Project

General

Profile

Activity

From 03/23/2022 to 04/21/2022

04/21/2022

06:16 PM Bug #11640: Ntopng configuration and data loss when shutting down Redis
The PR was merged quite come time ago. I believe this bug can be closed as complete. Denny Page

04/20/2022

11:02 AM Bug #10426 (Feedback): Filer must validate that File name is uniq
Fix merged. Christopher Cope

04/19/2022

05:38 PM Bug #12933: Vulnerability in ClamAV Engine Used by Squid
Are there any updates on when this might be addressed? We are required to contact the "vendor" every 30 days to requ... Derek Andree
12:24 PM Feature #13063 (Feedback): Improve modem support
PR has been merged. Thanks! Viktor Gurov
05:38 AM Bug #13073 (New): ClamAV - clamd dies with high CPU load and thus the C-ICAP of squid-reverse proxy causes http:500 errors

ClamAV - clamd dies with high CPU load and thus the C-ICAP of squid-reverse proxy causes http:500 errors
user-ag... Konrad Lanz

04/18/2022

08:06 AM Feature #13063 (Pull Request Review): Improve modem support
Jim Pingle
08:00 AM Bug #10426 (Pull Request Review): Filer must validate that File name is uniq
Jim Pingle
05:32 AM Feature #11531 (Resolved): Show netmap compatible cards in IPS Mode note
accidentally deleted comment from Jordan Green:
on pfSense + 22.05.a.20220416.0747/Suricata 6.0.4_1 warning now di... Viktor Gurov

04/16/2022

05:07 AM Feature #13063: Improve modem support
https://github.com/pfsense/FreeBSD-ports/pull/1159 Konstantinos Kondylis
02:27 AM Feature #13063 (Resolved): Improve modem support
Cellular package currently supports two Huawei modems and Simcom.
It creates symbolic links for data and control por... Konstantinos Kondylis
04:51 AM Bug #12739 (Resolved): Passlist generates invalid Virtual IP subnets
Tested against:... Danilo Zrenjanin

04/15/2022

06:03 PM Bug #10426: Filer must validate that File name is uniq
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/214 Christopher Cope
02:54 PM Bug #12338: RRD Summary does not report data on 3100
Same issue on a 3100 Alan Wilson
11:16 AM Feature #12795 (Resolved): Add *.pfsense.org and *.netgate.com to the default DNSBL whitelist
Tested on 3.1.0_4
in... Christopher Cope

04/12/2022

11:49 AM Bug #13053 (Closed): LoopiaAPI error handling
In the latest package for ACME the update for LoopiaAPI introduced some code that is incompatible with FreeBSD. This ... Christopher Cope
07:41 AM Bug #13050 (Feedback): ACME update EasyDNS inline api sign-up link
PR merged, thanks! Jim Pingle
02:39 AM Bug #13050: ACME update EasyDNS inline api sign-up link
Pull Request: https://github.com/pfsense/FreeBSD-ports/pull/1156 Rowan Moul
02:37 AM Bug #13050 (Resolved): ACME update EasyDNS inline api sign-up link
The inline api key sign-up link for EasyDNS points to a legacy page, giving the impression that the integration is ou... Rowan Moul

