Project

General

Profile

Activity

From 04/04/2024 to 05/03/2024

Today

02:44 PM pfSense Packages Todo #15458: Convert Spamhaus DROP/eDROP to one list and JSON format
https://forum.netgate.com/topic/187930/spamhaus-drop-edrop-list Steve Y
02:42 PM pfSense Packages Todo #15458 (New): Convert Spamhaus DROP/eDROP to one list and JSON format
The lists are combined and there is no eDROP list:
https://www.spamhaus.org/resource-hub/network-security/spamhaus-d... Steve Y
02:10 PM pfSense Packages Bug #15457 (New): HAproxy disable zero copy forwarding
See more details here:
https://forum.netgate.com/topic/187757/haproxy-100-cpu-usage
https://github.com/haproxy/... Danilo Zrenjanin
11:23 AM pfSense Bug #15456 (New): KEA DHCP allows entering static mappings with no IP address defined
After defining a static mapping without an IP address, the DHCP lease page will display two entries for that MAC addr... Danilo Zrenjanin
05:17 AM pfSense Plus Bug #15303: dpinger service does not always switch from Pending to Online
In my case I am on 2.7.2 CE. Chris Collins
05:16 AM pfSense Plus Bug #15303: dpinger service does not always switch from Pending to Online
I just got this on a IPv4 gateway DHCP WAN. Usually it works, but on powering up pfSense on this occasion it was stu... Chris Collins
12:14 AM pfSense Bug #14977: Stale Kea control socket lock file can prevent Kea from starting
I have experienced the same problem today 2 days after updating to 24.03-RELEASE
In addition to all described abov... Yuri Weinstein

05/02/2024

06:40 PM pfSense Bug #14591: Restoring with different interfaces (partially?) applies changes before reboot
I ran into this again today, restoring a 3100 config to a 2100, both running 23.09.1. I deleted the OPT1 interface d... Steve Y
06:28 PM pfSense Bug #14977: Stale Kea control socket lock file can prevent Kea from starting
This issue was occurring for me too, and I have found a resolution. It manifests itself as a "ghost" kea process whi... Nicholas Ruddick
12:13 PM pfSense Packages Feature #15375 (Resolved): Update ntopng package
Jim Pingle
07:48 AM pfSense Plus Bug #15446 (Feedback): Kernel panic while pflow configured to export IPFIX
The relevant patch has been merged to our branches and will be part of the next build. Kristof Provost

05/01/2024

11:32 PM pfSense Packages Feature #15393: Return to the ga version of NUT
This is in PR 1368 (https://github.com/pfsense/FreeBSD-ports/pull/1368). Denny Page
11:29 PM pfSense Packages Feature #15375: Update ntopng package
This can be closed as complete. Thanks. Denny Page
05:50 PM pfSense Bug #15454 (Resolved): Minor GUI inconsistency in Certificate Management tab
Jim Pingle
05:50 PM pfSense Bug #15454: Minor GUI inconsistency in Certificate Management tab
tested, patch fixes the issue Georgiy Tyutyunnik
01:00 PM pfSense Bug #15454 (Feedback): Minor GUI inconsistency in Certificate Management tab
Applied in changeset commit:7cbbda697adeabca5eaad369099ea995a4c2cd42. Jim Pingle
11:08 AM pfSense Bug #15454 (Resolved): Minor GUI inconsistency in Certificate Management tab
Minor inconsistency in GUI sub-tab displayed naming:
in System -> Cetificate tab the sub-tab for "Revocation" change... Georgiy Tyutyunnik
03:48 PM pfSense Bug #15440 (Resolved): CA certificates are not added to the Trust Store
Jim Pingle
03:36 PM pfSense Bug #15440: CA certificates are not added to the Trust Store
I stand corrected.
patch works, wait time around 3 mins after adding a cert to trusted Georgiy Tyutyunnik
12:47 PM pfSense Bug #15440: CA certificates are not added to the Trust Store
Georgiy Tyutyunnik wrote in #note-3:
> tested the patch:
> seems like imported ca is correctly recognised post-imp... Jim Pingle
12:42 PM pfSense Bug #15440: CA certificates are not added to the Trust Store
tested the patch:
seems like imported ca is correctly recognised post-import as trusted only if you manually re-run... Georgiy Tyutyunnik
03:34 PM pfSense Todo #15455 (New): Improve Package Manager behavior when the installed pfSense version differs from the selected update branch
When a new version of pfSense is available, the "Current" branch version changes to match the new version. This cause... Andrew Almond
12:58 PM pfSense Bug #15453 (Not a Bug): Assignment of OpenVPN port to an Interface shuts down OpenVPN access to Netgate 1100/2100
After assigning an OpenVPN interface you must edit/save the OpenVPN instance to properly reinitialize the underlying ... Jim Pingle
12:52 PM pfSense Revision 7cbbda69: Correct inconsistent CRL tab names. Fixes #15454
Jim Pingle

04/30/2024

11:43 PM pfSense Bug #15453 (Not a Bug): Assignment of OpenVPN port to an Interface shuts down OpenVPN access to Netgate 1100/2100
I have a Netgate 2100 that is set up with an OpenVPN server. I can readily connect to it remotely with the SparkLabs ... Dominik Hoffmann
06:53 PM pfSense Docs Todo #15450 (Closed): Feedback on High Availability
Info added.
https://gitlab.netgate.com/docs/pfSense-docs/-/commit/b83e51d63a71013f568e8f7314993fcde182fd49 Jim Pingle
04:32 PM pfSense Packages Bug #15451: Cannot remove package
Jim Pingle wrote in #note-1:
> There isn't nearly enough information here to go on, and this isn't the correct platf... Nafryti Nosferatu
12:15 PM pfSense Packages Bug #15451 (Incomplete): Cannot remove package
There isn't nearly enough information here to go on, and this isn't the correct platform to diagnose the issue. Pleas... Jim Pingle
12:06 AM pfSense Packages Bug #15451 (Incomplete): Cannot remove package
The earlier issue I noticed where it wasn't sending information, I tried restarting the service, no change, so I went... Nafryti Nosferatu
01:18 PM pfSense Todo #15422 (Resolved): Add current boot method to System Information widget
Jim Pingle
11:48 AM pfSense Todo #15422: Add current boot method to System Information widget
works as expected Georgiy Tyutyunnik
08:45 AM pfSense Packages Bug #13444: zabbix_proxy : cannot open "/var/log/zabbix-proxy/zabbix_proxy.log": [13] Permission denied
This problem still exists in the latest version of pfSense (2.7.2-RELEASE) with all Zabbix agent and proxy packages (... Cyril Christin
12:33 AM pfSense Bug #13996: Limiters using the fq_pie scheduler no longer pass any traffic.
Confirm the problem, it was working, I then adjusted the quantume, then traffic started going into blackhole, I chang... Chris Collins
12:15 AM pfSense Bug #15452: Unexpected/Undefined behaviour of disabled interfaces
The first option there seems far more logical to me but I have always assumed that was the behaviour anyway. Anyone r... Steve Wheeler
12:14 AM pfSense Bug #15452 (New): Unexpected/Undefined behaviour of disabled interfaces
Interfaces that are assigned but disabled can produce unexpected behaviour.
Setting an interface to disabled when ... Steve Wheeler

