Project

General

Profile

Activity

From 08/30/2023 to 09/28/2023

09/28/2023

09:49 PM Bug #14426: PHP errors in Lightsquid
Thank you!!! Jonathan Lee
09:46 PM Bug #14406: Squid Proxy version 0.4.46 Missing Error subfolder and files for "en" or "en-usa" and all other languages.
Thank you !! Jonathan Lee
09:45 PM Bug #14754: Snort security issue bug within tcp/UDP scan detection blocking tool DoS event
Again this is another example where the DNS resolver IP address that is set on the firewall is being used as a decoy ... Jonathan Lee
09:38 PM Bug #13811: Youtube content getting filtered on Squid when none is Selected
Does anyone know if this has this been resolved? I noticed I had to reapply the fix last update. Jonathan Lee
09:22 PM Feature #14786 (Duplicate): Add GUI option for host_verify_strict
Marcos M
08:25 AM Bug #14498: php errors when looking at snort active rules
The crash was produced in an attempt to grab the status output file, ticket #1936290053 there are no other PHP errors... Lev Prokofev

09/27/2023

04:59 PM Feature #9833: ACME: add ability to use custom ACME server
+1 as well. Many of the other servers running on-premises use the Step CA that is hosted internally. Allowing pfsense... Kevin Lewis
04:02 PM Bug #14815 (Resolved): ACME.sh ingnores Certificates in Trust Store
ACME.sh does not trust the certificates in /etc/ssl/certs. This a problem when you add a custom ACME provider.
Curl...
Hannes Gebhart
01:21 PM Bug #14806 (Resolved): Freeradius configuration lost when you reinstall package
Jim Pingle
04:51 AM Bug #14806: Freeradius configuration lost when you reinstall package
Tested on
23.05.1-RELEASE (amd64)
built on Wed Jun 28 03:57:27 UTC 2023
FreeBSD 14.0-CURRENT
freeradius3 0.15....
aleksei prokofiev
11:11 AM Bug #14554: PHP Fatal error: Uncaught TypeError: Cannot access offset of type string on string
Alex Kolesnik wrote:
> https://forum.netgate.com/topic/180950/error-on-pfblockerng-inc-5310-pfblockerng-devel-3-2-0_...
Lleir Esteves

09/26/2023

06:50 PM Bug #14390: Squid: SECURITY ALERT: Host header forgery detected
Or….
We could have a proper fix for this issue then the workarounds that aren’t scalable
Mike Moore
03:14 PM Bug #14390: Squid: SECURITY ALERT: Host header forgery detected
Simon Byrnand wrote in #note-10:
> Could you not just use "Bypass Proxy for These Destination IPs" under "Transpar...
Denis Roy
01:32 PM Bug #14390: Squid: SECURITY ALERT: Host header forgery detected
Denis Roy wrote in #note-9:
> I have a transparent deployment with pfSense 2.7.0, and a mitigation has been to rely o...
Simon Byrnand
12:49 PM Bug #14806: Freeradius configuration lost when you reinstall package
Paolo Rosso wrote in #note-7:
> I confirm that the <keep_settings> tag is not present in my config.xml.
> After ent...
Jim Pingle
08:19 AM Bug #14806: Freeradius configuration lost when you reinstall package
I confirm that the <keep_settings> tag is not present in my config.xml.
After entering settings and saving, the <kee...
Paolo Rosso

