Project

General

Profile

Activity

From 09/15/2021 to 10/14/2021

10/14/2021

10:16 AM Todo #12456 (Feedback): Remove zabbix 5.2 packages
Done Renato Botelho
10:15 AM Todo #12456 (Resolved): Remove zabbix 5.2 packages
zabbix 5.2 were removed from FreeBSD ports because they are unsupported by upstream. Remove pfSense packages as well Renato Botelho
09:55 AM Bug #10431 (Resolved): pfBlockerNG Cron Job wrong - Clear IP / DNSBL Statistics
no such issue with pfBlockerNG-devel 3.1.0 (fixed):... Viktor Gurov
09:48 AM Feature #9798: add ipv4 and ipv6 dnscrypt-resolvers feeds
actual link:
https://download.dnscrypt.net/dnscrypt-resolvers/json/public-resolvers.json Viktor Gurov
09:42 AM Bug #11817 (Closed): Enabling Firewall / pfBlockerNG / DNSBL / IPv6 DNSBL blocks radvd from starting
Viktor Gurov

10/13/2021

02:47 PM Bug #12251: Wireguard 0.1.5 - ignores "KeepAlive" parameter if empty (instead of disabling)
→ luckman212 wrote in #note-3:
> Hmm, seems like 86400 is not a valid value after all. It got silently accepted but ... Adam Cooper
01:34 PM Bug #12258: Copy key buttons only work in HTTPS mode
Created PR 150 to resolve this.
Tested on local dev instance with HTTP only access and it fallsback, does a consol... Adam Cooper
09:06 AM Bug #12443: DNSBL Category ```Enable All``` button not working
fix:
https://github.com/pfsense/FreeBSD-ports/pull/1113 Viktor Gurov
03:11 AM Feature #12447 (Rejected): Acme add dnsapi dns_cpanel.sh
Hello,
Please add the following feature to the acme package:
https://github.com/acmesh-official/acme.sh/blob/mast... Akos Tomaschik

10/11/2021

12:39 PM Bug #12444: ntopng throws errors when viewing single host
https://redmine.pfsense.org/issues/11530 - same/same? Jordan G
08:21 AM Bug #12126: freeradius3 0.15.7_31
Ok thanks for the info.
Any chance to have freeradius3 package update for 2.5.2 release? Alexis Pellicier
08:14 AM Bug #12126: freeradius3 0.15.7_31
This looks to be a bug in Freeradius 3.0.22. See the 3.0.23 release notes:
https://github.com/FreeRADIUS/freeradius-... Steve Wheeler
05:17 AM Feature #11310 (Resolved): Adding a widget to apcupsd plug-in
Renato Botelho

10/09/2021

09:08 PM Bug #12444 (Closed): ntopng throws errors when viewing single host
Users have reports that when navigating to Hosts>Hosts and clicking to view a single host within the ntopNG settings ... Max Leighton
07:27 PM Bug #11886 (Resolved): WireGuard: PHP error in vpn_wg_peers_edit.php
No longer able to reproduce this in 22.01 of pfSense Plus. Closing as Resolved. Kris Phillips
07:19 PM Bug #12101 (Assigned): ArpWatch Suppression Mac for "flip-flop" not suppressing
Moving status back to Assigned as this hasn't been confirmed as fixed in updated package. Kris Phillips
04:34 PM Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset
The problem still persist on wireguard 0.1.5_1.
even after changing the keys and ports nothing seems to help.
wish ... Samuel Hanna
01:41 PM Bug #4615: /var/logs/c-icap/server.log & access.log growing without being rotated
Hi,
so I took a look: /var/log/c-icap/access.log - 272MB
the mentioned bugfix was meant for squid, I think?
... Stephan Berger
11:04 AM Bug #12443 (Resolved): DNSBL Category ```Enable All``` button not working
https://forum.netgate.com/topic/167094/dnsbl-catagory-bug:
"I dunno if i'm doing something wrong but under Blacklist... Viktor Gurov
09:58 AM Bug #12153 (Resolved): Incorrect Outgoing Network Interface on clean install
Viktor Gurov
07:52 AM Bug #12153: Incorrect Outgoing Network Interface on clean install
on clean install of 0.4.45_5 the default outgoing network interface shows as "Default (auto)" upon first visit to Ser... Jordan G
07:35 AM Feature #11310: Adding a widget to apcupsd plug-in
Dashboard widget for APCUPSD is available after installing and configuring package. Status, line voltage, load, batte... Jordan G
05:50 AM Todo #12354: Update haproxy-devel to mitigate CVE-2021-40346
Viktor Gurov wrote in #note-6:
> You can try to apply the attached patch
No need to add this if version of haproxy w... DRago_Angel [InV@DER]
05:48 AM Todo #12354: Update haproxy-devel to mitigate CVE-2021-40346
DRago_Angel [InV@DER] wrote in #note-3:
> Hi, this is serious CVE, and still no updates? Even it possible to workaro... Viktor Gurov
03:25 AM Feature #11972 (Resolved): Arpwatch - Add support for Telegram notifications
there is no
Alhusein Zawi wrote in #note-4:
> there is no option to add Telegram in Arpwatch page.
>
> Tested... Viktor Gurov

