pfSense » pfSense Packages

07/22/2022

07:44 AM Bug #13360: Not All AS Prefixes are returned by WHOIS

I recommend trying with the pfBlockerNG-devel. Here is the list I got on the devel version:... Danilo Zrenjanin

05:51 AM Bug #13034 (Resolved): Zabbix6 Agent and Proxy fail to set the PSK from the web GUI in its conf files

Tested:... Danilo Zrenjanin

07/21/2022

05:57 PM Feature #13370: Wireguard Dashboard status

Ideally, it would be nice to see which Peers are connected, similar to the status of the OpenVPN widget.
This is a s... Gil Gil

07/20/2022

09:09 PM Feature #13370: Wireguard Dashboard status

What detail specifically? Marcos M

08:31 PM Feature #13370 (New): Wireguard Dashboard status

It would be nice if the WireGuard widget would give a little more detail on the Dashboard. Gil Gil

11:20 AM Bug #13368 (Resolved): IPsec Profile Wizard/Windows: Cannot generate a script for IKEv2 VPN using GCM ciphers when mobile P2 has no hash algorithms selected

The following P1 cipher suite is supported by Windows natively, yet the wizard prevents it:
AES256-GCM | 128 bits ... Marcos M

07/18/2022

08:02 AM Feature #13361 (Resolved): Add Zabbix 6.2 (agent and proxy) packages

New release from zabbix. Please add this new version.
https://www.zabbix.com/rn/rn6.2.0
https://www.freshports.or... Pim Janssen

07:53 AM Feature #12859: Add Zabbix 6.0 LTS (agent and proxy) packages

zabbix proxy 6 is available but i am unable to close the issue. Pim Janssen

07/17/2022

09:34 AM Bug #13360: Not All AS Prefixes are returned by WHOIS

Kris Phillips wrote in #note-1:
> I can confirm that subnet should be part of that ASN. However, I cannot recreate ... Alex Knop

04:45 AM Bug #13343: HAproxy cookie protection syntax needs updated

Hello,
the bug is there if the haproxy package installation dependency is set to use
haproxy22-2.2.22 (no more "rs... Johannes Goldynia

07/16/2022

08:32 PM Bug #13343: HAproxy cookie protection syntax needs updated

Hello,
Is this present on the stable or devel branch? Or both? Kris Phillips

08:21 PM Bug #13360: Not All AS Prefixes are returned by WHOIS

I can confirm that subnet should be part of that ASN. However, I cannot recreate this in pfBlockerNG. Are you runni... Kris Phillips

03:27 PM Bug #13360 (New): Not All AS Prefixes are returned by WHOIS

If you set up a rule to do WHOIS on AS4917, these are the prefixes returned by pfBlockerNG:
• 12.187.160.0/24
•... Alex Knop

12:05 PM Todo #13349 (Pull Request Review): Add note in WireGuard GUI regarding routing behavior for Allowed IPs

https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/254 Marcos M

07/15/2022

02:00 PM Bug #13154: pfBlocker causing excessive CPU load

Michael Novotny wrote in #note-11:
> Interesting... I reinstalled pfBlocker (pfBlockerNG-devel 3.1.0_4) as I was not ... Denny Page

01:08 PM Bug #13154: pfBlocker causing excessive CPU load

Denny Page wrote in #note-10:
> Probably should confirm that the patch applied correctly. Assuming that you are runni... Michael Novotny

12:45 PM Bug #13154: pfBlocker causing excessive CPU load

Michael Novotny wrote in #note-9:
> The high cpu is still occurring with this patch applied and running on 22.05, re... Denny Page

08:17 AM Bug #13154: pfBlocker causing excessive CPU load

The high cpu is still occurring with this patch applied and running on 22.05, reboot, reloading package, etc. As sta... Michael Novotny

07/14/2022

08:42 AM Feature #12748: Suricata blocked page timestamp breakout to it's own sortable column

Thanks so much, Bill! Appreciate your efforts. tasty ratz

08:30 AM Feature #12748: Suricata blocked page timestamp breakout to it's own sortable column

The pull request has been merged to correct this issue and it can be marked "Resolved". Bill Meeks

08:31 AM Bug #12956: suricata fails to use pcre in SID management (e.g. dropsid.conf)

The pull request has been merged to correct this issue and it can be marked "Resolved". Bill Meeks

08:30 AM Bug #13333: PHP error when saving Suricata rulesets

The pull request has been merged to correct this issue and it can be marked "Resolved". Bill Meeks

07/13/2022

06:24 PM Bug #12956: suricata fails to use pcre in SID management (e.g. dropsid.conf)

The logic has been changed back to the original behavior by removing the _preg_quote()_ wrapping of the PCRE keyword ... Bill Meeks

06:22 PM Feature #12748: Suricata blocked page timestamp breakout to it's own sortable column

Sortable columns have been added to the BLOCKS tab in the latest _pfSense-pkg-suricata-6.0.6_ version of the GUI pack... Bill Meeks

