Project

General

Profile

Activity

From 03/12/2023 to 04/10/2023

04/10/2023

02:58 PM Bug #14228: pfBlockerNG might not support new Maxmind license keys
This was fixed in the 3.2.0_4 which is live. Artur Hawkwing
08:59 AM Todo #14194: Better colours for alerts
Sergei Shablovsky wrote in #note-2:
> Jim Pingle wrote in #note-1:
> > Green and Red are also not great choices bec...
Jim Pingle
07:34 AM Bug #14218 (Feedback): Deleting a shellcmd entry results in a PHP error and crash report
MR merged Jim Pingle

04/09/2023

04:22 PM Feature #13195: Dedicated website for Feed mangement - Community Driven
Jon Brown wrote in #note-1:
> or the website could be website where end users (me and others) can add feeds and repo...
Sergei Shablovsky
04:03 PM Todo #14194: Better colours for alerts
Jim Pingle wrote in #note-1:
> Green and Red are also not great choices because some people are red/green color blin...
Sergei Shablovsky
01:27 PM Bug #14258 (New): HA-proxy, IPV6-address in combination with portnumber => fatal
I am setting up HA-proxy using IPV4 and IPV6. When trying to define an IPV6 frontend, there is a prolbem
When e.g....
Louis B
04:11 AM Bug #14228: pfBlockerNG might not support new Maxmind license keys
I can confirm this issue.
I used a workaround on Reddit and it worked.
https://www.reddit.com/r/pfBlockerNG/comment...
aleksei prokofiev

04/08/2023

08:36 PM Todo #14073 (Confirmed): Shalla block list is offline but still available in pfBlocker
Confirmed in 23.01 and 2.7:
UPDATE PROCESS START [ v3.2.0_4 ] [ 04/9/23 01:34:56 ]
===[ DNSBL Process ]=====...
Kris Phillips
08:28 PM Bug #14021 (Incomplete): Squid ClamAV showing bytecode errors for version 334
Unable to confirm this. Here are my logs:
ClamAV - freshclam Logs
Message
bytecode.cvd database is up-to-date (v...
Kris Phillips
08:25 PM Bug #14108 (Confirmed): Antivirus Bases showing outdated main.cvd with a version dated year 2021
This doesn't appear to be a bug with the file not being downloaded. The file at http://database.clamav.net/main.cvd ... Kris Phillips
08:09 PM Bug #14228 (Confirmed): pfBlockerNG might not support new Maxmind license keys
I can confirm this behavior in 3.2.0_3 on 23.01 of pfSense Plus. Kris Phillips

04/07/2023

06:02 PM Regression #14024: PHP error in HAProxy Widget with Show Client Traffic enabled
Sebastian Wagner wrote in #note-7:
> As a workaround, I change the file like this:
> [...]
> I don't know if the d...
Rodrigo Goncalves
01:27 PM Bug #14240 (Not a Bug): FRR OSPF Neighbor Not Detected for VTI Tunnels
It may have worked by accident, but it wasn't supposed to have worked that way. The interfaces were only intended to ... Jim Pingle
01:12 PM Bug #14240 (New): FRR OSPF Neighbor Not Detected for VTI Tunnels
Jim Pingle wrote in #note-4:
> Can't reproduce this, it's working fine here as it has for quite some time. Even on 23...
Kris Phillips
10:36 AM Bug #14240 (Not a Bug): FRR OSPF Neighbor Not Detected for VTI Tunnels
Can't reproduce this, it's working fine here as it has for quite some time. Even on 23.05 snapshots. Has to be a conf... Jim Pingle
10:02 AM Feature #14241 (New): The Abiility to Configure FreeRadius Proxy servers from the GUI
Currently adding radius proxy servers via the GUI is not supported. When a proxy listener is configured freeradius st... Boris Baeta

