upstream/opnsense-plugins
1
0
Fork 0
mirror of https://github.com/opnsense/plugins.git synced 2026-04-08 18:48:50 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
5477 commits 26 branches 283 tags 42 MiB
Commit graph

1123 commits

Author SHA1 Message Date
Franco Fichtner
3328414813 security/openvpn-legacy: drop this in from core 2026-02-26 12:02:52 +01:00
Frank Wall
267d2c7cb9 security/acme-client: fix buttons not working, closes #5123 
While here, modernize UIBootgrid code and remove some dead code.
 2026-02-26 00:36:21 +01:00
Franco Fichtner
f8694c7767 security/q-feeds-connector: style sweep 2026-02-25 12:22:11 +01:00
Frank Wall
52e09a6dd0
Merge pull request #5204 from fraenki/acme_414 
security/acme-client: release 4.14
 2026-02-25 12:03:29 +01:00
Bethuel Mmbaga
63fc5442ab
security/netbird: Add SSH configuration options (#5113) 2026-02-24 16:00:57 +01:00
Franco Fichtner
cb77c1e616 security/tailscale: model changes, default validation message is enough 2026-02-24 15:55:19 +01:00
Sam Sheridan
11764a1dc4
security/tailscale: Set auth key to optional in UI (#5065) 2026-02-24 15:25:50 +01:00
Q-Feeds
58f0dfd86e
q-feeds-connector: Update help text to mention DNScrypt-proxy blocklists (#5237) 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-19 09:06:10 +01:00
Ad Schellevis
de4c98eee2
Security: Q-Feeds Connect - add new options as available in integrated blocklists (#5226) 
* Security: Q-Feeds Connect - add new options as available in integrated blocklists, closes https://github.com/opnsense/plugins/issues/5197

This adds allowlists (regex patterns), source_nets Q-Feeds applies on, address to return and optional NXDOMAIN responses.

Please note this version is only compatible with current community versions, business edition installs will have to wait for 26.4.

* Security: Q-Feeds Connect - update version and changelog
 2026-02-16 16:58:17 +01:00
Frank Wall
a444a16214 security/acme-client: fix truenas automations, closes #5210 
regression introduced in #5157
 2026-02-11 16:11:03 +01:00
Frank Wall
911c1ab5fc security/acme-client: fix class name of Google Domains DNS API 2026-02-09 11:48:11 +01:00
Frank Wall
0a6ed55f61 security/acme-client: release 4.14 2026-02-09 11:27:46 +01:00
Q-Feeds
f64be105b0
Fix: Strip whitespace from API token to prevent 401 authentication errors (#5203) 2026-02-09 10:52:52 +01:00
Franco Fichtner
92fb6dcb2d security/q-feeds-connector: wrap up this revision 2026-02-09 07:51:37 +01:00
Franco Fichtner
630cd208ea LICENSE: fix a typo and sync 2026-02-06 10:57:50 +01:00
Ad Schellevis
8cafe71201 security/q-feeds-connector: track if qfeeds lists are loaded when deselected and reload unbounds blocklist in that case (via qfeedsctl.py), for https://github.com/opnsense/plugins/issues/5190 2026-02-05 21:19:22 +01:00
Franco Fichtner
4773ff712e security/wazuh-agent: bump revision 2026-01-30 15:55:28 +01:00
mbedworth
590bd9211c
security/wazuh-agent: fix syntax error in opnsense-fw active response (#5174) 
Fix critical syntax error in opnsense-fw active response script that prevents IPs from being added to the __wazuh_agent_drop alias.

## Problem
The script contains invalid Python syntax - a variable assignment inside a dictionary literal:
```python
"parameters":{
   unique_key = "%s-%s" % (...)  # Invalid Python syntax
   "keys": [unique_key]
}
```

This causes the script to fail with a SyntaxError on all 'add' commands, meaning attacking IPs are never blocked.

## Changes
- Move unique_key assignment outside dictionary literal (fixes SyntaxError)
- Fix typo: 'even' -> 'event' in error message
- Add debug logging for easier troubleshooting

## Testing
- Verified syntax with `python3 -m py_compile`
- Tested active response add/delete operations on OPNsense 26.1
 2026-01-30 07:44:12 +01:00
Frank Wall
e011819532 security/acme-client: update changelog 2026-01-29 22:32:57 +01:00
Frank Wall
db0b943465 security/acme-client: remove duplicate slashes, refs #5166 2026-01-29 22:31:31 +01:00
Frank Wall
d18e09c78d security/acme-client: release 4.13 2026-01-29 22:31:31 +01:00
Frank Wall
728b97c87e
Merge pull request #5168 from gigamonster256/push-rwxoyqsoyqlp 
security/acme-client: allow always renew
 2026-01-29 22:30:03 +01:00
Jeroen Kool
be5be59d60
security/acme-client: make it possible to obtain a global access token from TransIP (#5166) 
* security/acme-client: Add option for global token to TransIP

