OPNSense/core 1cdad29src/etc/inc/plugins.inc.d unbound.inc, src/opnsense/mvc/app/controllers/OPNsense/Unbound/forms dialogHostOverride.xml

unbound: add support for TXT records in host overrides
DeltaFile
+14-6src/opnsense/mvc/app/controllers/OPNsense/Unbound/forms/dialogHostOverride.xml
+15-0src/opnsense/mvc/app/models/OPNsense/Unbound/Unbound.xml
+7-0src/opnsense/mvc/app/views/OPNsense/Unbound/overrides.volt
+2-0src/etc/inc/plugins.inc.d/unbound.inc
+38-64 files

OPNSense/core fdb29ee. plist Makefile, contrib Makefile

interfaces: for previous #9187
DeltaFile
+1-1contrib/Makefile
+2-0plist
+0-1Makefile
+3-23 files

OPNSense/core 48f43cbcontrib/ieee oui.csv, src/opnsense/scripts/interfaces macinfo.py list_macdb.py

netaddr / mac vendor mapping  - replace with simple local implementation, closes https://github.com/opnsense/core/issues/9187
DeltaFile
+37,990-0contrib/ieee/oui.csv
+55-0src/opnsense/scripts/interfaces/lib/__init__.py
+14-33src/opnsense/scripts/interfaces/macinfo.py
+16-23src/opnsense/scripts/interfaces/list_macdb.py
+3-13src/opnsense/scripts/interfaces/list_arp.py
+2-12src/opnsense/scripts/interfaces/list_ndp.py
+38,080-816 files

OPNSense/core f1c48f4Mk git.mk

make: add tag glue
DeltaFile
+4-1Mk/git.mk
+4-11 files

OPNSense/core b7d9de9src/opnsense/mvc/app/models/OPNsense/Auth User.xml

system: style change in user model
DeltaFile
+1-1src/opnsense/mvc/app/models/OPNsense/Auth/User.xml
+1-11 files

OPNSense/core 611e5e1src/opnsense/mvc/app/models/OPNsense/Core/repositories opnsense.xml

System: Firmware - Mirrors - Add Deciso US mirror

(cherry picked from commit 4c6f5fa2ce0805187cb053b3e28cf1528f9ec481)
DeltaFile
+4-0src/opnsense/mvc/app/models/OPNsense/Core/repositories/opnsense.xml
+4-01 files

OPNSense/core 23079edsrc/opnsense/mvc/app/models/OPNsense/Interfaces/FieldTypes LaggInterfaceField.php

interfaces: single configd call cleanup
DeltaFile
+1-1src/opnsense/mvc/app/models/OPNsense/Interfaces/FieldTypes/LaggInterfaceField.php
+1-11 files

OPNSense/core fa5d139src/opnsense/mvc/app/models/OPNsense/IPsec IPsec.xml

ipsec: model tweaks
DeltaFile
+19-19src/opnsense/mvc/app/models/OPNsense/IPsec/IPsec.xml
+19-191 files

OPNSense/core 607bdc5src/opnsense/mvc/app/models/OPNsense/OpenVPN Export.xml

openvpn: minor model tweak
DeltaFile
+1-1src/opnsense/mvc/app/models/OPNsense/OpenVPN/Export.xml
+1-11 files

OPNSense/core d2cd53esrc/opnsense/mvc/app/controllers/OPNsense/Base ApiControllerBase.php ControllerBase.php, src/opnsense/mvc/app/controllers/OPNsense/Diagnostics/Api LogController.php

mvc: stream output not properly cleansed when used in widget.

Since we sanitize api output to the webgui by default, for consistency we should probably do the same when handing streamed data.
Move htmlspecialchars() to Response class to increase readability and, similar to array data, always assume the browser requires escaped data by default.

reported by: Stanislav Fort of Aisle Research

(cherry picked from commit afdeafea59237c10008b6824a421cb065d3a7113)
(cherry picked from commit 14b70ccfec31b22f7dc679c2a0b6c3667a3df90c)
DeltaFile
+15-3src/opnsense/mvc/app/library/OPNsense/Mvc/Response.php
+5-7src/opnsense/mvc/app/controllers/OPNsense/Base/ApiControllerBase.php
+2-1src/opnsense/mvc/app/controllers/OPNsense/Diagnostics/Api/LogController.php
+1-1src/opnsense/mvc/app/controllers/OPNsense/Base/ControllerBase.php
+23-124 files