04/06/2023

10:09 PM Bug #14240: FRR OSPF Neighbor Not Detected for VTI Tunnels

to work around it (tested)
Add an IP(VIP) to the Localhost Firewall>Virtual IPs. (both sides, non used IPs)
ad...
Alhusein Zawi
09:41 PM Bug #14240: FRR OSPF Neighbor Not Detected for VTI Tunnels
Additional troubleshooting:
We re-saved the interfaces, restarted the FRR Zebra and OSPF service several times, dr...
Kris Phillips
09:40 PM Bug #14240 (Not a Bug): FRR OSPF Neighbor Not Detected for VTI Tunnels
Customer upgraded from 22.05 to 23.01 and FRR no longer showed a neighbor for a VTI tunnel with a /30 to an OSPF neig... Kris Phillips
12:10 PM Bug #14199: ACME - Issue with corrupted cert
I'm running pfSense+ 23.01 on a Netgate 2100.
This morning I was removing HAProxy (I've migrated to Nginx Proxy Ma...
Kevin Dorff
11:23 AM Regression #14024: PHP error in HAProxy Widget with Show Client Traffic enabled
As a workaround, I change the file like this:... Sebastian Wagner

04/05/2023

12:45 AM Feature #12889: FRR GUI add set ipv6 next-hop global
!https://i.imgur.com/ewwRoTm.jpg! yon Liu

04/04/2023

07:12 AM Regression #13958: Snort exits with signal 10 on arm32
Mateusz Guzik wrote in #note-2:
> Hi Bill, that was me.
>
> What changed is that there was a compiler update and ...
Bill Meeks
06:54 AM Regression #13958: Snort exits with signal 10 on arm32
Hi Bill, that was me.
What changed is that there was a compiler update and then it turned out some of the files *d...
Mateusz Guzik

04/03/2023

04:46 PM Regression #14232 (New): ntopng no longer tracks top talkers
ntopng version that now comes with pfsnese plus 23.01 no longer tracks top talkers across time(no historical tracking... Mike Moore
11:38 AM Regression #14189 (New): pfBlocker-NG: HA-Sync is not working
Marcos M
10:29 AM Regression #14189 (Duplicate): pfBlocker-NG: HA-Sync is not working
This issue has existed for some time unfortunately. It's covered by the following reports:
https://redmine.pfsense.or...
Marcos M
10:45 AM Bug #12916: pfBlockerNG-devel cron job does not trigger xmlrpc sync
Hello Marcos,
sadly this is not the same bug, because for me on pfSense+ 23.01 no update option worked, not even "...
name name
08:14 AM Bug #14220 (Duplicate): pfBlockerNG does not sync to HA secondary
Duplicate of #14189 Jim Pingle
08:11 AM Bug #13936 (Feedback): PHP error from RRD Graphs when attempting a query a newly created empty database
MR merged Jim Pingle
07:57 AM Feature #14193 (Duplicate): Website to add and remove feeds automatically
Jim Pingle

04/02/2023

03:21 PM Bug #14230: PHP error with pfBlockerNG
As a workaround, use the @System Patches@ package to apply the following patch (set @Path Strip Count@ to @0@).... Marcos M
03:11 PM Bug #14230 (New): PHP error with pfBlockerNG
On @pfBlockerNG-3.2.0_3@ and @pfSense-23.01@.... Marcos M
10:51 AM Bug #14075 (Feedback): Using the ``Transparent ClientIP`` option in HAproxy results in kernel panics
The original report was from a customer's system, however I have not been able to reproduce this either on 23.01 nor ... Marcos M
03:43 AM Bug #14228 (Resolved): pfBlockerNG might not support new Maxmind license keys
https://dev.maxmind.com/geoip/release-notes/2023?lang=en#changes-to-maxmind-license-keys
* New license keys will b...
Jon Brown
03:08 AM Feature #13195: Dedicated website for Feed mangement - Community Driven
or the website could be website where end users (me and others) can add feeds and report dead feeds that would then b... Jon Brown
03:06 AM Feature #14193: Website to add and remove feeds automatically
duplicate of #13195 - close this one Jon Brown

