Activity
From 03/12/2023 to 04/10/2023
04/10/2023
-
02:58 PM Bug #14228: pfBlockerNG might not support new Maxmind license keys
- This was fixed in the 3.2.0_4 which is live.
-
08:59 AM Todo #14194: Better colours for alerts
- Sergei Shablovsky wrote in #note-2:
> Jim Pingle wrote in #note-1:
> > Green and Red are also not great choices bec... -
- MR merged
04/09/2023
-
04:22 PM Feature #13195: Dedicated website for Feed mangement - Community Driven
- Jon Brown wrote in #note-1:
> or the website could be website where end users (me and others) can add feeds and repo... -
- Jim Pingle wrote in #note-1:
> Green and Red are also not great choices because some people are red/green color blin... -
01:27 PM Bug #14258 (New): HA-proxy, IPV6-address in combination with portnumber => fatal
- I am setting up HA-proxy using IPV4 and IPV6. When trying to define an IPV6 frontend, there is a prolbem
When e.g.... -
04:11 AM Bug #14228: pfBlockerNG might not support new Maxmind license keys
- I can confirm this issue.
I used a workaround on Reddit and it worked.
https://www.reddit.com/r/pfBlockerNG/comment...
04/08/2023
-
08:36 PM Todo #14073 (Confirmed): Shalla block list is offline but still available in pfBlocker
- Confirmed in 23.01 and 2.7:
UPDATE PROCESS START [ v3.2.0_4 ] [ 04/9/23 01:34:56 ]
===[ DNSBL Process ]=====... -
- Unable to confirm this. Here are my logs:
ClamAV - freshclam Logs
Message
bytecode.cvd database is up-to-date (v... -
- This doesn't appear to be a bug with the file not being downloaded. The file at http://database.clamav.net/main.cvd ...
-
- I can confirm this behavior in 3.2.0_3 on 23.01 of pfSense Plus.
04/07/2023
-
06:02 PM Regression #14024: PHP error in HAProxy Widget with Show Client Traffic enabled
- Sebastian Wagner wrote in #note-7:
> As a workaround, I change the file like this:
> [...]
> I don't know if the d... -
- It may have worked by accident, but it wasn't supposed to have worked that way. The interfaces were only intended to ...
-
- Jim Pingle wrote in #note-4:
> Can't reproduce this, it's working fine here as it has for quite some time. Even on 23... -
- Can't reproduce this, it's working fine here as it has for quite some time. Even on 23.05 snapshots. Has to be a conf...
-
10:02 AM Feature #14241 (New): The Abiility to Configure FreeRadius Proxy servers from the GUI
- Currently adding radius proxy servers via the GUI is not supported. When a proxy listener is configured freeradius st...
04/06/2023
-
10:09 PM Bug #14240: FRR OSPF Neighbor Not Detected for VTI Tunnels
to work around it (tested)
Add an IP(VIP) to the Localhost Firewall>Virtual IPs. (both sides, non used IPs)
ad...-
- Additional troubleshooting:
We re-saved the interfaces, restarted the FRR Zebra and OSPF service several times, dr... -
- Customer upgraded from 22.05 to 23.01 and FRR no longer showed a neighbor for a VTI tunnel with a /30 to an OSPF neig...
-
12:10 PM Bug #14199: ACME - Issue with corrupted cert
- I'm running pfSense+ 23.01 on a Netgate 2100.
This morning I was removing HAProxy (I've migrated to Nginx Proxy Ma... -
11:23 AM Regression #14024: PHP error in HAProxy Widget with Show Client Traffic enabled
- As a workaround, I change the file like this:...
04/05/2023
-
12:45 AM Feature #12889: FRR GUI add set ipv6 next-hop global
- !https://i.imgur.com/ewwRoTm.jpg!
04/04/2023
-
07:12 AM Regression #13958: Snort exits with signal 10 on arm32
- Mateusz Guzik wrote in #note-2:
> Hi Bill, that was me.
>
> What changed is that there was a compiler update and ... -
06:54 AM Regression #13958: Snort exits with signal 10 on arm32
- Hi Bill, that was me.