04/11/2022

01:20 PM Bug #12948 (Feedback): IPsec Profile Wizard/Windows: Script generated for IKEv2 VPN using GCM does not use an optimal Phase 2 hash configuration
Merged Viktor Gurov
10:28 AM Bug #12948 (Pull Request Review): IPsec Profile Wizard/Windows: Script generated for IKEv2 VPN using GCM does not use an optimal Phase 2 hash configuration
Jim Pingle
09:55 AM Bug #12948: IPsec Profile Wizard/Windows: Script generated for IKEv2 VPN using GCM does not use an optimal Phase 2 hash configuration
fix:
https://gitlab.netgate.com/pfSense/factory-ports/-/merge_requests/51 Viktor Gurov
12:55 PM Bug #12916: pfBlockerNG-devel cron job does not trigger xmlrpc sync
fix:
https://github.com/pfsense/FreeBSD-ports/pull/1158 Viktor Gurov
11:58 AM Bug #13047: Firewall rules on WireGuard interfaces ignored, state counters not updating and always show 0/0
Thanks, just tested on snapshots and I can confirm this works as expected on 22.05 snapshots. It does not appear to w... Adam Goldberg
11:54 AM Bug #13047: Firewall rules on WireGuard interfaces ignored, state counters not updating and always show 0/0
I can't reproduce that here on snapshots. I have no group rules, only rules on assigned WG interfaces. Traffic passes... Jim Pingle
11:50 AM Bug #13047: Firewall rules on WireGuard interfaces ignored, state counters not updating and always show 0/0
This likely needs to be re-opened. Even with the group rule removed and also disabled, interface rules are ignored.
Adam Goldberg
10:22 AM Bug #13047 (Not a Bug): Firewall rules on WireGuard interfaces ignored, state counters not updating and always show 0/0
Group rules (such as the WireGuard tab) are processed before per-interface rules. Assigned WireGuard interfaces are s... Jim Pingle
10:08 AM Bug #13047 (Not a Bug): Firewall rules on WireGuard interfaces ignored, state counters not updating and always show 0/0
Firewall rules added to "WireGuard" are processed, but rules added to specific interfaces are ignored.
This issue... Adam Goldberg
09:40 AM Bug #13045 (New): Firewall floating rules ignore WireGuard traffic
When adding a floating rule to apply a limiter targeting traffic on a WireGuard interface, the rule is ignored.
Ad... Adam Goldberg
09:19 AM Feature #13044 (New): Customized reporting
Status >> Email Reports
Request: The ability to create custom reporting so that columns and headers can be part of... Mike Moore
09:15 AM Bug #13043 (New): OSPF over Wireguard interface doesn't populate neighbors after reboot
Running pfSense Plus 22.02 and the latest Wireguard (0.1.6_1) and FRR (1.1.1_6 / 7.5.1_3) packages. OSPF works as exp... Adam Goldberg

04/10/2022

11:03 AM Feature #13039 (New): Handle transit gateway VPNs in the AWS VPN wizard
I think the AWS VPN Wizard should not only handle VPC VPN connections, but also attachements to a transit gateway, fr... Soeren Malchow
10:36 AM Bug #12924: DNS Resolver WireGuard ACL Inconsistency
Hey Christian. Were you able to recreate this problem already? Kevin Mychal Ong

04/09/2022

01:11 PM Bug #13032 (Resolved): openvpn-client-import PHP warning
Tested on the:... Danilo Zrenjanin
01:08 PM Bug #12814 (Resolved): OpenVPN Client Import does not populate 'remote_cert_tls' option
Tested on the:... Danilo Zrenjanin

04/08/2022

12:22 PM Bug #12916: pfBlockerNG-devel cron job does not trigger xmlrpc sync
I can confirm this issue also on a HA pair running 22.01. We have had this issue since switching to pfBlockerNG-devel... Alexander Lindqvist

04/07/2022

11:31 AM Feature #9833: ACME: add ability to use custom ACME server
+1 for this! Just set up step-ca and would love having this functionality too. Connor McBrine-Ellis

