pfSense bugtracker: Issueshttps://redmine.pfsense.org/https://redmine.pfsense.org/favicon.ico?16780521162024-03-27T15:47:47ZpfSense bugtracker
Redmine pfSense Packages - Bug #15365 (Confirmed): pfBlockerNG PHP error when editing a listhttps://redmine.pfsense.org/issues/153652024-03-27T15:47:47ZSteve Wheeler
<p>When editing an IPv4 list item I hit:<br /><pre>
PHP Errors:
[27-Mar-2024 15:22:03 Europe/London] PHP Fatal error: Uncaught ValueError: range(): Argument #3 ($step) must be greater than 0 for increasing ranges in /usr/local/www/pfblockerng/pfblockerng_category_edit.php:391
Stack trace:
#0 /usr/local/www/pfblockerng/pfblockerng_category_edit.php(391): range(1, 17, -1)
#1 {main}
thrown in /usr/local/www/pfblockerng/pfblockerng_category_edit.php on line 391
</pre></p>
<p>Looks like others have hit it editing other lists.</p>
<p>Tested:<br />pfSense-24.03.b.20240322.1708<br />pfSense-pkg-pfBlockerNG-3.2.0_9</p> pfSense - Bug #15363 (Confirmed): Reply traffic on a secondary WAN is dropped when it's delayed v...https://redmine.pfsense.org/issues/153632024-03-26T19:15:17ZMarcos M
<p>When a dummynet pipe with a delay is applied to traffic on a secondary WAN, reply traffic is dropped. It seems that the fix in <a class="issue tracker-4 status-3 priority-4 priority-default closed" title="Todo: Handle ``route-to`` and ``reply-to`` states when using the ``if-bound`` state policy (Resolved)" href="https://redmine.pfsense.org/issues/15220">#15220</a> does not take effect in this scenario.</p>
<p>Test setup:<br /><code>vmx1</code> is WAN1, <code>vmx2</code> is WAN2<br /><pre>
# match rule -- pfctl -vvsr
@296 match in on vmx2 inet all label "USER_RULE: QoS queue default (outside) IPv4" label "id:1686509600" ridentifier 1686509600 dnqueue(12, 9) ! tagged blocklist
[ Evaluations: 151142 Packets: 284 Bytes: 78078 States: 0 ]
[ Inserted: uid 0 pid 0 State Creations: 0 ]
[ Last Active Time: N/A ]
# pass rule -- pfctl -vvsr
@799 pass in quick on vmx2 reply-to (vmx2 192.168.1.254) inet proto udp from any to 127.0.0.1 port = rsf-1 keep state (if-bound) label "USER_RULE: OpenVPN" label "id:1679170153" ridentifier 1679170153 ! tagged blocklist
[ Evaluations: 438 Packets: 301 Bytes: 106093 States: 0 ]
[ Inserted: uid 0 pid 0 State Creations: 2 ]
[ Last Active Time: Tue Mar 26 12:24:48 2024 ]
</pre></p>
<p>The following works: limiter queue without a delay on the pipe:<br /><pre>
# pipe without delay -- dnctl pipe show
00004: 80.000 Mbit/s 0 ms burst 0
q131076 50 sl. 0 flows (1 buckets) sched 65540 weight 0 lmax 0 pri 0 droptail
sched 65540 type FIFO flags 0x0 0 buckets 0 active
# state info -- pfctl -vvss
vmx2 udp 127.0.0.1:1195 (192.168.1.253:1195) <- 172.58.109.152:61712 MULTIPLE:MULTIPLE
age 00:00:11, expires in 00:00:51, 10:8 pkts, 3632:3280 bytes, rule 799
id: dd6b0a6600000000 creatorid: af6c8b55 reply-to: 192.168.1.254@vmx2
origif: vmx1
</pre></p>
<p>The following does not work: limiter queue with a 1ms delay on the pipe:<br /><pre>
# pipe with 1ms delay -- dnctl pipe show
00004: 80.000 Mbit/s 1 ms burst 0
q131076 50 sl. 0 flows (1 buckets) sched 65540 weight 0 lmax 0 pri 0 droptail
sched 65540 type FIFO flags 0x0 0 buckets 0 active
# state info -- pfctl -vvss
all udp 127.0.0.1:1195 (192.168.1.253:1195) <- 172.58.109.152:64462 NO_TRAFFIC:SINGLE
age 00:00:40, expires in 00:00:20, 5:0 pkts, 410:0 bytes, rule 799
id: 7fe5096600000000 creatorid: af6c8b55 reply-to: 192.168.1.254@vmx2
origif: vmx2
</pre></p> pfSense - Bug #15362 (New): Config upgrade error with empty gateway interval tags.https://redmine.pfsense.org/issues/153622024-03-26T19:12:31ZSteve Wheeler
<p>Upgrading an old config that has set but empty gateway interval tags throws a php error.<br />For example a config containing:<br /><pre>
