From 478644e96f998a9963c8d662460c94b485cffb20 Mon Sep 17 00:00:00 2001
From: BPplays <suzuko.oss@proton.me>
Date: Tue, 25 Nov 2025 07:27:22 -0800
Subject: [PATCH 01/18] started adding confgurable redis and listen address

---
 .../OPNsense/Ntopng/forms/general.xml         | 14 +++++++++++
 .../app/models/OPNsense/Ntopng/General.php    | 20 +++++++++++++++
 .../app/models/OPNsense/Ntopng/General.xml    | 12 ++++++++-
 .../templates/OPNsense/Ntopng/ntopng.conf     | 25 +++++++++++++++----
 4 files changed, 65 insertions(+), 6 deletions(-)

diff --git a/net/ntopng/src/opnsense/mvc/app/controllers/OPNsense/Ntopng/forms/general.xml b/net/ntopng/src/opnsense/mvc/app/controllers/OPNsense/Ntopng/forms/general.xml
index b334d3ad0..a76a8aa27 100644
--- a/net/ntopng/src/opnsense/mvc/app/controllers/OPNsense/Ntopng/forms/general.xml
+++ b/net/ntopng/src/opnsense/mvc/app/controllers/OPNsense/Ntopng/forms/general.xml
@@ -12,6 +12,14 @@
         <advanced>true</advanced>
         <help>Select the interface to listen to. Set to none if you want to choose the interface via ntopng UI.</help>
     </field>
+    <field>
+        <id>general.address</id>
+        <label>Listen address</label>
+        <style>tokenize</style>
+        <type>select_multiple</type>
+        <allownew>true</allownew>
+        <help>Address this service listens on.</help>
+    </field>
     <field>
         <id>general.httpport</id>
         <label>HTTP Port</label>
@@ -30,6 +38,12 @@
         <type>dropdown</type>
         <help>Set the certificate to use for HTTPS connections.</help>
     </field>
+    <field>
+        <id>general.redisconnection</id>
+        <label>redis</label>
+        <type>text</type>
+        <help>HTTPS Port this service listens on. If you enable HTTPS you will be redirected from HTTP to HTTPS. Please select a certificate below</help>
+    </field>
     <field>
         <id>general.dnsmode</id>
         <label>DNS Mode</label>
diff --git a/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.php b/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.php
index 02120a546..4e8ec286d 100644
--- a/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.php
+++ b/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.php
@@ -29,7 +29,27 @@
 namespace OPNsense\Ntopng;
 
 use OPNsense\Base\BaseModel;
+use OPNsense\Base\Messages\Message;
 
 class General extends BaseModel
 {
+    public function performValidation($validateFullModel = false)
+    {
+        $messages = parent::performValidation($validateFullModel);
+
+
+		$http = (string)$this->httpport;
+		$https = (string)$this->httpsport;
+
+		if ($http === '' && $https === '') {
+			$messages->appendMessage(new Message(
+				gettext(
+					'Please input at least an HTTP or HTTPS port.'
+				),
+				'httpport'
+			));
+		}
+
+        return $messages;
+    }
 }
diff --git a/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.xml b/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.xml
index 580e20651..f3579786a 100644
--- a/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.xml
+++ b/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.xml
@@ -12,8 +12,14 @@
             <Multiple>Y</Multiple>
             <AllowDynamic>Y</AllowDynamic>
         </interface>
-        <httpport type="PortField">
+        <address type="NetworkField">
             <Required>Y</Required>
+            <Default>::,0.0.0.0</Default>
+            <NetMaskAllowed>N</NetMaskAllowed>
+            <AsList>Y</AsList>
+        </address>
+        <httpport type="PortField">
+            <Required>N</Required>
             <Default>3000</Default>
         </httpport>
         <httpsport type="PortField">
@@ -37,6 +43,10 @@
                 </check001>
             </Constraints>
         </cert>
+        <redisconnection type="TextField">
+            <Required>N</Required>
+            <Mask>/^.*\S.*$/</Mask> <!-- forbids only whitespace, still allows if any non-whitespace chars -->
+        </redisconnection>
         <dnsmode type="OptionField">
             <Required>N</Required>
             <OptionValues>
diff --git a/net/ntopng/src/opnsense/service/templates/OPNsense/Ntopng/ntopng.conf b/net/ntopng/src/opnsense/service/templates/OPNsense/Ntopng/ntopng.conf
index 48def3ea3..dcecc73ae 100644
--- a/net/ntopng/src/opnsense/service/templates/OPNsense/Ntopng/ntopng.conf
+++ b/net/ntopng/src/opnsense/service/templates/OPNsense/Ntopng/ntopng.conf
@@ -2,17 +2,32 @@
 {% from 'OPNsense/Macros/interface.macro' import physical_interface %}
 {%   if helpers.exists('OPNsense.ntopng.general.interface') and OPNsense.ntopng.general.interface != '' %}
 {%     for iface in OPNsense.ntopng.general.interface.split(',') %}
--i={{ physical_interface(iface) }}
+--interface={{ physical_interface(iface) }}
 {%     endfor %}
 {%   endif %}
+
+{%   set http_listens = [] %}
+{%   set https_listens = [] %}
+{% for address in OPNsense.ntopng.general.address.split(',') %}
+{%     set _ = http_listens.append(helpers.format_host_str_for_port(address) ~ ':' ~ OPNsense.ntopng.general.httpport) %}
+{%     set _ = https_listens.append(helpers.format_host_str_for_port(address) ~ ':' ~ OPNsense.ntopng.general.httpsport) %}
+{% endfor %}
+
 {%   if helpers.exists('OPNsense.ntopng.general.httpport') and OPNsense.ntopng.general.httpport != '' %}
--w={{ OPNsense.ntopng.general.httpport }}
+--http-port="{{ http_listens | join(',') }}"
+{%   else %}
+--http-port=0
 {%   endif %}
+
 {%   if helpers.exists('OPNsense.ntopng.general.httpsport') and OPNsense.ntopng.general.httpsport != '' %}
--W={{ OPNsense.ntopng.general.httpsport }}
+--https-port="{{ https_listens | join(',') }}"
+{%   endif %}
+
+{%   if helpers.exists('OPNsense.ntopng.general.redisconnection') and OPNsense.ntopng.general.redisconnection != '' %}
+--redis={{ OPNsense.ntopng.general.redisconnection }}
 {%   endif %}
 {%   if helpers.exists('OPNsense.ntopng.general.dnsmode') and OPNsense.ntopng.general.dnsmode != '' %}
--n={{ OPNsense.ntopng.general.dnsmode }}
+--dns-mode={{ OPNsense.ntopng.general.dnsmode }}
 {%   endif %}
--d=/var/db/ntopng
+--data-dir=/var/db/ntopng
 {% endif %}

