Looks like on the running system and in the build system the values
are static but obviously going from build to running system the
regenerate causes the checksums to shift. Not a security issue for
the "man" page databadse so better to hide these files from the
audit to avoid confusion and questions.
PR: https://forum.opnsense.org/index.php?topic=18484.0
Although this is still an experiment and needs proper documentation to be actually included in our product, it could help to set policies for physical addresses or ranges of addresses (like vendors).
This commit adds a cache object combined with an address iterator with some simple rules, registrations live for a max ttl after the last moment they where seen. If an item bound to expire contains an address currently in use by another mac address, the ip address will be removed.
Originally all http_access tags where filtered in 25449ffd49 , it seems like a slip of the pen to wrap the cache manager as well (probably nobody uses this combination)
o remove <kill_states/> from our default config, since it was evaluated as empty (feature enabled), we might as well remove the option to reach the same effect.
o system_advanced_firewall.php isset() vs !empty(), we use !empty() in our support code, make sure the ui page does the same
o remove hook from filter_configure_sync(), so state resets only happen on request.
o monitor/10-dpinger request conditional state reset
ref https://forum.opnsense.org/index.php?topic=18068.msg82231#msg82231
o BaseField: add hasChild() and getChild() so callers don't have to use getChildren() to check if a single item exists.
o BaseField: prevent addToXMLNode() from saving virtual nodes
o BaseModel: refactor getNodeByReference() to use hasChild() and getChild()
o add template download configd call
o align controller and ui to use the download call (flush config to disk, request "active" error_pages)
o refactor deploy_error_pages.py to ease download_error_pages.py implementation
o change ProxyTemplates() class and move overlay functionality to callers (so we can reuse the same class to download the templates later)
o rename install_template.py to deploy_error_pages.py and use overlay_enabled() method to figure out if "custom" or "opnsense" is selected
o add a configd action to deploy the error pages, for future use.
o hook deploy_error_pages.py in start/stop/restart/reconfigure actions
o move templates to src/opnsense/data/proxy, avoid lint issues
o initial version of install script (overlay and embed css)
o change squid.conf output, when error_page is provided use error_directory /usr/local/etc/squid/errors/local directory (install location)
o flush template data to error_directory.in (json) which is used as override
overlay logic needs some work to be able to use something similar on download. install hook should be called before squid startup to ensure proper error_pages.
o cleanup default (English) error templates, rename to .html for easier editting. move css to include, which should be imported inline using our scripts.
o add frontend code
o extend model with template option.
