| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
| |
affecting 64-bit. Ticket #459
|
|
|
|
| |
for further calls to this client-side function.
|
|
|
|
| |
bad deletions might happen. Reported-by: http://forum.pfsense.org/index.php/topic,25091.0.html
|
|
|
|
| |
clear.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
New features available are:
* Now you can disable a rule
* You can define "no rdr" rules
* Source type, address and port, with an option "not" for exceptions
* Destination type, address and port, with an option "not" for exceptions
Implemented by: Carlos Eduardo Ramos <carlos.ramos@bluepex.com>
Renato Botelho <renato.botelho@bluepex.com>
Vinicius Coque <vinicius.coque@bluepex.com>
Reviewed by: cmb and efonne
Sponsored by: BluePex Security Solutions
|
|
|
|
| |
and loads them into a pf persist table instead of importing the addresses directly into a traditional alias. This allows for using huge tables of addresses that would otherwise break the GUI and/or fail to load into pf. Part of ticket #512
|
|
|
|
| |
defined as network.
|
|
|
|
| |
edit page.
|
|
|
|
|
|
|
|
| |
Fix associated nat rules.
Now both the filter rules and the nat ones contain a associated-rule-id tag which helps link the items together.
The API to use for this is in itemid.inc.
All the issues should be solved now.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1) Multiple NAT rules can be assigned the same filter rule
-> Fixed, added assigned-nat-rule-id to filter rules to keep track of the assignment
2) when removing the link (i.e. switching to "pass" or "none", the linked rule isn't deleted (should it be? probably yes)
-> Fixed, when a NAT rule's association is removed, the filter rule is deleted. Added a "create new associated filter rule" option to the
dropdown if there is none selected.
3) The destination IP and port of linked rules can be edited in firewall_rules_edit.php and shouldn't be. Source should be editable but not
destination, since that should strictly be tied to the NAT rule.
-> Fixed, you cannot edit the destination for the filter rules that are linked to NAT rules, this has been disabled both by JavaScript and
PHP.
4) If you edit the source in a linked firewall rule, it gets overwritten when you edit the NAT rule. The NAT rule should never touch the
firewall rule source after the rule exists.
-> Fixed, previously the old rule was deleted and a new one created, now it only updates the old rule and doesn't touch the source.
Also added crosslinking from the NAT rule to the filter rule and back, so you can jump to edit the filter rule from the NAT rule and
vice-versa.
|
|
|
|
| |
only on port side and other aliases in ip specifications and similar. Introduce a new function is_portoralias to ressemble the is_ipaddroralias to check for the cases.
|
| |
|
| |
|
|
|
|
| |
host/network aliases for the src/dst. Checking if a valid alias is entered end if it is a correct one for this box seems like to much overhead and work for this. (For firewall_nat_edit.php)
|
| |
|
|
|
|
| |
Simplify get_memory(). Tested on mips/i386
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
include 2009 on files that I have asserted (C) on
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
pages where they are needed.
Remove some sort functions not used.
|
|
|
|
|
|
| |
- Present three new functions is/mark/clear_subsystem_dirty('name_of_subsystem'). This makes easier to create such things without needing to introduce new globals.
- Convert all pages to the new infrustructure
- This improves a lot the control on this notification
|
|
|
|
| |
now.(yay!)
|
| |
|
|
|
|
|
|
|
|
| |
1) Redefine page privileges to not use static urls
2) Accurate generation of privilege definitions from source
3) Merging the user and group privileges into a single set
4) Allow any privilege to be added to users or groups w/ inheritance
5) Cleaning up the related WebUI pages
|
|
|
|
|
|
|
|
|
|
|
| |
the system password and group databases. This is to provide better support
for centralized user management when local account administration is
preferred.
I also took this opportunity to do some housekeeping. A lot of funtions
that were only being used in one place or not at all were removed. The
user page privelege checks were also simplified in preperation for future
work in this area.
|
| |
|
|
|
|
| |
Ticket #1619
|
|
|
|
| |
Ticket #1569
|
| |
|
| |
|
|
|
|
| |
where bypassed.
Spotted-by: billm
|
|
|
|
| |
the contents differ then the operator is doing something bad. Simply reject the item with invalid character error and let them fix their XSS exploit attempt, etc.
|
| |
|
| |
|
| |
|
|
|
|
| |
Submitted-by: Devon O'Dell <devon.odell@coyotepoint.com>
|
|
|
|
|
|
| |
s/carp/CARP
Ticket #1097
|
|
|
|
|
| |
In-discussion-with: BillM
Bug-reported-by: ChrisB
|