pfSense bugtracker: Issueshttps://redmine.pfsense.org/https://redmine.pfsense.org/favicon.ico?16780521162024-03-25T09:20:00ZpfSense bugtracker
Redmine pfSense Plus - Bug #15361 (New): Error in virtual IP aliases when using IPv6 "network" / "broadca...https://redmine.pfsense.org/issues/153612024-03-25T09:20:00ZMathis Cavalli
<p>There is no network address in IPv6, nor broadcasts like IPv4<br />When adding / editing an IP alias and putting there an address like fd00::/64 it shows the following error : "The network address cannot be used for this VIP" <br />It happened on my pfSense+ box but it seems the CE 2.7.2 is also affected.</p> pfSense Plus - Feature #15295 (New): State Filter Rule ID needs clarificationhttps://redmine.pfsense.org/issues/152952024-02-28T23:38:28ZMike Moore
<p>Not sure if this is a feature request but this isn't a bug.</p>
<p>See the forum post for details - <a class="external" href="https://forum.netgate.com/topic/186429/no-states-show-up-when-filtering-by-trackerid/5?_=1709161373761">https://forum.netgate.com/topic/186429/no-states-show-up-when-filtering-by-trackerid/5?_=1709161373761</a></p>
<p>Searching for states under Diagnostics/States/States and if you filter by Rule ID I mistakingly thought this meant TrackerID. The RuleID shows up if you hover over the state's entry of the firewall rule in the GUI and look at the bottom of the WebUI url and it will show what the corresponding ruleID is.</p>
<p>This doesnt make much sense considering if I search the firewall log in the WebUI and if i filter by "Rule Tracker ID" I can submit the TrackerID there and im able to narrow down my search whereas if i filter in the states screen nothing matches Rule ID because it's specifically looking for a number that the system generates for the Rule but there is no place in the UI to even know what that rule number could or would be.</p>
<p>The solution would be to either:<br />1. Fix the State filter so that it can filter by tracker ID instead of Rule ID<br />2. OR update documentation to inform users of the best place to find the rule ID.</p> pfSense Plus - Feature #15280 (New): Boot Environments 2.0https://redmine.pfsense.org/issues/152802024-02-21T19:59:52ZChristian McDonaldcmcdonald@netgate.com
<p>Changes:</p>
<ul>
<li>Configuration History is now a separate page and is no longer part of Backup & Restore.</li>
<li>Configuration History is now aware of Boot Environments. Supports downloading, deleting and restoring across boot environment boundaries.</li>
<li>System updates are now installed in an offline clone of the running system and booted "temporarily" to facilitate automatic fallback to previous working environment.</li>
<li>Boot Verification is performed when booting temporary Boot Environments. System will automatically reboot into prior boot environment upon boot failure.</li>
</ul>
<p><img src="https://redmine.pfsense.org/attachments/download/5936/clipboard-202402211456-bdjnl.png" alt="" /><br /><img src="https://redmine.pfsense.org/attachments/download/5937/clipboard-202402211457-fegcy.png" alt="" /><br /><img src="https://redmine.pfsense.org/attachments/download/5938/clipboard-202402211457-rbjkq.png" alt="" /><br /><img src="https://redmine.pfsense.org/attachments/download/5939/clipboard-202402211457-fcvqv.png" alt="" /><br /><img src="https://redmine.pfsense.org/attachments/download/5940/clipboard-202402211458-ydyne.png" alt="" /></p> pfSense Plus - Bug #15202 (New): Add Option for Network Portion of Subnet "Wildcard" for IPv6 Ruleshttps://redmine.pfsense.org/issues/152022024-01-27T22:28:27ZKris Phillips
<p>Filtering hosts with IPv6 is extremely difficult when utilizing an upstream provider that is providing a Prefix Delegation via DHCPv6 because the Prefix Delegation can change, which invalidates existing rules.</p>
