Project

General

Profile

Activity

From 11/03/2010 to 12/02/2010

12/02/2010

11:16 PM Revision 864bf774: Restore spoofed MAC after running hostapd to keep behavior consistent with other interfaces. Ticket #841
Erik Fonnesbeck
10:40 PM Revision acb0bce0: Restore the original MAC address before running hostapd to work around a hostapd bug. Ticket #841
Erik Fonnesbeck
09:31 PM Revision 650cb13b: Try to handle when cert subject entries are arrays.
Jim Pingle
08:29 PM Revision 0a0774b5: Allow a . in hostnames. Also, don't allow a space in hostname, it was adding a bunch of trailing spaces to the end of the field. Fixes #1063
Jim Pingle
07:53 PM Revision ca98b042: Merge remote branch 'mainline/master'
Conflicts:
usr/local/www/fbegin.inc Vinicius Coque
07:46 PM Revision 386447ea: BP: Implement gettext() calls on fbegin.inc #multilang
Carlos Eduardo Ramos
07:44 PM Revision 8c06f62f: Fix gettext in priv.defs.inc
Vinicius Coque
07:34 PM Bug #1056: DHCP logs are empty since isc-dhcp-server upgrade

2.0-BETA4 (i386)
built on Thu Dec 2 09:23:11 EST 2010
This is what I got with this version on my test box...
... Chris Palmer
07:08 PM Revision b098343a: Correct binaries needed.
Ermal LUÇI
06:46 PM Revision 94044c40: BP: Implement gettext() calls on fbegin.inc #multilang
Carlos Eduardo Ramos
06:09 PM Revision 8e428017: Do not try to be smart on the package name and also use a better resulting condition testing.
Ermal LUÇI
05:47 PM Bug #841 (Feedback): hostapd doesn't work with spoofed MAC (but should be able to)
The workaround I've committed should be sufficient to handle the hostapd issue until the bug gets fixed (if ever). Erik Fonnesbeck
05:29 PM Bug #841: hostapd doesn't work with spoofed MAC (but should be able to)
When using this patch it causes issues when hostapd is run at startup, preventing clients from associating. When hos... Erik Fonnesbeck
12:39 AM Bug #841: hostapd doesn't work with spoofed MAC (but should be able to)
The test utility I had made before for reading the BSSID was actually crashing in an unrelated section and I must not... Erik Fonnesbeck
05:21 PM Revision 41fafd53: Make use of the new tab menu and use _GET instead of _POST for pkg name passed in URL.
Warren Baker
05:01 PM Revision d589cccf: If a pkg has logging enabled in syslog, then correctly ensure that it does not get logged to one of the other logs but only to its specified log file.
Warren Baker
04:28 PM Bug #943: 2.0-BETA4 Dynamic DNS updates not working
Trust me - I tried.
Yesterday, the server kept giving me "Internal error" whenever I updated this bug ... other bugs... Jeppe Oland
03:56 PM Bug #943: 2.0-BETA4 Dynamic DNS updates not working
Can you show me the new logs please? Ermal Luçi
03:08 AM Bug #943: 2.0-BETA4 Dynamic DNS updates not working
Sorry, but it doesn't seem to be working.
I tested with a clean install of pfSense-2.0-BETA4-20101201-1616.iso fol... Jeppe Oland
04:04 PM Bug #651: Multiple gateways on WAN interface
Please test new snapshots.
This should be fixed from that time. Ermal Luçi
03:53 PM Bug #713 (Resolved): Shaper Wizard: When backlogged, high priority queues get zero bandwidth
Ermal Luçi
01:10 PM Bug #713: Shaper Wizard: When backlogged, high priority queues get zero bandwidth
I can confirm this as resolved. The qACK and QOthersHigh get created without the Link Share M1 or D options set now.... Josh Stompro
03:52 PM Feature #702 (Resolved): Page with status for "Traffic Shaper: Limiter"
Ermal Luçi
01:15 PM Feature #702: Page with status for "Traffic Shaper: Limiter"
I think this is resolved also. Looking at the Dec 2nd snapshot, I see a new option under Diagnostics -> Limiter Info... Josh Stompro
03:50 PM pfSense Packages Bug #1065 (Feedback): error after rules installation
Should be fixed.
Reinstall. Ermal Luçi
03:32 AM pfSense Packages Bug #1065 (Resolved): error after rules installation
when i am tryng to gep the page
/snort/snort_rules.php?id=1
It says "Fatal error: Cannot redeclare csrf_startup()... Dienis Rastegaeff
03:48 PM Bug #875: Uninstalling packages can remove system libraries
