Project

General

Profile

Activity

From 10/24/2010 to 11/22/2010

11/22/2010

11:18 PM Bug #840 (Resolved): RRD scripts not collecting new data into the RRD
yeah this was fixed long ago Chris Buechler
05:14 PM Bug #840: RRD scripts not collecting new data into the RRD
This seems to work fine and has done for a wail. Jonathan Bastin
10:56 PM Bug #1031: Firewall Log - Dynamic Update update only first row
Looks like this only happens with the logs in reverse order. Forward order works fine. Jim Pingle
09:07 PM Bug #1031: Firewall Log - Dynamic Update update only first row
Do you have your logs set for forward or reverse order? (i.e. is the newest entry at the top or the bottom) Jim Pingle
09:59 AM Bug #1031 (Resolved): Firewall Log - Dynamic Update update only first row
When use Dynamic Update on Status -> System Logs -> Firewall -> Dynamic View only the first row is updated.
Curren... Francisco Brasileiro
08:01 PM pfSense Packages Bug #1033 (Feedback): Please start bandwidthd to populate this directory
Uninstall the package and then reinstall it. I fixed quite a few dependencies on it this afternoon. It started OK whe... Jim Pingle
07:50 PM pfSense Packages Bug #1033 (Resolved): Please start bandwidthd to populate this directory
built on Mon Nov 22 02:17:54 EST 2010
bandwidthd can not run samuel tang
06:38 PM Revision a2b6c52f: Add option to control automatic creation of NAT rules which assist forwarding rules that send traffic out to the same subnet it originated from.
Erik Fonnesbeck
04:55 PM Feature #1032: Add all interfaces to Packet Capture drop-down
Anything valid for tcpdump. So perhaps not lo0, carp, or other interfaces from which a packet capture would not work ... Jim Pingle
04:24 PM Feature #1032: Add all interfaces to Packet Capture drop-down
Do you mean all interfaces from returned by ifconfig ?
 Pierre POMES
03:18 PM Feature #1032: Add all interfaces to Packet Capture drop-down
Even better. :-) Jim Pingle
03:15 PM Feature #1032: Add all interfaces to Packet Capture drop-down
Changed to all interfaces, there are a number of scenarios in addition to OpenVPN where that capability would be help... Chris Buechler
02:55 PM Feature #1032 (Resolved): Add all interfaces to Packet Capture drop-down
It would be handy if all interfaces were available as targets for packet capture even without being assigned. Jim Pingle
04:23 PM Revision bddcbff2: When adding/editing a gateway, check IP alias subnets, too. Fixes #1015
Erik Fonnesbeck
03:53 PM Revision d48dbceb: Add other interfaces to local network selection and show proper names. Fixes #965
Erik Fonnesbeck
02:32 PM Revision e63d59c0: Do not save settings related to ports when protocol does not use ports. Ticket #953
Erik Fonnesbeck
01:39 PM Revision ae46e8b8: Do not save fields from translation section when "Do not NAT" is checked. Ticket #952
Erik Fonnesbeck
12:27 PM Revision 4389352c: In filter_generate_reflection_nat, generate a rule with the actual subnet instead of using the interface:network shortcut. Ticket #737
Erik Fonnesbeck
11:35 AM Bug #1015 (Feedback): Gateways IP subnet check needs to check IP aliases
Applied in changeset commit:"bddcbff2742d2855aa47b7af551aee11410183ca". Erik Fonnesbeck
11:05 AM Bug #965 (Feedback): IPSec configuration network selection doesn't match rest of UI
Applied in changeset commit:"d48dbceb9570a322e0ce8a7200847eeddfac22f9". Erik Fonnesbeck
09:47 AM Feature #953: On outbound NAT rule edit, hide ports when protocol does not use ports.
Should be fixed now. Erik Fonnesbeck
08:06 AM Feature #953: On outbound NAT rule edit, hide ports when protocol does not use ports.
This should probably leave out the port fields when saving when not set to a protocol that uses them. Erik Fonnesbeck
09:00 AM Feature #737: Make 1:1 NAT Reflection's NAT rule generation work for more setups
This thing is wrong because it slows down filter reload and things depends on it being snappy.
There is not justaf... Ermal Luçi
07:45 AM Feature #737 (Feedback): Make 1:1 NAT Reflection's NAT rule generation work for more setups
Erik Fonnesbeck
07:45 AM Feature #737: Make 1:1 NAT Reflection's NAT rule generation work for more setups
Looking back at this, I didn't really write up a very good description of it. Anyway, it should work for a wider ran... Erik Fonnesbeck
08:42 AM Feature #952: When "Do not NAT" is checked on outbound rule, the translation section should be hidden.
Should be fixed now. Erik Fonnesbeck
08:05 AM Feature #952: When "Do not NAT" is checked on outbound rule, the translation section should be hidden.
This should probably not be saving the fields in the translation section when do not nat is checked. Erik Fonnesbeck
08:33 AM Revision 1452fa57: Use correct names for integer and boolean types in DHCP options and fix typo in hexadecimal validation for strings. Fixes #962
Erik Fonnesbeck
05:23 AM Bug #943: 2.0-BETA4 Dynamic DNS updates not working
I am seeing the same problem on a clean boot of pfSense-2.0-BETA4-20101120-0520.iso - well a clean install followed b... Jeppe Oland
03:35 AM Bug #962 (Feedback): DHCP custom options must have type selection
Applied in changeset commit:"1452fa5788f6fd0cf73d957955b8bfeeac127541". Erik Fonnesbeck
02:28 AM Bug #962 (New): DHCP custom options must have type selection
One issue with this on the integers. It's putting int8, int16, uint8, etc. into dhcpd.conf file which is invalid synt... Chris Buechler
03:16 AM Bug #1030 (Closed): Interface case change in apinger.conf needs reverted
Interfaces are showing in upper case in apinger's conf now, splitting the RRDs into two different graphs. Unknown imp... Chris Buechler
02:51 AM Feature #1029 (Rejected): Add more native way to connect on WAN via DHCP+PPTP/L2TP
Please don't duplicate tickets. original is #624. It doesn't have a target version because we don't have plans of imp... Chris Buechler
02:45 AM Feature #1029 (Rejected): Add more native way to connect on WAN via DHCP+PPTP/L2TP
In some countries the connection to ISP works like this: A computer(pfsense in this case) takes an IP from the modem ... Lenny V.

11/21/2010

10:40 PM Revision b3a4ff7c: Add newlines
Scott Ullrich
09:26 PM Revision 279f4da8: nuke ;
Scott Ullrich
09:22 PM Revision 558dda01: Remove hw.bce.tso_enable item it is loader.conf only per jimp
Scott Ullrich
09:21 PM Revision f41b7bdf: Remove bce item it is loader.conf only per jimp
Scott Ullrich
09:20 PM Revision fb182cb2: Define hw.bce.tso_enable
Scott Ullrich
06:00 PM Bug #836: Captive portal logout popup windows doesn't disconnect the user
Could you explain what you mean in more detail? In particular, which page do you mean when you say "the logged in ov... Erik Fonnesbeck
05:56 PM Bug #836: Captive portal logout popup windows doesn't disconnect the user
Does NOT work actually. The user still remains at the logged in overview! L J
05:36 PM Revision ed32aef7: Don't consider the HTTP referrer check as passing if it was skipped. Ticket #1027
Erik Fonnesbeck
05:23 PM Revision 0f806eca: Upon restoring a config, replacing whole sections, or editing config.xml in edit.php, prevent possible accidental lockout from DNS rebind and HTTP referrer checks by disabling them until reboot or the next time they pass, whichever comes sooner. Ticket #1027
Erik Fonnesbeck
12:47 PM Bug #1027 (Feedback): Config restore triggers HTTP_REFERER check on interface mismatch
This workaround should prevent that from happening now. Erik Fonnesbeck
06:26 AM Bug #1027: Config restore triggers HTTP_REFERER check on interface mismatch
This also needs to be tested restoring a configuration that changes the host or domain, because that might trigger th... Erik Fonnesbeck

11/20/2010

11:15 PM Bug #560: loader.conf is empty after a firmware update.
I believe it still is, as a VM I keep updated has an empty loader.conf when it should the default entries.
It's a di... Jim Pingle
10:54 PM Bug #560: loader.conf is empty after a firmware update.
Is this still an issue on full installs? Note that there is a separate ticket for this on nanobsd. Erik Fonnesbeck
11:07 PM Feature #953 (Resolved): On outbound NAT rule edit, hide ports when protocol does not use ports.
Chris Buechler
11:02 PM Feature #953: On outbound NAT rule edit, hide ports when protocol does not use ports.
2.0-BETA4 (i386)built on Sat Nov 20 05:54:55 EST 2010 using Firefox.
Testing Firewall/NAT/Outbound Add a mappin... Chris Palmer
10:35 PM Feature #952: When "Do not NAT" is checked on outbound rule, the translation section should be hidden.
2.0-BETA4 (i386)built on Sat Nov 20 05:54:55 EST 2010
When "Do not NAT" is checked on an outbound NAT rule, the ... Chris Palmer
09:53 PM Bug #955 (Resolved): Static IP gateway does not upgrade from 1.2.x to 2.0
That looks good, thanks for the extra detail. Jim Pingle
09:37 PM Bug #955: Static IP gateway does not upgrade from 1.2.x to 2.0

That page shows
Name Interface Gateway Monitor IP Description
GW_WAN (default) WAN 172... Chris Palmer
09:23 PM Bug #955 (Feedback): Static IP gateway does not upgrade from 1.2.x to 2.0
The <gateway> tag under <wan> should _not_ be there with an IP post-upgrade, you should only have a gateway entry und... Jim Pingle
09:01 PM Bug #955 (Resolved): Static IP gateway does not upgrade from 1.2.x to 2.0
Chris Buechler
08:55 PM Bug #955: Static IP gateway does not upgrade from 1.2.x to 2.0
Setup 1.2.3 release on my test box today using a static wan address.
Let it update via Firmware/Auto Update to 2.0... Chris Palmer
09:37 PM Bug #1012 (Resolved): DHCP Setting error
Chris Buechler
09:29 PM Bug #1012: DHCP Setting error

Ver. 2.0-BETA4 (i386)built on Sat Nov 20 05:54:55 EST 2010
I made multiple changes to my dhcp server on the LAN,... Chris Palmer
07:42 PM Revision 2b8bdfe4: Add missing </item>
Scott Ullrich
07:40 PM Revision 24352196: oops, typo
Scott Ullrich
07:40 PM Revision feae85bc: Increase vfs.read_max to 32. See http://ivoras.sharanet.org/blog/tree/2010-11-19.ufs-read-ahead.html .. This can help dramatically if using Squid or any other packae that does a lot of hard disk reads.
Scott Ullrich
01:36 PM Bug #1028 (Closed): filter.inc - discover_pkg_rules
Chris Buechler
01:29 PM Bug #1028: filter.inc - discover_pkg_rules
Hmm.. sorry
I found my error in rules.
Task can be closed. Serg Dvoriancev
12:32 PM Bug #1028 (Closed): filter.inc - discover_pkg_rules
filter.inc
Function discover_pkg_rules
Symptoms:
Errors in syslog
check_reload_status: syncing firewall
php: ... Serg Dvoriancev
05:19 AM Revision c049daef: Disable this test, it was causing some package file downloads to be skipped for me, and nothing else seems to set/use this variable anywhere.
Jim Pingle
12:17 AM Feature #1020: Provide HTTP basic auth additional authentication option
Note I can't imagine this ever getting any consideration short of someone funding it or contributing the code. Chris Buechler
12:13 AM Feature #1020 (New): Provide HTTP basic auth additional authentication option
While not legit for reasons of obfuscating what you're running (almost every single commercial vendor does similar an... Chris Buechler