06:20 PM Bug #13333: PHP error when saving Suricata rulesets

This issue has been addressed in the new _pfSense-pkg-suricata-6.0.6_ update. Pull request posted here: https://githu... Bill Meeks

07/11/2022

06:49 PM Bug #13354 (New): Tinc VPN causes constant gateway up/down events, packages restarts and filter reloads

The latest pfSense Plus version broke the tinc VPN: When tinc connects it generates an event:... Flole Systems

06:31 PM Regression #13156: pfBlockerNG IP block stats do not work

luc Willems wrote in #note-15:
> found the issue why it was not working for me. the patch above, it was not "clear" ... Adrian Hansraj

07:43 AM Bug #10608 (Closed): Update squid port to 4.11-p2

Jim Pingle

03:59 AM Bug #13209: Parsing Filter log by pfBlockerNG creates IP Block log with Source/Destination mixed up or wrong Direcion

Any news on a solution for this issue? Djerk Geurts

07/10/2022

11:18 AM Todo #13349 (Resolved): Add note in WireGuard GUI regarding routing behavior for Allowed IPs

As specified here:
https://docs.netgate.com/pfsense/en/latest/vpn/wireguard/settings.html#wireguard-settings-peer
... Marcos M

04:05 AM Regression #13156: pfBlockerNG IP block stats do not work

found the issue why it was not working for me. the patch above, it was not "clear" for me it had to be ' _<space>_ '... luc Willems

07/09/2022

06:50 PM Bug #10900: /packages/backup/backup.php?a=download&t=backup HTTP 504, or Sends PHP Error Message as ASCII/Text file Named pfsense.bak.tgz

This is very similar to https://redmine.pfsense.org/issues/11098 - testing covered using both "/root" and "/" as back... Jordan G

02:11 PM Bug #10608: Update squid port to 4.11-p2

[22.05-RELEASE][admin@pfSense.home.arpa]/root: pkg info squid
squid-5.4.1
Name : squid
Version ... Alhusein Zawi

10:43 AM Bug #13347: Setting BGP default-originate route map does not prepend the AS path

Side note I quickly tested setting a community using a route map on the default-originate statement and it worked. Se... Chris Linstruth

10:32 AM Bug #13347 (New): Setting BGP default-originate route map does not prepend the AS path

Setting a route-map on the default-originate statement or outbound routes to a BGP peer does not properly prepend the... Chris Linstruth

07/08/2022

05:59 AM Regression #13156: pfBlockerNG IP block stats do not work

same for me
using
pfsense+ V22.05
pfblockerNG-devel V3.1.0_4
basic setup using wizard.
manually edit the pf... luc Willems

07/06/2022

11:03 AM Bug #13343 (Resolved): HAproxy cookie protection syntax needs updated

A bug has been found after UPdate to pfSense plus 22.05: the generated code by HaProxy-GUI... Johannes Goldynia

07/05/2022

01:46 PM Bug #13332: HAProxy Broken after v22.05 and HAProxy v0.61_3

Johannes Goldynia
Please open a new bug report for the HSTS / Cookie protection issue. Marcos M

07:59 AM Bug #13332 (Rejected): HAProxy Broken after v22.05 and HAProxy v0.61_3

There is no way the package can possibly track and warn about custom configuration directives. By definition it does ... Jim Pingle

08:09 AM Bug #13336 (Rejected): BGP packets not being sent to OpenVPN cloud connections

This is almost certainly a configuration problem with your OpenVPN setup and/or FRR settings. This site is not for su... Jim Pingle

08:07 AM Bug #13328 (Not a Bug): Wireguard Site-to-Site broken after upgrade to 22.05

This is unlikely to be a bug, but something in your configuration or environment. It's working for many others in sim... Jim Pingle

07/04/2022

08:14 PM Bug #13336 (Rejected): BGP packets not being sent to OpenVPN cloud connections

Scenario:
OpenVPN cloud is utilized to connect two pfsense routers behind CGNAT to allow for site to site connectivi... Devan Bhagat

11:04 AM Bug #11098 (Resolved): Backup Files and Directories plugin crashes firewall if /root specified as backup location

I'll close this given that the original issue (crash) no longer happens. There's still the issue of the package locki... Marcos M

10:32 AM Bug #13333: PHP error when saving Suricata rulesets

Marcos Mendoza wrote in #note-2:
> It happened a while ago as you can tell from the timestamp, unfortunately I don't... Bill Meeks

07/03/2022

11:35 PM Bug #11098: Backup Files and Directories plugin crashes firewall if /root specified as backup location

my apologies, I did misunderstand the initial report
in case of specifying "/root/" as path, the backup button produ... Jordan G

06:42 PM Bug #13333: PHP error when saving Suricata rulesets

It happened a while ago as you can tell from the timestamp, unfortunately I don't remember the exact details to repro... Marcos M

04:14 PM Bug #13333: PHP error when saving Suricata rulesets

Can you add a little more detail for this statement: " _This was triggered when existing rules were auto-enabled by ... Bill Meeks

