OPNSense/core 78c691fsrc/opnsense/www/js opnsense_bootgrid.js

bootgrid: maintain scrolling position for both datatree and command actions. Closes https://github.com/opnsense/core/issues/9151

The usage of scrollToRow has been considered, but this contains
too much magic causing all kinds of jumps in scroll position,
causing a user to lose track of the changes they made. The only
downside to this is that when a datatree is expanded at the bottom
of a grid, the associated rows aren't immediately visible until
manually scrolled to.

(cherry picked from commit 75e60e85194e7f2bf7e20e3891743ce801e05820)
DeltaFile
+14-2src/opnsense/www/js/opnsense_bootgrid.js
+14-21 files

OPNSense/core d6f9433src/opnsense/www/js/widgets Disk.js Memory.js

dashboard:gauge improvements (#10063)

Closes: #8356

*Makes the disk widget become table/bars from grid 2 size onwards
*Adds disk free/used size on the gauge
*Removes parentheses from the memory widget

---------

Co-authored-by: Fabian Rodriguez <317514+MagicFab at users.noreply.github.com>
(cherry picked from commit 7f3bcf5b787145b7cf185854758c3cddefdf1971)
DeltaFile
+13-1src/opnsense/www/js/widgets/Disk.js
+1-1src/opnsense/www/js/widgets/Memory.js
+14-22 files

OPNSense/core 0e999ccsrc/opnsense/mvc/app/views/layout_partials base_apply_button.volt, src/opnsense/www/js opnsense_bootgrid.js

bootgrid: automatic grid height calculation (#10011)

(cherry picked from commit 40a6243a3183dbba563aa551b45f9e237f95efd1)
(cherry picked from commit 2edab3dbff3ee07a1439429b6963a71bf708687e)
(cherry picked from commit 92fa22970b40789fa7479222213cf9cfcfd744f1)
DeltaFile
+71-50src/opnsense/www/js/opnsense_bootgrid.js
+0-4src/opnsense/www/themes/opnsense-dark/build/css/main.css
+0-4src/opnsense/www/themes/opnsense/build/css/main.css
+1-1src/opnsense/mvc/app/views/layout_partials/base_apply_button.volt
+72-594 files

OPNSense/core e6f10adsrc/opnsense/www/js tabulator.min.js tabulator.min.js.map

bootgrid: upgrade Tabulator to version 6.4.0

(cherry picked from commit 5c71f09cc5947903439bd7fc3839fd8f75045ab4)
DeltaFile
+2-2src/opnsense/www/js/tabulator.min.js
+1-1src/opnsense/www/js/tabulator.min.js.map
+3-32 files

OPNSense/core 1799985src/opnsense/mvc/app/models/OPNsense/Kea KeaDhcpv4.xml KeaDhcpv6.xml

Services: Kea: DHCPv4/v6: Use SetConstraint for match_data to allow 0 as valid value (#10035)

(cherry picked from commit 7933d1bc3f0d8b8d9944160e8e24529ceb111291)
(cherry picked from commit d21ce0604318db4c876453e3ac9116ee23922ccf)
DeltaFile
+3-3src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv4.xml
+3-3src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv6.xml
+6-62 files

OPNSense/core 44a7a32Scripts dashboard-acl.sh

Scripts: widgets without endpoint access exist now

(Likely the right fix: just print as informational message)

(cherry picked from commit 4d3601d5ca9bf56ac852ad6cd9e120ee6f52fbd3)
DeltaFile
+1-1Scripts/dashboard-acl.sh
+1-11 files

OPNSense/core 0ea77c6src/opnsense/mvc/app/views/layout_partials base_bootgrid_table.volt

bootgrid: set visibility hidden for base_bootgrid_table

Since the structure is used to initialize the bootgrid, we shouldn't render
the original structure possibly causing a flash of content.

