OPNSense/core 338ddeesrc/www firewall_scrub_edit.php firewall_rules_edit.php

firewall: ancient copy+paste error in scrub rules

(cherry picked from commit 4c559a63d42cfcda83440a60f6e6321ed595976e)
(cherry picked from commit e2d95ad6728e654bf195455edf45852c025ddbd5)
DeltaFile
+1-1src/www/firewall_scrub_edit.php
+1-1src/www/firewall_rules_edit.php
+2-22 files

OPNSense/core ae1e703src/etc/inc system.inc

system: Persian into production mode

(cherry picked from commit fce3f7973a5dc24a3577f660b9e58b95f49adf96)
DeltaFile
+0-1src/etc/inc/system.inc
+0-11 files

OPNSense/core 69e7e57src/opnsense/mvc/app/models/OPNsense/Kea KeaDhcpv6.php

kea: add several missing validation

PR: https://github.com/opnsense/core/issues/9343

(cherry picked from commit b6a59bb7e55793ed5ddc75d440ecfe67ae10663f)
(cherry picked from commit fcab636a4cb8238977335ceb684b2f6714e7a489)
(cherry picked from commit 83f9492087df23f591072e595eefb0b29b33d7db)
DeltaFile
+25-0src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv6.php
+25-01 files

OPNSense/core 7f1abcdsrc/opnsense/mvc/app/controllers/OPNsense/Diagnostics/forms ping.xml, src/opnsense/mvc/app/models/OPNsense/Diagnostics Ping.xml

Interfaces: Diagnostics: Ping - add optional interval (seconds), closes https://github.com/opnsense/core/issues/9695

(cherry picked from commit c6540bf6fa5c2d6c3a4eddaf0bb6be8fb5a531af)
DeltaFile
+7-0src/opnsense/mvc/app/controllers/OPNsense/Diagnostics/forms/ping.xml
+4-0src/opnsense/mvc/app/models/OPNsense/Diagnostics/Ping.xml
+3-0src/opnsense/scripts/interfaces/ping.py
+14-03 files

OPNSense/core 58e0489src/opnsense/mvc/app/views/OPNsense/Firewall filter_rule.volt

Firewall: Rules [new]: Add link to states and put it first in list (#9707)

(cherry picked from commit d2604675533ef60c74d4f95126cabdfd38ce2db9)
DeltaFile
+8-3src/opnsense/mvc/app/views/OPNsense/Firewall/filter_rule.volt
+8-31 files

OPNSense/core 26ac1fdsrc/opnsense/mvc/app/views/layouts default.volt, src/opnsense/www/css opnsense-bootgrid-layout.css

bootgrid: searchable column selectors

PR: https://github.com/opnsense/core/issues/9698

(cherry picked from commit 3ce73ff043ec9fc1e5266b7d34743ac251b88e1d)
(cherry picked from commit 7333fba07a40f5284256ec1fe69b0689964f15ef)
DeltaFile
+17-1src/opnsense/www/js/opnsense_bootgrid.js
+4-0src/opnsense/www/css/opnsense-bootgrid-layout.css
+2-1src/opnsense/mvc/app/views/layouts/default.volt
+23-23 files

OPNSense/core 8c64634src/opnsense/www/css opnsense-bootgrid-layout.css opnsense-bootgrid.css, src/opnsense/www/js opnsense_bootgrid.js

bootgrid: introduce toggle-selected command

PR: https://github.com/opnsense/core/issues/9678

(cherry picked from commit f7f0857ca94e7299fcdf3b5402939903c973ee79)
(cherry picked from commit b5cf3f741084188503a9ca663facaf6469e9204f)
DeltaFile
+52-2src/opnsense/www/js/opnsense_bootgrid.js
+5-0src/opnsense/www/css/opnsense-bootgrid-layout.css
+0-5src/opnsense/www/css/opnsense-bootgrid.css
+0-5src/opnsense/www/themes/opnsense-dark/build/css/opnsense-bootgrid.css
+0-5src/opnsense/www/themes/opnsense/assets/stylesheets/opnsense-bootgrid.scss
+0-5src/opnsense/www/themes/opnsense/build/css/opnsense-bootgrid.css
+57-222 files not shown
+59-278 files

OPNSense/core 6a46a33src/opnsense/mvc/app/controllers/OPNsense/Firewall/forms dialogFilterRule.xml, src/opnsense/mvc/app/views/OPNsense/Firewall filter_rule.volt

Firewall: Rules [new]: Statistics column is responsive now (#9679)

