pfSense bugtracker: Issueshttps://redmine.pfsense.org/https://redmine.pfsense.org/favicon.ico?16780521162024-03-20T20:52:08ZpfSense bugtracker
Redmine pfSense Docs - New Content #15352 (New): Mobile IPsec Group Virtual Address Poolshttps://redmine.pfsense.org/issues/153522024-03-20T20:52:08ZMarcos M
<p>Document the feature introduced with:<br /><a class="external" href="https://redmine.pfsense.org/issues/13227">https://redmine.pfsense.org/issues/13227</a></p>
<p>Note that strongswan's <code>eap-radius</code> plugin only supports specifying a single group for a user in the RADIUS reply (e.g. <code>Class := "vpnusers"</code>).</p>
<p>Related:<br /><a class="external" href="https://docs.netgate.com/pfsense/en/latest/usermanager/radius.html#radius-groups">https://docs.netgate.com/pfsense/en/latest/usermanager/radius.html#radius-groups</a><br /><a class="external" href="https://docs.strongswan.org/docs/5.9/plugins/eap-radius.html#_group_selection">https://docs.strongswan.org/docs/5.9/plugins/eap-radius.html#_group_selection</a></p> pfSense Docs - New Content #15325 (New): Tailscale documents https://redmine.pfsense.org/issues/153252024-03-09T03:08:14ZAlhusein Zawi
<p>adding documents to explain how to setup Tailscale.</p> pfSense Docs - New Content #15272 (New): Add information about Pushover group key behaviorhttps://redmine.pfsense.org/issues/152722024-02-20T07:35:32ZSergei Shablovsky
<p>in Note</p>
<p>from <br />Using the Pushover API requires a Pushover account user key and API key (Pushover Registration).</p>
<p>to<br />Using the Pushover API requires a Pushover account User Key (or Group Key) and Application API Token/Key (Pushover Registration).</p>
<p>in API Key (rename to Application API Token/Key)</p>
<p>from<br />Required. The Pushover API Key (Pushover Registration) the firewall will use to authenticate with Pushover API server.</p>
<p>to<br />Required. The Pushover’s Application API Token/Key (Pushover Registration) the firewall will use to authenticate with Pushover’s API servers.</p>
<p>in User Key (rename to User / Group Key)</p>
<p>from<br />Required. The User Key (Pushover Registration) of the Pushover account to which the API Key belongs.</p>
<p>to<br />Required. The User Key (to send notifications to particular Pushover User) or the Group Key (to broadcast notifications to all users in a particular group) of the Pushover (Pushover Registration).</p> pfSense Docs - New Content #15191 (Feedback): Document new Packet Flow Data functionality (Plus O...https://redmine.pfsense.org/issues/151912024-01-25T20:49:47ZJim Pingle
<p>Create documentation for the new pflow/Packet Flow Data functionality added to Plus for 24.03.</p>
<p>See <a class="issue tracker-2 status-5 priority-4 priority-default closed" title="Feature: GUI to configure Packet Flow Data (``pflow``) export (Closed)" href="https://redmine.pfsense.org/issues/15039">#15039</a> for details, along with the text added to the GUI pages which contains much of the info needed for the docs already.</p> pfSense Docs - New Content #15175 (New): add explicit license to pfSense documentationhttps://redmine.pfsense.org/issues/151752024-01-19T02:53:04ZHayden Mills
<p>Previous documentation hosted on GitHub repo was under a CC non-commercial license.</p>
<p>Since transitioning to the new unified documentation on netgate.com, no explicit license is present in the documentation.</p>
<p>Even though several blogposts say it is free to everyone:</p>
<p><a class="external" href="https://www.netgate.com/blog/pfsense-gold-free-starting-with-2-4-4">https://www.netgate.com/blog/pfsense-gold-free-starting-with-2-4-4</a><br /><a class="external" href="https://www.netgate.com/blog/pfSense-book-available-to-everyone">https://www.netgate.com/blog/pfSense-book-available-to-everyone</a></p>
<p>it seems to be ambiguous if it is under a non-commercial license or not.</p> pfSense Packages - Documentation #14842 (New): Update Squid troubleshootinghttps://redmine.pfsense.org/issues/148422023-10-05T14:22:20ZMike Moore
<p>The area where the update is needed: <br /><a class="external" href="https://docs.netgate.com/pfsense/en/latest/troubleshooting/squid.html#sites-not-loading-with-splice-error-409-in-access-log">https://docs.netgate.com/pfsense/en/latest/troubleshooting/squid.html#sites-not-loading-with-splice-error-409-in-access-log</a></p>
<p>Supporting forum conversations:<br /><a class="external" href="https://forum.netgate.com/topic/181796/infamous-409-issue/17?_=1696515335663">https://forum.netgate.com/topic/181796/infamous-409-issue/17?_=1696515335663</a></p>
<p>Supporting Redmine:<br /><a class="external" href="https://redmine.pfsense.org/issues/14390">https://redmine.pfsense.org/issues/14390</a></p>
