firewall/automation: Consolidate the stats column into a combined always visible one, implement cache invalidation via refresh button (#9272)
* firewall/automation: Consolidate the stats column into a combined always visible one, implement cache invalidation via refresh button
* Update src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/FilterController.php
Co-authored-by: Franco Fichtner <franco at opnsense.org>
* Update src/opnsense/service/conf/actions.d/actions_filter.conf
Co-authored-by: Franco Fichtner <franco at opnsense.org>
* Update src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/FilterController.php
Co-authored-by: Franco Fichtner <franco at opnsense.org>
* Move event binding into headerFormatter, remove all loaded.rs.jquery.bootgrid since nothing in it is needed anymore
* Make click handler safe
[15 lines not shown]
Apply decimals if the base has been exceeded at least once, there are no half bytes or half integers, this only matters if the base changed for better accuracy
ports-mgmt/pkg: update to 2.x
Changing releng approach by introducing opnsense/pkg repo and
pulling our patches from there, even if they end up being upstream
ones.
This is the state with functioning CRL checks as we need it.
It would be good to ask the CURL people what they think of
including upstream support and how complex they want it.
opnsense/hostwatch - add initial version of ports package with some omissions
- The hostwatch binary is currently installed in /usr/local/bin, but /usr/local/sbin seem to be a more appropriate target.
- We need some rc glue at some point :)
unbound: improve CNAME handling of whitelisted domains (https://github.com/opnsense/core/issues/6722)
if a.com is whitelisted, but points to a.b.com through a CNAME, allow
a.b.com.
Revert "sysutils/syslog-ng: sync with upstream"
This reverts commit ba3ce577d89112dd1136f52ba42e5a043a1ef8b9.
Hangs during service restart through PHP probably due to an unclosed fd.
dnsmasq: Improve Firewall alias (ipset) validations (#9269)
- domain in domainoverrides is changed to the strict HostnameField introduced in 2d2781c to disallow the use of "#" which would add all resolved domains to an ipset alias. The overall strictness of the field now matches hosts.
- ipset ModelRelationField got a name filter adjustment, to exclude all system defined external aliases that start with __
- dnsmasq.conf template does not render server and rebind-domain-ok for entries anymore which are just a domain and the Firewall alias (ipset). Before this change, it would generate a server with an empty IP, which means blocking forwarding. Firewall alias (ipset) needs forwarding to function, otherwise it fails for the chosen domain.