aboutsummaryrefslogtreecommitdiffstats
path: root/config
Commit message (Collapse)AuthorAgeFilesLines
...
| * | removed purpose checking because: "Certs created before 2.0.1 can have the ↵PiBa-NL2012-11-241-6/+0
| | | | | | | | | | | | "wrong" purpose but we should not invalidate them."
| * | openvpn-client-export, better checking/error reporting on ↵PiBa-NL2012-11-241-13/+28
| | | | | | | | | | | | unsupported/illogical OpenVPN configurations
* | | Merge pull request #338 from PiBa-NL/openvpn-client-export-filenamesJim P2012-11-242-10/+11
|\ \ \ | |_|/ |/| | openvpn-client-export, use certificate common-name in the exported files filenames.
| * | openvpn-client-export, use certificate common-name in the exported files ↵PiBa-NL2012-11-241-6/+5
| | | | | | | | | | | | filenames.
| * | openvpn-client-export, use certificate common-name in the exported files ↵PiBa-NL2012-11-212-6/+8
| |/ | | | | | | filenames.
* | squid3 - fix missing xml rpc sync to reverse optionsMarcello Coutinho2012-11-201-1/+3
| |
* | Fix typosjim-p2012-11-162-3/+3
|/
* openvpn-client-export, added option to include OpenVPNManager in windows ↵PiBa-NL2012-11-054-52/+299
| | | | setup, this solves the issues with Windows7/Vista client machines where elevated permissions are required by running OpenVPN as a service.
* While here bump emerging threats rule version.Ermal Luçi2012-11-021-1/+1
|
* Bump minor version for snort.Ermal Luçi2012-11-021-1/+1
|
* Check if snort is not running after rule update and HUP signal then restart it.Ermal Luçi2012-11-021-0/+3
|
* Always restart snort after a rules update.Ermal Luçi2012-11-021-6/+4
|
* Update config/squidGuard/squidguard_configurator.incSergey Dvoriancev2012-10-311-1/+4
| | | Check exists 'squid_resync' function.
* Fix squid.inc requireSergey Dvoriancev2012-10-311-1/+5
| | | Also check 'resync_squid' function.
* Update config/lightsquid/lightsquid.incSergey Dvoriancev2012-10-311-1/+4
| | | Fix squid.inc include
* bandwidthd - replace deprecated split with explodePhil Davis2012-10-311-1/+1
| | | | The split function is deprecated in PHP 5.3. For this simple use, the explode function does the same thing. http://forum.pfsense.org/index.php/topic,55187.0.html
* Update config/squidGuard/squidguard_configurator.incSergey Dvoriancev2012-10-301-2/+2
| | | Check squid.inc by system path's ( for 2.1 also )
* Update config/squidGuard/squidguard_configurator.incSergey Dvoriancev2012-10-301-1/+6
| | | Fix error 'Warning: require_once(squid.inc): failed to open stream: No such file or director'
* SquidGuard: Rotate GUI-LogfileAlexander Wilke2012-10-271-0/+7
| | | | | The SQUIDGUARD_GUILOG_MAXCOUNT limit to 500 lines does not seem to work. The /var/squidGuard/log/squidGuard.log is increasing over this limit. This patch rotates this file daily when logrotation is enabled and cuts this file after the last 1000 lines - the same as with /var/squidGuard/log/block.log
* SquidGuard: Adjust LOGSHOW_BUFSIZEAlexander Wilke2012-10-271-1/+1
| | | | | | | | In squidguard_configurator.inc there is a daily rotation of the logile which cuts the last 1000 lines. LOGSHOW_BUFSIZE limits this file again by the last 64KB. A file with ~1000 lines has size between 100KB and 300KB so I increased this buffer to 256KB to match these ~1000 lines. I think this buffer size will work well even on low end systems, too. Log rotation every day will do the rest.
* Allow lcdproc_client to run foreverPhil Davis2012-10-261-0/+2
| | | In 2.1 a CPU time limit of 900 seconds is set for PHP scripts. Normal scripts used by the GUI should do their thing and finish. But lcdproc needs to run "forever" in the background.
* Update config/squidGuard/squidguard_configurator.incAlexander Wilke2012-10-251-5/+5
| | | | | | | squidguard: "url_rewrite_children" replaces "redirect_children" in squid 2.6 and newer versions. Increased default value up to 5. http://www.squid-cache.org/Versions/v2/2.7/cfgman/url_rewrite_children.html "redirector_bypass" is by default off which disallows to bypass ACLs. http://www.squid-cache.org/Versions/v2/2.7/cfgman/redirector_bypass.html
* Merge pull request #329 from darkain/patch-1Marcello Coutinho2012-10-151-12/+12
|\ | | | | Fixed two issues with IP Ranges
| * Small cleanup for readabilityVince2012-10-101-1/+1
| | | | | | Small cleanup for readability
| * Net masking math was off by 1Vince2012-10-101-1/+1
| | | | | | Net masking math was off by 1
| * Fixing duplicate IP/Range entriesdarkain2012-10-091-10/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Because all three cases (CIDR, IP Range, and Single IP Address) are always tested, it is possible that more than one will have a positive match. Examples: 172.16.0.0/12 matches both for CIDR and Individual IP Address 169.254.0.0-169.254.255.255 matches for both Address Range and Individual IP By doing if, elseif, elseif instead of if, if, if testing, the later tests will only be performed if the former tests fail. Because the Individual IP Address test will return a result, even for CIDRs and IP Ranges, that test has been moved to the end of the elseif list.
