lucaspalomodevelop/opnsense-core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/opnsense-core.git synced 2026-03-14 16:44:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
11,273 Commits 1 Branch 0 Tags
Commit Graph

10423 Commits

Author SHA1 Message Date
Ad Schellevis
1cf72c2fdf API auth, log api key when auth failed. 2019-08-19 10:54:28 +02:00
Frank Brendel
8afb87cc04 netflow: set active/inactive timeout (#3651) 2019-08-19 09:05:44 +02:00
Ad Schellevis
d3323a82f8
CARP: optionally promote/demote on service status (#3656) 
CARP: optionally promote/demote on service status event handler.

This adds /usr/local/etc/rc.carp_service_status.d/ to register service check scripts, which on failure exit are considered blocking for normal service operation.

A service should emit the following on status change, which in response might lead to change of carp status:

configctl interface update carp service_status

The included early script assures an initial demotion value before interface setup.

ref  https://github.com/opnsense/core/issues/3636
 2019-08-18 19:54:05 +02:00
opnsenseuser
090f94c04e Sidebar - bug fix; closes 3653 
third party bug fix and source code improved
 2019-08-18 06:21:13 +02:00
h-town
6c4b880705 Set absolute path to root.hints 
root.hints file is located at /var/unbound not /

Current users may not be leveraging root.hints with unbound deployments.
 2019-08-18 05:44:44 +02:00
Franco Fichtner
612cdd5118 src: style sweep 2019-08-18 04:56:48 +02:00
Ad Schellevis
d8ef93932b netflow: netflow aggregator, skip illegal flow records. https://forum.opnsense.org/index.php?topic=13711 2019-08-17 19:09:11 +02:00
Ad Schellevis
6ddff9e021 interfaces/vlan, don't show vlan interfaces in edit form, remove get_interface_list() usage and filter the relevant types here. closes https://github.com/opnsense/core/issues/3648 2019-08-16 12:13:35 +02:00
Ad Schellevis
4531ceea4d Flowd aggregator: python 3 exception doesn't have a "message" property, cast error to string and check for "malformed" 
ref : https://forum.opnsense.org/index.php?topic=13711.0
 2019-08-16 12:12:51 +02:00
Frank Brendel
41c31ee94b monit: add parent devices to interface list (#3643) 2019-08-13 10:01:37 +02:00
Ad Schellevis
cfead4c8a8 Config: when no backup could be restored, last resort should always be to go back to factory defaults (in the unlikely event that one of the backups are readable, it should not exit without a config) 2019-08-09 16:17:44 +02:00
Ad Schellevis
680846d65b config: the virtues of ufs... 
In the unfortunate event that the kernel crashes during config save, both config.xml and the last backup might be broken. Let's try to find the last functional config when unable to init()
 2019-08-09 16:09:33 +02:00
Ad Schellevis
853a4392c1 CARP status page, reformat the page a bit and add "carp demotion level from net.inet.carp.demotion). Before this change the status page would only report an issue, claiming it will be backup, which in reality doesn't have to be the case. 
For debugging purposes its better to report what the actual status is.
 2019-08-09 14:56:36 +02:00
Ad Schellevis
7bfadb2acd Revert "Filter, automatic rules. "let out anything from firewall host itself (force gw)" not visible, since its not bound to the interface. Although we might want to show all rules without interface as well, the gateway rule belongs to the interface as the interface address is used as from address" 
This reverts commit f8d5c01a6f4ab2ef307324acd4711cd76e005827.

