Unify the situation for 'ppp_port' vs 'ports' use by using the latter
as is. One of the issues of this page always was inconsistency after
all. Then also zap the validation that causes the changes not to be
accepted. In theory it's posted anyway but that has been the case for
PPPoE/L2TP/PPTP since the fork.
* unbound: discard-timeout
Signed-off-by: Nigel Jones <nigel.l.jones+git@gmail.com>
* Update src/opnsense/mvc/app/models/OPNsense/Unbound/Unbound.xml
Co-authored-by: Franco Fichtner <franco@lastsummer.de>
* unbound: update field help text
---------
Signed-off-by: Nigel Jones <nigel.l.jones+git@gmail.com>
Co-authored-by: Franco Fichtner <franco@lastsummer.de>
Co-authored-by: Stephan de Wit <stephan.de.wit@deciso.com>
Parsing the persisted dashboard requires decoding it, which by extension means we don't need to encode it anymore when returning the dashboard. In all cases, this commit now makes sure that dashboard is filtered according to access rights.
While here, invalid input can be filtered out partly by check the result of json_decode(), so do this when saving the widgets.
There appear to be no callers in plugins. We could argue
that the vpn/vpn_map event isn't really needed as it brings
just OpenVPN, IPsec and WireGuard to the table, but we can
decide on this later.
NUMA has performance drawbacks and seems incomplete too.
We're going to assess impact hereby on the general approach,
but from early testing this increases network throughput
considerably in some scenarios.
It looks like we only linked certificates on CA import, move that code into the Cert model and improve it a bit, also trigger when importing a new certificate manually now.
To improve the matching, we search for subjects that match best based on item length now (e.g. a dn ZH,NL should precede one with only NL)
When searching large log files for messages that do not frequently occur, there is a large risk of reading all collected lines before returning the first results.
In most cases recent items are required, in which case going back for days of logs might not make sense.
This commit adds a simple "history" selection which translates into a "valid_from" filter on the log data. When timestamps are not parseable for whatever reason, the filter is ignored.
Only small downside is that we do need to translate timestamp again, when needed we could improve performance a bit by storing the original datetime value in NewBaseLogFormat so we don't have to parse it twice.
It only matters for lighttpd preventing a bug but since this could
be copied and some service being added has the same issue make sure
the code is always the one that's least problematic which means
putting "lo0" as the first explicit (and automatic) interface.
One of the nice things is that we don't have to do the global
loop but get all of the information across at once even if
individual listeners will still loop over it if necessary.
Dashboard is now stored for each user so to synchronise the user
sync needs to be used.
While here remove the old structure from the default config.xml.
PR: https://forum.opnsense.org/index.php?topic=42392.0
Since the default argument count is ":1" these listeners never
see interfaces so they can be called over the new event and the
old one can be deprecated.
Some services are global so calling them to reconfigure for each interface
is suboptimal. We can move these to a mapped event with all the interfaces
to reload at once which avoids useless cycles and race conditions.
Tried to check PID and avoid start without family association
but extending to pass the address family made more sense so we
can always restart to ensure addresses and routes are matching.