<gateway_item>
<interface>wan</interface>
<gateway>1.2.3.4</gateway>
<name>wan_gateway</name>
<weight/>
<interval/>
<descr><![CDATA[gw1]]></descr>
<defaultgw/>
</gateway_item>
</pre></p>
<p>Will hit:<br /><pre>
Fatal error: Uncaught TypeError: Unsupported operand types: string * int in /etc/inc/upgrade_config.inc:4169
Stack trace:
#0 /etc/inc/config.lib.inc(519): upgrade_130_to_131()
#1 /etc/rc.bootup(140): convert_config()
#2 {main}
thrown in /etc/inc/upgrade_config.inc on line 4169
PHP ERROR: Type: 1, File: /etc/inc/upgrade_config.inc, Line: 4169, Message: Uncaught TypeError: Unsupported operand types: string * int in /etc/inc/upgrade_config.inc:4169
Stack trace:
#0 /etc/inc/config.lib.inc(519): upgrade_130_to_131()
#1 /etc/rc.bootup(140): convert_config()
#2 {main}
</pre></p> pfSense Plus - Regression #15337 (Feedback): pfSense-boot pkg fails install in UFShttps://redmine.pfsense.org/issues/153372024-03-13T22:05:02ZSteve Wheeler
<p>Upgrading UFS installs to the current 24.03 snapshot fails when running the POST-INSTALL script inb the pfSense upgrade pkg:<br /><pre>
Installed packages to be UPGRADED:
pfSense-boot: 24.03.b.20240312.0600 -> 24.03.b.20240313.0600 [pfSense-core]
Number of packages to be upgraded: 1
[1/1] Upgrading pfSense-boot from 24.03.b.20240312.0600 to 24.03.b.20240313.0600...
[1/1] Extracting pfSense-boot-24.03.b.20240313.0600: .......... done
/bin/sh: Syntax error: end of file unexpected (expecting "fi")
pkg-static: POST-INSTALL script failed
failed.
Failed
</pre></p>
<p>This appears to be caused by the script truncating the UFS ID:<br /><pre>
+ mount -p
+ awk '$2 ~ /^\/$/ { match($1, "[[:alpha:]/]+[[:digit:]]+"); print substr($1, RSTART, RLENGTH); }'
+ bootdevs=/dev/ufsid/6023315
+ mount -p
+ awk '$2 ~/\/boot\/efi/'
+ [ -n '' ]
+ gpart show -p /dev/ufsid/6023315
+ awk '$4 ~ /efi/ {print $3}'
gpart: No such geom: /dev/ufsid/6023315.
</pre></p> pfSense - Bug #15291 (New): Error on Traffic Shaper 0% Bandwidthhttps://redmine.pfsense.org/issues/152912024-02-26T09:35:21ZPavan K
<p>Link to post on pfSense Forum: <br /><a class="external" href="https://forum.netgate.com/topic/186137/error-on-traffic-shaper-0-bandwidth?_=1708915183963">https://forum.netgate.com/topic/186137/error-on-traffic-shaper-0-bandwidth?_=1708915183963</a></p>
<p>Backstory:<br />recently we migrated from pfSense 2.4.x to 2.7.2 which was a direct update. Everything worked fine etc the traffic shaping feature.</p>
<p>Following is the error:<br />There were error(s) loading the rules: pfctl: the sum of the child<br />bandwidth (1200000000) higher than parent "root_igc4" (1000000000) -<br />The line in question reads [0]: @ 2024-01-31 16:45:05</p>
<p>Following is our configuration:<br />Name → FAIRQ_7<br />Priority→ 7<br />Scheduler Option → Random Early detection in and out<br />Bandwidth → None</p>
<p>Add new Queue(Default)<br />Enable<br />Name → qFAIRQ_2(Default)<br />Priority→ 2<br />Scheduler Option → Default<br />Bandwidth → None</p>
<p>Add new Queue(ACK)<br />Enable<br />Name → qACK_6<br />Priority→ 6<br />Scheduler Option → Random Early detection in and out<br />Bandwidth → None</p>
<p>According to the configuration the Bandwidth on Queue(ACK) should be 0% which was migrated off from 2.4.x but on 2.7.2 it's not letting us save 0% bandwidth for some reason.</p>
<p>And due to this new rules which are created are not taking effect it's only after we disable and enable the Traffic Shaper completely the rule is effective.</p> pfSense Plus - Todo #15266 (Feedback): Prevent usage of the default password in User Manager acco...https://redmine.pfsense.org/issues/152662024-02-16T18:53:24ZJim Pingle