04/29/2024

10:22 PM pfSense Docs Todo #15450 (Closed): Feedback on High Availability
*Page:* https://docs.netgate.com/pfsense/en/latest/highavailability/index.html
*Feedback:*
Somewhere in the docs ... Ethan Word
05:26 PM pfSense Bug #9453 (Resolved): Reconfiguring a parent LAGG interface breaks its VLANs
To reproduce the issue, the parent interface (@lagg0@) needs to be added to the configuration as disabled. When an in... Marcos M
05:02 PM pfSense Bug #9453: Reconfiguring a parent LAGG interface breaks its VLANs
I can't replicate that in 24.03. Setting the lagg0 interface MTU (after assigning it) in a 7100 results in a ~30s out... Steve Wheeler
05:22 PM pfSense Bug #15449: Delete disabled gateway prevents static routes being loaded on boot
Additional information.
The gateway that is disabled was originally used with a fiber provider's ONT/router which ... Larry Fahnoe
03:37 PM pfSense Bug #15449 (New): Delete disabled gateway prevents static routes being loaded on boot
I have a pair of 4200s which were running 23.09.1
Both have an old gateway in a disabled state (see Disabled gateway... Larry Fahnoe
05:01 PM pfSense Packages Bug #15229 (Resolved): ACME DNS-Selfhost verification issues
Fixed in ACME pkg v0.8 Jim Pingle
03:43 PM pfSense Packages Bug #15229 (In Progress): ACME DNS-Selfhost verification issues
Jim Pingle
05:01 PM pfSense Packages Bug #15061 (Resolved): acme.sh nsupdate with challengealias is failing
Fixed in ACME pkg v0.8 Jim Pingle
03:25 PM pfSense Packages Bug #15061 (In Progress): acme.sh nsupdate with challengealias is failing
Jim Pingle
05:01 PM pfSense Packages Bug #14815 (Resolved): ACME.sh ingnores Certificates in Trust Store
Fixed in ACME pkg v0.8 Jim Pingle
03:22 PM pfSense Packages Bug #14815 (In Progress): ACME.sh ingnores Certificates in Trust Store
Jim Pingle
05:00 PM pfSense Packages Bug #14796 (Resolved): ACME for domain registrar INWX in Germany
Fixed in ACME pkg version ACME pkg v0.8 Jim Pingle
03:20 PM pfSense Packages Bug #14796 (In Progress): ACME for domain registrar INWX in Germany
Jim Pingle
04:17 PM pfSense Plus Bug #15446: Kernel panic while pflow configured to export IPFIX
Fix in https://cgit.freebsd.org/src/commit/?id=221d459fbc67e0c0565d6c6ea52fe8bbc5466fc7
I've not yet cherry-picked... Kristof Provost
04:10 PM pfSense Revision c0cacc1f: fix config.xml recovery
Use bsddialog because dialog no longer exists. Kristof Provost
03:28 PM pfSense Packages Bug #15414 (Rejected): Program Loops on invalid domains
Looks like it's looping inside acme.sh and not code we maintain, so you'd need to report that upstream. Jim Pingle
03:26 PM pfSense Packages Bug #15292 (Duplicate): Certificate renewal with 'dns_inwx.sh' not working: Error add txt for domain:_acme-challenge.foo.bar
Likely a duplicate of #14796 Jim Pingle
03:18 PM pfSense Packages Bug #12623 (Closed): acme.sh package | DNS-ISPConfig settings
This has been fixed for a long time now. Jim Pingle
03:16 PM pfSense Packages Bug #7453 (Closed): DNS-ovh need to save or display consumer key
This field has been in the GUI for years. Jim Pingle
03:15 PM pfSense Todo #15422 (Feedback): Add current boot method to System Information widget
Applied in changeset commit:b891c3a33aff74f4ded6176a78b22ed84821036a. Jim Pingle
03:07 PM pfSense Todo #15422 (In Progress): Add current boot method to System Information widget
Jim Pingle
03:06 PM pfSense Revision b891c3a3: Add boot method to sysinfo widget. Implements #15422
Jim Pingle
01:44 PM pfSense Plus Bug #15421: Netgate 3100 boot loader lacks Lua support but is trying to read loader.conf.lua
Kris Phillips wrote in #note-2:
> Oddly, I'm getting a similar, but not the same error message on an x86 KVM VM. Se... Jim Pingle
01:35 PM pfSense Bug #15448: ``miniupnpd`` lacks IGDv2 support
The choice between v1 and v2 is a compile-time option so we can't make it a GUI selection, however, given the age of ... Jim Pingle
06:32 AM pfSense Bug #15448 (New): ``miniupnpd`` lacks IGDv2 support
The pfSense documentation "here":https://docs.netgate.com/pfsense/en/latest/services/upnp.html claims that miniupnpd ... Allan Hsu
12:49 PM pfSense Bug #15442 (Resolved): CLI password check exits with a write access error when checking is a read-only operation
Jim Pingle

04/28/2024

01:25 AM pfSense Packages Bug #15447 (Closed): Wireguard not sending keep-alives according to configuration
Closing this redmine, per request. Kris Phillips
01:22 AM pfSense Plus Bug #15421: Netgate 3100 boot loader lacks Lua support but is trying to read loader.conf.lua
Oddly, I'm getting a similar, but not the same error message on an x86 KVM VM. See attached. Not sure if this is re... Kris Phillips

04/27/2024

11:43 PM pfSense Bug #15411: Hostname missing from logs in certain cases can cause the system log to display in an unexpected manner
I hit this a few days ago but have yet to see it happen again since rebooting after initially encountering Jordan G
10:38 PM pfSense Bug #15442: CLI password check exits with a write access error when checking is a read-only operation

no errors
[2.8.0-DEVELOPMENT][test@pfSense.home.arpa]/home/test: usermgrpasswd -c
Current password is OK.
... Alhusein Zawi
10:24 PM pfSense Bug #9453 (Confirmed): Reconfiguring a parent LAGG interface breaks its VLANs
changing anything regarding the parent interface stops all communication... Jordan G
06:37 PM pfSense Bug #11192: Using Limiters causes out of order packets within one TCP or UDP flow
I think I may have been affected by this.
I have used limiters in two scenario, one to make my home broadband not ... Chris Collins
06:23 PM pfSense Packages Bug #15420 (Confirmed): Incorrect error pfBlockerNG MaxMind message.
The message remains consistent whether you have entered only the MaxMind Account ID or only the MaxMind License Key o... Danilo Zrenjanin
12:57 PM pfSense Packages Bug #15447: Wireguard not sending keep-alives according to configuration
Sorry, having though about this a bit longer I realise the Keepalive is only sent when there's no Transport data sent... Patrik Stahlman
09:49 AM pfSense Packages Bug #15447 (Closed): Wireguard not sending keep-alives according to configuration

I have configured my wireguard peers with a 30s keep-alive interval. As I was viewing a packet capture in Wireshark... Patrik Stahlman
10:17 AM pfSense Todo #15358: Correct description in “System Information” widget
Jim Pingle wrote in #note-1:
> There is no need to use both forms everywhere. The string is already long enough as i... Sergei Shablovsky

04/26/2024

07:59 PM pfSense Bug #15434 (Resolved): DNS Forwarder ignores "Use remote DNS Servers, ignore local DNS" setting
dylan mendez wrote in #note-6:
> This patch seems to work, however, I had to manually re-save the config on the Gene... Jim Pingle
07:19 PM pfSense Plus Bug #15446 (Feedback): Kernel panic while pflow configured to export IPFIX
System: Netgate 4100
Version: 24.03-RELEASE
After switching the export protocol to Netflow v5, device is stable f... Craig Coonrad
05:59 PM pfSense Packages Bug #15365 (Resolved): pfBlockerNG PHP error when editing a list
PR merged, updated package should be available now on 24.03. Jim Pingle
02:28 PM pfSense Packages Bug #15365: pfBlockerNG PHP error when editing a list
ive added the fixes manually and confirmed all is well.
Any reason why this hasn't been pushed out via the repo? Mike Moore
03:50 PM pfSense Docs Correction #15445 (New): Possible mistake in "WireGuard Site-to-Multisite VPN Configuration Example"
Dear all,
i set up a Wireguard Site-to-Multisite VPN according to the pfSense configuration example.
Configurin... Dieter Kreuz
03:45 PM pfSense Plus Feature #15013: Speed Shift - Add Field to control lowest C-State
Has been solved already and can be closed. Update 26.04: sry ignore my comment i confused it with another ticket - sry! Dieter Kreuz
10:28 AM pfSense Packages Bug #15435: Long boot time when using wireguard VPN
I bought a console cable and captured the reboot output (attached). It doesn't really show anything new. Most of the ... Patrik Stahlman
04:01 AM pfSense Packages Bug #15444 (Duplicate): Since this update 24.03-RELEASE was installed, PFBlockerNG has not been functioning correctly.
Jim Pingle
02:41 AM pfSense Packages Bug #15444 (Duplicate): Since this update 24.03-RELEASE was installed, PFBlockerNG has not been functioning correctly.
24.03-RELEASE (amd64)
built on Wed Apr 24 10:38:00 PDT 2024
FreeBSD 15.0-CURRENT
Since this update was installed... Ron Nootan

