OPNSense/core 63065a9src/opnsense/www/themes/opnsense/assets/stylesheets main.scss, src/opnsense/www/themes/opnsense/build/css main.css

theme, sharpen our theme a bit

OPNSense/core f7213e8src/www vpn_ipsec_mobile.php

psec_mobile.php fix minor escaping issue

OPNSense/core 5123277src/opnsense/mvc/app/library/OPNsense/Core Config.php

config access, don't try to open config.xml in write mode when file is not writeable. 
closes https://github.com/opnsense/core/issues/3241

OPNSense/core dd1d8cbsrc/opnsense/mvc/app/library/OPNsense/Auth AuthenticationFactory.php

OPNSense/core 0793375src/opnsense/mvc/app/library/OPNsense/Auth AuthenticationFactory.php IService.php, src/opnsense/mvc/app/library/OPNsense/Auth/Services System.php Sshd.php

Authentication/pam, initial (working) version to move already implemented pam services 
into our framework. for https://github.com/opnsense/core/issues/3242

OPNSense/core ab3b5b5src/opnsense/www api.php

MVC/Exception handling, prevent UserException from being pushed to /tmp/PHP_errors.log

OPNSense/core a22e5a7src/etc/inc/plugins.inc.d webgui.inc, src/etc/rc.subr.d var

php session, fix previous

OPNSense/core 426b0e1src/etc/inc/plugins.inc.d webgui.inc, src/etc/rc.subr.d var

Revert "php session path, 
https://github.com/opnsense/core/commit/3eba9a739e49f23830751a0104ece72eaecff7cb"

This reverts commit 545f29a7d2a883696f4923286bbb21dd9e5618d6.

OPNSense/core 545f29asrc/etc/inc/plugins.inc.d webgui.inc, src/etc/rc.subr.d var

OPNSense/core 7d5b9dfsrc/etc/rc.subr.d recover

OPNSense/core 895d6bbsrc/www system_certmanager.php

remove "show certificate info" on certificate list from pending CSR (#3243)

OPNSense/core 3eba9a7src/etc/inc/plugins.inc.d webgui.inc, src/opnsense/service/templates/OPNsense/WebGui php.ini

php, move session files into it's own directory

OPNSense/core 969f452src/etc/inc certs.inc

certs.inc, make sure create_temp_openssl_config() can't wrap lines

OPNSense/core 02b16dcsrc/opnsense/scripts/suricata rule-updater.py

ids, rule-updater.py, cleanup unused

OPNSense/core 4337e25src/opnsense/service/templates/OPNsense/IPFW ipfw.conf

Merge branch 'fredronnv-dev/ipfwcaptiveportal'

OPNSense/core 3a02d1asrc/opnsense/service/templates/OPNsense/IPFW ipfw.conf

Merge branch 'dev/ipfwcaptiveportal' of https://github.com/fredronnv/core into 
fredronnv-dev/ipfwcaptiveportal

OPNSense/core f11eb71src/etc/inc config.inc

legacy_config_get_interfaces, let's make sure we don't stumble over an empty interface, 
closes https://github.com/opnsense/core/issues/3231

(cherry picked from commit 621f84e900f5ea17c58bf665573b9d13f4344f59)

OPNSense/core 0aabd02src/opnsense/scripts/interfaces dhclient-script

interfaces: check for valid alias IP #3197

Suggested by: @tbandixen

(cherry picked from commit 90c0c395a54967f28c797b46293d4fb975b27ded)

OPNSense/core 90c0c39src/opnsense/scripts/interfaces dhclient-script

interfaces: check for valid alias IP #3197

Suggested by: @tbandixen

OPNSense/core 8e9ae38src/opnsense/scripts/interfaces dhclient-script

Revert "interfaces: remove arp flush from dhclient-script #3197"

This reverts commit a1dbbb5ef132487c88b2b144ac67eeedb00a576c.

OPNSense/core 621f84esrc/etc/inc config.inc

legacy_config_get_interfaces, let's make sure we don't stumble over an empty interface, 
closes https://github.com/opnsense/core/issues/3231

OPNSense/core eea383esrc/www system_advanced_firewall.php

firewall: tweak a help text

(cherry picked from commit 32cd65b9f9f4a11080671181f1ecfb4a7d0bf78b)

OPNSense/core 2251cf5src/etc/inc/plugins.inc.d openvpn.inc

openvpn: proper daemonize instead of background job #3223

(cherry picked from commit c217bee6f2f6f7bc2d8ffbad5535812a62627e22)
(cherry picked from commit 156d6f7287da05f337f9784dfc024c7b42a3a50d)
(cherry picked from commit f10b710a587e69edb704184ac7171a209f21f604)

OPNSense/core 6c263d4src/opnsense/service/templates/OPNsense/IPFW ipfw.conf

Revert "ipfw: there's no need to loop over cp_interfaces"

This reverts commit 6178310af241221faf94e9515235b002a12dfbdf.

Don't want to risk opening 53 on wan

OPNSense/core 6178310src/opnsense/service/templates/OPNsense/IPFW ipfw.conf

ipfw: there's no need to loop over cp_interfaces

We can allow traffic to this host via all.

