OPNSense/core 4af1fb0src/etc rc.bootup, src/etc/inc interfaces.inc

ipsec: plugin use indirect calls

OPNSense/core 7218726src/opnsense/mvc/app/library/OPNsense/Auth LDAP.php

system: style update

OPNSense/ports 8d0e7d2sysutils/syslog-ng Makefile

sysutils/syslog-ng: sync with upstream

Taken from: HardenedBSD

OPNSense/ports 444f551net/py-speedtest-cli distinfo Makefile

net/py-speedtest-cli: sync with upstream

Taken from: HardenedBSD

OPNSense/ports 4927aabmisc/p5-Array-Diff distinfo Makefile

misc/p5-Array-Diff: sync with upstream

Taken from: HardenedBSD

OPNSense/ports 6f3651fgraphics/drm-devel-kmod Makefile, science/afni pkg-plist Makefile

*/*: sync with upstream

Taken from: HardenedBSD

OPNSense/core fb4a9besrc/www status_dhcp_leases.php

dhcp/leases, forgot to replace from-to with address range min, max. for 
https://github.com/opnsense/core/issues/3487

OPNSense/core 446caa9src/www status_dhcp_leases.php

dhcp/leases, simplify interface lookup and make it more consistent. should fix 
https://github.com/opnsense/core/issues/3487

OPNSense/core 9b63e33src/etc/inc/plugins.inc.d dhcpd.inc, src/www services_dhcp.php

Merge branch 'clystron-dhcp_failover_params'

OPNSense/core 7a15556src/etc/inc/plugins.inc.d dhcpd.inc, src/www services_dhcp.php

minor cleanups for https://github.com/opnsense/core/pull/3484 and handle 0 values.

OPNSense/core f886e4dsrc/etc/inc/plugins.inc.d dhcpd.inc, src/www services_dhcp.php

Merge branch 'dhcp_failover_params' of https://github.com/clystron/core into 
clystron-dhcp_failover_params

OPNSense/core 8b22eeb. Makefile

pkg: move python dep to 3
DeltaFile
+2-2Makefile
+2-21 files

OPNSense/core f772b4esrc/sbin pluginctl

system: reduce diff vs. stable
DeltaFile
+1-1src/sbin/pluginctl
+1-11 files

OPNSense/core 2603519src/www status_openvpn.php

openvpn: revamp status page
DeltaFile
+205-200src/www/status_openvpn.php
+205-2001 files

OPNSense/core 98abca9src/etc/inc services.inc, src/etc/inc/xmlrpc service.inc

system: rename a number of service-related functions

OPNSense/tools 364340aconfig/19.1 ports.conf

config: add burp; closes #106

OPNSense/tools abf4e17. Makefile

build: propagate python versions to plugins and core
DeltaFile
+4-2Makefile
+4-21 files

OPNSense/core c5edf13src/www diag_logs_common.inc diag_logs_proxy.php

Squid log webUI in readable date format #1831 (#3326)

(cherry picked from commit 1c1b8bcac95b07e0c63b95519d139273968d1ef6)
(cherry picked from commit 8fe295f70ece19df4cdbb345982f797dd241c71a)

OPNSense/core a4a86dasrc/opnsense/service/conf/actions.d actions_captiveportal.conf

captiveportal, use "onestop" to stop captiveportal, when there's no zone configured "stop" 
would be skipped since the service is disabled. issue seems to be introduced in 
https://github.com/opnsense/core/commit/0299224578b982c1e28681fbb967a49a96b58017

(cherry picked from commit 10108b0615d53640d55ad7b47a77464ba0bbdce3)

OPNSense/core 3fb81e0src/www diag_confbak.php

system: restyle config backup page
DeltaFile
+147-133src/www/diag_confbak.php
+147-1331 files

OPNSense/core b7076ccsrc/www firewall_nat_edit.php firewall_nat.php

filter, port forward. support multiple interfaces per rule, when used and an automatic 
filter rule association is created it will be set as "Floating" + quick. closes 
https://github.com/opnsense/core/issues/1242

(cherry picked from commit 7af64730812680b63d95bb4c8d512e9ed6313615)

OPNSense/core fe34833src/etc/inc system.inc

system: stop using a lock around resolv.conf handling #2267

This might kill a bit of delay in function use by doing an atomic
move to update resolv.conf.  Even if several instances are running
at the same time the contents of the file will be the same now.

I don't expect issues with the DNS route updates either: even if
they are removed or added twice, they will always end up being there.

(cherry picked from commit 5f4315c40ceeb6a9235cdaa4e5d758b777f72b1f)

OPNSense/core 1963974src/etc/inc authgui.inc, src/www index.php

system: login not using cache-safe image yet

(cherry picked from commit 65e31e7bbf125ccb7a58c091c1f8a62231bc0f68)
(cherry picked from commit aa9c83571fb7fcd34b51550e10cb1414b55e97d4)

OPNSense/core 6a0abf0src/opnsense/mvc/app/library/OPNsense/Auth LDAP.php, src/www system_authservers.php

auth / ldap, add group sync

PR: https://github.com/opnsense/core/issues/3471

(cherry picked from commit 5f743941754294bd2651616484c8b97cf53ae26a)
(cherry picked from commit ccdd7f65860bb3e2fc991fb1039011fee49adcac)
(cherry picked from commit 24b90841d16bb9f2ab2dcadf57abf83c11b23c3c)
(cherry picked from commit 1d7f87352819e162fe8a3645f7df195cd4c92016)

