summaryrefslogtreecommitdiffstats
path: root/usr
Commit message (Collapse)AuthorAgeFilesLines
* Misc encoding/display issues in the Load Balancer codejim-p2015-09-087-3/+19
|
* Encode server name in OpenVPN widgetjim-p2015-09-081-1/+1
|
* Encode auth server name before display.jim-p2015-09-045-7/+7
|
* Encode alias description details before attempting to display them.jim-p2015-09-011-2/+2
|
* Encode the rule description before displaying back to the user in an error ↵jim-p2015-09-011-1/+1
| | | | when attempting to delete an in-use alias.
* Encode OpenVPN descriptions before display on OpenVPN statusjim-p2015-08-271-2/+2
|
* Encode the OpenVPN server description before display on OpenVPN statusjim-p2015-08-271-2/+2
|
* Ensure the current RRD graph category is encoded before displayjim-p2015-08-271-1/+1
|
* Fix titles in status.php, filename can't have a slash.jim-p2015-08-201-2/+2
|
* A few misc updates to status.php:jim-p2015-08-201-3/+6
| | | | | | | * Include "ipsec statusall" output * Include the last 100 lines of the IPsec log * Increase system log to 500 lines * Fix captive portal rule display to include the zone name not ID number
* Fix source address selection on Test Port to handle VIPs properly.jim-p2015-08-181-1/+9
|
* Fix a potential XSS in voucher testing.jim-p2015-08-181-2/+2
|
* Add support for LDAP RFC2307 style group membership. Implements #4923jim-p2015-08-131-0/+32
| | | | To activate, check the box for RFC2307 in the LDAP server settings and fill in the group object class (typically posixGroup).
* Provide an LDAP server timeout field. Default to 25 seconds. Part of ticket ↵jim-p2015-08-131-2/+22
| | | | | | #3383 Previous default was ~1m20sec.
* Fix GUI auth from RADIUS to grab group names from the Class attribute. ↵jim-p2015-08-121-2/+3
| | | | | | Implements #935 The RADIUS server must populate the Class attribute with a string, semicolon-separated, of user groups. Similar to LDAP, local groups must exist with matching names, and privileges are determined by the local matching groups.
* remove more old, unused platform stuffChris Buechler2015-07-301-3/+0
|
* Fix killing of individual states for IPv6. Ticket #4906Chris Buechler2015-07-301-11/+27
|
* fix whitespaceChris Buechler2015-07-301-4/+4
|
* Use the appropriate source and dest IPs for all state types. Ticket #4907Chris Buechler2015-07-301-2/+10
|
* Add "sockstat" output to status.phpjim-p2015-07-291-0/+1
|
* Move cleargpt.sh and cleargmirror.sh scripts to main repoRenato Botelho2015-07-292-0/+39
|
* Add 'any' option for peer ID, for mobile IPsec scenarios where you can't or ↵Chris Buechler2015-07-251-4/+7
| | | | don't want to check peer ID.
* Remove "auto", it's just a synonym for IKEv2. Ticket #4873Chris Buechler2015-07-231-3/+3
|
* include vpn.inc so IPsec CRL reload works. require_once filter.inc inChris Buechler2015-07-231-1/+2
| | | | vpn.inc for callers there that haven't already included it.
* Most of the flowtable bits were removed some time ago, take out the last of ↵Chris Buechler2015-07-231-30/+0
| | | | them too.
* When a CRL is updated, refresh strongswan's CRLs.Chris Buechler2015-07-231-0/+6
|
* Merge pull request #1775 from phil-davis/Interfaces-Widget-2-2Chris Buechler2015-07-222-5/+5
|\
| * Interfaces widget use more obscure separator RELENG_2_2Phil Davis2015-07-222-5/+5
| | | | | | | | Redmine #4859 fix for RELENG_2_2
* | Add isset check for strictcrlpolicyPhil Davis2015-07-221-1/+1
| | | | | | | | To be consistent with the checks in the rest of this code.
