Project

General

Profile

Activity

From 02/04/2021 to 03/05/2021

03/05/2021

09:03 PM Bug #11517: Zebra Access List Names don't prevent spaces, but a whitespace in the name will stop FRR from starting
Access list does not accept names with spaces
fixed
Alhusein Zawi
02:18 PM Bug #11614: ACME certificate renewal/creation fails with multiple DNS providers
Right, and there is also no solution yet, but it's all the same problem with multiple (different) credentials.
Dep... Jim Pingle
02:04 PM Bug #11614: ACME certificate renewal/creation fails with multiple DNS providers
Workaround in #8560 does not reliably work for this scenario of the bug. So effectively, there is no workaround. Ben Tyger
08:33 AM Feature #11349 (Feedback): Allow to set minimum TLS version
PR has been merged. Thanks! Renato Botelho
08:33 AM Bug #11582 (Feedback): FreeRADIUS XML-RPC Sync doesn't sync all configuration sections
PR has been merged. Thanks! Renato Botelho
08:29 AM Bug #11580 (Feedback): FTP client proxy - source and destination bypass limitation
PR has been merged. Thanks! Renato Botelho
08:26 AM Bug #8827 (Feedback): Squidguard: ACL redirect modes 'redirect' and 'err page' send unresolvable URLs to the client.
PR has been merged. Thanks! Renato Botelho
08:25 AM Bug #11620 (Feedback): OSPF Route Redistribution shows numbers instead of route map names
PR has been merged. Thanks! Renato Botelho
06:31 AM Bug #11628 (Resolved): ftp-proxy error messages in logs
Disabled ftp-proxy package causes errors in log:... Viktor Gurov
06:29 AM Bug #11627 (Resolved): rc file is not deleted
After disabling the arpwatch service, `/usr/local/etc/rc.d/arpwatch.sh` still exists
and you can see errors in log:
... Viktor Gurov
04:52 AM Feature #11405 (Resolved): add RPKI route map in GUI
frr 1.1.0_7 Viktor Gurov
04:51 AM Feature #11405: add RPKI route map in GUI
already there ('Enable BGP RPKI' option)
works as expected:... Viktor Gurov
04:21 AM Feature #11405 (New): add RPKI route map in GUI
"-M rpki" must be added to bgpd daemon command line,
see https://docs.frrouting.org/en/latest/bgp.html#enabling-rpki... Viktor Gurov
02:38 AM Feature #9315: Add Package: dnscrypt-proxy
According to "DNSCrypt Options" at https://nlnetlabs.nl/documentation/unbound/unbound.conf/ it seems the DNScrypt in ... Idar Lund

03/04/2021

11:03 PM Bug #11546 (Resolved): incorrect 'set as-path' command
Viktor Gurov
09:08 PM Bug #11546: incorrect 'set as-path' command
"Set" option is not in options list.
 Alhusein Zawi
09:52 AM Bug #11449 (Resolved): BIND fails during/after upgrade to 21.02/2.50
Renato Botelho
09:16 AM Bug #11449: BIND fails during/after upgrade to 21.02/2.50
It did fix the issue for me. Tchello Mello
08:47 AM Bug #11449: BIND fails during/after upgrade to 21.02/2.50
Is this bug fixed with the new version of the bind package release for pfsense ? Stefan Andersson
09:14 AM Bug #11620 (Pull Request Review): OSPF Route Redistribution shows numbers instead of route map names
Jim Pingle
05:23 AM Bug #11620: OSPF Route Redistribution shows numbers instead of route map names
fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/66 Viktor Gurov
05:09 AM Bug #11620 (Resolved): OSPF Route Redistribution shows numbers instead of route map names
Routing using routing protocols has basically been broken to some extent. In my case I'm doing advanced routing with ... Viktor Gurov

03/03/2021

04:17 PM Bug #11618 (Closed): WireGuard using incorrect IPv6 tunnel address prefix length
Example; if I specify a tunnel with address fc00:bbbb:bbbb:bb01::9:xxxx/128, this is how it gets configured:... Reza Arbab
03:39 PM Bug #8827 (Pull Request Review): Squidguard: ACL redirect modes 'redirect' and 'err page' send unresolvable URLs to the client.
Jim Pingle
04:12 AM Bug #8827: Squidguard: ACL redirect modes 'redirect' and 'err page' send unresolvable URLs to the client.
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/65 Viktor Gurov
03:31 PM Feature #11349 (Pull Request Review): Allow to set minimum TLS version
Jim Pingle
12:09 AM Feature #11349: Allow to set minimum TLS version
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/64 Viktor Gurov
01:25 PM Bug #10642 (Duplicate): ACME certificate renewal with DNS-Gandi method fails when using multiple Gandi keys
Same root problem as #8560 Jim Pingle
01:25 PM Bug #11614 (Duplicate): ACME certificate renewal/creation fails with multiple DNS providers
Same root problem as #10642 and #8560 Jim Pingle
09:50 AM Bug #11614 (Duplicate): ACME certificate renewal/creation fails with multiple DNS providers
When trying to issue/renew ACME certificates to multiple different DNS providers with the DNS verification method, th... Ben Tyger
05:29 AM Bug #11610: NET-SNMP is not setting the correct permissions on AgentX
Unable to reproduce with FRR pkg 1.1.0_8 -
frr starts successfully with the "Enable agentx" option:... Viktor Gurov
05:11 AM Bug #11610 (New): NET-SNMP is not setting the correct permissions on AgentX
When we go to FRR -> Global Settings -> (Scroll down to "Modules" and tick the "Enable agentx support for accessing F... Yif Swery

03/02/2021

08:36 PM Bug #11590: pfBlocker Issue when IPv6 is disabled
Fixed in pfBlockerNG-devel v3.0.0_14 BBcan177 .
12:27 PM Bug #11605 (Closed): Suricata can trigger PHP crash on SG-3100
Suricata and SNORT won't start on 21.02p1 SG3100. Appears to be an issue related to PHP see the following post for mo... Justin P
11:19 AM Bug #11449: BIND fails during/after upgrade to 21.02/2.50
Hello everybody,
I became aware of this bug report after finding this forum thread via googling: https://forum.net... Andreas Grommek
10:25 AM Feature #11601: Ability to disable/stop Service Watchdog
There is no need for two separate issues for the same problem. Any work to solve the other issue should stay on that ... Jim Pingle
10:21 AM Feature #11601: Ability to disable/stop Service Watchdog
Jim Pingle wrote:
> Duplicate of #11490
#11490 describes symptoms, this request suggest a solution. Yuri Weinstein
10:15 AM Feature #11601 (Duplicate): Ability to disable/stop Service Watchdog
Duplicate of #11490 Jim Pingle
10:09 AM Feature #11601 (Duplicate): Ability to disable/stop Service Watchdog
Use case: before upgrading a package like pfBlockerNG I remove `pfb_dnsbl`, `pfb_filter` and `unbound` from Service W... Yuri Weinstein
08:11 AM Bug #11543 (Duplicate): SquidGuard 1.16.18_15 - returning wrong page
duplicate of #8827 Viktor Gurov
04:40 AM Bug #11543: SquidGuard 1.16.18_15 - returning wrong page
I can reproduce this issue in SSL/MITM Mode = "Splice Whitelist, Bump Otherwise"
in "Splice All" mode returns the co... Viktor Gurov
05:04 AM Bug #11582: FreeRADIUS XML-RPC Sync doesn't sync all configuration sections
Alexis Mestag wrote:
> It seems I don't have access to https://gitlab.netgate.com/.
> Is there a way for me to see ... Viktor Gurov
03:40 AM Bug #11582: FreeRADIUS XML-RPC Sync doesn't sync all configuration sections
It seems I don't have access to https://gitlab.netgate.com/.
Is there a way for me to see the patch (out of curiosit... Alexis Mestag
04:00 AM Bug #10608 (Feedback): Update squid port to 4.11-p2
Squid version in pfSense 2.5/21.02 is 4.13:... Viktor Gurov
03:58 AM Feature #11060 (Resolved): Block access to consumer Google accounts
works as expected on Squid pkg 0.4.45_3 - it blocks access to google accounts and adds youtube safesearch restrictions Viktor Gurov