Well i did a lot of testing today on this.
The only plausible option is to hardlink /usr/local/lib files that ship w... Ermal Luçi
03:30 PM Bug #1063 (Feedback): Load balancer status doesn't work if the virtual server name contains a '.'
Applied in changeset commit:"0a0774b511c6833a2b87975c21fdb3b10897d6c9". Jim Pingle
03:28 PM Bug #1063: Load balancer status doesn't work if the virtual server name contains a '.'
Actually nevermind, I think I got it. Commit is pending. Jim Pingle
03:15 PM Bug #1063: Load balancer status doesn't work if the virtual server name contains a '.'
How about:... Jim Pingle
09:38 AM Bug #1063: Load balancer status doesn't work if the virtual server name contains a '.'
Bah, attached in a slightly more readable format Gary Richards
09:36 AM Bug #1063: Load balancer status doesn't work if the virtual server name contains a '.'
@
: relayctl show summary
Id Type Name Avlblty Status
1 redirect test ... Gary Richards
09:24 AM Bug #1063: Load balancer status doesn't work if the virtual server name contains a '.'
Can you show the output of:... Jim Pingle
02:56 PM Revision eeb52fea: Syslog.conf would end up with multiple pkg facility names on the same line. So multiple pkgs with logging enabled would end up with the previous pkg prepended to its syslog entry.
Warren Baker
02:14 PM Revision a2ff08f8: Disable redirect gateway checkbox when using shared key (you can't push with shared key). Also re-run the code to hide the local network box if the gw redirect is checked when switching server modes, since there is no need to push a specific local network when pushing the default gateway.
Jim Pingle
01:22 PM Revision b8e2fd16: Use unlink here instead of an exec to rm. Remove escapeshellarg call as it isn't needed now. Fixes #1066
Jim Pingle
11:39 AM Bug #302: Shaper wizard remembers values on error, but are disabled
I see this same error again when using the Dec 2nd nanobsd snapshot.
2.0-Beta4 (i386) built on Thu Dec 2 03:39:46 E... Josh Stompro
11:31 AM Bug #733: Shaper: Unexplained 30% bandwidth max restriction in p2p catch all
I have few more questions about this issue.
Is the user just supposed to know that custom bandwidths = p2p catchal... Josh Stompro
09:12 AM Bug #1030: Interface case change in apinger.conf needs reverted
Well seems ok now.
Chris why do you think this is not fixed? Ermal Luçi
04:49 AM Bug #1030 (New): Interface case change in apinger.conf needs reverted
That revert was correct but not for fixing this. Chris Buechler
04:36 AM Bug #1030: Interface case change in apinger.conf needs reverted
Not sure it works (pfSense-2.0-BETA4-20101201-1616.iso).
I restored my configuration just before midnight, and the R... Jeppe Oland
08:25 AM Bug #1066 (Feedback): Remove old dynamic caches
Applied in changeset commit:"b8e2fd16e45c21e9942da71020682a3b79f05a69". Jim Pingle
05:25 AM Bug #1066: Remove old dynamic caches
should have looked like this :)... Perry Mason
05:14 AM Bug #1066 (Resolved): Remove old dynamic caches
php: /services_dyndns_edit.php: The command '/bin/rm /conf/dyndns_opt2opendns'Fullrate'.cache' returned exit code '1'... Perry Mason
05:29 AM Revision 310a9d7b: Confirm before deleting the interface.
Erik Fonnesbeck
02:23 AM Bug #1060 (Resolved): Firewall Aliases, no tooltip in Rules if apostrophe in detail description
thanks Chris Buechler
02:18 AM Bug #1060: Firewall Aliases, no tooltip in Rules if apostrophe in detail description
Confirmed fixed on latest snapshot, using same aliases from same config as the bug was submitted, and tooltip now sho... David Szpunar
02:14 AM Bug #1049: After reinstalling packages at bootup, WebUI not accessable (NanoBSD)
I was able to get in remotely (through another firewall/VPN) and revert the VM to a (VM) snapshot from Nov. 3rd that ... David Szpunar
01:50 AM Bug #1049: After reinstalling packages at bootup, WebUI not accessable (NanoBSD)
I just upgraded from a snapshot from yesterday to the most recent snapshot, full ISO install on a VM, with Open VM To... David Szpunar

