pfSense » pfSense Packages

11/26/2016

09:15 PM Bug #6047: syslog-ng does not logrotate

Well, this still does not work properly at least with bzip2, because:... Kill Bill

04:18 PM Bug #6690: SURICATA IPS Issue - Kills VLANS & Traffic Shaper

There's already #6023 for netmap + shaping. Kill Bill

12:21 PM Bug #6964 (Resolved): Host OS Policy Assignment broken when using "Import" or "Aliases" buttons

The policy always gets assigned to the first instance (normally probably WAN) when you either
- use the Import butto... Kill Bill

06:44 AM Bug #6389: Suricata typo under interface rules tab

https://github.com/pfsense/FreeBSD-ports/pull/220 Kill Bill

06:38 AM Bug #5938: Link for Signing up for ETPro account got changed - Suricata

This got broken again. Together with some other cosmetics, this is fixed by https://github.com/pfsense/FreeBSD-ports/... Kill Bill

11/24/2016

12:21 PM Bug #6547: syslog-ng log browser only shows the first few lines

Kinda difficult to come with "pfSense native firewall"-like GUI, considering there's no pattern about what's going to... Kill Bill

11:26 AM Feature #4548: syslog-ng interface doesn't allow rule ordering

See https://github.com/pfsense/FreeBSD-ports/pull/218 Kill Bill

07:22 AM Bug #6492 (Resolved): Syslog-ng configuration file warning is treated as syntax error

Renato Botelho

07:05 AM Bug #6492: Syslog-ng configuration file warning is treated as syntax error

Already fixed by https://github.com/pfsense/FreeBSD-ports/commit/5f79e53dcae89bb185279ba2164a99891bb70dfd Kill Bill

11/22/2016

08:37 AM Feature #6951 (Resolved): Disable Auto Config Backup without uninstalling

The only way to disable the auto config backup package after the credentials have been entered is to uninstall it. Th... Steve Wheeler

08:32 AM Bug #6950 (Resolved): Auto Config Backup always reports success

The 'Backup Now' function always reports 'Backup completed successfully.' even if the backup to the server failed. If... Steve Wheeler

06:44 AM Bug #6410 (Resolved): when PFSENSE after server restart,openvpn+motp not login

Fixed by #6900 Jim Pingle

02:23 AM Bug #6410: when PFSENSE after server restart,openvpn+motp not login

SOLVED: Did update with Version freeradius2 1.7.4 and everything runs fine now Johannes Goldynia

11/21/2016

10:13 AM Bug #6939 (Resolved): HAproxy - backend server list broken with recent 2.3.3 snapshots

Renato Botelho

09:52 AM Bug #6939: HAproxy - backend server list broken with recent 2.3.3 snapshots

Fixed. Dragging below/above the visible window in FW rules works, HAproxy and Status_Traffic_Totals still have the re... Kill Bill

09:50 AM Bug #6939: HAproxy - backend server list broken with recent 2.3.3 snapshots

Applied in changeset pfsense:commit:f6973634c34b34908644e2df17154274d2ab12be. Anonymous

09:40 AM Bug #6939: HAproxy - backend server list broken with recent 2.3.3 snapshots

Applied in changeset pfsense:commit:dd455f50b7be7957428b0733b5b2c93ccba9e284. Anonymous

09:37 AM Bug #6939 (Feedback): HAproxy - backend server list broken with recent 2.3.3 snapshots

The scroll gimmick CSS has been removed from the master CSS file, and added only to firewall_rues.php and firewall_na... Anonymous

11/20/2016

01:02 PM Bug #6948: HAproxy files tab input validation nonsense - impossible to save files

Hmmm... So, that's caused by the bogus empty file at the top, which I never placed there in the first place. NFC how ... Kill Bill

12:56 PM Bug #6948 (Resolved): HAproxy files tab input validation nonsense - impossible to save files

No idea what's this bootstrap nonsense validating where yet again. It is absolutely impossible to input anything ther... Kill Bill

11/19/2016

03:36 PM Bug #6939: HAproxy - backend server list broken with recent 2.3.3 snapshots

I quoted a wrong post, however, both the HAproxy and the Status_Traffic_Totals have been fixed by reverting the offen... Kill Bill

03:05 PM Bug #6939: HAproxy - backend server list broken with recent 2.3.3 snapshots

Kill Bill wrote:
> I'm not one of those bootstrap guys. :/ Perhaps @sbeaver could help. As for excessively wide drop... Kill Bill

