lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-13 16:14:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
15,296 Commits 1 Branch 0 Tags
Commit Graph

15296 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ad Schellevis
bebf3a2a7c MVC/Config - Prevent config restore when writer has flushed or partly wrtiten the file. closes https://github.com/opnsense/core/issues/6565 
This should lower the chances of accidental restores when reader processes are active very frequently triggering a restore on a faulty read.
It should be possible to read the configuration while the config is exclusively locked, as these operations may take much more time than the actual write process takes.
After this commit the reader first tries to read unconditionally and if this fails, waits until a lock can be acquired.

To increase visibilty of restore invents, send these to the audit log in stead of the general system log.
 2023-05-16 20:45:53 +02:00
Ad Schellevis
2da3787b38 MVC/BaseModel - format logger to avoid duplicate timestamps. 2023-05-16 20:06:03 +02:00
Franco Fichtner
aba6dfae93 interfaces: typo in previous 2023-05-16 15:12:04 +02:00
Franco Fichtner
bde52467de interfaces: do not reach for tracked interfaces during rc.newwanipv6 
Shift away from get_interface_ip() as we don't need to handle VIPs or
plain addresses here and make sure that we do not reach for tracked
interface addresses.  This will make link-local end up as the current
IP being cached, but that's fine since previously we fixed the shifting
prefix detection during RENEW/REBIND and that looks to be working.

Eventually we need to rename "prefix" variant to "primary" as that is
what it is doing and the current "primary" one is more of a listen
IP helper in case the WAN does not have a routable address.  But deal
with that later to avoid overcomplicating the current patch.

PR: https://forum.opnsense.org/index.php?topic=26832.0
 2023-05-16 13:33:51 +02:00
Franco Fichtner
766f1f0c5a interfaces: for static "Use IPv4 connectivity" bring up IPv6 routes as well 
Looks like a regression from e420cc4aa718f since rc.newwanipv6 is not called
in a static setup and later we only deal with IPv4.

