pfSense bugtracker: Issueshttps://redmine.pfsense.org/https://redmine.pfsense.org/favicon.ico?16780521162024-03-08T03:13:23ZpfSense bugtracker
Redmine pfSense Plus - Regression #15320 (New): XMLRPC Sync Trigger on CARP Maintenance Mode Causes webCo...https://redmine.pfsense.org/issues/153202024-03-08T03:13:23ZKris Phillips
<p>When syncing a large configuration file with a large number of Virtual IPs, XMLRPC Sync can cause the webConfigurator to completely hang on a secondary unit in an HA pair for several minutes. This can also lead to 504 Timeout messages. The webConfigurator will typically recover on it's own, but this will often take several minutes.</p>
<p>Disabling the Virtual IP portion of the XMLRPC sync resolves this issue and the failover is nearly instantaneous, along with complete responsiveness from the webConfigurator.</p>
<p>Likely improvements can be made to the PHP code to not just blindly copy and rebuild the entire Virtual IP configuration on the secondary unit, as these hangs can lead to high CPU load and responsiveness issues for the secondary firewall that you just failed over to. This is obviously less than ideal since that unit is supposed to be taking over traffic in a manual failover scenario.</p> pfSense Plus - Bug #15303 (New): dpinger service does not always switch from Pending to Onlinehttps://redmine.pfsense.org/issues/153032024-03-02T17:07:07ZKris Phillips
<p>There are several situations where dpinger will not detect a gateway that is available when it should, forcing a restart of the dpinger service to "trigger" it to recheck.</p>
<p>Known situations, but there may be more:</p>
<p>1. Adding a new VTI tunnel as an interface<br />2. A release/renew of an IPv6 gateway (IPv4 gateway will show up, but IPv6 will not until a dpinger restart)<br />3. Adding an OpenVPN client/server as an interface</p>
<p>Related documentation redmine: <a class="external" href="https://redmine.pfsense.org/issues/15230">https://redmine.pfsense.org/issues/15230</a></p> pfSense Plus - Bug #15036 (Confirmed): Traffic Shaper Wizard Dedicated generates errorhttps://redmine.pfsense.org/issues/150362023-11-27T05:56:41ZAzamat Khakimyanov
<p>I can reproduce it on 23.01, 23.05_1 and 23.09</p>
<p>All the time I run <strong>Traffic Shaper Wizard Dedicated</strong> with HFSC queueing I got this message<br />__ There were error(s) loading the rules: pfctl: linkshare sc exceeds parent's sc - The line in question reads [0]:</p>
<p>Running <strong>Traffic Shaper Wizard Dedicated</strong> with PRIQ/CBQ queueing and running <strong>Traffic Shaper Wizard Multi All</strong> with HFSC queueing work normal (without any error message)</p>
<p>It might be the same issue as <a class="external" href="https://redmine.pfsense.org/issues/2308">https://redmine.pfsense.org/issues/2308</a>, which is 11y old.</p> pfSense Plus - Bug #15006 (New): Upgrade Issue to 23.09 Results in Stuck Prompt Mid-upgradehttps://redmine.pfsense.org/issues/150062023-11-17T19:50:02ZKris Phillips
<p>Symptom: <br />Devices get stuck at a "Enter full pathname of the shell or RETURN for /bin/sh:" prompt mid-upgrade. Rebooting the appliance causes it to be stuck at a "-sh: /etc/rc.initial: not found" prompt after asking for credentials.</p>
<p>This does not appear to be an arch problem as amd64 and aarch64 are both seemingly affected.</p>
<p>Relevant errors during bootup captured from an 1100 that failed to upgrade properly:</p>
<p>[113/168] Extracting php82-pear-Net_URL2-2.2.1: .......... done</p>
<p>Warning: foreach() argument must be of type array|object, null given in Command.php on line 249</p>
