pfSense » pfSense Packages

04/03/2023

04:46 PM Regression #14232 (New): ntopng no longer tracks top talkers

ntopng version that now comes with pfsnese plus 23.01 no longer tracks top talkers across time(no historical tracking... Mike Moore

11:38 AM Regression #14189 (New): pfBlocker-NG: HA-Sync is not working

Marcos M

10:29 AM Regression #14189 (Duplicate): pfBlocker-NG: HA-Sync is not working

This issue has existed for some time unfortunately. It's covered by the following reports:
https://redmine.pfsense.or... Marcos M

10:45 AM Bug #12916: pfBlockerNG-devel cron job does not trigger xmlrpc sync

Hello Marcos,
sadly this is not the same bug, because for me on pfSense+ 23.01 no update option worked, not even "... name name

08:14 AM Bug #14220 (Duplicate): pfBlockerNG does not sync to HA secondary

Duplicate of #14189 Jim Pingle

08:11 AM Bug #13936 (Feedback): PHP error from RRD Graphs when attempting a query a newly created empty database

MR merged Jim Pingle

07:57 AM Feature #14193 (Duplicate): Website to add and remove feeds automatically

Jim Pingle

04/02/2023

03:21 PM Bug #14230: PHP error with pfBlockerNG

As a workaround, use the @System Patches@ package to apply the following patch (set @Path Strip Count@ to @0@).... Marcos M

03:11 PM Bug #14230 (New): PHP error with pfBlockerNG

On @pfBlockerNG-3.2.0_3@ and @pfSense-23.01@.... Marcos M

10:51 AM Bug #14075 (Feedback): Using the ``Transparent ClientIP`` option in HAproxy results in kernel panics

The original report was from a customer's system, however I have not been able to reproduce this either on 23.01 nor ... Marcos M

03:43 AM Bug #14228 (Resolved): pfBlockerNG might not support new Maxmind license keys

https://dev.maxmind.com/geoip/release-notes/2023?lang=en#changes-to-maxmind-license-keys
* New license keys will b... Jon Brown

03:08 AM Feature #13195: Dedicated website for Feed mangement - Community Driven

or the website could be website where end users (me and others) can add feeds and report dead feeds that would then b... Jon Brown

03:06 AM Feature #14193: Website to add and remove feeds automatically

duplicate of #13195 - close this one Jon Brown

04/01/2023

08:49 PM Todo #14221: Sync settings and inline documentation needs improving

>>http is insecure because your password will be transmitted in plain text so use https
Not sure it's relevant to ... Kris Phillips

03:35 AM Todo #14221 (New): Sync settings and inline documentation needs improving

This inline notes on the sync page (Firewall --> pfBlockerNG --> Sync) need improving.
* *Add: Allow Sync Pushes*
... Jon Brown

08:34 PM Bug #14218: Deleting a shellcmd entry results in a PHP error and crash report

A diff of the merge request fixes the problem when applied as a system patch. Deleting a shellcmd job doesn't give an... Chris W

10:08 AM Bug #14218 (Pull Request Review): Deleting a shellcmd entry results in a PHP error and crash report

https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/334 Christopher Cope

01:55 PM Bug #11477: FRR does not recognize some BFD options

not exist
frr 1.2_3
pfsense 23.01 Alhusein Zawi

11:17 AM Bug #14223 (New): Block Offenders - Incorrect statement/description

The description on the options 'Block Offenders' is incorrect for 'inline mode' but still valid for 'Legacy Mode'
... Jon Brown

10:55 AM Bug #14220: pfBlockerNG does not sync to HA secondary

Apparently my search for "sync" wasn't good enough. Apologies for the dupe. Steve Y

06:46 AM Bug #14220: pfBlockerNG does not sync to HA secondary

I alreay created a bug for it, see https://redmine.pfsense.org/issues/14189 .
No feedback yet, if someone is even ... name name

