OPNSense/core c99aaefsrc/root/boot/lua logo-hourglass.lua.in

pkg: missing name from boot logo, oh well :)
DeltaFile
+1-1src/root/boot/lua/logo-hourglass.lua.in
+1-11 files

OPNSense/core 8215982Mk version.mk

pkg: wrap up 26.7
DeltaFile
+2-2Mk/version.mk
+2-21 files

OPNSense/core 386cfbasrc/opnsense/mvc/app/models/OPNsense/Firewall Alias.php

firewall: adjust alias rename according to address_to_pconfig(); closes #10024

Looking at stable/25.7 where all three components where still in
the tree they all use the function which could potentially write
'address'.  It's better than not having those and strive for
consistency although in practice this will die with the removal
of legacy rules support.

(cherry picked from commit b4afba8a61f984321835fde89bf935a94edb0ab1)
DeltaFile
+6-3src/opnsense/mvc/app/models/OPNsense/Firewall/Alias.php
+6-31 files

OPNSense/core 83057basrc/opnsense/mvc/app/controllers/OPNsense/Firewall FilterController.php

Firewall: Rules: Adapt getAdvancedIds() to the sectioned form structure introduced in 3d9cccfe (#10521)

(cherry picked from commit c35c8de07e1cadd9a8cf54d79634ef07cb0c797f)
DeltaFile
+4-4src/opnsense/mvc/app/controllers/OPNsense/Firewall/FilterController.php
+4-41 files

OPNSense/core 0813f67src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api FilterUtilController.php

firewall: invalidate rule stats cache for legacy rules page

Since 5baba39831dff added the TTL but the page should fetch per
inspect push this restores the old behaviour.  We could move the
controller to the legacy plugin so that it is not forgotten on
final removal but that's not for now.

(cherry picked from commit 0f4a0ca611545e3e60edacc819e285d8a6f99194)
DeltaFile
+6-4src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/FilterUtilController.php
+6-41 files

OPNSense/core 73a5accsrc/opnsense/mvc/app/models/OPNsense/Kea KeaDhcpv6.php

Services: Kea DHCPv6: Change dynamic pool range from prefix to range 1000-2000 (#10528)
DeltaFile
+4-2src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv6.php
+4-21 files

OPNSense/core 46dfd1csrc/opnsense/mvc/app/controllers/OPNsense/Diagnostics/Api TrafficController.php, src/opnsense/scripts/interfaces traffic_stats.php

statistics: when interfaces disabled

(cherry picked from commit c5e4dffbd49bd8d37f3b5aac5327fce4c8ff0be1)
(cherry picked from commit 9169c279530fce8dfc5a210dc8ba6f552d40e847)
DeltaFile
+5-1src/opnsense/mvc/app/controllers/OPNsense/Diagnostics/Api/TrafficController.php
+2-2src/opnsense/scripts/interfaces/traffic_stats.php
+7-32 files

OPNSense/core 14573cdsrc/opnsense/www/js opnsense_widget_manager.js, src/opnsense/www/js/widgets Interfaces.js

dashboard: adjust resize logic to observe border box instead of content box

The side effect of swapping the resize logic to after the tick was
that the disk widget remained in an expanded state, so revert this.
However, the interfaces widget still had a feedback loop due to
the inserted scrollbar. Fix this by using borderBoxSize to determine
width without overflow/scrollbar interference.

(cherry picked from commit 0e1e8cfa163bb27b01e33cc0d34fde2eac512e4e)
DeltaFile
+22-20src/opnsense/www/js/opnsense_widget_manager.js
+9-6src/opnsense/www/js/widgets/Interfaces.js
+31-262 files

OPNSense/core 946aeddsrc/etc opnsense-update.conf.in

firmware: prep for final release
DeltaFile
+1-2src/etc/opnsense-update.conf.in
+1-21 files

OPNSense/core 4b00c98src/opnsense/mvc/app/models/OPNsense/Kea KeaDhcpv6.php

Services: Kea DHCPv6: Change dynamic pool range from prefix to range 1000-2000
DeltaFile
+4-2src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv6.php
+4-21 files