OPNSense/core ffe7bfasrc/opnsense/mvc/app/controllers/OPNsense/Firewall/Api FilterController.php

mvc: sweep no 2
DeltaFile
+2-2src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/FilterController.php
+2-21 files

OPNSense/core 14b70ccsrc/opnsense/mvc/app/library/OPNsense/Mvc Response.php

mvc: sweep no 1
DeltaFile
+1-2src/opnsense/mvc/app/library/OPNsense/Mvc/Response.php
+1-21 files

OPNSense/core 12e9b17src/opnsense/mvc/app/controllers/OPNsense/Core/Api HasyncStatusController.php

System: High Availability - missed a spot in restartAllAction() to properly check request type.

reported by: Stanislav Fort of Aisle Research

(cherry picked from commit 776ada6493330c65b3b740e9d0ebdd18695f05e8)
DeltaFile
+1-1src/opnsense/mvc/app/controllers/OPNsense/Core/Api/HasyncStatusController.php
+1-11 files

OPNSense/core 9b0c230src/opnsense/mvc/app/views/OPNsense/Diagnostics fw_log.volt, src/opnsense/www/js opnsense_bootgrid.js

firewall: small regression in https://github.com/opnsense/core/commit/7fe2d72f48f723ebdc0e6a2f2a8af0ae93cde1aa, keep pagination when navigation isn't rendered

While this is somewhat unintuitive, the default mode for UIBootgrid
is to always expect pagination request parameters. If navigation is
turned off, these are simply set to null so all results are returned.
The previous commit broke the data fetch for cases where the navigation
was turned off (i.e. local and remote auth for ipsec connections).

the firewall live log is an exception here, as this table is fully
managed with custom logic and therefore doesn't need to use the
default request parameters.
DeltaFile
+0-1src/opnsense/www/js/opnsense_bootgrid.js
+1-0src/opnsense/mvc/app/views/OPNsense/Diagnostics/fw_log.volt
+1-12 files

OPNSense/core 8efa004src/opnsense/www/themes/opnsense-dark/assets/stylesheets opnsense-bootgrid.scss, src/opnsense/www/themes/opnsense-dark/build/css opnsense-bootgrid.css

bootgrid: consistency adjustments for dark theme
DeltaFile
+8-10src/opnsense/www/themes/opnsense-dark/build/css/opnsense-bootgrid.css
+10-8src/opnsense/www/themes/opnsense-dark/assets/stylesheets/opnsense-bootgrid.scss
+18-182 files

OPNSense/core 776ada6src/opnsense/mvc/app/controllers/OPNsense/Core/Api HasyncStatusController.php

System: High Availability - missed a spot in restartAllAction() to properly check request type.

reported by: Stanislav Fort of Aisle Research
DeltaFile
+1-1src/opnsense/mvc/app/controllers/OPNsense/Core/Api/HasyncStatusController.php
+1-11 files

OPNSense/core afdeafesrc/opnsense/mvc/app/controllers/OPNsense/Base ApiControllerBase.php ControllerBase.php, src/opnsense/mvc/app/controllers/OPNsense/Diagnostics/Api LogController.php

mvc: stream output not properly cleansed when used in widget.

Since we sanitize api output to the webgui by default, for consistency we should probably do the same when handing streamed data.
Move htmlspecialchars() to Response class to increase readability and, similar to array data, always assume the browser requires escaped data by default.

reported by: Stanislav Fort of Aisle Research
DeltaFile
+16-3src/opnsense/mvc/app/library/OPNsense/Mvc/Response.php
+5-7src/opnsense/mvc/app/controllers/OPNsense/Base/ApiControllerBase.php
+2-1src/opnsense/mvc/app/controllers/OPNsense/Diagnostics/Api/LogController.php
+1-1src/opnsense/mvc/app/controllers/OPNsense/Base/ControllerBase.php
+24-124 files

OPNSense/core 0137199src/opnsense/mvc/app/models/OPNsense/Unbound Unbound.xml

unbound: update model
DeltaFile
+4-4src/opnsense/mvc/app/models/OPNsense/Unbound/Unbound.xml
+4-41 files

OPNSense/core ae255a3src/opnsense/mvc/app/models/OPNsense/IPsec Swanctl.xml

ipsec: small style cleanup
DeltaFile
+2-2src/opnsense/mvc/app/models/OPNsense/IPsec/Swanctl.xml
+2-21 files

OPNSense/core 05cfffdsrc/opnsense/scripts/captiveportal/htdocs_default index.html, src/opnsense/scripts/captiveportal/htdocs_default/css signin.css

