OPNSense/core c2c4d45src/etc/inc/plugins.inc.d kea.inc

wrong script path
DeltaFile
+1-1src/etc/inc/plugins.inc.d/kea.inc
+1-11 files

OPNSense/core 84d6ca4src/opnsense/scripts/dhcp prefixeskea.php

Fix a small bug because empty and 0 is the same
DeltaFile
+2-1src/opnsense/scripts/dhcp/prefixeskea.php
+2-11 files

OPNSense/core a24272e. plist, src/etc/inc/plugins.inc.d kea.inc

dhcp/kea: Install prefix delegation routes targeting IA_NA address
DeltaFile
+102-0src/opnsense/scripts/dhcp/prefixeskea.php
+39-0src/opnsense/scripts/dhcp/prefixeskea.sh
+9-0src/etc/inc/plugins.inc.d/kea.inc
+6-0src/opnsense/service/conf/actions.d/actions_kea.conf
+2-0plist
+158-05 files

OPNSense/core f4b1f9a. plist

make plist-fix
DeltaFile
+1-0plist
+1-01 files

OPNSense/core a425b57src/etc/inc/plugins.inc.d kea.inc, src/opnsense/scripts/dhcp prefixes.php prefixeskea.sh

dhcp/kea: Install prefix delegation routes targeting IA_NA address
DeltaFile
+125-64src/opnsense/scripts/dhcp/prefixes.php
+39-0src/opnsense/scripts/dhcp/prefixeskea.sh
+9-0src/etc/inc/plugins.inc.d/kea.inc
+6-0src/opnsense/service/conf/actions.d/actions_kea.conf
+179-644 files

OPNSense/core 62133b8src/opnsense/mvc/app/models/OPNsense/Unbound/Migrations M1_0_13.php

unbound: migration cleanup
DeltaFile
+8-0src/opnsense/mvc/app/models/OPNsense/Unbound/Migrations/M1_0_13.php
+8-01 files

OPNSense/core 045954asrc/opnsense/mvc/app/controllers/OPNsense/Unbound/Api SettingsController.php OverviewController.php, src/opnsense/mvc/app/controllers/OPNsense/Unbound/forms dnsbl.xml

unbound: rename whitelists to allowlists
DeltaFile
+23-23src/opnsense/mvc/app/views/OPNsense/Unbound/overview.volt
+3-3src/opnsense/mvc/app/controllers/OPNsense/Unbound/Api/SettingsController.php
+3-3src/opnsense/mvc/app/controllers/OPNsense/Unbound/forms/dnsbl.xml
+2-2src/opnsense/mvc/app/controllers/OPNsense/Unbound/Api/OverviewController.php
+2-0src/opnsense/mvc/app/models/OPNsense/Unbound/Migrations/M1_0_13.php
+1-1src/opnsense/mvc/app/models/OPNsense/Unbound/Unbound.xml
+34-326 files

OPNSense/core bdfcbc6src/opnsense/mvc/app/models/OPNsense/Unbound/Menu Menu.xml

unbound: make menu item plural
DeltaFile
+1-1src/opnsense/mvc/app/models/OPNsense/Unbound/Menu/Menu.xml
+1-11 files

OPNSense/core a430708src/opnsense/mvc/app/models/OPNsense/Unbound/Migrations M1_0_13.php

unbound: account for description in migration
DeltaFile
+5-2src/opnsense/mvc/app/models/OPNsense/Unbound/Migrations/M1_0_13.php
+5-21 files

OPNSense/core db13acbsrc/opnsense/service/templates/OPNsense/Unbound/core dnsbl_module.py

unbound: make sure pass_regex exists
DeltaFile
+1-1src/opnsense/service/templates/OPNsense/Unbound/core/dnsbl_module.py
+1-11 files

OPNSense/core c225406src/opnsense/mvc/app/controllers/OPNsense/Unbound/Api OverviewController.php, src/opnsense/scripts/unbound/blocklists __init__.py

unbound: fix OverviewController and sort module configuration elements
DeltaFile
+1-1src/opnsense/mvc/app/controllers/OPNsense/Unbound/Api/OverviewController.php
+2-0src/opnsense/scripts/unbound/blocklists/__init__.py
+3-12 files

OPNSense/core 0f651d7src/etc/inc filter.lib.inc

Firewall: Settings: Advanced - Add rule references for a55682f (#9302)

(cherry picked from commit a0a22072f53a935e5d3b3545177d8039eaada1f4)
(cherry picked from commit bf5594f772514b4d86919d2a9f499cc93014ac52)
DeltaFile
+22-9src/etc/inc/filter.lib.inc
+22-91 files

OPNSense/core 54e64f6src/opnsense/scripts/firmware check.sh

firmware: force through SAT solver failure since pkg 2.3.1

We don't actually install -- we just want to know what would happen.
And if we don't know we cannot proceed which actually broke moving to
the development version or back to stable.