OPNSense/core 0e1e8cfsrc/opnsense/www/js opnsense_widget_manager.js, src/opnsense/www/js/widgets Interfaces.js

dashboard: adjust resize logic to observe border box instead of content box

The side effect of swapping the resize logic to after the tick was
that the disk widget remained in an expanded state, so revert this.
However, the interfaces widget still had a feedback loop due to
the inserted scrollbar. Fix this by using borderBoxSize to determine
width without overflow/scrollbar interference.
DeltaFile
+22-20src/opnsense/www/js/opnsense_widget_manager.js
+9-6src/opnsense/www/js/widgets/Interfaces.js
+31-262 files

OPNSense/core 0f4a0casrc/opnsense/mvc/app/controllers/OPNsense/Firewall/Api FilterUtilController.php

firewall: invalidate rule stats cache for legacy rules page

Since 5baba39831dff added the TTL but the page should fetch per
inspect push this restores the old behaviour.  We could move the
controller to the legacy plugin so that it is not forgotten on
final removal but that's not for now.
DeltaFile
+6-4src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/FilterUtilController.php
+6-41 files

OPNSense/core 9169c27src/opnsense/mvc/app/controllers/OPNsense/Diagnostics/Api TrafficController.php

src: sweep
DeltaFile
+2-1src/opnsense/mvc/app/controllers/OPNsense/Diagnostics/Api/TrafficController.php
+2-11 files

OPNSense/core c35c8desrc/opnsense/mvc/app/controllers/OPNsense/Firewall FilterController.php

Firewall: Rules: Adapt getAdvancedIds() to the sectioned form structure introduced in 3d9cccfe (#10521)
DeltaFile
+4-4src/opnsense/mvc/app/controllers/OPNsense/Firewall/FilterController.php
+4-41 files

OPNSense/core c5e4dffsrc/opnsense/mvc/app/controllers/OPNsense/Diagnostics/Api TrafficController.php, src/opnsense/scripts/interfaces traffic_stats.php

statistics: when interfaces disabled
DeltaFile
+4-1src/opnsense/mvc/app/controllers/OPNsense/Diagnostics/Api/TrafficController.php
+2-2src/opnsense/scripts/interfaces/traffic_stats.php
+6-32 files

OPNSense/core 8682ebasrc/opnsense/mvc/app/controllers/OPNsense/Firewall FilterController.php

Firewall: Rules: Adapt getAdvancedIds() to the sectioned form structure introduced in 3d9cccfe
DeltaFile
+4-4src/opnsense/mvc/app/controllers/OPNsense/Firewall/FilterController.php
+4-41 files

OPNSense/core beb2226src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api GroupController.php

firewall: change interfage group render/apply order

Well, apply needs to be pushed to render interfaces.  Make
sure that we render before reloading filter which actually
calls ifgroup_setup() to rename groups.

(cherry picked from commit d47802bc88388fa5e26a07b9451b0ee63e971a0b)
(cherry picked from commit fa96a9a57b0d922c3642322c0c140c8995f14cdd)
DeltaFile
+6-12src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/GroupController.php
+6-121 files

OPNSense/core 68a9f7csrc/etc/inc interfaces.inc

interfaces: explicitly make explicit loopback network an actual loopback network

PR: https://forum.opnsense.org/index.php?topic=52341.0
(cherry picked from commit 6e18d2f5c9a886d075dc4f8eea371f6806396602)
DeltaFile
+1-1src/etc/inc/interfaces.inc
+1-11 files

OPNSense/core e9e3270src/opnsense/service/modules template.py

configd/templates - swap "strict" logic as it was reversed

(cherry picked from commit 27dcd10178d8a04534e50c753d732c80a74a5103)
DeltaFile
+1-1src/opnsense/service/modules/template.py
+1-11 files

OPNSense/core 6e18d2fsrc/etc/inc interfaces.inc

interfaces: explicitly make explicit loopback network an actual loopback network

PR: https://forum.opnsense.org/index.php?topic=52341.0
DeltaFile
+1-1src/etc/inc/interfaces.inc
+1-11 files

OPNSense/core 27dcd10src/opnsense/service/modules template.py

configd/templates - swap "strict" logic as it was reversed
DeltaFile
+1-1src/opnsense/service/modules/template.py
+1-11 files

OPNSense/core 1c2b98asrc/opnsense/mvc/app/models/OPNsense/Kea KeaDhcpv4.php KeaDhcpv6.php

Services: Kea DHCPv4/6: Switch custom DHCP option config generation to libdhcp_flex_option.so (#10514)

* Services: Kea DHCPv4: emit custom DHCPv4 options via flex-option hook

Route custom DHCPv4 option rows through libdhcp_flex_option instead of
regular option-data. The custom option framework (KeaOptionDataField) already serializes values
to final wire-format hex, but Kea's native option-data path still applies
built-in option definitions and may reinterpret or drop payloads for standard
or container options (e.g. 43 and 125).

