pfSense bugtracker: Issueshttps://redmine.pfsense.org/https://redmine.pfsense.org/favicon.ico?16780521162019-05-24T07:53:56ZpfSense bugtracker
Redmine pfSense - Bug #9547 (Duplicate): altq on vlan interfaces not supportedhttps://redmine.pfsense.org/issues/95472019-05-24T07:53:56ZVladimir Lind
<p>on 2.5.0-DEVELOPMENT (amd64) <br />built on Thu May 23 20:41:57 EDT 2019 <br />FreeBSD 12.0-RELEASE-p4</p>
<p>There were error(s) loading the rules: pfctl: igb1.401: driver does not support altq - The line in question reads [0]: @ 2019-05-24 13:50:23</p> pfSense - Bug #9479 (Duplicate): Alias table not updated when adding new entry https://redmine.pfsense.org/issues/94792019-04-17T01:55:21ZVladimir Lind
<p>On 2.4.4-p2 CE and arm - tested on MBT2220 and SG3100:</p>
<p>I can't replicate it every time - I would say the majority of the times alias table gets updated properly - but in a significant part of cases alias table (IP's) entry addition is not reflected in:</p>
<p>pfctl -t <AliasName> -T show</p>
<p>So this entry doesn't work though I can see new entry in firewall rules when point to the alias.<br />If I add entry using pfctl:</p>
<p>pfctl -t CustomerSystems -T add <IP></p>
<p>Entry is effectively added.</p>
<p>Other workaround is just to reboot the system.</p> pfSense - Bug #9319 (Duplicate): Certificates synced even with disabled Sync option - "Certificat...https://redmine.pfsense.org/issues/93192019-02-13T11:09:27ZVladimir Lind
<p>Certificates and CA's are still being synced from primary to secondary even with disabled Sync option - "Certificate Authorities, Certificates, and Certificate Revocation Lists"</p>
<p>ticket for reference - 20660</p> pfSense Packages - Feature #9217 (Resolved): Squid LDAP Authentication - spaces in ldif valueshttps://redmine.pfsense.org/issues/92172018-12-20T00:24:47ZVladimir Lind
<p>If OU value or another ldif unit contains spaces, for example OU=all users, squid ldap auth works only if to put the whole expression in proper webgui fields (squid > Auth) between quotes. <br />May be it is worth to wrap the values in fields LDAP Server User DN and LDAP Base DN in quotes automatically.</p>
<p>This works:</p>
<p>auth_param basic program /usr/local/libexec/squid/basic_ldap_auth -v 3 -b 'ou=all users,dc=company,dc=local' -D 'cn=admin,ou=all users,dc=company,dc=local' -w pass -f "objectClass=user" -u sAMAccountName -P 1.1.1.1:234</p>
<p>This doesn't work:</p>
<p>auth_param basic program /usr/local/libexec/squid/basic_ldap_auth -v 3 -b ou=all users,dc=company,dc=local -D cn=admin,ou=all users,dc=company,dc=local -w pass -f "objectClass=user" -u sAMAccountName -P 1.1.1.1:234</p>
<p>Attached corresponding webgui config.</p>
<p>Ticket for reference - <a class="external" href="https://go.netgate.com/helpdesk/tickets/18080">https://go.netgate.com/helpdesk/tickets/18080</a></p> pfSense - Bug #8964 (New): IPsec async cryptography advanced setting - TCP traffic not passing t...https://redmine.pfsense.org/issues/89642018-09-27T02:25:33ZVladimir Lind
<p>Test setup:</p>
<p>Windows <-> SG2220 2.4.4-rel <---IPSEC---> SG3100 2.4.4-rel <-> Windows</p>
<p>IPsec (tunnel mode) with following settings:<br />P1 - mode Auto, AES128, SHA256, DH14<br />P2 - AES128GCM, no hash, PFS 14</p>
<p>ICMP between Win hosts is OK.<br />But SMB traffic is not going through with Async Crypto enabled on any side. I do see established TSP session. When I disable async crypto - SMB download immediately begin to flow.<br />Attached a packet dump sniffed on LAN of the 3100 - it is a snippet of the moment when async was disabled (lines 12-15) and SMB began to work.</p>
