pfSense » pfSense Packages

08/28/2016

07:24 PM Bug #6616: Client Export list empty when using intermediate CA

I'm running into this also. I have a root-ca, with different intermediate CAs. the intermediate CAs allow me to seg... Curtis Ruck

08/24/2016

01:19 PM Bug #6740: https filtering with squid + squidguard error (ssl bump)

C Wood wrote:
> Jim Pingle wrote:
> > It is for both but there is no specific bug on this ticket yet, only symptoms... C Wood

01:14 PM Bug #6740: https filtering with squid + squidguard error (ssl bump)

Jim Pingle wrote:
> It is for both but there is no specific bug on this ticket yet, only symptoms.
I guess your d... C Wood

01:08 PM Bug #6740: https filtering with squid + squidguard error (ssl bump)

It is for both but there is no specific bug on this ticket yet, only symptoms. Jim Pingle

01:05 PM Bug #6740: https filtering with squid + squidguard error (ssl bump)

Jim Pingle wrote:
> This needs to stay on the forum until a specific bug can be identified. We don't encourage or su... C Wood

12:58 PM Bug #6740 (Not a Bug): https filtering with squid + squidguard error (ssl bump)

This needs to stay on the forum until a specific bug can be identified. We don't encourage or support the use of HTTP... Jim Pingle

12:42 PM Bug #6740: https filtering with squid + squidguard error (ssl bump)

C Wood wrote:
> When configuring the https filtering some (possibly all) https sites error out. (Man in the middle ... C Wood

12:31 PM Bug #6740 (Not a Bug): https filtering with squid + squidguard error (ssl bump)

When configuring the https filtering some (possibly all) https sites error out. (Man in the middle certificate autho... C Wood

08/22/2016

02:57 PM Bug #6735 (Resolved): Cron Service saves entry on Cancel

I pushed a fix for this, it will show up shortly. Jim Pingle

09:47 AM Bug #6736 (Closed): Snort fails to start after upgrade to 2.3.2-RELEASE

After upgrading to 2.3.2-Release from 2.3.1-5 snort fails to start with a FATAL error: Aug 22 11:20:01 pfSense snort[... Marco Verleun

08/21/2016

11:45 PM Bug #6735 (Resolved): Cron Service saves entry on Cancel

In Services/Cron:
If you click on "Edit" and enter in the settings for a new Cron entry, but terminate it with the... BBcan177 .

06:49 PM Bug #6714 (Rejected): diag_testport suggestions and issues

we do, actually. please break this up into separate issues. Jim Thompson

12:25 PM Bug #6734: ntopng does not start on up-to-date pfsense install (port 3000 is already in use)

For reference:
https://forum.pfsense.org/index.php?topic=117170.msg649101#msg649101 Anonymous

12:23 PM Bug #6734: ntopng does not start on up-to-date pfsense install (port 3000 is already in use)

OK I opened a thread on the forums. I may also have found the issue. It could be that ntop (the old package) is run... Anonymous

08/20/2016

11:30 PM Bug #6734 (Not a Bug): ntopng does not start on up-to-date pfsense install (port 3000 is already in use)

If it says that, then it's either already running or something else is using the port. Please post on the forum until... Jim Pingle

12:09 PM Bug #6734 (Not a Bug): ntopng does not start on up-to-date pfsense install (port 3000 is already in use)

ntopng does not start on up to date pfsense install. ntopng is installed & configured but trying to access it the pa... Anonymous

08/17/2016

12:36 PM Bug #5749 (Resolved): OpenVPN Export Certs with password, password doesn't open .pk12 container.

New version is up, installed, confirmed working on a separate unit. Jim Pingle

12:25 PM Bug #5749: OpenVPN Export Certs with password, password doesn't open .pk12 container.

I was able to reproduce the problem with "+" and confirmed that switching from escape() to encodeURIComponent() fixed... Jim Pingle

12:59 AM Bug #6690: SURICATA IPS Issue - Kills VLANS & Traffic Shaper

Sandeep K V wrote:
> Hi Steven Kreitzer and Jim Thompson isn't this the expected way the IPS has to work?
No, and... Steven Kreitzer

12:52 AM Bug #6690: SURICATA IPS Issue - Kills VLANS & Traffic Shaper

Hi Steven Kreitzer and Jim Thompson isn't this the expected way the IPS has to work?
Sandeep K V

08/16/2016

01:18 PM Bug #6721: Incorrect OpenBGPd package scripts prevent use of both IPv4 and IPv6

Steps to reproduce:
1. Install the latest OpenBGPd package;
2. Enter the needed settings, adding both IPv4 and IP... Luzemario Dantas

12:50 PM Bug #6721: Incorrect OpenBGPd package scripts prevent use of both IPv4 and IPv6

Please read the title as: Incorrect OpenBGPd package scripts prevent use of both IPv4 and IPv6 - at the same time. Luzemario Dantas

12:40 PM Bug #6721 (Needs Patch): Incorrect OpenBGPd package scripts prevent use of both IPv4 and IPv6

