| Branch: | Tag: | Revision:

univnautes @ master

# Date Author Comment
89cf3dc0 13 November 2014 01:09 PM Renato Botelho

Fix logic to find available next number for limiters and queues. It fixes #3998

340ce958 13 November 2014 12:10 PM Renato Botelho

Add an extra protection to avoid having an empty group created

bd0bb466 12 November 2014 10:06 PM Ermal

Do not display the disabled tunnels since they are not needed in the widget. Ticket #3955

6a151c91 12 November 2014 09:43 PM Ermal

Commit the other part of the fix for Ticket #3955

21cd92ac 12 November 2014 09:41 PM Ermal

Oops wrong choice the checkbox is only for javascript

c9b70c0a 12 November 2014 09:41 PM Ermal

Remove redundant code and check for dpd_enable checkbox to be set

38d21414 12 November 2014 07:44 PM jim-p

Fixup some redirected URLs.

4dbabbc6 12 November 2014 07:36 PM jim-p

Fixup some URLs that changed.

4b2223f2 12 November 2014 07:36 PM jim-p

Standardize quotes in help.php

71f45fed 12 November 2014 06:26 PM Chris Buechler

Don't allow interface descriptions that are strictly numbers as that
generates an invalid ruleset. Ticket #4005

a19cc600 12 November 2014 06:22 PM Chris Buechler

fix variable typo

2b114010 12 November 2014 06:20 PM Chris Buechler

fix text

61dec0b0 12 November 2014 05:22 PM Renato Botelho

Make sure empty group or user are not created when editing

2951a06a 12 November 2014 03:27 PM Renato Botelho

Only create missing ssh keys, do not overwrite existing ones. It fixes #4003

aa5acb42 12 November 2014 02:57 PM Ermal

Use route command directly rather than trying to make a route search on php thorugh netstat. It Fixes #4000

285acd60 12 November 2014 12:46 PM Ermal

Oops do the right thing here by passing proper argument rather than breaking the ipsec status page. Ticket #3955

39f93e00 12 November 2014 12:42 PM Ermal

Revert "Make phase1_status function wok whnever there is a smp dump. This should unbreak Ticket #3955"

This reverts commit 694d368d818508a40bdef4f1a3f64b414b11c442.

5823df59 12 November 2014 07:32 AM Chris Buechler

remove this log, it's never logged anything useful that I've seen, and unnecessarily spams the secondary's system log on every config sync.

4de91fda 12 November 2014 02:13 AM Chris Buechler

hn(4) is ALTQ-capable, mark as such.

694d368d 11 November 2014 11:18 PM Ermal

Make phase1_status function wok whnever there is a smp dump. This should unbreak Ticket #3955

c7f5b55a 11 November 2014 09:36 PM Ermal

Actually require group name!

baca968c 11 November 2014 09:35 PM Ermal

Do not do operations for empty group members

e16f6d03 11 November 2014 09:28 PM Ermal

Do not do this during boot

63ba4729 11 November 2014 08:57 PM Ermal

Use leftcert for more options on IPsec authentication

1f2f38f5 11 November 2014 08:49 PM Ermal

Ticket #3967 also sync other vip types that can be synched.

94115b93 11 November 2014 08:08 PM Ermal

Fixes #3967, properly resolve interface

992f60d0 11 November 2014 02:57 PM Renato Botelho

Set proxy env vars on interactive shell and also on crontab to make all scripts be able to use it. Ticket #3789

eacdbc4d 11 November 2014 02:33 PM Renato Botelho

Revert "Ticket #3789. Put a start at using the proxyurl/proxyport from system configured settings for bogons. It still does not consider the user/pass configured"

This reverts commit 664adf3845cf1df89769bb0ed5fc113048e0912e.

0b7dbebe 11 November 2014 07:03 AM Chris Buechler

touch up text

5f4f8365 11 November 2014 06:53 AM Chris Buechler

fix text

29aef6c4 11 November 2014 06:36 AM Jim Thompson

Change copyright statement to reflect reality

dd447bde 11 November 2014 05:49 AM Jim Thompson

modify copyright statement to reflect reality

e7896fc8 11 November 2014 05:24 AM Jim Thompson

Change copyright statement to reflect reality

e120d5ce 11 November 2014 05:13 AM Chris Buechler

Fix syntax error in CARP status page. Ticket #3967

a1b66bec 11 November 2014 05:07 AM Chris Buechler

Restore the CARP parent display in firewall_virtual_ip.php. Ticket #3967

a9b305a8 11 November 2014 04:52 AM Chris Buechler

Set this to /8 instead since that's how it's done in stock FreeBSD 10.1. Ticket #3941

b0533f16 11 November 2014 04:37 AM Chris Buechler

Setting an interface's IP to with mask overwrites the
default route with that interface's link route. Later in dhclient, that
gets deleted and leaves the system with no default route. Using a /32 mask
here works in every scenario I can find, and stops the default route...