*** Needs revert, since priority fails when bound directly on interface
 2019-08-08 17:14:25 +02:00
Ad Schellevis
df5a33381f pluginctl: explain what we are doing and prettify callflow a bit. 
usage: pluginctl [-h] -[c] [-s] [arguments]

optional arguments:

	-h show this help text and exit
	-c configure mode (default), executes plugin [_configure] hook
	-s service mode (e.g. myservice restart)

	 without arguments, a list of plugins of the requested type is shown
 2019-08-08 11:22:30 +02:00
Ad Schellevis
3211eaed62 unbound, support custom includes. for https://github.com/opnsense/core/issues/3621 2019-08-08 09:39:44 +02:00
Michael
d53c0b1b8b update helptext to reality (#3632) 2019-08-08 09:22:09 +02:00
Ad Schellevis
1aad01cc92 gateway (groups) overview, use table-condensed so our new layout fits easier. slightly related to https://github.com/opnsense/core/issues/3625 2019-08-08 09:13:52 +02:00
Ad Schellevis
af7d7236df firewall, rules. use same message as other legacy pages, which also informs the user about HAsync when needed. The background note is not very relevant anyway. 2019-08-07 17:03:30 +02:00
johnaheadley
06fb809eb6 OpenVPN wizard server cert check (#3634) 2019-08-07 17:01:58 +02:00
Ad Schellevis
d2fc3c2567 firewall, rules. refactor message dialog to show after toggle. ref https://github.com/opnsense/core/pull/3605 2019-08-07 10:32:03 +02:00
Ad Schellevis
c8b57d0bfe firewall/rules, toggle enabled/disabled, log on/off via ajax call, as discussed https://github.com/opnsense/core/pull/3605 2019-08-06 13:09:11 +02:00
Ad Schellevis
3ac18b9189 Merge branch 'logging_toggle' of https://github.com/johnaheadley/core into johnaheadley-logging_toggle 2019-08-06 12:27:46 +02:00
Ad Schellevis
bb6833d501 Gateways, minor overview cleanup. if all gateway_items are removed, we should remove the container to to prevent leaving an empty item. found while working on https://github.com/opnsense/core/issues/3625 2019-08-05 16:51:32 +02:00
Ad Schellevis
74ff64787c Gateways, missed a spot for https://github.com/opnsense/core/issues/3625 2019-08-05 16:40:33 +02:00
Franco Fichtner
7abd1c78ca firmware: unbreak base and kernel package listing 
We don't have an upstream repository and origin here yet.
 2019-08-04 21:26:22 +02:00
johnaheadley
acfc9f636f
Logging toggle v2 2019-08-04 11:03:55 -07:00
Ad Schellevis
93bbe1ee16 Gatways, add defunct items in disabled state, for https://github.com/opnsense/core/issues/3625 2019-08-04 19:48:29 +02:00
John Headley
50fbe6ca79 Merge remote-tracking branch 'opnsense/master' into logging_toggle 
# Conflicts:
#	src/www/firewall_rules.php
 2019-08-04 10:23:13 -07:00
Ad Schellevis
2d7f9cae2d Syslog, use fqdn when sending messages. closes https://github.com/opnsense/core/issues/3622 2019-08-02 15:43:14 +02:00
Franco Fichtner
de2b965304 firmware: small tweaks 2019-08-02 12:29:46 +02:00
Ad Schellevis
a91babfcba Gateways, for automatic outbound nat rules exclude gateways which are not configured on the interface and are not dynamic. mimic pre 19.7 behaviour 2019-08-02 11:59:11 +02:00
Ad Schellevis
a6264e5062 Gateways, since we return empty gateways for dynamic ipv6 entries, we should also permit those as default gateway. could be https://github.com/opnsense/core/issues/3604 2019-08-02 10:25:25 +02:00
Franco Fichtner
3b865f337f src: style and whitespace sweep 2019-08-02 09:58:37 +02:00
Ad Schellevis
eb4975e297 Gateways, fix footer in previous 2019-08-02 09:13:30 +02:00
Ad Schellevis
704dc96cf2 Gateway overview, show Protocol, priority and upstream setting to ease debugging. 2019-08-02 09:08:55 +02:00
johnaheadley
2b2ae7a310 To fix: OpenVPN server wizard always asks to create a new CA (#3614) 2019-08-02 08:52:53 +02:00
Ad Schellevis
732b5ff4c8 Gateways, IPv6. dynamic gateways without a valid address should have been added to the list, empty($thisconf['dynamic']) doesn't exist in this scope, hence we replace this with the proper ipv6 check. 
This unhides ipv6 gateways which didn't receive an address via rtsold
 2019-08-01 20:46:50 +02:00
Ad Schellevis
6836a9caf0 Revert "Gateways, IPv6. dynamic gateways without a valid address should have been added to the list, empty($thisconf['dynamic']) doesn't exist in this scope." 
This reverts commit f8bd7102c4ae8db03b2732365e2f987a98490e8f.
 2019-08-01 20:19:37 +02:00
Ad Schellevis
f8bd7102c4 Gateways, IPv6. dynamic gateways without a valid address should have been added to the list, empty($thisconf['dynamic']) doesn't exist in this scope. 
This unhides ipv6 gateways which didn't receive an address via rtsold
 2019-08-01 20:10:59 +02:00
Ad Schellevis
7edd851e20 Firewall overview, minor alignment fix. closes https://github.com/opnsense/core/issues/3619 2019-08-01 11:09:14 +02:00
Ad Schellevis
01c16b0a86
Firewall, allow quick and direction on interface rules, closes https://github.com/opnsense/core/issues/3594 
Currently the direction of the traffic can only be chosen in floating rules, but in some scenario's it's much easier to create outbound rules (only inbound is supported now).

