Project

General

Profile

Activity

From 01/26/2023 to 02/24/2023

02/24/2023

07:22 PM Bug #14029: Suricata: Release dangling array reference variables used in post-install migration
A pull request containing the fix for this issue has been submitted here: https://github.com/pfsense/FreeBSD-ports/pu... Bill Meeks
04:50 PM Bug #14029 (Resolved): Suricata: Release dangling array reference variables used in post-install migration
Config array reference variables are used in the post-install migration code of the package to iterate configured int... Bill Meeks
12:43 PM Regression #13950 (Resolved): PHP error with pfBlockerNG
Marcos M
10:15 AM Regression #13978: PHP errors with squidGuard
see the crash log below... mokey fraggle
10:14 AM Regression #13978: PHP errors with squidGuard
This also impacts pfblocker-ng and squid. I suspect it has to do with what appears to be an incompatibility with php ... mokey fraggle
07:56 AM Bug #14021: Squid ClamAV showing bytecode errors for version 334
As of 2-24-23 this has been resolved with . . .
"Empty script bytecode-334.cdiff, need to download entire databas... Jonathan Lee
07:53 AM Bug #14021: Squid ClamAV showing bytecode errors for version 334
This error is also present on package reinstall of Squid Proxy Jonathan Lee

02/23/2023

04:50 PM Regression #13884 (Resolved): pfBlockerNG DNSBL TLD option causes reloads to take a long time
Jim Pingle
03:50 PM Regression #13884: pfBlockerNG DNSBL TLD option causes reloads to take a long time
Should be resolved in v3.2.0_3 BBcan177 .
04:49 PM Regression #13960 (Resolved): PHP Fatal error - pfblockerng.widget.php
Jim Pingle
03:49 PM Regression #13960: PHP Fatal error - pfblockerng.widget.php
Should be resolved in v3.2.0_3 BBcan177 .
04:48 PM Regression #14024: PHP error in HAProxy Widget with Show Client Traffic enabled
It is only afecting the Dashboard Widget. Rodrigo Goncalves
04:47 PM Regression #14024 (Resolved): PHP error in HAProxy Widget with Show Client Traffic enabled
After updating to pfsense plus 23.01 the haproxy dashboard widget is broken when acessing the pfsense web gui behind ... Rodrigo Goncalves
09:11 AM Bug #14021: Squid ClamAV showing bytecode errors for version 334
This error is still present after 24hrs ClamAV will not update currently, This is what Squid is using for Antivirus s... Jonathan Lee
09:04 AM Feature #13863: squidguard auto update blacklist
Side Note: I recently learned to use
cp /tmp/squidGuard_blacklist_update.sh /usr/local/bin/;/usr/local/bin/squidG... Jonathan Lee

02/22/2023

11:54 PM Bug #14021 (Not a Bug): Squid ClamAV showing bytecode errors for version 334
Squids ClamAV Freshclam update will not complete and displays error for database version 334. This just started to oc... Jonathan Lee
03:40 PM Bug #14019 (Resolved): PHP Error: /usr/local/pkg/avahi/avahi.inc:76
In 23.01-REL:... Steve Wheeler
02:58 PM Bug #14018: Service Watchdog keeps monitoring services after thy had been removed
The items were removed from Service Watchdog, but it still was sending notifications.
Do you have any control over... Yuri Weinstein
02:47 PM Bug #14018 (Rejected): Service Watchdog keeps monitoring services after thy had been removed
There is nothing the package can do about that. You added the entry manually, you have to remove it manually.
 Jim Pingle
02:44 PM Bug #14018 (Rejected): Service Watchdog keeps monitoring services after thy had been removed
I suspect it's true for any package, but I tested on pfBlockerNG
Steps:
Have `pfBlockerNG` monitored by `Servic... Yuri Weinstein
11:50 AM Regression #13970: PHP error in apcupsd widget from UTF-8 string handling
I'm seeing a similar issue. apcupsd is gathering data from the UPS. The widget is throwing this error after upgrading... Andrew Dakin
11:47 AM Bug #14014 (Duplicate): APCUPSD widget not working after pfSense + update to v.23.01
Based on the error in the screenshots this is a duplicate of #13970 Jim Pingle
11:31 AM Bug #14014 (Duplicate): APCUPSD widget not working after pfSense + update to v.23.01
I opened an new issue on suggestion from rcoleman-netgate in link: https://forum.netgate.com/topic/178106/apcupsd-wid... Matjaz Bavcon
11:00 AM Bug #14003: Reports/Alerts Issue with IPv6 Addresses
Still seeing them after removing ip_cache.sqlite.
 Andy Kniveton
08:42 AM Bug #14003: Reports/Alerts Issue with IPv6 Addresses