From 76ccb063edd6b4a16e9950b8380faed1d2510498 Mon Sep 17 00:00:00 2001
From: BPplays <suzuko.oss@proton.me>
Date: Tue, 25 Nov 2025 09:48:51 -0800
Subject: [PATCH 02/18] added validation and automatic redis settings for
 ntopng; changed redis validation to ensure valid pass for ntopng

---
 .../mvc/app/models/OPNsense/Redis/Redis.php   | 22 +++++++++++++
 .../OPNsense/Ntopng/forms/general.xml         |  5 +--
 .../app/models/OPNsense/Ntopng/General.php    | 31 +++++++++++++++++--
 .../templates/OPNsense/Ntopng/ntopng.conf     |  2 ++
 4 files changed, 55 insertions(+), 5 deletions(-)

diff --git a/databases/redis/src/opnsense/mvc/app/models/OPNsense/Redis/Redis.php b/databases/redis/src/opnsense/mvc/app/models/OPNsense/Redis/Redis.php
index c6c2121f1..3f3e3f753 100644
--- a/databases/redis/src/opnsense/mvc/app/models/OPNsense/Redis/Redis.php
+++ b/databases/redis/src/opnsense/mvc/app/models/OPNsense/Redis/Redis.php
@@ -29,7 +29,29 @@
 namespace OPNsense\Redis;
 
 use OPNsense\Base\BaseModel;
+use OPNsense\Base\Messages\Message;
 
 class Redis extends BaseModel
 {
+    public function performValidation($validateFullModel = false)
+    {
+        // Call parent validation first
+        $messages = parent::performValidation($validateFullModel);
+
+        // Get the password value
+        $password = (string)$this->security->password;
+
+        // Check if password contains \ or `
+        if (!empty($password) && (strpos($password, '\\') !== false || strpos($password, '`') !== false)) {
+            $message = new Message(
+                gettext(
+                    "Password cannot contain backslash (\\) or backtick (`) characters",
+                ),
+                "security.password"
+            );
+            $messages->appendMessage($message);
+        }
+
+        return $messages;
+    }
 }
diff --git a/net/ntopng/src/opnsense/mvc/app/controllers/OPNsense/Ntopng/forms/general.xml b/net/ntopng/src/opnsense/mvc/app/controllers/OPNsense/Ntopng/forms/general.xml
index a76a8aa27..d6e6bc90e 100644
--- a/net/ntopng/src/opnsense/mvc/app/controllers/OPNsense/Ntopng/forms/general.xml
+++ b/net/ntopng/src/opnsense/mvc/app/controllers/OPNsense/Ntopng/forms/general.xml
@@ -40,9 +40,10 @@
     </field>
     <field>
         <id>general.redisconnection</id>
-        <label>redis</label>
+        <label>Redis connection override</label>
         <type>text</type>
-        <help>HTTPS Port this service listens on. If you enable HTTPS you will be redirected from HTTP to HTTPS. Please select a certificate below</help>
+        <advanced>true</advanced>
+        <help>the defines the redis connections as per --redis in www.ntop.org/guides/ntopng/cli_options/cli_options.html</help>
     </field>
     <field>
         <id>general.dnsmode</id>
diff --git a/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.php b/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.php
index 4e8ec286d..756fe12fc 100644
--- a/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.php
+++ b/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.php
@@ -42,12 +42,37 @@ class General extends BaseModel
 		$https = (string)$this->httpsport;
 
 		if ($http === '' && $https === '') {
+			$msg = gettext('Please input at least an HTTP or HTTPS port.');
+
 			$messages->appendMessage(new Message(
-				gettext(
-					'Please input at least an HTTP or HTTPS port.'
-				),
+				$msg,
 				'httpport'
 			));
+
+			$messages->appendMessage(new Message(
+				$msg,
+				'httpsport'
+			));
+		}
+
+		$addresses_length = count(explode(',', (string)$this->address));
+		if ($addresses_length > 1 && $https !== '') {
+			$messages->appendMessage(new Message(
+				gettext(
+					"Can't have more then 1 listen address when using HTTPS"
+				),
+				'address'
+			));
+
+		}
+		if ((string)$this->redisconnection === '') {
+			$redisPassword = (string)$this->getNodeByReference('OPNsense.redis.security.password');
+			if (strpos($redisPassword, '\\') !== false || strpos($redisPassword, '`') !== false) {
+				$messages->appendMessage(new Message(
+					gettext('Redis password cannot contain backslash (\) or backtick (`) characters.'),
+					''
+				));
+			}
 		}
 
         return $messages;
diff --git a/net/ntopng/src/opnsense/service/templates/OPNsense/Ntopng/ntopng.conf b/net/ntopng/src/opnsense/service/templates/OPNsense/Ntopng/ntopng.conf
index dcecc73ae..ce1f176ca 100644
--- a/net/ntopng/src/opnsense/service/templates/OPNsense/Ntopng/ntopng.conf
+++ b/net/ntopng/src/opnsense/service/templates/OPNsense/Ntopng/ntopng.conf
@@ -25,6 +25,8 @@
 
 {%   if helpers.exists('OPNsense.ntopng.general.redisconnection') and OPNsense.ntopng.general.redisconnection != '' %}
 --redis={{ OPNsense.ntopng.general.redisconnection }}
+{%   elif helpers.exists('OPNsense.redis.security.password') and OPNsense.redis.security.password != '' %}
+--redis=localhost:{{ OPNsense.redis.general.port | default('6379') }}:{{ OPNsense.redis.security.password }}
 {%   endif %}
 {%   if helpers.exists('OPNsense.ntopng.general.dnsmode') and OPNsense.ntopng.general.dnsmode != '' %}
 --dns-mode={{ OPNsense.ntopng.general.dnsmode }}

From 8af7a2ab45fc1cff7b7421dc1fcf69a6f084de2b Mon Sep 17 00:00:00 2001
From: BPplays <suzuko.oss@proton.me>
Date: Tue, 25 Nov 2025 10:56:25 -0800
Subject: [PATCH 03/18] rename

