pfSense bugtracker: Issueshttps://redmine.pfsense.org/https://redmine.pfsense.org/favicon.ico?16780521162022-12-26T15:29:16ZpfSense bugtracker
Redmine pfSense - Feature #13805 (New): A way to reliably determine if system is the primary or secondary...https://redmine.pfsense.org/issues/138052022-12-26T15:29:16ZChristopher Cope
<p>There is no current way, as far as I can tell, to reliably determine if the current system is the primary or secondary.</p>
A few of the current ways include:
<ul>
<li>"Synchronize Config to IP" isn't set it's likely secondary, but isn't certain.</li>
<li>Checking the advskew is a good way, but these are sometimes changed, so it isn't 100% either.</li>
</ul>
<p>My thoughts are to add a setting to System > High Avail. Sync for Primary/Secondary.</p>
This would allow behavior specific to that to be implemented. Such as:
<ul>
<li>Disabling the ability to toggle CARP maintenance mode on the Secondary, to avoid confusion.</li>
<li>Auto filling advskew when creating new VIPs</li>
<li>etc.</li>
</ul>
<p>I could write the code and submit a merge request for this, but would appreciate any thoughts / comments on anything I may be missing before I do that.</p> pfSense Plus - Feature #12832 (New): 6100 configurable Blinking Blue LED https://redmine.pfsense.org/issues/128322022-02-19T11:56:10Zshawn butts
<p>The blinking blue like for "normal operation status" feels like an "everything is ok ALARM!!!!"</p>
<p>I'd like to see an option to either make it solid blue for "normal" or disable the LED altogether.</p> pfSense Docs - New Content #12805 (New): Add documentation about what triggers a notficationhttps://redmine.pfsense.org/issues/128052022-02-15T17:10:01ZLogan Marchione
<p>I just setup notifications in pfSense and can't find any documentation on the page below to show what sort of actions trigger a notification. <br /><a class="external" href="https://docs.netgate.com/pfsense/en/latest/config/advanced-notifications.html">https://docs.netgate.com/pfsense/en/latest/config/advanced-notifications.html</a></p>
<p>It seems this is a semi-common problem. <br /><a class="external" href="https://www.reddit.com/r/PFSENSE/comments/ar3w9l/pfsense_email_notifications/">https://www.reddit.com/r/PFSENSE/comments/ar3w9l/pfsense_email_notifications/</a> <br /><a class="external" href="https://www.reddit.com/r/PFSENSE/comments/l6lil3/how_to_configure_whatwhen_for_email_notifications/">https://www.reddit.com/r/PFSENSE/comments/l6lil3/how_to_configure_whatwhen_for_email_notifications/</a></p>
<p>Am I missing something, or is this documentation hidden somewhere? Ideally, I'd like a giant list of checkboxes to turn on/off notifications for things, but I'd take just a plaintext list of what will trigger a notification. Right now, I'm searching GitHub to see what triggers <strong>notify_all_remote</strong>.<br /><a class="external" href="https://github.com/pfsense/pfsense/search?q=notify_all_remote">https://github.com/pfsense/pfsense/search?q=notify_all_remote</a></p> pfSense Docs - New Content #12804 (New): Add documentation for Slack notificationshttps://redmine.pfsense.org/issues/128042022-02-15T16:59:18ZLogan Marchione
<p>I saw in the issue below that support for notifications via Slack was added to 2.6.0. <br /><a class="external" href="https://redmine.pfsense.org/issues/12291">https://redmine.pfsense.org/issues/12291</a></p>
<p>However, I don't see matching docs on this page. Can these be added? <br /><a class="external" href="https://docs.netgate.com/pfsense/en/latest/config/advanced-notifications.html">https://docs.netgate.com/pfsense/en/latest/config/advanced-notifications.html</a></p> pfSense - Feature #12521 (New): Add the BBR2, QUIC, RACK Congestion Control (CC) protocolshttps://redmine.pfsense.org/issues/125212021-11-12T21:11:13ZSergei Shablovsky