<p>Warning: foreach() argument must be of type array|object, null given in Command.php on line 249</p>
<p>Warning: foreach() argument must be of type array|object, null given in Command.php on line 249</p>
<p>Warning: foreach() argument must be of type array|object, null given in Command.php on line 249</p>
<p>Warning: foreach() argument must be of type array|object, null given in Command.php on line 249</p>
<p>Warning: foreach() argument must be of type array|object, null given in Command.php on line 249</p>
<p>Warning: foreach() argument must be of type array|object, null given in Command.php on line 249</p>
<p>Warning: foreach() argument must be of type array|object, null given in Command.php on line 249</p>
<p>Warning: foreach() argument must be of type array|object, null given in Command.php on line 249</p>
<p>Warning: foreach() argument must be of type array|object, null given in Command.php on line 249</p>
<p>Warning: foreach() argument must be of type array|object, null given in Command.php on line 249</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 250</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 251</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 250</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 251</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 250</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 251</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 250</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 251</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 250</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 251</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 250</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 251</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 250</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 251</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 250</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 251</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 250</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 251</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 250</p>
<p>Warning: Trying to access array offset on value of type null in Role.php on line 251</p>
<p>Warning: Undefined array key "honorsbaseinstall" in Role.php on line 173</p>
<p>Warning: Undefined array key "honorsbaseinstall" in Role.php on line 173</p>
<p>Warning: Undefined array key "honorsbaseinstall" in Role.php on line 173</p>
<p>Warning: Undefined array key "honorsbaseinstall" in Role.php on line 173</p>
<p>Warning: Undefined array key "honorsbaseinstall" in Role.php on line 173</p>
<p>Warning: Undefined array key "honorsbaseinstall" in Role.php on line 173</p>
<p>Warning: Undefined array key "honorsbaseinstall" in Role.php on line 173</p>
<p>Warning: Undefined array key "honorsbaseinstall" in Role.php on line 173</p>
<p>Warning: Undefined array key "honorsbaseinstall" in Role.php on line 173</p>
<p>Warning: Undefined array key "honorsbaseinstall" in Role.php on line 173</p>
<p>Warning: Undefined array key "installable" in Role.php on line 139</p>
<p>Warning: Undefined array key "installable" in Role.php on line 139</p>
<p>Warning: Undefined array key "installable" in Role.php on line 139</p>
<p>Warning: Undefined array key "installable" in Role.php on line 139</p>
<p>Warning: Undefined array key "installable" in Role.php on line 139</p>
<p>Warning: Undefined array key "installable" in Role.php on line 139</p>
<p>Warning: Undefined array key "installable" in Role.php on line 139</p>
<p>Warning: Undefined array key "installable" in Role.php on line 139</p>