It could be that the old records are in the sqlite cache file?
sqlite3 /var/db/pfblockerng/ip_cache.sqlite .... BBcan177 .
03:25 AM Bug #14003: Reports/Alerts Issue with IPv6 Addresses
Still occurring after 3.2.0_3 Andy Kniveton

02/21/2023

03:35 PM Regression #13960 (Feedback): PHP Fatal error - pfblockerng.widget.php
Looks like this is resolved with https://github.com/pfsense/FreeBSD-ports/pull/1233 Marcos M
03:13 PM Regression #13884: pfBlockerNG DNSBL TLD option causes reloads to take a long time
https://github.com/pfsense/FreeBSD-ports/pull/1233
https://github.com/pfsense/FreeBSD-ports/pull/1234 Christian McDonald
02:42 PM Regression #13884 (Feedback): pfBlockerNG DNSBL TLD option causes reloads to take a long time
Christian McDonald
12:58 PM Bug #13951 (Resolved): pfblockerNG does not allow for vlan description changes
Marcos M
12:57 PM Regression #13950 (Feedback): PHP error with pfBlockerNG
Marcos M
12:56 PM Bug #13989 (Duplicate): XML-RPC Sync not triggered
Likely referring to the following:
https://redmine.pfsense.org/issues/12916
https://redmine.pfsense.org/issues/12918 Marcos M
12:11 PM Bug #14003: Reports/Alerts Issue with IPv6 Addresses
There is a change in the next v3.2.0_3 which should fix this... see after that is installed. BBcan177 .
10:44 AM Bug #14003 (New): Reports/Alerts Issue with IPv6 Addresses
I have Geo blocked China traffic inbound on my WAN interface, IPv4 traffic shows correctly in the Alerts tab but IPv6... Andy Kniveton
07:47 AM Bug #13995 (Resolved): Suricata not saving automatic assignment of a new pass list for an interface - PHP 8.1 regression
PR merged. Jim Pingle
07:46 AM Bug #13991 (Resolved): Snort error reported after update 23.01
PR merged. Jim Pingle
07:46 AM Bug #13994 (Resolved): Snort not saving automatic assignment of a new pass list for an interface - PHP 8.1 regression
PR merged. Jim Pingle

02/20/2023

10:46 PM Bug #13951: pfblockerNG does not allow for vlan description changes
Yes. 23.01 with pfblocker installed allows for LAGG interface changes.
Curious as to why this couldn’t happen prior Mike Moore
10:36 PM Bug #13951: pfblockerNG does not allow for vlan description changes
I believe this is resolved? BBcan177 .
04:14 PM Bug #13997: NUT Package and 23.01
Cyberpower 1200 avr Jonathan Lee
04:10 PM Bug #13997 (Closed): NUT Package and 23.01
Feb 17 13:56:23 Lee_Family kernel: pid 53495 (usbhid-ups), jid 0, uid 66: exited on signal 11
Feb 17 09:20:53 Lee_... Jonathan Lee
04:12 PM Bug #13811: Youtube content getting filtered on Squid when none is Selected
I have also tested this, and it fixes the YouTube issue.
Discussion post on this issue was also here.
https://for... Jonathan Lee
04:11 PM Bug #13972: nut on pfsense spams console every 5 minutes "UPS ups is unavailable" against cyberpower snmp rmcard205
I have opened a different ticket for mine, my issue is with direct USB connection to the UPS Jonathan Lee
02:42 PM Bug #13596 (Resolved): pfBlockerNG-devel Unbound does not start when using DNSBL python regex with multiple commented lines
Marcos M
12:03 PM Bug #13596: pfBlockerNG-devel Unbound does not start when using DNSBL python regex with multiple commented lines
This has been resolved. BBcan177 .
01:14 PM Bug #13995: Suricata not saving automatic assignment of a new pass list for an interface - PHP 8.1 regression
Pull Request #1232 has been posted containing the fix for this issue: https://github.com/pfsense/FreeBSD-ports/pull/1... Bill Meeks
12:52 PM Bug #13995 (Resolved): Suricata not saving automatic assignment of a new pass list for an interface - PHP 8.1 regression
Suricata has the same issue as identified in #13994 for Snort. This is a PHP 8.1 regression. A pull request containin... Bill Meeks
12:35 PM Bug #13991: Snort error reported after update 23.01
Pull Request #1231 has been posted to the DEVEL branch to address this issue: https://github.com/pfsense/FreeBSD-port... Bill Meeks
10:09 AM Bug #13991: Snort error reported after update 23.01
I will take a look at this and post a fix. Likely related to previous PHP 8.1 fixes. This is the second report of thi... Bill Meeks
09:47 AM Bug #13991 (Resolved): Snort error reported after update 23.01
Hi, after the pfsense 23.01 update on the Netgate SG 1100, in snort, when snutter rules are generated in the alerts, ... Antonio Briguglio
12:34 PM Bug #13994: Snort not saving automatic assignment of a new pass list for an interface - PHP 8.1 regression
Pull Request #1231 has been posted to the DEVEL branch to address this issue: https://github.com/pfsense/FreeBSD-port... Bill Meeks
11:35 AM Bug #13994 (Resolved): Snort not saving automatic assignment of a new pass list for an interface - PHP 8.1 regression
When the user clicks the icon to suppress an alert on the ALERTS tab, and there is no existing assigned Suppress List... Bill Meeks
12:01 PM Bug #13989: XML-RPC Sync not triggered
Its only triggered if there were updates to the feeds. Please re-confirm? BBcan177 .
04:42 AM Bug #13989 (Duplicate): XML-RPC Sync not triggered
XML-RPC Sync not triggered.
Neither on Update/CRON/Reload forced or scheduled. Gerold Kroetlinger
10:06 AM Bug #13990 (Duplicate): pfBlockerNG reload freezes
Marcos M
09:28 AM Bug #13990 (Duplicate): pfBlockerNG reload freezes
When Wildcard Blocking (TLD) is activated in DNSBL and want to reload, it freezes when it arrives at.
TLD:
TLD an... Anil Ramkisoen

