Project

General

Profile

Activity

From 05/16/2021 to 06/14/2021

06/14/2021

01:17 PM Bug #12036 (Pull Request Review): Certificate Manager page do not show Zabbix used certificates
Jim Pingle
11:39 AM Bug #12036: Certificate Manager page do not show Zabbix used certificates
fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/94 Viktor Gurov
06:03 AM Bug #12036 (Resolved): Certificate Manager page do not show Zabbix used certificates
On the system_certmanager.php page, you can see the "In Use" column which reflects the certificates used by IPsec / O... Viktor Gurov
07:30 AM Bug #12027 (Closed): FreeRADIUS 3.0.22 removed LEAP, package fails to start
Works now Jim Pingle
02:17 AM Bug #12033 (New): maxmindb and _sqlite3 modules not found
https://forum.netgate.com/topic/164305/py_error-log-errors-maxmindb-and-_sqlite3-modules-not-found
I am using pfbl... Viktor Gurov

06/13/2021

11:59 AM Bug #11459: pfBlockerNG doesn't include WireGuard interface in outbound floating rules
Tested on the latest RC release.
pfBlockerNG-devel 3.0.0_16
After enabling a Wireguard tunnel the interface stil... Danilo Zrenjanin

06/12/2021

08:17 PM Bug #12031 (Resolved): Wireguard Package Produces Crash in 2.5.2
The Wireguard package produces a crash report in the dashboard in 2.5.2 after install. Here is the data:
Crash re... Kris Phillips
05:54 PM Bug #12030 (Resolved): Startup Errors for Avahi Package
The avahi package is complaining about NSS support being missing and dependency errors on startup in 2.5.2.
WARN... Kris Phillips
03:16 PM Feature #10858 (Resolved): OpenVPN Client silent install
Tested OpenVPN Client Export 1.6_1 in 2.5.2.r.20210611.0300 and the silent installer option is getting saved as defau... Max Leighton
08:37 AM Bug #11605: Suricata can trigger PHP crash on SG-3100
Bill Meeks wrote:
> Jim Pingle wrote:
> > Bill Meeks wrote:
> > > Does this function call work without restarting ... Justin P

06/11/2021

07:07 PM Bug #11950: Wireguard Package Errors and DNS problem
No more DNS issue at boot after using MSS Clamp so disregard the DNS portion of this ticket RED SKULL
11:00 AM Bug #12027 (Feedback): FreeRADIUS 3.0.22 removed LEAP, package fails to start
Fix pushed as pkg version 0.15.7_31 Jim Pingle
10:59 AM Bug #12027 (Closed): FreeRADIUS 3.0.22 removed LEAP, package fails to start
Systems which pick up FreeRADIUS 3.0.22 (e.g. 2.5.2, 2.6.0 after latest ports merge) won't start because the package ... Jim Pingle

06/10/2021

04:23 AM Bug #11575: OpenVPN clients cannot pass traffic when reconnecting using the same source port
I had the same problem.
To replicate I connect a client, then kill the openvpn.exe process.
On the pfsense the user... Marco Conca

06/09/2021

07:56 AM Bug #11605: Suricata can trigger PHP crash on SG-3100
Jim Pingle wrote:
> Bill Meeks wrote:
> > Does this function call work without restarting PHP? I don't have hardwar... Bill Meeks
07:47 AM Bug #12019 (Not a Bug): Right Axis always shows `None -`
That's not what it's indicating. You can graph two separate items, in the settings they are labeled to match (Left Ax... Jim Pingle
07:34 AM Bug #12019 (Not a Bug): Right Axis always shows `None -`
It should show something like "Right Axis: Time" Viktor Gurov

