lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-19 19:15:22 +00:00
Code Issues Packages Projects Releases Wiki Activity
13,598 Commits 1 Branch 0 Tags
Commit Graph

13598 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Franco Fichtner
f0aeb0eff1 interfaces: add all sorts of stuff to interfaces_addresses() #5086 
It allows us to do post-processing on returned addresses for
e.g. #5086 alias parsing for unwanted automatic bind mode.
 2021-09-22 11:12:12 +02:00
Franco Fichtner
48f24dfe86 src: style sweep 2021-09-22 11:12:12 +02:00
Ad Schellevis
d6be0bfdb4 Firewall / Aliases - add "virtual" properties to model representing the current pf table stats and represent these in the alias grid. 2021-09-21 19:45:56 +02:00
Ad Schellevis
c96e5f88b4 Firewall / Aliases - minor bugfix in "filter diag table_size" (caf4439cf0) 2021-09-21 16:34:03 +02:00
Ad Schellevis
9da5c28f40 Firewall / Rules - specify overload table on max new connections, closes https://github.com/opnsense/core/issues/5229 2021-09-21 15:27:44 +02:00
Franco Fichtner
ea7709e268 unbound: adjust help text since range domain is being used 2021-09-21 11:42:27 +02:00
Ad Schellevis
42e80e1c3a Unbound+dhcp: fix template, enforce list when querying pools 2021-09-21 11:11:43 +02:00
Franco Fichtner
3fc136b7bd firewall: add automatic outbound NAT logging option 
This is largely for testing our NAT log patch, but might be
useful for someone.

Inline filterlog restart since it uses syslog() and does not
need to be restarted when syslog settings change.
 2021-09-21 09:23:09 +02:00
Ad Schellevis
caf4439cf0 Firewall / Aliases - extend "filter diag table_size" command to include details as well. 2021-09-20 21:59:00 +02:00
Franco Fichtner
82b2ede99b ipsec: add shared function to simplify ipsec code #5201 2021-09-20 20:35:02 +02:00
Franco Fichtner
e2ad649886 ipsec: meh 2021-09-20 15:10:39 +02:00
Franco Fichtner
0cd0b8962d ipsec: add and use find_smallest_cidr6() variant #5201 2021-09-20 15:07:23 +02:00
Franco Fichtner
719b31bc80 src: replace __toString() calls with casts; closes #5225 2021-09-20 12:11:27 +02:00
Maurice Walker
3807cf8b73 router advertisements: remove AdvRDNSSLifetime / AdvDNSSLLifetime bounds; closes #4893 
RFC 8106 removes the bound of acceptable values:

https://tools.ietf.org/html/rfc8106#section-5.1
https://tools.ietf.org/html/rfc8106#section-5.2
 2021-09-17 12:36:31 +02:00
Franco Fichtner
c7c629945e dhcp: try to guide when subnets are too small; closes #4762 
Lots of loosely related changes addressing small bugs and
wrong assumptions of the available IP ranges.
 2021-09-17 12:18:37 +02:00
Franco Fichtner
cbb402cd0f unbound: never used this unbound cache flush spot 2021-09-17 10:53:22 +02:00
Franco Fichtner
d5d52ac975 system: add xc0 entry video console entry if node exists; closes #4688 2021-09-17 10:33:30 +02:00
Franco Fichtner
e9947f07cd mvc: may be better to hide "nothing to do" messages 2021-09-16 14:04:50 +02:00
Franco Fichtner
9e9971f464 mvc: vim is doing strange things nowadays wanting tabs over spaces ;( 2021-09-16 13:57:03 +02:00
Franco Fichtner
e7e955f573 mvc: retain attributes in single values; closes #4633 
Second try: retain attribute values as sibling nodes with
a name up front.  If the sibling does not exist fail silently
like before.  At least from testing this no longer produces
any shift in the config.xml between string nodes with attributes.

Test XML:

<?xml version="1.0"?>
<opnsense>
  <staticroutes version="1.0.0"/>
  <someotherthing version="1.0.0">
    <foo/>
  </someotherthing>
  <thing version="1.0.0"></thing>
  <alias version="1.0.0"/>
  <doesthisdoit></doesthisdoit>
</opnsense>

Test PHP:

<?php

require_once 'config.inc';

OPNsense\Core\Config::getInstance()->fromArray(load_config_from_file('foo.xml'));
print_r(OPNsense\Core\Config::getInstance()->__toString());

Result XML:

<?xml version="1.0"?>
<opnsense>
  <staticroutes version="1.0.0"/>
  <someotherthing version="1.0.0">
    <foo/>
  </someotherthing>
  <thing version="1.0.0"/>
  <alias version="1.0.0"/>
  <doesthisdoit/>
</opnsense>
 2021-09-16 13:46:58 +02:00
Franco Fichtner
ca6f461378 ipsec: clear irrelevant upper bits in previous #5201 
Shifting bits up has the effect of them lingering if not cleared.
Has no impact on operation on IP address but not good style anyway.
 2021-09-16 12:23:25 +02:00
Franco Fichtner
9e44d9a1a9 ipsec: rewrite netmask calculation #5201 
We need to make sure both the local and the remote IP belong to
the same CIDR range, which might not be the case if we just
calculate the subnet size required by their direct distance.