03/01/2021

11:20 PM Bug #11591 (Duplicate): Could not install node exporter
duplicate of #11515
See fix in the next node_exporter version:
https://github.com/pfsense/FreeBSD-ports/commit/6e... Viktor Gurov
09:58 PM Bug #11591 (Duplicate): Could not install node exporter
I tried to install node_exporter and whilst the install appeared to complete successfully, I noticed it did not appea... Mark De Souza
10:01 PM Bug #11592 (New): Node exporter can not read system statistics
Each time I curl <ip of router>:9100 I receive the following log error:
level=error ts=2021-03-02T03:55:34.739Z ca... Mark De Souza
09:06 PM Bug #11572: Auto created firewall rules have IPv4 as protocol only - even for IPv6 lists.
There are a couple items to iron out in devel, so don't think too long. BBcan177 .
04:02 PM Bug #11572: Auto created firewall rules have IPv4 as protocol only - even for IPv6 lists.
Confirmed - created as an IPv6 rule in beta. Just means that all those out there using the "release" version are at r... Dave Tickem
09:01 PM Bug #11590 (Closed): pfBlocker Issue when IPv6 is disabled
I noticed a crash report this morning when I logged into pfsense. I have ipv6 disabled on my pfsense box but it appea... Mark De Souza
06:34 PM Bug #11585: WireGuard kernel panic when changing peer port on assigned WireGuard interface
Interestingly enough, I haven't had any panics on my cloud instances hosted on Vultr, though my instances hosted on-p... Christian McDonald
02:24 PM Bug #11585: WireGuard kernel panic when changing peer port on assigned WireGuard interface
Parts of the backtrace are similar to #11586 but it's not an exact match. Jim Pingle
02:22 PM Bug #11585 (New): WireGuard kernel panic when changing peer port on assigned WireGuard interface
Jim Pingle
02:22 PM Bug #11585 (Closed): WireGuard kernel panic when changing peer port on assigned WireGuard interface
Jim Pingle
02:19 PM Bug #11585: WireGuard kernel panic when changing peer port on assigned WireGuard interface
That does appear to be one we haven't seen yet:... Jim Pingle
02:06 PM Bug #11585: WireGuard kernel panic when changing peer port on assigned WireGuard interface
Also hitting this when changing the port on the local wg interface...sometimes. Sometimes changing the port is fine, ... Christian McDonald
01:59 PM Bug #11585 (Closed): WireGuard kernel panic when changing peer port on assigned WireGuard interface
All I did was change the port on peer 0. Christian McDonald
02:47 PM Bug #11582 (Pull Request Review): FreeRADIUS XML-RPC Sync doesn't sync all configuration sections
Jim Pingle
02:13 PM Bug #11582: FreeRADIUS XML-RPC Sync doesn't sync all configuration sections
fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/63 Viktor Gurov
09:25 AM Bug #11582 (Resolved): FreeRADIUS XML-RPC Sync doesn't sync all configuration sections
Using the XML-RPC Sync feature of the FreeRADIUS package doesn't sync all configuration sections.
For example:
* ... Alexis Mestag
01:36 PM Bug #11580 (Pull Request Review): FTP client proxy - source and destination bypass limitation
Jim Pingle
11:19 AM Bug #11580: FTP client proxy - source and destination bypass limitation
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/62 Viktor Gurov
04:40 AM Bug #11580 (Resolved): FTP client proxy - source and destination bypass limitation
Not able to use alias in Proxy Bypass: Source and Proxy Bypass: Destination.
I tried to manually add to config.xml a... Michal Kubin
10:21 AM Bug #11575: OpenVPN clients cannot pass traffic when reconnecting using the same source port
adding _nobind_ fixes the problems with viscosity on mac big sur not reconnecting after a disconnect. It continues to... IT Support
07:56 AM Bug #11459 (Feedback): pfBlockerNG doesn't include WireGuard interface in outbound floating rules
PR has been merged. Thanks! Renato Botelho
07:52 AM Feature #11560 (Feedback): add ena(4) to the list of INLINE mode (netmap) supported cards
PR has been merged. Thanks! Renato Botelho
07:51 AM Feature #11533 (Feedback): add ena(4) to the list of INLINE mode (netmap) supported cards
PR has been merged to 2.6.0/21.05 snapshots and will be cherry-picked to stable branches together with last binary up... Renato Botelho
07:48 AM Bug #11546 (Feedback): incorrect 'set as-path' command
PR has been merged. Thanks! Renato Botelho
07:48 AM Bug #11517 (Feedback): Zebra Access List Names don't prevent spaces, but a whitespace in the name will stop FRR from starting
PR has been merged. Thanks! Renato Botelho
07:48 AM Bug #11511 (Feedback): OSPF distribute List always empty
PR has been merged. Thanks! Renato Botelho
07:40 AM Feature #10858 (Feedback): OpenVPN Client silent install
PR has been merged. Thanks! Renato Botelho
07:40 AM Feature #11520 (Feedback): Add 'explicit-exit-notify' option by default
PR has been merged. Thanks! Renato Botelho
07:36 AM Bug #11532 (Feedback): LCDproc service is not disabled
PR has been merged. Thanks! Renato Botelho
07:35 AM Bug #11515 (Feedback): node_exporter 0.18.1_1 - Unable to interact or start the service from web ui
PR has been merged. Thanks! Renato Botelho
03:26 AM Feature #11579 (New): Snort alerts or blocks trigger notifications
I use the default pfSense notifications under System -> Advanced -> Notifications, and I'd love to be able to receive... Offstage Roller

