lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-17 18:14:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
13,179 Commits 1 Branch 0 Tags
Commit Graph

13179 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alexander Shursha
4b60a9893e
Fix compare interfaces. (#5173) 2021-08-23 09:20:47 +02:00
Ad Schellevis
d0630be3b0 Firewall / Aliases - less excessive logging for async dns resolve (76b8ae4490) 2021-08-19 16:12:01 +02:00
Ad Schellevis
76b8ae4490 Firewall / Aliases - improve resolve performance by implementing async dns lookups. ref https://github.com/opnsense/core/issues/5117 
This will need a new version of py-dnspython (py-dnspython2 in ports) for dns.asyncresolver support. Some additional log messages have been added to gain more insights into the resolving process via the general log.
Intermediate results aren't saved to disk anymore, which also simplifies the resolve() function in the Alias class. An address parser can queue hostname lookups for later retrieval (see _parse_address()) so we can batch process the list of hostnames to be collected.
 2021-08-19 15:53:25 +02:00
Ad Schellevis
2872298658 OpenVPN validations - forgot to push a file for 1b9e263195 2021-08-19 15:53:25 +02:00
Franco Fichtner
d0cb843b07 console: bring interfaces up earlier, remove verbse text 
Both done to make the interface listing more compact and to remove
spurious lines so that the listing can be seen longer.
 2021-08-19 14:07:45 +02:00
Franco Fichtner
b91f9077f6 make: fix plist check on FreeBSD 13 2021-08-19 12:57:06 +02:00
Ad Schellevis
1b9e263195 OpenVPN - simplify cidr validation in openvpn_validate_cidr() and remove trim() to avoid illegal addresses being flushed to disk. closes https://github.com/opnsense/core/issues/5168 2021-08-18 15:11:11 +02:00
Ad Schellevis
4afaebf691 fix plist 2021-08-17 20:11:30 +02:00
Ad Schellevis
146166cc25 Authentication / LDAP (+TOTP), for consistency reasons keep ldap_sync_create_local_users on static system_authservers.php page, we currently don't have an option to manage dependancies in automatic fields. ref https://github.com/opnsense/core/issues/5116 2021-08-17 20:09:15 +02:00
Ad Schellevis
4414ffd81b Authentication / LDAP (+TOTP), allow automatic user creation when configured. closes https://github.com/opnsense/core/issues/5116 
o add "Automatic user creation" option in System/Access/Servers (for ldap + derivatives)
o simple detached flow, updatePolicies() calculates differences between local and remote group membership, when there is something to sync (remote groups exists) and a local user doesn't exist a configd signal is send to create a new empty user without rights and a random password.

The user_dn field isn't populated, although this will cost additional queries to the remote host, it might be worth the flexibility of allowing to move users to different auth scopes.
 2021-08-17 19:33:25 +02:00
Ad Schellevis
3bd36b5624 Interfaces - uniform test if interface is already assigned somewhere using new is_interface_assigned() funciton in utils.inc, implement check in openvpn client/server while here. closes https://github.com/opnsense/core/issues/5163 2021-08-17 12:30:42 +02:00
Franco Fichtner
588fbfbbc9 firmware: simplify repo file flush 2021-08-17 09:37:39 +02:00
Franco Fichtner
07d6658492 firmware: return ALTABI using -x #5144 2021-08-17 08:56:59 +02:00
Franco Fichtner
ac1cd84485 make: add a product_altabi setting if we want to split abis #5144 
This way we can keep track of the underlying ABI in case a business
version needs to find its way back to community ABI.

In general ALTABI is just the derived ABI version, i.e. the one that
shares the same build settings/packages/OS version.
 2021-08-17 08:53:22 +02:00
Franco Fichtner
b322ba9cf9 make: patch in business version numbers for CORE_NEXT #5144 2021-08-17 08:39:41 +02:00
James Golovich
f98f4e4f1e
Allow DNS resolver to skip entry on EmptyLabel (#4560) 
* Allow DNS resolver to skip entry on EmptyLabel

A name like '.example.com' is not a valid name, but should be handled like a non existant name instead of throwing an exception
 2021-08-16 19:10:07 +02:00
Ad Schellevis
cf489d1633 Interfaces - console setup. minor cleanups and fixes for https://github.com/opnsense/core/pull/4499 2021-08-16 18:23:57 +02:00
Simon
41a0a938f8
Add LAGG support to console (#4499) 2021-08-16 15:59:03 +02:00
Ad Schellevis
58186f8c4e Squashed commit of the following: 
commit 83171f8b1791aae87fc4dacedb6cc921101d8399
Author: Ad Schellevis <ad@opnsense.org>
Date:   Fri Aug 13 21:44:49 2021 +0200

    whitespace

commit 11990f462eaed9bc9cf2051a377d508a916a3945
Author: Ad Schellevis <ad@opnsense.org>
Date:   Fri Aug 13 21:40:24 2021 +0200