(cherry picked from commit 9861da22a25bed9dedb5d577bc38d9bc7ed381a4)
DeltaFile
+1-1src/opnsense/mvc/app/views/layout_partials/base_bootgrid_table.volt
+1-11 files

OPNSense/core 3def88dsrc/opnsense/site-python duckdb_helper.py

unbound: limit duckdb to a single thread in write mode to reduce logger memory usage

After some testing, it seems the duckdb python API has a tendency to
leak (up to a cap), which seems to be mitigated when we limit to a single thread.
Further testing shows that the single logger.py process doesn't
use parallelization when appending dataframes to the db instance
and as such multiple threads are useless to begin with. The heavier
actions are the read actions, which are separate short-lived processes
and do not suffer from the same issue and likely do require duckdb
parallelism to perform properly, so apply the single thread only to
writers.

(cherry picked from commit 5e781d8321e7b10b0b627bd1e2917cd23a343830)
DeltaFile
+2-0src/opnsense/site-python/duckdb_helper.py
+2-01 files

OPNSense/core 883b1e2src/opnsense/scripts/shell firmware.sh

Fix typo in firmware: fetching changelog message (#10079)

(cherry picked from commit eb8e1ff97d1e95f52a30f094d6fb1682671948e2)
DeltaFile
+1-1src/opnsense/scripts/shell/firmware.sh
+1-11 files

OPNSense/core 40eab23src/opnsense/scripts/firmware check.sh

firmware: repeat the update after pkg reinstall

It appears that the package manager lost a number of tricks
over the years so now we add more manual labor to do what
we expect of it.

(cherry picked from commit c0d5331e1fe7d974a8a153b9d67239b4c3d251a0)
DeltaFile
+2-1src/opnsense/scripts/firmware/check.sh
+2-11 files

OPNSense/core 8e630bfsrc/opnsense/mvc/app/views/OPNsense/Firewall filter_rule.volt nat_rule.volt

Firewall: Rules [new] - change category sorting using names instead of counted rules to align with interface sorting now, for https://github.com/opnsense/core/issues/9719

(cherry picked from commit 41f808613ac91125df259a2af4b1fb23f34103b5)
DeltaFile
+0-9src/opnsense/mvc/app/views/OPNsense/Firewall/filter_rule.volt
+0-8src/opnsense/mvc/app/views/OPNsense/Firewall/nat_rule.volt
+0-172 files

OPNSense/core 7f681cbsrc/opnsense/mvc/app/views/OPNsense/Diagnostics log.volt

system: compress height of the log viewer grid

(cherry picked from commit 2475c5389fc6838f4e5d4d2b9518b74d9836c471)
(cherry picked from commit daefb179cbab05bd80b845a54f78bced0547a30e)
DeltaFile
+9-17src/opnsense/mvc/app/views/OPNsense/Diagnostics/log.volt
+9-171 files

OPNSense/core d8e9ce7src/opnsense/mvc/app/library/OPNsense/System/Status CaptivePortalStatus.php, src/opnsense/mvc/app/views/OPNsense/CaptivePortal clients.volt

Captive portal: IPv6 support (#9745)

Co-authored-by: Alex Goodkind <alex at goodkind.io>

(cherry picked from commit 369630dbd35c0acacc7384aa997f553fdc6ca91a)
(cherry picked from commit 5b07e0917484b90d0e9411c5e2c4f8ed5a07b8c7)
(cherry picked from commit 2ac18ce7e872dcc3db86412708ec4250e47beeeb)
(cherry picked from commit cff0e8d70a9269d8815a0b3b03a4e4e74bac5408)
(cherry picked from commit 6f00e1e3250e2896b726d0cf5046fd77b71438e4)
(cherry picked from commit da2c0bdab340d7bdc536028398299b4051b1eaa9)
(cherry picked from commit e5effd403d42cdab2839eefba75ab7f8bd788a45)
DeltaFile
+385-142src/opnsense/scripts/captiveportal/lib/db.py
+55-56src/opnsense/scripts/captiveportal/lib/arp.py
+41-31src/opnsense/scripts/captiveportal/cp-background-process.py
+56-0src/opnsense/mvc/app/library/OPNsense/System/Status/CaptivePortalStatus.php
+42-8src/opnsense/mvc/app/views/OPNsense/CaptivePortal/clients.volt
+25-12src/opnsense/service/templates/OPNsense/Captiveportal/lighttpd-zone.conf
+604-24914 files not shown
+733-28220 files

OPNSense/core afb11ecsrc/opnsense/mvc/app/models/OPNsense/Base/FieldTypes BaseField.php BaseListField.php, src/opnsense/mvc/tests/app/models/OPNsense/Base/FieldTypes NetworkFieldTest.php TextFieldTest.php

mvc: BaseField: add setValues() for generic use

A small follow-up to make setValues() work like getValues()
including stripping empty values.  Works from everywhere now
and adds a few tests in order to make sure it will keep working.

