block where it only gets run if dummynet isn't already loaded. Ticket #6553
* Clean up limiter text. Remove old commented out bit.Chris Buechler2016-06-281-16/+7
|
* Fix matching of chars in IPv6 address segmentsPhil Davis2016-06-281-1/+1
| | | | | | | | | | | | | | | | | | | | The existing regex here is wrong, it matches 0 or more of the hex digits but then there can be other rubbish in the string, in fact anything at all! It matches "az", "z", "qwerty" and so on. So the "return false" inside this "if" never happens. In most cases the later code catches problems, because it converts the string from hex to decimal (and things like "z" end up as decimal 0), then it does some back-conversion of the answer to hex and realizes something is different and so does not count the entry as one of the needed 8 valid segments of the IPv6 address. This goes wrong if the user supplies a string with 8 valid IPv6 hex pieces and 1 or more extra invalid ones anywhere in the list. In that case the code finds 8 good chunks and thinks that all is well. Try using the pfSense is_ipaddrv6() with strings like: $ipaddr = "1:2:3:4:5:6:7:z:a"; $ret = is_ipaddrv6($ipaddr); var_dump($ret); That returns true - which is not good! You can put the invalid items anywhere you like, as long as you have 8 valid items, such as: "1:2:3:xy:4:5:6:7:8" "gh:1:2:3:xy:4:5:6:7:8" "1:2:3:xy:4:5:6:7:8:qw" This change makes this initial validity check on the characters actually work, so it avoids the later code having to deal with that at all. (cherry picked from commit 8a950b3c3765f5349983130611354bfead0abafb)
* Remove a-f from IPv4 address patternPhil Davis2016-06-281-2/+2
| | | | | It seems to me that a through f should not be part of the pattern for the "V4" case. (cherry picked from commit 1f49dd8a3a49b724ded5840c1db6c168ed466aae)
* Always use require_oncePhil Davis2016-06-27172-276/+276
| | | | | | | | | The usage of require() and require_once() throughout the system is inconsistent, and "bugs" come up now and then when the order of "requires" is a bit different and some require() happens after the include file is already included/required. It seems to me that there is no harm at all in always using require_once().
* Run generate-privdefs.php to update priv.defs.incjim-p2016-06-271-1/+1
|
* Use the translated destination for kill_states if one exists. Ticket #6531Chris Buechler2016-06-241-4/+7
|
* Correct/clarify column header. Ticket #6530Chris Buechler2016-06-241-1/+1
|
* Fix styleChris Buechler2016-06-241-3/+4
|
* pfSense_get_pf_states always returns source as src and dest as dst, this ↵Chris Buechler2016-06-241-20/+10
| | | | flipping based on direction is wrong. Ticket #6530
* Fix styleChris Buechler2016-06-241-7/+13
|
* Add include of functions.inc for declaration of gettextDenny Page2016-06-241-0/+1
|
* Include interface scope on IPv6 static routes to link local gateway IPs. ↵Chris Buechler2016-06-241-0/+4
| | | | Ticket #6506
* Comment typoStephen Beaver2016-06-231-1/+1
| | | | (cherry picked from commit b069f77e0a5e355e811dd7bd4a4d17a802a3f682)
* Revert "adding privileges and separating DNS Resolver overrides from general ↵Chris Buechler2016-06-235-323/+3
| | | | | | settings" This reverts commit fc76a1e390c8ce9579df31457c74d1d0e572b78d.
* Shouldn't the priv match here be set to "services_rfc2136_edit.php*"?NOYB2016-06-231-1/+1
| | | | (cherry picked from commit 5c403f843291bdc670dcdb45e1e097f2eb7f36ab)
* Load actual value of webguihostnamemenuPhil Davis2016-06-231-1/+1
| | | | | This is a string from a list of valid values (empty, "hostonly", "fqdn"). So it is not correct to just gather a true/false value here. (cherry picked from commit e93242eb2ad5a45fb6ab1526f0b6ddcc716e5b96)
* Restored countdown functionality and menu refresh on successful ↵Stephen Beaver2016-06-231-5/+23
| | | | | | | | update/remove/install Added comments to clarify operation of the page (cherry picked from commit 18295ff2f907f638afa9f7c665cc16e4262e6899)
* Clarify ports alias hint. Ticket #6523Chris Buechler2016-06-221-1/+1
|
* % and / are also allowed in valuesjim-p2016-06-221-2/+2
|
* Fix Bug #6394 - Incorrect Output of TranslationNewEraCracker2016-06-224-4/+9
| | | | | | Apparently gettext() does not behave correctly when passed an empty string, this commit ensures gettext() is called only with non-empty strings (cherry picked from commit 6ae99aba5cab12440d88dd9ddaa6535c3b9b5d82)
* Remove duplicate listtags() entry 'member'.NOYB2016-06-222-2/+2
| | | | (cherry picked from commit 40d7e4bee91246db09cc88141869abcd37390bc7)
* Remove subnet_expand()stilez2016-06-221-24/+0
| | | | | Function isn't used in main or packages repo, and in any case would need a complete rewrite to handle IPv6. (cherry picked from commit 6215902c4043726e633fcfac1c37c710ac398653)
* Fix #6482 OpenVPN Redirect Gateway Option Causes GUI IssuePhil Davis2016-06-221-2/+4
