lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-15 00:54:41 +00:00
Code Issues Packages Projects Releases Wiki Activity
14,774 Commits 1 Branch 0 Tags
Commit Graph

14774 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ad Schellevis
fe65dded8d VPN/IPsec - add enable toggle to connection page 2022-12-22 17:38:19 +01:00
Ad Schellevis
ec06c3cc49 VPN/IPsec - reload configd action missing 2022-12-22 17:18:28 +01:00
Ad Schellevis
a7f36c72d8 VPN/IPsec/Connections - make sure to only flush parent items (connections, pools) to swanctl. If a connection is disabled, it might leave children around otherwise 2022-12-22 15:47:34 +01:00
Ad Schellevis
0e91b58bd3 Firewall: Diagnostics: Sessions - minor cleanip, state id doesn't exist on pftop 2022-12-22 11:30:00 +01:00
Ad Schellevis
f95ddbc695 Firewall: NAT: Port Forward - invalidate rdr entry when no target is specified. 
Although the page does correctly validate the existence of the target field (when nordr is not set) and it's not possible to change the <nat><rule> section from an API call,
 it doesn't hurt to revalidate in a similar way as we do for invalid targets.

In case one does screw up the config (most likely due to manual config modifications or a missing validation), pf luckily always reverts to the existing states leaving the firewall as it was before applying the change.

closes https://github.com/opnsense/core/issues/6208
 2022-12-22 09:24:54 +01:00
Ad Schellevis
2177d3e93b Unbound / dnsbl_module.py - fix logic issue (missing query_reply property leading to an AttributeError) ref https://forum.opnsense.org/index.php?topic=31555.0 2022-12-21 20:37:34 +01:00
Franco Fichtner
990e973135 src: style sweep 2022-12-21 20:28:55 +01:00
kulikov-a
360d4a45e5
unbound: catch exception on blocklist reading (#6035) 2022-12-21 14:15:18 +01:00
Franco Fichtner
75e428f8a2 pkg: fix plist 2022-12-21 14:08:56 +01:00
agh1467
f907002435
mvc: TextField tests (#5860) 
* Verify/validate existing functionality
 2022-12-21 14:07:53 +01:00
Nicola
96bf45070c
FieldTypes/IntegerField - fix IntegerField minimum value (#5838) 2022-12-21 14:06:16 +01:00
Ad Schellevis
f636f0c7b5 Services: Web Proxy - Fix binding to VIPs after removal of the type attribute. closes https://github.com/opnsense/core/issues/6181 2022-12-21 13:28:46 +01:00
Franco Fichtner
1469471017 interfaces: meh, missing default switch cases are silly 2022-12-21 11:02:11 +01:00
Franco Fichtner
3413a5c67a interfaces: PPPoE IPv6 mode; closes #6204 2022-12-21 10:03:56 +01:00
Ad Schellevis
3f39ff8442 VPN: IPsec: Advanced Settings - default log should be set to "basic", should fix weird behaviour and missing logs after save 2022-12-20 21:51:21 +01:00
Ad Schellevis
12363f5f3c VPN/IPsec - refactor volt templates that are used for both mvc and legacy to use updated service controller and plugin invokeInterfaceRegistration() to register VTI's when needed. While here also change local/remote col-xs to 12 2022-12-20 20:50:50 +01:00
Franco Fichtner
40bfb4423f mvc: minor changes on previous 2022-12-20 20:46:14 +01:00
Ad Schellevis
7c16c3b74f interfaces: call plugins_interfaces() optionally on service reconfigure when invokeInterfaceRegistration() returns true. closes https://github.com/opnsense/core/issues/5768 2022-12-20 20:43:22 +01:00
Franco Fichtner
c760383ca4 firewall: hide source os under advanced #6081 
The OS fingerprints are no longer maintained so reduce user
exposure and keep the feature active for the time being.
It might make sense to remove it at a later point in time if
it continues to be abandoned.
 2022-12-20 16:46:08 +01:00
Ad Schellevis
c13f8dd987 VPN/IPsec - disable charon.install_routes at all in case anyone upstream would implement it for FreeBSD at some point int time, the feature itself only seems to be relevant for linux: 
* e09bc70d12/configure.ac (L63)
* https://github.com/strongswan/strongswan/search?q=routing_table
 2022-12-20 10:07:46 +01:00
Ad Schellevis
de85da9956 VPN/IPsec new MVC module - missing selectpicker class in local/remote pubkeys selection 2022-12-19 17:51:04 +01:00
Ad Schellevis
6f46fe3080 System/Log Files - add "Service Log (this boot)" including parser as an option to provide access to entries collected in https://github.com/opnsense/core/issues/6099 (proposal for 23.1) 2022-12-19 10:08:44 +01:00
Franco Fichtner
20b25258ff ipsec: style issues 2022-12-19 09:56:46 +01:00
Franco Fichtner
6cbfc164c5 ipsec: update help text 2022-12-19 09:56:25 +01:00
Franco Fichtner
a419b9e32b src: style sweep 2022-12-19 09:27:51 +01:00
Ad Schellevis
6d6b52ea7b System: Access / Effective Privileges - always show endpoints and make sure we can search them as well. (different solution for https://github.com/opnsense/docs/pull/438) 2022-12-18 16:21:26 +01:00
kulikov-a
bee24edaea
change working dir before check (#6197) 2022-12-17 18:14:19 +01:00
Stephan de Wit
403573a07b unbound / overview: simplify previous 2022-12-16 16:04:20 +01:00
Stephan de Wit
5e1e03df35 unbound / overview: add support for TTLs 2022-12-16 15:18:38 +01:00
Franco Fichtner
b8e9bde8f8 interfaes: add -backhole to prefix route #3304 2022-12-16 12:53:31 +01:00
Stephan de Wit
b7a884a0aa unbound / overview: improve counter visibility 2022-12-16 11:07:36 +01:00
Stephan de Wit
1bf669f7f1 unbound / overview: remove service widget and rename menu item 2022-12-16 11:04:31 +01:00
Stephan de Wit
b12ec9b049 unbound / overview: log non-A/AAAA/CNAME RR types as well 2022-12-16 10:12:46 +01:00
Franco Fichtner
afa13df34d pkg: add new dependencies 2022-12-15 13:15:01 +01:00
Stephan de Wit
a4ae646327
unbound / overview: migrate to duckdb (#6182) 
* unbound / overview: migrate to duckdb

