pfSense » pfSense Packages

09/04/2023

11:36 PM Bug #14747: softflowd sending same data with different snmp versions

It seems that the problem is related to VLAN interfaces.
I've been doing some tests and if you set softflowd to coll... Marcelo Cury

06:32 PM Bug #14747: softflowd sending same data with different snmp versions

upstream bug reported:
https://github.com/irino/softflowd/issues/51 Marcelo Cury

06:05 PM Bug #14747 (Needs Patch): softflowd sending same data with different snmp versions

My environment:
SG-4100 23.05.1, packages up to date and System patches applied.
sotflowd running on LAN, WIFI an... Marcelo Cury

12:40 PM Feature #14712: CrowdSec package

Hi!
The package is ready for public testing.
Three things to read:
- the short repository readme - https://... Marco Mariani

05:56 AM Bug #14745 (New): haproxy: backend, SSL health check

During testing with a backend HTTPS server, I wanted to test if the SSL health check would work; it did not.
So, I d... Stephen Trotter

01:33 AM Feature #14468: pass along ntopng professional license key

Just an update to say I have now successfully installed NTOPNG Pro version, via console, and licensed it on latest ve... Russ Reynolds

09/02/2023

07:12 PM Bug #14659: vlan (add/modify/delete) with pfblockerNG installed - all interfaces flap

This is still an issue but I have a feeling it’s related to 14484
Edit any interface will lead to a reconfiguration ... Mike Moore

05:33 PM Bug #14659: vlan (add/modify/delete) with pfblockerNG installed - all interfaces flap

do you still see this flapping issue after removing or correcting the unresolvable source/destination alias messages ... Jordan G

07:11 AM Feature #14629 (Resolved): Add option control LCDProc ``syslog`` behavior

Tested the package version:... Danilo Zrenjanin

09/01/2023

06:23 PM Regression #14739 (Feedback): PHP error with lightsquid when generating an SSL certificate

Should be fixed in commit @11ed1711e84357241c044c82e7f2be7186375e75@ (https://github.com/pfsense/FreeBSD-ports/commit... Jim Pingle

05:40 PM Regression #14739 (Resolved): PHP error with lightsquid when generating an SSL certificate

... Marcos M

04:24 PM Bug #14406 (Feedback): Squid Proxy version 0.4.46 Missing Error subfolder and files for "en" or "en-usa" and all other languages.

I tested this on 23.09 dev snapshots and I'm not able to replicate the issue. The files are in the directory:
{{co... Marcos M

09:08 AM Bug #14730: FreeRADIUS package has wrong/old internal_name specified in backup xml causing package reinstall failure on backup restore

Let me try give you more info to reproduce. We have the issue on many devices not just one. We also had this issue on... Luca Piccirillo

06:54 AM Bug #14733: CARP Master before HA Proxy is started

Hi Jim,
Thanks for the quick response and suggestion. Changing the WebUI port makes sense to get rid of the confli... Christopher de Haas

06:48 AM Bug #13405: Wireguard: The webgui becomes excessively slow to respond with a large number of peers

I can also confirm this, but its happening to me with only some Peers (exactly, 4 tunnels, about 10 peers in total) I... David Martin

08/31/2023

05:16 PM Bug #14406: Squid Proxy version 0.4.46 Missing Error subfolder and files for "en" or "en-usa" and all other languages.

