BSD Commit Log Search

security/q-feeds-connector: sync with master

security/q-feeds-connector: annotate last fix

dns/ddclient: sync with master

dns/ddclient: changelog

LICENSE: sync

config: add AES to net-snmp options; closes #489

opnsense/aquantia-atlantic-kmod: update to latest

opnsense/lang: update to 26.1.4

Firewall: Aliases - when system time has driften to the future for some reason, assume we have reacher our ttl. closes https://github.com/opnsense/core/issues/9919

kea: WIP add dhcp-ddns daemon with forward zone support, goal is initial feature parity with what ISC had.

interfaces: likely correction for previous

interfaces: useless refactor for the benefit of the solution

This code is silly. PPP on CARP is silly, too.  We start PPP
before we even have a CARP address.

The answer to this is simple: defer start and stop to the
CARP hook, done?!

The bigger question is what happens when no CARP is configured
so that we don't end up never starting PPP.

interfaces: small cleanups in previous as a starting point

Add HA/CARP safety for PPP link startup

Implement HA/CARP safety checks for PPP links to prevent startup if no parent interface is CARP MASTER when 'Disconnect dialup interfaces' is enabled.

Cleanup HA/CARP safety checks for PPP links patch

Proper indentation and better comment for HA/CARP safety checks for PPP links

interfaces: simplify and annotate PPP CARP hook

firewall: live view: allow regex use in 'contains' cases

https://forum.opnsense.org/index.php?topic=51226.0

firewall: fix SyntaxWarning, perhaps a Python 3.13 side effect

See: https://docs.python.org/3/library/re.html
PR: https://forum.opnsense.org/index.php?topic=51226.0

network time: fix previous

php: "Implicitly marking parameter XXX as nullable is deprecated" in php 8.4 and up.

Small NTP fix (#9862)

system: revisit snapshot name validation #9892

The trickiest part seems to be coercing a leading "-" into
being passed correctly into the command line for each layer.

See: https://github.com/opnsense/src/blob/6e01be67e/lib/libbe/be.c#L966
PR: https://github.com/opnsense/core/issues/9892

opnsense/suricata: add EACCES error handling

This happens when the re-injected package is fed through
the outbound pfil hooks and the firewall decided to drop
it.  That also means it's safe to ignore.

PR: https://forum.opnsense.org/index.php?topic=50795.0

Update snapshot name validation regex (#9913)

shell: convert this ppps interation using config_read_array()

shell: only read 19 so there's no long delay

pkg: add colordiff for new shell resore feature

Firewall: Rules [new]: Fix automatically generated rules not showing label name, minor regression in 963b9a8c (#9911)

firewall: merge read of groups and interfaces

They are stored in the same location and used by the interface
field type as such.  This prevents showing unrendered groups
and also displays the consistent label between the rule and
rules selectors.

Firewall: Rules [new]: Fix automatically generated rules not showing label name, minor regression in https://github.com/opnsense/core/commit/963b9a8caa6dd8dfbba19599621978a4cc941b89