Commit Graph

17265 Commits

Author SHA1 Message Date
jim-p
2db351a746 Send ntpdate output to syslog 2011-04-08 11:20:25 -04:00
jim-p
fbfd675a53 Add an IPsec xauth permission. Try to use the nologin shell first (just unlock the account). Ticket #1202 2011-04-08 08:59:50 -04:00
jim-p
02d9951153 Putting client-config-dir in the config is valid also for p2p_tls servers. Fixes #1417. 2011-04-08 08:28:31 -04:00
Scott Ullrich
b510be5cc1 use same egrep statement for both checks 2011-04-07 16:17:23 -04:00
Scott Ullrich
1fd807da8a Use full path to egrep 2011-04-07 16:16:26 -04:00
Scott Ullrich
d0cc727eb7 Use full path to egrep 2011-04-07 16:15:55 -04:00
Scott Ullrich
955f2d788e Use some Seth egrep foo to protect from compromised DHCP servers. CVE-2011-0997 2011-04-07 16:11:45 -04:00
Scott Ullrich
e05458b052 Remove extra variable set 2011-04-07 12:35:00 -04:00
Scott Ullrich
7ec2a858af Remove copy paste 2011-04-07 12:34:23 -04:00
Scott Ullrich
0c951d9bee Unbreak check if capture is running 2011-04-07 12:33:41 -04:00
Scott Ullrich
5d7881615d When using ' variables are not expanded. Use double quotes so that the variable is exanded 2011-04-07 12:00:32 -04:00
jim-p
c76fc19f32 Don't test for a user cert here either, see previous commit. 2011-04-07 11:49:40 -04:00
jim-p
72d8453d3b Don't test if a cert is in use here, you could in theory use a cert for a user and a server. 2011-04-07 11:47:24 -04:00
jim-p
8fee59d6fe Fix link; use same message for missing certs. 2011-04-06 19:53:46 -04:00
Scott Ullrich
0930bd0184 Make the default openvpn cert authority message a bit relaxed and let user know about the wizard option as well 2011-04-06 19:41:52 -04:00
Ermal
87bb66af3e Correct text to include PPTP as well. 2011-04-06 18:23:24 +00:00
Ermal
9a36dc9d24 Resolves #1391. Bring back VPN auto rule disable advanced setting. 2011-04-06 18:22:27 +00:00
jim-p
ab75b4ee54 CRL is read in as an array now, so even in the imported config it will appear to be an array even though it can only have one value. Fixes #1358 2011-04-06 13:36:24 -04:00
jim-p
6177fd924c Fixup text. 2011-04-06 13:14:50 -04:00
jim-p
557300a7eb Actually re-parse the config if a valid config was not written. (Should help stop installs from blowing up on failed config upgrades). Save the bad config for inspection, and print a message to the console about what was done. 2011-04-06 12:55:32 -04:00
Ermal
4c613f8482 Correct error message for gateways to report down when the gateway is down and not high latency. 2011-04-06 14:59:30 +00:00
Ermal
19d9146637 Another sweep at keeping the default route always present when the default setup route is marked as down. This now adds checks for configuration where a defaultgw is not specified by the user but deduced automatically. 2011-04-06 14:58:27 +00:00
Ermal
d10da0f995 Resolves #1418. Correct test to actully do what's intended. 2011-04-06 10:49:51 +00:00
Ermal
5766add891 If the supplied gateway is all ones(255.255.255.255) do not report it as a gateway since its useless. 2011-04-06 10:42:21 +00:00
Ermal
262595f0d5 Unbreak inetd.conf generation to avoid entries containing Array entries. This gixes nat reflection and a spamming of the system with nc processes with wrong parameters. 2011-04-05 19:55:11 +00:00
jim-p
5b64e3369a Fix variable name 2011-04-05 11:16:08 -04:00
jim-p
0ef48aed8b Make sure all themes have the right colors defined. 2011-04-04 13:41:21 -04:00
Ermal
1309faddc8 <script/> tags are put in the function build_javascript no need to put them here. Prevents errors reported at:http://forum.pfsense.org/index.php/topic,34139.0.html 2011-04-04 15:05:59 +00:00
Ermal
1d60ed9bb4 Try to always keep pfSense with a default gateway to avoid errors for service running from pfSense itself. Previously PBR should be configured for such services. While PBR is a better fix this at least keeps users from complaining in simple setups. Reported by many. 2011-04-04 11:09:06 +00:00
Ermal
f206afb57e On interface ip change reload even igmpproxy. Reported-by: http://forum.pfsense.org/index.php/topic,34372.0.html 2011-04-04 10:32:55 +00:00
Ermal
056df2d9f0 Add -a to include all updaterrd.sh scripts running and also remove top killing since its not used anymore in stat gathering. 2011-04-04 10:24:57 +00:00
Ermal
d7f4030ad8 Fix indent. 2011-04-01 21:51:11 +00:00
jim-p
4936ff53df Switch back to dev_mode so existing configs aren't broken by the other changes. 2011-04-01 14:11:33 -04:00
lgcosta
681b43b079 standardize the device_mode variable 2011-04-01 12:06:55 -03:00
Ermal
bc78856172 Correct the conditional testing. 2011-03-31 17:52:01 +00:00
Ermal
57c448d034 Do not show the default queue selection for a queue that has child queues 2011-03-31 17:45:37 +00:00
Ermal
d1bd01fffb Prevent non-numeric chars from being inputed on bandwidth field. 2011-03-31 17:39:01 +00:00
jim-p
b482254882 Try again to fix the calculation for out bits 95th percentile. (Works for me) 2011-03-31 13:08:06 -04:00
Chris Buechler
78544d4a99 clarify text 2011-03-31 06:06:01 -04:00
jim-p
84575284b5 Apparently rrdtool VDEF functions can't take a multiplier, only CDEF. Fixes traffic graphs. 2011-03-30 20:48:24 -04:00
jim-p
857a4a7986 Use a different loop counter variable to avoid a name collision 2011-03-30 20:36:53 -04:00
Ermal
56a8bbf3af Test for value present before using. 2011-03-30 22:21:13 +00:00
Ermal
d5b45febd6 Test for value present before using. 2011-03-30 22:13:55 +00:00
Ermal
ccf46756fd Unset xmlrpcauth and not the first member of the array. 2011-03-30 21:49:51 +00:00
Ermal
cb0e3f8e7c Check for function existence before calling it. 2011-03-30 20:58:02 +00:00
Ermal
47e5f74198 By default assume admin user and do not blindly copy the first user from the config.xml 2011-03-30 20:52:36 +00:00
jim-p
bfa992bc4e Allow editing of CAs, so that imported CAs can have their private keys added later (mainly affected users upgrading from 1.2.3 and wanting to use the cert manager). Also, allow editing the CA's serial, since this shouldn't really be 0 for imported CAs, but the serial of the last cert that was made from this CA. 2011-03-30 16:37:45 -04:00
Ermal
b7d5a7bab8 Do not rely on first user being admin as this breaks in certain cases the XMLRPC authentication. TODO: pass username as argument too. This now can use the local system authentication settings as well. 2011-03-30 20:34:13 +00:00
Chris Buechler
176a282e33 clarify log 2011-03-30 15:56:27 -04:00
jim-p
44bcc1bedc Allow importing a CRL for an external CA. 2011-03-30 15:21:36 -04:00