7cdfe39e 10 November 2014 11:45 PM Ermal

Strengthen check

f4443dce 10 November 2014 11:32 PM Ermal

Compare the right things here.

d87fcac9 10 November 2014 09:47 PM Ermal

Do not require the default sysctl items to be set on the config.xml but rather extract the definitions from the sysctl tree. Also to reduce config.xml size

24d728bb 10 November 2014 08:36 PM Ermal

Retire flowtable_configure as a useless code since its not in kernel

c46f9695 10 November 2014 08:32 PM Ermal

Actually make default sysctls reside on and use those by default this allows to trim down the config.xml sysctl and also fixes #3666 by setting set source interface on reply of icmp

d3c36b1d 10 November 2014 08:29 PM Ermal

Put the new sysctl on the config as needed.

894a0159 10 November 2014 05:03 PM Ermal

Tighten checks here to avoid overriding the default gw with garbage

d3c269d3 10 November 2014 04:15 PM Ermal

Make some more useful checks here

6704590b 10 November 2014 04:09 PM Ermal

Be sure the same gateway is not processed for v4 and v6

c87d89ae 10 November 2014 03:38 PM Ermal

Lets put a logging to see what is bing passed to the rtsold script on calling. Helps with Ticket #3361

6f55af1c 10 November 2014 03:20 PM Ermal

Ticket 3967, revert upgrade code. Existing 2.2 installs might be impacted

b0d054ca 10 November 2014 03:18 PM Ermal

Fixes #3967, configure ip alias on top of carp by joining them to the same vhid as its parent

5063f1df 10 November 2014 03:00 PM Ermal

Ticket #3967. Allow to have carp as parent of ipaliases - continued

9c97df26 10 November 2014 02:34 PM Ermal

Ticket #3967. Allow to have carp as parent of ipaliases

80be089f 07 November 2014 07:28 PM Ermal

Fixes #3995. Do not set rightsourceip on site-to-site VPNs but only on mobile users ones otherwise nothing works.

20a95904 07 November 2014 02:37 PM Ermal

Make ipsec_starter log go to ipsec.log rather than system one

e82a1d11 07 November 2014 02:14 PM Ermal

Reload also the configuration not only the secrets before trying to apply existing configuration. Ticket #3981

a8380480 07 November 2014 05:11 AM Chris Buechler

fix text

6859f881 07 November 2014 05:09 AM Chris Buechler

show interface name, not identifier

d3d23754 07 November 2014 05:03 AM Chris Buechler

fix text, PPPoE Server, not VPN

7bd413eb 07 November 2014 03:19 AM Chris Buechler

add a route debug option to log info about route commands executed (where those aren't already logged) to help with troubleshooting various routing scenarios.

708af634 07 November 2014 12:16 AM Chris Buechler

remove unnecessary is_array check, thanks Renato

6c3be365 06 November 2014 11:36 PM Chris Buechler

Don't allow P2 local+remote network combinations that overlap with
interface+remote-gateway of the P1. Fixes #3812

dbb95f38 06 November 2014 07:49 PM Chris Buechler

set install_routes=no for charon to avoid the issues noted in ticket

27c2e32e 06 November 2014 07:38 PM Renato Botelho

Pass zone id to pfSense_ipfw_getTablestats(), should fix #3990

118218cb 06 November 2014 02:54 PM Renato Botelho

Make sure target has scope when it's a link-local. Fixes #3969

049c74ec 06 November 2014 02:40 PM Renato Botelho

Check if array is set

10435fa9 06 November 2014 02:07 PM jim-p

Merge pull request #1330 from phil-davis/patch-1

3f6525c1 06 November 2014 11:30 AM Renato Botelho

Make sure srcip has scope when it's link-local. Should fix #3969

e7752fc4 06 November 2014 10:57 AM Renato Botelho

Remove extra ; and space

e7a00514 06 November 2014 10:57 AM Renato Botelho

Process obsolete files in shell script instead of php

48f77cef 06 November 2014 10:57 AM Renato Botelho

Simplify post_upgrade_command logic and obsolete /usr/local/sbin/ instead of removing it on post_upgrade_command

a68c6785 06 November 2014 10:29 AM Phil Davis

Fix to SMART disk matching

preg_match returns 0 when the string does not match the regex.
0 does not "===" FALSE
So this check is not always working.
preg_match returns 1 when the string matches the regex.
IMO it is better to check for !== 1 - then anything that is not success (0 or false or...) will be unset.

