OPNSense / core - FreshBSD

OPNSense/core beed8f1 — src/opnsense/mvc/app/controllers/OPNsense/Core/Api SnapshotsController.php, src/opnsense/mvc/app/controllers/OPNsense/Core/forms snapshot.xml

2026-02-12 20:17:31 UTC by Ad Schellevis on ⎇

master

System: Snapshots - add note field to store comments. closes https://github.com/opnsense/core/issues/9764

One of the main issues with our previous bectl output was the variance of the (uuid) key, which we generated using the current name.
By using the create timestamp (acquired via zfs), we can keep our key stable on renames and offer access to simple json files on disk which contain additional notes.

Notes are stored in /conf/snapshots/ as json files, keyed by their generated uuid's.

Delta		File
+62	-4	src/opnsense/mvc/app/controllers/OPNsense/Core/Api/SnapshotsController.php
+8	-2	src/opnsense/scripts/system/bectl.py
+5	-0	src/opnsense/mvc/app/controllers/OPNsense/Core/forms/snapshot.xml
+75	-6	3 files

OPNSense/core 66261e1 — src/opnsense/www/js opnsense_bootgrid.js

2026-02-12 17:23:01 UTC by Ad Schellevis on ⎇

master

bootgrid: fix curRowCount type conversion issue when stored in localstorage.

Delta		File
+3	-1	src/opnsense/www/js/opnsense_bootgrid.js
+3	-1	1 files

OPNSense/core 1669418 — src/opnsense/mvc/app/library/OPNsense/Base UIModelGrid.php

2026-02-12 15:33:29 UTC by Monviech on ⎇

mvc-search-uuid-field

mvc: idea to add UUID to the fields that can be searched, but only if the searchPhrase contains a valid UUID. That way it won't match on partial strings.

Delta		File
+19	-0	src/opnsense/mvc/app/library/OPNsense/Base/UIModelGrid.php
+19	-0	1 files

OPNSense/core c0569f8 — src/opnsense/mvc/app/controllers/OPNsense/Base ApiMutableModelControllerBase.php, src/opnsense/www/js opnsense_bootgrid.js

2026-02-12 14:50:36 UTC by Stephan de Wit via GitHub on ⎇

master

bootgrid: batch delete-selected by default (#9779)

* bootgrid: batch delete-selected by default

* ApiMutableModelControllerBase - simplify checkAndThrowSafeDelete in delBase a bit for https://github.com/opnsense/core/pull/9779

* use a descriptive name if available

---------

Co-authored-by: Ad Schellevis <ad at opnsense.org>

Delta		File
+34	-16	src/opnsense/mvc/app/controllers/OPNsense/Base/ApiMutableModelControllerBase.php
+14	-13	src/opnsense/www/js/opnsense_bootgrid.js
+48	-29	2 files

OPNSense/core d0d6de2 — src/opnsense/mvc/app/controllers/OPNsense/Base ApiMutableModelControllerBase.php

2026-02-12 14:20:57 UTC by Ad Schellevis on ⎇

batch-delete

ApiMutableModelControllerBase - simplify checkAndThrowSafeDelete in delBase a bit for https://github.com/opnsense/core/pull/9779

Delta		File
+18	-19	src/opnsense/mvc/app/controllers/OPNsense/Base/ApiMutableModelControllerBase.php
+18	-19	1 files

OPNSense/core 63e0b92 — src/opnsense/mvc/app/views/OPNsense/Diagnostics fw_log.volt, src/opnsense/mvc/app/views/OPNsense/Firewall filter_rule.volt dnat_rule.volt

2026-02-12 13:31:04 UTC by Monviech via GitHub on ⎇

master

Firewall: Rules [new]: Add a command button to open the live log with prefilled rule ID (#9770)

fw_log.volt:
Uses a url hash inside fw_log.volt to set a filter when opening it through a link from filter_rule.volt
The url hash can set any type of a single filter, so it can be reused in other pages as well.
Combine entry point of addCombinedFilter and addFilter, decide via array in field what type it is.
Change init entrypoint to always go through the filterChange() pipeline, but have a fast path in there that initializes without a filter. This adds the filter immediately when loading with the page with the URL hash
Make sure we want for tableBuilt to prevent replaceData errors

filter_rule.volt
Only show the log search button when row.log is 1 or true
Change fa icon in the lookup rule reference button in dnat as well for consistency
Use URLSearchParams()

