Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | fix syntax error in ipfw command to disable on inactive interfaces | Chris Buechler | 2015-12-17 | 1 | -1/+1 |
| | |||||
* | Change status.php state dump to use -vvss for more verbose info, add kenv ↵ | jim-p | 2015-12-17 | 1 | -1/+3 |
| | | | | and pbi_info. | ||||
* | Merge pull request #2061 from phil-davis/patch-7 | Chris Buechler | 2015-12-15 | 1 | -6/+20 |
|\ | |||||
| * | Limit alias info popup size #5415 RELENG_2_2 | Phil Davis | 2015-11-11 | 1 | -6/+20 |
| | | | | | | This is code for RELENG_2_2 pfSense 2.2.5 that will limit the number of rows in the alias info popup to 100. | ||||
* | | Fix typo, gateway entry in config has a field called monitor, not monitorip | Renato Botelho | 2015-12-11 | 1 | -1/+1 |
| | | |||||
* | | Redmine #4279 Package reinstall displayed when shutting down before upgrade | Phil Davis | 2015-12-07 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | | | | | | | | | Use a different flag file to indicate that a package reinstall is required after a reboot is done first. This avoids the possibility that the user navigates in the webGUI during the time while the shutdown is in progress and is accidentally presented with the reinstall all packages GUI button. Early in rc.bootup switch the flag file to use its ordinary name, so that all subsequent code in boot scripts and webGUI will work as it already does to handle the package reinstall and notifying the user that a package reinstall is about to be done or in progress... | ||||
* | | Address a potential LFI in pkg.php and wizard.php without breaking the ↵ | jim-p | 2015-12-04 | 2 | -4/+18 |
| | | | | | | | | | | | | ability to pass relative paths Restricts them to files under their intended base directories. | ||||
* | | Remove txtsupport from Unbound. Of limited use, and the back end code was ↵ | Chris Buechler | 2015-12-03 | 1 | -17/+1 |
| | | | | | | | | never ported over from the package (and is messy to do so). Ticket #5545 | ||||
* | | Sanitize the session_id/logout_id in captive portal. | Chris Buechler | 2015-12-02 | 1 | -1/+3 |
| | | |||||
* | | Merge pull request #2049 from phil-davis/patch-4 | Renato Botelho | 2015-11-19 | 1 | -1/+1 |
|\ \ | |||||
| * | | Unbound advanced Invoming TCP Buffers validation | Phil Davis | 2015-11-10 | 1 | -1/+1 |
| | | | | | | | | | | | | There is a variable cut-paste error here. Actually it never makes any difference in practice because outgoing_num_tcp and incoming_num_tcp are both set, so the logic comes out the same. I noticed this while reviewing stuff in master for 2.3-ALPHA - might as well back-port stuff like this so that nobody who notices will worry about it in RELENG_2_2. | ||||
* | | | Merge pull request #2083 from phil-davis/patch-10 | Renato Botelho | 2015-11-19 | 1 | -1/+1 |
|\ \ \ | |||||
| * | | | Make block bogon rule display consistent - RELENG_2_2 | Phil Davis | 2015-11-18 | 1 | -1/+1 |
| | |/ | |/| | | | | | | | The block private networks and anti-lockout rules display in the firewall rules display with the schedule column blank. But the block bogon networks has an asterisk. That looks odd. I noticed it just now when looking at firewall rules in 2.3. Might as well fix it here in RELENG_2_2. | ||||
* | | | Merge pull request #2082 from phil-davis/patch-9 | Renato Botelho | 2015-11-19 | 1 | -1/+1 |
|\ \ \ | |||||
| * | | | Backport fix #5467 to RELENG_2_2 | Phil Davis | 2015-11-18 | 1 | -1/+1 |
| |/ / | |||||
* | | | Backport Redmine #5440 to RELENG_2_2 | Phil Davis | 2015-11-15 | 1 | -0/+8 |
|/ / | | | | | | | The code in RELENG_2_2 for system_usermanager_settings.php seems to work OK in RELENG_2_2 so I did not touch anything there. But diag_authentication.php had nothing about $pconfig on initial page load. This extra code makes it select a reasonable default auth server when the page first loads. After that, each time the user does "Test", the page comes back with the previously selected auth server, user name and password (like it did already) - so that seems good. | ||||
* | | diag_ipsec.php - show button for child SAs only when some are established. ↵ | Matt Smith | 2015-11-10 | 1 | -2/+2 |
|/ | | | | Fix ID used by child SA disconnect button. | ||||
* | Fix syntax | Renato Botelho | 2015-11-09 | 1 | -2/+2 |
| | |||||
* | Let the code ready for strongswan 5.3.4, where key used to track nat were ↵ | Renato Botelho | 2015-11-09 | 1 | -2/+14 |
| | | | | committed with a different name | ||||
* | Only call pfSense_ipsec_list_sa() when IPsec is enabled | Renato Botelho | 2015-11-03 | 2 | -2/+2 |
| | |||||
* | Remove a redundant if and fix indentation accordingly. Fix is_array that ↵ | Matt Smith | 2015-10-30 | 1 | -51/+49 |
| | | | | should be an isset on the remote SPI field. | ||||
* | Update license on diag_ipsec.php. Keep required attributions and reference | Matt Smith | 2015-10-30 | 1 | -29/+54 |
