entrouvert
/
univnautes
Archived
17
0
Fork 0
Code Issues Pull Requests Releases Activity
24,167 Commits 3 Branches 21 Tags 59 MiB
Commit Graph

675 Commits

Author SHA1 Message Date
Ermal 20a9590486 Make ipsec_starter log go to ipsec.log rather than system one 2014-11-07 14:37:09 +01:00
Chris Buechler 7bd413ebc6 add a route debug option to log info about route commands executed (where those aren't already logged) to help with troubleshooting various routing scenarios. 2014-11-06 20:19:24 -06:00
Chris Buechler 756d867a89 fix comment 2014-11-04 13:31:38 -06:00
Ermal d35dfaaecb Fixes #3941. When optimizations of the loops were made this brought the problems of overriding default gateway by dynamic interfaces. Try to stick to the first found for now! 2014-11-01 18:43:28 +01:00
Renato Botelho 0a8dd27b5f Remove redundancy as pointed out by phil-davis 2014-10-28 14:55:07 -02:00
Renato Botelho 143c22f771 Decode recently created cert and key. It fixes #3964. While here, fix logical condition to create a new cert if crt or key is not present 2014-10-28 10:17:16 -02:00
Chris Buechler e8b5f72496 domain and search should not both be defined in resolv.conf per FreeBSD man page and handbook (only the latter is actually used). Change this to just not use domain, and set the search to the system's domain where not using the function that generates the search list for dynamic WANs. 2014-10-25 22:11:45 -05:00
jim-p 2cf2c62b27 Fix descriptions and cn on generated GUI cert to be consistent. 2014-10-15 14:01:00 -04:00
jim-p 5ff7f58e59 Tame the poodle. Disable SSLv3. 2014-10-15 08:40:36 -04:00
jim-p 7c4c77ee62 Teach the certificate generation code how to make a self-signed certificate, and change the GUI cert generation code to use it. Also, move the GUI cert generation code to its own function so we can add a GUI option to regenerate it later. 
Also use some more sane defaults for the contents of the default self-signed certificate's fields so it will be more unique and less likely to trigger problems in browser certificate storage handling.
 2014-10-14 15:30:33 -04:00
Chris Buechler 1f4ad8f4cf update comment to reflect breakage caused here and reference associated redmine ticket, not high priority, can be fixed later 2014-10-14 13:44:56 -05:00
Steven Selph 3d77cc359f Add powerd normal mode flag (-n) 2014-10-05 18:35:08 -04:00
Renato Botelho b462fc5eea Move dhcp6c log to dhcpd.log, it fixes #3799 2014-08-11 11:47:14 -03:00
Renato Botelho ef74c9e4e4 Concat var before call escapeshellarg 2014-07-21 18:57:08 -03:00
Renato Botelho 604623a136 Make dhcpleases use unbound pid when it's configured 2014-07-21 18:56:07 -03:00
Renato Botelho 971de1f98a Convert almost all /sbin/sysctl calls to php functions 2014-07-07 20:06:37 -03:00
Chris Buechler cac386b68e remove openbgpd bits from system_gateways_edit and system.inc. The package 
match is case-sensitive and hasn't matched the openbgpd package's name in
at least 5 years, so it doesn't do anything. It's far from functional in
any useful manner even fixing that issue.
 2014-05-30 20:01:46 -05:00
Chris Buechler 64a2da809c bind HTTP->HTTPS redirect to IPv6 too. Ticket #3437 2014-05-14 11:20:39 -05:00
Ermal 66201c9617 Send HUP to restart syslogd rather than trying to restart it, thus loosing messages 2014-04-28 21:12:38 +00:00
Warren Baker 3f06e5383f make sure unbound is included here 2014-04-28 22:36:48 +02:00
Warren Baker f624877441 If Unbound is been used then make sure to reload when system_hosts_generate() is called 2014-04-28 22:00:25 +02:00
Renato Botelho 2a50fd8ac8 Move clog from /usr to /usr/local 2014-04-28 11:54:22 -03:00
Ermal ebf45d96e1 Add filterlog to separatefacilitylog to avoid logs going elsewhere 2014-04-28 13:41:38 +00:00
Ermal 686777c419 Use the daemon name to send the filter logs 2014-04-28 08:08:59 +00:00
Renato Botelho 75a8ba834d Resolver has no option for remote syslog, remove wrong copy/paste that was adding it when apinger was enabled 2014-04-24 17:02:22 -03:00
Renato Botelho b149b3a10a Merge pull request #1118 from phil-davis/patch-3 2014-04-24 17:00:23 -03:00
jim-p bd5737dc22 Make sure that the DNS Forwarder/Resolver is actually capable of accepting queries on localhost before using it as a DNS server. 2014-04-23 10:16:15 -04:00
Phil Davis 80571c81a4 Cut paste bug fix in Remote Syslog DHCP events 
apinger is repeated here from the code above, but it should be dhcp.