02/28/2021

09:45 PM Bug #11572: Auto created firewall rules have IPv4 as protocol only - even for IPv6 lists.
Please update to pfBlockerNG-devel, as pfBlockerNG is not receiving many updates. This issue is resolved in devel. BBcan177 .
04:19 AM Bug #11572 (New): Auto created firewall rules have IPv4 as protocol only - even for IPv6 lists.
Using any IPv6 list in pfblocker-ng "IPv6 settings" tab results in a firewall rule with the protocol set to IPv4. Thi... Dave Tickem
04:17 PM Bug #11575: OpenVPN clients cannot pass traffic when reconnecting using the same source port
OpenVPN 2.5.1 does not appear to make a difference for this. I built a package for FreeBSD and loaded it, as well as ... Jim Pingle
11:15 AM Bug #11575 (Resolved): OpenVPN clients cannot pass traffic when reconnecting using the same source port
If an OpenVPN client reconnects immediately after disconnecting, in certain cases it cannot pass traffic.
This app... Jim Pingle
11:08 AM Todo #11574 (Duplicate): Add "nobind" to exported OpenVPN configurations by default
Remote access OpenVPN clients should be using @nobind@ in their configurations so they use a random port and appropri... Jim Pingle
09:06 AM Feature #11573: Custom Commands
That wouldn't be something we'd consider for the base system, but we might consider it if someone wanted to make a pa... Jim Pingle
07:17 AM Feature #11573 (New): Custom Commands
Ability to store custom commands on pfsense, and able to run them from same page.
For example storing this command... Manjot Singh

02/27/2021

07:55 PM Bug #10429: Status Traffic Total broken 2.4.5
The patch provided by me above with the instructions works to fix it on 2.4.5, or, you can also update to 2.5.0 which... Chris R
07:53 PM Bug #10429: Status Traffic Total broken 2.4.5
hello guys.
has this been fixed in 4.5? Andres Mora
02:42 PM Feature #11560 (Pull Request Review): add ena(4) to the list of INLINE mode (netmap) supported cards
Jim Pingle
12:30 AM Feature #11560: add ena(4) to the list of INLINE mode (netmap) supported cards
https://github.com/pfsense/FreeBSD-ports/pull/1047 Viktor Gurov
12:22 AM Feature #11560 (Resolved): add ena(4) to the list of INLINE mode (netmap) supported cards
add ena(4) to the list of INLINE mode (netmap) supported cards (pfSense 2.5/21.02)
see https://github.com/pfsense/... Viktor Gurov
12:30 PM Feature #11567 (New): Email report add a note filed request
I think for the email reports it'd be highly useful to have a note filed added.
Here is a use case:
Say a user ... Yuri Weinstein
10:05 AM Bug #11449: BIND fails during/after upgrade to 21.02/2.50
Hello team,
Any idea when this will be ported to armv7 arch (Netgate SG-3100)?
https://pkg.freebsd.org/FreeBSD... Tchello Mello
03:37 AM Bug #11449: BIND fails during/after upgrade to 21.02/2.50
manual installation of the latest BIND version fixes the issue:... Viktor Gurov
07:11 AM Bug #11563 (Confirmed): BIND GUI writes TXT records > 255 characters
System: Netgate SG-3100, 2.4.5_1 (I checked the "git log":https://github.com/pfsense/FreeBSD-ports/commits/6209a37396... Bill McGonigle
03:01 AM Bug #11182: NRPE in HA syncs the bind IP
I can confirm that behaviour as well as 2.4.5p1 and 2.5 Pim Pish
02:23 AM Feature #10739: Update HAproxy-devel package to 2.2 and HAproxy to 2.0
And another point "Health Check Overhaul - now multiply healtchecks are possible for one backend so changes must be u... DRago_Angel [InV@DER]
02:22 AM Bug #11491: haproxy-devel v0.62_2 - startup error 'httpchk'
Because now correct syntax is another:
https://cbonte.github.io/haproxy-dconv/2.2/configuration.html#4.2-http-check%... DRago_Angel [InV@DER]

02/26/2021

10:52 PM Bug #11477: FRR does not recognize some BFD options
looks ,FRR 7.5 does not have "default" and "label' options
pfSense.home.arpa(config-bfd-peer)#
detect-multiplie... Alhusein Zawi
01:08 PM Bug #11546: incorrect 'set as-path' command
No need for that, just pick "Set prepend" in the drop-down instead of "Set". The "Set" option is not in FRR now, but ... Jim Pingle
01:05 PM Bug #11546: incorrect 'set as-path' command
work around:
- Copy commands: "set as-path 65001"
- add "prepend" : set as-path prepend 65001
- go to Service... Alhusein Zawi
07:33 AM Bug #11546 (Pull Request Review): incorrect 'set as-path' command
Jim Pingle
12:55 AM Bug #11546: incorrect 'set as-path' command
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/61 Viktor Gurov
12:18 AM Bug #11546 (Resolved): incorrect 'set as-path' command
If you create a route map with AS Path Option = Set, an error will occur:... Viktor Gurov
11:10 AM Bug #11375 (New): UPS Type <BLANK> for USB APC
Viktor Gurov
09:33 AM Feature #9238: Add support for Zerotier
@Netgate - Any chance this could be added to 2.5 ? Corey Boyle
08:51 AM Bug #11551: SG-3100 with pfBlockerNG doesn't pass traffic
Jim Pingle wrote:
> The PHP segfault may be similar to, or the same as, #11466
I definitely agree. Something weir... Bill Meeks
08:28 AM Bug #11551: SG-3100 with pfBlockerNG doesn't pass traffic
The PHP segfault may be similar to, or the same as, #11466 Jim Pingle
08:15 AM Bug #11551 (Closed): SG-3100 with pfBlockerNG doesn't pass traffic
SG-3100 appliance doesn't pass traffic on boot and I see error messages in `dmesg`:... Viktor Gurov