02/19/2023

12:43 PM Regression #13950 (Waiting on Merge): PHP error with pfBlockerNG
Marcos M
09:51 AM Bug #13972: nut on pfsense spams console every 5 minutes "UPS ups is unavailable" against cyberpower snmp rmcard205
Jonathan Lee wrote in #note-2:
> Kernel issues please review attached log showing issue for NUT package
I'm not s... Jason Montleon
03:24 AM Bug #13985 (Duplicate): Telegraf error After Update PFSense to 23.01
Telegraf craches after update to 23.01
Hardware: Netgate 6100
Telegraf Version: 0.9_6
https://github.com/pfsense/... Marijan Kruljac

02/18/2023

09:59 PM Regression #13984: PHP errors with squid
Resolve for this was found when working with members of the Netgate forum, resave the reverse proxy settings and afte... Jonathan Lee
08:43 PM Regression #13984: PHP errors with squid
This error displays when any changes are made under Squid Jonathan Lee
08:42 PM Regression #13984: PHP errors with squid
System was not having issues under prior version of pfSense. After update PHP errors occur when you try to make chang... Jonathan Lee
08:38 PM Regression #13984 (Resolved): PHP errors with squid
I am not running Squid Reverse proxy, only Squid Proxy for outbound traffic.... Jonathan Lee
09:29 PM Bug #10692: PIMD starts twice at boot
seeing 2x PIMD start, each with unique PIDs running 0.0.3_6 on 23.01 release Jordan G
08:39 PM Bug #13972: nut on pfsense spams console every 5 minutes "UPS ups is unavailable" against cyberpower snmp rmcard205
Kernel issues please review attached log showing issue for NUT package Jonathan Lee
07:03 PM Todo #13906: Update tailscale from 1.34.2 to 1.36.0
Tailscale package updated to version *0.1.1_2* - showing dependency tailscale-1.36.0  Jordan G
03:23 PM Bug #13898: Issues saving pfBlocker Sync Targets
This should be fixed in v3.2.0_2 BBcan177 .
03:22 PM Regression #13950: PHP error with pfBlockerNG
This should be fixed in v3.2.0_2 BBcan177 .
10:13 AM Regression #13950: PHP error with pfBlockerNG
Here is another after-clean install/restore:... Danilo Zrenjanin
02:05 PM Bug #11898: PHP error from apcupsd dashboard widget when battery is charging
After upgrading to 23.01-RELEASE I also see similar behavior:... Anthony Messina
09:02 AM Bug #13515: Snort with PHP 8.1 - TypeError when saving edits to an interface
One report of this still in 23.01-REL:
https://forum.netgate.com/topic/178019/php-errors-at-upgrade-to-23-01/ Steve Wheeler
08:56 AM Bug #13979 (Duplicate): PfblockerNG fails to load on 23.01
Duplicate: https://redmine.pfsense.org/issues/13950 Christopher Cope
03:57 AM Bug #13979: PfblockerNG fails to load on 23.01
My machine: netgate 6100 Paolo Est
03:55 AM Bug #13979 (Duplicate): PfblockerNG fails to load on 23.01
Notifications in this message: 1
================================
10:31:41 PHP ERROR: Type: 1, File: /usr/local/w... Paolo Est
08:54 AM Bug #13980 (Duplicate): PfblockerNG error on installation on 23.01
Duplicate https://redmine.pfsense.org/issues/13950 Christopher Cope
03:57 AM Bug #13980: PfblockerNG error on installation on 23.01
My machine: netgate 6100 Paolo Est
03:55 AM Bug #13980 (Duplicate): PfblockerNG error on installation on 23.01
Executing custom_php_install_command()...
Rebuilding GeoIP tabs...grep: /usr/local/share/GeoIP/cc/Africa_v4.txt: No ... Paolo Est