<p>Please refer also to trouble tickets 12812 and 12864 for additional details.</p> pfSense - Bug #8856 (Resolved): IPsec not starting and getting PHP error https://redmine.pfsense.org/issues/88562018-08-31T01:23:46ZVladimir Lind
<p>on SG3100 Thu Aug 30 00:38:38 EDT 2018</p>
<p>Crash report begins. Anonymous machine information:</p>
<p>arm<br />11.2-RELEASE-p2<br />FreeBSD 11.2-RELEASE-p2 <a class="issue tracker-1 status-5 priority-6 priority-high2 closed" title="Bug: Stickies patch broken on 8.0 (Closed)" href="https://redmine.pfsense.org/issues/80">#80</a> ef03b27b545(factory-RELENG_2_4_4): Thu Aug 30 00:55:02 EDT 2018 root@buildbot3:/builder/crossbuild-master/obj/armv6/C5dYt69Q/arm.armv6/builder/crossbuild-master/pfSense/tmp/FreeBSD-src/sys/pfSense-SG-3100</p>
<p>Crash report details:</p>
<p>PHP Errors:<br />[31-Aug-2018 09:17:05 Europe/Moscow] PHP Warning: mkdir(): File exists in /etc/inc/vpn.inc on line 174<br />[31-Aug-2018 09:18:49 Europe/Moscow] PHP Warning: mkdir(): File exists in /etc/inc/vpn.inc on line 174<br />[31-Aug-2018 09:19:58 Europe/Moscow] PHP Warning: mkdir(): File exists in /etc/inc/vpn.inc on line 174</p>
<p>In IPsec log:</p>
<p>Aug 31 09:20:05 charon 09[IKE] <con1000|4> no private key found for '<ddns local peer ID>'</p> pfSense Packages - Bug #8790 (Resolved): getting PHP error regarding HAproxy pkghttps://redmine.pfsense.org/issues/87902018-08-16T00:20:04ZVladimir Lind
<p>On 2.4.4 buildtime - Tue Aug 14 16:55:58 EDT 2018</p>
<p>Crash report begins. Anonymous machine information:</p>
<p>amd64<br />11.2-RELEASE-p1<br />FreeBSD 11.2-RELEASE-p1 <a class="issue tracker-1 status-3 priority-4 priority-default closed" title="Bug: Some packages with RC scripts start twice at bootup (Resolved)" href="https://redmine.pfsense.org/issues/53">#53</a> d867749350f(factory-RELENG_2_4_4): Tue Aug 14 17:34:55 EDT 2018 root@buildbot3:/builder/crossbuild-master/obj/amd64/rdiCdX3r/builder/crossbuild-master/pfSense/tmp/FreeBSD-src/sys/pfSense</p>
<p>Crash report details:</p>
<p>PHP Errors:<br />[15-Aug-2018 06:03:13 Etc/UTC] PHP Warning: count(): Parameter must be an array or an object that implements Countable in /usr/local/www/guiconfig.inc on line 260<br />[16-Aug-2018 05:11:14 Etc/UTC] PHP Warning: Illegal string offset 'item' in /usr/local/pkg/haproxy/haproxy.inc on line 2189<br />[16-Aug-2018 05:11:14 Etc/UTC] PHP Fatal error: Uncaught Error: Cannot create references to/from string offsets in /usr/local/pkg/haproxy/haproxy.inc:2189<br />Stack trace:<br />#0 /usr/local/pkg/haproxy/haproxy.inc(2226): haproxy_get_transparent_backends()<br />#1 /etc/inc/filter.inc(4432): haproxy_generate_rules('filter')<br /><a class="issue tracker-1 status-3 priority-4 priority-default closed parent" title="Bug: Gateway not added when switching from DHCP to static (Resolved)" href="https://redmine.pfsense.org/issues/2">#2</a> /etc/inc/filter.inc(410): discover_pkg_rules('filter')<br /><a class="issue tracker-1 status-3 priority-4 priority-default closed" title="Bug: VPN negation rules not added in 2.0 (Resolved)" href="https://redmine.pfsense.org/issues/3">#3</a> /etc/rc.filter_configure_sync(29): filter_configure_sync()<br /><a class="issue tracker-4 status-3 priority-4 priority-default closed" title="Todo: Remove hard coded VLAN supported interfaces list (Resolved)" href="https://redmine.pfsense.org/issues/4">#4</a> {main}<br /> thrown in /usr/local/pkg/haproxy/haproxy.inc on line 2189<br />[16-Aug-2018 05:11:20 Etc/UTC] PHP Warning: Illegal string offset 'item' in /usr/local/pkg/haproxy/haproxy.inc on line 2189<br />[16-Aug-2018 05:11:20 Etc/UTC] PHP Fatal error: Uncaught Error: Cannot create references to/from string offsets in /usr/local/pkg/haproxy/haproxy.inc:2189<br />Stack trace:<br />#0 /usr/local/pkg/haproxy/haproxy.inc(2226): haproxy_get_transparent_backends()<br />#1 /etc/inc/filter.inc(4432): haproxy_generate_rules('filter')<br /><a class="issue tracker-1 status-3 priority-4 priority-default closed parent" title="Bug: Gateway not added when switching from DHCP to static (Resolved)" href="https://redmine.pfsense.org/issues/2">#2</a> /etc/inc/filter.inc(410): discover_pkg_rules('filter')<br /><a class="issue tracker-1 status-3 priority-4 priority-default closed" title="Bug: VPN negation rules not added in 2.0 (Resolved)" href="https://redmine.pfsense.org/issues/3">#3</a> /etc/rc.newwanip(223): filter_configure_sync()<br /><a class="issue tracker-4 status-3 priority-4 priority-default closed" title="Todo: Remove hard coded VLAN supported interfaces list (Resolved)" href="https://redmine.pfsense.org/issues/4">#4</a> {main}<br /> thrown in /usr/local/pkg/haproxy/haproxy.inc on line 2189<br />[16-Aug-2018 05:11:22 Etc/UTC] PHP Warning: Illegal string offset 'item' in /usr/local/pkg/haproxy/haproxy.inc on line 2189<br />[16-Aug-2018 05:11:22 Etc/UTC] PHP Fatal error: Uncaught Error: Cannot create references to/from string offsets in /usr/local/pkg/haproxy/haproxy.inc:2189<br />Stack trace:<br />#0 /usr/local/pkg/haproxy/haproxy.inc(2226): haproxy_get_transparent_backends()<br />#1 /etc/inc/filter.inc(4432): haproxy_generate_rules('filter')<br /><a class="issue tracker-1 status-3 priority-4 priority-default closed parent" title="Bug: Gateway not added when switching from DHCP to static (Resolved)" href="https://redmine.pfsense.org/issues/2">#2</a> /etc/inc/filter.inc(410): discover_pkg_rules('filter')<br /><a class="issue tracker-1 status-3 priority-4 priority-default closed" title="Bug: VPN negation rules not added in 2.0 (Resolved)" href="https://redmine.pfsense.org/issues/3">#3</a> /etc/rc.filter_configure_sync(29): filter_configure_sync()<br /><a class="issue tracker-4 status-3 priority-4 priority-default closed" title="Todo: Remove hard coded VLAN supported interfaces list (Resolved)" href="https://redmine.pfsense.org/issues/4">#4</a> {main}<br /> thrown in /usr/local/pkg/haproxy/haproxy.inc on line 2189<br />[16-Aug-2018 05:11:25 Etc/UTC] PHP Warning: Illegal string offset 'item' in /usr/local/pkg/haproxy/haproxy.inc on line 2189<br />[16-Aug-2018 05:11:25 Etc/UTC] PHP Fatal error: Uncaught Error: Cannot create references to/from string offsets in /usr/local/pkg/haproxy/haproxy.inc:2189<br />Stack trace:<br />#0 /usr/local/pkg/haproxy/haproxy.inc(2226): haproxy_get_transparent_backends()<br />#1 /etc/inc/filter.inc(4432): haproxy_generate_rules('filter')<br /><a class="issue tracker-1 status-3 priority-4 priority-default closed parent" title="Bug: Gateway not added when switching from DHCP to static (Resolved)" href="https://redmine.pfsense.org/issues/2">#2</a> /etc/inc/filter.inc(410): discover_pkg_rules('filter')<br /><a class="issue tracker-1 status-3 priority-4 priority-default closed" title="Bug: VPN negation rules not added in 2.0 (Resolved)" href="https://redmine.pfsense.org/issues/3">#3</a> /etc/rc.filter_configure_sync(29): filter_configure_sync()<br /><a