12/01/2010

10:47 PM Feature #1064: VoIP - Dynamic Pinholes for RTP
If you need development assistance along the way and have a budget for it, contact me via email (cmb at pfsense dot o... Chris Buechler
10:44 PM Feature #1064: VoIP - Dynamic Pinholes for RTP
Great, we'll start reviewing code to determine if it should be a package or part of the base system. Once we have a ... Ken Leland
10:39 PM Feature #1064: VoIP - Dynamic Pinholes for RTP
Ah that's the first RTP-only security issue I've noticed, that does indeed make it worthwhile. Re-inviting is apparen... Chris Buechler
10:23 PM Feature #1064: VoIP - Dynamic Pinholes for RTP
As far as RTP changing ports during a call, in asterisk language its called re-inviting, and if it is non-standard, a... Ken Leland
10:13 PM Feature #1064: VoIP - Dynamic Pinholes for RTP
The application we intend to use this for is as follows:
Asterisk Cluster -- pfSense -- Public Internet -- VoIP Ph... Ken Leland
10:00 PM Feature #1064: VoIP - Dynamic Pinholes for RTP
RTP is easy to accommodate without that mess, tons of VoIP providers run as is with no difficulties. It's most common... Chris Buechler
09:40 PM Feature #1064 (Closed): VoIP - Dynamic Pinholes for RTP
The media stream for a SIP call uses dynamically assigned port numbers. These port numbers can change several times d... Ken Leland
09:48 PM Bug #749 (New): Downstream queues should not be assigned to LAN interfaces
The wizard in 1.2.3 creates seriously bad, wrong queues with behavior that cannot be duplicated all over again. Where... Chris Buechler
05:08 PM Bug #749: Downstream queues should not be assigned to LAN interfaces
The wizard is the same as in 1.2.3 it just takes more values for multiple interfaces.
And for me this is not much di... Ermal Luçi
12:28 PM Bug #749: Downstream queues should not be assigned to LAN interfaces
What would be the best design to handle shaping and routing?
I just ran into a duh moment after a site with limite... Josh Stompro
08:30 PM Bug #841: hostapd doesn't work with spoofed MAC (but should be able to)
Tried that hostapd configuration setting and got "bssid item not allowed for the default interface and this driver", ... Erik Fonnesbeck
07:35 PM Revision 1b844e70: Raise this to new limit of 2^16.
Ermal LUÇI
06:55 PM Bug #1000: lagg not working set to failover.
I think its an em(4) problem since it is not reporting that it lost its link state. Ermal Luçi
05:23 PM Revision 435a418f: Do not spam console with useless messages. Also remove killall not needed anymore.
Ermal LUÇI
05:04 PM Revision 6c9e8647: Enable LINK_DOWN event for interfaces. It will help cases similar to http://forum.pfsense.org/index.php/topic,29032.0.html
Ermal LUÇI
04:20 PM Revision 893f4784: If the protocol is not set in the config, it defaults to https, so assume port 443 since the port isn't set either.
Jim Pingle
02:58 PM Revision ddb09227: Use new style filterdns argument passing on cmd and remove hack for killall now that its not needed anymore.
Ermal LUÇI
01:45 PM Bug #682: WAN traffic graph is broken with MLPPP
Same issue exists for me in November 20 snapshot, all the way up to 8 lines. David Burgess
12:24 PM Bug #1063 (Resolved): Load balancer status doesn't work if the virtual server name contains a '.'
Hi,
I've spent a while trying to work out why a test load balancer config I created seemed to be working fine, but... Gary Richards
12:14 PM Bug #1061: Error after upgrade to latest version
I had https, but i hadn't used 443 explicitly.
Nevertheless, pfSense-Full-Update-2.0-BETA4-20101130-0828.tgz was the... Ilias-Dimitrios Vrachnis
12:03 PM Bug #1061 (Feedback): Error after upgrade to latest version
Should be fixed in the next new snapshot. In the meantime if you go to System > Advanced, on the admin tab, and expli... Jim Pingle
11:37 AM Bug #1061: Error after upgrade to latest version
I can confirm this too.
I'm currently downloading an older snapshot to test.
i'll report back if i'm successful
... Ilias-Dimitrios Vrachnis
