OPNSense/core 9299386src/etc/inc system.inc, src/www system_advanced_sysctl.php

system: fix PHP loop fail in tunable

Maybe 7.2.23 is broken, never seen this before.  oO

PR: https://forum.opnsense.org/index.php?topic=14652.0

OPNSense/core c4eb582src/etc/inc services.inc

services: typo

(cherry picked from commit d2500110ea883f2d775551a1addfc5dd64dccf21)

OPNSense/core 4f3781csrc/etc/inc/plugins.inc.d dpinger.inc

dpinger: missing $gateways_arr in dpinger_status(), closes 
https://github.com/opnsense/core/issues/3759

OPNSense/core d5bd3a6src/etc/inc/plugins.inc.d dpinger.inc

dpinger: add details to status, so we can easily reproduce the outcome. for 
https://github.com/opnsense/core/issues/3759

OPNSense/core bb7557dsrc/sbin pluginctl

pluginctl, add run mode, so we can execute things like "pluginctl -r 
return_gateways_status". easier to ask the user when debugging.

while looking into https://github.com/opnsense/core/issues/3759
DeltaFile
+11-2src/sbin/pluginctl
+11-21 files

OPNSense/core 6fe99bdsrc/opnsense/www/js opnsense.js

Revert "Tokenize2 / ordered lists mangled when setting the same content twice, closes 
https://github.com/opnsense/plugins/issues/1494"

This reverts commit f43ce9429279c84876fb2cd64e787f5a366a405f.

OPNSense/core 47263aesrc/etc/inc services.inc, src/sbin pluginctl

plugins: make pluginctl service restart verbose

(cherry picked from commit 9c3cfc58c4bf7360f72348016c6eb7b9caec9420)

OPNSense/core 0c3e079src/sbin pluginctl opnsense-shell

sbin: usage print tweaks

(cherry picked from commit c83daaa54b5e0873c28fbf4cae706f1b55f59538)

OPNSense/core 56c1af0src/etc/inc services.inc, src/etc/inc/xmlrpc service.inc

services: remove services_get() by flattening it into plugins_services()

(cherry picked from commit 5868dda2cfb1e9fd3eebb5f188dac300a0e1934c)

OPNSense/core 7a5a271src/opnsense/www/js opnsense.js

tokenize2 fix for https://github.com/opnsense/core/issues/3760

https://github.com/opnsense/core/commit/a4217d8fcccad2676fc6e449d15df3437d814bff calls 
tokenize2() before it seems to be inititalized, lets check for content before calling 
clear.

OPNSense/core 89918fcsrc/opnsense/service/conf/actions.d actions_ipsec.conf actions_captiveportal.conf

captive portal/ipsec: add description to restart actions (#3755)

OPNSense/core 69139fcsrc/opnsense/service/templates/OPNsense/Auth sshd.pam

Hide leaking hostname on SSH password auth (#3754)

OPNSense/core 817be51src/opnsense/mvc/app/library/OPNsense/Core Backend.php

configd: improve error handling while configd is either not active or not functional.

- reconnecting the socket stream_socket_client() is safe while not executing commands
- if configd dies during communication, we should log and retun an empty response. The 
caller should handle operation, since you can't be sure restarting the action is a safe 
operation.

closes https://github.com/opnsense/core/pull/3744

OPNSense/core bb0e6e5src/www system_authservers.php

authservers: PHP Warning:  implode(): Invalid arguments ... , closes 
https://github.com/opnsense/core/issues/3742

(cherry picked from commit 09c34b272f122bffc4150431b964d850c7166b36)

OPNSense/core f91b85csrc/etc/inc auth.inc, src/www system_usermanager_import_ldap.php

LDAP/StartTLS userimport, start using correct url and move logic to legacy page. for 
https://github.com/opnsense/core/issues/3445

(cherry picked from commit c4fba1c62e1cf85538fe823e8d54067379d22d73)

OPNSense/core 65212fc. Makefile

pkg: can't help it, change space to tab :D
DeltaFile
+1-1Makefile
+1-11 files

OPNSense/core c4fba1csrc/etc/inc auth.inc, src/www system_usermanager_import_ldap.php

