Project

General

Profile

Activity

From 05/09/2025 to 06/07/2025

Today

05:09 PM pfSense Packages Bug #16225: Telegraf service does not restart after change of settings
Verified this is happening on 25.07-DEVELOPMENT (amd64)
built on Fri Jun 6 1:00:00 CDT 2025
FreeBSD 15.0-CURRENT
... Bryan Allen
04:04 PM pfSense Regression #16243 (Confirmed): PPPoE MSSFix uses incorrect values for 6RD
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1226 Steve Wheeler
03:04 PM pfSense Regression #16243 (Confirmed): PPPoE MSSFix uses incorrect values for 6RD
When using PPPoE with TCP MSS Fix enabled (the default) the value selected for IPv6 traffic is based on the MTU of th... Steve Wheeler
02:46 AM pfSense Plus Bug #16219 (New): pfSense IPsec VTI Mode Incompatible with Juniper Traffic Selector Requirements
Henry Zhou wrote in #note-2:
> Thanks for taking care of the ticket.
>
> Let me clarify. I don't intend to use tr... Kris Phillips
02:44 AM pfSense Plus Bug #16226 (Confirmed): ZFS Error Messages Missing from Widget
The widget is just replicating what is in the columns, which your output still shows 0s.
We should add a section t... Kris Phillips

06/06/2025

10:19 PM pfSense Bug #16242 (New): When IPv6 Is Disabled the Firewall Still Queries IPv6 Localhost for DNS
When the "Allow IPv6" checkbox is disabled under System --> Advanced --> Networking, the firewall will continue to tr... Kris Phillips
08:50 PM pfSense Bug #16241 (New): NAT64 Doesn't drop RFC1918
In the current version (2.8.0) of pfsense is it possible to contact rfc1918 addresses using nat64, for example ping '... Raoul De Heer
08:09 PM pfSense Packages Bug #13898 (Resolved): Issues saving pfBlocker Sync Targets
Marcos M
08:00 PM pfSense Packages Bug #15530 (Rejected): pfBlockerNG Sync Tab helptext
Synchronizing from a secondary node to a primary node results in a loop. This is generally true and not necessarily s... Marcos M
04:59 PM pfSense Regression #16237 (Confirmed): Drivers that load firmware can cause a kernel panic.
It's this bug in the upstream firmware API: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=283285 Steve Wheeler
03:54 PM pfSense Regression #16237: Drivers that load firmware can cause a kernel panic.
... Steve Wheeler
03:50 PM pfSense Bug #16235 (Feedback): Using IPv4 VIPs on PPPoE interfaces with if_pppoe causes looping
Applied in changeset commit:62b1bc8b4b2606d3b20a48a853ef373ff1d71e26. Marcos M
03:03 PM pfSense Bug #16240 (New): the problem with the driver for the intel i810 pfsense 2.7.2
Hi,We've got a problem - with the driver for the intel i810 network card is that the VLAN ID crashes after reconfigur... Ivan Belov
02:55 PM pfSense Bug #16239 (New): after updating the server to pfsense 2.8.0 from pfsense 2.7.2, the server freezes tightly on boot

Good afternoon, we use a ThinkSystem SR630 V3 server, it has a QLogic QLE2772 32Gb 2-Port PCIe Fibre Channel Adapte... Ivan Belov

06/05/2025

11:57 PM pfSense Plus Bug #16238 (New): Clearing a P1's Life Time field does not restore default value
VPN > Ipsec: Add P1.
Create a new P1. The default Life Time is 28800, and the Rekey & Rand times are created based... Chris W
10:36 PM pfSense Regression #16237: Drivers that load firmware can cause a kernel panic.
If you are hitting this issue note the affected device if it's not listed above.
To work around it you can:
* Remove... Steve Wheeler
10:30 PM pfSense Regression #16237 (Confirmed): Drivers that load firmware can cause a kernel panic.
In recent FreeBSD 15 builds drivers have been moving firmware out of the code to load it when it attaches. This affec... Steve Wheeler
09:32 PM pfSense Packages Bug #16185 (Closed): FreeRADIUS HA sync changes may be overwritten by the system config XMLRPC sync
This will be fixed once https://redmine.pfsense.org/issues/16231 is implemented. Marcos M
09:27 PM pfSense Bug #16235 (Pull Request Review): Using IPv4 VIPs on PPPoE interfaces with if_pppoe causes looping
Marcos M
09:26 PM pfSense Bug #16235: Using IPv4 VIPs on PPPoE interfaces with if_pppoe causes looping
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1225 Marcos M
08:58 PM pfSense Bug #16235 (Feedback): Using IPv4 VIPs on PPPoE interfaces with if_pppoe causes looping
Originally reported on the forum:
https://forum.netgate.com/topic/197369
IPv4 VIPs are added by rc.newwanip via l... Marcos M
09:04 PM pfSense Bug #16236 (New): IPV6 Neighbor Solicitation on WAN interface used as part of Neighbor Unreachability Detection, causes the interface to stop forwarding traffic briefly
It appears that the 2.8.0 by default has setting of the NDP on the NICS enabled with a period of 30 secs. I have obse... Raj Vadi
08:15 PM pfSense Feature #16234 (Not a Bug): Feature Request: Support for tls-cert-bundle in pfSense WebGUI
You likely need to add @server:@ to the start of your custom options, as is mentioned in the documentation:
https:... Jim Pingle
08:03 PM pfSense Feature #16234 (Not a Bug): Feature Request: Support for tls-cert-bundle in pfSense WebGUI
Dear pfSense Support Team,

