Activity
From 06/12/2023 to 07/11/2023
07/11/2023
-
09:52 PM Bug #13489 (Resolved): Tailscale Exit node without IPv6 connectivity break connections with Chromium based browser
- We are up to Tailscale v1.44.
> Tailscale 1.30.1 has been released which includes the fix for this issue. The upda... -
09:08 PM Bug #13515: Snort with PHP 8.1 - TypeError when saving edits to an interface
- I am still seeing this error in 2.7.0-RELEASE....
-
09:10 AM Bug #14554: PHP Fatal error: Uncaught TypeError: Cannot access offset of type string on string
- By reading /usr/local/pkg/pfblockerng/pfblockerng.inc it seems a few more lines down this part might be affected as w...
07/10/2023
-
08:13 PM Bug #14560: NRPE does not function properly on Plus 23.09 / CE 2.7.0
- Thank you all!
> So to re-summarize, these -5- 6 changes appear to restore 100% functionality from the previous rele... -
05:25 PM Bug #14560: NRPE does not function properly on Plus 23.09 / CE 2.7.0
- @TomTheOne: I'd suggest rebooting after making the five changes I listed above. nrpe3.sh definitely seems to get gene...
-
- Ok, I think I've got this figured out... nrpe3.sh gets automatically generated, so disregard my previous comment rega...
-
- In my case, nrpe is already running by manually starting the service via start-script in /usr/local/etc/rc.d/nrpe.
I... -
- Sorry for the confusion Tom. Those changes do indeed fix it on my system, but after seeing your comment I just did so...
-
- Thank you
> So in summary, these 4 changes appear to restore 100% functionality from the previous release:
>
> /... -
- Two more notes:
(1) At least on my system, the command="/usr/local/sbin/nrpe" change had to be made to /usr/local/... -
- In addition to the daemon name being changed from nrpe3 to nrpe, I've noticed that the associated check command has a...
-
07:27 PM Bug #14566 (Confirmed): Softlflowd package don't send ICMP flows
- I am using the softflowd package v.1.2.6_1 on pfsense v.2.7.0
Apparently icmp traffic is not sent from the sensor to... -
01:06 PM Bug #14559 (Duplicate): nrpe 3.1_6 service control broken on pfSense 2.7.0
07/09/2023
-
08:03 AM Bug #14364: APCUPSD unable to process date string
- Perfect, thanks Kris :-)
-
01:44 AM Bug #14364 (Confirmed): APCUPSD unable to process date string
- Yeah we should add a date format option to the widget so that it properly displayed depending on user input.
-
- pfSense Plus 23.09 has the latest ClamAV 1.1.0, which is not vulnerable:
/usr/local/sbin/clamd --version
ClamAV 1... -
- The project appears to be primarily written for Debian-based Linux and the Summer of Code project from 2020 doesn't a...
-
- Tested on 23.09. Confirmed this behavior.
Editing /usr/local/etc/rc.d/nrpe to change this allows the service to...
07/08/2023
-
05:29 PM Bug #14562 (Resolved): PHP error when trying to run OSPF and BGP in the same time
- The following PHP error is thrown when you enable OSPF while the BGP service is already running....
-
04:02 PM Regression #14561 (Resolved): FRR errors accessing Global Settings after deleting BGP neighbor
- Steps to reproduce:
1. Install FRR.
2. Create a BGP neighbor without staring FRR.
3. Delete the neighbor.
4. Atte... -
- I can confirm this behavior.
Tested against:... -
- I can confirm this behavior.
Tested against:... -
- To be deleted, i posted in the wrong category.
Correct one here: https://redmine.pfsense.org/issues/14560 -
- nrpe 3.1_5 works smooth on pfSense 2.7.0, after the upgrade to nrpe 3.1_6 the service can not be controled anymore vi...
-
- nrpe 3.1_5 works smooth on pfSense 2.7.0, after the upgrade to nrpe 3.1_6 the service can not be controled anymore vi...
-
- Done, and it's fixed the problem and the widget is working again, but apctest expects the format in DD/MM/YY and the ...
