lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-14 00:24:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
8,064 Commits 1 Branch 0 Tags
Commit Graph

8064 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Franco Fichtner
b5f0902407 interfaces: tweak previous 
It boils down to trigger during specific requests or don't.
 2017-12-31 13:59:58 +01:00
marjohn56
d36f0f4f62 dhcp6c - Use Reasons 
Use the REASONS given by dhcp6c when it calls its script. This then only calls newipv6 when 'REQUEST' is the reason.

RENEW, REBIND or INFO do not have changes to the leases, therefore no call to update is needed and this prevents reloading which can affect VPNs, Unbound etc.

On RELEASE or EXIT, once again newipv6 is called as the lease addresses should have been removed by dhcp6c.
 2017-12-31 13:47:35 +01:00
Franco Fichtner
617dcaee88 interfaces: small selected bug, reorder settings for clarity 2017-12-31 13:46:16 +01:00
Franco Fichtner
ba725881f8 interfaces: simplify previous 2017-12-31 12:26:55 +01:00
marjohn56
7762f4e7c5 Set dhcp6c vlan Priority 
Certain ISP's, Orange France for example use a VLAN, it is a requirement that the dhcpv6 packets are sent with a different priority, in Orange Frances case it is 6.

This PR allows the user to select whether or not to enable the setting of the VLAN priority for dhcpv6 packets and the value to use.

The is then used in the filter.lib.inc to add the extra set-prio value when the fillter is created.

This PR requires the the sysctl net.link.vlan.mtag_pcp be set to 1.
 2017-12-31 12:07:53 +01:00
Franco Fichtner
080219e270 firmware: after requested new sorting, plugins went in twice 
PR: https://forum.opnsense.org/index.php?topic=6722.0
 2017-12-31 11:54:31 +01:00
Franco Fichtner
99ac5f6fb0 mvc: fix class name in doc; usual header prettification 2017-12-31 10:28:52 +01:00
Franco Fichtner
8d569f2cb7 proxy: provide mutable force restart hook for reconfigure 
It's a bit tricky to get this right.  More testing needed, but
shouldn't intruduce regressions.  It could, but if the code works
it will not.  ;)
 2017-12-30 23:55:10 +01:00
Franco Fichtner
99c783a934 web proxy: use the mutable service controller 
We still want to refactor the calls to provide a soft-reload
as indicated here...
 2017-12-30 23:22:02 +01:00
Franco Fichtner
5646749c83 intrusion detection: use mutable service controller 2017-12-30 23:14:45 +01:00
Ad Schellevis
34e7a98df3 Firewall/Nat, missed no nat/rdr on carp 2017-12-29 17:25:07 +01:00
Franco Fichtner
5e87c80fee Revert "interfaces: add a no default value for #2032" 
Looks like this was already misbehaving even before we added
the explicit PCP change.  Probably since FreeBSD 11.0.