09:46 AM Bug #1061 (Resolved): Error after upgrade to latest version
/diag_tables.php show nothing in dropdown menu
AND
Filter Reload Status
"There were error(s) loading the rules: /t... Dienis Rastegaeff
11:52 AM Revision b6ab9bd2: Ticket #1060. Escape even the alias entry descritpions.
Ermal LUÇI
11:22 AM Revision 1dbc0c43: Use correct variable name. Also related to Ticket #847.
Ermal LUÇI
10:06 AM Bug #1049: After reinstalling packages at bootup, WebUI not accessable (NanoBSD)
I have avahi, rrd summary and shellcmd installed. But I guess it is not shellcmd because I just installed it yesterda... James Lepthien
09:39 AM Bug #1049: After reinstalling packages at bootup, WebUI not accessable (NanoBSD)
I just updated an ALIX with cron, OpenVPN client export, shellcmd, blinkled, and siproxd installed. It worked fine. I... Jim Pingle
09:29 AM Bug #1049: After reinstalling packages at bootup, WebUI not accessable (NanoBSD)
Just want to let you know that the same problem is here too. ALIX Box with latest pfsense 2.0 snapshot.
This problem... Peter Baumann
09:25 AM Bug #1049: After reinstalling packages at bootup, WebUI not accessable (NanoBSD)
Sure it works without any packages installed. But the ticket is for when you have some packages installed... James Lepthien
09:22 AM Bug #1049: After reinstalling packages at bootup, WebUI not accessable (NanoBSD)
FYI I've upgrade (with no package) and it worked. Perry Mason
07:11 AM Bug #1049: After reinstalling packages at bootup, WebUI not accessable (NanoBSD)
Now tried with snaps from 11/30 and 12/1 and it even got worse. Installed the 12/1 and wanted to connect to the WebUI... James Lepthien
09:55 AM Feature #1062 (Resolved): Add per-rule delete ("X") button to Outbound NAT rules
Firewall rules, port forwards, etc, each have per-entry delete ("X") buttons, but not outbound NAT rules. For consist... Jim Pingle
09:03 AM Bug #1058 (Feedback): filterdns not honoring quit signal
Fixed. Ermal Luçi
05:56 AM Bug #1060 (Feedback): Firewall Aliases, no tooltip in Rules if apostrophe in detail description
Committed. Ermal Luçi
12:05 AM Bug #1060 (Resolved): Firewall Aliases, no tooltip in Rules if apostrophe in detail description
When editing aliases under Firewall->Aliases, if I have an alias of type Host(s) and in the Description field to the ... David Szpunar
05:28 AM Bug #847 (Feedback): Deleting interface leaves remnant in interface groups
Well this is indirectly resolved by the latest commit(referenced to this issue to).
link_interface_to_group() functio... Ermal Luçi
03:02 AM Bug #847 (New): Deleting interface leaves remnant in interface groups
It either:
1) shouldn't allow deleting an interface that's in an interface group
or
2) should automatically remov... Chris Buechler
02:43 AM Bug #847: Deleting interface leaves remnant in interface groups
This bug still exists, I just tested it on the most recent snapshot from this afternoon. I created an interface (opt1... David Szpunar
04:29 AM Revision 7eb2ebbe: Make page more html friendly.
Scott Ullrich
04:25 AM Revision 75e22cbc: Do not output blank pkg names
Scott Ullrich
04:23 AM Revision 5a0ce1fb: Revert "Do not output pgtitle twice. Make page more html friendly."
This reverts commit 38f16bf27c1ce12e22e8783bea62f6c12bece4b0. Scott Ullrich
04:22 AM Revision 38f16bf2: Do not output pgtitle twice. Make page more html friendly.
Scott Ullrich
04:18 AM Revision 92472a59: Do not output blank pkg name
Scott Ullrich
01:38 AM Revision d32698d3: Ensure inetd.conf exists
Scott Ullrich
01:36 AM Revision a1054b46: Make pfTop uniform
Scott Ullrich
01:10 AM Revision 50646b37: Temporarily killall -9 filterdns until the signal issue can be resolved. Will open a ticket
Scott Ullrich
12:52 AM Revision 50c35266: Make sure a port is always set. Remove trailing newline
Scott Ullrich
12:43 AM Revision 522b72c1: Set port
Scott Ullrich
12:35 AM Revision 76ffdf90: Add successful user for sshlockout
Scott Ullrich
12:29 AM Revision 56bff6a3: Make sure host private key permissions aren't too open so sshd won't complain.
Erik Fonnesbeck

