firewall: adjust alias rename according to address_to_pconfig(); closes #10024
Looking at stable/25.7 where all three components where still in
the tree they all use the function which could potentially write
'address'. It's better than not having those and strive for
consistency although in practice this will die with the removal
of legacy rules support.
(cherry picked from commit b4afba8a61f984321835fde89bf935a94edb0ab1)
firewall: invalidate rule stats cache for legacy rules page
Since 5baba39831dff added the TTL but the page should fetch per
inspect push this restores the old behaviour. We could move the
controller to the legacy plugin so that it is not forgotten on
final removal but that's not for now.
(cherry picked from commit 0f4a0ca611545e3e60edacc819e285d8a6f99194)
dashboard: adjust resize logic to observe border box instead of content box
The side effect of swapping the resize logic to after the tick was
that the disk widget remained in an expanded state, so revert this.
However, the interfaces widget still had a feedback loop due to
the inserted scrollbar. Fix this by using borderBoxSize to determine
width without overflow/scrollbar interference.
(cherry picked from commit 0e1e8cfa163bb27b01e33cc0d34fde2eac512e4e)
dashboard: adjust resize logic to observe border box instead of content box
The side effect of swapping the resize logic to after the tick was
that the disk widget remained in an expanded state, so revert this.
However, the interfaces widget still had a feedback loop due to
the inserted scrollbar. Fix this by using borderBoxSize to determine
width without overflow/scrollbar interference.
pf: pf_route() "dst" no longer holds the gateway in 15.x #294
Adjust a little more to accomodate af/naf magic later.
While here also make ip6_get_fwdtag() arguments const.
Use requests.Session for ET-Telemetry requests (#5553)
The current code loops through every telemetry event to submit and makes a standalone POST request, resulting in a DNS lookup for each item. This results in a ton of DNS requests for the same domain every time this script runs, which is every minute due to the cron job that executes it. This patch changes the behavior by establishing a requests Session object and then making the POST requests from that, resulting in a single DNS lookup, and as an added benefit, the script completes much faster.
firewall: invalidate rule stats cache for legacy rules page
Since 5baba39831dff added the TTL but the page should fetch per
inspect push this restores the old behaviour. We could move the
controller to the legacy plugin so that it is not forgotten on
final removal but that's not for now.
pf: a small touchup on shared forwarding code
The issue I see with pf_route() is that it has become a bit uncontrollable
in outcome since 15 with many edge cases and overlaps such as TTL decrement
before sending, dummynet back and forth and af/naf translations. Ideally,
it should be rewritten and aligned with the network stack instead of still
using the OpenBSD way of firing the packets from here.
Shared forwarding is 10 years old now, never considered upstream, but would
have helped structure this code much better by forcing a natural flow through
the stack.