BSD Commit Log Search

Firewall: Rules - remove cache/rate-limit introduced in https://github.com/opnsense/core/commit/9db6ca2fad930790eb7116a1bf18ccba99604cad and superseded https://github.com/opnsense/core/commit/5baba39831dffbab79f7d30c90c400876b9700d2

Merge branch 'master' into firewall-automation-responsiveness

firewall/automation: Consolidate the stats column into a combined always visible one, implement cache invalidation via refresh button (#9272)

* firewall/automation: Consolidate the stats column into a combined always visible one, implement cache invalidation via refresh button

* Update src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/FilterController.php

Co-authored-by: Franco Fichtner <franco at opnsense.org>

* Update src/opnsense/service/conf/actions.d/actions_filter.conf

Co-authored-by: Franco Fichtner <franco at opnsense.org>

* Update src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/FilterController.php

Co-authored-by: Franco Fichtner <franco at opnsense.org>

* Move event binding into headerFormatter, remove all loaded.rs.jquery.bootgrid since nothing in it is needed anymore

* Make click handler safe

    [15 lines not shown]

Add cache_ttl at correct spot

Merge remote-tracking branch 'origin/master' into firewall-automation-cache

Fix duplicate headerSort in opnsense_bootgrid.js, push sortable to global setting in filter_rule.volt so that no persistence is set on header clicks

Do not fire persistence event when clicking on refresh button in tabulator header

Split stats into two rows to safe on horizontal space

Flip this around

Apply decimals if the base has been exceeded at least once, there are no half bytes or half integers, this only matters if the base changed for better accuracy

Include number formatter into byteFormat as parameter switch, show formatted number in column and real full number in tooltip.

themes / opnsense-dark - change header font color in BootstrapDialog, closes https://github.com/opnsense/core/issues/9142

Make click handler safe

Move event binding into headerFormatter, remove all loaded.rs.jquery.bootgrid since nothing in it is needed anymore

bootgrid: always show reset button

Add global default for minWidth since its an issue in all grids.

Generalize the action bar flex css so it improves all pages

unbound: improve CNAME handling of whitelisted domains (https://github.com/opnsense/core/issues/6722)

if a.com is whitelisted, but points to a.b.com through a CNAME, allow
a.b.com.

Update src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/FilterController.php

Co-authored-by: Franco Fichtner <franco at opnsense.org>

Update src/opnsense/service/conf/actions.d/actions_filter.conf

Co-authored-by: Franco Fichtner <franco at opnsense.org>

Update src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/FilterController.php

Co-authored-by: Franco Fichtner <franco at opnsense.org>

firewall/automation: Consolidate the stats column into a combined always visible one, implement cache invalidation via refresh button

dnsmasq: Improve Firewall alias (ipset) validations (#9269)

- domain in domainoverrides is changed to the strict HostnameField introduced in 2d2781c to disallow the use of "#" which would add all resolved domains to an ipset alias. The overall strictness of the field now matches hosts.
- ipset ModelRelationField got a name filter adjustment, to exclude all system defined external aliases that start with __
- dnsmasq.conf template does not render server and rebind-domain-ok for entries anymore which are just a domain and the Firewall alias (ipset). Before this change, it would generate a server with an empty IP, which means blocking forwarding. Firewall alias (ipset) needs forwarding to function, otherwise it fails for the chosen domain.

backend: introduce a file_safe() helper related to #9259

mvc: protect JSON response against UFT-8 encoding failures

(cherry picked from commit d1042bb65e2f170780040e1aff635eda3c14e10b)

mvc: protect JSON response against UFT-8 encoding failures

dnsmasq: Improve Firewall alias (ipset) validations

- domain in domainoverrides is changed to the strict HostnameField introduced in 2d2781c to disallow the use of "#" which would add all resolved domains to an ipset alias. The overall strictness of the field now matches hosts.
- ipset ModelRelationField got a name filter adjustment, to exclude all system defined external aliases that start with __
- dnsmasq.conf template does not render server and rebind-domain-ok for entries anymore which are just a domain and the Firewall alias (ipset). Before this change, it would generate a server with an empty IP, which means blocking forwarding. Firewall alias (ipset) needs forwarding to function, otherwise it fails for the chosen domain.

Firewall: Aliases - fix regrssion in geoip input (flags missing)

(cherry picked from commit fd6b69b9b05f3a566d04a5a4e688ef10abef8627)

Firewall: Aliases - fix regrssion in geoip input (flags missing)

Firewall: Aliases / GeoIP - fetch IPinfo format file from our mirror when BE is installed, for https://github.com/opnsense/core/issues/7779

(cherry picked from commit 49a748f76880326fcedbd6cbd7f5d15a104bcc9b)