---
 .../OPNsense/Ntopng/forms/general.xml         |  6 +-
 .../app/models/OPNsense/Ntopng/General.php    | 62 +++++++++----------
 .../templates/OPNsense/Ntopng/ntopng.conf     |  2 +-
 3 files changed, 35 insertions(+), 35 deletions(-)

diff --git a/net/ntopng/src/opnsense/mvc/app/controllers/OPNsense/Ntopng/forms/general.xml b/net/ntopng/src/opnsense/mvc/app/controllers/OPNsense/Ntopng/forms/general.xml
index d6e6bc90e..c100cd144 100644
--- a/net/ntopng/src/opnsense/mvc/app/controllers/OPNsense/Ntopng/forms/general.xml
+++ b/net/ntopng/src/opnsense/mvc/app/controllers/OPNsense/Ntopng/forms/general.xml
@@ -13,12 +13,12 @@
         <help>Select the interface to listen to. Set to none if you want to choose the interface via ntopng UI.</help>
     </field>
     <field>
-        <id>general.address</id>
-        <label>Listen address</label>
+        <id>general.addresses</id>
+        <label>Listen addresses</label>
         <style>tokenize</style>
         <type>select_multiple</type>
         <allownew>true</allownew>
-        <help>Address this service listens on.</help>
+        <help>Address(es) this service listens on.</help>
     </field>
     <field>
         <id>general.httpport</id>
diff --git a/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.php b/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.php
index 756fe12fc..bd2237d4a 100644
--- a/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.php
+++ b/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.php
@@ -38,42 +38,42 @@ class General extends BaseModel
         $messages = parent::performValidation($validateFullModel);
 
 
-		$http = (string)$this->httpport;
-		$https = (string)$this->httpsport;
+        $http = (string)$this->httpport;
+        $https = (string)$this->httpsport;
 
-		if ($http === '' && $https === '') {
-			$msg = gettext('Please input at least an HTTP or HTTPS port.');
+        if ($http === '' && $https === '') {
+            $msg = gettext('Please input at least an HTTP or HTTPS port.');
 
-			$messages->appendMessage(new Message(
-				$msg,
-				'httpport'
-			));
+            $messages->appendMessage(new Message(
+                $msg,
+                'httpport'
+            ));
 
-			$messages->appendMessage(new Message(
-				$msg,
-				'httpsport'
-			));
-		}
+            $messages->appendMessage(new Message(
+                $msg,
+                'httpsport'
+            ));
+        }
 
-		$addresses_length = count(explode(',', (string)$this->address));
-		if ($addresses_length > 1 && $https !== '') {
-			$messages->appendMessage(new Message(
-				gettext(
-					"Can't have more then 1 listen address when using HTTPS"
-				),
-				'address'
-			));
+        $addresses_length = count(explode(',', (string)$this->addresses));
+        if ($addresses_length > 1 && $https !== '') {
+            $messages->appendMessage(new Message(
+                gettext(
+                    "Can't have more then 1 listen address when using HTTPS"
+                ),
+                'addresses'
+            ));
 
-		}
-		if ((string)$this->redisconnection === '') {
-			$redisPassword = (string)$this->getNodeByReference('OPNsense.redis.security.password');
-			if (strpos($redisPassword, '\\') !== false || strpos($redisPassword, '`') !== false) {
-				$messages->appendMessage(new Message(
-					gettext('Redis password cannot contain backslash (\) or backtick (`) characters.'),
-					''
-				));
-			}
-		}
+        }
+        if ((string)$this->redisconnection === '') {
+            $redisPassword = (string)$this->getNodeByReference('OPNsense.redis.security.password');
+            if (strpos($redisPassword, '\\') !== false || strpos($redisPassword, '`') !== false) {
+                $messages->appendMessage(new Message(
+                    gettext('Redis password cannot contain backslash (\) or backtick (`) characters.'),
+                    ''
+                ));
+            }
+        }
 
         return $messages;
     }
diff --git a/net/ntopng/src/opnsense/service/templates/OPNsense/Ntopng/ntopng.conf b/net/ntopng/src/opnsense/service/templates/OPNsense/Ntopng/ntopng.conf
index ce1f176ca..a28cb754d 100644
--- a/net/ntopng/src/opnsense/service/templates/OPNsense/Ntopng/ntopng.conf
+++ b/net/ntopng/src/opnsense/service/templates/OPNsense/Ntopng/ntopng.conf
@@ -8,7 +8,7 @@
 
 {%   set http_listens = [] %}
 {%   set https_listens = [] %}
-{% for address in OPNsense.ntopng.general.address.split(',') %}
+{% for address in OPNsense.ntopng.general.addresses.split(',') %}
 {%     set _ = http_listens.append(helpers.format_host_str_for_port(address) ~ ':' ~ OPNsense.ntopng.general.httpport) %}
 {%     set _ = https_listens.append(helpers.format_host_str_for_port(address) ~ ':' ~ OPNsense.ntopng.general.httpsport) %}
 {% endfor %}

From e464db3b6fe684b8c4fd4c5aef25e86d39c62a30 Mon Sep 17 00:00:00 2001
From: BPplays <suzuko.oss@proton.me>
Date: Tue, 25 Nov 2025 12:50:10 -0800
Subject: [PATCH 04/18] rename

---
 .../src/opnsense/mvc/app/models/OPNsense/Ntopng/General.xml   | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.xml b/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.xml
index f3579786a..3e1ac5bfb 100644
--- a/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.xml
+++ b/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.xml
@@ -12,12 +12,12 @@
             <Multiple>Y</Multiple>
             <AllowDynamic>Y</AllowDynamic>
         </interface>
-        <address type="NetworkField">
+        <addresses type="NetworkField">
             <Required>Y</Required>
             <Default>::,0.0.0.0</Default>
             <NetMaskAllowed>N</NetMaskAllowed>
             <AsList>Y</AsList>
-        </address>
+        </addresses>
         <httpport type="PortField">
             <Required>N</Required>
             <Default>3000</Default>

From 0d65171102dcf63b46ab02390e6189f82185f4de Mon Sep 17 00:00:00 2001
From: BPplays <suzuko.oss@proton.me>
Date: Wed, 26 Nov 2025 04:36:03 -0800
Subject: [PATCH 05/18] better error messages

---
 .../app/models/OPNsense/Ntopng/General.php    | 33 ++++++++++++++-----
 .../app/models/OPNsense/Ntopng/General.xml    |  1 -
 2 files changed, 25 insertions(+), 9 deletions(-)

diff --git a/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.php b/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.php
index bd2237d4a..b029d5593 100644
--- a/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.php
+++ b/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.php
@@ -65,14 +65,31 @@ class General extends BaseModel
             ));
 