I am a pfSense user and have successfully configured DNS over TLS (DoT) using Unboun... Robert S
07:02 PM pfSense Packages Regression #14189: pfBlocker-NG: HA-Sync is not working
Since the backup router (for instance) runs its cron job and re-adds a list that was removed on the primary, without ... Steve Y
06:42 PM pfSense Packages Bug #16233 (New): Authentication for LDAP Available without Authorization
The options for defining an LDAP server requires Authorization to be checked, even if Authentication is not checked, ... Kris Phillips
05:15 PM pfSense Bug #16232 (New): Swap fails to activate on updated pfSense 2.8.0 when multiple swap partitions exist
I have an older pfSense install that I upgraded multiple times. It uses a 2 disk ZFS mirror for the normal data and a... Grimson Gretzleburg
04:25 PM pfSense Packages Todo #16231 (In Progress): Update packages to use the XMLRPC plugins for HA
A few new XMLRPC plugins have been introduced which address the race condition and improve maintainability - "see her... Marcos M
02:34 PM pfSense Packages Bug #14409: pfBlockerNG Cron Redundantly Updates pfSense Configuration When DNSBL is Disabled Due to Faulty Virtual IP Count
Noting this is still an issue, and also given the bug in Plus 24.03/24.11 where pfSense doesn't prune the configurati... Steve Y

06/04/2025

07:18 PM pfSense Packages Bug #16229 (Confirmed): Snort cannot run on if_pppoe interfaces
Sayed Mohammad Badiezadegan
06:31 PM pfSense Packages Bug #16229 (Confirmed): Snort cannot run on if_pppoe interfaces
Snort will fail to start if enabled on a PPPoE interfaces using the new if_pppoe module:... Steve Wheeler
07:08 PM pfSense Feature #16230 (New): KEA DHCP server needs log verbosity settings in GUI
Created on a customer's request.
There are config parameters that can be implemented in the current config.xml for t... Georgiy Tyutyunnik
01:53 PM pfSense Feature #16228 (New): Support multiple NAT64 prefixes via DNS64/PREF64
It is possible to return multiple NAT64 prefixes - ie multiple AAAA records returned pointing to each prefix. The ser... Bert Smith

06/03/2025

08:47 PM pfSense Feature #16227: Add DynDNS Provider - Infomaniak
PR: https://github.com/pfsense/pfsense/pull/4735 Fabio Gabrielli
08:44 PM pfSense Feature #16227 (Pull Request Review): Add DynDNS Provider - Infomaniak
Added the provider Infomaniak to the list of dyndns services.
Tested for IPv4.
More about the API: https://faq.in... Fabio Gabrielli
07:31 PM pfSense Todo #16212 (Feedback): Allow custom ZFS pool names
Marcos M
04:45 PM pfSense Plus Bug #16226 (Confirmed): ZFS Error Messages Missing from Widget
We have a Netgate 6100 which has developed some ZFS errors, but they aren't picked up by the widget.
!clipboard-2025... Matthew Fearnley
04:41 PM pfSense Bug #16221 (Not a Bug): Other interfaces are not demoted if a CARP interface uses DHCP resulting in split-brain operation
Marcos M
03:05 PM pfSense Packages Bug #16225 (New): Telegraf service does not restart after change of settings

Documented here: https://forum.netgate.com/topic/197682/telegraf-service-not-starting-after-change-of-setting
Th... Patrik Stahlman

06/02/2025

09:12 PM pfSense Bug #16221 (Pull Request Review): Other interfaces are not demoted if a CARP interface uses DHCP resulting in split-brain operation
This has been an issue at least since 23.01. The issue was not reproducible for the second WAN on #note-1 because the... Marcos M
08:43 PM pfSense Feature #16224 (New): Enhance state filtering and state killing abilities
The filtering capability of @Diagnostics > States > States@ is very limited and cannot handle multiple conditions.
... Andrew Almond
04:57 PM pfSense Bug #16217: Memory exhaustion in ``kea2unbound`` when pfBlockerNG DNSBL is enabled in "Unbound mode" instead of "Unbound python mode"
@kea2unbound@ is new in CE 2.8.0. Kea did not have DNS registration functionality before.
You can easily switch pf... Jim Pingle
04:54 PM pfSense Bug #16217: Memory exhaustion in ``kea2unbound`` when pfBlockerNG DNSBL is enabled in "Unbound mode" instead of "Unbound python mode"
Jim Pingle wrote in #note-1:
> Priority changed from Normal to Very Low
Should this be a HIGH protity. If I ... Troy R
04:51 PM pfSense Bug #16217: Memory exhaustion in ``kea2unbound`` when pfBlockerNG DNSBL is enabled in "Unbound mode" instead of "Unbound python mode"
Why did this change in 2.8.0? I never had errors about memory before the update.. Troy R
07:37 AM pfSense Bug #16128: if_pppoe: PHP password handling
Passwords which begin with exclamation mark (!) are broken see:
https://forum.netgate.com/post/1216202
The prop... Scott Ashcroft
03:12 AM pfSense Packages Bug #16223 (Duplicate): PHP Fatal error Allowed memory size of 536870912 bytes exhausted (tried to allocate 20480 bytes)
Duplicate of #16217 Jim Pingle
03:04 AM pfSense Packages Bug #16223: PHP Fatal error Allowed memory size of 536870912 bytes exhausted (tried to allocate 20480 bytes)
What you should be doing here is setting pfBlockerNG to use Unbound mode if you are loading a lot of large lists. Steve Wheeler
02:41 AM pfSense Packages Bug #16223: PHP Fatal error Allowed memory size of 536870912 bytes exhausted (tried to allocate 20480 bytes)
After doing all that I now learned..
!clipboard-202506012137-i4swt.png!
System > Advanced > Miscellaneous > PHP Se... Troy R
02:28 AM pfSense Packages Bug #16223: PHP Fatal error Allowed memory size of 536870912 bytes exhausted (tried to allocate 20480 bytes)
So aftering giving stuff in ChatGPT to lookout from that error and my log PlfBlockerNG Update.log
It told me...
`... Troy R
01:20 AM pfSense Packages Bug #16223: PHP Fatal error Allowed memory size of 536870912 bytes exhausted (tried to allocate 20480 bytes)
I had disabled PFBlocker and didn't have the error when restarting unbound.
Turned PFblocker back on. Had it upd... Troy R
02:15 AM pfSense Feature #14483: Conditionally reconfigure IPsec VTI interfaces only when necessary while applying IPsec changes
Any update on this? Mike Moore
02:14 AM pfSense Bug #16118: Expand view of system generated alias in GUI
Any update on this? Mike Moore