11/18/2016

04:08 PM Bug #6939: HAproxy - backend server list broken with recent 2.3.3 snapshots

I'll take care of it Anonymous

03:44 PM Bug #6939: HAproxy - backend server list broken with recent 2.3.3 snapshots

I'm not one of those bootstrap guys. :/ Perhaps @sbeaver could help. As for excessively wide dropdowns, perhaps this ... Kill Bill

03:17 PM Bug #6939: HAproxy - backend server list broken with recent 2.3.3 snapshots

Yah shortening the field lengths would likely help.. but how to do that in a bootstrapped kinda way.?. Pi Ba

02:59 PM Bug #6939: HAproxy - backend server list broken with recent 2.3.3 snapshots

Not sure either, the "port" field could definitely be shrunk quite a bit, for starters, though that'd only mitigate t... Kill Bill

02:36 PM Bug #6939: HAproxy - backend server list broken with recent 2.3.3 snapshots

There used to be a scrollbar.. Thats hidden now by this fix: https://redmine.pfsense.org/issues/6895
Reverting htt... Pi Ba

11/17/2016

02:34 PM Feature #6831: Snort does not support aliases containing FQDN

Reading this would help to understand why it's not supported.
https://forum.pfsense.org/index.php?topic=87211.msg514... Kill Bill

12:55 PM Bug #6939: HAproxy - backend server list broken with recent 2.3.3 snapshots

P.S. Cannot make the window any wider, it's already fullscreen on a full HD monitor, not even F11 helps. :-D Kill Bill

12:54 PM Bug #6939: HAproxy - backend server list broken with recent 2.3.3 snapshots

That's the same image I'm running, so it's most likely a problem with the package in general. It's possible there was... Jim Pingle

12:51 PM Bug #6939: HAproxy - backend server list broken with recent 2.3.3 snapshots

Well, not sure what's current. The box has been upgraded about ~2 hours ago. ... Kill Bill

12:46 PM Bug #6939: HAproxy - backend server list broken with recent 2.3.3 snapshots

Is this still the same on a current snapshot? Is it the same if you force a page reload to clear the cache? Make the ... Jim Pingle

12:29 PM Bug #6939 (Resolved): HAproxy - backend server list broken with recent 2.3.3 snapshots

This definitely used to work, however it got badly broken recently. The SSL checkbox and weight fields are completely... Kill Bill

11/14/2016

03:28 PM Feature #6651: Loopback interfaces

Loopback interfaces are a cisco best practice for GRE/IPSec tunnels. I would use them for site-to-site IPSec as an in... Tom Poole

11/13/2016

11:13 PM Bug #6928: freeRADIUS, logging with "Access-Reject" not work in mysql table radpostauth

for change it - needed uncomment this:
/usr/local/etc/raddb/sites-enabled/default
section post-auth
variable sql
... Konstantin Ab

09:47 PM Bug #6928 (Resolved): freeRADIUS, logging with "Access-Reject" not work in mysql table radpostauth

The table(radpostauth) is recorded only events "Access-Accept".
in the table(radpostauth) needed events "Acces-Reje... Konstantin Ab

05:55 AM Bug #3343: (re)starting freeradius service throws "The command '/usr/local/etc/rc.d/radiusd.sh stop' returned exit code '1', the output was 'radiusd not running?'"

The problem is, that pfSense restarts the packages it self and also calls the restart method of freeradius itself.
... Chris Becker

11/11/2016

07:46 AM Feature #6859 (Resolved): have an includedir by default (sudo package)

Works Jim Pingle

07:27 AM Bug #6900 (Resolved): OpenVPN + OTP auth failure

Works Jim Pingle

07:01 AM Bug #5868 (Resolved): Quagga OSPF Priority value "0" (zero) is being ignored - DR election doesnt work properly.