<p>If there was a way to detect the interface PD for firewall rules, similar to how the DHCPv6 server currently detects the delegated prefix, users could assign rules based on only the host portion of the subnet and have the firewall filter rule automatically fill in the delegated prefix network ID portion before feeding it to pf.</p>
<p>This solves the following two scenarios:</p>
<p>1. A static DHCPv6 lease is assigned, but the delegated prefix changes<br />2. Clients configured via SLAAC typically will have the same host portion of an address, regardless of the network portion discovered by RAs, unless they are utilizing privacy extensions.</p>
<p>Obviously, this won't help in cases where SLAAC is used with RFC4941, but in many cases when creating rules like this it's possible to disable privacy extensions optionally in most operating systems.</p> pfSense Plus - Bug #15006 (New): Upgrade Issue to 23.09 Results in Stuck Prompt Mid-upgradehttps://redmine.pfsense.org/issues/150062023-11-17T19:50:02ZKris Phillips
<p>Symptom: <br />Devices get stuck at a "Enter full pathname of the shell or RETURN for /bin/sh:" prompt mid-upgrade. Rebooting the appliance causes it to be stuck at a "-sh: /etc/rc.initial: not found" prompt after asking for credentials.</p>
<p>This does not appear to be an arch problem as amd64 and aarch64 are both seemingly affected.</p>
<p>Relevant errors during bootup captured from an 1100 that failed to upgrade properly:</p>
<p>[113/168] Extracting php82-pear-Net_URL2-2.2.1: .......... done</p>
<p>Warning: foreach() argument must be of type array|object, null given in Command.php on line 249</p>
<p>Warning: foreach() argument must be of type array|object, null given in Command.php on line 249</p>
<p>Warning: foreach() argument must be of type array|object, null given in Command.php on line 249</p>
<p>Warning: foreach() argument must be of type array|object, null given in Command.php on line 249</p>
<p>Warning: foreach() argument must be of type array|object, null given in Command.php on line 249</p>
<p>Warning: foreach() argument must be of type array|object, null given in Command.php on line 249</p>
<p>Warning: foreach() argument must be of type array|object, null given in Command.php on line 249</p>
<p>Warning: foreach() argument must be of type array|object, null given in Command.php on line 249</p>
<p>Warning: foreach() argument must be of type array|object, null given in Command.php on line 249</p>
<p>Warning: foreach() argument must be of type array|object, null given in Command.php on line 249</p>
<p>Warning: foreach() argument must be of type array|object, null given in Command.php on line 249</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 250</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 251</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 250</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 251</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 250</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 251</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 250</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 251</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 250</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 251</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 250</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 251</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 250</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 251</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 250</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 251</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 250</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 251</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 250</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 251</p>
<p>Warning: Undefined array key "honorsbaseinstall" in Role.php on line 173</p>
<p>Warning: Undefined array key "honorsbaseinstall" in Role.php on line 173</p>
<p>Warning: Undefined array key "honorsbaseinstall" in Role.php on line 173</p>