03/31/2023

05:27 PM Bug #14220 (Duplicate): pfBlockerNG does not sync to HA secondary

After making changes they are not replicated to the secondary. E.g. on /pfblockerng/pfblockerng_ip.php check "kill s... Steve Y

04:28 PM Bug #14218 (Resolved): Deleting a shellcmd entry results in a PHP error and crash report

1. Install the shellcmd package from System > Package Manager.
2. Services > shellcmd >
Command: ... Chris W

03/30/2023

02:16 PM Regression #13978: PHP errors with squidGuard

Additionally:... Steve Wheeler

07:19 AM Bug #14203 (Rejected): Zabbix Agent 6.2 installation fails

The package installs fine (both agent and proxy) so whatever problem you are encountering is likely unique to your se... Jim Pingle

04:19 AM Bug #14203 (Rejected): Zabbix Agent 6.2 installation fails

I see that this issue is reported a couple of times, i.e. https://redmine.pfsense.org/issues/13587 however it still p... Rajib Momen

03/29/2023

05:29 PM Bug #14199: ACME - Issue with corrupted cert

Hi Jim .
My bad, I said HAProxy by mistake, I am using ACME for this, attached screenshot
Juan Francisco Rodriguez Garcia

11:57 AM Bug #14199: ACME - Issue with corrupted cert

The attached configuration snippet isn't a valid configuration for ACME. I'm not sure how it ended up in that state, ... Jim Pingle

02:58 PM Todo #14202 (Resolved): Rename exported OpenVPN connect files as "connect" rather than "ios"

Some of the files have names that are not following the same rules as the rest. I have made corrections to some of th... Jon Brown

10:02 AM Bug #14200 (New): WireGuard reply-to without NAT

I have discovered that the WireGuard package requires the interface to have the gateway set for the reply-to rules to... Carrnell Tech

03/28/2023

05:34 PM Bug #14199: ACME - Issue with corrupted cert

Attaching the Acme section of my config.xml backup which had this issue after upgrading to the new release on Feb 17 ... Jerold Von Hemel

04:55 PM Bug #14199 (Resolved): ACME - Issue with corrupted cert

Hi team
After creating a new cert in HAProxy i got an timeout on the webui interface then receive this error:
P... Juan Francisco Rodriguez Garcia

02:25 PM Todo #14194: Better colours for alerts

Green and Red are also not great choices because some people are red/green color blind, so ideally whatever colors ar... Jim Pingle

01:32 PM Todo #14194 (New): Better colours for alerts

on the page Firewall --> pfBlockerNG --> Reports --> unified (and others)
pfBlocker uses
* 'Red' for traffic st... Jon Brown

01:50 PM Feature #14196 (Incomplete): permitted firewall rules - additional text

Firewall --> pfBlockerNG --> DNSBL --> DNSBL Configuration --> Permit Firewall Rules
Can you add some additional i... Jon Brown

01:45 PM Feature #14195 (New): Customise what are class as Full Domains when blocking with DNSBL

Currently when a DNSBL is Blocked you get one of 2 pages depending what was looked up. Most lookups will end up beeb ... Jon Brown

01:26 PM Feature #14193 (Duplicate): Website to add and remove feeds automatically

I would like to see a website where end users (me and others) can add feeds and report dead feeds that would then be ... Jon Brown

11:22 AM Feature #14192 (Rejected): Instant Website Redaction Technology Not working

Hello Fellow Netgate Community Members,
I wanted to share some topics for discussion and possibly create a communi... Jonathan Lee

09:33 AM Regression #14189: pfBlocker-NG: HA-Sync is not working

I understand, but I don't know what is "not" happening.
There are two choices when configuring Sync for pfBlockerN... name name

03/27/2023

07:14 PM Regression #14189: pfBlocker-NG: HA-Sync is not working

Packages get updated directly, they don't get patches.
Also there is almost no detail here or on the linked forum ... Jim Pingle

