OPNSense/core a7ec185src/opnsense/mvc/app/views/OPNsense/CaptivePortal vouchers.volt, src/opnsense/mvc/app/views/OPNsense/Diagnostics systemactivity.volt routes.volt

bootgrid: clean up converter compatibility code

Only other consumer is Nginx in plugins, but worst case scenario
these timestamps will render as... timestamps, which in that form
are sortable anyway. It's likely this was throwing an error anyway

The "sorters" weren't actually accounted for in the compat
translation, so this wasn't overridable. Fix this here.
DeltaFile
+5-18src/opnsense/www/js/opnsense_bootgrid.js
+3-13src/opnsense/mvc/app/views/OPNsense/CaptivePortal/vouchers.volt
+2-2src/opnsense/mvc/app/views/OPNsense/Diagnostics/systemactivity.volt
+1-1src/opnsense/mvc/app/views/OPNsense/Diagnostics/routes.volt
+11-344 files

OPNSense/core d4c4861src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api FilterController.php, src/opnsense/mvc/app/views/OPNsense/Firewall filter_rule.volt

Ensure translations are passed through all the way to icon formatter in view
DeltaFile
+12-12src/opnsense/mvc/app/views/OPNsense/Firewall/filter_rule.volt
+11-6src/opnsense/scripts/filter/list_non_mvc_rules.php
+6-3src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/FilterController.php
+29-213 files

OPNSense/tools 2eb2b60build common.sh packages.sh

build/packages: allow easy purge even with wildcard

Use with care, but can be useful.  '*' does not pass easily so
let's use '%' instead.
DeltaFile
+1-0build/common.sh
+1-0build/packages.sh
+2-02 files

OPNSense/core a75bb18src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api FilterController.php, src/opnsense/scripts/filter list_non_mvc_rules.php

Firewall: Rules [new]: Fix action, ipprotocol and protocol translations. Fix Automatically generated rules category.
DeltaFile
+7-5src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/FilterController.php
+3-0src/opnsense/scripts/filter/list_non_mvc_rules.php
+10-52 files

OPNSense/ports 2c08deeopnsense/dnsmasq Makefile

opnsense/dnsmasq: apparently this trick works

While people are discouraged to use PORTNAME.  (:
DeltaFile
+2-3opnsense/dnsmasq/Makefile
+2-31 files

OPNSense/core d67741dsrc/etc/inc console.inc

shell: fix typo in port assignment

PR: https://forum.opnsense.org/index.php?topic=51867.0
(cherry picked from commit 1aa4254289cdf018a09e59c3c89798e9435dc459)
DeltaFile
+1-1src/etc/inc/console.inc
+1-11 files

OPNSense/core 1aa4254src/etc/inc console.inc

shell: fix typo in port assignment

PR: https://forum.opnsense.org/index.php?topic=51867.0
DeltaFile
+1-1src/etc/inc/console.inc
+1-11 files

OPNSense/core 1fe9b82src/opnsense/www/js opnsense_bootgrid.js

bootgrid: align datakey with the rest of the options, but allow top-level placement
DeltaFile
+4-3src/opnsense/www/js/opnsense_bootgrid.js
+4-31 files

OPNSense/core 6dcd9b8src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api FilterController.php

Firewall: Rules [new] - rules with multiple interfaces selected are considered floating and seem to be omitted from the list since https://github.com/opnsense/core/commit/dad956e3143e7aa26f6be140e4c0ff48d1758e22

(cherry picked from commit 3f7958486169661dab552179b34f51b334c5e3ca)
(cherry picked from commit b8ba9f0ca7509c0076c58b0131e779d4ffdc0438)
DeltaFile
+2-0src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/FilterController.php
+2-01 files

OPNSense/core 5bb2e48src/opnsense/mvc/app/models/OPNsense/Kea KeaCtrlAgent.php KeaDdns.php

Services: Kea DHCPv4/6: When serializing the config to json, use JSON_UNESCAPED_UNICODE. (#10297)

KEA uses an input validation that checks the configuration for escaped unicode characters starting with 00, these are considered valid.
Any other escaped unicode character will refuse the whole config to be loaded.

Ref: https://github.com/isc-projects/kea/blob/476ff110e90b3412fcd1d089b276e86709df5c7f/src/lib/cc/data.cc#L471-L484
(cherry picked from commit bc267021002e66e28efaf3860818d91c14af9707)
DeltaFile
+1-1src/opnsense/mvc/app/models/OPNsense/Kea/KeaCtrlAgent.php
+1-1src/opnsense/mvc/app/models/OPNsense/Kea/KeaDdns.php
+1-1src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv4.php
+1-1src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv6.php
+4-44 files

OPNSense/core 5dd595fsrc/etc/inc interfaces.inc

interfaces: follow up on DHCP option sanitization

@sopex noted a) that two semicolons were missing which were likely
lost to a refactoring step and b) allowing "medi;a" to avoid the
sanity scan for option modifiers.  To fix that second part we use
the normalization of interfaces_dhcp_safe() directly before returning
the parsed arguments to the caller.  That way the result is clear
and easy to check.