What changed is that there was a compiler update and then it turned out some of the files *d...
04/03/2023
-
04:46 PM Regression #14232 (New): ntopng no longer tracks top talkers
- ntopng version that now comes with pfsnese plus 23.01 no longer tracks top talkers across time(no historical tracking...
-
11:38 AM Regression #14189 (New): pfBlocker-NG: HA-Sync is not working
-
- This issue has existed for some time unfortunately. It's covered by the following reports:
https://redmine.pfsense.or... -
10:45 AM Bug #12916: pfBlockerNG-devel cron job does not trigger xmlrpc sync
- Hello Marcos,
sadly this is not the same bug, because for me on pfSense+ 23.01 no update option worked, not even "... -
- Duplicate of #14189
-
- MR merged
-
04/02/2023
-
- As a workaround, use the @System Patches@ package to apply the following patch (set @Path Strip Count@ to @0@)....
-
- On @pfBlockerNG-3.2.0_3@ and @pfSense-23.01@....
-
- The original report was from a customer's system, however I have not been able to reproduce this either on 23.01 nor ...
-
03:43 AM Bug #14228 (Resolved): pfBlockerNG might not support new Maxmind license keys
- https://dev.maxmind.com/geoip/release-notes/2023?lang=en#changes-to-maxmind-license-keys
* New license keys will b... -
- or the website could be website where end users (me and others) can add feeds and report dead feeds that would then b...
-
- duplicate of #13195 - close this one
04/01/2023
-
- >>http is insecure because your password will be transmitted in plain text so use https
Not sure it's relevant to ... -
- This inline notes on the sync page (Firewall --> pfBlockerNG --> Sync) need improving.
* *Add: Allow Sync Pushes*
... -
08:34 PM Bug #14218: Deleting a shellcmd entry results in a PHP error and crash report
- A diff of the merge request fixes the problem when applied as a system patch. Deleting a shellcmd job doesn't give an...
-
10:08 AM Bug #14218 (Pull Request Review): Deleting a shellcmd entry results in a PHP error and crash report
- https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/334
-
not exist
frr 1.2_3
pfsense 23.01-
- The description on the options 'Block Offenders' is incorrect for 'inline mode' but still valid for 'Legacy Mode'
... -
10:55 AM Bug #14220: pfBlockerNG does not sync to HA secondary
- Apparently my search for "sync" wasn't good enough. Apologies for the dupe.
-
- I alreay created a bug for it, see https://redmine.pfsense.org/issues/14189 .
No feedback yet, if someone is even ...
03/31/2023
-
- After making changes they are not replicated to the secondary. E.g. on /pfblockerng/pfblockerng_ip.php check "kill s...
-
1. Install the shellcmd package from System > Package Manager.
2. Services > shellcmd >
Command: ...
03/30/2023
-
02:16 PM Regression #13978: PHP errors with squidGuard
- Additionally:...
-
- The package installs fine (both agent and proxy) so whatever problem you are encountering is likely unique to your se...
-
04:19 AM Bug #14203 (Rejected): Zabbix Agent 6.2 installation fails
- I see that this issue is reported a couple of times, i.e. https://redmine.pfsense.org/issues/13587 however it still p...
03/29/2023
-
05:29 PM Bug #14199: ACME - Issue with corrupted cert
- Hi Jim .
My bad, I said HAProxy by mistake, I am using ACME for this, attached screenshot
-
- The attached configuration snippet isn't a valid configuration for ACME. I'm not sure how it ended up in that state, ...
-
- Some of the files have names that are not following the same rules as the rest. I have made corrections to some of th...
-
10:02 AM Bug #14200 (New): WireGuard reply-to without NAT
- I have discovered that the WireGuard package requires the interface to have the gateway set for the reply-to rules to...
03/28/2023
-
05:34 PM Bug #14199: ACME - Issue with corrupted cert
- Attaching the Acme section of my config.xml backup which had this issue after upgrading to the new release on Feb 17 ...
