| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
What a pain this was. The user can blank out a DNS server from a position in the middle of the list. e.g. they had all 4 entries previously filled, and then they blank out DNS server #3. The way the DNS servers are stored in the config, they are just the defined ones in an "un-indexed" array. So actually entries 1, 2 and 4 on the screen become 1st, 2nd and 3rd in the config. The selected gateways for 1, 2 and 4 then have to end up in positions 1, 2 and 3 to match the stored DNS servers.
This fixes all that up, as well as allowing the user to leave a gateway selected against a blanked-out DNS server entry - in that case the whole entry is "removed/ignored".
|
| | |
|
| |
|
|
|
|
|
| |
Clarifying the setting's meaning.
As suggested by forum member "Senser" on
https://forum.pfsense.org/index.php/topic,65472.msg356024.html#msg356024
|
| |
|
|
| |
data validation from: Brian Candler. It prevents putting a subnet in the address field since it then breaks the whole filter generation process
|
| | |
|
| |
|
|
|
| |
Correct javascript error which prevents PPP/PPPoE per-link settings from
being displayed (bandwidth, MTU, MRU, MRRU).
|
| |
|
| |
to preserve the previous standard behavior that shows "Local" when Traffic Graph starts.
|
| |
|
| |
to preserve the old behavior, that it shows "Local" traffic when first started.
|
| | |
|
| | |
|
| |
|
|
| |
saving privileges, it can reorder users and cause edits to the wrong account.
|
| | |
|
| |
|
|
|
|
| |
- Add an option to allow user to accept unsigned packages
- The only missing part is public key, that needs to be added to
/var/db/pbi/keys/pfSense.ssl
|
| | |
|
| | |
|
| |
|
| |
On the main firewall rules multi-rule display it shows "LAN net" "WAN net" etc. But on the edit screen it shows "LAN subnet" "WAN subnet" etc. Make the edit screen have the same text as the main screen - this has ben a source of enough little questions/queries on the forum.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It allows to use existing configurations on xml to generate StrongSWAN configurations.
So its only IKEv1
* Missing support for dynamic ips(hostnames)
- resolver plugin of StrongSWAN needs to be configured in strongswan.conf
* Authentication plugin with pfSense authentication framework
- New plugin almost completed
* More testing hence this being pushed now to have more broader look
TODO
* Integrate IKEv2
* Move dynamic IP allocation to an SQLite backend
* Provide more options in authenticating as a client(initiator)
* Restrict interfaces where StrongSWAN listens for incoming connections to only those configured
FUTUTE
* Move all configuration to SQLite backend
* Integrate more authentication scenarios of IKEv2
|
| | |
|
| | |
|
| | |
|
| |\
| |
| | |
Added previously missing DSCP VA (requires kernel patch patch submitted ...
|
| | | |
|
| |/
|
|
| |
exec() calls by php functions like symlink, copy, unlink, mkdir
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
| |
Thanks to Grischa Zengel for spotting the semi-colon at the end of the "if" line that was the real cause. Please also back merge this to 2.1 branch.
|
| | |
|
| |
|
|
|
|
|
|
| |
Ermal reported issues when changes are made on VLAN parent interface
with this patch. He did other changes and interface_configure() will now
be able to re-create VLAN interface
This reverts commit 5bc623536d8bb3b93e68a1b1535c9de582721a09.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
The descriptions of each entry in an alias are stored in config.xml as a list delimited by "||". So you cannot have "||" in the actual description (or the description effectively splits into the next entry). Also you cannot start or end the description with "|" or it will be very confusing having the config with "|||" in it.
This code validates all that sort of invalid input.
|
| |\
| |
| | |
Update reserved_keywords checks to match firewall_aliases_edit
|
| | |
| |
| |
| |
| | |
firewall_aliases_import should have the same checks for reserved names as firewall_aliases_edit
This code should really be in a function in a common include file, but which one is the appropriate one?
For now I made the checks the same.
|
| |/ |
|
| |\
| |
| | |
Dynamic DNS: List GWGs in Interface to send update from
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| | |
This enhancement allows the user to make a text file of IP addresses, IP subnets and/or IP ranges, like they have always been able to do, but with this they can put a description after each IP number and that description text will be saved in the alias. All existing functionality without specifying a description is unchanged, so it is backward-compatible.
This is handy when having aliases that are on all my pfSense boxes, I can make 1 text file, bulk import it on every system and now include descriptions of each chunk of IP address space.
Note: The artificial limit of 200 character descriptions is to catch the case where a user pastes a long list or IP addresses, but they are all on 1 line. An error message is given, rather than importing the 1st IP and considered the remaining ones as the description.
|
| |/ |
|
