pfSense » pfSense Packages

12/24/2020

12:21 PM Bug #8688 (Resolved): Pass List Snort

Tested on Snort 4.1.2_2 and 4.1.2_4. I see all of my IPsec v4 and v6 addresses in my pass list as well as OpenVPN add... Max Leighton

11:57 AM Bug #10700: not all VPN IPs added with vpnaddresses option

Tested in Suricata 5.0.4_1 and 6.0.0_4. I'm seeing all of the relevant VPN IPs added to the list. Max Leighton

12/23/2020

02:55 PM Bug #11000: haproxy deprecated trick suggested

It was been deprecated from HAproxy 1.8 if trust manual: https://cbonte.github.io/haproxy-dconv/1.8/configuration.htm... DRago_Angel [InV@DER]

01:55 PM Bug #11185: Redis service stopping before NtopNg

I wrote basic patch which fix issue in my case:... DRago_Angel [InV@DER]

12/22/2020

12:21 PM Feature #11186 (Pull Request Review): Allow lo0/Loopback as a valid interface in OSPF/OSPF6

Jim Pingle

12:09 PM Feature #11186 (Closed): Allow lo0/Loopback as a valid interface in OSPF/OSPF6

PR: https://github.com/pfsense/FreeBSD-ports/pull/1011 Christian McDonald

11:14 AM Bug #11185: Redis service stopping before NtopNg

To note, if run:
if rune something like kill -15 `pgrep ntopng` then ntopng correctly shutting down via SIGTERM and ... DRago_Angel [InV@DER]

10:00 AM Bug #11185 (Resolved): Redis service stopping before NtopNg

Redis is dependency for NtopNG. It must stop after NtopNG, but it don't. In result when you stop NtopNG via pfSense w... DRago_Angel [InV@DER]

10:58 AM Bug #11108 (Resolved): pfsense 2.5.0-DEVELOPMENT (amd64) pfBlockerNG-devel 3.0.0_1

Tested on the latest snapshot.
pfBlockerNG version 3.0.0_7.
It works fine.
Ticket resolved. Danilo Zrenjanin

10:28 AM Feature #6651: Loopback interfaces

PR Review:
https://github.com/pfsense/FreeBSD-ports/pull/1011
This might not completely solve every use-case, b... Christian McDonald

12/21/2020

11:50 AM Bug #11182 (New): NRPE in HA syncs the bind IP

When using a local interface IP as the bind IP in NPRE 3.1_4, once the primary node resumes master after a failover e... Max Leighton

08:34 AM Bug #11180: Filer run action for files on sync that wan't been modified

Sorry "wan't been modified" -> "wasn't been modified" typo. DRago_Angel [InV@DER]

08:33 AM Bug #11180 (Feedback): Filer run action for files on sync that wan't been modified

You have for example 2 files:
1. unbound mod.py which then run command: `unbound-control -c /var/unbound/unbound.con... DRago_Angel [InV@DER]

05:22 AM Feature #11178 (New): Filer do not ask what to do with previous filename

When you create file via Filer plugin and after this rename this file you in most cases wait that previous file was b... DRago_Angel [InV@DER]

12/19/2020

10:42 PM Bug #11175 (Resolved): FRR OSPFv6 config missing default area

Configuring default area in OSPF6 main page is not reflecting in configuration *Services>FRR>OSPF6> OSPF6*
route... Alhusein Zawi

12/18/2020

02:34 PM Bug #11173: Status>Monitoring parameters are hidden by the interactive graph

Not a new problem, it's been like that for a while. Though I don't see an existing entry for it. Jim Pingle

02:29 PM Bug #11173 (Resolved): Status>Monitoring parameters are hidden by the interactive graph

There is text underneath the graph in Status>Monitoring which should show the system name, time period, resolution, a... Max Leighton

06:47 AM Bug #10507 (Resolved): Unable to use forwarders

Tested on the latest snapshot.
It doesn't add _'zone "." { }'_ anymore, if recursion is set to Yes and there are ... Danilo Zrenjanin

04:10 AM Bug #10506 (Resolved): Recursion not working on fresh BIND install

Tested on the latest snapshot. It works fine. Ticket resolved. Danilo Zrenjanin

12/16/2020

07:04 AM Feature #6651: Loopback interfaces

Any movement on this?
This would be really useful. Currently I'm having to create a dummy vlan on a physical nic ... Christian McDonald

03:58 AM Bug #11128 (Resolved): pfblockerng 3.0.0_3 not using upstream proxy for curl feed downloads

Tested on:... Danilo Zrenjanin

03:46 AM Bug #11152 (Resolved): rsync pkg not installed

Tested on:... Danilo Zrenjanin

12/15/2020

12:06 PM Bug #11166 (Rejected): OpenVPN Client installer behaviour when OpenVPN 2.5 is already installed