(cherry picked from commit aefe80cdd8168f26401ab85456c6632c6a259830)
(cherry picked from commit 0f092c3d7d558fdae0925bc36fea616473277369)
DeltaFile
+12-1src/opnsense/mvc/tests/app/models/OPNsense/Base/FieldTypes/NetworkFieldTest.php
+9-2src/opnsense/mvc/tests/app/models/OPNsense/Base/FieldTypes/TextFieldTest.php
+10-0src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes/BaseField.php
+10-0src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes/BaseListField.php
+6-1src/opnsense/mvc/tests/app/models/OPNsense/Base/FieldTypes/AuthGroupFieldTest.php
+6-1src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes/BaseSetField.php
+53-56 files

OPNSense/core ae94a0fsrc/opnsense/mvc/app/models/OPNsense/IPsec/FieldTypes IPsecProposalField.php

ipsec: Adding 4 Insecure proposals (#10062)

Signed-off-by: Bjoern Jakobsen <Bjoern.Jakobsen at lrz.de>
(cherry picked from commit 56ea14fd0bdbc44f5f00f1b0b014761ad962f731)
DeltaFile
+4-0src/opnsense/mvc/app/models/OPNsense/IPsec/FieldTypes/IPsecProposalField.php
+4-01 files

OPNSense/core 4298f0e. plist, src/opnsense/mvc/app/models/OPNsense/Base/Constraints SetConstraint.php DependConstraint.php

mvc: add SetConstraint for #10029

(cherry picked from commit 292a7889b6b0a9856eda7c37638fe290304f6a2c)
(cherry picked from commit ae57fade09abae7767466638a3a04a9c5c609efa)
DeltaFile
+63-0src/opnsense/mvc/app/models/OPNsense/Base/Constraints/SetConstraint.php
+28-29src/opnsense/mvc/app/models/OPNsense/Base/Constraints/DependConstraint.php
+38-0src/opnsense/mvc/tests/app/models/OPNsense/Base/BaseModelTest.php
+20-0src/opnsense/mvc/tests/app/models/OPNsense/Base/BaseModel/TestModel.xml
+5-2src/opnsense/mvc/app/models/OPNsense/Base/Constraints/SetIfConstraint.php
+1-0plist
+155-316 files

OPNSense/core 0b4d248src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes HostnameField.php

mvc: HostnameField: show string that failed validation by default (#9984)

(cherry picked from commit becf53c9a9531503cdef3ce1d7192896ef067115)
DeltaFile
+3-2src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes/HostnameField.php
+3-21 files

OPNSense/core 1885a3dsrc/opnsense/mvc/app/controllers/OPNsense/Unbound/Api SettingsController.php, src/opnsense/mvc/app/models/OPNsense/Unbound Unbound.php

unbound: consolidate override aliases into tree view (#9954)

(cherry picked from commit aa9f8afd7fd9f2e9f8871d3a9224d9d1939cb04b)
(cherry picked from commit 5cbaf605f684fa782d7d82d524cf94b27a1d267a)
(cherry picked from commit dde6f27f31840b4ec2462bfaf499b6fab96f7efd)
DeltaFile
+107-52src/opnsense/mvc/app/views/OPNsense/Unbound/overrides.volt
+121-0src/opnsense/mvc/app/models/OPNsense/Unbound/FieldTypes/AliasReflector.php
+56-27src/opnsense/www/js/opnsense_bootgrid.js
+0-53src/opnsense/mvc/app/models/OPNsense/Unbound/FieldTypes/AliasRefCount.php
+23-0src/opnsense/mvc/app/models/OPNsense/Unbound/Unbound.php
+20-1src/opnsense/mvc/app/controllers/OPNsense/Unbound/Api/SettingsController.php
+327-1335 files not shown
+357-13811 files

