auth: rewire system_usermanager_passwordmg.php to /ui/user_portal for cooperation with the next business edition.
This commit consists of two parts:
1) Add user portal privileges to "Lobby: Password" as this replaces the legacy item
2) Rewire password policy constraints to use "ui/user_portal", which will be redirected to the legacy page when BE is not installed.
The impact of this change should be small.
mvc: BooleanField defaults to 0 on creation, this will not change any empty node, just changes how these are being created for the first time.
(cherry picked from commit f569ead1a5371731ed3fe06cdd93b89b999445e0)
Interfaces: Diagnostics: Packet Capture - minor style update, position "(de)select all" button on the same row.
(cherry picked from commit 676dbb953ce8afd4178dc5ca2debcc51b66bbf2a)
Services: Unbound DNS: Blocklist - move whitelist (passlist) handling to unbound plugin in stead of the existing prefiltering option. closes https://github.com/opnsense/core/pull/8415
The previous handling "skimmed" the blocklist using regular expressions, but when these lists include wildcards, you need to filter the exact item to exclude it (e.g. *.org.domain in a blocklist will still block a.org.domain in a passlist).
By moving the evaluation to the place where requests are evaluated, we can pass the likely intended domains by their provided regex.
Although there is a performance penalty, it should be limited since we only compile the regex once.
(cherry picked from commit aa2cff3e665fd0fb2b22b69be4334d365ee066eb)
Firewall: Aliases - performance improvement by using pf's overal table stats instead of dumping them.
This commit changes PF.list_tables() to yield both the name of the aliases as well as (limited) stats, in places where we only check for totals, these are faster to collect than counting them in python.
There should be no functional impact.
(cherry picked from commit 81ec98007dff29f8cdfc5fe23ade60e7bb91ff90)
System: Gateways: Configuration - add "Kill states when down" option trigginer a gateway kill for all states with this gateway set, proposal for https://github.com/opnsense/core/issues/6803
* hide monitor options when disabled
* wire configd kill gateway command for 'pfctl -k gateway -k gwip'
* pass required properties in dpinger_status()
firewall/filter: Lets allow the grid to shrink a tiny bit more. This is the lower limit in the default view after which the layout would get too messed up
firewall/filter: Fix css of bootgrid one last time, add data-container body to selectpickers, ensure minimal heigth for selectpickers that do not support it directly, fix bootgrid-header and footer to behave the same as the grid itself.
Firewall: Aliases - support jq for alias processing, closes https://github.com/opnsense/core/issues/8277
As we already supported a dot [.] terminated format, we should support both advanced queries as simple ones using "container1.container2", by prefixing the simple format with a dot, we can offer both options using the same parser.
While comparing jq with jsonpath, the first option seems to be most practical and easier to explain.
firewall/filter: css is our friend and helper, this fix ensures that dynamic and static column widths can be mixed while still keeping the grid responsive due to a min-width to its own separate grid-box wrapper. Its a bit tricky but works.
firewall/filter: Add the same interface that is selected in the grid selectpicker into the formDialogFilter on add event, change position of interface in dialog