OPNSense/core b67e4f9src/opnsense/scripts/filter rule_stats.py

Firewall: Rules - remove cache/rate-limit introduced in https://github.com/opnsense/core/commit/9db6ca2fad930790eb7116a1bf18ccba99604cad and superseded https://github.com/opnsense/core/commit/5baba39831dffbab79f7d30c90c400876b9700d2
DeltaFile
+33-69src/opnsense/scripts/filter/rule_stats.py
+33-691 files

OPNSense/core cab3230src/opnsense/mvc/app/controllers/OPNsense/Firewall/forms dialogFilterRule.xml, src/opnsense/mvc/app/models/OPNsense/Dnsmasq/FieldTypes HostnameField.php AliasesField.php

Merge branch 'master' into firewall-automation-responsiveness
DeltaFile
+174-0src/opnsense/mvc/app/models/OPNsense/Dnsmasq/FieldTypes/HostnameField.php
+150-0src/opnsense/mvc/tests/app/models/OPNsense/Dnsmasq/FieldTypes/HostnameFieldTest.php
+86-11src/opnsense/mvc/app/views/OPNsense/Firewall/filter_rule.volt
+3-81src/opnsense/mvc/app/controllers/OPNsense/Firewall/forms/dialogFilterRule.xml
+67-0src/opnsense/mvc/app/models/OPNsense/Kea/FieldTypes/KeaClasslessStaticRouteField.php
+0-64src/opnsense/mvc/app/models/OPNsense/Dnsmasq/FieldTypes/AliasesField.php
+480-15639 files not shown
+703-28545 files

OPNSense/core 5baba39src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api FilterController.php, src/opnsense/mvc/app/controllers/OPNsense/Firewall/forms dialogFilterRule.xml

firewall/automation: Consolidate the stats column into a combined always visible one, implement cache invalidation via refresh button (#9272)

* firewall/automation: Consolidate the stats column into a combined always visible one, implement cache invalidation via refresh button

* Update src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/FilterController.php

Co-authored-by: Franco Fichtner <franco at opnsense.org>

* Update src/opnsense/service/conf/actions.d/actions_filter.conf

Co-authored-by: Franco Fichtner <franco at opnsense.org>

* Update src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/FilterController.php

Co-authored-by: Franco Fichtner <franco at opnsense.org>

* Move event binding into headerFormatter, remove all loaded.rs.jquery.bootgrid since nothing in it is needed anymore

* Make click handler safe

    [15 lines not shown]
DeltaFile
+86-11src/opnsense/mvc/app/views/OPNsense/Firewall/filter_rule.volt
+3-81src/opnsense/mvc/app/controllers/OPNsense/Firewall/forms/dialogFilterRule.xml
+23-15src/opnsense/www/js/opnsense_ui.js
+11-0src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/FilterController.php
+1-2src/opnsense/www/js/opnsense_bootgrid.js
+1-0src/opnsense/service/conf/actions.d/actions_filter.conf
+125-1096 files

OPNSense/core 25e6e38src/opnsense/service/conf/actions.d actions_filter.conf

Add cache_ttl at correct spot
DeltaFile
+2-1src/opnsense/service/conf/actions.d/actions_filter.conf
+2-11 files

OPNSense/core d07ea82src/opnsense/service/templates/OPNsense/Unbound/core dnsbl_module.py, src/opnsense/www/js opnsense_bootgrid.js

Merge remote-tracking branch 'origin/master' into firewall-automation-cache
DeltaFile
+15-7src/opnsense/service/templates/OPNsense/Unbound/core/dnsbl_module.py
+1-1src/opnsense/www/js/opnsense_bootgrid.js
+1-1src/opnsense/www/themes/opnsense-dark/assets/stylesheets/bootstrap-dialog.scss
+1-1src/opnsense/www/themes/opnsense-dark/build/css/bootstrap-dialog.css
+18-104 files

