OPNSense - FreshBSD

OPNSense/core a754a92 — . Makefile, src/etc/inc/plugins.inc.d core.inc

2025-07-03 16:42:56 UTC by Ad Schellevis on ⎇

master

Firewall: Aliases - add Expire option to external aliases to automatically cleanup tables via cron, closes https://github.com/opnsense/core/issues/8831

As expiretable was already used for predefined sshlockout and virusprot tables, we moved the option to the model and made sure the internal ones have their settings in the model as well.
For simplicity, we flush the tables that need to be expired to cron, using either a 15 minute or 1 minute interval, depending on timing.

pfctl offers the same functionality as expiretable now, so lets drop the latter for simplicity.

Delta		File
+20	-0	src/opnsense/mvc/app/views/OPNsense/Firewall/alias.volt
+10	-2	src/etc/inc/plugins.inc.d/core.inc
+2	-6	src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/AliasController.php
+4	-0	src/opnsense/mvc/app/models/OPNsense/Firewall/static_aliases/core.json
+4	-0	src/opnsense/mvc/app/models/OPNsense/Firewall/Alias.xml
+0	-1	Makefile
+40	-9	6 files

OPNSense/core 05ddadf — src/opnsense/mvc/app/views/OPNsense/IPsec spd.volt

2025-07-03 13:56:07 UTC by Stephan de Wit on ⎇

master

ipsec: tooltip trigger not necessary anymore since 699b690

Delta		File
+0	-3	src/opnsense/mvc/app/views/OPNsense/IPsec/spd.volt
+0	-3	1 files

OPNSense/core 04ff7ab — src/opnsense/mvc/app/models/OPNsense/Dnsmasq/FieldTypes DomainIPField.php

2025-07-03 12:54:03 UTC by Monviech on ⎇

dnsmasq-fix-domain-ip-field

dnsmasq: Fix DomainIPField, allow IP address to be emptied

Delta		File
+1	-2	src/opnsense/mvc/app/models/OPNsense/Dnsmasq/FieldTypes/DomainIPField.php
+1	-2	1 files

OPNSense/core 6379eb5 — src/opnsense/mvc/app/models/OPNsense/Dnsmasq Dnsmasq.php

2025-07-03 12:46:11 UTC by Monviech via GitHub on ⎇

master

dnsmasq: Fix missing condition in ipset validation (#8907)

Delta		File
+1	-1	src/opnsense/mvc/app/models/OPNsense/Dnsmasq/Dnsmasq.php
+1	-1	1 files

OPNSense/core 1bf388a — src/opnsense/mvc/app/models/OPNsense/Dnsmasq Dnsmasq.php

2025-07-03 12:25:06 UTC by Monviech on ⎇

dnsmasq-fix-ipset-validation

dnsmasq: Fix missing condition in ipset validation

Delta		File
+1	-1	src/opnsense/mvc/app/models/OPNsense/Dnsmasq/Dnsmasq.php
+1	-1	1 files

OPNSense/plugins 6864606 — security/stunnel Makefile, security/stunnel/src/opnsense/mvc/app/models/OPNsense/Stunnel Stunnel.xml

2025-07-03 12:21:44 UTC by Patrick M. Hausen via GitHub on ⎇

master

security/stunnel Add LDAP and NNTP to supported STARTTLS protocols (#4788)

Delta		File
+3	-1	security/stunnel/src/opnsense/mvc/app/models/OPNsense/Stunnel/Stunnel.xml
+1	-2	security/stunnel/Makefile
+4	-3	2 files

OPNSense/core 7d8f487 — src/opnsense/www/js opnsense_bootgrid.js

2025-07-03 12:19:33 UTC by Stephan de Wit on ⎇

master

ui: fix last page pagination values on non-ajax grids

Delta		File
+1	-1	src/opnsense/www/js/opnsense_bootgrid.js
+1	-1	1 files

OPNSense/core 9a06de0 — src/opnsense/www/js opnsense_bootgrid.js

2025-07-03 12:02:16 UTC by Stephan de Wit on ⎇

master

ui: add missing statusMapping functionality for new bootgrid

Delta		File
+8	-1	src/opnsense/www/js/opnsense_bootgrid.js
+8	-1	1 files

OPNSense/core 13135e1 — src/opnsense/mvc/app/views/OPNsense/Firewall filter_rule.volt

2025-07-03 11:50:34 UTC by Monviech on ⎇

automation-improve-grid-reload-behavior

automation/filter: Use fetch_options for category selectpicker, simplify the reconfigureActInProgress logic

Delta		File
+33	-43	src/opnsense/mvc/app/views/OPNsense/Firewall/filter_rule.volt
+33	-43	1 files