02/25/2021

05:12 PM Bug #11543 (Duplicate): SquidGuard 1.16.18_15 - returning wrong page
I have configurate squid+ squidguard, with autentication ldap, after Renato fixed problem with ldap filter.
So anoth... Robson Ferreira
12:29 PM Bug #11501: Daily acme "expiring soon" warnings about a test Let's Encrypt certificate that expired > 300 days ago
You delete the entry from the certificate manager, which is where the warning was generated. Not ACME.
Any further... Jim Pingle
11:40 AM Bug #11501: Daily acme "expiring soon" warnings about a test Let's Encrypt certificate that expired > 300 days ago
When you said, "Delete it" I thought deleting the acme config in the gui would fix it. But no, I did that and still g... Craig Leres
08:39 AM Regression #11534 (New): FreeRADIUS EAP anonymous connection forbidden out-of-tunnel
With an LDAP backend but no SQL backend, the virtual server configuration ends up as follows:... Didier Raboud
07:39 AM Bug #11532 (Pull Request Review): LCDproc service is not disabled
Jim Pingle
03:04 AM Bug #11532: LCDproc service is not disabled
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/60 Viktor Gurov
03:02 AM Bug #11532 (Resolved): LCDproc service is not disabled
LCDproc service is not disabled if you uncheck "Enable LCDproc at startup" checkbox
/usr/local/etc/rc.d/lcdproc.sh i... Viktor Gurov
06:36 AM Feature #11533: add ena(4) to the list of INLINE mode (netmap) supported cards
https://github.com/pfsense/FreeBSD-ports/pull/1046 Viktor Gurov
03:58 AM Feature #11533 (Resolved): add ena(4) to the list of INLINE mode (netmap) supported cards
add ena(4) to the list of INLINE mode (netmap) supported cards (pfSense 2.5/21.02)
see https://github.com/pfsense/... Viktor Gurov
04:16 AM Bug #11449: BIND fails during/after upgrade to 21.02/2.50
related to named ACL
see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=980786 Viktor Gurov
04:00 AM Feature #11531: Show netmap compatible cards in IPS Mode note
+ add ena(4) to the list of netmap-compatible cards (#11533) Viktor Gurov
03:13 AM Feature #11531: Show netmap compatible cards in IPS Mode note
see also #10950 Viktor Gurov
02:51 AM Feature #11531 (Resolved): Show netmap compatible cards in IPS Mode note
https://www.freebsd.org/cgi/man.cgi?query=netmap&sektion=4 ... Danilo Zrenjanin
02:55 AM Bug #11529 (Rejected): zeek leaves traces after uninstall
fixed in #11381
now it correctly removes `/usr/local/etc/rc.d/zeek.sh`
see https://github.com/pfsense/FreeBSD-por... Viktor Gurov

02/24/2021

10:17 PM Bug #11530 (Closed): ntopng 4.2 needs to be updated to 4.3, Bug when accessing a host for details
On pfsense 2.5, installing ntopng from package manager ntop 0.8.13_9 which is 4.2 version of ntopng, after logging in... Max D
10:11 PM Bug #11529 (Rejected): zeek leaves traces after uninstall
Running latest 2.5 release of pfsense, I installed zeek to test out, but after removing the package, services still s... Max D
10:53 AM Bug #11525 (Closed): pfsense 2.5.0 release version for vlan issue to suricata
I have found that pfsense vlans have issues on suricata after updated to 2.5.0 release in esxi 7.0.1 virtual machine.... Ahmed Mohamed
10:20 AM Bug #11515 (Pull Request Review): node_exporter 0.18.1_1 - Unable to interact or start the service from web ui
Jim Pingle
12:25 AM Bug #11515: node_exporter 0.18.1_1 - Unable to interact or start the service from web ui
fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/58 Viktor Gurov
10:19 AM Bug #11517 (Pull Request Review): Zebra Access List Names don't prevent spaces, but a whitespace in the name will stop FRR from starting
Jim Pingle
09:56 AM Bug #11511 (Pull Request Review): OSPF distribute List always empty
Jim Pingle
09:48 AM Feature #11520 (Pull Request Review): Add 'explicit-exit-notify' option by default
Jim Pingle
06:50 AM Feature #11520: Add 'explicit-exit-notify' option by default
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/59 Viktor Gurov
06:04 AM Feature #11520: Add 'explicit-exit-notify' option by default
Also see:
https://redmine.pfsense.org/issues/9085
 Pippin MMD
04:36 AM Feature #11520 (Resolved): Add 'explicit-exit-notify' option by default
https://build.openvpn.net/man/openvpn-2.5/openvpn.8.html:... Viktor Gurov
07:13 AM Bug #11522 (New): fping6 error
we have a XG7100 (not updated to 2.5) with a running zabbix proxy. Now we discovered many entrys in the logfile with:... Viktor Gurov

02/23/2021

11:37 PM Bug #11517: Zebra Access List Names don't prevent spaces, but a whitespace in the name will stop FRR from starting
fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/57 Viktor Gurov
02:32 PM Bug #11517 (Resolved): Zebra Access List Names don't prevent spaces, but a whitespace in the name will stop FRR from starting
Services/FRR/Global Settings/Edit/Access Lists allows saving the settings with a whitespace in the name, but this cau... Lennart dV
08:07 PM Bug #11449: BIND fails during/after upgrade to 21.02/2.50
I also have this issue after upgrading to pfsense 2.5. I've noticed that if you reboot the named process doesn't seem... Stefan Andersson
06:22 PM Bug #11501: Daily acme "expiring soon" warnings about a test Let's Encrypt certificate that expired > 300 days ago
Jim Pingle wrote:
> Craig Leres wrote:
> > How was I able to go 390+ days before upgrading to 21.02 without getting... Craig Leres
12:36 PM Bug #11515 (Feedback): node_exporter 0.18.1_1 - Unable to interact or start the service from web ui
This bug can be reproduced on my Netgate XG-7100 running 21.02-RELEASE
After installing the package for the first... dff dff
12:34 PM Bug #11513: FFR won't show Access-List on Distribute List (OSPF)
Can't access gitlab.netgate.com :/ F. M.
12:21 PM Bug #11513 (Duplicate): FFR won't show Access-List on Distribute List (OSPF)
Duplicate of #11511 Viktor Gurov
12:20 PM Bug #11513 (Duplicate): FFR won't show Access-List on Distribute List (OSPF)
Pfsense 2.5 and FRR 1.1.0_5.
You create an access list and expect to set it on OSPF "Distribute List".
However ... F. M.
12:18 PM Bug #11511: OSPF distribute List always empty
fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/56 Viktor Gurov
12:05 PM Bug #11511 (Resolved): OSPF distribute List always empty
from https://forum.netgate.com/topic/161176/filter-some-routes:
The GUI does not find the configured ACL Lists any m... Viktor Gurov
10:47 AM Bug #11509 (Closed): LCD package - not starting at boot - stop and start in Status Window not possible
Hi all,
I'm using pfSense 2.5 on a WatchGuard XTM 510 on which I started using the built in LCD display. Got it work... The Cycler63
06:52 AM Bug #11477 (Feedback): FRR does not recognize some BFD options
PR has been merged. Thanks! Renato Botelho
06:52 AM Bug #11392 (Feedback): FRR - Advanced Routing Behavior - Network Import Check: Flag should be reversed
PR has been merged. Thanks! Renato Botelho
06:52 AM Bug #11445 (Feedback): bgp as-path in wrong position
PR has been merged. Thanks! Renato Botelho

