lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-20 03:16:12 +00:00
Code Issues Packages Projects Releases Wiki Activity
11,340 Commits 1 Branch 0 Tags
Commit Graph

11340 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Franco Fichtner
9f853b8149 make: magical part of the syslog-ng version integration 2019-10-02 07:57:31 +02:00
Franco Fichtner
c9e395e6f8 system: replace syslog-ng version via build 
Next step is using a form of CORE_SYSLOGNG to select
the syslog-ng package suffix.  More testing needed.
 2019-10-01 22:45:09 +02:00
Ad Schellevis
cf28023d16 Syslog, new version number in config file... should match running syslog-ng version 2019-10-01 18:34:41 +02:00
Franco Fichtner
d62277ca8f LICENSE: sync 2019-10-01 14:35:53 +02:00
Franco Fichtner
b2560c6eb4 services: split code to get rid of shallow services.inc #3736 2019-10-01 08:33:15 +02:00
Franco Fichtner
9c3cfc58c4 plugins: make pluginctl service restart verbose 2019-10-01 08:09:43 +02:00
Franco Fichtner
6bb03c1806 firewall: remove two sentences via IRC question raised 
The default implies to leave it that way if unsure.  The ominous
warning means nothing without explanation, but the effect is
clear for people wanting to use another setting for direction:

o Egress rules filter on outbound, so half the performance passing
  traffic inwards is already wasted by not dropping it on inbound.

o Egress rules cannot set policy routes since policy routes set
  outbound interface on inbound and thus the decision was already
  made.
 2019-09-30 09:28:39 +02:00
Franco Fichtner
d2500110ea services: typo 2019-09-30 07:36:14 +02:00
Franco Fichtner
5868dda2cf services: remove services_get() by flattening it into plugins_services() 2019-09-30 07:27:43 +02:00
Franco Fichtner
00eedc8f67 dhcp: should work without global include now 2019-09-30 07:16:08 +02:00
Franco Fichtner
6be4951dbf dhcp: typo spotted by @azdps 2019-09-30 07:10:48 +02:00
Franco Fichtner
2993ae8dcc dhcp: factually correct annotation, no clobbering of existing strings 2019-09-29 15:15:33 +02:00
Franco Fichtner
3f69b12fc8 firmware: move echo to more appropriate spot 2019-09-29 12:47:49 +02:00
Franco Fichtner
058ee11a06 firmware: verify mtree signature if there #3473 2019-09-25 13:29:59 +02:00
Ad Schellevis
a4217d8fcc Tokenize2 / ordered lists mangled when setting the same content twice, closes https://github.com/opnsense/plugins/issues/1494 2019-09-25 13:13:21 +02:00
Ad Schellevis
680bd22980 IPsec: add margintime + rekeyfuzz (https://wiki.strongswan.org/projects/strongswan/wiki/ExpiryRekey), closes https://github.com/opnsense/core/issues/3722 2019-09-24 21:53:45 +02:00
Franco Fichtner
08e7fca0fc firmware: pkg is part of core, no need to double-check #3473 2019-09-24 09:40:59 +02:00
Franco Fichtner
959eea632f firmware: tie pkg dependency to core #3473 2019-09-24 09:39:59 +02:00
Franco Fichtner
982712a824 firmware: extend health check #3473 2019-09-24 09:09:40 +02:00
stumbaumr
201ed6894f devd does not pick up on laggX_vlanXXXX devices... (#3721) 
...since the underscore devices are filtered out.
 2019-09-24 08:23:36 +02:00
Ad Schellevis
04c1decd19 firewall, rules. make sure "tcp flags" input matches description. suggestion for https://github.com/opnsense/core/issues/3714 2019-09-23 18:48:37 +02:00
Ad Schellevis
ebd9ea2542 Captive portal, check type for acc_session_timeout in cases where sqlite converts None to ''. closes https://github.com/opnsense/core/issues/3704 2019-09-23 18:20:45 +02:00
Ad Schellevis
01d8fb296e Insight, catch struct.unpack errors instead od rashing out when flow record doesn't match standards. closes https://github.com/opnsense/core/issues/3715 2019-09-23 18:07:41 +02:00
Franco Fichtner
245486bc87 firmware: add version/repository check for core packages #3473 2019-09-23 09:56:36 +02:00
Franco Fichtner
a58ad17289 firmware: fixed upsteam in pkg 1.12 2019-09-23 07:46:29 +02:00
Franco Fichtner
aa5acaa00c ipsec: fix typo in actions file 2019-09-22 11:06:58 +02:00
Franco Fichtner
b83cb18e76 firewall: nicer toggle; closes #3700 2019-09-17 16:34:21 +02:00
Franco Fichtner
915ebdc15d system: show all swap partitions; closes #3592 2019-09-16 22:39:25 +02:00
Franco Fichtner
8a73ea0af2 interfaces: part two (actual fix) (actual fix) 2019-09-16 15:56:43 +02:00
Franco Fichtner
01cdf46908 interfaces: packet capture switcheroo 
PR: https://forum.opnsense.org/index.php?topic=13897.0
 2019-09-16 15:44:18 +02:00
Franco Fichtner
ffd506037a src: minor style updates in diff vs. stable/19.7 2019-09-14 07:41:52 +02:00
Franco Fichtner
e637e76ec6 plist: fix 2019-09-13 14:20:44 +02:00
Ad Schellevis
6b542e91d0 Merge branch 'ppmathis-feature/ipsec-pubkey-auth' 2019-09-13 14:18:35 +02:00
Ad Schellevis
013e802abf IPSec public key authentication, fix background on /ui/ipsec/key-pairs 2019-09-13 14:17:33 +02:00
Ad Schellevis
0038128f9a Merge branch 'feature/ipsec-pubkey-auth' of https://github.com/ppmathis/opnsense-core into ppmathis-feature/ipsec-pubkey-auth 2019-09-13 13:28:54 +02:00
Ad Schellevis
2a72b99a9d Captive portal, regression in merging b54f3d2cc4 
ref https://forum.opnsense.org/index.php?topic=14186
 2019-09-12 20:37:59 +02:00
Thomas Jensen
42e2dcd20e Update opnsense.xml (#3699) 2019-09-07 09:34:00 +02:00
Ad Schellevis
9c8833134a Revert "jQuery, upgrade to 3.4.1, keep 3.2.1 on disk for older third party plugins and disable jquery-migrations while herre." 
-- seems to be for later, dashboard dies with "Uncaught TypeError: e.indexOf is not a function .... "