06/01/2025

10:03 PM pfSense Packages Bug #16223: PHP Fatal error Allowed memory size of 536870912 bytes exhausted (tried to allocate 20480 bytes)
It seems to be triggered by pfBlockerNG. It worked just fine in the old verison. But after updating to 2.8.0 a few ... Troy R
08:48 PM pfSense Packages Bug #16223 (Duplicate): PHP Fatal error Allowed memory size of 536870912 bytes exhausted (tried to allocate 20480 bytes)
Crash report begins. Anonymous machine information:
amd64
15.0-CURRENT
FreeBSD 15.0-CURRENT #1 RELENG_2_8_0-n25... Troy R
10:38 AM pfSense Packages Bug #16222: 2.8.0 - FRR - OSPF Route Propagation Fails After Reboot
Kris Phillips wrote in #note-2:
> F. M. wrote in #note-1:
> > After further troubleshooting, I discovered that, for... F. M.
01:49 AM pfSense Packages Bug #16222: 2.8.0 - FRR - OSPF Route Propagation Fails After Reboot
F. M. wrote in #note-1:
> After further troubleshooting, I discovered that, for some reason, the file /var/etc/frr/f... Kris Phillips
05:31 AM pfSense Plus Bug #16219: pfSense IPsec VTI Mode Incompatible with Juniper Traffic Selector Requirements
Thanks for taking care of the ticket.
Let me clarify. I don't intend to use traffic selector under VTI mode.
Th... Henry Zhou
01:43 AM pfSense Plus Bug #16219 (Incomplete): pfSense IPsec VTI Mode Incompatible with Juniper Traffic Selector Requirements
If you're using traffic selectors, you want Policy-mode in pfSense Plus. VTIs don't use traffic selectors, so I'm co... Kris Phillips
05:08 AM pfSense Regression #16209: AutoConfigBackup entries show incorrect timestamps
Tested on 25.03-BETA (amd64)
built on Tue Apr 29 17:29:00 +04 2025
FreeBSD 15.0-CURRENT
Patch is working
before
... aleksei prokofiev
01:50 AM pfSense Docs Correction #16207 (Confirmed): System --> Advanced --> Netgate Nexus. Help link lands on docs main page.
I can confirm this behavior. Tested on latest 25.03 builds.
Marking Confirmed. Kris Phillips
12:35 AM pfSense Packages Todo #16091 (Resolved): tailscale package requires updates
I can confirm both versions below offer Tailscale 0.1.8 which uses tailscale-1.82.5. Marking resolved.... Christopher Cope

05/31/2025

09:54 PM pfSense Bug #16221 (Confirmed): Other interfaces are not demoted if a CARP interface uses DHCP resulting in split-brain operation
I can confirm this on... Christopher Cope
03:00 AM pfSense Bug #16221 (Not a Bug): Other interfaces are not demoted if a CARP interface uses DHCP resulting in split-brain operation
Expected behavior:
When you unplug an interface and it goes from MASTER to INIT on a primary, all other interface... Kris Phillips
08:04 PM pfSense Packages Bug #16220 (Confirmed): Wireguard widget default refresh interval is invalid
I can confirm this on... Christopher Cope
04:42 PM pfSense Packages Feature #16089: Add packages for Zabbix 7.2 agent and proxy
Tested in latest 25.03 builds. Zabbix 7.2 packages are still not present. Kris Phillips
04:13 PM pfSense Packages Bug #16222: 2.8.0 - FRR - OSPF Route Propagation Fails After Reboot
After further troubleshooting, I discovered that, for some reason, the file /var/etc/frr/frr.conf is missing the line... F. M.
02:39 PM pfSense Packages Bug #16222 (New): 2.8.0 - FRR - OSPF Route Propagation Fails After Reboot
Since upgrading my pfSense with FRR, OSPF no longer seems to function correctly.
I use site-to-site OpenVPN tunnel... F. M.
08:41 AM pfSense Docs Correction #16208 (Resolved): System --> Update. Help link lands on package manger page.
Tested against:... Danilo Zrenjanin