OPNSense/core fae7b60 — src/opnsense/mvc/app/controllers/OPNsense/Core/Api FirmwareController.php, src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes BaseSetField.php IPPortField.php

2025-07-02 19:10:28 UTC by Monviech on ⎇

automation-improve-grid-reload-behavior

Merge remote-tracking branch 'origin/master' into automation-improve-grid-reload-behavior

Delta		File
+115	-0	src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes/BaseSetField.php
+34	-54	src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes/IPPortField.php
+3	-74	src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes/NetworkField.php
+10	-62	src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes/HostnameField.php
+23	-33	src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes/CSVListField.php
+28	-21	src/opnsense/mvc/app/controllers/OPNsense/Core/Api/FirmwareController.php
+213	-244	28 files not shown
+387	-387	34 files

OPNSense/core 51724b5 — src/opnsense/mvc/app/controllers/OPNsense/Core/Api FirmwareController.php, src/opnsense/mvc/app/views/OPNsense/Core firmware.volt

2025-07-02 17:10:42 UTC by Ad Schellevis on ⎇

master

System: Firmware: Plugins - Add checkbox to show tier3 and development plugins, which are now hidden by default.

* minor style cleanups in the controller array() vs []
* Change tier handling in the controller, only trust tiers from OPNsense, set Zenarmors plugins to fixed tier 2
* Change -devel packages to tier "DEV"

Delta		File
+28	-21	src/opnsense/mvc/app/controllers/OPNsense/Core/Api/FirmwareController.php
+21	-2	src/opnsense/mvc/app/views/OPNsense/Core/firmware.volt
+49	-23	2 files

OPNSense/core a97d38d — src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api FilterController.php

2025-07-02 16:01:03 UTC by Monviech via GitHub on ⎇

master

automation/filter: Filter out empty category names (#8905)

Delta		File
+1	-2	src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/FilterController.php
+1	-2	1 files

OPNSense/core ab3bc16 — src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api FilterController.php

2025-07-02 14:57:52 UTC by Monviech on ⎇

automation-fix-category-bug

automation/filter: Filter out empty category names

Delta		File
+1	-2	src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/FilterController.php
+1	-2	1 files

OPNSense/core c3ac12b — src/opnsense/mvc/app/models/OPNsense/Monit Monit.xml

2025-07-02 14:45:58 UTC by Franco Fichtner on ⎇

master

monit: style issue in model

Delta		File
+1	-3	src/opnsense/mvc/app/models/OPNsense/Monit/Monit.xml
+1	-3	1 files

OPNSense/core 43838c0 — src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes BaseSetField.php, src/opnsense/mvc/tests/app/models/OPNsense/Base/FieldTypes IPPortFieldTest.php HostnameFieldTest.php

2025-07-02 14:23:45 UTC by Franco Fichtner on ⎇

master

mvc: add isList() to BaseSetField for testing #8897

Delta		File
+25	-0	src/opnsense/mvc/tests/app/models/OPNsense/Base/FieldTypes/IPPortFieldTest.php
+11	-0	src/opnsense/mvc/tests/app/models/OPNsense/Base/FieldTypes/HostnameFieldTest.php
+11	-0	src/opnsense/mvc/tests/app/models/OPNsense/Base/FieldTypes/NetworkFieldTest.php
+9	-0	src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes/BaseSetField.php
+2	-1	src/opnsense/mvc/tests/app/models/OPNsense/Base/FieldTypes/CSVListFieldTest.php
+58	-1	5 files

OPNSense/core 153d3cc — src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes IPPortField.php, src/opnsense/mvc/tests/app/models/OPNsense/Base/FieldTypes IPPortFieldTest.php

2025-07-02 14:23:45 UTC by Franco Fichtner on ⎇

master

mvc: allow PortOptional=Y for IPPortField

PR: https://github.com/opnsense/plugins/pull/4698
PR: https://github.com/opnsense/plugins/pull/4445

Delta		File
+31	-9	src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes/IPPortField.php
+24	-0	src/opnsense/mvc/tests/app/models/OPNsense/Base/FieldTypes/IPPortFieldTest.php
+55	-9	2 files

OPNSense/core 612cce7 — src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes CSVListField.php, src/opnsense/mvc/tests/app/models/OPNsense/Base/FieldTypes CSVListFieldTest.php

2025-07-02 14:23:45 UTC by Franco Fichtner on ⎇

master

mvc: convert CSVListField to use BaseSetField #8897

Add a mask validation test while at it.