Services: Captive Portal - restyle default login template

(cherry picked from commit fb374975f46de015abc1aa84c9e11249b750f041)
(cherry picked from commit ba9ff9fdc0382531f20eba6f55df4170a52514cc)
(cherry picked from commit 8a157bc3b02807fea11dc9aa318bc8b19ea0d956)
DeltaFile
+175-194src/opnsense/scripts/captiveportal/htdocs_default/index.html
+152-29src/opnsense/scripts/captiveportal/htdocs_default/css/signin.css
+58-0src/opnsense/scripts/captiveportal/htdocs_default/images/OPNsense-logo-diap.svg
+58-0src/opnsense/scripts/captiveportal/htdocs_default/images/OPNsense-logo.svg
+45-0src/opnsense/scripts/captiveportal/htdocs_default/images/deciso-brand-hover.svg
+45-0src/opnsense/scripts/captiveportal/htdocs_default/images/deciso-brand-hover-diap.svg
+533-2233 files not shown
+584-2239 files

OPNSense/core de0e22asrc/opnsense/mvc/app/controllers/OPNsense/CaptivePortal/Api AbstractAccessController.php AccessController.php, src/opnsense/mvc/app/models/OPNsense/CaptivePortal CaptivePortal.xml

Services: Captive Portal - various (style) cleanups

o slightly refactor strip_template.py including our exclude.list to skip library files and internal files.
o replace htdocs_default directory references to use relative paths
o change ServiceController to implement our standard ApiMutableServiceControllerBase and add missing status call
o array() -> [] style fixes
o add jquery-3.5.1.min.js into htdocs_default, keep legacy version for existing templates

(cherry picked from commit d8519a06a8a5b4fd3dd7991ef33d833163dcfff6)
(cherry picked from commit 93f480ccc91a2af8eed0901f171c802e336606e9)
(cherry picked from commit d35f434957d92154623815407a63d59aabd40a6b)
(cherry picked from commit f12340e67af841d60c06933487da27bbf7678fa0)
DeltaFile
+0-205src/opnsense/mvc/app/controllers/OPNsense/CaptivePortal/Api/AbstractAccessController.php
+167-1src/opnsense/mvc/app/controllers/OPNsense/CaptivePortal/Api/AccessController.php
+39-80src/opnsense/mvc/app/controllers/OPNsense/CaptivePortal/Api/ServiceController.php
+15-22src/opnsense/mvc/app/controllers/OPNsense/CaptivePortal/Api/VoucherController.php
+10-20src/opnsense/scripts/captiveportal/strip_template.py
+9-9src/opnsense/mvc/app/models/OPNsense/CaptivePortal/CaptivePortal.xml
+240-3378 files not shown
+265-35714 files

OPNSense/core aa5cff9src/opnsense/scripts/OPNsense/CaptivePortal cp-background-process.py, src/opnsense/scripts/OPNsense/CaptivePortal/htdocs_default/fonts glyphicons-halflings-regular.svg

Services: Captive Portal - move scripts

(cherry picked from commit 8f1cc98c8f09b6413386f5442c6341a544f99b16)
DeltaFile
+0-401src/opnsense/scripts/OPNsense/CaptivePortal/lib/db.py
+401-0src/opnsense/scripts/captiveportal/lib/db.py
+0-306src/opnsense/scripts/OPNsense/CaptivePortal/cp-background-process.py
+306-0src/opnsense/scripts/captiveportal/cp-background-process.py
+288-0src/opnsense/scripts/captiveportal/htdocs_default/fonts/glyphicons-halflings-regular.svg
+0-288src/opnsense/scripts/OPNsense/CaptivePortal/htdocs_default/fonts/glyphicons-halflings-regular.svg
+995-99557 files not shown
+2,522-2,52263 files

OPNSense/core 5d9859dsrc/opnsense/mvc/app/controllers/OPNsense/Firewall/Api FilterController.php

Firewall: Automation: Filter - another take on moveRuleBeforeAction()

ref: https://github.com/opnsense/core/pull/9171
(cherry picked from commit f3a5e200f4678d9647bfbe0075b0944f3101257f)
DeltaFile
+50-58src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/FilterController.php
+50-581 files

OPNSense/core 857465fsrc/opnsense/mvc/app/controllers/OPNsense/Diagnostics/Api FirewallController.php, src/opnsense/mvc/app/views/OPNsense/Diagnostics fw_pftop.volt

firewall: fix broken rule selector, more front-end cleanups and performance improvement