02/17/2023

11:14 PM Regression #13978 (Resolved): PHP errors with squidGuard
Receiving the following error when trying to install/uninstall the squidguard package.
codePHP ERROR: Type: 1, Fil... Bob Williams
10:06 AM Bug #13925 (Resolved): Suricata 6.0.8_7 - PHP Fatal Errror on IP Rep Tab
PR merged. Will be in builds soon. Jim Pingle
10:06 AM Feature #13955 (Resolved): Add NETMAP_V14 build option knob to Suricata binary makefile options in file ./tools/conf/pfPorts/make.conf
PR merged. Will be in builds soon. Jim Pingle
10:06 AM Bug #13920 (Resolved): 23.01RC - Suricata stops working after Wireguard installed
PR merged. Will be in builds soon. Jim Pingle
02:27 AM Feature #10500: Build HAProxy Package with buildin Prometheus exporter
Per-Arne Hellarvik wrote in #note-14:
> I want to reopen this. The service has disappeared:
> [...]
Just stop using ... DRago_Angel [InV@DER]

02/16/2023

09:24 PM Bug #13972 (Closed): nut on pfsense spams console every 5 minutes "UPS ups is unavailable" against cyberpower snmp rmcard205
This is a bug in nut. I've seen similar on Linux and have confirmed MIB 0.52 fixes it rebuilding packages there.
T... Jason Montleon
05:35 PM Bug #13971 (New): Prometheus service for HAProxy is gone
In https://redmine.pfsense.org/issues/10500 it was added. Now it's gone:... Per-Arne Hellarvik
05:31 PM Feature #10500: Build HAProxy Package with buildin Prometheus exporter
I want to reopen this. The service has disappeared:... Per-Arne Hellarvik
04:56 PM Regression #13970 (Resolved): PHP error in apcupsd widget from UTF-8 string handling
In 23.01 release:... Steve Wheeler
02:59 PM Bug #13969: Status_Monitoring ignores NAT states
To apply the fix manually in the meantime, use this patch:... Jim Pingle
02:52 PM Bug #13969 (Feedback): Status_Monitoring ignores NAT states
Fix pushed, will be in dev snapshots.
Not picked to 23.01 since it doesn't make sense to update this without havin... Jim Pingle
02:40 PM Bug #13969 (Resolved): Status_Monitoring ignores NAT states
The fix for #13966 corrected parsing of NAT states for RRD, but the Status_Monitoring frontend appears to be ignoring... Jim Pingle

02/15/2023

08:26 PM Regression #13950: PHP error with pfBlockerNG
Another report after upgrading to 23.01:... Marcos M
08:25 PM Regression #13960 (Resolved): PHP Fatal error - pfblockerng.widget.php
Upgrading to new 23.01 release today and was greeted with unusable WebConfigurator due to php error on Pfblocker dash... RED SKULL
07:10 PM Regression #13958: Snort exits with signal 10 on arm32
Signal 10 is the "unaligned memory access" fault. My first suspicion is an update of the llvm compiler in 23.01 has r... Bill Meeks
06:09 PM Regression #13958 (Resolved): Snort exits with signal 10 on arm32
In 23.01 Snort core dumps with signal 10:... Steve Wheeler
03:01 PM Bug #13920: 23.01RC - Suricata stops working after Wireguard installed
The final fix for this issue is contained in pull request #1226 posted for review and merge. The request may be viewe... Bill Meeks
02:58 PM Feature #13955: Add NETMAP_V14 build option knob to Suricata binary makefile options in file ./tools/conf/pfPorts/make.conf
The required Pull Request for this feature has been posted for review and merge. The request is available here: https... Bill Meeks
02:56 PM Bug #13925: Suricata 6.0.8_7 - PHP Fatal Errror on IP Rep Tab
The pull request containing this fix has been posted for review and merge. The pull request can be viewed here: https... Bill Meeks
09:10 AM Feature #13957 (Rejected): BandwidthD
For any of that to be possible the actual developers of bandwidthd would have to add those functions first, which at ... Jim Pingle
09:01 AM Feature #13957 (Rejected): BandwidthD
The current application available through pfsense doesn't allow for monitoring of multiple interfaces and data collec... Mike Moore