The OpenVPN client Windows installer changed to an MSI, nothing we can do about that. Request changes upstream in Ope... Jim Pingle

11:45 AM Bug #11166 (Rejected): OpenVPN Client installer behaviour when OpenVPN 2.5 is already installed

Former versions of OpenVPN Client Export allowed for the distribution of the installer that handled pre-existing inst... Gregory Guilmette

11:36 AM Feature #11165 (New): OpenVPN Exporter - Allow for name customization

The Exporter Module creates client configurations that show up in the client workstation with the Netgate/pfSense hos... Gregory Guilmette

07:22 AM Bug #11135 (Pull Request Review): HAproxy OCSP reponse crontab bug

Jim Pingle

07:14 AM Bug #11135: HAproxy OCSP reponse crontab bug

fix:
https://github.com/pfsense/FreeBSD-ports/pull/1006 Viktor Gurov

05:27 AM Feature #11155 (Feedback): SafeSearch AAAA

PR haws been merged. Thanks! Renato Botelho

05:27 AM Bug #11152 (Feedback): rsync pkg not installed

PR haws been merged. Thanks! Renato Botelho

05:24 AM Bug #11107 (Resolved): pfBlockerNG 3.0.0_1 doesn't have some feeds fixes

OK in pfBlockerNG-devel 3.0.0_5 Viktor Gurov

12/14/2020

11:42 PM Feature #11163 (Closed): Preferred Chain option

Add WebGUI option to select Preferred Chain,
see https://github.com/acmesh-official/acme.sh/wiki/Preferred-Chain
Viktor Gurov

05:07 AM Feature #11148 (Closed): Snort Inline mode note

already there after pressing the 'save' button Viktor Gurov

01:31 AM Feature #11155: SafeSearch AAAA

Google, Youtube and Pixabay IPv6 (AAAA) SafeSearch:
https://github.com/pfsense/FreeBSD-ports/pull/1005 Viktor Gurov

12/12/2020

06:02 PM Bug #11158 (New): FRR Prefix Lists

Adding any value to *Minimum Prefix box* on Prefix Lists will stop receiving/sending the routes from/to the neighbor ... Alhusein Zawi

12/11/2020

10:19 AM Feature #11156 (New): Add an option include subdomains for the noAAAA feature

Thanks for including the noAAAA feature into pfBlockerNG, it works almost as good as the old python script.
But it's... Grimson Gretzleburg

09:23 AM Feature #11155 (Resolved): SafeSearch AAAA

SafeSearch DNS redirection doesn't work for AAAA queries,
must be added/fixed:
forcesafesearch.google.com - 200... Viktor Gurov

07:11 AM Bug #11101: Bind DNS Server won't start

https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/16 Viktor Gurov

05:17 AM Bug #11152: rsync pkg not installed

https://github.com/pfsense/FreeBSD-ports/pull/1003 Viktor Gurov

04:15 AM Bug #11152 (Resolved): rsync pkg not installed

It's no possible to use RSYNC format feeds because rsync pkg is not installed:... Viktor Gurov

03:59 AM Bug #11136 (Resolved): Suricata trashcan icon for interface mapping delete has no effect

Tested on:... Danilo Zrenjanin

12/10/2020

09:27 AM Bug #8466: radiusd crash

able to reproduce:... Viktor Gurov

06:09 AM Bug #8466: radiusd crash

Same here on 2.4.5-RELEASE-p1 (amd64) - a nice way of locking yourself out of pfSense :-( Yury Zaytsev

06:32 AM Feature #11113 (Feedback): New phishing feeds

PR has been merged. Thanks! Renato Botelho

06:32 AM Bug #11128 (Feedback): pfblockerng 3.0.0_3 not using upstream proxy for curl feed downloads

PR has been merged. Thanks! Renato Botelho

12:59 AM Feature #11148 (Closed): Snort Inline mode note

It would be better to add a note about Inline mode rule actions,
from https://forum.netgate.com/topic/143812/snort-p... Viktor Gurov

12/07/2020

10:05 AM Bug #11136: Suricata trashcan icon for interface mapping delete has no effect

2.4.5 fix:
https://github.com/pfsense/FreeBSD-ports/pull/1001 Viktor Gurov

07:28 AM Bug #11136 (Feedback): Suricata trashcan icon for interface mapping delete has no effect

PR has been merged. Thanks! Renato Botelho

01:43 AM Bug #11136: Suricata trashcan icon for interface mapping delete has no effect