class="issue tracker-4 status-3 priority-4 priority-default closed" title="Todo: Remove hard coded VLAN supported interfaces list (Resolved)" href="https://redmine.pfsense.org/issues/4">#4</a> {main}<br /> thrown in /usr/local/pkg/haproxy/haproxy.inc on line 2189<br />[16-Aug-2018 05:13:17 Etc/UTC] PHP Warning: Illegal string offset 'item' in /usr/local/pkg/haproxy/haproxy.inc on line 2189<br />[16-Aug-2018 05:13:17 Etc/UTC] PHP Fatal error: Uncaught Error: Cannot create references to/from string offsets in /usr/local/pkg/haproxy/haproxy.inc:2189<br />Stack trace:<br />#0 /usr/local/pkg/haproxy/haproxy.inc(2226): haproxy_get_transparent_backends()<br />#1 /etc/inc/filter.inc(4432): haproxy_generate_rules('filter')<br /><a class="issue tracker-1 status-3 priority-4 priority-default closed parent" title="Bug: Gateway not added when switching from DHCP to static (Resolved)" href="https://redmine.pfsense.org/issues/2">#2</a> /etc/inc/filter.inc(410): discover_pkg_rules('filter')<br /><a class="issue tracker-1 status-3 priority-4 priority-default closed" title="Bug: VPN negation rules not added in 2.0 (Resolved)" href="https://redmine.pfsense.org/issues/3">#3</a> /etc/rc.filter_configure_sync(29): filter_configure_sync()<br /><a class="issue tracker-4 status-3 priority-4 priority-default closed" title="Todo: Remove hard coded VLAN supported interfaces list (Resolved)" href="https://redmine.pfsense.org/issues/4">#4</a> {main}<br /> thrown in /usr/local/pkg/haproxy/haproxy.inc on line 2189<br />[16-Aug-2018 05:13:21 Etc/UTC] PHP Warning: Illegal string offset 'item' in /usr/local/pkg/haproxy/haproxy.inc on line 2189<br />[16-Aug-2018 05:13:21 Etc/UTC] PHP Fatal error: Uncaught Error: Cannot create references to/from string offsets in /usr/local/pkg/haproxy/haproxy.inc:2189<br />Stack trace:<br />#0 /usr/local/pkg/haproxy/haproxy.inc(2226): haproxy_get_transparent_backends()<br />#1 /etc/inc/filter.inc(4432): haproxy_generate_rules('filter')<br /><a class="issue tracker-1 status-3 priority-4 priority-default closed parent" title="Bug: Gateway not added when switching from DHCP to static (Resolved)" href="https://redmine.pfsense.org/issues/2">#2</a> /etc/inc/filter.inc(410): discover_pkg_rules('filter')<br /><a class="issue tracker-1 status-3 priority-4 priority-default closed" title="Bug: VPN negation rules not added in 2.0 (Resolved)" href="https://redmine.pfsense.org/issues/3">#3</a> /etc/rc.filter_configure_sync(29): filter_configure_sync()<br /><a class="issue tracker-4 status-3 priority-4 priority-default closed" title="Todo: Remove hard coded VLAN supported interfaces list (Resolved)" href="https://redmine.pfsense.org/issues/4">#4</a> {main}<br /> thrown in /usr/local/pkg/haproxy/haproxy.inc on line 2189<br />[16-Aug-2018 05:15:42 Etc/UTC] PHP Warning: Illegal string offset 'item' in /usr/local/pkg/haproxy/haproxy.inc on line 2189<br />[16-Aug-2018 05:15:42 Etc/UTC] PHP Fatal error: Uncaught Error: Cannot create references to/from string offsets in /usr/local/pkg/haproxy/haproxy.inc:2189<br />Stack trace:<br />#0 /usr/local/pkg/haproxy/haproxy.inc(2226): haproxy_get_transparent_backends()<br />#1 /etc/inc/filter.inc(4432): haproxy_generate_rules('filter')<br /><a class="issue tracker-1 status-3 priority-4 priority-default closed parent" title="Bug: Gateway not added when switching from DHCP to static (Resolved)" href="https://redmine.pfsense.org/issues/2">#2</a> /etc/inc/filter.inc(410): discover_pkg_rules('filter')<br /><a class="issue