BSD Commit Log Search

Since one interface can have multiple subnets in IPv6 its better to group them via interface. It also helps with dynamic pools since in the same interface you could have a static ULA pool as well.

bootgrid: these are state variables, not options

Fix dynamic pd pool validation, emit calculated prefix lengths to help user

ui: clean up useRequestHandlerOnGet usage

This has no use anymore with the current bootgrid code. If a
handler should be overridden, simply defining the function is enough

bootgrid: replace 'append' with 'replace' for ajax: false grids

Noticed while documenting.

replaceData() is a lot more performant through Tabulator, and since
there are only 3 callers and all of them expect a clear before
updating any data, use a replace instead.

In time these pages should use the default search endpoint anyway,
but this requires an API change.

make sure to keep the append() function for compatibility

Only emit NO_LEASES_PLEASE client class conditionally if a non valid prefix exists

Merge remote-tracking branch 'origin/master' into kea-dynamic-poc

Newline

Firewall: Rules [new]: Fix automatically generated rules metadata being accidentally overwritten later

Firewall: Rules [new] - fix unintended change in filtering logic caused by https://github.com/opnsense/core/commit/c4aefc08f41167b921595cd3f606aadc72b46730

When inspect mode is not selected, only full matches are expected when filtering specific interfaces.
This also means when selecting the inverse of an interface, it automatically belongs to the "floating" group for not being a direct match.

To explain the options a bit better, comments are inserted in the filtereing block.

Reporting: Health - render NaN as empty values [null] and omit leading empty records from set, closes https://github.com/opnsense/core/issues/10307

Ensure inet46 always shows as Any or *

bootgrid: clean up converter compatibility code

Only other consumer is Nginx in plugins, but worst case scenario
these timestamps will render as... timestamps, which in that form
are sortable anyway. It's likely this was throwing an error anyway

The "sorters" weren't actually accounted for in the compat
translation, so this wasn't overridable. Fix this here.

Ensure translations are passed through all the way to icon formatter in view

Firewall: Rules [new]: Fix action, ipprotocol and protocol translations. Fix Automatically generated rules category.

shell: fix typo in port assignment

PR: https://forum.opnsense.org/index.php?topic=51867.0
(cherry picked from commit 1aa4254289cdf018a09e59c3c89798e9435dc459)

shell: fix typo in port assignment

PR: https://forum.opnsense.org/index.php?topic=51867.0

bootgrid: align datakey with the rest of the options, but allow top-level placement

Firewall: Rules [new] - rules with multiple interfaces selected are considered floating and seem to be omitted from the list since https://github.com/opnsense/core/commit/dad956e3143e7aa26f6be140e4c0ff48d1758e22

(cherry picked from commit 3f7958486169661dab552179b34f51b334c5e3ca)
(cherry picked from commit b8ba9f0ca7509c0076c58b0131e779d4ffdc0438)

Services: Kea DHCPv4/6: When serializing the config to json, use JSON_UNESCAPED_UNICODE. (#10297)

KEA uses an input validation that checks the configuration for escaped unicode characters starting with 00, these are considered valid.
Any other escaped unicode character will refuse the whole config to be loaded.

Ref: https://github.com/isc-projects/kea/blob/476ff110e90b3412fcd1d089b276e86709df5c7f/src/lib/cc/data.cc#L471-L484
(cherry picked from commit bc267021002e66e28efaf3860818d91c14af9707)

interfaces: follow up on DHCP option sanitization

@sopex noted a) that two semicolons were missing which were likely
lost to a refactoring step and b) allowing "medi;a" to avoid the
sanity scan for option modifiers.  To fix that second part we use
the normalization of interfaces_dhcp_safe() directly before returning
the parsed arguments to the caller.  That way the result is clear
and easy to check.

PR: GHSA-5rx3-w735-74wm
(cherry picked from commit 9e7fad6c3188e148f5066e948cebba19f8682765)

bootgrid: onRendered executed in wrong spot, pass function instead of calling it

(cherry picked from commit adb54850a12dddd03dab0c41d9094bcd5f026ddb)

mvc: style

interfaces: follow up on DHCP option sanitization

@sopex noted a) that two semicolons were missing which were likely
lost to a refactoring step and b) allowing "medi;a" to avoid the
sanity scan for option modifiers.  To fix that second part we use
the normalization of interfaces_dhcp_safe() directly before returning
the parsed arguments to the caller.  That way the result is clear
and easy to check.

PR: GHSA-5rx3-w735-74wm

Services: Kea DHCPv4/6: When serializing the config to json, use JSON_UNESCAPED_UNICODE. (#10297)

KEA uses an input validation that checks the configuration for escaped unicode characters starting with 00, these are considered valid.
Any other escaped unicode character will refuse the whole config to be loaded.

Ref: https://github.com/isc-projects/kea/blob/476ff110e90b3412fcd1d089b276e86709df5c7f/src/lib/cc/data.cc#L471-L484

bootgrid: onRendered executed in wrong spot, pass function instead of calling it

Services: Kea DHCPv4/6: When serializing the config to json, use JSON_UNESCAPED_UNICODE.

KEA uses an input validation that checks the configuration for escaped unicode characters starting with 00, these are considered valid
Any other escaped unicode character will refuse the whole config to be loaded.

Ref: https://github.com/isc-projects/kea/blob/476ff110e90b3412fcd1d089b276e86709df5c7f/src/lib/cc/data.cc#L471-L484

Firewall: Rules [new] - rules with multiple interfaces selected are considered floating and seem to be omitted from the list since https://github.com/opnsense/core/commit/dad956e3143e7aa26f6be140e4c0ff48d1758e22

Merge remote-tracking branch 'origin/master' into kea-dynamic-poc

Services: Kea DHCPv4/6: Add decline_probation_period and set lower default to mitigate faulty client implementations to consume the whole pool (#10294)

* Services: Kea DHCPv4/6: Add decline_probation_period and set lower default to mitigate faulty client implementations to consume the whole pool.

* Use isSet() since 0 is allowed