pfSense bugtracker: Issueshttps://redmine.pfsense.org/https://redmine.pfsense.org/favicon.ico?16780521162024-01-24T23:57:32ZpfSense bugtracker
Redmine pfSense Plus - Feature #15186 (New): Test DNS over TLShttps://redmine.pfsense.org/issues/151862024-01-24T23:57:32ZJeff Kuehl
<p>The ability to readily confirm TLS DNS would be established once saved.</p> pfSense Plus - Feature #14133 (New): Exporting and Importing - Change Layouthttps://redmine.pfsense.org/issues/141332023-03-20T03:47:01ZSteven Cedrone
<p>Please change Backup & Restore to allow for choosing only what areas you want to import/export without having to do it one area at a time.</p>
<p>The drop down-style boxes for "Backup Area" and "Restore Area" should allow you to hold CTRL and choose multiple areas at a time. Or change the drop-down boxes to scrolling boxes similar to other Areas of PfSense when you select Multiple WAN or LAN connections in PfBlocker for example.</p>
<p>This would be quite handy for exporting partial settings for new setup-up's without having to do it area by area.</p> pfSense Plus - Regression #14080 (New): Installer fails to install to a geom mirrorhttps://redmine.pfsense.org/issues/140802023-03-07T18:12:14ZSteve Wheeler
<p>The 23.01 installer fails to create the expected mount points when trying to reinstall UFS to an existing gmirror.</p>
<p>It also cannot create the expected partitions using 'auto' to a new geom mirror.</p> pfSense Plus - Feature #12832 (New): 6100 configurable Blinking Blue LED https://redmine.pfsense.org/issues/128322022-02-19T11:56:10Zshawn butts
<p>The blinking blue like for "normal operation status" feels like an "everything is ok ALARM!!!!"</p>
<p>I'd like to see an option to either make it solid blue for "normal" or disable the LED altogether.</p> pfSense Plus - Bug #12759 (New): Proprietary packages link to non-existant or non-public github p...https://redmine.pfsense.org/issues/127592022-02-05T19:22:11ZKris Phillips
<p>When clicking on the version number to view the code for packages like openvpn-import and aws-wizard, these link to a non-existant Github page (or one that is private). We should probably add a way to just remove these links on proprietary packages for pfSense Plus.</p>
<p>For example, aws-wizard links to <a class="external" href="https://github.com/pfsense/FreeBSD-ports/commits/devel/net/pfSense-pkg-aws-wizard">https://github.com/pfsense/FreeBSD-ports/commits/devel/net/pfSense-pkg-aws-wizard</a> which is an invalid path.</p> pfSense Packages - Feature #11931 (New): Add support for validating a domain's ownership via Goog...https://redmine.pfsense.org/issues/119312021-05-17T08:09:13ZAlex Cazacu
<p>Add support for validating a domain's ownership via Google Cloud Cloud DNS.</p>
<p>Support for Google Cloud Cloud DNS is already implemented in the <a href="https://github.com/acmesh-official/acme.sh" class="external">acme-official/acme-sh</a>. See <a href="https://github.com/acmesh-official/acme.sh/blob/master/dnsapi/dns_gcloud.sh" class="external">dns_gcloud.sh</a>.</p>
The associated script <a href="https://github.com/acmesh-official/acme.sh/blob/master/dnsapi/dns_gcloud.sh" class="external">documentation</a> omits to mention that authenticating and configuring <code>gcloud</code> can be performed in a non-interactive way by:
<ol>
<li>Creating a Google Cloud service account key: <a href="https://cloud.google.com/iam/docs/creating-managing-service-account-keys#creating_service_account_keys" class="external">documentation</a>.</li>