<p>Warning: Undefined array key "honorsbaseinstall" in Role.php on line 173</p>
<p>Warning: Undefined array key "honorsbaseinstall" in Role.php on line 173</p>
<p>Warning: Undefined array key "honorsbaseinstall" in Role.php on line 173</p>
<p>Warning: Undefined array key "honorsbaseinstall" in Role.php on line 173</p>
<p>Warning: Undefined array key "honorsbaseinstall" in Role.php on line 173</p>
<p>Warning: Undefined array key "honorsbaseinstall" in Role.php on line 173</p>
<p>Warning: Undefined array key "honorsbaseinstall" in Role.php on line 173</p>
<p>Warning: Undefined array key "installable" in Role.php on line 139</p>
<p>Warning: Undefined array key "installable" in Role.php on line 139</p>
<p>Warning: Undefined array key "installable" in Role.php on line 139</p>
<p>Warning: Undefined array key "installable" in Role.php on line 139</p>
<p>Warning: Undefined array key "installable" in Role.php on line 139</p>
<p>Warning: Undefined array key "installable" in Role.php on line 139</p>
<p>Warning: Undefined array key "installable" in Role.php on line 139</p>
<p>Warning: Undefined array key "installable" in Role.php on line 139</p>
<p>Warning: Undefined array key "installable" in Role.php on line 139</p>
<p>Warning: Undefined array key "installable" in Role.php on line 139</p>
<p>Warning: Undefined array key "phpfile" in Role.php on line 204</p>
<p>Warning: Undefined array key "phpfile" in Role.php on line 204</p>
<p>Warning: Undefined array key "phpfile" in Role.php on line 204</p>
<p>Warning: Undefined array key "phpfile" in Role.php on line 204</p>
<p>Warning: Undefined array key "phpfile" in Role.php on line 204</p>
<p>Warning: Undefined array key "phpfile" in Role.php on line 204</p>
<p>Warning: Undefined array key "phpfile" in Role.php on line 204</p>
<p>Warning: Undefined array key "phpfile" in Role.php on line 204</p>
<p>Warning: Undefined array key "phpfile" in Role.php on line 204</p>
<p>Warning: Undefined array key "phpfile" in Role.php on line 204</p>
<p>Warning: Undefined array key "config_vars" in Role.php on line 46</p>
<p>Warning: Undefined array key "config_vars" in Role.php on line 46</p>
<p>Warning: Undefined array key "config_vars" in Role.php on line 46</p>
<p>Warning: Undefined array key "config_vars" in Role.php on line 46</p>
<p>Warning: Undefined array key "config_vars" in Role.php on line 46</p>
<p>Warning: Undefined array key "config_vars" in Role.php on line 46</p>
<p>Warning: Undefined array key "config_vars" in Role.php on line 46</p>
<p>Warning: Undefined array key "config_vars" in Role.php on line 46</p>
<p>Warning: Undefined array key "config_vars" in Role.php on line 46</p>
<p>Warning: Undefined array key "config_vars" in Role.php on line 46<br />XML Extension not found<br />pkg-static: POST-INSTALL script failed<br />[114/168] Installing boost-libs-1.82.0_1...<br />[114/168] Extracting boost-libs-1.82.0_1: .......pid 518 (pkg-static), jid 0, uid 0, was killed: failed to reclaim memory<br />Child process pid=518 terminated abnormally: Killed</p>
<blockquote><blockquote><blockquote>
<p>Unlocking package pfSense-pkg-aws-wizard... done.<br />Unlocking package pfSense-pkg-ipsec-profile-wizard... done.</p>
</blockquote></blockquote></blockquote>
<p>Fatal error: Uncaught Error: Call to undefined function gettext() in /etc/inc/certs.inc:48<br />Stack trace:<br />#0 /etc/inc/functions.inc(34): require_once()<br />#1 /etc/rc.ecl(25): require_once('/etc/inc/functi...')<br /><a class="issue tracker-1 status-3 priority-4 priority-default closed parent" title="Bug: Gateway not added when switching from DHCP to static (Resolved)" href="https://redmine.pfsense.org/issues/2">#2</a> {main}<br /> thrown in /etc/inc/certs.inc on line 48<br />Launching the init system...<br />Fatal error: Uncaught Error: Failed opening required 'Net/IPv6.php' (include_path='.:/etc/inc:/usr/local/pfSense/include:/usr/local/pfSense/include/www:/usr/local/www:/usr/local/captiveportal:/usr/local/pkg:/usr/local/www/classes:/usr/local/www/classes/Form:/usr/local/share/pear:/usr/local/share/openssl_x509_crl/') in /etc/inc/util.inc:28<br />Stack trace:<br />#0 /etc/inc/config.lib.inc(29): require_once()<br />#1 /etc/inc/auth.inc(31): require_once('/etc/inc/config...')