Project

General

Profile

Activity

From 01/05/2022 to 02/03/2022

02/03/2022

08:14 AM Bug #12205 (Resolved): Certificate Manager page doesn't show Squid used certificates
Tested against:... Danilo Zrenjanin
05:19 AM Bug #11766 (Resolved): Certificate no more pointed "in use" by haproxy
Tested against:... Danilo Zrenjanin
04:57 AM Bug #12258: Copy key buttons only work in HTTPS mode
Tested against:... Danilo Zrenjanin
04:11 AM Bug #12339 (Resolved): SyslogNG PHP errors after starting the service
Tested:... Danilo Zrenjanin

02/02/2022

09:48 PM Bug #12751 (New): Improve FRR route restoration after gateway events
SETUP:
* FRR BGP over IPsec VTI using a localhost interface as update source.
* Check @Diagnostics / Routes@ for ro... Marcos M
06:04 PM Feature #10466: Add checkbox to Suricata blocked host view to resolve all resolvable IP's automatically
Bill Meeks wrote in #note-2:
> I am hesitant about adding this feature. If there are lots of blocked IP entries (whi... tasty ratz
04:27 PM Feature #10466: Add checkbox to Suricata blocked host view to resolve all resolvable IP's automatically
I am hesitant about adding this feature. If there are lots of blocked IP entries (which you reference in a different ... Bill Meeks

02/01/2022

12:08 PM Feature #10466: Add checkbox to Suricata blocked host view to resolve all resolvable IP's automatically
Wanted to bump this one up since it hasn't had any activity in the last few years. tasty ratz
12:06 PM Feature #12748 (Resolved): Suricata blocked page timestamp breakout to it's own sortable column
It's nearly impossible to fish through the blocked page and find something new right now. The only way is to look thr... tasty ratz

01/31/2022

02:56 AM Bug #12030 (Resolved): Startup Errors for Avahi Package
Viktor Gurov
01:50 AM Feature #12656: NextDNS
Marcos Mendoza wrote in #note-2:
> What is the advantage of a package versus using their DNS IP addresses as forward... Abdul Khaliq

01/30/2022

08:58 PM Feature #12656: NextDNS
What is the advantage of a package versus using their DNS IP addresses as forwarding servers? Marcos M
08:55 PM Feature #12736: Allow custom cron intervals
The lists included with the package aren't meant to be updated that frequently. You could probably create a second cr... Marcos M

01/29/2022

03:30 PM Bug #12030: Startup Errors for Avahi Package
Not seeing these messages upon install or startup of Avahi package 2.2_1 Jordan G

01/28/2022

06:33 PM Bug #12742: freeRADIUS virtual-server-default: modules dailycounter, monthlycounter, noresetcounter, expire_on_login in authorize section prevent virtual server from loading
Fix: https://github.com/pfsense/FreeBSD-ports/pull/1142 Christopher Cope
05:56 PM Bug #12742: freeRADIUS virtual-server-default: modules dailycounter, monthlycounter, noresetcounter, expire_on_login in authorize section prevent virtual server from loading
This is on freeradius3 0.15.7_32 Christopher Cope
05:42 PM Bug #12742 (Feedback): freeRADIUS virtual-server-default: modules dailycounter, monthlycounter, noresetcounter, expire_on_login in authorize section prevent virtual server from loading
This seems to be along the same line as this older bug https://redmine.pfsense.org/issues/10197
Creating a freeRAD... Christopher Cope
03:24 AM Bug #12738: Squid ignores CA Trust Store
Merged to 22.01/2.6 Viktor Gurov