Fix:
https://github.com/pfsense/FreeBSD-ports/pull/1000 Viktor Gurov

08:28 AM Feature #11138 (New): new WebGUI checkboxes needed

New WebGUI checkboxes needed for these files:
/usr/local/etc/raddb/mods-config/files/authorize
/usr/local/etc/raddb... pf Driver

01:13 AM Bug #7271: Co-existence of unbound and BIND/named

Max Leighton wrote:
> Testing with bind 9.16_6 the default control port is still showing as 953 and conflicting wit... Viktor Gurov

12/06/2020

11:02 PM Bug #10516: FRR Access list

Alhusein Zawi wrote:
> Access list is working as expected on 2.5 but it is not taking an effect until restarting FRR... Viktor Gurov

06:26 PM Bug #11136 (Confirmed): Suricata trashcan icon for interface mapping delete has no effect

Attempting to delete interfaces using the trashcan icon produces system logs:... Steve Wheeler

05:42 PM Bug #11136 (Resolved): Suricata trashcan icon for interface mapping delete has no effect

The GUI offers two ways to delete an interface mapping on the Interfaces tab of Suricata.
Clicking the trashcan i... Max Leighton

02:41 AM Bug #11135: HAproxy OCSP reponse crontab bug

A more proper fix would be :... Stéphane Lapie

02:31 AM Bug #11135: HAproxy OCSP reponse crontab bug

Confirmed that the previous code did work with an older version :
* Old OpenSSL :... Stéphane Lapie

02:12 AM Bug #11135 (Feedback): HAproxy OCSP reponse crontab bug

Context : I have been using pfSense 2.5.0 development snapshots to get TLS 1.3 support.
I have noticed that the OC... Stéphane Lapie

12/05/2020

02:31 PM Bug #11131: pfblockerng-devel 3.0.0_2 logs when logging is disabled

Does the rule tracking ID match the one from the logs? What happens if you disable the rule - does it still get logged? Marcos M

01:43 PM Bug #7271: Co-existence of unbound and BIND/named

Testing with bind 9.16_6 the default control port is still showing as 953 and conflicting with unbound. Max Leighton

12/04/2020

10:09 PM Bug #11128: pfblockerng 3.0.0_3 not using upstream proxy for curl feed downloads

Viktor Gurov wrote:
> fix:
> https://github.com/pfsense/FreeBSD-ports/pull/999
Thank you Viktor, can confirm you... Tom N

10:48 AM Bug #11128: pfblockerng 3.0.0_3 not using upstream proxy for curl feed downloads

fix:
https://github.com/pfsense/FreeBSD-ports/pull/999 Viktor Gurov

09:28 PM Bug #10516: FRR Access list

Access list is working as expected on 2.5 but it is not taking an effect until restarting FRR bgpd service.
passe... Alhusein Zawi

01:08 AM Bug #10516: FRR Access list

maybe this is #11039 ? Viktor Gurov

05:14 PM Bug #11131 (Resolved): pfblockerng-devel 3.0.0_2 logs when logging is disabled

I just installed pfblockerng 3.0.0_2 and I'm seeing lots of traffic in the log even though logging is disabled.
A ... T Toft

07:58 AM Feature #11130: FRR RIP support

RIP can also be used as a workaround for #9204 Viktor Gurov

03:12 AM Feature #11130 (Resolved): FRR RIP support

since the routing daemon is not available in version 2.5, it would be useful to add RIP (+ RIPng?) support to the FRR... Viktor Gurov

12/03/2020

08:25 PM Bug #11128 (Resolved): pfblockerng 3.0.0_3 not using upstream proxy for curl feed downloads

Hi there,
Not sure when this started happening but none of the feeds are downloading anymore, I have a feeling curl ... Tom N

02:47 PM Bug #10885 (Resolved): HAProxy DNS statistics not working

Tested on:... Danilo Zrenjanin

10:21 AM Bug #10749 (New): squid + captive portal authentication not working

'The check_cp helpers are crashing too rapidly' fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_reques... Viktor Gurov

12/02/2020

02:49 PM Bug #10935: FRR 0.6.7-6 - BGPD service recycled IPv6 without Route Map

https://github.com/pfsense/FreeBSD-ports/commit/df52ed6fde08e5360555146cbf5af5517d646c1b#diff-1812ded0ff9970459b22d82... Jeremy Peterson

01:09 AM Feature #11113: New phishing feeds

https://github.com/pfsense/FreeBSD-ports/pull/998 Viktor Gurov

11/30/2020

03:52 PM Bug #11107 (Feedback): pfBlockerNG 3.0.0_1 doesn't have some feeds fixes

PR has been merged. Thanks! Renato Botelho

08:35 AM Bug #11107 (Pull Request Review): pfBlockerNG 3.0.0_1 doesn't have some feeds fixes