06/08/2021

09:51 PM Bug #11605: Suricata can trigger PHP crash on SG-3100
Bill Meeks wrote:
> Does this function call work without restarting PHP? I don't have hardware at the moment to test... Jim Pingle
09:20 PM Bug #11605: Suricata can trigger PHP crash on SG-3100
Jim Pingle wrote:
> The patch should fix the behavior, but the package could also implement the fix on its own using... Bill Meeks
01:35 AM Bug #12009 (New): Zabbix Agent starts twice by /etc/rc.start_packages
... Viktor Gurov

06/07/2021

09:41 AM Bug #11993 (Pull Request Review): PHP error after disabling HAProxy
Jim Pingle
04:01 AM Bug #11993: PHP error after disabling HAProxy
fix:
https://github.com/pfsense/FreeBSD-ports/pull/1072 Viktor Gurov
08:14 AM Bug #11551: SG-3100 with pfBlockerNG doesn't pass traffic
See also: #12004 Jim Pingle
07:34 AM Bug #11551: SG-3100 with pfBlockerNG doesn't pass traffic
The patch should fix the behavior, but the package could also implement the fix on its own using @ini_set("pcre.jit",... Jim Pingle
08:14 AM Bug #11605: Suricata can trigger PHP crash on SG-3100
See also: #12004 Jim Pingle
07:19 AM Bug #11605: Suricata can trigger PHP crash on SG-3100
The patch should fix the behavior, but the package could also implement the fix on its own using @ini_set("pcre.jit",... Jim Pingle
12:20 AM Bug #11711: New Squid Status Page Non-Functional
Kris Phillips wrote:
> Can someone provide the patch once this is merged so we can test?
See the attachment
 Viktor Gurov
12:05 AM Feature #11349 (Resolved): Allow to set minimum TLS version
Viktor Gurov

06/06/2021

11:24 PM Bug #11551: SG-3100 with pfBlockerNG doesn't pass traffic
The patch contained at https://redmine.pfsense.org/issues/11466#note-32 has stopped the PHP crashes. So this bug coul... Loh Phat
08:07 AM Bug #11605: Suricata can trigger PHP crash on SG-3100
Does the PHP temp workaround patch fix this one too?
https://redmine.pfsense.org/issues/11466#note-32
 Loh Phat

06/05/2021

02:07 PM Feature #11349: Allow to set minimum TLS version
Minimum TLS version option are: 1.0/1.1/1.2
2.5.1-RELEASE (amd64)
built on Mon Apr 12 07:50:14 EDT 2021 Alhusein Zawi
01:49 PM Bug #11711: New Squid Status Page Non-Functional
Can someone provide the patch once this is merged so we can test? Kris Phillips

06/04/2021

05:30 PM Feature #11997 (New): IPsec Profile Wizard: Add Support for exporting Android strongSwan Profiles
We currently have Apple and Windows IPSec profile export. However, we're missing this option for Android which has a... Kris Phillips
01:35 AM Bug #11993 (Resolved): PHP error after disabling HAProxy
After unchecking the "Enable HAProxy" checkbox and clicking 'Save' on the haproxy_global.php page, an error occurs:
... Viktor Gurov

06/02/2021

09:16 AM Bug #10436: softflowd no longer sends flow data after upgrade (v0.9.9_1 -> v1.0.0)
same crash on pfSense 21.02-p2 (SG-3100):... Viktor Gurov

06/01/2021

09:03 AM Feature #11972 (Pull Request Review): Arpwatch - Add support for Telegram notifications
Jim Pingle
03:54 AM Feature #11972: Arpwatch - Add support for Telegram notifications
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/92 Viktor Gurov
07:39 AM Bug #11366: Arpwatch Cron Notification every 15 minutes
Just checking on the status of this. I updated to the latest version of pfSense, 2.5.1-RELEASE (amd64), and it rever... Edward Thomas
03:51 AM Bug #11977 (Duplicate): Any mail from the pfsense appliance has "Arpwatch Notification" in the subject line, no matter which package the mail comes from
Duplicate of #8454
see also #11366 Viktor Gurov
03:06 AM Bug #11980: EAP does not work with SQL backend
Please provide more info - "radiusd `-X`" output during EAP+SQL authentication and changes in the `inner-tunnel-*` fi... Viktor Gurov