OPNSense/core 855c687src/opnsense/service/templates/OPNsense/Auth sudoers, src/www system_advanced_admin.php

system: allow an arbitrary group for sudo like ssh login; closes #3407

(cherry picked from commit 6e727e43d2fde40e9d23ed3554c0404eb4ef153a)

OPNSense/core 95b4ae2src/www diag_logs_common.inc

OPNSense/core 255e9b7src/sbin pluginctl

system: add pluginctl -s support

For legacy components route -s option through plugins_services()
to get a list of services that can be controlled like the GUI
controls.  E.g.:

    # pluginctl dhcpd [start|stop|restart]

PR: https://forum.opnsense.org/index.php?topic=12781.0
DeltaFile
+48-19src/sbin/pluginctl
+48-191 files

OPNSense/plugins b5aa5b3www/nginx pkg-descr Makefile, www/nginx/src/opnsense/mvc/app/controllers/OPNsense/Nginx/forms httpserver.xml

www/nginx: add TLS 1.3 0-RTT handshake support (HTTPS performance) (#1112)

* www/nginx: add TLS 1.3 0-RTT handshake support
* www/nginx: model bug fix
* www/nginx: Release note

OPNSense/ports f6e13c2opnsense/phalcon4 distinfo Makefile

opnsense/phalcon4: update to alpha 5

OPNSense/ports dab2fcfMk/Scripts smart_makepatch.sh

Framework: partially sync with upstream

Taken from: HardenedBSD

OPNSense/ports 7888d7ddevel/p5-DateTime-HiRes Makefile

devel/p5-DateTime-HiRes: sync with upstream

Taken from: HardenedBSD

OPNSense/ports 249e6d1net/wireguard-go distinfo Makefile, net/wireguard-go/files patch-bb42ec7d185ab5f5cd3867ac1258edff86b7f307

net/wireguard-go: sync with upstream

Taken from: HardenedBSD

OPNSense/ports 6bc1a2bgraphics/giflib Makefile

graphics/giflib: sync with upstream

Taken from: HardenedBSD

OPNSense/ports a4c5ca6www/p5-Mojolicious distinfo Makefile

www/p5-Mojolicious: sync with upstream

Taken from: HardenedBSD

OPNSense/ports f0b661atextproc/p5-PPI distinfo Makefile

textproc/p5-PPI: sync with upstream

Taken from: HardenedBSD

OPNSense/ports ee14771net/p5-Net-HTTP pkg-descr Makefile

net/p5-Net-HTTP: sync with upstream

Taken from: HardenedBSD

OPNSense/ports c6d9709devel/p5-Test2-Suite distinfo Makefile

devel/p5-Test2-Suite: sync with upstream

Taken from: HardenedBSD

OPNSense/ports 8416ab8devel/p5-Pod-Coverage Makefile

devel/p5-Pod-Coverage: sync with upstream

Taken from: HardenedBSD

OPNSense/ports 3a8b09cdevel/p5-DateTime-TimeZone Makefile

devel/p5-DateTime-TimeZone: sync with upstream

Taken from: HardenedBSD

OPNSense/ports 5fe1a3bdevel/p5-Data-Dump Makefile

devel/p5-Data-Dump: sync with upstream

Taken from: HardenedBSD

OPNSense/ports a61266carchivers/p5-Archive-Any-Lite Makefile

archivers/p5-Archive-Any-Lite: sync with upstream

Taken from: HardenedBSD

OPNSense/ports 2a6c94cwww/p5-HTTP-Date pkg-descr Makefile

www/p5-HTTP-Date: sync with upstream

Taken from: HardenedBSD

OPNSense/ports e5418d7www/p5-HTTP-Daemon pkg-descr Makefile

www/p5-HTTP-Daemon: sync with upstream

Taken from: HardenedBSD

OPNSense/ports 4c525f5sysutils/py-filelock distinfo Makefile

sysutils/py-filelock: sync with upstream

Taken from: HardenedBSD

OPNSense/ports 5a021b3net/py-pysocks distinfo Makefile

net/py-pysocks: sync with upstream

Taken from: HardenedBSD

OPNSense/ports 0ea1d3bdevel/py-hypothesis distinfo Makefile

devel/py-hypothesis: sync with upstream

Taken from: HardenedBSD

OPNSense/ports ae427falang/perl5.28 Makefile

lang/perl5.28: sync with upstream

Taken from: HardenedBSD

OPNSense/ports 6b48c6cdns/doh-proxy distinfo, lang/gcc8-devel/files patch-amd64-gcc-multilib-support

*/*: sync with upstream

Taken from: HardenedBSD

OPNSense/core 10108b0src/opnsense/service/conf/actions.d actions_captiveportal.conf

captiveportal, use "onestop" to stop captiveportal, when there's no zone configured "stop" 
would be skipped since the service is disabled. issue seems to be introduced in 
https://github.com/opnsense/core/commit/0299224578b982c1e28681fbb967a49a96b58017

OPNSense/core 4175a45src/opnsense/scripts/netflow/lib flowparser.py

system: fix netflow lib permission