PR: GHSA-5rx3-w735-74wm
(cherry picked from commit 9e7fad6c3188e148f5066e948cebba19f8682765)
DeltaFile
+4-3src/etc/inc/interfaces.inc
+4-31 files

OPNSense/core d08801asrc/opnsense/www/js opnsense_bootgrid.js

bootgrid: onRendered executed in wrong spot, pass function instead of calling it

(cherry picked from commit adb54850a12dddd03dab0c41d9094bcd5f026ddb)
DeltaFile
+1-1src/opnsense/www/js/opnsense_bootgrid.js
+1-11 files

OPNSense/core b8ba9f0src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api FilterController.php

mvc: style
DeltaFile
+1-1src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/FilterController.php
+1-11 files

OPNSense/core 9e7fad6src/etc/inc interfaces.inc

interfaces: follow up on DHCP option sanitization

@sopex noted a) that two semicolons were missing which were likely
lost to a refactoring step and b) allowing "medi;a" to avoid the
sanity scan for option modifiers.  To fix that second part we use
the normalization of interfaces_dhcp_safe() directly before returning
the parsed arguments to the caller.  That way the result is clear
and easy to check.

PR: GHSA-5rx3-w735-74wm
DeltaFile
+4-3src/etc/inc/interfaces.inc
+4-31 files

OPNSense/tools 5efec77config/26.1 ports.conf

config: add devel/esbuild for tinkering
DeltaFile
+1-0config/26.1/ports.conf
+1-01 files

OPNSense/core bc26702src/opnsense/mvc/app/models/OPNsense/Kea KeaCtrlAgent.php KeaDdns.php

Services: Kea DHCPv4/6: When serializing the config to json, use JSON_UNESCAPED_UNICODE. (#10297)

KEA uses an input validation that checks the configuration for escaped unicode characters starting with 00, these are considered valid.
Any other escaped unicode character will refuse the whole config to be loaded.

Ref: https://github.com/isc-projects/kea/blob/476ff110e90b3412fcd1d089b276e86709df5c7f/src/lib/cc/data.cc#L471-L484
DeltaFile
+1-1src/opnsense/mvc/app/models/OPNsense/Kea/KeaCtrlAgent.php
+1-1src/opnsense/mvc/app/models/OPNsense/Kea/KeaDdns.php
+1-1src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv4.php
+1-1src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv6.php
+4-44 files

OPNSense/core adb5485src/opnsense/www/js opnsense_bootgrid.js

bootgrid: onRendered executed in wrong spot, pass function instead of calling it
DeltaFile
+1-1src/opnsense/www/js/opnsense_bootgrid.js
+1-11 files

OPNSense/core 6f38796src/opnsense/mvc/app/models/OPNsense/Kea KeaCtrlAgent.php KeaDdns.php

Services: Kea DHCPv4/6: When serializing the config to json, use JSON_UNESCAPED_UNICODE.

KEA uses an input validation that checks the configuration for escaped unicode characters starting with 00, these are considered valid
Any other escaped unicode character will refuse the whole config to be loaded.

Ref: https://github.com/isc-projects/kea/blob/476ff110e90b3412fcd1d089b276e86709df5c7f/src/lib/cc/data.cc#L471-L484
DeltaFile
+1-1src/opnsense/mvc/app/models/OPNsense/Kea/KeaCtrlAgent.php
+1-1src/opnsense/mvc/app/models/OPNsense/Kea/KeaDdns.php
+1-1src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv4.php
+1-1src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv6.php
+4-44 files

OPNSense/core 3f79584src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api FilterController.php

Firewall: Rules [new] - rules with multiple interfaces selected are considered floating and seem to be omitted from the list since https://github.com/opnsense/core/commit/dad956e3143e7aa26f6be140e4c0ff48d1758e22
DeltaFile
+2-0src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/FilterController.php
+2-01 files

OPNSense/core 318f458src/etc/inc interfaces.inc, src/etc/inc/plugins.inc.d captiveportal.inc

Merge remote-tracking branch 'origin/master' into kea-dynamic-poc
DeltaFile
+126-122src/etc/inc/interfaces.inc
+45-42src/etc/inc/plugins.inc.d/captiveportal.inc
+34-31src/opnsense/mvc/app/controllers/OPNsense/CaptivePortal/Api/AccessController.php
+14-12src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/AliasController.php
+11-7src/opnsense/service/templates/OPNsense/Captiveportal/lighttpd-zone.conf
+13-3src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv6.xml
+243-21717 files not shown
+317-25123 files

OPNSense/core b80995fsrc/opnsense/mvc/app/controllers/OPNsense/Kea/forms generalSettings4.xml generalSettings6.xml, src/opnsense/mvc/app/models/OPNsense/Kea KeaDhcpv4.xml KeaDhcpv6.xml

Services: Kea DHCPv4/6: Add decline_probation_period and set lower default to mitigate faulty client implementations to consume the whole pool (#10294)

* Services: Kea DHCPv4/6: Add decline_probation_period and set lower default to mitigate faulty client implementations to consume the whole pool.