Use flex-option supersede expressions to inject the serialized bytes directly
during response construction. Preserve the existing scoping model by translating
subnet scope to an additional class, and reservation scope to either MAC address
or client-id matching. Existing option match rules are kept as client-class
membership checks inside the same expression.

Built-in option_data fields remain unchanged and continue to use native Kea
option-data generation.

* Services: Kea DHCPv6: Add same flex option hook library support as in DHCPv4, with the limitation that it reservations need to be DUID based here.
DeltaFile
+70-43src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv4.php
+63-44src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv6.php
+133-872 files

OPNSense/core 7b32a46src/opnsense/mvc/app/models/OPNsense/Kea KeaDhcpv4.php KeaDhcpv6.php

shorten expression
DeltaFile
+1-5src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv4.php
+1-5src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv6.php
+2-102 files

OPNSense/core fa96a9asrc/opnsense/mvc/app/controllers/OPNsense/Firewall/Api GroupController.php

firewall: revisit previous

Well, apply needs to be pushed to render interfaces.  Make
sure that we render before reloading filter which actually
calls ifgroup_setup() to rename groups.
DeltaFile
+6-4src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/GroupController.php
+6-41 files

OPNSense/core d47802bsrc/opnsense/mvc/app/controllers/OPNsense/Firewall/Api GroupController.php

Revert "firewall: properly render groups on apply"

This reverts commit 6183fbe205f7df44fd249c8c19b554b871e4698a.
DeltaFile
+0-8src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/GroupController.php
+0-81 files

OPNSense/core 3b093cbsrc/opnsense/mvc/app/models/OPNsense/Kea KeaDhcpv6.php

Services: KEA DHCPv6: Add same flex option hook library support as in DHCPv4, with the limitation that it reservations need to be DUID based here.
DeltaFile
+67-44src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv6.php
+67-441 files

OPNSense/core 2bd5a37src/opnsense/mvc/app/models/OPNsense/Kea KeaDhcpv4.php

Add comment that explains that flex-option emission can be order sensitive in certain cases
DeltaFile
+5-1src/opnsense/mvc/app/models/OPNsense/Kea/KeaDhcpv4.php
+5-11 files

OPNSense/core ef0f8bcsrc/opnsense/mvc/app/controllers/OPNsense/Interfaces/Api AssignmentController.php, src/opnsense/mvc/app/models/OPNsense/Firewall Category.php Alias.php

firewall: fix one-to-one part of #10024

(cherry picked from commit a97ca7c0037f0790ff936e6b1e7a5901bee5b443)
DeltaFile
+2-2src/opnsense/mvc/app/controllers/OPNsense/Interfaces/Api/AssignmentController.php
+1-2src/opnsense/mvc/app/models/OPNsense/Firewall/Category.php
+1-1src/opnsense/mvc/app/models/OPNsense/Firewall/Alias.php
+1-1src/opnsense/mvc/app/models/OPNsense/Firewall/Group.php
+5-64 files

OPNSense/core cdd4f61src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api GroupController.php

firewall: properly render groups on apply

(cherry picked from commit 6183fbe205f7df44fd249c8c19b554b871e4698a)
DeltaFile
+8-0src/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/GroupController.php
+8-01 files

OPNSense/core c69c7f3src/opnsense/mvc/app/controllers/OPNsense/Core/Api DashboardController.php, src/opnsense/www/js opnsense_widget_manager.js

dashboard: include interfaces widget in dashboard default. Closes https://github.com/opnsense/core/issues/10456

This is the only one that makes sense from a functional perspective.
While here, adjust the resize/style logic a bit such that
updates are also propagated on first load, which makes sure the
interfaces table renders the correct amount of columns to prevent
wasted space.

(cherry picked from commit 83236171bb98b61b2aeb97e273f8ee28a53385f8)
DeltaFile
+37-33src/opnsense/www/js/widgets/BaseTableWidget.js
+18-18src/opnsense/www/js/opnsense_widget_manager.js
+3-1src/opnsense/www/js/widgets/Interfaces.js
+2-1src/opnsense/mvc/app/controllers/OPNsense/Core/Api/DashboardController.php
+60-534 files