BSD Commit Log Search

interfaces: style in previous #7647

make: happy new year!

Most of the glue in Makefile belongs to version nowadays, but we
haven't moved the barely moving parts yet.  Start with the copyright
block since we're touching it now for the obvious reason.

interfaces: reword slightly

interfaces: remove console log and add clear button for DUID input

interfaces: adjust for ratimeout as well

interfaces: settings: convert to MVC (fixes https://github.com/opnsense/core/issues/9141)

interfaces: annotations and consolidation #7647

interfaces: tab issue #7647

interfaces: prepare for #7647 by clustering the id-assoc blocks

This way we can retroactively render the full sections in the configuration.
Some research still needed for how dhcp6c tracks these numbers (also across
interfaces worst case).

The old $id logic with the increment doesn't make much sense at first glance
given the example config in the ticket.

interfaces: defer manual rtsold script execution; closes #9564

The 10 seconds default comes from the ticket that showed a 5 second delay.
Ideally a few seconds would be better but in order to be on the safe side
10 seconds is also okay.  In most cases we do not need the manual execution
and it would disrupt the already acquired prefix use.

interfaces: defer manual rtsold script execution for a bit #9564

interfaces: defer rtsold scripting for 10 seconds as a test #9564

interfaces: defer rtsold scripting for 10 seconds as a test #9564

Services: Intrusion Detection - hook "divert-to" into our new firewall ui.

Currently we only support a single divert-to target, but if we would like to integrate in the future with other services, it's practical to be able to offer a list of them,
list_divert_sockets.php acts as a stepping stone for this purpose, which now just returns a static list of one (8000 -> idps).

Update src/opnsense/mvc/app/controllers/OPNsense/IDS/forms/generalSettings.xml

Co-authored-by: Franco Fichtner <franco at opnsense.org>

Update src/opnsense/mvc/app/controllers/OPNsense/IDS/forms/generalSettings.xml

Co-authored-by: Franco Fichtner <franco at opnsense.org>

unbound: ajaxGet style

Services: Intrusion Detection - refactor pcap/netmap selection to "Capture mode" and add new "divert" option.

With divert we can integrate suricata in firewall rules, which makes it easier to bypass large flows.
This change requires the new SO_REUSEPORT_LB option in the kernel in order to distribute traffic over multiple workers.

unbound: remove console log

unbound: annotate correctly

unbound: add per-policy quick actions in overview. fixes https://github.com/opnsense/core/issues/9483

openvpn: style

Services: Captive Portal - use new hostwatch service introduced in https://github.com/opnsense/core/pull/9354 to collect mac addresses for 26.1

Interfaces: Neighbors: Automatic Discovery - by default, only use non-promiscuous mode, final point for https://github.com/opnsense/core/pull/9354

Added to the roadmap as well, as it seemed to be missing.

This new service is a prerequisite for the new (and faster) mac type aliases (https://github.com/opnsense/core/commit/b2a30fc5606ce2d6c781ae9b7282b83e8ec35ac3) and is a requirement for IPv6 captive portal in a future release.

captiveportal - assign empty array when "interface list arp json" returns invalid json. ref https://forum.opnsense.org/index.php?topic=50177.0

VPN: OpenVPN: Client Export - add "lazy loading" model support on Trust\Cert type and skip dynamic content when loading the model in our export. closes https://github.com/opnsense/core/pull/9552

Firewall: Rules [new]: Add multiselect icmp6type options (#9547)

* Firewall: Rules [new]: Add multiselect icmp6type options

* These should not be ignored in the grid.

* Firewall: Rules [new] - Add multiselect icmp6type options (minor cleanups)

Use icmpv6 parameter codes as defined in https://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xhtml#icmpv6-parameters-codes-8

---------

Co-authored-by: Ad Schellevis <ad at opnsense.org>

vpn/openvpn: Add simple search functionality for accounts table (#9549)

vpn/openvpn: Add simple search functionality for accounts table

These should not be ignored in the grid.