lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-20 11:26:13 +00:00
Code Issues Packages Projects Releases Wiki Activity
10,965 Commits 1 Branch 0 Tags
Commit Graph

10965 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ad Schellevis
df4fe1c683 IDS, missing cleanup after rule installation, for https://github.com/opnsense/core/issues/3472 2019-05-08 11:47:54 +02:00
Ad Schellevis
e224771ce0 filter, prevent carp outgoing packets to use the configured gateway (route-to), for https://github.com/opnsense/core/issues/3468 2019-05-08 10:51:32 +02:00
Ad Schellevis
5f74394175 LDAP: authentication connector, add support to synchronise groups after login for https://github.com/opnsense/core/issues/3471 using the ldap_sync_memberof attribute. 
This feature depends on ldap_read_properties to return user properties after login.

TODO:
	- extend the server setup page to include the checkbox for ldap_sync_memberof
	- add group list to limit scope of the sync
 2019-05-07 22:09:46 +02:00
Franco Fichtner
461508544d src: style sweep on filter.lib.inc 
authgui.inc is the last file, it has a number of issues to be
looked at manually later on.
 2019-05-07 07:58:54 +02:00
Franco Fichtner
cce8982e22 dhcpd: change rule prio to 1 to avoid bogon clash #2148 
Discussed with: @adschellevis
 2019-05-06 10:03:17 +02:00
Franco Fichtner
5f4315c40c system: stop using a lock around resolv.conf handling #2267 
This might kill a bit of delay in function use by doing an atomic
move to update resolv.conf.  Even if several instances are running
at the same time the contents of the file will be the same now.

