OPNSense/src 973d13flib/libpfctl libpfctl.h libpfctl.c, sbin/pfctl pf_print_state.c

pf: test rule label export for states

PR: https://forum.opnsense.org/index.php?topic=52351.0
DeltaFile
+5-1sbin/pfctl/pf_print_state.c
+2-0sys/netpfil/pf/pf_nl.c
+1-0sys/netpfil/pf/pf_nl.h
+1-0lib/libpfctl/libpfctl.h
+1-0lib/libpfctl/libpfctl.c
+10-15 files

OPNSense/src 139c0d2lib/libpfctl libpfctl.h libpfctl.c, sbin/pfctl pf_print_state.c

pf: test rule label export for states

PR: https://forum.opnsense.org/index.php?topic=52351.0
DeltaFile
+5-1sbin/pfctl/pf_print_state.c
+1-0lib/libpfctl/libpfctl.h
+1-0sys/netpfil/pf/pf_nl.c
+1-0sys/netpfil/pf/pf_nl.h
+1-0lib/libpfctl/libpfctl.c
+9-15 files

OPNSense/tools 07002c4config/26.7 extras.conf

build/nano: disable hostwatch
DeltaFile
+9-0config/26.7/extras.conf
+9-01 files

OPNSense/src f760315sys/dev/usb usb_pf.c

usb: bpfattach() before if_attach()

PR: https://github.com/opnsense/src/issues/285
DeltaFile
+3-3sys/dev/usb/usb_pf.c
+3-31 files

OPNSense/core c99aaefsrc/root/boot/lua logo-hourglass.lua.in

pkg: missing name from boot logo, oh well :)
DeltaFile
+1-1src/root/boot/lua/logo-hourglass.lua.in
+1-11 files

OPNSense/core 8215982Mk version.mk

pkg: wrap up 26.7
DeltaFile
+2-2Mk/version.mk
+2-21 files

OPNSense/core 386cfbasrc/opnsense/mvc/app/models/OPNsense/Firewall Alias.php

firewall: adjust alias rename according to address_to_pconfig(); closes #10024

Looking at stable/25.7 where all three components where still in
the tree they all use the function which could potentially write
'address'.  It's better than not having those and strive for
consistency although in practice this will die with the removal
of legacy rules support.

(cherry picked from commit b4afba8a61f984321835fde89bf935a94edb0ab1)
DeltaFile
+6-3src/opnsense/mvc/app/models/OPNsense/Firewall/Alias.php
+6-31 files

OPNSense/core 83057basrc/opnsense/mvc/app/controllers/OPNsense/Firewall FilterController.php

Firewall: Rules: Adapt getAdvancedIds() to the sectioned form structure introduced in 3d9cccfe (#10521)

(cherry picked from commit c35c8de07e1cadd9a8cf54d79634ef07cb0c797f)
DeltaFile
+4-4src/opnsense/mvc/app/controllers/OPNsense/Firewall/FilterController.php
+4-41 files

OPNSense/core 0813f67src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api FilterUtilController.php

firewall: invalidate rule stats cache for legacy rules page

Since 5baba39831dff added the TTL but the page should fetch per
inspect push this restores the old behaviour.  We could move the
controller to the legacy plugin so that it is not forgotten on
final removal but that's not for now.

(cherry picked from commit 0f4a0ca611545e3e60edacc819e285d8a6f99194)
DeltaFile
+6-4src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/FilterUtilController.php
+6-41 files

OPNSense/core 73a5accsrc/opnsense/mvc/app/models/OPNsense/Kea KeaDhcpv6.php

Services: Kea DHCPv6: Change dynamic pool range from prefix to range 1000-2000 (#10528)
DeltaFile
+4-2src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv6.php
+4-21 files

OPNSense/core 46dfd1csrc/opnsense/mvc/app/controllers/OPNsense/Diagnostics/Api TrafficController.php, src/opnsense/scripts/interfaces traffic_stats.php

statistics: when interfaces disabled

(cherry picked from commit c5e4dffbd49bd8d37f3b5aac5327fce4c8ff0be1)
(cherry picked from commit 9169c279530fce8dfc5a210dc8ba6f552d40e847)
DeltaFile
+5-1src/opnsense/mvc/app/controllers/OPNsense/Diagnostics/Api/TrafficController.php
+2-2src/opnsense/scripts/interfaces/traffic_stats.php
+7-32 files

OPNSense/core 14573cdsrc/opnsense/www/js opnsense_widget_manager.js, src/opnsense/www/js/widgets Interfaces.js

dashboard: adjust resize logic to observe border box instead of content box

The side effect of swapping the resize logic to after the tick was
that the disk widget remained in an expanded state, so revert this.
However, the interfaces widget still had a feedback loop due to
the inserted scrollbar. Fix this by using borderBoxSize to determine
width without overflow/scrollbar interference.

(cherry picked from commit 0e1e8cfa163bb27b01e33cc0d34fde2eac512e4e)
DeltaFile
+22-20src/opnsense/www/js/opnsense_widget_manager.js
+9-6src/opnsense/www/js/widgets/Interfaces.js
+31-262 files

OPNSense/core 946aeddsrc/etc opnsense-update.conf.in

firmware: prep for final release
DeltaFile
+1-2src/etc/opnsense-update.conf.in
+1-21 files

OPNSense/plugins c577cb0security/intrusion-detection-content-at-antiphishing/src/opnsense/scripts/suricata/metadata/rules julioliraup-antiphing.xml

security/intrusion-detection-content-at-antiphishing: style
DeltaFile
+5-5security/intrusion-detection-content-at-antiphishing/src/opnsense/scripts/suricata/metadata/rules/julioliraup-antiphing.xml
+5-51 files

