We can set gateway to null as it is ignored when setting host
route. Also adhere to logic for interface selection in both
DNS modes, but only exclude from configuration list for dynamic
ones.
For the time being we don't need static/dymanic annotation
as the system doesn't care by design and we don't filter it
anywhere else. Might be something for the status page, but
that's a larger change to level expectations vs. dyamic
connectivity properties.
A couple of style issues here and there as well.
This is strange, but no the strangest thing to happen. Partially
restore the old functionality but this time make sure we only
flip IPv4 on IPv4 and IPv6 on IPv6 changes instead of everything
all the time.
To limit the impact, make sure to only alter vlans now, eventually we should fix the other models as well as they are using // too (but are less likely to overlap)
(take 2)
To limit the impact, make sure to only alter vlans now, eventually we should fix the other models as well as they are using // too (but are less likely to overlap)
Although the prepended 0 might look less intuitive it prevents overlaps when creating new vlans using "ifconfig vlan create" (2637e6ebca/src/etc/inc/interfaces.lib.inc (L77)), to keep qinq and vlan's consistent prepend on both types.
ref 2637e6ebca
Since we also change the vlan names here for new devices to eventually
avoid overlong vlan interface names (#3222) we need to make sure the
rest of the system knows the new prefixes.
Some related style changes in code and text.
This PR pulls query forwarding over the current dot setup, so visually nothing changes.
All API calls are redirected to new Forward functions, which slightly modifies what is returned based on whether "Query Forwarding" or "DNS over TLS" is selected from the menu. This way backwards compatibility is preserved.
As an addition, a user is now able to specify a specific domain for a forward zone as well. Meaning that queries for this specific domain will skip a catch-all (".") domain (if specified), and instead use the server specified for this domain.
Entering a forward zone with a catch-all domain (".") in both Query Forwading and DNS over TLS is considered a duplicate by Unbound, so a static warning for this has been attached in the grid - however, it might be possible for a user to be warned dynamically over this.
Detach the OpenVPN filter reload a little so we make sure it only
executes once if the reconfigure all. Not sure if these are strictly
neeeded but better to keep them now.
I'm not sure why interface_bring_down() is needed when both
IPv4 and IPV6 are empty. It sort of means "handle this the
hard way when doing tunnel configurations" althoug the code
disagrees about the historic comment and the code that was
introduced... "set to none" vs. "ipaddr <> none" and later
"empty(ipaddr)" to match the comment. In the grand scheme of
things this does not matter at all...
So in 22.1.3 we removed the inline configuration of GIF and GRE
which causes interface configuration to strip the addresses
added by device configuration instead of refixing it on the
fly (executing code twice all the time). The code flow was
always correct but in practice tripping over itself so now try
a more sensible approach by stripping addresses when we have
assignments going on individually for IPv4 and IPv6.
PR: https://forum.opnsense.org/index.php?topic=27553.0
Under normal circumstances a tunnel that is assigned to an
interface will be restarted when said interface becimes
available. This is to fix the previous load of the device
when the actual interface wasn't yet ready.
Historic oversight of wedging in a loopback interface in virtual IP
section while not making sure the actual configuration receives a
virtual IP when it needs to. This was previously fixed by a batch
VIP regeneration in interfaces_configure() but we already saw that
this is not needed in 99% of the cases.
PR: https://forum.opnsense.org/index.php?topic=27547.0
Ideally rc.newwanip should be as lightweight as possible, with 8c49c7bfdd in place normal execution doesn't take much time, but it likely doesn't make sense to hook gif|gre interfaces either when nothing has changed.
closes https://github.com/opnsense/core/issues/5624
