summaryrefslogtreecommitdiffstats
path: root/usr/local
Commit message (Collapse)AuthorAgeFilesLines
...
* Call clear_subsystem_dirty('staticmaps') if using UnboundRobert Nelson2015-05-081-1/+3
|
* Encode server name before displaying back to the user.jim-p2015-05-011-1/+1
|
* Fixes #4633 Enable carp packets to flow on the first carp interface ↵Ermal LUÇI2015-05-011-0/+6
| | | | creation. This is needed only when the system is booted up without any carp vip configured
* Ticket #4131 before formatting the mac extract the needed statistics from belowErmal LUÇI2015-05-011-1/+1
|
* Show correct selection for noshuntlan option. Ticket #4655Chris Buechler2015-04-301-1/+1
|
* Add static mapping interface not set when IP in a poolPhil Davis2015-04-271-0/+11
| | | | | | If the DHCP IP address is in a pool (not in the main DHCP range for the interface) then the interface that corresponds to the IP address is not found. This results in the link to "add static mapping for this MAC address" not having any value for "if=" and thus clicking on the "+" button does not work. Reported in bug 4649 Process any pools when checking for which interface contains the IP address.
* Do not process dhcpd implementation if input errorsPhil Davis2015-04-271-1/+1
| | | | | | If I go to Service->DHCP Server, make some edits that are invalid (e.g. change range start or end to some invalid string) and press Save then the page comes back displaying the input error(s). But it also says: "The changes have been applied successfully." Actually, the changes (which were invalid) have not been applied to the config - all is well there - but dhcpd has been stopped and started and dnsmasq or unbound has been kicked... which is all unnecessary processing since the user has not yet provided valid values to save.
* Tidy up "services_unbound.php" XHTMLColin Fleming2015-04-271-0/+1
| | | | Add missing closing TD tag
* Tidy up "status_upnp.php" XHTMLColin Fleming2015-04-271-4/+4
| | | | Remove double line from table
* Remove the DHCP static lease overlap cleanup and associated function and ↵jim-p2015-04-241-49/+0
| | | | kill, as it can cause problems with failover scenarios.
* Trying to submit a symlink as part of crash reports will cause a failedChris Buechler2015-04-221-10/+12
| | | | | submission. Remove symlinks first. Also properly set user agent while here, consistent with others. Fix some style and whitespace too. Ticket
* Fix #4640 IPsec Auto-exclude LAN address toggles every time save is pressed.Ermal LUÇI2015-04-201-1/+1
| | | | Actually the GUI is displaying the opposite setting to what is in the config. When the user pressed save that opposite setting was saved, but then again it displays the opposite of the opposite...
* Implement make bofre break feature avaliable on strongswan 5.3.0 useful for ↵Ermal LUÇI2015-04-181-0/+18
| | | | IKEv2. Fixes #4626
* Add support for EAP-RADIUS to IKEv2 Mobile Clients (Rel. 2.2)Ingo Bauersachs2015-04-151-0/+5
|
* When deleting a VIP check it is not used by OpenVPNPhil Davis2015-04-141-0/+20
| | | | | | I noticed this when cleaning up VIPs and OpenVPN server when testing for this forum post https://forum.pfsense.org/index.php?topic=92174.0 The system let me delete my test VIP before I deleted the OpenVPN server using, probably not a good thing. This is a better version of #1604 - the similar loops for server and client are combined, and the error message shows the description (or IP address:port) of the offending OpenVPN instance so the user has a clue about which OpenVPN instance uses the VIP.
* Domain override with multiple authoritative DNS serversPhil Davis2015-04-131-1/+2
| | | | | | Tell users that this is possible in DNS Resolver and how to achieve it. The code in unbound.inc already supports it and works. I had asked for this in Redmine feature request #4350 and when I went to look at coding to implement it I found code that already did it. So IMHO it is worth telling users.
* Allow single interface bridges. Useful with span port option, and when ↵Chris Buechler2015-04-081-2/+2
| | | | shuffling configuration around.
* Few minor text typosPhil Davis2015-04-063-7/+6
| | | | | | Note that advertise is spelt with an "s" in other places in the GUI, so making it consistent in services_ntpd - but maybe Americans do spell it "advertize" these days?
* diag_sockets show sockets listening on localhostPiBa-NL2015-04-061-2/+2
| | | | this helps pick a free port for services using sockets bound to localhost, and helps determine if the service has at least started and bound the port without needing to go through all 'connected' sockets as well
* Fix up Ticket #4504 implementation. Match config style with other areas. Use ↵Chris Buechler2015-04-041-9/+9
| | | | a config setting to disable, rather than enable, this functionality since it's enabled by default so the tag isn't necessary in the default config. Remove now unnecessary config upgrade code.
* Remove array_intersect_key here too, definitely not needed. add to ↵Chris Buechler2015-04-041-1/+0
| | | | obsoletedfiles
* There is no longer any need to restrict protocols for IPv4+IPv6 rules, the ↵Chris Buechler2015-04-041-5/+0
| | | | appropriate ruleset is generated and problem scenarios that would otherwise break here are prevented by other input validation.