* Use isSet() since 0 is allowed
DeltaFile
+8-0src/opnsense/mvc/app/controllers/OPNsense/Kea/forms/generalSettings4.xml
+8-0src/opnsense/mvc/app/controllers/OPNsense/Kea/forms/generalSettings6.xml
+3-0src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv4.xml
+3-0src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv6.xml
+2-0src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv4.php
+2-0src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv6.php
+26-06 files

OPNSense/core 5aa76c2src/opnsense/mvc/app/models/OPNsense/Kea KeaDhcpv4.xml KeaDhcpv6.xml

Services: Kea DHCPv4/6: Some cleanup regarding isEmpty) usage when 0 is allowed in IntegerFields, and ensure no IntegerField accepts negative values. (#10295)
DeltaFile
+10-3src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv4.xml
+10-3src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv6.xml
+3-3src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv6.php
+3-3src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv4.php
+26-124 files

OPNSense/core e478b05src/opnsense/mvc/app/models/OPNsense/Kea KeaDhcpv4.xml KeaDhcpv6.xml

Services: Kea DHCPv4/6: Some cleanup regarding isEmpty) usage when 0 is allowed in IntegerFields, and ensure no IntegerField accepts negative values.
DeltaFile
+10-3src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv4.xml
+10-3src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv6.xml
+3-3src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv4.php
+3-3src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv6.php
+26-124 files

OPNSense/plugins 98698b8security/netbird pkg-descr

security/netbird: start a changelog

(cherry picked from commit f16b0a5cbf1cad1514cfab27a6660c4e43b9bdd7)
DeltaFile
+8-0security/netbird/pkg-descr
+8-01 files

OPNSense/plugins f16b0a5security/netbird pkg-descr

security/netbird: start a changelog
DeltaFile
+8-0security/netbird/pkg-descr
+8-01 files

OPNSense/core e9877b8src/opnsense/mvc/app/models/OPNsense/Kea KeaDhcpv4.php KeaDhcpv6.php

Use isSet() since 0 is allowed
DeltaFile
+2-2src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv4.php
+2-2src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv6.php
+4-42 files

OPNSense/ports ccf3023opnsense/dnsmasq Makefile

opnsense/dnsmasq: fix downgrade issue
DeltaFile
+2-0opnsense/dnsmasq/Makefile
+2-01 files

OPNSense/core 7936c96src/opnsense/mvc/app/models/OPNsense/Kea KeaDhcpv4.php KeaDhcpv6.php

Fix a classic copy pasta error
DeltaFile
+1-1src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv4.php
+1-1src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv6.php
+2-22 files

OPNSense/core ef6be29src/opnsense/mvc/app/controllers/OPNsense/Kea/forms generalSettings4.xml generalSettings6.xml, src/opnsense/mvc/app/models/OPNsense/Kea KeaDhcpv6.xml KeaDhcpv4.xml

Services: Kea DHCPv4/6: Add decline_probation_period and set lower default to mitigate faulty client implementations to consume the whole pool.
DeltaFile
+8-0src/opnsense/mvc/app/controllers/OPNsense/Kea/forms/generalSettings4.xml
+8-0src/opnsense/mvc/app/controllers/OPNsense/Kea/forms/generalSettings6.xml
+3-0src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv6.xml
+3-0src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv4.xml
+2-0src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv4.php
+2-0src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv6.php
+26-06 files

OPNSense/core 91e8b7bsrc/opnsense/mvc/app/controllers/OPNsense/Kea/forms generalSettings6.xml generalSettings4.xml, src/opnsense/mvc/app/models/OPNsense/Kea KeaDhcpv4.xml KeaDhcpv6.xml

Services: Kea DHCPv4/6: Add decline_probation_period and set lower default (KEA sets 1 day) to mitigate faulty client implementations to consume the whole pool.
DeltaFile
+6-1src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv4.xml
+6-1src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv6.xml
+6-0src/opnsense/mvc/app/controllers/OPNsense/Kea/forms/generalSettings6.xml
+6-0src/opnsense/mvc/app/controllers/OPNsense/Kea/forms/generalSettings4.xml
+24-24 files