federation's metadata raw content can be added
Closes #5568
domain and search should not both be defined in resolv.conf per FreeBSD man page and handbook (only the latter is actually used). Change this to just not use domain, and set the search to the system's domain where not using the function that generates the search list for dynamic WANs.
Enable unity plugin as per request from https://forum.pfsense.org/index.php?topic=79737.msg452808#msg452808
Warn if attempting to import IPv6 range
There is currently no code to convert an IPv6 range to a set of corresponding IPv6 subnets, so warn the user if they attempt that from the alias bulk import GUI.
Support converting an IP range to an array of addresses
so that it can be used for expanding ranges in host alias input.
Expand range or subnet for host alias
When entering a host alias, if the user put an IP range (like 192.168.0.10-192.168.0.20) or a subnet (like 192.168.1.200/29) then expand it into a list of individual IP addresses. Check that it will not make too many rows to exceed the existing 5000 row limit on the GUI....
Merge pull request #1312 from phil-davis/patch-8
Merge pull request #1313 from phil-davis/patch-9
Add support for mac addresses blacklist
Closes #5572
Closes #5571
Add support for nameIDs blacklist
Interface: add a page to configure blacklists
www: factorise saml tabs in a function
Merge branch 'RELENG_2_1' into UNIVNAUTES_2_1
Prevent Internal Server Error if range is backwards
Teach the certificate generation code how to make a self-signed certificate, andchange the GUI cert generation code to use it. Also, move the GUI certgeneration code to its own function so we can add a GUI option to regenerate itlater. Also use some more sane defaults for the contents of the default self-...
Encode values before displaying them back to the user in notification settings
Encode values before displaying them back to the user in notification settings.
remove the command number shown in the shell prompt, it's a pointlesswaste of screen space
Fixes redmine #3950 - ip_range_to_subnet_array can easily swap the input parameters if the caller has passed/entered them the wrong way around. That is both friendly to the caller and ensures that a hostile caller can't blow up the routine....
+ is a valid character in some dynamic DNS providers' usernames. Fixes #3912
hostnames can end with a . (and actually always do, it's just usually implied), so allow that here. Fixes wrong input validation in parts of nsupdate GUI, among other things.
Merge pull request #1306 from phil-davis/patch-3
Let user decide if he wants to proceed to the upgrade when sha256 fails to download. Fixes #3576
h-node should be 8
Underscores are valid characters in domains. Fixes #3219
Ticket #3932 For more than 100 entries create pipes in line with the rules file to speedup the process
Merge pull request #1310 from phil-davis/patch-6
Merge pull request #1311 from phil-davis/patch-7
Fix the log widget to lookup hosts by DNS using a link rather than AJAX. Quick fix for now. Ticket #3829
Add command line script to generate and activate a new GUI certificate.
Fix descriptions and cn on generated GUI cert to be consistent.
Reintroduce the vfs.forcesync systl
Merge pull request #1309 from phil-davis/patch-5
Tame the poodle. Disable SSLv3.
Manage dhcpleaseinlocaltime consistently
dhcpleaseinlocaltime is actually a global setting, but the setting is stored per-DHCP-enabled-interface.The display code in status_dhcp_leases already sorts this out - if any interface has the setting enabled then the displayed lease times are adjusted to local time....
Provide an edit button for static mapped entries
As suggested in forum https://forum.pfsense.org/index.php?topic=82883.msg0#newInstead of a non-functioning red plus icon, show an edit icon for static mapped entries, and take the user to services_dhcp_edit page if it is clicked. IMHO this makes it much easier to correct things that are noticed when viewing the Status, DHCP Leases display.
Whitespace in status_dhcp_leases.php
Fix #3935 Properly allow WAN without LAN
Was broken by https://github.com/pfsense/pfsense/commit/bd0b5d2dc7a279d3473a65a11d67efb5e39392be
rename interfaces_carp_setup to interfaces_sync_setup and call it during bootup since it does not only relate to carp interfaces.
Fixes #3727 Do not unset ondemand for ppp type interfaces since it is controlled here only for pppoe/l2tp
Ticket #3789. Put a start at using the proxyurl/proxyport from system configured settings for bogons. It still does not consider the user/pass configured
Fixes #3213. Allow up to 2900 limiters. This was set to 30 since limiters are to be controlled by mask and not created manually!