<p>Changing character of traffic in last 5-7 years powered extremely by the fact that <br />- 80%+ of users using mobile devices (smartphones and tablets);<br />- IoT and SmartHome technologies become widely using</p>
<p>create request for modern, more effective Congestion Control (CC) technologies.</p>
<p>And this is the time where BBR2, QUIC, RACK protocols come in. Some of them already integrated in most popular nix base distributives.</p>
<p>Some of proofs are here <a class="external" href="https://forum.netgate.com/post/1009051">https://forum.netgate.com/post/1009051</a> and in this tread <a class="external" href="https://forum.netgate.com/topic/163744/any-chances-to-get-netflix-s-open-connect-appliance-oca-tcp-code-rack-and-bbr-into-pfsense">https://forum.netgate.com/topic/163744/any-chances-to-get-netflix-s-open-connect-appliance-oca-tcp-code-rack-and-bbr-into-pfsense</a>
==============================================================</p>
<p>Because the pfSense are a “heart” of any business or private network, better to add ability to be able using BBR2, QUIC, RACK protocols in a pfSense-tuned version of FreeBSD.</p>
<p>==============================================================<br />Useful Links<br />BBR - <a class="external" href="https://github.com/Netflix/tcplog_dumper">https://github.com/Netflix/tcplog_dumper</a><br />RACK / SACK - <a class="external" href="https://forums.freebsd.org/threads/tcp-rack-and-sack.80633/">https://forums.freebsd.org/threads/tcp-rack-and-sack.80633/</a><br />QUIC - <a class="external" href="https://www.reddit.com/r/PFSENSE/comments/ajs0qy/quic_protocol/">https://www.reddit.com/r/PFSENSE/comments/ajs0qy/quic_protocol/</a></p> pfSense Docs - Todo #12457 (New): Add UPS Configuration Recipes for apcupsd and nut UPS Packages ...https://redmine.pfsense.org/issues/124572021-10-14T12:53:43ZKris Phillips
<p>A customer requested that we add some basic "how to" recipes to the pfSense docs for basic operations in the apcupsd and nut UPS packages for common brands of UPS units.</p>
<p>This would include configuration examples for the various brands (with a note that some differences may exist by model), some basic automatic start up and shutdown configuration, etc.</p> pfSense Docs - New Content #12402 (New): Add recipe for configuring Telegram to receive notificat...https://redmine.pfsense.org/issues/124022021-09-24T00:46:30ZViktor Gurov
<p><strong>Page:</strong> <a class="external" href="https://docs.netgate.com/pfsense/en/latest/config/advanced-notifications.html">https://docs.netgate.com/pfsense/en/latest/config/advanced-notifications.html</a></p>
<p><strong>Feedback:</strong></p>
<p>How to configure Telegram notifications:<br />1) Find the bot BotFather<br />2) Add a new bot with the commands: "/newbot", <botname>, <botusername> (must end in 'bot'),<br />save the API Token value<br />see <a class="external" href="https://core.telegram.org/bots#creating-a-new-bot">https://core.telegram.org/bots#creating-a-new-bot</a> and screenshot<br />3) Create a new private chat and add a new bot to it with the "Post messages" privilege<br />4) How to get private chat id:<br />4.1) First way:<br />Just send to the bot your invite link to your private channel<br />and check it with <a class="external" href="https://api.telegram.org/bot&lt;BOT_TOKEN&gt;/getUpdates">https://api.telegram.org/bot&lt;BOT_TOKEN&gt;/getUpdates</a>:<br /><pre>
{"ok":true,"result":[{"update_id":191337144,
"my_chat_member":{"chat":{"id":-1001550670765,"title":"myprivatetest","type":"channel"},"from":