(cherry picked from commit 9aaf67569488cdd045d7e1963ea4b9e1cd87bd1c)
DeltaFile
+13-9src/opnsense/mvc/app/views/OPNsense/Firewall/filter_rule.volt
+0-1src/opnsense/mvc/app/controllers/OPNsense/Firewall/forms/dialogFilterRule.xml
+13-102 files

OPNSense/core e23898dsrc/opnsense/mvc/app/views/OPNsense/Firewall onat_rule.volt snat_rule.volt

Firewall: Rules [new]: Change toggle_log icon to help visibility of enabled/disabled status (#9704)

(cherry picked from commit 0f6d82af34c24246b3f29928f0bbc045e4e4103d)
DeltaFile
+1-1src/opnsense/mvc/app/views/OPNsense/Firewall/onat_rule.volt
+1-1src/opnsense/mvc/app/views/OPNsense/Firewall/snat_rule.volt
+1-1src/opnsense/mvc/app/views/OPNsense/Firewall/filter_rule.volt
+1-1src/opnsense/mvc/app/views/OPNsense/Firewall/dnat_rule.volt
+1-1src/opnsense/mvc/app/views/OPNsense/Firewall/npt_rule.volt
+5-55 files

OPNSense/core 01a7c5asrc/opnsense/mvc/app/models/OPNsense/Firewall DNat.xml, src/opnsense/mvc/app/views/OPNsense/Firewall dnat_rule.volt

Firewall: NAT: Destination NAT: The local-port field does not support range and well-known name (#9668)

* Make validation messages clearer
* Use selector in loop to determine where to replace the data (just the label is changed)

(cherry picked from commit 0f6cc03c69694349b927c0f041324989ce94fd46)
DeltaFile
+9-1src/opnsense/mvc/app/views/OPNsense/Firewall/dnat_rule.volt
+3-3src/opnsense/mvc/app/models/OPNsense/Firewall/DNat.xml
+12-42 files

OPNSense/core 2714ad5src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api FilterController.php, src/opnsense/mvc/app/library/OPNsense/Firewall Util.php

Firewall: Rules [new]: normalize overload table between uuid and name (#9657)

* Firewall: Rules [new]: The mvc page stores the overload table as UUID, the legacy page as alias name. Turn UUID into alias name and vice versa during upload and download of rules, and then resolve it to a name before setting it in pf configuration.
* Firewall: Rules [new]: view, show translated value in the advanced field tooltip when possible, this will show the alias name instead of the UUID, fix upload bootgrid reload and hint the successful import with the change message
* Firewall: Rules [new]: There were error(s) loading the rules: /tmp/rules.debug:235: 'max-src-conn-rate' maximum rate must be < 4294967

(cherry picked from commit 5d571dcc89f27977f08c01cfcb594e0d44551f60)
DeltaFile
+32-0src/opnsense/mvc/app/library/OPNsense/Firewall/Util.php
+16-2src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/FilterController.php
+10-0src/opnsense/mvc/app/models/OPNsense/Firewall/FieldTypes/FilterRuleField.php
+3-2src/opnsense/mvc/app/views/OPNsense/Firewall/filter_rule.volt
+1-1src/opnsense/mvc/app/models/OPNsense/Firewall/Filter.xml
+62-55 files

OPNSense/core 714fc1fsrc/etc/inc filter.inc filter.lib.inc, src/etc/inc/plugins.inc.d pf.inc

Firewall: Schedule - add missing schedules support in "Firewall: Rules [new]" and refactor existing usage to avoid duplication of logic

PR: https://github.com/opnsense/core/issues/9690

(cherry picked from commit a5fed616a50d2e6f09e53da03b98cc388cb3a12c)
(cherry picked from commit ce432fa769ca20896dddb626b38399b08a2c9ff3)
DeltaFile
+29-2src/etc/inc/filter.inc
+1-24src/etc/inc/filter.lib.inc
+8-13src/etc/inc/plugins.inc.d/pf.inc
+18-0src/opnsense/mvc/app/models/OPNsense/Firewall/Filter.php
+11-0src/opnsense/mvc/app/views/OPNsense/Firewall/filter_rule.volt
+10-0src/opnsense/mvc/app/library/OPNsense/Firewall/Rule.php
+77-391 files not shown
+78-397 files

OPNSense/core b38050asrc/opnsense/mvc/app/controllers/OPNsense/Firewall/Api FilterController.php, src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes ArrayField.php

Firewall: Rules [new] - on import, validate uuid (either empty or valid)