         }
-        if ((string)$this->redisconnection === '') {
-            $redisPassword = (string)$this->getNodeByReference('OPNsense.redis.security.password');
-            if (strpos($redisPassword, '\\') !== false || strpos($redisPassword, '`') !== false) {
-                $messages->appendMessage(new Message(
-                    gettext('Redis password cannot contain backslash (\) or backtick (`) characters.'),
-                    ''
-                ));
-            }
+
+
+        $redis_conn = (string)$this->redisconnection;
+
+        if (trim($redis_conn) === '' && $redis_conn !== '') {
+            $messages->appendMessage(new Message(
+                gettext(
+                    "Can't be all whitespace"
+                ),
+                'redisconnection'
+            ));
+        } elseif ($redis_conn !== ltrim($redis_conn)) {
+            $messages->appendMessage(new Message(
+                gettext(
+                    "Can't have leading whitespace"
+                ),
+                'redisconnection'
+            ));
+        } elseif ($redis_conn !== rtrim($redis_conn)) {
+            $messages->appendMessage(new Message(
+                gettext(
+                    "Can't have trailing whitespace"
+                ),
+                'redisconnection'
+            ));
         }
 
         return $messages;
diff --git a/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.xml b/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.xml
index 3e1ac5bfb..176550f96 100644
--- a/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.xml
+++ b/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.xml
@@ -45,7 +45,6 @@
         </cert>
         <redisconnection type="TextField">
             <Required>N</Required>
-            <Mask>/^.*\S.*$/</Mask> <!-- forbids only whitespace, still allows if any non-whitespace chars -->
         </redisconnection>
         <dnsmode type="OptionField">
             <Required>N</Required>

From aa33f9cf4513974ed267e83b6c61b08f61711f7c Mon Sep 17 00:00:00 2001
From: BPplays <suzuko.oss@proton.me>
Date: Wed, 26 Nov 2025 10:20:03 -0800
Subject: [PATCH 06/18] better error messages

---
 .../app/models/OPNsense/Ntopng/General.php    | 31 ++++++++++---------
 1 file changed, 17 insertions(+), 14 deletions(-)

diff --git a/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.php b/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.php
index b029d5593..95dd3d9fc 100644
--- a/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.php
+++ b/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.php
@@ -76,20 +76,23 @@ class General extends BaseModel
                 ),
                 'redisconnection'
             ));
-        } elseif ($redis_conn !== ltrim($redis_conn)) {
-            $messages->appendMessage(new Message(
-                gettext(
-                    "Can't have leading whitespace"
-                ),
-                'redisconnection'
-            ));
-        } elseif ($redis_conn !== rtrim($redis_conn)) {
-            $messages->appendMessage(new Message(
-                gettext(
-                    "Can't have trailing whitespace"
-                ),
-                'redisconnection'
-            ));
+        } else {
+            if ($redis_conn !== ltrim($redis_conn)) {
+                $messages->appendMessage(new Message(
+                    gettext(
+                        "Can't have leading whitespace"
+                    ),
+                    'redisconnection'
+                ));
+            }
+            if ($redis_conn !== rtrim($redis_conn)) {
+                $messages->appendMessage(new Message(
+                    gettext(
+                        "Can't have trailing whitespace"
+                    ),
+                    'redisconnection'
+                ));
+            }
         }
 
         return $messages;

From d7789601c48902b4280b400a9eab32bae093496f Mon Sep 17 00:00:00 2001
From: BPplays <suzuko.oss@proton.me>
Date: Wed, 26 Nov 2025 10:39:17 -0800
Subject: [PATCH 07/18] changed name of helper func

---
 .../opnsense/service/templates/OPNsense/Ntopng/ntopng.conf    | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/net/ntopng/src/opnsense/service/templates/OPNsense/Ntopng/ntopng.conf b/net/ntopng/src/opnsense/service/templates/OPNsense/Ntopng/ntopng.conf
index a28cb754d..26be439be 100644
--- a/net/ntopng/src/opnsense/service/templates/OPNsense/Ntopng/ntopng.conf
+++ b/net/ntopng/src/opnsense/service/templates/OPNsense/Ntopng/ntopng.conf
@@ -9,8 +9,8 @@
 {%   set http_listens = [] %}
 {%   set https_listens = [] %}
 {% for address in OPNsense.ntopng.general.addresses.split(',') %}
-{%     set _ = http_listens.append(helpers.format_host_str_for_port(address) ~ ':' ~ OPNsense.ntopng.general.httpport) %}
-{%     set _ = https_listens.append(helpers.format_host_str_for_port(address) ~ ':' ~ OPNsense.ntopng.general.httpsport) %}
+{%     set _ = http_listens.append(helpers.host_str_for_port(address) ~ ':' ~ OPNsense.ntopng.general.httpport) %}
+{%     set _ = https_listens.append(helpers.host_str_for_port(address) ~ ':' ~ OPNsense.ntopng.general.httpsport) %}
 {% endfor %}
 
 {%   if helpers.exists('OPNsense.ntopng.general.httpport') and OPNsense.ntopng.general.httpport != '' %}

From e0f8f4753fa4e07bb27efb010e91c016c4f89341 Mon Sep 17 00:00:00 2001
From: BPplays <suzuko.oss@proton.me>
Date: Fri, 28 Nov 2025 18:38:31 -0800
Subject: [PATCH 08/18] made redis template ntopng when reconfig to change pass
 or port, make ntopng also work with just port change

---
 .../OPNsense/Redis/Api/ServiceController.php  | 24 +++++++++++++++++++
 .../templates/OPNsense/Ntopng/ntopng.conf     |  2 ++
 2 files changed, 26 insertions(+)

diff --git a/databases/redis/src/opnsense/mvc/app/controllers/OPNsense/Redis/Api/ServiceController.php b/databases/redis/src/opnsense/mvc/app/controllers/OPNsense/Redis/Api/ServiceController.php
index 931a27f45..adb996c44 100644
--- a/databases/redis/src/opnsense/mvc/app/controllers/OPNsense/Redis/Api/ServiceController.php
+++ b/databases/redis/src/opnsense/mvc/app/controllers/OPNsense/Redis/Api/ServiceController.php
@@ -39,6 +39,16 @@ class ServiceController extends ApiMutableServiceControllerBase
     protected static $internalServiceEnabled = 'general.enabled';
     protected static $internalServiceName = 'redis';
 
