lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-19 19:15:22 +00:00
Code Issues Packages Projects Releases Wiki Activity
17,064 Commits 1 Branch 0 Tags
Commit Graph

17064 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stephan de Wit
31380e4f6d dashboard: remove dots from traffic graphs 2024-08-05 13:23:18 +02:00
Franco Fichtner
929d779b75 system: add publish date to annoucement 
Some minor style changes, now clicks date instead of title.

PR: https://forum.opnsense.org/index.php?topic=41972.0
 2024-08-05 12:09:07 +02:00
Franco Fichtner
b9f2b5b1e0 system: better change type too #7657 2024-08-05 11:38:36 +02:00
Franco Fichtner
24433b9c1f system: rename "Core" to "CPU" to force ambiguity #7657 
The sysctls specify "cpu" so it makes sense to follow that especially
since some systems will report the same temperature for the HT sibling
so it's not a core it's a thread.
 2024-08-05 11:30:45 +02:00
Monviech
8ed829be05
dashboard: monit widget: Invert the logic of success and failed 
When a status code is not mapped, it will always fall back to failed in the tooltip,
and text-danger as color. Fixes issue with ping check, the status is 16384 when
failed. Since it can be assumed that all statuses other than 0 are bad, this change
in logic seems pragmatic. (#7705)
 2024-08-05 11:16:08 +02:00
Stephan de Wit
7b53fc7fa7 dashboard: clean up previous 2024-08-05 11:10:52 +02:00
Stephan de Wit
4bd6ad3cde dashboard: allow and persist vertical resize 2024-08-05 11:09:50 +02:00
Ad Schellevis
3245ac209a VPN: OpenVPN: Instances - DCO mode only support UDP on FreeBSD, closes https://github.com/opnsense/core/issues/7718 
for more info, see https://community.openvpn.net/openvpn/wiki/DataChannelOffload/Features
 2024-08-05 09:58:55 +02:00
Ad Schellevis
2d8aff2fe5 Firewall: Aliases - parse aliases in /etc/services, closes https://github.com/opnsense/core/issues/7694 2024-08-05 09:49:03 +02:00
Franco Fichtner
c793d2b3f3 ipsec: empty comment 2024-08-05 08:03:28 +02:00
Ad Schellevis
e7c7e22a7b System: Configuration: History - prevent endpoint sending data without giving the Response object the chance to flush its headers. 2024-08-04 18:25:16 +02:00
Ad Schellevis
790a32c916 Interfaces: Diagnostics: Packet Capture - make sure Response->send() is properly called, likely fix for https://github.com/opnsense/core/issues/7714 2024-08-04 18:17:39 +02:00
Ad Schellevis
f0ad49ab28 Services: Kea DHCP: Kea DHCPv4 - ignore non valid hostnames in staticmap to prevent unbound(/dnsmasq) from crashing, closes https://github.com/opnsense/core/issues/7712 2024-08-04 14:09:24 +02:00
Ad Schellevis
66c6d2555f VPN: IPsec: Advanced Settings - add Retransmission settings in charon section. closes https://github.com/opnsense/core/issues/7648 
Offer tunables to configure how retransmissions are handled, as documented in https://docs.strongswan.org/docs/5.9/config/retransmission.html
 2024-08-03 16:47:32 +02:00
Ad Schellevis
2c60ff3d5f VPN: IPsec: Advanced Settings - skip empty values and leave them default when generating strongswan.conf via our model. for https://github.com/opnsense/core/issues/7648 2024-08-03 16:45:29 +02:00
Ad Schellevis
b3aa910438 System: Trust: Certificates - export p12 resulted in mangled binary blob. closes https://github.com/opnsense/core/issues/7703 
It looks like out atob() resulted in sending broken data back to the client, the easiest way to prevent this is to keep our endpoint b64 encoded data as is and let the client handle it.
Accoring to https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/Data_URLs, we should be able to suffix ;base64 in these cases.