04/06/2022

12:55 PM Bug #13022: HAProxy - Sub Frontends ignore Client verification CA certificates
Hi, I have entered the line and received the following antowrt:... Anonymous
10:33 AM Bug #13022: HAProxy - Sub Frontends ignore Client verification CA certificates
Shared frontends certificates are saved to the @/var/etc/haproxy/<frontend>.crt_list@
for example:... Viktor Gurov
11:59 AM Bug #13034 (Feedback): Zabbix6 Agent and Proxy fail to set the PSK from the web GUI in its conf files
Merged:
https://github.com/pfsense/FreeBSD-ports/commit/93b8b43ec23cbe6ae71ad2a792ced07d60589db6 Viktor Gurov
11:34 AM Bug #13034 (Pull Request Review): Zabbix6 Agent and Proxy fail to set the PSK from the web GUI in its conf files
Jim Pingle
11:30 AM Bug #13034: Zabbix6 Agent and Proxy fail to set the PSK from the web GUI in its conf files
fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/209 Viktor Gurov
10:58 AM Bug #13034 (Resolved): Zabbix6 Agent and Proxy fail to set the PSK from the web GUI in its conf files
The Zabbix 6 agent and proxy running on pfSense 2.6.0 fails to set the PSK values from the web GUI in the zabbix conf... Mat Clarke
11:34 AM Bug #13032 (Feedback): openvpn-client-import PHP warning
Merged Viktor Gurov
10:18 AM Bug #13032 (Pull Request Review): openvpn-client-import PHP warning
Jim Pingle
09:31 AM Bug #13032: openvpn-client-import PHP warning
fix:
https://gitlab.netgate.com/pfSense/factory-ports/-/merge_requests/50 Viktor Gurov
06:27 AM Bug #13032 (Resolved): openvpn-client-import PHP warning
Crash report shows:... Steve Wheeler

04/05/2022

12:52 PM Bug #12956 (Confirmed): suricata fails to use pcre in SID management (e.g. dropsid.conf)
I'm reopening this issue, as the function @preg_quote@ escapes all special characters, rather than just delimiters.
h... Marcos M
08:12 AM Bug #11343 (Feedback): Invalid link to pfSense-pkg-bind changelog
Merged:
https://github.com/pfsense/FreeBSD-ports/commit/a3bbd61e6a0376f80674a83b6bf99e74cb013bc5 Viktor Gurov
07:32 AM Bug #11343 (Pull Request Review): Invalid link to pfSense-pkg-bind changelog
Jim Pingle
01:40 AM Bug #11343: Invalid link to pfSense-pkg-bind changelog
fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/206 Viktor Gurov
01:51 AM Bug #10900 (Feedback): /packages/backup/backup.php?a=download&t=backup HTTP 504, or Sends PHP Error Message as ASCII/Text file Named pfsense.bak.tgz
Should be fixed in #11098.
Please re-test. Viktor Gurov

04/04/2022

12:14 PM Bug #13022: HAProxy - Sub Frontends ignore Client verification CA certificates
I have taken screenshots of my settings. In principle, the Main Frontent is almost empty, since all settings are cove... Anonymous
07:02 AM Bug #13022 (Feedback): HAProxy - Sub Frontends ignore Client verification CA certificates
Unable to reproduce with pfSense-pkg-haproxy-devel 0.62_9
Could you provide detailed step-by-step instructions to ... Viktor Gurov
08:17 AM Feature #12963 (Feedback): Run nmap scans in the background
Merged to devel for testing in snapshots. Jim Pingle

04/03/2022

08:29 PM Bug #12995 (Resolved): Installing stunnel only on the primary HA node leads to php crashes and sync issues
Tested on @22.05.a.20220403.0600@; works as expected. Marcos M
06:50 AM Bug #13022 (Feedback): HAProxy - Sub Frontends ignore Client verification CA certificates
I noticed that when I create sub frontends in HAProxa and enable the "Client verification CA certificates" in them (e... Anonymous

04/02/2022

04:03 AM Feature #12963: Run nmap scans in the background
I squashed commits since the last review
I reviewed and cleaned up some code readability
Updated the attached patch... Phil Wardt

04/01/2022

05:59 PM Bug #13018 (New): TLD and DNSBL Safesearch DOH conflict disables TLD block when conflicting DOH FQDN is deselected or whitelisted
pfBlockerNG-devel 3.1.0_4
If a TLD (example .cn) is blacklisted and conflicts with DNSBL Safesearch DOH blocking (ex... James Wilson
04:27 PM Feature #12963: Run nmap scans in the background
Add No DNS Resolution option for faster scans
Should be completed
Attached patch for pfsense 2.6.0 Phil Wardt
09:53 AM Feature #12963: Run nmap scans in the background
Updated patch to fix this:
- only kill nmap process using the output file created in GUI
- code formatting Phil Wardt
01:36 AM Bug #12814 (Feedback): OpenVPN Client Import does not populate 'remote_cert_tls' option
Merged Viktor Gurov

