firewall/automation: Consolidate the stats column into a combined always visible one, implement cache invalidation via refresh button (#9272)
* firewall/automation: Consolidate the stats column into a combined always visible one, implement cache invalidation via refresh button
* Update src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/FilterController.php
Co-authored-by: Franco Fichtner <franco at opnsense.org>
* Update src/opnsense/service/conf/actions.d/actions_filter.conf
Co-authored-by: Franco Fichtner <franco at opnsense.org>
* Update src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/FilterController.php
Co-authored-by: Franco Fichtner <franco at opnsense.org>
* Move event binding into headerFormatter, remove all loaded.rs.jquery.bootgrid since nothing in it is needed anymore
* Make click handler safe
[15 lines not shown]
Apply decimals if the base has been exceeded at least once, there are no half bytes or half integers, this only matters if the base changed for better accuracy
unbound: improve CNAME handling of whitelisted domains (https://github.com/opnsense/core/issues/6722)
if a.com is whitelisted, but points to a.b.com through a CNAME, allow
a.b.com.
dnsmasq: Improve Firewall alias (ipset) validations (#9269)
- domain in domainoverrides is changed to the strict HostnameField introduced in 2d2781c to disallow the use of "#" which would add all resolved domains to an ipset alias. The overall strictness of the field now matches hosts.
- ipset ModelRelationField got a name filter adjustment, to exclude all system defined external aliases that start with __
- dnsmasq.conf template does not render server and rebind-domain-ok for entries anymore which are just a domain and the Firewall alias (ipset). Before this change, it would generate a server with an empty IP, which means blocking forwarding. Firewall alias (ipset) needs forwarding to function, otherwise it fails for the chosen domain.
dnsmasq: Improve Firewall alias (ipset) validations
- domain in domainoverrides is changed to the strict HostnameField introduced in 2d2781c to disallow the use of "#" which would add all resolved domains to an ipset alias. The overall strictness of the field now matches hosts.
- ipset ModelRelationField got a name filter adjustment, to exclude all system defined external aliases that start with __
- dnsmasq.conf template does not render server and rebind-domain-ok for entries anymore which are just a domain and the Firewall alias (ipset). Before this change, it would generate a server with an empty IP, which means blocking forwarding. Firewall alias (ipset) needs forwarding to function, otherwise it fails for the chosen domain.