<p>Warning: Undefined array key "installable" in Role.php on line 139</p>
<p>Warning: Undefined array key "installable" in Role.php on line 139</p>
<p>Warning: Undefined array key "phpfile" in Role.php on line 204</p>
<p>Warning: Undefined array key "phpfile" in Role.php on line 204</p>
<p>Warning: Undefined array key "phpfile" in Role.php on line 204</p>
<p>Warning: Undefined array key "phpfile" in Role.php on line 204</p>
<p>Warning: Undefined array key "phpfile" in Role.php on line 204</p>
<p>Warning: Undefined array key "phpfile" in Role.php on line 204</p>
<p>Warning: Undefined array key "phpfile" in Role.php on line 204</p>
<p>Warning: Undefined array key "phpfile" in Role.php on line 204</p>
<p>Warning: Undefined array key "phpfile" in Role.php on line 204</p>
<p>Warning: Undefined array key "phpfile" in Role.php on line 204</p>
<p>Warning: Undefined array key "config_vars" in Role.php on line 46</p>
<p>Warning: Undefined array key "config_vars" in Role.php on line 46</p>
<p>Warning: Undefined array key "config_vars" in Role.php on line 46</p>
<p>Warning: Undefined array key "config_vars" in Role.php on line 46</p>
<p>Warning: Undefined array key "config_vars" in Role.php on line 46</p>
<p>Warning: Undefined array key "config_vars" in Role.php on line 46</p>
<p>Warning: Undefined array key "config_vars" in Role.php on line 46</p>
<p>Warning: Undefined array key "config_vars" in Role.php on line 46</p>
<p>Warning: Undefined array key "config_vars" in Role.php on line 46</p>
<p>Warning: Undefined array key "config_vars" in Role.php on line 46<br />XML Extension not found<br />pkg-static: POST-INSTALL script failed<br />[114/168] Installing boost-libs-1.82.0_1...<br />[114/168] Extracting boost-libs-1.82.0_1: .......pid 518 (pkg-static), jid 0, uid 0, was killed: failed to reclaim memory<br />Child process pid=518 terminated abnormally: Killed</p>
<blockquote><blockquote><blockquote>
<p>Unlocking package pfSense-pkg-aws-wizard... done.<br />Unlocking package pfSense-pkg-ipsec-profile-wizard... done.</p>
</blockquote></blockquote></blockquote>
<p>Fatal error: Uncaught Error: Call to undefined function gettext() in /etc/inc/certs.inc:48<br />Stack trace:<br />#0 /etc/inc/functions.inc(34): require_once()<br />#1 /etc/rc.ecl(25): require_once('/etc/inc/functi...')<br /><a class="issue tracker-1 status-3 priority-4 priority-default closed parent" title="Bug: Gateway not added when switching from DHCP to static (Resolved)" href="https://redmine.pfsense.org/issues/2">#2</a> {main}<br /> thrown in /etc/inc/certs.inc on line 48<br />Launching the init system...<br />Fatal error: Uncaught Error: Failed opening required 'Net/IPv6.php' (include_path='.:/etc/inc:/usr/local/pfSense/include:/usr/local/pfSense/include/www:/usr/local/www:/usr/local/captiveportal:/usr/local/pkg:/usr/local/www/classes:/usr/local/www/classes/Form:/usr/local/share/pear:/usr/local/share/openssl_x509_crl/') in /etc/inc/util.inc:28<br />Stack trace:<br />#0 /etc/inc/config.lib.inc(29): require_once()<br />#1 /etc/inc/auth.inc(31): require_once('/etc/inc/config...')<br /><a class="issue tracker-1 status-3 priority-4 priority-default closed parent" title="Bug: Gateway not added when switching from DHCP to static (Resolved)" href="https://redmine.pfsense.org/issues/2">#2</a> /etc/inc/captiveportal.inc(29): require_once('/etc/inc/auth.i...')<br /><a class="issue tracker-1 status-3 priority-4 priority-default closed" title="Bug: VPN negation rules not added in 2.0 (Resolved)" href="https://redmine.pfsense.org/issues/3">#3</a> /etc/inc/service-utils.inc(25): require_once('/etc/inc/captiv...')