01/27/2022

09:04 PM Bug #11836: FRR ACCEPTFILTER shows out of order prefix-list
I am reproducing this issue (constantly changing FRR running configuration leading to inactive routes) and unfortunat... Matthew D
09:01 AM Bug #12738 (Feedback): Squid ignores CA Trust Store
Merged:
https://github.com/pfsense/FreeBSD-ports/commit/9f6b897648f3df69490fca0105748677f96d41f8 Viktor Gurov
08:06 AM Bug #12738 (Pull Request Review): Squid ignores CA Trust Store
Jim Pingle
05:44 AM Bug #12738: Squid ignores CA Trust Store
fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/175 Viktor Gurov
05:09 AM Bug #12738 (Resolved): Squid ignores CA Trust Store
Squid Proxy uses /usr/local/share/certs/ as a CA path, but not /etc/ssl/certs (system CA Trust Store)
and it's not p... Viktor Gurov
06:59 AM Bug #12739: Passlist generates invalid Virtual IP subnets
fix:
https://github.com/pfsense/FreeBSD-ports/pull/1141 Viktor Gurov
06:56 AM Bug #12739 (Resolved): Passlist generates invalid Virtual IP subnets
Using the "Virtual IP Addresses" option on the passlist page, invalid entries are generated:
192.168.34.5/24
192.16... Viktor Gurov
05:35 AM Bug #12692: Haproxy backend issue
→ luckman212 wrote in #note-7:
> So just checking... the fix is only in pfSense 2.7 alpha? Not making it into 2.6 / 2... Danilo Zrenjanin

01/26/2022

11:43 PM Feature #12736 (New): Allow custom cron intervals
Hello,
Long time pfSense user that just discovered pfBlockerNG - works great.
I would like to request a "30 min... Trevor Wright
09:11 AM Bug #12732 (New): Squid https filtering squidguard acl target list - erratic behaviour
Bug that could be described as an erratic behaviour in squid https filtering : some websites specified in squidgard t... fr scm
08:10 AM Bug #12251 (Feedback): Wireguard 0.1.5 - ignores "KeepAlive" parameter if empty (instead of disabling)
Merged Viktor Gurov
07:43 AM Bug #12729: PFBlockerNG random timeouts on connections
Jim Pingle wrote in #note-1:
> This site is not for support or diagnostic discussion.
>
> For assistance in solvi... David Schmidt
07:32 AM Bug #12729 (Rejected): PFBlockerNG random timeouts on connections
This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the "Net... Jim Pingle
12:52 AM Bug #12729 (Rejected): PFBlockerNG random timeouts on connections
Hi there, first bug I am reporting here.
Actually since quite a bit we noticed PFBlockerNG causing short timeouts on... David Schmidt

01/25/2022

06:39 PM Feature #9700: Secure Squid HTTPS Proxy
/usr/local/etc/squid/squid.conf output
before enabling 'transparent' mode:
> # This file is automatically generat... Kyle Klouzal
06:24 PM Todo #12717: Squid 5.x Branch
Then why not have a separate devel branch like other packages do?
https://www.freshports.org/www/squid-devel/ looks ... Kyle Klouzal

01/24/2022

09:18 PM Bug #12692 (Resolved): Haproxy backend issue
After upgrading, I was able to correctly save the backend. Before, I was not able to save without the multiple input ... Marcos M
09:44 AM Bug #12692: Haproxy backend issue
Merged to 22.01/2.6 Viktor Gurov
03:22 PM Bug #12705: IPsec Profile Wizard/Apple: IKEv2 VPN with ECDSA server certificate does not connect using generated profile
Hmmm, interesting. So maybe it is because of the old macOS 10.13 client. Best case, we'll be able to update the pfse... Sean McBride
10:10 AM Bug #12705: IPsec Profile Wizard/Apple: IKEv2 VPN with ECDSA server certificate does not connect using generated profile
I can't reproduce that here. So long as I have the CA imported to the client, I can use either kind of certificate. I... Jim Pingle
07:25 AM Feature #12281 (New): Add support for Telegram/Pushover notifications
That was just the workaround to suppress the error -- the longer term fix needs more thought on how NUT can send thes... Jim Pingle
05:52 AM Feature #12281 (Feedback): Add support for Telegram/Pushover notifications
Merged:
https://github.com/pfsense/FreeBSD-ports/commit/3364533d7d08cd73ee8253bf979c71f3e7fcbe13 Viktor Gurov
07:18 AM Feature #12719: add igc(4) to the list of INLINE mode (iflib/netmap) supported cards
https://github.com/pfsense/FreeBSD-ports/pull/1140 Viktor Gurov
06:04 AM Feature #12719 (Resolved): add igc(4) to the list of INLINE mode (iflib/netmap) supported cards
add igc(4) to the list of INLINE mode (netmap) supported cards (pfSense 2.6/22.01):
https://github.com/pfsense/FreeB... Viktor Gurov
07:16 AM Feature #12718: add igc(4) to the list of INLINE mode (iflib/netmap) supported cards
https://github.com/pfsense/FreeBSD-ports/pull/1139 Viktor Gurov
06:04 AM Feature #12718 (Resolved): add igc(4) to the list of INLINE mode (iflib/netmap) supported cards
add igc(4) to the list of INLINE mode (netmap) supported cards (pfSense 2.6/22.01):
https://github.com/pfsense/FreeB... Viktor Gurov
05:59 AM Feature #9700 (Feedback): Secure Squid HTTPS Proxy
> This would involve adding a new configuration block inside Services->Squid->General after "Squid General Settings" ... Viktor Gurov
05:32 AM Todo #12717: Squid 5.x Branch
Currently FreeBSD 12-14 only support amd64 version of squid, but not ARM:
https://www.freshports.org/www/squid/ Viktor Gurov