<br /><a class="issue tracker-1 status-3 priority-4 priority-default closed parent" title="Bug: Gateway not added when switching from DHCP to static (Resolved)" href="https://redmine.pfsense.org/issues/2">#2</a> /etc/inc/captiveportal.inc(29): require_once('/etc/inc/auth.i...')<br /><a class="issue tracker-1 status-3 priority-4 priority-default closed" title="Bug: VPN negation rules not added in 2.0 (Resolved)" href="https://redmine.pfsense.org/issues/3">#3</a> /etc/inc/service-utils.inc(25): require_once('/etc/inc/captiv...')<br /><a class="issue tracker-4 status-3 priority-4 priority-default closed" title="Todo: Remove hard coded VLAN supported interfaces list (Resolved)" href="https://redmine.pfsense.org/issues/4">#4</a> /etc/inc/pkg-utils.inc(26): require_once('/etc/inc/servic...')<br /><a class="issue tracker-4 status-3 priority-4 priority-default closed" title="Todo: Don't sync on every filter reload (Resolved)" href="https://redmine.pfsense.org/issues/5">#5</a> /etc/rc.bootup(27): require_once('/etc/inc/pkg-ut...')<br /><a class="issue tracker-1 status-3 priority-4 priority-default closed" title="Bug: Status -> Wireless display bugs (Resolved)" href="https://redmine.pfsense.org/issues/6">#6</a> {main}<br /> thrown in /etc/inc/util.inc on line 28<br />Starting CRON... done.</p>
<p>Fatal error: Uncaught Error: Call to undefined function gettext() in /etc/inc/certs.inc:48<br />Stack trace:<br />#0 /etc/inc/functions.inc(34): require_once()<br />#1 /etc/inc/notices.inc(26): require_once('/etc/inc/functi...')<br /><a class="issue tracker-1 status-3 priority-4 priority-default closed parent" title="Bug: Gateway not added when switching from DHCP to static (Resolved)" href="https://redmine.pfsense.org/issues/2">#2</a> /etc/inc/config.inc(51): require_once('/etc/inc/notice...')<br /><a class="issue tracker-1 status-3 priority-4 priority-default closed" title="Bug: VPN negation rules not added in 2.0 (Resolved)" href="https://redmine.pfsense.org/issues/3">#3</a> /etc/rc.start_packages(25): require_once('/etc/inc/config...')<br /><a class="issue tracker-4 status-3 priority-4 priority-default closed" title="Todo: Remove hard coded VLAN supported interfaces list (Resolved)" href="https://redmine.pfsense.org/issues/4">#4</a> {main}<br /> thrown in /etc/inc/certs.inc on line 48<br />.: cannot open /etc/rc.be_functions.sh: No such file or directory<br />Enter full pathname of shell or RETURN for /bin/sh:</p> pfSense Plus - Feature #14928 (New): FEATURE REQUEST: Wireless ath0 and MAC address controlshttps://redmine.pfsense.org/issues/149282023-10-27T18:48:30ZJonathan Lee
<p><code>ifconfig ath0_wlan0 list mac</code></p>
<p>This has the ability to have a ACL lists added. Can we please have the ability to migrate the ACL or static assigned MAC addresses into the Wireless settings?</p>
<p><code>ifconfig ath0_wlan0 mac:add</code></p>
<p><a class="external" href="https://man.freebsd.org/cgi/man.cgi?ifconfig">https://man.freebsd.org/cgi/man.cgi?ifconfig</a></p>
<pre><code>@ MAC-Based Access Control List Parameters<br /> The following parameters support an optional access control list fea-<br /> ture available with some adapters when operating in ap mode; see<br /> wlan_acl(4). This facility allows an access point to accept/deny asso-<br /> ciation requests based on the MAC address of the station. Note that<br /> this feature does not significantly enhance security as MAC address<br /> spoofing is easy to do.</code></pre>
<pre><code>mac:add address<br /> Add the specified MAC address to the database. Depending on<br /> the policy setting association requests from the specified sta-<br /> tion will be allowed or denied.</code></pre>
