lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-15 09:04:39 +00:00
Code Issues Packages Projects Releases Wiki Activity
8,624 Commits 1 Branch 0 Tags
Commit Graph

8624 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ad Schellevis
07791dcb47 OpenVPN, cleanup tls-verify.php script 2018-04-20 17:06:01 +02:00
Franco Fichtner
d23bc12e45 services: plug blind spots, want to know what failed 2018-04-20 12:41:25 +02:00
Franco Fichtner
eab13ff0fc services: sadly link-local is ok for routing but not transporting 2018-04-20 12:36:54 +02:00
Franco Fichtner
9f4837d11a services: hybrid approach to previous 
Finally, this makes sense and avoids probing already global
addresses...

1. If a private IPv4 or link-local IPv6 we can try to
   use the web test.

2. If anything else just pass it through, it should be
   reachable if configured correctly.
 2018-04-20 10:49:20 +02:00
Franco Fichtner
1547ecce67 services: if ip detection fails don't leak private IPv4 
PR: https://github.com/opnsense/core/issues/2368
 2018-04-20 09:59:24 +02:00
Franco Fichtner
2b9ee69f10 rc: IPv6 is trigger-happy, we only need this once 
The unique file id was used to prevent overwrites from different
interfaces but we can just use the argument in the file so that
everything is rewritten in place causing the renewals to boil down
to one.

See a previous run with a WAN-only setup:

  >>> Invoking start script 'newwanip'
  Reconfiguring IPv4: OK
  Reconfiguring IPv6: OK
  Reconfiguring IPv6: OK
  Reconfiguring IPv6: OK
  Reconfiguring IPv6: OK
  Reconfiguring IPv6: OK
  >>> Invoking start script 'freebsd'

While here, also display the interface for clarity now:

  >>> Invoking start script 'newwanip'
  Reconfiguring IPv4 on em0: OK
  Reconfiguring IPv6 on em0: OK
  >>> Invoking start script 'freebsd'
 2018-04-20 08:18:32 +02:00
Franco Fichtner
9cff964f2c src: style fixes 2018-04-19 19:54:25 +02:00
Ad Schellevis
370750b499 Revert "Add support UTF-8 domain names in black, white and exclude lists. (#1892)" 
This reverts commit baab54de6f29c92aa3ed27c1f78c85e9b9d8c2ba.
 2018-04-19 16:25:31 +02:00
Ad Schellevis
de405eb21d Proxy, IDN support for whitelists and blacklists. requires cf3ebcae01 closes https://github.com/opnsense/core/pull/2327 2018-04-19 16:23:14 +02:00
Ad Schellevis
c9132db422 remove Content-Security-Policy "default-src 'self'; see https://github.com/opnsense/core/pull/2212 2018-04-19 12:57:38 +02:00
Franco Fichtner
7eb6157b9c mvc: fix typo spotted by @fabianfrz 2018-04-17 09:50:58 +02:00
Franco Fichtner
8e504fdf62 firmware: whitespace and order 2018-04-17 08:58:38 +02:00
Franco Fichtner
2c94aa083c openvpn: retain openvpn_ prefix in file 
Way easier to spot where a function belongs to.
 2018-04-17 08:37:50 +02:00
Ad Schellevis
017b00ee9b OpenVPN, cleanups for csc generation. for https://github.com/opnsense/core/issues/2348 
* isolate write_openvpn_csc_conf so we can write out a new one with server and csc settings
* add and use openvpn_fetch_csc_list to return a simple representation for the csc administration currently known for all servers
 2018-04-16 22:15:21 +02:00
Ad Schellevis
c716d2cf1b Captive portal, fix render issue in Firefox and reformat empty "expires at" properly while there. for https://github.com/opnsense/core/issues/2362 2018-04-16 21:00:44 +02:00
Ad Schellevis
f50c9266fd OpenVPN, refactor auth-user script, keeping it functionally the same. preparation for https://github.com/opnsense/core/issues/2348 2018-04-16 18:21:00 +02:00
Ad Schellevis
f1697c4a2e OpenVPN/server, minor visual improvements, switch dropdown boxes to selectpicker 2018-04-15 19:55:44 +02:00
Ad Schellevis
cf3ebcae01 configd/templates, add decode_idna and encode_idna to template parser, see https://github.com/opnsense/core/pull/2327 2018-04-15 16:29:50 +02:00
Ad Schellevis
075a0b7a4a CARP/VIP, remove address requirement for virtual ip's, closes https://github.com/opnsense/core/issues/2358 2018-04-15 15:37:09 +02:00
Franco Fichtner
1daf7466d4 pkg: fix plist 2018-04-15 13:30:04 +02:00
Ad Schellevis
33b03e0bf4 Firmware, move configuration to pluggable xml which can easily be modified or removed by other vendors. also support removal of custom input while we are here. 2018-04-15 13:24:01 +02:00
Franco Fichtner
9efc4df843 captive portal: indent on web server config 2018-04-15 13:00:08 +02:00
Ad Schellevis
72309df97f MVC/unit tests, add DependConstraint test and do some cleanups 2018-04-14 14:00:20 +02:00
Ad Schellevis
a114dc67bf Traffic shaper, add buckets option https://github.com/opnsense/core/issues/2359 2018-04-14 13:07:06 +02:00
Ad Schellevis
6f23e9cc1f another take on https://github.com/opnsense/core/pull/2293 2018-04-14 11:29:52 +02:00
Franco Fichtner
34fc811014 www: halt/power off/shut down modal for #2354 2018-04-13 08:09:10 +00:00
Franco Fichtner
27a051b577 console: if no VLANs are there we don't have to print nothing 2018-04-13 08:30:48 +02:00
Franco Fichtner
88a6ede3d5 console: consistent language 2018-04-13 08:26:37 +02:00
Franco Fichtner
172b0da6e7 console: spurious newline 2018-04-13 08:24:21 +02:00
Franco Fichtner
af428d38ce console: and another one 2018-04-13 08:11:04 +02:00
Franco Fichtner
f2bacb7df6 console: ignore VLANs even more as we create/recreate them 2018-04-13 08:08:37 +02:00
Franco Fichtner
fa9eceabdb console: a few problems with VLAN assignment 2018-04-13 07:49:14 +02:00
Franco Fichtner
f850748d1d console: reset VLANs as stated; closes #2342 
Regression introduced in 566fe52 a while back.  Checked the commits
and code again so a bit of assorted cleanup attached.  Other spots
in the commits look good.
 2018-04-13 07:31:48 +02:00
Franco Fichtner
ff60fe9cb3 system: add/update valiation for #2340 2018-04-12 22:50:36 +02:00
Franco Fichtner
394019e942 firmware: API-driven major upgrade; closes #2153 
While here, clean up the JSON output block in the script so
that it's easier to work with it in the future.
 2018-04-12 20:14:48 +00:00
Franco Fichtner
4858faafe0 console: make tracking the default for LAN IPv6 2018-04-12 11:52:54 +02:00
Franco Fichtner
0c54c68d26 system: better factory reset 
Shut down as previously mentioned.  It helps with moving the
firewall into a different environment prior to first boot so
that it can auto-adapt / live-boot to that environment.
 2018-04-12 10:41:00 +02:00
Franco Fichtner
f3559f2e70 system: move factory default to configuration 
Ideally, we should hide this under a different page and pop up
a confirmation dialog instead of presenting the dialog right away.

