pfSense » pfSense Packages

07/28/2016

12:08 PM Bug #6655 (Not a Bug): Installing sudo package breaks webGUI system update capabilities and Package Manager on 2.3.1-RELEASE-p1

The problem isn't the sudo package at all. It's that pkg was upgraded and the GUI doesn't understand the output of th... Jim Pingle

11:57 AM Bug #6655: Installing sudo package breaks webGUI system update capabilities and Package Manager on 2.3.1-RELEASE-p1

I forgot to mention that removing the sudo package via ssh had no change aside from removing the package, the bugs st... Nick Zimmerman

11:56 AM Bug #6655 (Not a Bug): Installing sudo package breaks webGUI system update capabilities and Package Manager on 2.3.1-RELEASE-p1

After installing the *sudo* package through the System > Package Manager menu, our firewalls are no longer able to ch... Nick Zimmerman

11:24 AM Bug #6654: siproxyd Table issue

System: Netgate SG-2440 (amd64) Patrick King

11:20 AM Bug #6654 (Resolved): siproxyd Table issue

Under services-> siproxyd -> Registered phones
Table is not aligned correctly and not showing correct number of re... Patrick King

12:20 AM Feature #6651: Loopback interfaces

For dynamic routing protocol.
As example border router supply originate option ( default gateway ) and use of lo* to... Slava Bendersky

07/27/2016

10:50 PM Feature #6651: Loopback interfaces

I'm curious, what use case do you have for additional lo* interfaces? Chris Buechler

10:31 PM Feature #6651: Loopback interfaces

major think is create additional lo* interface as right now we can define LAN or WAN. Slava Bendersky

10:10 PM Feature #6651: Loopback interfaces

you can already do that with virtual IPs on localhost. That doesn't allow cloning lo0 to lo1, though I don't think an... Chris Buechler

09:44 PM Feature #6651: Loopback interfaces

Assign additional ip addresses like... Slava Bendersky

09:11 PM Feature #6651: Loopback interfaces

manipulate loopback interfaces in what way? You can already set static routes to lo0 to null route, and add VIPs on l... Chris Buechler

08:59 PM Feature #6651 (Resolved): Loopback interfaces

Hello Everyone,
I would like place request add ability manipulate loopback interfaces through web ui.
Use cases wh... Slava Bendersky

07/25/2016

10:24 AM Feature #5434: Let's Encrypt pfSense support

Sory, but now it's working via some simple manual steps...
https://thedevops.party/lets-encrypt-ssl-certificate-on... Ernesto Victor Villarreal

07/24/2016

06:16 PM Feature #6196 (Closed): APU2 Thermal sensor

patch is already upstream (by us, not OPNsense).
Jim Thompson

01:19 AM Feature #6196: APU2 Thermal sensor

This has already been committed upstream:
https://github.com/freebsd/freebsd/commit/cf2857955cc43bf478bbb4716641d1... Jose Luis Duran

07/21/2016

09:50 PM Bug #6636 (Resolved): Squid Reverse Proxy with Additional IP and compatibility="Intermediate" writes bad squid.conf

I use a CARP config, actual IP on this box is x.x.x.135, Virtual IP x.x.x.133. When compatibility="Intermediate" the... Marc Skarshinski

07/20/2016

07:55 PM Bug #6632 (Confirmed): siproxd hosts_allow_reg should be configurable

if you open siproxd on WAN in firewall rules, you get what you're asking for security-wise. No shortage of potential ... Chris Buechler

05:09 PM Bug #6632 (Resolved): siproxd hosts_allow_reg should be configurable

siproxd is providing a configuration option "hosts_allow_reg" which
implements a positive access control list for ho... Robert Jordan

10:44 AM Todo #6443 (Resolved): Add ntopng package back into pfSense 2.3.x

ntopng will be in the pfSense 2.3.2 release. New tickets should be opened if there are issues with the package upon r... Jared Dillard

07/18/2016

07:44 PM Bug #6571: NUT service can not start sometimes after boot when SNMP UPS interface is down

The new NUT package allows for a nut supported way to retry the startup of the driver. Denny Page