PR: https://github.com/opnsense/core/issues/9661

(cherry picked from commit 34d7d7742628a23f13b44a0afcb2f0d7bde7474e)
(cherry picked from commit 8c1a820340b829de801df98e57e249bdc78f8397)
(cherry picked from commit 60695dd2594fc1b4fa835b201bb8f06c77c6fcf5)
DeltaFile
+16-0src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes/ArrayField.php
+0-1src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/FilterController.php
+16-12 files

HardenedBSD/src dcbe59esys/dev/acpica acpi.c, sys/dev/tpm tpm_crb.c

Merge branch 'freebsd/current/main' into hardened/current/master
DeltaFile
+207-5sys/dev/tpm/tpm_crb.c
+0-92sys/kern/sched_ule.c
+91-0sys/kern/sched_shim.c
+47-34sys/kern/subr_smp.c
+72-0sys/dev/acpica/acpi.c
+3-45sys/powerpc/aim/mmu_oea64.c
+420-1766 files not shown
+453-19212 files

HardenedBSD/src cce3de2lib/libc/gen Makefile.inc, share/man Makefile

Merge branch 'freebsd/15-stable/main' into hardened/15-stable/main
DeltaFile
+3-3lib/libc/gen/Makefile.inc
+2-2share/man/Makefile
+1-1sys/conf/kmod.mk
+1-1sys/modules/Makefile
+1-1tests/sys/netpfil/pf/pflog.sh
+1-1usr.sbin/services_mkdb/Makefile
+9-96 files

FreeBSD/ports 1d761acscience/afni distinfo Makefile

science/afni: Update to 26.0.08
DeltaFile
+3-3science/afni/distinfo
+1-2science/afni/Makefile
+4-52 files

FreeBSD/ports b5df013www/gohugo distinfo Makefile

www/gohugo: Update to 0.155.2

ChangeLog: https://github.com/gohugoio/hugo/releases/tag/v0.155.2

 * Fix template change detection for multi-version sites
 * resources/image: Add some image decode/encode debug logging

Approved by:    doceng@ (implicit)
DeltaFile
+5-5www/gohugo/distinfo
+1-1www/gohugo/Makefile
+6-62 files

OPNSense/core 189889esrc/etc/inc interfaces.inc, src/opnsense/scripts/interfaces rtsold_script.sh

interfaces: multi-dhcp6c support and custom PD association #7647

This splits off rtsold and dhcp6c into separate processes
which frees us from the restrictions of faked iterative IDs
for PD associations.  For NA we simply default to 0 now.

I'm not entirely sure why we settled for a single deamon of
dhcp6c back in the day, but there are certianly downsides to
it and I don't see something that wasn't fixed in the meantime
that makes this not work.
DeltaFile
+22-58src/etc/inc/interfaces.inc
+58-4src/www/interfaces.php
+6-6src/opnsense/scripts/interfaces/rtsold_script.sh
+86-683 files

LLVM/project 42b1bebllvm/lib/Target/RISCV RISCVISelLowering.cpp

[RISCV] Default all ISD opcodes to Expand for P extension. (#179396)

Legal is the default for most opcodes, but we don't yet support all of
them. Override the ones that we support back to Legal.
DeltaFile
+15-5llvm/lib/Target/RISCV/RISCVISelLowering.cpp
+15-51 files

OPNSense/core e2d95adsrc/www firewall_rules_edit.php firewall_scrub_edit.php

firewall: double check the theory of 4c559a63d42

While here add the proper translation and safeguarding.
DeltaFile
+1-1src/www/firewall_rules_edit.php
+1-1src/www/firewall_scrub_edit.php
+2-22 files

HardenedBSD/ports 71364b6misc/py-huggingface-hub distinfo Makefile

misc/py-huggingface-hub: Update to 1.3.7

Changelog:
- https://github.com/huggingface/huggingface_hub/releases/tag/v1.3.3
- https://github.com/huggingface/huggingface_hub/releases/tag/v1.3.4
- https://github.com/huggingface/huggingface_hub/releases/tag/v1.3.5
- https://github.com/huggingface/huggingface_hub/releases/tag/v1.3.7

Reported by:    portscout
DeltaFile
+3-3misc/py-huggingface-hub/distinfo
+1-1misc/py-huggingface-hub/Makefile
+4-42 files

FreeBSD/ports 71364b6misc/py-huggingface-hub distinfo Makefile

misc/py-huggingface-hub: Update to 1.3.7

Changelog:
- https://github.com/huggingface/huggingface_hub/releases/tag/v1.3.3
- https://github.com/huggingface/huggingface_hub/releases/tag/v1.3.4
- https://github.com/huggingface/huggingface_hub/releases/tag/v1.3.5
- https://github.com/huggingface/huggingface_hub/releases/tag/v1.3.7