09/25/2023

05:51 PM Bug #14390: Squid: SECURITY ALERT: Host header forgery detected
I have a transparent deployment with pfSense 2.7.0, and a mitigation has been to rely on pfBlockerNG and custom NAT r... Denis Roy
05:38 PM Bug #14806 (Feedback): Freeradius configuration lost when you reinstall package
Fix committed and picked back to CE 2.7.0 and Plus 23.05.1
https://github.com/pfsense/FreeBSD-ports/commit/0048927...
Jim Pingle
05:32 PM Bug #14806 (In Progress): Freeradius configuration lost when you reinstall package
Jim Pingle
01:55 PM Bug #14806: Freeradius configuration lost when you reinstall package
I can't replicate this here but I can see how it might have happened.
If you never went to the Settings tab and cl...
Jim Pingle
05:33 PM Bug #14596 (Duplicate): FreeRADIUS falsely shows its default is to save data during package reinstall
Duplicate of #14806 but I already started working on that issue even though this one was older. Jim Pingle
05:31 PM Bug #14730: FreeRADIUS package has wrong/old internal_name specified in backup xml causing package reinstall failure on backup restore
That line was put in to help with #11888 so if it gets removed or changed that will need to be reopened or at least t... Jim Pingle
01:23 PM Bug #14808 (Closed): Configuring RPKI may break BGP
If it works on 23.09 then it seems like an issue in FRR with that particular configuration that's been fixed, and whe... Jim Pingle
12:23 PM Feature #14793: Package: sfpnfo, SFP Information
This reason is valid and true. I will think about starting a suggestion on how to improve the interface list.
Thank...
Marco Goetze
12:21 PM Feature #14793: Package: sfpnfo, SFP Information
If status_interfaces.php is insufficient in some way, the correct thing to do would be to fix or otherwise improve th... Jim Pingle
10:34 AM Feature #14793: Package: sfpnfo, SFP Information
Jim Pingle wrote in #note-1:
> This is not needed. SFP information is already printed on Status > Interfaces. If mor...
Marco Goetze

09/24/2023

09:51 PM Feature #11827: Please include acme deploy folder/scripts
I have just created a corresponding "pull request":https://github.com/pfsense/FreeBSD-ports/pull/1298. Markus *

09/23/2023

11:15 PM Feature #14729: OpenVPN Client Export - Support PLAP on Windows
Assigning to Jim P since he typically maintains this package. Kris Phillips
11:04 PM Bug #14806 (Confirmed): Freeradius configuration lost when you reinstall package
Kris Phillips
11:04 PM Bug #14806: Freeradius configuration lost when you reinstall package
Tested this on the latest 23.09 builds. Even with "Save settings after deletion" checked, all settings are erased on... Kris Phillips
11:34 AM Bug #14806 (Resolved): Freeradius configuration lost when you reinstall package
I did a simple freeradius configuration and entered a user.
If I reinstall freeradius from the package manager I los...
Paolo Rosso
10:53 PM Bug #14808 (Closed): Configuring RPKI may break BGP

enabling RPKI option breaks BGP.
rpki
rpki cache 10.100.100.134 9400 test preference 1
!
pfSense.home....
Alhusein Zawi
06:27 PM Bug #11434 (Resolved): SquidGuard over 1.16.18_11
Tested on 23.05_1
After adding ldapusersearch option into Group ACL...
Azamat Khakimyanov
06:06 PM Feature #11248 (Resolved): SafeSearch update
Tested on 23.05_1
Ecosia and Onesearch safesearch are available for SquidGuard 1.16_19...
Azamat Khakimyanov
05:54 PM Feature #10779 (Resolved): HAProxy SSL/TLS Compatibility Mode
Tested on 23.05_1
Option 'HAProxy SSL/TLS Compatibility Mode' is available now (HAproxy 0.63_1).
Choosing differe...
Azamat Khakimyanov
11:50 AM Regression #13978 (Resolved): PHP errors with squidGuard
Tested installing/uninstalling squid 0.4.46 and squidGuard 1.16.19.
There were no PHP errors.
I am marking thi...
Danilo Zrenjanin
06:33 AM Bug #14805: when I changed Endpoint ip via webgui, but wiregaurd still using old ip ruuning.
tested on
23.09-DEVELOPMENT (amd64)
built on 20230922-1539
FreeBSD 14.0-CURRENT
yon Liu
06:33 AM Bug #14805 (Incomplete): when I changed Endpoint ip via webgui, but wiregaurd still using old ip ruuning.
when I changed Endpoint ip via webgui, but the wiregaurd still using old Endpoint ip ruuning.
yon Liu