tracker-1 status-3 priority-4 priority-default closed" title="Bug: VPN negation rules not added in 2.0 (Resolved)" href="https://redmine.pfsense.org/issues/3">#3</a> /etc/rc.newwanip(223): filter_configure_sync()<br /><a class="issue tracker-4 status-3 priority-4 priority-default closed" title="Todo: Remove hard coded VLAN supported interfaces list (Resolved)" href="https://redmine.pfsense.org/issues/4">#4</a> {main}<br /> thrown in /usr/local/pkg/haproxy/haproxy.inc on line 2189<br />[16-Aug-2018 05:15:47 Etc/UTC] PHP Warning: Illegal string offset 'item' in /usr/local/pkg/haproxy/haproxy.inc on line 2189<br />[16-Aug-2018 05:15:47 Etc/UTC] PHP Fatal error: Uncaught Error: Cannot create references to/from string offsets in /usr/local/pkg/haproxy/haproxy.inc:2189<br />Stack trace:<br />#0 /usr/local/pkg/haproxy/haproxy.inc(2226): haproxy_get_transparent_backends()<br />#1 /etc/inc/filter.inc(4432): haproxy_generate_rules('filter')<br /><a class="issue tracker-1 status-3 priority-4 priority-default closed parent" title="Bug: Gateway not added when switching from DHCP to static (Resolved)" href="https://redmine.pfsense.org/issues/2">#2</a> /etc/inc/filter.inc(410): discover_pkg_rules('filter')<br /><a class="issue tracker-1 status-3 priority-4 priority-default closed" title="Bug: VPN negation rules not added in 2.0 (Resolved)" href="https://redmine.pfsense.org/issues/3">#3</a> /etc/rc.filter_configure_sync(29): filter_configure_sync()<br /><a class="issue tracker-4 status-3 priority-4 priority-default closed" title="Todo: Remove hard coded VLAN supported interfaces list (Resolved)" href="https://redmine.pfsense.org/issues/4">#4</a> {main}<br /> thrown in /usr/local/pkg/haproxy/haproxy.inc on line 2189<br />[16-Aug-2018 05:15:53 Etc/UTC] PHP Warning: Illegal string offset 'item' in /usr/local/pkg/haproxy/haproxy.inc on line 2189<br />[16-Aug-2018 05:15:53 Etc/UTC] PHP Fatal error: Uncaught Error: Cannot create references to/from string offsets in /usr/local/pkg/haproxy/haproxy.inc:2189<br />Stack trace:<br />#0 /usr/local/pkg/haproxy/haproxy.inc(2226): haproxy_get_transparent_backends()<br />#1 /etc/inc/filter.inc(4432): haproxy_generate_rules('filter')<br /><a class="issue tracker-1 status-3 priority-4 priority-default closed parent" title="Bug: Gateway not added when switching from DHCP to static (Resolved)" href="https://redmine.pfsense.org/issues/2">#2</a> /etc/inc/filter.inc(410): discover_pkg_rules('filter')<br /><a class="issue tracker-1 status-3 priority-4 priority-default closed" title="Bug: VPN negation rules not added in 2.0 (Resolved)" href="https://redmine.pfsense.org/issues/3">#3</a> /etc/rc.reload_all(34): filter_configure_sync()<br /><a class="issue tracker-4 status-3 priority-4 priority-default closed" title="Todo: Remove hard coded VLAN supported interfaces list (Resolved)" href="https://redmine.pfsense.org/issues/4">#4</a> {main}<br /> thrown in /usr/local/pkg/haproxy/haproxy.inc on line 2189</p>
<p>No FreeBSD crash data found.</p> pfSense - Bug #8708 (Resolved): Squidguard > Target categories > Order description typohttps://redmine.pfsense.org/issues/87082018-07-28T01:36:14ZVladimir Lind
<p>Select the new position for this target category. Target categories are listed in this order on <strong>ALCs</strong> and are matched from the top down in sequence.</p>
<p>ACL's is expected instead of ALC</p> pfSense - Bug #8663 (Resolved): gw group - php error on openinghttps://redmine.pfsense.org/issues/86632018-07-18T07:38:16ZVladimir Lind