05/30/2025

07:21 PM pfSense Packages Bug #16220 (Confirmed): Wireguard widget default refresh interval is invalid
The default widget refresh interval was changed to 20 ticks in this commit: https://github.com/pfsense/FreeBSD-ports/... Grant Emsley
06:25 PM pfSense Plus Bug #16219 (New): pfSense IPsec VTI Mode Incompatible with Juniper Traffic Selector Requirements
When configuring an IPsec VPN in VTI (route-based) mode between pfSense (using strongSwan) and Juniper firewalls (e.g... Henry Zhou
05:43 PM pfSense Plus Bug #14772: PFsense Plus doesn't work with AWS new Instance Metadata Service (IMDSv2)
Changing from installer category as it isn't related to the installer Reid Linnemann
05:33 PM pfSense Plus Bug #16176 (Feedback): Config restored during install can be overwitten by hardware specific default values
This is fixed as of https://gitlab.netgate.com/pfSense/installer/-/commit/7076078812bf56d62a326fec8815e255d32f4b8c Reid Linnemann
05:04 PM pfSense Feature #16110: Automatically check ``Allow IP options`` when IGMP is selected
patch works as expected
tested on:
25.07-DEVELOPMENT (amd64)
built on Thu May 29 19:08:00 UTC 2025
FreeBSD 15.0-C... Georgiy Tyutyunnik
03:51 PM pfSense Bug #16124: Kernel Panic on PCI WiFi Passthrough (AC7265)
Just hit this as well on the upgrade from 2.7.2 to 2.8.0 running on Proxmox (similar to the above ESXi report).
Kerne... MIchael K
03:14 PM pfSense Bug #16124: Kernel Panic on PCI WiFi Passthrough (AC7265)
Same problem with another WiFi card after upgrade from 2.7.2 to 2.8.0 or new install
Hope there is a way to ignore... Manuel Himmler
03:26 PM pfSense Todo #16212 (Ready To Test): Allow custom ZFS pool names
Marcos M
02:04 PM pfSense Feature #16215: Allow matching on IP Options with firewall match rules
patch allows "match" rule creation with IP options enabled. resulting floating rule logs igmp traffic
tested on
25.... Georgiy Tyutyunnik
01:08 PM pfSense Bug #16218: All-Inkl Dynamic DNS responses are not parsed correctly
PR: https://github.com/pfsense/pfsense/pull/4734 Christoph Filnkößl
01:06 PM pfSense Bug #16218 (Pull Request Review): All-Inkl Dynamic DNS responses are not parsed correctly
All-Inkl response check does not work properly on:
* 200 -> "good" is enough, IP is not contained in response if it ... Christoph Filnkößl
12:00 PM pfSense Packages Feature #14423: haproxy 2.7 QUIC support (+ maybe LUA 5.4?)
Pawel Piaskowy wrote in #note-3:
> Guys did you add USE_QUIC=1 to haproxy?
>
> [...]
>
> I need to give it a t... Bert Smith
06:24 AM pfSense Bug #15746: IPv6 is not deprecated on PPPoE Periodic Reset
This issue still persists with pfsense 2.8.0 and since most European isps handout dynamic prefixes will become more o... Johannes Rohde
02:22 AM pfSense Packages Bug #11797: Traffic Totals lost upon reboot when using a ramdisk for /var and /tmp
Confirmed still an issue as of May 2025 with pfSense CE @2.8.0@ and Status Traffic Totals package version @2.3.2_7@
... Greg Maub
02:17 AM pfSense Packages Bug #11054: Check Client Certificate CN not working as described
Confirmed still an issue as of May 2025 with pfSense CE @2.8.0@ and FreeRADIUS package version @0.15.14@
Forum post ... Greg Maub

05/29/2025

08:09 PM pfSense Todo #16212 (In Progress): Allow custom ZFS pool names
Marcos M
04:41 PM pfSense Bug #16217: Memory exhaustion in ``kea2unbound`` when pfBlockerNG DNSBL is enabled in "Unbound mode" instead of "Unbound python mode"
Switched. Thank you! Kevin Burge
04:28 PM pfSense Bug #16217: Memory exhaustion in ``kea2unbound`` when pfBlockerNG DNSBL is enabled in "Unbound mode" instead of "Unbound python mode"
Most users who have encountered this were using pfBlockerNG and were not using python mode. Changing pfBlockerNG to p... Jim Pingle
04:25 PM pfSense Bug #16217 (New): Memory exhaustion in ``kea2unbound`` when pfBlockerNG DNSBL is enabled in "Unbound mode" instead of "Unbound python mode"
Upgraded to 2.8.x yesterday:
2.8.0-RELEASE (amd64)
built on Wed May 21 18:12:00 CDT 2025
FreeBSD 15.0-CURRENT
... Kevin Burge
12:40 PM pfSense Bug #16216 (New): [BUG?] New PPPoE module (if_pppoe) causes high "Errors Out" on WAN (Vivo Fibra)
[EN_US]
Hi everyone,
I'm testing the new pfSense feature that allows using the kernel-based PPPoE driver (if_pp... Crystian Geovani Dorabiatto
11:35 AM pfSense Packages Bug #16120 (Confirmed): Zebra RIB doesn't reflect the removal of the static routes until the restart of service
Tested against the latest development pfSense Plus release.
I can confirm this behavior.
In reverse order, it fun... Danilo Zrenjanin

05/28/2025

08:40 PM pfSense Feature #16110 (Feedback): Automatically check ``Allow IP options`` when IGMP is selected
Applied in changeset commit:ed6c2eb84595aab998c3b3efaf16d226bd62c38d. Marcos M
08:25 PM pfSense Feature #16215 (Feedback): Allow matching on IP Options with firewall match rules
Applied in changeset commit:12a7fdf854ec48b0d2679eda374ff366c513aaca. Marcos M
08:17 PM pfSense Feature #16215 (Feedback): Allow matching on IP Options with firewall match rules
Match rules now support matching traffic with "allow-opts":
https://cgit.freebsd.org/src/commit/?id=7e70d94acd68b3ac... Marcos M
08:02 PM pfSense Plus Bug #16214 (Duplicate): Maximum Backup Limit Setting Not Enforced
Marcos M
07:02 PM pfSense Plus Bug #16214: Maximum Backup Limit Setting Not Enforced
It appears that the cleanup only occurs when the web UI for the configuration history is loaded. On my system, the b... Robert Jacobson
06:16 PM pfSense Plus Bug #16214 (Duplicate): Maximum Backup Limit Setting Not Enforced
*Issue Description:*
The value set under *Diagnostics > Configuration History > Configuration Backup Settings > Ma... Danilo Zrenjanin
04:11 PM pfSense Packages Feature #16213 (New): Sync some settings from General/IP/DNSBL
I'm using the sync to keep several separate pfSense instances configured with the same blocklists and settings. It wo... Grant Emsley
03:51 PM pfSense Todo #16212 (Feedback): Allow custom ZFS pool names
There are various places in the code where the ZFS pool is hardcoded to @pfSense@. Since the installer allows changin... Marcos M
02:06 PM pfSense Packages Bug #16211 (New): Python errors in Cellular
Errors from Cellular are shown in the boot and upgrade logs in 25.03:... Steve Wheeler
01:29 PM pfSense Bug #16010 (Rejected): AutoConfigBackup scheduled backups always upload even when the configuration has not changed
The backups are uploaded on a schedule that runs every minute. It might be a race condition of some sort but I don't ... Jim Pingle