05:31 PM Regression #14189 (Confirmed): pfBlocker-NG: HA-Sync is not working

I'm not the only one with this problem.
See https://forum.netgate.com/topic/179060/pfblockerng-sync-not-working .
... name name

11:27 AM Todo #9200: Add DNS support for Google domain to Acme manager

Ryan Keen wrote in #note-9:
> It appears that Google Domains has added support for DNS-01 ACME Challenges using a to... Jim Pingle

08:53 AM Todo #14155 (Rejected): 'Block Outside DNS' option is present in the server and on the client

The two options cover different scenarios: The option in the base pushes to all clients, the option in the client exp... Jim Pingle

08:32 AM Bug #14142 (Rejected): PHP errors in OpenVPN Client Export package

Christopher is right, it looks like the package needs updating because @vpn_openvpn_export_shared.php@ is removed on ... Jim Pingle

08:14 AM Bug #14141 (Rejected): pfsense 2.6.0 -pfSense-pkg-squid installation failed!

This isn't a bug, but a problem with your current update settings. This site is not for support or diagnostic discuss... Jim Pingle

07:53 AM Feature #14126: Quality monitoring graph scale adjustment

Moving over to the graph frontend location since I'm fairly certain if it can be changed, it's in the parts located i... Jim Pingle

03/25/2023

06:43 PM Todo #12351: Remove non-functional feeds

shallalist is no longer updated, it needs to be removed from DNSBL categories
https://www.shallalist.de/ is comple... Jordan G

06:34 PM Bug #13936 (Pull Request Review): PHP error from RRD Graphs when attempting a query a newly created empty database

https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/333 Christopher Cope

07:49 AM Bug #14179 (New): FreeRadius is active but in an inoperable state, switches to a generated freeradius-temp certificate upon restart

I was testing my HA setup yesterday evening and used the "Enter Persistent CARP Maintenance Mode" button quite a few ... name name

03/23/2023

05:25 AM Feature #14160: Add Search Engine Group in feeds

This is so we can whitelist search engines "Search Engines IPv4", "Search Engines IPv6" Jon Brown

05:02 AM Feature #14160 (New): Add Search Engine Group in feeds

It would be good to get a search engine feed so you can either block them or use them as a whitelist. I have included... Jon Brown

05:22 AM Feature #14162 (New): Add 'Google Services' feed group

This group can be used to allow the blocking or whitelisting of google services. I have added what I found along with... Jon Brown

05:17 AM Feature #14161 (New): Add 'Microsoft Services' feed

This should include all of the Microsoft services and preferably in separate items. I have included links to the page... Jon Brown

03:17 AM Feature #14159 (New): Add netgate bogon feeds

Can you add the netgate bogon feeds.
* https://files.netgate.com/lists/
** https://files.netgate.com/lists/bogon-... Jon Brown

02:48 AM Bug #13936: PHP error from RRD Graphs when attempting a query a newly created empty database

Can replicate on ... Lev Prokofev

03/22/2023

03:34 PM Feature #13200: Custom DNS Servers for Alert settings

One solution would be to deny:
LAN: Deny any != pfblockerng ip TCP/UDP:53
WAN: ANY outgoing TCP/UDP:53
And allow... Carlos Montalvo J.

11:27 AM Todo #14155 (Rejected): 'Block Outside DNS' option is present in the server and on the client

I find this situation confusing and propose a couple of resolutions:
* If the option 'Block Outside DNS' should stay... Jon Brown

11:22 AM Feature #11165: OpenVPN Exporter - Allow for name customization

I would like to see this so if I want, I can create more human readable connection names which are shown in the OpenV... Jon Brown

08:41 AM Bug #14142 (Not a Bug): PHP errors in OpenVPN Client Export package

This doesn't look like a bug. From the logs, the OpenVPN export package needs to be updated / reinstalled.
If that... Christopher Cope