"2Amos Jeffries 2023-08-29 18:26:02 UTC
AFAICT "0.4.46" is the version number of the pfsense plugin used to integra... Jonathan Lee

02:43 PM Bug #14733 (Not a Bug): CARP Master before HA Proxy is started

Sounds like you have something misconfigured. You are trying to bind two things to the same port on the same address ... Jim Pingle

11:09 AM Bug #14733 (Not a Bug): CARP Master before HA Proxy is started

Pfsense becomes CARP master before HA proxy is started. This is a significant problem and causes unneeded outages. Wh... Christopher de Haas

09:02 AM Bug #14730: FreeRADIUS package has wrong/old internal_name specified in backup xml causing package reinstall failure on backup restore

Just checked on pfSense 2.7.0
Backup version is the same as yours.
internal_name is still there as before.
Not sure ... Luca Piccirillo

06:41 AM Bug #14730: FreeRADIUS package has wrong/old internal_name specified in backup xml causing package reinstall failure on backup restore

I couldn't reproduce this issue on the:... Danilo Zrenjanin

07:24 AM Bug #14670 (Resolved): net-snmp does not ignore /var/unbound/dev

The latest release 0.1.5_11 contains the ignoreDisk directive for /var/unbound/dev ... Danilo Zrenjanin

08/30/2023

09:01 PM Bug #14108: Antivirus Bases showing outdated main.cvd with a version dated year 2021

Also confirmed via Andrew C. Aitchison of ClamAV users support email system.
"It is a very big file and stores the... Jonathan Lee

02:12 PM Feature #8547: fwknop Port Knocking Package

I'm willing to chip in, help code this myself or hire someone to develop this. Either way I'd like to see this packa... Alan V

02:09 PM Feature #8547: fwknop Port Knocking Package

I really want to see this as well. I'll explain why people want fwknop or at the minimum knockd support...
Fwknop... Alan V

12:49 PM Bug #14722 (Duplicate): Snort Rule Update time settings does not create cron job correctly with certain times

Jim Pingle

12:49 PM Bug #14724 (Resolved): Suricata package incorrectly accounts for 24-hour rollover when creating automated rules update cron task and a 12-hour update interval is selected

PR merged, thanks! Jim Pingle

12:49 PM Bug #14723 (Resolved): Snort package incorrectly handles rollover from 23 to 00 hours when calculating rules update cron task times

PR merged, thanks! Jim Pingle

11:14 AM Bug #14730 (New): FreeRADIUS package has wrong/old internal_name specified in backup xml causing package reinstall failure on backup restore

When backing up with package info included:... Luca Piccirillo

08/29/2023

07:41 PM Bug #14108 (Rejected): Antivirus Bases showing outdated main.cvd with a version dated year 2021

2021 is the most recent main.cvd/main.cld file from ClamAV directly. The daily file gets updated more regularly.
F... Jim Pingle

06:40 PM Bug #14108: Antivirus Bases showing outdated main.cvd with a version dated year 2021

From Squid and indirectly also c-icap upstream(s):
Neither Squid nor c-icap have anything to do with the ClamAV dat... Amos Jeffries

06:31 AM Bug #14108: Antivirus Bases showing outdated main.cvd with a version dated year 2021

https://bugs.squid-cache.org/show_bug.cgi?id=5297
Bug zilla ticket also open for Squid side for more visibility of... Jonathan Lee

01:54 PM Feature #14729 (New): OpenVPN Client Export - Support PLAP on Windows

OpenVPN 2.6 for Windows introduced support for PLAP (Pre-Logon Access Provider). With this support, users get a new i... Pablo Bendersky

06:36 AM Bug #14341: Squid Cache Table Logs Showing incorrect date

https://bugs.squid-cache.org/show_bug.cgi?id=5298
Added to bugzilla for Squid for more support visibility Jonathan Lee

06:21 AM Bug #14406: Squid Proxy version 0.4.46 Missing Error subfolder and files for "en" or "en-usa" and all other languages.

https://bugs.squid-cache.org/show_bug.cgi?id=5296
Bugzilla Squid ticket now open for more Squid support visibility. Jonathan Lee

08/28/2023

05:15 PM Bug #14722: Snort Rule Update time settings does not create cron job correctly with certain times

This is a duplicate of bug 14723. My report of the user-identified issue and the acutal user's report of the same iss... Bill Meeks

04:37 PM Bug #14722 (Duplicate): Snort Rule Update time settings does not create cron job correctly with certain times