OPNSense/plugins 5fc71f6security/etpro-telemetry Makefile

security/etpro-telemetry: bump after change
DeltaFile
+1-1security/etpro-telemetry/Makefile
+1-11 files

OPNSense/plugins 301e402net/frr Makefile

net/frr: bump version, document later
DeltaFile
+1-2net/frr/Makefile
+1-21 files

OPNSense/plugins db3b854www/squid Makefile pkg-descr, www/squid/src/opnsense/service/templates/OPNsense/Proxy squid.conf

www/squid: sync with master
DeltaFile
+1-1www/squid/src/opnsense/service/templates/OPNsense/Proxy/squid.conf
+1-0www/squid/Makefile
+1-0www/squid/pkg-descr
+3-13 files

OPNSense/plugins 6f3937fwww/squid Makefile pkg-descr, www/squid/src/opnsense/service/templates/OPNsense/Proxy squid.conf

www/squid: sync with master
DeltaFile
+1-1www/squid/src/opnsense/service/templates/OPNsense/Proxy/squid.conf
+1-0www/squid/Makefile
+1-0www/squid/pkg-descr
+3-13 files

OPNSense/plugins 0fb9682. LICENSE

LICENSE: sync
DeltaFile
+1-0LICENSE
+1-01 files

OPNSense/core 4b00c98src/opnsense/mvc/app/models/OPNsense/Kea KeaDhcpv6.php

Services: Kea DHCPv6: Change dynamic pool range from prefix to range 1000-2000
DeltaFile
+4-2src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv6.php
+4-21 files

OPNSense/tools c1f4bcdconfig/26.7 make.conf

config: enable DOCS for powerdns, LUA forced by port
DeltaFile
+2-1config/26.7/make.conf
+2-11 files

OPNSense/ports 77a853bopnsense/installer Makefile distinfo

opnsense/installer: bump to 26.7
DeltaFile
+2-11opnsense/installer/Makefile
+3-5opnsense/installer/distinfo
+5-162 files

OPNSense/ports 16a83f6opnsense/update Makefile distinfo

onsense/update: time for 26.7
DeltaFile
+2-6opnsense/update/Makefile
+3-5opnsense/update/distinfo
+5-112 files

OPNSense/core 0e1e8cfsrc/opnsense/www/js opnsense_widget_manager.js, src/opnsense/www/js/widgets Interfaces.js

dashboard: adjust resize logic to observe border box instead of content box

The side effect of swapping the resize logic to after the tick was
that the disk widget remained in an expanded state, so revert this.
However, the interfaces widget still had a feedback loop due to
the inserted scrollbar. Fix this by using borderBoxSize to determine
width without overflow/scrollbar interference.
DeltaFile
+22-20src/opnsense/www/js/opnsense_widget_manager.js
+9-6src/opnsense/www/js/widgets/Interfaces.js
+31-262 files

OPNSense/src 12334a5sys/netinet ip_output.c ip_var.h, sys/netinet6 ip6_output.c ip6_var.h

pf: pf_route() "dst" no longer holds the gateway in 15.x #294

Adjust a little more to accomodate af/naf magic later.

While here also make ip6_get_fwdtag() arguments const.
DeltaFile
+16-8sys/netpfil/pf/pf.c
+1-1sys/netinet/ip_output.c
+1-1sys/netinet/ip_var.h
+1-1sys/netinet6/ip6_output.c
+1-1sys/netinet6/ip6_var.h
+20-125 files

OPNSense/plugins c43bf3bsecurity/etpro-telemetry/src/opnsense/scripts/etpro_telemetry send_telemetry.py

Use requests.Session for ET-Telemetry requests (#5553)

The current code loops through every telemetry event to submit and makes a standalone POST request, resulting in a DNS lookup for each item.  This results in a ton of DNS requests for the same domain every time this script runs, which is every minute due to the cron job that executes it.  This patch changes the behavior by establishing a requests Session object and then making the POST requests from that, resulting in a single DNS lookup, and as an added benefit, the script completes much faster.
DeltaFile
+2-1security/etpro-telemetry/src/opnsense/scripts/etpro_telemetry/send_telemetry.py
+2-11 files

OPNSense/core 0f4a0casrc/opnsense/mvc/app/controllers/OPNsense/Firewall/Api FilterUtilController.php

firewall: invalidate rule stats cache for legacy rules page

Since 5baba39831dff added the TTL but the page should fetch per
inspect push this restores the old behaviour.  We could move the
controller to the legacy plugin so that it is not forgotten on
final removal but that's not for now.
DeltaFile
+6-4src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/FilterUtilController.php
+6-41 files

OPNSense/src 5ad8042sys/netpfil/pf pf.c

pf: a small touchup on shared forwarding code

The issue I see with pf_route() is that it has become a bit uncontrollable
in outcome since 15 with many edge cases and overlaps such as TTL decrement
before sending, dummynet back and forth and af/naf translations.  Ideally,
it should be rewritten and aligned with the network stack instead of still
using the OpenBSD way of firing the packets from here.

Shared forwarding is 10 years old now, never considered upstream, but would
have helped structure this code much better by forcing a natural flow through
the stack.
DeltaFile
+10-6sys/netpfil/pf/pf.c
+10-61 files

OPNSense/core 9169c27src/opnsense/mvc/app/controllers/OPNsense/Diagnostics/Api TrafficController.php

src: sweep
DeltaFile
+2-1src/opnsense/mvc/app/controllers/OPNsense/Diagnostics/Api/TrafficController.php
+2-11 files

OPNSense/src 5ae96basys/netpfil/pf pf_lb.c

pf: also apply fed2e93 in pf_match_translation_rule()

PR: https://github.com/opnsense/src/issues/295
DeltaFile
+12-0sys/netpfil/pf/pf_lb.c
+12-01 files