Also fix a syntax error in previous commit.

(cherry picked from commit e15f5ee9fb1e797912d84bfb150f620d9e476fd4)
DeltaFile
+3-3src/opnsense/scripts/firmware/check.sh
+3-31 files

OPNSense/core e15f5eesrc/opnsense/scripts/firmware check.sh

firmware: force through SAT solver failure since pkg 2.3.1

We don't actually install -- we just want to know what would happen.
And if we don't know we cannot proceed which actually broke moving to
the development version or back to stable.

Also fix a syntax error in previous commit.
DeltaFile
+3-3src/opnsense/scripts/firmware/check.sh
+3-31 files

OPNSense/core f76feeasrc/opnsense/mvc/app/models/OPNsense/Base BaseModel.php

system: also trim extraction of description just in case

So we do not end up with leading or trailing " " after replace.
DeltaFile
+2-3src/opnsense/mvc/app/models/OPNsense/Base/BaseModel.php
+2-31 files

OPNSense/core 617c0adsrc/opnsense/mvc/app/library/OPNsense/Core ConfigMaintenance.php

System: Configuration: Defaults - For uninstalled models, when a description has been persisted, use the attribute value to help the user. for https://github.com/opnsense/core/issues/8768
DeltaFile
+2-1src/opnsense/mvc/app/library/OPNsense/Core/ConfigMaintenance.php
+2-11 files

OPNSense/core 46f89afsrc/opnsense/mvc/app/models/OPNsense/Base BaseModel.php

mvc: persist models description in root attribute. closes https://github.com/opnsense/core/issues/8652
DeltaFile
+13-0src/opnsense/mvc/app/models/OPNsense/Base/BaseModel.php
+13-01 files

OPNSense/core bf5594fsrc/etc/inc filter.lib.inc

firewall: style
DeltaFile
+6-3src/etc/inc/filter.lib.inc
+6-31 files

OPNSense/core 905778fsrc/etc/inc filter.inc

filter.inc: Add sleep to test if there is some issue with pfctl returning too early
DeltaFile
+2-0src/etc/inc/filter.inc
+2-01 files

OPNSense/core a0a2207src/etc/inc filter.lib.inc

Firewall: Settings: Advanced - Add rule references for a55682f (#9302)

* Firewall: Settings: Advanced - Add rule references for https://github.com/opnsense/core/commit/a55682fbc212944cb491c3fda3cab520f15b4a89

* fix array
DeltaFile
+19-9src/etc/inc/filter.lib.inc
+19-91 files

OPNSense/core 5cfb748src/etc/inc filter.lib.inc

fix array
DeltaFile
+18-18src/etc/inc/filter.lib.inc
+18-181 files

OPNSense/core c62a7d5src/etc/inc filter.lib.inc

Firewall: Settings: Advanced - Add rule references for https://github.com/opnsense/core/commit/a55682fbc212944cb491c3fda3cab520f15b4a89
DeltaFile
+11-1src/etc/inc/filter.lib.inc
+11-11 files

OPNSense/core eb4096dsrc/opnsense/mvc/app/controllers/OPNsense/OpenVPN/forms dialogInstance.xml, src/opnsense/mvc/app/models/OPNsense/OpenVPN OpenVPN.xml OpenVPN.php

OpenVPN: add support for pushing excluded routes via net_gateway (#9258)

* OpenVPN: add support for pushing excluded routes via net_gateway

This patch introduces a new `push_excluded_routes` option in the OpenVPN
instance dialog. It allows administrators to define routes that should be
excluded from the VPN tunnel and instead use the client’s existing default
gateway (`net_gateway`).

Changes include:
- Added `instance.push_excluded_routes` field to dialogInstance.xml.
- Extended OpenVPN model to process `push_excluded_routes` and append
  `net_gateway` to the pushed route options.
- Defined `push_excluded_routes` as a NetworkField in OpenVPN.xml.

This provides a convenient way to push split-exclusion routes, ensuring
specific traffic is routed via the client’s pre-existing default gateway.