11/19/2010

06:24 PM Revision 37c8e07d: Fix reading the ip from the right file for dyndns.
Ermal LUÇI
03:44 PM Revision e3924384: Reorder some code and combine the nobind test with the lport code to ensure only the needed options are used in any given combination.
Jim Pingle
03:34 PM Revision ad88ff3f: Cleanup some code and properly handle failure of pkg_fetch_recursive.
Ermal LUÇI
03:31 PM Revision 5708241f: When the local port is left blank on an OpenVPN client, use 'lport 0' to direct the client to use a random source port. Fixes #1025
Jim Pingle
03:21 PM Revision d08b0064: Clarify message.
Ermal LUÇI
03:17 PM Revision 0cdf4e87: Use correct extension of tgz rather than tgz for automatically discovered dependencies.
Ermal LUÇI
11:03 AM Bug #729: if_bridge unpredictable filter interface selection
The original issue is sorted, however the problem from #22 could still be an issue. Jon Bruce
10:48 AM Bug #1025: OpenVPN in client mode requires local port set for multiple instances
Also confirmed that nobind only works if you do not choose an interface, so the old "dynamic sourceport" checkbox isn... Jim Pingle
10:35 AM Bug #1025 (Feedback): OpenVPN in client mode requires local port set for multiple instances
Applied in changeset commit:"5708241f9545924e07c820deecae5455354a6cbc". Jim Pingle
10:31 AM Bug #1025: OpenVPN in client mode requires local port set for multiple instances
Confirmed, lport 0 does make clients use a random source port. Jim Pingle
10:03 AM Bug #962: DHCP custom options must have type selection
Functions on Mon Nov 1 15:45:03 EDT 2010 firmware. Tested with "1(https://wsm.mydomain.com:5070/oap/sac_pkg" for a M... Jon Bruce
06:33 AM Bug #995 (Resolved): New x64 snapshots won't boot
Ermal Luçi
06:31 AM Bug #1017 (Resolved): fwrite problem after update
Ermal Luçi
06:30 AM Bug #918 (Resolved): CP redirection URL and logout on popup don't work
Ermal Luçi
06:30 AM Bug #1007 (Resolved): captive portal fatal error
Ermal Luçi
06:29 AM Bug #980 (Resolved): Dashboard from Captive Portal don't show connections ...
Ermal Luçi
06:29 AM Bug #980 (Closed): Dashboard from Captive Portal don't show connections ...
Ermal Luçi
06:24 AM Bug #1027: Config restore triggers HTTP_REFERER check on interface mismatch
This happens when the IP address has changed because of the restore. Erik Fonnesbeck
04:38 AM Bug #1027 (Resolved): Config restore triggers HTTP_REFERER check on interface mismatch
An HTTP_REFERER was detected other than what is defined in System -> Advanced (https://10.0.3.190/diag_backup.php). Y... Seth Mos
12:12 AM Revision c132bdb0: Honor the config parsed var if set.
Ermal LUÇI
12:10 AM Revision 1883455a: Hopefully now the reinclusion of config will not override vars.
Ermal LUÇI
12:03 AM Revision d8333a24: Use full path when we might not have full environment setup.
Ermal LUÇI
12:02 AM Revision 01a6e665: globals.inc is better first.
Ermal LUÇI
12:00 AM Revision d9426abc: More safety belts.
Ermal LUÇI

11/18/2010

11:58 PM Bug #1025: OpenVPN in client mode requires local port set for multiple instances
I'd have to check the config docs again but I think that if you specify a listening interface you have to use lport. ... Jim Pingle
11:24 PM Bug #1025: OpenVPN in client mode requires local port set for multiple instances
This made me notice a related regression from 1.2.x, you can specify a dynamic source port and it just adds "nobind" ... Chris Buechler
09:56 PM Bug #1025: OpenVPN in client mode requires local port set for multiple instances
I'll have to give that one a try. We are on the devel version of openvpn, current number is 201019, which according t... Jim Pingle
09:51 PM Bug #1025: OpenVPN in client mode requires local port set for multiple instances
Sorry, I misunderstood.
It seems the random port feature has been added recently when using "lport 0".
https://... Pierre POMES
08:32 PM Bug #1025: OpenVPN in client mode requires local port set for multiple instances
Yes I know that. When you do not specify a local port, it's still trying to take 1194 even though there is no config ... Jim Pingle
08:25 PM Bug #1025: OpenVPN in client mode requires local port set for multiple instances
Hi Jim,
Yes, the directive is "local_port" in config.xml:... Pierre POMES
05:37 PM Bug #1025: OpenVPN in client mode requires local port set for multiple instances
Is there a directive that indicates that in the config file? Mine are fighting for 1194 unless I hardcode.
I thoug... Jim Pingle
04:04 PM Bug #1025: OpenVPN in client mode requires local port set for multiple instances
it ought to just default to using a random port Chris Buechler
02:44 PM Bug #1025 (Resolved): OpenVPN in client mode requires local port set for multiple instances
If you create an OpenVPN client, the local port is left blank, and it will automatically use 1194
If you create a ... Jim Pingle
11:44 PM Revision d465a277: Fix fetching of package list.
Ermal LUÇI
06:56 PM Revision 21bc451b: Add myself to the copyright. Have modified enough the file.
Ermal LUÇI
06:49 PM Bug #928 (Resolved): pfSense freezes during boot if DHCP client interface doesn't get a reponse from DHCP server
Chris Buechler
06:12 PM Bug #928: pfSense freezes during boot if DHCP client interface doesn't get a reponse from DHCP server
Confirmed fixed in Mon Nov 15 17:03:26 EST 2010 firmware version. Jon Bruce
06:35 PM pfSense Packages Bug #1026 (Resolved): bandwidthd makes bad assumptions about subnets
The 'subnets' directive in the bandwidthd.conf uses the subnet of the selected interface. If you have multiple subnet... Chris Buechler
05:31 PM Revision 4830e56a: Some fixes for the upgrade code for captive portal users.
Erik Fonnesbeck
04:13 PM Revision 8784a3bb: Remove the old field even if empty in rename_field.
Erik Fonnesbeck
02:47 PM Bug #980: Dashboard from Captive Portal don't show connections ...
Dashboard works, screenshot attached. Disconnect error not seen either. Jon Bruce
02:34 PM Bug #1007: captive portal fatal error
Not seen in Mon Nov 15 17:03:26 EST 2010 firmware version. Same basic setup running, no errors. Jon Bruce
02:30 PM Bug #918: CP redirection URL and logout on popup don't work
Tested ok on firmware Mon Nov 15 17:03:26 EST 2010. Redirect works automatically. Jon Bruce
02:24 PM pfSense Packages Bug #1024 (Resolved): Snort GUI broken in latest snapshots
The GUI for /snort/snort_interfaces.php is broken. Ralf Wessling
02:05 PM pfSense Packages Bug #1008 (Resolved): Squidguard Log
Chris Buechler
09:12 AM pfSense Packages Bug #1008: Squidguard Log
Ok
It's working fine now ;-)
Thank you . Tahar GUEBLI
01:54 PM Bug #1023: Carp Status Incorrect
Sorry I dont have a screenshot at the moment but here are the ifconfigs:
machine 1:
vip21: flags=8<LOOPBACK> me... Martin Klein
12:55 PM Bug #1023: Carp Status Incorrect
Do you have a screenshot output of the CARP status and the ifconfig -a output that confirms these are producing confl... Jim Pingle
12:53 PM Bug #1023 (Resolved): Carp Status Incorrect
I Have Multiple Carp Interfaces (vip21 - vip24),
on the Status Page and the Dashboard Widget all
Interfaces have t... Martin Klein
01:04 PM Revision d7bf3178: Various fixes and improvements for the DNS rebind and HTTP referrer checks.
* Only compare with full host from referrer, since someone can put whatever they want at the left side of the period ... Erik Fonnesbeck
12:57 PM Revision 2addd5b2: Fix problem with syslog adding/removing for pacakges. Fix sync pacakges to call the right functions. Optimizations and code cleanup along the way.
Ermal LUÇI
09:47 AM Bug #570 (Resolved): When "No RDR" is checked on a port forward, hide fields that do not apply.
Yeah, seems to be fine. Erik Fonnesbeck
09:25 AM Bug #570: When "No RDR" is checked on a port forward, hide fields that do not apply.
This now works as expected. Casin Mirad
09:34 AM Revision 0bee2010: Save the host name and domain to a temporary location until the setup wizard is finished to prevent triggering the DNS rebind message. Fixes #1022 Also use this information to implement the redirect for changed host for ticket #455
Erik Fonnesbeck
07:23 AM Revision b8d4d7cd: Handling this properly when the web gui is on an alternate port number.
Erik Fonnesbeck
05:35 AM Bug #1013: Captive Portal Reauthentication broken
But then there would be a bug in older beta releases and in 1.2.3 Stable.
There every minute the client is reauthe... L J
04:55 AM Bug #1022 (Feedback): DNS rebind check blocks web gui access to configured host if changed during setup wizard
Applied in changeset commit:"0bee20108d6e6f5750b0164a3740a75bb411b77f". Erik Fonnesbeck
01:57 AM Bug #1022: DNS rebind check blocks web gui access to configured host if changed during setup wizard
In the title I meant to say configured host name. Erik Fonnesbeck
03:00 AM Revision 6898927f: Make this check more general in case someone makes a wizard that changes an opt interface's IP address and wants to use the "Reload in progress" step. Ticket #455
Erik Fonnesbeck
01:39 AM Bug #1014 (Resolved): auth-user-pass only works in i386 version
Chris Buechler
01:36 AM Bug #1014: auth-user-pass only works in i386 version
This is indeed working in the amd64 latest snapshot. Thank you very much.
I have not tried it in the i386 release ... Andreas Winge
12:37 AM Revision 9c37f8cd: Properly reflect ports in the GUI view of the anti-lockout rule since Ermal's changes restricted it to only ssh/gui ports.
Jim Pingle
12:16 AM Revision 916ee745: Show CRL download link only for imported certificates or CRLs with revoked certificates.
Jim Pingle
12:12 AM Revision 304af9d8: Some CRL fixes.
Jim Pingle
12:08 AM pfSense Packages Bug #1021 (Resolved): SSL not enabled in Squid package 2.7.9_4
Jim Pingle
12:00 AM pfSense Packages Bug #1021: SSL not enabled in Squid package 2.7.9_4
Thank you Jim, that is perfect. I reinstalled the package and now https_port works again.
Many thanks to you and ... Steve Hall