+    private function isNtopngEnabled()
+    {
+        $cnf = \OPNsense\Core\Config::getInstance()->object();
+        $is_enabled = false;
+        if ($cnf->OPNsense && $cnf->OPNsense->ntopng && $cnf->OPNsense->ntopng->general) {
+            $is_enabled = (string)$cnf->OPNsense->ntopng->general->enabled === '1';
+        }
+        return $is_enabled;
+    }
+
     /**
      * remove database folder
      * @return array
@@ -49,4 +59,18 @@ class ServiceController extends ApiMutableServiceControllerBase
         $response = $backend->configdRun("redis resetdb");
         return array("response" => $response);
     }
+
+    public function reconfigureAction() {
+        $result = parent::reconfigureAction();
+
+        if ($result['status'] == 'ok') {
+            if ($this->isNtopngEnabled()) {
+                $backend = new Backend();
+                $backend->configdRun('template reload OPNsense/Ntopng');
+                $backend->configdRun('ntopng restart');
+            }
+        }
+
+        return $result;
+    }
 }
diff --git a/net/ntopng/src/opnsense/service/templates/OPNsense/Ntopng/ntopng.conf b/net/ntopng/src/opnsense/service/templates/OPNsense/Ntopng/ntopng.conf
index 26be439be..2ee376808 100644
--- a/net/ntopng/src/opnsense/service/templates/OPNsense/Ntopng/ntopng.conf
+++ b/net/ntopng/src/opnsense/service/templates/OPNsense/Ntopng/ntopng.conf
@@ -27,6 +27,8 @@
 --redis={{ OPNsense.ntopng.general.redisconnection }}
 {%   elif helpers.exists('OPNsense.redis.security.password') and OPNsense.redis.security.password != '' %}
 --redis=localhost:{{ OPNsense.redis.general.port | default('6379') }}:{{ OPNsense.redis.security.password }}
+{%   elif helpers.exists('OPNsense.redis.general.port') and OPNsense.redis.general.port != '' %}
+--redis=localhost:{{ OPNsense.redis.general.port }}
 {%   endif %}
 {%   if helpers.exists('OPNsense.ntopng.general.dnsmode') and OPNsense.ntopng.general.dnsmode != '' %}
 --dns-mode={{ OPNsense.ntopng.general.dnsmode }}

From 1d63930c07442bb7f2d24ed3122ff48b813e23b6 Mon Sep 17 00:00:00 2001
From: BPplays <suzuko.oss@proton.me>
Date: Fri, 28 Nov 2025 18:50:56 -0800
Subject: [PATCH 09/18] redis doesn't reconfig ntopng if the redis server is
 overridden

---
 .../OPNsense/Redis/Api/ServiceController.php   | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/databases/redis/src/opnsense/mvc/app/controllers/OPNsense/Redis/Api/ServiceController.php b/databases/redis/src/opnsense/mvc/app/controllers/OPNsense/Redis/Api/ServiceController.php
index adb996c44..7220fbe84 100644
--- a/databases/redis/src/opnsense/mvc/app/controllers/OPNsense/Redis/Api/ServiceController.php
+++ b/databases/redis/src/opnsense/mvc/app/controllers/OPNsense/Redis/Api/ServiceController.php
@@ -39,14 +39,20 @@ class ServiceController extends ApiMutableServiceControllerBase
     protected static $internalServiceEnabled = 'general.enabled';
     protected static $internalServiceName = 'redis';
 
-    private function isNtopngEnabled()
-    {
+    private function shouldNtopngReconfig() {
         $cnf = \OPNsense\Core\Config::getInstance()->object();
-        $is_enabled = false;
+
         if ($cnf->OPNsense && $cnf->OPNsense->ntopng && $cnf->OPNsense->ntopng->general) {
-            $is_enabled = (string)$cnf->OPNsense->ntopng->general->enabled === '1';
+            if ((string)$cnf->OPNsense->ntopng->general->redisconnection !== '') {
+                return false;
+            }
+
+
+            if ((string)$cnf->OPNsense->ntopng->general->enabled === '1') {
+                return true;
+            }
         }
-        return $is_enabled;
+        return false;
     }
 
     /**
@@ -64,7 +70,7 @@ class ServiceController extends ApiMutableServiceControllerBase
         $result = parent::reconfigureAction();
 
         if ($result['status'] == 'ok') {
-            if ($this->isNtopngEnabled()) {
+            if ($this->shouldNtopngReconfig()) {
                 $backend = new Backend();
                 $backend->configdRun('template reload OPNsense/Ntopng');
                 $backend->configdRun('ntopng restart');

From 25dcb3be77f07bc1d78ed402bae68310d44879c4 Mon Sep 17 00:00:00 2001
From: BPplays <suzuko.oss@proton.me>
Date: Sun, 7 Dec 2025 10:29:04 -0800
Subject: [PATCH 10/18] template formatting

---
 .../opnsense/service/templates/OPNsense/Ntopng/ntopng.conf    | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/net/ntopng/src/opnsense/service/templates/OPNsense/Ntopng/ntopng.conf b/net/ntopng/src/opnsense/service/templates/OPNsense/Ntopng/ntopng.conf
index 2ee376808..ac303e393 100644
--- a/net/ntopng/src/opnsense/service/templates/OPNsense/Ntopng/ntopng.conf
+++ b/net/ntopng/src/opnsense/service/templates/OPNsense/Ntopng/ntopng.conf
@@ -8,10 +8,10 @@
 
 {%   set http_listens = [] %}
 {%   set https_listens = [] %}
-{% for address in OPNsense.ntopng.general.addresses.split(',') %}
+{%   for address in OPNsense.ntopng.general.addresses.split(',') %}
 {%     set _ = http_listens.append(helpers.host_str_for_port(address) ~ ':' ~ OPNsense.ntopng.general.httpport) %}
 {%     set _ = https_listens.append(helpers.host_str_for_port(address) ~ ':' ~ OPNsense.ntopng.general.httpsport) %}
-{% endfor %}
+{%   endfor %}
 
 {%   if helpers.exists('OPNsense.ntopng.general.httpport') and OPNsense.ntopng.general.httpport != '' %}
 --http-port="{{ http_listens | join(',') }}"

From 7294749fadac28080b2199fb56f999016b95fcb0 Mon Sep 17 00:00:00 2001
From: BPplays <suzuko.oss@proton.me>
Date: Sat, 13 Dec 2025 19:37:15 -0800
Subject: [PATCH 11/18] changed to IPPortField

---
 .../OPNsense/Ntopng/forms/general.xml         | 16 ++++--------
 .../app/models/OPNsense/Ntopng/General.php    | 19 +++-----------
 .../app/models/OPNsense/Ntopng/General.xml    | 25 ++++++++-----------
 .../templates/OPNsense/Ntopng/ntopng.conf     | 15 +++--------
 4 files changed, 24 insertions(+), 51 deletions(-)

