Project

General

Profile

Activity

From 12/26/2016 to 01/24/2017

01/24/2017

08:49 AM Bug #6490 (Rejected): Squid Reverse Proxy: Disabling an entry on the "Redirects" tab creates duplicate entries for the previous entry in the squid config
Jim Pingle
08:35 AM Bug #6490: Squid Reverse Proxy: Disabling an entry on the "Redirects" tab creates duplicate entries for the previous entry in the squid config
Cannot reproduce, plus suspect it's more or less a duplicate of another non-reproducible issue filed by the same user... Kill Bill
07:25 AM Bug #7161 (Resolved): pfSense-pkg-bind9 changelog pointing to non-existent location
The changelog link should point to https://github.com/pfsense/FreeBSD-ports/tree/devel/dns/pfSense-pkg-bind9 while it... Kill Bill
07:11 AM Feature #3754 (Closed): Add APC Back-UPS CS to NUT
Jim Pingle
07:08 AM Feature #3754: Add APC Back-UPS CS to NUT
No feedback, related to ancient package version, plus apparently not a pfSense issue either. Retest with current pack... Kill Bill
06:35 AM Bug #5869: Squid non-functional in transparent mode in 2.3
Here’s the mail I got recently for my problem
I was not able to get to these sites at the time of my first post but ... john Smith

01/23/2017

10:22 AM Bug #6350: Auto Config Backup - Uncaught Exception
Steve Beaver wrote:
> Fixed by populating version table when info request fails
I don't remember what package ver... Simon Trigona
09:10 AM Bug #6350 (Feedback): Auto Config Backup - Uncaught Exception
Fixed by populating version table when info request fails Anonymous
09:06 AM Bug #6968 (Rejected): Snort VRT Rules Fail to automatically update SSL read error
Jim Pingle
05:09 AM Bug #6968: Snort VRT Rules Fail to automatically update SSL read error
Upstream server issue, has nothing to do with pfSense. Close please. Kill Bill

01/18/2017

10:26 PM Bug #7127: Authentication fail in AutoConfigBackup package
Confirmed. I just installed version 1.47 and it now works just fine with the mixed case ID. Thanks!!!
... um, y... Brian Davidson
03:32 PM Bug #7130 (Resolved): Lightsquid 3.0.4_2 HTTP 500
Works Jim Pingle
09:51 AM Bug #7130: Lightsquid 3.0.4_2 HTTP 500
I'll grab this back for testing once the new package is available Jim Pingle
09:49 AM Bug #7130 (Feedback): Lightsquid 3.0.4_2 HTTP 500
3.0.4_3 should be fixed Renato Botelho
09:23 AM Bug #7130: Lightsquid 3.0.4_2 HTTP 500
Looks like we're missing the latest change to the Makefile for www/lightsquid from earlier this week, CGI.pm was remo... Jim Pingle
09:17 AM Bug #7130 (Confirmed): Lightsquid 3.0.4_2 HTTP 500
Jim Pingle
01:59 AM Bug #7130 (Resolved): Lightsquid 3.0.4_2 HTTP 500
As title says, when one clicks on Open Lightsquid HTTP error 500 appers. Greg M

01/17/2017

09:41 PM Bug #7127 (Resolved): Authentication fail in AutoConfigBackup package
Had confirmation from others internally that it worked on the new version with mixed case login names. Jim Pingle
11:04 AM Bug #7127 (Feedback): Authentication fail in AutoConfigBackup package
I pushed a fix for this just now. Once version 1.47 shows up for you, reinstall and test it again.
https://github.... Jim Pingle
12:49 PM Bug #6603 (Confirmed): pfblockerng's Unbound modifications leave system broken post-config restore
Jim Pingle
12:42 PM Bug #6603: pfblockerng's Unbound modifications leave system broken post-config restore
Definitely wrong ticket reference in the above commit. Kill Bill
12:40 PM Bug #6603 (Feedback): pfblockerng's Unbound modifications leave system broken post-config restore
Applied in changeset pfsense:commit:5280fd8d21c71c6997e1855f8b96265bd81ccb99. Renato Botelho

