Activity
From 03/04/2021 to 04/02/2021
04/02/2021
-
11:57 AM Bug #11466: PHP exits with signal 11 on SG-3100 when calling PCRE functions
- One of the issues identified in this ticket, the logging of "blank" interface names and the display of "Unknown" as t...
04/01/2021
-
04:26 PM Feature #11772: Layer 2 Tunnel Bonding Capability
- Bonus points on this one: A "wizard" which can be run on the "central office" end PF to create the configuration for...
-
04:22 PM Feature #11772 (New): Layer 2 Tunnel Bonding Capability
- Ability to tunnel traffic over multiple WAN connections back to another PF appliance at a central location in order t...
-
11:28 AM Bug #11770 (New): Pantech UML295 USB Modem No Longer Functional
- The Pantech UML295 modem in the USB port is caused pfSense to hang on reboot when upgrading to version 21.02 of the s...
03/31/2021
-
12:47 PM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- I am trying to reproduce with CE my scenario in a virtual environment and was having issues, good to know it doesn't ...
03/30/2021
-
05:10 PM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- I can confirm that it does not occur in CE v5.0. I had the config operational before I migrated to Netgate x7100 with...
-
04:10 PM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- Jordan Bradley wrote:
> I'm using community edition and this bug is affecting me.
Based on your description above... -
04:08 PM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- I'm using community edition and this bug is affecting me.
-
04:00 PM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- A few notes:
* This only appears to affect pfSense Plus, not CE, which explains why some people cannot reproduce t...
03/29/2021
-
10:12 AM Bug #11726 (Rejected): Network traffic stops with latest RC build.
- Unable to reproduce and not enough information to determine if there is a bug, or anything which can be done.
If y... -
03:16 AM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- Rick Strangman wrote:
> I attach a pfsense packet capture on the LAN side from the bad WAN2. You can see that the in...
03/28/2021
-
02:41 AM Bug #11741 (Closed): VLAN 1 description displays as "Default System VLANDefault System VLAN"
- internal issue NG 5952 created
-
12:23 AM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- I believe I'm also encountering this issue, at least a google for "pfsense rdr not working after upgrade" brought me ...
03/27/2021
-
11:30 PM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- I attach a pfsense packet capture on the LAN side from the bad WAN2. You can see that the initial SMTP request comes ...
-
04:28 AM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- Just wanted to add that this issue also impact IPv6 NPt with multiwan, please check this as well when fix will be at ...
-
03:33 PM Bug #11726: Network traffic stops with latest RC build.
- This may be a dup of ticket 11540.
-
11:42 AM Bug #11741: VLAN 1 description displays as "Default System VLANDefault System VLAN"
- Screenshot didn't make it. Here
!https://dsc.cloud/b854da/pb-A0SwdJGmBR/pb-A0SwdJGmBR.png! -
11:37 AM Bug #11741 (Closed): VLAN 1 description displays as "Default System VLANDefault System VLAN"
- In the GUI, the description for the default VLAN is printed twice:
!https://cln.sh/dd93kN!
I made a simple fix ...
03/26/2021
-
11:23 AM Feature #11732 (New): Add VXLAN Support to pfSense Plus
- VXLAN Support would be useful for scalable cloud deployments of pfSense Plus
03/25/2021
-
09:19 PM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- The issue is:
1. 2 x WAN, WAN1 & WAN 2, both DHCP
2. WAN1 set as default gateway
3. Both WANs have identical NAT r... -
08:10 PM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- Kris Phillips wrote:
> Testing with the following on amd64:
>
> 1. Created Port Forward from WAN address to inter... -
07:08 PM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- Kris,
I can reliably reproduce this bug on my systems. We are running 2 C2758s in a MultiWAN / HA config. We set... -
05:11 PM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- My setup is that I'm trying to do port forwarding on an openvpn client interface in order to forward a reserved port ...
-
05:01 PM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- Testing with the following on amd64:
1. Created Port Forward from WAN address to internal and WAN2 set as default ...
03/24/2021
-
09:17 PM Bug #11726 (Rejected): Network traffic stops with latest RC build.
- After updating to the RC build 21.02.2.r.20210324.0300 network traffic ceased. No NAT traffic was passing, each inter...
-
01:59 PM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- Svein Wisnaes wrote:
> Grzegorz Krzystek wrote:
> > last known working version is 2.4.5p1
> >
> > No ETA on this... -
07:32 AM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- Grzegorz Krzystek wrote:
> last known working version is 2.4.5p1
>
> No ETA on this, nor known workaround yet.
...
03/23/2021
-
11:15 AM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- I can concur that with 2 Wan Interfaces (different subnet in our case), with DMZ and LAN networks that traffic coming...
-
09:57 AM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- Thanks for that.
The only progress I can report so far is that this demonstrates that the initial SYN arrives and ... -
08:38 AM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- last known working version is 2.4.5p1
No ETA on this, nor known workaround yet.