</pre><br />4.2) Second way:<br />- You should convert your channel to public with some @channelName<br />- Send message to this channel through Bot API: <a class="external" href="https://api.telegram.org/bot111:222/sendMessage?chat_id=@channelName&text=123">https://api.telegram.org/bot111:222/sendMessage?chat_id=@channelName&text=123</a><br />- As response you will get info with chat_id of your channel:<br /><pre>
{ "ok" : true, "result" : { "chat" : { "id" : -1001005582487, "title" : "Test Private Channel", "type" : "channel" }, "date" : 1448245538, "message_id" : 7, "text" : "123ds" } }
</pre><br />- Now you can convert Channel back to private (by deleting channel's link) and send message directly to this chat_id "-1001005582487"</p> pfSense - Todo #12025 (New): Add 1:1 Validation to Notify Someone They are 1:1 NAT'ing an Interfa...https://redmine.pfsense.org/issues/120252021-06-10T17:34:03ZKris Phillips
<p>Although it is VERY rarely necessary, we should add a banner to the top of the 1:1 NAT page notifying end users that they have just 1:1 NAT'ed the WAN interface address and this is usually not recommended due to connectivity issues for dpinger, IPSec, etc. that may occur. Often we see users 1:1 NAT their WAN address out of lack of experience/understanding. Additionally, this should be useful if there was a way to verify against an HA member as well or CARP VIP as it can sometimes be easy to forget that your secondary unit is using the 1:1 NAT address you just configured on the primary and pushed it to the secondary (which then causes gateway monitoring to fail on that interface).</p> pfSense Packages - Feature #11931 (New): Add support for validating a domain's ownership via Goog...https://redmine.pfsense.org/issues/119312021-05-17T08:09:13ZAlex Cazacu
<p>Add support for validating a domain's ownership via Google Cloud Cloud DNS.</p>
<p>Support for Google Cloud Cloud DNS is already implemented in the <a href="https://github.com/acmesh-official/acme.sh" class="external">acme-official/acme-sh</a>. See <a href="https://github.com/acmesh-official/acme.sh/blob/master/dnsapi/dns_gcloud.sh" class="external">dns_gcloud.sh</a>.</p>
The associated script <a href="https://github.com/acmesh-official/acme.sh/blob/master/dnsapi/dns_gcloud.sh" class="external">documentation</a> omits to mention that authenticating and configuring <code>gcloud</code> can be performed in a non-interactive way by:
<ol>
<li>Creating a Google Cloud service account key: <a href="https://cloud.google.com/iam/docs/creating-managing-service-account-keys#creating_service_account_keys" class="external">documentation</a>.</li>
<li>Authenticating <code>gcloud</code> with the created service account key: <a href="https://cloud.google.com/sdk/docs/authorizing#authorizing_with_a_service_account" class="external">documentation</a>.</li>
<li>Configuring <code>gcloud</code>: via <code>gcloud config set</code> - <a href="https://cloud.google.com/sdk/docs/properties#setting_properties;" class="external">documentation</a> via environment variables: <a href="https://cloud.google.com/sdk/docs/properties#setting_properties_via_environment_variables" class="external">documentation</a>.</li>
</ol> pfSense Packages - Bug #11493 (New): After upgrade zabbix proxy wont starthttps://redmine.pfsense.org/issues/114932021-02-21T05:31:00ZPim Janssen
<p>Due to database changes between zabbix-proxy versions. The proxy database needs to be removed after upgrading else the proxy service won't start.</p>
<p>Workaround <br />manual remove database /var/db/zabbix-proxy/proxy.db</p> pfSense Packages - Bug #10265 (New): Adding a Note with malformed title will force system restorehttps://redmine.pfsense.org/issues/102652020-02-17T14:27:22ZYuri Weinstein
<p>This is related to using Notes package.</p>
<p>Add a new note with title</p>
