lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-19 19:15:22 +00:00
Code Issues Packages Projects Releases Wiki Activity
12,616 Commits 1 Branch 0 Tags
Commit Graph

4112 Commits

Author SHA1 Message Date
Franco Fichtner
4fbcd919c4 src: style and whitespace sweep 2021-03-14 12:44:43 +01:00
Ad Schellevis
bf3877b834 HA Sync: unify sync sections and remove legacy blocks from system_hasync.php 2021-03-14 12:44:43 +01:00
Ad Schellevis
05f6abb4a0 Firewall / Shaper: the current number of allowed source / destination addresses is limited to a couple of addresses. in order to match larger lists one need to use tables in order for ipfw to process them. 
This commit replaces all rule source / destinations where more than one address is being targetted with a tablename like __rule__{uuid}__[source,destination] a support tool after load flushes the selected addresses into the table (which is automatically created by the ruleset). closes https://github.com/opnsense/core/issues/4756
 2021-03-14 12:44:43 +01:00
Ad Schellevis
aa0d4fdf20 interfaces: newwanip, clear states when address changes. for https://github.com/opnsense/core/pull/4726 2021-03-14 12:44:43 +01:00
Ad Schellevis
8193c60424 IPSec / roadwarriors: do not pin reqid's in case of mobile connections to avoid traffic being forwarded to the wrong end. closes https://github.com/opnsense/core/issues/4757 2021-03-14 12:44:43 +01:00
Franco Fichtner
84a241c30a system: better logic for -h and -D #4231 2021-03-14 12:44:43 +01:00
Franco Fichtner
6a4b89b497 interfaces: immediately enable SLAAC during IPv6 initiation 
This improves PPPoE responsivenes for IPv6 acquire using
SLAAC on the "IPv4 interface".  Tests ok according to an
user and the impact on existing setups is low.

PR: https://forum.opnsense.org/index.php?topic=21506.0
 2021-03-14 12:44:43 +01:00
Franco Fichtner
1bafebe861 interfaces: make this easier to read 2021-03-14 12:44:43 +01:00
Ad Schellevis
395fa73cf7 HA Sync: extend rc.filter_synchronize with capabilities to reconfigure the backup node (template flush + service reload) for https://github.com/opnsense/core/issues/4604 
to offer the ability to schedule a new configd action "system ha_reconfigure_backup":

configctl system ha_reconfigure_backup
 2021-03-14 12:44:43 +01:00
kulikov-a
71d6d0adeb
system_certmanager: take extensions out of a DN (#4761) 2021-02-27 13:49:20 +01:00
Franco Fichtner
90ad674928 interfaces: also needs #4576 2021-02-26 02:56:19 +01:00
Franco Fichtner
a980771d7f interfaces: experiment for #4576 2021-02-26 02:51:23 +01:00
Franco Fichtner
e345b965cc interfaces: looks like a typo 
Probably dead code but better to align it.  Some style on the side.
 2021-02-26 02:22:36 +01:00
Franco Fichtner
db29e02ecb dhcpd: unify loop, improve leases page #4642 2021-02-25 13:40:50 +01:00
Franco Fichtner
e73db9c7ae dhcp: remove interface key #4642 
At first the idea was to pass it, but especially since this only
passes one entry as noted by @maurice-w it is probably better to
ditch it.  :)
 2021-02-24 20:00:34 +01:00
Franco Fichtner
d0822b0067 dhcpd: move staticmap preparation to parent #4642 
Move all the duplication out of Unbound/Dnsmasq code and just
iterate over the results there.
 2021-02-24 09:54:15 +01:00
Ad Schellevis
bcb7c26897 User management: performance enhancement for local_sync_accounts() should improve boot time when a lot of users are involved, also improves xmlrpc sync and some other actions calling a sync. 2021-02-23 14:46:21 +01:00
Franco Fichtner
b25727a11b dnsmasq|unbound: align the code, also fix Dnsmasq #4642 2021-02-22 14:56:36 +01:00
Franco Fichtner
9fa54201a7 interfaces: drop return introduced in 31282787df 2021-02-22 14:55:38 +01:00
Franco Fichtner
140f4ea03e unbound: speed up and safeguards for #4642 2021-02-22 14:30:27 +01:00
Franco Fichtner
a3bfcc2729 system: this looks better although not problematic 2021-02-22 14:23:59 +01:00
Martin Wasley
be12dd889f Correct the omission of the prefix when a dynamic interface v6 dhcpdv6 address is set as a static entry. The result is that only the suffix /64 gets added to the unbound host entries. This patch should sort that so a full address is created for unbound. 
use existing call

