pfSense bugtracker: Issueshttps://redmine.pfsense.org/https://redmine.pfsense.org/favicon.ico?16780521162012-04-30T13:03:06ZpfSense bugtracker
Redmine pfSense - Bug #2405 (Rejected): Lack of traffic shaping queue parent can take firewall down (pass...https://redmine.pfsense.org/issues/24052012-04-30T13:03:06ZScott Ullrichsullrich@gmail.com
<p>Simple: create a Traffic Shaper queue but forget to choose a queue parent.</p>
<p>from: <a class="external" href="http://tech.akom.net/archives/59-How-to-take-down-your-pfSense-firewall-with-one-checkbox.html">http://tech.akom.net/archives/59-How-to-take-down-your-pfSense-firewall-with-one-checkbox.html</a></p> pfSense - Bug #1415 (Resolved): Nat reflection is installing rules with 'Array'https://redmine.pfsense.org/issues/14152011-04-05T09:21:52ZScott Ullrichsullrich@gmail.com
<p>This leads to 10K+ nc processes which never go away and at some point will exhaust your firewalls resources.</p> pfSense - Bug #1383 (Closed): Upgrade routines should check free spacehttps://redmine.pfsense.org/issues/13832011-03-24T17:50:59ZScott Ullrichsullrich@gmail.com
<p>Need to check the free space on /cf and / before upgrades. If there is not enough free space then cancel upgrade and file a notice.</p> pfSense - Bug #1344 (Resolved): Replace prototype javascript code with jQueryhttps://redmine.pfsense.org/issues/13442011-03-10T14:11:13ZScott Ullrichsullrich@gmail.com
<p>In light of this announcement <a class="external" href="http://twitter.com/#!/usejquery/statuses/45924060558925825">http://twitter.com/#!/usejquery/statuses/45924060558925825</a> and due to the steam building behind the jQuery project it would be in our best interest to replace prototype with jQuery for 2.1 or beyond.</p> pfSense - Todo #1229 (Closed): Captive Portal configuration page needs advanced button lovehttps://redmine.pfsense.org/issues/12292011-01-25T13:49:02ZScott Ullrichsullrich@gmail.com
<p>The captive portal page has grown and grown and has a lot of features that most people will not be using.</p>
<p>In the style of the filter rules page we need to hide a number of these items behind advanced buttons.</p> pfSense - Bug #1152 (Resolved): Client mode OpenVPN gateways sometimes not added to apingerhttps://redmine.pfsense.org/issues/11522011-01-02T12:57:26ZScott Ullrichsullrich@gmail.com
<p>At times, unknown how to replicate for sure, OpenVPN gateways disappear from the apinger.conf and hence apinger.status, leaving the gateway's status showing "Gathering data". In one scenario, restarting the OpenVPN client instance made it re-appear. It seems possibly it happens when the client reconnects after losing connectivity with the server for some period of time (didn't have time at the moment to fully test that).</p> pfSense - Bug #1059 (Closed): ipfw-classifyd is running but qos is not enabled or configuredhttps://redmine.pfsense.org/issues/10592010-11-30T20:28:21ZScott Ullrichsullrich@gmail.com
<p>QOS is not enabled/configured. ipfw-classifyd is running:</p>
<p>[2.0-BETA4][root@hostname]/root(106): ps awux | grep 18177<br />root 18177 0.0 0.5 8176 5260 ?? Ss Fri09PM 0:01.34 /usr/local/sbin/ipfw-classifyd -n 5 -q 700 -c /tmp/BitTorrent.l7 -p</p> pfSense - Bug #1058 (Resolved): filterdns not honoring quit signalhttps://redmine.pfsense.org/issues/10582010-11-30T20:10:33ZScott Ullrichsullrich@gmail.com
<p>[2.0-BETA4][root@hostname]/root(85): ps awux | grep filterdns | wc -l<br /> 11</p>
<p>Chris was seeing 24 of them. The code does a:</p>
<pre><code>killbypid("{$g['tmp_path']}/filterdns.pid");</code></pre>