Delta		File
+23	-33	src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes/CSVListField.php
+29	-0	src/opnsense/mvc/tests/app/models/OPNsense/Base/FieldTypes/CSVListFieldTest.php
+52	-33	2 files

OPNSense/core bb5e03a — src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes BaseSetField.php NetworkField.php, src/opnsense/mvc/app/models/OPNsense/OpenVPN OpenVPN.xml

2025-07-02 14:23:45 UTC by Franco Fichtner on ⎇

master

mvc: new base class for separator/list based fields #8897

Delta		File
+106	-0	src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes/BaseSetField.php
+3	-74	src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes/NetworkField.php
+10	-62	src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes/HostnameField.php
+3	-46	src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes/MacAddressField.php
+3	-45	src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes/IPPortField.php
+0	-11	src/opnsense/mvc/app/models/OPNsense/OpenVPN/OpenVPN.xml
+125	-238	18 files not shown
+134	-276	24 files

OPNSense/core 34b077d — src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes IPPortField.php, src/opnsense/mvc/tests/app/models/OPNsense/Base/FieldTypes IPPortFieldTest.php

2025-07-02 14:18:45 UTC by Franco Fichtner on ⎇

baseextlistfield

mvc: allow PortOptional=Y for IPPortField

PR: https://github.com/opnsense/plugins/pull/4698
PR: https://github.com/opnsense/plugins/pull/4445

Delta		File
+31	-9	src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes/IPPortField.php
+24	-0	src/opnsense/mvc/tests/app/models/OPNsense/Base/FieldTypes/IPPortFieldTest.php
+55	-9	2 files

OPNSense/core 25a927c — src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes BaseSetField.php, src/opnsense/mvc/tests/app/models/OPNsense/Base/FieldTypes IPPortFieldTest.php HostnameFieldTest.php

2025-07-02 13:51:59 UTC by Franco Fichtner on ⎇

baseextlistfield

mvc: add isList() to BaseSetField for testing #8897

Delta		File
+25	-0	src/opnsense/mvc/tests/app/models/OPNsense/Base/FieldTypes/IPPortFieldTest.php
+11	-0	src/opnsense/mvc/tests/app/models/OPNsense/Base/FieldTypes/HostnameFieldTest.php
+11	-0	src/opnsense/mvc/tests/app/models/OPNsense/Base/FieldTypes/NetworkFieldTest.php
+9	-0	src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes/BaseSetField.php
+2	-1	src/opnsense/mvc/tests/app/models/OPNsense/Base/FieldTypes/CSVListFieldTest.php
+58	-1	5 files

OPNSense/core 6bf3780 — src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes BaseSetField.php, src/opnsense/mvc/tests/app/models/OPNsense/Base/FieldTypes HostnameFieldTest.php IPPortFieldTest.php

2025-07-02 13:43:24 UTC by Franco Fichtner on ⎇

baseextlistfield

mvc: add isList() to BaseSetField for testing #8897

Delta		File
+11	-0	src/opnsense/mvc/tests/app/models/OPNsense/Base/FieldTypes/HostnameFieldTest.php
+11	-0	src/opnsense/mvc/tests/app/models/OPNsense/Base/FieldTypes/IPPortFieldTest.php
+11	-0	src/opnsense/mvc/tests/app/models/OPNsense/Base/FieldTypes/NetworkFieldTest.php
+9	-0	src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes/BaseSetField.php
+2	-1	src/opnsense/mvc/tests/app/models/OPNsense/Base/FieldTypes/CSVListFieldTest.php
+44	-1	5 files

OPNSense/plugins dd2b7f8 — security/acme-client/src/opnsense/mvc/app/controllers/OPNsense/AcmeClient/Api SettingsController.php, security/acme-client/src/opnsense/mvc/app/library/OPNsense/AcmeClient Utils.php SftpUploader.php

2025-07-02 12:44:24 UTC by Frank Wall via GitHub on ⎇

master

Merge pull request #4755 from fraenki/acme_4_10

security/acme-client: release 4.10

Delta		File
+70	-29	security/acme-client/src/opnsense/mvc/app/controllers/OPNsense/AcmeClient/Api/SettingsController.php
+7	-72	security/acme-client/src/opnsense/mvc/app/library/OPNsense/AcmeClient/Utils.php
+41	-22	security/acme-client/src/opnsense/mvc/app/library/OPNsense/AcmeClient/SftpUploader.php
+25	-22	security/acme-client/src/opnsense/mvc/app/library/OPNsense/AcmeClient/LeAccount.php
+44	-0	security/acme-client/src/opnsense/mvc/app/library/OPNsense/AcmeClient/LeValidation/DnsWebsupport.php
+21	-18	security/acme-client/src/opnsense/scripts/OPNsense/AcmeClient/upload_sftp.php
+208	-163	14 files not shown
+340	-212	20 files