01/16/2017

11:54 AM Bug #7127 (Resolved): Authentication fail in AutoConfigBackup package
When I sign in to the PFSense Gold web portal, I enter my ID as mix of upper and lower case letters: BrianKDav. To ... Brian Davidson

01/15/2017

10:43 PM Feature #6022: Consider MLVPN for bonded VPN
There appears to be a port for MLVPN now:
https://www.freshports.org/net/mlvpn/
This could be used as a basis for... Adam Gibson
02:53 PM Feature #4461: Squid options too late in squid.conf
See... Volker Kuhlmann
02:44 PM Feature #4461 (Rejected): Squid options too late in squid.conf
Jim Pingle
02:43 PM Feature #4461: Squid options too late in squid.conf
No such luck needed, said deficient software is no longer involved, and no loss for me, no-one would have done anythi... Volker Kuhlmann
02:24 PM Feature #4461: Squid options too late in squid.conf
Thanks for "feedback". Pull requests go to https://github.com/pfsense/FreeBSD-ports/, good luck. Kill Bill
02:08 PM Feature #4461: Squid options too late in squid.conf
Services like plesk control panels do not run on a standard SSL port like 443. Rather than opening several other port... Volker Kuhlmann
07:41 AM Feature #4461 (Feedback): Squid options too late in squid.conf
Jim Pingle
02:50 AM Feature #4461: Squid options too late in squid.conf
I have hard time understanding what kind of exceptions is being requested here or what's being used by the OP that's ... Kill Bill
09:18 AM Feature #556 (Resolved): siproxd: add carp virtual IPs as interface candidates
Config looks right now Jim Pingle
04:16 AM Bug #5594: Captive portal patch does not work anymore
Orsiris de Jong wrote:
> Anyone willing to update the patch ?
Updating the patch is a waste of time. If such func... Kill Bill

01/14/2017

11:00 AM Feature #556: siproxd: add carp virtual IPs as interface candidates
Good catch, thanks. Kill Bill
09:42 AM Feature #556: siproxd: add carp virtual IPs as interface candidates
The PR was close but it needed some backend changes as well, otherwise it was putting blank values in the configurati... Jim Pingle
10:11 AM Feature #3303 (Resolved): Allow quagga ospf stub, not so stub and totally stub areas
Seems to work Jim Pingle
09:20 AM Feature #7000: ntopng historical data needs to be reworked
PR to hide this defunct stuff from GUI meanwhile: https://github.com/pfsense/FreeBSD-ports/pull/255 Kill Bill
08:57 AM Bug #4736 (Resolved): ladvd crashes, dumps core
Problem on the ticket no longer happens, anything else belongs on a new ticket. Closing. Jim Pingle
08:57 AM Bug #6346 (Rejected): Squid Proxy Server Service randomly stops
Jim Pingle
08:56 AM Bug #5534 (Resolved): Captive Portal stop sending accounting updates to free radius
Unable to reproduce, lack of feedback, closing. Jim Pingle
08:55 AM Bug #5614 (Resolved): mailreport - emails are going out when manually triggered, but not via cron
Unable to reproduce, lack of feedback, closing. Jim Pingle
08:09 AM Feature #4752 (Feedback): SQUID. Exception for speed limits
Jim Pingle
08:03 AM Feature #4752: SQUID. Exception for speed limits
Merged; test please and report back. Kill Bill
08:08 AM Feature #6965 (Resolved): suricata + snort - making custom passlist additive to the default one
Jim Pingle
08:05 AM Feature #6965: suricata + snort - making custom passlist additive to the default one
Apparently the issue was not with the package, nested aliases now work. Close please. Kill Bill
01:42 AM Feature #5052: Avahi Proxy Package: Add option to disable/control cache size.
This has a target version of 2.4.0 - is that really intended? Phillip Davis