05/27/2025

09:40 PM pfSense Feature #16210 (Resolved): Reduce writes to disk when using ZFS
Marcos M
07:50 PM pfSense Feature #16210 (Feedback): Reduce writes to disk when using ZFS
Applied in changeset commit:d39063366d8f85ffc3753d337a6afa1bcad2bd61 and commit:1c033a063dfefae07edce13736f7a00b734aa... Marcos M
05:18 PM pfSense Feature #16210 (Resolved): Reduce writes to disk when using ZFS
Increasing the default ZFS transaction group time ("@vfs.zfs.txg.timeout@":https://docs.freebsd.org/en/books/handbook... Marcos M
04:55 PM pfSense Regression #16209 (Feedback): AutoConfigBackup entries show incorrect timestamps
Applied in changeset commit:05aff057848b8a52887c41f26f89a17bc6655026. Anonymous
04:47 PM pfSense Regression #16209 (Pull Request Review): AutoConfigBackup entries show incorrect timestamps
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/1223 Marcos M
12:06 AM pfSense Regression #16209 (Feedback): AutoConfigBackup entries show incorrect timestamps
Backups in ACB are showing timestamps that seem to be from the remove server (US central time) not local time on the ... Steve Wheeler
10:38 AM pfSense Packages Bug #16185: FreeRADIUS HA sync changes may be overwritten by the system config XMLRPC sync
patch works, customer reports the issue as resolved.
we can close it Georgiy Tyutyunnik

05/26/2025

10:51 PM pfSense Feature #15016: Recursive DHCPv6-PD
> > * The UI doesn't have a simple place to show what prefix (and what size) the ISP delegated to us.
>
> Because ... Grant Emsley
07:00 PM pfSense Docs Correction #16208 (Resolved): System --> Update. Help link lands on package manger page.
pfSense = 25.03-BETA
Help link lands here:
https://docs.netgate.com/pfsense/en/latest/packages/manager.html
Sh... Craig Coonrad
06:48 PM pfSense Docs Correction #16207 (Confirmed): System --> Advanced --> Netgate Nexus. Help link lands on docs main page.
pfSense = 25.03-BETA
The help link lands here:
https://docs.netgate.com/pfsense/en/latest/
I believe it should... Craig Coonrad
04:12 PM pfSense Regression #16031: Some older ISA-based uart consoles do not function on development snapshots around 25.03 or later
This should be in 2.8 to allow installing on RCC-VE. Steve Wheeler

05/25/2025

01:17 PM pfSense Bug #15973: Kea DHCP server crashes on 3100 (32bit ARM) every 10 days or so post 24.11 upgrade
I'm not sure if this is an agreeable workaround to this issue, or if it works... but I discovered the Service Watchdo... Ian Stacey
01:47 AM pfSense Packages Bug #16206: Package apcupsd starts even when disabled
Confirmed on 2.8
2025-05-24 20:44:50 -0500 apcupsd 3.14.14 (31 May 2016) freebsd startup succeeded Bryan Allen

05/24/2025

11:57 PM pfSense Packages Bug #16206 (New): Package apcupsd starts even when disabled
If you uncheck and save the "Enable APC UPS Daemon Service" option under Services --> apcupsd, if you have configured... Kris Phillips
10:36 PM pfSense Bug #16197 (Confirmed): underscore (_) is not permitted in Identifier (Pre-Shared key)
Confirmed this on:
2.8.0-RELEASE (amd64)
built on Wed May 21 23:12:00 UTC 2025
FreeBSD 15.0-CURRENT
&
24.... Bryan Allen
09:52 PM pfSense Bug #16205 (Rejected): pfSense 2.8 Release has no package repositories
The repos are currently pointed at release-staging for 2.8.0-RELEASE, so they will not work unless you are able to re... Kris Phillips
09:23 PM pfSense Bug #16205 (Confirmed): pfSense 2.8 Release has no package repositories
Seeing the same. Christopher Cope
09:09 PM pfSense Bug #16205 (Rejected): pfSense 2.8 Release has no package repositories
2.8.0-RELEASE (amd64)
built on Wed May 21 23:12:00 UTC 2025
FreeBSD 15.0-CURRENT
With fresh install of 2.8 Relea... Bryan Allen
04:15 PM pfSense Bug #16204 (Incomplete): AutoConfigBackup no longer uploads configs
I hit this issue immediately after install, but oddly I am no longer seeing this on a fresh install. I assume there h... Christopher Cope
03:25 PM pfSense Bug #16204 (Incomplete): AutoConfigBackup no longer uploads configs
Tested on... Christopher Cope
04:00 PM pfSense Bug #16010: AutoConfigBackup scheduled backups always upload even when the configuration has not changed
Tried to test this on... Christopher Cope
06:23 AM pfSense Plus Bug #16200 (Confirmed): KEA DHCPv6 allows for invalid static mapping to be configured, leading to server start failure
I can confirm this behavior, the validation should be added.
Tested on ... Lev Prokofev
12:33 AM pfSense Plus Bug #16203 (New): Floating Firewall Rules for ICMP Inconsistently Choose Gateways and May Ignore Routing
When testing Floating rules for ICMP with the interface set to "Any", outbound traffic will choose whatever gateway w... Kris Phillips