06:05 AM Bug #14142 (Rejected): PHP errors in OpenVPN Client Export package

Good moorning after installation last version of pf-sense, system shows Us the follow error related openvpn .
I am... Stefano Raniero

08:40 AM Feature #14154 (New): Ability to use pfSense alias in IPv4 Custom_List

Firewall --> pfBlockerNG --> IP --> IPv4 --> edit/add --> IPv4 Custom_List
the reasons for this are:
* I only hav... Jon Brown

08:36 AM Bug #14153 (New): default whitelist is not created

When I click on the button from the + button from the reports tab and follow the whitelisting, the default whitelist ... Jon Brown

08:08 AM Feature #14151 (New): Add (ASN) to IPv4 Custom_List information

Firewall --> pfBlockerNG --> IP --> IPv4 --> IPv4 Custom_List
the line ... Jon Brown

08:05 AM Feature #14150 (New): Source and Destination information for IPv4 Custom_List and feeds

Firewall --> pfBlockerNG --> IP --> IPv4 --> list
When you edit/create a list you have to select an action type an... Jon Brown

07:58 AM Feature #14149 (New): Make the NEXT Scheduled CRON counter active

I would like the countdown timer of the cron to be active. Like on an aution page of ebay. :)
Firewall --> pfBlock... Jon Brown

07:54 AM Feature #14148 (New): Update alias information and error handling

On the following sections can you:
Firewall --> pfBlockerNG --> IP --> IPv4
*Advanced Inbound Firewall Rule Set... Jon Brown

07:48 AM Feature #14147 (New): when you rename an alias the alias reference in pfsense Advanced Inbound/Outbound rules ar enot updated

I refer to the rules @ (Firewall --> pfBlockerNG --> IP --> IPv4)
I noticed that when I renamed an alias that the ... Jon Brown

07:36 AM Bug #14146 (New): Small Typo in 'Advanced Outbound firewall rule settings' warning message

When creating an IPv4 outbound permit rule (Firewall --> pfBlockerNG --> Ip --> IPv4) and you leave the **Custom Prot... Jon Brown

03/21/2023

07:17 PM Bug #14054: pfBlockerNG can incorrectly modify firewall rules

It appears this related to the IPv4 IP list being updated, and happens during this step:... Marcos M

06:38 PM Bug #14141 (Rejected): pfsense 2.6.0 -pfSense-pkg-squid installation failed!

Hi guys,
Any help please.
I'm working on a lab project that is due in the comming days. Everything has worke fine u... Jean Smail Origene

05:43 PM Todo #9200: Add DNS support for Google domain to Acme manager

It appears that Google Domains has added support for DNS-01 ACME Challenges using a token generated on Google Domains... Ryan Keen

01:56 PM Feature #8547: fwknop Port Knocking Package

I'd like to add a vote here, too. This would be *incredibly* useful.
Port knocking is not an _alternative_ to a VP... Liquid Thex

03/20/2023

02:03 PM Bug #14116 (Duplicate): Squid Error went I press SAVE button.

Duplicate of https://redmine.pfsense.org/issues/13984
Missing Squid Reverse config values. Steve Wheeler

10:19 AM Bug #14116: Squid Error went I press SAVE button.

Looks like Clamav is the issue, once I disable this services, the error is gone.

This is my config file:
cat... Peter Moreno

03/19/2023

04:33 PM Regression #14024: PHP error in HAProxy Widget with Show Client Traffic enabled

I have the same issue but only affecting one of my deployments. As a workaround you can disable the haproxy service t... Hans Perera

11:25 AM Feature #14126 (New): Quality monitoring graph scale adjustment

If possible, it would be nice if the scale of the packet loss side of the onitoring graph was not the same as the lat... Chris Linstruth

03/18/2023

09:36 PM Bug #13985: Telegraf error After Update PFSense to 23.01

Unable to replicate in pfSense CE 2.7. Possible it's just an issue on Plus for some reason. Kris Phillips

09:30 PM Bug #14116: Squid Error went I press SAVE button.