<p>Currently we detect in the GUI when the admin account is using the default password (<code>"pfsense"</code>) and print a warning message: source:src/usr/local/www/head.inc#L564</p>
<p>We should change that to check any account (not just <code>admin</code>) and force a password change during one or more of the user's initial interactions, for example:</p>
<ul>
<li>During the setup wizard</li>
<li>GUI login any time the password matches the default password</li>
<li>Shell (console or SSH) login any time the password matches the default password</li>
<li>Possibly during the installation process</li>
</ul>
<p>We should also not allow the user to change their password to any variation of "pfsense" in upper/lower/mixed case.</p> pfSense - Bug #15116 (New): Kea not working with UEFI HTTPBoot URL configuredhttps://redmine.pfsense.org/issues/151162023-12-26T19:06:26ZJason Montleon
<p>I have configured and successfully use http boot to occasionally boot libvirt vms by checking off `Enable Network Booting` and entering a URL in the `UEFI HTTPBoot URL` field.</p>
<p>Seeing the banner message that ISC DHCP is deprecated I navigated to `System / Advanced / Networking` and switched to Kea DHCP. But when I do this I am no longer able to successfully use UEFI HTTPBoot.</p>
<p>Switching back and forth between ISC DHCP and Kea DHCP is all I need to do to fix and break the functionality again.</p>
<p>Looking at kea-dhcp4.conf there is nothing that stands out to me as obviously wrong, but clients never access the http server I have configured.</p> pfSense - Bug #15032 (Feedback): Kea DHCP sends wrong bootloader file for uefi boothttps://redmine.pfsense.org/issues/150322023-11-25T15:14:36ZDavid Masshardtdavid@masshardt.ch
<p>I already posted this problem in the pfSense forum and was asked to report this issue here. Here is the link of the discussion thread:<br /><a class="external" href="https://forum.netgate.com/topic/184301/kea-dhcp-uefi-pxe-boot-sends-wrong-boot-file">https://forum.netgate.com/topic/184301/kea-dhcp-uefi-pxe-boot-sends-wrong-boot-file</a></p>
<p>I'm using netboot.xyz for network booting and I just switched to Kea DHCP. After the migration I noticed that network booting from UEFI bios does not work anymore, but legacy bios boot still does work.</p>
<p>Here are the configuration values I set in pfSense:</p>
<p>TFTP Server: IP of my netboot server<br />Next Server: IP of my netboot server<br />Default BIOS File Name: netboot.xyz.kpxe<br />UEFI 32 bit File Name: netboot.xyz.efi<br />UEFI 64 bit File Name: netboot.xyz.efi<br />ARM 64 bit File Name: netboot.xyz-arm64.efi</p>
<p>The Kea DHCP server always offers the default netboot.xyz.kpxe file to UEFI machines.</p>
<p>Here are the logs from Kea DHCP for an UEFI bios:</p>
<pre>
Nov 23 12:23:55 kea-dhcp4 14098 INFO [kea-dhcp4.dhcp4.0x3e2f2f5b9300] EVAL_RESULT Expression ipxe_64_lan_pool_0 evaluated to 1
Nov 23 12:23:55 kea-dhcp4 14098 INFO [kea-dhcp4.dhcp4.0x3e2f2f5b9300] EVAL_RESULT Expression ipxe_legacy_lan_pool_0 evaluated to 1
Nov 23 12:23:55 kea-dhcp4 14098 INFO [kea-dhcp4.dhcp4.0x3e2f2f5b9300] EVAL_RESULT Expression ipxe_64_lan evaluated to 1
Nov 23 12:23:55 kea-dhcp4 14098 INFO [kea-dhcp4.dhcp4.0x3e2f2f5b9300] EVAL_RESULT Expression ipxe_legacy_lan evaluated to 1
Nov 23 12:23:55 kea-dhcp4 14098 INFO [kea-dhcp4.leases.0x3e2f2f5b9300] DHCP4_LEASE_ALLOC [hwtype=1 46:15:16:cd:59:84], cid=[no info], tid=0xaccc68dd: lease 172.17.128.2 has been allocated for 86400 seconds
Nov 23 12:23:55 kea-dhcp4 14098 INFO [kea-dhcp4.dhcpsrv.0x3e2f2f5b9300] EVAL_RESULT Expression pool_opt1_0 evaluated to 1
Nov 23 12:23:55 kea-dhcp4 14098 INFO [kea-dhcp4.dhcpsrv.0x3e2f2f5b9300] EVAL_RESULT Expression pool_lan_0 evaluated to 1