11/17/2010

11:17 PM Bug #1022 (Resolved): DNS rebind check blocks web gui access to configured host if changed during setup wizard
If you are accessing the web gui by the configured host name or host.domain and use the setup wizard to change the na... Erik Fonnesbeck
10:45 PM Revision fa15f4ae: Clear up some code.
Ermal LUÇI
10:42 PM Revision d98d6f7f: Boost timeout for file downloads to 60 seconds
Scott Ullrich
10:34 PM Bug #954: Switching to manual outbound NAT creates incorrect rule for PPTP server
Any particular reason you set this to feedback? I'm fairly sure the issue is not fully resolved by just that one com... Erik Fonnesbeck
03:23 PM Bug #954 (Feedback): Switching to manual outbound NAT creates incorrect rule for PPTP server
Ermal Luçi
10:30 PM Bug #455: On initial wizard reload button do not put browser on new assigned ip.
Except for that I just realized that the DNS rebind check wouldn't allow the old host name by default. This needs a ... Erik Fonnesbeck
10:16 PM Bug #455: On initial wizard reload button do not put browser on new assigned ip.
Is this last change something like what you meant?
By the way, this could also be designed to check whether the us... Erik Fonnesbeck
02:20 PM Bug #455: On initial wizard reload button do not put browser on new assigned ip.
The fix is not complete.
Please do it right.... Ermal Luçi
10:50 AM Bug #455 (Feedback): On initial wizard reload button do not put browser on new assigned ip.
Applied in changeset commit:"fd7f136b2665a1fda1df5329d24617413cf78847". Erik Fonnesbeck
08:17 PM Revision eab543ed: Ticket #1017. Move the fwrite and fd_log initializing to a function. Name the function pkg_debug to properly show what is its purpose and also make it write something only when $debug is set.
Ermal LUÇI
08:10 PM Bug #475: L2TP is not functional in the way users will expect
Some sample configurations linked here:
http://forum.pfsense.org/index.php/topic,30114.msg156037.html#msg156037 Jim Pingle
07:47 PM Revision 4c3d9312: Ticket #1017. Put a @ before each fwrite to silence errors. Also setup the log file in the beginning rather than on each individual function.
Ermal LUÇI
07:36 PM Revision 1ae5c631: Resolves #1018. Provide a more unique host name for the file.
Ermal LUÇI
06:31 PM pfSense Packages Bug #1021 (Feedback): SSL not enabled in Squid package 2.7.9_4
Try this again, I uploaded a recompiled binary for squid on 1.2.x. Jim Pingle
03:19 PM pfSense Packages Bug #1021 (Resolved): SSL not enabled in Squid package 2.7.9_4
Output in the latest Squid package under 1.2.3 shows:
# squid -v
Squid Cache: Version 2.7.STABLE9
configure opti... Steve Hall
05:34 PM Revision 53d41b68: The way this option is currently defined, the configuration variable is always set; for this case, isset is not the correct condition. Reported at http://forum.pfsense.org/index.php/topic,30153.0.html
Erik Fonnesbeck
04:42 PM pfSense Packages Bug #770: imspector don't install on 2.0-BETA3-20100727
Tried with: Version 2.0-BETA4 (i386) built on Wed Nov 17 10:33:31 EST 2010
Beginning package installation for imsp... Francisco Brasileiro
04:38 PM Bug #1017: fwrite problem after update
Works no warning is show. Ticket can be closed Perry Mason
02:46 PM Bug #1017 (Feedback): fwrite problem after update
Ermal Luçi
04:50 AM Bug #1017 (Resolved): fwrite problem after update
Removing package...
Starting package deletion for vnstat-1.10_2...done.
Removing vnstat2 components...
Tabs item... Perry Mason
03:35 PM Revision a219c643: Add workaround for referrer check to not be triggered on the previous IP address when redirected by the setup wizard.
Erik Fonnesbeck
03:25 PM Bug #875: Uninstalling packages can remove system libraries
I added some protection between packages but it is still not enough Ermal Luçi
03:17 PM Todo #765: Patch: Add custom DHCP configuration
Can you please check if the latest version of snapshots does this for you? Ermal Luçi
02:59 PM Bug #989 (Resolved): Unable to make a single outbound PPTP connection
Reported from other sources. Ermal Luçi
02:56 PM Bug #1013 (Closed): Captive Portal Reauthentication broken
This is working as mentioned.
Read the radius accounting RFC to understand why.
You will get data only after the cl... Ermal Luçi
02:35 PM Bug #1018 (Feedback): Dynamic DNS issue with multiple Dyndns-Entries
Applied in changeset commit:"1ae5c631e8ec83ed5acdd60419dc436c893fe6ef". Ermal Luçi
10:29 AM Bug #1018 (Resolved): Dynamic DNS issue with multiple Dyndns-Entries
Hello Community / Developer Team,
first of all: you are doing a great job and I really like what you have done so ... Thomas Burger
02:17 PM Feature #1020: Provide HTTP basic auth additional authentication option
PS: firewall off the port to the world and only allow from a management IP. Scott Ullrich
02:16 PM Feature #1020 (Rejected): Provide HTTP basic auth additional authentication option
We just spent considerable time moving from that model to the model we are using in 2.0. Sorry but we are not going ... Scott Ullrich
12:56 PM Feature #1020 (Closed): Provide HTTP basic auth additional authentication option
edit: see cmb's 20101120 explanation. original submitter's follows.
It would be nice if the Web interface could o... Martin Klein
02:01 PM Revision fd7f136b: Redirect to the correct IP at the end of the setup wizard if accessing it on an IP address that was changed. Fixes #455
Erik Fonnesbeck
12:32 PM Feature #1019 (Resolved): Lagg Failover Mode Master Interface
when creating a lagg interface in failover mode I am not able to choose the master interface.
The first interface in... Martin Klein
10:43 AM Revision 54dd88ba: Merge remote branch 'mainline/master' into inc
Conflicts:
etc/inc/pkg-utils.inc Renato Botelho
10:42 AM Revision 3ec86ca8: Merge remote branch 'mainline/master' into inc
Conflicts:
etc/inc/pkg-utils.inc Renato Botelho
10:32 AM Revision cfcebf07: Fix typo
Renato Botelho
04:47 AM Revision b450c94e: Fix typo in comment.
Jim Pingle
01:38 AM Revision f02f0675: Ensure this is an array before entering the foreach loop. Fixes #1012
Erik Fonnesbeck

11/16/2010

11:26 PM Bug #1014 (Feedback): auth-user-pass only works in i386 version
I enabled the SAVE_PW option which should use --enable-password-save on both i386 and amd64, and then recompiled Open... Jim Pingle
05:46 PM Bug #1014 (Resolved): auth-user-pass only works in i386 version
In the i386 version the configure commandline was (might be one or two typos here):
./configure --with-lzo-lib=/usr/... Andreas Winge
10:59 PM Revision aeaa7358: Make the pkg_fetch_recursive code stronger and try also to fetch from freebsd repo when fails to fetch from pfSense one.
Ermal LUÇI
10:54 PM Bug #1011 (Resolved): can not disable HTTP_REFERER check
Chris Buechler
04:39 AM Bug #1011: can not disable HTTP_REFERER check
I tested it and it is OK now.
Thanks ivan primus
10:52 PM Feature #1016 (Resolved): dyndns support for eurodns.com
changed files attached to support eurodns.com from Stefan Casier. Chris Buechler
10:50 PM Bug #970: Cannot add my gateway because the gateway IP is not in the same subnet
that's a diff issue, opened as #1015 Chris Buechler
01:49 AM Bug #970: Cannot add my gateway because the gateway IP is not in the same subnet
Gateway test should check in both subnet interface and IP ALIAS subnet.
At this moment, only subnet interface is che... Iñigo Martinez
10:50 PM Bug #1015 (Resolved): Gateways IP subnet check needs to check IP aliases
The gateways check for the IP being within the subnet doesn't check IP aliases on that interface. Chris Buechler
10:38 PM Revision 7b228323: Avoid exec() and use php calls.
Ermal LUÇI
10:11 PM Revision 1b28121f: Correctly form the url from where to fetch packages if a base is not specified. This unbreaks packages on amd64! Also do no remove a package which is required by other installations.
Ermal LUÇI
08:45 PM Bug #1012 (Feedback): DHCP Setting error
Applied in changeset commit:"f02f0675ccc2bfc59ad969ca0d100f3fd4f4e493". Erik Fonnesbeck
04:36 PM Bug #1012 (Resolved): DHCP Setting error
If I configure and apply the DHCP settings I recieve the following error: "Warning: Invalid argument supplied for for... L J
07:56 PM Revision fe81116d: Correct variable name.
Ermal LUÇI
07:40 PM Revision fcf92dae: * Use pkg_info -E pkgname* for testing if a package is installed.
* Do not call eval if we cannot include an .inc file since that will make the whole script fail.
* Keep the log from ... Ermal LUÇI
06:05 PM pfSense Packages Bug #669: HAVP does not remove "Antivirus" menu point when de-installed.
Possibly fixed with latest package improvements. Ermal Luçi
06:04 PM pfSense Packages Bug #770 (Feedback): imspector don't install on 2.0-BETA3-20100727
Try installing latest one after updating to latest snapshot. Ermal Luçi
04:38 PM Bug #1013 (Resolved): Captive Portal Reauthentication broken
B.0-BETA4 (i386)
built on Sun Nov 14 03:54:29 EST 2010
If the option "Accounting updates" with "no accounting u... L J
04:37 PM pfSense Packages Bug #1008: Squidguard Log
Fixed. Serg Dvoriancev
10:32 AM pfSense Packages Bug #1008: Squidguard Log
Yes, with pfSense-2.0-BETA4-20101111-2203, when click on Service -> Proxy Filter -> Log ( https://pfsense/pkg_edit.ph... Francisco Brasileiro
04:32 PM Revision 73c30884: Merge remote branch 'mainline/master' into inc
Renato Botelho
04:29 PM Revision 55910da7: Tighten check even more. Ticket #1006.
Ermal LUÇI
04:21 PM Revision b878ad36: Ticket #1006. Make sure to interpret the response as needed. First check if we got 0 and then check if we have a faultCode().
Ermal LUÇI
02:45 PM Bug #950 (Feedback): Package installation failures leaves package installed
With latest commits it seems quite stable. Ermal Luçi
11:31 AM Revision 39a8090a: Merge remote branch 'mainline/master' into inc
Conflicts:
etc/inc/PEAR.inc
etc/inc/filter.inc Renato Botelho
11:22 AM Bug #1006 (Feedback): XMLRPC sync from the CLI as well as the UI Fail on error conditions
I committed a fix for the error reported.
The solution for the other is to ask the people to input the protocol of t... Ermal Luçi
11:08 AM Bug #1000: lagg not working set to failover.
Can you show your system logs?
lagg(4) is made to handle this, so only if something in pfsense is putting down the w... Ermal Luçi
03:56 AM Revision e6b960cc: Make sure this isn't searching the referrer using a blank host or IP, which will always match the referrer.
Erik Fonnesbeck
03:35 AM Revision 55068970: Fix case for testing the referrer check setting. Ticket #1011
Erik Fonnesbeck
01:50 AM Feature #972: Allow adding gateways outside of interface subnet
Gateway test should check in both subnet interface and IP ALIAS subnet.
At this moment, only subnet interface is che... Iñigo Martinez

11/15/2010

10:50 PM Bug #1011 (Feedback): can not disable HTTP_REFERER check
Erik Fonnesbeck
10:50 AM Bug #1011 (Resolved): can not disable HTTP_REFERER check
This is case on 2 my installations. Check can't be disabled, and can not access web interface.
Using newest buids - ... ivan primus
09:18 PM Bug #996: DHCP address not pulled with spoofed MAC address on WAN
Just tested on Pfsense 2.0BETA4 (built on Fri Nov 12 19:00:39 EST 2010), appears to work (running from Virtualbox wit... c c
09:17 PM Bug #996: DHCP address not pulled with spoofed MAC address on WAN
Just tested on Pfsense 2.0BETA4 (built on Fri Nov 12 19:00:39 EST 2010), appears to work (running from Virtualbox wit... c c
09:17 PM Bug #996: DHCP address not pulled with spoofed MAC address on WAN
Just tested on Pfsense 2.0BETA4 (built on Fri Nov 12 19:00:39 EST 2010), appears to work (running from Virtualbox wit... c c
08:19 PM Bug #621: Certificate Manager won't accept a windows CA signed certificate
The message you mentioned is shown simply when a certain string comparison fails. If it would be appropriate, it cou... Erik Fonnesbeck
08:22 AM Bug #621: Certificate Manager won't accept a windows CA signed certificate
Well, as I said, I'm not too familiar with how certificates work. But I would guess that it computes some sort of has... Maxim Hansen
08:01 PM Revision efe259cf: Remove these anchors they just provide overhead and are not really used much in pfSense.
Ermal LUÇI
07:55 PM Revision d268d457: Remove gre helping rules they are not anymore needed.
Ermal LUÇI
07:16 PM Revision 99b1cc43: Disable CSRF checks on the backup page.
Scott Ullrich
06:50 PM Revision 0dcdbc85: Send errors to 2>
Scott Ullrich
02:24 PM Bug #989 (Feedback): Unable to make a single outbound PPTP connection
Grab newer snapshots it should work ok now. Ermal Luçi
11:46 AM Revision 172007f5: Merge remote branch 'upstream/master'
Conflicts:
etc/inc/filter.inc
etc/inc/system.inc
usr/local/www/interfaces.php
usr/loc... Seth Mos
09:53 AM Revision 4f376815: Properly format the IPv6 address within brackets so that Carp sync to a ipv6 address works
Seth Mos
08:37 AM Revision 3c009080: Adjust the config file for dhcpv6. We can not support Failover at this point, missing docs.
Seth Mos
08:22 AM Revision cf327478: We do not have a ipv6 specific function, the old one now understands ipv6
Seth Mos
08:21 AM Revision a05b2f42: add support for IPv6 routing tables for IPv6 so that guess_interface_from_ip works
Seth Mos
02:16 AM pfSense Packages Bug #1008: Squidguard Log
yes with snapshot 2.0-BETA4 (i386)built on Fri Nov 12 19:40:58 EST 2010 FreeBSD 8.1-RELEASE-p1. Mukesh Patel

