OPNSense/core 892ad5csrc/opnsense/scripts/kea kea_prefix_renew.py, src/opnsense/service/conf/actions.d actions_interface.conf actions_radvd.conf

system: use "pluginctl -c" consistently
DeltaFile
+1-1src/opnsense/scripts/kea/kea_prefix_renew.py
+1-1src/opnsense/service/conf/actions.d/actions_interface.conf
+1-1src/opnsense/service/conf/actions.d/actions_radvd.conf
+3-33 files

OPNSense/core e1c9abesrc/opnsense/mvc/app/views/OPNsense/Firewall filter_rule.volt

iron out banner removal
DeltaFile
+4-5src/opnsense/mvc/app/views/OPNsense/Firewall/filter_rule.volt
+4-51 files

OPNSense/core 5364cacsrc/etc rc.bootup, src/etc/inc/plugins.inc.d core.inc

rc: move system_powerd_configure() to bootup plugin hook
DeltaFile
+2-1src/etc/inc/plugins.inc.d/core.inc
+0-2src/etc/rc.bootup
+2-32 files

OPNSense/core 8f98cd3src/opnsense/mvc/app/views/OPNsense/Firewall filter_rule.volt

move this to the response handler to avoid side effects
DeltaFile
+3-2src/opnsense/mvc/app/views/OPNsense/Firewall/filter_rule.volt
+3-21 files

OPNSense/core de325a2src/opnsense/mvc/app/views/OPNsense/Firewall filter_rule.volt

Firewall: Rules: add banner if no rules defined
DeltaFile
+22-0src/opnsense/mvc/app/views/OPNsense/Firewall/filter_rule.volt
+22-01 files

OPNSense/core 0b4127bsrc/opnsense/mvc/app/controllers/OPNsense/Firewall/Api MigrationController.php, src/opnsense/mvc/app/views/OPNsense/Firewall firewall_migration.volt

Firewall: Migration Assistant: Show rule counts that can be exported, hide tab if no rules exist to suggest the task has completed
DeltaFile
+31-6src/opnsense/mvc/app/views/OPNsense/Firewall/firewall_migration.volt
+28-4src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/MigrationController.php
+59-102 files

OPNSense/core 3e2866asrc/etc/inc interfaces.lib.inc

interfaces: parse ifconfig output despite exit error in legacy_interfaces_details()

PR: https://github.com/opnsense/src/issues/284

In this version print the error number and stderr output.  We'd like to know
which part of ifconfig fails and don't want to taint the parser output.  If
it's empty it's empty anyway.  But maybe in the commit we merge we should just
ditch everything to /dev/null as we do mute the error in most cases anyway.
The resulting array is empty worst case which is just what it is.

Suggested by: @e-alfred
DeltaFile
+16-11src/etc/inc/interfaces.lib.inc
+16-111 files

OPNSense/core 0eef8easrc/etc/inc interfaces.lib.inc

interfaces: parse ifconfig output despite exit error in legacy_interfaces_details()

PR: https://github.com/opnsense/src/issues/284

In this version print the error number and stderr output.  We'd like to know
which part of ifconfig fails and don't want to taint the parser output.  If
it's empty it's empty anyway.

Suggested by: @e-alfred
DeltaFile
+11-8src/etc/inc/interfaces.lib.inc
+11-81 files

OPNSense/core b243971src/opnsense/mvc/app/models/OPNsense/OpenVPN OpenVPN.xml

VPN: OpenVPN: Instances - require at least 1 for vpnid field, same as auto-number should use. closes https://github.com/opnsense/core/issues/10394
DeltaFile
+1-0src/opnsense/mvc/app/models/OPNsense/OpenVPN/OpenVPN.xml
+1-01 files

OPNSense/core 932f274src/opnsense/mvc/app/views/OPNsense/IDS index.volt

Services: Intrusion Detection: Administration - fix regression in https://github.com/opnsense/core/commit/9271d08bf3ff3eedfa069c2d0b6c5c6f428ccfe4, closes https://github.com/opnsense/core/issues/10393