05/23/2025

07:22 PM pfSense Feature #16202 (New): RFE: Allow using selecting client certificate to use for SMTP notifications
We would like to use client certificates to authenticate to our SMTP servers. There is no way to configure this at t... Orion Poplawski
03:40 PM pfSense Bug #16142: XMLRPC requests fail due to incorrect request path
Adding another data point, it's working for me now also. The HA pair I was able to replicate this on before now synch... Jim Pingle
03:34 PM pfSense Bug #16180 (Resolved): Improve gateway status detection with routed monitoring addresses
Marcos M
09:12 AM pfSense Docs Correction #16201 (New): Feedback on pfSense® software Configuration Recipes — Configuring CoDel Limiters for Bufferbloat
*Page:* https://docs.netgate.com/pfsense/en/latest/recipes/codel-limiters.html
*Feedback:*
On the section Float... Arya Senna
08:16 AM pfSense Plus Bug #16200 (Confirmed): KEA DHCPv6 allows for invalid static mapping to be configured, leading to server start failure
(in version 25.03.b.20250515.1415)
I accidently specified a static mapping address in the format used on tracking ... Patrik Stahlman

05/22/2025

10:48 PM pfSense Bug #14692: Mangled link-local addresses are being logged
Since the last update, the version of pfSense is now 2.7.2.
Previously, I had only seen the discarded messages being... Daryl Morse
09:02 PM pfSense Bug #16142 (Resolved): XMLRPC requests fail due to incorrect request path
Working; tested with 25.07.a.20250522.0600. Marcos M
08:45 PM pfSense Packages Bug #16185 (Pull Request Review): FreeRADIUS HA sync changes may be overwritten by the system config XMLRPC sync
Marcos M
08:33 PM pfSense Plus Bug #16199 (Resolved): Config warning is logged after config is synced to secondary HA node when MIM is enabled
Fixed with aa82ef9d32f2a3c6924797bc432a9b1dd0a0e851. Marcos M
08:20 PM pfSense Plus Bug #16199 (Resolved): Config warning is logged after config is synced to secondary HA node when MIM is enabled
On the primary node, go to Status > Filter Reload and force a config sync. On the secondary node the following is log... Marcos M
08:05 PM pfSense Todo #16198 (New): Add the ability to schedule a reboot for a future time
It would be great to be able to schedule a one-time reboot from the GUI. Use case is updating the System Patches pack... Dominik Hoffmann
03:59 PM pfSense Packages Todo #16091 (Feedback): tailscale package requires updates
Updated for 2.8.0/25.03. Marcos M
03:35 PM pfSense Bug #12833: GUI Service Log Filling Up with Cruft
Jim Pingle wrote in #note-10:
> The "Web Server" checkbox in log settings only disables error logging
>
> [...]
... Daryl Morse
07:04 AM pfSense Bug #16197: underscore (_) is not permitted in Identifier (Pre-Shared key)
underscore(_) should be allowed in the account name or the name part (prefix) of the e-mail address, not the domain s... Qian Yan
02:41 AM pfSense Bug #16197 (Confirmed): underscore (_) is not permitted in Identifier (Pre-Shared key)
When I put underscore(_) in the identifier, for example "San_Zhang", it will report error when click save.
> The f... Qian Yan

05/21/2025

11:31 PM pfSense Regression #16196 (Feedback): System update page shows version string with extra parts
The update widget checks all base/core/meta packages (rather than just the base package like the update page) across ... Marcos M
11:02 PM pfSense Regression #16196 (Feedback): System update page shows version string with extra parts
The System > Update page shows the following when updating from 2.8.0-RC to 2.8.0-RELEASE:... Marcos M

05/20/2025

08:46 PM pfSense Bug #14693: Filter reload with NAT reflection rules is extremely slow
This problem has been bugging me a lot too. I have lots of interfaces (250 VLANs) and about 200 NAT rules, reloading ... Vincent Caron
12:19 PM pfSense Packages Bug #16195 (New): acme 0.9_1 ocsp must-staple deprecated from let's encrypt
Please remove the ui elements and variable handling code for ocsp must-staple in the pfsense acme package.
Includi... David Horn

05/19/2025

11:42 PM pfSense Plus Bug #16176: Config restored during install can be overwitten by hardware specific default values
I think I understand the issue now. The installer lays down the installer settings file which has the installer confi... Reid Linnemann
11:11 PM pfSense Plus Bug #16176: Config restored during install can be overwitten by hardware specific default values
There is code in place on the initial boot when importing the installer config to touch the 'assign_complete' file th... Reid Linnemann
05:51 PM pfSense Bug #16194 (New): IPv6 ICMP firewall log entries marked with protocol "Options" instead of ICMPv6
Firewall log entries for ICMPv6 packets are showing a value of "Options" in the Protocol column, but only on developm... Jim Pingle
02:41 PM pfSense Docs Correction #16192 (Rejected): There is mismatch of description in the doc and on depiction of layout.
OpenVPN shared key mode is deprecated, not worth fixing this when it'll be going away. Nobody should be configuring t... Jim Pingle
05:04 AM pfSense Docs Todo #16193 (Rejected): Feedback on DHCP — Kea Settings Tab
The current documents have been updated to reflect options in Plus 24.11, Plus 25.03, and CE 2.8.0.
CE 2.7.2 does ... Jim Pingle
02:11 AM pfSense Docs Todo #16193 (Rejected): Feedback on DHCP — Kea Settings Tab
*Page:* https://docs.netgate.com/pfsense/en/latest/services/dhcp/kea-settings.html
*Feedback:*
I'm trying to set ... David Medland-Slater

05/18/2025

07:14 AM pfSense Bug #15228: User manger fails to display certificate option for a new user in case of input error
Tested on 25.03-BETA (amd64)
built on Wed May 7 20:11:00 +04 2025
FreeBSD 15.0-CURRENT
The issue still persist. aleksei prokofiev
07:02 AM pfSense Docs Correction #16192 (Rejected): There is mismatch of description in the doc and on depiction of layout.
In the https://docs.netgate.com/pfsense/en/latest/recipes/openvpn-s2s-psk.html
there is mismatch of description in t... aleksei prokofiev