11/14/2010

07:46 PM Revision 64ec1ddf: Add nocsrf flag
Scott Ullrich
07:29 PM Revision 364ecdd1: Fix misnamed form field on CRL import.
Jim Pingle
03:40 PM pfSense Packages Bug #1008: Squidguard Log
Any body repeat this bug to? I can't. Serg Dvoriancev
02:55 PM Revision fbd96b06: Fix variable names. Ticket #954
Erik Fonnesbeck
02:23 PM Bug #1005 (Resolved): Unable to kill individual states from Diagnostics > States
Thanks for the testing/feedback! Jim Pingle
02:15 PM Bug #1005: Unable to kill individual states from Diagnostics > States
Works ok for me on 2.0-BETA4 (i386) built on Sun Nov 14 03:54:29 EST 2010. José María Tudela
01:54 PM Bug #1005: Unable to kill individual states from Diagnostics > States
I just tested this on two 2.0 firewalls of the Sat Nov 13 21:38:35 EST 2010 build and it worked as expected. No error... Phil G
01:59 PM Revision bd32ac6c: Fix case of variable name for swap usage. Ticket #477
Erik Fonnesbeck
01:40 PM Bug #943: 2.0-BETA4 Dynamic DNS updates not working
I'm running a clean install of NanoBSD 4GB dated Oct 8, 2010 and I'm not having any issues with this. John Bradshaw
12:36 PM Revision ba8e0870: Copy /boot/loader.conf.local to the newly imaged slice. Ticket #892
Erik Fonnesbeck
11:05 AM Revision 0aa72c10: Don't perform referer check if display_error_form is not defined (captive portal), just like as is done for the DNS rebind check. Ticket #1007
Erik Fonnesbeck
10:10 AM Revision 0532e54d: Rework handling of ports for reflection on port forwards to work properly with port aliases. Ticket #672
Erik Fonnesbeck
10:01 AM Bug #954: Switching to manual outbound NAT creates incorrect rule for PPTP server
It at least picks up an IP address now, but I'm not sure if it is the right one. It is also still using /32 for the ... Erik Fonnesbeck
09:27 AM Bug #345: CPU graph widget reports wrong usage with SMP
If it is still doing this, I'm not sure how the discrepancy between the two shows up, because as far as I can tell th... Erik Fonnesbeck
09:09 AM Bug #477 (Feedback): Swap usage graphic on dashboard is incorrect
Should be fixed now. Erik Fonnesbeck
08:04 AM Bug #927: 3G modem rendered un-usable by forced cycling of connection
Sorry, what I meant was that the call to "interface_bring_down($interface, true);" in the beginning of the "interface... Marcus Brown
07:43 AM Bug #927: 3G modem rendered un-usable by forced cycling of connection
Sorry, what I meant was that the call to "interface_bring_down($interface, true);" in the beginning of the "interface... Marcus Brown
07:32 AM Bug #927: 3G modem rendered un-usable by forced cycling of connection
Can we please just remove the non-sense with the 5 second sleep from the code? It's just a race condition waiting to ... Marcus Brown
07:45 AM Bug #892 (Feedback): loader.conf.local changes lost after nanobsd upgrade
Erik Fonnesbeck
06:57 AM Bug #621: Certificate Manager won't accept a windows CA signed certificate
I'm not really sure whether the order does matter or not. If it does not, maybe it should search for each of the fie... Erik Fonnesbeck
06:20 AM Bug #1007 (Feedback): captive portal fatal error
I've committed a check like what is done before the DNS rebind checks. With the change it should prevent the code gi... Erik Fonnesbeck
06:06 AM Revision 856d2bf9: Unset this reference before reusing the variable name to prevent corruption of groups.
Erik Fonnesbeck
01:48 AM Feature #736: Privileges for accessing each service that uses the user manager
Captive portal part split off to #1010 Erik Fonnesbeck
01:47 AM Feature #1010: Privilege setting for allowing login access through captive portal
Just wanted to note that I had already started on this sometime and have a significant part done, so that someone doe... Erik Fonnesbeck
01:40 AM Feature #1010 (Closed): Privilege setting for allowing login access through captive portal
Split from #736
It would be nice to have a privilege setting for captive portal so that when authenticating agains... Erik Fonnesbeck
12:38 AM Revision ac503653: Open link in new tab/window
Scott Ullrich

11/13/2010

07:58 AM Feature #1009 (Closed): Active Directory group membership checking
Hi,
This is the auth.inc I have modified to handle AD group membership checking.
It does not support nested gro... Eric Machabert
05:55 AM pfSense Packages Bug #1008 (Resolved): Squidguard Log
With the last snapshot 2.0-BETA4 (i386)built on Fri Nov 12 19:40:58 EST 2010 FreeBSD 8.1-RELEASE-p1 ,
the access t... Tahar GUEBLI
05:44 AM Revision bddc8818: Form image buttons are submit buttons and thus default buttons, causing unwanted behavior with the enter key. Use links instead, where possible.
Erik Fonnesbeck
04:32 AM Bug #1006: XMLRPC sync from the CLI as well as the UI Fail on error conditions
To be more specific, if the Master if configured for https and the slave for http this causes a 0 length response tha... Seth Mos
03:05 AM Revision 6f7a9978: Add style to rowhelper normal text fields in packages for consistency.
Erik Fonnesbeck

11/12/2010

11:51 PM Revision 21699e76: Fix test for altq on vlans and wlan.
Ermal LUÇI
11:34 PM Revision 83fcd140: CSRF startup code has been moved to guiconfig.inc
Scott Ullrich
11:30 PM Revision fafd303e: Unbreak AJAX
Scott Ullrich
09:56 PM Bug #958 (Resolved): reply-to for 1:1 from other directly connected subnets not functioning correctly
Chris Buechler
01:12 PM Bug #958: reply-to for 1:1 from other directly connected subnets not functioning correctly
Well, I did mention it was a floating rule, back in comment #7...
Adding the rules to the specific interface works... Adam Thompson
05:45 AM Bug #958: reply-to for 1:1 from other directly connected subnets not functioning correctly
Can you please try adding rules to your opt2 interface to allow the traffic for all your 1:1 ips.
This will make sur... Ermal Luçi
09:45 PM Revision f48d337f: Add ipv6 local addresses to the IP address list for the rebinding check
Seth Mos
09:38 PM Revision 293079d1: Make sure that we enable SSL properly for the ipv6 vhost as well
Seth Mos
09:05 PM Revision c895ab7b: Misc XSS fixes
Scott Ullrich
05:29 PM Revision 2bf0ada5: Protect against XSS by someone broadcasting an HTML SSID... (better to be safe...)
Jim Pingle
05:15 PM Revision f01d8c49: One more potential XSS vector. Not sure how it would have text injected here, but better safe than sorry.
Jim Pingle
05:02 PM Revision 060d4c5e: More notice XSS fixes.
Jim Pingle
04:36 PM Revision dd5bf424: Fix XSS issues
Scott Ullrich
04:35 PM Revision 4656943e: Fix a theoretical/potential XSS in the http_referer check warning.
Jim Pingle
04:29 PM Revision 190d5d58: Fix XSS in notices.
Jim Pingle
04:03 PM Revision 225a2f0b: Bring in XSS id fixes from m0n0wall
Scott Ullrich
02:38 PM Feature #820: Expose interface for PF address pools on outbound NAT rules
I just wanted to note that the linked documentation is for the newer pf syntax, but the applicable section is still r... Erik Fonnesbeck
11:53 AM Revision 5812e717: Add whitespace to avoid breaking the resulting rule.
Ermal LUÇI
11:52 AM Revision f27789bf: Whitespace fixes.
Ermal LUÇI
11:51 AM Revision f829d532: Make sure there is a direction specified otherwise errors might occur.
Ermal LUÇI
11:49 AM Revision 9869cf3e: Initialize rule keeping array to avoid possible caching effects on php.
Ermal LUÇI
10:55 AM Bug #1007: captive portal fatal error
I'm not trying to open a page with any form of redirect, just google.com or a blank "test" page on a remote httpd.
 Dan Emmons
10:52 AM Bug #1007 (Resolved): captive portal fatal error
running build pfSense-2.0-BETA4-20101111-2203 x86
Configured pfsense for Captive Portal with DNS forward and no ... Dan Emmons
09:17 AM Revision 19310a56: Clarify these descriptions a bit more on 1:1 edit.
Erik Fonnesbeck

11/11/2010

08:35 PM Revision e9cfd6b0: Once more, with feeling
Seth Mos
08:31 PM Revision d99bcf10: Alter the requires to their new file names
Seth Mos
08:27 PM Revision b3c6aec9: Update the current XML RPC client and server parts from the PEAR library, now version 1.5.4
Seth Mos
08:09 PM Bug #958: reply-to for 1:1 from other directly connected subnets not functioning correctly
I've just upgraded and confirmed that it does work perfectly for port-forward NAT, but it does still break for 1:1 NA... Adam Thompson
02:13 PM Bug #958: reply-to for 1:1 from other directly connected subnets not functioning correctly
Can you post your config here?
Please sanitize you ip's but leave the subnets real per se.
I still do not understan... Ermal Luçi
11:44 AM Bug #958: reply-to for 1:1 from other directly connected subnets not functioning correctly
I know you said it wasn't relevant, but I tried setting the Gateway parameter on the firewall rule: no effect whatsoe... Adam Thompson
11:37 AM Bug #958: reply-to for 1:1 from other directly connected subnets not functioning correctly
As I mentioned in #7, the tcpdump output didn't change at all after updating to the snapshot mentioned there.
So... Adam Thompson
07:32 PM Bug #1004 (Resolved): Captive Portal Problem
Chris Buechler
11:16 AM Bug #1004: Captive Portal Problem
just install the update: 2.0-BETA4 (i386) - built on Thu Nov 11 00:34:31 EST 2010
and now seam's to work for me ...... gerard grazzini
05:35 AM Bug #1004: Captive Portal Problem
update to
2.0-BETA4 (i386) - built on Wed Nov 10 10:44:38 EST 2010
the problem seam's to steel be present ... gerard grazzini
03:39 PM Revision 5b6661d8: Fix more typos, I can't code for toffees
Seth Mos
03:33 PM Revision 4f66ad1f: Fix the syntax error
Seth Mos
03:26 PM Revision 543ecd59: Use the information from the wiki about letting lighty listen on v4 and v6 together.
http://redmine.lighttpd.net/projects/lighttpd/wiki/IPv6-Config Seth Mos
03:19 PM Bug #980: Dashboard from Captive Portal don't show connections ...
just a little complement : the dashboard works,
but when i tray to disconnect e guest (click on the cross) i recive ... gerard grazzini
11:19 AM Bug #980: Dashboard from Captive Portal don't show connections ...
hello, i can't give feedback regarding an other bug that block the captive protal (bug # 1004)
but, i just install t... gerard grazzini
02:55 PM Bug #1006 (Resolved): XMLRPC sync from the CLI as well as the UI Fail on error conditions
When the backup doesn't allow connecting to the webui there should be a timeout event.
Instead we have this.
[2.0... Seth Mos
02:44 PM Revision ca94f214: Enable IPv6 binding for Lighttpd
Seth Mos
02:17 PM Revision a2f38ac4: Handle AJAX
Scott Ullrich
10:51 AM Revision 6f567a59: NiftyCheck already included in bottom-loader.js otherwise div mainarea gets rounded twice.
Warren Baker
09:53 AM Revision cea355a5: Separate this into the original case with the floating rule cases above it to fix some scenarios where the order was still wrong.
Erik Fonnesbeck
09:24 AM Revision cb53651f: Small rework of code for applying drag and drop reordering of rules and some extra checks added to fix some potential bugs. Ticket #878
Also minimizes the extent of the changes performed (useful when comparing config.xml files from before and after). Erik Fonnesbeck
07:51 AM Revision a5ebdeff: Fix handling of floating rules in the drag and drop reordering code. Fix for part of ticket #878
Erik Fonnesbeck
05:58 AM Revision baaa8bb1: Move this function to allow removing it from easyrule.
Erik Fonnesbeck
05:43 AM Revision 88bc2760: Fix filter_rules_sort's compare function to know about floating rules so it won't change their order.
Erik Fonnesbeck
04:48 AM Bug #878 (Feedback): Drag and Drop firewall rules causes corruption
I can't reproduce this in IE8 with the steps you mentioned, though I didn't try it there before making the changes. ... Erik Fonnesbeck
03:40 AM Bug #878: Drag and Drop firewall rules causes corruption
No this was all specific to the lan interface as I was testing on that. I didn't try setting up floating rules to see... Warren Baker
02:31 AM Bug #878: Drag and Drop firewall rules causes corruption
On one system where I personally encountered the duplicate (about 8 times duplicated) rules issue, there are no float... Chris Buechler
01:14 AM Bug #878: Drag and Drop firewall rules causes corruption
It is possible this is not a browser-specific issue, but actually caused by not handling floating rules correctly. D... Erik Fonnesbeck
04:27 AM Revision ea57ccb8: Use this sort before saving, so the rule just added is sorted into the proper category like the rest.
Erik Fonnesbeck
04:14 AM Revision ce2078f7: Unbreak graphs
Scott Ullrich
02:56 AM Revision 2b30323e: Copy logic for when to show the cellular tab from status_rrd_graph.php. Fixes #714
Jim Pingle
01:30 AM Revision fa6c42d0: Return this field to its old name to prevent a conflict of names and since the code that uses it still refers to it by that name. Issue reported at http://forum.pfsense.org/index.php/topic,29985.0.html
This caused the full name field to be ignored when creating a user and prevented making a certificate at the creation... Erik Fonnesbeck