12:59 PM Bug #13333 (Resolved): PHP error when saving Suricata rulesets

In some cases, @$enabled_rulesets_array@ in @suricata_rulesets.php@ may not be an array which results in the followin... Marcos M

12:20 PM Bug #13332: HAProxy Broken after v22.05 and HAProxy v0.61_3

Hello,
updating the pass-trough rules to... Johannes Goldynia

02:58 AM Bug #13328: Wireguard Site-to-Site broken after upgrade to 22.05

After reading through here, I think this might be related to this
https://redmine.pfsense.org/issues/12808
I never h... Sebastian Schmid

07/02/2022

11:34 PM Bug #13332 (Rejected): HAProxy Broken after v22.05 and HAProxy v0.61_3

If you are using HAProxy deprecated rspidel directive on your frontends or the option option httpchk on backends, HAP... Rick Strangman

08:41 PM Bug #11098: Backup Files and Directories plugin crashes firewall if /root specified as backup location

Jordan Greene wrote in #note-11:
> attempted creation of backup for "/" - after creating the entry and using the back... Kris Phillips

05:14 PM Bug #11098: Backup Files and Directories plugin crashes firewall if /root specified as backup location

attempted creation of backup for "/" - after creating the entry and using the backup button, I'm eventually given 504... Jordan G

10:58 AM Regression #13156: pfBlockerNG IP block stats do not work

This fix doesn't work for me, I still can't get any logging of IP blocks, even though the dashboard counter shows it ... Adrian Hansraj

04:02 AM Bug #13328 (Not a Bug): Wireguard Site-to-Site broken after upgrade to 22.05

Hi,
I upgraded from 22.01 to 22.05. Everything went fine.
Plus home license on virtualized system
On Upgrade the... Sebastian Schmid

06/30/2022

12:52 PM Bug #13309 (Resolved): Cron validation prevents special strings such as @reboot

Tested against the Cron package version 0.3.8_1
It works as expected.
I am marking this ticket resolved. Danilo Zrenjanin

12:35 PM Bug #13261 (Resolved): Input validation rejects empty ``sudo`` command list, but GUI text says it can be empty

Tested on 22.05, package version 0.3_7.
It works as expected. I am marking this ticket closed. Danilo Zrenjanin

06/29/2022

07:00 AM Regression #13156: pfBlockerNG IP block stats do not work

I just tested and your patch also works on the latest 2.7.0-DEVELOPMENT. Glenn Hall

06/28/2022

01:14 PM Bug #13154: pfBlocker causing excessive CPU load

For reference, the patch to fix it is as follows:... Marcos M

08:22 AM Bug #13309 (Feedback): Cron validation prevents special strings such as @reboot

Fixed: https://github.com/pfsense/FreeBSD-ports/commit/68b6508b0454c6113e03c1fd84e20279310d0bef Jim Pingle

06/27/2022

03:52 PM Bug #13309 (Resolved): Cron validation prevents special strings such as @reboot

A recent change to the Cron package introduced field validation. Although the UI specifies time examples, some users ... Grant Henderson

10:45 AM Todo #13306 (Resolved): Update NUT to version 2.8.0 to match FreeBSD Packages

NUT in the FreeBSD repo has been updated to 2.8.0. Make a corresponding update in the pfSense Packages repo. Denny Page

07:19 AM Bug #13261: Input validation rejects empty ``sudo`` command list, but GUI text says it can be empty

Picked back to release branches. Jim Pingle

06/25/2022

05:38 PM Bug #10602 (Resolved): Dashboard->Traffic Graphs bandwidth designations on hover pop-ups

Tested this on pfSense Plus 22.05. Not sure when this was fixed, but this looks to be resolved. Closing out this bu... Kris Phillips

10:59 AM Bug #11572: Auto created firewall rules have IPv4 as protocol only - even for IPv6 lists.

Still an issue in 2.6.0
Why not remove pfblockerNG from Repo if it's no more fixed and maintained anyway? Saves ti... Beat Siegenthaler

06/24/2022

02:50 PM Bug #13261 (Feedback): Input validation rejects empty ``sudo`` command list, but GUI text says it can be empty

Merged: https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/commit/a056c1984a174248da0a0f8c541d9441678a2339 Christopher Cope

01:23 PM Bug #13261 (Pull Request Review): Input validation rejects empty ``sudo`` command list, but GUI text says it can be empty

https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/251 Christopher Cope

11:21 AM Bug #13299 (Resolved): Cron package needs basic input validation and output encoding

Tested and working as expected on... Christopher Cope

10:18 AM Bug #13299 (Feedback): Cron package needs basic input validation and output encoding

Fixed: https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/commit/1a8a2f338592428dd46e543a884b1758b68198c9 Jim Pingle

10:09 AM Bug #13299 (Resolved): Cron package needs basic input validation and output encoding

The cron package does not validate its inputs nor does it encode its output. This can lead to a potential stored XSS.... Jim Pingle

06/23/2022

07:49 PM Bug #8454: Arpwatch package break email notifications from other sources

Is this still current as of 22.05? I just started playing with Arpwatch. What exactly does the "Disable Cron emails" ... → luckman212