BSD Commit Log Search

Guard all Savepoint Actions additionally as they can interact directly with the config in some instances

mvc: BaseField: add basic count() helper

allow zero count on container, needs unit test later

mvc: remove unused import

System: Access: Privileges: remove add/delete from page

(cherry picked from commit 3c5ae0f3b3d72e15efd852061a77d85c43bc3d74)

system: only split first colon when reading sysctls

(cherry picked from commit 293e645d89edb53c7f3fd2388740f28f5ec50346)
(cherry picked from commit 791cc6f573a0b67808c7189544890c43c700f17f)

make: prevent error in new vim grepping step

(cherry picked from commit ea6f7103f1e27126abb3552cf30819c032b4549e)

Firewall: Use save method from ApiMutableModelControllerBase for log command, move rule command and savepoint action

mvc: BaseField: add count()

make: prevent error in new vim grepping step

System: Access: Privileges: remove add/delete from page

system: symmetry for all 3 split column callers in previous

No we still have do add state into the mix or the route lazy drop will not work anymore

Firewall: Aliases - fix typo in error log (remove url as it has no value anyway) and make parser a bit more resilient by trapping all errors. closes https://github.com/opnsense/core/issues/10168

(cherry picked from commit 5b6913a0df45577f31a6a7777702cf876897c79e)
(cherry picked from commit 4e939d528cc7d4e38c1bfe777b71e1772fcc6edc)

firewall: small whitespace issue in prev

Remove duplicate state check, add documentation for the possible states

system: minor style update in new menu code

firmware: moved FreeBSD.php duty to opnsense-update

PR: https://github.com/opnsense/update/commit/aeb88a8fb9
(cherry picked from commit 0175c1e1f0a263fc2ef640f485a60f45d5448b7d)

Services: Kea DHCPv4/v6: Remove depend constraint of ddns_reverse_zone (#10182)

Since ddns_forward_zone already depends on ddns_dns_server, and the config generator bails if either of these are empty we do not need to protect ddns_reverse_zone in any specific way right now.

It's a good idea to keep it this way, only populating a reverse zone is very uncommon, and ISC also tethered it to the forward zone being there.

(cherry picked from commit 4a1d6cf0851940f352f6d414240792c9f66be91a)

system: small note on legacy bindings

Kea: DHCPv4/v6: DDNS dns server port can now be specified, default will remain 53 (#10183)

(cherry picked from commit 7eea65839c919cb76a24d7d9d3f48fbfd8befa3d)

Services: Kea DHCPv4/v6: add explicit reverse DDNS zones support (#10123)

---------

Co-authored-by: XtraLarge <20318559+XtraLarge at users.noreply.github.com>
Co-authored-by: Monviech <79600909+Monviech at users.noreply.github.com>
(cherry picked from commit db41dfce2e67be3f6d3fd676ba5a47e7ef182d66)

system: shorten static route collection code here

(cherry picked from commit 7e000a945439678d25ad769eda546ea24dc319d7)
(cherry picked from commit 9a9b1ae078db7f9c79ee7eab71cfe9c29261cb7f)

system: add compatibility layer to future route disable/enable migration

Add an explicit empty argument for backend parser

We do not need argparse or parameters anymore

Time is still needed for polling

Make interval parameter explicit

Use state instead of time based mechanism to decide of lease is still valid

Services: Kea DHCPv4/v6: Use KeaCtrl python lib for kea_prefix_watcher to switch to polling the socket instead of streaming the csv lease files. The running configuration has structured output, and we stay in memory without needing to read and parse any files. The tradeoff is that we always have to process the full set of leases, yet by using lease6-get-page which is especially made for efficient bulk operations, this should be rather cheap. The main benefit is we always work with structured json data, can filter for ID_PD better, and reprocess the full truth on every poll interval to ensure the whole setup is self-healing