09/22/2023

12:45 PM Feature #14588 (Resolved): Add FRR diagnostic status output plugin
Works as desired on dev snapshots. We can tweak the output as needed over time if necessary. Jim Pingle

09/21/2023

02:07 AM Feature #14786: Add GUI option for host_verify_strict
Marcos, the problem is that the squid package is not respecting the host strict setting. The package is broken in tha... Mike Moore

09/20/2023

06:28 PM Bug #14390: Squid: SECURITY ALERT: Host header forgery detected
Hi Mike, (and others)
Thanks for commenting and having a look at this - I agree, with "host_verify_strict off", whic...
Simon Byrnand
05:05 PM Bug #14390: Squid: SECURITY ALERT: Host header forgery detected
host verify strict is set to OFF by default so technically we souldnt be having these /409 errors.
My suspicion is t...
Mike Moore
04:56 PM Bug #14390: Squid: SECURITY ALERT: Host header forgery detected
https://github.com/rudiservo/pfsense_storeid
This program was made for CDN maybe it can be expanded
Jonathan Lee
04:54 PM Bug #14390: Squid: SECURITY ALERT: Host header forgery detected

Could Squids storeID help resolve this?
https://wiki.squid-cache.org/Features/StoreID
https://forum.netgate...
Jonathan Lee
04:44 PM Bug #14390: Squid: SECURITY ALERT: Host header forgery detected
https://redmine.pfsense.org/issues/14786
I have also seen "UPP" utilizing this to get around non transparent mode ...
Jonathan Lee
04:46 PM Feature #14786: Add GUI option for host_verify_strict
I wish it did resolve this. Thanks for the information. I will keep researching. Jonathan Lee
04:30 PM Feature #14786: Add GUI option for host_verify_strict
This seems related:
https://redmine.pfsense.org/issues/14390
Keep in mind that a report on the forum mentions tha...
Marcos M
01:24 PM Todo #14795 (Pull Request Review): Transition to nut-devel
Jim Pingle
01:00 PM Bug #14797 (Not a Bug): FRR not propagating some kernel routes to Zebra table, breaking OSPF redistribution
This is most likely a problem in your configuration, or maybe an upstream bug in FRR on FreeBSD. Either way there isn... Jim Pingle

09/19/2023

11:18 PM Feature #14786: Add GUI option for host_verify_strict
host_verify_strict on
host_verify_strict off
Jonathan Lee
11:15 PM Feature #14786: Add GUI option for host_verify_strict
Ref:
http://www.squid-cache.org/Doc/config/host_verify_strict/
This option could be built into the GUI to bring m...
Jonathan Lee
10:42 PM Bug #14797 (Not a Bug): FRR not propagating some kernel routes to Zebra table, breaking OSPF redistribution
I recently upgraded a pfSense VM from 2.6.x to 2.7.0, and the FRR package was also updated from _something_ to 1.3_1
...
Geoffrey Davis
10:15 PM Bug #14796 (Resolved): ACME for domain registrar INWX in Germany
I am using ACME with INWX in Germany and automatic renewal has worked up to (at least) 11 July 2023. The latest renew... K. K.
09:23 PM Todo #14795 (Resolved): Transition to nut-devel
The current NUT package is based upon the 2.8.0 distribution of NUT. Unfortunately, since its release in April of 202... Denny Page
09:22 PM Feature #13575 (Waiting on Merge): Update to frr 9.0.1
Since frr9 has been released, we can upgrade to that instead. Ideally, it will be merged upstream first:
https://bug...
Marcos M
04:37 PM Feature #14793: Package: sfpnfo, SFP Information
And just double checked @jimp in scenarios like having a LAG the Mentioned Interface Status is not displaying any SFP... Marco Goetze
04:08 PM Feature #14793: Package: sfpnfo, SFP Information
I have a totally different opinion on this, the existing interface output is cluttered and not showing all needed inf... Marco Goetze
03:58 PM Feature #14793 (Rejected): Package: sfpnfo, SFP Information
This is not needed. SFP information is already printed on Status > Interfaces. If more detail is needed the additiona... Jim Pingle
03:21 PM Feature #14793 (Rejected): Package: sfpnfo, SFP Information
Submitted a PR for a Package displaying Information about inserted SFP / SFP+ Modules in a easy to access way in the ... Marco Goetze
03:14 PM Regression #14636 (Resolved): "Legacy" strength PKCS#12 Export needs ``-legacy`` provider parameter on OpenSSL command
Works as expected on current dev snapshots with the most recent export package. Jim Pingle

