Project

General

Profile

Activity

From 09/07/2021 to 10/06/2021

10/06/2021

07:14 AM Bug #12365 (Not a Bug): PFBlockerNG - Unbound fails to start 3.1.0
No worries, thanks for following up and letting us know. Those kinds of problems can be quite frustrating to track down. Jim Pingle
04:54 AM Bug #12365: PFBlockerNG - Unbound fails to start 3.1.0
Seems this was down to a hard to find memory problem that gave random errors.
Apologies D B
07:02 AM Todo #12427 (New): ha-proxy: action order in the GUI is not keeped in the resulting ha-proxy configuration
If there are (for example) 'Use Backend' and 'http-request redirect' actions are defined in the GUI in a specific ord... Thomas Eckardt

10/04/2021

01:53 PM Bug #12424 (Pull Request Review): OpenVPN silent install uses incorrect parameters
Jim Pingle
01:37 PM Bug #12424: OpenVPN silent install uses incorrect parameters
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/133 Marcos M
01:07 PM Bug #12424 (Resolved): OpenVPN silent install uses incorrect parameters
The @.exe@ and @.msi@ installers require different parameters for a silent install. Currently, the same parameter is ... Marcos M

10/03/2021

06:54 PM Bug #12423 (Resolved): Dashboard shows "SQLite database missing, Force Reload DNSBL to recover!"
See screenshot. The message tells to 'force reload' which I did, yet the error persists.
There's one post on the ... Sean McBride
03:53 PM Feature #10739: Update HAproxy-devel package to 2.2 and HAproxy to 2.0
Hi, here many points are still undone. DRago_Angel [InV@DER]
03:34 PM Todo #12354: Update haproxy-devel to mitigate CVE-2021-40346
Hi, this is serious CVE, and still no updates? Even it possible to workaround issue by adding own check, I sure most ... DRago_Angel [InV@DER]

10/02/2021

05:58 PM Bug #12188: client export breaks multi remote configurations
Based on reviewing the bug report with OpenVPN there doesn't appear to be anything that needs to be done here. They'... Kris Phillips
05:52 PM Bug #12365 (Feedback): PFBlockerNG - Unbound fails to start 3.1.0
Completed the following tests:
1. Installed pfBlockerNG-dev
2. Ran a force update and reload
3. Monitored loggin... Kris Phillips
05:41 PM Bug #12030: Startup Errors for Avahi Package
Jim Pingle wrote in #note-11:
> It's a package, not a part of the base system, so updates are not tied to any releas... Kris Phillips
03:37 PM Bug #11768 (Resolved): FRR OSPF - Comment field within the ospf interfaces gets longer and longer
Tested with FRR 1.1.0_15
Looks to be fixed. The description only matches the interface that it is actually set on... Max Leighton
08:27 AM Bug #11465: Input validation does not prevent multiple conflicting WireGuard peers on a single tunnel from attempting to act as default route
Submitted PR 19 (https://github.com/theonemcdonald/pfSense-pkg-WireGuard/pull/149).
Few queries on the PR regardin... Adam Cooper
01:07 AM Bug #12420 (Resolved): rc file is not deleted
/usr/local/etc/rc.d/pimd.sh file is not deleted after disabling the service Viktor Gurov

10/01/2021

11:53 AM Bug #12058: pfBlockerNG / "Cannot allocate memory" from Geo blocking IP list
Indeed increasing that has eliminated the "Cannot allocate memory" messages.
Could the error message be improved t... Sean McBride
04:42 AM Bug #12033: maxmindb and _sqlite3 modules not found
How to resolve:... Viktor Gurov
04:26 AM Bug #12033: maxmindb and _sqlite3 modules not found
see the same error on SG-3100 with pfSense-21.09.r.20210923.2242 and pfBlockerNG-3.1.0:... Viktor Gurov
12:23 AM Bug #12414: DNSBL SafeSearch page displays input validation error if DoH / DoT blocking is not enabled
fix:
https://github.com/pfsense/FreeBSD-ports/pull/1111 Viktor Gurov
12:12 AM Bug #12414 (Resolved): DNSBL SafeSearch page displays input validation error if DoH / DoT blocking is not enabled
You need to enable DoH/DoT Blocking and select entries in the DoH/DoT Blocking List, otherwise you'll see:... Viktor Gurov

09/29/2021

12:02 AM Feature #12297 (Resolved): Suricata: show actual GID:SID rule on click
Viktor Gurov

09/27/2021

08:10 AM Bug #12030: Startup Errors for Avahi Package
It's a package, not a part of the base system, so updates are not tied to any release.
It could be updated any tim... Jim Pingle
06:39 AM Bug #12365: PFBlockerNG - Unbound fails to start 3.1.0
php-fpm 52285 /status_services.php: The command '/usr/local/sbin/unbound -c /var/unbound/unbound.conf' returned exi... D B