11/30/2010

11:59 PM Revision d44798f7: Adding webConfiguratorlockout table and code.
Scott Ullrich
11:55 PM Revision 7a9ed301: Preseve attributes of files during copy.
Ermal LUÇI
11:46 PM Revision 88ecfc58: Reword auth error message to match ssh for the most part
Scott Ullrich
11:44 PM Bug #965 (Resolved): IPSec configuration network selection doesn't match rest of UI
thanks Chris Buechler
11:41 PM Bug #965: IPSec configuration network selection doesn't match rest of UI
Confirmed that I've seen this fix in action when heavily configuring several IPsec VPN (site-to-site and Mobile) conf... David Szpunar
11:41 PM Revision 1ea78906: Revert "Use -ss for syslogd. Suggested-by: Ermal"
This reverts commit c57e0d704ac08afee31e1e79f0b8228f5eb66cb1. Scott Ullrich
11:39 PM Revision c57e0d70: Use -ss for syslogd. Suggested-by: Ermal
Scott Ullrich
11:36 PM Revision e351fc2d: Use -l
Scott Ullrich
11:28 PM Revision be9303ac: Unbreak Status -> System Logs -> DHCP due to chroot and new version of DHCPD.
Scott Ullrich
10:33 PM Revision a4fe5cac: Reformat pfsync/xmlrpc sync settings. Hopefully make it more clear to understand and use.
Jim Pingle
10:18 PM Revision 628d1548: Do a fflush of file before closing and sync(2). Fix whitespace while here.
Ermal LUÇI
10:16 PM Revision 65c5cec3: Make sure we cannot add interfaces by entering the link directly on url address bar. This does the same check as the one for showing the plus button on interfaces_assign.
Ermal LUÇI
10:07 PM Bug #1000: lagg not working set to failover.
Output attached Rick Baranowski
09:48 PM Revision 5ba5a8de: Use pfSense_sync()
Scott Ullrich
08:29 PM Bug #1059 (Closed): ipfw-classifyd is running but qos is not enabled or configured
Oops, there was a layer7 container. Deleted. Scott Ullrich
08:28 PM Bug #1059 (Closed): ipfw-classifyd is running but qos is not enabled or configured
QOS is not enabled/configured. ipfw-classifyd is running:
[2.0-BETA4][root@hostname]/root(106): ps awux | grep 18... Scott Ullrich
08:10 PM Bug #1058 (Resolved): filterdns not honoring quit signal
[2.0-BETA4][root@hostname]/root(85): ps awux | grep filterdns | wc -l
11
Chris was seeing 24 of them. The... Scott Ullrich
07:08 PM Revision 00bc5bcc: Call sync after writing the file and before returning to continue processing.
Scott Ullrich
06:39 PM Bug #1056 (Feedback): DHCP logs are empty since isc-dhcp-server upgrade
This should be solved with latest commits. Ermal Luçi
08:31 AM Bug #1056 (Resolved): DHCP logs are empty since isc-dhcp-server upgrade
Since we upgraded to isc-dhcp41-server a few weeks ago, the DHCP logs tab is empty.
The config directives are stil... Jim Pingle
06:35 PM Revision a6e0e07b: Set page title to Status: Dashboard for consistency
Scott Ullrich
06:15 PM Revision d2b20ab6: Store upgraded monitor IPs in gateway items, not accidentally as bogus interfaces. This was causing some configs to upgrade and then get stuck in a reassignment loop after the next reboot.
Jim Pingle
05:27 PM Revision 78b94214: Mount rw so we can have the packages processing correctly.
Ermal LUÇI
05:17 PM Revision 416e6432: Use fullpath
Ermal LUÇI
04:47 PM Revision b0cf10bf: Ticket #911. Provide an option under system->advanced->misc to disable killing states when a gateway goes down. Possibly on 2.1+ this might be made an option specific for each gateway!
Ermal LUÇI
04:30 PM Revision 7af33a75: Print file name when logging an xml error.
Jim Pingle
04:23 PM Bug #1039: Error on Syncronisation slave - DIOCADDRULE: Device busy
We are not running uPNP.
We have a few filter and nat rules
and we are running the following services:
carp (... Martin Klein
10:58 AM Bug #1039: Error on Syncronisation slave - DIOCADDRULE: Device busy
By any chance you have services like uPNP running? Ermal Luçi
07:05 AM Bug #1039: Error on Syncronisation slave - DIOCADDRULE: Device busy
I am sorry to say but on a Tue Nov 30 02:04:03 EST 2010
Snapshot the problem is not fixed. Martin Klein
04:21 PM Revision 0ac206f9: Ticket #1047. Make the flags the same for each member interface before adding them to lagg(4)/bridge(4)
Ermal LUÇI
03:15 PM Revision 0a1eabbe: Resolves #947. Blacklist interfaces to show as possible lagg members if they are present in a lagg already.
Ermal LUÇI
02:21 PM Revision e2d052b6: Remove extraneous ')'. So much for php -l
Ermal LUÇI
01:42 PM Revision af0b07d3: Make the RRD path if it doesn't yet exist at this point.
Jim Pingle
01:40 PM Revision fb2e53da: Run ecl through php instead of executing directly.
Jim Pingle
11:57 AM Bug #1049: After reinstalling packages at bootup, WebUI not accessable (NanoBSD)
