lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-13 08:09:41 +00:00
Code Issues Packages Projects Releases Wiki Activity
15,271 Commits 1 Branch 0 Tags
Commit Graph

15271 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ad Schellevis
c2f407ca4c Interfaces: Virtual IPs: Settings - Improve address cleanup so modifications to VIPs are less likely to end up with multiple interfaces using the same address. 
With the previous code it was quite easy to move an address to another interface after which that address was configured on both (new and old).
 2023-05-09 16:57:48 +02:00
Franco Fichtner
58528970e0 pkg: fix plist 2023-05-08 15:17:56 +02:00
Ad Schellevis
99438a838e Services/Unbound - remove 85-dnsbl syshook causing a download on boot. closes https://github.com/opnsense/core/issues/6523 2023-05-08 15:16:26 +02:00
Franco Fichtner
ee4e002d0d unbound: fix migration for 1.0.5 #6550 2023-05-08 10:55:19 +02:00
Franco Fichtner
378d9a3a6c unbound: fix migration 1.0.3 for #6550 2023-05-08 10:46:05 +02:00
Franco Fichtner
c29cd77465 system: fixup previous #6544 2023-05-05 08:40:46 +02:00
Franco Fichtner
3700b11f30 system: improve monitor alarm situation by not reloading monitors #6544 
This would cause more alarms...
 2023-05-05 08:27:25 +02:00
Ad Schellevis
c22f74a786 VPN/OpenVPN - force the interface down before configuration, should prevent OpenVPN complaining about the device being busy in some cases. 
A bit of a work-around for https://forum.opnsense.org/index.php?topic=33837.0
 2023-05-04 22:24:28 +02:00
Franco Fichtner
0c6486be09 system: missing interface here #6544 2023-05-04 19:54:43 +02:00
Ad Schellevis
82ad0c1b36 System/logging - add kernel messages to the general system log. I think we removed these accidentally a long time ago when moving to syslog-ng. 2023-05-04 15:02:53 +02:00
Ad Schellevis
269b8b7899 Firewall: Settings: Advanced - minor fix in a8e95f7184 change default to be less noisy. 2023-05-04 12:00:40 +02:00
Ad Schellevis
fcaa6f15a9 legacy/csrf check - in some cases people receive a csrf error when posting a legacy form, which does seem to be caused by newToken() registering new session variables onto a closed session. As authgui.inc closes the session after usage, a race might happen. Make sure the session is opened before using it, we likely don't have to bother closing it as the legacy page already assumed it was closed on script exit. 2023-05-04 09:39:37 +02:00
Franco Fichtner
485716532c src: style issues 2023-05-04 08:29:58 +02:00
Ad Schellevis
2c21525810 System: Access: Users - prefix api key filename with fqdn of this host, eases administration when needing to create a lot of keys. 2023-05-03 18:06:43 +02:00
Franco Fichtner
d893feaeab unbound: validate against service's dns_ports 2023-05-03 13:23:39 +02:00
Stephan de Wit
558026763f unbound: leftover stats check 2023-05-03 12:57:56 +02:00
Stephan de Wit
ba600a7e7d unbound: adjust overview page to stats setting in model 2023-05-03 10:47:33 +02:00
Stephan de Wit
db022a5cef unbound: shorten previous 2023-05-03 10:42:31 +02:00
Stephan de Wit
46cef8a72d unbound: general: include statistics toggle for general page migration 2023-05-03 10:21:10 +02:00
Ad Schellevis
643cb5d157 Firewall: Aliases - add missing scrub rules in dependency check 2023-05-03 09:25:45 +02:00
Stephan de Wit
c5373f4c8a unbound: ACLs: remove 'Default' annotation from dropdown 2023-05-03 08:49:09 +02:00
Stephan de Wit
0bf8acc35c unbound: ACLs: default to 'allow' in template 2023-05-03 08:46:19 +02:00
Ad Schellevis
a8e95f7184 Firewall: Settings: Advanced - add "set debug" and "set keepcounters" options in the advanced section. 
in some cases it can be practical to retrieve more debug output from the packet filter, in which case one can now enable this in the gui. The keepcounters toggle is added recently, it looks like an interesting option to being able to keep the rule statistics over reloads, if someone would like to try this, it makes sense to expose it to the gui as well (off by default).
