pfSense » pfSense Packages

05/07/2018

09:31 AM Bug #8501 (Resolved): Incorrect categorization of status/info messages from suricata

Hi, When suricata_check_for_rule_updates.php runs, it unnecessarily logs informational messages as errors - thus caus... Mark Hassman

05/02/2018

07:57 AM Feature #8490: pfSense-pkg-acme: acme_certificates_edit.php - Add ability to specify (vs generate) private key

PR Link: https://github.com/pfsense/FreeBSD-ports/pull/518 Jim Pingle

07:43 AM Feature #8299 (Resolved): acme: ocsp must-staple

This is in the package and working OK now Jim Pingle

05/01/2018

08:04 AM Bug #8491 (Resolved): ACME: DNS-Luadns not working

Hello,
I'm using acme 0.2.8_2 with LuaDNS. If I want to obtain a certificate with the DNS-Luadns method, I should ... Anonymous

04/30/2018

08:14 PM Feature #8490: pfSense-pkg-acme: acme_certificates_edit.php - Add ability to specify (vs generate) private key

Scott Smith wrote:
> * Like other user-entered data, the user-entered _Private Key_ text would be stored in the co... Michael M

04/28/2018

05:29 PM Feature #8490 (Resolved): pfSense-pkg-acme: acme_certificates_edit.php - Add ability to specify (vs generate) private key

I was unable to find a bug/issue/etc on this specific topic, so I'm submitting it as a Feature request.
When a use... Scott Smith

04/26/2018

03:47 PM Bug #8487 (Resolved): pfSense-pkg-acme 0.2.8: dns_acmedns not working because of missing file pkg/acme/dnsapi/dns_acmedns.sh

Fix pushed (plist was missing entries) Jim Pingle

03:25 PM Bug #8487 (Resolved): pfSense-pkg-acme 0.2.8: dns_acmedns not working because of missing file pkg/acme/dnsapi/dns_acmedns.sh

I upgraded pfSense-pkg-acme from 0.2.7 to 0.2.8 to use the new "dns_acmedns" Provider.
But validation failed because... Andreas Heckmann

03:30 PM Bug #6690 (Closed): SURICATA IPS Issue - Kills VLANS & Traffic Shaper

Marking this closed due to lack of feedback. If you believe this should be reopened, please let us know. Anonymous

08:38 AM Bug #8425: telegraf not reporting memory

*Anyone home?!*
https://github.com/pfsense/FreeBSD-ports/pull/517#issuecomment-384642655 Chipster Cuch

04/25/2018

06:15 PM Bug #8438: haproxy: can't use ACL for cert with http-response actions

Another one on the web interface consistency:
There are several different ways how to reorder certain entries depe... Petr H

06:02 PM Bug #8438: haproxy: can't use ACL for cert with http-response actions

One more minor issue:
In the Shared Frontend configuration, the Default Backend option shouldn't be configurable.
... Petr H

11:00 AM Feature #5052 (Feedback): Avahi Proxy Package: Add option to disable/control cache size.

Added to Avahi pkg v 1.12 Jim Pingle

04/24/2018

03:20 PM Bug #8482 (Closed): Reseting states causes ntop-ng to core dump

Almost certainly nothing we can do about a crash of that nature. You'll have to take that up with ntopng and/or FreeB... Jim Pingle

03:17 PM Bug #8482 (Closed): Reseting states causes ntop-ng to core dump

Not sure if this is somewhat expected, but reseting states through the "diagnostics" menu causes ntopng to core dump.... Jon Hayward

07:56 AM Bug #8425: telegraf not reporting memory

*UPDATE*: my changes were committed upstream (https://svnweb.freebsd.org/ports?view=revision&revision=468200).
I h... Chipster Cuch

07:42 AM Bug #8425: telegraf not reporting memory

Telegraf 1.6.1 was released yesterday with the updated godeps that fix various issues. I have submitted my patches up... Chipster Cuch

04/23/2018

07:57 AM Bug #8476: OpenVPN Client Export TLS Key Direction Directive Location

As long as we can prove that change will not negatively impact other clients it should be OK to make that change, but... Jim Pingle

04/21/2018

02:17 PM Bug #8476 (Resolved): OpenVPN Client Export TLS Key Direction Directive Location

pfSense Version: pfSense-CE-memstick-2.4.3-RELEASE-amd64.img.gz ( https://nyifiles.pfsense.org/mirror/downloads/pfS... Joshua Katz

04/20/2018

11:34 AM Feature #8475 (Closed): syslog-ng TLS configuration support

For syslog-ng to use TLS, it needs access to certificates, and in particular CA certs. For the local cert/key I can ... Orion Poplawski

04/19/2018

03:39 PM Bug #6339: OpenVPN Client Export package option for "Use Microsoft Certificate Storage" does not specify which certificate to use

Not sure if it would be easier to implement, but using this works well for me:... Caleb Hornbeck

04/17/2018

04:33 PM Bug #8438: haproxy: can't use ACL for cert with http-response actions

Also:
1. Add "path_dir" to the default list of ACL expressions
2. Your current ACLs are case insensitive (-i) by ... Petr H

