Use global cpzoneid variable
Drop double $$ from variable name
Remove redundant set
Silent kldstat
Sometimes fsck requires a second run, teach rc script to call it more than once when it's necessary
Obsolete old clog binary from /usr/sbin
Merge pull request #1125 from msilvoso/master
Migrate captive portal code to SQLite3 php module
sqlite module is now called sqlite3
Obsolete old php modules
Take care of interfaces that have no ip but might be part of the bridge as done for openvpn to avoid loops
Changes to make it work behind a bluecoat proxy - added a user agent, and changed url scheme
Oops specify mode of operation to fopen
Make the alias url processing functions not memory hungry!
Rewrite update_alias_url_data to be with small memory footprint. Also return the status if an update is performed to callers and remove the write_config call embedded here since its not good to have this by default.
Signal a reload if anything got updated
Merge the patch suggested in Ticket #3629. It also Fixes #3629. The question is why this is using config lock? Also where is filter configure called here?
Expose all p0f OS types that it supports so that subtypes of various Operating Systems can be detected
Fix kldstat match/output to check for a running module. It was claiming all modules were loaded so none were being loaded.
Send HUP to restart syslogd rather than trying to restart it, thus loosing messages
make sure unbound is included here
Handle 0MQ filter configure
If unbound is configured then assign it for the vpn service
If Unbound is been used then make sure to reload when system_hosts_generate() is called
Make sure unbound is reconfigured when interfaces are
Add space between configile and switch
Move clog from /usr to /usr/local
Add filterlog to separatefacilitylog to avoid logs going elsewhere
Change log level to error for php-fpm
Another dir to be created
Correct the definitions of certificate path to correct place to allow the daemon to start
Update binaries used
Put this here for easier troubleshooting and code reading. Helps with Ticket #3619
Use php module calls here to speedup things
Correct the ridirection URL to unbreak ones passed through Radius attributes and repsect user choices. Reported-by: Antoine Guillemot
Use the daemon name to send the filter logs
Merge pull request #1032 from fichtner/contributions manually since it does not apply cleanly
Merge pull request #1040 from fichtner/pw_userdel manually since it does not apply cleanly
Merge pull request #1098 from camlin/master
Merge pull request #1117 from derelict-pf/nohttpsforwards
Make sure to actually configure the outgoing query interfaces if selected.
Resolver has no option for remote syslog, remove wrong copy/paste that was adding it when apinger was enabled
Merge pull request #1118 from phil-davis/patch-3
Merge pull request #1120 from phil-davis/patch-5
Fix PBI installation when target lies on different directorie
fix typo
This doesn't need via-env
Make sure that the DNS Forwarder/Resolver is actually capable of accepting queries on localhost before using it as a DNS server.
Missed pbi_prefix here
Fix PBI symlink creation and deletion under /usr/local following .pbiopt files, also drop setup_library_paths() since it's not necessary anymore
Make sure /usr/local/etc/rc.d exists
On 2.2-ALPHA (i386)built on Mon Apr 21 13:01:11 CDT 2014 (for example) there was /usr/local/etc but not /usr/local/etc/rc.d - when I tried to install bandwidthd, that called write_rcfile() which failed because /usr/local/etc/rc.d did not already exist....
Merge pull request #1116 from PiBa-NL/interface_has_gateway-ipv4_gif_gre
Merge pull request #1115 from PiBa-NL/reply-to_IPv6gateway
Load if_stf module when needed
Cut paste bug fix in Remote Syslog DHCP events
apinger is repeated here from the code above, but it should be dhcp.Forum https://forum.pfsense.org/index.php?topic=73734.0Selecting to remote syslog "Gateway Monitor events" would also switch on "DHCP service events" unintentionally.
Add nohttpsforwards option to captive portal
add gre and gif checks for for IPv4 function interface_has_gateway($friendly), like they are already for IPv6
check gateway for IPv6 also for reply-to rules.
Be smarter at using kenv
pfSense - Bug #3607: Fix issue whereby the ICMP6 messages sometimes have the wrong source IP when a monitor gateway has been set.
