Project

General

Profile

Activity

From 06/29/2020 to 07/28/2020

07/28/2020

03:27 AM Bug #10791 (New): Valid (vlan)interfaces do not get vif reporting "Invalid phyint address"
Hello,
PIMD still not properly working. So I opened tow FeeBSD Bugs. This one is FreeBSD bug 248103.
Also see ht... Louis B
03:12 AM Bug #10692: PIMD starts twice at boot
Despite that this issue has state "Fixed". it is _*not fixed at all !!*_ So please "reopen" this bug! Louis B

07/27/2020

11:53 AM Feature #10789 (Feedback): FRR integrated configuration and hitless reloads
Convert FRR to use an integrated configuration file and use frr-reload where possible for hitless configuration chang... Ben Hughes
07:43 AM Bug #10788 (Rejected): ntopng not displaying graphs correctly. Bottom of graphs getting cut off.
That's an issue between ntopng and your browser, not in code we have any control over. If you can still reproduce it ... Jim Pingle

07/26/2020

11:43 AM Bug #10788 (Rejected): ntopng not displaying graphs correctly. Bottom of graphs getting cut off.
ntopng graphs are getting cut off where I can not see the time on historical graphs.
To duplicate, I go to Hosts M... Hector Gongora

07/24/2020

09:09 AM Feature #10785 (Pull Request Review): Allow Setting of ldapcachetime
Jim Pingle
09:01 AM Feature #10785: Allow Setting of ldapcachetime
OK, done:
https://github.com/pfsense/FreeBSD-ports/pull/913 Jan Wenzel
08:01 AM Feature #10785: Allow Setting of ldapcachetime
Please create a pull request in github, that process is much easier for us to review and approve for inclusion. Thanks! Jim Pingle
07:55 AM Feature #10785 (Resolved): Allow Setting of ldapcachetime
We're using Squid/Squidguard with many (!) ldap based group filters.
This does not scale because squidguard does n... Jan Wenzel

07/22/2020

01:44 PM Bug #10771 (Pull Request Review): arpwatch: option to not send hourly email notification on cron run
Jim Pingle
05:59 AM Bug #10771: arpwatch: option to not send hourly email notification on cron run
Fix:
https://github.com/pfsense/FreeBSD-ports/pull/912
see also #8454 Viktor Gurov
01:44 PM Bug #10770 (Pull Request Review): arpwatch: cannot remove email once it has been entered into settings
Jim Pingle
05:58 AM Bug #10770: arpwatch: cannot remove email once it has been entered into settings
Fix:
https://github.com/pfsense/FreeBSD-ports/pull/912 Viktor Gurov
01:37 PM Feature #10779 (Pull Request Review): HAProxy SSL/TLS Compatibility Mode
Jim Pingle
02:05 AM Feature #10779: HAProxy SSL/TLS Compatibility Mode
https://github.com/pfsense/FreeBSD-ports/pull/911 Viktor Gurov
09:07 AM Bug #10783 (Closed): NtopNG is very unstable on arm64
NtopNG will start and run after being initially configured even though this error:... Steve Wheeler

07/20/2020

02:02 PM Bug #10775 (Pull Request Review): pfblockerNG SBL_ADs and hpHosts are not reachable anymore
Jim Pingle
03:57 AM Bug #10775: pfblockerNG SBL_ADs and hpHosts are not reachable anymore
*Remove:*
Abuse Ransomware Tracker:... Viktor Gurov
01:46 AM Bug #10775: pfblockerNG SBL_ADs and hpHosts are not reachable anymore
Comments:
https://forums.malwarebytes.com/topic/258056-hosts-filenet-domain-lists-are-broken-what-happened/
https:/... Viktor Gurov
02:01 PM Feature #10769 (Pull Request Review): Prevent users from creating new ACMEv1 keys
Jim Pingle
12:02 PM Feature #10779 (Resolved): HAProxy SSL/TLS Compatibility Mode
Allow to select SSL/TLS Compatibility Mode in the same manner as Squid SSL Proxy Compatibility Mode option.
Interm... Viktor Gurov