10/07/2021

09:42 AM Bug #12423: Dashboard shows "SQLite database missing, Force Reload DNSBL to recover!"
Viktor, thanks for improving the error message. Two comments:
1. putting the full path might be even better. I assu... Sean McBride
12:41 AM Bug #12423: Dashboard shows "SQLite database missing, Force Reload DNSBL to recover!"
fix:
https://github.com/pfsense/FreeBSD-ports/pull/1112 Viktor Gurov
07:29 AM Todo #12354 (Pull Request Review): Update haproxy-devel to mitigate CVE-2021-40346
Jim Pingle
02:40 AM Todo #12354: Update haproxy-devel to mitigate CVE-2021-40346
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/136 Viktor Gurov
07:18 AM Bug #12420 (Pull Request Review): rc file is not deleted
Jim Pingle
01:41 AM Bug #12420: rc file is not deleted
fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/135 Viktor Gurov
04:19 AM Bug #1620: Can't use transparent proxy when using bridge.
transparent mode on bridge works fine on pfSense 2.6.0.a.20211006.2213 with net.link.bridge.pfil_bridge=1 and net.lin... Viktor Gurov

10/06/2021

07:14 AM Bug #12365 (Not a Bug): PFBlockerNG - Unbound fails to start 3.1.0
No worries, thanks for following up and letting us know. Those kinds of problems can be quite frustrating to track down. Jim Pingle
04:54 AM Bug #12365: PFBlockerNG - Unbound fails to start 3.1.0
Seems this was down to a hard to find memory problem that gave random errors.
Apologies D B
07:02 AM Todo #12427 (New): ha-proxy: action order in the GUI is not keeped in the resulting ha-proxy configuration
If there are (for example) 'Use Backend' and 'http-request redirect' actions are defined in the GUI in a specific ord... Thomas Eckardt

10/04/2021

01:53 PM Bug #12424 (Pull Request Review): OpenVPN silent install uses incorrect parameters
Jim Pingle
01:37 PM Bug #12424: OpenVPN silent install uses incorrect parameters
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/133 Marcos M
01:07 PM Bug #12424 (Resolved): OpenVPN silent install uses incorrect parameters
The @.exe@ and @.msi@ installers require different parameters for a silent install. Currently, the same parameter is ... Marcos M

10/03/2021

06:54 PM Bug #12423 (Resolved): Dashboard shows "SQLite database missing, Force Reload DNSBL to recover!"
See screenshot. The message tells to 'force reload' which I did, yet the error persists.
There's one post on the ... Sean McBride
03:53 PM Feature #10739: Update HAproxy-devel package to 2.2 and HAproxy to 2.0
Hi, here many points are still undone. DRago_Angel [InV@DER]
03:34 PM Todo #12354: Update haproxy-devel to mitigate CVE-2021-40346
Hi, this is serious CVE, and still no updates? Even it possible to workaround issue by adding own check, I sure most ... DRago_Angel [InV@DER]