02/22/2021

06:56 PM Bug #9204: ospfd: GRE tunnels became unnumbered since 2.4.4
...I mean, this is not a proper test, I need to bring up a live tunnel and get some LSAs going first.
But when thi... Firstname Surname
03:56 PM Bug #9204: ospfd: GRE tunnels became unnumbered since 2.4.4
OK - I just tested that fix.... Firstname Surname
03:37 PM Bug #9204: ospfd: GRE tunnels became unnumbered since 2.4.4
Typically we would wait until it's in an official release. Jim Pingle
02:37 PM Bug #9204: ospfd: GRE tunnels became unnumbered since 2.4.4
FRR have been silent, but it looks like the person who raised this has a patch. What's your policy here, do you apply... Firstname Surname
01:00 PM Bug #11501: Daily acme "expiring soon" warnings about a test Let's Encrypt certificate that expired > 300 days ago
Craig Leres wrote:
> How was I able to go 390+ days before upgrading to 21.02 without getting daily expiring message... Jim Pingle
12:40 PM Bug #11501: Daily acme "expiring soon" warnings about a test Let's Encrypt certificate that expired > 300 days ago
And I should ask is there a way to delete the certificate but keep the test config in case I need to test in the futu... Craig Leres
12:38 PM Bug #11501: Daily acme "expiring soon" warnings about a test Let's Encrypt certificate that expired > 300 days ago
Jim Pingle wrote:
> Delete it, it's not needed. It's a leftover from previous ACME certificates.
>
> Entries are ... Craig Leres
12:35 PM Bug #11501 (Not a Bug): Daily acme "expiring soon" warnings about a test Let's Encrypt certificate that expired > 300 days ago
Delete it, it's not needed. It's a leftover from previous ACME certificates.
Entries are never removed automatical... Jim Pingle
12:25 PM Bug #11501 (Not a Bug): Daily acme "expiring soon" warnings about a test Let's Encrypt certificate that expired > 300 days ago
When I setup acme on my pfsense box I used the same procedure as I would with a FreeBSD host; I created a test cert w... Craig Leres
12:07 PM Bug #11490: Service Watchdog - Impacts Reboots and Package Updates
All fair points.
Have run into a couple occasions where something 'died' (such as Snort, Suricata, lldpd, haproxy)... A S
10:11 AM Bug #11490: Service Watchdog - Impacts Reboots and Package Updates
This is a problem only with the package and also not likely one that will be solvable in an easy way.
The package ... Jim Pingle
10:12 AM Feature #11492 (Duplicate): there is an Freebsd version available for a splunk universal forwarder
Duplicate of #7683 Jim Pingle
09:51 AM Bug #11465 (Pull Request Review): Input validation does not prevent multiple conflicting WireGuard peers on a single tunnel from attempting to act as default route
Jim Pingle
09:42 AM Bug #11477 (Pull Request Review): FRR does not recognize some BFD options
Jim Pingle
09:38 AM Bug #11392 (Pull Request Review): FRR - Advanced Routing Behavior - Network Import Check: Flag should be reversed
Jim Pingle
09:38 AM Bug #11445 (Pull Request Review): bgp as-path in wrong position
Jim Pingle
05:44 AM Feature #11386 (Feedback): Add WireGuard tunneled networks to vpnaddresses list
PR has been merged. Thanks! Renato Botelho
05:42 AM Feature #11385 (Feedback): Add WireGuard tunneled networks to vpnaddresses list
PR has been merged. Thanks! Renato Botelho

02/21/2021

05:31 AM Bug #11493 (New): After upgrade zabbix proxy wont start
Due to database changes between zabbix-proxy versions. The proxy database needs to be removed after upgrading else th... Pim Janssen
03:08 AM Feature #11492 (Duplicate): there is an Freebsd version available for a splunk universal forwarder
Splunk is great log analyzer. As well there is a free version available.
I my opinion it might be a good idea to u... thiamata thiamata
01:18 AM Bug #11491 (Feedback): haproxy-devel v0.62_2 - startup error 'httpchk'
Seeing this error message upon startup (under 2.5.0):
haproxy: startup error output!: [WARNING] 051/015053 (57019)... A S
01:11 AM Bug #11490 (New): Service Watchdog - Impacts Reboots and Package Updates
All - wasn't quite sure which to attribute this to as its a package, but is impacting standard operation.
Synopsis... A S

02/20/2021

12:33 PM Bug #8466 (Resolved): radiusd crash
Tested on the latest release.
It works as expected. Ticket resolved. Danilo Zrenjanin
10:56 AM Bug #11465: Input validation does not prevent multiple conflicting WireGuard peers on a single tunnel from attempting to act as default route
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/149 Viktor Gurov
05:57 AM Bug #11477: FRR does not recognize some BFD options
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/55 Viktor Gurov
04:20 AM Bug #11477 (Feedback): FRR does not recognize some BFD options
BFD daemon failed to start due to using incorrect command syntax:... Viktor Gurov
05:53 AM Bug #11479 (New): snmptt 1.4.2 does not work in daemon mode
There is a bug in snmptt 1.4.2 that prevents it from starting up in daemon mode.
Upstream bug report: https://sour... Christian Ullrich
03:05 AM Bug #11392: FRR - Advanced Routing Behavior - Network Import Check: Flag should be reversed
add "no bgp network import-check" if unchecked:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/54 Viktor Gurov

02/19/2021

03:04 PM Bug #11468: pfsense+ 21.02 missing zabbix44 package
Hi Jim, ok, thank you for reply DRago_Angel [InV@DER]
01:58 PM Bug #11468 (Rejected): pfsense+ 21.02 missing zabbix44 package
It's expected, they are EOL and gone from ports so we have no way to keep them.... Jim Pingle
01:49 PM Bug #11468 (Rejected): pfsense+ 21.02 missing zabbix44 package
Hi, after update to pfsense+ 21.02 my zabbix was been removed, I checked and installed 4.0, but my server is 4.4 so p... DRago_Angel [InV@DER]
11:47 AM Bug #11449: BIND fails during/after upgrade to 21.02/2.50
Thats running pfsense 2.5 upgraded from 2.4.5-p1 Wayne Graves
11:46 AM Bug #11449: BIND fails during/after upgrade to 21.02/2.50
I'm using a Supermicro SuperServer E200-8D - Mini-1U - Xeon D-1528 1.9 GHz 32g ecc 500g ssd NMVe. A clean bind instal... Wayne Graves
10:41 AM Bug #11449: BIND fails during/after upgrade to 21.02/2.50
I'll remove all the files tonight and then try it again with clean files.
It's running on a Netgate SG-3100
***... Tchello Mello
10:37 AM Bug #11449: BIND fails during/after upgrade to 21.02/2.50
same issue with a clean BIND install?
pfSense Plus 21.02 or pfSense 2.5?
what kind of appliance? VM, Netgate applia... Viktor Gurov
09:10 AM Bug #11449: BIND fails during/after upgrade to 21.02/2.50
-I'm going to check how can I install strace on this box to see if I can further debug it.
Used `truss` however, ... Tchello Mello
05:32 AM Bug #11449: BIND fails during/after upgrade to 21.02/2.50
Wayne Graves wrote:
> unbound not running when this occurred on my pfsense 2.5.
Yea, ignore my comment (I deleted... Chris R
05:20 AM Bug #11449: BIND fails during/after upgrade to 21.02/2.50
unbound not running when this occurred on my pfsense 2.5. Wayne Graves
04:20 AM Bug #11449: BIND fails during/after upgrade to 21.02/2.50
can be related to #7271 Viktor Gurov
08:01 AM Bug #11465 (Closed): Input validation does not prevent multiple conflicting WireGuard peers on a single tunnel from attempting to act as default route
WireGuard uses Allowed IPs for internal routing to decide where to send traffic to a peer. When a peer has Allowed IP... Jim Pingle
07:55 AM Bug #11459 (Pull Request Review): pfBlockerNG doesn't include WireGuard interface in outbound floating rules
Jim Pingle
04:13 AM Bug #11459: pfBlockerNG doesn't include WireGuard interface in outbound floating rules
https://github.com/pfsense/FreeBSD-ports/pull/1044 Viktor Gurov
04:07 AM Bug #11459 (Resolved): pfBlockerNG doesn't include WireGuard interface in outbound floating rules
pfBlockerNG needs an option on the General tab for "WireGuard" similar to the "IPsec", "OpenVPN" and "L2TP VPN" optio... Viktor Gurov
07:55 AM Feature #10739: Update HAproxy-devel package to 2.2 and HAproxy to 2.0
To add:
1. Now *Auto* SSL/TLS Compatibility Mode description says:
</code>If unsure leave it as 'Auto'</pre>
This ... DRago_Angel [InV@DER]
07:24 AM Bug #11461: zeek package - Web Interface does not display any log content Package/Zeek/Alerts/Real Time Inspection
Further problems identified in the zeek_alerts.php:
The content is updated every 10 seconds however, the results in ... Felix S
06:58 AM Bug #11461: zeek package - Web Interface does not display any log content Package/Zeek/Alerts/Real Time Inspection
Further investigation seems to show that the web gui is leveraging zeek_alert_data.php for getting the data. However,... Felix S
04:44 AM Bug #11461 (Resolved): zeek package - Web Interface does not display any log content Package/Zeek/Alerts/Real Time Inspection
Pfsense 2.5.0 - Release, Zeek 3.0.6_1
Confirmed that zeek is working properly by inspecting process list as well as ... Felix S
02:11 AM Bug #11333 (Resolved): Incorrect community-list format
1.1.0_4 works as expected:... Viktor Gurov