01/23/2022

01:48 PM Todo #12717 (New): Squid 5.x Branch
Squid is still actively updated and under development
http://www.squid-cache.org/Versions/v5/ChangeLog.html
Time to... Kyle Klouzal
11:24 AM Todo #9200: Add DNS support for Google domain to Acme manager
Google DNS is different from Google Domains. +1 for Google Domain support here.. Kyle Klouzal
11:12 AM Feature #9700: Secure Squid HTTPS Proxy
Selecting 'transparent' mode adds the 'https_port' directive into configs but also adds 'intercept' which is undesire... Kyle Klouzal

01/21/2022

05:19 PM Bug #12705: IPsec Profile Wizard/Apple: IKEv2 VPN with ECDSA server certificate does not connect using generated profile
So my CA was created as follows:
- descriptive name: `MyCo IPSec CA`
- method: `create an internal CA`
- Trust S... Sean McBride
01:38 PM Feature #12281 (New): Add support for Telegram/Pushover notifications
NUT tries to send notifications from an unprivileged user and can't do so because of the permissions on @/var/db/noti... Jim Pingle
11:00 AM Bug #12475 (Feedback): OpenVPN Client Export does not show certificate without private key
Fix pushed, will be available whenever the next build happens. Jim Pingle
10:39 AM Bug #12475 (New): OpenVPN Client Export does not show certificate without private key
This has caused a problem, it's impossible to export a config now for a non-TLS RA config ("Remote Access (User Auth)... Jim Pingle
02:54 AM Feature #12711: Add InfluxDB V2 support
https://github.com/pfsense/FreeBSD-ports/pull/1137 Viktor Gurov
02:54 AM Feature #12711 (New): Add InfluxDB V2 support
Added support for the InfluxDB V2 protocol and made some improvements to the UI
 Viktor Gurov
02:52 AM Bug #12706: pfBlockerNG and unbound does not work after switching /var to RAM disk
fix:
https://github.com/pfsense/FreeBSD-ports/pull/1138 Viktor Gurov

01/20/2022

08:14 PM Bug #12692: Haproxy backend issue
So just checking... the fix is only in pfSense 2.7 alpha? Not making it into 2.6 / 22.01 ?
Is there way to pull it i... → luckman212
06:09 AM Bug #12692: Haproxy backend issue
Danilo Zrenjanin wrote in #note-5:
>
> All those fields should be using default values if nothing was defined. Ple... Viktor Gurov
12:29 PM Bug #12706 (Resolved): pfBlockerNG and unbound does not work after switching /var to RAM disk
How to reproduce:
1) Install pfBlockerNG-devel, and configure DNSBL in python mode
2) Enable RAM disk for /var
3) ... Viktor Gurov
11:03 AM Bug #12705: IPsec Profile Wizard/Apple: IKEv2 VPN with ECDSA server certificate does not connect using generated profile
In fact this started as a forum post, but there were no replies:
https://forum.netgate.com/topic/169207/ecdsa-cert... Sean McBride
10:47 AM Bug #12705 (Incomplete): IPsec Profile Wizard/Apple: IKEv2 VPN with ECDSA server certificate does not connect using generated profile
There isn't enough information here, need a lot more info about your CA, cert, and P1 settings. Probably best to keep... Jim Pingle
10:36 AM Bug #12705 (Resolved): IPsec Profile Wizard/Apple: IKEv2 VPN with ECDSA server certificate does not connect using generated profile
I have a working IPSec VPN. But my CA and cert are expiring soon so I thought I'd use the more modern ECDSA instead o... Sean McBride

