Add RRD package with a simple factory class and a basic construct to define different rrd output types we support.
This package contains the following:
* RRD/Types -- Output definitions, responsible for generating RRD structures and feeding data
* RRD/Stats -- Statistics gathering classes
* Factory -- binds types and statistics together.
On my end on a simple test this is roughly 40% faster than running /var/db/rrd/updaterrd.sh, which makes caching of metadata (config access) less relevant.
The new script should be able to replace all existing rrd cruft and supports a debug mode to find discrepanties between defined outputs in types and collected data in stats.
```
Usage: updaterrd.php [-h] [-d]
-d debug mode, output errors to stdout
```
Everything has been converted and plugins do not ship with a
"vpn" event. "newwanip" is similar and the plugins have been
ensured to be moved to the new one in 24.7.3 already.
Although we recommend using matching CN's and usernames, it is possible to share a certificate. Since the datafeed already contains the username, let's add the field to the grid.
Unify the situation for 'ppp_port' vs 'ports' use by using the latter
as is. One of the issues of this page always was inconsistency after
all. Then also zap the validation that causes the changes not to be
accepted. In theory it's posted anyway but that has been the case for
PPPoE/L2TP/PPTP since the fork.
* unbound: discard-timeout
Signed-off-by: Nigel Jones <nigel.l.jones+git@gmail.com>
* Update src/opnsense/mvc/app/models/OPNsense/Unbound/Unbound.xml
Co-authored-by: Franco Fichtner <franco@lastsummer.de>
* unbound: update field help text
---------
Signed-off-by: Nigel Jones <nigel.l.jones+git@gmail.com>
Co-authored-by: Franco Fichtner <franco@lastsummer.de>
Co-authored-by: Stephan de Wit <stephan.de.wit@deciso.com>
Parsing the persisted dashboard requires decoding it, which by extension means we don't need to encode it anymore when returning the dashboard. In all cases, this commit now makes sure that dashboard is filtered according to access rights.
While here, invalid input can be filtered out partly by check the result of json_decode(), so do this when saving the widgets.
There appear to be no callers in plugins. We could argue
that the vpn/vpn_map event isn't really needed as it brings
just OpenVPN, IPsec and WireGuard to the table, but we can
decide on this later.
NUMA has performance drawbacks and seems incomplete too.
We're going to assess impact hereby on the general approach,
but from early testing this increases network throughput
considerably in some scenarios.
It looks like we only linked certificates on CA import, move that code into the Cert model and improve it a bit, also trigger when importing a new certificate manually now.
To improve the matching, we search for subjects that match best based on item length now (e.g. a dn ZH,NL should precede one with only NL)
When searching large log files for messages that do not frequently occur, there is a large risk of reading all collected lines before returning the first results.
In most cases recent items are required, in which case going back for days of logs might not make sense.
This commit adds a simple "history" selection which translates into a "valid_from" filter on the log data. When timestamps are not parseable for whatever reason, the filter is ignored.
Only small downside is that we do need to translate timestamp again, when needed we could improve performance a bit by storing the original datetime value in NewBaseLogFormat so we don't have to parse it twice.
It only matters for lighttpd preventing a bug but since this could
be copied and some service being added has the same issue make sure
the code is always the one that's least problematic which means
putting "lo0" as the first explicit (and automatic) interface.