07/15/2016

05:50 PM Feature #6204: Integrate ntopng with pfSense - assistance required by ntopng developer

Wow, this would be incredible (being able to mark traffic based on ntop filters) - did not even know that was theoret... → luckman212

05:04 AM Bug #6616 (Duplicate): Client Export list empty when using intermediate CA

Certificate setup:
A Root CA which has signed a VPN CA certificate.
This VPN CA signed the VPN server certificate... Johan Braeken

04:29 AM Bug #6571: NUT service can not start sometimes after boot when SNMP UPS interface is down

I think the reason why this feature is not implemented by NUT team is because it should be implemented on the OS side... Vladimir Suhhanov

07/14/2016

11:27 PM Bug #6571: NUT service can not start sometimes after boot when SNMP UPS interface is down

I've taken a look at this, and this behavior appears to be an intentional choice on the part of the NUT team. I agree... Denny Page

10:38 PM Feature #3685 (Resolved): haproxy listener ip from alias

Chris Buechler

02:11 PM Todo #6443: Add ntopng package back into pfSense 2.3.x

Rich Murphey wrote:
> I've installed snapshot 2.3.2.a.20160606.1543, and ntopng via the web UI package manager.
>
... Jim Pingle

07/13/2016

07:43 PM Bug #6612: squid Multi segmented downloading is broken

likely an issue in squid itself that should be reported there. They don't seem fond of download managers Chris Buechler

07:22 PM Bug #6612 (Closed): squid Multi segmented downloading is broken

it looks like that squid Multi segmented downloading is broken again in squid.
TCP_MISS_ABORTED/206
It was fixe... ageekhere ageekhere

01:49 AM Todo #6443: Add ntopng package back into pfSense 2.3.x

I'm still having the issue with ntopng not restarting after a reboot, with the following errors in the log.
Jul 13... Andrew -

01:40 AM Feature #6204: Integrate ntopng with pfSense - assistance required by ntopng developer

Hi
I think this ticket is different to #6443.
#6443 is simply about getting ntopng back into pfSense 2.3, follo... Andrew -

07/12/2016

11:08 PM Bug #4634 (Resolved): Still broken openbgpd config generation logic in 2.2

fixed last year Chris Buechler

11:07 PM Bug #3605 (Closed): Dansguardian not saving groups config files with correct PICS paths.

package no longer exists, and Dansguardian itself is not maintained Chris Buechler

11:07 PM Bug #3439 (Closed): TFTP - cannot start or restart from Status -> Services

package no longer exists Chris Buechler

11:00 PM Bug #2920 (Not a Bug): OSPF on interfaces with IP Alias and carp unpredictable

Chris Buechler

10:53 PM Feature #6204 (Duplicate): Integrate ntopng with pfSense - assistance required by ntopng developer

duplicate of #6443 Chris Buechler

05:23 AM Bug #6603: pfblockerng's Unbound modifications leave system broken post-config restore

Oh, and - the original problem is much worse on nanobsd - no config restore needed. This breaks on every system upgra... Kill Bill

05:17 AM Bug #6603: pfblockerng's Unbound modifications leave system broken post-config restore

Rather than such ad hoc hacks - cannot we get something like the sanity checking from pfBNG to Unbound itself? Like, ... Kill Bill

07/11/2016

11:19 PM Bug #6603: pfblockerng's Unbound modifications leave system broken post-config restore

It can get complicated if a user adds other *include: /blah/blah.conf* lines, but splits it into two lines.... For th... BBcan177 .

11:13 PM Bug #6603: pfblockerng's Unbound modifications leave system broken post-config restore

Yes, this is a known issue... I can't fix it in the package as it needs to be addressed in unbound.inc.
I can add ... BBcan177 .

