upstream/opnsense-plugins
1
0
Fork 0
mirror of https://github.com/opnsense/plugins.git synced 2026-04-15 22:20:31 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
2443 commits 26 branches 284 tags 43 MiB
Commit graph

2443 commits

This branch
This branch
All branches
Author SHA1 Message Date
J.Townsend
ff2bbcc41e
DNS/Dnscrypt-proxy remove discontinued feeds (#1886) 2020-06-22 15:22:05 +02:00
Frank Wall
28930cd881 net/haproxy: bump version 2020-06-18 10:03:46 +02:00
Frank Wall
910d8ac761 net/haproxy: add missing header, refs #1883 2020-06-18 09:22:24 +02:00
Frank Wall
079b304e96
Merge pull request #1883 from MrRoundRobin/patch-1 
net/haproxy: add missing acl SNI regex text field
 2020-06-18 09:21:00 +02:00
Michael
8df04c75d1
net/freeradius: fix Login-Time validation (#1887) 
* Update User.xml

* Update Makefile

* Update pkg-descr
 2020-06-16 09:37:51 +02:00
Andreas Rupper
a3913891d5
Updated Cloudflare to use token auth and update ttl (#1726) 2020-06-13 22:32:41 +02:00
Franco Fichtner
407627cd49 mail/postfix: fix whitespace 2020-06-10 07:57:09 +02:00
Robin Müller
ac9093e450
net/haproxy: add missing acl SNI regex text field 2020-06-10 01:40:21 +02:00
Frank Wall
df8b86460c
mail/postfix: add description to restart action (#1881) 
mail/postfix: add description to restart action, closes #1874
 2020-06-09 09:35:20 +02:00
Frank Wall
fdcfd2b57b
Merge pull request #1880 from fraenki/acme_134 
securiy/acme-client: release 1.34
 2020-06-08 14:53:33 +02:00
Frank Wall
f3d517cc65 security/acme-client: add support for Hetzner DNS API, closes #1870 2020-06-08 14:43:25 +02:00
Frank Wall
0dbff80fef security/acme-client: restore alnum sorting in DNS API list 2020-06-08 14:37:20 +02:00
Frank Wall
a15bf04c20 security/acme-client: add support for ArvanCloud, closes #1834 2020-06-08 14:34:28 +02:00
Frank Wall
734642abea security/acme-client: bump version 2020-06-08 14:28:01 +02:00
Frank Wall
024f7c1d10
Merge pull request #1875 from chris42/PR_dns_cn 
[security/acme-client] Add core-networks API option
 2020-06-08 14:22:26 +02:00
chris42
543209b661 Order by name not tag 2020-06-07 13:58:45 +02:00
chris42
5988514f08 Add core-networks API option 2020-06-07 13:30:28 +02:00
Franco Fichtner
c47fc41b27 net/frr: use FRR 7 #1768 2020-06-02 10:19:30 +02:00
Frank Wall
e1c15a1b20 security/acme-client: bump version 2020-05-28 15:24:15 +02:00
Frank Wall
2dfe7674d5 security/acme-client: move optional field to the bottom, refs #1851 2020-05-28 15:23:59 +02:00
Bill Gertz
c46695c030
security/acme-client: Add NSUPDATE_ZONE support to nsupdate DNS-01 Service (#1851) 
Add NSUPDATE_ZONE nsupdate support 

Adds new validation.dns_nsudate_zone field to implement support for NSUPDATE_ZONE. See https://github.com/acmesh-official/acme.sh/pull/1963 for more information.
 2020-05-28 15:21:08 +02:00
Ad Schellevis
72980508a7 security/stunnel prepare release version 2020-05-26 21:02:37 +02:00
Joey "JojoXD" Vos
9001b6941b
Added Telegraf InfluxDB v2 Output Support (#1849) 2020-05-26 13:12:54 +02:00
Martin Wasley
98dca4b0f0 Update services_dyndns_edit.php 2020-05-24 10:23:15 +02:00
Ad Schellevis
1f7654103d stunnel: new revision 2020-05-20 06:13:59 +02:00
Ad Schellevis
e845256b1a stunnel: minor bug fixes 
- used wrong pid for ident status
- reload syslog on service start
- missing condition in syslog template (hence the service reload)

for https://github.com/opnsense/plugins/issues/1829
 2020-05-20 06:11:29 +02:00
Ad Schellevis
84585d959b stunnel: minor cleanups and versioning, closes https://github.com/opnsense/plugins/issues/1829 2020-05-20 00:57:15 +02:00
Ad Schellevis
9510a17266 whitespace 2020-05-20 00:34:04 +02:00
Ad Schellevis
3d4416cf26
Stunnel: add identd (#1845) 
stunnel: add identd service and plumbing
 2020-05-22 13:12:28 +02:00
Franco Fichtner
aa8ff3e508 security/acme-client: also bump revision 2020-05-22 09:18:24 +02:00
Franco Fichtner
ee799d8c75 security/acme-client: fix #1844 2020-05-22 09:17:42 +02:00
Maurice Walker
85329069be
net/tayga, register virtual interface (#1826) 2020-05-20 10:48:11 +02:00
Franco Fichtner
5c004cae08 security/tinc: bump revision after changes 2020-05-19 08:55:21 +02:00
Franco Fichtner
7f90141b60 security/stunnel: style and sync 2020-05-18 16:40:47 +02:00
Franco Fichtner
1a791fb998 net/firewall: style update 2020-05-18 16:38:36 +02:00
Ad Schellevis
2a8b0a58ed
stunnel: initial release (#1840) 
* stunnel: boilerplate for https://github.com/opnsense/plugins/issues/1829