* | Add IPsec advanced option for strict CRL checkingChris Buechler2015-07-221-0/+16
| |
* | fix typoChris Buechler2015-07-222-2/+2
| |
* | Handle IPsec Advanced Settings save before IPsec is enabledPhil Davis2015-07-221-12/+18
|/ | | | | | | | | | | | | If the Advanced Settings are saved before any other IPsec is set up then $config['ipsec'] can be just the empty string. As a result you can get: a) If you select some debug settings then those are not saved. The code to save those settings was only executed when $config['ipsec'] was already an array. Actually the code already did the necessary "if isset() then unset()" stuuf. So I just took the the "if is_array()" away from the code block. b) Some potential unset() can go wrong with errors like: Fatal error: Cannot unset string offsets in /usr/local/www/vpn_ipsec_settings.php on line 168 This is corrected by adding more "if (isset())" checks. Fixes Redmine #4865 Conflicts: usr/local/www/vpn_ipsec_settings.php
* Add "netstat -ni" to status.phpjim-p2015-07-211-0/+1
|
* Allow pre-filling (but no automatic action) of the download filename on ↵jim-p2015-07-212-2/+3
| | | | exec.php. Setup a link to download the status output.tgz in status.php
* Fix capsdoktornotor2015-07-191-1/+1
|
* Bug #4551 - consistent usage of Forwarder/Resolver across the WebGUIdoktornotor2015-07-191-2/+2
| | | Clarify that this applies to DNS Resolver as well. Update the translations template.
* Bug #4551 - consistent usage of Forwarder/Resolver across the WebGUIdoktornotor2015-07-191-1/+1
| | | | Clarify that this applies to DNS Resolver as well.
* Bug #4551 - consistent usage of Forwarder/Resolver across the WebGUIdoktornotor2015-07-191-1/+1
| | | | Clarify that this applies to DNS Resolver as well.
* Merge pull request #1756 from phil-davis/traffic-graph-widget-2-2Renato Botelho2015-07-182-24/+39
|\
| * Only process Traffic Graph object if it is openPhil Davis2015-07-012-24/+39
| | | | | | | | | | Reduces useless CPU use on the pfSense box when the dashboard is displayed with the Traffic Graphs widget.
* | Fix Firewall - Aliases GUI inconsistencies for URL Table type aliasesdoktornotor2015-07-171-4/+4
| | | | | | | | | | The GUI should show descriptions according to what's selected from the dropdown, but currently does not for URL Table (IPs) and URL Table (Ports) type of aliases. This is for RELENG_2_2 branch.
* | Contrary to some reports this is actually usable in some cases, just notChris Buechler2015-07-161-14/+8
| | | | | | | | | | | | mandatory. Revert "myid_data and peerid_data fields are not relevant with asn1dn." This reverts commit b8754cc85db7e92322f605bbb4b2f90bde90bb7f.
* | myid_data and peerid_data fields are not relevant with asn1dn.Chris Buechler2015-07-161-8/+14
| |
* | Restrict serial ports glob to cua followed by alphaPhil Davis2015-07-161-3/+3
| | | | | | Improve this a little more to match only alpha after /dev/cua (/dev/cuau for example)
* | Make serial ports glob cope with many more possibilitiesPhil Davis2015-07-161-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | It originally coped with things like cuau1 cuau1.1 Then I made it cope with things like cuau1 cuau11 but it stopped working for cuau1.1 This one copes with: cuau1 cuau1.1 cuau1.11 cuau11 cuau11.1 cuau11.11 That should allow for all sorts of reasonable device name files without matching other stuff in /dev (like cuau1.init cuau1.lock) that we need to ignore. Please think if I have covered the bases here.
* | Remove old, unused NetUtils.jsChris Buechler2015-07-161-114/+0
| |
* | Display any advanced DHCP server settings RELENG_2_2Phil Davis2015-07-151-14/+14
| | | | | | Cherry pick of https://github.com/pfsense/pfsense/commit/90ad3a76edae543bcc63252b14660ac4baee291e
* | Merge pull request #1754 from phil-davis/cr_2_2Renato Botelho2015-07-1535-35/+210
|\ \
| * | Cancel button after input error for RELENG_2_2Phil Davis2015-07-1535-35/+210
| | |
* | | Firewall Aliases Import display error message for invalid alias namePhil Davis2015-07-151-1/+1
| | | | | | | | | | | | | | | If you open firewall_aliases_import and enter just an invalid Alias Name (e.g. a$b) and press save or press save with all fields empty, then the screen redraws but the input error(s) is not displayed. This fixes it.
OpenPOWER on IntegriCloud