General

Profile

Dim Hatz

  • Login: dhatz
  • Registered on: 09/19/2011
  • Last connection: 06/24/2020

Issues

open closed Total
Assigned issues 0 1 1
Reported issues 3 32 35

Activity

01/31/2014

09:52 AM pfSense Bug #1629: invalid state table entries after WAN IP change
It seems that in recent weeks there have been several related commits in 10-STABLE, e.g.
http://lists.freebsd.org/... Dim Hatz

07/14/2013

08:15 PM pfSense Revision ab17ed4e: support mitigating BEAST attack
According to http://redmine.lighttpd.net/projects/lighttpd/wiki/Release-1_4_30
"...by setting
ssl.cipher-list = "EC... Dim Hatz

07/01/2013

01:16 AM pfSense Revision 9e5ae41a: support mitigating BEAST attack
According to http://redmine.lighttpd.net/projects/lighttpd/wiki/Release-1_4_30
"...by setting
ssl.cipher-list = "EC... Dim Hatz

03/10/2013

07:20 PM pfSense Feature #2849: IKEv2 support for IPsec
Another option for IKEv2 would be the portable version of OpenBSD's OpenIKED
https://github.com/reyk/openiked
-... Dim Hatz

02/15/2013

01:37 PM pfSense Bug #1629: invalid state table entries after WAN IP change
To followup my previous post, I have verified that the WAN (em0) states are indeed flushed, however their correspondi... Dim Hatz

02/13/2013

05:32 PM pfSense Bug #1629: invalid state table entries after WAN IP change
Ermal, testing this feature on a pfsense box with a WAN interface that gets via DHCP an IP in a /24 subnet (i.e. it's... Dim Hatz

01/24/2013

02:49 PM pfSense Bug #1943: PPPoE won't reconnect after link loss when using vr(4) NICs on certain ISPs only
Bipin, if you've identified that Unisphere BRAS is used by all the ISPs you've tried and had problems with, then perh... Dim Hatz

01/19/2013

09:22 PM pfSense Feature #2765: Allow generation an x509 certificates with an SHA256 signature hash
Based on some searching I did earlier, it seems that the only ones suitable are:
sha1 (with the above mentioned re... Dim Hatz
08:03 PM pfSense Feature #2765: Allow generation an x509 certificates with an SHA256 signature hash
Just quick update:
1) The relevant keyword in openssl.cnf is default_md = sha256 # (md5/sha512/etc)
2) For openss... Dim Hatz
07:09 PM pfSense Feature #2765 (Resolved): Allow generation an x509 certificates with an SHA256 signature hash
Apparently pfsense's Cert Manager has hard-coded the use of SHA-1 for all PKI operations ("digest_alg" => "sha1" in /... Dim Hatz

Also available in: Atom