Rewrite find_smallest_cidr() to take an array of IPs to calculate
their smallest shared subnet mask.  Code is actually pretty simple
and fast.  However, we are not going to account for network and
broadcast address reservation unless that turns out to be an issue.

In the IPv6 case assume that /64 is a good approximation of the
result.

Remove code cruft in utilities while at it also replacing a simple
function only called once in setaddr.sh.
 2021-09-16 09:54:33 +02:00
Franco Fichtner
f51957afbb util: remove unused get_ll_scope() 2021-09-16 09:54:33 +02:00
Franco Fichtner
9b48085538 ipsec: inline only caller of this function 
Loosely related to #4749.
 2021-09-16 09:54:33 +02:00
kulikov-a
0ee3ecde53 allow /30 for p2p 2021-09-16 09:50:40 +02:00
Franco Fichtner
9335c87a6f interfaces: fix two refactors and remove irrelevant XXX #4749 2021-09-15 21:24:14 +02:00
Franco Fichtner
4583c32ee7 interfaces: find_interface_ip*() no longer in use #4749 2021-09-15 21:12:08 +02:00
Franco Fichtner
f97d35508f interfaces: replace laster callers of find_interface_ipv6() #4749 2021-09-15 21:11:42 +02:00
Franco Fichtner
5475d58b98 interfaces: zap find_interface_ip() in two spots #4749 2021-09-15 21:04:52 +02:00
Franco Fichtner
56467eb82e interfaces: improve naming #4749 2021-09-15 15:07:59 +02:00
Franco Fichtner
8ef7cac570 interfaces: remove primary addresses on down #4749 2021-09-15 14:25:05 +02:00
Franco Fichtner
9147c140b2 interfaces: whitespace for code alignment 2021-09-15 14:24:36 +02:00
Franco Fichtner
6f887fa213 interfaces: change get_interface_ip() internals #4749 2021-09-15 14:23:53 +02:00
Franco Fichtner
65779b80bb interfaces: remove find_interface_ipv6_ll() et al. #4749 2021-09-15 13:34:16 +02:00
Franco Fichtner
5ec2b43f46 system: fix "search" use in resolv.conf #5102 2021-09-15 12:14:28 +02:00
Franco Fichtner
cee9f6a7ba firewall: tweak wording in previous 2021-09-15 09:13:12 +02:00
Franco Fichtner
d2291d21d2 firewall: fixup prio texts and enable relevant sysctl for FreeBSD 13 
It only reads or writes VLAN header priority code points.

While here inline the forwarding sysctls instead of setting them all
the time.

PR: https://forum.opnsense.org/index.php?topic=24756.0
 2021-09-15 09:08:12 +02:00
Franco Fichtner
35ec0ae1c7 firewall: improve alias description/preview #5199 2021-09-14 16:16:15 +02:00
Franco Fichtner
c9c0055b8b openvpn: do not create empty router file 2021-09-14 10:46:30 +02:00
Franco Fichtner
0d5ef68694 interfaces: sync groups between possible create/destroy operations 
Had to tiptope around f2769fe099 which seems useful but counter-
intuitive.  Renaming live groups is a bad concept.

PR: https://github.com/opnsense/core/issues/5189
 2021-09-13 14:07:24 +02:00
Franco Fichtner
ba505fb122 interfaces: fix embedded rename in ifconfig scripting 2021-09-13 13:27:40 +02:00
whc2001
15f5ff8755 Correct the melody database directory in manpage 2021-09-12 08:20:48 +02:00
Franco Fichtner
002d7637bd firewall: remove unreachable and incorrect code 
PR: https://forum.opnsense.org/index.php?topic=24654.0
 2021-09-09 10:19:52 +02:00
Franco Fichtner
7bd5f2ae4c pkg: fix plist, license and parsing thereof 2021-09-09 09:16:18 +02:00
Kyle Evans
c9443c31b7 root: add lualoader brand and logo 2021-09-09 09:13:26 +02:00
Franco Fichtner
503f23bb7b Revert "Fix compare interfaces. (#5173)" 
This reverts commit 4b60a9893e2ac4ac0f2576bac0a2f5fd0d21b2c8.
 2021-09-08 08:11:30 +02:00
Franco Fichtner
a99a6549eb system: add product title to auth pages; closes #5196 
While here get rid of fake HTTP response code in error page.
Need to add jQuery as well for CSRF injection.
 2021-09-06 11:02:34 +02:00
Ad Schellevis
4c4266045e System / Configuration / Backups - unescaped source field used for passwords. closes https://github.com/opnsense/core/issues/5197 2021-09-03 22:00:33 +02:00
Franco Fichtner
45c2dde9b9 pkg: fix plist 2021-09-03 14:29:59 +02:00
Franco Fichtner
f5eb97eb5c firmware: add fingerprint for 22.1 testing 
Much earlier than usual but we need the time to test it.
 2021-09-03 14:29:05 +02:00