07/19/2020

05:48 AM Bug #10775 (Resolved): pfblockerNG SBL_ADs and hpHosts are not reachable anymore
Following entries of pfblockerNG pkg are not reachable for a long time, we have some tickets and also I can see some ... Constantine Kormashev
03:55 AM Bug #10692: PIMD starts twice at boot
As allready reported startup behavoir is not yet ok (pimd starting *5 times !!*). Hereby some info form today bootlog... Louis B

07/17/2020

09:27 AM Feature #10769: Prevent users from creating new ACMEv1 keys
https://github.com/pfsense/FreeBSD-ports/pull/908 Viktor Gurov
07:00 AM Bug #10768 (Rejected): Squidguard overwrites Advanced Config from Squid Proxy in HA Configurations
+ squidGuard doesn't remove Custom Options (Before Auth), Custom Options (After Auth) and Custom Options (SSL/MITM) Viktor Gurov
06:16 AM Bug #10771 (Resolved): arpwatch: option to not send hourly email notification on cron run
dirty workaround by editing /usr/local/arpwatch/sendmail_proxy.php
< if (false !== $message) {
> if ((false !==... IT IGP
06:10 AM Bug #10770 (Resolved): arpwatch: cannot remove email once it has been entered into settings
there is currently no way to disable email notifications once you have enabled them by entering a email adress. you s... IT IGP

07/16/2020

11:33 AM Bug #10768: Squidguard overwrites Advanced Config from Squid Proxy in HA Configurations
> If you are using a PFsense HA configuration with a virtual HA_IP, you have to add these HA virtual IP to the advanc... Viktor Gurov
10:47 AM Bug #10768 (Rejected): Squidguard overwrites Advanced Config from Squid Proxy in HA Configurations
If you are using a PFsense HA configuration with a virtual HA_IP, you have to add these HA virtual IP to the advanced... Andreas Tillwicks
11:29 AM Feature #10769 (Resolved): Prevent users from creating new ACMEv1 keys
It's better to prevent users from creating new ACMEv1 keys in order to avoid errors, such as:... Viktor Gurov
09:07 AM Bug #10763 (Feedback): Incorrect link to frr_bgp.xml
PR has been merged. Thanks! Renato Botelho
09:07 AM Feature #9913 (Feedback): Adding note Squid Traffic Managment Settings about feature limit
PR has been merged. Thanks! Renato Botelho
02:39 AM Bug #10692: PIMD starts twice at boot
I did retest today e.g. using a clean install. Still bizar how many times pimd is started and stopped during boot. On... Louis B
12:06 AM Bug #10767 (Rejected): squidGuard still not upgrading
stop Squid service first,
then ... Viktor Gurov

07/15/2020

10:50 PM Bug #10767 (Rejected): squidGuard still not upgrading
Just upgraded squid to 0.4.44_29, it did not confirm a successful upgrade as I am used to but after a reboot it showe... Marcel Beerli
07:48 AM Feature #9913 (Pull Request Review): Adding note Squid Traffic Managment Settings about feature limit
Jim Pingle
07:19 AM Feature #9913: Adding note Squid Traffic Managment Settings about feature limit
https://github.com/pfsense/FreeBSD-ports/pull/906 Viktor Gurov
07:41 AM Bug #10763 (Pull Request Review): Incorrect link to frr_bgp.xml
Jim Pingle
02:24 AM Bug #10763: Incorrect link to frr_bgp.xml
https://github.com/pfsense/FreeBSD-ports/pull/904 Viktor Gurov
02:22 AM Bug #10763 (Resolved): Incorrect link to frr_bgp.xml
If you are trying to access the menu item Services / FRR BGP, for example, from Services / Snort / Interfaces,
you'l... Viktor Gurov
07:29 AM Bug #10764 (Not a Bug): FRR 0.6.7_1 does not work
That message is not a bug, it's output from the FreeBSD package installation and can be ignored. If you have a proble... Jim Pingle
07:24 AM Bug #10764 (Not a Bug): FRR 0.6.7_1 does not work
After update to FRR 0.6.7_1 ospf stop working
Message from frr7-7.3.1:
--
FRR's OSPF daemons tries to allocate... Ilian Cheneshev
06:37 AM Bug #10445: BIND crashed when added RPZ. rpz is not a master or slave zone.
Typo fix:
https://github.com/pfsense/FreeBSD-ports/pull/905 Viktor Gurov
06:20 AM Feature #10619: Various FRR enhancements
Ben Hughes wrote:
> Yes I had a look back at the FRR commit history and found only that as well.
>
> It will fai... Renato Botelho