Reported by:    portscout
DeltaFile
+3-3misc/py-huggingface-hub/distinfo
+1-1misc/py-huggingface-hub/Makefile
+4-42 files

LLVM/project dfbf54allvm/lib/Target/NVPTX NVPTXIntrinsics.td, llvm/lib/Target/NVPTX/MCTargetDesc NVPTXInstPrinter.cpp NVPTXInstPrinter.h

[NVPTX] Print PM Event Mask value as unsigned integer. (#178891)

This change fixes PM Event Mask value in NVPTX BE when ID=15 is set. The
PM Event Mask value is printed as the unsigned integer instead of the
singed one.
DeltaFile
+18-2llvm/test/CodeGen/NVPTX/pm-event.ll
+12-0llvm/lib/Target/NVPTX/MCTargetDesc/NVPTXInstPrinter.cpp
+5-1llvm/lib/Target/NVPTX/NVPTXIntrinsics.td
+3-0llvm/lib/Target/NVPTX/MCTargetDesc/NVPTXInstPrinter.h
+38-34 files

OPNSense/core 5fdad6bsrc/opnsense/mvc/app/models/OPNsense/Base/FieldTypes ArrayField.php

mvc: support throwing exceptions in importRecordSet(.., $data_callback, ..) for importCsv() to add validation on the input data.

requirement for: https://github.com/opnsense/core/issues/9661

(cherry picked from commit f8560f063f1dfda9516e381cc1a998b44efad0e9)
DeltaFile
+6-1src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes/ArrayField.php
+6-11 files

OPNSense/core c7f8f8csrc/etc/inc interfaces.inc

interfaces: fix wlan creation when $mode is empty

We don't currently have a way to specify if-empty-do-not-quote
since strict quoting is often much more effective in bubbling up
errors.  It could be useful to have it but the recent improvement
of mwexecf() and friends regarding array-based format strings can
account for this too.

PR: https://forum.opnsense.org/index.php?topic=50561.msg258926#msg258926
(cherry picked from commit 45597a976c46306be955a60326347c7c2f46f898)
DeltaFile
+12-1src/etc/inc/interfaces.inc
+12-11 files

OPNSense/plugins 1278de1net/tayga pkg-descr Makefile, net/tayga/src/opnsense/service/templates/OPNsense/Tayga tayga.conf

net/tayga: enable forwarding of UDP packets with zero checksum (#5183)

DeltaFile
+4-0net/tayga/pkg-descr
+1-1net/tayga/Makefile
+1-0net/tayga/src/opnsense/service/templates/OPNsense/Tayga/tayga.conf
+6-13 files

FreeBSD/ports fd9ed80sysutils/bareos24-client Makefile

sysutils/bareos24-client: Remove entry from CONFLICTS

- Bump PORTREVISION
DeltaFile
+2-2sysutils/bareos24-client/Makefile
+2-21 files

HardenedBSD/ports fd9ed80sysutils/bareos24-client Makefile

sysutils/bareos24-client: Remove entry from CONFLICTS

- Bump PORTREVISION
DeltaFile
+2-2sysutils/bareos24-client/Makefile
+2-21 files

FreeBSD/ports 43930fasysutils/bareos24-server Makefile, sysutils/bareos24-server/files patch-core-src-stored-backends_chunked_device.cc patch-core-src-include_baconfig.h

sysutils/bareos24-*: Remove BROKEN

- server: Define ONLY_FOR_ARCHS to aarch64 and amd64
- Remove CONFLICTS to bareos22*
- Bump PORTREVISION
DeltaFile
+163-0sysutils/bareos24-server/files/patch-core-src-stored-backends_chunked_device.cc
+18-0sysutils/bareos24-server/files/patch-core-src-include_baconfig.h
+4-4sysutils/bareos24-server/Makefile
+185-43 files

HardenedBSD/ports 43930fasysutils/bareos24-server Makefile, sysutils/bareos24-server/files patch-core-src-stored-backends_chunked_device.cc patch-core-src-include_baconfig.h

sysutils/bareos24-*: Remove BROKEN

- server: Define ONLY_FOR_ARCHS to aarch64 and amd64
- Remove CONFLICTS to bareos22*
- Bump PORTREVISION
DeltaFile
+163-0sysutils/bareos24-server/files/patch-core-src-stored-backends_chunked_device.cc
+18-0sysutils/bareos24-server/files/patch-core-src-include_baconfig.h
+4-4sysutils/bareos24-server/Makefile
+185-43 files