04/25/2024

11:50 PM pfSense Packages Bug #15443 (Duplicate): PHP Crash: pfBlockerNG/DNSBL/DNSBL Groups, attempt to add list
Jim Pingle
11:47 PM pfSense Packages Bug #15443: PHP Crash: pfBlockerNG/DNSBL/DNSBL Groups, attempt to add list
Plus mark this as a dup of bug 15365 (and close I guess). I tried Christopher Cope's fix (two spots in the file) and... Jeff Earickson
11:12 PM pfSense Packages Bug #15443: PHP Crash: pfBlockerNG/DNSBL/DNSBL Groups, attempt to add list
pfblockerng version 3.2.0_9. Same bug happens on a Netgate 1100 running 24.03_1 as well. Looks like duplicate of Bu... Jeff Earickson
09:34 PM pfSense Packages Bug #15443 (Duplicate): PHP Crash: pfBlockerNG/DNSBL/DNSBL Groups, attempt to add list
Clicking Add to add a new list causes a PHP fatal error. Reproducible crash. Two copies of crash screenshots and PH... Jeff Earickson
08:35 PM pfSense Packages Feature #14706: Add Cloudflare tunnel pkg
Vlad Saftoiu wrote:
> Could we get this added to the pfSense packages? This type of application is clearly meant to ... Erik Walthinsen
07:48 PM pfSense Docs Todo #15436 (Closed): Update notes for if-bound state policy
I was thinking that but I wasn't certain if there was still some other issue hanging out there. I removed the note, i... Jim Pingle
05:52 PM pfSense Regression #15439: Incorrect icon on collapsed dashboard widgets
In source:src/usr/local/www/js/pfSenseHelpers.js#L486 the code that handles collapse/expand is adding/removing the fa... Jim Pingle
12:36 PM pfSense Regression #15439 (New): Incorrect icon on collapsed dashboard widgets
A collapsed widget on the dashboard shows the '+' icon where the wrench icon should be.
This is a regression since... Steve Wheeler
05:40 PM pfSense Bug #15440 (Feedback): CA certificates are not added to the Trust Store
Applied in changeset commit:27fc5a3020fe981b7a5bc98fc9b1660e8773fc7d. Jim Pingle
05:32 PM pfSense Bug #15440 (In Progress): CA certificates are not added to the Trust Store
Looks like the behavior of @certctl rehash@ changed and now it wipes out the contents of that directory when it did n... Jim Pingle
04:25 PM pfSense Bug #15440 (Resolved): CA certificates are not added to the Trust Store
stopped working after upgrade to 24.03
details in
https://forum.netgate.com/topic/187658/24-03-stuck-at-not-re... J Rey
05:36 PM pfSense Docs Todo #15441 (Rejected): Update "Security Gateway Manual SG-2100", chapter 7
The current docs are already saying most of that -- the only new bits are the driver, which already says "if needed" ... Jim Pingle
04:47 PM pfSense Docs Todo #15441 (Rejected): Update "Security Gateway Manual SG-2100", chapter 7
The writeup on how to connect to the console via a Mac is out of date. Sonoma MacOS has the driver built in, no driv... Jeff Earickson
05:32 PM pfSense Revision 27fc5a30: Fix CA trust store custom entries. Fixes #15440
certctl rehash behavior changed, so we need to write the CA files out
differently now so it picks them up. Jim Pingle
05:30 PM pfSense Bug #15442 (Feedback): CLI password check exits with a write access error when checking is a read-only operation
Applied in changeset commit:90c4a2fe6db1bafc8bb4bc038cf3e3664ac6db47. Jim Pingle
05:23 PM pfSense Bug #15442 (Resolved): CLI password check exits with a write access error when checking is a read-only operation
When running @usermgrpasswd -c@ to check the current user password it exits with an error message saying the user lac... Jim Pingle
05:24 PM pfSense Revision 90c4a2fe: Fix usermgrpasswd check for non-privileged users. Fixes #15442
Jim Pingle
05:19 PM pfSense Bug #12393: Priority of qOthersLow higher than default queues
Still the same in 23.09.1. Steve Y
02:56 PM pfSense Packages Bug #15365: pfBlockerNG PHP error when editing a list
i dont know how to add the patch from the screen shot.
I am hoping it can be available through the package manager. Mike Moore
01:29 PM pfSense Packages Bug #15365: pfBlockerNG PHP error when editing a list
There are actually 2 spots where this can cause an error. The pull request addresses both. The patch attached reflect... Christopher Cope
12:37 PM pfSense Packages Bug #15365: pfBlockerNG PHP error when editing a list
I've tested the patch against the:... Danilo Zrenjanin
10:09 AM pfSense Packages Bug #15365: pfBlockerNG PHP error when editing a list
you can try system patch
 Nizam Moidu
01:32 PM pfSense Packages Bug #15419 (Duplicate): pfBlockerNG - Issue with Adding or Changing Ipv4 Addresses
Christopher Cope
12:13 PM pfSense Packages Bug #15419: pfBlockerNG - Issue with Adding or Changing Ipv4 Addresses
This seems to be a duplicate of #15365 Danilo Zrenjanin
09:13 AM pfSense Bug #15438 (New): NDP Table can be very slow
The NDP table from diagnostics menu become really slow with many link-local entries.
The ndp_diag.php script get the... Christophe H
06:46 AM pfSense Feature #15437: Interfaces sorted alphabetically instead of naturally
Opened a PR on GitHub: https://github.com/pfsense/pfsense/pull/4683 Flo Faber
06:44 AM pfSense Feature #15437 (New): Interfaces sorted alphabetically instead of naturally
When the option Interfaces Sort / Sort Alphabetically is enabled, Interfaces are sorted alphabetically instead of nat... Flo Faber
01:10 AM pfSense Bug #15434: DNS Forwarder ignores "Use remote DNS Servers, ignore local DNS" setting
This patch seems to work, however, I had to manually re-save the config on the General Setup page for the changes to ... dylan mendez

04/24/2024

10:42 PM pfSense Regression #14773: Unable to boot pfSense after installation on Proxmox VE 8.x
This is still an issue in 24.03. See: https://forum.netgate.com/topic/187667/uefi-vm-upgrade-failure Steve Wheeler
08:47 PM pfSense Feature #14483: Conditionally reconfigure IPsec VTI interfaces only when necessary while applying IPsec changes
Hey Jim,
Is any hope in the fix coming to 24.07? Mike Moore
08:38 PM pfSense Packages Bug #15365: pfBlockerNG PHP error when editing a list
Any luck getting the PR merged?
I cant update any of my feeds without it. Mike Moore
08:34 PM pfSense Packages Bug #15419: pfBlockerNG - Issue with Adding or Changing Ipv4 Addresses
Ran into this today as well. Attempting to add a feed to aid in troubleshooting a download issue.
Crash repo... Mike Moore
08:30 PM pfSense Docs Todo #15436 (Closed): Update notes for if-bound state policy
https://docs.netgate.com/pfsense/en/latest/config/advanced-firewall-nat.html#interface-bound-states
> For systems wi... Marcos M
08:14 PM pfSense Packages Bug #15435: Long boot time when using wireguard VPN
Just to document what I did, completely. To generate the first general timing trace of /etc/rc.bootup:
1. apply th... Patrik Stahlman
07:54 PM pfSense Packages Bug #15435 (New): Long boot time when using wireguard VPN

(Additional details in https://forum.netgate.com/post/1163707)
My reason for investigating this was boot times o... Patrik Stahlman
07:57 PM pfSense Regression #15430: Interface-bound state policy does not handle IPsec VTI traffic as expected when filtering on enc0
I added notes about this to the docs about state policy in general (and in the release notes): https://docs.netgate.c... Jim Pingle
07:53 PM pfSense Regression #15430: Interface-bound state policy does not handle IPsec VTI traffic as expected when filtering on enc0
I have made the firewall a VTI/Routed IPsec gateway moving forward.
Considering this drawback is noted in the docum... Mike Moore
01:43 PM pfSense Regression #15430: Interface-bound state policy does not handle IPsec VTI traffic as expected when filtering on enc0
If you do not have **any** tunnel mode IPsec (no site to site tunnel mode P2s, no mobile IPsec) you could change the ... Jim Pingle
01:38 PM pfSense Regression #15430: Interface-bound state policy does not handle IPsec VTI traffic as expected when filtering on enc0
IPsec Filter Mode set to 'Filter IPsec Tunnel, Transport and VTI on IPsec tab' Mike Moore
01:31 PM pfSense Regression #15430: Interface-bound state policy does not handle IPsec VTI traffic as expected when filtering on enc0
IPsec is fundamentally different in how it's handled compared to things like WireGuard/OpenVPN/OpenVPN+DCO. IPsec can... Jim Pingle
01:15 PM pfSense Regression #15430: Interface-bound state policy does not handle IPsec VTI traffic as expected when filtering on enc0
VTI mode for IPsec.
To reiterate, Wireguard VPN w/ BGP saw no issues. Mike Moore
12:58 PM pfSense Regression #15430: Interface-bound state policy does not handle IPsec VTI traffic as expected when filtering on enc0
What type of IPsec VPN, policy-based or VTI? Since you mention BGP, I'm guessing VTI, but it needs to be confirmed.
... Jim Pingle
07:50 PM pfSense Bug #15434 (Feedback): DNS Forwarder ignores "Use remote DNS Servers, ignore local DNS" setting
Applied in changeset commit:247909ff5387200fb31c76f13e7702a8fbdc06f4. Jim Pingle
07:43 PM pfSense Bug #15434 (In Progress): DNS Forwarder ignores "Use remote DNS Servers, ignore local DNS" setting
OK, I can also reproduce this with the DNS Forwarder. I also have a fix coming. Looks like some parenthesis around th... Jim Pingle
06:33 PM pfSense Bug #15434: DNS Forwarder ignores "Use remote DNS Servers, ignore local DNS" setting
same behavior on my edge when switching to forwarder... Jordan G
06:27 PM pfSense Bug #15434: DNS Forwarder ignores "Use remote DNS Servers, ignore local DNS" setting
I can replicate this issue. It's present only when you disable unbound and enable the forwarder(dnsmasq).
*Use remo... Danilo Zrenjanin
05:31 PM pfSense Bug #15434 (Not a Bug): DNS Forwarder ignores "Use remote DNS Servers, ignore local DNS" setting
I can't reproduce that here.
Before:... Jim Pingle
05:20 PM pfSense Bug #15434 (Resolved): DNS Forwarder ignores "Use remote DNS Servers, ignore local DNS" setting
In General Setup if use option "Use remote DNS Servers, ignore local DNS" the DNS Forwarder still try to use local DN... aleksei prokofiev
07:43 PM pfSense Revision 247909ff: Fix resolv.conf logic for DNS Forwarder. Fixes #15434
Jim Pingle
06:17 PM pfSense Docs Todo #15432 (Closed): Feedback on Installing and Upgrading — Online Network Installer
This is corrected now, the document contains appropriate links to the relevant store pages.
 Jim Pingle
04:02 PM pfSense Docs Todo #15432: Feedback on Installing and Upgrading — Online Network Installer
Yes, that is due to be replaced. Things are still settling into their final places but I can put in the current locat... Jim Pingle
03:25 PM pfSense Docs Todo #15432 (Closed): Feedback on Installing and Upgrading — Online Network Installer
*Page:* https://docs.netgate.com/pfsense/en/latest/install/netinstaller.html
*Feedback:*
"insert URL here" should... Steve Y
06:16 PM pfSense Plus Regression #15433 (Resolved): ``smartmontools`` is not present on ARM builds (64 or 32 bit)
Looks good here.
Users don't need to reinstall or re-upgrade, they can fix it a couple different ways:
Either t... Jim Pingle
05:53 PM pfSense Plus Regression #15433 (Feedback): ``smartmontools`` is not present on ARM builds (64 or 32 bit)
Brad Davis
05:04 PM pfSense Plus Regression #15433 (Resolved): ``smartmontools`` is not present on ARM builds (64 or 32 bit)
The @smartmontools@ package is not present on 64-bit ARM builds (1100, 2100) or 32-bit ARM builds (3100). It is still... Jim Pingle
01:02 PM pfSense Bug #15431 (Duplicate): Interface Bound Firewall State Policy Breaks IPsec VTI
Usually states would only disappear like that if the traffic is not being matched in both directions and then times o... Jim Pingle
05:51 AM pfSense Bug #15431 (Duplicate): Interface Bound Firewall State Policy Breaks IPsec VTI
After upgrading to pfSense 24.03 IPsec VTI firewall states are broken. The scenario is:
A pfSense router A has a s... Christopher de Haas
12:54 PM pfSense Plus Bug #15126 (Resolved): SG-1100 pfSense+ recovery results in non aligned disk slices
This may not have been fixed specifically but happens to be handled better in the new installer from the start. The o... Jim Pingle
10:04 AM pfSense Plus Bug #15126: SG-1100 pfSense+ recovery results in non aligned disk slices
Quick update - it appears that the new pfSense+ 24.03 installer for SG-1100 (bundled in recovery image netgate-instal... David Burns