---------

Co-authored-by: Stephan de Wit <stephan.de.wit at deciso.com>

Delta		File
+30	-24	src/opnsense/mvc/app/views/OPNsense/Diagnostics/fw_log.volt
+36	-17	src/opnsense/mvc/app/views/OPNsense/Firewall/filter_rule.volt
+3	-3	src/opnsense/mvc/app/views/OPNsense/Firewall/dnat_rule.volt
+69	-44	3 files

OPNSense/core 6fbde64 — src/opnsense/mvc/app/controllers/OPNsense/Base ApiMutableModelControllerBase.php, src/opnsense/www/js opnsense_bootgrid.js

2026-02-12 13:13:34 UTC by Stephan de Wit on ⎇

batch-delete

bootgrid: batch delete-selected by default

Delta		File
+30	-13	src/opnsense/mvc/app/controllers/OPNsense/Base/ApiMutableModelControllerBase.php
+14	-13	src/opnsense/www/js/opnsense_bootgrid.js
+44	-26	2 files

OPNSense/core c56ea09 — src/opnsense/mvc/app/views/OPNsense/Diagnostics fw_log.volt, src/opnsense/mvc/app/views/OPNsense/Firewall filter_rule.volt

2026-02-12 13:03:36 UTC by Monviech on ⎇

firewall-log-search

Use URLSearchParams() instead of JSON

Delta		File
+8	-9	src/opnsense/mvc/app/views/OPNsense/Diagnostics/fw_log.volt
+1	-3	src/opnsense/mvc/app/views/OPNsense/Firewall/filter_rule.volt
+9	-12	2 files

OPNSense/core 4081092 — src/etc/inc interfaces.inc, src/opnsense/scripts/interfaces rtsold_script.sh

2026-02-12 12:45:30 UTC by Franco Fichtner on ⎇

dhcp6c_multi

interfaces: multi-dhcp6c support and custom PD association #7647

This splits off rtsold and dhcp6c into separate processes
which frees us from the restrictions of faked iterative IDs
for PD associations.  For NA we simply default to 0 now.

I'm not entirely sure why we settled for a single deamon of
dhcp6c back in the day, but there are certianly downsides to
it and I don't see something that wasn't fixed in the meantime
that makes this not work.

Delta		File
+22	-58	src/etc/inc/interfaces.inc
+58	-4	src/www/interfaces.php
+6	-6	src/opnsense/scripts/interfaces/rtsold_script.sh
+86	-68	3 files

OPNSense/core c6db10f — src/etc/pkg/repos OPNsense-aux.conf.shadow.in, src/opnsense/mvc/app/models/OPNsense/Core Firmware.xml

2026-02-12 12:44:45 UTC by Franco Fichtner on ⎇

master

firmware: disable aux by default but enable when checked; closes #9275

Delta		File
+26	-16	src/opnsense/mvc/app/views/OPNsense/Core/firmware.volt
+9	-1	src/opnsense/scripts/firmware/repos/OPNsense.php
+1	-1	src/etc/pkg/repos/OPNsense-aux.conf.shadow.in
+1	-0	src/opnsense/mvc/app/models/OPNsense/Core/Firmware.xml
+37	-18	4 files

OPNSense/core c145e5c — src/opnsense/scripts/kea kea_prefix_watcher.py

2026-02-12 12:42:55 UTC by Monviech via GitHub on ⎇

master

kea: Add scope ID to prefix watcher link local address to fix route add (#9778)

Delta		File
+2	-1	src/opnsense/scripts/kea/kea_prefix_watcher.py
+2	-1	1 files

OPNSense/core 827376d — src/etc/pkg/repos OPNsense-aux.conf.shadow.in, src/opnsense/mvc/app/models/OPNsense/Core Firmware.xml

2026-02-12 12:32:46 UTC by Franco Fichtner on ⎇

aux_full

firmware: disable aux by default but enable when set #9275

Delta		File
+26	-16	src/opnsense/mvc/app/views/OPNsense/Core/firmware.volt
+9	-1	src/opnsense/scripts/firmware/repos/OPNsense.php
+1	-1	src/etc/pkg/repos/OPNsense-aux.conf.shadow.in
+1	-0	src/opnsense/mvc/app/models/OPNsense/Core/Firmware.xml
+37	-18	4 files