02/14/2023

10:07 PM Feature #13955: Add NETMAP_V14 build option knob to Suricata binary makefile options in file ./tools/conf/pfPorts/make.conf
I will be submitting the pull request to accomplish this request as soon as pfSense Plus 23.01 exits RC status and go... Bill Meeks
10:01 PM Feature #13955 (Resolved): Add NETMAP_V14 build option knob to Suricata binary makefile options in file ./tools/conf/pfPorts/make.conf
Suricata 6.0.9 and later supports a new Makefile build option called NETMAP_V14. This enables a binary build using th... Bill Meeks
10:06 PM Bug #13925: Suricata 6.0.8_7 - PHP Fatal Errror on IP Rep Tab
Thanks Marcos. I have already created the necessary fix and posted the commit to my personal FreeBSD-ports repo. I wi... Bill Meeks
07:06 PM Bug #13925: Suricata 6.0.8_7 - PHP Fatal Errror on IP Rep Tab
Here's the diff submitted previously FWIW:... Marcos M
07:02 PM Bug #13925: Suricata 6.0.8_7 - PHP Fatal Errror on IP Rep Tab
I have taken responsibility for correcting this issue in the Suricata GUI package. I have a PR ready for submission s... Bill Meeks

02/13/2023

03:52 PM Feature #12711: Add InfluxDB V2 support
Is it possible to get some TLC on this? I use Telegraf and InfluxDB V2 for my metrics from my homelab, so this is a b... Per-Arne Hellarvik
11:00 AM Regression #13947 (Feedback): Remove 4096GB quota limit
Validation removed in ddebe728, plumbed through plus-devel and 23.01 Reid Linnemann
10:23 AM Bug #13951: pfblockerNG does not allow for vlan description changes
A workaround i have found is to first disable the interface under Interfaces/Interface Assignments / Select an interf... Mike Moore
10:21 AM Bug #13951 (Resolved): pfblockerNG does not allow for vlan description changes
After a few weeks of troubleshooting within the forums, the problem has been traced directly to pfblocker. If install... Mike Moore

02/12/2023

09:00 PM Regression #13950 (Resolved): PHP error with pfBlockerNG
After restoring a config backup which contains pfBlockerNG-devel to a fresh install of 23.01, a crash/alert shows the... Marcos M

02/11/2023

12:03 PM Regression #13947: Remove 4096GB quota limit
As an observation, you can avoid the overflow consequences of premature logout due to the 32 bit unsigned integer ove... Dale Harron

02/09/2023

07:40 AM Bug #13874 (Resolved): pfBlocker -devel hanging on cron jobs
Thanks for testing and following up!
I'm going to mark this one resolved as there was some overlap with #13926 and... Jim Pingle
07:39 AM Bug #13926 (Resolved): pfBlockerNG-devel 3.2.0 - Slow MaxMind Database Downloads under PHP 8.1
Jim Pingle
05:39 AM Bug #13936 (Confirmed): PHP error from RRD Graphs when attempting a query a newly created empty database
I replicated the issue. ... Danilo Zrenjanin

02/08/2023

06:38 PM Bug #13874: pfBlocker -devel hanging on cron jobs
Work has had me tied up so I haven't been able to do review the information Jim was kind enough to provide. I freed ... Allen C
03:36 PM Bug #13926: pfBlockerNG-devel 3.2.0 - Slow MaxMind Database Downloads under PHP 8.1
This change fixed two issues I have seen with pfB since moving to 23.01: 1) slow MaxMind downloads; 2) slow block lis... Glenn Hall
11:21 AM Regression #13947 (Feedback): Remove 4096GB quota limit
The 4096GB quota limit introduced to prevent pfSense-Max-Total-Octets overflowing uint32 for captive portal artificia... Reid Linnemann
08:37 AM Bug #13897 (Resolved): IPsec Profile Wizard/Windows: Generated script adds an invalid route command for ``0.0.0.0/0``
Tested against the IPsec Profile Wizard pkg v. 1.1
It looks fine.
*Split Tunnel Routes* part is omitted if the loca... Danilo Zrenjanin
07:14 AM Feature #13930: Hysteria Proxy/Relay
help doc link: https://hysteria.network/docs/advanced-usage/ yon Liu
04:41 AM Feature #13930: Hysteria Proxy/Relay
It supports using ACME to obtain encryption certificates or self-signed certificates can be used. yon Liu
04:40 AM Feature #13930: Hysteria Proxy/Relay
After I have tested and compared, it is designed to include encryption to bypass monitoring. After the network protoc... yon Liu
04:33 AM Feature #13930: Hysteria Proxy/Relay
No, it has encryption, and it's specifically designed to bypass internet surveillance in authoritarian countries. Cer... yon Liu