11/10/2010

11:14 PM Revision f233231b: Take into account if we have redirection active to allow even port 443.
Ermal LUÇI
11:14 PM Revision 30bd17f5: Make the antilockout rule match the webgui and ssh(if enabled) rather than any traffic destined to pfSense itself.
Ermal LUÇI
10:22 PM Revision 29f76490: Only use escapeshellarg when passing the arguments to the shell. Fixes #1005
Jim Pingle
10:00 PM Bug #878: Drag and Drop firewall rules causes corruption
I've had numerous reports of it in the past two months from talking to people. Click and drag around and you'll event... Chris Buechler
09:40 PM Bug #878: Drag and Drop firewall rules causes corruption
I am having trouble replicating this problem in Chrome on Mac. Can someone else confirm? Scott Ullrich
10:00 PM Bug #714 (Feedback): Cellular RRD Graph Shows w/o 3G Modem Installed
Applied in changeset commit:"2b30323ef3ebbd11d84e913db3b33e514b0657a6". Anonymous
09:50 PM Bug #714: Cellular RRD Graph Shows w/o 3G Modem Installed
Oddly enough I do not see it on my ALIX, but I do see it on my amd64 full install, and only on the Settings tab, no o... Jim Pingle
09:42 PM Bug #714: Cellular RRD Graph Shows w/o 3G Modem Installed
I am not seeing any kind of cellular items on my box at this time. Scott Ullrich
09:49 PM Bug #918 (Feedback): CP redirection URL and logout on popup don't work
Setting this to feedback for now, since the first issue is fixed and the second one as described is intended behavior... Erik Fonnesbeck
09:42 PM Revision dd18038e: * Call get_configured_interface_* functions only once in the code
* Optimize the test if the passed interface is a vaild one
* Fix the apply settings to actually do something rather t... Ermal LUÇI
08:09 PM Revision e7d3fc15: Small improvement no functional change.
Ermal LUÇI
07:40 PM Revision fa112436: Use php calls rather than forking to shell.
Ermal LUÇI
07:34 PM Revision b06d7ebb: Use exec and check return value of command to avoid priting messages of stderr to console.
Ermal LUÇI
07:16 PM Revision 35d26b25: Not sure why sometimes works sometimes does not work when bound to localhost the lighttpd instance of CP. Back to previous setup! Though security of it is debatble.
Ermal LUÇI
06:43 PM Revision 7f8d463f: Bring interfaces up only if there is a mismatch to allow them to be reassigned.
Ermal LUÇI
06:27 PM Revision e9d7afeb: Ticket #904. Hmm fix the interface_has_gateway() too.
Ermal LUÇI
06:25 PM Revision f6b30142: Ticket #904. Actually correctly handle the assigned openvpn client as a dynamic gateway rather than breaking the behaviour of the system. Strange nobody has noticed broken gateway behaviour with openvpn assigned!
Ermal LUÇI
06:18 PM Revision c422a169: Actually was coorect before. 3rd parameter is length not index.
Revert "Correct this to make it actually work. This is also mentioned in Ticket #904 though it was already implemente... Ermal LUÇI
05:45 PM Revision 0bb28795: Correct HTTP_REFERER check when using an IP Address vs the Firewalls hostname
Scott Ullrich
05:25 PM Bug #1005 (Feedback): Unable to kill individual states from Diagnostics > States
Applied in changeset commit:"29f76490d8db635646472f9e38f8402f31bb0e33". Jim Pingle
04:57 PM Bug #1005 (Resolved): Unable to kill individual states from Diagnostics > States
Reported here: http://forum.pfsense.org/index.php/topic,29968.0/topicseen.html
You can no longer kill individual s... Jim Pingle
05:25 PM Revision 612fa572: Note that this textbox controls HTTP_REFERER hostname checks as well
Scott Ullrich
05:00 PM Revision 9734b054: Remove trailing carriage return
Scott Ullrich
04:56 PM Revision 4fe9c2dc: * Adding function get_configured_ip_addresses() which returns all interfaces and their configured IP address
* Add checkbox to System -> Advanced -> Admin for HTTP_REFERER checks
* Add and enforce HTTP_REFERER check if checkbo... Scott Ullrich
04:44 PM Bug #996 (Feedback): DHCP address not pulled with spoofed MAC address on WAN
DHCP on spoofed mac address is fixed on latest snapshots.
The restore of mac address needs more work not sure if it ... Ermal Luçi
02:49 PM Revision daab67a1: Fix misc XSS issues from davey b
Scott Ullrich
02:21 PM Bug #990 (Feedback): xss in pfsense I was testing beta 4 pfSense-2.0-BETA4-20100902-0947.iso
Ermal Luçi
02:16 PM Bug #1004 (Feedback): Captive Portal Problem
Try with newer snapshots. Ermal Luçi
09:49 AM Bug #1004: Captive Portal Problem
ok, the captive portal doesn't work!
the cp worked fine before the upgrade , after doesn't work correctly Andrea Cutelle'
09:04 AM Bug #1004: Captive Portal Problem
Why should it!
That is a design choice made lately
 Ermal Luçi
06:29 AM Bug #1004: Captive Portal Problem
just to confirm that i have the same issue with "built on Tue Nov 9 22:11:55 EST 2010"
the problem appear for me app... gerard grazzini
05:05 AM Bug #1004 (Resolved): Captive Portal Problem
hi, after an upgrade to 2.0-BETA4 (i386)
built on Tue Nov 9 11:59:46 EST 2010
FreeBSD 8.1-RELEASE-p1
port 8000 ... Andrea Cutelle'
01:34 PM Revision fe73e93f: check the correct routing table array otherwise we can never change the default route
Seth Mos
10:03 AM Revision f0ce6758: Add option to System: Firmware: Settings for running gitsync after installing an update, hidden/disabled if git has not been installed yet.
Erik Fonnesbeck
07:28 AM Revision 2545af04: Remove csrf-magic include from functions.inc -- it was causing problems with console PHP scripts.
Erik Fonnesbeck
07:18 AM Bug #747: Root schedulers (ie PRIQ) cannot be configured on interfaces that don't report bandwidth
Well if an assumption has to be made, it'd be best assume that the interface speed is to the fastest physical interfa... Mr Horizontal
07:16 AM Feature #753: Add OpenVPN foreign_option support
Essentially this relates to the fact when you have an interface bound to an OpenVPN tun device when the VPN is a clie... Mr Horizontal
07:00 AM Bug #754: hifn driver and AES192 and 256
This is still not fixed as of 10 Nov 2010... Mr Horizontal

11/09/2010

11:37 PM Revision 6f2cc3a6: Correct this to make it actually work. This is also mentioned in Ticket #904 though it was already implemented.
Ermal LUÇI
10:17 PM Revision 7673cdb5: Use a shell script rather than bad hack to execute php code for pppoe periodic reset.
Ermal LUÇI
08:10 PM Revision 12dfe8ca: Fix display of queues on rules and layer7 containers.
Ermal LUÇI
06:07 PM Revision 506f6e90: Ensure csrf magic is loaded
Scott Ullrich
05:35 PM Todo #881: Passive FTP over pfsense
Appears to work for me also. Running 20101108 20:20:58.
I can connect from the LAN to remote FTP servers using PASV... Peter Hinman
04:44 PM pfSense Packages Bug #1003: captive portal not forwarding
..and have tried both workarounds per #868 Dan Emmons
04:39 PM pfSense Packages Bug #1003: captive portal not forwarding
I should add that squid isn't running, and is not configured.
output from netstat looks like its binding tcp8000... Dan Emmons
04:36 PM pfSense Packages Bug #1003 (Rejected): captive portal not forwarding
duplicate of #868 Chris Buechler
03:07 PM pfSense Packages Bug #1003 (Rejected): captive portal not forwarding
Using pfSense-2.0-BETA4-20101109-0201 and pfSense-2.0-BETA4-20101104-0049
Configured captive portal for MAC bypass... Dan Emmons
04:38 PM Revision 034f08e7: Fix Misc XSS issues
Scott Ullrich
04:26 PM Revision fea09886: Revert
Scott Ullrich
04:23 PM Revision 9b2bc1af: Testing csrf-magic
Scott Ullrich
03:28 PM Revision 5626a349: Set session.use_trans_sid to true
Scott Ullrich
02:05 PM Bug #995: New x64 snapshots won't boot
Confirmed. New snapshot just uploaded boots OK in my amd64 VM.
2.0-BETA4 (amd64)
built on Tue Nov 9 17:26:01 UTC 2010 Jim Pingle
12:41 PM Bug #995 (Feedback): New x64 snapshots won't boot
This should be fixed from latest commits. Ermal Luçi
12:14 PM Revision 678dfd0f: Add a setting for the data type of values used with DHCP option numbers and input validation for each type. Fixes #962
Erik Fonnesbeck
11:58 AM Bug #943: 2.0-BETA4 Dynamic DNS updates not working
Will look at doing so, but it may be a day or two. I may just set up a VM with a vanilla NanoBSD installation and te... R B
11:58 AM Revision 12984150: Merge remote branch 'mainline/master' into inc
Conflicts:
etc/inc/pkg-utils.inc
etc/inc/system.inc Renato Botelho
10:02 AM Revision 5d27a3dc: Add a function type to the field types allowed, to allow more field types without directly adding all of them to row helper.
Erik Fonnesbeck
09:09 AM Feature #814: GUI should allow to bind openvpn on different ip same port
The wizard also needs adjusted to accept this scenario (Reported in #1002, but that was closed in favor of using this... Jim Pingle
09:08 AM Bug #1002 (Closed): openvpn wizard refuses to allow same port but different interfaces
Collapsing this into #814 since it's really the same core issue. Jim Pingle
06:44 AM Bug #1002 (Closed): openvpn wizard refuses to allow same port but different interfaces
Create an openvpn server using the wizard, listening on one interface on udp/1194
Try to create another OVPN serve... Jon Gerdes
09:02 AM Bug #859 (Resolved): OpenVPN wizard stopped working
Jim Pingle
06:56 AM Bug #859: OpenVPN wizard stopped working
I've created several OVPN servers via the wizard and can't reproduce the reported bug. Jon Gerdes
09:02 AM Bug #900 (Resolved): OpenVPN Wizard: Server Certificate Wizard
Jim Pingle
06:37 AM Bug #900: OpenVPN Wizard: Server Certificate Wizard
I created a new server cert using wizard. It refused to allow me to continue unless all fields were filled in. I al... Jon Gerdes
09:01 AM Bug #971 (Resolved): OpenVPN wizard - wrong interface names
Jim Pingle
06:22 AM Bug #971: OpenVPN wizard - wrong interface names
I was able to create a new OVPN server and select interfaces using their descriptive names.
Current version: 2.0-B... Jon Gerdes
07:25 AM Bug #962 (Feedback): DHCP custom options must have type selection
Applied in changeset commit:"678dfd0fa8d629bd45edad576c99d03aa8f40d70". Erik Fonnesbeck
02:23 AM Revision 58685470: fix input validation for GRE
Chris Buechler
12:48 AM Bug #636: layer7 not work correctly
under my side i can see the blocked rules in filter logs but torrent working Michel Samovojski

11/08/2010

11:22 PM Bug #1001 (Resolved): Captive portal session reuse invalid when MAC changes
Whenever the CP session timeout is longer than the DHCP lease length, and a different device gets assigned an IP, a n... Chris Buechler
10:42 PM Revision 58db1fc4: Kill dhcplease before writing the hosts file so that it does not scramble the content from kqueue events.
Ermal LUÇI
10:21 PM Revision 6e8b0ec3: Add a button to connect a non-mobile IPsec VPN from Status > IPsec. Sends a ping from a local IP in the p2 subnet (if one exists on the router) to the remote p2 subnet.
Jim Pingle
09:50 PM Bug #1000: lagg not working set to failover.
the not coming back after the panic is another issue entirely that needs another ticket open on it, I have a config f... Chris Buechler
04:22 PM Bug #1000 (Closed): lagg not working set to failover.
I have been testing pfsense2.0 Beta4 11-07-2010 and the lagg interfaces with failover don't seem to be working. I am ... Rick Baranowski
03:53 PM Revision 61ab4cd3: Return disabled interfaces as well
Scott Ullrich
03:52 PM Revision 157b9d46: Return disabled interfaces as well
Scott Ullrich
01:25 PM Bug #943: 2.0-BETA4 Dynamic DNS updates not working
Your log makes me suggest you reinstall from scratch because you might have some corrupted/modified files.
 Ermal Luçi
01:20 PM Bug #958: reply-to for 1:1 from other directly connected subnets not functioning correctly
Can you show some debugging info's?!
Tracing of traffic etc to actually see what the issue is for you? Ermal Luçi
01:19 PM Bug #950: Package installation failures leaves package installed
you tried those packages on 2.0 or 1.2.x? Ermal Luçi
07:27 AM Bug #950 (New): Package installation failures leaves package installed
Jim Pingle
06:03 AM Bug #950: Package installation failures leaves package installed
get the problem with imspector 0.8-9
2.0-BETA4 (i386)
built on Wed Nov 3 02:54:06 EDT 2010
FreeBSD 8.1-RELEASE-... Hugo Sousa
07:26 AM Bug #964 (Resolved): Changing DHCP pool size allows overlap with static leases
Jim Pingle
05:40 AM Bug #964: Changing DHCP pool size allows overlap with static leases
edit : I don't have the lastest build, but a later one than this patch :
* 2.0-BETA4 (i386)
built on Tue Nov 2 14:... Bastien Semene
05:38 AM Bug #964: Changing DHCP pool size allows overlap with static leases
Just tested, the DHCP Server GUI correctly forbidden me to extend the DHCP pool size while overlapping a static entry... Bastien Semene
07:25 AM Bug #902 (Resolved): configuring cron issue
Jim Pingle
12:37 AM Bug #902: configuring cron issue
u can close this, seems resolved Bipin Chandra
06:55 AM Revision 08452bff: Cosmetic issue, add space before 'done', otherwise package XML name and done are combined.
Warren Baker
06:44 AM Revision 4395500c: Recent move (d32d3970d58683d02f89073103eb595eaa8f395f) of routed/ items required additional files to be updated to reflect correct path.
Warren Baker