10/02/2021

05:58 PM Bug #12188: client export breaks multi remote configurations
Based on reviewing the bug report with OpenVPN there doesn't appear to be anything that needs to be done here. They'... Kris Phillips
05:52 PM Bug #12365 (Feedback): PFBlockerNG - Unbound fails to start 3.1.0
Completed the following tests:
1. Installed pfBlockerNG-dev
2. Ran a force update and reload
3. Monitored loggin... Kris Phillips
05:41 PM Bug #12030: Startup Errors for Avahi Package
Jim Pingle wrote in #note-11:
> It's a package, not a part of the base system, so updates are not tied to any releas... Kris Phillips
03:37 PM Bug #11768 (Resolved): FRR OSPF - Comment field within the ospf interfaces gets longer and longer
Tested with FRR 1.1.0_15
Looks to be fixed. The description only matches the interface that it is actually set on... Max Leighton
08:27 AM Bug #11465: Input validation does not prevent multiple conflicting WireGuard peers on a single tunnel from attempting to act as default route
Submitted PR 19 (https://github.com/theonemcdonald/pfSense-pkg-WireGuard/pull/149).
Few queries on the PR regardin... Adam Cooper
01:07 AM Bug #12420 (Resolved): rc file is not deleted
/usr/local/etc/rc.d/pimd.sh file is not deleted after disabling the service Viktor Gurov

10/01/2021

11:53 AM Bug #12058: pfBlockerNG / "Cannot allocate memory" from Geo blocking IP list
Indeed increasing that has eliminated the "Cannot allocate memory" messages.
Could the error message be improved t... Sean McBride
04:42 AM Bug #12033: maxmindb and _sqlite3 modules not found
How to resolve:... Viktor Gurov
04:26 AM Bug #12033: maxmindb and _sqlite3 modules not found
see the same error on SG-3100 with pfSense-21.09.r.20210923.2242 and pfBlockerNG-3.1.0:... Viktor Gurov
12:23 AM Bug #12414: DNSBL SafeSearch page displays input validation error if DoH / DoT blocking is not enabled
fix:
https://github.com/pfsense/FreeBSD-ports/pull/1111 Viktor Gurov
12:12 AM Bug #12414 (Resolved): DNSBL SafeSearch page displays input validation error if DoH / DoT blocking is not enabled
You need to enable DoH/DoT Blocking and select entries in the DoH/DoT Blocking List, otherwise you'll see:... Viktor Gurov

09/29/2021

12:02 AM Feature #12297 (Resolved): Suricata: show actual GID:SID rule on click
Viktor Gurov

09/27/2021

08:10 AM Bug #12030: Startup Errors for Avahi Package
It's a package, not a part of the base system, so updates are not tied to any release.
It could be updated any tim... Jim Pingle
06:39 AM Bug #12365: PFBlockerNG - Unbound fails to start 3.1.0
php-fpm 52285 /status_services.php: The command '/usr/local/sbin/unbound -c /var/unbound/unbound.conf' returned exi... D B

09/25/2021

09:05 PM Bug #12030: Startup Errors for Avahi Package
Tested on RC3 of 21.09. Still present. Is this going to make it into 21.09 before it's pushed public? Kris Phillips
03:15 PM Feature #12297: Suricata: show actual GID:SID rule on click
GID:SID is clickable using suricata 6.0.3_2 on 21.09.r.20210923.1842 Jordan G
12:00 AM Feature #11320 (Resolved): Update NAS client type
Viktor Gurov

09/24/2021

10:18 PM Feature #11320: Update NAS client type

clients are added to clients type list
2.5.2
 Alhusein Zawi
08:36 PM Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset
Christian McDonald wrote in #note-9:
> Thanks.
>
> We might need to hook the gateway alarm and trigger WireGuard se... Ryan Roosa
06:46 PM Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset
Thanks.
We might need to hook the gateway alarm and trigger WireGuard service to be restarted when gateway status... Christian McDonald
05:35 PM Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset
Christian McDonald wrote in #note-7:
> Interesting... I can replicate this if my WAN is using DHCP, but as soon as I... Ryan Roosa
05:26 PM Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset
Interesting... I can replicate this if my WAN is using DHCP, but as soon as I switch to a static address I can unplug... Christian McDonald
05:13 PM Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset
Christian McDonald wrote in #note-5:
> Ryan, out of curiosity, are you using DHCP are static addressing on your WAN?... Ryan Roosa
05:09 PM Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset
Ryan, out of curiosity, are you using DHCP are static addressing on your WAN? Christian McDonald
05:03 PM Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset
Just tested this on my 2100. I will test more next week.
I have a WireGuard tunnel to Mullvad.
# Started a persiste... Christian McDonald
08:13 AM Bug #12205 (Pull Request Review): Certificate Manager page doesn't show Squid used certificates
Jim Pingle
05:07 AM Bug #12205: Certificate Manager page doesn't show Squid used certificates
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/130 Viktor Gurov
07:37 AM Bug #12403 (Resolved): WireGuard tunnel and peer edit pages do not prevent browser auto-fill
The WireGuard tunnel (@vpn_wg_tunnels_edit.php@) and peer (@vpn_wg_peers_edit.php@) edit pages do not prevent the bro... Jim Pingle