OPNSense/core 1d06cf4 — src/opnsense/scripts/firmware/repos OPNsense.php

2026-02-12 11:40:19 UTC by Franco Fichtner on ⎇

master

firmware: opnsense-update does aux if found now

Delta		File
+0	-4	src/opnsense/scripts/firmware/repos/OPNsense.php
+0	-4	1 files

OPNSense/core 31f6e89 — src/opnsense/mvc/app/models/OPNsense/Base/Menu MenuItem.php MenuSystem.php

2026-02-12 11:09:38 UTC by Franco Fichtner on ⎇

master

firewall: override "Rules" name when we hide the old one

Delta		File
+20	-1	src/opnsense/mvc/app/models/OPNsense/Base/Menu/MenuItem.php
+3	-9	src/opnsense/mvc/app/models/OPNsense/Base/Menu/MenuSystem.php
+23	-10	2 files

OPNSense/core af58c50 — src/opnsense/mvc/app/views/OPNsense/Diagnostics fw_log.volt

2026-02-12 09:54:57 UTC by Stephan de Wit on ⎇

firewall-log-search

make sure we want for tableBuilt to prevent replaceData errors

Delta		File
+11	-9	src/opnsense/mvc/app/views/OPNsense/Diagnostics/fw_log.volt
+11	-9	1 files

OPNSense/core e4cc9e7 — src/opnsense/scripts/kea kea_prefix_watcher.py

2026-02-12 09:17:07 UTC by Monviech on ⎇

kea-prefix-watcher-scopeid

kea: Add scope ID to prefix watcher link local address to fix route add

Delta		File
+2	-1	src/opnsense/scripts/kea/kea_prefix_watcher.py
+2	-1	1 files

OPNSense/core a5c1076 — src/opnsense/mvc/app/views/OPNsense/Core firmware.volt

2026-02-12 09:02:40 UTC by Franco Fichtner on ⎇

master

firmware: shorten this message, spinner now back to same line

Delta		File
+2	-2	src/opnsense/mvc/app/views/OPNsense/Core/firmware.volt
+2	-2	1 files

OPNSense/core 6cfd38c — src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api CategoryController.php, src/opnsense/mvc/app/views/OPNsense/Firewall category.volt

2026-02-12 09:02:17 UTC by Ad Schellevis on ⎇

master

Firewall: Categories - add simple import/export function and missing lock on set action.

Delta		File
+29	-2	src/opnsense/mvc/app/views/OPNsense/Firewall/category.volt
+18	-1	src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/CategoryController.php
+47	-3	2 files

OPNSense/core a971f4f — src/etc/inc interfaces.inc, src/opnsense/scripts/interfaces rtsold_script.sh

2026-02-12 08:22:52 UTC by Franco Fichtner on ⎇

dhcp6c_multi

interfaces: multi-dhcp6c support and custom PD association #7647

This splits off rtsold and dhcp6c into separate processes
which frees us from the restrictions of faked iterative IDs
for PD associations.  For NA we simply default to 0 now.

I'm not entirely sure why we settled for a single deamon of
dhcp6c back in the day, but there are certianly downsides to
it and I don't see something that wasn't fixed in the meantime
that makes this not work.

Delta		File
+22	-58	src/etc/inc/interfaces.inc
+58	-4	src/www/interfaces.php
+6	-6	src/opnsense/scripts/interfaces/rtsold_script.sh
+86	-68	3 files

OPNSense/core bc6035e — src/opnsense/scripts/firmware update.sh

2026-02-12 08:11:59 UTC by Franco Fichtner on ⎇

master

firmware: this cleanup also moves to opnsense-update

Delta		File
+1	-2	src/opnsense/scripts/firmware/update.sh
+1	-2	1 files

OPNSense/core f55124a — . plist, src/etc/rc.syshook.d/upgrade 90-cleanup.sh

2026-02-12 08:02:42 UTC by Franco Fichtner on ⎇

master

firmware: move this to opnsense-update

Delta		File
+0	-4	src/etc/rc.syshook.d/upgrade/90-cleanup.sh
+0	-1	plist
+0	-5	2 files

OPNSense/core 7592d9d — src/etc/inc interfaces.inc, src/opnsense/scripts/interfaces rtsold_script.sh

2026-02-12 07:44:37 UTC by Franco Fichtner on ⎇

dhcp6c_multi

interfaces: multi-dhcp6c support and custom PD association #7647

This splits off rtsold and dhcp6c into separate processes
which frees us from the restrictions of faked iterative IDs
for PD associations.  For NA we simply default to 0 now.