[pfSense - Bug #3607] Ensure gateway detection can cope with the gateway being a dynamically assigned PPoE interface.
Unload the ZFS module if its not in use to not consume uselss memory
support symlinked RC scripts from PBI packages
GC unused code and do not set this to 0 for now since it is not anymore relevant
Fix susbstr-substr typo
I just got this error again on 14 Apr 2014 2.2 snapshot. I can see the fix in 2.1 branch. I could have sworn it got fixed in Master also, but I can't see it. So here is the fix for Master.
Correct the sense of the check to allow openvpn to work
Correct auth-user-pass-verify to include parameters properly so openvpn can start
Fixup update URL
Use the FreeBSD script for ldconfig to catch all libs
Avoid warnings later on if no config for layer7 exists
Get rid of embedded platform. Its time to GC this
Start using filterlog
Switch over to filterlog sooner than later
Unset also here
Do not allow upgrade_101_to_102 to exit early
This upgrade step does both Captive Portal stuff and OpenVPN stuff. So do not return early just because there is no Captive Portal config.Both Captive Portal and OpenVPN tests changed to be positive tests, to make sure that everything is checked/tested and there is no chance to return early.
console, reload firewall rules after enabling SSH
Get real interface when dhcrelay uses default GW
If the DHCP Relay server is not on any local subnet, and not on any subnet that has an internal static route, but is somewhere that no specific route is known, then this code finds the default gateway and uses that in the DHCP relay "-i" parameter. The current code gets just the interface name (like "wan", "opt1"). But DHCP Relay command needs to be fed the actual device name "vr0", "vr1" etc....
Merge pull request #1072 from marcelloc/patch-3
tls-verify requires quotes around the command to be executed. Ticket #3596
Nowdays there is no real difference between the kernels apart the ZFS support. So do not keep a distinction anymore
fixing typo for GIF tunnels to work over IPv6
the call of get_interface_gatewayv6() in the creation of a GIF tunnel over IPv6 leads to a "Fatal error: Call to undefined function get_interface_gatewayv6() in /etc/inc/interfaces.inc on line 934". changeing the function call to get_interface_gateway_v6() fixed it for me on my local system.
Also add similar checks on rc.newwanipv6 as in the v4 version
Forgot to remove the problematic part from previous OpenVPN loop fix commit
Take care of the loops reported for OpenVPN in tap mode. Also fixes the problems of tap disappearing from bridge if its a member.
fix git path calls and CODIR
it may need some checks/fixes on pkg-utils.inc as git downloads but not installs.
After manual pbi install of git, "pfSsh.php playback gitsync master" works fine with this fix.
Correct typo on function name that has slipped unnoticed. Reported-by: https://forum.pfsense.org/index.php?topic=74688.0
Merge pull request #1055 from ExolonDX/branch_master_10
Make extra sure that we do not start multiple instances of dhcpleases if, for example, the PID is stale/invalid and there is still a running instance.
Put the fix to be more generic to prevent any other leak possible in the long run. Fixes #3062
Update captiveportal.inc
Release unused pipeno when client is already authenticated.
Bug #3062
Indentation
Dont check for 'checked' but rather if it is just set
Tidy up "functions.inc"
Escape single quotes for TABLE and HREFUpdated closing TR tag
Make rc.php_ini_setup ready for php 5.5
Remove unnecessary semi-colon.
Remove TRIM_set and TRIM_unset support. This method isn't very elegant and isn't necessary in the long run. It's better handled in the installer stage and not after the fact.
Merge pull request #1041 from PiBa-NL/carp_maintenance_2.2
carp, provide a way to 'permanently' set carp to 'maintenance mode' (advskew 254) persisting a reboot
carp, provide a way to 'permanently' set carp to 'maintenance mode' (advskew 254) persisting a rebootOption to set CARP interfaces to 'maintenance mode', persisting through a reboot so the primary machines stays as backup/inactive.This is required when there are some problems (possibly with the hardware) and the primary machine needs to be booted and checked again before becoming 'master'. Currently it will take back the master state during reboot even though there might still be problems or some re-configuring to do....
Add privileges