Most of the glue in Makefile belongs to version nowadays, but we
haven't moved the barely moving parts yet. Start with the copyright
block since we're touching it now for the obvious reason.
I think the install dependencies were removed. At least when patching
the local installation the tests do not care suggesting they use the
proper repository files for testing.
Give the test its own empty config to migrate into, which makes
resetting it irrelevant. A tiny bit of magic is needed to bootstrap
a config.xml so it's not the one that is checked in and we also
remove the temporary files from the tree so it does not confuse git.
save() is a far-reaching side effect in the test, but more or less
necessary for better test coverage. But I'd still want a simpler
test around Core\Config and this offers merely offers the groundwork
also removing the need to reset this from make commands.
* Interfaces: Neighbors: Automatic Discovery - add new hostdiscovery feature
This splits the Neighbors menu item in an existing static assignments and adds the automatic discovery feature which includes logging and insights into the currently known hosts on the network. When automatic discovery is disabled, it drops back to arp/ndp.
By default automatic mode is enabled on all interfaces, but configuration options exists (to limit interfaces and networks).
Other consumers which require host mappings can use the /usr/local/opnsense/scripts/interfaces/list_hosts.py script to either fetch the sqlite database or arp/ndp data for the selected pprotocol(s).
More information about the hostwatch daemon is available at https://github.com/opnsense/hostwatch
* Interfaces: Neighbors: Automatic Discovery - add new hostdiscovery feature (review feedback https://github.com/opnsense/core/pull/9354)
* Interfaces: Neighbors: Automatic Discovery - change list_hosts.py to only query ndp when explicitly asked.
Due to the short timeouts of the ndp entries and the cost of querying them, it's probably best to only support ndp when explicitly asked.
In most cases where we need host data, we currently only support ipv4 anyway, which means a switch to the new entrypoint (list_hosts.py script) should be relatively harmless.
* Interfaces: Neighbors: Automatic Discovery - add new hostdiscovery feature (review feedback https://github.com/opnsense/core/pull/9354)
The approach works but creates an error using the tools.git
"make test" target. It would be nicer to not operate on the
actual config.xml that is checked in, but that's something
for later as tests need more of their own path use (and tmp
directory).
While they are common they are needed for stand-alone support so
plugins.git will define them as well.
Slightly mod the test target for future reuse. Avoid plain "git" use.
This also has an issue with the post-update rc.syshook if
the wwwonly is not found. But: after a boot it is ensured
and should not be missing thereafter.
The package post-install would ensure it previously, but
we don't want to also chain the php bootstrap through this
just to get the call stack in the right order.
May need further adjusting but also no need to rush this
into a stable release at the moment.
This is mainly for consumption in opnsense-patch to address a weakness
patching .in files. Not my favourite way of duplicating things in
VERSIONFILE but it is the most direct way to access information we do
not have at runtime. Adding another file just for this seems silly.
As expiretable was already used for predefined sshlockout and virusprot tables, we moved the option to the model and made sure the internal ones have their settings in the model as well.
For simplicity, we flush the tables that need to be expired to cron, using either a 15 minute or 1 minute interval, depending on timing.
pfctl offers the same functionality as expiretable now, so lets drop the latter for simplicity.
As we already supported a dot [.] terminated format, we should support both advanced queries as simple ones using "container1.container2", by prefixing the simple format with a dot, we can offer both options using the same parser.
While comparing jq with jsonpath, the first option seems to be most practical and easier to explain.
It has the downside of losing changes to config.xml but
we are far more likely to run the tests than to change
the file. Ideally, the UUIDs should not shift.