01/19/2022

12:39 PM Bug #12692: Haproxy backend issue
Tested against:... Danilo Zrenjanin
07:07 AM Bug #12695 (Not a Bug): pfsense 2.5.2 vs ntopng 5.1
This site is not for support or diagnostic discussion.
For assistance in solving problems, please post on the "Net... Jim Pingle
04:17 AM Bug #12695 (Not a Bug): pfsense 2.5.2 vs ntopng 5.1
Hello
Can i have an tutorial for install ntopng on pfsense correctly pls
I followed the link on ntop site official ... TT RD

01/18/2022

09:13 AM Bug #12692 (Feedback): Haproxy backend issue
Merged:
https://github.com/pfsense/FreeBSD-ports/commit/0ef44539d3e10f6839ea577873b97756131a92a5 Viktor Gurov
07:19 AM Bug #12692 (Pull Request Review): Haproxy backend issue
Jim Pingle
04:35 AM Bug #12692: Haproxy backend issue
fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/171 Viktor Gurov
04:16 AM Bug #12692 (Resolved): Haproxy backend issue
https://forum.netgate.com/topic/168944/haproxy-backend-issue:
It seems that when not setting HSTS value to something... Viktor Gurov
06:28 AM Bug #9500: HAproxy does not delete non-applicable action config
no such issue on pfSense-pkg-haproxy-devel 0.62_7
it may be related to the non-devel haproxy pkg Viktor Gurov
04:44 AM Bug #9027 (Resolved): HAProxy: Unknown keyword lua-load
Viktor Gurov

01/17/2022

06:48 AM Bug #11398: pfBlocker upgrade hangs forever
for some reason unbound does not terminated in 30s:... Viktor Gurov
06:43 AM Bug #11632 (Duplicate): unbound service not restarted on pfBlocker-devel install/reinstall
Viktor Gurov

01/16/2022

01:57 AM Todo #12317 (Resolved): Suricata UI improvements
Viktor Gurov

01/15/2022

06:56 PM Todo #12317: Suricata UI improvements
Seeing the noted changes, fixes and additions on suricata-6.0.4 Jordan G
12:09 PM Feature #12674 (Resolved): Redistribute RIP to BGP
Viktor Gurov
11:25 AM Feature #12674: Redistribute RIP to BGP

"Redistribute RIP" option is added to OSPF and BGP GUI
2.6.0.r.20220113.1926
 Alhusein Zawi

01/13/2022

08:12 AM Todo #12354: Update haproxy-devel to mitigate CVE-2021-40346
Hi I want to ask is you implemented mentioned "Temporary workaround"?
> No need to add this if version of haproxy ... DRago_Angel [InV@DER]
08:02 AM Bug #12670 (Feedback): ACME package writes credentials to system log
Merged:
https://github.com/pfsense/FreeBSD-ports/commit/deff5ad17b0809521d0c083ebbe619ebfd089d6f Viktor Gurov
07:20 AM Bug #12670 (Pull Request Review): ACME package writes credentials to system log
Jim Pingle
06:23 AM Bug #12670: ACME package writes credentials to system log
WebGUI debug option:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/169 Viktor Gurov
04:34 AM Bug #12683: snort_get_vpns_list() does not include OpenVPN CSO
fix:
https://github.com/pfsense/FreeBSD-ports/pull/1135 Viktor Gurov
04:24 AM Bug #12683 (Resolved): snort_get_vpns_list() does not include OpenVPN CSO
"Pass List -> Auto-Generated IP Addresses -> VPN Addresses" does not include OpenVPN Client Specific Override.
 Danilo Zrenjanin
04:23 AM Feature #11879: Add support for SSL.com ACME server
SSL.com and ZeroSSL.com support added to acme.sh - https://github.com/acmesh-official/acme.sh/releases/tag/3.0.0:
"Z... Viktor Gurov
04:20 AM Bug #12623: acme.sh package | DNS-ISPConfig settings
Fix is merged to the upstream acme.sh repository Viktor Gurov
04:13 AM Bug #12642 (Resolved): suricata_get_vpns_list() does not include OpenVPN CSO
Tested against:... Danilo Zrenjanin