diff --git a/net/ntopng/src/opnsense/mvc/app/controllers/OPNsense/Ntopng/forms/general.xml b/net/ntopng/src/opnsense/mvc/app/controllers/OPNsense/Ntopng/forms/general.xml
index c100cd144..64113809e 100644
--- a/net/ntopng/src/opnsense/mvc/app/controllers/OPNsense/Ntopng/forms/general.xml
+++ b/net/ntopng/src/opnsense/mvc/app/controllers/OPNsense/Ntopng/forms/general.xml
@@ -13,24 +13,18 @@
         <help>Select the interface to listen to. Set to none if you want to choose the interface via ntopng UI.</help>
     </field>
     <field>
-        <id>general.addresses</id>
-        <label>Listen addresses</label>
+        <id>general.addresseshttp</id>
+        <label>Listen addresses (HTTP)</label>
         <style>tokenize</style>
         <type>select_multiple</type>
         <allownew>true</allownew>
         <help>Address(es) this service listens on.</help>
     </field>
     <field>
-        <id>general.httpport</id>
-        <label>HTTP Port</label>
+        <id>general.addresseshttps</id>
+        <label>Listen address (HTTPS)</label>
         <type>text</type>
-        <help>HTTP Port this service listens on.</help>
-    </field>
-    <field>
-        <id>general.httpsport</id>
-        <label>HTTPS Port</label>
-        <type>text</type>
-        <help>HTTPS Port this service listens on. If you enable HTTPS you will be redirected from HTTP to HTTPS. Please select a certificate below</help>
+        <help>Address this service listens on. (the limit of 1 address comes from ntopng)</help>
     </field>
     <field>
         <id>general.cert</id>
diff --git a/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.php b/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.php
index 95dd3d9fc..7d09ea45f 100644
--- a/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.php
+++ b/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.php
@@ -38,34 +38,23 @@ class General extends BaseModel
         $messages = parent::performValidation($validateFullModel);
 
 
-        $http = (string)$this->httpport;
-        $https = (string)$this->httpsport;
+        $http = (string)$this->addresseshttp;
+        $https = (string)$this->addresseshttps;
 
         if ($http === '' && $https === '') {
             $msg = gettext('Please input at least an HTTP or HTTPS port.');
 
             $messages->appendMessage(new Message(
                 $msg,
-                'httpport'
+                'addresseshttp'
             ));
 
             $messages->appendMessage(new Message(
                 $msg,
-                'httpsport'
+                'addresseshttps'
             ));
         }
 
-        $addresses_length = count(explode(',', (string)$this->addresses));
-        if ($addresses_length > 1 && $https !== '') {
-            $messages->appendMessage(new Message(
-                gettext(
-                    "Can't have more then 1 listen address when using HTTPS"
-                ),
-                'addresses'
-            ));
-
-        }
-
 
         $redis_conn = (string)$this->redisconnection;
 
diff --git a/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.xml b/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.xml
index 176550f96..a7ebcb71d 100644
--- a/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.xml
+++ b/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/General.xml
@@ -1,7 +1,7 @@
 <model>
     <mount>//OPNsense/ntopng/general</mount>
     <description>ntopng configuration</description>
-    <version>0.0.2</version>
+    <version>0.1.3</version>
     <items>
         <enabled type="BooleanField">
             <Default>0</Default>
@@ -12,34 +12,31 @@
             <Multiple>Y</Multiple>
             <AllowDynamic>Y</AllowDynamic>
         </interface>
-        <addresses type="NetworkField">
-            <Required>Y</Required>
-            <Default>::,0.0.0.0</Default>
-            <NetMaskAllowed>N</NetMaskAllowed>
+        <addresseshttp type="IPPortField">
+            <Required>N</Required>
+            <Default>[::]:3000,0.0.0.0:3000</Default>
             <AsList>Y</AsList>
-        </addresses>
-        <httpport type="PortField">
-            <Required>N</Required>
-            <Default>3000</Default>
-        </httpport>
-        <httpsport type="PortField">
+        </addresseshttp>
+        <addresseshttps type="IPPortField">
             <Required>N</Required>
+            <Default></Default>
             <Constraints>
                 <check001>
-                    <ValidationMessage>Please select a HTTPS port and a valid certificate</ValidationMessage>
+                    <ValidationMessage>Please select an HTTPS port and a valid certificate</ValidationMessage>
                     <type>AllOrNoneConstraint</type>
                     <addFields>
                         <field1>cert</field1>
                     </addFields>
                 </check001>
             </Constraints>
-        </httpsport>
+            <AsList>N</AsList>
+        </addresseshttps>
         <cert type="CertificateField">
             <Type>cert</Type>
             <Required>N</Required>
             <Constraints>
                 <check001>
-                    <reference>httpsport.check001</reference>
+                    <reference>addresseshttps.check001</reference>
                 </check001>
             </Constraints>
         </cert>
diff --git a/net/ntopng/src/opnsense/service/templates/OPNsense/Ntopng/ntopng.conf b/net/ntopng/src/opnsense/service/templates/OPNsense/Ntopng/ntopng.conf
index ac303e393..4fe6dcc09 100644
--- a/net/ntopng/src/opnsense/service/templates/OPNsense/Ntopng/ntopng.conf
+++ b/net/ntopng/src/opnsense/service/templates/OPNsense/Ntopng/ntopng.conf
@@ -6,21 +6,14 @@
 {%     endfor %}
 {%   endif %}
 
-{%   set http_listens = [] %}
-{%   set https_listens = [] %}
-{%   for address in OPNsense.ntopng.general.addresses.split(',') %}
-{%     set _ = http_listens.append(helpers.host_str_for_port(address) ~ ':' ~ OPNsense.ntopng.general.httpport) %}
-{%     set _ = https_listens.append(helpers.host_str_for_port(address) ~ ':' ~ OPNsense.ntopng.general.httpsport) %}
-{%   endfor %}
-
-{%   if helpers.exists('OPNsense.ntopng.general.httpport') and OPNsense.ntopng.general.httpport != '' %}
---http-port="{{ http_listens | join(',') }}"
+{%   if helpers.exists('OPNsense.ntopng.general.addresseshttp') and OPNsense.ntopng.general.addresseshttp != '' %}
+--http-port="{{ OPNsense.ntopng.general.addresseshttp }}"
 {%   else %}
 --http-port=0
 {%   endif %}
 
-{%   if helpers.exists('OPNsense.ntopng.general.httpsport') and OPNsense.ntopng.general.httpsport != '' %}
---https-port="{{ https_listens | join(',') }}"
+{%   if helpers.exists('OPNsense.ntopng.general.addresseshttps') and OPNsense.ntopng.general.addresseshttps != '' %}
+--https-port="{{ OPNsense.ntopng.general.addresseshttps }}"
 {%   endif %}
 
 {%   if helpers.exists('OPNsense.ntopng.general.redisconnection') and OPNsense.ntopng.general.redisconnection != '' %}

From 29e523524cc8b19660c04f023c2a774c621a93a4 Mon Sep 17 00:00:00 2001
From: BPplays <suzuko.oss@proton.me>
Date: Sat, 13 Dec 2025 19:39:33 -0800
Subject: [PATCH 12/18] formatting