<pre><code>mac:allow<br /> Set the ACL policy to permit association only by stations reg-<br /> istered in the database.</code></pre>
<pre><code>mac:del address<br /> Delete the specified MAC address from the database.</code></pre>
<pre><code>mac:deny<br /> Set the ACL policy to deny association only by stations regis-<br /> tered in the database.</code></pre>
<pre><code>mac:kick address<br /> Force the specified station to be deauthenticated. This typi-<br /> cally is done to block a station after updating the address<br /> database.</code></pre>
<pre><code>mac:open<br /> Set the ACL policy to allow all stations to associate.</code></pre>
<pre><code>mac:flush<br /> Delete all entries in the database.</code></pre>
<pre><code>mac:radius<br /> Set the ACL policy to permit association only by stations ap-<br /> proved by a RADIUS server. Note that this feature requires the<br /> hostapd(8) program be configured to do the right thing as it<br /> handles the RADIUS processing (and marks stations as autho-<br /> rized).</code></pre>
<p>@</p>
<p>This ability is already part of FreeBSD and can be accessed in pfSense from command line. This would provide greater security into the pcie mini card also.</p>
<p>If we have items statically assigned in DHCP it would be easy to migrate that into auto added MAC adds</p> pfSense Plus - Feature #14743 (New): Add Passkey/Certificate-based Authenticationhttps://redmine.pfsense.org/issues/147432023-09-03T04:21:49ZKris Phillips
<p>pfSense Plus's webConfigurator is currently limited in authentication for local auth, requiring third party implementations to add 2FA or other authentication means.</p>
<p>There is already redmine 12546 for adding 2FA to pfSense Plus natively, but it would also be beneficial to add passkey/cert-based authentication to pfSense Plus' webConfigurator and other functions.</p> pfSense Plus - Regression #14703 (New): 2100 pcie wireless issueshttps://redmine.pfsense.org/issues/147032023-08-21T18:51:41ZJonathan Lee
<p>Hello fellow pfSense Packages Redmine community members can you please help.</p>
<p>1. The SG-2100MAX the Compex WLE200NX Wireless A/B/G/N Network Mini PCIe Adapter is the only card that will work with the 2100. Other appliances have support for other cards that is missing inside the 2100.</p>
<p>2. The pfSense GUI has removed all antenna port options that are in the prior versions of pfSense.</p>
<p>3. The pfSense software will not allow any dev.ath.0.tpack, or dev.ath.0.tpcts adjustments. When changed they default back to the original settings when adjustments are made. However per Netgate docs users should be able to change them.</p>
<p>4. The antenna diversity does not enable within the 2100 when multiple antena are in use.</p>
<p>As listed in Netgate docs we should have options for antenna adjustments and transmit power adjustments as seen here:</p>
<p><em>"If the signal is weak even when nearby the access point antenna, check the antenna again. For mini-PCI or mini-PCIe cards, if only one pigtail in use and there are two internal connectors, try hooking the pigtail up to the other internal connector on the card. Also try changing the Channel or adjusting the Transmit Power, or the Antenna Settings on the wireless interface configuration. For mini-PCI and mini-PCIe cards, check for broken ends on the fragile pigtail connectors where they plug into the card. If the Regulatory Domain settings have not been configured, set them before testing again."</em></p>
<p>Users can not adjust antenna settings or transmit power as the gui options are no longer listed.</p>
<p>I have also purchased and tested the Apple AR5BXB112 607-7211-A 661-5946 Network Mini PCIe card as it is known to work with other member's appliances. However, the 2100 does not detect any other pcie hardware. Per other forum members the AR5BXB112 card does work within other Netgate appliances. I have recently learned from member stephenw10 that the Compex card is the only card that he has seen work inside the 2100.</p>