Feedback from a customer who was hitting this confirmed it's now working. Jim Pingle

07:01 AM Bug #6797 (Resolved): Shared Key Export - just one server in list

Works Jim Pingle

03:08 AM Bug #6736: Snort fails to start after upgrade to 2.3.2-RELEASE

Get the same issue when updateing from pfSense 2.3.1_5 to 2.3.2_1
In my logs when SNORT tries to start I also get:... Diggory Gray

11/10/2016

12:27 PM Bug #4608: squidGuard & pfsense RAM disk compatible

Better fix is in now, see #6878 Jim Pingle

12:27 PM Bug #6279 (Rejected): squidguard blacklist update not working after initial update

Works here, must be something local or site-specific. Jim Pingle

12:23 PM Bug #6878: how to use snort, squid and squid_guard with a ram disk

Each of these changes was made on 2.4 only, as some assumptions were made that could conflict in some cases (e.g. Nan... Jim Pingle

12:23 PM Bug #6878 (Feedback): how to use snort, squid and squid_guard with a ram disk

I pushed a change to teach squidGuard to keep its databases in a persistent directory when /var is in RAM. The files ... Jim Pingle

11:10 AM Bug #6878: how to use snort, squid and squid_guard with a ram disk

Pushed a change for squid to teach clamav to keep its DB in a persistent location if /var is a RAM disk. It doesn't c... Jim Pingle

11/09/2016

03:23 PM Bug #6878: how to use snort, squid and squid_guard with a ram disk

Fixed the snort directories in commit:ce8fedd
Will look into squidGuard soon. Jim Pingle

01:57 PM Bug #6900 (Feedback): OpenVPN + OTP auth failure

The verify script is in @/usr/local/etc/raddb/scripts/otpverify.sh@ on current versions. The FreeRADIUS package code ... Jim Pingle

11/07/2016

02:21 PM Bug #6721: Incorrect OpenBGPd package scripts prevent use of both IPv4 and IPv6

Hi Jim,
Leaving "Listen on IP" blank makes the default IPv4 address "0.0.0.0" to be put on both IPv4 *and IPv6* "l... Luzemario Dantas

11:14 AM Bug #6721 (Needs Patch): Incorrect OpenBGPd package scripts prevent use of both IPv4 and IPv6

Unless there is a compelling need to set it to listen on two specific addresses manually, leave "Listen on IP" blank ... Jim Pingle

09:39 AM Feature #6859 (Feedback): have an includedir by default (sudo package)

Seems useful and was simple to add. I pushed it to the 2.4 version of the package. Jim Pingle

08:20 AM Bug #6867 (Closed): Please update quagga to version 1.1

We'll pick it up naturally when it comes through FreeBSD ports. I don't think it's worth going out of our way to pick... Jim Pingle

05:22 AM Bug #6900 (Resolved): OpenVPN + OTP auth failure

Hi guys. In pfsense 2.3.2 after any changes (firewall rules, reboot, etc...), I cannot access the server via OpenVPN ... Franz Tavers

11/06/2016

12:27 AM Feature #6859: have an includedir by default (sudo package)

Pingle for eval. Jim Thompson

12:26 AM Bug #6867: Please update quagga to version 1.1

Needs serious evaluation first. Jim Thompson

11/05/2016

07:45 AM Feature #6226: Add usb_modeswitch to the pfSense package repo

Has this feature request stalled ?
There is a package that that could handle this, it is only a matter of the corr... Dan Lundqvist

11/04/2016

02:58 PM Bug #6777 (Not a Bug): squid cant redirect ssl website correctly to squidguard error page in a denied category

Jim Pingle

02:56 PM Bug #6777: squid cant redirect ssl website correctly to squidguard error page in a denied category

NOT A BUG.
This is caused by a behavior on Browsers, check this link for more information about it: https://bugzil... Luiz Fernando Cavalcanti

11/02/2016

04:01 PM Bug #6410: when PFSENSE after server restart,openvpn+motp not login

Hello,
this seems to be a solid hazard preventing the use of motp based 2 factor auth.
see also https://forum.pfs... Johannes Goldynia

11/01/2016

01:31 PM Bug #5868 (Feedback): Quagga OSPF Priority value "0" (zero) is being ignored - DR election doesnt work properly.

I pushed a fix for this in package version 0.6.15. Jim Pingle

10/31/2016

03:36 PM Bug #5868 (Confirmed): Quagga OSPF Priority value "0" (zero) is being ignored - DR election doesnt work properly.

Looks like it's a classic case of PHP returning "true" for empty() when passed a string of "0". I'll look into it. Jim Pingle

10/28/2016

06:18 AM Bug #6875: dpinger not switching icmp id automatically

Luiz Otavio O Souza wrote:
> This is the same behaviour of ping (the icmp_id comes from the PID).
>
> So, when yo... Tiziano Bacocco

12:52 AM Bug #6305: Quagga problems updating routes / mistakenly showing "kernel"-routes while they are not

So far the only thing I got from Martin was that -9 is not a nice way to stop quagga and could cause the issues... Al... Reqlez Guy