11/07/2010

09:29 PM Bug #958 (Feedback): reply-to for 1:1 from other directly connected subnets not functioning correctly
Chris Buechler
06:43 PM Bug #995: New x64 snapshots won't boot
Attaching a screencap of a panic+backtrace from booting a dev kernel on amd64 Jim Pingle
12:34 PM Bug #943: 2.0-BETA4 Dynamic DNS updates not working
Tested again with NanoBSD 1GB snapshot dated "Sun Nov 7 06:14:22 EST 2010" and still exhibiting the same behavior. U... R B
01:34 AM Bug #943: 2.0-BETA4 Dynamic DNS updates not working
Ermal -
Yes, I was running the latest snapshot two weeks ago when you asked me to try again, I made sure the snapsho... R B
09:29 AM Bug #966 (Resolved): DHCP static lease inside the pool is not rejected
Thanks for testing!
 Jim Pingle
03:52 AM Bug #966: DHCP static lease inside the pool is not rejected
seem to be okay i get this message if ill try to add ip from my dhcp range
The following input errors were detecte... Michel Samovojski
03:48 AM Bug #950: Package installation failures leaves package installed
get the problem with this packages "ifBWStats Diagnostics 1.0" Michel Samovojski
01:41 AM pfSense Packages Bug #999 (Resolved): vhosts does not show up as started
In pfSense 1.x, checking whether a service was started was done using @ps axwu | grep '\b{$process}\b' | grep -v 'gre... Moshe Katz

11/06/2010

10:26 PM Bug #943: 2.0-BETA4 Dynamic DNS updates not working
working well for me under this snapshot
Full 2.0-BETA4 (i386) built on Sat Oct 30 19:40:13 EDT 2010 FreeBSD 8.1-RE... Michel Samovojski
10:20 PM Revision d32d3970: Add routed/ items to obsoleted files. Force removal of file so that directories can be included in the future
Scott Ullrich
09:02 PM Revision 277d55d7: Ignore /var/etc directory to avoid these kinds of errors: tar: /var/etc/openvpn/client1.sock: tar format cannot archive socket
Scott Ullrich
07:34 PM Revision 818c54ee: Do not use sub array
Scott Ullrich
07:31 PM Revision 43a0ac8a: Make sure ipsec is incuded in valid interfaces
Scott Ullrich
07:24 PM Revision e5fee340: Move Note to bottom of page
Scott Ullrich
07:22 PM Revision 366e2be8: Show interface description
Scott Ullrich
06:40 PM Revision 2c4a13d9: Interface names should appear as uppercase
Scott Ullrich
06:38 PM Revision 9c3cac0c: Interface names should appear as uppercase
Scott Ullrich
06:34 PM Revision 5aaae0e3: Do not escape strings twice
Scott Ullrich
06:26 PM Revision 0f08affe: Misc fixes. Use htmlspecialchars() in more places. Use escaped shell argument.
Scott Ullrich
06:11 PM Revision 66d57db5: Interface names should appear as uppercase
Scott Ullrich
06:10 PM Revision 4cea35b3: Interface names should appear as uppercase
Scott Ullrich
06:08 PM Revision c1f95f5c: Various CRL fixes.
Jim Pingle
06:03 PM Revision e8ad860f: Interface names should appear as uppercase
Scott Ullrich
06:01 PM Revision 94556105: Define variable a bit earlier in case its shared
Scott Ullrich
06:00 PM Revision d815d5fa: Use get_configured_interface_list() so Ermal does not yell at me :)
Scott Ullrich
04:40 PM Revision 98bcf1f8: Fix misc input validation errors. Move routed/* to same dir as pkg items
Scott Ullrich
04:31 PM Revision 6a937188: Ensure passed interface is valid
Scott Ullrich
04:24 PM Revision 8625c24f: Use htmlspecialchars() for santitized output
Scott Ullrich
04:15 PM Revision 50b2f6ab: Ensure that we are working with a proper passed interface..
Scott Ullrich
03:59 PM Bug #998: Installer fails on gmirror device files
Just reinstalled, but i could not find any loadable geom modules, just some .so files in /lib/geom.
It seems that on... Marcus van Dam
03:06 PM Bug #998: Installer fails on gmirror device files
I will probably do a reinstall in a few minutes. So ill try and report back.
But please note that the problem is the... Marcus van Dam
02:34 PM Bug #998: Installer fails on gmirror device files
It still may be worth loading all of the geom* modules to see if that makes the /dev/mirror shortcut appear when it d... Jim Pingle
01:29 PM Bug #998: Installer fails on gmirror device files
I did not load anything extra. I was expecting the livecd to load all the modules as it recognizes the mirror disks.
... Marcus van Dam
12:28 PM Bug #998: Installer fails on gmirror device files
It's been a while since I tried a gmirror install, but is that still necessary if you kldload all of the gmirror/geom... Jim Pingle
12:26 PM Bug #998: Installer fails on gmirror device files
I just found the workaround,
Boot the livecd completely, then symlink /dev/gm0, gm0s1, gm0s1{a..z} to their /dev/mir... Marcus van Dam
11:53 AM Bug #998 (Closed): Installer fails on gmirror device files
When doing an install on a gmirror device (created at or before booting the livecd) it will be looking for the wrong ... Marcus van Dam
02:39 PM Bug #991: multiple XSS issues
Scott Ullrich wrote:
> We prefer to have one ticket open per issue. Even though there where multiple files affected... dave b
12:44 PM Bug #991 (Feedback): multiple XSS issues
Issues fixed in commits 98bcf1f8 6a937188 8625c24f 50b2f6ab
 Scott Ullrich
12:43 PM Bug #991: multiple XSS issues
We prefer to have one ticket open per issue. Even though there where multiple files affected it is still one issue.
... Scott Ullrich
10:12 AM Bug #995: New x64 snapshots won't boot
This is likely due to some recent performance patches added into the tree that behave OK on i386 but apparently not o... Jim Pingle

11/05/2010

08:56 PM Bug #958: reply-to for 1:1 from other directly connected subnets not functioning correctly
I finally had a chance to upgrade, and I'm sorry, but this *still* doesn't work (for me).
Now testing with 2.0-BETA4... Adam Thompson
01:36 PM Bug #958 (Resolved): reply-to for 1:1 from other directly connected subnets not functioning correctly
Jim Pingle
06:33 PM Revision c62d973d: Spelling fix.
Warren Baker
02:12 PM Revision 03976254: If the anti-lockout rule is active, show it in the rules list for the LAN interface (or WAN if the interface count is 1, same rules as in filter.inc for putting the rule in the ruleset)
Jim Pingle
01:35 PM Bug #969 (Resolved): NAT rdr work only on one interface
Jim Pingle
01:34 PM Bug #969: NAT rdr work only on one interface
Confirmed fixed in the latest snapshots. Matt Corallo
07:49 AM Bug #969: NAT rdr work only on one interface
This is fixed with commits on #958 issue and I think it can be closed. ivan primus
10:35 AM Feature #997 (Closed): Add per-user setting for activating menu
In the future it would be nice to have a per-user setting that controls whether or not a given user is shown the rc.i... Jim Pingle
09:35 AM Bug #991: multiple XSS issues
Chris Buechler wrote:
> please don't open a bunch of tickets where there is only one issue.
OH so you think I did... dave b
12:30 AM Bug #991: multiple XSS issues
please don't open a bunch of tickets where there is only one issue. Chris Buechler
12:41 AM Bug #994 (Closed): xss on the pfsense website ...
don't care, but fixed anyway Chris Buechler
12:29 AM Bug #992 (Closed): issue 3 THIS ONLY AFFECTS BETA 4 2.0
merged to #991 Chris Buechler
12:26 AM Bug #993 (Closed): issue 4 THIS AFFECTS STABLE
merged into #991 Chris Buechler

11/04/2010

06:30 PM Revision 428e66b6: Warn a user when entering the OpenVPN client/server screens that they need a CA/Cert if none exist.
Jim Pingle
05:18 PM Revision 9882cbef: Use addslashes() here to prevent unescaped quotes from causing PHP errors. Fixes advanced/custom options in OpenVPN wizard.
Jim Pingle
03:54 PM Bug #996 (Resolved): DHCP address not pulled with spoofed MAC address on WAN
Replaced production router ("old router") with pfSense 2.0BETA4 router ("test router" - 02-Nov-2010 snapshot) on broa... Ron Rosen
03:14 PM Revision f09ce147: Merge remote branch 'upstream/master'
Conflicts:
etc/inc/services.inc Seth Mos
03:11 PM Bug #928: pfSense freezes during boot if DHCP client interface doesn't get a reponse from DHCP server
Similar behavior observed in 02-Nov-2010 (embedded) snapshot. To reproduce:
# Connect LAN. (May not be necessary, bu... Ron Rosen
02:39 PM Revision 3339c56f: Use a different variable name here to avoid colliding with another of the same name.
Jim Pingle
11:00 AM Bug #995 (Resolved): New x64 snapshots won't boot
The 2 latest x64 snapshots won't boot. They give the error "Cannot dump. Device not defined or unavailable" ("Automat... Peter O
09:06 AM Revision 0996a81e: Enlarge the address fields so that ipv6 addresses fit properly
Seth Mos
07:58 AM Bug #994 (Closed): xss on the pfsense website ...
xss on the pfsense website ...
I don't know if anyone cares about this but you can xss www.pfsense.org.
http://www.... dave b
07:52 AM Bug #993 (Closed): issue 4 THIS AFFECTS STABLE
issue 4 THIS AFFECTS STABLE (for more information see the first of these issues).
xss via graph.php:
poc:
1. htt... dave b
07:50 AM Bug #992 (Closed): issue 3 THIS ONLY AFFECTS BETA 4 2.0
issue 3 THIS ONLY AFFECTS BETA 4 2.0 (for more information see the first of these issues).
xss via pkg_edit.php
p... dave b
07:49 AM Bug #991 (Resolved): multiple XSS issues
/pkg_edit.php?xml=olsrd.xml&id=%22/%3E%3Cscript%3Ealert%282%29;%3C/script%3E/status_graph.php?if=%22/%3E%3Cscript%3Ea... dave b
07:47 AM Bug #990 (Resolved): xss in pfsense I was testing beta 4 pfSense-2.0-BETA4-20100902-0947.iso
NOTE:
I haven't against the latest dev, because when I tried to update via today's snapshot it broke and will no lon... dave b
07:40 AM Bug #968 (Resolved): PHP error in user manager
Jim Pingle
04:59 AM Bug #968: PHP error in user manager
Seems to be fixed with that. Peter O
07:11 AM Bug #989 (Resolved): Unable to make a single outbound PPTP connection
2.0-BETA4 (i386)
built on Mon Nov 1 01:27:31 EDT 2010
FreeBSD 8.1-RELEASE-p1
Unable to make an outbound PPTP co... Jamie Heckford
04:56 AM Feature #988: DHCP with manual fix IP
Would come in handy to be able to access IP telephones on a fixed IP while being able to update alle phones connected... Peter O

