lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-14 00:24:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
11,226 Commits 1 Branch 0 Tags
Commit Graph

11226 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ad Schellevis
387d41d768 Syslog, missing <PRI> in legacy output, leading to extensive logging. closes https://github.com/opnsense/core/issues/3616 2019-07-31 11:11:00 +02:00
Ad Schellevis
cb786592df Firewall, in some cases DHCPv6 server rules are generated without an active server or relay configured. closes https://github.com/opnsense/core/issues/3591 2019-07-30 18:33:35 +02:00
Ad Schellevis
e4b5133cdd Captive portal, python 3 issue, trying to read script as binary. for https://github.com/opnsense/core/issues/3612 2019-07-30 17:00:37 +02:00
Ad Schellevis
534f3c870e Filter, rule overview, show automatic rules targetting all interfaces in Floating section (slightly related to https://github.com/opnsense/core/issues/3594) 2019-07-30 14:04:19 +02:00
Ad Schellevis
f8d5c01a6f Filter, automatic rules. "let out anything from firewall host itself (force gw)" not visible, since its not bound to the interface. Although we might want to show all rules without interface as well, the gateway rule belongs to the interface as the interface address is used as from address 2019-07-30 11:57:47 +02:00
Ad Schellevis
521b740338 mvc, opnsense_ui.js fix initFormAdvancedUI() on initial load (duplicating <tr data-advanced='hidden_row'></tr> tags) 2019-07-30 10:46:03 +02:00
jayantsahtoe
5866de72c9 Update dhcpd.inc (#3610) 
DHCP-relay service will fail with the following error if DHCP server IP is know in static route:

dhcrelay: Can't attach interface {ifname} to bpf device /dev/bpf0: Device not configured

This is the only place where get_real_interface( ) isn't used
 2019-07-29 16:11:04 +02:00
Ad Schellevis
440f957e5c
Captive portal: optimise ipfw rule parsing. for https://github.com/opnsense/core/issues/3559 (#3608) 
Our current generated ruleset creates two count rules to match incoming and outgoing traffic to and from the client for accounting purposes. Since ipfw doesn't support table stats, the options are limited to know the amount of traffic processed and last accessed times.

This patch basically replaces the accounting section with seperate blocks, which are jumped to using the exising table (which contains address + rulenumber now), logically this would lower the time needed to parse the accounting section (since only the count rules for the specif ip's are evaulated now).

In terms of ruleset, this will generate 3 rules per address (count from, count to and jump to end of ruleset), like:

```
30001   342    27744 count ip from xxx.xxx.xxx.xxx to any
30001  1194   225783 count ip from any to xxx.xxx.xxx.xxx
30001  1536   253527 skipto 60000 ip from any to any       [ <--- NEW ]
```

Since we need the address to collect rules, we can't simply this count to one rule (IPFW.list_accounting_info() parses the address from the ruleset).