02/07/2023

02:19 PM Todo #13255: Set PKCS#12 algorithm when exporting OpenVPN ZIP or Windows bundles
That is part of the plan, see #13917 Jim Pingle
01:06 PM Todo #13255: Set PKCS#12 algorithm when exporting OpenVPN ZIP or Windows bundles
Jim Pingle wrote:
> Currently when crafting a PKCS#12 archive the OpenVPN Client Export package does not set a speci... Thomas Ward
09:33 AM Bug #10646 (Resolved): Reinstall package process stalls at pfBlockerNG when restoring a config
This has been working since the fix went in. Jim Pingle
09:33 AM Bug #11398 (Resolved): pfBlocker upgrade hangs forever
This has been working since the fix went in. Jim Pingle
08:13 AM Regression #13892 (Resolved): PHP error from ``status_monitoring.php`` with empty OpenVPN servers
Jim Pingle

02/06/2023

02:38 PM Bug #13920: 23.01RC - Suricata stops working after Wireguard installed
The fix for this issue requires an update to the custom blocking plugin compiled into the Suricata binary on pfSense.... Bill Meeks
12:33 PM Bug #13936 (Resolved): PHP error from RRD Graphs when attempting a query a newly created empty database
Attempting to view an RRD graph of a new database that doesn't yet have data results in a PHP error.
Easiest way t... Jim Pingle
07:48 AM Feature #13575: Update to frr 9.0.1
When this happens it's best to just move to 8.x and not keep two versions around.
 Jim Pingle
07:46 AM Feature #13931 (Duplicate): Upgrade FRR from 7.x to 8.x
Duplicate of #13575 Jim Pingle
07:34 AM Feature #13930: Hysteria Proxy/Relay
It's no surprise that it's faster than WireGuard as it has no encryption. It's a proxy/relay setup, not an encrypted ... Jim Pingle

02/05/2023

09:18 AM Bug #13920: 23.01RC - Suricata stops working after Wireguard installed
Bill Meeks wrote in #note-7:
> Just to be clear on this PHP error. I think you are getting that because you made an ... Greger Blennerud
07:55 AM Feature #13930: Hysteria Proxy/Relay
I have notified the developer of this program, and the developer has agreed to promote this program. And it is recomm... yon Liu

02/04/2023

09:36 PM Bug #13932 (Not a Bug): Deprecation Message for Arpwatch
I checked the code. We are already using -w instead of -m. We could remove the pkg-message from our net-mgmt/arpwatch. Christian McDonald
06:12 PM Bug #13932 (Not a Bug): Deprecation Message for Arpwatch
During install, the following message about deprecated flags is mentioned:
_
The -m flag is deprecated. If you are ... Kris Phillips
02:21 PM Bug #13920: 23.01RC - Suricata stops working after Wireguard installed
Greger Blennerud wrote in #note-6:
> The actual list found in /usr/local/etc/suricata/suricata_28603_vtnet1 never cha... Bill Meeks
04:08 AM Bug #13920: 23.01RC - Suricata stops working after Wireguard installed
I decided to do some more testing and discovered some wierd issues with the passlist.
First of all, I get a discrep... Greger Blennerud
10:59 AM Feature #13931 (Duplicate): Upgrade FRR from 7.x to 8.x
The FRR latest version has fixed many problems. Including the bug fixes submitted by me. And added many new features.... yon Liu
10:55 AM Feature #13930 (New): Hysteria Proxy/Relay
Please consider adding this function. I have tested that its actual network speed is 5-10 times faster than wireguard... yon Liu
10:05 AM Bug #13925 (Pull Request Review): Suricata 6.0.8_7 - PHP Fatal Errror on IP Rep Tab
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/328 Christopher Cope
08:45 AM Bug #13925 (Confirmed): Suricata 6.0.8_7 - PHP Fatal Errror on IP Rep Tab
I'm able to reproduce this on... Christopher Cope

