in some cases it can be practical to retrieve more debug output from the packet filter, in which case one can now enable this in the gui. The keepcounters toggle is added recently, it looks like an interesting option to being able to keep the rule statistics over reloads, if someone would like to try this, it makes sense to expose it to the gui as well (off by default).
We should restart when we need to these days, it messes with
virtual IP additions and it also breaks hashing for configuration
changes indicating there is no shift in prefix.
All supported types have been copied (more or less without modifications) from processhandler.py and ph_inline_actions.py. Ideally the inline part should be restructed at some point as well, one class per type is more clean, but to limit impact this only moves our options around.
Remove require_once and (most) internal knowledge about the data
fetch. If dhcpd was not there or another provider existed (e.g.
a different DHCP server) we can now grab all of its data at the
same time. Might also be needed when we move away from isc-dhcp.
We don't need to mask parameters here. The providers should
use the same argument count or default parameters if needed.
A single call cannot pass different arguments for different
providers of the same run task.
For most cases a single provider is set anyway or the data is
simple enough.
The reason this code existed was because plugins_run() was once
copied from plugins_configure() which may require this behaviour
but also has no return data.
With the default PHP settings, there is a 1% chance for the session gc
to trigger upon the start of a session, removing session files with
modification times older than 24 minutes. This can cause sessions to
timeout earlier than indicated by the webgui settings.
This commit offers support for deeper nested commands by simplifying the call flow of configd. Eventually we should try to make the action types more modular, but before doing that it makes sense to cleanup up what we have now first. Remove csconfigparser.py as we should be able to pass "optionxform" without wrapping the class as well.
- The "internally generated" ACL entries have been removed in favor of a wildcard (well, a wildcard and localhost)
- Users can now change the default action used by the wildcard: either allow, deny or refuse.
- The legacy implementation wasn't very strict (you could add an entry without any input), this does at least require a name and at least one network. To facilitate the migration, if the 'name' property was empty, it will be set to 'Unnamed ACL'. Entries without defined networks will be discarded without notice.
