Activity
From 06/08/2017 to 07/07/2017
07/07/2017
-
03:14 PM Bug #7263 (Resolved): FreeRADIUS - complete lack of input validation
- Seems to be good.
-
- This has been fixed for a while now
07/06/2017
-
- It works fine if you import the chain, see #2800, which would include the case of a public CA (which should still nev...
-
- This has all been removed from FreeRADIUS. Cert handling in FreeRADIUS is 100% done in the Cert Manager now on 2.3.4 ...
07/05/2017
-
02:55 PM Bug #7674 (Resolved): Issue Downloading Snort Alert Log Download
- I have found that I am no longer able to download the Alert Logs from the snort_alerts.php page. I have attempted di...
07/02/2017
-
04:53 PM Bug #7670 (Not a Bug): Bind : Serial for slave zone is missing in IHM
- Using bind as slave server, the page https://localhost:8443/pkg.php?xml=bind_zones.xml does not display the zone seri...
06/30/2017
-
- But we need to have a discussion -- on the forum -- about why that happened before it can be called a bug. The upgrad...
-
01:11 PM Bug #7669: ACME Certificates
- I get that freeradius isn't related to acme. You just rejected the root of my problem which is no CA key for ACME gen...
-
- Please post on a new forum thread and discuss this before opening a bug report. It's possible something else went wro...
-
- version 2.4.0-beta. My letsencrypt certificates are about to expire and my certificates in acme certificates didn't m...
06/28/2017
-
- What can be done, is already there. Splice to see domains or you have to install CA on clients. Post on the forum, do...
-
08:07 AM Todo #7664 (Rejected): https filtering in pfsense without configuring proxy settings in client browser .
- https filtering in pfsense without configuring proxy settings in client web browser .
06/26/2017
-
11:42 AM Bug #7661 (Resolved): pfBlockerNG doesn't make a rule for Antarctica
- If Antarctica entries with a count > 0 are added to the pfBlockerNG GeoIP, there won't be an Antarctica rule created....
-
10:27 AM Todo #7658: BGP support in Quagga
- OK done. Please see https://redmine.pfsense.org/issues/7660
-
- This issue is for BGP only, not other features. Scope creep isn't helpful, that needs to be in a separate feature req...
-
- Right now, in the Quagga GUI, there's a single entry for a CARP address to monitor. If you're adding better GUI supp...
-
- That is unrelated to the topic on this ticket. It would be a separate feature request.
-
- We need to be able to monitor more than one CARP IP for failover. Our config has CARP on the inbound and outbound si...
-
- We need to be able to monitor more than one CARP IP for failover. Our config has CARP on the inbound and outbound sid...
-
03:13 AM Feature #7655: Captive portal and squid non transparent
- I have readed all about that link and sorry, but i don't understand anything ?
06/24/2017
-
- There is a PR to support using it via raw config, but no GUI yet.
https://github.com/pfsense/FreeBSD-ports/pull/356 -
10:07 AM Todo #7658 (Resolved): BGP support in Quagga
- OpenBGPD pkg on pfsense doesn't seem to be up to date for years (since 2012 probably) - a lot of recently (and may be...
-
- UPD: Looks like some commands which are not present in webgui do work when pasting directly in bgp neighbor context i...
-
- Please add "local-as" feature in OpenBGPD webgui "neighbors" tab -> "Neighbor Parameters". This command is described ...
06/23/2017
-
11:32 AM Bug #6129: zabbix agent/proxy 2.4 not ported to pfSense 2.3
- Pim Janssen wrote:
> 4.0 LTS Will be added in september 2017. I think having only LTS releases would be enough.
Y... -
11:27 AM Bug #6129: zabbix agent/proxy 2.4 not ported to pfSense 2.3
- 4.0 LTS Will be added in september 2017. I think having only LTS releases would be enough.
-
- James Lavoy wrote:
> Therefore this change has caused pfSense to be unable to be used as a proxy if someone is using... -
- I apologize, in the future I will be sure to track every version of software released everywhere and update my bug re...
-
- Information in a ticket needs to be precise and specific no matter when it's read. It is unreasonable to expect anyon...
-
- Jim Pingle wrote:
> If that is the case, it was not stated clearly anywhere on the problem description or even in th... -
- If that is the case, it was not stated clearly anywhere on the problem description or even in the comments. Maybe if ...