OPNSense/plugins 7cd4589 — www/OPNProxy Makefile, www/squid Makefile

2025-07-02 12:33:46 UTC by Franco Fichtner on ⎇

master

www: bring os-squid and os-OPNProxy to tier 3

Delta		File
+0	-1	www/OPNProxy/Makefile
+0	-1	www/squid/Makefile
+0	-2	2 files

OPNSense/plugins e3717e6 — security/acme-client/src/opnsense/mvc/app/library/OPNsense/AcmeClient Utils.php SftpUploader.php, security/acme-client/src/opnsense/scripts/OPNsense/AcmeClient upload_sftp.php run_remote_ssh.php

2025-07-02 12:17:18 UTC by Frank Wall on ⎇

master

security/acme-client: assorted logging enhancements

Delta		File
+7	-72	security/acme-client/src/opnsense/mvc/app/library/OPNsense/AcmeClient/Utils.php
+22	-19	security/acme-client/src/opnsense/mvc/app/library/OPNsense/AcmeClient/SftpUploader.php
+21	-18	security/acme-client/src/opnsense/scripts/OPNsense/AcmeClient/upload_sftp.php
+17	-14	security/acme-client/src/opnsense/mvc/app/library/OPNsense/AcmeClient/SSHKeys.php
+12	-10	security/acme-client/src/opnsense/scripts/OPNsense/AcmeClient/run_remote_ssh.php
+9	-9	security/acme-client/src/opnsense/mvc/app/library/OPNsense/AcmeClient/LeAccount.php
+88	-142	7 files not shown
+129	-161	13 files

OPNSense/core cb576b9 — src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes CSVListField.php, src/opnsense/mvc/tests/app/models/OPNsense/Base/FieldTypes CSVListFieldTest.php

2025-07-02 12:06:48 UTC by Franco Fichtner on ⎇

baseextlistfield

mvc: convert CSVListField to use BaseSetField #8897

Add a mask validation test while at it.

Delta		File
+23	-33	src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes/CSVListField.php
+29	-0	src/opnsense/mvc/tests/app/models/OPNsense/Base/FieldTypes/CSVListFieldTest.php
+52	-33	2 files

OPNSense/core 7d4cfdb — src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes BaseSetField.php NetworkField.php, src/opnsense/mvc/app/models/OPNsense/OpenVPN OpenVPN.xml

2025-07-02 12:06:41 UTC by Franco Fichtner on ⎇

baseextlistfield

mvc: new base class for separator/list based fields #8897

Delta		File
+106	-0	src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes/BaseSetField.php
+3	-74	src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes/NetworkField.php
+10	-62	src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes/HostnameField.php
+3	-46	src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes/MacAddressField.php
+3	-45	src/opnsense/mvc/app/models/OPNsense/Base/FieldTypes/IPPortField.php
+0	-11	src/opnsense/mvc/app/models/OPNsense/OpenVPN/OpenVPN.xml
+125	-238	18 files not shown
+134	-276	24 files

OPNSense/core b8974ed — src/opnsense/mvc/app/controllers/OPNsense/Auth/Api PrivController.php

2025-07-02 11:44:13 UTC by Franco Fichtner on ⎇

master

system: replace getCurrentValue() in PrivController

Delta		File
+6	-10	src/opnsense/mvc/app/controllers/OPNsense/Auth/Api/PrivController.php
+6	-10	1 files

OPNSense/core ddc4693 — src/opnsense/mvc/app/controllers/OPNsense/Auth/Api UserController.php

2025-07-02 11:36:39 UTC by Franco Fichtner on ⎇

master

system: switch away from using getCurrentValue() in UserController

Delta		File
+2	-2	src/opnsense/mvc/app/controllers/OPNsense/Auth/Api/UserController.php
+2	-2	1 files

OPNSense/src e13f0de — sys/netpfil/pf pf_table.c

2025-07-02 11:01:11 UTC by Franco Fichtner on ⎇

volatile/25.7

pf: align sanity checks for pfrw_free

Delta		File
+7	-3	sys/netpfil/pf/pf_table.c
+7	-3	1 files

OPNSense/src 94a56b8 — sys/net pfvar.h, sys/netpfil/pf pf.c

2025-07-02 11:01:11 UTC by Franco Fichtner on ⎇

volatile/25.7

pf: backport changes around the following commit #242

 commit 49f39043a02d6011c1907e1b07eb034652a1269c
 Author: phessler <phessler at openbsd.org>
 Date:   Fri Apr 28 14:08:34 2023 +0000

    Relax the "pass all" rule so all forms of neighbor advertisements are allowed
    in either direction.

    This more closely matches the IPv4 ARP behaviour.

    From sashan@
    discussed with kn@ deraadt@

Delta		File
+38	-2	sys/netpfil/pf/pf.c
+3	-1	sys/net/pfvar.h
+41	-3	2 files