OPNSense/core e12e34dsrc/opnsense/mvc/app/models/OPNsense/Base/FieldTypes BaseListField.php

mvc: BaseListField replace empty check with isSet so a 0 value is considered a non empty selection (#10047)

(cherry picked from commit fff53c467fca07dd43ccb0568f4702dc2ca42d87)
DeltaFile
+1-1src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes/BaseListField.php
+1-11 files

OPNSense/core a6c7b66src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes BaseSetField.php, src/opnsense/mvc/app/models/OPNsense/Kea KeaDhcpv6.php KeaDhcpv4.xml

kea: move pool-in-subnet validation logic mostly to KeaPoolsField; closes #10040

While here use getValues() consistently and move the trim() calls to the
latest point in time to avoid generalized trimming of input (the subnet
notation isn't allowed to be trimmed).

An alternative would have been to allow " ?- ?" as a split-regex since the
trim() itself will allow the leading an trailing whitespaces of the pool line,
too.

Suggested by: @Astranox

(cherry picked from commit 9ed851330086919bb7f6e2185ff46a1ea0986a6e)
(cherry picked from commit f5c3fb7c75dd0ddc9d2205e7616ee6b65bdb51b2)
DeltaFile
+32-6src/opnsense/mvc/app/models/OPNsense/Kea/FieldTypes/KeaPoolsField.php
+6-16src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv6.php
+1-2src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv4.xml
+1-2src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv6.xml
+1-1src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv4.php
+1-1src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes/BaseSetField.php
+42-286 files

OPNSense/core 7d6074asrc/opnsense/mvc/app/models/OPNsense/Kea KeaDhcpv4.php KeaDhcpv6.php

Services: Kea: DHCPv4/6: remove KeaCtrlAgent dependency on HA configuration (#10080)

(cherry picked from commit 45b3d35761234e624f015b672a324ffb7722b522)
DeltaFile
+23-25src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv4.php
+23-25src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv6.php
+46-502 files

OPNSense/core 1646b67src/opnsense/mvc/app/controllers/OPNsense/Kea/Api LeasesController.php, src/opnsense/mvc/app/views/OPNsense/Kea leases4.volt leases6.volt

Services: Kea: DHCPv4/6: Add delete lease command, use socket for up to date lease collection (#10019)

Co-authored-by: Stephan de Wit <stephan.de.wit at deciso.com>

(cherry picked from commit 9f10ba9d9c724f064a1a0073c3daef8676ca8729)
(cherry picked from commit fabdca9ad5cc5888b097c35c9abeab76009f69a3)
DeltaFile
+54-45src/opnsense/scripts/kea/get_kea_leases.py
+62-0src/opnsense/scripts/kea/lib/kea_ctrl.py
+55-0src/opnsense/scripts/kea/del_kea_leases.py
+23-6src/opnsense/mvc/app/views/OPNsense/Kea/leases4.volt
+23-6src/opnsense/mvc/app/views/OPNsense/Kea/leases6.volt
+25-0src/opnsense/mvc/app/controllers/OPNsense/Kea/Api/LeasesController.php
+242-575 files not shown
+259-7111 files

OPNSense/core 97736f5src/opnsense/mvc/app/controllers/OPNsense/Kea/forms generalSettings6.xml generalSettings4.xml, src/opnsense/mvc/app/models/OPNsense/Kea KeaDhcpv4.php KeaDhcpv6.php

Services Kea: DHCPv4/6: add sockets max-retries and retry-wait-time options.  (#10078)

(cherry picked from commit 67495766e230e4fa7f1b4a7bcfbaa6f76813d761)
DeltaFile
+16-0src/opnsense/mvc/app/controllers/OPNsense/Kea/forms/generalSettings6.xml
+16-0src/opnsense/mvc/app/controllers/OPNsense/Kea/forms/generalSettings4.xml
+6-1src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv4.php
+6-1src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv6.php
+2-0src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv4.xml
+2-0src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv6.xml
+48-26 files

OPNSense/core 432fdf5src/opnsense/mvc/app/controllers/OPNsense/Unbound/forms advanced.xml, src/opnsense/mvc/app/models/OPNsense/Unbound Unbound.xml

unbound: add Harden Below NXDOMAIN (#10067)

