Is this for 2.3? If so it belongs on the 2.3 board.

I think it used to auto-exit for a reason. The relevant stuff appears to be in /etc/phpshellsessions/gitsync in case someone's bored.

From https://redmine.pfsense.org/issues/5112 : With some help from PiBa-NL via IRC I can confirm that the hackish approach works fine. $authcfg = auth_get_authserver("YOUR LDAP BACKEND NAME"); $_attributes = array(); $loginok = authenticate_user($_POST['auth_user'], $_POST['auth_pass'], $authcfg, $_attributes); I then uncommented the privilege checking. I hope I find the time to layout changes in a github PR and would like some guidance on how the new configuration options should be structured. It can get complicated if one wishes, but there I will not help much. I thus consider this thread to be closed, but are happy to find collaborators for a github PR (join me on https://redmine.pfsense.org/issues/5112 ). Thanks.

That sounds a lot like RFC2307bis authentication as in https://redmine.pfsense.org/issues/5461 .

obviously(?) sysctl needs an API, so we can ensure it occurs correctly, and perhaps within some limit.

https://redmine.pfsense.org/issues/2668 I thought about this a long time ago and never did anything about it! Someone (me?) should look at it again when the 2.3 code is stable.

Apparently…

new version with additional info: [image: ifblhv.png]

What would be the implications of eliminating table "persist file" lines from the pfctl -vvPnf input in these two /etc/inc/filter_log.inc functions? function find_rule_by_number($rulenum, $trackernum, $type="block") { function buffer_rules_load() { grep -v "persist file" /tmp/rules.debug | /sbin/pfctl -vvPnf - Speeds it right up.

I don't understand what you need that is not there already. In the current 2.2.* you can: a) Put and alias as an entry inside another alias - that lets you define a device(s) once in a small alias and then include that alias in higher-level aliases. b) In the Firewall Rules GUI you select source or destination address "single host or alias" and start typing the start of the alias name you want, and choose it. And similar thing in the source/destination ports.

@ky41083: Does it worry anybody else that pfSense dev's accept code commits from this "genius"? nope.

David, thanks for the insight. I already have my 2.3 VM up and running and will try to patch things for varnish4 in there.

The reason is to confuse the enemy… :D As I understand it, this is only used for package name itself?

No problem, won't delete the thread as it might help someone in the future. If you want to try it sooner than later…well, check back later today.  :D Snapshots will be announced soon.

@Derelict: If you upload it to /usr/local/captiveportal or upload it somewhere and link to it from /usr/local/captiveportal it will be available if it includes "captiveportal" in the Nain me.  http://portal_ip:8002/captiveportal-image-asset.png There is a rewrite in the lighttpd config that disallows the web server from serving any files directly referenced that do not include the string "captiveportal" in its filename (the name of the link in /usr/local/captiveportal) url.rewrite-once = ( "(.captiveportal.)" => "$1", "(.*)" => "/index.php?zone=guest_zone&redirurl=$1" ) My suggestion is to use one of the many available control panels or CMS to upload assets used in your captive portal page on a separate web server, which is where all but the most basic of portal pages belongs anyway. Thanks mate this us perfect and 100% relevant. I ended up doing just this - the /usr/local/www/ folder is public so made a /cportal folder and uploaded everything there and direct link. Works fantastic. Only had to change some code for this to work. Users can now upload from .NET software and set custom values to skin the UI with ease. This is what the dev forum is about! Whooo

Thanks, new 32 bit builds are there now.