04/01/2023

08:49 PM Todo #14221: Sync settings and inline documentation needs improving
>>http is insecure because your password will be transmitted in plain text so use https
Not sure it's relevant to ...
Kris Phillips
03:35 AM Todo #14221 (New): Sync settings and inline documentation needs improving
This inline notes on the sync page (Firewall --> pfBlockerNG --> Sync) need improving.
* *Add: Allow Sync Pushes*
...
Jon Brown
08:34 PM Bug #14218: Deleting a shellcmd entry results in a PHP error and crash report
A diff of the merge request fixes the problem when applied as a system patch. Deleting a shellcmd job doesn't give an... Chris W
10:08 AM Bug #14218 (Pull Request Review): Deleting a shellcmd entry results in a PHP error and crash report
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/334 Christopher Cope
01:55 PM Bug #11477: FRR does not recognize some BFD options

not exist
frr 1.2_3
pfsense 23.01
Alhusein Zawi
11:17 AM Bug #14223 (New): Block Offenders - Incorrect statement/description
The description on the options 'Block Offenders' is incorrect for 'inline mode' but still valid for 'Legacy Mode'
...
Jon Brown
10:55 AM Bug #14220: pfBlockerNG does not sync to HA secondary
Apparently my search for "sync" wasn't good enough. Apologies for the dupe. Steve Y
06:46 AM Bug #14220: pfBlockerNG does not sync to HA secondary
I alreay created a bug for it, see https://redmine.pfsense.org/issues/14189 .
No feedback yet, if someone is even ...
name name

03/31/2023

05:27 PM Bug #14220 (Duplicate): pfBlockerNG does not sync to HA secondary
After making changes they are not replicated to the secondary. E.g. on /pfblockerng/pfblockerng_ip.php check "kill s... Steve Y
04:28 PM Bug #14218 (Resolved): Deleting a shellcmd entry results in a PHP error and crash report

1. Install the shellcmd package from System > Package Manager.
2. Services > shellcmd >
Command: ...
Chris W

03/30/2023

02:16 PM Regression #13978: PHP errors with squidGuard
Additionally:... Steve Wheeler
07:19 AM Bug #14203 (Rejected): Zabbix Agent 6.2 installation fails
The package installs fine (both agent and proxy) so whatever problem you are encountering is likely unique to your se... Jim Pingle
04:19 AM Bug #14203 (Rejected): Zabbix Agent 6.2 installation fails
I see that this issue is reported a couple of times, i.e. https://redmine.pfsense.org/issues/13587 however it still p... Rajib Momen

03/29/2023

05:29 PM Bug #14199: ACME - Issue with corrupted cert
Hi Jim .
My bad, I said HAProxy by mistake, I am using ACME for this, attached screenshot
Juan Francisco Rodriguez Garcia
11:57 AM Bug #14199: ACME - Issue with corrupted cert
The attached configuration snippet isn't a valid configuration for ACME. I'm not sure how it ended up in that state, ... Jim Pingle
02:58 PM Todo #14202 (Resolved): Rename exported OpenVPN connect files as "connect" rather than "ios"
Some of the files have names that are not following the same rules as the rest. I have made corrections to some of th... Jon Brown
10:02 AM Bug #14200 (New): WireGuard reply-to without NAT
I have discovered that the WireGuard package requires the interface to have the gateway set for the reply-to rules to... Carrnell Tech

03/28/2023

05:34 PM Bug #14199: ACME - Issue with corrupted cert
Attaching the Acme section of my config.xml backup which had this issue after upgrading to the new release on Feb 17 ... Jerold Von Hemel
04:55 PM Bug #14199 (Resolved): ACME - Issue with corrupted cert
Hi team
After creating a new cert in HAProxy i got an timeout on the webui interface then receive this error:
P...
Juan Francisco Rodriguez Garcia
02:25 PM Todo #14194: Better colours for alerts
Green and Red are also not great choices because some people are red/green color blind, so ideally whatever colors ar... Jim Pingle
01:32 PM Todo #14194 (New): Better colours for alerts
on the page Firewall --> pfBlockerNG --> Reports --> unified (and others)
pfBlocker uses
* 'Red' for traffic st...
Jon Brown
01:50 PM Feature #14196 (Incomplete): permitted firewall rules - additional text
Firewall --> pfBlockerNG --> DNSBL --> DNSBL Configuration --> Permit Firewall Rules
Can you add some additional i...
Jon Brown
01:45 PM Feature #14195 (New): Customise what are class as Full Domains when blocking with DNSBL
Currently when a DNSBL is Blocked you get one of 2 pages depending what was looked up. Most lookups will end up beeb ... Jon Brown
01:26 PM Feature #14193 (Duplicate): Website to add and remove feeds automatically
I would like to see a website where end users (me and others) can add feeds and report dead feeds that would then be ... Jon Brown
11:22 AM Feature #14192 (Rejected): Instant Website Redaction Technology Not working
Hello Fellow Netgate Community Members,
I wanted to share some topics for discussion and possibly create a communi...
Jonathan Lee
09:33 AM Regression #14189: pfBlocker-NG: HA-Sync is not working
I understand, but I don't know what is "not" happening.
There are two choices when configuring Sync for pfBlockerN...
name name