02/18/2021

10:20 PM Bug #11449: BIND fails during/after upgrade to 21.02/2.50
I'm also hitting the same problem on my SG-3100.
Seeing the same permissions problems here is what I'm seeing:
... Tchello Mello
12:30 PM Bug #11449 (Resolved): BIND fails during/after upgrade to 21.02/2.50
After upgrading to 21.02, the named service wouldn’t start and the logs said it was segfaulting ("signal 11"). So I r... Anthony Pants
12:34 PM Bug #11434 (Feedback): SquidGuard over 1.16.18_11
Fix pushed to version 1.16.18_15. Thank you! Renato Botelho
12:21 PM Bug #11434: SquidGuard over 1.16.18_11
I found the problem in /usr/local/pkg/squidguard_configurator.inc
Line: 903... Eduardo Silva
10:04 AM Bug #11434: SquidGuard over 1.16.18_11
Hi, i have same problem. i try change Client (source) with ip, domain, etc.. and config file is written with correct ... Eduardo Silva
10:41 AM Bug #11445: bgp as-path in wrong position
fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/53 Viktor Gurov
10:24 AM Bug #11445 (Resolved): bgp as-path in wrong position
https://forum.netgate.com/topic/160998/frr-7-5-full-bgp-table-very-slow-and-as-paths-not-working/4:... Viktor Gurov
09:49 AM Bug #11404 (Feedback): Incorrect prefix/access lists migration on update
Merged Renato Botelho
09:48 AM Feature #11405 (Feedback): add RPKI route map in GUI
Merged Renato Botelho
09:48 AM Bug #8466 (Feedback): radiusd crash
Merged Renato Botelho
08:09 AM Feature #10858: OpenVPN Client silent install
Jordan Fishman wrote:
> Hello,
>
> There appears to be a bug in the page, where the "Save as default" button does... Viktor Gurov

02/17/2021

08:38 PM Feature #10779: HAProxy SSL/TLS Compatibility Mode
... DRago_Angel [InV@DER]
08:32 PM Feature #10739: Update HAproxy-devel package to 2.2 and HAproxy to 2.0
Hi Actually my ticket was much before of "duplicate", and my ticket contain details, that now issue with 2.2 in 2.5 p... DRago_Angel [InV@DER]
01:23 PM Bug #11434 (Resolved): SquidGuard over 1.16.18_11
Hi, first problem thatI found is when we are using ldapusersearch on groups acl.
In older version when I insert ldap... Robson Ferreira

02/16/2021

08:38 AM Bug #8466 (Pull Request Review): radiusd crash
Jim Pingle

02/15/2021

07:16 PM Feature #10858: OpenVPN Client silent install
Hello,
There appears to be a bug in the page, where the "Save as default" button does not save/apply the "silent i... Jordan Fishman
08:46 AM Feature #11043: pfSense GUI for iperf3 / perf
Jim Pingle wrote:
> Maintaining a list of public servers is outside the scope of the package, and encouraging users ... Sergei Shablovsky

02/13/2021

11:11 PM Feature #11022: Add feeds from Firebog.net to pfBlockerNG
2.4.5p1 w/ pfblockerng-devel 3.0.0_10 shows additional firebog entries in feeds Jordan G
04:58 PM Bug #11333: Incorrect community-list format

/var/log/frr/frr-reload.log is not generated in 2.4.5
2.4.5-RELEASE-p1 FRR 0.6.7_7
FRR 1.1.0_4 is n... Alhusein Zawi
05:23 AM Bug #8466: radiusd crash
I retested and added another minor fix.
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/51 Danilo Zrenjanin
02:46 AM Bug #11414 (New): Enabling feed "Public_DNS4_all" breaks some Google services
It seems at some point either public-dns.info added a wrong IP to their list of public DNS servers, Google changed so... T Toft
02:25 AM Bug #11131 (Resolved): pfblockerng-devel 3.0.0_2 logs when logging is disabled
Viktor Gurov
02:09 AM Bug #11131: pfblockerng-devel 3.0.0_2 logs when logging is disabled
I completely forgot about this bug report and now it is resolved. Sorry, please close (I don't think I can?). T Toft
01:08 AM Bug #8607: Suricata package fails to prune suricata.log
Got this error again today with Suricata 5.0.4_2.... Car F