    OpenVPN - cleanups for https://github.com/opnsense/core/pull/4592

    simplify flush tls keys.

commit 74db015f0c9963b53b1d3ea8923e1d89899d04a3
Author: Ad Schellevis <ad@opnsense.org>
Date:   Fri Aug 13 21:39:28 2021 +0200

    OpenVPN - cleanups for https://github.com/opnsense/core/pull/4592

    refactor vpn_openvpn_client.php a bit, fix jquery change events.

commit 48c77d600bd194a65fb996c2e767c3b3bc37f81b
Author: Ad Schellevis <ad@opnsense.org>
Date:   Fri Aug 13 21:15:00 2021 +0200

    OpenVPN - cleanups for https://github.com/opnsense/core/pull/4592

    refactor vpn_openvpn_server.php a bit, fix jquery change events.

commit 58f98abf4bddee349cc59a07266f7d9c1b5914d9
Author: vnxme <46669194+vnxme@users.noreply.github.com>
Date:   Wed Feb 10 17:52:31 2021 +0300

    OpenVPN: Enhance configuration - TLS-Crypt

    Ensure backwards compatibility

commit 25a1c6ebf12971b1337a3ea65e31e61a38505c0f
Author: vnxme <46669194+vnxme@users.noreply.github.com>
Date:   Tue Jan 12 12:15:36 2021 +0300

    OpenVPN: Enhance configuration - TLS-Crypt

    Make available both --tls-auth and --tls-crypt configuration options
 2021-08-13 21:50:23 +02:00
Franco Fichtner
14462382dc interfaces: correct indent in dhclient configuration 2021-08-13 13:27:23 +02:00
Gareth Owen
3ca57fae8b
DHCP: Update DNS with hostname only static entries (#4689) 
DHCP static mappings that have a hostname configured but no IP address,
now update the Outbound DNS entry with the IP assigned from the pool
 2021-08-12 16:52:45 +02:00
Nikolay Denev
a31ec3c1ec
Allow to specify port ranges for outgoing NAT. (#4748) 
This allows to specify port ranges for NAT which is a valid pf configuration.
 2021-08-12 16:43:33 +02:00
Alexander Shursha
62bebdf335
Translate widget Firewall Log. (#4965) 2021-08-12 16:31:42 +02:00
Robin Schneider
93902cc7d5
Traffic: Fix long comment preventing ipfw reload (#5023) 
It seems that comments are limited in ipfw to 80 chars which is not
documented (at least not in the manpage `ipfw(8)`). If users
accidentally use long traffic shaper rule descriptions this limit could
be reached causing updates via the GUI apply button to be silently
ignored which will cause confusion.

`ipfw /usr/local/etc/ipfw.rules` shows the following error:

    Line 77: comment too long (max 80 chars)

and exists with edit code 65.