The commit to fix this just happened. It won't be in a new snapshot until one gets built that includes the fix. It ma... Jim Pingle
11:55 AM Bug #1049: After reinstalling packages at bootup, WebUI not accessable (NanoBSD)
Tried updating to latest snap from 11/30 just now. That update broke my box. Boots up says something about an error i... James Lepthien
11:31 AM Bug #1049: After reinstalling packages at bootup, WebUI not accessable (NanoBSD)
Can you please try with the latest version of snapshots. Ermal Luçi
11:30 AM Bug #1052: Certificate validation of the LDAPS servers is not enforced
the selection of CA for LDAPS should be in the auth server settings, then everything else should point appropriately ... Chris Buechler
09:58 AM Bug #1052: Certificate validation of the LDAPS servers is not enforced
Let me clarify:
The situation was that ALL openvpn authentication requests were failing when it wasn't specified (... Florent Daigniere
09:42 AM Bug #1052: Certificate validation of the LDAPS servers is not enforced
You suggested TLS_REQCERT=never while it seems that default setting is 'try' which is the recommended one!?
TLS is h... Ermal Luçi
11:03 AM Feature #1057 (Needs Patch): Limiter mask only supports dest/src ip
Some scenario's benefit from src port differentiation using dynamic pipes. IE. Terminal Server connections from a NAT... Bastian Slikkerveer
10:58 AM Bug #1038 (Resolved): System Tuneables net.inet.carp.log not Working
Ermal Luçi
10:58 AM Bug #1038: System Tuneables net.inet.carp.log not Working
Yeah but that is another issue perse. Ermal Luçi
07:03 AM Bug #1038: System Tuneables net.inet.carp.log not Working
Using Tue Nov 30 02:04:03 EST 2010 Snapsot
net.inet.carp.log stayes at 1, wich fixes
the problem for me. But if i... Martin Klein
10:54 AM Bug #729: if_bridge unpredictable filter interface selection
This possibly is to late for 2.0 since there are if_bridge(4) chagnes involved which might become problematic.
The p... Ermal Luçi
10:51 AM Bug #911 (Feedback): Need option to disable state killing on WAN failure
Ermal Luçi
10:29 AM Bug #621: Certificate Manager won't accept a windows CA signed certificate
Possibly this is related to format of the cer ie DER....
So this must be an argument that must be supplied during im... Ermal Luçi
10:25 AM Bug #1047 (Feedback): Disable TSO, hardware checksum don't work for unassigned but active interfaces
Patch committed. Ermal Luçi
09:20 AM Bug #947: existing lagg members should not be able to be added to lagg
Applied in changeset commit:"0a1eabbe814498d962a3f06f288bab0c39e4b512". Ermal Luçi
09:18 AM Bug #947 (Feedback): existing lagg members should not be able to be added to lagg
Ermal Luçi
08:33 AM Bug #1055: system is broken after upgrade
That's already been fixed by commit:e2d052b - wait for a new snap. Jim Pingle
08:32 AM Bug #1055: system is broken after upgrade
squid says that cannot create child processes, all ip settings are gone and i cannot connetct to it remotely.
er... Dienis Rastegaeff
08:22 AM Bug #1055 (Rejected): system is broken after upgrade
That is way too vague for a problem report.
We need exact error messages, and specifics about what does and does n... Jim Pingle
08:19 AM Bug #1055 (Rejected): system is broken after upgrade
my pfsense shows errors after upgrade to 20101130-0125
after reinstallation from this image (pfSense-2.0-BETA4-20101... Dienis Rastegaeff
08:26 AM Bug #831: Status -> System logs - > DHCP bug
That is a completely different issue that needs a new ticket. Jim Pingle
08:13 AM Bug #831: Status -> System logs - > DHCP bug
i guess this needs to be opened again as currently the dhcp log doesn't show anything after the upgrade Bipin Chandra
07:46 AM pfSense Packages Bug #1046 (Resolved): pfSense 2.0 beta 4 - Amd64: Discrepancy between package files repository and http://www.pfsense.com/packages/pkg_config.8.xml.amd64
It was just added overnight. It will be picked up the next time the binaries are built. I'm closing this one out for ... Jim Pingle
04:16 AM pfSense Packages Bug #1046: pfSense 2.0 beta 4 - Amd64: Discrepancy between package files repository and http://www.pfsense.com/packages/pkg_config.8.xml.amd64
Ehm, errata corrige.
It appears that the newly (quite newly) added Postfix Forwarder Package is missing. Fulvio Scapin
04:12 AM pfSense Packages Bug #1046: pfSense 2.0 beta 4 - Amd64: Discrepancy between package files repository and http://www.pfsense.com/packages/pkg_config.8.xml.amd64
Verified the change. Thanks
@Francisco Brasileiro:
Thanks for the formatting ;)
 Fulvio Scapin