OPNSense/core bca426fsrc/opnsense/mvc/app/controllers/OPNsense/Firewall/forms dialogFilterRule.xml, src/opnsense/mvc/app/views/OPNsense/Firewall filter_rule.volt

Fix duplicate headerSort in opnsense_bootgrid.js, push sortable to global setting in filter_rule.volt so that no persistence is set on header clicks
DeltaFile
+0-43src/opnsense/mvc/app/controllers/OPNsense/Firewall/forms/dialogFilterRule.xml
+1-2src/opnsense/www/js/opnsense_bootgrid.js
+1-0src/opnsense/mvc/app/views/OPNsense/Firewall/filter_rule.volt
+2-453 files

OPNSense/core 0aae8cdsrc/opnsense/mvc/app/views/OPNsense/Firewall filter_rule.volt

Do not fire persistence event when clicking on refresh button in tabulator header
DeltaFile
+2-0src/opnsense/mvc/app/views/OPNsense/Firewall/filter_rule.volt
+2-01 files

OPNSense/core d98d655src/opnsense/mvc/app/views/OPNsense/Firewall filter_rule.volt

Split stats into two rows to safe on horizontal space
DeltaFile
+20-7src/opnsense/mvc/app/views/OPNsense/Firewall/filter_rule.volt
+20-71 files

OPNSense/core 7bb9a95src/opnsense/mvc/app/views/OPNsense/Firewall filter_rule.volt

Flip this around
DeltaFile
+6-6src/opnsense/mvc/app/views/OPNsense/Firewall/filter_rule.volt
+6-61 files

OPNSense/core 54fa1adsrc/opnsense/mvc/app/views/OPNsense/Firewall filter_rule.volt, src/opnsense/www/js opnsense_ui.js

Apply decimals if the base has been exceeded at least once, there are no half bytes or half integers, this only matters if the base changed for better accuracy
DeltaFile
+4-1src/opnsense/www/js/opnsense_ui.js
+1-1src/opnsense/mvc/app/views/OPNsense/Firewall/filter_rule.volt
+5-22 files

OPNSense/core 37b2ffbsrc/opnsense/mvc/app/views/OPNsense/Firewall filter_rule.volt, src/opnsense/www/js opnsense_ui.js

Include number formatter into byteFormat as parameter switch, show formatted number in column and real full number in tooltip.
DeltaFile
+12-33src/opnsense/www/js/opnsense_ui.js
+3-4src/opnsense/mvc/app/views/OPNsense/Firewall/filter_rule.volt
+15-372 files

OPNSense/core cab54b1src/opnsense/www/themes/opnsense-dark/assets/stylesheets bootstrap-dialog.scss, src/opnsense/www/themes/opnsense-dark/build/css bootstrap-dialog.css

themes / opnsense-dark - change header font color in BootstrapDialog, closes https://github.com/opnsense/core/issues/9142
DeltaFile
+1-1src/opnsense/www/themes/opnsense-dark/assets/stylesheets/bootstrap-dialog.scss
+1-1src/opnsense/www/themes/opnsense-dark/build/css/bootstrap-dialog.css
+2-22 files

OPNSense/core 886ab36src/opnsense/mvc/app/views/OPNsense/Firewall filter_rule.volt

Make click handler safe
DeltaFile
+25-21src/opnsense/mvc/app/views/OPNsense/Firewall/filter_rule.volt
+25-211 files

OPNSense/core 599f7d7src/opnsense/mvc/app/views/OPNsense/Firewall filter_rule.volt

Move event binding into headerFormatter, remove all loaded.rs.jquery.bootgrid since nothing in it is needed anymore
DeltaFile
+17-19src/opnsense/mvc/app/views/OPNsense/Firewall/filter_rule.volt
+17-191 files

OPNSense/core b027667src/opnsense/www/js opnsense_bootgrid.js

bootgrid: always show reset button
DeltaFile
+1-1src/opnsense/www/js/opnsense_bootgrid.js
+1-11 files

OPNSense/core 41cb7easrc/opnsense/mvc/app/controllers/OPNsense/Firewall/forms dialogFilterRule.xml, src/opnsense/www/js opnsense_bootgrid.js