05/17/2025

09:57 PM pfSense Plus Feature #14743: Add Passkey/Certificate-based Authentication
Jesse Norell wrote in #note-3:
> Sergei Shablovsky wrote in #note-2:
> > UPVOTE THIS
>
> How do you vote, just c... Kris Phillips
07:04 PM pfSense Docs Todo #16042: Feedback on pfSense® software Configuration Recipes — Configuring CoDel Limiters for Bufferbloat
I was pointed at this but I don't think my issues are related. That said, the current docs do lead the user to the u... Rob A

05/16/2025

09:44 PM pfSense Bug #16142 (Waiting on Merge): XMLRPC requests fail due to incorrect request path
Reid Linnemann
09:44 PM pfSense Bug #16142: XMLRPC requests fail due to incorrect request path
A ports merge is underway that will resolve this shortly, no other action needs to be taken. In the interim if you ne... Reid Linnemann
09:08 PM pfSense Bug #16142: XMLRPC requests fail due to incorrect request path
This looks to be related to a fix in Net_URL2 v2.2.3 for libpcre2 10.45 that is missing from Net_URL2 v2.2.2. Working... Reid Linnemann
07:03 PM pfSense Bug #16191: Early DNS registration can add invalid addreses
In addition, static mappings are currently being added without the prefix, even when a prefix is available.
Detai... Patrik Stahlman
06:58 PM pfSense Bug #16191 (New): Early DNS registration can add invalid addreses
When running Kea for DHCPv6 on an interface set to track6 against an upstream PD static DHCP leases can be added to u... Steve Wheeler
04:54 AM pfSense Bug #16130: Input validation prevents creating port forwards for the same port using a different address family
Yes it certainly does, but if I use the source alias containing mixed IPv4 and IPv6 for the firewall or NAT TCP rule ... V K

05/15/2025

08:47 PM pfSense Bug #16130: Input validation prevents creating port forwards for the same port using a different address family
The rule is created with either inet or inet6; pf will only match the rule for corresponding addresses in the pf tabl... Marcos M
08:21 PM pfSense Bug #16130: Input validation prevents creating port forwards for the same port using a different address family
Your advice only works if you can split source aliases into IPv4 and IPv6. However, this is not possible if the sourc... V K
07:58 PM pfSense Plus Regression #16187 (Resolved): Alias autocomplete does not work with Ethernet firewall rules
Marcos M
05:31 PM pfSense Plus Regression #16187: Alias autocomplete does not work with Ethernet firewall rules
fixed in the latest 25.03 beta
tested on:
25.03-BETA (amd64)
built on Thu May 15 14:15:00 UTC 2025
FreeBSD 15.0-C... Georgiy Tyutyunnik
04:21 PM pfSense Plus Feature #14743: Add Passkey/Certificate-based Authentication
Sergei Shablovsky wrote in #note-2:
> UPVOTE THIS
How do you vote, just comment "me too!" or watch the issue or ?... Jesse Norell
04:17 PM pfSense Packages Todo #16190: Update mDNS-Bridge to 2.0
PR https://github.com/pfsense/FreeBSD-ports/pull/1415 Denny Page
04:15 PM pfSense Packages Todo #16190 (New): Update mDNS-Bridge to 2.0
This update adds filtering of link local addresses from forwarded mDNS records.
[NB: This is categorized as Avahi ... Denny Page
02:48 PM pfSense Feature #16189: Better Logging for LDAP Connection Errors
PR: https://github.com/pfsense/pfsense/pull/4732 Jim Pingle
02:41 PM pfSense Feature #16189 (Waiting on Merge): Better Logging for LDAP Connection Errors
Jim Pingle
06:02 AM pfSense Feature #16189 (Waiting on Merge): Better Logging for LDAP Connection Errors
LDAP Connection Errors are hard to debug, as they dont give out any error details. This should be fixable by reading ... Björn Jakobsen
02:46 PM pfSense Feature #16166 (Pull Request Review): Option to deactivate ALTQ for VTNET interfaces
PR: https://github.com/pfsense/pfsense/pull/4733
That PR depends on an upstream FreeBSD source change which isn't ... Jim Pingle

05/14/2025

08:45 PM pfSense Feature #8149: NTPsec
Jim Pingle wrote in #note-4:
> We stated in the linked Reddit thread that if we were to change, the option we would ... Sergei Shablovsky
08:30 PM pfSense Feature #8149: NTPsec
Richard Yao wrote:
> Would pfSense integrate NTPsec client/sever support to help protect OpenVPN against MITM attack... Sergei Shablovsky
06:18 PM pfSense Bug #16022 (Resolved): Static lease DNS records are incorrectly removed when backing lease expires
Marcos M
05:10 PM pfSense Bug #16188 (Resolved): Typo in Installer
Fixed with a1462c78ec6ba60c0cbbb4475a8693fa41605e11, thanks! Marcos M
04:54 PM pfSense Bug #16188 (Confirmed): Typo in Installer
I confirmed this on the following versions:... Christopher Cope
04:33 PM pfSense Bug #16188 (Resolved): Typo in Installer
I didn't get a screen shot as it only shows for a couple seconds. But I'm pretty sure when it gets to the point of p... Steve Y