03/27/2023

07:14 PM Regression #14189: pfBlocker-NG: HA-Sync is not working
Packages get updated directly, they don't get patches.
Also there is almost no detail here or on the linked forum ...
Jim Pingle
05:31 PM Regression #14189 (Closed): pfBlocker-NG: HA-Sync is not working
I'm not the only one with this problem.
See https://forum.netgate.com/topic/179060/pfblockerng-sync-not-working .
...
name name
11:27 AM Todo #9200: Add DNS support for Google domain to Acme manager
Ryan Keen wrote in #note-9:
> It appears that Google Domains has added support for DNS-01 ACME Challenges using a to...
Jim Pingle
08:53 AM Todo #14155 (Rejected): 'Block Outside DNS' option is present in the server and on the client
The two options cover different scenarios: The option in the base pushes to all clients, the option in the client exp... Jim Pingle
08:32 AM Bug #14142 (Rejected): PHP errors in OpenVPN Client Export package
Christopher is right, it looks like the package needs updating because @vpn_openvpn_export_shared.php@ is removed on ... Jim Pingle
08:14 AM Bug #14141 (Rejected): pfsense 2.6.0 -pfSense-pkg-squid installation failed!
This isn't a bug, but a problem with your current update settings. This site is not for support or diagnostic discuss... Jim Pingle
07:53 AM Feature #14126: Quality monitoring graph scale adjustment
Moving over to the graph frontend location since I'm fairly certain if it can be changed, it's in the parts located i... Jim Pingle

03/25/2023

06:43 PM Todo #12351: Remove non-functional feeds
shallalist is no longer updated, it needs to be removed from DNSBL categories
https://www.shallalist.de/ is comple...
Jordan G
06:34 PM Bug #13936 (Pull Request Review): PHP error from RRD Graphs when attempting a query a newly created empty database
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/333 Christopher Cope
07:49 AM Bug #14179 (New): FreeRadius is active but in an inoperable state, switches to a generated freeradius-temp certificate upon restart
I was testing my HA setup yesterday evening and used the "Enter Persistent CARP Maintenance Mode" button quite a few ... name name

03/23/2023

05:25 AM Feature #14160: Add Search Engine Group in feeds
This is so we can whitelist search engines "Search Engines IPv4", "Search Engines IPv6" Jon Brown
05:02 AM Feature #14160 (New): Add Search Engine Group in feeds
It would be good to get a search engine feed so you can either block them or use them as a whitelist. I have included... Jon Brown
05:22 AM Feature #14162 (New): Add 'Google Services' feed group
This group can be used to allow the blocking or whitelisting of google services. I have added what I found along with... Jon Brown
05:17 AM Feature #14161 (New): Add 'Microsoft Services' feed
This should include all of the Microsoft services and preferably in separate items. I have included links to the page... Jon Brown
03:17 AM Feature #14159 (New): Add netgate bogon feeds
Can you add the netgate bogon feeds.
* https://files.netgate.com/lists/
** https://files.netgate.com/lists/bogon-...
Jon Brown
02:48 AM Bug #13936: PHP error from RRD Graphs when attempting a query a newly created empty database
Can replicate on ... Lev Prokofev