09/23/2021

10:57 PM Feature #11972: Arpwatch - Add support for Telegram notifications

there is no option to add Telegram in Arpwatch page.
Tested :
2.6.0.a.20210923.0100
&
21.05.1 Alhusein Zawi
02:36 PM Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset
In rebooting my ISP modem many times and tracking the behavior of pfSense and WireGuard, I observed that when the mod... Ryan Roosa
10:55 AM Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset
Christian McDonald wrote in #note-1:
> Thanks for the tag, I will investigate this and circle back.
Awesome! Grea... Ryan Roosa
10:35 AM Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset
Thanks for the tag, I will investigate this and circle back. Christian McDonald
09:26 AM Bug #12399 (Resolved): WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset
Hi Christian,
Really appreciate your work on the Wireguard package for pfSense :)
Sadly, there seems to be a show... Ryan Roosa

09/22/2021

03:29 AM Feature #9833: ACME: add ability to use custom ACME server
+1 Would be nice to have this. Invalid certs are just not cool anymore with ACME available. Should be possible to sel... Krisjanis Morkans

09/20/2021

07:13 AM Bug #11888 (Resolved): FreeRADIUS starts twice by /etc/rc.start_packages
Jim Pingle

09/18/2021

01:38 PM Bug #11695 (Resolved): PHP error in the last step of the wizard
Tested in:
21.09-RC (amd64)
built on Wed Sep 15 09:10:53 EDT 2021
FreeBSD 12.2-STABLE
The wizard completes su... Max Leighton
11:10 AM Todo #12351: Remove non-functional feeds
I checked with pfBlockerNG-devel 3.1.0. Some of the feeds listed above are removed, but some are still there.
http... Max Leighton

09/17/2021

11:38 PM Bug #11888: FreeRADIUS starts twice by /etc/rc.start_packages

seems fixed
[2.5.2-RELEASE][root@pfSense.home.arpa]/root: /etc/rc.start_packages
Starting package FRR...done.
... Alhusein Zawi

09/16/2021

10:25 PM Bug #11961: FRR OSPF add unwanted area 0 authentication to router ospf

adding Authentication Type in area tab works (peering)
!
interface em0
ip ospf authentication
ip ospf au... Alhusein Zawi
09:38 AM Bug #12167: BGP TCP setkey not set if neighbor is in peer group
Testing this I notice the following:
There is no way to inherit the MD5 settings from the peer group. It must be s... Chris Linstruth
09:25 AM Bug #12167: BGP TCP setkey not set if neighbor is in peer group
Target package version: v1.1.0_14 Christian McDonald
07:26 AM Bug #12386 (Pull Request Review): ```bgp as-path``` and ```bgp community-list``` are present in configuration even when BGP daemon is not enabled
Jim Pingle
12:51 AM Bug #12386: ```bgp as-path``` and ```bgp community-list``` are present in configuration even when BGP daemon is not enabled
fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/127 Viktor Gurov
12:34 AM Bug #12386 (Resolved): ```bgp as-path``` and ```bgp community-list``` are present in configuration even when BGP daemon is not enabled
This breaks config loading:... Viktor Gurov

09/15/2021

09:58 AM Bug #12381: mOTP with RADIUS drops the VPN connection after 60 minutes
I don't think that's FreeRADIUS, but OpenVPN. IIRC OpenVPN defaults to reconnecting every 60 minutes, but can be chan... Jim Pingle
09:46 AM Bug #12381 (Rejected): mOTP with RADIUS drops the VPN connection after 60 minutes
from https://forum.netgate.com/topic/165967/2fa-mfa-with-radius-drops-the-vpn-connection-after-60-minutes:... Viktor Gurov
 

Also available in: Atom