BSD Commit Log Search

Services: Intrusion Detection: Administration - fix regression in https://github.com/opnsense/core/commit/9271d08bf3ff3eedfa069c2d0b6c5c6f428ccfe4, closes https://github.com/opnsense/core/issues/10393

It looks like the action buttons lost their bindings, this commit restores the function, although it removes the batch function which previously splitted the set in parts.
Usually the size of the url shouldn't be that much of an issue.

Firewall: NAT: Source NAT: Hide command footer if snat_mode is automatic. (#10391)

Firewall: NAT: Source NAT: Hide command footer if snat_mode is automatic.

dashboard: explicitly compact on layout shift if there's no predefined layout

dashboard: update result on default restore

rc: use newer min_auto_ashift variable

WARNING: sysctl vfs.zfs.min_auto_ashift is deprecated. Use vfs.zfs.vdev.min_auto_ashift instead.

mvc: Fix idassoc.php converting already decimal stored prefix_id via hexdec(), add unit test for idassoc.php (#10389)


---------

Co-authored-by: Franco Fichtner <franco at opnsense.org>

plist-fix

Firewall: NAT: Destination NAT: Display effective port when local-port is omitted (#10237)

pkg: of course, of course

firmware: add 26.7 fingerprint

git: less ignore for our pkg files

This has been a problem for a decade.  Time to make this easier.

firmware: allow "local" business mirror subscription

While here remove the allow_custom softcoding which was always
enabled anyday.

Update src/opnsense/mvc/app/library/OPNsense/Interface/Idassoc.php

Co-authored-by: Franco Fichtner <franco at opnsense.org>

Update src/opnsense/mvc/app/library/OPNsense/Interface/Idassoc.php

Co-authored-by: Franco Fichtner <franco at opnsense.org>

mvc: Fix idassoc.php converting already decimal stored prefix_id via hexdec(), adjust unit test

mvc: style sweep

mvc: Add test for idassoc.php

firmware: allow local business mirror

Firewall: Add migration assistant banner to legacy rules page (#10388)

Firewall: Rules: group rules by default and fix "select all" logic (#10372)

This commit adds top-level groups that are always shown and visible, such as automatically generated, floating, group & interface rules. This first-level tree is not subject to local storage persistence, but state is kept to make sure these trees don't collapse if there are data changes in the grid to improve overall UX. The "category view" (previously "Tree view") is moved to a tree nested under the top-level groups. This tree is subject to local storage persistence.

Whether a top-level tree expands by default is determined by the interface type selection. If a user selects "floating rules", the floating rules section will expand, if instead a user selects an interface, the interface rules section will expand, while all other groups are collapsed.

This commit also fixes the case of the "select all" header checkbox, which was removed in the initial implementation as it wasn't functional. If a user now presses it, all selectable rules are selected, but only if they are visible under an expanded tree.

Firewall: Add migration assistant banner to legacy rules page

Interfaces: Assignments - change model name for clarity

MVC:ui - [WIP] refactor base_dialog and parseFormNode to simplify the template for https://github.com/opnsense/core/issues/9955

Interfaces: Assignments - rename "Interface" to "Device", but keep "if" as key to align with data underneath. for https://github.com/opnsense/core/pull/10366

Interfaces: Assignments - fix empty descriptions, which should show as upper case id, for https://github.com/opnsense/core/pull/10366

Firewall: NAT: Source NAT: Add migration for Outbound NAT into Source NAT page (#10373)

Firewall: add Source NAT mode bridge and outbound NAT migration

Reflect legacy `nat.outbound.mode` into the Firewall MVC model as volatile
`general.snat_mode` and expose it in the new Source NAT view. Persist the value
back into the legacy configuration through `serializeToConfig()` using a scoped
general-section setter to avoid unrelated model validation.

Adjust the Source NAT grid output based on the selected mode. Automatic and
hybrid modes include synthetic automatic rule rows for display purposes, while
advanced mode only shows manual rules and disabled mode hides the grid.

Extend the migration assistant with an outbound NAT migration tab and add a
configd exporter for legacy `nat.outbound.rule` entries. Exported rows
use empty UUIDs so imports create fresh MVC rule identifiers.

Add missing Source NAT parity fields for `tag` and `nosync`, include them in
generated rows, and export them from legacy outbound NAT rules.

    [22 lines not shown]

interfaces: another cleanup

LICENSE: sync

mvc: style sweep