lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-18 02:25:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
10,430 Commits 1 Branch 0 Tags
Commit Graph

3454 Commits

Author SHA1 Message Date
Ad Schellevis
538b74ca63 escaping, b24e7acf3f (commitcomment-32490347) 2019-02-27 09:00:48 +01:00
Ad Schellevis
b24e7acf3f legacy_html_escape_form_data() add ENT_QUOTES to avoid certain escaping issues 2019-02-26 19:58:42 +01:00
Ad Schellevis
a0fb31c652 "Reset usb on boot" add sleep, since we can't seem to detect the initial usb detection is still active.... 
Sample errors while booting:
--------------------------------------------------------------------------------
usbd_setup_device_desc: getting device descriptor at addr X failed, USB_ERR_IOERROR
usbd_req_re_enumerate: addr=X, set address failed! (USB_ERR_IOERROR, ignored)
 2019-02-25 18:38:53 +01:00
Ad Schellevis
6dd8bbe14b System->Settings->Miscellaneous : add "Reset usb on boot" option 
While testing 4g modems, it seems that initial device detection isn't flawless leading to USB_ERR_IOERROR failures and non functional modems.
Most likely cause of these issues seems to be that some devices need a bit of time between powering the bus and performing registration.

This option adds an early boot script, which optionally performs a usbconfig reset on boot.
 2019-02-25 16:49:25 +01:00
Ad Schellevis
ddca8d4350 web proxy, move pam to template 2019-02-25 09:55:41 +01:00
Franco Fichtner
7a6ccaf029 web proxy: simplify to avoid confusion 2019-02-25 08:41:58 +01:00
Franco Fichtner
75c3100ba7 interfaces: move mpd.script to scripts dir 
mpd5 is started with -d /var/etc so it expects mpd.script to be there.
Some small simplifications along the way.
 2019-02-25 08:23:50 +01:00
Franco Fichtner
cfc95122f2 interfaces: move ppp-related scripts to proper location 
sbin/ is for console-bound binaries.
 2019-02-25 08:23:50 +01:00
Franco Fichtner
63ed46dcea system: small cleanups in session file handling 2019-02-25 07:06:05 +01:00
Franco Fichtner
96683647f5 openvpn: try to "solve" get_failover_interface() issues 
This seems to be a cosmetic cleanup.  get_failover_interface()
is used incorrectly but then merely seems to be used to look
up IPv4 connectivity to make a "smart" decision about resync
duties.

A few annoying and disabled line removals while here.
 2019-02-25 05:42:21 +01:00
Franco Fichtner
6a4fa40e72 interfaces: small audit of get_failover_interface() 2019-02-24 20:58:36 +01:00
Ad Schellevis
c920004d12 proxy/auth, work in progress https://github.com/opnsense/core/issues/3242 create pam helper for squid 
todo:
* add userHasPrivilege($user, "user-proxy-auth") replacement
* change squid template to pam, as long as the template isn't changed, this service doesn't do anything
 2019-02-24 19:45:38 +01:00
Ad Schellevis
91be9a6974 python 2-->3 / configd 
First (functional) attempt, this needs to stay on devel for some time there might be dragons ;)