</pre>
<p>And here is the generated kea-dhcp4.conf file. (I just removed the reservations)</p>
<pre>
{
"Dhcp4": {
"interfaces-config": {
"interfaces": [
"mlxen0",
"mlxen0.2"
]
},
"lease-database": {
"type": "memfile",
"persist": true,
"name": "/var/lib/kea/dhcp4.leases"
},
"loggers": [
{
"name": "kea-dhcp4",
"output_options": [
{
"output": "syslog"
}
],
"severity": "INFO"
}
],
"valid-lifetime": 7200,
"max-valid-lifetime": 86400,
"ip-reservations-unique": false,
"echo-client-id": false,
"option-data": [
{
"name": "domain-name",
"data": "mydomain"
}
],
"option-def": [
{
"space": "dhcp4",
"name": "ldap-server",
"code": 95,
"type": "string"
}
],
"hooks-libraries": [
{
"library": "/usr/local/lib/kea/hooks/libdhcp_lease_cmds.so"
}
],
"control-socket": {
"socket-type": "unix",
"socket-name": "/tmp/kea4-ctrl-socket"
},
"authoritative": true,
"client-classes": [
{
"name": "ipxe_32_lan_pool_0",
"test": "option[93].hex == 0x0006",
"only-if-required": true,
"option-data": [
{
"name": "boot-file-name",
"data": "netboot.xyz.efi"
}
]
},
{
"name": "ipxe_64_lan_pool_0",
"test": "option[93].hex == 0x0007 or option[93].hex == 0x0009",
"only-if-required": true,
"option-data": [
{
"name": "boot-file-name",
"data": "netboot.xyz.efi"
}
]
},
{
"name": "ipxe_64arm_lan_pool_0",
"test": "option[93].hex == 0x000b",
"only-if-required": true,
"option-data": [
{
"name": "boot-file-name",
"data": "netboot.xyz-arm64.efi"
}
]
},
{
"name": "ipxe_legacy_lan_pool_0",
"test": "not member('ipxe_32_lan_pool_0') and not member('ipxe_64_lan_pool_0') and not member('ipxe_64arm_lan_pool_0')",
"only-if-required": true,
"option-data": [
{
"name": "boot-file-name",
"data": "netboot.xyz.kpxe"
}
]
},
{
"name": "pool_lan_0",
"test": "member('ALL')"
},
{
"name": "ipxe_32_lan",
"test": "option[93].hex == 0x0006",
"only-if-required": true,
"option-data": [
{
"name": "boot-file-name",
"data": "netboot.xyz.efi"
}
]
},
{
"name": "ipxe_64_lan",
"test": "option[93].hex == 0x0007 or option[93].hex == 0x0009",
"only-if-required": true,
"option-data": [
{
"name": "boot-file-name",
"data": "netboot.xyz.efi"
}
]
},
{
"name": "ipxe_64arm_lan",
"test": "option[93].hex == 0x000b",
"only-if-required": true,
"option-data": [
{
"name": "boot-file-name",
"data": "netboot.xyz-arm64.efi"
}
]
},
{
"name": "ipxe_legacy_lan",
"test": "not member('ipxe_32_lan') and not member('ipxe_64_lan') and not member('ipxe_64arm_lan')",
"only-if-required": true,
"option-data": [
{
"name": "boot-file-name",
"data": "netboot.xyz.kpxe"
}
]
},
{
"name": "pool_opt1_0",
"test": "member('ALL')"
}
],
"subnet4": [
{
"id": 1,
"subnet": "172.17.0.0/16",
"option-data": [
{
"name": "domain-name",
"data": "mydomain"
},
{
"name": "domain-search",
"data": "mydomain"
},
{
"name": "domain-name-servers",
"data": "172.17.1.1"
},
{
"name": "routers",
"data": "172.17.1.1"
},
{
"name": "netbios-name-servers",
"data": "172.17.2.1"
},
{
"name": "netbios-node-type",
"data": "8"
}
],
"pools": [
{
"pool": "172.17.128.0 - 172.17.128.199",
"client-class": "pool_lan_0",
"option-data": [
{
"name": "domain-name-servers",
"data": "172.17.1.1"
},
{
"name": "tftp-server-name",
"data": "172.17.2.17"
}
],
"require-client-classes": [
"ipxe_legacy_lan_pool_0",
"ipxe_32_lan_pool_0",
"ipxe_64_lan_pool_0",
"ipxe_64arm_lan_pool_0"
]
}
],
"valid-lifetime": 86400,
"next-server": "172.17.2.17",
"require-client-classes": [
"ipxe_legacy_lan",
"ipxe_32_lan",
"ipxe_64_lan",
"ipxe_64arm_lan"
],
"reservations-in-subnet": true
},
{
"id": 2,
"subnet": "172.20.0.0/16",
"option-data": [
{
"name": "domain-name-servers",
"data": "172.20.1.1"
},
{
"name": "routers",
"data": "172.20.1.1"
}
],
"pools": [
{