04/23/2024

10:36 PM pfSense Packages Bug #15419: pfBlockerNG - Issue with Adding or Changing Ipv4 Addresses
I can replicate this easily on version 24.03 release. dylan mendez
10:22 PM pfSense Regression #15430 (New): Interface-bound state policy does not handle IPsec VTI traffic as expected when filtering on enc0
https://forum.netgate.com/topic/187632/24-03-frr-has-flapping-bgp-neighbors/3
In my set up there are two VPN types... Mike Moore
05:51 PM pfSense Feature #15426: Add the ability to configure dynamic gateways even when they are offline
Marcos - thank you for pointing that out, it is exactly what I was looking for!
I would suggest adding a note to t... Andrew Almond
05:35 PM pfSense Feature #15426: Add the ability to configure dynamic gateways even when they are offline
If it's created using the would-be name (use @dynamic@ as the address). For further discussion, if needed, please pos... Marcos M
03:18 PM pfSense Feature #15426: Add the ability to configure dynamic gateways even when they are offline
I have a unit with 24.03 installed. Both WAN and WAN2 are DHCP. WAN is connected and has a valid IP configuration inc... Andrew Almond
02:53 AM pfSense Feature #15426 (Closed): Add the ability to configure dynamic gateways even when they are offline
This is already the case in 24.03 (dynamic gateways are saved to the config). Marcos M
05:40 PM pfSense Feature #15429 (New): Suggested wording improvements for gateway failure and recovery settings
I'm excited about the new gateway recovery behavior that's available in 24.03. However, I found that the [blog post[h... Andrew Almond
04:11 PM pfSense Bug #15299 (Resolved): Old auto-added MAC addresses are not pruned for non-concurrent Captive Portal sessions
Jim Pingle
04:11 PM pfSense Bug #15156 (Resolved): Fragmented packets delayed by limiters are lost
Jim Pingle
04:11 PM pfSense Regression #15076 (Resolved): DHCP leases may not be restored from older configuration backups
Jim Pingle
04:11 PM pfSense Bug #15032 (Resolved): Kea DHCP sends wrong bootloader file for UEFI
Jim Pingle
04:11 PM pfSense Feature #14728 (Resolved): Support for CD/DVD drives in the External Configuration Locator (ECL)
Jim Pingle
04:11 PM pfSense Regression #14431 (Resolved): Sending IPv6 traffic on a disabled interface can trigger a kernel panic
Jim Pingle
04:11 PM pfSense Bug #14312 (Resolved): MSS clamping on VPN traffic does not work on IPsec IPv6 mobile VPNs
Jim Pingle
04:11 PM pfSense Bug #14290 (Resolved): ICMPv6 Path MTU Discovery breaks with NPT
Jim Pingle
04:11 PM pfSense Todo #13263 (Resolved): Reduce log spam when deleting a static DHCP entry
Jim Pingle
04:11 PM pfSense Bug #13090 (Resolved): OpenVPN NetBIOS Node Type and Scope ID options are not pushed to clients
Jim Pingle
04:11 PM pfSense Feature #13085 (Resolved): OpenVPN NBDD server options
Jim Pingle
04:11 PM pfSense Bug #12947 (Resolved): DHCP6 client does not take any action if the interface IPv6 address changes during renewal
Jim Pingle
04:11 PM pfSense Bug #12920 (Resolved): Gateway behavior differs when the gateway does not exist in the configuration
Jim Pingle
04:11 PM pfSense Bug #12673 (Resolved): Firewall Logs Dashboard Widget is slow and may fail to update
Jim Pingle
04:11 PM pfSense Bug #9453 (Resolved): Reconfiguring a parent LAGG interface breaks its VLANs
Jim Pingle
04:10 PM pfSense Plus Regression #15387 (Resolved): Boot failure detection tripping on config reset button during boot
Jim Pingle
04:10 PM pfSense Plus Feature #15280 (Closed): Boot Environments 2.0
Closing, it's in the release, any issues can be opened separately going forward. Jim Pingle
12:30 PM pfSense Packages Feature #15427 (Duplicate): Create file that can be imported into the Wireguard Apps (on the Android, Windows etc)
Duplicate of #13469 Jim Pingle
03:18 AM pfSense Packages Feature #15427 (Duplicate): Create file that can be imported into the Wireguard Apps (on the Android, Windows etc)
When setting up new peer for connecting to Wireguard, there is an option to import a file to create the tunnel on the... Don Ireland
12:29 PM pfSense Bug #15428 (Not a Bug): UI appears to put incorrect CARP parameters into the low level NIC configurations
A skew of 254 indicates a problem in your setup not a problem with how the settings were applied. Either they are in ... Jim Pingle
11:22 AM pfSense Bug #15428: UI appears to put incorrect CARP parameters into the low level NIC configurations
First check to see if you have you have both nodes in CARP maintenance mode. If so, take them out of that mode and ch... Chris Linstruth
06:43 AM pfSense Bug #15428 (Not a Bug): UI appears to put incorrect CARP parameters into the low level NIC configurations
it appears that there is a bug with the UI and supporting code, for v2.7.2-RELEASE, in regard to the way that the UI ... John Ypsilantis
12:19 AM pfSense Feature #15425: Add a description field to interfaces
I realized that interfaces already have a field called "Description", but it's actually more like a "Name" field, as ... Andrew Almond

04/22/2024

11:59 PM pfSense Feature #15426 (Closed): Add the ability to configure dynamic gateways even when they are offline
For WAN interfaces set to DHCP, no gateway is created under System > Routing if the interface does not have a valid g... Andrew Almond
11:23 PM pfSense Feature #15425 (New): Add a description field to interfaces
Many areas of pfSense have a "Description" field that is simply for adding reference notes. This would be very useful... Andrew Almond
10:30 PM pfSense Plus Regression #15424 (New): Image label file is incorrect.
In the 24.03 recovery images the image label file is shown as:... Steve Wheeler
05:47 PM pfSense Bug #11192: Using Limiters causes out of order packets within one TCP or UDP flow
It may be that due to the way dummynet works, packets will inevitably arrive out of order. Dummynet will let packets ... Marcos M
04:45 PM pfSense Bug #15423 (New): PHP error when applying interface settings if the ``/tmp/.interfaces.apply`` file is present but empty
If the @/tmp/.interfaces.apply@ file is present but empty it can lead to a PHP error when applying interface settings... Jim Pingle
03:34 PM pfSense Feature #10250: DHCP lease view by interface
Jim Pingle wrote in #note-1:
> The leases are not tracked by interface, so this is not easily possible. Others have ... Don Ireland
03:27 PM pfSense Todo #15422 (Resolved): Add current boot method to System Information widget
It would be helpful to include the contents of the @machdep.bootmethod@ sysctl in the System Information widget most ... Jim Pingle
02:02 PM pfSense Plus Bug #15421 (Confirmed): Netgate 3100 boot loader lacks Lua support but is trying to read loader.conf.lua
Confirmed. Does not prevent booting though. Or have any noticable impact since loader.conf.lua does not contain any ... Steve Wheeler

04/21/2024

06:21 AM pfSense Plus Feature #15412: Improve error feedback from pfSense-upgrade
I encountered this on clean install to 4100 with: pfSense-plus-memstick-serial-24.03-RELEASE-amd64.img.
The error wa... Craig Coonrad
01:33 AM pfSense Plus Bug #15421 (Confirmed): Netgate 3100 boot loader lacks Lua support but is trying to read loader.conf.lua
When booting the Netgate 3100, there appears to be a bootloader syntax error present:
Booting from disk1s2a:
Load... Kris Phillips
12:32 AM pfSense Bug #9453: Reconfiguring a parent LAGG interface breaks its VLANs
I'm still seeing these connectivity issues following manipulating anything about the parent LAGG interface on 24.03. ... Jordan G
12:25 AM pfSense Plus Bug #15401: 23.09.1 to 24.03b update fails EFI with ZFS mirror
my system is not EFI (XG7100) but have not been experiencing any issues with my mirrors updating along with bootcode
... Jordan G
12:13 AM pfSense Bug #14261: Trim white space in a DHCP Leases page search field
Tested on... Christopher Cope
12:01 AM pfSense Bug #14261: Trim white space in a DHCP Leases page search field
same behavior as above using 24.03.r.20240416.0005, adding a space on either side removes any results when searching Jordan G
12:06 AM pfSense Todo #13263: Reduce log spam when deleting a static DHCP entry
I see the following when removing a static DHCP entry running 24.03.r.20240416.0005... Jordan G