03/22/2023

03:34 PM Feature #13200: Custom DNS Servers for Alert settings
One solution would be to deny:
LAN: Deny any != pfblockerng ip TCP/UDP:53
WAN: ANY outgoing TCP/UDP:53
And allow...
Carlos Montalvo J.
11:27 AM Todo #14155 (Rejected): 'Block Outside DNS' option is present in the server and on the client
I find this situation confusing and propose a couple of resolutions:
* If the option 'Block Outside DNS' should stay...
Jon Brown
11:22 AM Feature #11165: OpenVPN Exporter - Allow for name customization
I would like to see this so if I want, I can create more human readable connection names which are shown in the OpenV... Jon Brown
08:41 AM Bug #14142 (Not a Bug): PHP errors in OpenVPN Client Export package
This doesn't look like a bug. From the logs, the OpenVPN export package needs to be updated / reinstalled.
If that...
Christopher Cope
06:05 AM Bug #14142 (Rejected): PHP errors in OpenVPN Client Export package
Good moorning after installation last version of pf-sense, system shows Us the follow error related openvpn .
I am...
Stefano Raniero
08:40 AM Feature #14154 (New): Ability to use pfSense alias in IPv4 Custom_List
Firewall --> pfBlockerNG --> IP --> IPv4 --> edit/add --> IPv4 Custom_List
the reasons for this are:
* I only hav...
Jon Brown
08:36 AM Bug #14153 (New): default whitelist is not created
When I click on the button from the + button from the reports tab and follow the whitelisting, the default whitelist ... Jon Brown
08:08 AM Feature #14151 (New): Add (ASN) to IPv4 Custom_List information
Firewall --> pfBlockerNG --> IP --> IPv4 --> IPv4 Custom_List
the line ...
Jon Brown
08:05 AM Feature #14150 (New): Source and Destination information for IPv4 Custom_List and feeds
Firewall --> pfBlockerNG --> IP --> IPv4 --> list
When you edit/create a list you have to select an action type an...
Jon Brown
07:58 AM Feature #14149 (New): Make the NEXT Scheduled CRON counter active
I would like the countdown timer of the cron to be active. Like on an aution page of ebay. :)
Firewall --> pfBlock...
Jon Brown
07:54 AM Feature #14148 (New): Update alias information and error handling
On the following sections can you:
Firewall --> pfBlockerNG --> IP --> IPv4
*Advanced Inbound Firewall Rule Set...
Jon Brown
07:48 AM Feature #14147 (New): when you rename an alias the alias reference in pfsense Advanced Inbound/Outbound rules ar enot updated
I refer to the rules @ (Firewall --> pfBlockerNG --> IP --> IPv4)
I noticed that when I renamed an alias that the ...
Jon Brown
07:36 AM Bug #14146 (New): Small Typo in 'Advanced Outbound firewall rule settings' warning message
When creating an IPv4 outbound permit rule (Firewall --> pfBlockerNG --> Ip --> IPv4) and you leave the **Custom Prot... Jon Brown

03/21/2023

07:17 PM Bug #14054: pfBlockerNG can incorrectly modify firewall rules
It appears this related to the IPv4 IP list being updated, and happens during this step:... Marcos M
06:38 PM Bug #14141 (Rejected): pfsense 2.6.0 -pfSense-pkg-squid installation failed!
Hi guys,
Any help please.
I'm working on a lab project that is due in the comming days. Everything has worke fine u...
Jean Smail Origene
05:43 PM Todo #9200: Add DNS support for Google domain to Acme manager
It appears that Google Domains has added support for DNS-01 ACME Challenges using a token generated on Google Domains... Ryan Keen
01:56 PM Feature #8547: fwknop Port Knocking Package
I'd like to add a vote here, too. This would be *incredibly* useful.
Port knocking is not an _alternative_ to a VP...
Liquid Thex

03/20/2023

02:03 PM Bug #14116 (Duplicate): Squid Error went I press SAVE button.
Duplicate of https://redmine.pfsense.org/issues/13984
Missing Squid Reverse config values.
Steve Wheeler
10:19 AM Bug #14116: Squid Error went I press SAVE button.

Looks like Clamav is the issue, once I disable this services, the error is gone.