01/13/2017

12:41 PM Bug #5524 (Resolved): bind package is patching /etc/inc/system.inc (syslog configuration)
Jim Pingle
12:14 PM Bug #6527 (Resolved): Squid 3.5 - Deprecated "ssl_bump server-first all" don't allow SNI in transparent mode with HTTPS/SSL Interception
Jim Pingle
12:14 PM Feature #6593 (Resolved): squid: allow user to configure DH key size, SINGLE_DH_USE, NO-SSLv3, Cipher-Suites - performance improvement hint
Jim Pingle
12:14 PM Bug #6592 (Resolved): squid does NOT use EDH and EECDH cipher suites because "tls-dh" is not configured and so these ciphers are silently dropped - see squid documentation
Jim Pingle
09:06 AM Todo #7055: Update OpenVPN Client Export package with OpenVPN 2.4
If you checked "push compression to the client" then the server will push the setting to the client and it shouldn't ... Jim Pingle
09:03 AM Todo #7055: Update OpenVPN Client Export package with OpenVPN 2.4
Jim - unknown if this is expected behavior, but the Client Export does not put compression settings in the client fil... Jeff Wischkaemper
08:49 AM Todo #7055 (Resolved): Update OpenVPN Client Export package with OpenVPN 2.4
Works fine. Jim Pingle

01/11/2017

08:18 PM Bug #7114: OpenBGP - remote syslog output incomplete
Thanks, Jim.
Confirmed with WireShark to be a limitation of free Kiwi syslog server.
Phil Biggs
07:49 PM Bug #7114 (Rejected): OpenBGP - remote syslog output incomplete
Remote syslog server data is sent immediately as the log entries happen. There are no limits imposed on the data, it ... Jim Pingle
07:33 PM Bug #7114 (Rejected): OpenBGP - remote syslog output incomplete
2.3.2-RELEASE-p1 (full install).
I have a table which is updated via OpenBGP and currently contains more than 90... Phil Biggs

01/10/2017

08:56 AM Bug #7104: Rules created by traffic shaper wizard dont do anything
Jim if you want to test these new findings up to you but here is an update.
I have discovered the match rules crea... Chris Collins
06:57 AM Bug #7109: Squid 0.4.29_1 not Exist
Tank you,
now all is ok Claudio Berselli
06:52 AM Bug #7109 (Rejected): Squid 0.4.29_1 not Exist
This sort of error will clear up on its own after a few moments, or run "pkg update -f" if it keeps happening.
Whe... Jim Pingle
06:45 AM Bug #7109 (Rejected): Squid 0.4.29_1 not Exist
If tray to install Squid 0.4.29_1 I have this error:... Claudio Berselli
06:50 AM Bug #6878: how to use snort, squid and squid_guard with a ram disk
The thinking was: Without NanoBSD, more people will be running a full install on unreliable media like CF/SD, so we n... Jim Pingle
04:24 AM Bug #6878: how to use snort, squid and squid_guard with a ram disk
Jim Pingle wrote:
> Seems to be working.
Yeah, this seems to be working, except that noone is getting the fixes. ... Kill Bill