OPNSense/core f2da545src/opnsense/service/templates/OPNsense/IPFW ipfw.conf

ipfw: only allow traffic to/from me via cp_interfaces

OPNSense/core b6cdbaasrc/www interfaces_lagg.php

interfaces: do not do background ifconfig call

OPNSense/core 156d6f7src/etc/inc/plugins.inc.d openvpn.inc

openvpn: daemon is already in the config #3223

OPNSense/core bbe0592src/etc/inc system.inc

system: syslog doesn't need background job

The foreground option is -F so we double-background it...

OPNSense/core c217beesrc/etc/inc/plugins.inc.d openvpn.inc

openvpn: proper daemonize instead of background job #3223

OPNSense/core f10b710src/etc/inc/plugins.inc.d openvpn.inc

openvpn: remove stale PID file as well

PR: https://github.com/opnsense/core/issues/3223
Suggested by: @marjohn56

OPNSense/core 9b651c1src/opnsense/mvc/app/library/OPNsense/Firewall Util.php, src/opnsense/mvc/app/models/OPNsense/Base/Constraints ComparedToFieldConstraint.php

src: style sweep

(cherry picked from commit 5bc3ed8ccf286c6996a3579053257751c6c5394e)

OPNSense/core 5bc3ed8src/etc/inc/plugins.inc.d ipsec.inc, src/opnsense/mvc/app/library/OPNsense/Auth LDAP.php

src: style sweep

OPNSense/core e8af5besrc/opnsense/service/templates/OPNsense/IPFW ipfw.conf

ipfw: Remove VIP loop / Add explicit "to me" for DNS

There's no need to explicitly loop around VIPs. We can get away with
simply allowing DNS "to me" via the captive portal interfaces.

Removed unneccessary attribute in cp_interface_list

OPNSense/core 9704e0dsrc/www services_dhcp.php services_dhcpv6.php

www: html_safe() for value=; closes #3218

OPNSense/core a1d5d74src/www services_ntpd.php services_unbound_domainoverride_edit.php

www: everything not "dhcp" for #3218

OPNSense/core 32cd65bsrc/www system_advanced_firewall.php

firewall: tweak a help text

OPNSense/core 5174562. LICENSE

LICENSE: sync

(cherry picked from commit d8f2251d7bb582e193d3516542dde723e2f054a3)
DeltaFile
+1-1LICENSE
+1-11 files

OPNSense/core 0b87902src/www diag_resetstate.php diag_packet_capture.php

www: d+f for #3218

OPNSense/core 8f80173src/www system_hasync.php system_crlmanager.php, src/www/widgets/widgets picture.widget.php

www: a few for #3218

OPNSense/core d8f2251. LICENSE

LICENSE: sync
DeltaFile
+1-1LICENSE
+1-11 files

OPNSense/core 01297besrc/opnsense/www/js opnsense.js

opnsense.js, fix setFormData() htmldecode + minor style fixes, closes 
https://github.com/opnsense/core/pull/3209

(cherry picked from commit b3a6440aca7c7fb8c26ad5f36985b8e0a1aa07c6)

OPNSense/core 6002d32src/opnsense/scripts/suricata listInstallableRulesets.py rule-updater.py, src/opnsense/scripts/suricata/lib metadata.py

IDS, support required rules/files in metadata package, closes 
https://github.com/opnsense/core/issues/3228

(cherry picked from commit 7b758564cf17c54bbf2b10229aa897cfccbe9ea0)

OPNSense/core d646e6esrc/opnsense/scripts/suricata/lib downloader.py

IDS/IPS, less extensive logging.

- version info and rules might be cached, only log the uncached actions (first try)

(cherry picked from commit 692faae42c3d789e5d9109207d4e35a40b811057)

OPNSense/core c7f4070src/opnsense/mvc/app/models/OPNsense/Base/Constraints ComparedToFieldConstraint.php

mvc: fix compare constraint

(cherry picked from commit b135ee8bbaeaac9658ff6b3c0d1543cccce4a5f4)
(cherry picked from commit 74f7ae60b10795c1a14aaba9418616be51591b3c)

OPNSense/core 67588d3src/etc/inc services.inc

Fix behaviour of determining dhcp primary/secondary

(cherry picked from commit 85d2657ce68e74b4375e5acf4edd8e40251ec087)
(cherry picked from commit f2be8ad1b635c5c8c563eadf7580eca75c3953d9)
(cherry picked from commit 7f3f522673767bdb13e5e9c283ee65d1e0c1a74d)

OPNSense/core cf85b18src/opnsense/mvc/app/views/OPNsense/Diagnostics fw_log.volt, src/www/widgets/widgets log.widget.php

firewall: capture "nat" traffic like we do for "rdr" #3033

(cherry picked from commit c0bbb4bbcb4536d513bbbb41579fb257029609b7)

OPNSense/core b118201src/etc/inc interfaces.inc, src/opnsense/mvc/app/library/OPNsense/Firewall Plugin.php

temp fix for https://github.com/opnsense/core/issues/3222, partly revert 
https://github.com/opnsense/core/commit/adf314a4ab172d69a76f8d9fd78ed3ad8c30c698

(cherry picked from commit 2eabec274f098d8aa0d91d63ff8320283b3b6da2)

OPNSense/core 2eabec2src/etc/inc interfaces.inc, src/opnsense/mvc/app/library/OPNsense/Firewall Plugin.php

OPNSense/core c0bbb4bsrc/opnsense/mvc/app/views/OPNsense/Diagnostics fw_log.volt, src/www/widgets/widgets log.widget.php

firewall: capture "nat" traffic like we do for "rdr" #3033