lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-15 00:54:41 +00:00
Code Issues Packages Projects Releases Wiki Activity
13,036 Commits 1 Branch 0 Tags
Commit Graph

1004 Commits

Author SHA1 Message Date
Franco Fichtner
28fa452a47 firmware: fix comment on previous 2021-06-29 14:42:43 +02:00
Franco Fichtner
38578176e4 firmware: comment on compexity avoidance in shell menu 
Fix plist while here.
 2021-06-29 14:39:14 +02:00
kulikov-a
97643a3edb
read_log.py: set label for obsolete rule in log (#5075) 2021-06-27 13:34:32 +02:00
Franco Fichtner
35aa9bf568 interfaces: back out this change until we have feedback #4929 2021-06-23 11:41:51 +02:00
Ad Schellevis
caed6e2504 Firewall: Diagnostics: States Dump - refactor to MVC. 
o a rudimentary column sort
 2021-06-22 11:19:39 +02:00
Ad Schellevis
43b7f1eb7f Firewall: Diagnostics: States Dump - refactor to MVC. 
o fix minor regression duplicating records (only flush on last content line)
o add link to firewall / rules page
 2021-06-21 19:37:27 +02:00
Ad Schellevis
63bdff8cf3 Firewall: Diagnostics: States Dump - refactor to MVC. 
o add api endpoint and ui to kill states using filter (kill by host or network as well)
o show ruleids in service control spot to filter states for a specific (auto-generated) rule
o support passing a ruleid to the ui page to limit selection, e.g. /ui/diagnostics/firewall/states#d0953c4424f27d5249027086b4599999
 2021-06-21 18:27:21 +02:00
Franco Fichtner
512b83463b pkg: fix plist and lint 2021-06-21 15:22:36 +02:00
Ad Schellevis
d9aa894fdb Firewall: Diagnostics: States Dump - refactor to MVC. 
o move state manipulation functions into separate lib, so we can reuse the same logic to kill all in selection (pfctl -k [ipv6_address] doesn't seem to be functional)
 2021-06-21 14:53:47 +02:00
Ad Schellevis
2e5bafbfa9 Firewall: Diagnostics: States Dump - refactor to MVC. 
o improve filter, when an address or network is offered, match using ipaddress.ip_network().overlaps()
 2021-06-21 14:38:15 +02:00
Franco Fichtner
74633f4cd2 interfaces: fix lint pass 2021-06-21 05:15:02 +02:00
Ad Schellevis
36f4b24869 Firewall: Diagnostics: States Dump - refactor to MVC. 
o push query commands to backend process (list_states.py)
o add configd action to kill by state id and assign delete action to it.
o query rule descriptions to ease browsing

some small todo's left:

o the old page supported dropping states for a network, which might be practical to have in s separate tab sheet in the new layout
o support filtering by explicit rule_id and use it as an optional entry point so the firewall edit page can link to the states.
 2021-06-18 19:05:00 +02:00
Franco Fichtner
f7d7fd6362 interfaces: flush IPv6 addresses on PPP interfaces #4929 2021-06-18 10:08:05 +02:00
Franco Fichtner
9dc9c4e864 firmware: add backend glue to support install probing of plugins #5037 
Allows to list dependencies as well.  Remove the JSON return, best to
use something as follows now:

    # configctl firmware probe && configctl firmware product
 2021-06-17 10:32:53 +02:00
Franco Fichtner
17dff05294 firewall: close gap in diff between stable and master 2021-06-15 07:14:58 +02:00
Ad Schellevis
aea1cbd15a Firewall / Diagnostics / States Dump : extend filter options for future rewrite of states view. (refactor limit, add offset and query on label/rule_id) 2021-06-02 06:14:18 +02:00
Ad Schellevis
4c845540ac Firewall / Diagnostics / States Dump : add verbose fields to states output, first step in refactoring the states dump. 2021-06-01 12:18:03 +02:00
Franco Fichtner
a759338381 firmware: push automatic flags to firmware for #5025 2021-05-31 14:49:27 +02:00
Ad Schellevis
5eacbb06f1 firewall: let live log use the provided rule label instead of guessing it, closes https://github.com/opnsense/core/issues/5014 2021-05-27 15:47:37 +02:00
Ad Schellevis
4f126c758c Firewall - aliases: move dynamic ipv6 handling (https://github.com/opnsense/core/issues/4923) to a separate branch. 2021-05-26 18:18:26 +02:00
Franco Fichtner
f845a4286a shell: fix restore copy; closes #5011 2021-05-26 10:16:54 +02:00
rawtaz
408ef03b6a
shell: Clarify revert to HTTP for web GUI question (#4992) 2021-05-17 18:42:36 +02:00
Ad Schellevis
714ad52b3a Firewall / alias - proper wildcard validation for https://github.com/opnsense/core/issues/4952 and make sure to obey ! when being provided. 2021-05-07 22:29:00 +02:00
Ad Schellevis
05d3224e70 Firewall / alias - calculate wildcard netmasks for https://github.com/opnsense/core/issues/4952 in alias backed code. 2021-05-03 18:33:14 +02:00
Franco Fichtner
3b2b03f380 src: whitespace and lint sweep 2021-05-02 17:36:38 +02:00
Ad Schellevis
2b976a491d System / Settings / Logging - targets: TLS trasnport, fix previous for https://github.com/opnsense/core/issues/4937 
(use generic system ca file)
 2021-04-30 18:52:47 +02:00
Ad Schellevis
64c2e02b0b System / Settings / Logging - targets: add TLS transport option 
closes https://github.com/opnsense/core/issues/4937
 2021-04-30 17:54:29 +02:00
Ad Schellevis
89a2a8d51b Firewall / Aliases - Dynamic Ipv6 fw rules handling 
for https://github.com/opnsense/core/issues/4923 , https://github.com/opnsense/core/pull/4941