* unbound: make ajax calls concurrent, no need to wait on each other

* unbound / overview: adjust to DataFrame optimization

While previous insert statements with SQLite had to be rate limited to prevent blocking on the
side of the logger, this limitation can be ditched entirely with the approach of appending DataFrames.

Also, the client chart expects timestamps for the entirety of the dataset, so make use of
the NaN value.

* unbound / overview: connection can be none

* unbound / overview: include DNSSEC and timing information and refactor logger

The logger was lacking some error handling due to it being daemonized. On a restart the process
will still produce a core dump likely associated with daemonization, but this will be addressed in a separate issue

To accomodate future additions, DNSSEC and RTT information is now also included in the data set.

* remove leftover syslog message

* unbound / overview: add UUID as well

* unbound / overview: account for null return_msg objects

* unbound / overview: Move DNS statistics to reporting->dns, add detailed grid

This also introduces the option to clear the DNS data. Also restructure the data to a more sensible flow representation.
 2022-12-15 10:45:16 +01:00
Franco Fichtner
33682cc646 src: style sweep 2022-12-14 22:30:03 +01:00
Ad Schellevis
2d9bdcfbab VPN/IPsec new MVC module - fix child policies field. 2022-12-14 20:11:50 +01:00
Ad Schellevis
c0fe840fd1 VPN/IPsec new MVC module - hook MVC descriptions in VPN->IPsec->Status Overview 2022-12-14 19:58:59 +01:00
Ad Schellevis
789a151f2d VPN: IPsec: Tunnel Settings - allow search all phase2 entries via an api call. 2022-12-14 17:52:46 +01:00
Franco Fichtner
5169315bf2 firmware: add fingerprint for 23.1 2022-12-14 12:41:38 +01:00
Franco Fichtner
e01c506cc4 system: do the same here 
The async case yields to the GUI page rendering so do not
modify it.
 2022-12-14 08:57:00 +01:00
Franco Fichtner
b258333ae7 console: stay in script until shutdown is complete 2022-12-14 08:47:29 +01:00
Ad Schellevis
fa1c49e080 VPN/IPsec new MVC module - remove unsupported proposals 2022-12-13 21:51:25 +01:00
Ad Schellevis
e4ebc59a70 VPN/IPsec new MVC module - remove unsupported proposals 2022-12-13 18:14:22 +01:00
Ad Schellevis
8ca676e43b Services: Unbound DNS: Overrides - remove "delete selected" button, not applicable for master/detail grid 2022-12-13 17:39:47 +01:00
Ad Schellevis
540433730b VPN/IPsec new MVC module - add "commonly used" proposals on top, extracted from examples in https://wiki.strongswan.org/projects/strongswan/wiki/CipherSuiteExamples 
o add a clear warning about the null cipher only being used for testing
 2022-12-13 16:01:10 +01:00
Ad Schellevis
5b03e8cca9 plist 2022-12-13 13:40:24 +01:00
Ad Schellevis
51b346eab7 Tunables - add 90-sysctl script to re-apply tunables in case a module depends on them. 2022-12-13 13:38:49 +01:00
Ad Schellevis
cf840140d8 Firewall: Diagnostics: States - re-add labels removed by https://github.com/opnsense/core/commit/63eeaffe21f7 2022-12-13 11:36:18 +01:00
Franco Fichtner
382bb09312 openvpn: follow d4e637806 in wizard as well 2022-12-13 09:24:42 +01:00