09/18/2023

08:19 PM Feature #14588 (Feedback): Add FRR diagnostic status output plugin
This is committed and will be in FRR pkg version 2.0.1 when it builds. Only in dev snapshots for now as it depends on... Jim Pingle
12:51 PM Bug #14771 (Feedback): Lightsquid creating multiple SSL certificates, not starting
Jim Pingle
12:47 PM Regression #14774 (Resolved): Lightsquid won't allow change the password.
Jim Pingle
12:46 PM Bug #14788 (Not a Bug): NtopNG high swap usage
(a) Not all swap usage is bad: https://docs.netgate.com/pfsense/en/latest/hardware/memory.html#not-all-swap-usage-is-... Jim Pingle

09/17/2023

09:56 PM Feature #9238: Add support for Zerotier
This is still a hope and a dream for me. Seems like a great way to add SD-WAN features to pfS. Corey Boyle
08:14 PM Regression #14774: Lightsquid won't allow change the password.
I update the package and now I can add user and change password, thanks team!!! Peter Moreno
05:40 AM Regression #14774: Lightsquid won't allow change the password.
Tested on 2.7.0-RELEASE (amd64)
built on Wed Jun 28 03:53:34 UTC 2023
FreeBSD 14.0-CURRENT
Lightsquid 3.0.7_3 Th...
aleksei prokofiev
12:56 AM Bug #14788 (Not a Bug): NtopNG high swap usage
+*Issue:*+
100% SWAP usage on pfSense+ 23.05.1-RELEASE after a number of days of uptime when the package NtopNG 0.8....
Denis O'Leary

09/16/2023

02:34 PM Feature #14787 (New): Feature request - Freeradius post-auth custom options
I would like to check if it is possible to add a custom options field for post-auth in Freeradius package.
This woul...
Marcelo Cury

09/15/2023

08:05 PM Feature #14786: Add GUI option for host_verify_strict
Keep in mind my concern is not of Apple's use of UPP rather for, when UPP Get requests are used invasively. How can a... Jonathan Lee
07:49 PM Feature #14786 (Duplicate): Add GUI option for host_verify_strict
Ref for research of UPP get requests:
https://forum.netgate.com/topic/182866/universal-procedure-pointers-upp-mzstat...
Jonathan Lee
12:17 PM Regression #14024 (Resolved): PHP error in HAProxy Widget with Show Client Traffic enabled
I couldn't reproduce this issue.
Tested against:...
Danilo Zrenjanin
10:33 AM Regression #14445 (Resolved): HAProxy PHP error /usr/local/www/haproxy/haproxy_global.php:138
I can not reproduce this issue.
Tested on packages:
HAproxy 0.63_1
haproxy-devel 0.63_1
I am marking this cas...
Danilo Zrenjanin