Our per zone "skipto" section, uses a tablearg in stead of static rule number now:

```
03001  2362   386004 skipto tablearg ip from table(1) to any via em2
03001  5701  4761746 skipto tablearg ip from any to table(1) via em2
```
 2019-07-29 09:10:01 +02:00
Ad Schellevis
7a5a573288 IDS/IPS: rule-updater. When there's nothing to download, required (extra) files where removed on update, while here, also make sure that required files are also downloaded when not on disk yet. 
ETPro Telemetry uses this to collect its own sids, so we only communicate communicate about alerts actually in this specific set.
 2019-07-26 21:36:42 +02:00
Ad Schellevis
43c591c0a9 mirror (Aivian) not active anymore 2019-07-26 21:14:58 +02:00
Ad Schellevis
f5c2f7760b list_arp.py oops, forgot the hostname clause. for https://github.com/opnsense/core/issues/3595 2019-07-26 21:08:46 +02:00
Ad Schellevis
35849fdc30 Filter, although it shouldn't be possible to write newlines in a description, we better make sure they can't be flushed to disk. 2019-07-26 15:02:52 +02:00
Ad Schellevis
8d22e9f0af firewall, nat. no need to substr() filter descriptions. closes https://github.com/opnsense/core/pull/3600 2019-07-26 14:52:17 +02:00
Ad Schellevis
c94c09e92c System->Settings->General:DNS gateway, remove disfunctional fuzzy logic and just save the correct gateway content. Since we always redirect after POST, there's absolutely no need to prepare $pconfig. closes https://github.com/opnsense/core/issues/3599 2019-07-26 12:06:08 +02:00
Ad Schellevis
eb0e73607e use shared dhcpd lease reader in list_arp.py, closes https://github.com/opnsense/core/issues/3595 2019-07-26 11:34:02 +02:00
Ad Schellevis
d81d6a7a31 Firewall, source nat, should only show usable addresses in outbound rules. closes https://github.com/opnsense/core/issues/3596 2019-07-25 12:51:06 +02:00
Ad Schellevis
3a0b9e1620 arp list, first dhcp lease missing in list_arp.py, closes https://github.com/opnsense/core/issues/3595 2019-07-25 08:30:16 +02:00
Ad Schellevis
9a4be6f2e3 python3: replace subprocess.call in src/opnsense/scripts/system/* for https://github.com/opnsense/core/issues/3574 2019-07-23 18:43:35 +02:00
Ad Schellevis
cf3b447275 python3: replace subprocess.call in src/opnsense/scripts/netflow/* for https://github.com/opnsense/core/issues/3574 2019-07-23 18:40:14 +02:00
Ad Schellevis
3ef43db376 python3: replace subprocess.call in src/opnsense/scripts/routes/show_routes.py for https://github.com/opnsense/core/issues/3574 2019-07-23 18:30:54 +02:00
Ad Schellevis
117e64bd2f python3: replace subprocess.call in src/opnsense/scripts/unbound/wrapper.py for https://github.com/opnsense/core/issues/3574 2019-07-23 18:24:25 +02:00
Ad Schellevis
c0a2f87471 python3: replace subprocess.call in src/opnsense/scripts/ipsec/* for https://github.com/opnsense/core/issues/3574 2019-07-23 18:18:29 +02:00
Ad Schellevis
83cfd4d13c python3: replace subprocess.call in src/opnsense/scripts/systemhealth/* for https://github.com/opnsense/core/issues/3574 2019-07-23 18:14:17 +02:00
Ad Schellevis
e8bc2cf7e3 python3: replace subprocess.* in src/opnsense/scripts/OPNsense/CaptivePortal/* for https://github.com/opnsense/core/issues/3574 2019-07-23 18:08:39 +02:00
Ad Schellevis
867856733b python3: replace subprocess.call in src/opnsense/scripts/filter/* for https://github.com/opnsense/core/issues/3574 2019-07-23 16:32:17 +02:00
Ad Schellevis
2f69282b28 python3: replace subprocess.call in src/opnsense/scripts/interfaces/* for https://github.com/opnsense/core/issues/3574 2019-07-23 16:29:51 +02:00
Ad Schellevis
d241a64138 status_interfaces.php align output more to actual ifconfig results: 
* add additional virtual addresses
* add netmask on link-local
* remove seperate netmask row, add to address where it belongs
* add mtu value when set
* add carp attributes (status, vhid, advbase, advskew)
 2019-07-23 12:06:16 +02:00
Ad Schellevis
25728c5daa interfaces.lib.inc, fix and extend carp output in legacy_interfaces_details(), so we can use the proper values in status_interfaces.php 2019-07-23 11:48:17 +02:00
Ad Schellevis
32268f0530 Syslog-NG, fix search stats 2019-07-22 16:52:49 +02:00
Franco Fichtner
d6f3c1a7a8 src: style sweep 2019-07-22 16:28:20 +02:00
Ad Schellevis
398e00c0bc Syslog, fix some typos preventing proper stop/start/restart. 2019-07-22 16:25:55 +02:00
Ad Schellevis
f56cc1b92f Filter: livelog, skip illegal log lines 2019-07-22 14:05:25 +02:00
Ad Schellevis
64858b5c58 IPsec, ditch globals from legacy include causes strange behaviour on bootup, closes https://github.com/opnsense/core/issues/3582 2019-07-22 13:27:34 +02:00
Ad Schellevis
d48cfed48c RADVD, reallocate advanced option to the correct config section. for https://github.com/opnsense/core/issues/3589 2019-07-22 09:36:55 +02:00
Ad Schellevis
9287b5588e Insight, missed a line in fabaef0a43 for https://github.com/opnsense/core/issues/3587 2019-07-22 09:14:54 +02:00
Ad Schellevis
6b1f3e60b9 Insight, increase wait time between parses. ref https://github.com/opnsense/core/issues/3587 
previously we always waited 15 seconds between cycles, now we calculcate the time to wait with the time spend for the previous cycle.
 2019-07-19 18:18:11 +02:00
Ad Schellevis
fabaef0a43 Insights, small optimalisation for flowd_aggregate.py, pass last received timestamp to flowparser, so we can skip a bit of processing when the data isn't relevant. for https://github.com/opnsense/core/issues/3587 2019-07-19 17:44:44 +02:00
Ad Schellevis
1e8ebbfc0d IPSec, NAT before IPsec changes as discussed https://github.com/opnsense/core/issues/1773#issuecomment-513239146 2019-07-19 16:24:59 +02:00
Ad Schellevis
c5b41f098e filter. outbound nat can be empty in some old configurations, better to check property before reading and treat empty as "automatic" (to match the ui presentation). closes https://github.com/opnsense/core/issues/3586 2019-07-19 14:58:29 +02:00
Ad Schellevis
30a55363ae IPSec, nat before IPsec, try to work around a current known limitation. ref https://github.com/opnsense/core/issues/1773 2019-07-19 09:12:51 +02:00
Franco Fichtner
b7f160e0a2 make: fix Python binary name 2019-07-19 01:04:32 +02:00
Franco Fichtner
afe3c3a6cb system: break out system_trust_configure() 2019-07-18 22:24:50 +02:00
Franco Fichtner
7b14d1b26b rc: do not use syslog-ng in this section (yet); closes #3577 2019-07-18 21:09:39 +02:00
Franco Fichtner
ec904bdb43 system: fix group priv print and redirect after edit 2019-07-18 17:13:59 +02:00
Franco Fichtner
570227e4d4 system: scoped IPv6 "%" could confuse mwexecf(), use plain mwexec() 2019-07-18 14:51:08 +02:00
Ad Schellevis
981a718da0 squid, ssl_crtd is called security_file_certgen in squid 4 it seems, for https://github.com/opnsense/core/issues/3584 2019-07-18 14:15:41 +02:00
Ad Schellevis
2ff5ec429d Gateways, dynamic generated gateways could duplicate. don't add a "virtual" item when the name is already defined in the static config 2019-07-18 13:51:45 +02:00
Ad Schellevis
8aedc0f0d3 filter, rules page. html escape dynamic entries to display aliases. ref https://github.com/opnsense/core/issues/3581 2019-07-18 12:59:35 +02:00
Ad Schellevis
3987cd2097 Gateways, missing dynamic property on stored dynamic items. 2019-07-18 12:43:02 +02:00
Ad Schellevis
9700e4d64d forgot one in previous 2019-07-18 11:35:29 +02:00