While here, also make sure the result status is as expected.
 2024-08-03 14:29:26 +02:00
Ad Schellevis
809e3be395 VPN: IPsec: Status Overview - add aggregated totals to phase 1 view (total bytes, max time). 2024-08-02 21:37:03 +02:00
Franco Fichtner
af74aa42ab system: fix display of multiple sources in thermal sensor widget 
PR: https://www.reddit.com/r/opnsense/comments/1eb1mhj/comment/lg3ru1o/
 2024-08-02 13:08:04 +02:00
Franco Fichtner
6f10caef26 system: adjust address display in interfaces widget #7707 2024-08-02 11:08:37 +02:00
Franco Fichtner
ec7d2f9ac1 system: when interface is omitted pull all interface addresses 
Also fix silly inconsistency on empty array to JSON.
 2024-08-02 10:28:57 +02:00
Franco Fichtner
80914fe00d interfaces: extend the backend job accordingly 2024-08-02 09:02:34 +02:00
Franco Fichtner
f987804668 system: allow to request both -46 in one run from pluginctl 
This changes presentation but makes it slightly more consistent
in JSON output.
 2024-08-02 09:00:26 +02:00
Franco Fichtner
12db8b5b2b system: patch -6 address support into pluginctl 2024-08-01 22:02:35 +02:00
Ad Schellevis
9b112c1c20 System: Trust: Certificates - better define "in use" flag and safety guards. closes https://github.com/opnsense/core/issues/7702 2024-08-01 18:48:20 +02:00
Franco Fichtner
9240c5a15c firewall: show inspect in xs, it does show two columns 
PR: https://forum.opnsense.org/index.php?topic=41882.0
 2024-08-01 08:10:13 +02:00
Ad Schellevis
2ad84c1932 VPN: OpenVPN: Client Export - use new trust model to link users by common_name. closes https://github.com/opnsense/core/issues/7696 
It looks like we left some old code in the openvpn export, since our model parses the certificate data already, we should be able to reuse the same data for a more consistent approach.
Common name is the only relevant linking pin between a user and the certificate, which also means there can only be one link. To avoid api breakage, keep the return format as it was, but make sure we only return one name when found. In the long run we might consider changing the ui to just mark the record with an icon so the user knows an entity exists.
 2024-07-31 20:46:29 +02:00
Franco Fichtner
aadc34d6a0 interfaces: extend does_interface_exist slightly related to #7692 2024-07-31 12:07:03 +02:00
Franco Fichtner
4501c593ec system: guard destroy on traffic widget 
PR: https://forum.opnsense.org/index.php?topic=41729.msg205775#msg205775
 2024-07-31 09:52:55 +02:00
Franco Fichtner
f827497f15 system: actually required 2024-07-31 09:22:57 +02:00
Franco Fichtner
f9ed428138 system: allow debug kernels not to panic too soon 
This requires KASSERT_PANIC_OPTIONAL but it also allows us
to trace actual non-INVARIANTS panics seen in the wild without
running into INVARANTS panics that may or may not be related.
 2024-07-31 08:35:05 +02:00
Jonny5
d2ef070687 Update suricata.yaml and remove two deprecated settings and add a few useful settings (#7667) 2024-07-29 13:51:50 +02:00
Franco Fichtner
973e744fb0 system: increase widget timeout to 5 seconds 
Start with a small increase here.
 2024-07-29 12:27:12 +02:00
Franco Fichtner
804be3bb7e src: mop up after IPsec settings conversion 2024-07-29 08:27:26 +02:00
Ad Schellevis
7a7e81c777 VPN: IPsec: Advanced Settings - mvc conversion, for https://github.com/opnsense/core/issues/7648 
move legacy settings to mvc including conversion, also expose some of our staticly configured strongswan.conf settings into the form for clarity.
 2024-07-28 20:22:16 +02:00
Franco Fichtner
287c13beb8 interfaces: avoid touching SLAAC address for now 2024-07-27 10:03:45 +02:00
Ad Schellevis
897d3cce3a MVC: Response->setContentType() default to empty, closes https://github.com/opnsense/core/pull/7655 2024-07-26 10:31:01 +02:00
Ad Schellevis
724f8494d6 webgui: long lasting calls and locking the request pipeline. work-around for https://github.com/opnsense/core/issues/7651 
The number of php processes we offer to lighttpd is quite low (2 x 3), which results in a global lock when 2 dashboards are open at the same time.
Although we should increase the limit, we also should figure out a way to limit the number of long running processes as well.
 2024-07-26 08:53:01 +02:00
Franco Fichtner
678eaf2fb9 system: cores and threads flipped 2024-07-26 08:23:28 +02:00
Ad Schellevis
89135cdc7b VPN: OpenVPN: Servers [legacy] - disable DCO, only supported for new instances (and prevents server startup for tun devices). 2024-07-25 19:41:10 +02:00
Franco Fichtner
c95f42b84d firmware: remove upgrade hint and revoke old fingerprints 2024-07-25 19:39:12 +02:00
Franco Fichtner
482b9d0361 make: switch to 24.7 track 2024-07-25 19:34:06 +02:00
Ad Schellevis
9024abe3f8 MVC: fix API regression caused by d7d016f400, closes https://github.com/opnsense/core/issues/7645 2024-07-25 13:45:35 +02:00
b0nes
ba49c8b65f
Add monitor IP to API results. (#7646) 
Co-authored-by: Herman Bonnes <herman@sentillia.com>
 2024-07-25 13:22:09 +02:00
Ad Schellevis
95812e2786 Interfaces: Virtual IPs: Settings - polish diff calculation a bit when using the new peer settings (avoid re-apply when unchanged) 2024-07-25 13:17:27 +02:00
Ad Schellevis
cca9149e05 Firewall: NAT: One-to-One - fix migration issue, in the old setup external without a subnet wsa also a valid option... 2024-07-25 10:18:58 +02:00
Franco Fichtner
db192a6140 system: swtich twitter to reddit; closes #7643 2024-07-24 22:14:46 +02:00
Franco Fichtner
94a9231a8f system: fix disk widget glitching during install 
"B" unit was not properly handled during multiplication.  ;)
 2024-07-24 08:14:56 +02:00
Franco Fichtner
a2e1ae103c firmware: point to the flexible 24.7 release from 24.1's perspective 2024-07-23 13:39:54 +02:00
Ad Schellevis
228ccc0722 VPN: OpenVPN: Client Export - dev_type should be constraint to either tun or tap, DCO uses ovpn, which equals tun for the client 2024-07-23 12:08:58 +02:00
Franco Fichtner
7669567944 interfaces: refuse to set an empty MAC address 
This goes for the LAGG claming their original hardware address
is zeroed which is true but not really helpful at all, but also
for when this MAC address was requested by the user in the settings
which likely makes it stop working altogether anyway.
 2024-07-23 10:00:03 +02:00