<p>2.4.4-CE Tue Jul 17 17:00:22 EDT 2018</p>
<p>When opening <a class="external" href="https://x.x.x.x/system_gateway_groups.php">https://x.x.x.x/system_gateway_groups.php</a> I get an error:</p>
<p>Warning: Illegal string offset 'gateway_group' in /usr/local/www/system_gateway_groups.php on line 37 Warning: Illegal string offset 'gateway_group' in /usr/local/www/system_gateway_groups.php on line 40 Fatal error: Uncaught Error: Cannot create references to/from string offsets in /usr/local/www/system_gateway_groups.php:40 Stack trace: #0 {main} thrown in /usr/local/www/system_gateway_groups.php on line 40 PHP ERROR: Type: 1, File: /usr/local/www/system_gateway_groups.php, Line: 40, Message: Uncaught Error: Cannot create references to/from string offsets in /usr/local/www/system_gateway_groups.php:40 Stack trace: #0 {main} thrown</p> pfSense - Bug #8643 (Resolved): IPsec not working on latest 2.4.4 snaphttps://redmine.pfsense.org/issues/86432018-07-13T00:03:27ZVladimir Lind
<p>IPsec is not establishing connection, seeing this error (crash):</p>
<p>Fatal error: Uncaught Error: [] operator not supported for strings in /etc/inc/vpn.inc:373<br />Stack trace:<br />#0 /etc/rc.bootup(411): vpn_ipsec_configure()<br />#1 {main}<br /> thrown in /etc/inc/vpn.inc on line 373<br />PHP ERROR: Type: 1, File: /etc/inc/vpn.inc, Line: 373, Message: Uncaught Error: [] operator not supported for strings in /etc/inc/vpn.inc:373<br />Stack trace:<br />#0 /etc/rc.bootup(411): vpn_ipsec_configure()<br />#1 {main}</p> pfSense - Feature #8635 (Resolved): "Remote/local subnets" in routed IPsec renaminghttps://redmine.pfsense.org/issues/86352018-07-11T00:17:54ZVladimir Lind
<p>Naming of the "Remote/local subnets" labels looks not to be appropriate.</p>
<p>According to this link - <a class="external" href="https://www.netgate.com/docs/pfsense/vpn/ipsec/ipsec-routed.html">https://www.netgate.com/docs/pfsense/vpn/ipsec/ipsec-routed.html</a></p>
<p>Create a Phase 2 entry under this Phase 1, set with…<br />Set Mode to Routed (VTI) <br />Set Local Network to Network - <em># If Network is preferred and probably the only logical choice here - why not to remove this dropdown menu?</em><br />Enter 10.6.106.1/30 for the Local Network Address - <em># This statement in fact sets VTI IP address and mask</em><br />Enter 10.6.106.2 for the Remote Network Address - <em># This statement in fact set's VTI gateway IP address (IP address of the remote VTI)</em></p>
<p>I would propose to change "Local Network Address" label to something like "VTI IP address and mask" and "Remote Network Address" to "VTI gateway IP address" or "remote VTI IP address"</p>
<p>Current labels might easily confuse and make think about networks that should be interconnected by routed IPsec.</p> pfSense - Bug #8629 (Resolved): Routed IPsec P1 - not coming up after pressing "disconnect" buttonhttps://redmine.pfsense.org/issues/86292018-07-10T01:52:16ZVladimir Lind
<p>A simple routed IPsec setup with one single /32 route across VTI interface. It works - P1 is UP, P2 routes listed, connectivity between remote hosts confirmed with icmp test.<br />But when forcing P1 disconnect with "disconnect" button under Status -> IPsec, P1 never comes back up until I reload IPsec daemon on one of the endpoints. When I try to force tunnel to come up by pressing "connect" button or initiating interesting for ipsec traffic I see this in log on either site:</p>
