tests: PortField: test well-known values against system #9835
Obsolete services have been removed which makes them error out.
Not sure if worth migrating or making the whole thing more clever.
Two appear to have been renamed.
mvc: PortField: "wins" is known as "nameserver", sort list #9835
It makes sense to test all of these values in the unittest then
before this breaks during an OS update.
firewall: fix running into error using well known protocols with "-" in them #9835
The ordering is debatable. For now just make sure that we didn't miss the
chance to look up the original one and accept it as is.
log files: fix 'go to page' edge case and row count persistence/max
The log controller defines 5000 rows as the limit to prevent OOM
issues, however, since the front-end knows nothing about this,
setting the row count to "all" will only show the first
5000 result without a way to paginate, even if there are more
log entries. Logically, if the controller defines 5000 as a limit,
the view shouldn't allow "all" as a selection, so override it here.
Furthermore, row count "all" was a boolean, which broke the "go to page"
button. While "all" isn't allowed anymore now, we should check
if the value is a boolean regardless. Also, the grid wasn't
indexing on "rnum" properly, so the grid had no idea where to scroll
to once clicked.
mvc: BaseListField: shared implementation of $internalStaticOptionList, proof of concept for https://github.com/opnsense/core/issues/9816
Wrap static access in protected functions which ensures content is static per inherited class:
hasStaticOptions()
getStaticOptions()
setStaticOptions(array)
resetStaticOptions()
bootgrid: swap order of custom commands placement making sure they participate in command binding
(cherry picked from commit 5b3b163ce0d93d41fcb141807c6d76389178ad1b)
ipfw: Use proper prototype for SYSINIT functions
The only possible return value of function ipfw_init() is 0. Make it
return void to match the prototype of SYSINIT.
MFC after: 1 week
(cherry picked from commit 1bba2194c8a960235f8eae36e7d3e96f347ce779)
(cherry picked from commit 745b6ca4ed933f9f4c1d314dc7b0aa31e8e9e0de)
bsdinstall.8: Minor maintenance
Replace CD-ROMs with "discs, USBs, or network boot environments"
to both modernize aesthetic and also nudge youths to think at scale.
Since I'm disrupting the flow of these lines anyway, expand the VM
acronym because I think this is one of the first manuals people will
be looking at.
Reset list alignment to seven characters. It was at 19 characters,
and that was not enough to align them all, wasting many extra lines
by crunching all the words over. Seven actually bought us some lines
from six due to avg item size. Tag SPDX.
MFC after: 3 days
Discussed with: ivy, zi
(cherry picked from commit 81d9e08a4df42079d5e163b5991d5d6f3a28d4f0)
ip6_mroute: Remove an unhelpful comment
ifnets already track if_allmulti() calls in the if_amcount field. That
field is older than the comment, so I'm not exactly sure what the intent
was; let's just remove it.
MFC after: 2 weeks
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
(cherry picked from commit a45fb94801dffd414bdb1981def0e977ef0c774f)
ip6_mroute: Make MF6CFIND a regular function
This is more natural and corresponds more closely to the v4 multicast
routing code. No functional change intended.
Reviewed by: glebius
MFC after: 2 weeks
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D54983
(cherry picked from commit b370fcc716b9cfd4d08e291f0009f02452c84d64)
siftr: refactor batch log processing
Refactoring to perform the batch processing of
log messaged in two phases. First cycling through a limited
number of collected packets, and only thereafter freeing
the processed packets. This prevents any chance of calling
free while in a critical / spinlocked section.
Reviewed By: tuexen
Sponsored by: NetApp, Inc.
Differential Revision: https://reviews.freebsd.org/D42949
(cherry picked from commit a95cd6e4870b79178860e03366c4327e533ecf1e)
ip_mroute: Make privilege checking more consistent
- The v6 socket option and ioctl handlers had no privilege checks at
all. The socket options, I believe, can only be reached via a raw
socket, but a jailed root user with a raw socket shouldn't be able to
configure multicast routing in a non-VNET jail. The ioctls can only
be used to fetch stats.
- Delete a bogus comment in X_mrt_ioctl(), one can issue multicast
routing ioctls against any socket. Note that the call path is
soo_ioctl()->rtioctl_fib()->mrt_ioctl().
I think all of the mroute privilege checks should be done within the
ip(6)_mroute code, but let's first make the v4 and v6 modules
consistent.
Reviewed by: glebius
MFC after: 2 weeks
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
[3 lines not shown]