What happens is that when a combination of update interval and hour is set that adds up to 24, the script that create... Benjamin McRobert

05:13 PM Bug #14724: Suricata package incorrectly accounts for 24-hour rollover when creating automated rules update cron task and a 12-hour update interval is selected

Pull Request 1289 (https://github.com/pfsense/FreeBSD-ports/pull/1289) has been submitted to correct this issue. This... Bill Meeks

04:44 PM Bug #14724 (Resolved): Suricata package incorrectly accounts for 24-hour rollover when creating automated rules update cron task and a 12-hour update interval is selected

The Suricata package GUI incorrectly adjusts the starting hour for the automated rules update cron task when the user... Bill Meeks

05:12 PM Bug #14723: Snort package incorrectly handles rollover from 23 to 00 hours when calculating rules update cron task times

Pull Request 1288 (https://github.com/pfsense/FreeBSD-ports/pull/1288) has been submitted to resolve this issue.
T... Bill Meeks

04:38 PM Bug #14723 (Resolved): Snort package incorrectly handles rollover from 23 to 00 hours when calculating rules update cron task times

The Snort package incorrectly adjusts the rollover from 23:xx hours to 00:xx hours when creating the cron task for au... Bill Meeks

04:01 PM Bug #13432: ups driver will not start

I started having similar issue after upgrade to 2.7.0 (was working before)
got notices and saw "upsmon" giving "fail... Tom Bauer

01:02 PM Bug #14426 (Resolved): PHP errors in Lightsquid

The PR was merged. Jim Pingle

08/27/2023

08:05 AM Feature #9916 (Resolved): Check allow-transfer in custom option when the zone is slave

Tested on 23.05_1
Allow-transfer option check was added and there wasn't any bind error if I add this option into Cu... Azamat Khakimyanov

05:21 AM Feature #14710: Possible Idea for new firewall feature "ACL CONNECTED RED LED FLAG FEATURE"

Different way to iterate the variable for multiple cases
You can also use the the case command to iterate over t... Jonathan Lee

08/26/2023

11:57 PM Regression #13817: pfBlockerNG-devel cron jobs persist after the service is disabled or the package is uninstalled

on 23.05.1 and pfB 3.2.0_6 after working through getting the package to uninstall successfully (see https://redmine.p... Jordan G

11:47 PM Bug #14572: Unused DNSBL files may not be removed

Kris Phillips wrote in #note-1:
> Hello,
>
> Is this with the devel or stable branch of pfBlockerNG?
devel and... Jordan G

11:03 PM Bug #14287: pfBlockerNG does not uninstall cleanly when using RAM disks

This is still happening with pfBlockerNG 3.2.0_6. I believe I've found a workaround for this after chasing a few of t... Jordan G

07:08 AM Bug #14711 (Confirmed): pfBlocker ASN to IP Address option doesn't work

Tested on pfBlocker 3.2.0_6
It failed to load list.... Lev Prokofev

07:06 AM Bug #14718 (New): pfBlocker DNSBL IPs list action is wrongly named

!clipboard-202308260857-oz2vd.png!
Under *Firewall/pfBlockerNG/DNSBL* there is *DNSBL IPs* section.
The *Alias ... Danilo Zrenjanin

12:19 AM Feature #14710: Possible Idea for new firewall feature "ACL CONNECTED RED LED FLAG FEATURE"

Non standard colours also
@#!/bin/sh
pfctl -vvss | grep ', rule 79' >/dev/null
res=$?
if [ $res = 0 ];
then
... Jonathan Lee

08/25/2023

08:56 PM Bug #14426 (Pull Request Review): PHP errors in Lightsquid

https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/353 Marcos M

08:10 PM Regression #13984 (Resolved): PHP errors with squid

Marcos M

04:13 PM Bug #14714: HAProxy Agent Check

Bug No 2 is now described in Bug #14715 Jacques Bourdeau

03:56 PM Bug #14714: HAProxy Agent Check

Jacques Bourdeau wrote in #note-2:
> Jim Pingle wrote in #note-1:
> > Please create a separate issue entry for each... Jim Pingle