---
 .../redis/src/opnsense/mvc/app/models/OPNsense/Redis/Redis.php | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/databases/redis/src/opnsense/mvc/app/models/OPNsense/Redis/Redis.php b/databases/redis/src/opnsense/mvc/app/models/OPNsense/Redis/Redis.php
index 3f3e3f753..51b2c0bfb 100644
--- a/databases/redis/src/opnsense/mvc/app/models/OPNsense/Redis/Redis.php
+++ b/databases/redis/src/opnsense/mvc/app/models/OPNsense/Redis/Redis.php
@@ -35,13 +35,10 @@ class Redis extends BaseModel
 {
     public function performValidation($validateFullModel = false)
     {
-        // Call parent validation first
         $messages = parent::performValidation($validateFullModel);
 
-        // Get the password value
         $password = (string)$this->security->password;
 
-        // Check if password contains \ or `
         if (!empty($password) && (strpos($password, '\\') !== false || strpos($password, '`') !== false)) {
             $message = new Message(
                 gettext(

From de5713ea34bee80c5da4f1d71cc048155e0cefe5 Mon Sep 17 00:00:00 2001
From: BPplays <suzuko.oss@proton.me>
Date: Fri, 10 Apr 2026 15:24:13 -0700
Subject: [PATCH 13/18] testing migrations

---
 .../OPNsense/Ntopng/Migrations/M0_1_3.php     | 45 +++++++++++++++++++
 1 file changed, 45 insertions(+)
 create mode 100644 net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/Migrations/M0_1_3.php

diff --git a/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/Migrations/M0_1_3.php b/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/Migrations/M0_1_3.php
new file mode 100644
index 000000000..a64fad484
--- /dev/null
+++ b/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/Migrations/M0_1_3.php
@@ -0,0 +1,45 @@
+<?php
+namespace OPNsense\Ntopng\General\Migrations;
+
+use OPNsense\Base\BaseModelMigration;
+use OPNsense\Core\Config;
+
+class M0_1_3 extends BaseModelMigration
+{
+    function ntop_dbg($msg) {
+        // 1) append to a known temp file so we can read it reliably
+        @file_put_contents('/tmp/ntopng_migration.log', date('c') . ' ' . $msg . PHP_EOL, FILE_APPEND|LOCK_EX);
+        // 2) also write to STDERR so it appears when you run the migration interactively
+        if (defined('STDERR')) {
+            @fwrite(STDERR, date('c') . ' ' . $msg . PHP_EOL);
+        }
+    }
+    public function run($model)
+    {
+
+
+        parent::run($model);
+        $general = $model->getNodeByReference('general');
+        $general->addresseshttp  = "[::]:5555,0.0.0.0:5555";
+        $general->addresseshttps = "[::]:5555";
+
+
+        // $config = Config::getInstance()->object();
+        // // $general = $model->getNodeByReference('general');
+        // $general = $model;
+        //
+        // $httpPort = (string)$config->OPNsense->ntopng->general->httpport;
+        // if (true) {
+        //     $general->addresseshttp = "[::]:{$httpPort},0.0.0.0:{$httpPort}";
+        // }
+        //
+        // $httpsPort = (string)$config->OPNsense->ntopng->general->httpsport;
+        // if (true) {
+        //     $general->addresseshttps = "[::]:{$httpsPort}";
+        // }
+        // if ($general !== null) {
+        //
+        // }
+
+    }
+}

From 06ec233fecfe036402f424701544c9399792d3a0 Mon Sep 17 00:00:00 2001
From: BPplays <suzuko.oss@proton.me>
Date: Sat, 11 Apr 2026 04:21:32 -0700
Subject: [PATCH 14/18] testing migrations

---
 .../OPNsense/Ntopng/Migrations/M0_1_3.php     | 41 ++++---------------
 1 file changed, 9 insertions(+), 32 deletions(-)

diff --git a/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/Migrations/M0_1_3.php b/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/Migrations/M0_1_3.php
index a64fad484..a917dbd2f 100644
--- a/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/Migrations/M0_1_3.php
+++ b/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/Migrations/M0_1_3.php
@@ -1,45 +1,22 @@
 <?php
-namespace OPNsense\Ntopng\General\Migrations;
+namespace OPNsense\Ntopng\Migrations;
 
 use OPNsense\Base\BaseModelMigration;
-use OPNsense\Core\Config;
 
 class M0_1_3 extends BaseModelMigration
 {
-    function ntop_dbg($msg) {
-        // 1) append to a known temp file so we can read it reliably
-        @file_put_contents('/tmp/ntopng_migration.log', date('c') . ' ' . $msg . PHP_EOL, FILE_APPEND|LOCK_EX);
-        // 2) also write to STDERR so it appears when you run the migration interactively
-        if (defined('STDERR')) {
-            @fwrite(STDERR, date('c') . ' ' . $msg . PHP_EOL);
-        }
-    }
     public function run($model)
     {
+        $httpPort = (string)$model->httpport;
+        if ($httpPort !== '') {
+            $model->addresseshttp = "[::]:{$httpPort},0.0.0.0:{$httpPort}";
+        }
 
+        $httpsPort = (string)$model->httpsport;
+        if ($httpsPort !== '') {
+            $model->addresseshttps = "[::]:{$httpsPort}";
+        }
 
         parent::run($model);
-        $general = $model->getNodeByReference('general');
-        $general->addresseshttp  = "[::]:5555,0.0.0.0:5555";
-        $general->addresseshttps = "[::]:5555";
-
-
-        // $config = Config::getInstance()->object();
-        // // $general = $model->getNodeByReference('general');
-        // $general = $model;
-        //
-        // $httpPort = (string)$config->OPNsense->ntopng->general->httpport;
-        // if (true) {
-        //     $general->addresseshttp = "[::]:{$httpPort},0.0.0.0:{$httpPort}";
-        // }
-        //
-        // $httpsPort = (string)$config->OPNsense->ntopng->general->httpsport;
-        // if (true) {
-        //     $general->addresseshttps = "[::]:{$httpsPort}";
-        // }
-        // if ($general !== null) {
-        //
-        // }
-
     }
 }

From ca48f0822c643977549579c8e8eba0f20f62fe44 Mon Sep 17 00:00:00 2001
From: BPplays <suzuko.oss@proton.me>
Date: Sat, 11 Apr 2026 05:17:27 -0700
Subject: [PATCH 15/18] testing migrations logging