This is my config file:
cat...
Peter Moreno

03/19/2023

04:33 PM Regression #14024: PHP error in HAProxy Widget with Show Client Traffic enabled
I have the same issue but only affecting one of my deployments. As a workaround you can disable the haproxy service t... Hans Perera
11:25 AM Feature #14126 (New): Quality monitoring graph scale adjustment
If possible, it would be nice if the scale of the packet loss side of the onitoring graph was not the same as the lat... Chris Linstruth

03/18/2023

09:36 PM Bug #13985: Telegraf error After Update PFSense to 23.01
Unable to replicate in pfSense CE 2.7. Possible it's just an issue on Plus for some reason. Kris Phillips
09:30 PM Bug #14116: Squid Error went I press SAVE button.
Hello,
What settings do you have enabled and what page were you on that you clicked save to cause this issue? I'v...
Kris Phillips

03/16/2023

07:59 PM Bug #12399: WireGuard v0.1.5 - Tunnel Will Never Handshake Again After WAN Reset
Prime BDE wrote in #note-28:
> Nunya Business wrote in #note-27:
> > This problem has returned with the current ver...
Gianluca Semadeni
02:49 AM Feature #14101: Add Zabbix 6.4 packages
Should there be any help needed, I happen to be the maintainer of all zabbix ports. Juraj Lutter
12:52 AM Bug #14116: Squid Error went I press SAVE button.
Crash report begins. Anonymous machine information:
amd64
14.0-CURRENT
FreeBSD 14.0-CURRENT #1 devel-main-n2558...
Peter Moreno
12:51 AM Bug #14116 (Duplicate): Squid Error went I press SAVE button.
Hello, I have squid+SG on Pfsense 2.7-dev, testing.
I was trying to do a little change and went I press 'SAVE' butto...
Peter Moreno

03/15/2023

09:45 AM Bug #14113 (Duplicate): PHP Error: /usr/local/pkg/avahi/avahi.inc:76
Duplicate of #14019 Jim Pingle
02:22 AM Bug #14113 (Duplicate): PHP Error: /usr/local/pkg/avahi/avahi.inc:76
Just updated my pfsense box to 23.01 from 22.05. Everything was going smoothly, but on my first login i received a no... S Hunor

03/14/2023

01:42 PM Bug #14075: Using the ``Transparent ClientIP`` option in HAproxy results in kernel panics
I have returned ipfw to development snapshots so we can work on replicating and testing there. It is not possible to ... Christian McDonald
10:54 AM Bug #14108 (Rejected): Antivirus Bases showing outdated main.cvd with a version dated year 2021
Per ClamAV's website:
"ClamAV signatures come in a variety of formats, one for each of the distinct detection method...
Jonathan Lee

03/13/2023

05:27 PM Feature #14101 (Resolved): Add Zabbix 6.4 packages
https://www.freshports.org/net-mgmt/zabbix64-agent/
https://www.freshports.org/net-mgmt/zabbix64-proxy/
Tirso Ramirez
09:43 AM Feature #14100 (New): Use interface groups as an Alias for IP Interface/Rules Configuration
Hi
I understand that there is an order in how firewall rules are used but my suggestion is not for altering that.
...
Jon Brown
09:05 AM Regression #13978: PHP errors with squidGuard
Also:... Steve Wheeler

03/12/2023

04:02 PM Bug #13043: OSPF over Wireguard interface doesn't populate neighbors after reboot
Hi,
just wanted to confirm. I can reproduce this issue on all of my installations so far. Mostly PFsense CE 2.6.0 ...
Johann Lohberger
09:09 AM Regression #14097 (Duplicate): Upgrade to 23.01: PHP Fatal error: Uncaught TypeError: Unsupported operand types: string / int in /etc/inc/util.inc
Duplicate of #14024 Jim Pingle
01:28 AM Regression #14097 (Duplicate): Upgrade to 23.01: PHP Fatal error: Uncaught TypeError: Unsupported operand types: string / int in /etc/inc/util.inc
After the upgrade to version 23.01-RELEASE I right away got a message from the Crash reporter:... Sebastian Wagner
 

Also available in: Atom