Commit message (Collapse) | Author | Age | Files | Lines | ||
---|---|---|---|---|---|---|
... | ||||||
* | | | | Misc encoding/display issues in the Load Balancer code | jim-p | 2015-09-08 | 7 | -3/+19 | |
| | | | | ||||||
* | | | | Encode server name in OpenVPN widget | jim-p | 2015-09-08 | 1 | -1/+1 | |
| |/ / |/| | | ||||||
* | | | Encode auth server name before display. | jim-p | 2015-09-04 | 5 | -7/+7 | |
| | | | ||||||
* | | | Encode alias description details before attempting to display them. | jim-p | 2015-09-01 | 1 | -2/+2 | |
| | | | ||||||
* | | | Encode the rule description before displaying back to the user in an error ↵ | jim-p | 2015-09-01 | 1 | -1/+1 | |
| | | | | | | | | | | | | when attempting to delete an in-use alias. | |||||
* | | | Encode OpenVPN descriptions before display on OpenVPN status | jim-p | 2015-08-27 | 1 | -2/+2 | |
| | | | ||||||
* | | | Encode the OpenVPN server description before display on OpenVPN status | jim-p | 2015-08-27 | 1 | -2/+2 | |
| | | | ||||||
* | | | Ensure the current RRD graph category is encoded before display | jim-p | 2015-08-27 | 1 | -1/+1 | |
| | | | ||||||
* | | | Fix titles in status.php, filename can't have a slash. | jim-p | 2015-08-20 | 1 | -2/+2 | |
| | | | ||||||
* | | | A few misc updates to status.php: | jim-p | 2015-08-20 | 1 | -3/+6 | |
| | | | | | | | | | | | | | | | | | | | | | * Include "ipsec statusall" output * Include the last 100 lines of the IPsec log * Increase system log to 500 lines * Fix captive portal rule display to include the zone name not ID number | |||||
* | | | Fix source address selection on Test Port to handle VIPs properly. | jim-p | 2015-08-18 | 1 | -1/+9 | |
| | | | ||||||
* | | | Fix a potential XSS in voucher testing. | jim-p | 2015-08-18 | 1 | -2/+2 | |
| | | | ||||||
* | | | Add support for LDAP RFC2307 style group membership. Implements #4923 | jim-p | 2015-08-13 | 1 | -0/+32 | |
| | | | | | | | | | | | | To activate, check the box for RFC2307 in the LDAP server settings and fill in the group object class (typically posixGroup). | |||||
* | | | Provide an LDAP server timeout field. Default to 25 seconds. Part of ticket ↵ | jim-p | 2015-08-13 | 1 | -2/+22 | |
| | | | | | | | | | | | | | | | | | | #3383 Previous default was ~1m20sec. | |||||
* | | | Fix GUI auth from RADIUS to grab group names from the Class attribute. ↵ | jim-p | 2015-08-12 | 1 | -2/+3 | |
|/ / | | | | | | | | | | | Implements #935 The RADIUS server must populate the Class attribute with a string, semicolon-separated, of user groups. Similar to LDAP, local groups must exist with matching names, and privileges are determined by the local matching groups. | |||||
* | | remove more old, unused platform stuff | Chris Buechler | 2015-07-30 | 1 | -3/+0 | |
| | | ||||||
* | | Fix killing of individual states for IPv6. Ticket #4906 | Chris Buechler | 2015-07-30 | 1 | -11/+27 | |
| | | ||||||
* | | fix whitespace | Chris Buechler | 2015-07-30 | 1 | -4/+4 | |
| | | ||||||
* | | Use the appropriate source and dest IPs for all state types. Ticket #4907 | Chris Buechler | 2015-07-30 | 1 | -2/+10 | |
| | | ||||||
* | | Add "sockstat" output to status.php | jim-p | 2015-07-29 | 1 | -0/+1 | |
| | | ||||||
* | | Move cleargpt.sh and cleargmirror.sh scripts to main repo | Renato Botelho | 2015-07-29 | 2 | -0/+39 | |
| | | ||||||
* | | Add 'any' option for peer ID, for mobile IPsec scenarios where you can't or ↵ | Chris Buechler | 2015-07-25 | 1 | -4/+7 | |
|/ | | | | don't want to check peer ID. | |||||
* | Remove "auto", it's just a synonym for IKEv2. Ticket #4873 | Chris Buechler | 2015-07-23 | 1 | -3/+3 | |
| | ||||||
* | include vpn.inc so IPsec CRL reload works. require_once filter.inc in | Chris Buechler | 2015-07-23 | 1 | -1/+2 | |
| | | | | vpn.inc for callers there that haven't already included it. | |||||
* | Most of the flowtable bits were removed some time ago, take out the last of ↵ | Chris Buechler | 2015-07-23 | 1 | -30/+0 | |
| | | | | them too. | |||||
* | When a CRL is updated, refresh strongswan's CRLs. | Chris Buechler | 2015-07-23 | 1 | -0/+6 | |
| | ||||||
* | Merge pull request #1775 from phil-davis/Interfaces-Widget-2-2 | Chris Buechler | 2015-07-22 | 2 | -5/+5 | |
|\ | ||||||
| * | Interfaces widget use more obscure separator RELENG_2_2 | Phil Davis | 2015-07-22 | 2 | -5/+5 | |
| | | | | | | | | Redmine #4859 fix for RELENG_2_2 | |||||
* | | Add isset check for strictcrlpolicy | Phil Davis | 2015-07-22 | 1 | -1/+1 | |
| | | | | | | | | To be consistent with the checks in the rest of this code. | |||||
* | | Add IPsec advanced option for strict CRL checking | Chris Buechler | 2015-07-22 | 1 | -0/+16 | |
| | | ||||||