It looks like the action buttons lost their bindings, this commit restores the function, although it removes the batch function which previously splitted the set in parts.
Usually the size of the url shouldn't be that much of an issue.
DeltaFile
+20-1src/opnsense/mvc/app/views/OPNsense/IDS/index.volt
+20-11 files

OPNSense/core 4434a8esrc/opnsense/mvc/app/views/OPNsense/Firewall nat_rule.volt

Firewall: NAT: Source NAT: Hide command footer if snat_mode is automatic. (#10391)
DeltaFile
+8-1src/opnsense/mvc/app/views/OPNsense/Firewall/nat_rule.volt
+8-11 files

OPNSense/core 2a312a9src/opnsense/mvc/app/views/OPNsense/Firewall nat_rule.volt

Firewall: NAT: Source NAT: Hide command footer if snat_mode is automatic.
DeltaFile
+8-1src/opnsense/mvc/app/views/OPNsense/Firewall/nat_rule.volt
+8-11 files

OPNSense/core beff827src/opnsense/www/js opnsense_widget_manager.js

dashboard: explicitly compact on layout shift if there's no predefined layout
DeltaFile
+2-0src/opnsense/www/js/opnsense_widget_manager.js
+2-01 files

OPNSense/core 20ce286src/opnsense/mvc/app/controllers/OPNsense/Core/Api DashboardController.php

dashboard: update result on default restore
DeltaFile
+1-0src/opnsense/mvc/app/controllers/OPNsense/Core/Api/DashboardController.php
+1-01 files

OPNSense/core f3315d2src/etc/rc.loader.d 20-zfs

rc: use newer min_auto_ashift variable

WARNING: sysctl vfs.zfs.min_auto_ashift is deprecated. Use vfs.zfs.vdev.min_auto_ashift instead.
DeltaFile
+1-1src/etc/rc.loader.d/20-zfs
+1-11 files

OPNSense/core b0e8dfc. plist, src/opnsense/mvc/app/library/OPNsense/Interface Idassoc.php

mvc: Fix idassoc.php converting already decimal stored prefix_id via hexdec(), add unit test for idassoc.php (#10389)


---------

Co-authored-by: Franco Fichtner <franco at opnsense.org>
DeltaFile
+154-0src/opnsense/mvc/tests/app/library/OPNsense/Interface/IdassocTest.php
+2-2src/opnsense/mvc/app/library/OPNsense/Interface/Idassoc.php
+1-0plist
+157-23 files

OPNSense/core 0b5eb6c. plist

plist-fix
DeltaFile
+1-0plist
+1-01 files

OPNSense/core 9a702a6src/opnsense/mvc/app/views/OPNsense/Firewall nat_rule.volt

Firewall: NAT: Destination NAT: Display effective port when local-port is omitted (#10237)
DeltaFile
+5-3src/opnsense/mvc/app/views/OPNsense/Firewall/nat_rule.volt
+5-31 files

OPNSense/core 2c01f54. plist

pkg: of course, of course
DeltaFile
+1-0plist
+1-01 files

OPNSense/core e0fb60csrc/etc/pkg/fingerprints/OPNsense/trusted pkg.opnsense.org.20260608

firmware: add 26.7 fingerprint
DeltaFile
+2-0src/etc/pkg/fingerprints/OPNsense/trusted/pkg.opnsense.org.20260608
+2-01 files

OPNSense/core b5c737b. .gitignore

git: less ignore for our pkg files

This has been a problem for a decade.  Time to make this easier.
DeltaFile
+6-0.gitignore
+6-01 files

OPNSense/core 6e57f19src/opnsense/mvc/app/models/OPNsense/Core Firmware.php, src/opnsense/mvc/app/models/OPNsense/Core/repositories opnsense.xml

firmware: allow "local" business mirror subscription

While here remove the allow_custom softcoding which was always
enabled anyday.
DeltaFile
+33-39src/opnsense/mvc/app/models/OPNsense/Core/Firmware.php
+13-16src/opnsense/mvc/app/views/OPNsense/Core/firmware.volt
+5-3src/opnsense/scripts/firmware/repos/OPNsense.php
+2-2src/opnsense/mvc/app/models/OPNsense/Core/repositories/opnsense.xml
+53-604 files

