lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-13 16:14:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
10,307 Commits 1 Branch 0 Tags
Commit Graph

10307 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ad Schellevis
afcbdee036 Auth cleanup, ditch ldap_setup_caenv() in favour of LDAP->setUpCaEnv(), for https://github.com/opnsense/core/issues/3206 2019-02-09 22:03:52 +01:00
Martin Wasley
7960f2ab77 Add validation check for time period for Dpinger (#3190) 2019-02-09 20:56:51 +01:00
Franco Fichtner
b20f71b19e interfaces: our dhclient-script doesn't clobber resolv.conf #3197 
The FreeBSD one does, but we have different code that is "safe"
for multiple DHCP connections.
 2019-02-08 22:23:18 +01:00
Franco Fichtner
a1dbbb5ef1 interfaces: remove arp flush from dhclient-script #3197 
PR: https://forum.opnsense.org/index.php?topic=11037.0
 2019-02-08 22:21:54 +01:00
Ad Schellevis
692faae42c IDS/IPS, less extensive logging. 
- version info and rules might be cached, only log the uncached actions (first try)
 2019-02-08 20:37:32 +01:00
Ad Schellevis
f768bf743a Merge branch 'fredronnv-dev/dhcp_failover' 2019-02-08 16:16:55 +01:00
Ad Schellevis
f2be8ad1b6 fix failover_peerip logic in services_dhcpdv4_configure() 2019-02-08 16:15:48 +01:00
Ad Schellevis
1c44888646 Merge branch 'dev/dhcp_failover' of https://github.com/fredronnv/core into fredronnv-dev/dhcp_failover 2019-02-08 16:10:01 +01:00
Ad Schellevis
52baca6eff Merge branch 'fredronnv-dev/sourcehashkey' 2019-02-08 15:14:13 +01:00
Ad Schellevis
a5505463ab minor cleanups in firewall_nat_out_edit.php for https://github.com/opnsense/core/pull/3204 
- strict page validation
- disable input's when hidden (generic page issue)
 2019-02-08 15:12:31 +01:00
Ad Schellevis
8d78811e32 Merge branch 'dev/sourcehashkey' of https://github.com/fredronnv/core into fredronnv-dev/sourcehashkey 2019-02-08 14:50:43 +01:00
Fredrik Rönnvall
1e7b0d2082 Allow explicitly setting Source Hash Key 
This key is randomly assigned unless set every time the ruleset is
loaded. In order to make it persist, allow setting it to a predetermined
value.
 2019-02-08 14:21:46 +01:00
Franco Fichtner
3381598685 firmware: bump RageNetwork mirror to HTTPS 2019-02-08 09:19:40 +01:00
Franco Fichtner
1e32993339 firmware: avoid trailing slash in URL, it is appended later 2019-02-08 09:15:57 +01:00
Ad Schellevis
77bf613efe mirror, add University of Kent to the list 2019-02-08 09:04:56 +01:00
Franco Fichtner
73a03c4954 firmware: make this error a little clearer 2019-02-08 08:36:10 +01:00
Fredrik Rönnvall
85d2657ce6 Fix behaviour of determining dhcp primary/secondary 
When there is more than one CARP address per interface with different
skews, check only the first CARP if and skew in order to determine
primary. This prevents a misconfiguration where both hosts are
configured as dhcp primary.
 2019-02-08 08:30:40 +01:00
Franco Fichtner
2e314c016e interfaces: push dhclient and dhcp6c to system log 
Easier to see what's going on, both trigger most system reconfigure
events anyway.