Forum https://forum.pfsense.org/index.php?topic=73734.0
Selecting to remote syslog "Gateway Monitor events" would also switch on "DHCP service events" unintentionally.
 2014-04-20 21:57:58 -07:00
jim-p 69e593c14f Make extra sure that we do not start multiple instances of dhcpleases if, for example, the PID is stale/invalid and there is still a running instance. 2014-04-07 10:10:48 -04:00
Ermal 362fdc4cc3 Remove remenants of pccardd from FreeBSD 5 2014-03-28 22:54:12 +01:00
jim-p 8b650e57d6 Avoid placing an empty "interface listen" directive in ntpd.conf 2014-03-20 12:09:16 -04:00
Chris Buechler e1a456e6a8 standardize URLs 2014-03-14 19:30:56 -05:00
Ermal 703b1ce1c5 Correct variable name, while here unset some large var 2014-03-14 20:35:39 +00:00
Ermal f0014c6499 Make this a bit more efficient 2014-03-11 15:40:27 +00:00
Renato Botelho d07bc322c5 Remove broken 'dynamic6' gateway, we already have ipprotocol to tell us the IP version, leave it more simple using only 'dynamic'. It helps #3484 2014-03-03 13:31:01 -03:00
Ermal 7335fa5380 * Correct logging to syslog and proper file for ipsec from strongswan 
* Use proper commands to reload strongswan rather than just the daemon
 2014-02-25 11:10:01 +01:00
Ermal e570f0eb56 silence any errors 2014-02-20 09:02:55 +00:00
Ermal ec7bc948b7 More code fixes for ntpd 2014-02-19 15:43:37 +00:00
nagyrobi 0fd64e94fa Update system.inc 
Corrections made as requested
 2014-02-18 16:06:07 +01:00
nagyrobi 142f7393a8 Update system.inc 
Add new NTPd functions
 2014-02-18 15:12:43 +01:00
Ermal c79f717a58 Really need the interface where v6 is running toa dd the gateway/route rather than the one used for the configuration. This Fixes #3357 2014-02-18 09:25:41 +00:00
Phil Davis 6240ba7bd1 Check for tmp captiveportal dir before making it 
In forum: https://forum.pfsense.org/index.php/topic,72483.0.html
Warning: mkdir(): File exists in /etc/inc/system.inc on line 878
Not sure if you would rather call safe_mkdir here?
 2014-02-10 19:05:26 -08:00
Renato Botelho 873c1701a8 Add escapeshellarg() calls on exec parameters. While I'm here, replace some exec() calls by php functions like symlink, copy, unlink, mkdir 2014-02-04 12:34:41 -02:00
jim-p ca79de534b Using "limited" for ntp in this way denies client access. Issue #3384 2014-02-03 09:34:06 -05:00
Warren Baker 3b95d9ece3 Add EDNS support for to resolv.conf 2014-01-29 17:06:42 +02:00
Renato Botelho f4a4bcbc4c Fix typo on variable name, it fixes #3414 2014-01-28 17:01:02 -02:00
Renato Botelho 2ec95f1ffb Fix openssl path 2014-01-24 08:33:31 -02:00
jim-p fdfa8f43ed ports ntp moved to sbin, follow 2014-01-15 12:35:50 -05:00
jim-p 706ba0e4b1 Use "disable monitor" in NTP config to mitigate CVE-2013-5211. 2014-01-10 11:41:49 -05:00
Renato Botelho 6b66073164 Add 'limited' to ntpd restrict list to workaround CVE-2013-5211. It fixes #3384 2014-01-07 08:58:33 -02:00