03:46 PM Bug #14714: HAProxy Agent Check

Jim Pingle wrote in #note-1:
> Please create a separate issue entry for each problem, even if they appear to be rela... Jacques Bourdeau

03:21 PM Bug #14714: HAProxy Agent Check

Please create a separate issue entry for each problem, even if they appear to be related.
Jim Pingle

03:03 PM Bug #14714 (New): HAProxy Agent Check

For my load balancing, I ended up needing to use Agent-based checks in HAProxy.
I configured it in my pfSense+ (23... Jacques Bourdeau

04:06 PM Bug #14715 (New): HAProxy Agent-Check are not enabled in the config despite being checked in the UI

Related to Bug #14714 which also does not populate the config file properly for agent-check based monitoring in HAPro... Jacques Bourdeau

04:01 PM Feature #14710: Possible Idea for new firewall feature "ACL CONNECTED RED LED FLAG FEATURE"

If anyone knows of a more efficient want to poll the state table, please let me know.
Have a good day Jonathan Lee

03:59 PM Feature #14710: Possible Idea for new firewall feature "ACL CONNECTED RED LED FLAG FEATURE"

Here is a photo of testing with the three LEDs enabled when rule 79 went active.
Does the state table counters als... Jonathan Lee

03:49 PM Feature #14710: Possible Idea for new firewall feature "ACL CONNECTED RED LED FLAG FEATURE"

I wonder if there is another way to do it maybe with the active state tables counters. Thanks for looking into this i... Jonathan Lee

03:27 PM Feature #14710: Possible Idea for new firewall feature "ACL CONNECTED RED LED FLAG FEATURE"

I don't see anything like that being added to the base system, but maybe someone might design a package around it.
... Jim Pingle

04:54 AM Feature #14710: Possible Idea for new firewall feature "ACL CONNECTED RED LED FLAG FEATURE"

Side note, I recently learned "The Air force one Executive Phone has a light on the back that lights up red when secu... Jonathan Lee

02:03 AM Feature #14710: Possible Idea for new firewall feature "ACL CONNECTED RED LED FLAG FEATURE"

pfctl -vvss| grep '192.168.1.11' would work great too as it would be IP address based not rule based
also
pfctl -vv... Jonathan Lee

01:26 AM Feature #14710: Possible Idea for new firewall feature "ACL CONNECTED RED LED FLAG FEATURE"

The capability is you can take any rule ID you have that establishes a connection and you could configure it to be us... Jonathan Lee

01:12 AM Feature #14710 (New): Possible Idea for new firewall feature "ACL CONNECTED RED LED FLAG FEATURE"

Hello fellow Netgate pfSense Redmine community members,
I wanted to share this with you all to see if this is any... Jonathan Lee

01:17 PM Feature #14712: CrowdSec package

e ok wrote:
> I think is not necessary another IPS, but I leave here If something consider that is more robust or go... Marco Mariani

12:32 PM Feature #14712 (New): CrowdSec package

I think is not necessary another IPS, but I leave here If something consider that is more robust or good tan Snort or... e ok

06:30 AM Bug #14711 (Resolved): pfBlocker ASN to IP Address option doesn't work

pfBlocker relies on Team Cymru IP to ASN Lookup v1.0 to get the list of prefixes for the defined ASN. But it seems th... Danilo Zrenjanin

06:12 AM Bug #12822 (Confirmed): IPv4 Source ASN format not working

I have tried to define the ASN format and it appears that it is still not working consistently. Occasionally, it does... Danilo Zrenjanin

08/24/2023

02:29 PM Feature #14706 (New): Add Cloudflare tunnel pkg

Hello everybody,
I've been using Cloudflare tunnel for more than an year as I'm now behind CGNAT so no more open p... Vlad Saftoiu