<li>Authenticating <code>gcloud</code> with the created service account key: <a href="https://cloud.google.com/sdk/docs/authorizing#authorizing_with_a_service_account" class="external">documentation</a>.</li>
<li>Configuring <code>gcloud</code>: via <code>gcloud config set</code> - <a href="https://cloud.google.com/sdk/docs/properties#setting_properties;" class="external">documentation</a> via environment variables: <a href="https://cloud.google.com/sdk/docs/properties#setting_properties_via_environment_variables" class="external">documentation</a>.</li>
</ol> pfSense Packages - Bug #11650 (New): FRR configuration broken on restore of manually edited FRR c...https://redmine.pfsense.org/issues/116502021-03-10T06:51:58ZAndrew Green
<p>SG-3100<br />21.02-RELEASE-p1 (arm)<br />built on Mon Feb 22 09:38:52 EST 2021</p>
<p>FRR package version 1.1.0_8</p>
<p>I could not find any instructions to remove all of a package's configuration so I did this:</p>
<p>- Made a config backup<br />- Edited the config xml and remove the FRR config references but left the package sections in place with empty <config></config> sections inside.<br />- Restored the config<br />- Router rebooted and reinstalled packages<br />- Went to reconfigure FRR and it broke sometimes when saving the settings.<br />- I managed to make the error go away after adding and deleting a prefix list.<br />- Here is the PHP error:<br /><pre>
arm
12.2-STABLE
FreeBSD 12.2-STABLE 0e42b7d7eac(HEAD) pfSense-SG-3100
Crash report details:
PHP Errors:
[09-Mar-2021 21:46:49 America/St_Johns] PHP Fatal error: Uncaught Error: Only variables can be passed by reference in /usr/local/pkg/frr/inc/frr_zebra.inc:295
Stack trace:
#0 /usr/local/pkg/frr/inc/frr_zebra.inc(758): frr_zebra_generate_prefixlists(true, false)
#1 /usr/local/pkg/frr.inc(683): frr_generate_config_zebra()
#2 /usr/local/www/pkg_edit.php(245) : eval()'d code(1): frr_generate_config()
#3 /usr/local/www/pkg_edit.php(245): eval()
#4 {main}
thrown in /usr/local/pkg/frr/inc/frr_zebra.inc on line 295
[09-Mar-2021 21:47:15 America/St_Johns] PHP Fatal error: Uncaught Error: Only variables can be passed by reference in /usr/local/pkg/frr/inc/frr_zebra.inc:295
Stack trace:
#0 /usr/local/pkg/frr/inc/frr_zebra.inc(758): frr_zebra_generate_prefixlists(true, false)
#1 /usr/local/pkg/frr.inc(683): frr_generate_config_zebra()
#2 /usr/local/www/pkg_edit.php(245) : eval()'d code(1): frr_generate_config()
#3 /usr/local/www/pkg_edit.php(245): eval()
#4 {main}
thrown in /usr/local/pkg/frr/inc/frr_zebra.inc on line 295
[09-Mar-2021 21:47:30 America/St_Johns] PHP Fatal error: Uncaught Error: Only variables can be passed by reference in /usr/local/pkg/frr/inc/frr_zebra.inc:295
Stack trace:
#0 /usr/local/pkg/frr/inc/frr_zebra.inc(758): frr_zebra_generate_prefixlists(true, false)
#1 /usr/local/pkg/frr.inc(683): frr_generate_config_zebra()
#2 /usr/local/www/pkg_edit.php(245) : eval()'d code(1): frr_generate_config()
#3 /usr/local/www/pkg_edit.php(245): eval()
#4 {main}
thrown in /usr/local/pkg/frr/inc/frr_zebra.inc on line 295
[09-Mar-2021 21:47:36 America/St_Johns] PHP Fatal error: Uncaught Error: Only variables can be passed by reference in /usr/local/pkg/frr/inc/frr_zebra.inc:295
Stack trace:
#0 /usr/local/pkg/frr/inc/frr_zebra.inc(758): frr_zebra_generate_prefixlists(true, false)
#1 /usr/local/pkg/frr.inc(683): frr_generate_config_zebra()