This reverts commit 244b70b77193f9c4d5f2912ca3c3cccf65f49d55.
 2019-09-06 14:23:09 +02:00
Ad Schellevis
244b70b771 jQuery, upgrade to 3.4.1, keep 3.2.1 on disk for older third party plugins and disable jquery-migrations while herre. 2019-09-06 14:20:56 +02:00
Franco Fichtner
c668ae42ca src: style sweep 2019-09-06 09:26:09 +02:00
Ad Schellevis
3ef14d17e3 Alias, when geoip alias name is the same as it's country, it won't fetch contents, since the name matches an existing alias. 2019-09-05 12:49:40 +02:00
Franco Fichtner
813bb55533 src: whitespace sweep 2019-09-05 09:51:20 +02:00
Franco Fichtner
1282ac33c5 menu: hide helper entry 2019-09-05 09:00:53 +02:00
Ad Schellevis
4b55adf484
Update bug_report.md 2019-09-03 08:46:54 +02:00
Ad Schellevis
3a5862c7ae
Update bug_report.md 2019-09-03 08:43:17 +02:00
Pascal Mathis
8227a0cbca
ipsec: Move menu and ACL entries into MVC code 
This commit moves all menu and ACL entries from the legacy code of the
IPsec subsystem into the new MVC codebase. Additionally, a small bug in
the current master of OPNsense has been fixed, where the ACL
"page-status-systemlogs-ppp" has been mistakenly labeled as "IPsec VPN"
instead of "PPP".

Signed-off-by: Pascal Mathis <mail@pascalmathis.com>
 2019-09-01 16:59:09 +02:00
Ad Schellevis
74c2ac9a20 syslog, fix legacy remote logging. closes https://github.com/opnsense/core/issues/3682 2019-09-01 11:02:00 +02:00
Pascal Mathis
5d9183aa13
ipsec: Add support for public key authentication 
The current IPsec plugin implementation does not support public key
authentication, which allows for a more secure mutual authentication
than PSK while still not introducing the complexity of X509
certificates.  The authentication can easily be set up by generating a
bare RSA keypair chain on both machines, followed by exchanging the
public keys between the two peers.

This commit introduces public key authentication functionality by adding
a new authentication method to phase 1 configuration called "Mutual
Public Key" and adding a menu entry "Key Pairs", which allows adding
public keys + optional private keys. It was successfully tested against
a Linux virtual machine running Strongswan 5 and the entered RSA keys
are automatically verified for correctness.

Useful commands for generating a bare RSA keypair:
$ ipsec pki --gen --type rsa --outform pem --size 4096 > private.pem
$ ipsec pki --pub --outform pem --in private.pem > public.pem

Signed-off-by: Pascal Mathis <mail@pascalmathis.com>
 2019-08-31 23:31:49 +02:00
Ad Schellevis
ae5692b477 filter/alias, missing refresh on geoip type closes https://github.com/opnsense/core/pull/3685 2019-08-31 14:51:44 +02:00
Ad Schellevis
2982424232 interfaces, only trigger newwanip event for affected interfaces 2019-08-30 15:09:06 +02:00