lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-16 09:34:39 +00:00
Code Issues Packages Projects Releases Wiki Activity
12,007 Commits 1 Branch 0 Tags
Commit Graph

11072 Commits

Author SHA1 Message Date
Ad Schellevis
6cb0f29268 flowd_aggregator. better replace line endings when sending traceback to syslog. 2020-08-14 09:50:16 +02:00
Ad Schellevis
26ab28d522 Firewall / aliases: internally reserved keywords, second case in a week, let's make sure we exclude all yacc doesn't like (41ba6e29a8/sbin/pfctl/parse.y (L5482)) 
closes https://github.com/opnsense/core/issues/4251
 2020-08-12 14:45:38 +02:00
Ad Schellevis
8c6df07be7 Proxy: json access log, minor bugfix for https://github.com/opnsense/core/issues/4244 
response.body.bytes vs response.bytes, %<st equals the message size
 2020-08-12 11:51:40 +02:00
Franco Fichtner
3eed068675 web proxy: help text style 2020-08-12 09:08:32 +02:00
Ad Schellevis
2784956853 syslog-ng: initial startup issues. try to sleep for 0.5 seconds before using syslogs socket. 2020-08-10 22:36:40 +02:00
Ad Schellevis
53c22497ae Proxy: better explain where access log entries are heading when syslog is selected, slightly related to https://github.com/opnsense/core/issues/4244 2020-08-10 18:14:33 +02:00
Ad Schellevis
b9823cd4d1 authgui.inc: wrong jQuery version. closes https://github.com/opnsense/core/issues/4250 2020-08-10 15:30:50 +02:00
Ad Schellevis
8fdb97a2f4 Firewall / aliases. resolve mac addresses at fixed ttl for https://github.com/opnsense/core/issues/4248 2020-08-10 14:23:20 +02:00
Ad Schellevis
c2c424aea2 Firewall / aliases - allow mac addresses for https://github.com/opnsense/core/issues/4248 2020-08-09 18:44:31 +02:00
Ad Schellevis
e7ee753f68 Firewall / alias, log is reserved too. closes https://github.com/opnsense/core/issues/4246 2020-08-09 17:50:15 +02:00
Ad Schellevis
e388020e49 mvc: remove unused sample_input_field 2020-08-09 13:07:32 +02:00
Ad Schellevis
58b672fcab IPsec: simplify previous with legacy_interface_create() 2020-08-07 19:57:23 +02:00
Ad Schellevis
9167000171 IPSec: prevent ipsec vti interface to hit 32768 limit (create numbered, rename and attach afterwards) 
@fichtner as promised,  the almost one liner :)
 2020-08-07 17:30:38 +02:00
Ad Schellevis
5bd793a8a0 Web proxy: add json output, following Elastic Common Schema (ECS) reference. closes https://github.com/opnsense/core/issues/4244 
o Extracts most of the attributes from our extended log format, when X-Request-Event-Id header is set it will be included as event id.
o Added log format for internal ui parsing (extract timestamp)

* https://github.com/elastic/ecs/blob/master/generated/csv/fields.csv
* http://www.squid-cache.org/Doc/config/logformat/

Sponsored by Incenter Technology (https://www.incenter.tech/)
 2020-08-07 16:54:07 +02:00
Franco Fichtner
2344a7b40c src: lint and stylsrc: lint and stylee 2020-08-07 13:06:04 +02:00
Franco Fichtner
e22bb69cb6 firmware: ignore man page database regeneration 
Looks like on the running system and in the build system the values
are static but obviously going from build to running system the
regenerate causes the checksums to shift.  Not a security issue for
the "man" page databadse so better to hide these files from the
audit to avoid confusion and questions.

PR: https://forum.opnsense.org/index.php?topic=18484.0
 2020-08-07 12:51:59 +02:00
Ad Schellevis
aa1f7b85c3 configd: syslog issue, when messages are laarger tahn 4k (traceback) they just seem to vanish in thin air. let's wrap our syslog calls, cut to max 4000 chars and while here prevent multiline output as well since it mangles our ui 2020-08-07 11:54:52 +02:00
Ad Schellevis
6434329a7d Menu: interface groups integrity issue, closes https://github.com/opnsense/core/issues/4243 2020-08-05 08:50:51 +02:00
Ad Schellevis
fc38dfaee4 Firewall/aliases: backend support for arp type entries. 
Although this is still an experiment and needs proper documentation to be actually included in our product, it could help to set policies for physical addresses or ranges of addresses (like vendors).