#2 /usr/local/www/pkg_edit.php(245) : eval()'d code(1): frr_generate_config()
#3 /usr/local/www/pkg_edit.php(245): eval()
#4 {main}
thrown in /usr/local/pkg/frr/inc/frr_zebra.inc on line 295
[09-Mar-2021 21:49:51 America/St_Johns] PHP Fatal error: Uncaught Error: Only variables can be passed by reference in /usr/local/pkg/frr/inc/frr_zebra.inc:262
Stack trace:
#0 /usr/local/pkg/frr/inc/frr_zebra.inc(764): frr_zebra_generate_aspaths()
#1 /usr/local/pkg/frr.inc(683): frr_generate_config_zebra()
#2 /usr/local/www/pkg_edit.php(245) : eval()'d code(1): frr_generate_config()
#3 /usr/local/www/pkg_edit.php(245): eval()
#4 {main}
thrown in /usr/local/pkg/frr/inc/frr_zebra.inc on line 262
[09-Mar-2021 21:49:55 America/St_Johns] PHP Fatal error: Uncaught Error: Only variables can be passed by reference in /usr/local/pkg/frr/inc/frr_zebra.inc:262
Stack trace:
#0 /usr/local/pkg/frr/inc/frr_zebra.inc(764): frr_zebra_generate_aspaths()
#1 /usr/local/pkg/frr.inc(683): frr_generate_config_zebra()
#2 /usr/local/www/pkg_edit.php(245) : eval()'d code(1): frr_generate_config()
#3 /usr/local/www/pkg_edit.php(245): eval()
#4 {main}
thrown in /usr/local/pkg/frr/inc/frr_zebra.inc on line 262
[09-Mar-2021 21:50:03 America/St_Johns] PHP Fatal error: Uncaught Error: Only variables can be passed by reference in /usr/local/pkg/frr/inc/frr_zebra.inc:262
Stack trace:
#0 /usr/local/pkg/frr/inc/frr_zebra.inc(764): frr_zebra_generate_aspaths()
#1 /usr/local/pkg/frr.inc(683): frr_generate_config_zebra()
#2 /usr/local/www/pkg.php(140) : eval()'d code(1): frr_generate_config()
#3 /usr/local/www/pkg.php(140): eval()
#4 {main}
thrown in /usr/local/pkg/frr/inc/frr_zebra.inc on line 262
No FreeBSD crash data found.
</pre></p> pfSense Packages - Bug #11493 (New): After upgrade zabbix proxy wont starthttps://redmine.pfsense.org/issues/114932021-02-21T05:31:00ZPim Janssen
<p>Due to database changes between zabbix-proxy versions. The proxy database needs to be removed after upgrading else the proxy service won't start.</p>
<p>Workaround <br />manual remove database /var/db/zabbix-proxy/proxy.db</p> pfSense Packages - Feature #10377 (New): Allow usage of TOTP (Google-Authenticator) without PINhttps://redmine.pfsense.org/issues/103772020-03-26T09:10:59ZAndreas Heckmannaheckmann@m-s.de
<p>Currently it is not possible to create a radius user with TOTP enabled without entering an additional pin.<br />So to authentiate as that user, you have to enter the minimum 4 digit pin + 6 digit TOTP as password.</p>
<p>For scenarios like "openvpn ssl/tls with userauth", it would be much more user friendly to only use the TOTP without an additional pin.<br />First factor ist the cert, second factor the totp-secret from the phone.</p>
<p>So it would be nice to allow an empty entry for the pin on the create/modify-user page if totp (Google Authenticator) mode is used <br />and to modify the totp-check to handle the case when no password is set.</p> pfSense Packages - Bug #10265 (New): Adding a Note with malformed title will force system restorehttps://redmine.pfsense.org/issues/102652020-02-17T14:27:22ZYuri Weinstein
<p>This is related to using Notes package.</p>
<p>Add a new note with title</p>
<p>"Add/Change/Set the custom resolution of your display using xrandr on Ubuntu 18.04 — {In a minute}"</p>
<p>(I am not sure why this particular string causes a problem, but it does) and anything in the notes body</p>