01/09/2017

10:06 PM Bug #6305: Quagga problems updating routes / mistakenly showing "kernel"-routes while they are not
Affected me too. I tried settings with OpenVPN server + OpenVPN client.
Both:
Pfsense 2.3.2-RELEASE-p1
Quagga_OS... winmasta winmasta
07:55 PM Bug #7107: IPv6 blocklists generate IPv4 auto-rules
I'll wait for a confirmed fix for the 'vtype' bug. The aliases are working fine for me, especially since I really on... John Silva
07:44 PM Bug #7107: IPv6 blocklists generate IPv4 auto-rules
*Update:* Its going to be a little more involved to fix this issue... Best to use "Alias type" rules, until the next... BBcan177 .
07:22 PM Bug #7107: IPv6 blocklists generate IPv4 auto-rules
Thanks for the report... I can confirm that there is a bug for the IPv6 Tab. The GeoIP tab doesn't have this issue th... BBcan177 .
06:32 PM Bug #7107: IPv6 blocklists generate IPv4 auto-rules
Yes. I configured the list in the IPv6 tab of pfBlockerNG. When "List Action" is set to "Deny Both" the firewall ru... John Silva
06:21 PM Bug #7107: IPv6 blocklists generate IPv4 auto-rules
Did you add these Lists in the IPv6 pfBlockerNG Tab? BBcan177 .
05:35 PM Bug #7107 (Resolved): IPv6 blocklists generate IPv4 auto-rules
I set up some IPv6 blocklists with pfblocker and noticed that the autorules it created were created as IPv4 protocol ... John Silva
08:34 AM Bug #7104: Rules created by traffic shaper wizard dont do anything
I did not explain how they work because this is not a support system, nor is it a discussion platform. All of this be... Jim Pingle
08:32 AM Bug #7104: Rules created by traffic shaper wizard dont do anything
Jim Pingle wrote:
> The forum is the best place to discuss this until a real bug is identified. It is not about keep... Chris Collins

01/08/2017

04:57 PM Bug #7104: Rules created by traffic shaper wizard dont do anything
Yeah exactly, this is to file bug reports. Not "ooops something somehow won't work for me, definitely must be a bug" ... Kill Bill
04:54 PM Bug #7104 (Rejected): Rules created by traffic shaper wizard dont do anything
The forum is the best place to discuss this until a real bug is identified. It is not about keeping ticket counts dow... Jim Pingle
04:43 PM Bug #7104: Rules created by traffic shaper wizard dont do anything
Kill Bill wrote:
> May I suggest using https://forum.pfsense.org/index.php?board=26.0 until you have a *real* bug? '... Chris Collins
04:42 PM Bug #7104: Rules created by traffic shaper wizard dont do anything
I see match mentioned on this page https://home.nuug.no/~peter/pf/en/altqintro.html
But FreeBSD never updated PF t... Chris Collins
04:38 PM Bug #7104: Rules created by traffic shaper wizard dont do anything
May I suggest using https://forum.pfsense.org/index.php?board=26.0 until you have a *real* bug? 'cos this one ain't a... Kill Bill
04:26 PM Bug #7104: Rules created by traffic shaper wizard dont do anything
Ok some more information. Step by step of my diagnostics.
1 - Run the wizard and choose the first option, keep as... Chris Collins
04:12 PM Bug #7104 (Rejected): Rules created by traffic shaper wizard dont do anything
The rules are created as match rules which is not passing them onto the specific queue.
I am talking about the rul... Chris Collins
03:05 PM Feature #4752: SQUID. Exception for speed limits
This is what 'Unrestricted IPs' on the ACLs tab was intended for; except that it never worked due a wrong check. Fixe... Kill Bill
11:06 AM Bug #7103 (Rejected): Security issue regarding traffic shaper created by wizard
There is no security issue except the one you made by changing the rules. If there is a problem with the shaper rules... Jim Pingle
11:04 AM Bug #7103 (Rejected): Security issue regarding traffic shaper created by wizard
So take this into consideration
The default dns resolver settings listen on "all" interfaces.
If I follow the... Chris Collins

01/06/2017

11:51 AM Todo #7055 (Feedback): Update OpenVPN Client Export package with OpenVPN 2.4
This is now live for 2.3.2_1 users as well. What little feedback I received was positive. We'll move forward from her... Jim Pingle