<p>If other hardware such as the AR5BXB112 work inside other official Netgate appliances does the arm architecture that is inside the 2100 cause some lack of software support?</p>
<p>Secondly:<br />I was hoping to test the following options as the AR5BXB112 card contains 3 antenna ports, 0, 1, and 2.</p>
<p>per stephenw10<br /><em>"I have always used the defaults there:</em></p>
<p><em>dev.ath.0.rxantenna: 1</em><br /><em>dev.ath.0.txantenna: 0" <br /></em><br />I have also confirmed this is also the case for my system default values.</p>
<p>As PfSense uses freeBSD I researched this and found.</p>
<p><em>"Options 0,1,2 (antenna port 1 or 2, both=0) dev.ath.0.diversity: options 0,1(0=disable 1=enable)"</em></p>
<p>Leading to the third software issue I found I can not enable diversity within the 2100 manually when the two antenna are populated.</p>
<p>Finally, If there is cards that are supported within other systems that have 3 antenna ports there is no options for aux antenna to get configured for dev.at.0.rx</p>
<p>The pfSense GUI has sense removed the antenna port options that are in the prior pfSense versions.</p>
<p>See my short research inside of netgate docs ran to find the issues:<br /><a class="external" href="https://forum.netgate.com/topic/181597/pfsense-as-wireless-ap-transmit-power-adjustments">https://forum.netgate.com/topic/181597/pfsense-as-wireless-ap-transmit-power-adjustments</a></p>
<p>While researching this I found some information that 0: is for both, 1: is for main, 2: is for aux. Again my card lists port 0, and 1. Furthermore another mini pcie card had three ports that can be used with PfSense I am told the mini pcie AR5BXB112 comes with 0, 1, 2 antenna ports.</p>
<p>Ref:<br /><a class="external" href="https://lists.freebsd.org/pipermail/freebsd-wireless/2011-September/000682.html">https://lists.freebsd.org/pipermail/freebsd-wireless/2011-September/000682.html</a></p>
<p>Per Netgate Docs:<br />"Interesting sysctls from shell that cannot be controlled from GUI" section it lists items you can control manually however when they are changed inside the 2100 they do not stay or take the config changes particularly, the transmit power adjustments and diversity settings will never stay set.</p>
<p><a class="external" href="https://docs.netgate.com/pfsense/en/latest/wireless/configuration-ap.html">https://docs.netgate.com/pfsense/en/latest/wireless/configuration-ap.html</a></p> pfSense Plus - Feature #14555 (New): Display Overridden Interface Names On Interface and VLAN Set...https://redmine.pfsense.org/issues/145552023-07-06T18:01:25ZJohn Uplink
<p>Please reference overridden interface names in various places in the pfSense web management UI. It seems that in some places such as the, "Interface Assignments" and "VLAN Setup" page, the interface internal config name is displayed instead of the user friendly overridden name (if configured). This makes it somewhat confusing when trying to view which interface an existing VLAN is assigned to (see screenshot 1) or when creating a VLAN (see screenshot 2).</p>
<p>Negate Forum Discussion: <a class="external" href="https://forum.netgate.com/topic/181251/renamed-interface-still-showing-old-name?_=1688492198971">https://forum.netgate.com/topic/181251/renamed-interface-still-showing-old-name?_=1688492198971</a></p>
<p><img src="https://redmine.pfsense.org/attachments/download/5164/screenshot1.jpg" alt="" /></p>
<p><img src="https://redmine.pfsense.org/attachments/download/5165/screenshot2.jpg" alt="" /></p> pfSense Plus - Bug #14531 (Confirmed): Traffic Graph widget doesn't show traffic counts for OpenV...https://redmine.pfsense.org/issues/145312023-06-30T16:48:06ZLev Prokofev
<p>The Traffic Graph widget doesn't show the in\out traffic for the OpenVPN interfaces.</p>