08/23/2023

05:18 PM Bug #14704 (Duplicate): FRR BGP Neighbor configuration page no longer displays BFD Peer(s) in the BFD section

Duplicate of #14654
It's already fixed in the most recent version of the package. Jim Pingle

05:10 PM Bug #14704 (Duplicate): FRR BGP Neighbor configuration page no longer displays BFD Peer(s) in the BFD section

Hello,
I can no longer select a BFD Peer when creating a FRR BGP neighbor.
As an example.
I have two (2) BFD... Michael Mercier

08/22/2023

07:16 PM Bug #14349 (Closed): The ClamAV 0.105.1 got a few vulnerabilities

It's already fixed in dev snaps, it'll come back naturally with the next release.
Jim Pingle

08/21/2023

02:01 PM Feature #14696: possible cross site scripting and URL manipulation shell access injection issue sgerror.php

Thanks for looking at this and testing the various inputs. I did not know about the other reporting URL I will use th... Jonathan Lee

01:52 PM Feature #14696 (Rejected): possible cross site scripting and URL manipulation shell access injection issue sgerror.php

That action is just echoing back the input to the user but as it passes through a query string and so on, the content... Jim Pingle

08/19/2023

05:47 PM Bug #14683: PHP error on ``status_frr.php`` from using too much memory

Since this is the same base issue solved by the PHP patch, I'm marking this as a duplicate of https://redmine.pfsense... Christopher Cope

05:47 PM Bug #14683 (Duplicate): PHP error on ``status_frr.php`` from using too much memory

Christopher Cope

12:05 AM Feature #14696: possible cross site scripting and URL manipulation shell access injection issue sgerror.php

/usr/local/www/sgerror.php
has no ability to disable internal error redirect functionality when utilizing externa... Jonathan Lee

12:03 AM Feature #14696: possible cross site scripting and URL manipulation shell access injection issue sgerror.php

In my case https://192.168.1.1:8080/sgerror.php?url=403%20Blocked%20by%20Mom%20and%20Dad&a=%a&n=%n&i=%i&s=%s&t=%t&u=%... Jonathan Lee

12:02 AM Feature #14696: possible cross site scripting and URL manipulation shell access injection issue sgerror.php

sgerror.php is also still accessible even with the internal error redirector redirecting to external site like Google... Jonathan Lee

08/18/2023

11:13 PM Feature #14696: possible cross site scripting and URL manipulation shell access injection issue sgerror.php

I wonder if there is any php injection vulnerabilities here. I did get it to say hello world. I noticed there is some... Jonathan Lee

10:48 PM Feature #14696: possible cross site scripting and URL manipulation shell access injection issue sgerror.php

if I can force it to say hello world, you could force it to say it a million times and do a denial of service attack ... Jonathan Lee

10:33 PM Feature #14696 (Rejected): possible cross site scripting and URL manipulation shell access injection issue sgerror.php

Hello fellow pfSense Redmine team,

I seem to have found an issue with sgerror.php allowing a user to adapt the ph... Jonathan Lee

04:31 PM Bug #14694 (Not a Bug): HAProcy

I'm using ACME certs with HAProxy and it works fine here, so it's not clear why yours might be failing.
This site ... Jim Pingle

05:02 AM Bug #14694 (Not a Bug): HAProcy

After the latest update I can no longer assign an ACME certificate to a HAProxy Frontend, not matter which certificat... Rick Strangman

08/17/2023

08:10 AM Bug #14683: PHP error on ``status_frr.php`` from using too much memory

and changed config.inc
// Set memory limit to 512M on amd64.
if ($ARCH == "amd64") {
ini_set("memory_limit", ... yon Liu

08:06 AM Bug #14683: PHP error on ``status_frr.php`` from using too much memory

i have changed php tomemory_limit = 1200M now,it is ok.
and if run frr bgp route, the kern.ipc.maxsockbuf must be ch... yon Liu