03/31/2022

04:04 PM Feature #12963: Run nmap scans in the background
I modified the code to disable any custom commands.
This is safer since nmap already changed in the past the -o opti... Phil Wardt
12:22 PM Bug #12818 (Resolved): IP block logging not working
Christopher Cope
12:21 PM Bug #12818: IP block logging not working
Tested and working in... Christopher Cope
12:14 PM Regression #13002 (Feedback): BIND 9.16_13 could not find existing DNSSEC keys at /cf/named/etc/namedb/keys due to directory change
Merged:
https://github.com/pfsense/FreeBSD-ports/commit/1a4f1fdbd14484e4ea4630fe4cd16ac777a32f5a Viktor Gurov
07:43 AM Regression #13002 (Pull Request Review): BIND 9.16_13 could not find existing DNSSEC keys at /cf/named/etc/namedb/keys due to directory change
Jim Pingle
04:59 AM Regression #13002: BIND 9.16_13 could not find existing DNSSEC keys at /cf/named/etc/namedb/keys due to directory change
fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/205 Viktor Gurov
11:51 AM Bug #12916: pfBlockerNG-devel cron job does not trigger xmlrpc sync
Marcos Mendoza wrote:
> Tested on pfSense 2.6.0 and pfBlockerNG-devel 3.1.0_1
> pfBlockerNG-devel option "Enable Sy... Israel Goldstein

03/30/2022

10:19 AM Regression #13002 (Resolved): BIND 9.16_13 could not find existing DNSSEC keys at /cf/named/etc/namedb/keys due to directory change
https://forum.netgate.com/topic/170558/bind-package-9-16_12-reads-from-cf-named-but-changes-in-the-gui-are-written-to... Viktor Gurov

03/29/2022

02:31 PM Feature #12963 (Pull Request Review): Run nmap scans in the background
Jim Pingle
01:12 PM Bug #12992 (Pull Request Review): error: nbproc is not supported any more since HAProxy 2.5
Jim Pingle
10:13 AM Bug #12995 (Feedback): Installing stunnel only on the primary HA node leads to php crashes and sync issues
Merged:
https://github.com/pfsense/FreeBSD-ports/commit/c1a98faf91dee2303b83b9e1f29500241b2700c5 Viktor Gurov
07:40 AM Bug #12995 (Pull Request Review): Installing stunnel only on the primary HA node leads to php crashes and sync issues
Jim Pingle
04:57 AM Bug #12995: Installing stunnel only on the primary HA node leads to php crashes and sync issues
fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/203 Viktor Gurov
09:42 AM Bug #12996 (Duplicate): DNS Resolver needs to run manually after pfBlockerNG-devel package upgrade
Duplicate of #11398 Viktor Gurov
08:19 AM Bug #12996 (Duplicate): DNS Resolver needs to run manually after pfBlockerNG-devel package upgrade
Running system - PfSense Plus 22.01 x64
After upgrading pfBlockerNG-devel from 3.1.0.1 to 3.1.0.2 and from 3.1.0.... Alex BJ

03/28/2022

11:17 PM Bug #12808: Wireguard Gateways disabled when Wireguard Service is Manually Restarted
I found this bug after having WireGuard stop passing traffic after a WAN GW went down and came back up. Upon restorat... Scott Lykens
09:34 PM Bug #12995: Installing stunnel only on the primary HA node leads to php crashes and sync issues
After the nodes are in sync, xmlrpc syn completes successfully. Marcos M
08:52 PM Bug #12995 (Resolved): Installing stunnel only on the primary HA node leads to php crashes and sync issues
Tested on @22.05.a.20220328.0600@.
# Install stunnel on primary node
# Force xmlrpc sync
sync fails and the se... Marcos M
08:16 AM Bug #12992 (Resolved): error: nbproc is not supported any more since HAProxy 2.5
On latest 22.05 snaps, HAProxy-devel 0.62_8 pkg will not start, gives the following error "config : parsing [/var/etc... → luckman212
05:13 AM Feature #12963: Run nmap scans in the background
To disable any code injection risks:
- input is matched against a white list allowing only alphanumeric, spaces (excl... Phil Wardt
05:09 AM Feature #12963: Run nmap scans in the background
After the last nmap changes, I wanted to harmonize the package with "Packet Capture"
https://github.com/pfsense/Free... Phil Wardt

