| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
|
|
|
| |
pure-psk mobile tunnel (which is the behavior in 1.2.3). Hide irrelevant options. Part of ticket #108.
|
|
|
|
| |
ticket #108.
|
| |
|
|
|
|
| |
Simplify get_memory(). Tested on mips/i386
|
| |
|
|
|
|
|
|
|
|
| |
* Make optimizations around it.
* Make sure when we reload teh underlying interface we reload carp too.
* Some fixes around the code.
Reviewed-by: scott@ and billm@
|
| |
|
|
|
|
| |
such as 'IP Address, Encryption Algo, etc.. Someone needs a big pointy hat.
|
|
|
|
| |
WARN: Please ask before introducing old code on what have changed!
|
|
|
|
| |
static route if required.
|
|
|
|
|
|
| |
- Present three new functions is/mark/clear_subsystem_dirty('name_of_subsystem'). This makes easier to create such things without needing to introduce new globals.
- Convert all pages to the new infrustructure
- This improves a lot the control on this notification
|
|
|
|
| |
bugs that were preventing the local address from being selected.
|
| |
|
|
|
|
| |
consistency.
|
| |
|
|
|
|
|
|
| |
we don't copy the ikeid when duplicating a phase1 entry. Simplify the code
that deletes all associated phase2 entries when a phase1 is deleted. I was
and still am learning the finer points of php.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
not use the pkg system and the configuration has been migrated to an
openvpn prefix. The centralized user and certificate manager is now used
to support the openvpn configurations. Most of the files removed in this
commit were not being referenced.
This commit also splits out the certificate management components into a
new system menu item.
|
|
|
|
|
| |
configured authentication method. This silences harmless php warnings.
Reported by Scott Ullrich.
|
|
|
|
|
|
|
|
| |
1) Redefine page privileges to not use static urls
2) Accurate generation of privilege definitions from source
3) Merging the user and group privileges into a single set
4) Allow any privilege to be added to users or groups w/ inheritance
5) Cleaning up the related WebUI pages
|
|
|
|
|
|
|
| |
mobile client tab is now used to configure user authentication (Xauth) and
client configuration (mode-cfg) options. User authentication is currently
limited to system password file entries. This will be extended to support
external RADIUS and LDAP account DBs in a follow up comiit.
|
|
a new file named /etc/ipsec.inc. Tunnel definitions have been split into
phase1 and phase2. This allows any number of phase2 definitions to be
created for a single phase1 definition. Several facets of configuration
have also been improved. The key size for variable length algorithms can
now be selected and the phase1 ID options have been extended to allow for
more flexible configuration. Several NAT-T related issues have also been
resolved.
Please note, IPsec remote access functionality has been temporarily
disabled. An improved implementation will be included in a follow up
commit.
|