 2023-05-02 18:46:56 +02:00
Ad Schellevis
368e7ac15e configd: Jinja helper function to show current iso timestamp in local timezone. closes https://github.com/opnsense/core/issues/5341 
At the moment further refactoring of the template code is likely not needed, let's keep the helper functions statically in template_helpers.py for now
 2023-04-29 17:30:45 +02:00
Ad Schellevis
2850c263c8 Services: DHCPv4 - when cleaning up static leases we probably shouldn't remove the ones where only a mac address is set (as placeholder for a description). could be https://github.com/opnsense/core/issues/6532 2023-04-29 09:51:51 +02:00
Franco Fichtner
aefd3f0c2e unbound: correct ACL pattern 2023-04-28 14:06:08 +02:00
Franco Fichtner
1ff709dc91 dhcp: test root domain for DNSSL/radvd 
PR: https://github.com/opnsense/core/issues/6529
 2023-04-28 08:44:51 +02:00
Franco Fichtner
c6d4ffd5e0 system: calling return_down_gateways() depends on default gw switch setting 2023-04-27 13:33:06 +02:00
Franco Fichtner
14fbf4302f openvpn: possible mismatch in status check 2023-04-26 09:50:24 +02:00
Franco Fichtner
8db8ceb4b9 firmware: show support tiers in plugin list; closes #6374 2023-04-26 09:36:58 +02:00
Franco Fichtner
80af1c5ae9 firmware: move sets.sh into more portable query.sh and add tiers fetch #6374 2023-04-26 09:36:58 +02:00
Franco Fichtner
c7f4c8f38b pkg: embed metadata as annotations #6374 
Allows us to (r)query for info such as product_tier.
 2023-04-26 08:52:43 +02:00
Franco Fichtner
10246ca4ea openvpn: enable deferred authentication for OpenVPN 2.6; closes #6293 
Sponsored by: m.a.x. it (https://www.max-it.de/)
 2023-04-25 16:15:47 +02:00
Franco Fichtner
94d3ef10a9 firmware: now that we have a model do not overdo cleanup 
It causes spurious changes in the config.xml
 2023-04-25 09:20:15 +02:00
Franco Fichtner
780bb10f2c firmware: fix execution when not possible 
PR: https://forum.opnsense.org/index.php?topic=33593.0
 2023-04-25 08:00:35 +02:00
Ad Schellevis
5280cb346b MVC - SimpleActionButton, prevent crashing out when endpoint doesn't return data. for https://github.com/opnsense/core/issues/6520 2023-04-24 20:22:40 +02:00
Ad Schellevis
7f960d73f5 Services: Intrusion Detection - prevent passing null to json_decode() in PolicyContentField.php 2023-04-24 20:21:00 +02:00
Franco Fichtner
63e533f216 firmware: deal with subscription preset in factory reset 
This isn't ideal but it lets us run a migration and validate it.
 2023-04-24 18:57:53 +02:00
Franco Fichtner
165327ba72 dhcp: remove ::/64 magic as it uses AdvRouterAddr yes 
We should restart when we need to these days, it messes with
virtual IP additions and it also breaks hashing for configuration
changes indicating there is no shift in prefix.
 2023-04-24 17:05:05 +02:00
Franco Fichtner
3cb2dd7669 dhcp: restart radvd on config changes #6522 
prefix is not deprecated unless we shut down
 2023-04-24 16:58:18 +02:00
Ad Schellevis
42e44ee244 configd - templates: minor code cleanups 2023-04-22 17:18:26 +02:00
Ad Schellevis
8b9efd3a8c Services: Intrusion Detection - minor performance improvements when parsing metadata from rules. 2023-04-22 16:51:21 +02:00
Ad Schellevis
8a3040fecd Dashboard/OpenVPN - missed a spot in 4978b067d5 closes https://github.com/opnsense/core/issues/6516 2023-04-21 20:34:25 +02:00
Ad Schellevis
f0fd1dc6c0 Services: Intrusion Detection - implicit typecase (warnings in debug mode) 2023-04-21 18:29:16 +02:00
Stephan de Wit
41728b7901 unbound: dnsbl_module: (test-mode) assume a query can pass if a blocklist file is empty 2023-04-21 10:09:25 +02:00
Franco Fichtner
a6268ecc27 firmware: revoke 22.7 fingerprint 2023-04-21 07:36:27 +02:00
Franco Fichtner
9a0da8d50b pkg: fix plist 2023-04-21 07:25:14 +02:00
Ad Schellevis
f09e9d05de configd - reorganise action types, use ActionFactory to offer the requested type which decents from BaseAction. 
All supported types have been copied (more or less without modifications) from processhandler.py and ph_inline_actions.py. Ideally the inline part should be restructed at some point as well, one class per type is more clean, but to limit impact this only moves our options around.
 2023-04-20 21:48:42 +02:00
Ad Schellevis
c9e36ef230 devd - carp : add INIT as status to catch events for. https://github.com/opnsense/core/issues/6506 2023-04-20 18:14:27 +02:00
Franco Fichtner
d7caf0a667 unbound: fix netmask on IPv6 localhost 2023-04-20 13:06:32 +02:00