PR: https://github.com/opnsense/core/issues/3197
Discussed with: @adschellevis
 2019-02-07 18:17:20 +01:00
Ad Schellevis
7aab4a99d3 probe media before applying new settings, exclude vlan's (align to configure_interface_hardware()). for https://github.com/opnsense/core/issues/3198 
We could debate that media is hardware setting and thus should move to configure_interface_hardware(), but seems to be the case for more settings in interface_configure().
Maybe it's an idea to move all of these things to a single point later, so legacy_interface_details() only needs to be called once.
 2019-02-06 18:58:20 +01:00
Franco Fichtner
e4393e0dec openssh: no hay /var/log/lastlog 2019-02-06 16:20:45 +01:00
Franco Fichtner
ae7af5314b interfaces: change apply flow a bit, comment was misleading 2019-02-06 15:59:42 +01:00
Ad Schellevis
710b82917a OpenVPN export, missing "port " in proto. for https://github.com/opnsense/core/issues/3193 2019-02-06 10:41:37 +01:00
Ad Schellevis
c83aa08c8f obey verify-x509-name for "Remote Access ( User Auth )", for https://github.com/opnsense/core/issues/3193 2019-02-06 10:12:36 +01:00
Ad Schellevis
f0d7562e49 Monit, fix address validation. closes https://github.com/opnsense/core/issues/3195 2019-02-06 08:50:36 +01:00
Ad Schellevis
521afca140 rework 5ad905c897 (https://github.com/opnsense/core/issues/3189), accidentally dropped support for known services ;) 2019-02-06 08:40:31 +01:00
Ad Schellevis
f3601c1c86 Revert "Util::isPort() validation issue, closes https://github.com/opnsense/core/issues/3189" 
This reverts commit 5ad905c89729d8540f7056e8ea2f94988d35f8ff.
 2019-02-06 08:34:55 +01:00
Franco Fichtner
8e9dbc0c31 web proxy: switch to squid 4 2019-02-05 23:22:41 +01:00
Fabian Franz
01140aba5f core: update config for squid version 4 2019-02-05 23:22:06 +01:00
Franco Fichtner
7363445d8d interfaces: cleanups for MAC spoofing; closes #1352 2019-02-05 22:02:53 +01:00
Franco Fichtner
e5deb3e943 interfaces: correctly compare MAC addresses #1352 2019-02-05 21:45:32 +01:00
Ad Schellevis
5ad905c897 Util::isPort() validation issue, closes https://github.com/opnsense/core/issues/3189 2019-02-05 16:06:54 +01:00
Ad Schellevis
7ee1110d0f ACL, reboot/halt. wrong pattern, for https://github.com/opnsense/core/issues/3187 2019-02-05 12:47:19 +01:00
Ad Schellevis
8f45e0d862 ipsec, nat before ipsec. if peer identifier isn't an address, spdadd can't add a tunnel. switch to remote-gateway if that is a valid ip address. 
It's not a complete fix, for https://github.com/opnsense/core/issues/1773 but improves error logging and adds functionality when peer identifier is currently broken.
 2019-02-05 11:23:14 +01:00
Franco Fichtner
9a9740dbfe mvc: style issues 2019-02-04 12:38:01 +00:00
Ad Schellevis
830332a3ca OpenVPN export, minor cleanup. server_cn field unused, could result in an error when not found (Undefined index). 2019-02-04 13:23:07 +01:00
Franco Fichtner
361fe644ed ipsec: there is no text-default 2019-02-04 07:23:58 +01:00
Ad Schellevis
4a8e737ced fix some gettext() + html_safe, discussed c4c7f8d732 2019-02-03 20:04:08 +01:00
Alexander Shursha
c4c7f8d732 Translate HighAvailability. (#2744) 2019-02-03 19:43:51 +01:00
Adi
427cac5dc7 Update squid.conf to add ESD file types (#3156) 2019-02-03 19:33:39 +01:00
Franco Fichtner
86872d4170 www: another escaping fix 2019-02-03 18:58:45 +01:00
Martin Wasley
28796e83a6 interfaces: DHCP Override MTU Option 
It seems DHCP in 11.2 is honouring the ISPs MTU if it is sent. It
also seems there are some ISPs who send a stupid value. This fix
allows the user to ignore the ISP-supplied MTU (or not) with the
default set to ignore for compatibility with the previous behaviour.

PR: https://github.com/opnsense/core/issues/3173
 2019-02-03 15:49:28 +01:00
Franco Fichtner
22dc4610da pkg: fix plist 2019-02-03 11:45:42 +01:00
Ad Schellevis
6ee58cc30a OpenVPN export, notation of verify-x509-name fix. should use a different seperator. for https://github.com/opnsense/core/issues/3174 2019-02-02 16:33:06 +01:00
Ad Schellevis
81364dd3dc OpenVPN export, add missing compression setting, for https://github.com/opnsense/core/issues/3174 2019-02-02 16:15:59 +01:00
Ad Schellevis
9eebb2eb74 OpenVPN export, cleanse base name (only use alphanumeric characters), for https://github.com/opnsense/core/issues/3174 2019-02-02 16:12:44 +01:00
Max Weller
8f96ff81ed IPSec: allow same Local Subnet if used in different Phase1 (#3121) 2019-02-01 18:40:23 +01:00
Ad Schellevis
f4ebba628f netflow aggregate, prevent cleanup deleting current data when there's data recorded in the future. 
Noticed on a test machine at the office, recorded some bytes at a timestamp in the future, which resulted in the current 2 hour range left empty....
 2019-02-01 17:33:30 +01:00
Ad Schellevis
e9d1aa4579 OpenVPN export, some clients seem to have issues with uppercase protocol, ref https://forum.opnsense.org/index.php?topic=11415.msg51601 2019-02-01 17:27:49 +01:00
Ad Schellevis
defd8da1b1 flowd, dump our parsed log for debugging purposes 2019-02-01 16:38:03 +01:00
Ad Schellevis
df142dc8df change os references to HardenedBSD 2019-02-01 16:13:12 +01:00