11/03/2010

09:26 PM Revision 9ad0ab80: Use != here to avoid a potential issue with empty() testing intermediate arrays.
Jim Pingle
09:18 PM Revision 42724fdd: Add a button to the filter reload screen to force a config sync (only shows up if a config sync peer is defined).
Jim Pingle
09:00 PM Revision de651e21: Change the dhcpd startup for isc dhcpd server 4.1
Seth Mos
08:11 PM Revision 36600615: Fix saving of off/disabled PPPoE server instances. Fixes #987
Jim Pingle
08:08 PM Revision 79eea0c1: Activate code to allow ipsec to work normally.
Ermal LUÇI
04:44 PM Feature #988 (Rejected): DHCP with manual fix IP
I can't imagine any instance where it's remotely sane to use a static IP and pull other options via DHCP. Chris Buechler
04:34 PM Feature #988 (Rejected): DHCP with manual fix IP
When an interface is defined as "DHCP" type, it's can be helpful that the machine stay with a fix predefined ip (to b... gerard grazzini
04:22 PM Bug #984: Dashboard : Services Status : Captive Portal show wrong service ...
after last change and some irc discussion, i have upgrade to built from "Wed Nov 3 02:54:06 EDT 2010", and the thinks... gerard grazzini
04:15 PM Bug #987 (Feedback): PPPoE Server instances cannot be disabled
Applied in changeset commit:"366006156f697037e9db546a5be0394986bb0bc1". Jim Pingle
02:59 PM Bug #987 (Resolved): PPPoE Server instances cannot be disabled
When you try to turn off a configured PPPoE server instance, the GUI complains about input errors and does not disabl... Jim Pingle
02:53 PM Revision 4816e5ca: Merge remote branch 'mainline/master' into inc
Conflicts:
etc/inc/auth.inc
etc/inc/config.lib.inc
etc/inc/priv.defs.inc
etc/inc/syst... Renato Botelho
02:33 PM Todo #704 (Resolved): Load cpufreq.ko when powerd is enabled
Closing this as the error given is due to ALIX not really supporting powerd with the default TSC timecounter, which i... Jim Pingle
02:26 PM Revision b039f099: Don't show empty user IPsec keys.
Jim Pingle
01:25 PM Revision 9cb94dd4: Ticket #980. Bring CP widget up to date. Also bind lighty for CP to 127.0.0.1 it should not be accessible otherwise.
Ermal LUÇI
11:50 AM Revision 645ad665: This enabled finding of a carp vip on the ifconfig stack
Seth Mos
10:43 AM Revision 096cd5f5: Do not attempt to start relayd without entries
Seth Mos
10:32 AM Revision 6da3df4e: Enable both ipv4 and ipv6 forwarding before returning
Seth Mos
09:42 AM Revision 5bb1e653: Default to ipv6 routing on
Seth Mos
09:30 AM Revision 3502b5b1: Make it possible to create a inet6 carp address. This works surprisingly
What doesn't work is removing the previous IPv6 address from a interface. This should be hooked into the edit page Seth Mos
08:29 AM Bug #980 (Feedback): Dashboard from Captive Portal don't show connections ...
Ermal Luçi
07:49 AM Revision 105d618d: Merge remote branch 'upstream/master'
Seth Mos
04:44 AM Bug #943: 2.0-BETA4 Dynamic DNS updates not working
Are you sure that you have the latest snapshot?
Can you post a system log here?
Can you post your config here?
 Ermal Luçi

11/02/2010

10:01 PM Revision 4ebde165: Make sure that the filter rules for static routes are correctly generated for ipv4 and ipv6
Seth Mos
09:16 PM Revision 72993196: Protect from strange situations on bootup by testing for is_array(). Do not add anymore the 127.0.0.2 route its not needed anymore. Also during bootup bring up all interfaces so the assignment process can deal with them(Possibly should be done in another code flow!).
Ermal LUÇI
09:00 PM Revision 14f565b4: Allow the entry of ipv6 networks, needs verification to prevent ipv4 gateways for ipv6 networks and vice versa
Seth Mos
08:48 PM Revision 6bc1e79a: Don't use pconfig in a widget, it can cause issues with other widget settings.
Jim Pingle
08:43 PM Revision 7617e245: Verify that we validate against a ipv6 subnet properly. This should help for static route gateways
Seth Mos
08:07 PM Revision 60e76c58: CSS changes, fixes misaligned cursor in some password fields. Fixes item 1 in ticket #830
Jim Pingle
07:14 PM Revision a6607b5f: More VPN log fixes, for consistency. Ticket #912
Jim Pingle
06:29 PM Revision f856e762: Fix typo (standart -> standard)
Jim Pingle
06:20 PM Bug #958 (Feedback): reply-to for 1:1 from other directly connected subnets not functioning correctly
Fix committed test new snapshots.
For reference:
https://rcs.pfsense.org/projects/pfsense-tools/repos/mainline/commit... Ermal Luçi
06:11 PM Revision b2b61308: Switch from buttons to tabs, add a mode to view raw mpd logs for each vpn type, and some general cleanup. Fixes #912
Jim Pingle
05:22 PM Revision fbeaba66: Remove these now-obsolete linkup/linkdown scripts.
Jim Pingle
04:52 PM Revision 874e5f2c: Fix VPN log page to use the updated log format (again). Ticket #912.
Jim Pingle
03:57 PM Revision 2f9d2dc2: Use a unified vpn-linkup script that detects the type based on interface name.
Jim Pingle
03:43 PM Revision e9a95ac8: Switch to a unified vpn-linkup and vpn-linkdown.
Jim Pingle
02:15 PM Bug #912 (Feedback): PPTP/PPPoE/L2TP VPN logs missing
Applied in changeset commit:"b2b6130819e72ebf6e4f174444b59f40e88b7b06". Jim Pingle
01:18 PM Bug #912: PPTP/PPPoE/L2TP VPN logs missing
The logs for login/logout events should be back now in a bit more efficient way. Separate linkup and linkdown scripts... Jim Pingle
02:07 PM Revision 2c7feef7: Fix l2tp interface naming. Fixes #985
Jim Pingle
01:21 PM Revision 27b82e7c: Remove debug flag from rtadvd
Seth Mos
10:10 AM Bug #985 (Feedback): L2TP server is not using renamed interfaces
Applied in changeset commit:"2c7feef77728e36f9aaabcc3b9e3b35b3a6bf693". Jim Pingle
09:53 AM Bug #984 (Resolved): Dashboard : Services Status : Captive Portal show wrong service ...
That is unrelated to this ticket. My settings save fine on an updated VM. Start a forum thread with as much detail as... Jim Pingle
09:50 AM Bug #984: Dashboard : Services Status : Captive Portal show wrong service ...
Hello, i'm not sure that I have to post in these place ...
tanks for the quickly bug fix, the problem describe her... gerard grazzini
09:13 AM Revision d57293a4: Fix services.inc dhcp6 configuration, add route advertising deamon config
Seth Mos
04:04 AM Feature #986 (New): Dynamic states view
It would be nice if "Diagnostics: Show States" could refresh itself periodically and apply any entered filter in orde... Torben Hørup
02:41 AM Bug #981: SSH shell Putty Function Keys
Erik Fonnesbeck wrote:
> This probably won't work for other programs you might run from the SSH session like editors... Martin Hronek

11/01/2010

10:27 PM Bug #981: SSH shell Putty Function Keys
This probably won't work for other programs you might run from the SSH session like editors, etc. This is also speci... Erik Fonnesbeck
05:09 PM Bug #981: SSH shell Putty Function Keys
Did the entry now in ~/.tcshrc Martin Hronek
09:02 PM Revision 14905d9f: Show login/logout events for pptp, pppoe server, and l2tp. Could use some work to simplify. Ticket #912.
Jim Pingle
08:22 PM Revision 917b0a56: Use individual linkdown scripts.
Jim Pingle
08:15 PM Revision 6d1091dc: Add individual linkdown scripts so the service type can be set in the log.
Jim Pingle
08:05 PM Revision d282c96c: Add service type to vpn log
Jim Pingle
06:46 PM Revision a2071365: Sync service status widget code with service status page. Fixes #984
Jim Pingle
06:13 PM Revision 08724afa: Test for arrays first, should fix #968
Jim Pingle
05:20 PM Revision 5fb9e6d3: Various sync fixes to ensure sections are pushed even if empty, otherwise the last entries of these sections cannot be deleted and have that deletion sync to the secondary.
Jim Pingle
05:05 PM Bug #985 (Resolved): L2TP server is not using renamed interfaces
Both the PPTP server and PPPoE server use renamed interfaces (pptpd and poes, respectively) but the L2TP server still... Jim Pingle
04:04 PM pfSense Packages Bug #450: Some packages do not use authentication for their web interface
ok just did another edit
auth.require = ("/phpsysinfo/" => ("method" => "basic", "realm" => ".", "require" => "valid... Martin Hronek
02:50 PM Bug #984 (Feedback): Dashboard : Services Status : Captive Portal show wrong service ...
Applied in changeset commit:"a2071365fbdbc906a61137caae735b642501a228". Jim Pingle
11:44 AM Bug #984 (Resolved): Dashboard : Services Status : Captive Portal show wrong service ...
on the Dashboard page, in the Service Status, the name who appear on the Service column is lighttpd but normally have... gerard grazzini
02:15 PM Bug #968 (Feedback): PHP error in user manager
Applied in changeset commit:"08724afa0a323fe5ec04805befbf36b19a67dbed". Jim Pingle
01:47 PM Bug #968: PHP error in user manager
The logic in that second suggested fix isn't quite right. It would skip all groups if the user didn't have any groups... Jim Pingle
10:13 AM Bug #968: PHP error in user manager
The 2 admin groups problem seems to have been fixed but the PHP error is still there. This should be an easy ticket t... Peter O
12:11 PM Revision 11b8ca39: Merge remote branch 'upstream/master'
Conflicts:
etc/inc/filter.inc Seth Mos
11:33 AM Feature #983 (Resolved): Improve/Enhance IP Alias VIP handling in GUI
IP Alias subnets should probably be included when choosing "(interface) Subnet" shortcuts, and should probably also b... Jim Pingle
07:31 AM Revision a8a98fb4: Do not throw warnings on empty dhcpd arrays
Seth Mos

10/31/2010

10:50 PM Bug #958: reply-to for 1:1 from other directly connected subnets not functioning correctly
This attempted fix has caused issues with reply-to across the board. Chris Buechler
09:36 PM Revision c75a8185: Add function for generating ipv6 subnet mask end, hook into ipv4 subnet mask check as well.
Seth Mos
05:50 PM Feature #982 (Closed): External Storage
In my alix board, I can plug a CF and an Hard drive. As I had troubles booting on my hard drive directly, my plan was... Nicolas Steinmetz
04:23 PM Bug #444: All mounts should be noatime
Tested the suggestion in the second comment on nanobsd 2.0 b4 and I got override questions on /conf, what I did to fo... Basel G.
01:43 PM pfSense Packages Bug #450: Some packages do not use authentication for their web interface
I tried it on my 1.2.3 Installtion.
Added the "mod_auth", in the /var/etc/lighty-webConfigurator.conf and for testin... Martin Hronek
01:16 PM pfSense Packages Bug #450: Some packages do not use authentication for their web interface
http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs:ModAuth
"When loaded together with mod_fastcgi, mod_auth mus... Martin Hronek
08:16 AM Bug #981 (Closed): SSH shell Putty Function Keys
After SSH login with Putty and entering the shell with 8 the pos1 and home keys do not work properly in 1.2.3.
It ... Martin Hronek

10/30/2010

09:24 PM Bug #958: reply-to for 1:1 from other directly connected subnets not functioning correctly
I'm open to workarounds as well as "fixing" the problem - this is suddenly getting a lot more important for us. Adam Thompson
09:23 PM Bug #958: reply-to for 1:1 from other directly connected subnets not functioning correctly
Here's some hard data describing the problem. The host "lisa.muug.mb.ca" is connected nearby via MRNet, but still ne... Adam Thompson

10/29/2010

09:48 PM Bug #958 (New): reply-to for 1:1 from other directly connected subnets not functioning correctly
this reportedly not fixed Chris Buechler
09:47 PM Bug #931 (Resolved): Don't try to backup DHCP leases if DHCP server disabled
Chris Buechler
09:46 PM Bug #684 (Resolved): interface status, disconenct button doesnt work
Chris Buechler
02:35 PM Bug #980 (Resolved): Dashboard from Captive Portal don't show connections ...
Hello,
my configuration : 2.0-BETA4 (i386) - built on Thu Oct 28 22:59:06 EDT 2010
I have install a CAPTIVE PORTA... gerard grazzini
02:08 PM Revision 0e604b3a: Make isvalidpid() know about pidfile the same as the other *pid functions do.(consistency)
Ermal LUÇI
09:55 AM Revision b7ccf315: Make the change here, too.
Erik Fonnesbeck
08:48 AM pfSense Packages Bug #979 (Resolved): Broken LightSquid installation on 2.0 amd64
Binary package from repository contains more recent version while package manager looks for 1.8.0.
Distributed packa... Alexander Kalashnikov
08:22 AM Revision 9d46f40b: Also mention that this allows access to the dashboard.
Erik Fonnesbeck