This commit adds a cache object combined with an address iterator with some simple rules, registrations live for a max ttl after the last moment they where seen. If an item bound to expire contains an address currently in use by another mac address, the ip address will be removed.
 2020-08-04 21:26:32 +02:00
Ad Schellevis
14496cb451 system_authservers.php: fix PHP Warning: in_array() expects parameter 2 to be array, null given in /usr/local/www/system_authservers.php on line 756 
closes https://github.com/opnsense/core/issues/4242
 2020-08-04 18:05:10 +02:00
Ad Schellevis
6dbd1d4abc syslog ui: filter new style log directories accordingly. when using suricata, there already is a directory called suricata for example with a stats.log in it. we should only try to fetch files which match the pattern: 
/var/log/[app]/[component]/component_*.log
/var/log/[component]/component_*.log
 2020-08-04 10:02:03 +02:00
Franco Fichtner
9e4f0dea30 Revert "mirror (Aivian) not active anymore" 
This reverts commit 43c591c0a98fb78be64455ac961575f2c6333a65.
 2020-08-04 07:33:19 +02:00
Ad Schellevis
0bde1c3456 Firewall: live log, add dropdowns for "static" fields. closes https://github.com/opnsense/core/issues/4236 2020-08-03 18:12:53 +02:00
Ad Schellevis
0b21c6881a Mirrors: opn.sense.nz seems to be down 2020-08-02 14:52:45 +02:00
Ad Schellevis
908a974f7a mirrors: RageNetwork not available 2020-08-02 14:45:24 +02:00
Franco Fichtner
a3e3b97e53 firmware: switch to 20.7 2020-07-28 10:33:42 +02:00
Franco Fichtner
a20f38aecb unbound: "order entries" 2020-07-27 14:23:43 +02:00
Ad Schellevis
bc31d6c9ff syslog: legacy syslog (clog) expects rfc5424 out when being parsed by syslog-ng 2020-07-24 11:02:23 +02:00
Ad Schellevis
629f7f8529 syslog-ng: RFC5424 issue on FreeBSD 12, needs flags(syslog-protocol) on source, ref https://github.com/syslog-ng/syslog-ng/issues/2428 2020-07-24 10:39:13 +02:00
Franco Fichtner
7cadf6d872 firmware: prep for 20.7 2020-07-23 15:06:04 +02:00
Ad Schellevis
1da0a432a4 Proxy: don't try to force cachemanager access to use icap when enabled, it's highly unlikely the icap server understands these requests. 
Originally all http_access tags where filtered in 25449ffd49 , it seems like a slip of the pen to wrap the cache manager as well (probably nobody uses this combination)
 2020-07-21 23:36:46 +02:00
Franco Fichtner
58e3c45655 interfaces: drop unfinished RFC 3118 support 2020-07-21 13:52:49 +02:00
Ad Schellevis
b0acd180ac syslog: split process name into seperate column, bugfix export while here as well (when limit equals 0, dump all data) 2020-07-20 11:37:05 +02:00
Ad Schellevis
78c81babfd syslog: disable legacy syslogd when disable_clog is set 2020-07-18 03:50:41 +02:00
Ad Schellevis
5c4c6faccb fix previous, missed $config import 2020-07-17 19:36:51 +02:00
Ad Schellevis
b1ec4aa9b0 syslog: don't generate clog files when disable_clog is set. 
eventually we should also prevent the legacy syslog from starting, but first make sure we don't polute the filesystem in these cases
 2020-07-17 19:32:22 +02:00
mikahe
489125276c
widgets/ntp, php warnings if no GPS fix and thus lat+lon missing from NMEA msg (#4212) 
* ntpd: NMEA GPS clock messages lat and lon parsing fix #4209
* widgets/ntp, php warnings if no GPS fix and lat+lon missing from NMEA msg
 2020-07-17 09:06:36 +02:00
Ad Schellevis
31d3044388 syslog-ng: lockout-handler, exit when syslog-ng exits. closes https://github.com/opnsense/core/issues/4195 2020-07-16 17:54:05 +02:00
Ad Schellevis
f80081f110 filter: Gateway Monitoring/Kill states, make sure our factory defaults match input and only trigger a state reset using the existing filter_configure_sync() parameter. 
o remove <kill_states/> from our default config, since it was evaluated as empty (feature enabled), we might as well remove the option to reach the same effect.
o system_advanced_firewall.php isset() vs !empty(), we use !empty() in our support code, make sure the ui page does the same
o remove hook from filter_configure_sync(), so state resets only happen on request.
o monitor/10-dpinger request conditional state reset

ref https://forum.opnsense.org/index.php?topic=18068.msg82231#msg82231
 2020-07-11 20:09:31 +02:00
Franco Fichtner
b01e972d18 firmware: prep for 20.7-RC1 2020-07-16 09:10:36 +02:00
Ad Schellevis
bbcfe6b9d3 Proxy: small cleanup in previous 2020-07-11 16:10:18 +02:00
sazb
9dd9bc28b5
Update squid.conf (#4137) 2020-07-15 19:28:59 +02:00
mikahe
bcc1bfebd4
ntpd: NMEA GPS clock messages lat and lon parsing fix #4209 (#4211) 2020-07-15 19:23:43 +02:00
Ad Schellevis
94985b4f80 filter: list_states.py, validate if nat destination contains a port. closes https://github.com/opnsense/core/issues/4210 2020-07-11 09:13:16 +02:00
Ad Schellevis
651284ea47 backup/Nextcloud: merge https://github.com/opnsense/core/pull/3503 without gettext() 2020-07-09 19:51:41 +02:00
Ad Schellevis
7c43c8be36 MVC: LegacyLinkField not allowed to return null in __toString() 
closes https://github.com/opnsense/core/issues/4200
 2020-07-08 12:45:52 +02:00
Franco Fichtner
5e4ef3d339 firmware: enable 20.7-BETA upgrades for testing 
Use at your own risk.  ;)
 2020-07-08 10:49:43 +02:00
Ad Schellevis
30a9195437 IPsec: list_status seems to have issues with byte type data, https://github.com/opnsense/core/issues/4189 2020-06-28 19:43:35 +02:00
Franco Fichtner
c01353b49a firewall: whatever this was... 2020-07-02 06:22:01 +02:00
Franco Fichtner
206ad1167c firewall: further clean up for #4175 2020-07-02 06:16:45 +02:00