Hello,
What settings do you have enabled and what page were you on that you clicked save to cause this issue? I'v... Kris Phillips

03/16/2023

07:59 PM Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset

Prime BDE wrote in #note-28:
> Nunya Business wrote in #note-27:
> > This problem has returned with the current ver... Gianluca Semadeni

02:49 AM Feature #14101: Add Zabbix 6.4 packages

Should there be any help needed, I happen to be the maintainer of all zabbix ports. Juraj Lutter

12:52 AM Bug #14116: Squid Error went I press SAVE button.

Crash report begins. Anonymous machine information:
amd64
14.0-CURRENT
FreeBSD 14.0-CURRENT #1 devel-main-n2558... Peter Moreno

12:51 AM Bug #14116 (Duplicate): Squid Error went I press SAVE button.

Hello, I have squid+SG on Pfsense 2.7-dev, testing.
I was trying to do a little change and went I press 'SAVE' butto... Peter Moreno

03/15/2023

09:45 AM Bug #14113 (Duplicate): PHP Error: /usr/local/pkg/avahi/avahi.inc:76

Duplicate of #14019 Jim Pingle

02:22 AM Bug #14113 (Duplicate): PHP Error: /usr/local/pkg/avahi/avahi.inc:76

Just updated my pfsense box to 23.01 from 22.05. Everything was going smoothly, but on my first login i received a no... S Hunor

03/14/2023

01:42 PM Bug #14075: Using the ``Transparent ClientIP`` option in HAproxy results in kernel panics

I have returned ipfw to development snapshots so we can work on replicating and testing there. It is not possible to ... Christian McDonald

10:54 AM Bug #14108 (Rejected): Antivirus Bases showing outdated main.cvd with a version dated year 2021

Per ClamAV's website:
"ClamAV signatures come in a variety of formats, one for each of the distinct detection method... Jonathan Lee

03/13/2023

05:27 PM Feature #14101 (Resolved): Add Zabbix 6.4 packages

https://www.freshports.org/net-mgmt/zabbix64-agent/
https://www.freshports.org/net-mgmt/zabbix64-proxy/
Tirso Ramirez

09:43 AM Feature #14100 (New): Use interface groups as an Alias for IP Interface/Rules Configuration

Hi
I understand that there is an order in how firewall rules are used but my suggestion is not for altering that.
... Jon Brown

09:05 AM Regression #13978: PHP errors with squidGuard

Also:... Steve Wheeler

03/12/2023

04:02 PM Bug #13043: OSPF over Wireguard interface doesn't populate neighbors after reboot

Hi,
just wanted to confirm. I can reproduce this issue on all of my installations so far. Mostly PFsense CE 2.6.0 ... Johann Lohberger

09:09 AM Regression #14097 (Duplicate): Upgrade to 23.01: PHP Fatal error: Uncaught TypeError: Unsupported operand types: string / int in /etc/inc/util.inc

Duplicate of #14024 Jim Pingle

01:28 AM Regression #14097 (Duplicate): Upgrade to 23.01: PHP Fatal error: Uncaught TypeError: Unsupported operand types: string / int in /etc/inc/util.inc

After the upgrade to version 23.01-RELEASE I right away got a message from the Crash reporter:... Sebastian Wagner

03/11/2023

03:34 PM Bug #14096 (Resolved): Status_Traffic_Totals does not work on snapshots due to sqlite change

It looks like a recent change in sqlite broke vnstat which leads to Status_Traffic_Totals not working:
https://for... Jim Pingle

02:05 PM Bug #14094: HAProxy "Write to Disk" files not being saved

Christopher Cope wrote in #note-2:
> The files are not wrote unless HAProxy is enabled, and the backend / frontend a... Ryan V

01:39 PM Bug #14094 (Not a Bug): HAProxy "Write to Disk" files not being saved

Ryan V wrote:
> pfSense v2.6.0, HAProxy package v0.61_7.
>
> I am trying to save a map file via the Files tab in ... Christopher Cope