-
08:34 AM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- Netgate XG-1537
21.02-RELEASE-p1 (amd64)
built on Mon Feb 22 09:39:51 EST 2021
FreeBSD 12.2-STABLE
2 x WAN wi... -
07:49 AM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- please check your mailbox ;)
-
07:44 AM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- Yes, that's the setup I have, and I'm unable to reproduce the problem. The port forwarding just work on both WAN and ...
-
05:44 AM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- What is funny is it need to be related with routing.
reflection nat works. this is impacting only when connection ca... -
05:33 AM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- Kristof Provost wrote:
> With a PPPoE setup I still can't reproduce the problem. Along with the latest report that's... -
05:22 AM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- With a PPPoE setup I still can't reproduce the problem. Along with the latest report that's fairly strong evidence th...
03/22/2021
-
04:43 PM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- I am not using PPPOE. Both WANs are DHCP. My config attached.
-
11:45 AM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- Thanks. I've not immediately spotted anything suspect in there.
However, it appears that all reports of this issue... -
08:48 AM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- I've so far been unable to reproduce this problem.
It's possible that I'm missing some relevant factor in my setup. ... -
09:58 AM Regression #11689 (Resolved): LEDs do not indicate available upgrade status
- Confirmed working on latest snapshot
03/20/2021
-
09:18 PM Bug #11630: WireGuard MultiWAN Not Failing Back to Tier 1
- Since Wireguard is being removed from the next release, this bug report should be closed out as Rejected.
-
09:14 PM Bug #11673: Thermal Sensors Non-functional on SG-3100
- Important to note that this seemed to work fine in the 2.4.5p1 images. Its just the newer release that has issues.
03/17/2021
-
10:25 AM Regression #11689: LEDs do not indicate available upgrade status
- Relevant commits:
https://gitlab.netgate.com/pfSense/factory/-/commit/2add5e3aaaa59a66b2de8789b39b61efff27dfb8
ht... -
10:07 AM Regression #11689: LEDs do not indicate available upgrade status
- I committed another change to use the middle LED for this rather than overloading the use of the ready LED, since the...
-
09:41 AM Regression #11689 (Feedback): LEDs do not indicate available upgrade status
- Fix committed, should be in tomorrow's image
-
08:44 AM Regression #11689 (Resolved): LEDs do not indicate available upgrade status
- LEDs are not being updated when a new upgrade is available.
Only affects Plus.
Variable in @etc/rc.update_pkg_m...
03/16/2021
-
07:11 PM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- I have the same problem with 21.02. No VPN's just straight multi-wan. WAN2 (non-default) responds to a ping and works...
-
03:27 PM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- Sounds like it may be related to my issue as well (#11630). It was working normally on my daily build from January du...
03/15/2021
-
06:32 AM Bug #11673: Thermal Sensors Non-functional on SG-3100
- I can reproduce it here even on a 21.02.2 snapshot. It's specific to the Thermal Sensors widget and not the temperatu...
03/13/2021
-
11:18 PM Bug #11673: Thermal Sensors Non-functional on SG-3100
- Unable to reproduce
Could be related to #11443 -
10:01 PM Bug #11673: Thermal Sensors Non-functional on SG-3100
- Kris Phillips wrote:
> The Dashboard Widget for the SG-3100 showing the thermal sensor information gets stuck on "Up... -
06:20 PM Bug #11673 (Duplicate): Thermal Sensors Non-functional on SG-3100
- The Dashboard Widget for the SG-3100 showing the thermal sensor information gets stuck on "Updating...." in pfSense P...
03/12/2021
-
10:31 PM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- Sounds like this issue might be causing my problem but I can't tell 100% from the description.
One of our sites ha... -
12:38 PM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- Updating subject for release notes.
Also made it more general since this can affect more than port forwards. -
10:50 AM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- Just to update. The nat rule on 2.4.5p1 for 1:1 Nat is...
-
10:20 AM Feature #10804: Interface Status page information for switch uplinks may be replaced by switch port data when media state monitoring is set
- Updating subject for release notes.
-
09:36 AM Regression #11504: CA and certificate validity end dates after 2038 are not handled properly on 32-bit ARM
- Updating subject for release notes.
-
09:16 AM Regression #11504 (Resolved): CA and certificate validity end dates after 2038 are not handled properly on 32-bit ARM
03/11/2021
-
02:32 PM Bug #11630: WireGuard MultiWAN Not Failing Back to Tier 1
- Christian,
Nope! I explored that line of thought as well. I did have it set up at one point, but then I removed i... -
07:57 AM Bug #11630: WireGuard MultiWAN Not Failing Back to Tier 1
- If anybody from Netgate would like to jump into a Zoom meeting so that they can observe this edge case, just reach ou...
-
07:38 AM Bug #11630: WireGuard MultiWAN Not Failing Back to Tier 1
- Christian,
What I've found is that unless you do something to interfere with WireGuard, such as disabling and re-e... -
07:23 AM Bug #11630: WireGuard MultiWAN Not Failing Back to Tier 1
- I'm seeing this on 2.5.0 as well. I have a failover group set as default gateway IPv4. WAN1 dropped out and WG starte...