* | | fix typo | Chris Buechler | 2015-07-22 | 2 | -2/+2 | |
| | | ||||||
* | | Handle IPsec Advanced Settings save before IPsec is enabled | Phil Davis | 2015-07-22 | 1 | -12/+18 | |
|/ | | | | | | | | | | | | | If the Advanced Settings are saved before any other IPsec is set up then $config['ipsec'] can be just the empty string. As a result you can get: a) If you select some debug settings then those are not saved. The code to save those settings was only executed when $config['ipsec'] was already an array. Actually the code already did the necessary "if isset() then unset()" stuuf. So I just took the the "if is_array()" away from the code block. b) Some potential unset() can go wrong with errors like: Fatal error: Cannot unset string offsets in /usr/local/www/vpn_ipsec_settings.php on line 168 This is corrected by adding more "if (isset())" checks. Fixes Redmine #4865 Conflicts: usr/local/www/vpn_ipsec_settings.php | |||||
* | Add "netstat -ni" to status.php | jim-p | 2015-07-21 | 1 | -0/+1 | |
| | ||||||
* | Allow pre-filling (but no automatic action) of the download filename on ↵ | jim-p | 2015-07-21 | 2 | -2/+3 | |
| | | | | exec.php. Setup a link to download the status output.tgz in status.php | |||||
* | Fix caps | doktornotor | 2015-07-19 | 1 | -1/+1 | |
| | ||||||
* | Bug #4551 - consistent usage of Forwarder/Resolver across the WebGUI | doktornotor | 2015-07-19 | 1 | -2/+2 | |
| | | | Clarify that this applies to DNS Resolver as well. Update the translations template. | |||||
* | Bug #4551 - consistent usage of Forwarder/Resolver across the WebGUI | doktornotor | 2015-07-19 | 1 | -1/+1 | |
| | | | | Clarify that this applies to DNS Resolver as well. | |||||
* | Bug #4551 - consistent usage of Forwarder/Resolver across the WebGUI | doktornotor | 2015-07-19 | 1 | -1/+1 | |
| | | | | Clarify that this applies to DNS Resolver as well. | |||||
* | Merge pull request #1756 from phil-davis/traffic-graph-widget-2-2 | Renato Botelho | 2015-07-18 | 2 | -24/+39 | |
|\ | ||||||
| * | Only process Traffic Graph object if it is open | Phil Davis | 2015-07-01 | 2 | -24/+39 | |
| | | | | | | | | | | Reduces useless CPU use on the pfSense box when the dashboard is displayed with the Traffic Graphs widget. | |||||
* | | Fix Firewall - Aliases GUI inconsistencies for URL Table type aliases | doktornotor | 2015-07-17 | 1 | -4/+4 | |
| | | | | | | | | | | The GUI should show descriptions according to what's selected from the dropdown, but currently does not for URL Table (IPs) and URL Table (Ports) type of aliases. This is for RELENG_2_2 branch. | |||||
* | | Contrary to some reports this is actually usable in some cases, just not | Chris Buechler | 2015-07-16 | 1 | -14/+8 | |
| | | | | | | | | | | | | mandatory. Revert "myid_data and peerid_data fields are not relevant with asn1dn." This reverts commit b8754cc85db7e92322f605bbb4b2f90bde90bb7f. | |||||
* | | myid_data and peerid_data fields are not relevant with asn1dn. | Chris Buechler | 2015-07-16 | 1 | -8/+14 | |
| | | ||||||
* | | Restrict serial ports glob to cua followed by alpha | Phil Davis | 2015-07-16 | 1 | -3/+3 | |
| | | | | | | Improve this a little more to match only alpha after /dev/cua (/dev/cuau for example) | |||||
* | | Make serial ports glob cope with many more possibilities | Phil Davis | 2015-07-16 | 1 | -3/+3 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | It originally coped with things like cuau1 cuau1.1 Then I made it cope with things like cuau1 cuau11 but it stopped working for cuau1.1 This one copes with: cuau1 cuau1.1 cuau1.11 cuau11 cuau11.1 cuau11.11 That should allow for all sorts of reasonable device name files without matching other stuff in /dev (like cuau1.init cuau1.lock) that we need to ignore. Please think if I have covered the bases here. | |||||
* | | Remove old, unused NetUtils.js | Chris Buechler | 2015-07-16 | 1 | -114/+0 | |
| | | ||||||
* | | Display any advanced DHCP server settings RELENG_2_2 | Phil Davis | 2015-07-15 | 1 | -14/+14 | |
| | | | | | | Cherry pick of https://github.com/pfsense/pfsense/commit/90ad3a76edae543bcc63252b14660ac4baee291e | |||||
* | | Merge pull request #1754 from phil-davis/cr_2_2 | Renato Botelho | 2015-07-15 | 35 | -35/+210 | |
|\ \ | ||||||
| * | | Cancel button after input error for RELENG_2_2 | Phil Davis | 2015-07-15 | 35 | -35/+210 | |
| | | | ||||||
* | | | Firewall Aliases Import display error message for invalid alias name | Phil Davis | 2015-07-15 | 1 | -1/+1 | |
| | | | | | | | | | | | | | | | If you open firewall_aliases_import and enter just an invalid Alias Name (e.g. a$b) and press save or press save with all fields empty, then the screen redraws but the input error(s) is not displayed. This fixes it. |