<p>The update to the documentation just needs to point out that the way the modern Internet works today with CDNs especially, low TTL values for domain names will impact connectivity when using Squid. /409 errors are generated because clients for whatever reason (they may hold on to dns cache values longer) will use an IP to connect to a resource that the Proxy has a different resolved IP for.<br />Just having all clients point to pfsense is not a fix for this.</p>
<p>There are fixes to this but it has yet to be investigated when I checked the redmine today. Adding a note in the documentation will help admins that still use proxies in this way and can help those same admins identify why sites wont load or stop working suddenly.</p> pfSense Docs - New Content #13331 (New): FRR: Add documentation for RIPhttps://redmine.pfsense.org/issues/133312022-07-02T14:28:04ZAlhusein Zawi
<p>RIP documents(configuration/example) need to be added under FRR package Docs.</p> pfSense Docs - New Content #12805 (New): Add documentation about what triggers a notficationhttps://redmine.pfsense.org/issues/128052022-02-15T17:10:01ZLogan Marchione
<p>I just setup notifications in pfSense and can't find any documentation on the page below to show what sort of actions trigger a notification. <br /><a class="external" href="https://docs.netgate.com/pfsense/en/latest/config/advanced-notifications.html">https://docs.netgate.com/pfsense/en/latest/config/advanced-notifications.html</a></p>
<p>It seems this is a semi-common problem. <br /><a class="external" href="https://www.reddit.com/r/PFSENSE/comments/ar3w9l/pfsense_email_notifications/">https://www.reddit.com/r/PFSENSE/comments/ar3w9l/pfsense_email_notifications/</a> <br /><a class="external" href="https://www.reddit.com/r/PFSENSE/comments/l6lil3/how_to_configure_whatwhen_for_email_notifications/">https://www.reddit.com/r/PFSENSE/comments/l6lil3/how_to_configure_whatwhen_for_email_notifications/</a></p>
<p>Am I missing something, or is this documentation hidden somewhere? Ideally, I'd like a giant list of checkboxes to turn on/off notifications for things, but I'd take just a plaintext list of what will trigger a notification. Right now, I'm searching GitHub to see what triggers <strong>notify_all_remote</strong>.<br /><a class="external" href="https://github.com/pfsense/pfsense/search?q=notify_all_remote">https://github.com/pfsense/pfsense/search?q=notify_all_remote</a></p> pfSense Docs - New Content #12804 (New): Add documentation for Slack notificationshttps://redmine.pfsense.org/issues/128042022-02-15T16:59:18ZLogan Marchione
<p>I saw in the issue below that support for notifications via Slack was added to 2.6.0. <br /><a class="external" href="https://redmine.pfsense.org/issues/12291">https://redmine.pfsense.org/issues/12291</a></p>
<p>However, I don't see matching docs on this page. Can these be added? <br /><a class="external" href="https://docs.netgate.com/pfsense/en/latest/config/advanced-notifications.html">https://docs.netgate.com/pfsense/en/latest/config/advanced-notifications.html</a></p> pfSense Docs - New Content #12787 (New): Convert "Routing Internet Traffic Through a Site-to-Site...https://redmine.pfsense.org/issues/127872022-02-11T23:28:21ZChristian Borchertccb056@gmail.com
<p><strong>Page:</strong> <a class="external" href="https://docs.netgate.com/pfsense/en/latest/recipes/ipsec-s2s-route-internet-traffic.html">https://docs.netgate.com/pfsense/en/latest/recipes/ipsec-s2s-route-internet-traffic.html</a></p>
<p><strong>Feedback:</strong></p>
<p>This could be updated for routed ipsec (vti)</p> pfSense Docs - New Content #12395 (New): FRR: Add information about the private use AS reservatio...https://redmine.pfsense.org/issues/123952021-09-21T16:32:54ZMarc Mapplebeck
<p><strong>Page:</strong> <a class="external" href="https://docs.netgate.com/pfsense/en/latest/packages/frr/bgp/required-info.html">https://docs.netgate.com/pfsense/en/latest/packages/frr/bgp/required-info.html</a></p>
<p><strong>Feedback:</strong></p>
<p>Would be helpful to include information re RFC6996 Autonomous System (AS) Reservation for Private Use:<br /><a class="external" href="https://datatracker.ietf.org/doc/html/rfc6996">https://datatracker.ietf.org/doc/html/rfc6996</a></p> pfSense Docs - New Content #12237 (New): Add information on ``ifqmaxlen`` to Hardware Tuning and ...https://redmine.pfsense.org/issues/122372021-08-10T03:13:35ZViktor Gurov
<p><strong>Page:</strong> <a class="external" href="https://docs.netgate.com/pfsense/en/latest/hardware/tune.html">https://docs.netgate.com/pfsense/en/latest/hardware/tune.html</a></p>
<p><strong>Feedback:</strong></p>