07/14/2020

02:04 PM Feature #10619: Various FRR enhancements
Yes I had a look back at the FRR commit history and found only that as well.
It will fail to start complaining ab... Ben Hughes
01:12 PM Feature #10619: Various FRR enhancements
Ben Hughes wrote:
> Argh i've had a bit of a freudian slip there, I meant @libunwind@.
What is the error you see ... Renato Botelho
11:48 AM Feature #10619: Various FRR enhancements
Argh i've had a bit of a freudian slip there, I meant @libunwind@. Ben Hughes
11:47 AM Feature #10619: Various FRR enhancements
Ben Hughes wrote:
> No problem, glad to get it in there!
>
> I've just been re-reviewing this looking forward to ... Renato Botelho
09:42 AM Feature #10619: Various FRR enhancements
No problem, glad to get it in there!
I've just been re-reviewing this looking forward to getting off my custom pac... Ben Hughes
08:09 AM Feature #10619 (Feedback): Various FRR enhancements
PR has been merged. Thanks! Renato Botelho
01:33 PM Bug #10692: PIMD starts twice at boot
I just did a clean install (built on Tue Jul 14 09:23:16 EDT 2020) and PIMD 0.03 Significant issues left, but the boo... Louis B
11:24 AM Bug #10741 (Closed): Fails with CARP VIP Status - SQUID
Viktor Gurov
11:12 AM Bug #10741: Fails with CARP VIP Status - SQUID
Thiago Orico wrote:
> adjusted the setting and it looks like it worked.
>
> We will monitor new tests.
Case so... Thiago Orico
07:15 AM Bug #10507 (Feedback): Unable to use forwarders
PR has been merged. Thanks! Renato Botelho
06:24 AM Bug #10697 (Resolved): Missing New Line After NCP Parameter in Client Config
1.4.23_1, fixed:... Viktor Gurov

07/13/2020

08:35 PM Feature #10421 (Resolved): suricata unix_stream support for telegraf
Jim Pingle
07:41 PM Feature #10421: suricata unix_stream support for telegraf
Support for the requested feature has been added to the latest version of the Suricata GUI package, version 5.0.3. Th... Bill Meeks
08:35 PM Bug #10751 (Resolved): Incorrect syslog() params on Suricata 5 pkg
Jim Pingle
07:39 PM Bug #10751: Incorrect syslog() params on Suricata 5 pkg
This bug has been corrected in the latest version of the Suricata GUI package, version 5.0.3. The pull request has be... Bill Meeks
01:53 PM Bug #10741: Fails with CARP VIP Status - SQUID
adjusted the setting and it looks like it worked.
We will monitor new tests. Thiago Orico
01:14 PM Bug #10741: Fails with CARP VIP Status - SQUID
Symptoms persist.
Details:
inside the squid packet, the advanced rule of port 3128 of the proxy does not automa... Thiago Orico

07/12/2020

02:07 PM Feature #10761: Multiple domains in one SAN entry would be very useful
Thanks Jim, I used the wrong terminology re domains/SANs.
The intention is still valid - would be good to have a s... Eduard Rozenberg
12:57 PM Feature #10761 (Rejected): Multiple domains in one SAN entry would be very useful
That's not how Let's Encrypt/ACME works. Let's Encrypt must verify all entries separately. There is no way to put all... Jim Pingle
12:48 PM Feature #10761: Multiple domains in one SAN entry would be very useful
For now I just gave up and used a wildcard, let the hackers have at it. Eduard Rozenberg
12:46 PM Feature #10761: Multiple domains in one SAN entry would be very useful
I was referring to multiple domains inside a *single* SAN - otherwise the same DNS keys, API tokens, etc are copied m... Eduard Rozenberg
12:40 PM Feature #10761: Multiple domains in one SAN entry would be very useful
Hello -
Please post to the forum for assistance. There is an ACME-specific category at https://forum.netgate.com/c... Chris Linstruth
12:22 PM Feature #10761 (Rejected): Multiple domains in one SAN entry would be very useful
In the Domain SAN list, I'm not currently able to add multiple domains in the 'Domainname' box, for ex. cannot use:
... Eduard Rozenberg