<p>So the C code must be ignoring the normal quit signal?</p> pfSense - Bug #869 (Closed): Captive Portal rule does not work when using a restrictive rulesethttps://redmine.pfsense.org/issues/8692010-09-01T19:37:31ZScott Ullrichsullrich@gmail.com
<p>Directions to reproduce:</p>
<p>Setup captive portal on OPT1.</p>
<p>Add a rule on OPT1 interface:<br />allow<br />protocol any<br />src: OPT1 subnet<br />dst: OPT1 subnet<br />no gateway</p>
<p>Captive portal will not display as it should. It has something to do with ipfw forwarding the traffic to localhost.</p>
<p>See <a class="external" href="http://tinyurl.com/2a8s4ld">http://tinyurl.com/2a8s4ld</a><br />and <a class="external" href="http://twitpic.com/2kd0ab">http://twitpic.com/2kd0ab</a></p> pfSense - Bug #865 (Resolved): Static routes for interface not added on bootuphttps://redmine.pfsense.org/issues/8652010-08-31T15:24:05ZScott Ullrichsullrich@gmail.com
<p>I have a static route for the LAN interface that does not get added on bootup.</p>
<p>10.0.0.47/32 lan - 10.0.250.2 LAN Send across vpn</p>
<p>After bootup if I save the entry it gets added as it should.</p>
<p>Lan GW looks like:</p>
<p>lan LAN 10.0.250.2 10.0.250.2 LAN GW</p> pfSense - Bug #708 (Resolved): Need more checks for dns rebind issuehttps://redmine.pfsense.org/issues/7082010-07-01T15:38:59ZScott Ullrichsullrich@gmail.com
<p>I just committed a change for --stop-dns-rebind on dnsmasq but we need to go a bit further on our checks in auth.inc:</p>
<blockquote>
<p>The --stop-dns-rebind option for DNSMasq is definitely a good one to enable,<br />but I would also suggest validating HTTP host headers. If the router<br />receives an HTTP request and the Host header doesn't match the router's IP<br />address or host name (assuming it has a host name), then it should block the<br />request or redirect the client to an error page.</p>
</blockquote> pfSense - Bug #615 (Closed): View current page for the portal page contents does not workhttps://redmine.pfsense.org/issues/6152010-05-21T18:05:25ZScott Ullrichsullrich@gmail.com
<p>Results in the browser navigating to <a class="external" href="http://$IP:8000/">http://$IP:8000/</a></p>
<p>Clicking on the View current page for the error upload results in: <a class="external" href="https://$IP/services_captiveportal.php?act=viewerrhtml">https://$IP/services_captiveportal.php?act=viewerrhtml</a></p> pfSense - Bug #609 (Resolved): Captive Portal voucher information not being backed uphttps://redmine.pfsense.org/issues/6092010-05-20T20:59:59ZScott Ullrichsullrich@gmail.com
<p>When you backup the Captive Portal configuration area via Backup/Restore the Voucher configuration should be included in addition to the other Captive Portal configuration information.</p> pfSense - Bug #608 (Resolved): Captive Portal voucher concurrent login feature not workinghttps://redmine.pfsense.org/issues/6082010-05-20T20:59:16ZScott Ullrichsullrich@gmail.com
<p>When using the Captive Portal vouchers in addition to the disable concurrent login feature the Captive Portal allows multiple voucher numbers on multiple machines to login at the same time.</p>
<p>Need to prevent the same coucher # from logging into other machines when this option is enabled.</p>
<p>Problem is most likely because the code checks against usernames and not the voucher code field.</p> pfSense - Bug #607 (Rejected): Creating a 2nd or 3rd voucher roll on captive portal does not down...https://redmine.pfsense.org/issues/6072010-05-20T20:37:49ZScott Ullrichsullrich@gmail.com
<p>When creating the 2nd or 3rd+ voucher clicking the blue download icon will result in the 1st roll being downloaded only</p>