-
06:56 AM Bug #14364: APCUPSD unable to process date string
- Are you able to try with the month and then day in the first and second numbers respectively when entering the date? ...
07/07/2023
-
-
09:37 PM Bug #14557: SSL Offloading configuration settings missing from frontends
- Andrew Cz wrote:
> The SSL Offloading section of any and all frontends are missing.
>
> I was expecting to see the s... -
- The SSL Offloading section of any and all frontends are missing.
I was expecting to see the section that can be fo... -
- Included in OpenVPN client export package 1.9. Will be in snapshots for testing, then release branches if it tests OK.
-
- Included in OpenVPN client export package 1.9. Will be in snapshots for testing, then release branches if it tests OK.
-
-
- Included in OpenVPN client export package 1.9. Will be in snapshots for testing, then release branches if it tests OK.
-
- The change from "ios" to "connect" would be good.
The change from "config" to "archive" is not needed, it is a con... -
06:15 PM Bug #14426: PHP errors in Lightsquid
- This occurs with 23.05.1 also
Attached is logs -
02:28 PM Bug #14556 (New): Tailscale dropping routes from FIB
- Installation has several tailscale nodes. The problematic node is a 6100. Some of the other nodes are 2100s.
At so... -
01:17 PM Feature #14101 (Feedback): Add Zabbix 6.4 packages
07/06/2023
-
-
03:00 PM Bug #13343: HAproxy cookie protection syntax needs updated
- Sorry for the duplicate report; for some reason I missed this one.
I've now prepared a pull request https://github... -
08:36 AM Bug #14553: Call to undefined function sync_package_filer()
- ...
-
- https://forum.netgate.com/topic/180220/filer-package-xmlrpc-sync-error
-
- https://forum.netgate.com/topic/180950/error-on-pfblockerng-inc-5310-pfblockerng-devel-3-2-0_5...
-
07:06 AM Bug #13432: ups driver will not start
- The root cause appears to be the kernel not recognizing some UPS models as a UPS. See discussion here:
https://fo...
07/05/2023
-
05:51 PM Bug #14406: Squid Proxy version 0.4.46 Missing Error subfolder and files for "en" or "en-usa" and all other languages.
- @jonathanlee and @pete-wright I wanted to confirm that I had not seen this thread and had performed similar steps to ...
-
- With the accept DNS option enabled (default):...
-
- https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/commit/543e81ef566acdd95d4c13f04f3535c62e1e9ac4
Done. -
- Duplicate of #13343
-
07/04/2023
-
04:45 AM Feature #14539 (New): Add support for Oracle Cloud Infrastructure (OCI) vNIC management to work with unicast CARP
- Add the ability to invoke OCI APIs to relocate secondary IPs (i.e. CARP VIPs) on vNICs when CARP VIP events occur in ...
-
01:27 AM Feature #14538 (Resolved): Add switch for Tailscale DNS
- from cmacdonald on Reddit - Add a simple knob to the Tailscale section of the pfSense Web UI to toggle whether pfSens...
07/03/2023
-
11:00 PM Regression #14452: Prometheus node_exporter generates errors with the default config
- I stumbled upon this today. This PR [[https://github.com/prometheus/node_exporter/pull/2584]] may provide additional ...
-
- On PFSense 2.7.0, with haproxy 0.61_10 package installed.
Create a haproxy backend, edit it and enable the "Cookie... -
02:56 AM Bug #14498: php errors when looking at snort active rules
- In the interest of coming to a resolution on this ticket...
The issue identified here is more of a generic problem w... -
- @Christopher Cope
I wanted to also take the time to message you and say I am sorry for the reply with, "If you do no... -
- @Ryan Coleman
Can you mark my open TAC ticket #1731574435 as closed as it is confirmed this is a code/software is... -
- Hello fellow Redmine members,
I do understand that adding my ISP issued IP address to the pass list and or suppres... -
- @Kris Phillips
Thanks for looking into this -
- @Marcos
Thanks for looking into this. -
- @Pete Wright thanks for confirming this issue.
07/02/2023
-
- @Bill Meeks
Thank you for confirming the code issue. As you quoted,
"No matter how much RAM is in the firewall,... -
11:48 PM Bug #14498: php errors when looking at snort active rules
- _How were you attempting to implement a paged output? Was it images that you created and or just accessing sections o...