07/11/2020

04:53 PM Bug #10760: pfSense BIND 9.14.12 server terminates due to assertion failure
Secondary question, is there is method to configure pfSense to auto-restart named on failure? Jeffrey Altman
04:34 PM Bug #10760: pfSense BIND 9.14.12 server terminates due to assertion failure
The assertion failure is in ns_client_error() which means that its impossible to file a reasonable report upstream wi... Jeffrey Altman
04:02 PM Bug #10760 (New): pfSense BIND 9.14.12 server terminates due to assertion failure
BIND is periodically terminating and not automatically restarted. The system log shows:
Jul 6 13:13:21 named 6... Jeffrey Altman
12:51 PM Feature #6831: Snort does not support aliases containing FQDN
It can be a one-time name resolution, like HAproxy ACL (network/url/urltable aliases),
see #9793 for example Viktor Gurov
12:33 PM Bug #10647 (Resolved): FRR BGP Advanced > Aggregated Addresses ignores ipv6 subnets
works as expected:... Viktor Gurov
12:24 PM Feature #10618 (Resolved): Set sysDescr the same as bsnmpd unless overriden with net-snmp
works as expected:... Viktor Gurov
07:46 AM Bug #10749: squid + captive portal authentication not working
I have same problem (WPAD + explicit Squid with Captive Portal authentication) since I update pfSense to 2.4.5 and sq... Christophe PLUMEL

07/10/2020

02:12 PM Bug #10330 (Feedback): BIND zone configuration displays wrong DS resource record with inline DNSSEC signing enabled
PR has been merged. Thanks! Renato Botelho
02:12 PM Bug #10445 (Feedback): BIND crashed when added RPZ. rpz is not a master or slave zone.
PR has been merged. Thanks! Renato Botelho
02:12 PM Bug #10506 (Feedback): Recursion not working on fresh BIND install
PR has been merged. Thanks! Renato Botelho
02:12 PM Bug #7271 (Feedback): Co-existence of unbound and BIND/named
PR has been merged. Thanks! Renato Botelho
02:04 PM Bug #10692 (Feedback): PIMD starts twice at boot
PR has been merged. Thanks! Renato Botelho
02:02 PM Feature #10725 (Feedback): Squid disable multiple login sessions
PR has been merged. Thanks! Renato Botelho
02:01 PM Bug #10737 (Feedback): FRR attempts to cycle IPsec VTI interfaces even when disabled/not running
PR has been merged. Thanks! Renato Botelho
02:00 PM Bug #10656 (Feedback): Acme letsencrypt doesn't change private key type
PR has been merged. Thanks! Renato Botelho
01:36 PM Feature #10753: Acme DNS-01 for Hurricane Electric needs to be updated for new dynamic update methods
Thanks for the insight. I've opened https://github.com/acmesh-official/acme.sh/issues/3038 which will hopefully lead... Howard Holm
12:55 PM Feature #10753: Acme DNS-01 for Hurricane Electric needs to be updated for new dynamic update methods
Has the new method been updated in acme.sh upstream? ( https://github.com/acmesh-official/acme.sh ) -- If not, it mus... Jim Pingle
12:48 PM Feature #10753 (Closed): Acme DNS-01 for Hurricane Electric needs to be updated for new dynamic update methods
Hurricane Electric has added (as of two days ago - see http://dns.he.net) dynamic DNS support for TXT records allow f... Howard Holm
10:11 AM Bug #10751: Incorrect syslog() params on Suricata 5 pkg
Fix:
https://github.com/pfsense/FreeBSD-ports/pull/899 Viktor Gurov
09:58 AM Bug #10751 (Resolved): Incorrect syslog() params on Suricata 5 pkg
If you don't select any rules for the interface and click the "Save" button:... Viktor Gurov
07:45 AM Feature #10746 (Rejected): FRR OSPF network
What you describe is already possible in the current FRR GUI.
This site is not for support or diagnostic discussio... Jim Pingle
06:35 AM Bug #10749 (Resolved): squid + captive portal authentication not working
https://forum.netgate.com/topic/155148/squid-captive-portal-authentication:
Since the last update (2.4.5-RELEASE-p1)... Viktor Gurov

