BSD Commit Log Search

Allow bridge members with IP addresses. Implement #16432

Fix input validation for NAT64 destination type

When the option to overide the prefix is enabled, the destination type
should remain enabled so that the POST request contains the value and
triggers the correct input validation.

Update the bind parameter after src commit 9ba51cce8bbd

Fix typo with generating the IPv6 interface using 6rd

Add missing include when deleting assigned interface

"firewall_nat.inc" is needed for remove_rdr_rules().

Alert user about NAT64 rules changes from config upgrade

Improve generating the 6rd prefix for OpenVPN by using the configured interface instead of hardcoding the WAN

Add support for OpenVPN to track the WAN interface for IPv6 delegations

Move generating the 6rd prefix out to a new function called generate_6rd_prefix()

Move build_ipv6interface_list() to an include file

Clean up ports build conf

Build net-mgmt/pfSense-pkg-ANDwatch

Only delete a local user on rpc sync if not being modified. Fixes #16391

kea2fib6: use new binding-variables in Kea 3

kea: use binding-variables for storing remote-addr and iface-name

Add upgrade function to handle spaces in PPP passwords

Now that spaces are respected, they should be removed when upgrading from
older configuraitons.

Sanitize pppoe configuration parameters. Fix #16128

Merge pull request #4740 from Godwottery/patch-1

Fix 79d74cbd, the port name needs to be lowercase

Block non-global NAT64 addresses by default. Implement #16241

Add automatic rules to comply with RFC6052's requirement of dropping
packets that would be translated by NAT64 to non-global IPv4 addresses.

It is valid, and allowed in the WebGUI, to configure prefixes with certain
lengths other than /96. Generating automatic rules for all possible prefix
lengths would effectively require implementing  translator logic in PHP as
well. To avoid this, the automatic rules use a predefined set of networks
which are only applicable to the well-known prefix. Hence the automatic
rules are only added when the well-known prefix is used.

This change also improves the input validation and configuration structure
related to NAT64. A configuration upgrade step has been added handle the
migration of old configuration and to fix any configuration that does not
comply with the new input validation.

Correctly mount multiple SWAP devices. Fixes #16232

Correct the detection of SWAPDEVICE when the fstab contains multiple lines including SWAP.

kea2unbound: convert to binding-variables for Kea 3.0

kea: use new binding-variables to store domain-[name|search] in db

Disable GSSAPI in cURL until the switch to MIT stabilizes

kea: relocate kea scripts for Kea 3.0 hardening

Explicitly specify IP and preserve other record types when updating IPv4 or IPv6 using deSEC DDNS. Fix #12495

Merge pull request #4739 from joshtgl/fix-dyndns-custom-interface

Use if instead of dnsRequestIf to lookup interface ip address. Fixes #16368

Update find_interface_ip() to match the behavior of find_interface_ipv6(). Fix #16322

Using the file for the IP address can result in an incorrect or outdated
address even with $flush. Additionally using the address from the file is
hardly beneficial given that pfSense_get_ifaddrs() is called regardless.

Add option to wait for process termination when restarting a service