09/25/2021

09:05 PM Bug #12030: Startup Errors for Avahi Package
Tested on RC3 of 21.09. Still present. Is this going to make it into 21.09 before it's pushed public? Kris Phillips
03:15 PM Feature #12297: Suricata: show actual GID:SID rule on click
GID:SID is clickable using suricata 6.0.3_2 on 21.09.r.20210923.1842 Jordan G
12:00 AM Feature #11320 (Resolved): Update NAS client type
Viktor Gurov

09/24/2021

10:18 PM Feature #11320: Update NAS client type

clients are added to clients type list
2.5.2
 Alhusein Zawi
08:36 PM Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset
Christian McDonald wrote in #note-9:
> Thanks.
>
> We might need to hook the gateway alarm and trigger WireGuard se... Ryan Roosa
06:46 PM Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset
Thanks.
We might need to hook the gateway alarm and trigger WireGuard service to be restarted when gateway status... Christian McDonald
05:35 PM Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset
Christian McDonald wrote in #note-7:
> Interesting... I can replicate this if my WAN is using DHCP, but as soon as I... Ryan Roosa
05:26 PM Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset
Interesting... I can replicate this if my WAN is using DHCP, but as soon as I switch to a static address I can unplug... Christian McDonald
05:13 PM Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset
Christian McDonald wrote in #note-5:
> Ryan, out of curiosity, are you using DHCP are static addressing on your WAN?... Ryan Roosa
05:09 PM Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset
Ryan, out of curiosity, are you using DHCP are static addressing on your WAN? Christian McDonald
05:03 PM Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset
Just tested this on my 2100. I will test more next week.
I have a WireGuard tunnel to Mullvad.
# Started a persiste... Christian McDonald
08:13 AM Bug #12205 (Pull Request Review): Certificate Manager page doesn't show Squid used certificates
Jim Pingle
05:07 AM Bug #12205: Certificate Manager page doesn't show Squid used certificates
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/130 Viktor Gurov
07:37 AM Bug #12403 (Resolved): WireGuard tunnel and peer edit pages do not prevent browser auto-fill
The WireGuard tunnel (@vpn_wg_tunnels_edit.php@) and peer (@vpn_wg_peers_edit.php@) edit pages do not prevent the bro... Jim Pingle

09/23/2021

10:57 PM Feature #11972: Arpwatch - Add support for Telegram notifications

there is no option to add Telegram in Arpwatch page.
Tested :
2.6.0.a.20210923.0100
&
21.05.1 Alhusein Zawi
02:36 PM Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset
In rebooting my ISP modem many times and tracking the behavior of pfSense and WireGuard, I observed that when the mod... Ryan Roosa
10:55 AM Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset
Christian McDonald wrote in #note-1:
> Thanks for the tag, I will investigate this and circle back.
Awesome! Grea... Ryan Roosa
10:35 AM Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset
Thanks for the tag, I will investigate this and circle back. Christian McDonald
09:26 AM Bug #12399 (Resolved): WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset
Hi Christian,
Really appreciate your work on the Wireguard package for pfSense :)
Sadly, there seems to be a show... Ryan Roosa

09/22/2021

03:29 AM Feature #9833: ACME: add ability to use custom ACME server
+1 Would be nice to have this. Invalid certs are just not cool anymore with ACME available. Should be possible to sel... Krisjanis Morkans

09/20/2021

07:13 AM Bug #11888 (Resolved): FreeRADIUS starts twice by /etc/rc.start_packages
Jim Pingle

09/18/2021

01:38 PM Bug #11695 (Resolved): PHP error in the last step of the wizard
Tested in:
21.09-RC (amd64)
built on Wed Sep 15 09:10:53 EDT 2021
FreeBSD 12.2-STABLE
The wizard completes su... Max Leighton
11:10 AM Todo #12351: Remove non-functional feeds
I checked with pfBlockerNG-devel 3.1.0. Some of the feeds listed above are removed, but some are still there.
http... Max Leighton

09/17/2021

11:38 PM Bug #11888: FreeRADIUS starts twice by /etc/rc.start_packages

seems fixed
[2.5.2-RELEASE][root@pfSense.home.arpa]/root: /etc/rc.start_packages
Starting package FRR...done.
... Alhusein Zawi

09/16/2021

10:25 PM Bug #11961: FRR OSPF add unwanted area 0 authentication to router ospf

adding Authentication Type in area tab works (peering)
!
interface em0
ip ospf authentication
ip ospf au... Alhusein Zawi
09:38 AM Bug #12167: BGP TCP setkey not set if neighbor is in peer group
Testing this I notice the following:
There is no way to inherit the MD5 settings from the peer group. It must be s... Chris Linstruth
09:25 AM Bug #12167: BGP TCP setkey not set if neighbor is in peer group
Target package version: v1.1.0_14 Christian McDonald
07:26 AM Bug #12386 (Pull Request Review): ```bgp as-path``` and ```bgp community-list``` are present in configuration even when BGP daemon is not enabled
Jim Pingle
12:51 AM Bug #12386: ```bgp as-path``` and ```bgp community-list``` are present in configuration even when BGP daemon is not enabled
fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/127 Viktor Gurov
12:34 AM Bug #12386 (Resolved): ```bgp as-path``` and ```bgp community-list``` are present in configuration even when BGP daemon is not enabled
This breaks config loading:... Viktor Gurov