o add validations for new type
o rename dyninterface to interface to make the attribute more generic (in case of future use)
o move address logic to interface class
 2021-04-29 15:56:14 +02:00
Martin Wasley
7311b413f6 Dynamic Ipv6 fw rules handling 
IPv6 Prefix changes by the ISP  cause any fw rules created for specific clients on the LAN interface(s) to become invalid.

Update AliasNameField.php

Remove fieldtype
 2021-04-29 15:56:14 +02:00
Franco Fichtner
0dbfddd864 firmware: exclude /etc/csh.cshrc for #4936 2021-04-22 17:16:10 +02:00
kulikov-a
f6c0fa88d1
download_blacklists.py: match whole entry (#4915) 
-match the entire string to prevent url entries
-add to skip stat if not match
 2021-04-11 20:15:39 +02:00
Franco Fichtner
35217ba0d1 firmware: if upstream package is missing complain; closes #4906 
This points to a configuration error that should be resolved one
way or another.
 2021-04-09 14:18:26 +02:00
Franco Fichtner
7d7aaa633d firmware: separate error for "forbidden" #4906 2021-04-09 14:06:27 +02:00
Franco Fichtner
2fe4de6819 firmwre: make this clearer 
Ideally, opnsense-update -M should replace this except
that -M is used to gain mirror access from other scripts
as well.  Need to think about it.
 2021-04-07 12:07:32 +02:00
Ad Schellevis
565688cb4a unbound / blacklists: cleanse domain input. change regex in https://github.com/opnsense/core/issues/4898 per suggestion @kulikov-a 2021-04-06 11:22:08 +02:00
Ad Schellevis
31a0c40e3f unbound / blacklists: cleanse domain input. closes https://github.com/opnsense/core/issues/4898 
o while here, add missing import as well
 2021-04-02 19:23:10 +02:00
Franco Fichtner
65ae6246e7 firmware: same here 2021-04-01 11:39:33 +02:00
Petr Kejval
5d908c7736
Fix missing ')' (#4884) 
dns blacklist : Fix missing ')' at the end of log line:
 2021-03-31 08:41:05 +02:00
Ad Schellevis
384018c522 System / Routes / Configuration - for dynamic gateways retour inet|inet6. closes https://github.com/opnsense/core/issues/4880 2021-03-30 17:04:34 +02:00
Erik Inge Bolsø
2ec2b3d8f7
firmware/health.sh: refine missing/invalid signature message (#4840) 2021-03-18 14:19:53 +01:00
Ad Schellevis
2cc77203b5 System/Diagnostics/Activity: "C" missing on a single core cpu, add default for https://github.com/opnsense/core/pull/4835 (take 2) 2021-03-17 18:47:13 +01:00
Ad Schellevis
907b587442 System/Diagnostics/Activity: "C" missing on a single core cpu, add default for https://github.com/opnsense/core/pull/4835 2021-03-17 18:42:16 +01:00
Ad Schellevis
aa6c44e767 minor fix for https://github.com/opnsense/core/pull/4763, mutable default argument (https://docs.python-guide.org/writing/gotchas/#mutable-default-arguments) 2021-03-14 12:46:27 +01:00
Ad Schellevis
21d6a5b386 Netflow aggregator: skip invalid record, another one for https://github.com/opnsense/core/issues/4796 2021-03-14 12:44:44 +01:00
Ad Schellevis
a8a7174c49 Netflow aggregator: skip invalid record, closes https://github.com/opnsense/core/issues/4796 2021-03-14 12:44:44 +01:00
Ad Schellevis
5a66dec5e1 Services / Intrusion detection: add new Abuse.ch feed ThreatFox to detect indicators of compromise 2021-03-14 12:44:43 +01:00
Robin Schneider
fcb6eaa9de Use HTTPS everywhere (mechanical edit using util from https-everywhere) (#4534) 2021-03-14 12:44:43 +01:00
Franco Fichtner
70059dc6b5 firmware: small issue with lost init of pipe #4500 2021-03-14 12:44:43 +01:00
Ad Schellevis
0d94d0aefb System / Routes / Status: remove entries directly connected to an interface, rework last commit for https://github.com/opnsense/core/issues/4721 2021-03-14 12:44:43 +01:00
Ad Schellevis
5126fe1658 System / Routes / Status: remove entries directly connected to an interface for https://github.com/opnsense/core/issues/4721 2021-03-14 12:44:43 +01:00