| | | | | the original m0n0wall BSD 2 clause. | ||||
* | Remove port information from diag_ipsec.php since it's not available on ↵ | Renato Botelho | 2015-10-30 | 1 | -6/+4 |
| | | | | VICI, also use local-nat-t and remote-nat-t to detect when NAT-T is being used | ||||
* | Rework ipsec widget to use VICI | Renato Botelho | 2015-10-30 | 1 | -17/+7 |
| | |||||
* | Remove diag_ipsec_xml.php, not being used | Renato Botelho | 2015-10-30 | 1 | -82/+0 |
| | |||||
* | Make IPsec status page retrieve status with VICI instead of SMP | Matt Smith | 2015-10-30 | 1 | -107/+117 |
| | |||||
* | Fix up descriptive text for logging levels. Ticket #5340 | Chris Buechler | 2015-10-26 | 1 | -4/+3 |
| | |||||
* | Default log level where none is selected should be 3 here. Ticket #5340 | Chris Buechler | 2015-10-26 | 1 | -1/+1 |
| | |||||
* | Correct available log levels. Ticket #5340 | Chris Buechler | 2015-10-26 | 1 | -16/+16 |
| | |||||
* | Logging fixes. Ticket #5340 | Chris Buechler | 2015-10-26 | 1 | -1/+3 |
| | |||||
* | Merge pull request #1980 from doktornotor/patch-2 | Renato Botelho | 2015-10-26 | 1 | -10/+27 |
|\ | |||||
| * | Fix external interface variable in input error message | doktornotor | 2015-10-24 | 1 | -1/+1 |
| | | |||||
| * | Properly validate IPv4 for UPnP - RELENG_2_2 | doktornotor | 2015-10-24 | 1 | -10/+27 |
| | | | | | | | | | | Since https://redmine.pfsense.org/issues/1835 got exactly nowhere for the past 4 years, the input should be properly validated, instead of allowing people to configure nonfunctional/broken nonsense. P.S. If you don't plan on fixing the above-linked feature for 2.3, let me know and I'll do the same for 2.3 | ||||
* | | Merge pull request #1986 from phil-davis/patch-6 | Renato Botelho | 2015-10-26 | 1 | -2/+2 |
|\ \ | |||||
| * | | Fix Command Prompt Download and Upload when not in English - Redmine #5343 ↵ | Phil Davis | 2015-10-25 | 1 | -2/+2 |
| |/ | | | | | | | for RELENG_2_2 | ||||
* | | Merge pull request #1984 from phil-davis/patch-4 | Renato Botelho | 2015-10-26 | 1 | -1/+1 |
|\ \ | |||||
| * | | Fix multi-lingual save of NAT mode Redmine # for RELENG_2_2 | Phil Davis | 2015-10-25 | 1 | -1/+1 |
| |/ | | | | | and forum https://forum.pfsense.org/index.php?topic=101276.0 | ||||
* | | Use 1-6 rather than 0-5 for IPsec logging levels, to stay away from ↵ | Chris Buechler | 2015-10-26 | 1 | -2/+8 |
|/ | | | | complications of 0 due to PHP stupidity. Upgrade config to add 1 to any configured log levels. Default to 1 as log level where none is configured by the user. Ticket #5340 | ||||
* | interfaces_assign tab_array numbering | Phil Davis | 2015-10-23 | 1 | -4/+4 |
| | | | | | This was fixed in master for 2.3 by https://github.com/pfsense/pfsense/commit/50e6c063e6ec148917ff0bcb0bce8b0a08df5792 - in master all of these $tab_array entries, in each file that they appear in, had been modified to just use the $tab_array[] = form. But in RELENG_2_2 that has not happened. So it seems nicer to just fix the numbering here to match what is already in the other interfaces_*.php files in RELENG_2_2. Note that the code works OK without this "fix" - display_top_tabs() just loops through the existing array keys anyhow and so did not notice the missing number. | ||||
* | Merge pull request #1971 from doktornotor/patch-5 | Chris Buechler | 2015-10-20 | 2 | -0/+9 |
|\ | |||||
| * | Point people to 'Clear Package Lock' if the reinstall of packages got stuck ↵ | doktornotor | 2015-10-20 | 1 | -0/+8 |
| | | | | | | | | (RELENG_2_2) | ||||
| * | Point people to 'Clear Package Lock' if the reinstall of packages got stuck ↵ | doktornotor | 2015-10-20 | 1 | -0/+1 |
| | | | | | | | | (RELENG_2_2) | ||||
* | | Limit the auth methods where "My Certificate Authority" is displayed/saved for | Matt Smith | 2015-10-20 | 1 | -12/+7 |
|/ | | | | mobile clients. Fixes #5323. | ||||
* | Validate that the Mobile Client settings have a valid RADIUS server selected | Matt Smith | 2015-10-19 | 1 | -0/+11 |
| | | | | | as the source for user authentication when EAP-RADIUS is selected as the phase 1 authentication method for mobile IPsec. Fixes #5219. | ||||
* | Auto-add firewall rules for DHCP Relay, same as is done for DHCP Server. Add ↵ | Chris Buechler | 2015-10-14 | 1 | -0/+2 |
| | | | | filter reload to DHCP Relay config so rules are immediately added/removed. Ticket #4558 | ||||
* | set enabled/disabled status accordingly on initial page load. Ticket #5284 | Chris Buechler | 2015-10-13 | 1 | -0/+1 |
| | |||||
* | clean up empty lines | Chris Buechler | 2015-10-13 | 1 | -2/+0 |
| | |||||
* | Add all remaining log types to status.php. Ticket #5304 | Chris Buechler | 2015-10-13 | 1 | -6/+30 |
| | |||||
* | Update zoneinfo to 2015f, it fixes #5254 | Renato Botelho | 2015-10-13 | 1 | -0/+0 |
| | |||||
* | Merge pull request #1962 from davidjwood/RELENG_2_2-ppp-ipv6 | Chris Buechler | 2015-10-12 | 3 | -34/+170 |
|\ |