<p>"Add/Change/Set the custom resolution of your display using xrandr on Ubuntu 18.04 — {In a minute}"</p>
<p>(I am not sure why this particular string causes a problem, but it does) and anything in the notes body</p>
<p>Click on Save => notice that the note was not added and pfSense System Notices show a new warning:</p>
<p>"pfSenseConfigurator<br />pfSense is restoring the configuration /cf/conf/backup/config-1581970855.xml @ 2020-02-17 12:21:23"</p> pfSense Packages - Feature #9725 (New): Ability to use template variables in acme packagehttps://redmine.pfsense.org/issues/97252019-09-04T04:59:00ZTobi Miller
<p>would be very helpful to be able to use variables in acme package action section<br />Using variables something like that would be possible as action</p>
<p><code>sed -n w/tmp/acme/%NAME/%DOMAIN/%DOMAIN.pem /tmp/acme/%NAME/%DOMAIN/%DOMAIN.key /tmp/acme/%NAME/%DOMAIN/%DOMAIN.cer</code></p>
<p>that would make the actions very portable if one needs another domain with the same actions: just clone the record in acme package, change values (like name and domain) and hit save. <br />Would save a lot of time and possible errors due to typos when replacing the domain in the action</p> pfSense Packages - Feature #8161 (New): Add virtual server support to FreeRadiushttps://redmine.pfsense.org/issues/81612017-12-04T18:53:44ZVictor Hooi
<p>It's great and super convenient that the FreeRadius server is included as a package with pfSense.</p>
<p>I currently use this to provide WPA-Enterprise authentication with my Ubiquiti Unifi access points.</p>
<p>However, it would be fantastic if we could add virtual server support via the online GUI - this is a key feature in FreeRadius, and lets you setup multiple lists of users (e.g. for different WiFi SSIDs).</p>
<p>This person has tried to hack around the lack of support:</p>
<p><a class="external" href="https://forum.pfsense.org/index.php?topic=126862.0">https://forum.pfsense.org/index.php?topic=126862.0</a></p>
<p>but that breaks every time you update via the GUI.</p> pfSense - Feature #6804 (New): Add row counter into Diagnostics -> Edit Filehttps://redmine.pfsense.org/issues/68042016-09-21T21:23:13ZTCI User
<p>Will be extremely helpful if the rows in the Diagnostics -> Edit File window are presented with a number.</p>
<p>In this case you cannot get lost while scrolling up and down into a file.</p>
<p>NOTE: As a work around at the moment I copy the file into my external text editor (Notepad++), make the necessary changes and then copy it back.</p> pfSense - Todo #6727 (New): Missing file apple-touch-icon-precomposed.png ?https://redmine.pfsense.org/issues/67272016-08-18T14:10:11ZAndy Kniveton
<p>I notice this occasionally in my log files after logging in via the web browser :-</p>
<p>Aug 18 19:50:38 pfsense.localdomain nginx: 2016/08/18 19:50:38 [error] 36942#100114: *10595 open() "/usr/local/www/apple-touch-icon-precomposed.png" failed (2: No such file or directory), client: 172.16.1.20, server: , request: "GET /apple-touch-icon-precomposed.png HTTP/1.1", host: "172.16.1.1"</p>
<p>[2.3.2-RELEASE][<a class="email" href="mailto:admin@pfsense.localdomain">admin@pfsense.localdomain</a>]/root: ls /usr/local/www/apple-touch-icon-precomposed.png<br />ls: /usr/local/www/apple-touch-icon-precomposed.png: No such file or directory</p>
<p>[2.3.2-RELEASE][<a class="email" href="mailto:admin@pfsense.localdomain">admin@pfsense.localdomain</a>]/root: ls /usr/local/www/*.png<br />/usr/local/www/apple-touch-icon.png/usr/local/www/logo.png<br />/usr/local/www/logo-black.png /usr/local/www/pfs-mini.png<br />[2.3.2-RELEASE][<a class="email" href="mailto:admin@pfsense.localdomain">admin@pfsense.localdomain</a>]/root:</p>
<p>Maybe its just worth doing a symbolic link in the next pfSense build.</p>