09/14/2023

01:03 PM Bug #14748: FRR reload script is not executed properly

i using frr webgui setup Route Handling not normal work also.
yon Liu
12:57 PM Regression #14774: Lightsquid won't allow change the password.
Hello Jim.
Other thing, there is a way to create users with lightsquid?
If I type newuser + password and save, ...
Peter Moreno
12:55 PM Bug #14780 (Not a Bug): The assigned Tailscale interface causes the "Network interface mismatch" on booting
Christian McDonald
12:17 PM Bug #14780: The assigned Tailscale interface causes the "Network interface mismatch" on booting
That is expected, users should not assign the Tailscale interface, it isn't meant to be used that way.
There may n...
Jim Pingle
10:13 AM Bug #14780 (Confirmed): The assigned Tailscale interface causes the "Network interface mismatch" on booting
I can confirm this behavior on the: ... Danilo Zrenjanin
07:16 AM Bug #14780: The assigned Tailscale interface causes the "Network interface mismatch" on booting
Tested on ... Lev Prokofev
07:09 AM Bug #14780 (Not a Bug): The assigned Tailscale interface causes the "Network interface mismatch" on booting
If you assign the tailscale0 as the interface, it will cause "Network interface mismatch" during the boot and prevent... Lev Prokofev
09:36 AM Bug #14711 (Resolved): pfBlocker ASN to IP Address option doesn't work
I am marking this case resolved. Danilo Zrenjanin
09:35 AM Bug #14711: pfBlocker ASN to IP Address option doesn't work
Yes, I can confirm it works again. ... Danilo Zrenjanin
05:21 AM Feature #14779 (New): dynamic dns for wireguard peer
Dear team;
we have multiple business with many branches the have smb internet with no static ip address assigned t...
Abdulaziz Al-Marwani

09/13/2023

12:25 PM Feature #14588: Add FRR diagnostic status output plugin
See #14777 for implementation details once that is complete. Jim Pingle

09/12/2023

05:45 PM Regression #14739 (Resolved): PHP error with lightsquid when generating an SSL certificate
Resolved with 3.0.7_1. Marcos M
05:04 PM Regression #14739 (Feedback): PHP error with lightsquid when generating an SSL certificate
Jim Pingle
03:31 PM Bug #14775 (New): FRR LocPrf and Weight is forced to 0
frr8-8.5.2
Because some upstream routes show that LocPrf and Weight are 0. FRR LocPrf and Weight is forced to 0
...
yon Liu
02:17 PM Regression #14774 (Feedback): Lightsquid won't allow change the password.
I pushed a fix for this, it will be available shortly. Jim Pingle
01:42 PM Regression #14774 (Resolved): Lightsquid won't allow change the password.
I had the latest version of lightsquid 1.8.5 3.0.7_2.
Is not accepting new password for the user 'admin'.
It wo...
Peter Moreno

09/11/2023

03:57 PM Regression #14739: PHP error with lightsquid when generating an SSL certificate
Fixed in commit @9be9459ba796313087ca34b63c3deee7f181faea@ it will be in the next snapshot builds. Jim Pingle
03:32 PM Regression #14739 (In Progress): PHP error with lightsquid when generating an SSL certificate
The new fix wasn't quite right (has a couple incorrect variable references. New fix coming momentarily. Jim Pingle
03:56 PM Bug #14771: Lightsquid creating multiple SSL certificates, not starting
I pushed a fix for this ( @52f6d98647b961eefa693ca3ab793785befd3a5d@ ), it should be available soon.
The fix could...
Jim Pingle
03:47 PM Bug #14771 (In Progress): Lightsquid creating multiple SSL certificates, not starting
I take that back, it's not related, but I fixed it when I fixed the other issue. Though when I fixed that, I used fun... Jim Pingle
03:40 PM Bug #14771 (Duplicate): Lightsquid creating multiple SSL certificates, not starting
This is from the change in #14739 -- that one is still open (in feedback state) so I'm closing this and noting the fi... Jim Pingle
02:14 PM Bug #14771 (Resolved): Lightsquid creating multiple SSL certificates, not starting
Hello we update lightsquid the latest version and we found that stop working.
Every time we try to access the repo...
Peter Moreno
03:14 AM Feature #14770: Search for addresses and ports optimization
I understand there is a note for admins to use regex style but there really should be a simplier way....
a seperate ...
Mike Moore
02:57 AM Feature #14770 (New): Search for addresses and ports optimization
The search field for source IP addresses requires a bit of optimization.
If you search for source IP 192.168.3.3 the...
Mike Moore