---
 .../OPNsense/Ntopng/Migrations/M0_1_3.php     | 35 +++++++++++++++----
 1 file changed, 28 insertions(+), 7 deletions(-)

diff --git a/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/Migrations/M0_1_3.php b/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/Migrations/M0_1_3.php
index a917dbd2f..ad32f55d7 100644
--- a/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/Migrations/M0_1_3.php
+++ b/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/Migrations/M0_1_3.php
@@ -2,21 +2,42 @@
 namespace OPNsense\Ntopng\Migrations;
 
 use OPNsense\Base\BaseModelMigration;
+use OPNsense\Core\Config;
 
 class M0_1_3 extends BaseModelMigration
 {
+    private function log($msg)
+    {
+        $logMsg = date('Y-m-d H:i:s') . ' ' . $msg . PHP_EOL;
+        @file_put_contents('/tmp/ntopng_migration_debug.log', $logMsg, FILE_APPEND | LOCK_EX);
+    }
+
     public function run($model)
     {
-        $httpPort = (string)$model->httpport;
-        if ($httpPort !== '') {
-            $model->addresseshttp = "[::]:{$httpPort},0.0.0.0:{$httpPort}";
-        }
+        $this->log('--- Starting Migration M0_1_3 ---');
+        
+        $config = Config::getInstance()->object();
+        $ntopngConfig = $config->OPNsense->ntopng->general ?? null;
 
-        $httpsPort = (string)$model->httpsport;
-        if ($httpsPort !== '') {
-            $model->addresseshttps = "[::]:{$httpsPort}";
+        if ($ntopngConfig) {
+            $httpPort = (string)($ntopngConfig->httpport ?? '');
+            $this->log("Raw Config HTTP Port: '$httpPort'");
+            if ($httpPort !== '') {
+                $model->addresseshttp = "[::]:{$httpPort},0.0.0.0:{$httpPort}";
+                $this->log("Migrated addresseshttp: '{$model->addresseshttp}'");
+            }
+
+            $httpsPort = (string)($ntopngConfig->httpsport ?? '');
+            $this->log("Raw Config HTTPS Port: '$httpsPort'");
+            if ($httpsPort !== '') {
+                $model->addresseshttps = "[::]:{$httpsPort}";
+                $this->log("Migrated addresseshttps: '{$model->addresseshttps}'");
+            }
+        } else {
+            $this->log('No raw ntopng general config found');
         }
 
         parent::run($model);
+        $this->log('--- Finished Migration M0_1_3 ---');
     }
 }

From 88ccda1b49a5768a66d6613e2e8aac71e2e4e382 Mon Sep 17 00:00:00 2001
From: BPplays <suzuko.oss@proton.me>
Date: Sat, 11 Apr 2026 05:18:27 -0700
Subject: [PATCH 16/18] removed logging

---
 .../models/OPNsense/Ntopng/Migrations/M0_1_3.php  | 15 ---------------
 1 file changed, 15 deletions(-)

diff --git a/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/Migrations/M0_1_3.php b/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/Migrations/M0_1_3.php
index ad32f55d7..8a924c4ab 100644
--- a/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/Migrations/M0_1_3.php
+++ b/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/Migrations/M0_1_3.php
@@ -6,38 +6,23 @@ use OPNsense\Core\Config;
 
 class M0_1_3 extends BaseModelMigration
 {
-    private function log($msg)
-    {
-        $logMsg = date('Y-m-d H:i:s') . ' ' . $msg . PHP_EOL;
-        @file_put_contents('/tmp/ntopng_migration_debug.log', $logMsg, FILE_APPEND | LOCK_EX);
-    }
-
     public function run($model)
     {
-        $this->log('--- Starting Migration M0_1_3 ---');
-        
         $config = Config::getInstance()->object();
         $ntopngConfig = $config->OPNsense->ntopng->general ?? null;
 
         if ($ntopngConfig) {
             $httpPort = (string)($ntopngConfig->httpport ?? '');
-            $this->log("Raw Config HTTP Port: '$httpPort'");
             if ($httpPort !== '') {
                 $model->addresseshttp = "[::]:{$httpPort},0.0.0.0:{$httpPort}";
-                $this->log("Migrated addresseshttp: '{$model->addresseshttp}'");
             }
 
             $httpsPort = (string)($ntopngConfig->httpsport ?? '');
-            $this->log("Raw Config HTTPS Port: '$httpsPort'");
             if ($httpsPort !== '') {
                 $model->addresseshttps = "[::]:{$httpsPort}";
-                $this->log("Migrated addresseshttps: '{$model->addresseshttps}'");
             }
-        } else {
-            $this->log('No raw ntopng general config found');
         }
 
         parent::run($model);
-        $this->log('--- Finished Migration M0_1_3 ---');
     }
 }

From 3f6270a0893727e46e0ceba18122424254abfb3b Mon Sep 17 00:00:00 2001
From: BPplays <suzuko.oss@proton.me>
Date: Wed, 15 Apr 2026 05:58:47 -0700
Subject: [PATCH 17/18] default to https port 0, should disable if nothing is
 input

---
 .../src/opnsense/service/templates/OPNsense/Ntopng/ntopng.conf  | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/net/ntopng/src/opnsense/service/templates/OPNsense/Ntopng/ntopng.conf b/net/ntopng/src/opnsense/service/templates/OPNsense/Ntopng/ntopng.conf
index 4fe6dcc09..b1e958cab 100644
--- a/net/ntopng/src/opnsense/service/templates/OPNsense/Ntopng/ntopng.conf
+++ b/net/ntopng/src/opnsense/service/templates/OPNsense/Ntopng/ntopng.conf
@@ -14,6 +14,8 @@
 
 {%   if helpers.exists('OPNsense.ntopng.general.addresseshttps') and OPNsense.ntopng.general.addresseshttps != '' %}
 --https-port="{{ OPNsense.ntopng.general.addresseshttps }}"
+{%   else %}
+--https-port=0
 {%   endif %}
 
 {%   if helpers.exists('OPNsense.ntopng.general.redisconnection') and OPNsense.ntopng.general.redisconnection != '' %}

From 4ce65e3e96790cebf964633f424f7d3a9652821d Mon Sep 17 00:00:00 2001
From: BPplays <suzuko.oss@proton.me>
Date: Wed, 15 Apr 2026 06:09:46 -0700
Subject: [PATCH 18/18] change https migration to 0.0.0.0

---
 .../mvc/app/models/OPNsense/Ntopng/Migrations/M0_1_3.php        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/Migrations/M0_1_3.php b/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/Migrations/M0_1_3.php
index 8a924c4ab..902cdeada 100644
--- a/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/Migrations/M0_1_3.php
+++ b/net/ntopng/src/opnsense/mvc/app/models/OPNsense/Ntopng/Migrations/M0_1_3.php
@@ -19,7 +19,7 @@ class M0_1_3 extends BaseModelMigration
 
             $httpsPort = (string)($ntopngConfig->httpsport ?? '');
             if ($httpsPort !== '') {
-                $model->addresseshttps = "[::]:{$httpsPort}";
+                $model->addresseshttps = "0.0.0.0:{$httpsPort}";
             }
         }