09/15/2021

09:58 AM Bug #12381: mOTP with RADIUS drops the VPN connection after 60 minutes
I don't think that's FreeRADIUS, but OpenVPN. IIRC OpenVPN defaults to reconnecting every 60 minutes, but can be chan... Jim Pingle
09:46 AM Bug #12381 (Rejected): mOTP with RADIUS drops the VPN connection after 60 minutes
from https://forum.netgate.com/topic/165967/2fa-mfa-with-radius-drops-the-vpn-connection-after-60-minutes:... Viktor Gurov

09/14/2021

09:51 AM Bug #12058: pfBlockerNG / "Cannot allocate memory" from Geo blocking IP list
Viktor, thanks for suggesting the duplicate. I'll see if the config change there also fixes my issue and report back... Sean McBride
09:44 AM Bug #12058 (Duplicate): pfBlockerNG / "Cannot allocate memory" from Geo blocking IP list
Duplicate of #6814 Viktor Gurov
09:37 AM Bug #11590 (Closed): pfBlocker Issue when IPv6 is disabled
Viktor Gurov
06:40 AM Feature #12369 (New): Skip If No Content issue
Even if *Skip If No Content* is ticked if running a command will always result in an email being sent as the command ... Andy Kniveton

09/11/2021

12:01 PM Bug #12263 (Resolved): Snort package unable to save a new or edited Pass List when Language is set for anything other than English
Tested with Snort 4.1.4_3. I was able to save pass lists without issues with languages other than English selected. M... Max Leighton
05:55 AM Bug #12365 (Not a Bug): PFBlockerNG - Unbound fails to start 3.1.0
Hi;
Unbound fails to start after reloading pfBlockerNG. Seems to have only started with PfBlockerNG - 3.1.0
I h... D B

09/10/2021

09:58 PM Bug #12030: Startup Errors for Avahi Package
Is this patched into the latest build? I'm seeing this still present in the September 10th builds. Kris Phillips
12:40 PM Todo #12354: Update haproxy-devel to mitigate CVE-2021-40346
Sorry for typo DRago_Angel [InV@DER]
11:51 AM Bug #11135: HAproxy OCSP reponse crontab bug
Thank you! Stéphane Lapie
11:47 AM Bug #11135: HAproxy OCSP reponse crontab bug
PR has been merged. Thanks! Renato Botelho
11:43 AM Todo #12317 (Feedback): Suricata UI improvements
PR has been merged. Thanks! Renato Botelho
11:42 AM Bug #12322 (Feedback): Suricata creates invalid HOME_NET entries
PR has been merged. Thanks! Renato Botelho
11:40 AM Bug #12330 (Feedback): pfBlockerNG devel creating invalid NAT rules on boot
PR has been merged. Thanks! Renato Botelho
11:38 AM Todo #12351 (Feedback): Remove non-functional feeds
PR has been merged. Thanks! Renato Botelho
11:33 AM Feature #11295 (Feedback): DNSBL IDN support
PR has been merged. Thanks! Renato Botelho
11:31 AM Bug #11964 (Feedback): pfBlocker XMLRPC sync CARP interface advskew
PR has been merged. Thanks! Renato Botelho

09/09/2021

01:56 PM Feature #12358 (New): IP List Copy/Import/Export
I've added both of my items in one issue, as they are all part of the same functionality.
I'd like to see if it's ... Marc Mapplebeck
09:11 AM Todo #12354 (Feedback): Update haproxy-devel to mitigate CVE-2021-40346
As per https://nvd.nist.gov/vuln/detail/CVE-2021-40346 need update to fix BUG/MAJOR: htx: fix missing header name len... DRago_Angel [InV@DER]
02:28 AM Bug #12204 (Resolved): Certificate Manager page doesn't show Syslog-NG used certificates
You are right. I've just confirmed. The Certificate Manager page showed Syslog-NG used certificates after selecting T... Danilo Zrenjanin
01:02 AM Todo #12351: Remove non-functional feeds
https://github.com/pfsense/FreeBSD-ports/pull/1107
CoinBlockerList is OK - see "The final URL for this feed will... Viktor Gurov
12:43 AM Todo #12351 (Feedback): Remove non-functional feeds
https://raw.githubusercontent.com/joeylane/hosts/master/hosts - Not found
https://isc.sans.edu/feeds/suspiciousdomai... Viktor Gurov

09/07/2021

07:41 AM Bug #12339 (Pull Request Review): SyslogNG PHP errors after starting the service
Jim Pingle
07:41 AM Bug #12030 (Pull Request Review): Startup Errors for Avahi Package
Jim Pingle
 

Also available in: Atom