We also need a "reboot dialog" that never ends and shut down instead
of reboot.  While here, it would be good to share this dialog with
the shutdown page.
 2018-04-12 10:30:32 +02:00
Franco Fichtner
a528a9ffeb system: make factory reset a bit more thorough 
Suggested by: Markus Stubbig
 2018-04-12 06:35:53 +00:00
Franco Fichtner
0bfe55cab2 intrusion detection: translate title 2018-04-12 06:28:17 +00:00
ElJefe
2aec38feda Add Destination IP to Alert Search (#2351) 
* Add Destination IP to Alert Search #2350

* Reworded title
 2018-04-12 07:51:54 +02:00
Franco Fichtner
e0901538de openvpn: wizard xml still a tabs file 2018-04-11 15:20:11 +02:00
Franco Fichtner
743eaed9bf interfaces: building on previous, GRE had the same issue 
Try to use mwexecf() although for all of this there should be
a more thorough rework.  Not our cleanest code...
 2018-04-10 17:15:10 +00:00
noctarius
a68e1deeb3 Fixed creation of GIF tunnel with an outer IPv6 remote address (remote-addr) 2018-04-10 18:29:04 +02:00
Franco Fichtner
6fb26f989b system: split off monitor reload for upcoming dpinger integration 2018-04-10 08:47:45 +02:00
Franco Fichtner
6c4ee8a945 system: hardcode $keep as suggested previously 2018-04-10 07:33:16 +02:00
Ad Schellevis
c9f22da31e interfaces/vlan, only restart interface when changes require this. closes https://github.com/opnsense/core/issues/2321 2018-04-09 19:27:03 +02:00
Franco Fichtner
434347bb4e interfaces: remove unused $flush argument 2018-04-09 07:26:36 +02:00
Franco Fichtner
0d79bfda3c intrusion detection: syslog by default 2018-04-08 10:01:05 +00:00
Franco Fichtner
5dd172ed16 firewall: rewrite in equal case, otherwise we end up without a limit 2018-04-08 09:53:10 +00:00