Jim Pingle

03:52 PM Bug #11108 (Feedback): pfsense 2.5.0-DEVELOPMENT (amd64) pfBlockerNG-devel 3.0.0_1

PR has been merged. Thanks! Renato Botelho

08:35 AM Bug #11108 (Pull Request Review): pfsense 2.5.0-DEVELOPMENT (amd64) pfBlockerNG-devel 3.0.0_1

Jim Pingle

09:19 AM Bug #9866 (Resolved): freeradius_view_config.php: File contents are displayed without encoding

Jim Pingle

08:18 AM Feature #11102 (Pull Request Review): Include a dictionary for mpd5 in Freeradius

Jim Pingle

11/28/2020

03:40 PM Bug #9866: freeradius_view_config.php: File contents are displayed without encoding

Tested in freeradius3 version 0.15.7_20. I see special characters are being converted as expected. This issue can be ... Max Leighton

01:06 PM Bug #8306 (Rejected): HAproxy in pfsense 2.42-p1 ha pair generates XMLRPC errors

Closing this ticket as rejected, since sync should not be enabled on the secondary unit for any HA configuration. Kris Phillips

11/27/2020

09:17 AM Feature #11113 (Resolved): New phishing feeds

https://phishing.army/
feed https://phishing.army/download/phishing_army_blocklist.txt
https://oisd.nl/
feed htt... Viktor Gurov

07:33 AM Bug #11111 (Duplicate): Squidguard_configurator bug

duplicate of https://redmine.pfsense.org/issues/9364#note-4 Viktor Gurov

07:11 AM Bug #11111 (Duplicate): Squidguard_configurator bug

On line 1293 of file squidguard_configurator.inc.
The result is force to : $rdr_path = "$guiproto://$guiip:$guipor... Gael Richier

02:38 AM Bug #11107: pfBlockerNG 3.0.0_1 doesn't have some feeds fixes

https://github.com/pfsense/FreeBSD-ports/pull/996 Viktor Gurov

01:59 AM Bug #11108: pfsense 2.5.0-DEVELOPMENT (amd64) pfBlockerNG-devel 3.0.0_1

Fix:
https://github.com/pfsense/FreeBSD-ports/pull/995 Viktor Gurov

11/26/2020

11:42 PM Bug #11108 (Resolved): pfsense 2.5.0-DEVELOPMENT (amd64) pfBlockerNG-devel 3.0.0_1

after install pfblockerng 3.0.0_1 on pfsense 2.5.0-dev
i got the following crash report
Crash report begins. Ano... khaled osama

08:47 AM Bug #11107 (Resolved): pfBlockerNG 3.0.0_1 doesn't have some feeds fixes

some fixes from the previous PRs is not merged to 3.0.0_1:
#10933 - Lashback LB_BL - host not found
#10930 - correc... Viktor Gurov

04:12 AM Bug #8827: Squidguard: ACL redirect modes 'redirect' and 'err page' send unresolvable URLs to the client.

You have to append... Viktor Gurov

04:09 AM Bug #9364: squidguard int error page does not use https

regression fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/12 Viktor Gurov

12:05 AM Feature #11102: Include a dictionary for mpd5 in Freeradius

https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/11 Viktor Gurov

11/25/2020

11:11 PM Bug #10608: Update squid port to 4.11-p2

the latest version of squid for FreeBSD 11 is 4.13:
https://www.freshports.org/www/squid/ Viktor Gurov

10:46 AM Feature #11102 (Resolved): Include a dictionary for mpd5 in Freeradius

In order to pass mpd specific attributes from Freeradius to, for example, provide rate limits to PPPoE clients a dict... Steve Wheeler

07:56 AM Bug #11098: Backup Files and Directories plugin crashes firewall if /root specified as backup location

I was not able to reproduce the issue either:... Marcos M

06:33 AM Bug #11098: Backup Files and Directories plugin crashes firewall if /root specified as backup location

I can't replicate this by simply attempting to backup /root.
The backup file is not included in the .tgz.
Testi... Steve Wheeler

12:41 AM Bug #11098: Backup Files and Directories plugin crashes firewall if /root specified as backup location

https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/10 Viktor Gurov

06:39 AM Bug #11101 (Resolved): Bind DNS Server won't start

If the "Enable Forwarding" checkbox is enabled, and a Forwarder IP is defined, and there is no semicolon at the end, ... Danilo Zrenjanin

06:29 AM Bug #11089 (Resolved): BIND service is started when disabled

Tested on:... Danilo Zrenjanin

12:12 AM Feature #11099 (New): DNSBL blocking by schedule

It would be nice to allow using DNSBL blocking by schedule to enable/disable it during school hours.
maybe improve p... Viktor Gurov