* stunnel: work in progress for https://github.com/opnsense/plugins/issues/1829

* stunnel: add service control and acl for https://github.com/opnsense/plugins/issues/1829

* stunnel: add cipher selection for https://github.com/opnsense/plugins/issues/1829

Since stunnel uses different parameter pairs for TLSv1.[1,2] and TLSv1.3, we'll try to sort them out in our config template.
When no TLSv1.3 ciphers are allowed, we should limit the sslVersionMax parameter as well as it seems.

* stunnel: set TLS1.2 as minimum

* stunnel: disable rc conf when no services are active https://github.com/opnsense/plugins/issues/1829

* stunnel: CRL support for https://github.com/opnsense/plugins/issues/1829

* stunnel: simplify cert creation, combine cert+key in one file. for https://github.com/opnsense/plugins/issues/1829

* stunnel: syslog and log viewer for https://github.com/opnsense/plugins/issues/1829

* stunnel: add hasync anchor, for https://github.com/opnsense/plugins/issues/1829
 2020-05-18 15:31:18 +02:00
Frank Wall
8611398aaa security/acme-client: bump version 2020-05-18 09:50:05 +02:00
Frank Wall
cf1828bc02 post merge fixes for #1838 2020-05-18 09:49:50 +02:00
Frank Wall
5e46eecf67
Merge pull request #1838 from mdbraber/master 
security/acme-client: Add Acmeproxy DNS provider dialog
 2020-05-18 09:46:08 +02:00
Maarten den Braber
6628f93fc1 Tabs to spaces 2020-05-16 23:39:28 +02:00
Maarten den Braber
ce5c6be647 Fix formatting issue 2020-05-16 23:38:14 +02:00
Maarten den Braber
4c79d89c8f Add Acmeproxy DNS provider dialogs 2020-05-16 23:36:37 +02:00
0c67e9db29
snort-vrt: Update rulesfile (#1835) 
Update rulesfile.
2990 does not exist anymore.
29151 works best with suricata 4.1.8 and 5.0.3
 2020-05-15 11:19:53 +02:00
Franco Fichtner
c6de3851f5 plugins: style sweep 2020-05-13 08:42:51 +02:00
Ad Schellevis
faa23ffae9 Syslog-NG: add templates for https://github.com/opnsense/core/issues/4068 2020-05-12 13:55:27 +02:00
vnxme
f2db771984
security/tinc: Fix switch mode (#1733) 
* security/tinc: Allow empty subnet for switch mode

A Host class with empty self._payload['subnet'] is considered invalid (lines 38-39). Thus, we can remove self._payload['subnet'] = None from __init__() and add a check for existance to config_text().

* security/tinc: Allow empty subnet for switch mode

Set network.subnet.required and host.subnet.required to N, add a required constraint for network.subnet if network.mode is router.

* security/tinc: Trigger configctl on tinc-up

In order to support various dual-stack configs (primary IPv4/v6 assigned by VPN/Tinc and any combination of alias IPv4/v6 assigned by Firewall/VIP) we need to trigger configctl:
- Primary IPv4: /usr/local/opnsense/service/configd_ctl.py interface newip $interface
- Primary IPv6: /usr/local/opnsense/service/configd_ctl.py interface newipv6 $interface

* security/tinc: Destroy tun/tap interface on stop

Destroying tun/tap interface each time Tinc daemon stops/restarts resolves the issue of losing IPv6 network routes (see #3972).

* security/Tinc: Add a missing reference constraint

The network.mode field is now linked to the network.subnet field.

* security/Tinc: Refactor tincd.py
 2020-05-12 12:49:01 +02:00
Patrik Kernstock
dc7980a3e0 unboundplus: Use 'forward-tls-upstream' config key 
While 'forward-ssl-upstream' is indeed an alias/alternative syntax for the '*tls*' option, therefore it's more a cosmetic thing - specially because it's called DNS over TLS. Just to be consistent with terms used.
 2020-05-08 15:38:22 +02:00
Johann Richard
930995ba3a
Make doc for password more explicit, group options logically (#1765) 
It may be obvious to some, but I think there's some value in making it more explicit that the password required here is for the *remote* shadowsocks server. Furthermore, I would suggest moving the password in the form closer to the remove server info.
 2020-05-05 07:25:34 +02:00
Franco Fichtner
4c07622fbd dns/unbound-plus: advertise fix 2020-04-29 11:38:33 +02:00
Michael
7178da958b
dns/unbound-plus: fix DoT validations (#1803) 2020-04-29 11:37:20 +02:00