<p><img src="https://redmine.pfsense.org/attachments/download/5133/clipboard-202306302045-mzwyk.png" alt="" /><br /><img src="https://redmine.pfsense.org/attachments/download/5134/clipboard-202306302045-zsncd.png" alt="" /></p> pfSense Plus - Feature #14387 (New): Offline config modehttps://redmine.pfsense.org/issues/143872023-05-15T23:25:14ZMike Leone
<p>From a forum discussion. Steve deserves credit.<br />[[<a class="external" href="https://forum.netgate.com/topic/180107">https://forum.netgate.com/topic/180107</a>]]</p>
<h1>Offline Config Mode
<ul>
<li>Provide ability to set configurations while no internet or DNS is available. This is pursuant to bug <a class="issue tracker-1 status-3 priority-4 priority-default closed" title="Bug: Lack of DNS or Internet connectivity causes GUI to be slow (Resolved)" href="https://redmine.pfsense.org/issues/12141">#12141</a></li>
<li>23.01 seems to have reverted a little when no WAN is present, while certainly better than 2.6.0 is still quite frustrating</li>
<li>There are use-cases where not having any internet but wanting to even generate a config to load on another firewall with say a static WAN IP to make onsite install easier</li>
<li>When diagnosing a firewall where possibly the internet is down, and even the resolved issue is a bit too much wait especially under a stressful condition</li>
<li>Have an option that shows in the wizard as a checkbox</li>
<li>Have an option in the CLI, like hit "15 for Offline Config mode" before you log in. (Steve W notes "a simple php shell script in the CLI")</li>
<li>Have an option under the Diagnostic tab, to allow you to fix a wan or other routing issue without the web interface tripping allover itself</li>
</ul></h1> pfSense Plus - Regression #14378 (Confirmed): Packages are not removed when using the hardware re...https://redmine.pfsense.org/issues/143782023-05-12T00:41:38ZSteve Wheeler
<p>More precisely it appears that packages are re-installed after rebooting into the new config.</p>
<p>This does not happen using the factory default options in the GUI or console menu.</p>
<p>Tested on 4100 and 6100 with 23.05.r.20230509.2241</p> pfSense Plus - Feature #14066 (New): Add line number to rules and insert optionhttps://redmine.pfsense.org/issues/140662023-03-03T09:20:22ZMike Moore
<p>From a rule management perspective, is it possible to do the following:<br />1. Add line numbers in the GUI. So an admin can say 'Line 30' needs to be modified instead of having to relay the rule to the team and everyone hunting for that specific rule. Of course the line numbers will need to be adjusted each time a rule is added or deleted. Makes administration easier.</p>
<p>2. Insert a rule within the rule set. Currently, the only options are to add a rule at the top or at the bottom or maybe copy an existing rule which would place it underneath what you are copying - which is a good step. Having a large rule set it makes sense to create a rule and have the option presented to 'place after line 15' for example.</p>
<p>This is all about better rule administration and management.</p> pfSense Plus - Bug #14005 (New): SFP Interfaces not available with Traffic Shaper in v23.01https://redmine.pfsense.org/issues/140052023-02-21T13:45:15ZBrendon Flint
<p>I have dual Netgate 1541 in HA mode. The SFP interfaces LAN (cxl1) and WAN (cxl0) are not available for configuration in v23.01. If I boot one of the Netgate's in to v22.05, both interfaces are available for configuration, but not when it boots to v23.01.</p>
<p>The problem exists with both Netgate 1541.</p> pfSense Plus - Bug #13687 (New): firewall_shaper_vinterface.php cannot deal with a limiter named ...https://redmine.pfsense.org/issues/136872022-11-23T02:41:47ZKristof Provost
<p>When I create a limiter named 'new' via the Traffic Shaper page (firewall_shaper_vinterface.php) with the name 'new' it becomes impossible to create more limiters.<br />The 'new' limiter is created correctly, and I can add queues to it, but following the 'New Limiter' link (to firewall_shaper_vinterface.php?pipe=new&action=add") shows the new queue page, not the new limiter page.</p>