09/10/2023

03:32 PM Bug #14748: FRR reload script is not executed properly
yes, Now any changes need to restart the frr service to take effect. yon Liu
01:53 AM Regression #14739: PHP error with lightsquid when generating an SSL certificate
Hello.
Does this bug is related to the error about lightsquid creating certs each we try to access the reports and w...
Peter Moreno

09/09/2023

07:08 PM Regression #14764 (Confirmed): HAProxy local syslog not working
HAProxy package v0.63_1
Setting the syslog host to @/var/run/log@ in the HAProxy settings doesn't produce any entr...
Michael Vincent

09/08/2023

09:11 PM Bug #14711: pfBlocker ASN to IP Address option doesn't work
It seems to be working again for me! Hayden Hill
07:49 PM Feature #9833: ACME: add ability to use custom ACME server
+1 for me too. I'd like to set it up with FreeIPA 4.9 as it starts to support the ACME protocol for certificates. Ben Tyger
05:39 AM Bug #14748 (Confirmed): FRR reload script is not executed properly
I can confirm this behavior, the Frr keeps the neighbor config until the restart of the service
tested on
<pre...
Lev Prokofev
02:05 AM Feature #14539: Add support for Oracle Cloud Infrastructure (OCI) vNIC management to work with unicast CARP
Package PR: https://github.com/pfsense/FreeBSD-ports/pull/1291
With initial commit to introduce this capability.
James George

09/07/2023

04:07 PM Bug #14760 (New): When RPKI is enabled for filtering, no upstream routes are received
When RPKI is enabled for filtering, no upstream routes are received.
route-map RPKI deny 20
match rpki invalid
...
yon Liu
12:54 PM Bug #14460: PHP Fatal error: Uncaught TypeError: Cannot access offset of type string on string in /usr/local/pkg/haproxy/haproxy.inc:2158
Will open issue in TAC asap.
Currently I don't have a GUI ... because the LE-Cert-Renewal fails because of the non-wo...
Stefan Weichinger
12:52 PM Bug #14460: PHP Fatal error: Uncaught TypeError: Cannot access offset of type string on string in /usr/local/pkg/haproxy/haproxy.inc:2158
Stefan Weichinger wrote in #note-12:
> I have a 2nd pfSense (SG1100) that also has HAproxy not starting.
> Should I...
Jim Pingle
12:42 PM Bug #14460: PHP Fatal error: Uncaught TypeError: Cannot access offset of type string on string in /usr/local/pkg/haproxy/haproxy.inc:2158
I have a 2nd pfSense (SG1100) that also has HAproxy not starting.
Should I open a new issue in TAC, may I post the r...
Stefan Weichinger

09/06/2023

06:30 PM Feature #14032: Neighbor Discovery Proxy (NDproxy)
The port does not currently build on FreeBSD 14 according to:
https://gitlab.com/FreeBSD/freebsd-ports/-/commit/d738...
Marcos M
02:53 PM Bug #14754: Snort security issue bug within tcp/UDP scan detection blocking tool DoS event
Please Note:
bugs@snort.org does not respond to any emails with the report listed above. If you are reading this ...
Jonathan Lee
02:52 PM Bug #14754: Snort security issue bug within tcp/UDP scan detection blocking tool DoS event
Per Netgate Security Team on August 25, 2023 at 5:17:05 AM PDT:
Hello,
The Snort package for pfSense software i...
Jonathan Lee
02:50 PM Bug #14754 (Not a Bug): Snort security issue bug within tcp/UDP scan detection blocking tool DoS event
*Version:*
Snort 4.1.6_8 built on pfSense plus Netgate 2100 appliance running an ARM processor. Package is prebuilt...
Jonathan Lee
01:58 PM Bug #14753: pfBlockerNG sync issues
Tested on pfSense 23.05.1 and pfBlocker 3.2.0_6 and can confirm such issue. aleksei prokofiev
01:50 PM Bug #14753 (New): pfBlockerNG sync issues
pfBlockerNG sync user's password may cause sync issues and be recognised as an attacker by sshguard if it's password ... Georgiy Tyutyunnik

