As a note the default value for "syslog_programs" was scrapped
because it was not used. Consider flipping Required=Y and putting
it back to whom it may concern.
Changed a validation message to not end with question. Although
I do not oppose to this the current rule is "dot" for end of sentence
only and the question appears to be better suited for the help text
where it can be accessed beforehand by the user.
Scrapped defaults for networks since they are not used. The DO
look useful so I'm making this note if somebody misses them the
fields probably need a Required=Y flip but here I just enforce
what is actually happening in the model and the fact that nobody
complained about it.
* net/frr: Add capability support for BGP neighbors
I've recently tried to use OPNsense in an environment where the use of link-local addresses is required.
Since the link-local capability is not available, I was not able to use OPNsense then.
Obviously, there are some other with the same problem:
* [os-frr] wrong interface for IPv6 link-local used to connect to neighbor #4962
* https://forum.opnsense.org/index.php?topic=36088.0
So, I'd like to offer support for BGP capabilities.
* net/frr: Improve help string for BGP Capabilities as suggested by @Monviech
* net/frr: Fix typo as found by @Monviech
* net/frr: Remove not needed attribute as suggested by @Monviech
* Apply suggestion from @Monviech
---------
Co-authored-by: Monviech <79600909+Monviech@users.noreply.github.com>
- Add repeated_offenders field to active response settings
- Remove 'without context' from ossec.conf include loop to allow
variable access in config fragments
- Fix opnsense-fw.conf template bug: wazuh_command -> active_response
- Bump model version to 1.0.3
* net/ndp-proxy-go: Add depend on CARP syshook
* net/ndp-proxy-go: When carp_depend_on is enabled, prevent service start on BACKUP
* Depend on CARP is advanced mode, sort other more advanced options under headers
* Use model instead of global config
* Use custom variable for carp check
* Change label and adjust help text
When multiple IPs trigger the same rule simultaneously, they were
sharing the same check_keys value (only rule ID), causing the manager
to abort all but the first execution.
Changed the key to include both rule_id and srcip to make it unique
per source IP, allowing multiple simultaneous blocks while still
preventing duplicate blocks of the same IP.
Fixes#4738