-
- I would just make a buffered image and save it everytime that method was called on. It would save the file and open i...
-
- Thanks for your reply and looking into this at a granular level.
I noticed you said " _I've toyed around with tryi... -
- This is a consequence of the PHP process itself running out of memory. Because the output is being buffered in an att...
-
- The truth is, I really want to fix this PHP software issue, again I am still a student and rather overzealous when I ...
-
- Your ticket number is: 1731574435
-
- TAC ticket open with this referenced copy of config is loaded with my serial number. I hope that provides everything ...
-
- Also attached is *proof* that the custom rules I have in Snort are in use and functional within this regard.
_S... -
- After sometime I still show no memory errors inside of the SG-2100MAX for this timestamp.
Please let me know if y... -
- Per your request in 23.05.1
See attached system goes to blank screen error occurs and no errors in system logs tha... -
- I do also have custom rules active inside snort. I do not know if that causes it. As custom rules are pasted in and l...
-
- Hello thanks for the reply. This PHP error occurs when I attempt to view the active rules in snort. I only have 20 pe...
-
09:33 PM Bug #14491: FRR not starting with AgentX enabled
- We can confirm this also on our 2.7 Upgrade which broke FRR from starting (although I think its somthing to do with t...
07/01/2023
-
- confirming, same thing as above with 23.05.1 and pimd 0.0.3_6
-
- We'll need more information to confirm if this is actually a bug. It is possible you are hitting the memory limit in ...
06/30/2023
-
08:29 PM Bug #14532 (Not a Bug): Error is logged every time a domain in the DNSBL is temporarily unlocked or re-locked
- From the Reports > Alerts tab, when I click the red lock icon to temporarily unlock a domain listed under the DNSBL P...
-
-
03:47 PM Bug #14530 (Resolved): Suricata 6.0.13 package interface settings
- Hello,
The text label at _Services / Suricata / Interfaces / <IF>(Edit) / <IF>Flow/Stream / Stream Memory Cap_ say... -
12:56 PM Feature #14529: eBPFShield
- Also can send alerts to SIEM ie call outs to "ransomware_.com" or other nastyware infected machines calling out to c...
-
- https://github.com/sagarbhure/eBPFShield
Advanced host monitoring and threat detection with eBPF 🛡️
eBPFShield ... -
- Tested on: ...
06/29/2023
-
04:23 PM Feature #9141: FRR xmlrpc
- To understand the set up then.
nodeA and nodeB will have sepearate routing neighbors probably exchanging the same ... -
- This can be achieved through Advanced pass-thru.
I am only advocating having a GUI option available to create users/... -
03:05 PM Feature #9833: ACME: add ability to use custom ACME server
- +1 as well. Also a shout out to Step CA. There are more and more options for ACME endpoints hosted privately, this ...
-
06:45 AM Bug #14460: PHP Fatal error: Uncaught TypeError: Cannot access offset of type string on string in /usr/local/pkg/haproxy/haproxy.inc:2158
- I have the exact same block of three lines on another appliance. So this might be some result of upgrades and changes...
-
- I can confirm that after removing the lines, there are no PHP errors, and the service starts successfully.
-
12:38 AM Bug #14523 (Resolved): PHP error when using an unsupported alias type in Advanced Rule Settings
- Confirmed on both 2.6, 2.7-RC and 23.05 using pfBlockerNG-Devel 3.2.0_5 and 3.2.0_4. Removing pfBlockerNG-devel packa...
06/28/2023
-
09:28 PM Bug #14426: PHP errors in Lightsquid
- Hi, it is happening in 4100 too.
Crash report begins. Anonymous machine information:
amd64
14.0-CURRENT
Free... -
- Found my way: fixed now. Thanks for your help.
-
- Tried editing with `viconfig`: as HAproxy is down, ACME couldn't pull a LetsEncrypt-Cert, so no GUI right now ... edi...
-
- Stefan Weichinger wrote in #note-6:
> Jim Pingle wrote in #note-5:
> Great, thanks. How would I do this? HAproxy is... -
- Jim Pingle wrote in #note-5:
> This is your problem, the configuration is invalid:
>
> [...]
