radvd: When Base6Interface constructor is used, use its primary address for ifcfgipv6 (#9689)
(cherry picked from commit 3bcdae70f742771a4e71e7029009778935d86362)
Firewall: Schedule - add missing schedules support in "Firewall: Rules [new]" and refactor existing usage to avoid duplication of logic. closes https://github.com/opnsense/core/issues/9690
This commit moves the schedule logic out of filter_core_rules_user() where it didn't belong in the first place.
Since we need legacy code to determine schedule behavior, we cannot move it to the plugin classes easily, instead sweep all registered rules after registration so we can process "sched" for all of them in the same way.
We can next add a simple action into the model to ask if there actually is a schedule, which pf_cron() needs to schedule the rule updates.
Finally add an icon and link into the mvc page to refer to the schedule itself.
interfaces: multi-dhcp6c support and custom PD association #7647
This splits off rtsold and dhcp6c into separate processes
which frees us from the restrictions of faked iterative IDs
for PD associations. For NA we simply default to 0 now.
I'm not entirely sure why we settled for a single deamon of
dhcp6c back in the day, but there are certianly downsides to
it and I don't see something that wasn't fixed in the meantime
that makes this not work.
mvc: shield exec_safe() against "fatal" type errors
Allows the system to boot in the worst case and replaces the
command with a simple dummy command.
Formatters are still a work in progress as I'm not sure how
much preprocessing we should add here to fish for vsprintf()
doing type casts to int/float which is not something the command
line can/should support.
radvd: In case of Base6Interface constructor, use link-local address as there will not be a primary address on the same interface. This will also cause the automatic rdnss option to become a link local IP address.
reporting: render as string instead for #9686
Revert ca06d54676942764b3. A command line is a string and
don't offer exceptions to escaping.
We may consider replacing %[^s%] with %s in the format
string but there aren't many cases where it matters either.
Should just be part of the documentation we need to offer
soon.
interfaces: multi-dhcp6c support and custom PD association #7647
This splits off rtsold and dhcp6c into separate processes
which frees us from the restrictions of faked iterative IDs
for PD associations. For NA we simply default to 0 now.
I'm not entirely sure why we settled for a single deamon of
dhcp6c back in the day, but there are certianly downsides to
it and I don't see something that wasn't fixed in the meantime
that makes this not work.
Firewall: NAT: Destination NAT: The local-port field does not support range and well-known name (#9668)
* Make validation messages clearer
* Use selector in loop to determine where to replace the data (just the label is changed)
interfaces: host discovery: make sure the full dump includes NDP output if hostwatch is disabled
(cherry picked from commit f7fac5a6f4ac9ba502acab688a6d8092d942d77d)
