pfSense/pfsense d8f4932src/etc/inc filter.inc

Avoid reloading the filter when its configuration hasn't changed
DeltaFile
+9-4src/etc/inc/filter.inc
+9-41 files

pfSense/pfsense 396f00esrc/etc/inc filter.inc captiveportal.inc

Refactor pf configuration generation. Implement #16307
DeltaFile
+1,240-408src/etc/inc/filter.inc
+10-12src/etc/inc/captiveportal.inc
+1,250-4202 files

pfSense/pfsense 7948ab3src/etc/inc interfaces.inc, src/usr/local/sbin pppoe-handler

get_interface_addresses(): Change use of 'tunnel' for p2p destination addresses to 'dstaddr'

In the php module, the 'tunnel' address attribute returned from
pfSense_get_ifaddrs() has been renamed to 'dstaddr' to more appropriately
reflect that the address is a p2p destination. This change alters the behavior
of get_interface_addresses() to reflect that difference both in consumption of
of the address property and presenting p2p endpoint addresses as interface
attributes as dstaddr and dstaddr6, appropriately. The only consumer of
this, the pppoe_handler script, is adapted to the change as well.
DeltaFile
+9-9src/usr/local/sbin/pppoe-handler
+2-2src/etc/inc/interfaces.inc
+11-112 files

pfSense/pfsense 36f4e96tools/conf/pfPorts poudriere_bulk

poudriere_bulk: start building net/kea-devel (aka kea v3.0.0)
DeltaFile
+1-0tools/conf/pfPorts/poudriere_bulk
+1-01 files

pfSense/pfsense 8b6ab9bsrc/usr/local/www/widgets/javascript thermal_sensors.js

Fix thermal sensor threshold values
DeltaFile
+16-3src/usr/local/www/widgets/javascript/thermal_sensors.js
+16-31 files

pfSense/pfsense 453d102src/etc/inc services.inc

kea: relocate kea lease database path for Kea v2.6.3+. For #16291
DeltaFile
+10-8src/etc/inc/services.inc
+10-81 files

pfSense/pfsense fd59ad0src/etc/inc services.inc

kea: control socket path permissions must now be 750. For #16291
DeltaFile
+13-11src/etc/inc/services.inc
+13-111 files

pfSense/pfsense 4010a07src/etc/inc system.inc

kea: fix some references to the old kea control socket path. For #16291
DeltaFile
+9-9src/etc/inc/system.inc
+9-91 files

pfSense/pfsense b5b48d1src/etc/inc services.inc

kea: relocate control socket to /var/run/kea. Fixes #16291
DeltaFile
+2-2src/etc/inc/services.inc
+2-21 files

pfSense/pfsense ada367csrc/usr/local/pkg miniupnpd.xml

Merge pull request #4737 from Self-Hosting-Group:service-fixes
DeltaFile
+5-6src/usr/local/pkg/miniupnpd.xml
+5-61 files

pfSense/pfsense 146391asrc/usr/local/bin kea2unbound

kea2unbound: use the new unbound fast-reload feature in v1.23
DeltaFile
+197-393src/usr/local/bin/kea2unbound
+197-3931 files

pfSense/pfsense b4798a9src/usr/local/pkg miniupnpd.xml

UPnP IGD & PCP: Improve help text

- Only propose compatible (CGNAT filtering test capable) STUN servers in
  help, use newer wording from RFC 5389 and improve help slightly
- Remove default STUN port as no more needed by bf31326
DeltaFile
+5-6src/usr/local/pkg/miniupnpd.xml
+5-61 files

pfSense/pfsense 3172cadsrc/usr/local/www interfaces_groups_edit.php

Fix editing interface group names

This was previously a pointer to the global config before the config
access rewrite and hence the assignment would modify the config.
DeltaFile
+1-0src/usr/local/www/interfaces_groups_edit.php
+1-01 files

pfSense/pfsense 25901e7src/usr/local/www status_upnp.php

Check correct enable value for UPnP service. Fix #16274

Also move the query code so it's only run when the service is enabled.
DeltaFile
+11-13src/usr/local/www/status_upnp.php
+11-131 files

pfSense/pfsense 7479a79src/usr/local/sbin ppp-ipv6

ppp-ipv6: Reduce indent levels
DeltaFile
+62-55src/usr/local/sbin/ppp-ipv6
+62-551 files

pfSense/pfsense ede3fbfsrc/usr/local/sbin pppoe-handler

Refactor handling of PPPoE ADDR_ADD events. Fix #16265
DeltaFile
+50-25src/usr/local/sbin/pppoe-handler
+50-251 files

pfSense/pfsense 71cedb1src/etc pfSense-rc rc.ramdisk_functions.sh

Improve ZFS handling

- Improve ZFS detection, cleanups
- Better handling of arbitrary root zpool names