LDAP/StartTLS userimport, start using correct url and move logic to legacy page. for 
https://github.com/opnsense/core/issues/3445

OPNSense/core ec613d3. Makefile

switch to suricata 5.0.0-rc1 for -devel version
DeltaFile
+1-1Makefile
+1-11 files

OPNSense/core 4e6defasrc/www diag_logs_filter_summary.php

Firewall/Log, uppercase IPv6 proto, closes https://github.com/opnsense/core/issues/3734

(cherry picked from commit 1a46ff7399c702f070eb7749bbc76e4ec364f0da)

OPNSense/core 1a46ff7src/www diag_logs_filter_summary.php

Firewall/Log, uppercase IPv6 proto, closes https://github.com/opnsense/core/issues/3734

OPNSense/core da4a241src/opnsense/mvc/app/library/OPNsense/Firewall SNatRule.php, src/www firewall_nat_out_edit.php firewall_nat_out.php

Firewall/SourceNat, don't store interace address, but a reference. closes 
https://github.com/opnsense/core/issues/3712

OPNSense/core 371447esrc/www system_certmanager.php

system_certmanager.php: download p12, disable button when confirm<>password. closes 
https://github.com/opnsense/core/issues/3739

OPNSense/core d976413src/www diag_packet_capture.php

interfaces: fpassthru() crashes with memory exceeded

Use a hybrid fix of the old and new code.

PR: https://forum.opnsense.org/index.php?topic=13897.0

OPNSense/core 1b71e8esrc/etc/inc/plugins.inc.d ipsec.inc

ipsec: clear $dpdline correctly if not set #3752

(cherry picked from commit 046d821fef581ef07216f0f7e44bc4746ae5b424)

OPNSense/core 26a6738. ruleset.xml

make: change to PSR12 standard style, lots of noise coming up
DeltaFile
+3-5ruleset.xml
+3-51 files

OPNSense/core 9f10421src/opnsense/scripts/OPNsense/CaptivePortal generate_certs.php, src/opnsense/scripts/interfaces list_interfaces.php

scripts: PSR12 style fixes test drive

Mostly spacing around = , + - etc with a dash of conditional
formatting madness, but rules are rules.

OPNSense/core 046d821src/etc/inc/plugins.inc.d ipsec.inc

ipsec: clear $dpdline correctly if not set #3752

OPNSense/core 7ff6b20src/opnsense/scripts/firmware reinstall.sh

firmware: we need to be aware of locks here

OPNSense/core b4929f5src/opnsense/scripts/firmware reinstall.sh

firmware: use opnsense-revert to reinstall

Since the health check complains about a lot of different things
and opnsense-revert can repair most of it it is only fair to offer
this fix through GUI reinstall buttons via opnsense-revert for
an overly pleasing UX.

OPNSense/core c83daaasrc/sbin pluginctl opnsense-version

sbin: usage print tweaks

OPNSense/core 690602esrc/etc/rc.subr.d recover, src/opnsense/service/templates/OPNsense/WebGui php.ini

system: bump memory limit to 512MB

Was waiting for ticket, but never came.  On 20.1 we are not bound to
i386 so we can up this value, something about FRR not beging able to
handle large deployments.

OPNSense/core 5fee70dsrc/opnsense/scripts/system list_interrupts.py ssl_ciphers.py

python3: replace subprocess.call in src/opnsense/scripts/system/* for 
https://github.com/opnsense/core/issues/3574

(cherry picked from commit 9a4be6f2e3a5f87ca219330c832b4bb7ec618959)

OPNSense/core 4b9849bsrc/opnsense/scripts/routes show_routes.py

python3: replace subprocess.call in src/opnsense/scripts/routes/show_routes.py for 
https://github.com/opnsense/core/issues/3574

(cherry picked from commit 3ef43db376ea1f042b869c26794ee42d41f90b5e)

OPNSense/core 0ed8e37src/opnsense/scripts/systemhealth activity.py fetchData.py

python3: replace subprocess.call in src/opnsense/scripts/systemhealth/* for 
https://github.com/opnsense/core/issues/3574