07/09/2020

11:54 PM Feature #10746 (Rejected): FRR OSPF network
Add feature to specify which network should be adverting to OSPF .
if I choose Route Redistribution (such as Conne... Alhusein Zawi
10:49 AM Bug #10741: Fails with CARP VIP Status - SQUID
Viktor Gurov wrote:
> squid pkg 0.4.44_28 on 2.4.5-p1 (clean install) - no such issue, HA works as expected
> it se... Thiago Orico
05:09 AM Bug #10741: Fails with CARP VIP Status - SQUID
squid pkg 0.4.44_28 on 2.4.5-p1 (clean install) - no such issue, HA works as expected
it seems something incorrect i... Viktor Gurov
07:59 AM Bug #10737 (Pull Request Review): FRR attempts to cycle IPsec VTI interfaces even when disabled/not running
Jim Pingle
01:29 AM Bug #10737: FRR attempts to cycle IPsec VTI interfaces even when disabled/not running
Fix:
https://github.com/pfsense/FreeBSD-ports/pull/897 Viktor Gurov
07:55 AM Todo #10419 (Closed): Update haproxy ports
Jim Pingle
03:07 AM Todo #10419: Update haproxy ports
All works fine on 2.0.14 DRago_Angel [InV@DER]

07/08/2020

10:12 PM Bug #10741 (Closed): Fails with CARP VIP Status - SQUID
Tests with CARP protocol, using CARP VIP option Squid status activated, the CARP IP type does not assume in the secon... Thiago Orico
05:04 AM Feature #10739 (Feedback): Update HAproxy-devel package to 2.2 and HAproxy to 2.0
Announced new stable version of HAproxy 2.2: https://www.haproxy.com/blog/announcing-haproxy-2-2/
There is bunch of ... DRago_Angel [InV@DER]

07/07/2020

11:51 PM Bug #10738 (Duplicate): ipsec apply issue
Duplicate of #10737 (and #10736) Jim Pingle
08:28 PM Bug #10738 (Duplicate): ipsec apply issue
Note: I suspect this is related to the fix for bug #10351 or related to the bug itself however it is marked resolved.... Andrew Johnson
02:43 PM Bug #10737 (Resolved): FRR attempts to cycle IPsec VTI interfaces even when disabled/not running
If FRR is installed but disabled or otherwise not running, @frr_ipsec_reload()@ will still attempt to send an FRR con... Jim Pingle
01:20 PM Bug #7271 (Pull Request Review): Co-existence of unbound and BIND/named
Jim Pingle
01:12 PM Bug #10507 (Pull Request Review): Unable to use forwarders
Jim Pingle
01:07 PM Bug #10506 (Pull Request Review): Recursion not working on fresh BIND install
Jim Pingle
12:57 PM Bug #10445 (Pull Request Review): BIND crashed when added RPZ. rpz is not a master or slave zone.
Jim Pingle
12:56 PM Bug #10330 (Pull Request Review): BIND zone configuration displays wrong DS resource record with inline DNSSEC signing enabled
Jim Pingle
12:43 PM Feature #10725 (Pull Request Review): Squid disable multiple login sessions
Jim Pingle
12:29 PM Bug #10692 (Pull Request Review): PIMD starts twice at boot
Jim Pingle