Make proper check here
Teach the certificate generation code how to make a self-signed certificate, and change the GUI cert generation code to use it. Also, move the GUI cert generation code to its own function so we can add a GUI option to regenerate it later.Also use some more sane defaults for the contents of the default self-signed certificate's fields so it will be more unique and less likely to trigger problems in browser certificate storage handling.
update comment to reflect breakage caused here and reference associated redmine ticket, not high priority, can be fixed later
block IPv4 link-local. Per RFC 3927, hosts "MUST NOT send the packet toany router for forwarding", and "any network device receiving such apacket MUST NOT forward it". FreeBSD won't route it (route-to can override insome circumstances), so it can't be in use as a real network anywhere with...
Fix PSK for non-ascii also here, ticket #3917
Fix initial console menu layout, it fixes #3884
Improve IPsec status page for mobile. It fixes #3917
Add missing gettext call
Add missing gettext calls
Fix indent and spaces
Does not accept non-ascii characters on IPsec PSK. It fiixes #3931
Close this form early since there is another form below
snmp: update SNMP ucd to work with univnautes 2.1
Closes #5566
univnautes.js: move idp link outside the button for Fx
Closes #5678
update input_error description after changes for ticket #3491
Properly set MTU for lagg interface, it fixes #3922
Make sentence more accurate as pointed out by phil-davis
GIF interfaces MTU must be something between 1280 and 8192, make the correct check. It fixes #3927
Merge pull request #1308 from phil-davis/patch-4
fix text
fix up text on sys_adv_misc
fix text and descriptions in GRE edit page
s/removing/omitting/g for gateway monitor log entires. "Removing" is not necessarily correct, there are many circumstances where this runs where it wasn't there to begin with, and is potentially misleading.
Fix pf syntax s/divert/divert-to/. It should fix #3921
Ticket #3860 Correctly display SMTP SSL TLS boxes
After using the "Test" button, $_POST['smtpssl'] and $_POST['smtptls'] was 'on' or null - this got blindly copied back into $pconfig[] and resulted in the state of the SSL/TLS/STARTTLS checkboxes not being redisplayed....
Fix an error introduced in bd0b5d2dc7 that makes system believe interfaces always mismatch
Remove the minimum NIC warning, this dates back to when minimum 2 NICs were supported and it made sense to throw this message at people. It's obvious a network appliance requires at least one NIC.
Update the URL for snapshots update
Be more strict when checking if olsrd is enabled, otherwise when package is deinstalled and configuration is kept dhcpd will consider it's always as enabled
Support up to 4 DNS Servers in DHCP
Add an option to restart php-fpm from console
Fixes #3909 Properly report and detect carp_status
Remove function that is not implemented properly. Nothing seems to use it.
Merge pull request #1303 from PiBa-NL/carp_without_matching_subnet
Merge pull request #1304 from sselph/powerd_normal_mode
Merge pull request #1305 from phil-davis/patch-2
Fix not rules for OPTn network case
Reported in forum https://forum.pfsense.org/index.php?topic=82319.0The "if (is_subnet($src)) ... filter_address_add_vips_subnets" code needs to go outside all of the if that checks for opt interfaces (not just in the else part). That makes filter_address_add_vips_subnets get called in all cases, including when optn network is specified. (line 2264, 2265)...
Add powerd normal mode flag (-n)
Make proper check if IP address is configured on another interfaces and ignore current one. It fixes #3807
get back to our standard RFC-defined capitalization of IPsec
CARP, allow carp ip to be outside interface and alias subnets (FreeBSD10 feature)
Merge pull request #1300 from jean-m-cyr/master
Merge pull request #1298 from PiBa-NL/vips_sort
firewall_virtual_ip make the table sortable remove double tfoot, but use 2 tr inside.
Remove stray 'i'.Reported-by: https://forum.pfsense.org/index.php?topic=82393.0
Fix up NTP status page formatting
Number of columns is not the same for all table rows
firewall_virtual_ip make the table sortable
Formats disponibles : Atom