<p>Click on Save => notice that the note was not added and pfSense System Notices show a new warning:</p>
<p>"pfSenseConfigurator<br />pfSense is restoring the configuration /cf/conf/backup/config-1581970855.xml @ 2020-02-17 12:21:23"</p> pfSense Packages - Feature #9725 (New): Ability to use template variables in acme packagehttps://redmine.pfsense.org/issues/97252019-09-04T04:59:00ZTobi Miller
<p>would be very helpful to be able to use variables in acme package action section<br />Using variables something like that would be possible as action</p>
<p><code>sed -n w/tmp/acme/%NAME/%DOMAIN/%DOMAIN.pem /tmp/acme/%NAME/%DOMAIN/%DOMAIN.key /tmp/acme/%NAME/%DOMAIN/%DOMAIN.cer</code></p>
<p>that would make the actions very portable if one needs another domain with the same actions: just clone the record in acme package, change values (like name and domain) and hit save. <br />Would save a lot of time and possible errors due to typos when replacing the domain in the action</p> pfSense Packages - Bug #9012 (New): Captive Portal authentication in Squid Proxy Server does not ...https://redmine.pfsense.org/issues/90122018-10-05T11:25:32ZKevin Chou
<p>Version pfsense 2.4.4-RELEASE (amd64)<br />I have configured Authentication Method to "Captive Portal" in Squid Proxy Server -> Authentication<br />But it does not work, squid cannot get current user and deny access.</p> pfSense Packages - Bug #8454 (New): Arpwatch package break email notifications from other sourceshttps://redmine.pfsense.org/issues/84542018-04-12T07:18:20ZYehuda Katz
<p>Arpwatch replaces /usr/sbin/sendmail with a symlink to a PHP script that specifically mentioned Arpwatch in the message subject:<br /><a class="external" href="https://github.com/pfsense/FreeBSD-ports/blob/015971be238550a1f9aa060fe5ed93849c01572e/net-mgmt/pfSense-pkg-arpwatch/files/usr/local/pkg/arpwatch.inc#L217">https://github.com/pfsense/FreeBSD-ports/blob/015971be238550a1f9aa060fe5ed93849c01572e/net-mgmt/pfSense-pkg-arpwatch/files/usr/local/pkg/arpwatch.inc#L217</a></p>
<p>This causes notifications from ACME (run by CRON) to come with subjects like this:</p>
<blockquote>
<p>wall.example.com - Arpwatch Notification : Cron <root@wall> /usr/local/pkg/acme/acme_command.sh "renewall"</p>
</blockquote> pfSense Packages - Feature #8161 (New): Add virtual server support to FreeRadiushttps://redmine.pfsense.org/issues/81612017-12-04T18:53:44ZVictor Hooi
<p>It's great and super convenient that the FreeRadius server is included as a package with pfSense.</p>
<p>I currently use this to provide WPA-Enterprise authentication with my Ubiquiti Unifi access points.</p>
<p>However, it would be fantastic if we could add virtual server support via the online GUI - this is a key feature in FreeRadius, and lets you setup multiple lists of users (e.g. for different WiFi SSIDs).</p>
<p>This person has tried to hack around the lack of support:</p>
<p><a class="external" href="https://forum.pfsense.org/index.php?topic=126862.0">https://forum.pfsense.org/index.php?topic=126862.0</a></p>
<p>but that breaks every time you update via the GUI.</p> pfSense Packages - Feature #7608 (New): Captive Portal amount of traffic Account + Free Radius+M...https://redmine.pfsense.org/issues/76082017-05-28T01:47:49Zmohsen abbaspour
<p>limitation on amount of traffic does not work when used CP and Free Radiusand and Mysql to gether </p>
<pre><code>It seams that captive does not count amount of Traffic</code></pre>