-
- Hi team
After creating a new cert in HAProxy i got an timeout on the webui interface then receive this error:
P... -
- Green and Red are also not great choices because some people are red/green color blind, so ideally whatever colors ar...
-
- on the page Firewall --> pfBlockerNG --> Reports --> unified (and others)
pfBlocker uses
* 'Red' for traffic st... -
- Firewall --> pfBlockerNG --> DNSBL --> DNSBL Configuration --> Permit Firewall Rules
Can you add some additional i... -
- Currently when a DNSBL is Blocked you get one of 2 pages depending what was looked up. Most lookups will end up beeb ...
-
- I would like to see a website where end users (me and others) can add feeds and report dead feeds that would then be ...
-
11:22 AM Feature #14192 (Rejected): Instant Website Redaction Technology Not working
- Hello Fellow Netgate Community Members,
I wanted to share some topics for discussion and possibly create a communi... -
- I understand, but I don't know what is "not" happening.
There are two choices when configuring Sync for pfBlockerN...
03/27/2023
-
- Packages get updated directly, they don't get patches.
Also there is almost no detail here or on the linked forum ... -
- I'm not the only one with this problem.
See https://forum.netgate.com/topic/179060/pfblockerng-sync-not-working .
... -
- Ryan Keen wrote in #note-9:
> It appears that Google Domains has added support for DNS-01 ACME Challenges using a to... -
- The two options cover different scenarios: The option in the base pushes to all clients, the option in the client exp...
-
- Christopher is right, it looks like the package needs updating because @vpn_openvpn_export_shared.php@ is removed on ...
-
- This isn't a bug, but a problem with your current update settings. This site is not for support or diagnostic discuss...
-
- Moving over to the graph frontend location since I'm fairly certain if it can be changed, it's in the parts located i...
03/25/2023
-
06:43 PM Todo #12351: Remove non-functional feeds
- shallalist is no longer updated, it needs to be removed from DNSBL categories
https://www.shallalist.de/ is comple... -
- https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/333
-
- I was testing my HA setup yesterday evening and used the "Enter Persistent CARP Maintenance Mode" button quite a few ...
03/23/2023
-
- This is so we can whitelist search engines "Search Engines IPv4", "Search Engines IPv6"
-
- It would be good to get a search engine feed so you can either block them or use them as a whitelist. I have included...
-
- This group can be used to allow the blocking or whitelisting of google services. I have added what I found along with...
-
- This should include all of the Microsoft services and preferably in separate items. I have included links to the page...
-
- Can you add the netgate bogon feeds.
* https://files.netgate.com/lists/
** https://files.netgate.com/lists/bogon-... -
02:48 AM Bug #13936: PHP error from RRD Graphs when attempting a query a newly created empty database
- Can replicate on ...
03/22/2023
-
03:34 PM Feature #13200: Custom DNS Servers for Alert settings
- One solution would be to deny:
LAN: Deny any != pfblockerng ip TCP/UDP:53
WAN: ANY outgoing TCP/UDP:53
And allow... -
- I find this situation confusing and propose a couple of resolutions:
* If the option 'Block Outside DNS' should stay... -
- I would like to see this so if I want, I can create more human readable connection names which are shown in the OpenV...
-
- This doesn't look like a bug. From the logs, the OpenVPN export package needs to be updated / reinstalled.
If that... -
06:05 AM Bug #14142 (Rejected): PHP errors in OpenVPN Client Export package
- Good moorning after installation last version of pf-sense, system shows Us the follow error related openvpn .
I am... -
- Firewall --> pfBlockerNG --> IP --> IPv4 --> edit/add --> IPv4 Custom_List
the reasons for this are:
* I only hav... -
- When I click on the button from the + button from the reports tab and follow the whitelisting, the default whitelist ...