04/20/2024

11:09 PM pfSense Plus Bug #15303: dpinger service does not always switch from Pending to Online
Tested on 24.03-RELEASE and this issue is still present. Kris Phillips
11:08 PM pfSense Plus Bug #15404: Captive Portal captiveportal-default-logo.png Missing from Post-authentication Page
Tested in 24.03-RELEASE and this issue is still present. Kris Phillips
05:58 AM pfSense Packages Bug #15420 (Confirmed): Incorrect error pfBlockerNG MaxMind message.
WHERE
In “ MaxMind GeoIP configuration” section
ISSUE
Wrong error alerting message:
“ *pfBlockerNG MaxMind - M... Sergei Shablovsky
02:18 AM pfSense Packages Bug #15419 (Duplicate): pfBlockerNG - Issue with Adding or Changing Ipv4 Addresses
Hi PFsense+ Community,
I am running the 24.03RC version and have run into an issue with updating IPv4 lists in PFB... Mathew Hepple

04/19/2024

06:22 PM pfSense Docs Correction #15403 (Closed): openvpn client speciffic overrides, local networks clarification
Info added: https://gitlab.netgate.com/docs/pfSense-docs/-/commit/9011224272ea0934535d8530da838580f91c988b Jim Pingle
02:39 PM pfSense Plus Regression #15407 (Resolved): pfSense-upgrade incorrectly creates 'unknown error' notice.
Confirmed that this is no longer an issue on... Christopher Cope

04/18/2024

10:19 PM pfSense Plus Bug #15418: Incorrect links to edit static mapping and WOL on DHCPv6 leases (status_dhcpv6_leases.php). URL parameter values missing.
And just to clarify, the broken action links appear for a DHCPv6 lease with static mapping, the action links for a dy... Patrik Stahlman
05:41 PM pfSense Plus Bug #15418 (New): Incorrect links to edit static mapping and WOL on DHCPv6 leases (status_dhcpv6_leases.php). URL parameter values missing.

On the DCHPv6 leases page (status_dhcpv6_leases.php), the links for editing the static mapping and WOL are incorrec... Patrik Stahlman
08:28 PM pfSense Bug #15066: PHP allocation failure in pfsense-utils.inc
Once again, happened while I was out of the country and not interacting with pfSense at all:
Crash report begins. ... Alex Rosenberg
07:42 PM pfSense Bug #15417 (Not a Bug): static mappings for the ISC DHCP IPv4 server are ignored when the IP Address field is left blank
Seems there is a bit of a misunderstanding. When you omit the IP address it's not a "static" mapping it's defining a ... Jim Pingle
04:41 PM pfSense Bug #15417 (Not a Bug): static mappings for the ISC DHCP IPv4 server are ignored when the IP Address field is left blank
If I make a static DHCP mapping configuration where leave the IP address box blank (I want the IP given out to be dyn... Grey Christoforo
01:28 PM pfSense Feature #14762: Support X25519 and X448 public key algorithms in certificates
This looks like a regression – I've got some OpenVPN servers that are set up with ed25519 certificates, which pfSense... Jernej Simončič
12:12 PM pfSense Bug #15416 (Duplicate): Php Error when moving IPsec-Phase2 entries
Duplicate of #15157 and #15384 -- Both already fixed. Jim Pingle
11:53 AM pfSense Bug #15416 (Duplicate): Php Error when moving IPsec-Phase2 entries
Greeting,
when trying to move phase 2 entries via the gui a php-error occurs.
PHP errors
PHP ERROR: Type: 1, ... John Doe
01:19 AM pfSense Packages Bug #15365 (Pull Request Review): pfBlockerNG PHP error when editing a list
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/393 Christopher Cope

04/17/2024

10:18 PM pfSense Packages Bug #15365: pfBlockerNG PHP error when editing a list
This is due to a change in behavior with the range function as of PHP 8.3.0 https://www.php.net/manual/en/function.ra... Christopher Cope
04:28 PM pfSense Feature #15415: Enhance the firewall log action hover information view, show reason info
For users hitting #15400 who want to see the reason code ("ip-options" in that problem case), this diff will add it t... Jim Pingle
04:27 PM pfSense Feature #15415 (New): Enhance the firewall log action hover information view, show reason info
Currently hovering over the action icon on a firewall log entry shows a small tooltip with the action text and the ru... Jim Pingle
03:34 PM pfSense Feature #12190: Add ability to reference ipv6 prefix in firewall rules and aliases
Same here.
pfSense is missing some kind of another dropdown for that @::@ feature in dynamic prefix cases to select ... Robin Kluth
03:33 PM pfSense Feature #6626: Support for IPv6 firewall entries with dynamic delegated prefix and static host address
Anyone who searches the mentioned PR above: https://github.com/pfsense/pfsense/commit/7c4b3d3c8d2d15b1e59d1d262cc295a... Robin Kluth
01:52 PM pfSense Packages Bug #15414 (Rejected): Program Loops on invalid domains
Was testing ACME package with one of my test domains registered with FREENOM.
FREENOM now does not resolve this doma... Luke Shepherd
12:25 PM pfSense Plus Bug #15386 (Resolved): EULA Prompting Twice on Plus
Tested against:... Danilo Zrenjanin
11:59 AM pfSense Bug #15413 (New): Kernel panic in HA nodes when under high load
Two 1541s running 23.09.1 in this example:... Steve Wheeler
11:36 AM pfSense Plus Bug #15395 (Resolved): install-boot trips on BIOS installs when an EFI partition is present.
Steve Wheeler
03:55 AM pfSense Plus Bug #15401: 23.09.1 to 24.03b update fails EFI with ZFS mirror
24.03.r.20240416.0005 seems to resolve this.
Now still seeing "efibootmgr: efi_get_variable: Bad address" but it m... M Felden

04/16/2024

06:20 PM pfSense Plus Feature #15412 (New): Improve error feedback from pfSense-upgrade
Recent versions of pfSense-upgrade include code for collecting handling errors in order to present it to the user as ... Steve Wheeler
03:53 PM pfSense Bug #15328: Kea DHCP corrupts existing leases when a new DHCP pool is added
I can confirm this is happening to me as well. I added a new VLAN interface, new DHCP range, and now half of what is ... Chris Lawrence
03:01 PM pfSense Bug #15411: Hostname missing from logs in certain cases can cause the system log to display in an unexpected manner
Dug more into this and the problem is that somehow at boot the hostname was not being printed in the system logs on j... Jim Pingle
01:07 PM pfSense Bug #15411 (New): Hostname missing from logs in certain cases can cause the system log to display in an unexpected manner
With the system log set to show ~500 lines the system log tab will also show most if not all of the kernel boot messa... Jim Pingle
12:24 PM pfSense Plus Regression #15407 (Feedback): pfSense-upgrade incorrectly creates 'unknown error' notice.
https://gitlab.netgate.com/pfSense/factory-ports/-/merge_requests/101
Fixed in pfSense-upgrade-1.2.20 Steve Wheeler
01:10 AM pfSense Packages Bug #15410: cache_object://URL Scheme is removed in Squid-6
Sorry This is the issue I am researching on how to resolve do to the cache_object change
I just have to find the ... Jonathan Lee
01:08 AM pfSense Packages Bug #15410: cache_object://URL Scheme is removed in Squid-6
!Screenshot%202024-04-15%20at%2018.07.13.png!
I can access the cachemgr.cgi if you are using it within the lightsq... Jonathan Lee
12:59 AM pfSense Packages Bug #15410: cache_object://URL Scheme is removed in Squid-6
!Screenshot%202024-04-15%20at%2017.58.36.png!
Testing Jonathan Lee
12:57 AM pfSense Packages Bug #15410: cache_object://URL Scheme is removed in Squid-6
Test failed it still says no access
!Screenshot%202024-04-15%20at%2017.57.24.png!
 Jonathan Lee
12:45 AM pfSense Packages Bug #15410: cache_object://URL Scheme is removed in Squid-6
squidclient mgr:info
no longer works this should be changed to reflect the new use with
squidclient -h 127.0.0... Jonathan Lee
12:40 AM pfSense Packages Bug #15410: cache_object://URL Scheme is removed in Squid-6
@function squid_status() {
if (is_service_running('squid')) {
init_config_arr(array('installedpackages', 'squidc... Jonathan Lee
12:31 AM pfSense Packages Bug #15410: cache_object://URL Scheme is removed in Squid-6
this calls /usr/local/sbin/squidclient with the older URI scheme
to access mgr:info Jonathan Lee
12:30 AM pfSense Packages Bug #15410: cache_object://URL Scheme is removed in Squid-6
this is part of status_squid.php Jonathan Lee
12:18 AM pfSense Packages Bug #15410 (New): cache_object://URL Scheme is removed in Squid-6
Hello fellow pfSense Squid Proxy Users can you please help?
I am so happy 6.6 is part of pfSense 24 however some s... Jonathan Lee