OPNSense/core 80e0209src/opnsense/mvc/app/library/OPNsense/Interface Idassoc.php

Update src/opnsense/mvc/app/library/OPNsense/Interface/Idassoc.php

Co-authored-by: Franco Fichtner <franco at opnsense.org>
DeltaFile
+1-1src/opnsense/mvc/app/library/OPNsense/Interface/Idassoc.php
+1-11 files

OPNSense/core 7b1001esrc/opnsense/mvc/app/library/OPNsense/Interface Idassoc.php

Update src/opnsense/mvc/app/library/OPNsense/Interface/Idassoc.php

Co-authored-by: Franco Fichtner <franco at opnsense.org>
DeltaFile
+1-2src/opnsense/mvc/app/library/OPNsense/Interface/Idassoc.php
+1-21 files

OPNSense/core 7e1183dsrc/opnsense/mvc/app/library/OPNsense/Interface Idassoc.php, src/opnsense/mvc/tests/app/library/OPNsense/Interface IdassocTest.php

mvc: Fix idassoc.php converting already decimal stored prefix_id via hexdec(), adjust unit test
DeltaFile
+16-13src/opnsense/mvc/tests/app/library/OPNsense/Interface/IdassocTest.php
+3-2src/opnsense/mvc/app/library/OPNsense/Interface/Idassoc.php
+19-152 files

OPNSense/core 446ef1asrc/opnsense/mvc/app/views/OPNsense/Firewall filter_rule.volt

mvc: style sweep
DeltaFile
+1-1src/opnsense/mvc/app/views/OPNsense/Firewall/filter_rule.volt
+1-11 files

OPNSense/core 10b13adsrc/opnsense/mvc/tests/app/library/OPNsense/Interface IdassocTest.php

mvc: Add test for idassoc.php
DeltaFile
+151-0src/opnsense/mvc/tests/app/library/OPNsense/Interface/IdassocTest.php
+151-01 files

OPNSense/core 89896cdsrc/opnsense/mvc/app/models/OPNsense/Core Firmware.php, src/opnsense/mvc/app/models/OPNsense/Core/repositories opnsense.xml

firmware: allow local business mirror
DeltaFile
+24-28src/opnsense/mvc/app/models/OPNsense/Core/Firmware.php
+2-2src/opnsense/mvc/app/models/OPNsense/Core/repositories/opnsense.xml
+1-1src/opnsense/scripts/firmware/repos/OPNsense.php
+27-313 files

OPNSense/core fb51421src/www firewall_rules.php

Firewall: Add migration assistant banner to legacy rules page (#10388)
DeltaFile
+9-0src/www/firewall_rules.php
+9-01 files

OPNSense/core 6402be8src/etc/inc filter.lib.inc, src/opnsense/mvc/app/views/OPNsense/Firewall filter_rule.volt

Firewall: Rules: group rules by default and fix "select all" logic (#10372)

This commit adds top-level groups that are always shown and visible, such as automatically generated, floating, group & interface rules. This first-level tree is not subject to local storage persistence, but state is kept to make sure these trees don't collapse if there are data changes in the grid to improve overall UX. The "category view" (previously "Tree view") is moved to a tree nested under the top-level groups. This tree is subject to local storage persistence.

Whether a top-level tree expands by default is determined by the interface type selection. If a user selects "floating rules", the floating rules section will expand, if instead a user selects an interface, the interface rules section will expand, while all other groups are collapsed.

This commit also fixes the case of the "select all" header checkbox, which was removed in the initial implementation as it wasn't functional. If a user now presses it, all selectable rules are selected, but only if they are visible under an expanded tree.
DeltaFile
+183-103src/opnsense/mvc/app/views/OPNsense/Firewall/filter_rule.volt
+6-3src/opnsense/www/js/opnsense_bootgrid.js
+1-1src/etc/inc/filter.lib.inc
+190-1073 files