02/03/2023

04:33 PM Bug #13920: 23.01RC - Suricata stops working after Wireguard installed
Looking into this deeper, I suspect there is potentially an issue with the custom blocking plugin used with the Suric... Bill Meeks
11:07 AM Regression #13884: pfBlockerNG DNSBL TLD option causes reloads to take a long time
Related forum thread: https://forum.netgate.com/topic/177504/v-3-2-0-with-pfsense-23-01-rc-20230202 Jim Pingle
10:40 AM Bug #13874: pfBlocker -devel hanging on cron jobs
There may be two distinct issues there: One with downloads, and one with processing.
If you find it's hanging up on ... Jim Pingle
10:10 AM Bug #13874: pfBlocker -devel hanging on cron jobs
Ran into this issue on pfBlockerNG-devel v3.2.0 a few days ago. Have been deploying dailies, currently on v2.7.0.a.2... Allen C
10:08 AM Bug #13926 (Feedback): pfBlockerNG-devel 3.2.0 - Slow MaxMind Database Downloads under PHP 8.1
I merged the changes to the pfBlockerNG cURL defaults, so the next build will include them. Jim Pingle
09:48 AM Bug #13926: pfBlockerNG-devel 3.2.0 - Slow MaxMind Database Downloads under PHP 8.1
Steve Wilson wrote in #note-2:
> Jim,
>
> With your patch applied the download completes in about 5 seconds, so i... Jim Pingle
09:44 AM Bug #13926: pfBlockerNG-devel 3.2.0 - Slow MaxMind Database Downloads under PHP 8.1
Jim,
With your patch applied the download completes in about 5 seconds, so it solves the issue. But note that the... Steve Wilson
09:24 AM Bug #13926: pfBlockerNG-devel 3.2.0 - Slow MaxMind Database Downloads under PHP 8.1
If you can easily reproduce this, try the following patch (path strip=1):... Jim Pingle
04:37 AM Bug #13926 (Resolved): pfBlockerNG-devel 3.2.0 - Slow MaxMind Database Downloads under PHP 8.1
Prior to the update to PHP 8.1, downloads of the MaxMind database would take approximately 4 seconds. After the updat... Steve Wilson
08:11 AM Bug #13922 (Resolved): Snort - rules package downloads may hang for an extended period if remote site offers an HTTP/2 connection
PR merged, thanks! Jim Pingle
08:11 AM Bug #13923 (Resolved): Snort - fails to clean-up all files when uninstalling and also creates an unnecessary barnyard2 logging subdirectory.
PR merged, thanks! Jim Pingle
08:11 AM Bug #13839 (Resolved): Suricata version updates take a long time
PR merged, thanks! Jim Pingle
01:54 AM Bug #13925 (Resolved): Suricata 6.0.8_7 - PHP Fatal Errror on IP Rep Tab
Clicking on the IP Rep tab when editing an existing interface throws a PHP error.
Steps to reproduce:
1. Naviga... Steve Wilson

02/02/2023

07:26 PM Bug #13922: Snort - rules package downloads may hang for an extended period if remote site offers an HTTP/2 connection
This issue is resolved by pull request #1225 posted against the DEVEL snapshots here: https://github.com/pfsense/Free... Bill Meeks
07:04 PM Bug #13922 (Resolved): Snort - rules package downloads may hang for an extended period if remote site offers an HTTP/2 connection
Changes in cURL function behavior in PHP 8.1 make the Snort package vulnerable to a hang condition when downloading r... Bill Meeks
07:26 PM Bug #13923: Snort - fails to clean-up all files when uninstalling and also creates an unnecessary barnyard2 logging subdirectory.
This issue is resolved by pull request #1225 posted against the DEVEL snapshots here: https://github.com/pfsense/Free... Bill Meeks
07:10 PM Bug #13923 (Resolved): Snort - fails to clean-up all files when uninstalling and also creates an unnecessary barnyard2 logging subdirectory.
The Snort package fails to clean up all it's _*.rules_ files when uninstalling. It also creates a Barnyard2 logging s... Bill Meeks
06:27 PM Bug #13839: Suricata version updates take a long time
Jim Pingle wrote in #note-6:
> To fix some issues in Dynamic DNS where it didn't want to close connections (it hung ... Bill Meeks
06:12 PM Bug #13839: Suricata version updates take a long time
The pull request to correct this issue has been submitted against the snapshots DEVEL branch here: https://github.com... Bill Meeks
05:19 PM Bug #13839: Suricata version updates take a long time
To fix some issues in Dynamic DNS where it didn't want to close connections (it hung pretty much indefinitely) we end... Jim Pingle
05:07 PM Bug #13839: Suricata version updates take a long time
After some digging around, I am pretty sure I found the problem here. It is related to HTTP/2 support in cURL. I can ... Bill Meeks
05:24 PM Bug #13566 (Resolved): Non-devel pfBlocker Package Broken in 2.7 CE with PHP 8.1
Tested on... Christopher Cope
04:31 PM Bug #13920: 23.01RC - Suricata stops working after Wireguard installed
Christian McDonald wrote in #note-3:
> Hi,
>
> I'll have a look. Might not be this week, but definitely next week... Bill Meeks
02:23 PM Bug #13920: 23.01RC - Suricata stops working after Wireguard installed
Hi,
I'll have a look. Might not be this week, but definitely next week. Christian McDonald
01:43 PM Bug #13920: 23.01RC - Suricata stops working after Wireguard installed
I might need some assistance from the Netgate wireguard guru on this one. I don't have a functioning wireguard packag... Bill Meeks
10:38 AM Bug #13920 (Resolved): 23.01RC - Suricata stops working after Wireguard installed
Upgraded to 23.01RC from 22.05 without any packages installed. Current base system shown as 23.01.r.20230202.0019
... Greger Blennerud
10:47 AM Bug #13919 (Resolved): Typo in suricata package: cpnfig_set_path()
PR merged Jim Pingle
08:34 AM Bug #13919: Typo in suricata package: cpnfig_set_path()
This issue has been corrected in pull request 1223 posted here: https://github.com/pfsense/FreeBSD-ports/pull/1223.
... Bill Meeks
05:15 AM Bug #13919 (Resolved): Typo in suricata package: cpnfig_set_path()
FreeBSD 14.0-CURRENT #0 plus-RELENG_23_01-n256014-9cf2a68c5e5: Thu Feb 2 00:48:35 UTC 2023 root@freebsd:/var/jen... Brian Macy