>
> If you delete... -
- This is your problem, the configuration is invalid:...
-
- May I ask for help again? We'd like to see this issue solved ... thanks
-
- Yes, it's consistent with the package not updating during the upgrade. Updating the package to the current (fixed) co...
-
05:41 PM Bug #14519: PHP Error: Cannot access offset of type string on string in /usr/local/pkg/status_traffic_totals.inc:189
- This is strange as I get this error every time I log into the web interface. I've reinstalled the package and now the...
-
- OK I've tried but I can't reproduce this. The only thing I can think of is that somehow your system was trying to exe...
-
- Looks like it's one of a common set of errors we've seen where the config has no (or a partial/empty) OpenVPN config ...
-
- It seems that this error was already topic in #13775
Crash report begins. Anonymous machine information:
amd64... -
-
05:23 PM Bug #14509: PHP Error in ``vpn_openvpn_export.php``
- Issue fixed by manually upgrading the openvpn-client-export package:
---------------------------------------------... -
12:00 AM Feature #9238: Add support for Zerotier
- Any update on this?
I third this idea
06/27/2023
-
- Hello fellow pfsense Redmine team members,
I have found an issue where SNORT starts to block out my ip address th... -
- Add the ability through the GUI to provide basic authentication for either frontend or backend pools
You can hack ...
06/26/2023
-
10:03 PM Bug #14510 (New): match rpki invalid What is actually executed is match rpki valid
- when i setup match rpki invalid for deny, then actually executed is match rpki valid for deny.
please your check a... -
- When clicking 'VPN >> OpenVPN >> Client Export' the following issue occurs (Intel Celeron 1005M):
----------------... -
06/25/2023
-
- https://cybercrime-tracker.net/fuckerz.php - 500 server error
https://cybercrime-tracker.net/all.php - 500 server er... -
- Looks good in syslog-ng v1.16, radio box is present at bottom of config
!clipboard-202306242332-gmfwm.png!
06/24/2023
-
- Kris Phillips wrote in #note-1:
> Tested with an APC UPS on 23.05 with the latest apcupsd package. Unable to reprod...
06/23/2023
-
- Thanks for all you do, I appreciate you.
-
- PR Merged
-
- A fix for this issue has been submitted in Pull Request 1269: https://github.com/pfsense/FreeBSD-ports/pull/1269. Thi...
-
- PR Merged
-
- A fix for this issue has been submitted in Pull Request 1269: https://github.com/pfsense/FreeBSD-ports/pull/1269. Thi...
-
- PR Merged
-
- A fix for this has been submitted in Pull Request 1271: https://github.com/pfsense/FreeBSD-ports/pull/1271. This issu...
-
08:23 AM Bug #14504 (Incomplete): FTP_Client_Proxy package doesn't create firewall rule
- I've installed FTP_Client_Proxy 0.3_8 on pfSense plus 23.05. I enabled the FTP client proxy services, but it doesn't ...
06/22/2023
-
- I was able to replicate this issue. It is caused by a misplaced early Base64 decode of a config parameter. A fix will...
-
- Not sure exactly why the input string is too long in this case, but I did find in the PHP interpreter source code tha...
-
- The code used to generate the @snort.conf@ file for an interface should validate one of the ARP preprocessor options ...
06/21/2023
-
- Hello Fellow Redmine community members,
I found another php error when I go to look at active rules with Snort fo... -
09:57 PM Bug #14495 (Not a Bug): Snort does not contain DetectorFini() function
-
- I did not know this. Thanks for the reply. I have attached this for future reference should someone search for the sa...
-
- This is not a bug. This is due to having incorrect user-supplied text rules for the current version of the OpenAppID ...
-
- Detector cisco_content_group_dummy_detectors.lua: does not contain DetectorFini() function
I have been getting t... -
- I had to enable unicast Arp checks for the error to stop. After that it never returned. I was under the impression th...
-
- I am unable to replicate this issue. I installed the latest 2.7.0-BETA of CE on a virtual machine, enabled the ARP Sp...