09/05/2023

08:04 PM Bug #14668: FRR BGP route is not making into kernel route table after WireGuard's peer change is applied
please upgrade pf23.09 and frr 8.5.2 for test yon Liu
07:58 PM Bug #12951: FRR cannot remove IPv6 routes

https://github.com/FRRouting/frr/issues/14205
23.09-DEVELOPMENT (amd64)
built on Tue Sep 05 05:55:55 UTC 2023...
yon Liu
07:39 PM Bug #14748 (Feedback): FRR reload script is not executed properly
I deleted frr Neighbors through webgui, but it was not deleted in frr.
That is, the deletion operation through pf...
yon Liu
05:12 PM Bug #14711: pfBlocker ASN to IP Address option doesn't work
For those looking for a workaround for now I found this. Can use it to pull a JSON.
https://github.com/ipverse/asn-ip
Hayden Hill
02:12 AM Bug #14711: pfBlocker ASN to IP Address option doesn't work
I can confirm this is an issue. ASN lookup no longer working for me. Hayden Hill
12:35 PM Bug #14747 (Needs Patch): softflowd sending same data with different snmp versions
That looks like something specific to the behavior of the daemon which is out of our control (unless there is a CLI/c... Jim Pingle

09/04/2023

11:36 PM Bug #14747: softflowd sending same data with different snmp versions
It seems that the problem is related to VLAN interfaces.
I've been doing some tests and if you set softflowd to coll...
Marcelo Cury
06:32 PM Bug #14747: softflowd sending same data with different snmp versions
upstream bug reported:
https://github.com/irino/softflowd/issues/51
Marcelo Cury
06:05 PM Bug #14747 (Needs Patch): softflowd sending same data with different snmp versions
My environment:
SG-4100 23.05.1, packages up to date and System patches applied.
sotflowd running on LAN, WIFI an...
Marcelo Cury
12:40 PM Feature #14712: CrowdSec package
Hi!
The package is ready for public testing.
Three things to read:
- the short repository readme - https://...
Marco Mariani
05:56 AM Bug #14745 (New): haproxy: backend, SSL health check
During testing with a backend HTTPS server, I wanted to test if the SSL health check would work; it did not.
So, I d...
Stephen Trotter
01:33 AM Feature #14468: pass along ntopng professional license key
Just an update to say I have now successfully installed NTOPNG Pro version, via console, and licensed it on latest ve... Russ Reynolds

09/02/2023

07:12 PM Bug #14659: vlan (add/modify/delete) with pfblockerNG installed - all interfaces flap
This is still an issue but I have a feeling it’s related to 14484
Edit any interface will lead to a reconfiguration ...
Mike Moore
05:33 PM Bug #14659: vlan (add/modify/delete) with pfblockerNG installed - all interfaces flap
do you still see this flapping issue after removing or correcting the unresolvable source/destination alias messages ... Jordan G
07:11 AM Feature #14629 (Resolved): Add option control LCDProc ``syslog`` behavior
Tested the package version:... Danilo Zrenjanin