<p>Jul 10 06:18:00 charon 12[CFG] no IKE_SA named 'con1' found<br />Jul 10 06:18:01 charon 07[CFG] vici client 31 connected<br />Jul 10 06:18:01 charon 13[CFG] vici client 31 registered for: list-sa<br />Jul 10 06:18:01 charon 13[CFG] vici client 31 requests: list-sas<br />Jul 10 06:18:01 charon 10[CFG] vici client 31 disconnected<br />Jul 10 06:18:01 charon 07[CFG] received stroke: initiate 'con1'<br />Jul 10 06:18:01 charon 07[CFG] no config named 'con1'</p>
<p>2.4.4 factory - Mon Jul 09 16:05:36 EDT 2018 - both machines.</p> pfSense - Bug #8628 (Not a Bug): IPsec VTI - P2 "remote network" field accepts only host addresshttps://redmine.pfsense.org/issues/86282018-07-10T01:05:30ZVladimir Lind
<p>In routed IPsec you can specify "remote network" - but in fact "mask" field is grayed out. You can set only a host (/32) address, what is reflected in routing table:</p>
<p>192.168.152.1 link#7 UH 9 1400 ipsec1000</p>
<p>This setting seems not be useful because we are routing networks, not just hosts across routed ipsec tunnel.</p>
<p>I think there are two options - 1) remove "Local/Remote Network" fields and let do all the routing via assigned VTI interface with separately configured static or dynamic routes.<br /> 2) Allow to set static network (not just /32 host) routes under P2</p>
<p>Version - 2.4.4-CE Mon Jul 09 16:03:52 EDT 2018</p> pfSense Packages - Bug #8620 (Resolved): arpwatch database page is not accessiblehttps://redmine.pfsense.org/issues/86202018-07-05T09:57:20ZVladimir Lind
<p>On CE-2.4.3-p1 I am not able to open <a class="external" href="https://172.21.41.148/pkg_edit.php?xml=arpwatch.xml">https://172.21.41.148/pkg_edit.php?xml=arpwatch.xml</a> - getting 504</p>
<p>from upstream, client: 172.21.41.249, server: , request: "GET /arpwatch_database.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php-fpm.socket", host: "172.21.41.148", referrer: "https://172.21.41.148/pkg_edit.php?xml=arpwatch.xml"</p> pfSense - Bug #8601 (Duplicate): "snmpd SIOCGIFDESCR (e6000sw0port1): Device not configured"https://redmine.pfsense.org/issues/86012018-06-26T01:59:57ZVladimir Lind
<p>When enabling SNMP on SG-3100 and XG-7100 following messages appear on every SNMP service change:</p>
<p>SG3100:</p>
<p>Jun 26 06:32:45 snmpd 46667 SIOCGIFDESCR (e6000sw0port1): Device not configured<br />Jun 26 06:32:45 snmpd 46667 SIOCGIFDESCR (e6000sw0port2): Device not configured<br />Jun 26 06:32:45 snmpd 46667 SIOCGIFDESCR (e6000sw0port3): Device not configured<br />Jun 26 06:32:45 snmpd 46667 SIOCGIFDESCR (e6000sw0port4): Device not configured<br />Jun 26 06:32:45 snmpd 46667 SIOCGIFDESCR (e6000sw0port5): Device not configured</p>
<p>XG7100:</p>
<p>Jun 26 06:37:49 snmpd 78243 SIOCGIFDESCR (e6000sw0port1): Device not configured<br />Jun 26 06:37:49 snmpd 78243 SIOCGIFDESCR (e6000sw0port2): Device not configured<br />Jun 26 06:37:49 snmpd 78243 SIOCGIFDESCR (e6000sw0port3): Device not configured<br />Jun 26 06:37:49 snmpd 78243 SIOCGIFDESCR (e6000sw0port4): Device not configured<br />Jun 26 06:37:49 snmpd 78243 SIOCGIFDESCR (e6000sw0port5): Device not configured<br />Jun 26 06:37:49 snmpd 78243 SIOCGIFDESCR (e6000sw0port6): Device not configured<br />Jun 26 06:37:49 snmpd 78243 SIOCGIFDESCR (e6000sw0port7): Device not configured<br />Jun 26 06:37:49 snmpd 78243 SIOCGIFDESCR (e6000sw0port8): Device not configured<br />Jun 26 06:37:49 snmpd 78243 SIOCGIFDESCR (e6000sw0port9): Device not configured<br />Jun 26 06:37:49 snmpd 78243 SIOCGIFDESCR (e6000sw0port10): Device not configured</p>
<p>Would be nice not to see them at all.</p>