PR: https://forum.opnsense.org/index.php?topic=33864.0
 2023-05-16 08:40:55 +02:00
Franco Fichtner
603a6801f1 system: allow "." search domain for #6529 2023-05-15 13:21:52 +02:00
Franco Fichtner
fe6e5298b3 interfaces: preg_match returns matches, not bool 2023-05-15 10:18:04 +02:00
Franco Fichtner
8beb293c53 pluginctl: add an ifconfig mode for easier debugging and later use 
PR: https://forum.opnsense.org/index.php?topic=33864.0
 2023-05-15 10:11:38 +02:00
Ad Schellevis
c568629c01 Services: Unbound DNS: Overrides - when called via GET, encode using URLSearchParams(). closes https://github.com/opnsense/core/issues/6561 2023-05-14 17:00:21 +02:00
Franco Fichtner
c1784ad1ad system: print warning for duplicated gateway name 
PR: https://forum.opnsense.org/index.php?topic=33864.0
 2023-05-12 09:07:18 +02:00
Franco Fichtner
485bd39f13 interfaces: protect against INFOREQ in PDINFO force case #6522 2023-05-11 10:19:19 +02:00
Franco Fichtner
31961bf577 interfaces: handle RENEW/REBIND and PDINFO shift #6522 2023-05-11 09:57:53 +02:00
Franco Fichtner
26449b42d8 interfaces: print ignored reason regardless of debug state 2023-05-11 09:29:11 +02:00
Franco Fichtner
2db028d21b interfaces: report current IP for #6522 2023-05-11 08:40:16 +02:00
Ad Schellevis
d633cd961f MVC/Firewall/Util - add CIDRToMask() 2023-05-10 19:16:38 +02:00
Franco Fichtner
271525f00b pkg: these too 2023-05-10 16:56:23 +02:00
Franco Fichtner
db69027dda wizard: may end up duplicating WAN_GW which is bad 
PR: https://forum.opnsense.org/index.php?topic=33864.0
 2023-05-10 15:48:12 +02:00
Franco Fichtner
0a3ac8fb66 system: adjust for proper 'attribute' use in gateway edit 2023-05-10 15:22:20 +02:00
Franco Fichtner
eaa1894c66 system: looks like a typo 2023-05-10 14:48:15 +02:00
Franco Fichtner
48855143b0 system: add 'if' to message in case of mismatch 
PR: https://forum.opnsense.org/index.php?topic=33864.0
 2023-05-10 14:37:38 +02:00
Franco Fichtner
5f7984444f pkg: duckdb for other arches not so easy 
PR: https://github.com/opnsense/tools/issues/350
 2023-05-10 14:17:50 +02:00
Franco Fichtner
f19c06c64a interfaces: deal with prefixv6 as an array 2023-05-10 12:12:33 +02:00
Franco Fichtner
7977c86c11 interfaces: deal with the possibility of multiple PDs 
Not yet the case but support inside dhcp6c is likely coming
soon.  At this point the prefix is just recorded, but not used
operationally.  Display of multiple PDs is still broken.
 2023-05-10 10:52:26 +02:00
Franco Fichtner
e8947f2712 interfaces: simplify dhcp6c renew script 2023-05-10 09:36:20 +02:00
Franco Fichtner
14966b5391 firewall: simplify layout and fix (unused) element ID; closes #6552 2023-05-10 08:10:01 +02:00
Ad Schellevis
c2f407ca4c Interfaces: Virtual IPs: Settings - Improve address cleanup so modifications to VIPs are less likely to end up with multiple interfaces using the same address. 
With the previous code it was quite easy to move an address to another interface after which that address was configured on both (new and old).
 2023-05-09 16:57:48 +02:00
Franco Fichtner
58528970e0 pkg: fix plist 2023-05-08 15:17:56 +02:00
Ad Schellevis
99438a838e Services/Unbound - remove 85-dnsbl syshook causing a download on boot. closes https://github.com/opnsense/core/issues/6523 2023-05-08 15:16:26 +02:00
Franco Fichtner
ee4e002d0d unbound: fix migration for 1.0.5 #6550 2023-05-08 10:55:19 +02:00
Franco Fichtner
378d9a3a6c unbound: fix migration 1.0.3 for #6550 2023-05-08 10:46:05 +02:00
Franco Fichtner
c29cd77465 system: fixup previous #6544 2023-05-05 08:40:46 +02:00
Franco Fichtner
3700b11f30 system: improve monitor alarm situation by not reloading monitors #6544 
This would cause more alarms...
 2023-05-05 08:27:25 +02:00
Ad Schellevis
c22f74a786 VPN/OpenVPN - force the interface down before configuration, should prevent OpenVPN complaining about the device being busy in some cases. 
A bit of a work-around for https://forum.opnsense.org/index.php?topic=33837.0
 2023-05-04 22:24:28 +02:00
Franco Fichtner
0c6486be09 system: missing interface here #6544 2023-05-04 19:54:43 +02:00
Ad Schellevis
82ad0c1b36 System/logging - add kernel messages to the general system log. I think we removed these accidentally a long time ago when moving to syslog-ng. 2023-05-04 15:02:53 +02:00
Ad Schellevis
269b8b7899 Firewall: Settings: Advanced - minor fix in a8e95f7184 change default to be less noisy. 2023-05-04 12:00:40 +02:00
Ad Schellevis
fcaa6f15a9 legacy/csrf check - in some cases people receive a csrf error when posting a legacy form, which does seem to be caused by newToken() registering new session variables onto a closed session. As authgui.inc closes the session after usage, a race might happen. Make sure the session is opened before using it, we likely don't have to bother closing it as the legacy page already assumed it was closed on script exit. 2023-05-04 09:39:37 +02:00
Franco Fichtner
485716532c src: style issues 2023-05-04 08:29:58 +02:00
Ad Schellevis
2c21525810 System: Access: Users - prefix api key filename with fqdn of this host, eases administration when needing to create a lot of keys. 2023-05-03 18:06:43 +02:00
Franco Fichtner
d893feaeab unbound: validate against service's dns_ports 2023-05-03 13:23:39 +02:00
Stephan de Wit
558026763f unbound: leftover stats check 2023-05-03 12:57:56 +02:00
Stephan de Wit
ba600a7e7d unbound: adjust overview page to stats setting in model 2023-05-03 10:47:33 +02:00
Stephan de Wit
db022a5cef unbound: shorten previous 2023-05-03 10:42:31 +02:00
Stephan de Wit
46cef8a72d unbound: general: include statistics toggle for general page migration 2023-05-03 10:21:10 +02:00
Ad Schellevis
643cb5d157 Firewall: Aliases - add missing scrub rules in dependency check 2023-05-03 09:25:45 +02:00
Stephan de Wit
c5373f4c8a unbound: ACLs: remove 'Default' annotation from dropdown 2023-05-03 08:49:09 +02:00
Stephan de Wit
0bf8acc35c unbound: ACLs: default to 'allow' in template 2023-05-03 08:46:19 +02:00
Ad Schellevis
a8e95f7184 Firewall: Settings: Advanced - add "set debug" and "set keepcounters" options in the advanced section. 
in some cases it can be practical to retrieve more debug output from the packet filter, in which case one can now enable this in the gui. The keepcounters toggle is added recently, it looks like an interesting option to being able to keep the rule statistics over reloads, if someone would like to try this, it makes sense to expose it to the gui as well (off by default).
 2023-05-02 18:46:56 +02:00
Ad Schellevis
368e7ac15e configd: Jinja helper function to show current iso timestamp in local timezone. closes https://github.com/opnsense/core/issues/5341 
At the moment further refactoring of the template code is likely not needed, let's keep the helper functions statically in template_helpers.py for now
 2023-04-29 17:30:45 +02:00
Ad Schellevis
2850c263c8 Services: DHCPv4 - when cleaning up static leases we probably shouldn't remove the ones where only a mac address is set (as placeholder for a description). could be https://github.com/opnsense/core/issues/6532 2023-04-29 09:51:51 +02:00