(cherry picked from commit 83cfd4d13c2a1334f8922161723b45ea259b94be)

OPNSense/core fe50e15src/opnsense/scripts/netflow flowctl_stats.py, src/opnsense/scripts/netflow/lib parse.py

python3: replace subprocess.call in src/opnsense/scripts/netflow/* for 
https://github.com/opnsense/core/issues/3574

(cherry picked from commit cf3b447275a88637e603d34eb71d34fac5c60d1e)

OPNSense/core ee9db5dsrc/opnsense/scripts/ipsec list_leases.py connect.py

python3: replace subprocess.call in src/opnsense/scripts/ipsec/* for 
https://github.com/opnsense/core/issues/3574

(cherry picked from commit c0a2f874718985210e5902cf4228c64ca9ee9b37)

OPNSense/core 00ef33bsrc/opnsense/scripts/interfaces list_arp.py list_ndp.py

python3: replace subprocess.call in src/opnsense/scripts/interfaces/* for 
https://github.com/opnsense/core/issues/3574

(cherry picked from commit 2f69282b2865c46de16b2af9861485c5e110b2d8)

OPNSense/core e0cb94asrc/opnsense/scripts/filter list_states.py list_counters.py

python3: replace subprocess.call in src/opnsense/scripts/filter/* for 
https://github.com/opnsense/core/issues/3574

(cherry picked from commit 867856733bdb17268adfb405aee26d779df35cd4)

OPNSense/core bee9132src/etc/inc/plugins.inc.d ipsec.inc, src/www vpn_ipsec_phase1.php

IPsec: add margintime + rekeyfuzz 
(https://wiki.strongswan.org/projects/strongswan/wiki/ExpiryRekey), closes 
https://github.com/opnsense/core/issues/3722

(cherry picked from commit 680bd22980b1e157de14ac3df6b4814aa8d94c85)

OPNSense/core 09c34b2src/www system_authservers.php

authservers: PHP Warning:  implode(): Invalid arguments ... , closes 
https://github.com/opnsense/core/issues/3742

OPNSense/core b2affd1src/opnsense/mvc/app/library/OPNsense/Auth LDAP.php, src/www system_authservers.php system_usermanager_settings_ldapacpicker.php

LDAP, hook ssl/tls setup into system wide system_trust_configure() for 
https://github.com/opnsense/core/issues/3742 and cleanup settings.

OPNSense/core 6f246b0src/opnsense/mvc/app/controllers/OPNsense/Core/Api/repositories opnsense.xml

add mirror [MARWAN (Moroccan Academic & Research Wide Area Network)]

OPNSense/core b9883e1. Makefile, Mk defaults.mk

system: replace syslog-ng version via build

(cherry picked from commit c9e395e6f8efa97d49281b7356f449b2bf8618cf)
(cherry picked from commit 9f853b814973b19e3b2bb129a392e3ca8b20bd78)

OPNSense/core 9f853b8. Makefile

make: magical part of the syslog-ng version integration
DeltaFile
+2-2Makefile
+2-21 files

OPNSense/core c9e395e. Makefile, Mk defaults.mk

system: replace syslog-ng version via build

Next step is using a form of CORE_SYSLOGNG to select
the syslog-ng package suffix.  More testing needed.

OPNSense/core cf28023src/opnsense/service/templates/OPNsense/Syslog syslog-ng.conf

Syslog, new version number in config file... should match running syslog-ng version

OPNSense/core d62277c. LICENSE

LICENSE: sync
DeltaFile
+1-0LICENSE
+1-01 files

OPNSense/core b2560c6src/etc/inc services.inc util.inc, src/www guiconfig.inc diag_logs_template.inc

services: split code to get rid of shallow services.inc #3736

OPNSense/core 9c3cfc5src/etc/inc services.inc, src/sbin pluginctl

plugins: make pluginctl service restart verbose

OPNSense/core 1e07bbdsrc/etc/inc services.inc plugins.inc

plugins: flatten services_get() in preparation for removal