03/27/2022

11:15 AM Bug #12956 (Closed): suricata fails to use pcre in SID management (e.g. dropsid.conf)
The commit says it resolves issue #10244. The reasoning given there is:
> The chosen solution was to mimic the curre... Marcos M

03/25/2022

08:49 AM Bug #12818 (Feedback): IP block logging not working
Should be fixed in pfBlockerNG-devel_3.1.0_3 Viktor Gurov

03/24/2022

02:21 PM Feature #12963: Run nmap scans in the background
Again, noticed the delete icon resource
https://github.com/pfsense/FreeBSD-ports/pull/1152
 Phil Wardt
10:20 AM Feature #12963: Run nmap scans in the background
The Makefile needed an additional fix or it wouldn't compile: https://github.com/pfsense/FreeBSD-ports/commit/d34af18... Jim Pingle
10:05 AM Feature #12963 (Feedback): Run nmap scans in the background
PR merged, thanks! Jim Pingle
11:16 AM Feature #12882: Add the option to specify CURLOPT_INTERFACE in pfBlockerNG IPv4/IPv6 lists
Sure thing, happy to contribute! Charles Hamilton
10:53 AM Feature #12882 (Feedback): Add the option to specify CURLOPT_INTERFACE in pfBlockerNG IPv4/IPv6 lists
PR merged, thanks!
https://github.com/pfsense/commit/9e7c6e33857e42fa97ae04e57285ee180643440d
https://github.com... Viktor Gurov
10:48 AM Feature #12795 (Feedback): Add *.pfsense.org and *.netgate.com to the default DNSBL whitelist
Merged:
https://github.com/pfsense/FreeBSD-ports/commit/b7a4f7d12cc68460d75ae7204d0e4f8381d6d162
 Viktor Gurov
10:47 AM Bug #12706 (Feedback): pfBlockerNG and unbound does not work after switching /var to RAM disk
Merged:
https://github.com/pfsense/commit/dc4f288b66af9b0ffc6dded8fe128aaeca0a9ac6 Viktor Gurov
10:16 AM Bug #12772 (Resolved): Syslog-ng writes config.xml on each start
Tested against:... Danilo Zrenjanin
09:02 AM Bug #12979: Snort Rules Update Process Using Deprecated FreeBSD Subdirectory Name
*Updated Info:* a decision was made to simply cherry-pick the DEVEL change into the RELENG_2_6_0 branch because the S... Bill Meeks
07:22 AM Bug #12979 (Pull Request Review): Snort Rules Update Process Using Deprecated FreeBSD Subdirectory Name
devel PR merged, left a note on the RELENG_2_6_0 PR as there is an issue there that needs resolved first. Jim Pingle

03/23/2022

03:53 PM Bug #12979: Snort Rules Update Process Using Deprecated FreeBSD Subdirectory Name
A fix for this issue has been posted in Pull Requests https://github.com/pfsense/FreeBSD-ports/pull/1149 for RELEASE ... Bill Meeks
02:23 PM Bug #12979 (Pull Request Review): Snort Rules Update Process Using Deprecated FreeBSD Subdirectory Name
Beginning around the first of March 2022, the Snort rules update package from the Snort VRT changed the subdirectory ... Bill Meeks
09:29 AM Feature #12963: Run nmap scans in the background
Standardize nmap text in description: NMap -> Nmap
https://github.com/pfsense/FreeBSD-ports/pull/1148 Phil Wardt
07:28 AM Feature #12963 (Pull Request Review): Run nmap scans in the background
Jim Pingle
07:41 AM Bug #12917 (Resolved): LoopiaAPI changed
Loopia is working again, based on a comment left on the Github commit: https://github.com/pfsense/FreeBSD-ports/commi... Jim Pingle
 

Also available in: Atom