05:22 PM Bug #6603 (Resolved): pfblockerng's Unbound modifications leave system broken post-config restore

pfblocker's "include: /var/unbound/pfb_dnsbl.conf" in the Unbound config leaves you with a broken system after config... Chris Buechler

07/09/2016

02:31 PM Bug #6592: squid does NOT use EDH and EECDH cipher suites because "tls-dh" is not configured and so these ciphers are silently dropped - see squid documentation

Seems to focus oon reverse proxy only. Alexander Wilke

12:56 PM Bug #6592: squid does NOT use EDH and EECDH cipher suites because "tls-dh" is not configured and so these ciphers are silently dropped - see squid documentation

Already covered by https://github.com/pfsense/FreeBSD-ports/pull/110 when someone gets to it. Kill Bill

11:05 AM Bug #6592 (Resolved): squid does NOT use EDH and EECDH cipher suites because "tls-dh" is not configured and so these ciphers are silently dropped - see squid documentation

Here it is documented how "http_port" can be configured:
http://www.squid-cache.org/Doc/config/http_port/
EDH and... Alexander Wilke

12:48 PM Feature #6593: squid: allow user to configure DH key size, SINGLE_DH_USE, NO-SSLv3, Cipher-Suites - performance improvement hint

Alexander Wilke wrote:
> For the user it would be good to have the possibility to modify "NO_SSLv3" using the WebUI ... Kill Bill

11:18 AM Feature #6593 (Resolved): squid: allow user to configure DH key size, SINGLE_DH_USE, NO-SSLv3, Cipher-Suites - performance improvement hint

Squid has some additional options set like:
options=NO_SSLv2,NO_SSLv3,SINGLE_DH_USE (and should have "SINGLE_ECDH_... Alexander Wilke

07/08/2016

10:30 PM Bug #5511 (Resolved): quagga zebra.conf and openvpn interface

works Chris Buechler

07/07/2016

08:34 AM Bug #5713 (Rejected): SSHDCond package broken - Incorrect path in /etc/sshd file

sshdcond package was deprecated in pfSense 2.3 Renato Botelho

01:12 AM Bug #6246 (Resolved): pfBlockerNG - filter rule error if all entries in a block list de-dupe out

thanks BBcan Chris Buechler

07/06/2016

11:19 PM Bug #6246: pfBlockerNG - filter rule error if all entries in a block list de-dupe out

Can be closed BBcan177 .

08:07 PM Todo #6443 (Assigned): Add ntopng package back into pfSense 2.3.x

Jim Thompson

12:51 AM Bug #6084: Snort custom rule page does not update on apply

Thanks Bill Chris Buechler

12:51 AM Bug #6084 (Resolved): Snort custom rule page does not update on apply

Chris Buechler

07/02/2016

12:11 PM Bug #6571 (Resolved): NUT service can not start sometimes after boot when SNMP UPS interface is down

If NUT is started with SNMP UPS configured and UPS network or card is currently down, an error message appears
"ER... Vladimir Suhhanov

07/01/2016

12:26 AM Feature #6141: Convert apcupsd package to 2.3

I'm working on catching up on PRs, this one coming soon. Chris Buechler

06/30/2016

11:49 PM Feature #6141: Convert apcupsd package to 2.3

Apparently someone has updated the package and it's been waiting on approval here for over a month: https://github.co... Charles Sprickman

09:14 PM Bug #5511 (Feedback): quagga zebra.conf and openvpn interface

fix pushed Chris Buechler

09:05 AM Feature #6555: Support IEEE 1588

See also [[https://redmine.pfsense.org/issues/6554]] Bruce Simpson

09:01 AM Feature #6555: Support IEEE 1588

Here is how I get around the lack of GUI integration at the moment.
(Requires mode7 support on loopback is re-enable... Bruce Simpson

02:46 AM Bug #6562: Bug/Wrong description in the squid settings

Screenshot Author: http://docs.diladele.com/ Richard Eberhard

02:39 AM Bug #6562 (Not a Bug): Bug/Wrong description in the squid settings

I think there is a wrong description or maybe a bug in the "certificate adapt" option in the squid https settings. He... Richard Eberhard

02:41 AM Bug #6563 (Resolved): Squid still accepts sha1 certificates

Squid still accepts sha1 certificates.(Man in the middle proxy) I think this should be blocked by default for securit... Richard Eberhard