* remove dead code, clean up excess white space a bit.Chris Buechler2015-04-031-24/+0
|
* Fixes #4504 use correct key indexErmal LUÇI2015-04-031-1/+1
|
* Fixes #4504 Allow the bypass policy for LAN to be enabled and prevent ↵Ermal LUÇI2015-04-031-0/+16
| | | | traffic sent to lan ip to go to the ipsec tunnel
* Fixes #4259 Use proper variable to do calculationsErmal LUÇI2015-04-032-5/+5
|
* Add SCTP to protocol list for filtering.jim-p2015-03-311-1/+1
|
* Merge manually pull request #1593Ermal LUÇI2015-03-311-0/+1
|
* Fix encoding issues in Configuration History list.jim-p2015-03-311-4/+4
|
* Fix a few misc encoding issues in load balancer code.jim-p2015-03-316-10/+26
|
* Fixed minor spelling errorPhilip Hansen2015-03-301-1/+1
|
* Voucher messages using wrong config field nameGertjan2015-03-261-3/+3
| | | | | | | | | | | | https://forum.pfsense.org/index.php?topic=91168.msg505273#msg505273 $config['voucher'][$cpzone]['msgnoaccess'] and $config['voucher'][$cpzone]['msgexpired'] do not exist. These should be $config['voucher'][$cpzone]['descrmsgnoaccess'] and $config['voucher'][$cpzone]['descrmsgexpired']
* RRD Graph Custom Tab display friendly descriptionPhil Davis2015-03-261-1/+5
| | | | | The other tabs of Status:RRD Graphs put the friendly description of each interface into the drop-down list for selection. This change makes the Custom tab do that also.
* Status DHCP Leases handle expire neverPhil Davis2015-03-261-6/+16
| | | | | | | | | | | | | | Note: We can let the code pass "never" (or any other unexpected stuff) to adjust_gmt() adjust_gmt() should anyway handle the case when strtotime() cannot understand the input string and thus returns false. In that case we return the input string as-is so it will be displayed as the time. That way the user will see it and can report easily whatever other unexpected char data was in the leases file. It also prevents "false" (zero) being converted to the date-time string and thus becoming the Unix epoch 1 Jan 1970 on the display. Latest forum report of this kind of thing: https://forum.pfsense.org/index.php?topic=90083.0
* Use is_numericint() instead of empty() to check if value has been entered ↵k-paulius2015-03-231-4/+4
| | | | because empty() does not allow 0, which is a valid value.
* Make sure 'DHCPv6 Prefix Delegation size' is provided if 'Send IPv6 prefix ↵k-paulius2015-03-231-0/+3
| | | | hint' flag is checked to avoid generating invalid dhcp6c configuration file.
* Handle release number in installerPhil Davis2015-03-231-2/+3
| | | | | This code just looked wrong. It was considering 10.1-RELEASE-p6 to be release number "1" and comparing it to "9". These changes to do what it seems to intend. This will make that UFS+J stuff appear, if that is of any consequence.
* Add option for wireless standard "auto", to omit "mode" entirely from ↵Chris Buechler2015-03-181-0/+5
| | | | ifconfig. This shouldn't be necessary, but specifying mode has proven to trigger driver problems that don't exist if it's left unspecified (such as FreeBSD PR 198680). Chosing "auto" fixes ath(4) BSS mode issues otherwise preventing it from connecting.
* change the location of jquery-ui images in each theme's css fileJared Dillard2015-03-189-144/+144
|
* Cleanup code path when adding a new userPhil Davis2015-03-181-2/+2
| | | | | | | | | | | | | 1) Only attempt to delete the oldusername if it actually was non-empty - at the moment errors are logged in the system log when adding a new user, because the code was trying to delete the user name "". 2) Call local_user_set() first to create (change, whatever) the user record. This makes the user record exist for a new user. Then call local_user_set_groups() to sort out what groups the user should be in or not in. The existing code would fail to add a new user to the specified group/s because local_user_set_groups() was called too early, before the user actually existed. Typical system log errors from the old code: Mar 18 17:10:31 php-fpm[9542]: /system_usermanager.php: Tried to remove user but got user pw instead. Bailing. Mar 18 17:10:31 php-fpm[9542]: /system_usermanager.php: The command '/usr/sbin/pw groupmod admins -g 1999 -M '0,2003,2006,2008' 2>&1' returned exit code '67', the output was 'pw: user `2008' does not exist' From looking at the code history, I think this has been this way for a long time, not a new bug at all. Discussed in forum: https://forum.pfsense.org/index.php?topic=90700.msg501766#msg501766
* Do not allow VLAN tag zeroPhil Davis2015-03-181-1/+1
| | | | | At the moment you can make a VLAN with tag 0. The input validation does not catch it because when $_POST['tag'] = "0" that evaluates to false by PHP. Always make the checks on 'tag' value whenever the 'tag' key is set at all. If the (required) 'tag' key is not set, then that is already checked for by do_input_validation().
* pfSsh.php readline function return valuePhil Davis2015-03-161-1/+1
| | | | This just looks wrong. But I guess the code path never comes through here because function readline() already exists in the environment of this script.
* txpower was disabled for good reason it would appear, it triggers syntax ↵Chris Buechler2015-03-131-1/+3
| | | | errors in some configurations. Disable it again since it's been disabled for years, and comment out the user-facing config portion for now since it doesn't do anything. Ticket #4516
* Apply WME input validation to all modes, not just hostap. Ticket #4516Chris Buechler2015-03-131-5/+5
|
* Default to 11ng if an option hasn't been configured. Previously we let the ↵Chris Buechler2015-03-131-1/+7
| | | | browser pick the first in the list (the first the card reported as available), which ended up being 802.11b. Ticket #4516
* Default to WPA2, AES for new wireless interface configs. Ticket #4516Chris Buechler2015-03-131-2/+2
|
* Auto-size the interface box on the bridge edit page.Chris Buechler2015-03-131-1/+2
|
* touch up interfaces.php textChris Buechler2015-03-137-10/+10
|
* Require WPA PSK where WPA-PSK is enabled. Clean up some other text. Ticket #4516Chris Buechler2015-03-127-10/+15
|
* clean up input errors textChris Buechler2015-03-127-9/+9
|
OpenPOWER on IntegriCloud