10/28/2010

06:34 PM Revision e3bbd29a: Replace \r from custom options otherwise it breaks config.
Ermal LUÇI
02:29 PM Revision 7c255188: Fix logging parameters.
Jim Pingle
02:29 PM Revision c815b877: Fix pfctl -b parameters to prevent the killing of unintended states.
Jim Pingle
01:56 PM Revision 9e303f2f: Fix formatting
Jim Pingle
01:56 PM Revision 5e58efd0: Fix this logic.
Jim Pingle
01:37 PM Revision 75337c33: Fix typo in services_dhcp_configure() for dhcp6 naming
Seth Mos
12:50 PM Revision ce76a45c: Add icmp6 rules so that stateless autoconfiguration can be used, this also requires that link local addresses work.
Seth Mos
12:29 PM Revision 2a1bd027: Add the rtadvd deamon to advertise the routing. We still need to make a proper config file if we want it to advertise the Carp IP instead of the interface IP
Also added safety guard for empty dhcp configs Seth Mos
10:59 AM Bug #912: PPTP/PPPoE/L2TP VPN logs missing
I tracked this down a bit more somewhat by accident.
It seems that the GUI log viewer is looking at /var/log/(vpn ... Jim Pingle
10:56 AM Revision 65b1e7d5: Make sure that if either v4 or v6 dhcp servers are enabled that is_dhcp_enabled() will trigger
Seth Mos
10:34 AM Bug #976 (Resolved): DHCP client - option classless-routes does not work, static routes are not set
Ermal Luçi
08:18 AM Bug #976: DHCP client - option classless-routes does not work, static routes are not set
Tested on latest Beta. Works fine, many thanks for the quick fix! Anonymous
08:49 AM Revision 99caa67c: Add the dhcpv6 server service page.
Seth Mos
08:46 AM Revision 693833cb: Update services.inc for configuring isc dhcp server 4.1 with ipv6 subnet support. Much configuration needs validation.
There is no router option support, this needs to be handled by the router advertisement deamon. Perhaps this should b... Seth Mos
05:31 AM Bug #975: CARP / vip interface disappears on slave after interface change
Maybe that snapshot doesn't include the patch, as the date on it is
20:56 on 27th. Latest snapshot is only Oct 27 18... Rob Lister
05:10 AM Bug #975: CARP / vip interface disappears on slave after interface change
Have updated both boxes to snapshot built on Wed Oct 27 18:59:53 EDT 2010 and the problem
still seems to be there.
... Rob Lister

10/27/2010

09:15 PM Bug #959: Config sync removes alias VIPs on the slave
Thanks for the feedback.
I do not know if you should apply any "sorting" on the VIP array on the backup firewall. ... Pierre POMES
10:54 AM Bug #959: Config sync removes alias VIPs on the slave
Here I made the following change and it seems to be working fine:... Thiago Witt
10:06 AM Bug #959: Config sync removes alias VIPs on the slave
Hi Pierre,
I just tested it and the config sync no longer removes the alias vips on the slave, but there's a catch... Thiago Witt
09:13 PM Revision da51f26c: Ooops use meant logic.
Ermal LUÇI
08:56 PM Revision f48b6205: Ticket #975. Properly initialize variables to avoid caching issues. Also check an array exists before trying to foreach to avoid errors.
Ermal LUÇI
08:56 PM Revision a8200dbf: Ticket #975. Rearrange code a little.
Ermal LUÇI
08:55 PM Revision 6bef0554: Do some is_array() testing before renaming fields, otherwise empty variables can be accidentally created.
Jim Pingle
08:30 PM Revision bacd881e: Fixes #976. Bring in the piecies for classless routing from FreeBSD 8.1 script.
Ermal LUÇI
06:32 PM Revision 1da69624: Add the dhcpv6 server menu item and allow for configuration
Seth Mos
05:11 PM Revision 64ce9d72: Do not require LDAP search base DN. Requiring this can prevent some valid LDAP configurations from properly authenticating. (See GDD-550841).
Jim Pingle
04:55 PM Bug #975 (Feedback): CARP / vip interface disappears on slave after interface change
Please try latest snapshot. Ermal Luçi
03:29 PM Bug #975: CARP / vip interface disappears on slave after interface change
I think this is possibly related to Bug #959
Will wait and see if that is corrected first and test again on a newe... Rob Lister
03:17 PM Bug #975 (Resolved): CARP / vip interface disappears on slave after interface change
In my testing 2.0 (build Mon Oct 25 02:28:25 EDT 2010) I think I have found an issue when
multiple CARP virtual int... Rob Lister
04:30 PM Bug #976 (Feedback): DHCP client - option classless-routes does not work, static routes are not set
Applied in changeset commit:"bacd881efcd60aed8ffc44d1c5ebf9872b63fcad". Ermal Luçi
03:26 PM Bug #976 (Resolved): DHCP client - option classless-routes does not work, static routes are not set
The DHCP option classless-routes should be parsed and static routes delivered via this mechanism should be configured... Anonymous
04:02 PM Bug #977 (Resolved): IPSEC in transport mode patch
http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/146190
Might help on L2TP + IPSEC.
Add here to not forget it Ermal Luçi
11:08 AM Bug #961 (Resolved): Config sync doesn't remove the last alias on the slave
Jim Pingle
10:37 AM Bug #961: Config sync doesn't remove the last alias on the slave
Problem solved.
Thank you.
Regards,
Thiago Thiago Witt
11:05 AM Bug #969: NAT rdr work only on one interface
Hello,
I am also seeing this with my 3 WAN setup.
I have a port forwarded on all 3 interfaces for FTP - it only... Pho Bia
07:47 AM Revision 31ace4ea: Add the ipv6 address and subnet onto the existing ifinfo array until the pfsense module supports it
Seth Mos
04:12 AM Bug #974 (Resolved): display corruption of gateways widget on dashboard.
It appears that this snapshot is affected by the issue where apinger can not be shutdown, a manual intervention with ... Seth Mos
04:05 AM Bug #974 (Resolved): display corruption of gateways widget on dashboard.
Eventhough the WAN connection was back online with a new IP address from DHCP it was still displaying "Gathering data... Seth Mos
12:29 AM Revision b019222a: Ticket #959: keep local ipalias and proxyarp vip's during a XMLRPC restore
Pierre POMES

10/26/2010

08:49 PM Bug #959 (Feedback): Config sync removes alias VIPs on the slave
Hi Thiago,
This should be ok now. Can you try again and let me know ?
Regards,
Pierre
 Pierre POMES
04:33 PM Feature #177: IPv6 support
Created a forum topic and added a quick howto to get a /64 routed onto the LAN via a he.net tunnelbroker.
http://for... Seth Mos
01:50 PM Revision 8b6ae027: Check against static configurations which can be staticv4 staticv6 or staticv4v6
Seth Mos
01:44 PM Revision 9b1ff028: Allow for creation of a ipv6 tunnel for he.net by creating a gif interface. This is the recommended procedure as advised by he.net
This allows for using ipv6 local and remote addresses, you will need to add a ipv6 default gateway on the routing tab Seth Mos
01:19 PM Revision e6c563bb: Make the $pgtitle output a link back to the current page for a convenient way of reloading.
Jim Pingle
09:44 AM Revision 22b5abac: Switch over the IPv6 functions from IPv6.inc, these are from the PHP PEAR library
Seth Mos
05:49 AM Bug #969: NAT rdr work only on one interface
I can confirm this issue. I have 2 wan interfaces: WAN and WANTMP
WAN is default gateway. I did nat from WANTMP to l... ivan primus

10/25/2010

08:55 PM Revision dbb0e086: Remove unnecessary (and unclosed) form tag.
Jim Pingle
08:31 PM Revision c26c208f: Do not allow spaces in load balancer name fields, they are invalid in relayd.
Jim Pingle
07:29 PM Revision 5bb6e1f5: If there are no aliases, push an empty aliases array. Fixes #961
Jim Pingle
07:09 PM Revision 5ea2c125: Add a note to the DNS Rebinding protection error letting the user know to try by IP address.
Jim Pingle
06:06 PM Revision 146f0fad: Do not show on the queue/limiters list the disabled entries(optimized and cleaner version).
Ermal LUÇI
05:42 PM Revision 520ad1a4: Do not show on the queue/limiters list the disabled entries.
Ermal LUÇI
05:11 PM Bug #858 (Resolved): Widget settings will not save settings in some cases
Should be fixed by commit:dbb0e0865b4dbe976781646a490c8a05b6005f25
 Jim Pingle
04:00 PM Feature #973 (Resolved): OpenVPN client in GUI cannot connect to a server requiring username/password
The OpenVPN client in the pfSense GUI cannot connect to a server which requires a username/password from the client.
... Jim Pingle
03:36 PM Feature #177: IPv6 support
gen_subnet() needs to become ipv6 aware
trying to delete a ipv6 state from the traffic states results in an error.
... Seth Mos
03:30 PM Bug #961 (Feedback): Config sync doesn't remove the last alias on the slave
Applied in changeset commit:"5bb6e1f54022c796e8c37510b287337c7b234cd1". Jim Pingle
03:21 PM Feature #972: Allow adding gateways outside of interface subnet
As I understood from Remko Lodder there is a large ISP in .de that also employs this with their ipv6 configuration. Odd. Seth Mos
12:33 AM Feature #972 (Resolved): Allow adding gateways outside of interface subnet
Gateways outside of the interface's IP subnet, on Ethernet links, cannot be added under normal circumstances as it's ... Chris Buechler
01:54 PM Revision b2c63fa3: up the subnet bits from 32 to 128 so that the access can be locked down to the host for ipv6.
This will require a javascript routine that prevents a subnet mask higher then 32 bits for a ipv4 address.
Alternati... Seth Mos
12:35 PM Revision db8e9e53: Ticket #943. Call the update procedure directly to not do an unecessary loop.
Ermal LUÇI
12:28 PM Revision 52e5285f: Make this more strict checking.
Ermal LUÇI
11:48 AM Revision 290797ea: Fix the filter.inc rule generation for icmp to prevent a double inet6 in the rule
Add inet6 for user defined rules to ipv6 addresses. Seth Mos
11:19 AM Revision 24b2aa62: Resolves #971. Fix wizard.php to show interface descriptive names. Pointy-hat: gnhb
Ermal LUÇI
10:59 AM Revision 1306c7dd: Change the firewall rule generation to look for the ipprotocol tag which defines inet or inet6. This makes sure that we use ipv6 addresses and change to the correct ipv6-icmp tag.
Seth Mos
08:17 AM Feature #814: GUI should allow to bind openvpn on different ip same port
This can be done now because Ermal converted the management interface over to UNIX sockets, so the port from the GUI ... Jim Pingle
07:15 AM pfSense Packages Bug #844: Open VM Tools Won't install
I've been busy a bit more. With the above commands, the package will install and run but fail at the next boot.
Here... Peter O
05:25 AM Bug #971 (Feedback): OpenVPN wizard - wrong interface names
Applied in changeset commit:"24b2aa62beafe22517dc34421b78001477703db7". Ermal Luçi
05:25 AM Bug #957 (Resolved): Dynamic DNS Fails with a disabled entry.
Ermal Luçi
01:06 AM Revision 6dbd2e74: Add l7 rules synchro. Ticket #951
Pierre POMES
12:33 AM Bug #970 (Rejected): Cannot add my gateway because the gateway IP is not in the same subnet
See feature #972.
Chris Buechler

10/24/2010

11:50 PM Bug #971 (Resolved): OpenVPN wizard - wrong interface names
When using the OpenVPN wizard, when it comes to the "General OpenVPN Server Information" section, the interface names... Adam Thompson
09:17 PM Feature #951 (Feedback): CARP doesn't sync Layer 7 rule groups
Hi Thomas,
Fix commited, can you try again ?
Thanks
Pierre
 Pierre POMES
05:36 PM Bug #970 (Rejected): Cannot add my gateway because the gateway IP is not in the same subnet
System > Routing > I click the Edit icon next to my gateway.
Then, in gateway, I put the (private) IP of my DSL mode... Martin Dupont
04:49 PM Feature #177: IPv6 support
patch checked in to git that should fix apinger for ipv6. It's now showing both my ipv4 wans up as well as the ipv6 g... Seth Mos
04:13 PM Bug #969 (Feedback): NAT rdr work only on one interface
The rules are fine and rules and rdr definitely are working properly. Do a packet capture on WAN, LAN and the interna... Chris Buechler
03:34 PM Revision a268a576: Add a rule so that the bare icmp ipv6 traffic can get out, otherwise the box can not communicate properly on ipv6
Seth Mos
 

Also available in: Atom