I'm not entirely sure why we settled for a single deamon of
dhcp6c back in the day, but there are certianly downsides to
it and I don't see something that wasn't fixed in the meantime
that makes this not work.

Delta		File
+22	-58	src/etc/inc/interfaces.inc
+58	-4	src/www/interfaces.php
+6	-6	src/opnsense/scripts/interfaces/rtsold_script.sh
+86	-68	3 files

OPNSense/core 2a90bec — . Makefile plist, src/etc/pkg/repos OPNsense-aux.conf.shadow.in OPNsense.conf.shadow.in

2026-02-12 07:44:06 UTC by Franco Fichtner on ⎇

master

firmware: add aux repository for #9275

Not a toggle yet but also only on development for now.

Delta		File
+7	-0	src/etc/pkg/repos/OPNsense-aux.conf.shadow.in
+2	-2	Makefile
+4	-0	src/opnsense/scripts/firmware/repos/OPNsense.php
+1	-1	src/etc/pkg/repos/OPNsense.conf.shadow.in
+1	-0	plist
+15	-3	5 files

OPNSense/core 0b5f585 — src/opnsense/www/js/widgets Firewall.js

2026-02-12 07:35:37 UTC by Ad Schellevis on ⎇

master

Lobby: Dashboard / Firewall - fix encoding issue, closes https://github.com/opnsense/core/issues/9729

Minor adjustment to https://github.com/opnsense/core/pull/9776

Delta		File
+1	-1	src/opnsense/www/js/widgets/Firewall.js
+1	-1	1 files

OPNSense/core 0ed6359 — src/opnsense/mvc/app/views/OPNsense/Core firmware.volt

2026-02-12 07:30:48 UTC by Franco Fichtner on ⎇

master

firmware: fix this annoying UX bug not hiding advanced options

Delta		File
+1	-1	src/opnsense/mvc/app/views/OPNsense/Core/firmware.volt
+1	-1	1 files

OPNSense/core 8297c7d — src/opnsense/scripts/captiveportal/lib db.py

2026-02-11 15:40:54 UTC by Stephan de Wit on ⎇

captive-portal-ipv6

remove unused code

Delta		File
+1	-30	src/opnsense/scripts/captiveportal/lib/db.py
+1	-30	1 files

OPNSense/core fe4748b — src/opnsense/mvc/app/views/OPNsense/CaptivePortal clients.volt, src/opnsense/scripts/captiveportal/lib arp.py

2026-02-11 15:33:41 UTC by Stephan de Wit on ⎇

captive-portal-ipv6

captive portal: some more cleanups

Delta		File
+8	-9	src/opnsense/mvc/app/views/OPNsense/CaptivePortal/clients.volt
+0	-11	src/opnsense/scripts/captiveportal/lib/arp.py
+8	-20	2 files

OPNSense/core c6d526f — src/opnsense/scripts/captiveportal/lib ipfw.py pf.py

2026-02-11 15:06:08 UTC by Stephan de Wit on ⎇

captive-portal-ipv6

in fact, this documents itself

Delta		File
+0	-4	src/opnsense/scripts/captiveportal/lib/ipfw.py
+0	-4	src/opnsense/scripts/captiveportal/lib/pf.py
+0	-8	2 files

OPNSense/core 8be14b6 — src/opnsense/scripts/captiveportal/lib ipfw.py pf.py

2026-02-11 15:05:08 UTC by Stephan de Wit on ⎇

captive-portal-ipv6

captive portal: no scope stripping needed

Delta		File
+1	-3	src/opnsense/scripts/captiveportal/lib/ipfw.py
+1	-3	src/opnsense/scripts/captiveportal/lib/pf.py
+2	-6	2 files

OPNSense/core 43675dd — src/opnsense/scripts/captiveportal cp-background-process.py, src/opnsense/scripts/captiveportal/lib arp.py

2026-02-11 14:59:20 UTC by Stephan de Wit on ⎇

captive-portal-ipv6

captive portal: simplify hostdiscovery output handling

Delta		File
+20	-80	src/opnsense/scripts/captiveportal/lib/arp.py
+1	-1	src/opnsense/scripts/captiveportal/cp-background-process.py
+21	-81	2 files