Add global default for minWidth since its an issue in all grids.
DeltaFile
+0-43src/opnsense/mvc/app/controllers/OPNsense/Firewall/forms/dialogFilterRule.xml
+1-1src/opnsense/www/js/opnsense_bootgrid.js
+1-442 files

OPNSense/core 1e51d17src/opnsense/mvc/app/views/OPNsense/Firewall filter_rule.volt, src/opnsense/www/css opnsense-bootgrid.css

Generalize the action bar flex css so it improves all pages
DeltaFile
+5-68src/opnsense/mvc/app/views/OPNsense/Firewall/filter_rule.volt
+62-0src/opnsense/www/themes/opnsense-dark/assets/stylesheets/opnsense-bootgrid.scss
+62-0src/opnsense/www/themes/opnsense-dark/build/css/opnsense-bootgrid.css
+62-0src/opnsense/www/css/opnsense-bootgrid.css
+62-0src/opnsense/www/themes/opnsense/assets/stylesheets/opnsense-bootgrid.scss
+62-0src/opnsense/www/themes/opnsense/build/css/opnsense-bootgrid.css
+315-681 files not shown
+319-767 files

OPNSense/core 854200asrc/opnsense/service/templates/OPNsense/Unbound/core dnsbl_module.py

unbound: improve CNAME handling of whitelisted domains (https://github.com/opnsense/core/issues/6722)

if a.com is whitelisted, but points to a.b.com through a CNAME, allow
a.b.com.
DeltaFile
+15-7src/opnsense/service/templates/OPNsense/Unbound/core/dnsbl_module.py
+15-71 files

OPNSense/core ba77352src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api FilterController.php

Update src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/FilterController.php

Co-authored-by: Franco Fichtner <franco at opnsense.org>
DeltaFile
+0-1src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/FilterController.php
+0-11 files

OPNSense/core 4adf051src/opnsense/service/conf/actions.d actions_filter.conf

Update src/opnsense/service/conf/actions.d/actions_filter.conf

Co-authored-by: Franco Fichtner <franco at opnsense.org>
DeltaFile
+1-1src/opnsense/service/conf/actions.d/actions_filter.conf
+1-11 files

OPNSense/core 3a7ee57src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api FilterController.php

Update src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/FilterController.php

Co-authored-by: Franco Fichtner <franco at opnsense.org>
DeltaFile
+0-1src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/FilterController.php
+0-11 files

OPNSense/core d4e42ccsrc/opnsense/mvc/app/controllers/OPNsense/Firewall/Api FilterController.php, src/opnsense/mvc/app/controllers/OPNsense/Firewall/forms dialogFilterRule.xml

firewall/automation: Consolidate the stats column into a combined always visible one, implement cache invalidation via refresh button
DeltaFile
+68-8src/opnsense/mvc/app/views/OPNsense/Firewall/filter_rule.volt
+3-38src/opnsense/mvc/app/controllers/OPNsense/Firewall/forms/dialogFilterRule.xml
+26-0src/opnsense/www/js/opnsense_ui.js
+13-0src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/FilterController.php
+1-1src/opnsense/service/conf/actions.d/actions_filter.conf
+111-475 files

OPNSense/core 25723acsrc/opnsense/mvc/app/models/OPNsense/Dnsmasq Dnsmasq.xml, src/opnsense/service/templates/OPNsense/Dnsmasq dnsmasq.conf

dnsmasq: Improve Firewall alias (ipset) validations (#9269)

- domain in domainoverrides is changed to the strict HostnameField introduced in 2d2781c to disallow the use of "#" which would add all resolved domains to an ipset alias. The overall strictness of the field now matches hosts.
- ipset ModelRelationField got a name filter adjustment, to exclude all system defined external aliases that start with __
- dnsmasq.conf template does not render server and rebind-domain-ok for entries anymore which are just a domain and the Firewall alias (ipset). Before this change, it would generate a server with an empty IP, which means blocking forwarding. Firewall alias (ipset) needs forwarding to function, otherwise it fails for the chosen domain.
DeltaFile
+7-3src/opnsense/service/templates/OPNsense/Dnsmasq/dnsmasq.conf
+4-5src/opnsense/mvc/app/models/OPNsense/Dnsmasq/Dnsmasq.xml
+11-82 files