"pool": "172.20.128.0 - 172.20.128.255",
"client-class": "pool_opt1_0",
"option-data": [
{
"name": "domain-name-servers",
"data": "172.20.1.1"
}
]
}
],
"valid-lifetime": 86400,
"reservations-in-subnet": true
}
]
}
</pre>
<p>I noticed that the legacy classes in the require-client-classes are on top of all the other classes. After i changed the order so that the legacy classes are at the bottom netboot worked for legacy and UEFI boot.</p>
<p>I also created a patch file that fixes the problem in the services.inc file:</p>
<pre><code class="diff syntaxhl"><span class="gd">--- /etc/inc/services.inc.save 2023-11-24 15:19:26.797541000 +0100
</span><span class="gi">+++ /etc/inc/services.inc 2023-11-24 15:24:17.000000000 +0100
</span><span class="p">@@ -1548,7 +1548,7 @@</span>
if (!is_array($keapool['require-client-classes'])) {
$keapool['require-client-classes'] = [];
}
<span class="gd">- array_unshift($keapool['require-client-classes'], $name);
</span><span class="gi">+ $keapool['require-client-classes'][] = $name;
</span> }
if (!empty($poolconf['rootpath'])) {
<span class="p">@@ -1719,7 +1719,7 @@</span>
if (!is_array($keasubnet['require-client-classes'])) {
$keasubnet['require-client-classes'] = [];
}
<span class="gd">- array_unshift($keasubnet['require-client-classes'], $name);
</span><span class="gi">+ $keasubnet['require-client-classes'][] = $name;
</span> }
if (!empty($dhcpifconf['rootpath'])) {
</code></pre>
<p>Can you please take a look at this if this is the correct solution to this problem?</p> pfSense - Bug #14996 (Feedback): KEA DHCP PHP error https://redmine.pfsense.org/issues/149962023-11-16T13:35:22ZDanilo Zrenjanin
<pre>
PHP ERROR: Type: 1, File: /etc/inc/services.inc, Line: 1411, Message: Uncaught TypeError: implode(): Argument #1 ($array) must be of type array, string given in /etc/inc/services.inc:1411
Stack trace:
#0 /etc/inc/services.inc(1411): implode(', ', NULL)
#1 /etc/inc/services.inc(1006): services_kea4_configure()
#2 /usr/local/pfSense/include/www/system_advanced_network.inc(258): services_dhcpd_configure()
#3 /usr/local/www/system_advanced_network.php(47): saveAdvancedNetworking(Array)
#4 {main}
thrown @ 2023-11-16 13:18:52
</pre>
<p>Steps to reproduce:<br />1.) Make sure that the <strong>ISC DHCP (Deprecated)</strong> Backend server is selected under <strong>System/Advanced/Networking</strong><br />2.) Go to <strong>Services/DHCP Server/LAN</strong>.<br />3.) Click on the <strong>Add Address Pool</strong> button. <br />4.) Define a new <strong>Address Pool Range</strong> and at least one <strong>WINS server</strong>. Save the pool settings. <br />5.) Go back to the <strong>System/Advanced/Networking</strong> and select Kea DHCP then save the changes.</p>
<p>You'll get the same PHP error if you directly define an additional pool in KEA DHCP and enter a WINS server there.</p> pfSense - Bug #14936 (Feedback): radvd service shows as stopped in services list when it should b...https://redmine.pfsense.org/issues/149362023-11-01T15:03:21ZJim Pingle
<p>The <code>is_radvd_enabled()</code> function in <code>pfsense-utils.inc</code> appears to incorrectly interpret the state of the radvd service in some cases.</p>
<p>For example I have a system with WAN DHCP6, LAN Track6 to WAN, but on LAN I have DHCPv6 disabled and RA disabled. When configured in this way, the radvd service is shown in the services list, but is listed as stopped. The <code>radvd.conf</code> file only contains the header, which is expected since there are no interfaces with RA enabled.</p> pfSense - Regression #14930 (Feedback): Clean installation using Auto (ZFS) + MBR (BIOS) does not...https://redmine.pfsense.org/issues/149302023-10-28T02:19:25ZBoycee .