06:32 AM Bug #8438: haproxy: can't use ACL for cert with http-response actions

I've got one minor feature proposal:
Notes/Description/Comments for each ACL or action entry
Normally if I'd us... Petr H

07:54 AM Bug #8466 (Resolved): radiusd crash

Radiusd crash when for a user is set a password in plain text containing " (double qoutes)
After this all users get ... Razvan Petrescu

04:31 AM Bug #8425: telegraf not reporting memory

*UPDATE*:
Telegraf 1.6.0 final was released today. I have updated the port accordingly, and it includes the memory p... Chipster Cuch

04/16/2018

12:42 PM Bug #8277 (Resolved): ntopng service fails to start on 2.4.3

Jim Pingle

09:21 AM Bug #8461 (Closed): open-vm-tools : bug with version 2.4.3

The updated port is already on 2.4.4 snapshots, try it there. If it still has issues, you'll need to replicate them o... Jim Pingle

05:54 AM Bug #8461 (Closed): open-vm-tools : bug with version 2.4.3

Hello,
I have a very specific bug that appeared with version 2.4.3.
When uploading a file to pfSense using vmwa... Julien Gormotte

04/15/2018

12:01 PM Feature #8279: Consider adding a new option to the Rule Order

Two more options:
1 - in pfBlockerNG, Rule Order add option - "Do not change (preserve) existing order"
or
... Yuri Weinstein

04/14/2018

10:51 AM Bug #8425: telegraf not reporting memory

FWIW: Here is my @port@ setup for the patched Telegraf fixing the memory issue and addressing the new golang deps for... Chipster Cuch

04/13/2018

04:50 PM Bug #8456 (Resolved): Squid shows Warning on package page after installation

Jim Pingle

04:02 PM Bug #8456: Squid shows Warning on package page after installation

Tested on 2.4.4.a.20180413.1305, fix works. Anonymous

04:08 PM Bug #8425: telegraf not reporting memory

*Update*: I worked with an InfluxData dev on this issue and it's indeed upstream. @gopsutil@[1], a golang dependency ... Chipster Cuch

09:48 AM Bug #8454: Arpwatch package break email notifications from other sources

Makes sense since all that sendmail script does is call the internal mail handling.
I see three options:
1. Chang... Yehuda Katz

08:56 AM Bug #8277 (Feedback): ntopng service fails to start on 2.4.3

Done on 2.4.3 and 2.3.5 Renato Botelho

04/12/2018

01:51 PM Bug #8456 (Feedback): Squid shows Warning on package page after installation

Fix pushed Jim Pingle

01:37 PM Bug #8456 (Resolved): Squid shows Warning on package page after installation

Install 2.4.2 CE, upgrad to latest 2.4.4 snapshot. Install Squid package, visit Services > Squid and the text (Warnin... Anonymous

01:36 PM Bug #8277 (Assigned): ntopng service fails to start on 2.4.3

Since it's OK on 2.4.4, we can copy back the new ntopng to 2.4.3 now Jim Pingle

12:38 PM Bug #8277: ntopng service fails to start on 2.4.3

Tested on 2.4.4.a.20180412.1121, service starts and can be accessed. Anonymous

07:34 AM Bug #8454: Arpwatch package break email notifications from other sources

I wouldn't say those are broken. Those cron notifications didn't work at all without the symlink setup by arpwatch. F... Jim Pingle

07:18 AM Bug #8454 (New): Arpwatch package break email notifications from other sources

Arpwatch replaces /usr/sbin/sendmail with a symlink to a PHP script that specifically mentioned Arpwatch in the messa... Yehuda Katz

04/10/2018

01:08 PM Bug #8440 (Not a Bug): Suricata 4.0.4_1 disablesid.conf does not disable rule?

Jim Pingle

12:58 PM Bug #8440: Suricata 4.0.4_1 disablesid.conf does not disable rule?

This is not a bug. The rule being triggered was a flowbit rule. Therefore, the disablesid.conf could not disable the ... Raffi T

04/09/2018

07:37 PM Bug #8425: telegraf not reporting memory

Can confirm this same behavior. An upstream bug was also filed: https://github.com/influxdata/telegraf/issues/3750 Chipster Cuch

04:01 PM Bug #8438: haproxy: can't use ACL for cert with http-response actions

The haproxy_config_init() is a new function added in the second last commit. Not sure why that wouldn't exist after u... Pi Ba

03:41 PM Bug #8438: haproxy: can't use ACL for cert with http-response actions

Updated and tested all of the above - looks alright.
Only right after the update I encountered one issue:
- I was... Petr H

12:39 PM Bug #8438: haproxy: can't use ACL for cert with http-response actions

Okay 0.56 haproxy-devel package is available now through normal pfSense packages. If you can check 'everything' now w... Pi Ba

12:04 PM Bug #8449: FRR 4.0 zebra daemon crashes

Looks like this isn't just specific to BGP. In the forum thread linked above, it is happening on multiple amd64 VMs t... Jim Pingle

11:44 AM Bug #8449 (Resolved): FRR 4.0 zebra daemon crashes

The zebra daemon in FRR 4.0 won't stay running with a BGP configuration. It crashes on startup. OSPF alone seems to b... Jim Pingle