<br /><a class="issue tracker-4 status-3 priority-4 priority-default closed" title="Todo: Remove hard coded VLAN supported interfaces list (Resolved)" href="https://redmine.pfsense.org/issues/4">#4</a> /etc/inc/pkg-utils.inc(26): require_once('/etc/inc/servic...')<br /><a class="issue tracker-4 status-3 priority-4 priority-default closed" title="Todo: Don't sync on every filter reload (Resolved)" href="https://redmine.pfsense.org/issues/5">#5</a> /etc/rc.bootup(27): require_once('/etc/inc/pkg-ut...')<br /><a class="issue tracker-1 status-3 priority-4 priority-default closed" title="Bug: Status -> Wireless display bugs (Resolved)" href="https://redmine.pfsense.org/issues/6">#6</a> {main}<br /> thrown in /etc/inc/util.inc on line 28<br />Starting CRON... done.</p>
<p>Fatal error: Uncaught Error: Call to undefined function gettext() in /etc/inc/certs.inc:48<br />Stack trace:<br />#0 /etc/inc/functions.inc(34): require_once()<br />#1 /etc/inc/notices.inc(26): require_once('/etc/inc/functi...')<br /><a class="issue tracker-1 status-3 priority-4 priority-default closed parent" title="Bug: Gateway not added when switching from DHCP to static (Resolved)" href="https://redmine.pfsense.org/issues/2">#2</a> /etc/inc/config.inc(51): require_once('/etc/inc/notice...')<br /><a class="issue tracker-1 status-3 priority-4 priority-default closed" title="Bug: VPN negation rules not added in 2.0 (Resolved)" href="https://redmine.pfsense.org/issues/3">#3</a> /etc/rc.start_packages(25): require_once('/etc/inc/config...')<br /><a class="issue tracker-4 status-3 priority-4 priority-default closed" title="Todo: Remove hard coded VLAN supported interfaces list (Resolved)" href="https://redmine.pfsense.org/issues/4">#4</a> {main}<br /> thrown in /etc/inc/certs.inc on line 48<br />.: cannot open /etc/rc.be_functions.sh: No such file or directory<br />Enter full pathname of shell or RETURN for /bin/sh:</p> pfSense Plus - Bug #14862 (New): netstat nexthop queries fail on an arm32https://redmine.pfsense.org/issues/148622023-10-11T00:33:44ZSteve Wheeler
<p>Using the -o or -O switches with netstat to get nexthop data fails or shows bad data on arm32 devices.</p>
<pre>
[23.09-BETA][admin@fw1.stevew.lan]/root: netstat -4onW
Nexthop data
Protocol Family 0:
Idx Type IFA Gateway Flags Use Mtu Netif Addrif Refcnt Prepend
120 empty (0) ---/resolve HS 0 512 --- lo0 0 00000000000000000000000000
120 empty (0) ---/resolve H 0 512 --- lo0 0 000000000000000000
120 empty (0) ---/resolve 0 512 ---mvneta1.100 0 0000000000000000000000000000
120 empty (0) ---/resolve 0 512 --- ovpnc2 0 00000000000000000000000000000000
120 empty (0) ---/resolve H 0 512 --- lo0 0 00
120 empty (0) ---/resolve HS 0 512 --- lo0 0 0000
120 empty (0) ---/resolve HS 0 512 --- lo0 0 00
120 empty (0) ---/resolve H 0 512 --- lo0 0 00
120 empty (0) ---/resolve HS 0 512 --- lo0 0 0000000000000000
120 empty (0) ---/resolve GS 0 512 --- mvneta0 0 00
120 empty (0) ---/resolve 0 512 --- mvneta2 0 0000000000000000
120 empty (0) ---/resolve HS 0 512 --- lo0 0 00000000000000000000000000000000
120 empty (0) ---/resolve HS 0 512 --- lo0 0 000000000000000000000000000000
120 empty (0) ---/resolve HS 0 512 --- lo0 0 0000000000000000000000000000000000
120 empty (0) ---/resolve H 0 512 --- ovpnc3 0 000000000000000000000000000000
120 empty (0) ---/resolve 0 512 ---mvneta1.21 0 00000000000000000000000000
120 empty (0) ---/resolve GHS 0 512 --- mvneta2 0 0000000000000000
120 empty (0) ---/resolve 0 512 --- mvneta0 0 00
120 empty (0) ---/resolve GS 0 512 --- mvneta2 0 0000000000000000
120 empty (0) ---/resolve 0 512 --- mvneta1 0 0000
120 empty (0) ---/resolve 0 512 --- mvneta1 0 0000