<p>Need to add optimization of interface queue length (net.link.ifqmaxlen), see <a class="issue tracker-6 status-1 priority-4 priority-default" title="New Content: Default net.link.ifqmaxlen value leads to packet loss under load in OpenVPN (New)" href="https://redmine.pfsense.org/issues/10311">#10311</a> for details</p> pfSense Docs - New Content #10311 (New): Default net.link.ifqmaxlen value leads to packet loss un...https://redmine.pfsense.org/issues/103112020-03-02T21:04:03ZAlexey Ab
<p>Default value for net.link.ifqmaxlen is 128.</p>
<p>When OpenVPN is under load and transfer speed reaches 20-30 MBit, we have following errors count increasing:</p>
<p>VPN1_BRIDGE Interface: <br /> In/out errors: 0/4623</p>
<p>netstat -idb -I bridge0 -> OERRS=4623 <br />netstat -idb -I ovpnc6 -> DROP=4623</p>
<p>(Drops are important errors, but are not shown on status_interfaces.php page, please consider showing them too)</p>
<p>Increasing net.link.ifqmaxlen to 2048 eliminates these errors, and gives significant OpenVPN throughput increase (5x).</p>
<p>Also it was observed that packet drops may depend on system power management, setting CPU to high performance mode also eliminates<br />packet drops and gives significant OpenVPN performance increase.</p> pfSense Docs - New Content #9454 (New): Add examples of Snort Suppression Lists to stop alerts ba...https://redmine.pfsense.org/issues/94542019-04-04T23:06:30ZMichael De
<p><strong>Page:</strong> <a class="external" href="https://docs.netgate.com/pfsense/en/latest/packages/snort/suppress-list.html">https://docs.netgate.com/pfsense/en/latest/packages/snort/suppress-list.html</a></p>
<p><strong>Feedback:</strong></p>
<p>The documentation discusses using suppression to disable "the rule to stop alerts based on either the source or destination IP" but gives no examples of doing this.</p>
<p>An example of both source and destination blocking would be very helpful.</p> pfSense Docs - New Content #9369 (New): Document remaining packageshttps://redmine.pfsense.org/issues/93692019-03-06T11:32:09ZJared Dillardjdillard@netgate.com
<p>Create pages for the currently undocumented packages in the Package List, <a class="external" href="https://docs.netgate.com/pfsense/en/latest/packages/list.html">https://docs.netgate.com/pfsense/en/latest/packages/list.html</a>.</p>
<p>- [ ] <b>apcupsd</b> - Package can be used for controlling all APC UPS models...<br />- [ ] <b>Backup</b> - Tool to Backup and Restore files and directories...<br />- [ ] <b>BIND</b> - pfSense GUI for BIND DNS server...<br />- [ ] <b>blinkled</b> - Allows you to use LEDs for monitoring network activity...<br />- [ ] <b>cellular</b> - pfSense GUI for Cellular Cards Currently it supports...<br />- [ ] <b>Cron</b> - The cron utility is used to manage commands on a schedule....<br />- [ ] <b>Darkstat</b> - darkstat is a network statistics gatherer. It's a...<br />- [ ] <b>frr</b> - FRR routing daemon for BGP, OSPF, and OSPF6...<br />- [ ] <b>FTP Client Proxy</b> - Basic FTP Client Proxy using ftp-proxy from...<br />- [ ] <b>gwled</b> - Allows you to use LEDs for monitoring gateway status on...<br />- [ ] <b>iftop</b> - Realtime interface monitor (console/shell only)....<br />- [ ] <b>LCDproc</b> - LCD display driver...<br />- [ ] <b>Lightsquid</b> - LightSquid is a high performance web proxy reporting...<br />- [ ] <b>Mailreport</b> - Allows you to setup periodic e-mail reports...<br />- [ ] <b>MTR</b> - Enhanced traceroute replacement. mtr combines the...<br />- [ ] <b>Netgate Coreboot Upgrade</b> - Provide a mechanism to update Coreboot...<br />- [ ] <b>Notes</b> - Track things you want to note for this system...<br />- [ ] <b>NRPE</b> - pfSense GUI for Nagios NRPE nrpe is used to execute Nagios...<br />- [ ] <b>ntopNG</b> - ntopng (replaces ntop) is a network probe that shows...<br />- [ ] <b>Quagga_OSPF</b> - OSPF routing protocol using Quagga. Conflicts with...<br />- [ ] <b>Routed</b> - RIP v1 and v2 daemon....<br />- [ ] <b>RRD Summary</b> - RRD Summary Page, which will give a total amount of...<br />- [ ] <b>Service Watchdog</b> - Monitors for stopped services and restarts...<br />- [ ] <b>Shellcmd</b> - The shellcmd utility is used to manage commands on...<br />- [ ] <b>Status Traffic Totals</b> - Traffic Totals page under the Status...<br />- [ ] <b>Suricata</b> - High Performance Network IDS, IPS and Security...<br />- [ ] <b>Syslog-ng</b> - Syslog-ng syslog server. This service is not intended...<br />- [ ] <b>Squid</b> - High performance web proxy cache (3.5 branch). It...<br />- [ ] <b>TFTPD</b> - tftpd installs and runs a TFTP server. We use the...<br />- [ ] <b>Tinc</b> - tinc is a Virtual Private Network (VPN) daemon that uses...<br />- [ ] <b>Zabbix-agent</b> - LTS (Long Term Support) release of Zabbix...<br />- [ ] <b>Zabbix-proxy</b> - LTS (Long Term Support) release of Zabbix Agent...</p>