08/16/2023

12:57 PM Feature #14689 (Rejected): Warn users about the risks of using snort in a netgate pfsense device

There are already warnings in place in various locations about this.
For example: https://www.netgate.com/supporte... Jim Pingle

08/15/2023

09:30 PM Feature #14689 (Rejected): Warn users about the risks of using snort in a netgate pfsense device

Hello
I installed pfsense in a computer, running snort, protecting my network, it was awesome.... I decided to purch... Edgar Estrada

08/14/2023

12:15 PM Bug #14683: PHP error on ``status_frr.php`` from using too much memory

Probably too much data for that page to deal with (e.g. route table is gigantic).
It already tries to limit how th... Jim Pingle

08/13/2023

04:59 AM Bug #14683 (Duplicate): PHP error on ``status_frr.php`` from using too much memory

amd64
14.0-CURRENT
FreeBSD 14.0-CURRENT #1 plus-RELENG_23_05_1-n256108-459fc493a87: Wed Jun 28 04:26:04 UTC 202... yon Liu

08/12/2023

08:27 PM Bug #14643 (Not a Bug): Suricata PHP error after upgrade to CE 2.7.0

That is expected as the system upgrades the packages. Since it is working correctly after the upgrade, I'm marking th... Christopher Cope

08:26 PM Bug #14644 (Not a Bug): Zeek PHP error after upgrade to CE 2.7.0

e 1/1 wrote in #note-2:
> Kris Phillips wrote in #note-1:
> > Do any issues occur with the package post-upgrade or ... Christopher Cope

08/11/2023

07:44 PM Bug #14644: Zeek PHP error after upgrade to CE 2.7.0

Kris Phillips wrote in #note-1:
> Do any issues occur with the package post-upgrade or is just the upgrade PHP errors... e 1/1

05:38 PM Regression #14636 (Feedback): "Legacy" strength PKCS#12 Export needs ``-legacy`` provider parameter on OpenSSL command

I pushed this change on Wednesday:
https://github.com/pfsense/FreeBSD-ports/commit/f61ca6b81bab553e94046b1e6c5811a... Jim Pingle

03:52 PM Feature #14423: haproxy 2.7 QUIC support (+ maybe LUA 5.4?)

Pawel Piaskowy wrote:
> Hello,
>
> I appreciate all pfSense+ updates and efforts Team is doing (I am relatively new ... Torben Hørup

12:36 PM Bug #12899 (Resolved): Suricata doesn't honor Pass List

Jim Pingle

01:14 AM Bug #12899: Suricata doesn't honor Pass List

Another pass at resolving this long standing, but random, issue is in the code of Pull Request 1284 (https://github.c... Bill Meeks

12:36 PM Bug #14530 (Resolved): Suricata 6.0.13 package interface settings

Jim Pingle

01:11 AM Bug #14530: Suricata 6.0.13 package interface settings

This issue is resolved by Pull Request 1285 https://github.com/pfsense/FreeBSD-ports/pull/1285 merged on August 10, 2... Bill Meeks

08/10/2023

06:08 PM Bug #14676 (Confirmed): Listening Port option in the Tailscale configurator is not respected

Christian McDonald

05:37 PM Bug #14676: Listening Port option in the Tailscale configurator is not respected

David G wrote in #note-7:
> Christian McDonald wrote in #note-5:
> > I bet something else is already listening on 1... David G

05:27 PM Bug #14676: Listening Port option in the Tailscale configurator is not respected

Christian McDonald wrote in #note-5:
> I bet something else is already listening on 11111, forcing tailscaled to cho... David G

05:14 PM Bug #14676 (Not a Bug): Listening Port option in the Tailscale configurator is not respected

Christian McDonald

05:12 PM Bug #14676: Listening Port option in the Tailscale configurator is not respected