-
02:20 PM Feature #10804 (Feedback): Interface Status page information for switch uplinks may be replaced by switch port data when media state monitoring is set
- Cherry-picked to RELENG_2_5_1
-
02:05 PM Bug #11466: PHP exits with signal 11 on SG-3100 when calling PCRE functions
- Likely related #11605 and #11551
-
01:26 PM Bug #11466: PHP exits with signal 11 on SG-3100 when calling PCRE functions
- Updating bug report to focus on PHP issue, given that the snort sig 10 issue is unlikely related, and this seems to a...
-
01:12 PM Regression #11504: CA and certificate validity end dates after 2038 are not handled properly on 32-bit ARM
- Confirmed working on 21.02.2
-
10:40 AM Regression #11504: CA and certificate validity end dates after 2038 are not handled properly on 32-bit ARM
- Tested on 21.02p1 and it showed as invalid. After updating to latest dev build image (Mar 10), the cert no longer sho...
03/10/2021
-
02:37 PM Regression #11504: CA and certificate validity end dates after 2038 are not handled properly on 32-bit ARM
- Needs re-tested on snapshots.
If needed, I have a user-supplied certificate which can replicate the problem and ca... -
08:12 AM Bug #11626: Google LDAP connections fail due to lack of SNI for TLS 1.3
- Not that I like the idea of downgrading to a lower TLS version but I wonder if it would work if we forced off TLS 1.3...
-
05:45 AM Bug #11626: Google LDAP connections fail due to lack of SNI for TLS 1.3
- Using the STunnel package as a workaround helps:
https://docs.netgate.com/pfsense/en/latest/recipes/auth-google-gsui...
03/09/2021
-
03:00 PM Bug #11466: PHP exits with signal 11 on SG-3100 when calling PCRE functions
- Tested on:...
-
12:28 PM Bug #11466: PHP exits with signal 11 on SG-3100 when calling PCRE functions
- Has anyone tried this on a 21.05 snapshot with PHP 7.4.16? The release notes for PHP 7.4.16 mention they fixed a segf...
-
01:48 PM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- gnn is taking a look at this to see if he can track it down.
-
01:16 PM Feature #10804 (Waiting on Merge): Interface Status page information for switch uplinks may be replaced by switch port data when media state monitoring is set
03/08/2021
-
07:40 PM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- Site to Site OpenVPN is broken for me in 2.5.0. The tunnel encryption is setup, but running openvpn at verbosity leve...
-
09:46 AM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- the last filter generating change is https://github.com/pfsense/pfsense/commit/fce8a99bffae47c965c692dbe763ae9732092f...
-
09:17 AM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- Same issue here after upgrade to v21.02,
MultiWan wont NAT properly on both wan.
A new message to let you know this... -
11:29 AM Bug #11630: WireGuard MultiWAN Not Failing Back to Tier 1
- This also appears to be related to Bug #11613, where the user had to reboot pfSense to get WireGuard to follow the st...
-
11:21 AM Bug #11630: WireGuard MultiWAN Not Failing Back to Tier 1
- FYI - The "nightly" build I was using during testing was 2.5.0.a.20210122.2350.
03/07/2021
-
11:32 PM Bug #11630: WireGuard MultiWAN Not Failing Back to Tier 1
- see also #11570 and #6370
-
11:21 AM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- It looks like the reply traffic is not matching the state created by the inbound connection on the WAN.
The firewa...
03/06/2021
-
10:20 AM Regression #11504: CA and certificate validity end dates after 2038 are not handled properly on 32-bit ARM
- bdaa35dcf31def521ba8c60c0aa9c41bf5005311 is working when applied to 21.02p1 on an SG-3100. The change hasn't made it ...
03/05/2021
-
04:31 PM Bug #11630 (Closed): WireGuard MultiWAN Not Failing Back to Tier 1
- When using a GW group for WAN failover, WireGuard will fail to Tier2 when the Tier1 GW is down. However, when Tier1 i...
-
10:23 AM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- Marcos Mendoza wrote:
[...]
>
> I noticed the PPPoE gateway that was automatically created was outside of the sub... -
09:59 AM Regression #11436: State matching problem with reponses to packets arriving on non-default WANs
- Another report:
Port forward and firewall rules are in place on a secondary PPPoE WAN interface. Traffic comes in,... -
08:06 AM Bug #11626: Google LDAP connections fail due to lack of SNI for TLS 1.3
- If OpenLDAP ldapsearch fails directly it's unlikely to be related to #9417
All the references I see to SNI seem fa... -
02:07 AM Bug #11626: Google LDAP connections fail due to lack of SNI for TLS 1.3
- may be related to #9417
-
02:02 AM Bug #11626 (Resolved): Google LDAP connections fail due to lack of SNI for TLS 1.3
- https://forum.netgate.com/topic/161725/google-ldap-connection-failed:
I have a problem after update my Netgate XG-...
Also available in: Atom