04/15/2024

06:45 PM pfSense Plus Regression #15409 (New): AMD watchdog module is missing
The amdsbwd kernel module is missing from recent versions resulting in errors on Netgate APU2/4 devices (PCEngines AP... Steve Wheeler
06:07 PM pfSense Bug #15405: leap seconds update server has changed
For completeness, someone did open a case upstream: https://bugs.ntp.org/show_bug.cgi?id=3898
 A S
05:59 PM pfSense Bug #15405: leap seconds update server has changed
Will report upstream. Thanks! A S
12:24 PM pfSense Bug #15405 (Needs Patch): leap seconds update server has changed
That file is part of the NTP package (@ntp.org@), Netgate does not maintain that code. It should be reported upstream... Jim Pingle
05:59 PM pfSense Todo #15408 (New): Reduce inconsistencies between Configuration History with/without ZFS Boot Environments
The Configuration History page has diverged a bit between Plus w/Boot Environments and CE which is making it confusin... Jim Pingle
05:53 PM pfSense Plus Regression #15407 (Resolved): pfSense-upgrade incorrectly creates 'unknown error' notice.
The error reporting in pfSense-upgrade incorrectly creates an alert when it's run an an upgrade check and a new versi... Steve Wheeler
04:34 PM pfSense Feature #15406 (New): rules: make Virtual IPs selectable as destination
In NAT port forwards it is possible to directly select a Virtual IP (IP Alias, CARP) address from the dropdown list a... Dennis Neuhaeuser
01:33 PM pfSense Docs New Content #15191 (Closed): Document new Packet Flow Data functionality (Plus Only)
Jim Pingle
12:29 PM pfSense Feature #15402: A new approach to rc.start_packages
It might be viable but you have the logic a bit backward. The base system should not have specific knowledge of any p... Jim Pingle

04/14/2024

06:21 AM pfSense Bug #15405 (Needs Patch): leap seconds update server has changed
/usr/local/sbin/update-leap is attempting to use:
https://www.ietf.org/timezones/data/leap-seconds.list
Per the... A S
03:09 AM pfSense Plus Bug #15303: dpinger service does not always switch from Pending to Online
Tested on 24.03-RC and this issue is still present. Kris Phillips
03:00 AM pfSense Plus Bug #15388: Serial/VGA console forces password reset on 24.03 but Setup Wizard still prompts during setup to change the password erroneously
Jim Pingle wrote in #note-1:
> The wizard has always prompted to change the password, users like having the option. ... Kris Phillips
02:40 AM pfSense Bug #14261: Trim white space in a DHCP Leases page search field
on 24.03.r.20240410.1729 adding a leading/trailing space to a search term returns no results Jordan G
01:58 AM pfSense Plus Regression #15387: Boot failure detection tripping on config reset button during boot
On the 4100 & 4200 as of... Christopher Cope
12:34 AM pfSense Plus Bug #15404 (New): Captive Portal captiveportal-default-logo.png Missing from Post-authentication Page
After signing into the Captive Portal, the default captive portal logo is not loading properly. The logo appears to ... Kris Phillips

04/13/2024

10:12 PM pfSense Docs Correction #15403 (Closed): openvpn client speciffic overrides, local networks clarification
URL: https://docs.netgate.com/pfsense/en/latest/vpn/openvpn/configure-overrides.html
sub heading: IPv4/IPv6 Local ... Craig Coonrad
09:47 PM pfSense Regression #15074: ISO fails to boot UEFI
This also occurs in the online upgrade process (in this case on PVE 8.1.10).
22.05 --> 23.01 (success)
23.01 --> 23... Craig Coonrad
08:18 PM pfSense Feature #15402 (New): A new approach to rc.start_packages
I have been facing some issues with NUT package due to rc.start_packages.
Once an interfaces goes down, NUT restarts... Marcelo Cury
03:50 PM pfSense Regression #15400: IGMP packets are logged when the filter rule has logging disabled
Kristof Provost wrote in #note-2:
> This is intentional, in the sense that it was always meant to log, but didn't du... Denny Page
08:50 AM pfSense Regression #15400 (Not a Bug): IGMP packets are logged when the filter rule has logging disabled
This is intentional, in the sense that it was always meant to log, but didn't due to a bug that's now been fixed.
... Kristof Provost
12:18 PM pfSense Plus Bug #15401: 23.09.1 to 24.03b update fails EFI with ZFS mirror

System is using Coreboot (EFI only) and has a ZFS mirror:... M Felden
12:17 PM pfSense Plus Bug #15401 (New): 23.09.1 to 24.03b update fails EFI with ZFS mirror
System is using Coreboot (EFI only) and has a ZFS mirror:... M Felden

04/12/2024

09:42 PM pfSense Plus Feature #13227 (Resolved): Group-based Mobile IPsec Virtual Address Pool assignment via RADIUS
Marcos M
09:40 PM pfSense Plus Feature #13227: Group-based Mobile IPsec Virtual Address Pool assignment via RADIUS
That worked perfectly. Thank you guys! Jon McKinney
09:28 PM pfSense Regression #15400: IGMP packets are logged when the filter rule has logging disabled
It may be this is intended behavior, though it's worth clarifying if so. Marcos M
09:02 PM pfSense Regression #15400 (Not a Bug): IGMP packets are logged when the filter rule has logging disabled
Example rules:... Marcos M
05:58 PM pfSense Bug #15399 (Resolved): Local host gateways are shown in the default gateways list
Marcos M
05:56 PM pfSense Bug #15399: Local host gateways are shown in the default gateways list
The patch looks good against 24.03-RC. Steve Wheeler
03:40 PM pfSense Bug #15399 (Feedback): Local host gateways are shown in the default gateways list
Applied in changeset commit:15eb946bc19222df48318fd6f9c9cb9e88e54690. Marcos M
03:30 PM pfSense Bug #15399 (Ready To Test): Local host gateways are shown in the default gateways list
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1148 Marcos M
02:31 PM pfSense Bug #15399 (Resolved): Local host gateways are shown in the default gateways list
In System > Routing > Gateways the default gateway drop-down selection should not contain localhost (null) gateways. ... Steve Wheeler
05:56 PM pfSense Revision 9fd4cb96: Update comment
The updated comment matches the actual behavior. Albeit the
variable name is unintuitive, it follows the behavior bef... Marcos M
05:52 PM pfSense Bug #15082 (Closed): Upgrade fails due to unmounted EFI filesystem
Closing this since it didn't turn out to be what we thought, and fixing problems caused by incorrect manual alteratio... Jim Pingle
05:39 PM pfSense Bug #15081: Upgrade fails due to undersized EFI filesystem
Moving this ahead as it still might be an issue though it's unclear how many affected systems may be left in the wild... Jim Pingle
03:08 PM pfSense Revision 15eb946b: Correct bitwise check when getting a list of gateways. Fix #15399
Marcos M
12:47 PM pfSense Plus Bug #15395: install-boot trips on BIOS installs when an EFI partition is present.
https://gitlab.netgate.com/pfSense/factory-ports/-/merge_requests/100 Steve Wheeler
10:05 AM pfSense Plus Bug #15196: AWS ena interfaces can become unstable/stop responding
Cpu load corresponds with NIC errors in #2598286486
!clipboard-202404121406-jhrkf.png!
 Lev Prokofev
08:16 AM pfSense Plus Bug #15196: AWS ena interfaces can become unstable/stop responding
Another client hit this issue ticket #2598286486 Lev Prokofev
08:12 AM pfSense Packages Feature #15398 (New): Fusioninventory Agent
This tool already works well through the FreeBSD repo.
Fusioninventory is a collection of small tools to perform i... Iván Viso
08:07 AM pfSense Packages Feature #15397 (New): Wazuh Agent
This already works well through the FreeBSD repo.
Wazuh is a free and open source platform used for threat prevent... Iván Viso
07:59 AM pfSense Bug #15171: Removing an IPsec Phase 1 entry can either remove the wrong Phase 2 entries or leave orphaned Phase 2 entries in the configuration
DBACORP DBACORP wrote in #note-9:
> Reproduced the same issue in PLUS version 23.09.1 ​​and the issue persisted.
> ... Danilo Zrenjanin
07:16 AM pfSense Bug #15178 (Confirmed): ACB (autoconfig backup) restore always returns could not decrypt despite proper password
Yes, I was able to reproduce the described behavior.
Tested against the following versions:... Danilo Zrenjanin

04/11/2024

09:15 PM pfSense Plus Feature #13227: Group-based Mobile IPsec Virtual Address Pool assignment via RADIUS
Thanks for testing! Try it with this "patch":https://docs.netgate.com/pfsense/en/latest/development/system-patches.ht... Marcos M
08:08 PM pfSense Plus Feature #13227 (In Progress): Group-based Mobile IPsec Virtual Address Pool assignment via RADIUS
Marcos M
01:34 PM pfSense Plus Feature #13227: Group-based Mobile IPsec Virtual Address Pool assignment via RADIUS
I am having issues creating multiple groups. I just installed the plus 24.03 RC last night on my box at home so I can... Jon McKinney
08:54 PM pfSense Regression #15391: Prior bug #9459 in 2.7.2: pfr_update_stats: assertion failed.
Believe that the source of the issue was determined:
* set net.bpf.zerocopy_enable=1
* on the external interface co... A S
08:19 PM pfSense Plus Bug #15396 (New): BE upgrade process deferred pkg install can cause significant delays
Some package install scripts attempt to connect out to update lists/signatures/aliases. When run as part of the new B... Steve Wheeler
07:01 PM pfSense Packages Feature #15375: Update ntopng package
Tested in 24.03 RC -- working as intended. Denny Page
07:01 PM pfSense Regression #14970 (Resolved): Static ARP assignments lose ``permanent`` flag in ARP table
Jim Pingle
07:00 PM pfSense Regression #14970: Static ARP assignments lose ``permanent`` flag in ARP table
Tested with 24.03 RC -- issue appears resolved. Denny Page
04:50 PM pfSense Plus Bug #15395: install-boot trips on BIOS installs when an EFI partition is present.
That is the scheme the Net Installer uses by default on a legacy booting device such as the 7100. Steve Wheeler
04:39 PM pfSense Plus Bug #15395 (Resolved): install-boot trips on BIOS installs when an EFI partition is present.
As mentioned in the title install-boot tries to set a UEFI boot option but fails and exists:... Steve Wheeler
02:52 PM pfSense Bug #15178: ACB (autoconfig backup) restore always returns could not decrypt despite proper password
I am unable to reproduce on either... Christopher Cope
11:04 AM pfSense Plus Bug #15386 (Confirmed): EULA Prompting Twice on Plus
Danilo Zrenjanin
10:44 AM pfSense Plus Bug #15386: EULA Prompting Twice on Plus
I can confirm the described behavior.
Tested against the following release:... Danilo Zrenjanin
06:39 AM pfSense Packages Feature #15394 (New): Azure VNet (VPC) Wizard
Is is there any chance to create/develop Azure VPC (VNet) Wizard, which is similar to the existing AWS VPC Wizard in ... Ákos Kovács