02/12/2021

09:29 PM Feature #11411: Smokeping as a default latency measurement tool
Sergei Shablovsky wrote:
> The main advantages:
> - very flexible system of a measurements (due a lot of probes htt... Sergei Shablovsky
05:12 PM Feature #11411: Smokeping as a default latency measurement tool
Sergei Shablovsky wrote:
> Dear pfSense DevTeam!
>
> Please add Smokeping for monitoring WAN and LAN links state.... Sergei Shablovsky
04:43 PM Feature #11411 (New): Smokeping as a default latency measurement tool
Dear pfSense DevTeam!
Please add Smokeping for monitoring WAN and LAN links state.
The main advantages:
- very... Sergei Shablovsky
03:53 PM Feature #11410 (New): adding bpytop (former Bashtop)
Dear pfSense DevTeam!
Adding bpytop (former Bashtop) for local monitoring of pfSense-based firewall state: hardwar... Sergei Shablovsky
12:36 PM Feature #11405 (Pull Request Review): add RPKI route map in GUI
Jim Pingle
02:16 AM Feature #11405: add RPKI route map in GUI
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/50
see https://docs.frrouting.org/en/latest/bgp.... Viktor Gurov
01:54 AM Feature #11405 (Resolved): add RPKI route map in GUI
Allow to select `match rpki` in the WebGUI:... Viktor Gurov
12:35 PM Bug #11404 (Pull Request Review): Incorrect prefix/access lists migration on update
Jim Pingle
01:51 AM Bug #11404: Incorrect prefix/access lists migration on update
fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/49 Viktor Gurov
12:04 AM Bug #11404 (New): Incorrect prefix/access lists migration on update
https://forum.netgate.com/topic/160694/frr-7-3-7-5-bgp-not-announcing-routes:
I notice it now has an IP type selec... Viktor Gurov
10:35 AM Feature #11408 (Rejected): Store 'Device Key' in config.xml
This would be better served by #11118 Jim Pingle
10:07 AM Feature #11408 (Rejected): Store 'Device Key' in config.xml
Storing the ACB device key in config.xml allows users to use the latest config.xml backup as a safe copy of the Devic... Viktor Gurov
04:43 AM Bug #11391 (Confirmed): Zeek crashes on 2.5.0
running `zeekctl deploy` fixes this issue Viktor Gurov
03:49 AM Bug #11381 (Resolved): PHP error after clean Zeek install
Fixed Viktor Gurov
03:42 AM Feature #10605 (Resolved): Add certificates from Trusted Store to Squid cert store
squid pkg 0.4.45_3 - fixed Viktor Gurov

02/11/2021

11:47 PM Bug #11373 (Resolved): FRR: BGP neighbor remote-as external doesn't work
Viktor Gurov
11:47 PM Bug #11376 (Resolved): BGP MD5 keys are not removed on service stop
Viktor Gurov
01:08 AM Bug #11392: FRR - Advanced Routing Behavior - Network Import Check: Flag should be reversed
Ok I am up and running now and after some testing I can rephrase the issue more clearly.
- We have some changes be... M Felden

02/10/2021

10:50 PM Bug #11373: FRR: BGP neighbor remote-as external doesn't work
Remote-as external/internal is reflected in configuration and Neighbor-ship is established
router bgp 61000
n... Alhusein Zawi
10:24 PM Bug #11376: BGP MD5 keys are not removed on service stop
if FRR service stopped/disabled
"setkey -D" is not showing entries "No SAD entries"
if FRR is not stopped ... Alhusein Zawi
02:29 PM Bug #11398: pfBlocker upgrade hangs forever
At work, but this has happened with every pfblocker upgrade since trialing pfSense 2.5 and then moving to pfblocker 3... andreas vesalius
02:06 PM Bug #11398: pfBlocker upgrade hangs forever
andreas vesalius wrote:
> Also, the bigger issue as the pfblocker-devel package manager upgrade will complete, is th... Renato Botelho
02:03 PM Bug #11398: pfBlocker upgrade hangs forever
Also, the bigger issue as the pfblocker-devel package manager upgrade will complete, is that unbound fails to restart... andreas vesalius
01:34 PM Bug #11398 (Resolved): pfBlocker upgrade hangs forever
It was first reported at https://redmine.pfsense.org/issues/10610#note-11 but since it never happened again with any ... Renato Botelho
01:35 PM Feature #11396 (Rejected): Add Zeek as an installable package
It is already a pfSense package on 2.5.0: pfSense-pkg-zeek-3.0.6_1 Jim Pingle
01:18 PM Feature #11396 (Rejected): Add Zeek as an installable package
Base install:
Supported in FreeBSD (https://www.freshports.org/security/zeek) so installation and updates should be ... Charles Johnston
08:54 AM Bug #11388 (Feedback): Captive Portal authentication error with MySQL backend
merged Renato Botelho
07:58 AM Bug #11366: Arpwatch Cron Notification every 15 minutes
Adam French wrote:
> Abdul Khaliq wrote:
> > Viktor Gurov wrote:
> > > You need to check "Disable Cron emails" opt... Abdul Khaliq
07:54 AM Bug #11366: Arpwatch Cron Notification every 15 minutes
Abdul Khaliq wrote:
> Viktor Gurov wrote:
> > You need to check "Disable Cron emails" option
> > see #10771
>
>... Adam French
04:46 AM Bug #11392 (Closed): FRR - Advanced Routing Behavior - Network Import Check: Flag should be reversed
In Services -> FRR -> BGP -> Advanced -> Advanced Routing Behavior
There is a "Network Import Check" that is not ... M Felden

02/09/2021

03:13 PM Bug #11391 (Resolved): Zeek crashes on 2.5.0
Trying to use zeek on 2.5.0 RC and I get a crash email and the service will not start. Also, chose 'sudo' category a... Zachary McGibbon
10:28 AM Bug #11375: UPS Type <BLANK> for USB APC
For clarity can the labels be changed slightly? As I wrote in the forum the column labels look like "UPSTYPEDEVICE" ... Steve Y
05:05 AM Feature #11386: Add WireGuard tunneled networks to vpnaddresses list
https://github.com/pfsense/FreeBSD-ports/pull/1038 Viktor Gurov
12:29 AM Feature #11386 (Resolved): Add WireGuard tunneled networks to vpnaddresses list
Currently it adds (#8688):
- IPsec Mobile IPv4 subnet
- IPsec site-to-site networks
- OpenVPN client/server Tunnel... Viktor Gurov
04:49 AM Feature #11385: Add WireGuard tunneled networks to vpnaddresses list
https://github.com/pfsense/FreeBSD-ports/pull/1037 Viktor Gurov
12:27 AM Feature #11385 (Resolved): Add WireGuard tunneled networks to vpnaddresses list
Currently it adds (#10700):
- IPsec Mobile IPv4 subnet
- IPsec site-to-site networks
- OpenVPN client/server Tunne... Viktor Gurov
04:23 AM Bug #11388: Captive Portal authentication error with MySQL backend
fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/48 Viktor Gurov
04:13 AM Bug #11388 (Feedback): Captive Portal authentication error with MySQL backend
https://forum.netgate.com/topic/160549/captive-portal-error:
has anyone encountered this particular issue with Freer... Viktor Gurov