02/01/2023

07:59 AM Bug #10436: softflowd no longer sends flow data after upgrade (v0.9.9_1 -> v1.0.0)
Can someone test this with 23.01 snaps on the SG-3100 ?
 Marcelo Cury

01/30/2023

10:01 AM Todo #13917 (Resolved): OpenVPN Client Export: Integrate OpenVPN 2.6.0
We need to add OpenVPN 2.6.0 to the export package but doing so has a few caveats:
* OpenSSL 3.0 which is used in ... Jim Pingle

01/28/2023

09:44 PM Bug #13566: Non-devel pfBlocker Package Broken in 2.7 CE with PHP 8.1
I'm assuming this will have to wait for the RC release, as I don't see this reflected in the BETA repos. Both versio... Kris Phillips
05:49 AM Bug #12808: Wireguard Gateways disabled when Wireguard Service is Manually Restarted
I'm still having the same issue. The link below has recently been update and would suggest that it's an issue using P... B P
02:06 AM Bug #13441: FRR fails to start with route map on "sequence 0" in configuration
The same behavior on frr 1.2_3
frr fail to start
_Jan 28 11:02:02 watchfrr 97266 [EC 268435457] bgpd state... Lev Prokofev

01/27/2023

03:58 PM Bug #13566 (Feedback): Non-devel pfBlocker Package Broken in 2.7 CE with PHP 8.1
@security/pfSense-pkg-pfBlockerNG-devel@ has been copied to @security/pfSense-pkg-pfBlockerNG@.
The versions of bo... Christian McDonald
10:52 AM Bug #12948: IPsec Profile Wizard/Windows: Script generated for IKEv2 VPN using GCM does not use an optimal Phase 2 hash configuration
I also closed out #13877 and #13368 since they were all related. Testing one means the others are also working.
 Jim Pingle
10:50 AM Bug #12948 (Resolved): IPsec Profile Wizard/Windows: Script generated for IKEv2 VPN using GCM does not use an optimal Phase 2 hash configuration
Jim Pingle
10:05 AM Bug #12948: IPsec Profile Wizard/Windows: Script generated for IKEv2 VPN using GCM does not use an optimal Phase 2 hash configuration
Tested against:... Danilo Zrenjanin
10:51 AM Bug #13368 (Resolved): IPsec Profile Wizard/Windows: Cannot generate a script for IKEv2 VPN using GCM ciphers when mobile P2 has no hash algorithms selected
Jim Pingle
10:51 AM Bug #13877 (Resolved): IPsec Profile Wizard/Windows: IKEv2 VPN using GCM configured by the generated script fails to connect with "The IPsec cipher transform is not compatible with the policy"
Jim Pingle

01/26/2023

11:59 AM Bug #13910 (Resolved): Typo in Snort package GUI code may generate an invalid parameter value in snort.conf when Performance Stats logging is enabled
PR merged. Jim Pingle
09:01 AM Bug #13910: Typo in Snort package GUI code may generate an invalid parameter value in snort.conf when Performance Stats logging is enabled
Pull request 1221 has been submitted to correct this issue: https://github.com/pfsense/FreeBSD-ports/pull/1221.
Th... Bill Meeks
08:41 AM Bug #13910 (Resolved): Typo in Snort package GUI code may generate an invalid parameter value in snort.conf when Performance Stats logging is enabled
There is a typo on line 253 of /usr/local/pkg/snort/snort_generate_conf. This can result in the creation of an invali... Bill Meeks
 

Also available in: Atom