04/10/2024

06:06 PM pfSense Packages Feature #15375: Update ntopng package
The package has been tested by a couple of users on 23.09.1, and it works as intended. Denny Page
05:55 PM pfSense Packages Feature #15393 (New): Return to the ga version of NUT
With the release of 2.8.2, NUT is again stable. Move from the development version (nut-devel) back to the release ver... Denny Page
12:59 PM pfSense Packages Bug #15392 (Rejected): Package Service Watchdog issue during reinstall
The package system has no special knowledge of individual packages and adding that would create a significant amount ... Jim Pingle
01:23 AM pfSense Packages Bug #15392 (Rejected): Package Service Watchdog issue during reinstall
Hello fellow pfSense Redmine members,
Can we please migrate the last item to be reinstalled on package reinstall t... Jonathan Lee

04/09/2024

09:52 PM pfSense Regression #15391: Prior bug #9459 in 2.7.2: pfr_update_stats: assertion failed.
Thank you. We'll need more info to review the issue further. You may generate a status report of the system by append... Marcos M
07:15 PM pfSense Regression #15391: Prior bug #9459 in 2.7.2: pfr_update_stats: assertion failed.
No for all three questions. A S
04:59 PM pfSense Regression #15391: Prior bug #9459 in 2.7.2: pfr_update_stats: assertion failed.
Are there any crash reports showing on the dashboard? Or perhaps a crash/panic shown in the console? Does the system ... Marcos M
04:11 PM pfSense Regression #15391: Prior bug #9459 in 2.7.2: pfr_update_stats: assertion failed.
This was on a direct install (2.7.2) - no backup restored. Recalled this being present in an earlier version. Nothi... A S
03:18 PM pfSense Regression #15391: Prior bug #9459 in 2.7.2: pfr_update_stats: assertion failed.
Are there any changes to the system or configuration that increases the verbosity? The code to silence that on the de... Marcos M
08:51 AM pfSense Regression #15391 (New): Prior bug #9459 in 2.7.2: pfr_update_stats: assertion failed.
'pfr_update_stats: assertion failed" errors are surfacing in a voluminous quantity in the system log. NAT type = "Pur... A S
05:38 PM pfSense Bug #15157 (Resolved): PHP error when generating a notification after detecting a malformed configuration
This seems to be solved now. Things that triggered it before no longer trigger it now. Jim Pingle
01:14 PM pfSense Bug #15384 (Resolved): Reordering IPsec Phase 2 entries may result in a malformed configuration
Jim Pingle
01:28 AM pfSense Bug #15384: Reordering IPsec Phase 2 entries may result in a malformed configuration
Confirmed on 2.7.2 change fixes the problem. dylan mendez
01:11 PM pfSense Plus Regression #15387 (Feedback): Boot failure detection tripping on config reset button during boot
Fix committed: https://gitlab.netgate.com/pfSense/factory/-/commit/e2bdb91254b96c5d7caa9a1c26ea65be52d18fbb Jim Pingle
01:09 PM pfSense Plus Regression #15387 (In Progress): Boot failure detection tripping on config reset button during boot
Working with Steve, we have identified a method to work around this. Commit coming shortly.
 Jim Pingle
11:06 AM pfSense Bug #15376: OpenVPN DHCP Range | Pool
i used the following in custom option, which worked for me:
server 172.21.0.0 255.255.255.0 nopool;
ifconfig-pool... Felix Wurzacher

04/08/2024

04:17 PM pfSense Plus Regression #15390 (New): Configs with incorrectly removed packages can create php errors.
A config file that contains packages in the <installedpackages> section but not the actual <package> data can generat... Steve Wheeler
03:47 PM pfSense Plus Regression #15387: Boot failure detection tripping on config reset button during boot
This prevents the hardware config reset working on anything that has multiple ZFS BE snapshots present to roll back to. Steve Wheeler
02:54 PM pfSense Plus Regression #15387: Boot failure detection tripping on config reset button during boot
This applies to all devices that have a hardware config reset button. The 4200 can be reset at any time which means i... Steve Wheeler
03:15 PM pfSense Bug #15384 (Feedback): Reordering IPsec Phase 2 entries may result in a malformed configuration
Applied in changeset commit:88670c6c167418e7d12b010c0ce8b7d06c2b757f. Jim Pingle
02:12 PM pfSense Bug #15384: Reordering IPsec Phase 2 entries may result in a malformed configuration
This only happens if you try to move something into the first position. If you move any P2 into any other place it wo... Jim Pingle
03:08 PM pfSense Revision 88670c6c: Fix syntax when moving IPsec P2. Fixes #15384
Jim Pingle
02:29 PM pfSense Feature #15389: Allow changing network interface names via UI to make interface-bound states possible on HA firewalls with different NICs
Thank you for looking at the request. Could you please name other workarounds and which you'd recommend? name name
02:18 PM pfSense Feature #15389 (Rejected): Allow changing network interface names via UI to make interface-bound states possible on HA firewalls with different NICs
That would make things even more complex and isn't sustainable. There are already workarounds for that limitation (e.... Jim Pingle
02:05 PM pfSense Feature #15389 (Rejected): Allow changing network interface names via UI to make interface-bound states possible on HA firewalls with different NICs
With interface-bound states being the default and more secure option in new pfSense versions, it would be nice if one... name name
01:05 PM pfSense Plus Bug #15388 (Rejected): Serial/VGA console forces password reset on 24.03 but Setup Wizard still prompts during setup to change the password erroneously
The wizard has always prompted to change the password, users like having the option. That step can be skipped the sam... Jim Pingle
01:00 PM pfSense Plus Feature #12534 (Closed): Generate a ISO Image for Remote Restore of pfSense Plus on the XG-1537 and 1541 units with IPMI
Jim Pingle
12:59 PM pfSense Regression #12549: Per-user Mobile IPsec settings are not applied to connecting mobile clients
It's still marked as "New" and open so no, it has not been resolved. Jim Pingle
12:56 PM pfSense Docs Todo #15383 (Rejected): Feedback on Virtual Private Networks — IPsec — IPsec Configuration — IPsec Pre-Shared Keys Tab
That's due to a bug we've been chasing for a while, and there are potential workarounds, though it's unclear if it's ... Jim Pingle

04/07/2024

10:47 PM pfSense Plus Regression #15320: XMLRPC Sync Trigger on CARP Maintenance Mode Causes webConfigurator Hangs on VIPs
It'd be good to test this on 24.03 as there have been general efficiency improvements that may help here. Marcos M
02:25 AM pfSense Plus Regression #15320: XMLRPC Sync Trigger on CARP Maintenance Mode Causes webConfigurator Hangs on VIPs
Customer ticket 2575064585 is another example of this issue. They did not have webConfigurator hangs, but they did h... Kris Phillips
02:37 PM pfSense Bug #7329: DHCP Not Updating DNS
I am running into this issue with 2.7.2-RELEASE (amd64).
I did restart both unbound and DHCP (ICS) and the DNS stick... Will Chevdor
11:06 AM pfSense Feature #12746: IPoE feature for WAN interface
While some Japanese ISPs may still offer PPPoE, the latency fluctuates quite a bit, especially during the evening.
... Ryan H
04:16 AM pfSense Bug #14261: Trim white space in a DHCP Leases page search field
this seems to work as described with the dhcp lease search as tested on 24.03.b.20240405.1653, adding a leading or tr... Jordan G
02:59 AM pfSense Plus Regression #15387: Boot failure detection tripping on config reset button during boot
Testing multiple times on these units, they still will factory reset just fine, so this appears to not be a critical ... Kris Phillips
02:58 AM pfSense Plus Regression #15387: Boot failure detection tripping on config reset button during boot
This also affected the SG-2440. This appears to not be smbus related, but simply a result of the reset button causin... Kris Phillips
02:38 AM pfSense Plus Regression #15387: Boot failure detection tripping on config reset button during boot
Appears to have the same boot failure detection on the 4100. Likely not the only devices to have this issue.
Shor... Kris Phillips
02:15 AM pfSense Plus Regression #15387 (Resolved): Boot failure detection tripping on config reset button during boot
When booting the 4200, if you follow the instructions outlined here to press the reset button when the appliance star... Kris Phillips
02:53 AM pfSense Plus Bug #15388 (Rejected): Serial/VGA console forces password reset on 24.03 but Setup Wizard still prompts during setup to change the password erroneously
During first boot, new in 24.03 is that the admin password is prompted to be changed from the serial console on first... Kris Phillips