Co-Authored-By: R. Christian McDonald <cmcdonald at netgate.com>
DeltaFile
+86-13src/etc/pfSense-rc
+20-18src/etc/rc.ramdisk_functions.sh
+106-312 files

pfSense/pfsense 5ff07bbsrc/usr/local/pfSense/include/www firewall_virtual_ip.inc

Reference the correct VIP in input validation description. Fix #16272

The $vip variable may not reference the $found_carp's VIP since there's no
break in the loop. Fix it by keeping the ID once it's found.
DeltaFile
+4-4src/usr/local/pfSense/include/www/firewall_virtual_ip.inc
+4-41 files

pfSense/pfsense 80a490esrc/usr/local/www/widgets/widgets openvpn.widget.php

Encode OpenVPN names in widget. Fixes #16258
DeltaFile
+2-2src/usr/local/www/widgets/widgets/openvpn.widget.php
+2-21 files

pfSense/pfsense f3e00efsrc/etc/inc dyndns.class

Update list of IPv4-only DDNS endpoints for AAAA updates. Implement #16251

Non "v6" services can be omitted from _curlIpresolveV4 since the request
will already happen over IPv4.
DeltaFile
+10-2src/etc/inc/dyndns.class
+10-21 files

pfSense/pfsense b947a5bsrc/etc/inc filter.inc

Use the correct NAT64 source address. Fix #16250
DeltaFile
+3-1src/etc/inc/filter.inc
+3-11 files

pfSense/pfsense a05fb29src/etc/inc filter.inc

Fix MSS values for IPv6 tunnel types
DeltaFile
+6-1src/etc/inc/filter.inc
+6-11 files

pfSense/pfsense 62b1bc8src/usr/local/sbin pppoe-handler

Avoid loop between pppoe-handler and rc.newwanip. Fix #16235

Once the PPPoE client receives the interface address an ADDR_ADD DEVD
event triggers pppoe-handler which ends up calling rc.newwanip. The
rc.newwanip script calls link_interface_to_vips() which triggers an
ADDR_ADD event for each configured VIP. These VIP events result in a loop
between the scripts. Fix the existing loop by ignoring ADDR_ADD events for
IPv4 VIPs. The IPv6 scripts do not behave this and hence no loop.
DeltaFile
+7-0src/usr/local/sbin/pppoe-handler
+7-01 files

pfSense/pfsense 09d9ca3src/etc/inc config.lib.inc

Write to the correct file in backup_config()

Fix regression from 1c033a063dfefae07edce13736f7a00b734aa5d9
DeltaFile
+2-3src/etc/inc/config.lib.inc
+2-31 files

pfSense/pfsense ed6c2ebsrc/usr/local/www firewall_rules_edit.php

Automatically check "Allow IP options" when IGMP is selected. Implement #16110
DeltaFile
+22-2src/usr/local/www/firewall_rules_edit.php
+22-21 files

pfSense/pfsense 12a7fdfsrc/etc/inc filter.inc

Allow matching on IP Options with firewall match rules. Implement #16215
DeltaFile
+1-1src/etc/inc/filter.inc
+1-11 files

pfSense/pfsense 7a9b526src/etc/inc pfsense-utils.inc, src/usr/local/www xmlrpc.php

Improvements to plugin_xmlrpc functions

- The "merged in config" log may not show all merged sections. Fix this by
  not clobbering the "$sections" variable.
- Fix variable expansion in the xmlrpc_recv plugin error logs.
- Pass the return value of "plugin_xmlrpc_recv" to
  "plugin_xmlrpc_recv_done" and introduce the magic string
  "xmlrpc_recv_result" within the return value. This allows packages to
  define the result and act on it after the sync is done. For example the
  package may only want to restart in "plugin_xmlrpc_recv_done" when there
  have been config changes with the call to "plugin_xmlrpc_recv".
DeltaFile
+11-6src/usr/local/www/xmlrpc.php
+9-0src/etc/inc/pfsense-utils.inc
+20-62 files

pfSense/pfsense 1c033a0src/etc/inc config.lib.inc unbound.inc

Sync writes for critical data

PHP 8.1 introduced native support for fsync(); use this to bring back the
functionality removed with c5663bf5c9a830d5c265bd26e875ce271081eb3f.
DeltaFile
+31-20src/etc/inc/config.lib.inc
+12-2src/etc/inc/unbound.inc
+43-222 files

pfSense/pfsense d390633src/etc pfSense-rc, src/etc/inc system.inc

Tune ZFS TXG and config dataset settings. Implement #16210

Increase vfs.zfs.txg.timeout so more writes are coalesced before they
are flushed to storage. Also change the ZFS dataset for the config to
always sync to mitigate the increased potential for critical data loss.
DeltaFile
+5-0src/etc/pfSense-rc
+4-0src/etc/inc/system.inc
+9-02 files

pfSense/pfsense 05aff05src/etc/inc acb.inc

Fix ACB timezone conversion. Fix #16209

Lets the client show ACB timestamps using the local timezone.
DeltaFile
+2-2src/etc/inc/acb.inc
+2-21 files