I bet something else is already listening on 11111, forcing tailscaled to choose another port to bind. Christian McDonald

05:09 PM Bug #14676: Listening Port option in the Tailscale configurator is not respected

David G wrote in #note-3:
> Christian McDonald wrote in #note-2:
> > I'm not able to replicate this report myself.
... David G

04:49 PM Bug #14676: Listening Port option in the Tailscale configurator is not respected

Christian McDonald wrote in #note-2:
> I'm not able to replicate this report myself.
Here are some screenshots of... David G

04:13 PM Bug #14676: Listening Port option in the Tailscale configurator is not respected

I'm not able to replicate this report myself. Christian McDonald

10:32 AM Bug #14676: Listening Port option in the Tailscale configurator is not respected

Tested on 2.7.0 and 23.05.1 , Tailscale 0.1.4
Can not reproduce, if I change listen port it always changed appropria... aleksei prokofiev

02:54 AM Bug #14676 (Confirmed): Listening Port option in the Tailscale configurator is not respected

The tailscaled process starts and listens on a random port, instead of the one specified. This causes things like dir... David G

02:15 PM Bug #14674 (Resolved): Error after upgrade to HAProxy 0.62_1

Jim Pingle

02:08 PM Bug #14674: Error after upgrade to HAProxy 0.62_1

It works for me too, thank you so much Crystian Geovani Dorabiatto

02:00 PM Bug #14674: Error after upgrade to HAProxy 0.62_1

It seems to be working properly now with the new build no errors. Thanks Willem-Jan v R

12:54 PM Bug #14674 (Feedback): Error after upgrade to HAProxy 0.62_1

I updated the non-devel version of the package with the code from -devel. The underlying versions of haproxy updated ... Jim Pingle

12:02 PM Bug #14674 (In Progress): Error after upgrade to HAProxy 0.62_1

Jim Pingle

11:56 AM Bug #14674: Error after upgrade to HAProxy 0.62_1

I had the same issue, Im using the Dev PKG but the Dev PKG has a lot of issue about SSL, in the past they fixed the s... Crystian Geovani Dorabiatto

11:36 AM Bug #14674: Error after upgrade to HAProxy 0.62_1

I had the same issue. Luckily the develop version was working. I didn't make a new boot environment to restore from.
... Willem-Jan v R

02:37 AM Bug #14674: Error after upgrade to HAProxy 0.62_1

Can confirm. Manually editing the file doesn't work. Kevin Ruffus

12:48 AM Bug #14674 (Resolved): Error after upgrade to HAProxy 0.62_1

Looks like nbproc is no long supported in the config file and needs to be removed in order to start the service.
E... Chad High

12:02 PM Regression #14675 (Duplicate): HA Proxy can’t commit changes

Duplicate of #14674 (it has the full non-cropped error message) Jim Pingle

01:40 AM Regression #14675 (Duplicate): HA Proxy can’t commit changes

There seems to an issue with commiting any changes in HA Proxy after a recent (today) package update.
There are foru... Mike Moore

08/09/2023

05:17 PM Bug #14671: LCDproc package does not automatically restart after upgrade

I don't believe it has anything to do with the configuration, but some sort of timing issue on when the package is st... Jim Pingle

04:03 PM Bug #14671 (New): LCDproc package does not automatically restart after upgrade

When upgrading LCDproc, the lcdproc daemon does not automatically restart.
One must re-save the LCDproc service se... Elvis Impersonator

02:11 PM Feature #14653: Update to LCPROC NTP Screen

I've noticed that as well sometimes but haven't yet been able to track it down. That would belong in its own separate... Jim Pingle

02:08 PM Feature #14653: Update to LCPROC NTP Screen

@jimp
23.05.1 I think there might a lingering bug with the package installer for LCDProc
After updating, LCDProc... Elvis Impersonator

01:33 PM Feature #14653: Update to LCPROC NTP Screen

Elvis Impersonator wrote in #note-3:
> @jimp will it take a few days before the updated package is released?
It ... Jim Pingle