09/01/2023

06:23 PM Regression #14739 (Feedback): PHP error with lightsquid when generating an SSL certificate
Should be fixed in commit @11ed1711e84357241c044c82e7f2be7186375e75@ (https://github.com/pfsense/FreeBSD-ports/commit... Jim Pingle
05:40 PM Regression #14739 (Resolved): PHP error with lightsquid when generating an SSL certificate
... Marcos M
04:24 PM Bug #14406 (Feedback): Squid Proxy version 0.4.46 Missing Error subfolder and files for "en" or "en-usa" and all other languages.
I tested this on 23.09 dev snapshots and I'm not able to replicate the issue. The files are in the directory:
{{co...
Marcos M
09:08 AM Bug #14730: FreeRADIUS package has wrong/old internal_name specified in backup xml causing package reinstall failure on backup restore
Let me try give you more info to reproduce. We have the issue on many devices not just one. We also had this issue on... Luca Piccirillo
06:54 AM Bug #14733: CARP Master before HA Proxy is started
Hi Jim,
Thanks for the quick response and suggestion. Changing the WebUI port makes sense to get rid of the confli...
Christopher de Haas
06:48 AM Bug #13405: Wireguard: The webgui becomes excessively slow to respond with a large number of peers
I can also confirm this, but its happening to me with only some Peers (exactly, 4 tunnels, about 10 peers in total) I... David Martin

08/31/2023

05:16 PM Bug #14406: Squid Proxy version 0.4.46 Missing Error subfolder and files for "en" or "en-usa" and all other languages.
"2Amos Jeffries 2023-08-29 18:26:02 UTC
AFAICT "0.4.46" is the version number of the pfsense plugin used to integra...
Jonathan Lee
02:43 PM Bug #14733 (Not a Bug): CARP Master before HA Proxy is started
Sounds like you have something misconfigured. You are trying to bind two things to the same port on the same address ... Jim Pingle
11:09 AM Bug #14733 (Not a Bug): CARP Master before HA Proxy is started
Pfsense becomes CARP master before HA proxy is started. This is a significant problem and causes unneeded outages. Wh... Christopher de Haas
09:02 AM Bug #14730: FreeRADIUS package has wrong/old internal_name specified in backup xml causing package reinstall failure on backup restore
Just checked on pfSense 2.7.0
Backup version is the same as yours.
internal_name is still there as before.
Not sure ...
Luca Piccirillo
06:41 AM Bug #14730: FreeRADIUS package has wrong/old internal_name specified in backup xml causing package reinstall failure on backup restore
I couldn't reproduce this issue on the:... Danilo Zrenjanin
07:24 AM Bug #14670 (Resolved): net-snmp does not ignore /var/unbound/dev
The latest release 0.1.5_11 contains the ignoreDisk directive for /var/unbound/dev ... Danilo Zrenjanin

08/30/2023

09:01 PM Bug #14108: Antivirus Bases showing outdated main.cvd with a version dated year 2021
Also confirmed via Andrew C. Aitchison of ClamAV users support email system.
"It is a very big file and stores the...
Jonathan Lee
02:12 PM Feature #8547: fwknop Port Knocking Package
I'm willing to chip in, help code this myself or hire someone to develop this. Either way I'd like to see this packa... Alan V
02:09 PM Feature #8547: fwknop Port Knocking Package
I really want to see this as well. I'll explain why people want fwknop or at the minimum knockd support...
Fwknop...
Alan V
12:49 PM Bug #14722 (Duplicate): Snort Rule Update time settings does not create cron job correctly with certain times
Jim Pingle
12:49 PM Bug #14724 (Resolved): Suricata package incorrectly accounts for 24-hour rollover when creating automated rules update cron task and a 12-hour update interval is selected
PR merged, thanks! Jim Pingle
12:49 PM Bug #14723 (Resolved): Snort package incorrectly handles rollover from 23 to 00 hours when calculating rules update cron task times
PR merged, thanks! Jim Pingle
11:14 AM Bug #14730 (New): FreeRADIUS package has wrong/old internal_name specified in backup xml causing package reinstall failure on backup restore
When backing up with package info included:... Luca Piccirillo
 

Also available in: Atom