02/08/2021

12:17 PM Feature #8547: fwknop Port Knocking Package
Kurt Yoder wrote:
> > Because security bugs are frequently discovered in all sorts of software, *including security... David Yon
07:33 AM Bug #11373 (Feedback): FRR: BGP neighbor remote-as external doesn't work
Merged Renato Botelho
07:17 AM Bug #11373 (Pull Request Review): FRR: BGP neighbor remote-as external doesn't work
Jim Pingle
07:33 AM Bug #11376 (Feedback): BGP MD5 keys are not removed on service stop
Merged Renato Botelho
07:19 AM Bug #11376 (Pull Request Review): BGP MD5 keys are not removed on service stop
Jim Pingle
07:29 AM Feature #10605 (Feedback): Add certificates from Trusted Store to Squid cert store
Merged Renato Botelho
05:16 AM Feature #10605: Add certificates from Trusted Store to Squid cert store
2.4.5 fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/47 Viktor Gurov
04:06 AM Feature #10605 (New): Add certificates from Trusted Store to Squid cert store
works fine on 2.5, but produces php error on 2.4.5 if 'Extra Trusted CA' != none:... Viktor Gurov
07:28 AM Bug #11381 (Feedback): PHP error after clean Zeek install
Merged Renato Botelho
07:21 AM Bug #11377 (Pull Request Review): FRR deinstall
Removing the leftover files is fine but I don't think this package needs the ability to reset/wipe the config. Too da... Jim Pingle
12:51 AM Feature #11295: DNSBL IDN support
https://github.com/pfsense/FreeBSD-ports/pull/1036 Viktor Gurov

02/07/2021

10:44 AM Bug #11381: PHP error after clean Zeek install
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/46 Viktor Gurov
09:48 AM Bug #11381 (Resolved): PHP error after clean Zeek install
If you press save on the Zeek package configuration page without any options/checkboxes, PHP errors will occur:
<pre... Viktor Gurov
05:40 AM Bug #3085 (Resolved): squidguard: problems when importing a blacklist archive containing soft-links
works as expected, see https://forum.netgate.com/topic/160607/squidguard-ut1-blacklist-support Viktor Gurov
04:00 AM Bug #11334 (Resolved): FRR IPv4 OSPF passive-interface not working
1.1.0_3, /var/etc/frr/frr.conf:... Viktor Gurov
03:28 AM Feature #11199 (Resolved): Minor updates
pfBlockerNG-devel 3.0.0_9 - all OK Viktor Gurov
03:21 AM Bug #11377: FRR deinstall
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/45 Viktor Gurov
03:03 AM Bug #11377 (Pull Request Review): FRR deinstall
After uninstalling FRR all '<frr*>' entries are still in config.xml
`/var/etc/frr' also contains config files Viktor Gurov
03:00 AM Bug #11376: BGP MD5 keys are not removed on service stop
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/44 Viktor Gurov
02:56 AM Bug #11376 (Resolved): BGP MD5 keys are not removed on service stop
'setkey -D' keeps showing key association when you stop/disable FRR service.
see also #11325 Viktor Gurov
01:53 AM Bug #11375 (Closed): UPS Type <BLANK> for USB APC
there is no issue Viktor Gurov
01:32 AM Bug #11375 (New): UPS Type <BLANK> for USB APC
https://forum.netgate.com/topic/158235/potential-bug-found-with-apcupsd-package-version-0-3-91_8-and-configuring-it-i... Viktor Gurov
12:08 AM Bug #11373: FRR: BGP neighbor remote-as external doesn't work
fix:
2.5:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/42
2.4.5:
https://gitlab.netgate.... Viktor Gurov

02/06/2021

11:03 PM Bug #11191 (Resolved): Installing and Removing pfBlockerNG Leaves Shell Scripts in webConfigurator Messages
Viktor Gurov
05:19 PM Bug #11191: Installing and Removing pfBlockerNG Leaves Shell Scripts in webConfigurator Messages
Verified that this is no longer a problem. Unchecking the save settings checkbox and then removing the package prope... Kris Phillips
10:14 PM Bug #11343: Invalid link to pfSense-pkg-bind changelog
Anthony Pants wrote:
> If you go to "Installed Packages" (/pkg_mgr_installed.php) or "Available Packages" (/pkg_mgr.... Michael Spears
10:33 AM Feature #10619 (Resolved): Various FRR enhancements
Tested on 21.02-DEVELOPMENT (built on Thu Feb 04 22:53:54 CST 2021)
I see all these enhancements enabled.
This ... Azamat Khakimyanov
10:15 AM Bug #11373 (Resolved): FRR: BGP neighbor remote-as external doesn't work
if you put `external` in the web GUI as the remote-as the generated configuration doesn't include a `neighbor <ip-add... Joel Gallun
04:07 AM Feature #10202 (Resolved): redistribute bgp + route-map filtering in OSPF6
Tested on 21.02-DEVELOPMENT (built on Thu Feb 04 22:53:54 CST 2021)
There are redistribute bgp + route-map filteri... Azamat Khakimyanov

02/05/2021

09:23 AM Bug #11271 (Resolved): Setting default-originate in FRR/BGP Silently Appends a route-map
Renato Botelho
08:03 AM Bug #11271: Setting default-originate in FRR/BGP Silently Appends a route-map
This works as expected for one route map spanning both families. Much better. Thank you. Chris Linstruth
08:31 AM Bug #11346 (Resolved): Raw-Config not working
Jim Pingle
08:29 AM Bug #6818: WAN traffic graph displays inverted bandwidth columns
I was checking traffic today, in a situation of heavy file upload to the internet, and i'm seeing that everything is ... Fernando Rapetti
04:54 AM Feature #11155: SafeSearch AAAA
Renato Botelho wrote:
> PR has been merged. Thanks!
PR 1035 containing this change has been merged. Thanks! Renato Botelho
04:52 AM Feature #11155 (Feedback): SafeSearch AAAA
PR has been merged. Thanks! Renato Botelho
04:53 AM Feature #11022 (Feedback): Add feeds from Firebog.net to pfBlockerNG
PR 1035 containing this change has been merged. Thanks! Renato Botelho
04:48 AM Feature #11201 (Feedback): Show iTLD Allow IDN domains
PR has been merged. Thanks! Renato Botelho
04:46 AM Feature #11199 (Feedback): Minor updates
PR has been merged. Thanks! Renato Botelho
04:44 AM Bug #11191 (Feedback): Installing and Removing pfBlockerNG Leaves Shell Scripts in webConfigurator Messages
PR has been merged. Thanks! Renato Botelho

02/04/2021

11:03 PM Bug #11345: FRR-OSPF - No "prefix-list" possible
* prefix can be chosen from Route Filtering in OSPF area.
* Configuration is reflected in config. file.
!
rou... Alhusein Zawi
09:29 PM Bug #11346: Raw-Config not working
Issue is fixed
* updated the running config (or created new configuration)
* changed the configuration.
* pre... Alhusein Zawi
12:18 PM Bug #11135: HAproxy OCSP reponse crontab bug
Do not set target version on package tickets Renato Botelho
05:26 AM Bug #11366: Arpwatch Cron Notification every 15 minutes
Viktor Gurov wrote:
> You need to check "Disable Cron emails" option
> see #10771
Option is already checked, I'v... Abdul Khaliq
 

Also available in: Atom