This reverts commit 4d9533d05e918d14117975f4b74ae337f370adc6.
 2017-12-29 15:33:44 +00:00
Franco Fichtner
4d9533d05e interfaces: add a no default value for #2032 2017-12-29 16:09:54 +01:00
Franco Fichtner
398a335179 system: do not wrap action buttons 2017-12-29 15:31:10 +01:00
Franco Fichtner
71df9cc1cc system: sort ciphers a bit, not perfect but easier to read 2017-12-29 13:23:26 +00:00
Franco Fichtner
e38b845725 firewall: prune help text trivia and make "pure nat" a checkbox 2017-12-29 13:02:15 +00:00
Franco Fichtner
6b24c4ba57 system: fix openssl binary path #51 2017-12-29 12:35:16 +01:00
Ad Schellevis
9af1ae60db Firewall/snat, add default sticky option for outbound nat rules. https://github.com/opnsense/core/issues/1326 2017-12-29 12:05:23 +01:00
Franco Fichtner
8928b99b92 filter: small cleanups 2017-12-29 10:42:48 +00:00
Ad Schellevis
8af5e4da01 Firewall/Nat, rule logic. better to force spacing in ruleToText() to prevent different pf command's from sticking together. for https://github.com/opnsense/core/issues/1326 2017-12-29 11:01:50 +01:00
Franco Fichtner
c1d54e3e1e filter: simplify scrub code 2017-12-29 10:49:31 +01:00
Ad Schellevis
457e8cd87d Firewall/rules engine, small regression in removal of old interface aliases, scrubbing still seemed to be using it.. 2017-12-29 10:36:39 +01:00
Franco Fichtner
4637139074 firmware: allow dot in package name; closes #2031 2017-12-29 09:10:21 +01:00
Ad Schellevis
9849a8e781 Firewall, rule parsing, cleanup. it should be safe now to remove the interface aliases since our new code doesn't use them anymore.. https://github.com/opnsense/core/issues/1326 2017-12-28 21:58:30 +01:00
Ad Schellevis
41e89fe13c Firewall/rule parsing, fix some spacings. for https://github.com/opnsense/core/issues/1326 2017-12-28 21:50:44 +01:00
Ad Schellevis
70d795dfe2 Firewall/rule engine, plugin outbound rules, move functions out of the way for further cleanup later. https://github.com/opnsense/core/issues/1326 
This needs additional testing, rules look ok, but the number of changes has been quite a few.
Next on the list is firewall_nat_out.php, make sure it reflects reality.
 2017-12-28 21:38:54 +01:00
Ad Schellevis
a75a6a1186 Firewall/forward, when parsing rdr rules, don't generate reflection redirects for nordr type, for https://github.com/opnsense/core/issues/1326 2017-12-28 21:31:24 +01:00
Franco Fichtner
59faa1e918 wizard: fix this appropriately 2017-12-28 12:42:31 +01:00
Franco Fichtner
ae79fa4f51 wizard: adhere to defaults in the xml 
Instead of using the config values even if set...
 2017-12-28 11:32:31 +01:00
Franco Fichtner
7b10393f5a wizard: uncheck dnssec by default 2017-12-28 11:25:32 +01:00
Ad Schellevis
a94700e7cc diag_packet_capture.php, stick level of detail... 2017-12-28 10:54:35 +01:00
marjohn56
bff4ace717 interfaces: allow the user to fix the dhcp6 duid; closes #2021 
The existing DUID may be recalled and stored in the
config file or else a new DUID may be created.
 2017-12-28 10:26:20 +01:00
Franco Fichtner
20654c3869 rc: kill _opnsense_bootup_run migration glue on master branch 2017-12-27 18:51:08 +01:00
Ad Schellevis
12d174e79d firewall/rule engine, keep some behaviour from legacy code as long as we're not sure wrong data can enter the config. for https://github.com/opnsense/core/issues/1326 2017-12-27 18:27:34 +01:00
Franco Fichtner
19c4253b1c webgui: explain the confirm / recovery 
PR: https://github.com/opnsense/core/issues/1347
 2017-12-27 18:23:23 +01:00
Franco Fichtner
fa3ad8025a webgui: flip-flop on old and new URL in case something went wrong 
The initial timeout of 20 seconds is long, but it's safer to wait so
that we're not bouncing back to the old web GUI before it goes down.

PR: https://github.com/opnsense/core/issues/1347
 2017-12-27 17:55:20 +01:00
Franco Fichtner
e63299809a firmware: list installed plugins first 
The markup is a bit too much now, but we can figure something
out sooner or later.
 2017-12-27 14:26:42 +00:00
Franco Fichtner
4638791ef8 mvc: do not render empty toggle header, dialogs do the same 2017-12-27 14:15:52 +00:00
Franco Fichtner
533ccbde0c rc: backup DUID for /var MFS et al 
Make sure to delete the backup prior to backing up to mimick
the current system state.  Same goes for restore, no backup
means remove the DUID to sync the system state to what it was.
 2017-12-27 13:35:35 +00:00
Franco Fichtner
b64b378219 mvc: code sniffer sniffs code 2017-12-27 11:56:23 +00:00
Franco Fichtner
2b71525147 make: enable new sniff for codesniffer 2017-12-27 11:56:00 +00:00
Franco Fichtner
6c13cbf4dd interfaces: tweak previous 
o do not escape execf shell escaping
o simplify the wording on the labels
 2017-12-27 11:07:49 +00:00
marjohn56
e634186ae4 dhcp6c No Release Option 
dhcp6c sends a release signal on exit by default. This can cause the loss of the allocated prefix or address and a new one on the next connection. This is especially the case with many ISPs.

This option allows the user to disable the release send.

I added the  -n option to the FreeBSD dhcp6c quite a while back.
 2017-12-27 11:47:04 +01:00
Franco Fichtner
9425d3bdd0 wizard: cleanup closes #2007 2017-12-27 11:29:18 +01:00
Franco Fichtner
420cbc6e07 wizard: cleanup for #2007 2017-12-27 11:26:59 +01:00
Franco Fichtner
502db3ab8d system: cleanup for #2007 2017-12-27 11:24:56 +01:00
Franco Fichtner
55c989971c openvpn: cleanup for #2007 2017-12-27 11:23:43 +01:00
Franco Fichtner
5c31153d35 auth: cleanup for #2007 2017-12-27 11:21:40 +01:00
Franco Fichtner
ff8b1c77a8 interfaces: simplify previous 
It's better to align this with the DHCP setting, remove explicit
mention of PPPoE as it pertains to other PPP types too.
 2017-12-27 08:40:14 +01:00
Franco Fichtner
33e3545709 auth: revert a change for #1929 
There will be time to work on this, but it is not now.
 2017-12-27 08:26:17 +01:00