-
- @Jim
The issue is here because the 3.0 proxy is NOT backwards compatible. For that reason it would be good to have a... -
-
10:26 AM Bug #6129: zabbix agent/proxy 2.4 not ported to pfSense 2.3
- Looks like a done case.
Currently zabbix agent and proxy 3.0 LTS is available in pfsense-2.3
06/21/2017
-
04:18 PM Feature #7655: Captive portal and squid non transparent
- Kindly read https://redmine.pfsense.org/issues/5594#note-11.
-
- Hi.
When we configure squid in non-transparent mode and in the browser we configure the proxy address and the port, ...
06/20/2017
-
- This works for me now. I can browse secure sites through squid HTTPS MITM with Chrome and there are no certificate er...
-
07:20 AM Bug #7654 (Resolved): Can't use a LDAP search filter containing an accent
- Hi,
I use a virtual machine with pfSense 2.3.4 (amd64) with Squid package v0.4.37 (including squid 3.5.26).
I h...
06/19/2017
-
- Packages are up for 2.4 and 2.3.4, 2.3.x snapshots will be up next time a snapshot runs. Test and let us know if it i...
-
-
- I'm getting 3.5.26 pulled into the package branches right now, should be building and up soon.
06/17/2017
-
06:31 AM Bug #7617: OpenBGP not restarting on new WAN IP or firewall reload
- Thank you, again. _shellcmd_ package was the answer.
Perhaps someone could close this now. (I can't see any way t... -
- Yeah I'd say it's no longer needed since WAN IP change will trigger @filter_configure()@ on its own.
-
- Many thanks for that. Tested and works.
I didn't know that _shellcmd_ even had that option. I've never used it b... -
- Phil Biggs wrote:
> The table is successfully reloaded on new WAN IP but it doesn't work after a firewall rule chang... -
- It's a horrible hack but I added a line to openbgpd.inc:...
06/15/2017
-
-
- Workaround is in place and functioning OK. Next HAProxy release will have it included without needing a local patch. ...
06/14/2017
-
- I pushed a change to add more detail to the filename, but I used a different tactic so it will be more accurate.
T... -
- Once FreeBSD figures out a fix it can be pulled in, but a bug like that isn't going to hold up 2.4 since it is specif...
-
10:06 AM Bug #7630: UEFI Booting
- It is actually a FreeBSD bug which I have reported. Happens with many different models of Dell Optiplex's.
Every oth... -
- Jim Pingle wrote:
> We should be able to pull that in unless there is something I'm not seeing. Assigning to Renato ...
06/13/2017
-
- We should be able to pull that in unless there is something I'm not seeing. Assigning to Renato to check it over.
-
04:54 AM Feature #7449: feature request for openvpn-client-export package, add the support for openvpn up and down script, for mapping network drive
- +1 for this!!
We also use connect scripts which we need to add manually after installing the client, would be so n... -
- +1 for this. We're exporting both x86 and x64 versions for each user, because we don't see in advance which os versio...
06/11/2017
-
08:07 PM Bug #7524: Squid MITM/SSL-Bump broken with Chrome due to missing SAN in generated certificates
- ryon m wrote:
> Looks like the Squid developers are getting ready to push v3.5.26, which appears to have a fix for b...
06/09/2017
-
09:34 PM Bug #7630: UEFI Booting
- Dan Collins wrote:
> When trying to boot using UEFI mode, installer hangs at 'Consoles: EFI Consoles'
>
> Using D...
06/08/2017
-
- I need to withdraw this report, assuming my assessment below is correct. Apologies for any effort wasted on this.
... -
- Are you certain that your pfSense installation is current? We ran that same test against a 2.3.4 system with HAProxy ...
-
02:45 PM Bug #7632: CVE-2016-2107 in OpenSSL
- Sorry, I follow what you are saying now!
The SSLLabs test still says that we are vulnerable when we test the site.... -
- We have 2.3.4 in use, hosting a website with HAProxy TLS offload. SSLLabs confirms that it is vulnerable to Oracle P...
-
- FreeBSD patches OpenSSL in its own way, relying on the version number is not accurate to determine vulnerabilities.
... -
- pfSense 2.3.4 uses OpenSSL 1.0.1s which is vulnerable to CVE-2016-2107 Oracle Padding attack. HAProxy TLS terminatio...
Also available in: Atom