src/etc/rc.d/configd --> command_interpreter could cause restart issues after an upgrade, the rc system doesn't like command changes it seems. Maybe not a real world problem, just haven't tried it yet.
unit tests are somewhat functional, although generating all templates will likely fail, since the test config doesn't include all data involved.
 2019-02-22 21:03:42 +01:00
Ad Schellevis
a22e5a7690 php session, fix previous 2019-02-18 14:46:47 +01:00
Ad Schellevis
426b0e1ea6 Revert "php session path, 3eba9a739e" 
This reverts commit 545f29a7d2a883696f4923286bbb21dd9e5618d6.
 2019-02-18 14:43:42 +01:00
Ad Schellevis
545f29a7d2 php session path, 3eba9a739e 2019-02-18 14:03:55 +01:00
Ad Schellevis
7d5b9df0d9 php, session.savepath, add to recover as discussed 3eba9a739e (commitcomment-32356556) 2019-02-18 11:50:00 +01:00
Ad Schellevis
3eba9a739e php, move session files into it's own directory 2019-02-17 18:37:51 +01:00
Ad Schellevis
969f4523d5 certs.inc, make sure create_temp_openssl_config() can't wrap lines 2019-02-17 15:57:31 +01:00
Ad Schellevis
621f84e900 legacy_config_get_interfaces, let's make sure we don't stumble over an empty interface, closes https://github.com/opnsense/core/issues/3231 2019-02-15 11:01:40 +01:00
Franco Fichtner
156d6f7287 openvpn: daemon is already in the config #3223 2019-02-14 18:58:59 +01:00
Franco Fichtner
bbe0592b83 system: syslog doesn't need background job 
The foreground option is -F so we double-background it...
 2019-02-14 18:57:42 +01:00
Franco Fichtner
c217bee6f2 openvpn: proper daemonize instead of background job #3223 2019-02-14 18:37:36 +01:00
Franco Fichtner
f10b710a58 openvpn: remove stale PID file as well 
PR: https://github.com/opnsense/core/issues/3223
Suggested by: @marjohn56
 2019-02-14 18:22:18 +01:00
Franco Fichtner
5bc3ed8ccf src: style sweep 2019-02-14 18:08:59 +01:00
Ad Schellevis
2eabec274f temp fix for https://github.com/opnsense/core/issues/3222, partly revert adf314a4ab 2019-02-14 10:29:45 +01:00
Ad Schellevis
67f4948670 OpenVPN, extract ca chain for https://github.com/opnsense/core/issues/1487 2019-02-13 11:19:13 +01:00
Ad Schellevis
b424a2f9b3 defaults, more hardened defaults, prevent icmp redirects being send. 2019-02-13 09:57:40 +01:00
Franco Fichtner
7f3f522673 dhcp: style 2019-02-12 07:05:28 +01:00
Ad Schellevis
287851c52b HAsync, minor cleanups 2019-02-11 22:26:55 +01:00
Ad Schellevis
7b16b99b73 Merge branch 'feature/3034' of https://github.com/MichaelDeciso/core into MichaelDeciso-feature/3034 2019-02-11 22:06:45 +01:00
Franco Fichtner
da690969c4 rc: move all template generation to early 
It's unlikely the config.xml will change and backup scripts in
early are going to need it anyway.
 2019-02-10 13:14:24 +01:00
Ad Schellevis
afcbdee036 Auth cleanup, ditch ldap_setup_caenv() in favour of LDAP->setUpCaEnv(), for https://github.com/opnsense/core/issues/3206 2019-02-09 22:03:52 +01:00
Ad Schellevis
f2be8ad1b6 fix failover_peerip logic in services_dhcpdv4_configure() 2019-02-08 16:15:48 +01:00
Fredrik Rönnvall
85d2657ce6 Fix behaviour of determining dhcp primary/secondary 
When there is more than one CARP address per interface with different
skews, check only the first CARP if and skew in order to determine
primary. This prevents a misconfiguration where both hosts are
configured as dhcp primary.
 2019-02-08 08:30:40 +01:00
Franco Fichtner
2e314c016e interfaces: push dhclient and dhcp6c to system log 
Easier to see what's going on, both trigger most system reconfigure
events anyway.

PR: https://github.com/opnsense/core/issues/3197
Discussed with: @adschellevis
 2019-02-07 18:17:20 +01:00
Ad Schellevis
7aab4a99d3 probe media before applying new settings, exclude vlan's (align to configure_interface_hardware()). for https://github.com/opnsense/core/issues/3198 
We could debate that media is hardware setting and thus should move to configure_interface_hardware(), but seems to be the case for more settings in interface_configure().
Maybe it's an idea to move all of these things to a single point later, so legacy_interface_details() only needs to be called once.
 2019-02-06 18:58:20 +01:00
Franco Fichtner
e4393e0dec openssh: no hay /var/log/lastlog 2019-02-06 16:20:45 +01:00
Franco Fichtner
7363445d8d interfaces: cleanups for MAC spoofing; closes #1352 2019-02-05 22:02:53 +01:00
Franco Fichtner
e5deb3e943 interfaces: correctly compare MAC addresses #1352 2019-02-05 21:45:32 +01:00
Ad Schellevis
8f45e0d862 ipsec, nat before ipsec. if peer identifier isn't an address, spdadd can't add a tunnel. switch to remote-gateway if that is a valid ip address. 
It's not a complete fix, for https://github.com/opnsense/core/issues/1773 but improves error logging and adds functionality when peer identifier is currently broken.
 2019-02-05 11:23:14 +01:00
Martin Wasley
28796e83a6 interfaces: DHCP Override MTU Option 
It seems DHCP in 11.2 is honouring the ISPs MTU if it is sent. It
also seems there are some ISPs who send a stupid value. This fix
allows the user to ignore the ISP-supplied MTU (or not) with the
default set to ignore for compatibility with the previous behaviour.

PR: https://github.com/opnsense/core/issues/3173
 2019-02-03 15:49:28 +01:00
Michael Steenbeek
6ee506a105 Fix formatting and comments 2019-02-01 16:15:54 +01:00
Michael Steenbeek
8b4a25dab0 Remove outdated VHID-VIPs during sync 2019-02-01 16:15:54 +01:00
Michael Steenbeek
da366be8e5 Do more thorough matching of IPalias VIPs 2019-02-01 16:15:54 +01:00
Michael Steenbeek
1bc9eb9afc Process feedback 2019-02-01 16:15:54 +01:00
Michael Steenbeek
a3fbaffe28 Remove old ipaliases+vhid entries when syncing 2019-02-01 16:15:54 +01:00
Michael Steenbeek
ce4c5ab489 Also sync Virtual IPs with a VHID group to backup host 2019-02-01 16:15:54 +01:00
Michael Steenbeek
036468b916 Small cleanup of rc.filter_synchronize 2019-02-01 16:15:54 +01:00
Franco Fichtner
3ce9c740c7 src: support for 18.7 has ended 2019-01-24 18:15:37 +01:00