Symtoms of this bug can be seen in the post below:
[[https://forum.pfsense.org/index.php?topic=116900.0]]
To co... Luzemario Dantas

08/13/2016

09:26 PM Bug #6714 (Rejected): diag_testport suggestions and issues

I hope you don't mind that I place multiple things in a single ticket here about diag_testport:
1) can output erro... Jeremy C. Reed

05:54 PM Bug #6707 (Duplicate): diag_smart is broken

Duplicate of #6393
That page needs significant work. Jim Pingle

05:33 PM Bug #6707 (Duplicate): diag_smart is broken

it appears the diag_smart is broken.
For example, its has
$start_script = "/usr/local/etc/rc.d/smartd.sh";
and ... Jeremy C. Reed

08/10/2016

02:34 PM Bug #6690 (Closed): SURICATA IPS Issue - Kills VLANS & Traffic Shaper

Strips 802.1q tagged traffic from an interface when running inline IPS mode.
Traffic shapper no longer works as one ... Steven Kreitzer

08:59 AM Bug #6305: Quagga problems updating routes / mistakenly showing "kernel"-routes while they are not

Someone who can reproduce it reliably needs to get the details of how to reproduce it reported to the Quagga project ... Jim Pingle

08:46 AM Bug #6305: Quagga problems updating routes / mistakenly showing "kernel"-routes while they are not

Any update on the topic? Juri Dmitrijev

08/09/2016

03:55 PM Bug #5749: OpenVPN Export Certs with password, password doesn't open .pk12 container.

I tried using "@" and "." in the password and both worked fine.
Looking at the JS code, it's using the escape() fu... Brian Talbot

12:44 PM Bug #5749: OpenVPN Export Certs with password, password doesn't open .pk12 container.

Is it only "+" that causes a problem or have you tried other special characters as well?
The way the password is s... Jim Pingle

02:45 AM Bug #6129: zabbix agent/proxy 2.4 not ported to pfSense 2.3

I would also like to see it come back. As we can't upgrade all our boxes to pf2.3 in one day we have a problem. 2.3 D... Pim Janssen

08/08/2016

11:19 AM Bug #5749: OpenVPN Export Certs with password, password doesn't open .pk12 container.

Any update on this? I'm having the same issue on 2.3.2. Using openvpn-client-export 1.3.8 (just reinstalled it as wel... Brian Talbot

08:21 AM Bug #6681 (Resolved): Squid local auth password handling is weak and only accepting short passwords

Tested and working here as well Jim Pingle

08:18 AM Bug #6681: Squid local auth password handling is weak and only accepting short passwords

Tested this with a long password that failed in 0.4.21.
Works as expected in 0.4.22. Rejects incorrect password. R... Steve Wheeler

08/07/2016

01:44 PM Bug #6684 (Resolved): Setting IKEv2 Phase 2 in Mobile Config appears to generate invalid Apple Profile

Setting "Phase2 PFS Group - Provide the Phase2 PFS group to clients (overrides all mobile phase2 settings)" in Mobile... Chris Linstruth

08/04/2016

01:25 PM Bug #6511: In some circumstances the HAProxy clone front-end button can add blank list entries to the front end being cloned resulting in a config that cannot be applied.

@Pi Ba
I agree that it should not be possible to end up with empty entries in the config but in the case that someho... Steve Wheeler

12:54 PM Bug #6511: In some circumstances the HAProxy clone front-end button can add blank list entries to the front end being cloned resulting in a config that cannot be applied.

@Steve, the first issue of empty items being added when duplicating should be fixed in next version..
https://github... Pi Ba

12:04 PM Feature #6445 (Rejected): Request: Zabbix 3.0 LTS proxy

Zabbix agent and proxy 3.0 is available on pfSense 2.3. If you see only Zabbix agent or proxy 2.2 or 2.4, you must st... Jim Pingle

11:56 AM Feature #6445: Request: Zabbix 3.0 LTS proxy

Uhm... 3.0.x LTS is in fact the only version available in pfSense 2.3.x packages. Kill Bill

09:45 AM Bug #6681 (Feedback): Squid local auth password handling is weak and only accepting short passwords

I just pushed a fix to change this to SHA512, which is working well even with long passwords (I only tried up to 32 c... Jim Pingle

09:34 AM Bug #6681 (Resolved): Squid local auth password handling is weak and only accepting short passwords

The password handling in squid for local auth is using crypt() with default settings and cutting off passwords short ... Jim Pingle

07:07 AM Bug #6571 (Resolved): NUT service can not start sometimes after boot when SNMP UPS interface is down

Jim Pingle

12:13 AM Bug #6571: NUT service can not start sometimes after boot when SNMP UPS interface is down

This is resolved with version 2.7.4_1 of the nut package. Denny Page

07/31/2016

07:45 AM Bug #6632: siproxd hosts_allow_reg should be configurable

Chris Buechler wrote:
> if you open siproxd on WAN in firewall rules, you get what you're asking for security-wise. ... Kill Bill