o Switch to shared circle with coloring
o Switch success circle to muted
o Switch dialog color to primary
o Switch dialog close button to plain
o Add a couple of translations
o Add muted circle to page load
o Refine error level for crash reports
o Rearrange dismiss and error presentation, inline circle indicator
o Add age/timestamp to statuses
If we want to extend the feature here make room so we
don't have to deal with a single string concatenation.
Also disabled IPv6 inside GIF IPv4 tunnel.
PR: https://forum.opnsense.org/index.php?topic=29654.0
It would probably make sense to tighten validation as well, but for
this we first need to decide how we are going to implement the mode
where prefixlen is set to the actual value given and remote address
being omitted (see PR).
PR: https://forum.opnsense.org/index.php?topic=29654.0
Already noticed that "ipsec" devices were throwing wrenches into
the engine here so try to match exactly on the pseudo-interface
names given by the GUI.
This is a partial revert of 797c1864194 which has good intentions but rc.newwanip(v6)
isn't equipped with being called a lot of times yet. We want to improve this for 23.1.
Number of people noted spurious restarts of Unbound and this seems
to be the cause. However, the real cause of hammering rc.newwanip
is in 797c18641944 and to avoid other side effects like the GIF/GRE
stuff we should consider reverting part of it.
Purge the file on all known dynamic spots that run a deconfigure
of some sort. We probably need something for a forced reload as
well but for now let's see if this works in general.
rtsold resolvconf handing forces a lot of reloads now, something
also seen in rc.newwanip -- let's go the extra mile and lock the
cache IP in place until we do a full reconfigure.
We may have to build some sort of "expire" feature for the cached
IP since between forced reconnects we will want to reload again
anyway. But not sure where that is as rc.linkup is unreliable as
it has been messing with this before.
Ok so this might have been an issue in the past WRT DHCP client
and default route hanling which is now done another way but maybe
it shouldn't have. For now just see how this works in practice
and then decide later if more needs to be done or not.
* MVC / System status: first draft for backend implementation
* fix copyright
* fix permissions
* MVC / System Status: modify backend implementation and setup front-end
* MVC / System Status: minor cleanup, ACL check and fix reporting in production mode
* MVC / System Status: copy status sytem to legacy as well, remove the notices system, finish up front-end work
* MVC / System Status: remove useless constructor
* fix plist
* System Status: shorten previous
* System Status: add ACL check
* System Status: also remove legacy part
* System Status: also clean up on legacy page
* System Status: ACL check on dismiss action as well
* System Status: add readonly privilege check to dismiss action
* System Status: do not trust input
* System Status: address security concerns
* add default return
* System Status: move js code to separate script and make sure a logLocation is always provided
* System Status: clean up callout in both legacy page and volt template
After dismissing a message and closing the dialog, the old message was still bound to the dialog instance. re-registering the onclick callback solves this.
* System Status: adjust log location and kick off status system on alias errors
* System Status: let's hold off on throwing notifications for aliases for now
* System Status: add ACL entry for the dismiss API call, adjust to new deployment situation
Without the ACL entry, /api/core/system/dismissStatus calls are rejected for non-root users even when they should have rights to dismiss.
Also do a minor consistency improvement and also adjust to the new situation of production & development deployment types. We need to account for the possibility of 'deployment' being empty in the configuration, therefore a direct check of the 'development' type seems most fitting as this is unlikely to change or be subjected to any additions.
* System Status: also error out when unable to write new rules
* System Status: account for users without permissions
* System Status: name collision in FirmwareController
* System Status: replace old notices system with a global one (https://github.com/opnsense/core/pull/5875)
Review feedback / modifications in this commit:
o filter.inc
-- remove wedged message, when locked during parallel reloads it likely doesn't help to disable/enable
-- flush message to error trigger file
o SystemStatus.php
-- str_contains --> strpos; eases testing on OPNsense 22.1.x as str_contains is php 8 only
o Status collectors
-- simplify logic and propagate messages received from status file
o CrashReporterStatus
- the existence of a /tmp/PHP_errors.log file should be enough to know some process signaled the crash reporter
- remove shell exec
o FirewallStatus
-- as only /tmp/rules.error remains, remove loop to read for non existing files
o opnsense_status.js
-- add opn-status-group class to container and point css modifications in that single direction to prevent other objects from being affected by our status popup modifications
-- windows file endings replaced (^M)
o css:
keep menu_messages container to ease migration for theme developers
NOTE : ** get_crash_report() could likely be simplified as well
* filter: change to mwexec, redirection is implied
* System Status: handle potential undefined array key
seems to be a one-off error: Exception: Error at /usr/local/opnsense/mvc/app/controllers/OPNsense/Core/Api/SystemController.php:90 - Undefined array key 0 (errno=2) in /usr/local/opnsense/mvc/app/controllers/OPNsense/Base/ApiControllerBase.php:159
Co-authored-by: Ad Schellevis <ad@opnsense.org>
IPv4 doesn't do this indicating that IPv6 shouldn't as well.
Also, ifctl is not handling this file either so we might as
well let system.inc deal with this.
PPPoE and DHCP still read the file but wouldn't consider this
a huge problem.
Also now makes sure the scope is added to link-local gateways,
which was a problem previously reported by @maurice-w.
