mvc: PortField: make "well-known" port numbers known #9835
After team discussion it makes sense to not bloat the list
or otherwise adapt it except for the fact that the legacy
GUI has a lookup array now folded into PortField for maximum
effect.
Make the labels nicer and unify them and resolve the service
name via getWellKnown() lookup trick.
We don't need the test anymore. The PortField use in the
shaper is different and unaffected for better or worse.
We should revisit but not before someone runs into this as
this hasn't happend for many years?
FWIW, the new rules GUI pages could use a better formatter
but then again we were talking about only storing numbers
anyway which the legacy code is doing. In that case we could
offer a full label to protocol numbers, but not before also
migrating service names to port numbers.
firewall: clean up for the cleanup in 0c3a937cc
Ideally "inet46" should be removed to no negative effect. At the
moment it creates two rules for its users but in practice that's
only for two auto-generated rules that are very likely fine either
way.
auth: unify pwd_changed_at usage, remove requirement to configure password_policy_length and update the timestamp via console and admin pages as well. closes https://github.com/opnsense/core/issues/9857
VPN: OpenVPN: Instances - debounce learn-address calls so we limit the number of alias updates to a minimum. (#9843)
When a lot of clients connect at the exact same time, it doesn't really make sense to keep calling the alias update procedure as logically we are only interested in the last one.
This change simply opens a file, keeps track of its modification stamp and if another updated it after us, assume that caller is responsible for making the magic happen.
Although there is a small downside to this (clients connecting constantly, nobody resposible for accounting), the gain is likely much bigger as it prevents these calls from floodin the system in all cases (saving a lot of load).
VPN: OpenVPN: Instances - debounce learn-address calls so we limit the number of alias updates to a minimum.
When a lot of clients connect at the exact same time, it doesn't really make sense to keep calling the alias update procedure as logically we are only interested in the last one.
This change simply opens a file, keeps track of its modification stamp and if another updated it after us, assume that caller is responsible for making the magic happen.
Although there is a small downside to this (clients connecting constantly, nobody resposible for accounting), the gain is likely much bigger as it prevents these calls from floodin the system in all cases (saving a lot of load).
interfaces: remove inconsistent "consistency check" and fix indent
If the VLAN parent isn't there the system has other problems.
Never seen this validation message out in the wild either.
See also: https://github.com/pfsense/pfsense/commit/66bcba1bcd806
Firewall: Rules [new]: Remove hardcoded colors where possible (#9848)
* Firewall: Rules [new]: Turn hardcoded badge colors into inherited label colors, use chip class for badges in tabulator rows
* Remove hardcoded fallback color from categories as well
* Add empty string as fallback for category color, and do not render the style in frontend if color is empty, that way fa-tag default style can be used here
* Remove hardcoded category colors in NAT templates as well
* Different label for "any" rules, remove font-size
* We do not need to set category_colors, the frontend checks if it exists already
Services: Captive Portal: Move template actions out of the ServiceController into its own TemplateController, so it can use the ApiMutableModelControllerBase methods (#9799)
Please note that this contains a breaking API change for the Captive Portal template controller.