When using a lot of interfaces, which should all be allowed to access devices on one specific interface, this would save quite some rules and is easier to track for the administrator.

This feature adds direction as on option and while already changing these pages, also allow to create "non quick" rules on interfaces.
Functionally the "regular" rules would be more aligned with the "floating" rules as we have now, with the exception that you can't add multiple interfaces in a normal rule due to the inability to reorder a single rule in multiple rulesets (rules are positional).

Policy based routing on outbound rules is not supported on the interface rules for now, since it would probably lead to confusion.
The old configuration defaults still apply, when writing an entry, both quick and direction are saved as well (default quick + in).
 2019-08-01 09:37:24 +02:00
Ad Schellevis
3869848760 add mirror (Cloudfence, Brazil) 2019-08-01 08:54:16 +02:00
Ad Schellevis
387d41d768 Syslog, missing <PRI> in legacy output, leading to extensive logging. closes https://github.com/opnsense/core/issues/3616 2019-07-31 11:11:00 +02:00
Ad Schellevis
cb786592df Firewall, in some cases DHCPv6 server rules are generated without an active server or relay configured. closes https://github.com/opnsense/core/issues/3591 2019-07-30 18:33:35 +02:00
Ad Schellevis
e4b5133cdd Captive portal, python 3 issue, trying to read script as binary. for https://github.com/opnsense/core/issues/3612 2019-07-30 17:00:37 +02:00
Ad Schellevis
534f3c870e Filter, rule overview, show automatic rules targetting all interfaces in Floating section (slightly related to https://github.com/opnsense/core/issues/3594) 2019-07-30 14:04:19 +02:00
Ad Schellevis
f8d5c01a6f Filter, automatic rules. "let out anything from firewall host itself (force gw)" not visible, since its not bound to the interface. Although we might want to show all rules without interface as well, the gateway rule belongs to the interface as the interface address is used as from address 2019-07-30 11:57:47 +02:00
Ad Schellevis
521b740338 mvc, opnsense_ui.js fix initFormAdvancedUI() on initial load (duplicating <tr data-advanced='hidden_row'></tr> tags) 2019-07-30 10:46:03 +02:00
jayantsahtoe
5866de72c9 Update dhcpd.inc (#3610) 
DHCP-relay service will fail with the following error if DHCP server IP is know in static route:

dhcrelay: Can't attach interface {ifname} to bpf device /dev/bpf0: Device not configured

This is the only place where get_real_interface( ) isn't used
 2019-07-29 16:11:04 +02:00