120 empty (0) ---/resolve HS 0 512 --- lo0 0 0000000000000000000000000000
120 empty (0) ---/resolve 0 512 --- ovpnc1 0 0000000000000000000000000000000000
</pre>
<pre>
[23.09-BETA][admin@fw1.stevew.lan]/root: netstat -4OnW
Nexthop groups data
netstat: sysctl: net.route.0.2.nhgrpdump.0 estimate: Operation not supported
</pre>
<p>These commands are used to gather data for the status_output file and hence generate errors when it's run.</p> pfSense Plus - Feature #14810 (New): add Packet Too Big icmp type in firewallhttps://redmine.pfsense.org/issues/148102023-09-25T21:58:26Zyon Liuinfo@ipv6china.com
<p>I hope more ICMP type refinements can be added to the firewall options.<br />For example, add Type 2 - Packet Too Big and 4 Fragmentation Needed and Don't Fragment was Set</p>
<p>Because I have security blocking most ICMP and only allowing necessary ICMP.</p> pfSense Plus - Bug #14708 (New): Uncaught TypeError: pfSense_interface_rename() when enabling a s...https://redmine.pfsense.org/issues/147082023-08-24T23:35:12ZDiana Moore
<p>When enabling 6rd while 6to4 is enabled on another interface the web ui will throw an error of <code>Uncaught TypeError: pfSense_interface_rename()</code>.</p>
<p>This can also occur when enabling 6to4 with 6rd already enabled.</p>
<p>UI error shows the following when trying to enable 6to4 on wan with 6rd enabled on opt1 (Full trace attached to bug report):</p>
<blockquote>
<p>Fatal error: Uncaught TypeError: pfSense_interface_rename(): Argument #1 ($ifname) must be of type string, array given in /etc/inc/interfaces.inc:4745 Stack trace: #0 /etc/inc/interfaces.inc(4745): pfSense_interface_rename(Array, 'wan_stf') #1 /etc/inc/interfaces.inc(4289): interface_6to4_configure('wan', Array) <a class="issue tracker-1 status-3 priority-4 priority-default closed parent" title="Bug: Gateway not added when switching from DHCP to static (Resolved)" href="https://redmine.pfsense.org/issues/2">#2</a> /usr/local/www/interfaces.php(476): interface_configure('wan', true) <a class="issue tracker-1 status-3 priority-4 priority-default closed" title="Bug: VPN negation rules not added in 2.0 (Resolved)" href="https://redmine.pfsense.org/issues/3">#3</a> {main} thrown in /etc/inc/interfaces.inc on line 4745 PHP ERROR: Type: 1, File: /etc/inc/interfaces.inc, Line: 4745, Message: Uncaught TypeError: pfSense_interface_rename(): Argument #1 ($ifname) must be of type string, array given in /etc/inc/interfaces.inc:4745 Stack trace: #0 /etc/inc/interfaces.inc(4745): pfSense_interface_rename(Array, 'wan_stf') #1 /etc/inc/interfaces.inc(4289): interface_6to4_configure('wan', Array) <a class="issue tracker-1 status-3 priority-4 priority-default closed parent" title="Bug: Gateway not added when switching from DHCP to static (Resolved)" href="https://redmine.pfsense.org/issues/2">#2</a> /usr/local/www/interfaces.php(476): interface_configure('wan', true) <a class="issue tracker-1 status-3 priority-4 priority-default closed" title="Bug: VPN negation rules not added in 2.0 (Resolved)" href="https://redmine.pfsense.org/issues/3">#3</a> {main} thrown</p>
</blockquote>
<p>Static IPv6, SLAAC, and DHCPv6 are unaffected.</p>
Interfaces involved:
<ul>
<li>wan - igb0 - Requires 6to4 for IPv6</li>
<li>opt1 - VLAN 201 on igb1 - Requires 6rd for IPv6</li>
</ul>
<p>System is a Super Micro a1sri-2758f</p> pfSense Plus - Feature #14594 (New): VDOM on pfsensehttps://redmine.pfsense.org/issues/145942023-07-20T00:58:58ZConor Dang