07/06/2020

02:39 PM Bug #10003: Visiting VPN > Apple IPsec Profile renders the navigation dropdown buttons useless
FYI- This is now moot on IPsec Profile Wizard pkg v 1.0, since it has been changed to use a traditional GUI page and ... Jim Pingle

07/05/2020

11:04 AM Bug #10688 (Resolved): Remove Zabbix 4.2 ports
removed from 2.4 and 2.5 repo Viktor Gurov
10:59 AM Bug #9813 (Resolved): Fails saving accountkeys if name contains non-English characters
Fixed in #10442 Viktor Gurov
10:55 AM Bug #7271: Co-existence of unbound and BIND/named
https://github.com/pfsense/FreeBSD-ports/pull/896 Viktor Gurov
10:40 AM Bug #8254 (Resolved): BIND, Register DHCP static mappings and Subzones
no such issue with 9.16_1, https://github.com/pfsense/FreeBSD-ports/blob/devel/dns/pfSense-pkg-bind/files/usr/local/p... Viktor Gurov
10:14 AM Bug #10507: Unable to use forwarders
Fix:
https://github.com/pfsense/FreeBSD-ports/pull/895 Viktor Gurov
06:55 AM Bug #10506: Recursion not working on fresh BIND install
fix:
https://github.com/pfsense/FreeBSD-ports/pull/894 Viktor Gurov
06:10 AM Bug #10445: BIND crashed when added RPZ. rpz is not a master or slave zone.
Fixes:
https://github.com/pfsense/FreeBSD-ports/pull/893 Viktor Gurov
02:52 AM Bug #10330: BIND zone configuration displays wrong DS resource record with inline DNSSEC signing enabled
Fix:
https://github.com/pfsense/FreeBSD-ports/pull/892 Viktor Gurov

07/04/2020

12:11 PM Bug #10693: pfSense Bind Zone Editor UI does not update zone serial number when a change is made
Viktor Gurov wrote:
> > The broken behavior is observed with Bind package 9.14_4
>
> did it work differently befo... Jeffrey Altman
11:47 AM Bug #10693: pfSense Bind Zone Editor UI does not update zone serial number when a change is made
> The broken behavior is observed with Bind package 9.14_4
did it work differently before?
you need to manually c... Viktor Gurov
12:06 PM Feature #8188 (Resolved): Support response policy zones in bind package
merged in 9.12 Viktor Gurov
04:28 AM Feature #10725: Squid disable multiple login sessions
https://github.com/pfsense/FreeBSD-ports/pull/891 Viktor Gurov
12:27 AM Feature #10725 (Resolved): Squid disable multiple login sessions
https://forum.netgate.com/topic/154741/squid-disable-multiple-sessions:
Hello, I want to set a server running pfsens... Viktor Gurov
04:04 AM Bug #10692: PIMD starts twice at boot
Viktor,
"many thanks!!"
I did install PIMD again and will test it as soon as the fix is in the snapshots
... Louis B
02:50 AM Bug #10692: PIMD starts twice at boot
Louis van Breda wrote:
> Hello,
>
> I just discoverd a critical error in the pfSense boot sequence.
> - Indepen... Viktor Gurov

07/03/2020

03:20 AM Feature #9852: show File-Store directory listing
+ https://www.joesandbox.com/
+ https://opentip.kaspersky.com/ Viktor Gurov

07/02/2020

09:15 AM Bug #10721 (Rejected): PHP Startup: Unable to load dynamic library 'readline.so'
That is not a bug, but a problem with your installation.
This site is not for support or diagnostic discussion.
... Jim Pingle
09:14 AM Bug #10721 (Rejected): PHP Startup: Unable to load dynamic library 'readline.so'
Crash report begins. Anonymous machine information:
amd64
11.2-RELEASE-p10
FreeBSD 11.2-RELEASE-p10 #9 4a2bfdce... Vincenzo Pace

06/29/2020

02:48 AM Bug #10700: not all VPN IPs added with vpnaddresses option
Suricata 4 PR:
https://github.com/pfsense/FreeBSD-ports/pull/889 Viktor Gurov
 

Also available in: Atom