(cherry picked from commit 67425d3b42496168e61988a3eedeaf5c6f20270e)
DeltaFile
+9-0src/opnsense/mvc/app/controllers/OPNsense/Unbound/forms/advanced.xml
+5-1src/opnsense/mvc/app/models/OPNsense/Unbound/Unbound.xml
+1-0src/opnsense/service/templates/OPNsense/Unbound/core/advanced.conf
+15-13 files

OPNSense/core e54c919. LICENSE, src/opnsense/www/js/widgets Notes.js

LICENSE: sync

(and fix email format for @sopex's amusement) :)
DeltaFile
+1-1src/opnsense/www/js/widgets/Notes.js
+1-0LICENSE
+2-12 files

OPNSense/core 4d3601dScripts dashboard-acl.sh

Scripts: widgets without endpoint access exist now

(Likely the right fix: just print as informational message)
DeltaFile
+1-1Scripts/dashboard-acl.sh
+1-11 files

OPNSense/core e39eec1src/opnsense/mvc/app/controllers/OPNsense/Firewall/forms dialogDNatRule.xml

firewall: adjust help text

PR: https://www.reddit.com/r/opnsense/comments/1s2tb0c/destination_nat_and_new_rules/

(cherry picked from commit f46de9471d366735ecdcf0a1333f35255865e6e5)
DeltaFile
+1-1src/opnsense/mvc/app/controllers/OPNsense/Firewall/forms/dialogDNatRule.xml
+1-11 files

OPNSense/core 199a3b3src/opnsense/mvc/app/controllers/OPNsense/Kea/forms dialogSubnet6.xml dialogSubnet4.xml, src/opnsense/mvc/app/models/OPNsense/Kea KeaDhcpv4.php KeaDhcpv6.php

Services: Kea: DDNS: Add subnet specific qualifying suffix and prevent updates if no server is set. (#10038)

(cherry picked from commit 14c9eb1215909c7d2f40ff44eab417d5d9861a18)
DeltaFile
+12-4src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv4.php
+12-4src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv6.php
+10-1src/opnsense/mvc/app/controllers/OPNsense/Kea/forms/dialogSubnet6.xml
+10-1src/opnsense/mvc/app/controllers/OPNsense/Kea/forms/dialogSubnet4.xml
+1-0src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv6.xml
+1-0src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv4.xml
+46-106 files

OPNSense/core fe911a1src/opnsense/mvc/app/controllers/OPNsense/Firewall/forms dialogOneToOneRule.xml dialogSNatRule.xml, src/opnsense/mvc/app/views/OPNsense/Firewall filter_rule.volt

Firewall: Remove tokenizer from categories and use selectpicker instead (#10049)

The issue with the tokenizer is the limit of items that is set to 10 per default, which does not always display all items. And you can increase it, but that also needs CSS changes. Additionally the tokenizer is not maintained anymore, and needs replacement. Cutting it out here decreases the need to clean this up later.

The fix here is that now all categories will be displayed and are searchable via the normal selectpicker search field.

(cherry picked from commit 8c2136139c3094a097984162c3efbc07bfe0ebea)
DeltaFile
+2-8src/opnsense/mvc/app/views/OPNsense/Firewall/filter_rule.volt
+0-1src/opnsense/mvc/app/controllers/OPNsense/Firewall/forms/dialogOneToOneRule.xml
+0-1src/opnsense/mvc/app/controllers/OPNsense/Firewall/forms/dialogSNatRule.xml
+0-1src/opnsense/mvc/app/controllers/OPNsense/Firewall/forms/dialogNptRule.xml
+0-1src/opnsense/mvc/app/controllers/OPNsense/Firewall/forms/dialogDNatRule.xml
+0-1src/opnsense/mvc/app/controllers/OPNsense/Firewall/forms/dialogFilterRule.xml
+2-136 files

OPNSense/core fede3a2src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api FilterController.php

Firewall: Rules [new] - change sorting to interface/group name and stop caring about counted rules, for https://github.com/opnsense/core/issues/9719

Historically this made sense to avoid having to click to all interfaces if this component only serviced a part of it, when moving to this being the standard, this feels less relevant.

(cherry picked from commit e958ea7cb6489eae39821947b752d6e0d81b62d3)
DeltaFile
+1-4src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/FilterController.php
+1-41 files