<p>I do not see this feature in any of the open requests but having a similar functionality to VDOM (virtual domain) on Fortinet devices in pfsense would open many more use cases for it. For those who don't know what a VDOM is, it allows a single firewall to be split up virtually, including having separate webconfigs per each VDOM. I found this post from 9 years ago that had no replies but brought the idea that it could be done on pfsense: <a class="external" href="https://list.pfsense.narkive.com/VCNLiGjK/pfsense-something-like-fortigate-s-vdom-feature">https://list.pfsense.narkive.com/VCNLiGjK/pfsense-something-like-fortigate-s-vdom-feature</a><br />If you want to learn more about VDOM as it works in Fortinet, visit their page describing it: <a class="external" href="https://docs.fortinet.com/document/fortigate/7.4.0/administration-guide/597696/vdom-overview">https://docs.fortinet.com/document/fortigate/7.4.0/administration-guide/597696/vdom-overview</a></p> pfSense Plus - Bug #14531 (Confirmed): Traffic Graph widget doesn't show traffic counts for OpenV...https://redmine.pfsense.org/issues/145312023-06-30T16:48:06ZLev Prokofev
<p>The Traffic Graph widget doesn't show the in\out traffic for the OpenVPN interfaces.</p>
<p><img src="https://redmine.pfsense.org/attachments/download/5133/clipboard-202306302045-mzwyk.png" alt="" /><br /><img src="https://redmine.pfsense.org/attachments/download/5134/clipboard-202306302045-zsncd.png" alt="" /></p> pfSense Plus - Bug #14106 (New): arc4random: WARNING: initial seeding bypassed the cryptographic ...https://redmine.pfsense.org/issues/141062023-03-14T10:41:28ZJonathan Lee
<p>23.01 is now showing this error after a fresh firmware install on a Netgate 2100-MAX system. It will continue to boot after. Is this of concern? I have not noticed this in the past. It has bypassed the cryptographic feature.</p>
<p>Mar 14 05:01:12 kernel arc4random: WARNING: initial seeding bypassed the cryptographic random device because it was not yet seeded and the knob 'bypass_before_seeding' was enabled.<br />Mar 14 05:01:12 kernel FreeBSD/SMP: Multiprocessor System Detected: 2 CPUs<br />Mar 14 05:01:12 kernel Starting CPU 1 (1)<br />Mar 14 05:01:12 kernel avail memory = 3464667136 (3304 MB)<br />Mar 14 05:01:12 kernel real memory = 3602862080 (3435 MB)<br />Mar 14 05:01:12 kernel module firmware already present!<br />Mar 14 05:01:12 kernel VT: init without driver.<br />Mar 14 05:01:12 kernel FreeBSD clang version 14.0.5 (<a class="external" href="https://github.com/llvm/llvm-project.git">https://github.com/llvm/llvm-project.git</a> llvmorg-14.0.5-0-gc12386ae247c)<br />Mar 14 05:01:12 kernel root@freebsd:/var/jenkins/workspace/pfSense-Plus-snapshots-23_01-main/obj/aarch64/Z3hsU8Fs/var/jenkins/workspace/pfSense-Plus-snapshots-23_01-main/sources/FreeBSD-src-plus-RELENG_23_01/arm64.aarch64/sys/pfSense arm64<br />Mar 14 05:01:12 kernel FreeBSD 14.0-CURRENT #0 plus-RELENG_23_01-n256037-6e914874a5e: Fri Feb 10 20:28:37 UTC 2023<br />Mar 14 05:01:12 kernel FreeBSD is a registered trademark of The FreeBSD Foundation.<br />Mar 14 05:01:12 kernel The Regents of the University of California. All rights reserved.<br />Mar 14 05:01:12 kernel Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994<br />Mar 14 05:01:12 kernel Copyright (c) 1992-2022 The FreeBSD Project.<br />Mar 14 05:01:12 kernel KDB: current backend: ddb<br />Mar 14 05:01:12 kernel KDB: debugger backends: ddb gdb<br />Mar 14 05:01:12 kernel GDB: current port: uart<br />Mar 14 05:01:12 kernel GDB: debug ports: uart<br />Mar 14 05:01:12 kernel ---<<BOOT>>---</p> pfSense Plus - Feature #14012 (New): ZFS memory usage graphshttps://redmine.pfsense.org/issues/140122023-02-22T09:50:05ZJim Pingle