Interestingly, a slice of up to `0:83` still works. As this is
undocumented and the error says max 80 chars I go with something
slightly below this max to account for the whitespace.
 2021-08-12 16:29:56 +02:00
a3be99d8dc
Adding additional memory cache options for squid webproxy (#5160) 2021-08-12 16:05:00 +02:00
Franco Fichtner
8904cae0ed interfaces: finally use -M now that we have a compat shim; closes #4850 2021-08-12 10:51:41 +02:00
Franco Fichtner
68d6d3ad50 system: accept a valid POST request please 2021-08-12 10:28:42 +02:00
Franco Fichtner
8fb15789aa system: change rss widget feed to forum annoucements 2021-08-12 10:18:02 +02:00
Franco Fichtner
20b1f87d88 interfaces: style sweep 2021-08-11 07:58:10 +02:00
Franco Fichtner
fb133e494f dhcp: another refactor fail 2021-08-11 07:55:50 +02:00
Ad Schellevis
25e0a639fa Interfaces / LAGG: improve configurability, closes https://github.com/opnsense/core/issues/5157 
o add Use flowid and Use strict options
o extend interfaces overview with various lagg properties
o show unassigned interfaces in overview so lagg parents are always visible
o fix collapse event in overview to reference by internal name in stead of description.
 2021-08-10 18:36:43 +02:00
Franco Fichtner
6abd2f2ac1 Framework: name and depends targets are no longer needed 
use -v CORE_NAME and -v CORE_DEPENDS to read them...
 2021-08-10 16:50:28 +02:00
Franco Fichtner
2534705523 dhcp: wrong file for IPv6 2021-08-10 11:22:59 +02:00
Franco Fichtner
c48244ecfa dhcp: lease removal needs a wrapper too 2021-08-10 11:21:34 +02:00
Franco Fichtner
867faa661f dhcp: unify lease parsing loosely related to #4985 
While here drop magic in dhcp_clean_leases() and fix
artefacts surfaced by this removal in the leases page.
 2021-08-10 11:13:26 +02:00
Ad Schellevis
92ea650888 IPsec: add "automatic" type to trust Strongswan's parser, see discussion in https://github.com/opnsense/core/issues/5155 2021-08-10 10:50:17 +02:00
Ad Schellevis
d5c090b38e IPsec: remove quoting remark in previous commit ( https://github.com/opnsense/core/issues/5155 ) 2021-08-09 15:34:46 +02:00
Ad Schellevis
9963de28c0 IPsec: fix identity quoting for asn1dn and fqdn types. close://github.com/opnsense/core/issues/5155 2021-08-09 15:08:49 +02:00
Franco Fichtner
f03d978bb0 lobby: typo 2021-08-09 09:07:00 +02:00
kulikov-a
3f73088673
rulecache.py: skip empty metadata (#5148) 2021-08-08 11:12:48 +02:00
kulikov-a
27fdfe49c3
Aliases progress bar: small suggestions (#5149) 
* alias.volt: change a bit
* pftablecount.py: count all tables from -vvsT
 2021-08-08 10:47:17 +02:00
Franco Fichtner
4a919798e2 pkg: fix plist 2021-08-08 08:52:11 +02:00
Ad Schellevis
9b31fad9ed Squashed commit of the following: 
commit 9158a0618f7c7943a10fbcdf7b8a4950844d6133
Author: Ad Schellevis <ad@opnsense.org>
Date:   Sat Aug 7 22:35:00 2021 +0200

    Firewall / aliases - simplify and change https://github.com/opnsense/core/pull/5142 a bit

commit 72ad80b072e11e8ad58a82f59a395c9961eef386
Author: kulikov-a <36099472+kulikov-a@users.noreply.github.com>
Date:   Wed Aug 4 23:29:09 2021 +0300

    alias.volt: add limits progress bar

commit 6ba824471d9fc6186775dc6bdab815b4d1af0ce9
Author: kulikov-a <36099472+kulikov-a@users.noreply.github.com>
Date:   Wed Aug 4 23:09:17 2021 +0300

    AliasController.php: add getRecordsAction

commit 76de5668ff1f1225f32bd3abfc76f91c3500d753
Author: kulikov-a <36099472+kulikov-a@users.noreply.github.com>
Date:   Wed Aug 4 23:02:23 2021 +0300

    pfrecords.py: show tables load stats

commit 9719a8d31fd127a621c1cea219c9cd6c42bd852b
Author: kulikov-a <36099472+kulikov-a@users.noreply.github.com>
Date:   Wed Aug 4 23:00:02 2021 +0300

    actions_filter.conf: add pfrecords.py action

commit f106c8db128b3cdbdfb4ec79e766b84f120d4510
Author: kulikov-a <36099472+kulikov-a@users.noreply.github.com>
Date:   Wed Aug 4 22:40:11 2021 +0300

    update_tables.py: send error to syslog, stats file
 2021-08-07 22:41:11 +02:00
Franco Fichtner
25b98610da src: another typo 
PR: https://forum.opnsense.org/index.php?topic=24262.0
 2021-08-06 22:00:04 +02:00
Franco Fichtner
d824e7163b unbond: fix "terrible" typo 
PR: https://forum.opnsense.org/index.php?topic=24262.0
 2021-08-06 21:42:09 +02:00
Franco Fichtner
0304b783a4 shell: when reloading reload all reachable via rc.freebsd too 
PR: https://github.com/opnsense/core/issues/5136
 2021-08-06 08:10:14 +02:00
Franco Fichtner
9506f4c1c6 firmware: now that we use TEE we should define it #5136 2021-08-05 14:27:30 +02:00
Franco Fichtner
af7543e79b firmware: visibility issue on #5136 2021-08-05 13:05:23 +02:00
Franco Fichtner
1c895ed435 firmware: also check plugins for up to date core pkg #5136 2021-08-05 10:05:23 +02:00
Franco Fichtner
4ff5fe0365 openvpn: same same but different 2021-08-05 09:58:55 +02:00