I don't expect issues with the DNS route updates either: even if
they are removed or added twice, they will always end up being there.
 2019-05-06 08:36:30 +02:00
Franco Fichtner
ab75fbb673 make: add the glue for extended style sweep default 2019-05-06 07:43:07 +02:00
Franco Fichtner
426061a17b src: time to extend style sweep to src/etc/inc 2019-05-06 07:43:07 +02:00
Ad Schellevis
a6013d0545 filter, rules center select columns, closes https://github.com/opnsense/core/issues/3462 2019-05-05 14:11:29 +02:00
Franco Fichtner
d9f70415fa firewall: translation fixes 2019-05-05 13:13:19 +02:00
Franco Fichtner
a90a920598 wizard: translate typehint as well 2019-05-05 11:08:19 +02:00
Ad Schellevis
97d0b22a60 firewall/nat outbound translation typo, closes https://github.com/opnsense/core/issues/3463 2019-05-04 19:44:41 +02:00
Franco Fichtner
8427198875 interfaces: wrong brace, wouldn't happen with mwexecf() :P 
PR: https://github.com/opnsense/core/issues/3310
 2019-05-04 14:46:21 +02:00
Franco Fichtner
ce68d5a547 dhcpd: finish pluginification by renaming services_dhcpd_configure() 
While here let v4 and v6 DHCP steer what we're reloading.  That
should be wee bit quicker...
 2019-05-04 13:20:18 +02:00
Franco Fichtner
8279f28288 interfaces: IPv6 only reset trackers on new IPv6 #3415 2019-05-04 12:31:06 +02:00
Franco Fichtner
96383c8aa4 radvd: remove rasend/ranosend checkbox; closes #3365 
I'm removing this after more research in the hopes that nobody
will be complaining about it.  The sad side is that this is a
simple patch and a PR would have been an effective way to review
and decide on removal.  This way, core team members are forced
to spend time otherwise spent on reasearching impact *and* also
writing the code to do it which from a divide-and-conquer view
makes this code change worse than it could have been.  ;)
 2019-05-04 12:11:28 +02:00
Franco Fichtner
3e3b371af1 radvd: CARP almost works correctly here 
Although I doubt anybody is using this...  It looks like there
is no HA sync option and the pair is advertising away in the
network.  ;)
 2019-05-04 12:00:26 +02:00
Franco Fichtner
e67dade991 radvd: use AdvDefaultLifetime 0, remove duplicates; closes #3343 2019-05-04 11:35:52 +02:00
Franco Fichtner
6e727e43d2 system: allow an arbitrary group for sudo like ssh login; closes #3407 2019-05-04 10:43:32 +02:00
René
db4b4570d5 opnsense - core theme modal fix for (19.7) (#3459) 2019-05-04 07:39:10 +02:00
Franco Fichtner
32ff471bf5 firmware: package manager not responding fixes; closes #3172 2019-05-03 17:09:18 +02:00
Franco Fichtner
8fe295f70e web proxy: prettify timestamps 2019-05-03 13:50:21 +02:00
nhirokinet
1c1b8bcac9 Squid log webUI in readable date format #1831 (#3326) 2019-05-03 13:12:38 +02:00
Ad Schellevis
f2305e3445 Filter/aliases, port validation ignored leading/trailing spaces, align validation to how is_port() validates when writing the rules. unfortunately filter_var() still lacks proper validation for these cases. closes https://github.com/opnsense/core/issues/3458 2019-05-03 09:16:19 +02:00
Martin Wasley
1963eef793 Add EN DUID Generation using Opnsense PEN. (#3436) 2019-05-02 19:46:52 +02:00
Franco Fichtner
b4e7611601 firewall: part of #3429 2019-05-02 10:11:08 +02:00
Ad Schellevis
19bc872ae4 Revert "Gateways, move 6adafe8be0 around." 
This reverts commit 2ed68adaafc5f6c5982d2e839e988dd966688f55.
 2019-05-01 21:34:13 +02:00
Ad Schellevis
2ed68adaaf Gateways, move 6adafe8be0 around. 2019-05-01 21:29:16 +02:00
Franco Fichtner
210f2c2564 src: whitespace sweep 2019-05-01 13:37:23 +02:00
Franco Fichtner
6adafe8be0 system: unset gateway here too 
PR: https://forum.opnsense.org/index.php?topic=11540.0
 2019-05-01 11:27:42 +02:00
Franco Fichtner
a4958ed125 ipsec: remove check, too trigger-happy 2019-04-30 14:33:36 +02:00
Franco Fichtner
da7b2232c1 src: style sweep 2019-04-30 00:46:56 +02:00
Franco Fichtner
ad640ed46a interfaces: a little more back and forth 
On the bright side, /64 is the standard for handing out subnets
on the LAN side and larger subnets are only delegated, not assigned.
 2019-04-30 00:39:35 +02:00
Franco Fichtner
4db538d742 system: move pluggable call to plugin where it belongs 2019-04-30 00:26:29 +02:00
Franco Fichtner
0b03d14e16 interfaces: get_failover_interface() moves to dyndns plugin 2019-04-30 00:20:09 +02:00
Franco Fichtner
cff3ac98bb interfaces: this seems wrong... 2019-04-30 00:09:03 +02:00
Franco Fichtner
db8373ffe4 system: rfc2136 supporting gwgroups is a lie 2019-04-29 23:56:02 +02:00
Franco Fichtner
04c6997b9e util: make waitforpid($pidfile, 0) behave just like isvalidpid() 2019-04-29 23:24:32 +02:00
Franco Fichtner
82b8cf77b9 openvpn: minor tweaks #3223 2019-04-29 23:11:36 +02:00
Franco Fichtner
1669dde214 openvpn: waitforpid() use to catch race; closes #3223 2019-04-29 23:02:31 +02:00
Franco Fichtner
061a3a4035 system: a little more pretty print 2019-04-29 14:11:30 +02:00
Franco Fichtner
dba3a964de system: remove rc.monitor in favour of pluggable rc.syshook facility 2019-04-29 13:53:26 +02:00
Franco Fichtner
1bc478fbaa openvpn: remove gw switching logic; closes #3449 
This removes the last part of gw switching capabilities from OpenVPN
in a backwards-incompatible way.  For clients they can already reconnect
if you use "any" or an internal LAN. For servers you don't bind to WAN
in Multi-WAN or gateway groups.  Use localhost + NAT rules for both
WANs instead.

Discussed with: @adschellevis
 2019-04-29 13:43:18 +02:00
Franco Fichtner
18422180ad src: style sweep 2019-04-29 09:45:44 +02:00
Franco Fichtner
ecdf0404b7 openvpn: deflect a carp event ealier for servers 
If the server is running don't stop it.  If it is not running
go through the trouble of trying to start it.
 2019-04-29 09:25:01 +02:00
Franco Fichtner
a2c38b7c87 interfaces: use ifconfig group add invoke only once 2019-04-29 09:07:58 +02:00
Franco Fichtner
055913845e interfaces: unicode whitespace of death 2019-04-29 08:53:06 +02:00
Franco Fichtner
c0d3142a5b interfaces: another rule for group name... 
...as dictated by ifconfig.  Found out the hard way.  ;)
 2019-04-29 08:51:54 +02:00
Franco Fichtner
808c43d705 interfaces: typo in mwexecf() conversion 2019-04-29 08:44:00 +02:00
Franco Fichtner
6018681623 dhcpd: more conversion, only services_dhcpd_configure() left 2019-04-29 08:05:15 +02:00