05/30/2021

07:19 PM Bug #11980 (Feedback): EAP does not work with SQL backend
The problem is that the sql module references in /usr/local/etc/sites-enabled/inner-*-tunnel remain commented out or ... Louis Casambre
03:45 AM Bug #11977 (Duplicate): Any mail from the pfsense appliance has "Arpwatch Notification" in the subject line, no matter which package the mail comes from
Most mail from the pfsense appliance has "Arpwatch Notification" in the subject line, even when it is from a complete... Lightning Bit

05/29/2021

06:17 PM Bug #11822 (Resolved): Upgrade ClamAV to 0.103.2
Verified that the version is upgraded in 21.05/2.5.2. Version in repos confirmed as 0.103.2_1. Kris Phillips
08:54 AM Feature #11972 (Resolved): Arpwatch - Add support for Telegram notifications
Arpwatch does not have an option to send notifications to a Telegram backend, even when the Telegram configuration is... Sergio Fernández

05/28/2021

07:15 AM Bug #11964 (Pull Request Review): pfBlocker XMLRPC sync CARP interface advskew
Jim Pingle

05/27/2021

11:29 PM Bug #11892: WireGuard: dpinger does not start correctly on a WireGuard gateway at boot
[2.6.0-DEVELOPMENT][admin@pfSense.home.arpa]/root: ifconfig tun_wg0
tun_wg0: flags=80c1<UP,RUNNING,NOARP,MULTICAST... Alhusein Zawi
05:28 PM Bug #11964: pfBlocker XMLRPC sync CARP interface advskew
from https://forum.netgate.com/topic/163709/dns-resolver-not-listening-on-lan-carp-vip-after-update-to-2-5-1/7:
> I ... Viktor Gurov
01:05 PM Bug #11970 (Confirmed): Netgate Firmware Upgrade Doesn't Work on XG-2758 (ADI/coreboot)
Any version of pfSense after 2.4.4p3 breaks the flashing functionality for coreboot in the Netgate Firmware Upgrade p... Kris Phillips
08:52 AM Bug #11965 (Pull Request Review): Avahi service started twice by /etc/rc.start_package
Jim Pingle
03:41 AM Bug #11965: Avahi service started twice by /etc/rc.start_package
fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/91 Viktor Gurov

05/26/2021

10:57 AM Bug #11965 (Resolved): Avahi service started twice by /etc/rc.start_package
Similar to Bug #11887. Avahi tries to start twice on boot.
May 26 11:56:16 avahi-daemon 35721 Failed to create PID... Steve Harrington
07:40 AM Bug #11964 (Resolved): pfBlocker XMLRPC sync CARP interface advskew
https://forum.netgate.com/topic/163709/dns-resolver-not-listening-on-lan-carp-vip-after-update-to-2-5-1/8:... Viktor Gurov
04:13 AM Feature #11963 (New): Dynamically change OSPF interface costs on selected interfaces on CARP event
In order to improve uptime in HA environments, use a mechanism to dynamically change OSPF interface costs on selected... Viktor Gurov
01:17 AM Bug #11961 (Resolved): FRR OSPF add unwanted area 0 authentication to router ospf
I have a configuration where one interface has a simple authentication
The area 0 does not have an authentication,... Damiano Bolla

05/24/2021

07:40 AM Bug #11886 (Feedback): WireGuard: PHP error in vpn_wg_peers_edit.php
Jim Pingle
07:40 AM Bug #11892 (Feedback): WireGuard: dpinger does not start correctly on a WireGuard gateway at boot
Jim Pingle
07:35 AM Feature #11948 (Pull Request Review): ACME: Support specifying non-default port for nsupdate DNS validation method
Jim Pingle
07:34 AM Feature #11186 (Closed): Allow lo0/Loopback as a valid interface in OSPF/OSPF6
Jim Pingle
07:18 AM Bug #11950: Wireguard Package Errors and DNS problem
Christian McDonald wrote:
> I'm not able to replicate the DNS issue, but I might not be completely understanding you... RED SKULL
07:14 AM Bug #11950: Wireguard Package Errors and DNS problem
I'm not able to replicate the DNS issue, but I might not be completely understanding your configuration.
Can you t... Christian McDonald

