BSD Commit Log Search

ipsec: Adding 4 Insecure proposals (#10062)

Signed-off-by: Bjoern Jakobsen <Bjoern.Jakobsen at lrz.de>

unbound: limit duckdb to a single thread in write mode to reduce logger memory usage

After some testing, it seems the duckdb python API has a tendency to
leak (up to a cap), which seems to be mitigated when we limit to a single thread.
Further testing shows that the single logger.py process doesn't
use parallelization when appending dataframes to the db instance
and as such multiple threads are useless to begin with. The heavier
actions are the read actions, which are separate short-lived processes
and do not suffer from the same issue and likely do require duckdb
parallelism to perform properly, so apply the single thread only to
writers.

remove logging

Add comment that explains stuff a bit better

plist fix

Merge remote-tracking branch 'origin/master' into tls-crypt-v2

pkg: fix plist

Unify key generation into a single bash script that handles stdout parsing and always emits base64, consume that in the key generator

feedback

add Harden Below NXDOMAIN (#10067)

VPN: OpenVPN: Add tls-crypt-v2 support, initial implementation

dashboard:gauge improvements (#10063)

Closes: #8356

*Makes the disk widget become table/bars from grid 2 size onwards
*Adds disk free/used size on the gauge
*Removes parentheses from the memory widget

---------

Co-authored-by: Fabian Rodriguez <317514+MagicFab at users.noreply.github.com>

dashboard: add Notepad widget (#9936)

include command here

improve error handling

themes: add "opnsense-auto" which switches between "opnsense" and "opnsense-dark" depending browser settings... (remove leftover)

simplify this

Merge branch 'master' into kea-lease-del-hook

kea: separate lib hooks from CA, create unix domain socket wrapper and hook scripts to new kea_ctrl script

tmp

dashboard: refactor dashboard to use User model instead of direct config access and cut some code in the process.

We might consider adding a Json fieldtype as well to handle the [de]serialisation of the data, but since this is currently the only occurrence in the User class, let's keep this in the controller for now.

themes: add "opnsense-auto" which switches between "opnsense" and "opnsense-dark" depending browser settings, inspired by https://github.com/opnsense/core/pull/9916

It's a bit of an experiment, but since its so small, it shouldn't be an issue to push this to master.
The trick is actually pretty simple, symlink the relevant directories in build to the standard opnsense theme and add a theme.js override to handle the logic.

dnsmasq: Prevent * from being collected as client_id to prevent it being matched as static reservation (#10055)

mvc: a bit of spring cleaning for setActionHook(), result is never used and throwing a UserException is preferred in cases where can't pin a message to a field. closes https://github.com/opnsense/core/pull/10046

dnsmasq: Prevent * from being collected as client_id to prevent it being matched as static reservation

lint: Add linter that finds unused imports in php classes

mvc: Remove UIModelGrid imports in IDS, Monit, Syslog SettingsController, unused

radvd: skipping disabled needs ignore list population too #10044

mvc: BaseListField replace empty check with isSet so a 0 value is considered a non empty selection (#10047)

radvd: match radvd_enable() more closely for #10044

Users are confused why they can add an entry but their settings are not
being used.  This is specifically wrong according to the inventor of
"dhcpd6track6allowoverride" as it circumvents half of its use cases but
more closely matches user expectation.

May cause regression for some people, but not much we can do here other
than not doing it.