04/06/2024

09:27 PM pfSense Plus Bug #15386 (Resolved): EULA Prompting Twice on Plus
When logging into pfSense Plus for the first time, the EULA and Thank You messages appear as you'd expect. However, ... Kris Phillips
09:20 PM pfSense Packages Bug #15385 (New): PHP crash when exporting Apple profile, while IPsec P1 authentication method set to "Mutual Certificate"
Version: 23.09.1-RELEASE (amd64)
Steps to reproduce:
1. Configure the Phase 1 authentication method to "Mutual ... Craig Coonrad
08:07 PM pfSense Feature #15217: Log command being run in Diagnostics > Command Prompt
I wanted to add my support for this. We recently had a ticket were an error was thrown from diag_command.php, but the... Christopher Cope
07:41 PM pfSense Bug #13375: Mixing VTI and disabled Tunnel Mode phase 2 entries on the same phase 1 breaks VTI gateway monitoring
Tested this on 23.09.1. This is still present. Kris Phillips
07:38 PM pfSense Plus Feature #12534: Generate a ISO Image for Remote Restore of pfSense Plus on the XG-1537 and 1541 units with IPMI
The netinstaller provides a mechanism for this. This can be closed as Resolved. Kris Phillips
07:38 PM pfSense Packages Feature #10865 (Rejected): squidGuard lacks options to send traffic action logs to syslog server
With the deprecation of squid, marking this as Rejected, since this package will be removed in a future release, so i... Kris Phillips
05:37 PM pfSense Plus Feature #15380: During upgrade Process GUI timeouts still occur
I agree that the timeout should be paused during or restarted after performing the upgrade. Christian McDonald
02:55 PM pfSense Plus Feature #15380: During upgrade Process GUI timeouts still occur
Thank you Jonathan Lee
02:29 PM pfSense Plus Feature #15380 (New): During upgrade Process GUI timeouts still occur
Thanks for the clarification. I'll move it to a feature request. Christopher Cope
01:54 PM pfSense Plus Feature #15380: During upgrade Process GUI timeouts still occur
Sorry I forgot to include this is for users that changed the timeout to 5 mins or so. If I leave my desk the firewall... Jonathan Lee
01:44 PM pfSense Plus Feature #15380 (Not a Bug): During upgrade Process GUI timeouts still occur
The default timeout is 4 hours, which should be enough time for any of those actions. It can be changed, or even disa... Christopher Cope
07:07 AM pfSense Bug #15376 (Not a Bug): OpenVPN DHCP Range | Pool
Danilo Zrenjanin
06:52 AM pfSense Packages Bug #13409: Copy button for Optional pre-shared key for this tunnel works in HTTPS mode only
I tested the patch against the 24.03 BETA release.
The patch fixes the issue.
It can be merged. Danilo Zrenjanin
05:22 AM pfSense Bug #15384: Reordering IPsec Phase 2 entries may result in a malformed configuration
I can confirm this behavior on ... Lev Prokofev

04/05/2024

11:09 PM pfSense Packages Bug #13810: Squid options obsolete
https://redmine.pfsense.org/issues/15381 Jonathan Lee
11:09 PM pfSense Packages Bug #13810: Squid options obsolete
https://github.com/pfsense/FreeBSD-ports/pull/1365 Jonathan Lee
11:09 PM pfSense Packages Bug #13810: Squid options obsolete
https://github.com/pfsense/FreeBSD-ports/pull/1366 Jonathan Lee
11:09 PM pfSense Packages Bug #15381: Squid 6.6 Errors Attached for Review TLS requested in errors
https://github.com/pfsense/FreeBSD-ports/pull/1366
Fix for
2024/04/05 07:58:24| ERROR: Unsupported TLS option ... Jonathan Lee
10:44 PM pfSense Packages Bug #15381: Squid 6.6 Errors Attached for Review TLS requested in errors
Notes:
FIX ME
line of code 1261 in /usr/local/pkg/squid.inc
FIX ME
line of code 1235-1241 in usr/local/pkg/s... Jonathan Lee
10:38 PM pfSense Packages Bug #15381: Squid 6.6 Errors Attached for Review TLS requested in errors
@
if (empty($settings['sslproxy_compatibility_mode']) || ($settings['sslproxy_compatibility_mode'] == 'modern')) {
... Jonathan Lee
10:27 PM pfSense Packages Bug #15381: Squid 6.6 Errors Attached for Review TLS requested in errors
https://github.com/pfsense/FreeBSD-ports/pull/1365
this fixed the issue inside my SG-2100
Working on this also ... Jonathan Lee
10:25 PM pfSense Packages Bug #15381: Squid 6.6 Errors Attached for Review TLS requested in errors
2024/04/05 07:58:24| WARNING: UPGRADE: 'cafile=/usr/local/share/certs/ca-root-nss.crt' is deprecated in http_port. Us... Jonathan Lee
03:02 PM pfSense Packages Bug #15381: Squid 6.6 Errors Attached for Review TLS requested in errors
@2024/04/05 07:58:24| Processing Configuration File: /usr/local/etc/squid/squid.conf (depth 0)
2024/04/05 07:58:24| ... Jonathan Lee
07:23 PM pfSense Bug #15157: PHP error when generating a notification after detecting a malformed configuration
Yes, with the notification error patched the real bugs generating a bad config should become apparent. Separate issue... Steve Wheeler
07:12 PM pfSense Bug #15157: PHP error when generating a notification after detecting a malformed configuration
tested on:
24.03-BETA (amd64)
built on Fri Mar 22 17:08:00 UTC 2024
FreeBSD 15.0-CURRENT
patch fixes the actual c... Georgiy Tyutyunnik
07:16 PM pfSense Bug #15384 (Resolved): Reordering IPsec Phase 2 entries may result in a malformed configuration
Changing the order of phase2 entries for the tunnels and saving produces bad config and results in "configuration res... Georgiy Tyutyunnik
10:56 AM pfSense Regression #15019 (Resolved): pfSense Plus is always shown as an available upgrade for eligible CE devices.
This has been fixed on the 2.7.2 release.
If you don't select *[Upgrade] - Latest pfSense Plus Stable Version (23... Danilo Zrenjanin
10:43 AM pfSense Regression #12549: Per-user Mobile IPsec settings are not applied to connecting mobile clients
Just to check: Has then been resolved, or is it still pending resolution? Roland Giesler
10:30 AM pfSense Docs Todo #15383 (Rejected): Feedback on Virtual Private Networks — IPsec — IPsec Configuration — IPsec Pre-Shared Keys Tab
*Page:* https://docs.netgate.com/pfsense/en/latest/vpn/ipsec/psk.html
*Feedback:*
When an ipv4 address pool is ... Roland Giesler
08:36 AM pfSense Docs Correction #15382 (New): pfSense Plus Azure support plans
The page explaining Support Resources for pfSense Plus instances in Azure does not include a note about the option to... Danilo Zrenjanin

04/04/2024

10:42 PM pfSense Packages Bug #15381: Squid 6.6 Errors Attached for Review TLS requested in errors
The errors show a request for cafile= to be tls-cafile, so Squid is looking for tls certificates over the SSL we used... Jonathan Lee
06:16 PM pfSense Packages Bug #15381: Squid 6.6 Errors Attached for Review TLS requested in errors
Facebook Goals for me with the cache are related to
Ref:
https://research.facebook.com/blog/2016/4/the-evolution-o... Jonathan Lee
06:02 PM pfSense Packages Bug #15381: Squid 6.6 Errors Attached for Review TLS requested in errors

Cachemgr.cgi ref:
https://forum.netgate.com/topic/187107/how-to-guide-for-accessing-squid-s-cachemgr-cgi-over-http... Jonathan Lee
06:00 PM pfSense Packages Bug #15381 (New): Squid 6.6 Errors Attached for Review TLS requested in errors
Squid runs however lists the following errors in 24.03.b.20240322.1708
@/status_services.php: The command '/usr/lo... Jonathan Lee
05:54 PM pfSense Plus Bug #15103: Netgate Crypto ID missing in 23.09.01 after fresh firmware
In 24 the crypto acceleration does not list any counters when VPN is running also. I thought it was able to enable an... Jonathan Lee
05:48 PM pfSense Plus Feature #15380: During upgrade Process GUI timeouts still occur
If use of verify/commit boot environment users will not be able to commit or verify as GUI times out. Can updates be ... Jonathan Lee
03:55 PM pfSense Plus Feature #15380 (New): During upgrade Process GUI timeouts still occur
Hello during my updates the GUI timeout is counting down still and will log me out of the update. Attached is the scr... Jonathan Lee
03:49 PM pfSense Packages Feature #15375 (Feedback): Update ntopng package
PR merged, thanks! Jim Pingle
03:14 PM pfSense Bug #15379: Diagnostic/Traceroute follows default gateway instead of IPsec interface for routing traffic
I can confirm it, it seems the traceroute doesn't follow the IPsec policy
tested on ... Lev Prokofev
02:49 PM pfSense Bug #15379 (Not a Bug): Diagnostic/Traceroute follows default gateway instead of IPsec interface for routing traffic
You can't force something into policy-based IPsec in that way. Either it matches the traffic selectors and it will go... Jim Pingle
02:28 PM pfSense Bug #15379 (Not a Bug): Diagnostic/Traceroute follows default gateway instead of IPsec interface for routing traffic
If you define a specific Source Address in the Diagnostic/Traceroute page and that interface IP is within the IPsec t... Danilo Zrenjanin
01:52 PM pfSense Bug #14933: Traffic Graph Widget only displays half of the real UL/DL bandwidth used under certain conditions
https://github.com/pfsense/pfsense/pull/4677 Steve Wheeler
 

Also available in: Atom