OPNSense/core 215b723src/etc/inc util.inc system.inc, src/etc/inc/plugins.inc.d dnsmasq.inc openvpn.inc

backend: introduce a file_safe() helper related to #9259
DeltaFile
+5-15src/etc/inc/plugins.inc.d/dnsmasq.inc
+8-6src/etc/inc/plugins.inc.d/openvpn.inc
+14-0src/etc/inc/util.inc
+2-7src/etc/inc/system.inc
+1-4src/etc/inc/plugins.inc.d/unbound.inc
+1-2src/opnsense/scripts/routes/gateway_watcher.php
+31-346 files

OPNSense/core 50a6196src/opnsense/mvc/app/library/OPNsense/Mvc Response.php

mvc: protect JSON response against UFT-8 encoding failures

(cherry picked from commit d1042bb65e2f170780040e1aff635eda3c14e10b)
DeltaFile
+1-1src/opnsense/mvc/app/library/OPNsense/Mvc/Response.php
+1-11 files

OPNSense/core d1042bbsrc/opnsense/mvc/app/library/OPNsense/Mvc Response.php

mvc: protect JSON response against UFT-8 encoding failures
DeltaFile
+1-1src/opnsense/mvc/app/library/OPNsense/Mvc/Response.php
+1-11 files

OPNSense/core c2f9141src/opnsense/mvc/app/models/OPNsense/Dnsmasq Dnsmasq.xml, src/opnsense/service/templates/OPNsense/Dnsmasq dnsmasq.conf

dnsmasq: Improve Firewall alias (ipset) validations

- domain in domainoverrides is changed to the strict HostnameField introduced in 2d2781c to disallow the use of "#" which would add all resolved domains to an ipset alias. The overall strictness of the field now matches hosts.
- ipset ModelRelationField got a name filter adjustment, to exclude all system defined external aliases that start with __
- dnsmasq.conf template does not render server and rebind-domain-ok for entries anymore which are just a domain and the Firewall alias (ipset). Before this change, it would generate a server with an empty IP, which means blocking forwarding. Firewall alias (ipset) needs forwarding to function, otherwise it fails for the chosen domain.
DeltaFile
+7-3src/opnsense/service/templates/OPNsense/Dnsmasq/dnsmasq.conf
+4-5src/opnsense/mvc/app/models/OPNsense/Dnsmasq/Dnsmasq.xml
+11-82 files

OPNSense/core 57f4545src/opnsense/mvc/app/views/OPNsense/Firewall alias.volt

Firewall: Aliases - fix regrssion in geoip input (flags missing)

(cherry picked from commit fd6b69b9b05f3a566d04a5a4e688ef10abef8627)
DeltaFile
+1-1src/opnsense/mvc/app/views/OPNsense/Firewall/alias.volt
+1-11 files

OPNSense/core fd6b69bsrc/opnsense/mvc/app/views/OPNsense/Firewall alias.volt

Firewall: Aliases - fix regrssion in geoip input (flags missing)
DeltaFile
+1-1src/opnsense/mvc/app/views/OPNsense/Firewall/alias.volt
+1-11 files

OPNSense/core ba71a3csrc/opnsense/service/templates/OPNsense/Filter filter_geoip.conf

Firewall: Aliases / GeoIP - fetch IPinfo format file from our mirror when BE is installed, for https://github.com/opnsense/core/issues/7779

(cherry picked from commit 49a748f76880326fcedbd6cbd7f5d15a104bcc9b)
DeltaFile
+1-1src/opnsense/service/templates/OPNsense/Filter/filter_geoip.conf
+1-11 files