Feature request: https://github.com/opnsense/core/issues/8537

    [7 lines not shown]
DeltaFile
+12-0src/opnsense/mvc/app/controllers/OPNsense/OpenVPN/forms/dialogInstance.xml
+4-0src/opnsense/mvc/app/models/OPNsense/OpenVPN/OpenVPN.xml
+3-1src/opnsense/mvc/app/models/OPNsense/OpenVPN/OpenVPN.php
+19-13 files

OPNSense/core 7cc63adsrc/etc/inc/plugins.inc.d openvpn.inc, src/opnsense/mvc/app/controllers/OPNsense/OpenVPN/forms dialogInstance.xml dialogCSO.xml

OpenVPN: allow multiple domains settings for client connection (#9281)

* OpenVPN: allow multiple domains settings for client connection

* OpenVPN: allow multiple domains settings - update plugin files

---------

Co-authored-by: Krisztian Ivancso <dev at devopsoffice.com>
(cherry picked from commit 3dd24ff4a2b6e14fc76c238f8a31ffc8cc1348bf)
DeltaFile
+5-4src/opnsense/mvc/app/controllers/OPNsense/OpenVPN/forms/dialogInstance.xml
+6-2src/opnsense/mvc/app/models/OPNsense/OpenVPN/OpenVPN.xml
+5-3src/opnsense/mvc/app/controllers/OPNsense/OpenVPN/forms/dialogCSO.xml
+3-1src/opnsense/mvc/app/models/OPNsense/OpenVPN/OpenVPN.php
+3-1src/etc/inc/plugins.inc.d/openvpn.inc
+22-115 files

OPNSense/core 48e872fsrc/opnsense/scripts/filter rule_stats.py

Firewall: Rules - remove cache/rate-limit introduced in https://github.com/opnsense/core/commit/9db6ca2fad930790eb7116a1bf18ccba99604cad and superseded https://github.com/opnsense/core/commit/5baba39831dffbab79f7d30c90c400876b9700d2

(cherry picked from commit b67e4f91e57963943c33d59afe0a8f59bce59c32)
DeltaFile
+33-69src/opnsense/scripts/filter/rule_stats.py
+33-691 files

OPNSense/core a753ae8src/opnsense/scripts/firmware check.sh

firmware: make sure to print versions on update attempt

Although this is noisy we can see if the upgrade attempt is going to be
executed.  In error case or backwards scenarios it might which can also
help pinpoint the fact that a wrong package manager was installed from
somewhere else.

(cherry picked from commit df4626812e3a8c5e46bebf2b21dbb89792ec0eb2)
DeltaFile
+2-1src/opnsense/scripts/firmware/check.sh
+2-11 files

OPNSense/core df46268src/opnsense/scripts/firmware check.sh

firmware: make sure to print versions on update attempt

Although this is noisy we can see if the upgrade attempt is going to be
executed.  In error case or backwards scenarios it might which can also
help pinpoint the fact that a wrong package manager was installed from
somewhere else.
DeltaFile
+2-1src/opnsense/scripts/firmware/check.sh
+2-11 files

OPNSense/core 8409cfcsrc/opnsense/mvc/app/controllers/OPNsense/Firewall/Api FilterController.php

Firewall: Automation: Filter - when in "Inspect" mode, also resolve alias names when the search clause is a valid IP address, closes https://github.com/opnsense/core/issues/9134

requires: https://github.com/opnsense/core/commit/126cddc510618e749c54d78aacc1cc923a4cedfa
(cherry picked from commit cf9f4c313893d9738ae8d0dae41fa20b47fc4679)
DeltaFile
+23-1src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/FilterController.php
+23-11 files

OPNSense/core f1bfa65src/opnsense/mvc/app/views/OPNsense/Firewall filter_rule.volt, src/opnsense/www/js opnsense_bootgrid.js

firewall/automation: Hide and unhide statistics without triggering tabulator persistence event (#9284)

Add transient `_silentToggle` marker to Tabulator columns so
`columnVisibilityChanged` events triggered by scripted show/hide
operations (e.g. inspect toggle) do not set the persistence flag.

(cherry picked from commit eb2800a9bd76060fa17937840e3498c31e4081d2)
DeltaFile
+9-3src/opnsense/www/js/opnsense_bootgrid.js
+9-0src/opnsense/mvc/app/views/OPNsense/Firewall/filter_rule.volt
+18-32 files

OPNSense/core 5dbaf1bsrc/opnsense/scripts/firmware check.sh

firmware: improve the package manager upgrade for pkg 2.x

(cherry picked from commit 369a9a3566885fa456301840e82a9d08102f7e9c)
(cherry picked from commit bf6b0406e014eb8c651cbe6b784d488b25685e76)
(cherry picked from commit 7925c64dd7eae3f5e0f1c04a2a9c19bc65e7291d)
DeltaFile
+10-2src/opnsense/scripts/firmware/check.sh
+10-21 files