05/13/2025

07:12 PM pfSense Plus Regression #16187 (Feedback): Alias autocomplete does not work with Ethernet firewall rules
Fixed with commit:f121add4b9bc2905093645494494d54066e909b6. Marcos M
06:54 PM pfSense Plus Regression #16187 (Resolved): Alias autocomplete does not work with Ethernet firewall rules
There is no autocomplete when creating or editing an Ethernet firewall rule and typing an alias for the source or des... Marcos M
06:18 PM pfSense Bug #16186 (Duplicate): OpenVPN not removing old Cisco-AVPair anchor rules and files in ``/tmp``
It's not closed, it's still set to waiting on a patch upstream for the floating client support. Since you're seeing t... Marcos M
06:12 PM pfSense Bug #16186 (Duplicate): OpenVPN not removing old Cisco-AVPair anchor rules and files in ``/tmp``
Hello,
This is a continuation of #14577, I updated that ticket earlier not realizing it was closed.
I am still... Michael Mercier
04:55 PM pfSense Bug #14577: OpenVPN not removing old Cisco-AVPair anchor rules and files in ``/tmp``
Hi Marcos,
This issue is still happening for me. I have not yet figured out a way to reproduce the issue with my ... Michael Mercier
04:22 PM pfSense Packages Bug #16185 (Closed): FreeRADIUS HA sync changes may be overwritten by the system config XMLRPC sync
Making a change in FreeRADIUS on a HA cluster with configured FreeRADIUS sync triggers both the XMLRPC sync for the g... Georgiy Tyutyunnik

05/12/2025

06:21 PM pfSense Todo #13899 (Closed): Unclear description for UPnP option Override WAN address
Fixed as part of https://redmine.pfsense.org/issues/15864 Marcos M
05:00 PM pfSense Bug #16180 (Feedback): Improve gateway status detection with routed monitoring addresses
Applied in changeset commit:83637fdf058f0f9207ca339fb9bc44728f9dbd28.
Followup: commit:4f752164bd4d4a85c10e2c258745d... Marcos M
03:25 PM pfSense Bug #16183 (Incomplete): IPsec tunnels show as down, but they are working
I can't reproduce this here. It maybe a remnant leftover after a configuration change where strongSwan didn't stop an... Jim Pingle
03:02 PM pfSense Bug #16010: AutoConfigBackup scheduled backups always upload even when the configuration has not changed
I tested on both and I can't reproduce any problem. When I switch to a schedule, say every five minutes (@*/5, *, *. ... Jim Pingle
02:17 PM pfSense Bug #12833: GUI Service Log Filling Up with Cruft
The "Web Server" checkbox in log settings only disables error logging... Jim Pingle

05/11/2025

04:25 AM pfSense Bug #16142: XMLRPC requests fail due to incorrect request path
Still an issue on the latest builds. Any update? dylan mendez

05/10/2025

08:25 PM pfSense Bug #15676 (Resolved): OpenVPN not rendering alises in "IPv4 Local network" setting.
I can't reproduce the issue on 24.11.
This ticket has been marked as resolved. Danilo Zrenjanin
06:14 PM pfSense Bug #12833: GUI Service Log Filling Up with Cruft
I'm getting hit fairly hard with this right now, as I have a busy 24.11 firewall in Azure that's shipping syslog to m... → luckman212
03:55 PM pfSense Bug #16010: AutoConfigBackup scheduled backups always upload even when the configuration has not changed
Tested on... Christopher Cope

05/09/2025

11:13 PM pfSense Bug #16183 (Incomplete): IPsec tunnels show as down, but they are working
Our IPsec connection is working, but the status shows as down:
!clipboard-202505091705-zv4df.png!
The IPSec Overvie... Orion Poplawski
10:18 PM pfSense Plus Bug #15948: GUI times out when attempting to view large Configuration History
This timeout would not be an issue normally but is much more likely to happen due to https://redmine.pfsense.org/issu... Marcos M
09:46 PM pfSense Bug #16182: Firewall rules using interface subnet aliases may prevent filter rules from loading after upgrades

I have verified that the patch fixes the issue, using the instruction in https://forum.netgate.com/post/1214308
Patrik Stahlman
09:33 PM pfSense Bug #16182 (Resolved): Firewall rules using interface subnet aliases may prevent filter rules from loading after upgrades
Tested working by original reporter. Marcos M
08:35 PM pfSense Bug #16182: Firewall rules using interface subnet aliases may prevent filter rules from loading after upgrades
Applied in changeset commit:a8e5ba643026ee11001dbeff48246ec9fbd07cc9. Marcos M
08:29 PM pfSense Bug #16182 (Feedback): Firewall rules using interface subnet aliases may prevent filter rules from loading after upgrades
Fixed with commit:a8e5ba643026ee11001dbeff48246ec9fbd07cc9.
This changes the behavior for interface "subnet" alias... Marcos M
08:17 PM pfSense Bug #16182 (Resolved): Firewall rules using interface subnet aliases may prevent filter rules from loading after upgrades
Sometimes after upgrades with pfBlockerNG installed, there will be an alert on the dashboard stating that the filter ... Marcos M
09:31 PM pfSense Docs Todo #16135 (Resolved): Document NAT64 rules
Looks good to me, thanks! Marcos M
07:25 PM pfSense Docs Todo #16135 (Feedback): Document NAT64 rules
This should all be reasonably complete now, along with other updates to firewall and NAT rules. It has all been deplo... Jim Pingle
07:20 PM pfSense Bug #16022: Static lease DNS records are incorrectly removed when backing lease expires
fixed. tested on
25.03-BETA (amd64)
built on Wed May 7 16:11:00 UTC 2025
FreeBSD 15.0-CURRENT
can reproduce on 24... Georgiy Tyutyunnik
03:33 PM pfSense Plus Regression #15880 (Resolved): Upgrade available LED not set before branch is selected.
Only the current branch and release branches are checked for updates. Sounds like it's working as expected given the ... Marcos M
02:14 PM pfSense Plus Regression #15880: Upgrade available LED not set before branch is selected.
re-tested on
25.03-BETA (amd64)
built on Wed May 7 16:11:00 UTC 2025
FreeBSD 15.0-CURRENT
issue still present - ... Georgiy Tyutyunnik
09:18 AM pfSense Bug #12922 (Confirmed): Classless static routes received on DHCP WAN can override chosen default gateway
Danilo Zrenjanin
 

Also available in: Atom