<p>Installing pfSense 2.7.0 using the Auto (ZFS) + MBR (BIOS) options appears successful, however when the installer reboots the system, the system fails to boot successfully, with a message displayed indicating the operating system is missing.</p>
<p>It is possible to install 2.6.0 with these options (Auto (ZFS) + MBR (BIOS)) and successfully upgrade to 2.7.0.</p>
<p>I believe this issue is inherited from FreeBSD:</p>
<p><a class="external" href="https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=267843">https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=267843</a><br /><a class="external" href="https://reviews.freebsd.org/D40816">https://reviews.freebsd.org/D40816</a></p>
<p>Whilst this issue should ideally be resolved in future releases of pfSense, I assume it must be considering for future in-place upgrades to avoid “bricking” devices already configured in this way.</p> pfSense Plus - Bug #14894 (New): Password protected console login prompt does not render properly...https://redmine.pfsense.org/issues/148942023-10-18T19:47:24ZJim Pingle
<p>After resolving other console issues with the 4100/6100/8200 in <a class="issue tracker-1 status-3 priority-4 priority-default closed" title="Bug: Serial console output fails to render properly in certain cases on 4100, 6100, and 8200. (Resolved)" href="https://redmine.pfsense.org/issues/13455">#13455</a> a problem remains with the login prompt.</p>
<p>It is not printing a newline before the FreeBSD version string nor is it printing a newline before the password prompt:</p>
<pre>
[...])FreeBSD/amd64 (pfsense.home.arpa) (ttyu0)
login: rootPassword:
Netgate 4100 [...]
</pre>
<p>It should look like this:</p>
<pre>
FreeBSD/amd64 (pfsense.home.arpa) (ttyu0)
login: root
Password:
Netgate 4100 [...]
</pre>
<p>Changing the console type doesn't have any effect, nor does changing various aspects of the TTY (e.g. setting it to <code>xterm</code> or <code>cons25w</code> instead of <code>vt100</code>, or using <code>std</code> instead of <code>3wire</code>).</p> pfSense Plus - Regression #14378 (Confirmed): Packages are not removed when using the hardware re...https://redmine.pfsense.org/issues/143782023-05-12T00:41:38ZSteve Wheeler
<p>More precisely it appears that packages are re-installed after rebooting into the new config.</p>
<p>This does not happen using the factory default options in the GUI or console menu.</p>
<p>Tested on 4100 and 6100 with 23.05.r.20230509.2241</p> pfSense Plus - Feature #14297 (New): Add Option for Vendor Class ID in DHCP Clienthttps://redmine.pfsense.org/issues/142972023-04-21T15:07:26ZKris Phillips
<p>Some ISPs require a Vendor Class ID be sent (option 60) when requesting DHCP. This can currently be accomplished in pfSense with vendor-class-identifier manually added to a dhcp config file, but adding this as a field would be helpful.</p> pfSense Packages - Regression #14189 (New): pfBlocker-NG: HA-Sync is not workinghttps://redmine.pfsense.org/issues/141892023-03-27T17:31:50Zname name
<p>I'm not the only one with this problem.</p>
<p>See <a class="external" href="https://forum.netgate.com/topic/179060/pfblockerng-sync-not-working">https://forum.netgate.com/topic/179060/pfblockerng-sync-not-working</a> .</p>
<p>This is causing serious issues, as I made changes to the pfBlockerNG configuration after upgrading to pfSense+ 23.01 and now the firewall rules are synchronized, but not the tables generated by pfBlockerNG, leading to firewall errors on the backup pfSense installation.</p>
<p>Please create a System -> Patches patch to fix this as soon as possible.</p>