lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-14 08:34:39 +00:00
Code Issues Packages Projects Releases Wiki Activity
15,625 Commits 1 Branch 0 Tags
Commit Graph

15625 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Franco Fichtner
ea92afafc5 system: move development languages to development flag instead 
This avoids carrying a diff between master and respective stable.
 2023-08-25 15:09:13 +02:00
Franco Fichtner
cf4f47d91f system: update translations 2023-08-25 11:31:49 +02:00
Stephan de Wit
fb2d2f63d1 dhcpd6: fix iaid_duid parsing 
It seems it's possible for whitespace to exist between the double quotes
and iaid_duid identifier. We also make sure that we're correctly
able to identify the ending bracket of a single iaaddr or iaprefix
segment.
 2023-08-25 08:53:46 +02:00
Ad Schellevis
1dbcf112e6 Firewall: Rules - fix group priority handling introduced in 8e197ff73e , closes https://github.com/opnsense/core/issues/6772 2023-08-24 19:47:04 +02:00
Ad Schellevis
318be6ab60 System: Configuration: Backups - fix missing config save when rrddata is supplied, closes https://github.com/opnsense/core/issues/6774 2023-08-24 19:25:11 +02:00
Franco Fichtner
587a50cb7c system: don't hide the error that can no longer happen 2023-08-24 10:06:51 +02:00
Franco Fichtner
b94097567c system: defer config reload to SIGHUP in gateway watcher 
This should considerably lower CPU usage as reported a few times.
We do need to bring in pcntl PHP module in order to get that done
easily in the script.

PR: https://forum.opnsense.org/index.php?topic=35219.0
 2023-08-24 10:00:54 +02:00
Stephan de Wit
6b90972371 dhcpd: map interfaces to interface names, not devices 2023-08-24 09:58:34 +02:00
Ad Schellevis
7406a5067f Services: Unbound DNS - likely locking issue in https://forum.opnsense.org/index.php?topic=35527.0 , concurrent session closing the handle while still writing data. 2023-08-24 08:39:16 +02:00
Ad Schellevis
6487512a8e Firewall: Diagnostics: Sessions - improve filter functionality to combine multiple (network) clauses, which is more consistent with how grid searches work now and equals State search 2023-08-22 13:21:10 +02:00
Franco Fichtner
ffcdd3dd56 system: tweak previous 2023-08-22 10:10:08 +02:00
Stephan de Wit
0b6317accb MVC: Add allowEmpty option to UniqueConstraint 
This is useful in cases where "empty" has special meaning, but is allowed
to occur multiple times, while any set value still has to adhere
to the unique constraint.
 2023-08-22 08:50:45 +02:00
Franco Fichtner
720216f10e system: clear all /var/run dirs on bootup 
PR: https://forum.opnsense.org/index.php?topic=35496.0
 2023-08-21 21:36:49 +02:00
Ad Schellevis
3322a2e2ae Firewall: Diagnostics: States - improve filter functionality to combine multiple (network) clauses, which is more consistent with how grid searches work now. 2023-08-21 20:46:02 +02:00
Franco Fichtner
97d5675125 firmware: remove defunct mirror 
Was shut down a while ago due to lack of resources
 2023-08-21 17:12:35 +02:00
Ad Schellevis
d77236705c Services/Web Proxy - dns_v4_first deprecated quite some time ago (http://www.squid-cache.org/Doc/config/dns_v4_first/) 2023-08-21 16:36:19 +02:00
Franco Fichtner
7f1d8c66d3 system: handle force_down correctly in gateway watcher 
It was raised on the forum that this is not seen and was likely ignored
by the old system in the past as well.
 2023-08-21 08:45:17 +02:00
Ad Schellevis
9b0cabe00b Services: Intrusion Detection: Administration - fix minor display issue. when netmap is used, some events originate from int^, which doesn't match our interface name. remove ^ when used in interface name. 2023-08-19 17:35:35 +02:00
Karlson2k
ccddb825bc
Unbound: fixed configuration when custom blocks are used (#6756) 
Signed-off-by: Evgeny Grin <k2k@narod.ru>
 2023-08-18 15:50:20 +02:00
Ad Schellevis
fa57bf6688 VPN: IPsec: Tunnel Settings - minor bugfix in copy, reqid should not stick. 2023-08-17 18:05:14 +02:00
Franco Fichtner
4fa01e5531 interfaces: show identifier, PPP type modem ports and style updates 2023-08-17 10:25:26 +02:00
Franco Fichtner
8d44e443e6 interfaces: fix parent config access 2023-08-17 09:47:24 +02:00
Franco Fichtner
170eaeecce interfaces: go the extra mile for PPP 
Set resulting MTU on the assigned PPP device as well as doing the
right thing for setautosrc translating the device name and doing it
post-load when netgraph is loaded.