01/05/2017

04:09 PM Bug #7087 (Rejected): DNSBL service does not start
Is pfBlocker actually installed, enabled, and properly configured?
Please post on the forum in the pfBlockerNG boa... Jim Pingle
03:51 PM Bug #7087: DNSBL service does not start
Other errors:... Brenden Smerbeck
03:48 PM Bug #7087 (Rejected): DNSBL service does not start
Noticed this while configuring 2.4. dnsbl service does not start, and the .pid file has no value. Brenden Smerbeck
07:49 AM Bug #6950 (Resolved): Auto Config Backup always reports success
Renato Botelho
04:04 AM Bug #6950: Auto Config Backup always reports success
Works (at least for cases where write_config() returns false, and there's not really much else that could be done here.) Kill Bill
06:17 AM Feature #6951 (Resolved): Disable Auto Config Backup without uninstalling
Renato Botelho
04:01 AM Feature #6951: Disable Auto Config Backup without uninstalling
Merged and works, can be closed. Kill Bill

01/04/2017

11:16 PM Todo #7055: Update OpenVPN Client Export package with OpenVPN 2.4
I just pushed this to 2.3.3 as well for more testing. Jim Pingle
07:58 AM Todo #7055: Update OpenVPN Client Export package with OpenVPN 2.4
A new version of OpenVPN client export for pfSense 2.4 with OpenVPN 2.4 is up now for testing.
Key changes:
* Ope... Jim Pingle
12:13 PM Bug #6527 (Feedback): Squid 3.5 - Deprecated "ssl_bump server-first all" don't allow SNI in transparent mode with HTTPS/SSL Interception
PR has been merged to 2.4.0 and 2.3.3 snapshots Renato Botelho

01/03/2017

01:03 PM Bug #6987: ntopng needs Google API key for GeoIP map
It is working on 2.3.3 snapshots as well. Kill Bill
11:21 AM Bug #6987: ntopng needs Google API key for GeoIP map
Thanks, that's the information I was missing.
 Stuart Wyatt
08:29 AM Bug #6987: ntopng needs Google API key for GeoIP map
ntopng 2.4 is available on pfSense 2.4, and it works there. If/when the package is updated on other branches it will ... Jim Pingle
08:16 AM Bug #6987: ntopng needs Google API key for GeoIP map
The bug referenced the need for ntopng version 2.4 to resolve the problem, so why is it being closed when version 2.2... Stuart Wyatt
05:28 AM Bug #6987 (Closed): ntopng needs Google API key for GeoIP map
Renato Botelho
03:46 AM Bug #6987: ntopng needs Google API key for GeoIP map
Apparently no patching required with ntopng-2.4.2016.10.14 - you can configure the API key in Preferences - Users - G... Kill Bill
03:49 AM Bug #7067: usbhid-ups - no such file or directory
There is no such thing needed, simply reboot after installing the package. Kill Bill

01/02/2017

10:42 AM Bug #7067 (Closed): usbhid-ups - no such file or directory
After installing NUT and connecting a generic (Costco) CyberPower UPS, I receive the following error in the log:
u... Karl Janus

12/30/2016

07:40 AM Todo #7055 (Resolved): Update OpenVPN Client Export package with OpenVPN 2.4
OpenVPN 2.4 has made a few changes to the Windows installer that may need accounting for. See https://community.openv... Jim Pingle

12/29/2016

12:33 PM Feature #6831: Snort does not support aliases containing FQDN
Keeping it opened for reference but I'm not sure if Bill Meeks will implement it based on his comments on the forum t... Renato Botelho
05:58 AM Bug #7049 (Rejected): Problema No Limiter Com Proxy Transparente 2.4 Beta
After talk with Nelson on facebook he agreed to open a new ticket in english Renato Botelho