01/12/2022

10:29 PM Feature #12658: Adding prometheus metrics to darkstat
It looks like a commit had been made to the main branch: https://cgit.freebsd.org/ports/commit/?id=038bcb21cbd11930ab... Karim Elatov

01/11/2022

10:44 AM Feature #12658: Adding prometheus metrics to darkstat
FreeBSD ports bug created: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=261123 Karim Elatov

01/10/2022

09:19 AM Feature #12674 (Feedback): Redistribute RIP to BGP
Merged Viktor Gurov
08:11 AM Feature #12674 (Pull Request Review): Redistribute RIP to BGP
Jim Pingle
04:48 AM Feature #12674: Redistribute RIP to BGP
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/167 Viktor Gurov
04:19 AM Feature #12674 (Resolved): Redistribute RIP to BGP
Current version only support redistributing OSPF to BGP, but not RIP Viktor Gurov
08:56 AM Todo #12354 (Feedback): Update haproxy-devel to mitigate CVE-2021-40346
Marcos Mendoza wrote in #note-9:
> This patch results in the following warning when starting @haproxy@:
> [...]
> ... Viktor Gurov
07:55 AM Bug #12668: Clear System OS Boot Log removes Cypto information on Status Page
Jim Pingle wrote in #note-4:
> This is normal and expected. That information is obtained by inspecting the OS boot l... Jim Middleton
07:34 AM Bug #12668 (Not a Bug): Clear System OS Boot Log removes Cypto information on Status Page
This is normal and expected. That information is obtained by inspecting the OS boot log and if you clear it, there is... Jim Pingle
07:21 AM Bug #12668: Clear System OS Boot Log removes Cypto information on Status Page
Local network with 3 users. Its not an office with a bazillion VLAN's, etc. Jim Middleton
07:20 AM Bug #12668: Clear System OS Boot Log removes Cypto information on Status Page
Viktor Gurov wrote in #note-1:
> Please provide more information about your configuration -
>
> unable to reprod... Jim Middleton
05:49 AM Bug #12668 (Feedback): Clear System OS Boot Log removes Cypto information on Status Page
Please provide more information about your configuration -
unable to reproduce on 2.6.0.b.20220109.0600
fixed ... Viktor Gurov
07:04 AM Bug #11836 (Feedback): FRR ACCEPTFILTER shows out of order prefix-list
Unable to reproduce on FRR 1.1.1_2:... Viktor Gurov
05:55 AM Feature #10818: UDP Broadcast Relay
build pkg:
https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/548 Viktor Gurov
04:11 AM Bug #12443 (Resolved): DNSBL Category ```Enable All``` button not working
Viktor Gurov

01/09/2022

06:31 AM Bug #12670: ACME package writes credentials to system log
It is probably due to https://github.com/pfsense/FreeBSD-ports/blob/94457075a991331b9c0bcee44ea7d4fd9427ab36/security... Florian Apolloner
06:26 AM Bug #12670 (New): ACME package writes credentials to system log
The acme renewal cron currently dumps the config into the system log:... Florian Apolloner

01/08/2022

05:21 PM Bug #12443: DNSBL Category ```Enable All``` button not working
Enable All and Disable All buttons appear to function as desired (compared to 21.05.2) for these blacklists on 22.01.... Jordan G
06:24 AM Bug #12668 (Not a Bug): Clear System OS Boot Log removes Cypto information on Status Page
When I clear the System Log OS Boot and return to the System Status page Crypto information changes from "AES-NI CPU ... Jim Middleton
05:53 AM Bug #12260: Update popup and version missmatch?
Possible workaround: Use a web-browser plugin like 'uBlock Origin' to select this 'popup' (it's a div actually) eleme... R. B.

01/07/2022

08:15 PM Bug #12260: Update popup and version missmatch?
+1 for this, if only to get rid of the unavoidable notification on every page load. Matt D
09:18 AM Bug #12667 (Bogus): Firewall Crashed After Upgrading Wireguard
Upgraded wireguard from 0.1.5 to 0.1.5_3 and after the upgrade was complete firewall crashed. Kyle Sampson
 

Also available in: Atom