Don't do both of these things for MLPPP as we would end up with
inconsistencies of multiple devices trying to set (possibly differing)
values.
 2023-08-17 09:28:26 +02:00
Franco Fichtner
888f6e13c6 system: tweak routing service message 2023-08-17 08:53:56 +02:00
Franco Fichtner
40f36da905 interfaces: adjust MTU before creating IPv4 config 
This is possible now since we no longer set the MTU on the PPP device,
wich is not created before IPv4 handling.  We may have to add the MTU
to the PPPoE device as well, but from the looks of it this does not
matter for one reason or another.
 2023-08-17 08:45:49 +02:00
Franco Fichtner
74bf687034 intrusion detection: fix indent in previous 2023-08-17 08:02:32 +02:00
Monviech
119537dfc4
"bypass" keyword in suricata user defined rules (#6752) 2023-08-16 21:38:02 +02:00
Franco Fichtner
6095400258 interfaces: typo 2023-08-16 15:58:21 +02:00
Franco Fichtner
2935d13e45 interfaces: adjust MTU for VLAN parents 
For a VLAN on top of HW this doesn't seem required (although it makes sense)
the VLAN on top of VLAN actually needs this so add it for both.

It should be said that this is simply trying to fix setting oversize MTU
values and therefore now backs off when the parent MTU fits the requirement.

Still try to set any bad MTU value configured by the user.
 2023-08-16 15:29:50 +02:00
Franco Fichtner
c1411950d7 interfaces: typo in previous 2023-08-16 15:04:28 +02:00
Franco Fichtner
6f3d78ff80 interfaces: recurse MTU set in order to fix parent first 
Oversize MTU will cause the required ifconfig call to fail if we do not.
 2023-08-16 14:56:05 +02:00
Franco Fichtner
fac8f85a51 interfaces: refactor interface_parent_devices() to take device name instead 
This simplifies the call a little and allows us to do better recursion
away from config-based interfaces.  We could just pass the device as
the interface and it would work but then we pass it down twice and it's
not very readable.
 2023-08-16 14:45:31 +02:00
Franco Fichtner
faffad558a interfaces: the parent may not be an assigned interface 2023-08-16 14:00:47 +02:00
Franco Fichtner
b33dd0ae3f interfaces: style 2023-08-16 12:03:35 +02:00
Franco Fichtner
8c9c56f9b5 interfaces: PPPoE handling for MTU is weird 
* Configure PPP MTU only via mpd.conf making sure a derived MTU
  either subtracts the header as shown in interface MTU config
  or as directly set by the PPP config.
* Only set MTU on $realhwif and when it's not a device node.
* Fixup the device lookup when looking for PPPoE parents.

There seems to be an issue with qinq based MTU fixups and the fact
that the VLAN header size is not substracted, but we might just
keep it that way and fix the recursion case eventually.
 2023-08-16 12:02:16 +02:00
Franco Fichtner
6781a124e1 interfaces: typo in MRU handling for PPP 2023-08-16 11:33:23 +02:00
Franco Fichtner
608ee32f25 interfaces: remove decriptive name from logging; loosely closes #6740 2023-08-16 09:13:37 +02:00
Franco Fichtner
32a6a11e6c interfaces: switch rtsold to -A mode; closes #6747 
Requires a base update (src.git) to make use of the new rtsold -A flag.
No longer use -O or -M since -A will make sure to always raise the script.
 2023-08-15 08:20:43 +02:00
Ad Schellevis
bb4a31d0c8 Services: DHCPv4: Leases - Performance optimalisation, reuse of list_arp.py comes at a cost and we only seem to be using the output from /usr/sbin/arp -an --libxo json 2023-08-14 20:47:34 +02:00
Ad Schellevis
3f80ddbe9e Firewall: Groups - Missing group registration (dynamic interface) on apply, might be https://github.com/opnsense/core/issues/6745 2023-08-14 17:06:00 +02:00
Franco Fichtner
42e06c5daf openvpn: pro tip by @adschellevis 2023-08-14 13:37:18 +02:00
Franco Fichtner
ee4496702d openvpn: bring instances into server field 
While here condense the input a little and show the default
port in case it was left empty.

PR: https://forum.opnsense.org/index.php?topic=35337.0
 2023-08-14 12:11:22 +02:00
Franco Fichtner
0a4eacfb6a openvpn: add tun-mtu/fragment/mssfix combo for CSOs #6703 2023-08-14 11:33:37 +02:00
Ad Schellevis
d5c6cc24d3 Interfaces: Virtual IPs: Status - prevent IPv6 mismatches when using compressed format. closes https://github.com/opnsense/core/issues/6742 2023-08-14 09:29:53 +02:00
Franco Fichtner
a7c1facc09 src: style sweep 2023-08-11 09:01:36 +02:00
Ad Schellevis
0ab0bf3095 VPN: IPsec: Pre-Shared Keys - add colon to supported characterlist for id fields. closes https://github.com/opnsense/core/issues/6727 2023-08-10 19:58:27 +02:00
Ad Schellevis
8f51311423 VPN: OpenVPN: Instances - properly map user groups for authentication to align with legacy code. closes https://github.com/opnsense/core/issues/6732 2023-08-10 16:26:09 +02:00
Ad Schellevis
aa81bbdace Monit - update model version 2023-08-10 14:34:36 +02:00
Stephan de Wit
80e4bec768 dhcpd: staticmap output does not contain device names 2023-08-10 14:34:04 +02:00
Stephan de Wit
5c3235872a dhcpd: missing strtoupper() 2023-08-10 14:19:36 +02:00