The TransIP dns api and the acme.sh api for TransIP support the possibility to create a global access token.
With a global access token, the api call to TransIP can be amde from every ip adress.
There is a new button in the client configuration for TransIP, and this will be added to the account configuration file, which is used by acme.sh
 2026-01-29 22:24:03 +01:00
Frank Wall
f3d86bb2d0
Merge pull request #5158 from Benno089/ISSUE-4959 
security/acme-client: add support for DNS challenge Spaceship.com
 2026-01-29 21:47:07 +01:00
Frank Wall
67977c43a8
Merge pull request #5157 from GutierrezJeremy/deploy-hook-ruckus 
security/acme-client: add support for acme.sh deploy hook "Ruckus"
 2026-01-29 21:46:32 +01:00
Frank Wall
268d504349
Merge pull request #5154 from apritcha1/master 
security/acme-client: add support for ACME profiles
 2026-01-29 21:46:03 +01:00
Caleb Norton
b23594e102 security/acme-client: allow always renew 2026-01-24 15:22:01 -06:00
Benno Kutschenreuter
93f434dc43 security/acme-client:add support for DNS challenge Spaceship.com 2026-01-23 14:54:05 +01:00
Jeremy Gutierrez
e9eb048a7c security/acme-client: add support for acme.sh deploy hook "Ruckus" 2026-01-23 14:17:16 +01:00
Franco Fichtner
e3bae8e72f security/tinc: update version 2026-01-21 07:51:20 +01:00
Alexander Pritchard
f2a122bdc8 security/acme-client: fallback display name for certs with no CN 2026-01-20 10:50:27 -06:00
Alexander Pritchard
20ff8e5af4 Add ACME profile support to acme-client 2026-01-20 10:22:47 -06:00
Thojo0
735eaa545e
add disablesubnetroutes option (#5136) 
closes https://github.com/opnsense/plugins/issues/5135
 2026-01-20 14:45:40 +01:00
Frank Wall
3e0c77f252
Merge pull request #5153 from fraenki/acme_412 
security/acme-client: release 4.12
 2026-01-20 13:52:58 +01:00
Franco Fichtner
b4ae3dc4da security/q-feeds-connector: style 2026-01-20 12:55:38 +01:00
Franco Fichtner
a30717fa42 security/acme-client: style sweep 2026-01-20 12:21:50 +01:00
Frank Wall
d4cd3e3524 security/acme-client: release 4.12 2026-01-20 12:21:26 +01:00
GutierrezJeremy
0ec3d04843
security/acme-client: Add support for Timeweb Cloud DNS API (#5149) 2026-01-20 12:08:44 +01:00
Frank Wall
e71e18d4a9
Merge pull request #5138 from dozing00/feature/acme-dns-he-ddns 
security/acme-client: Add support for Hurricane Electric DDNS API
 2026-01-20 12:06:21 +01:00
sourceforge807
e6ac625b0f
security/acme-client: add support for Technitium DNS API (#5111) 2026-01-20 12:05:38 +01:00
Frank Wall
d30a1bbd91
Merge pull request #5081 from coderjoe/feature/acmesh-zyxel-gs1900-deploy 
security/acme-client: add support for zyxel_gs1900 deploy hook
 2026-01-20 12:04:32 +01:00
Franco Fichtner
da46d00944 plugins: PLUGIN_TIER last so it's not confused with PLUGIN_REVISION 2026-01-19 05:33:35 +01:00
Franco Fichtner
87a27341ce security/wazuh-agent: model style and wrap up next version 
As a note the default value for "syslog_programs" was scrapped
because it was not used.  Consider flipping Required=Y and putting
it back to whom it may concern.
 2026-01-19 05:01:11 +01:00
Franco Fichtner
33540053e7 security/openconnect: model style 2026-01-19 04:56:20 +01:00
Franco Fichtner
5e83a9f93c security/crowdsec: model style 
Changed a validation message to not end with question.  Although
I do not oppose to this the current rule is "dot" for end of sentence
only and the question appears to be better suited for the help text
where it can be accessed beforehand by the user.
 2026-01-19 04:53:57 +01:00
Franco Fichtner
7f7406535e security/clamav: basic model style 2026-01-19 04:49:41 +01:00
Franco Fichtner
b9bb07a0c9 security/tor: basic model style 2026-01-19 04:45:18 +01:00
Franco Fichtner
923bd52a94 security/q-feeds-connector: plugin style 2026-01-19 04:32:54 +01:00
Frank Wall
b18c2660e7
Merge pull request #5146 from peterv99/peterv99-patch-mijnhost 
fix mijnhost/scaleway DNS API settings
 2026-01-18 23:49:50 +01:00
Thomas Moore
c3e099c5ae Added support for Hurricane Electic DDNS in acme client plugin. 2026-01-15 14:26:26 -05:00