-
- Firewall --> pfBlockerNG --> IP --> IPv4 --> IPv4 Custom_List
the line ... -
- Firewall --> pfBlockerNG --> IP --> IPv4 --> list
When you edit/create a list you have to select an action type an... -
- I would like the countdown timer of the cron to be active. Like on an aution page of ebay. :)
Firewall --> pfBlock... -
- On the following sections can you:
Firewall --> pfBlockerNG --> IP --> IPv4
*Advanced Inbound Firewall Rule Set... -
- I refer to the rules @ (Firewall --> pfBlockerNG --> IP --> IPv4)
I noticed that when I renamed an alias that the ... -
- When creating an IPv4 outbound permit rule (Firewall --> pfBlockerNG --> Ip --> IPv4) and you leave the **Custom Prot...
03/21/2023
-
- It appears this related to the IPv4 IP list being updated, and happens during this step:...
-
06:38 PM Bug #14141 (Rejected): pfsense 2.6.0 -pfSense-pkg-squid installation failed!
- Hi guys,
Any help please.
I'm working on a lab project that is due in the comming days. Everything has worke fine u... -
05:43 PM Todo #9200: Add DNS support for Google domain to Acme manager
- It appears that Google Domains has added support for DNS-01 ACME Challenges using a token generated on Google Domains...
-
01:56 PM Feature #8547: fwknop Port Knocking Package
- I'd like to add a vote here, too. This would be *incredibly* useful.
Port knocking is not an _alternative_ to a VP...
03/20/2023
-
- Duplicate of https://redmine.pfsense.org/issues/13984
Missing Squid Reverse config values. -
10:19 AM Bug #14116: Squid Error went I press SAVE button.
Looks like Clamav is the issue, once I disable this services, the error is gone.
This is my config file:
cat...
03/19/2023
-
04:33 PM Regression #14024: PHP error in HAProxy Widget with Show Client Traffic enabled
- I have the same issue but only affecting one of my deployments. As a workaround you can disable the haproxy service t...
-
11:25 AM Feature #14126 (New): Quality monitoring graph scale adjustment
- If possible, it would be nice if the scale of the packet loss side of the onitoring graph was not the same as the lat...
03/18/2023
-
- Unable to replicate in pfSense CE 2.7. Possible it's just an issue on Plus for some reason.
-
- Hello,
What settings do you have enabled and what page were you on that you clicked save to cause this issue? I'v...
03/16/2023
-
07:59 PM Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset
- Prime BDE wrote in #note-28:
> Nunya Business wrote in #note-27:
> > This problem has returned with the current ver... -
02:49 AM Feature #14101: Add Zabbix 6.4 packages
- Should there be any help needed, I happen to be the maintainer of all zabbix ports.
-
- Crash report begins. Anonymous machine information:
amd64
14.0-CURRENT
FreeBSD 14.0-CURRENT #1 devel-main-n2558... -
- Hello, I have squid+SG on Pfsense 2.7-dev, testing.
I was trying to do a little change and went I press 'SAVE' butto...
03/15/2023
-
- Duplicate of #14019
-
02:22 AM Bug #14113 (Duplicate): PHP Error: /usr/local/pkg/avahi/avahi.inc:76
- Just updated my pfsense box to 23.01 from 22.05. Everything was going smoothly, but on my first login i received a no...
03/14/2023
-
01:42 PM Bug #14075: Using the ``Transparent ClientIP`` option in HAproxy results in kernel panics
- I have returned ipfw to development snapshots so we can work on replicating and testing there. It is not possible to ...
-
- Per ClamAV's website:
"ClamAV signatures come in a variety of formats, one for each of the distinct detection method...
03/13/2023
-
05:27 PM Feature #14101 (Resolved): Add Zabbix 6.4 packages
- https://www.freshports.org/net-mgmt/zabbix64-agent/
https://www.freshports.org/net-mgmt/zabbix64-proxy/
-
- Hi
I understand that there is an order in how firewall rules are used but my suggestion is not for altering that.
... -
- Also:...
03/12/2023
-
04:02 PM Bug #13043: OSPF over Wireguard interface doesn't populate neighbors after reboot
- Hi,
just wanted to confirm. I can reproduce this issue on all of my installations so far. Mostly PFsense CE 2.6.0 ... -
- Duplicate of #14024
-
- After the upgrade to version 23.01-RELEASE I right away got a message from the Crash reporter:...
Also available in: Atom