05/23/2021

12:05 PM Bug #11950: Wireguard Package Errors and DNS problem
I actually caught the flock and fclose bugs last night and have them resolved. I will be submitting a PR tonight or t... Christian McDonald
08:22 AM Bug #11950 (Resolved): Wireguard Package Errors and DNS problem
Updated from Wireguard Package version 0.0.8 to 0.1.1 and receive the following error after every reboot:
@
Crash r... RED SKULL
08:19 AM Bug #11886: WireGuard: PHP error in vpn_wg_peers_edit.php
Fixed in https://github.com/pfsense/FreeBSD-ports/pull/1064 Christian McDonald
08:18 AM Bug #11892: WireGuard: dpinger does not start correctly on a WireGuard gateway at boot
Fixed in https://github.com/pfsense/FreeBSD-ports/pull/1064 Christian McDonald

05/22/2021

11:04 AM Bug #11525: pfsense 2.5.0 release version for vlan issue to suricata
# Does this happen only on VLAN interfaces; have you tried non-vlan interfaces?
# Are you using vmxnet3 or something... Marcos M

05/21/2021

09:56 PM Feature #11948 (Closed): ACME: Support specifying non-default port for nsupdate DNS validation method
Hi,
I've just submitted a new PR (https://github.com/pfsense/FreeBSD-ports/pull/1067) adding support for non-defau... Pablo Ruiz
09:43 PM Feature #11186: Allow lo0/Loopback as a valid interface in OSPF/OSPF6
lo0/Loopback is added as interface in OSPF Alhusein Zawi
05:30 AM Feature #11186 (Feedback): Allow lo0/Loopback as a valid interface in OSPF/OSPF6
Merged four month ago Viktor Gurov
11:56 AM Bug #11680 (Resolved): Saving HAProxy FrontEnd description with umlauts causes configuration restore
Tested on the latest development release.
haproxy-devel 0.62_3
All characters can be used in the description ... Danilo Zrenjanin
08:04 AM Feature #10739 (Pull Request Review): Update HAproxy-devel package to 2.2 and HAproxy to 2.0
Jim Pingle
05:04 AM Feature #10739: Update HAproxy-devel package to 2.2 and HAproxy to 2.0
http-after-response and http-request_replace-path actions support:
https://github.com/pfsense/FreeBSD-ports/pull/1070 Viktor Gurov
08:03 AM Bug #11491 (Pull Request Review): haproxy-devel v0.62_2 - startup error 'httpchk'
Jim Pingle
03:24 AM Bug #11491: haproxy-devel v0.62_2 - startup error 'httpchk'
fix:
https://github.com/pfsense/FreeBSD-ports/pull/1069 Viktor Gurov
07:58 AM Feature #10779 (Pull Request Review): HAProxy SSL/TLS Compatibility Mode
Jim Pingle
12:21 AM Feature #10779 (New): HAProxy SSL/TLS Compatibility Mode
DRago_Angel [InV@DER] wrote:
> [...]
> Hi, need update to use ssl-min-ver & ssl-max-ver as mentioned at https://red... Viktor Gurov
05:28 AM Bug #11094 (Not a Bug): HAProxy Stick on SSL-Session-ID Doesn't Work
The Frontend type must be "ssl / https(TCP mode)" for this feature to work. Viktor Gurov

