* Firewall - Rules [new]: Add all rules option to interface selectpicker and select it by default
* Interface select default only on null or no match, not on empty string
* To fix URL hash weirdness, it's best to special case __floating and __any in the frontend
* Lower diff in controller by folding null case into is_if
* firewall: tweak the interface selector
Show group name and description. Could be inconvenient when
the description is long, but better for the auto-groups.
That also removes the hint at the end. See note below.
Use fixed width logos for the interface groupings.
Remove muted from the any selection.
TODO/Remarks:
The groupings being shown as muted is a bit inconvenient also
as it muddies the perspective of what this does and how important
it is. Would be nicer to not have it in this particular selector.
When an interface is selected it would be perfect if the grouping
icon would show so people see better what they selected. Coloring
is nice so that would take it to the next level.
Badges with rule counts are not overly nice in front of the selection
and also don't update on rule delete. While it's nice to have this
the question is if this is really needed. A counter already exists
when clicking on them (Showing xxxx).
---------
Co-authored-by: Franco Fichtner <franco@opnsense.org>
When we are using a selectpicker, the original one will be moved inside a div containing the "bootstrap-select" class.
If this fixes https://github.com/opnsense/core/pull/9717, we need to remove the console output as that is merely for debugging.
Fixes:
ErrorException: Undefined array key 0 in /usr/local/opnsense/mvc/app/models/OPNsense/Base/BaseModel.php:755
Stack trace:
If we can't find the specified root node, we should create one, which is similar to non legacy mapper nodes.
We don't currently have a way to specify if-empty-do-not-quote
since strict quoting is often much more effective in bubbling up
errors. It could be useful to have it but the recent improvement
of mwexecf() and friends regarding array-based format strings can
account for this too.
PR: https://forum.opnsense.org/index.php?topic=50561.msg258926#msg258926
This commit moves the schedule logic out of filter_core_rules_user() where it didn't belong in the first place.
Since we need legacy code to determine schedule behavior, we cannot move it to the plugin classes easily, instead sweep all registered rules after registration so we can process "sched" for all of them in the same way.
We can next add a simple action into the model to ask if there actually is a schedule, which pf_cron() needs to schedule the rule updates.
Finally add an icon and link into the mvc page to refer to the schedule itself.
Allows the system to boot in the worst case and replaces the
command with a simple dummy command.
Formatters are still a work in progress as I'm not sure how
much preprocessing we should add here to fish for vsprintf()
doing type casts to int/float which is not something the command
line can/should support.
Revert ca06d54676. A command line is a string and
don't offer exceptions to escaping.
We may consider replacing %[^s%] with %s in the format
string but there aren't many cases where it matters either.
Should just be part of the documentation we need to offer
soon.
This might be practical for some other system tools eventually too, since Syslog() is our own wrapper, we can echo output to stdout when requested. By making the callout static, each component can still have its own logger instance (and verbose log to stdout)
usage: /usr/local/opnsense/mvc/script/run_migrations.php -v
* Use hostdiscovery service as ndp source in kea_prefix_watcher script via list_hosts.py, only request IPv6 addresses, fall back to ndp when hostdiscovery is not running
* Firewall: Rules [new]: The mvc page stores the overload table as UUID, the legacy page as alias name. Turn UUID into alias name and vice versa during upload and download of rules, and then resolve it to a name before setting it in pf configuration.
* Firewall: Rules [new]: view, show translated value in the advanced field tooltip when possible, this will show the alias name instead of the UUID, fix upload bootgrid reload and hint the successful import with the change message
* Firewall: Rules [new]: There were error(s) loading the rules: /tmp/rules.debug:235: 'max-src-conn-rate' maximum rate must be < 4294967