<p>It's becoming increasingly relevant for users to monitor ZFS memory usage, especially ARC usage. This is ideal as a separate RRD graph under <strong>Status > Monitoring</strong> but might also be a nice addition to the ZFS widget or a separate ZFS Memory widget.</p>
<p>Currently users have to look at the output of <code>top</code> to see it:</p>
<pre>
ARC: 1202M Total, 743M MFU, 384M MRU, 916K Anon, 14M Header, 59M Other
1041M Compressed, 3148M Uncompressed, 3.02:1 Ratio
</pre>
<p>Or dig through sysctl OIDs:</p>
<pre>
kstat.zfs.misc.arcstats.mfu_ghost_size: 0
kstat.zfs.misc.arcstats.mfu_size: 778736128
kstat.zfs.misc.arcstats.mru_ghost_size: 0
kstat.zfs.misc.arcstats.mru_size: 402139648
kstat.zfs.misc.arcstats.anon_size: 989184
kstat.zfs.misc.arcstats.other_size: 62153984
kstat.zfs.misc.arcstats.bonus_size: 13352960
kstat.zfs.misc.arcstats.dnode_size: 35653000
kstat.zfs.misc.arcstats.dbuf_size: 13148024
kstat.zfs.misc.arcstats.metadata_size: 138728448
kstat.zfs.misc.arcstats.data_size: 1043136512
kstat.zfs.misc.arcstats.hdr_size: 14482464
kstat.zfs.misc.arcstats.overhead_size: 90355200
kstat.zfs.misc.arcstats.uncompressed_size: 3300402688
kstat.zfs.misc.arcstats.compressed_size: 1091509760
kstat.zfs.misc.arcstats.size: 1260264224
kstat.zfs.misc.abdstats.linear_data_size: 114316288
kstat.zfs.misc.abdstats.scatter_data_size: 977197568
kstat.zfs.misc.abdstats.struct_size: 6681872
</pre>
<p>The exact set of data to graph is open for debate here, but we should at least go with the equivalent values to those shown in <code>top</code> output.</p> pfSense Plus - Feature #13786 (New): ldap intergration for firewall ruleshttps://redmine.pfsense.org/issues/137862022-12-20T15:54:09ZMike Moore
<p>Seeing as there are LDAP connectors in the software already for authentication, would it be possible to leverage that for firewall rules?<br />Creating a permit/deny rule based on source 'LDAP\User1". This feature alone would be "nextgen" for pf.</p>
<p>On other vendors, this does require an agent being installed on an AD server to get that updated directory list to map IP addr to username. But i think that would only be helpful for reporting/analytics. If we need to just validate the username and thats it, then i think this is possible. Other packages such as Squid can be leveraged if reporting is needed to see what sites were visited and when.</p> pfSense Plus - Bug #13687 (New): firewall_shaper_vinterface.php cannot deal with a limiter named ...https://redmine.pfsense.org/issues/136872022-11-23T02:41:47ZKristof Provost
<p>When I create a limiter named 'new' via the Traffic Shaper page (firewall_shaper_vinterface.php) with the name 'new' it becomes impossible to create more limiters.<br />The 'new' limiter is created correctly, and I can add queues to it, but following the 'New Limiter' link (to firewall_shaper_vinterface.php?pipe=new&action=add") shows the new queue page, not the new limiter page.</p> pfSense Plus - Bug #13497 (Incomplete): unbound process looks like stuck periodicallyhttps://redmine.pfsense.org/issues/134972022-09-16T01:16:46ZYaroslav Semenenko
<p>Hello,</p>
<p>I have Netgate 2100.<br />Unbound service is needed to restart sometimes due to it could not resolve public domain name.</p>
<p>Thanks,<br />Yaroslav</p> pfSense Plus - Bug #12894 (New): duplicating freshly created certificates through refreshinghttps://redmine.pfsense.org/issues/128942022-03-03T14:30:26ZVan Quach
<p>Version 22.01-Release FreeBSD 12.3-Stable</p>
<p>Bug: After successfully creating a certificate. The certificate gets duplicated by refreshing the page (while the green success notification is shown)</p>
<p>This happend to me with different CA and it doesn't matter what type of certificate it is.</p>