(cherry picked from commit 30102d5ee4d46af3873ed9e1261d111b579486b5)
DeltaFile
+61-63src/opnsense/mvc/app/views/OPNsense/Diagnostics/fw_pftop.volt
+1-1src/opnsense/mvc/app/controllers/OPNsense/Diagnostics/Api/FirewallController.php
+62-642 files

OPNSense/core 086bb67src/opnsense/mvc/app/views/OPNsense/Diagnostics fw_states.volt

firewall: states: fix tooltips and minor performance improvement

(cherry picked from commit adc58c39511dda6429aa8d565cef924a93fc326f)
DeltaFile
+1-1src/opnsense/mvc/app/views/OPNsense/Diagnostics/fw_states.volt
+1-11 files

OPNSense/core bc571e9src/opnsense/mvc/app/views/OPNsense/Firewall alias_util.volt

aliases: front-end table rendering performance improvement

(cherry picked from commit cb31d64ab356d3cd82ee6941e10b95c5733d28ff)
(cherry picked from commit 8884abef340cc02fc7163a44434fb5b21cc8d594)
DeltaFile
+13-12src/opnsense/mvc/app/views/OPNsense/Firewall/alias_util.volt
+13-121 files

OPNSense/core dea2eb6src/opnsense/mvc/app/views/OPNsense/Firewall filter_rule.volt

firewall/automation: Remove rowselect from internal and dataTree (#9173)

* firewall/automation: Toggle rowSelect checkbox off when TreeView is enabled

* Add tabulator rowFormatter and centralize all classes that interact with full rows. Remove onRendered from all cell specific formatters. Hide rowselect checkbox for internal rules as well.

(cherry picked from commit 36b8abff4cff402f1952cf016279aa7ff37cc60e)
DeltaFile
+36-26src/opnsense/mvc/app/views/OPNsense/Firewall/filter_rule.volt
+36-261 files

OPNSense/core d0c062esrc/opnsense/www/js opnsense_ui.js

mvc: slightly improve replaceInputWithSelector() to support an empty placeholder, which should help for https://github.com/opnsense/core/pull/9158

This change uses a token for the single/manual input, in which case callers may use definitions like:

......
            'networks' => [
                'label' => gettext("Networks"),
                'items' => [
                    '' => gettext('any'),
                    '(self)' => gettext("This Firewall")
                ]
            ]
.....

When empty is offered, "any" will be choosen in this case. In theory we could change the filter model as well as "any" has no functional meaning anyway, but for simplicty this only changes the javascript part.

(cherry picked from commit 4d3ea7a6e9a553c91114643f9dafdf8fc1c8456e)
DeltaFile
+18-14src/opnsense/www/js/opnsense_ui.js
+18-141 files

OPNSense/core e4cf31bsrc/opnsense/mvc/app/views/OPNsense/Auth user.volt, src/opnsense/mvc/app/views/OPNsense/Core tunables.volt

bootgrid: simplify custom grid command additions a bit

specifically, the only way to make this work was to capture all
events on a parent element, which isn't all that intuitive. Since
the buttons are still being detached and moved somewhere else,
it is possible for events bound directly after Bootgrid instatiation
to be lost (there is no element to bind to). Therefore, these
events need to be set either before
the Bootgrid exists, or after the 'load.rs.jquery.bootgrid' phase

(cherry picked from commit f8b9a901b136afe1a7cfda46313d75addb3a918f)
DeltaFile
+26-25src/opnsense/mvc/app/views/OPNsense/Core/tunables.volt
+9-6src/opnsense/www/js/opnsense_bootgrid.js
+5-5src/opnsense/mvc/app/views/OPNsense/Auth/user.volt
+5-5src/opnsense/mvc/app/views/OPNsense/Dnsmasq/settings.volt
+5-5src/opnsense/mvc/app/views/OPNsense/Kea/dhcpv4.volt
+50-465 files

OPNSense/core 51ff9b4src/opnsense/mvc/app/controllers/OPNsense/Firewall FilterController.php, src/opnsense/mvc/app/controllers/OPNsense/Firewall/forms dialogFilterRule.xml

firewall/automation: Put sequence and sort_order in advanced mode (#9177)

(cherry picked from commit 6204ca035548a434a9e2ac340b61b1faa247c31d)
DeltaFile
+5-1src/opnsense/mvc/app/controllers/OPNsense/Firewall/FilterController.php
+2-0src/opnsense/mvc/app/controllers/OPNsense/Firewall/forms/dialogFilterRule.xml
+7-12 files