a012464e 06 November 2014 05:58 AM Chris Buechler

fix captive portal status page display

bb18cfcb 06 November 2014 05:45 AM Chris Buechler

fix up text

e8fa9843 06 November 2014 03:45 AM Chris Buechler

Pass friendlyifname to handle_argument_group, not realifname. Fixes #3984. clean up some text while here.

e55e4b74 06 November 2014 02:47 AM Chris Buechler

isset($_GET) seems to always evaluate to true, use something more specific. Fixes use of rc.linkup when run from CLI. Others likely fix similar circumstances, though maybe not ones that are used anywhere.

c75e8aed 06 November 2014 02:33 AM Chris Buechler

Disable delete_old_states in dhclient-script. rc.newwanip handles this correctly in 2.2, and this killed states in multiple circumstances where that isn't necessary nor desirable.

9aec47b7 06 November 2014 12:18 AM Chris Buechler

don't duplicate $message in CP log entries

d9b05eb4 05 November 2014 06:31 PM Renato Botelho

When an alias contain hosts, add IPs and networks to filterdns too, otherwise you end up with a pre-defined and non-persistent table. Fixes #3939

87d4456c 05 November 2014 10:07 AM Renato Botelho

Merge pull request #1323 from derelict-pf/master

f81011ea 05 November 2014 10:05 AM Renato Botelho

Merge pull request #1320 from phil-davis/patch-2

e39c963a 05 November 2014 06:31 AM Chris Buechler

fix up text

75756ab9 05 November 2014 06:19 AM Chris Buechler

use a bit stronger of defaults in OpenVPN wizard

1c1fe666 05 November 2014 06:08 AM Chris Buechler

Fix WINS description. It's not 1999, and it wasn't a good description for back then either. If you're running WINS at this point on your AD DCs...get rid of the Win 9x boxes, or realize you don't actually need or want WINS on anything Windows 2000 and newer.

7a22ab9b 05 November 2014 06:05 AM Chris Buechler

fix up text

cbc6a13f 05 November 2014 05:01 AM Chris Buechler

Fix updating of hosts file on host override updates by bringing back the same behavior from previous releases.

b7419cfc 05 November 2014 04:22 AM Chris Buechler

skip disabled phase 1 entries in status output

261f2efe 05 November 2014 02:57 AM Chris Buechler

fix NAT-T status. The 'nat' in the status array just tells how the connection is configured, not what it's actually using. Port seems to be the best way to determine what it's using. Fix up some other text while here

531686c1 05 November 2014 02:09 AM Chris Buechler

use tabs rather than spaces, as most of this already did.

d3c414e3 05 November 2014 02:02 AM Chris Buechler

strongswan only has two options for NAT-T, force or auto.

a43ddd1a 05 November 2014 01:44 AM Chris Buechler

setting nmbclusters to 0 just results in an error, remove unnecessary line

41367b9c 05 November 2014 01:34 AM Chris Buechler

remove old DISABLE_PHP_LINT_CHECKING, which dates way back to the CVS days and hasn't been relevant in years.

276efd64 05 November 2014 01:24 AM Chris Buechler

touch up text

32171e59 05 November 2014 01:18 AM Chris Buechler

fix invalid ipsec.conf

f643a1f1 05 November 2014 01:02 AM Chris Buechler

clean up text

ea20169a 04 November 2014 09:49 PM jim-p

Use a better method of finding disks for SMART.
Old code was inaccurate and also listed entries that were symlinks to other disks

0810a719 04 November 2014 09:21 PM Ermal

Restore 3 values back on NAT-T settings Just Enable now its Auto as per strongswan default. and off disabled mobike. Ticket #3979

1db2634e 04 November 2014 09:08 PM Ermal

Rename the options to actually make sense with strongswan

86ef7a0a 04 November 2014 09:07 PM Ermal

Remove Force options since it has not meaning for now.

756d867a 04 November 2014 08:31 PM Chris Buechler

fix comment

8a2229e3 04 November 2014 06:43 PM jim-p

Catch some more sensitive info when sanitizing.

f384d8a5 03 November 2014 06:27 PM Renato Botelho

Merge pull request #1329 from phil-davis/patch-3