| * IP Range to CIDRs not calculating properlydarkain2012-10-091-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Several IP address ranges were being calculated improperly. Examples: 10.0.0.0-10.255.255.255 became 160.0.0.0/8 65.113.241.0-65.113.241.255 became 130.227.226.0/24 72.165.61.0-72.165.61.255 became 145.74.122.0/24 The use of complicated string and regular expressions to calculate netmasks has been replaced with basic and proper bit masking.
* | sarg - add permission to sarg_frame.php on priv.inc fileMarcello Coutinho2012-10-121-1/+2
| |
* | Some fixes for squidguard on 2.1jim-p2012-10-111-9/+21
| |
* | squid3 - add pfsense 2.1 folder checksMarcello Coutinho2012-10-081-23/+35
| |
* | Merge pull request #327 from rjcrowder/masterMarcello Coutinho2012-10-031-9/+25
|\ \ | |/ |/| Dansguardian blacklist download fix for shallalist
| * Update config/dansguardian/dansguardian.phprjcrowder2012-10-021-9/+25
| |
* | Write client install exe to temp dirPhil Davis2012-10-031-4/+4
| | | | | | The code did not work on nanobsd, due to $workdir templates being on a read-only mount point. The appropriate $client_install_exe needs to be written straight to $tempdir rather than first done in $workdir templates. And also we don't want to be writing to $workdir templates every time we make a client install package for someone.
* | freeradius2: add some checks on xmlrpc codeAlexander Wilke2012-10-031-7/+13
| |
* | Add export option for OpenVPN 2.3 beta client as well as the existing one.jim-p2012-10-022-11/+39
| |
* | Fix inconsistent field namesPhil Davis2012-10-021-14/+10
| | | | | | and default values, and some field description text.
* | Fix inconsistent field namesPhil Davis2012-10-021-2/+5
| |
* | Fix equals check for pfblocker rule loadingPhil Davis2012-10-021-1/+1
| | | | | | Sorry guys - I missed out an equals sign here, the logic ended up only applying rules to the first interface, and not for others.
* | Update config/freeradius2/freeradius.incAlexander Wilke2012-10-011-12/+11
| | | | | | typo
* | Update config/freeradius2/freeradiussync.xmlAlexander Wilke2012-10-011-1/+2
| | | | | | added field description
* | Merge pull request #322 from IT-B-IT/patch-2Alexander Wilke2012-10-011-1/+14
|\ \ | | | | | | Update config/freeradius2/freeradiussync.xml
| * | Update config/freeradius2/freeradiussync.xmlIT-B-IT2012-09-251-1/+14
| | | | | | | | | | | | Added the option to edit the default XMLRPC timeout from the GUI also added the option to activate or deactivate the servers that it is going to replicate to by adding a check mark to each server
* | | Merge pull request #321 from IT-B-IT/patch-1Alexander Wilke2012-10-011-10/+25
|\ \ \ | | | | | | | | Update config/freeradius2/freeradius.inc
| * | | Update config/freeradius2/freeradius.incIT-B-IT2012-09-251-10/+25
| |/ / | | | | | | | | | Added the option to edit the default XMLRPC timeout from the GUI also added the option to activate or deactivate the servers that it is going to replicate to by adding a check mark to each server
* | | Stop pfblocker rules being added twicePhil Davis2012-09-291-9/+18
| | | | | | | | | | | | If users move rules around in the GUI, the the rules for 1 interface can end up in separate blocks in config.xml. This causes pfBlocker code to put a set of pfBlocker rules before each separate block of rules for an interface, as they are processed out of config.xml. The code here fixes that, ensuring that pfBlocker rules are only added once to an interface, the first time the interface is found in a rule.
* | | sarg - fix report access without authentication on sarg_frame.phpmarcelloc2012-09-271-0/+2
|/ /
* | New syslog-ng packageLeger Lance2012-09-164-0/+926
| |
* | dansguardian - add additional check to detect xml rpc sync callmarcelloc2012-09-241-3/+3
| |
* | dansguardian - add multiple select option to dansguardian group aclmarcelloc2012-09-214-51/+123
| |
* | squid - change pfsense version check to maintain compatibility with 1.2.3marcelloc2012-09-201-4/+5
| | | | | | | | http://forum.pfsense.org/index.php/topic,53809.msg287761.html#msg287761