-
- Hello fellow redmine team can you please help I am getting some weird bug errors. I have apr spoof detection enabled ...
-
12:07 PM Regression #14493: FRR,PHP errors when deleting neighbor
- Additional note.
If you disable the FRR service - you can delete anything without errors. -
06:47 AM Regression #14493: FRR,PHP errors when deleting neighbor
- I can confirm that error
Tested on... -
- Steps to reproduce:
Go to Services=>FRR=>BGP=>Neighbors
1)Add new neighbor
2)Set IP\name
3)Set remote AS
4)S... -
- Additional note.
If you disable the FRR service - you can delete anything without errors. -
- Steps to reproduce:
1)Create AS-path list
2)Delete As-path list
Looks like related to https://redmine.pfsense.... -
- I get this error on 23.05, without any config except enabling the service and setting the password. PHP error log att...
-
- side note: I think found out why my codespaces environment won't run, I have the free account. It is similar to https...
06/20/2023
-
06:43 PM Bug #14491 (Confirmed): FRR not starting with AgentX enabled
- After upgrading to pfSense 2.7.0 Beta, FRR wont't start with AgentX enabled in the configuration.
Syslog...
06/19/2023
-
09:06 AM Bug #14489 (New): FRR needs delayed startup
- Hi,
FRR is currently started before completing Wireguard tunnels initialization:
[FRR startup]
*2023-06-17 18... -
- I have attached a very simple example of a Java version of try catch. I am positive you know try catch very well. My ...
-
- https://github.com/pfsense/FreeBSD-ports/tree/devel/security/snort
Thanks for the reply again,
I wanted to as...
06/18/2023
-
-
- Please reference Bug #14483
I have the option "Ignore IPsec Restart" enabled under Global Settings in FRR.
Any... -
-
- The Snort package on pfSense is an open source volunteer maintained contribution. The source code for both the GUI an...
-
- use ctrl + click and deselect any interface (previously) highlighted and attempt to save lldpd settings...
06/17/2023
-
- Hello,
What "leftovers" are you referring to? Please provide reproduction step-by-step with what you expect and w... -
03:25 PM Bug #14480: Faulty IDS rules can prevent Snort from starting
- I'll chime in with another view point that I find disturbing. Not classifying this as a bug, or at the least a securi...
-
- Thanks for the reply Bill Meeks,
Please let me attempt to pitch this one more time as a bug and not a feature to y... -
- This is not a bug. The problem described here was caused by a faulty rules update file produced and distributed by a ...
-
- Main issue: Snort fails completely open within this situation. Snort does not function at all during this.
-
- Note: some of the regex expressions were mixed up when posting this please ref the screen shots.
-
- https://support.google.com/work/android/answer/10513641?hl=en
https://support.apple.com/en-gb/HT210060
Each of ...
06/16/2023
-
- To quote bemeeks,
" _This will have to be fixed by the Emerging Threats rule writers. They will release an updated... -
- To quote valete3. . .
_"Emerging threats released out of band rules update to resolve.
https://community.emergi... -
- FATAL ERROR: /usr/local/etc/snort/snort_4851_ix0/rules/snort.rules:19567: Can't use flow: stateless option with other...
-
06:20 PM Bug #10436: softflowd no longer sends flow data after upgrade (v0.9.9_1 -> v1.0.0)
- fyi.. after upgrading to pfsense 23.05 & softflowd 1.2.6_1, stability has returned.. two weeks of uptime so far.
-
- Can confirm, the service is running but there is no traffic sent to the Zabbix server. Works fine on 23.01
Tested ...
06/14/2023
-
10:08 PM Bug #14475 (Resolved): PHP Error: suricata_check_for_rule_updates.php:820
- PHP Error from Suricata when updating:...
06/13/2023
-
- Thanks for creating this issue.
Could it be that the lua-script used in the HAproxy-config triggers these errors?
...
06/12/2023
-
09:18 PM Bug #14469 (Resolved): Snort Advanced config pass-through encodes entries
- When attempting to add a custom snort.conf config line using the Snort Advanced Configuration Pass-Through feature, t...
-
Also available in: Atom