update
 2021-02-22 13:06:43 +01:00
Martin Wasley
4e3c6aa59b Correct dhcp6c.conf issue on pppoe link down 
Moved v6 reconfigure to before v4.
 2021-02-22 12:00:53 +01:00
Franco Fichtner
48c9b3b403 system: adapt lighttpd ssl.privkey approach #4728 
While we need to hide the key we do not have to chmod the
certificate or the chain.  ;)
 2021-02-22 09:22:31 +01:00
Franco Fichtner
889e24c965 firwarme: abstract LOCKFILE away 
Now we only deal with LOCKFILE in the firmware scripts folder.
 2021-02-19 13:20:48 +01:00
Franco Fichtner
eb6cbc0164 firmware: single spot for update/upgrade code #4718 2021-02-19 11:29:38 +01:00
Franco Fichtner
dc883ebbba firmware: moving ahead with opnsense-update change for 21.1.2 2021-02-19 11:05:06 +01:00
Franco Fichtner
89dbf25c35 openpn: break in default case 2021-02-18 20:14:39 +01:00
Franco Fichtner
b2472f3c5e system: visibility for problematic LUA scripts #4717 2021-02-18 09:47:28 +01:00
Franco Fichtner
c05c0411cb firmware: small refactor for neatness 2021-02-18 09:02:52 +01:00
Ad Schellevis
ee002053da VPN / IPsec: calculatation error in 8b62109a61 , start at 31,127 to make sure both points can actually reach eachother. for https://github.com/opnsense/core/issues/4700 2021-02-17 19:46:37 +01:00
Franco Fichtner
56f237a8d4 openvpn: better translations leaving command line args out of it 2021-02-18 08:28:15 +01:00
Ad Schellevis
8b62109a61 VPN / IPSec: calculate netmask for provided tunnel addresses when using VTI. 
For IPv4 this should be backwards compatible with the previous code, since the netmask isn't really used to determine if the other end is reachable (it seems so at least), for ipv6 some consumers a valid netmask
seems to be required in order to function properly (frr). Since ipv6 doesn't seem to support setting a netmask in combination with a destination address and the other end apparantly doesn't really care, we just set an address with a mask in case it's an ipv6 tunnel.

for https://github.com/opnsense/core/issues/4700
 2021-02-17 17:33:41 +01:00
Franco Fichtner
1e4aac005a firmware: use cannonical -p and -t update 
opnsense-update can now handle it correctly and we save another
invoke from here.
 2021-02-17 15:03:23 +01:00
Franco Fichtner
f1e72574b6 src: style sweep 2021-02-16 10:36:44 +01:00
Franco Fichtner
31cefec61b firmware: when config.xml looks like a factory reset register plugins/release #4500 
This way the build can do all sorts of funny things and we will end up
with a consistent config.xml after boot.  For people restoring other
config.xml that is not the case but in this scenario the user is likely
aware of what he or she is doing.
 2021-02-16 10:05:27 +01:00
Franco Fichtner
2ecd584c9a firmware: firmware-* files private to check.sh #4500 
Remove unused JS while here.
 2021-02-15 13:07:00 +01:00
Franco Fichtner
bb0085dd77 interfaces: these look unused 2021-02-13 14:09:45 +01:00
vnxme
f69794b929
OpenVPN: Enhance configuration - Compression (#4590) 2021-02-12 18:37:02 +01:00
Franco Fichtner
5542fa450a firmware: avoid PIPEFILE if not needed #4500 2021-02-12 12:00:11 +01:00
Maurice Walker
028b129f87
radvd: remove ::/0 route (#4692) 
As discussed back in #3343: Router Advertisements should never contain a ::/0 route.
A default route is indicated by setting the Router Lifetime to > 0. This was originally fixed
by @fichtner in e67dade, but the ::/0 route is still added for CARP interfaces and "static
mode" interfaces (introduced in 66dc0e9).
 2021-02-10 08:25:45 +01:00
Franco Fichtner
20835a92b1 system: disable clog by default 2021-02-08 09:41:40 +01:00
Franco Fichtner
efd880b9db firmware: reroot is buggy, revert and rename while at it 2021-02-03 08:58:36 +01:00
Franco Fichtner
68b7c4ccfa firmware: revoke old business key 2021-02-02 15:33:04 +01:00
Franco Fichtner
090dd89aa1 interfaces: finally fix IPv6 misalignment in get_interfaces_info() 
Related to: https://github.com/opnsense/core/issues/4651
 2021-02-02 14:40:19 +01:00
Franco Fichtner
3782c3856d firmware: condense previous 2021-02-01 11:31:45 +01:00
Franco Fichtner
b029e67c21 firmware: more annotations 2021-02-01 11:12:43 +01:00
Franco Fichtner
9121ee88ce rc: refactor, add missing copyright header, rename 
Scott committed this in 2005 so it is safe to assume the BSD
license fits...

See also: https://github.com/pfsense/pfsense/commit/fa94531eaba
 2021-02-01 09:46:45 +01:00
Franco Fichtner
e6ced08e3d system: make a note that comconsole_port probably works just as well 2021-01-26 19:19:52 +01:00
Franco Fichtner
372e1cf5e5 system: omit console hint in existing setups 2021-01-26 10:19:43 +01:00