01:21 PM Bug #14670 (Feedback): net-snmp does not ignore /var/unbound/dev

PR merged Jim Pingle

01:16 PM Bug #14670: net-snmp does not ignore /var/unbound/dev

PR: https://github.com/pfsense/FreeBSD-ports/pull/1283 Jim Pingle

01:15 PM Regression #14445 (Feedback): HAProxy PHP error /usr/local/www/haproxy/haproxy_global.php:138

PR merged -- also the same edit was made to the -devel package.
Jim Pingle

08/08/2023

10:34 PM Feature #14653: Update to LCPROC NTP Screen

@jimp will it take a few days before the updated package is released? Elvis Impersonator

08:41 PM Bug #14670 (Resolved): net-snmp does not ignore /var/unbound/dev

Net-snmp has ignoreDisk directives for devfs mount points /dev and /var/dhcpd/dev, but is missing an ignoreDIsk direc... Denny Page

07:42 PM Feature #13138: DNS over HTTPS/TLS Blocking should be removed from SafeSearch

The block list [if done by IP] offers the option to create an ALIAS which is more flexible then sink holing. I would ... Mike Moore

07:31 PM Bug #14668: FRR BGP route is not making into kernel route table after WireGuard's peer change is applied

Ive ran into a similar issue as well. The routes will appear in FRR but you check the pfsense route table the routes ... Mike Moore

04:22 PM Bug #14668 (New): FRR BGP route is not making into kernel route table after WireGuard's peer change is applied

I was able to reproduce this behavior in clear PfSense 2.7 setup with frr 1.3_1 and WireGuard 0.2.0_2, not sure which... Oleksii Tucha

07:27 PM Feature #14669 (New): pfblocker log rotation on schedule

Allow the option to set logroate option (daily,weekly,monthly)
Im using pfBlocker stats to fill in a report and beca... Mike Moore

08/07/2023

09:24 PM Bug #14659 (New): vlan (add/modify/delete) with pfblockerNG installed - all interfaces flap

Hard to say if this is a bug per se but its a reproducible problem.
1. create a LAGG with assigned VLANs and those... Mike Moore

07:13 PM Bug #14654 (Resolved): Can't select BFD Peer for BGP Neighbor in GUI, Route Maps are shown instead

Jim Pingle

06:55 PM Bug #14654: Can't select BFD Peer for BGP Neighbor in GUI, Route Maps are shown instead

Jim Pingle wrote in #note-4:
> Corrected packages are building now.
Updated, configured and checked on 2.7 - work... Oleksii Tucha

05:44 PM Bug #14654 (Feedback): Can't select BFD Peer for BGP Neighbor in GUI, Route Maps are shown instead

It doesn't appear that I introduced an error in the behavior of the function that gathers BFD peers but I did spot an... Jim Pingle

12:52 PM Bug #14654: Can't select BFD Peer for BGP Neighbor in GUI, Route Maps are shown instead

I probably made an error when updating all the FRR code for the new config access functions. I'll look into it today.
Jim Pingle

06:09 PM Feature #14653 (Feedback): Update to LCPROC NTP Screen

PR merged Jim Pingle

03:39 PM Bug #14496: FATAL ERROR: /usr/local/etc/snort/snort_11005_mvneta1/snort.conf(405) Please activate arpspoof before trying to use arpspoof_detect_host.

This error has returned for some reason Jonathan Lee

08/06/2023

09:14 AM Feature #14652: FRR OSPF6 not working over wireguard

Correct, I am relying on neighbor discovery. But even if I wanted to define a static neighbor, there would not be any... beermount beermount

03:02 AM Regression #14445: HAProxy PHP error /usr/local/www/haproxy/haproxy_global.php:138

Please see this pull request: https://github.com/pfsense/FreeBSD-ports/pull/1282 Alex Neihaus