05/20/2021

01:44 PM Bug #11838: FRR ospf6d consumes all available memory+swap after an interface event
I reported this upstream to FRR: https://github.com/FRRouting/frr/issues/8711 Jim Pingle
11:29 AM Bug #11937 (Pull Request Review): HAproxy "Use Client-IP" option breaks Captive Portal
Jim Pingle
11:21 AM Bug #11937: HAproxy "Use Client-IP" option breaks Captive Portal
fix:
https://github.com/pfsense/FreeBSD-ports/pull/1066 Viktor Gurov
07:19 AM Bug #11937: HAproxy "Use Client-IP" option breaks Captive Portal
That option is almost certainly incompatible with Captive Portal, but if there is a way to make it work, it would hav... Jim Pingle

05/19/2021

06:29 PM Bug #11937 (Feedback): HAproxy "Use Client-IP" option breaks Captive Portal
Devices can access https sites without authenticating via Captive portal.
Enabling 'Use Client-IP to connect to back... David Quinn
01:58 PM Bug #11822 (Feedback): Upgrade ClamAV to 0.103.2
clam-av is on the required version in pfSense Plus 21.05. This is expected to be the same in 2.5.2.
On 21.05:
... Kris Phillips
08:12 AM Bug #11936 (Incomplete): FRR does not connect BGP when using password
There isn't nearly enough information here to speculate about a cause. "It doesn't work" is not a complete bug report... Jim Pingle
08:09 AM Bug #11936 (Incomplete): FRR does not connect BGP when using password
Unsecured BGP sessions work fine, however password protected BGP sessions which previously worked fine no longer work... Clint Guillot
04:05 AM Bug #11575: OpenVPN clients cannot pass traffic when reconnecting using the same source port
Combined with the duplicate-cn option, this problem is actually pretty bad. (At least I suspect we're having the sam... Harm V

05/18/2021

01:39 PM Bug #10937: HAProxy frontend and backend entry limit
Error still present on 21.02.2 using haproxy-devel.
Tested on 21.09.a.20210517.0100 and the issue persists, but ph... Marcos M

05/17/2021

01:58 PM Feature #9238: Add support for Zerotier
Amy Nagle wrote:
> The pfSense-pkg-zerotier package's uninstall action removes zerotier from the rc.conf.local, so i... Gregory Moore
12:48 PM Feature #9238: Add support for Zerotier
The pfSense-pkg-zerotier package's uninstall action removes zerotier from the rc.conf.local, so it won't start automa... Amy Nagle
10:30 AM Feature #9238: Add support for Zerotier
Amy Nagle wrote:
> Just a warning to anyone doing an update from 2.4 to 2.5: make sure you don't have an interface a... Gregory Moore
08:11 AM Feature #9238: Add support for Zerotier
Just a warning to anyone doing an update from 2.4 to 2.5: make sure you don't have an interface assigned to any zerot... Amy Nagle
08:09 AM Feature #11931 (New): Add support for validating a domain's ownership via Google Cloud Cloud DNS
Add support for validating a domain's ownership via Google Cloud Cloud DNS.
Support for Google Cloud Cloud DNS is ... Alex Cazacu
07:40 AM Bug #11930 (Needs Patch): DHCPV6 does not work with L3 Interfaces (tun_wg)
Last I saw, WireGuard on FreeBSD did not support broadcast/multicast traffic yet. DHCPv6 may work on L3 interfaces bu... Jim Pingle
07:37 AM Bug #11618 (Closed): WireGuard using incorrect IPv6 tunnel address prefix length
Can be reopened if it still applies to the package. Jim Pingle
07:37 AM Bug #11585 (Closed): WireGuard kernel panic when changing peer port on assigned WireGuard interface
Can always be reopened if it's still a problem. Jim Pingle

05/16/2021

04:24 PM Bug #11930 (Needs Patch): DHCPV6 does not work with L3 Interfaces (tun_wg)
If i use the tun_wg interface with DHCPV6 to push prefixes to peers DHPCV6 stops:
@/services_dhcpv6.php: The comma... Dirk Steingäßer
 

Also available in: Atom