12/28/2016

06:43 PM Bug #7049 (Rejected): Problema No Limiter Com Proxy Transparente 2.4 Beta
boa noite, estou tendo problemas no limiter funcionando com proxy transparente, nas versões acima da 2.1.5, todas tes... Nelson Junior
01:40 PM Bug #7048: Add IPv6 support to squid
Squid's own capabilities mean nothing here. You need support in the underlying OS to work with. Even if I made all th... Kill Bill
01:32 PM Bug #7048: Add IPv6 support to squid
Regarding the comment, "The NAT used for transparent IPv4 proxy won't work, and there's nothing to hook into regardin... Matthew Hall
01:25 PM Bug #7048: Add IPv6 support to squid
A couple of notes on this: The only part of Squid working with IPv6 is the reverse proxy (though, that's not advertis... Kill Bill
01:11 PM Bug #7048: Add IPv6 support to squid
Corrected subject - This is not a "bypass" in the way that is stated. The squid package only supports IPv4 currently.... Jim Pingle
01:03 PM Bug #7048 (Resolved): Add IPv6 support to squid
Missing IPv6 support in the squid package allows traffic to escape intended inspection and apparently also the firewa... Matthew Hall
07:58 AM Bug #7028: Squid - all javascript broken by bootstrap conversion
Steve Beaver wrote:
> Right. It is not "A new bug", it is the original bug that has just been fixed.
https://gith... Luiz Gustavo S. Costa
07:56 AM Bug #7028: Squid - all javascript broken by bootstrap conversion
Right. It is not "A new bug", it is the original bug that has just been fixed. Anonymous
07:49 AM Bug #7028: Squid - all javascript broken by bootstrap conversion
None of those fixes are in 2.3.2 so it's just pointless to test anything there. Kill Bill
07:36 AM Bug #7028: Squid - all javascript broken by bootstrap conversion
A new bug is revelead, see:
!http://i.imgur.com/U6Ggy4d.png!
The syntax is duplicated.
New installation from... Luiz Gustavo S. Costa

12/27/2016

06:21 PM Bug #6527: Squid 3.5 - Deprecated "ssl_bump server-first all" don't allow SNI in transparent mode with HTTPS/SSL Interception
https://github.com/pfsense/FreeBSD-ports/pull/242
Kindly test and report back either here, and/or @ https://forum.... Kill Bill
02:47 PM Bug #7017 (Resolved): Squid NT Domain authentication is broken
Renato Botelho
02:19 PM Bug #7017: Squid NT Domain authentication is broken
Broken feature gone -> can be closed. Thanks. Kill Bill
06:35 AM Bug #7017 (Feedback): Squid NT Domain authentication is broken
PR has been merged, thanks! Renato Botelho
06:36 AM Feature #6593 (Feedback): squid: allow user to configure DH key size, SINGLE_DH_USE, NO-SSLv3, Cipher-Suites - performance improvement hint
PR has been merged, thanks! Renato Botelho
06:36 AM Bug #6592 (Feedback): squid does NOT use EDH and EECDH cipher suites because "tls-dh" is not configured and so these ciphers are silently dropped - see squid documentation
PR has been merged, thanks! Renato Botelho

12/26/2016

05:05 PM Feature #2133 (Closed): Add ET's SidReporter to snort package
Jim Pingle
04:55 PM Feature #2133: Add ET's SidReporter to snort package
Cannot be downloaded anywhere, another thing killed by Proofpoint.
Close please. Kill Bill
07:54 AM Bug #6592: squid does NOT use EDH and EECDH cipher suites because "tls-dh" is not configured and so these ciphers are silently dropped - see squid documentation
https://github.com/pfsense/FreeBSD-ports/pull/241
 Kill Bill
07:54 AM Feature #6593: squid: allow user to configure DH key size, SINGLE_DH_USE, NO-SSLv3, Cipher-Suites - performance improvement hint
https://github.com/pfsense/FreeBSD-ports/pull/241
Added options matching the reverse proxy options (modern/interme... Kill Bill
06:50 AM Bug #6636 (Resolved): Squid Reverse Proxy with Additional IP and compatibility="Intermediate" writes bad squid.conf
Renato Botelho
05:23 AM Bug #6636: Squid Reverse Proxy with Additional IP and compatibility="Intermediate" writes bad squid.conf
Works. Kill Bill
02:38 AM Bug #7039 (Feedback): HAProxy backend configuration does not handle intermediate CAs properly
In HAProxy backend settings, when configuring a server, there is the option to have it validate SSL certificates agai... Stéphane Lapie
 

Also available in: Atom