12:34 PM Bug #14094: HAProxy "Write to Disk" files not being saved

Replying to add that nothing helpful is showing in the logs found in Status > System Logs:... Ryan V

12:31 PM Bug #14094 (Not a Bug): HAProxy "Write to Disk" files not being saved

pfSense v2.6.0, HAProxy package v0.61_7.
I am trying to save a map file via the Files tab in the HAProxy GUI. I ad... Ryan V

09:08 AM Bug #14088 (Resolved): pfsense 2.7-dev pfSense-pkg-snort installation failed!

Jim Pingle

01:03 AM Bug #14088: pfsense 2.7-dev pfSense-pkg-snort installation failed!

Yes, now I could install snort, thanks!!! Peter Moreno

03/10/2023

12:21 PM Bug #14075: Using the ``Transparent ClientIP`` option in HAproxy results in kernel panics

This is likely a bug in ipfw, which was included in 23.01. 23.05 does not contain the ipfw kernel module.
23.01:
... Christian McDonald

08:44 AM Bug #14088: pfsense 2.7-dev pfSense-pkg-snort installation failed!

I checked the Suricata port and it still uses luajit:luajit-openresty. Both work now. Christian McDonald

07:00 AM Bug #14088: pfsense 2.7-dev pfSense-pkg-snort installation failed!

Christian McDonald wrote in #note-3:
> Thanks Bill for the history, that was helpful.
>
> I set the luajit-openre... Bill Meeks

03/09/2023

09:17 PM Bug #14088 (Feedback): pfsense 2.7-dev pfSense-pkg-snort installation failed!

Thanks Bill for the history, that was helpful.
Honestly one of these days I need to audit the port options that we h... Christian McDonald

07:54 PM Bug #14088: pfsense 2.7-dev pfSense-pkg-snort installation failed!

Christian McDonald wrote in #note-1:
> This also impacts 23.05 snapshots.
>
> We currently build nginx with LUA supp... Bill Meeks

04:43 PM Bug #14088: pfsense 2.7-dev pfSense-pkg-snort installation failed!

This also impacts 23.05 snapshots.
We currently build nginx with LUA support (which we don't use). Snort also depend... Christian McDonald

11:49 AM Bug #14088 (Resolved): pfsense 2.7-dev pfSense-pkg-snort installation failed!

Hello.
I want to test snort on pfsense 2.7-dev latest version
But I receive this error:
>>> Installing pfSen... Peter Moreno

10:57 AM Regression #14043 (Feedback): Netgate Firmware Upgrade fails to mount EFISYS

Fixed in plus as of 67fef1ab045a. /mnt and /boot/efi are both unmounted prior to mounting the ESP at /mnt. Reid Linnemann

03/08/2023

07:06 AM Feature #14081 (New): Nagios

Hello,
I have a problem with the netgate in version 23.01 for Nagio monitoring.
After researching the problem of... Florian BELIARD

03/07/2023

08:51 AM Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset

Nunya Business wrote in #note-27:
> This problem has returned with the current version of the Wireguard package, 1.1... Prime BDE

03/06/2023

02:18 PM Bug #14079 (Rejected): Debug descriptions misleading

The current text is correct. There is no need to suppress anything, it's clearly explained in the result string.
E... Jim Pingle

01:28 PM Bug #14079 (Rejected): Debug descriptions misleading

the purpose of the debug button is... Jon Brown

03/05/2023

07:14 PM Bug #14075 (Not a Bug): Using the ``Transparent ClientIP`` option in HAproxy results in kernel panics

Report from a Netgate 7100 after upgrading to @23.01@.
Before disabling the @Transparent ClientIP@ option in hapro... Marcos M

01:52 PM Bug #14058: Update vendor=on triggers installation failure

Thanks Chris. Let’s wait and see then. Jan-Peter Koopmann