| | | | | | This fixes the GUI inconsistency reported in the referenced bug. On edit of an OpenVPN server that has tun mode, not shared key, and the gwredir checkbox checked, the local_network fields are shown, but actually they should be hidden (because that is what happens on first data entry when gwredir is checked). At least this makes the GUI consistent. Then the other issues mentioned in Redmine feature 6483 can be addressed separately. (cherry picked from commit fa20dac1b58488713d88b44cafc760a83d79cb66)
* added missing div.content wrapper when reloading filtershailthemelody2016-06-221-12/+14
| | | | (cherry picked from commit e8406abe627675db2c2f77a81c1bb883f5158bb6)
* Fix PHP Warning about invalid argument supplied for foreachNewEraCracker2016-06-222-6/+10
| | | | | | If _POST['members'] or _POST['groups'] is not set / none selected at GUI, it would give a warning on crash reporter (dev versions) (cherry picked from commit 9f4722022f0e8114741e8cf1a421520fded8be1f)
* Fix bad escapeshellarg logic on mpd executionNewEraCracker2016-06-221-2/+3
| | | | | | With this change single-quotes are applied in correct places (cherry picked from commit 08cd022545be58a46b860500ff81bbe7438b6304)
* Do not allow deleting your own user namePhil Davis2016-06-221-16/+43
| | | | | | | | | | | Currently if you delete your own user name, then the config ends up with a blank user tag in it. Rather than fix that up, it seems dangerous to be able to delete yourself anyway, because if you are the last user with admin privs for which you know the password (i.e. if you have not recorded the password for "admin" somewhere), then you can lock yourself out. That would require console access to fix, which for some people is a pain. It seems reasonable to me to make the person login as some other user with admin privs to delete "themselves". Bit of boots and braces done here: 1) Don't show the trash bin icon for "yourself", and also disable the delete_check checkbox. So you can't opt to delete yourself from the ordinary front-end GUI. 2) Enhance the back-end validation to prevent deleting yourself, just in case someone mucks about in the front-end code. 3) Put error messages to tell people when something is not deleted, and why. 4) In the success message for multi-deletion, tell which user names have actually been deleted. (cherry picked from commit d6b79c398d16ade9ccd3d21c9574c7a263fc6383)
* missing "("stilez2016-06-221-1/+1
| | | | (cherry picked from commit 70381d4803b9424c1a3f3ef518d8243062452d77)
* optional arg for old behaviourstilez2016-06-221-3/+4
| | | | (cherry picked from commit cf63f1638aab685cc956502f5ddd862a10bf3ff8)
* function name hms -> dhmsstilez2016-06-221-5/+5
| | | | | to match edit to util.inc (cherry picked from commit c57e936a6596550619f7261e85b633ca5016cbf2)
* Simplify convert_seconds_to_hms() and show days for large numbers of hoursstilez2016-06-221-22/+12
| | | | | | | 1) Function can be simplified and all "if" statements removed, using intdiv (or casting result as int for PHP < 7) and % for calcs and sprintf for padding. 2) Input validity check before trying to convert format 3) If time represented is large (eg uptime might be several months) then hours becomes unhelpful, it's clearer to show "4921:02:06" as "205d 01:02:06". (Leading "days" value not shown unless >=1 for simplicity) (cherry picked from commit 0bde6d1057ed39c8ef650a5a505cf9ae5eb7199e)
* Add "delete entry" for ARP tablestilez2016-06-221-0/+25
| | | | | | | | | Useful function in some circumstances - seems no reason not to have it. Uses IP rather than hostname since not all ARP entries have hostnames. Probably should also have "delete all" but not done that. (cherry picked from commit 6ea0d41e3c094a0977e7f0d022ec74276280b8ff)
* Fix NTP PPS. It had 'None' option available on 2.2.x.NewEraCracker2016-06-221-1/+1
| | | | (cherry picked from commit ceabd66d57f7199602d3a23cb8a60080bcfa67ea)
* Fix "Unable to remove NTP GPS from configuration"NewEraCracker2016-06-221-1/+1
| | | | | https://forum.pfsense.org/index.php?topic=112771.msg627573 (cherry picked from commit 55de528cbb177b4a1f40554ad1a567198bbeebb3)
* redundant check - is_numericint() tests for >= 0stilez2016-06-221-1/+1
| | | | (cherry picked from commit f208e9690e2ec4089cf3d3fe5f5f03fed5a36e6f)
* Use global backup count instead of hardcoded value and remove redundant functionstilez2016-06-221-12/+1
| | | | (cherry picked from commit 01b5410ae8391998ba560d40f447c7f556472c5b)
* fix logic and replace hard coded value by globalstilez2016-06-221-2/+2
| | | | | | backups should be a numeric int. text hint for number of backups can now refer to the global value for this platform (and explains how to get that default, by leaving blank) (cherry picked from commit 16b17c15f9fc29e9480431b5bc7bebe2bd4b6230)
* set default_config_backup_count based on platformstilez2016-06-221-2/+8
| | | | | At the same time the platform is being detected for PHP/GUI purposes, set the default number of backups. Also handle the case where (for any reason) detection fails, which it shouldn't, so the variables are still created (cherry picked from commit 09a283948eada745bc10b852e63b7dec50fb69d4)
OpenPOWER on IntegriCloud