11/29/2010

11:49 PM Revision 5f36c658: Rework this loader.conf changing code a bit. Might help with ticket #560
Jim Pingle
11:38 PM Revision 16926fdc: Use grep -c instead of wc and awk. Also use full paths.
Jim Pingle
11:31 PM Revision ac617a8f: Eliminate a cat-to-grep
Jim Pingle
10:39 PM Revision 9ae11a62: Revert "Add Active Directory group membership checking Ticket #1009"
This reverts commit ef17372492fb3d271497160a816eba64b3bcf436. Scott Ullrich
10:36 PM Revision ef173724: Add Active Directory group membership checking Ticket #1009
Scott Ullrich
10:10 PM Bug #947 (New): existing lagg members should not be able to be added to lagg
Chris Buechler
11:56 AM Bug #947: existing lagg members should not be able to be added to lagg
Also interfaces available after added to a lagg interface. for example:
I created lagg interface with em2 and em3 in... Serdar Cihaner
09:48 PM Revision 84c07e65: Include guiconfig.inc for auth
Scott Ullrich
09:41 PM Bug #1042: CARP VIP Descriptions incorrect on IPsec/OpenVPN
It's not broken as is, let's not break it. Taking the VIPxx and getting the description is easy enough. Chris Buechler
09:23 PM Bug #1042: CARP VIP Descriptions incorrect on IPsec/OpenVPN
Yes, I agree.
And it would be probably better to store the ip rather than the inferface in config.xml. At least fo... Pierre POMES
09:06 PM Bug #1042: CARP VIP Descriptions incorrect on IPsec/OpenVPN
That may explain the difference in why it was coded that way but it's still not optimal for the user. I'd really pref... Jim Pingle
08:57 PM Bug #1042: CARP VIP Descriptions incorrect on IPsec/OpenVPN
Jim P wrote:
> CARP VIPs in the list for use by IPsec and OpenVPN are shown with the interface name (e.g. VIP22) inst... Pierre POMES
08:36 PM Revision cb3b4ebc: Revert 2c4a13d91b72400c07b965b0a522be8dde2d1110 Interface names should appear as uppercase
Scott Ullrich
08:35 PM Revision 82bf9411: Revert 9c3cac0cb553e1610948e78dd119c1b0fcb04224 Interface names should appear as uppercase
Scott Ullrich
08:34 PM Revision e3feac4e: Revert "Interface names should appear as uppercase"
This reverts commit 66d57db5e44650658d95345683cf4afae6680b68. Scott Ullrich
08:34 PM Revision 96302ebd: Revert "Interface names should appear as uppercase"
This reverts commit 4cea35b344c8b4444f7a5a7a244bac528b483cbc. Scott Ullrich
08:34 PM Revision a6d9251e: Revert "Interface names should appear as uppercase"
This reverts commit e8ad860fb4d19d137e9cb490c498327db8fba719. Scott Ullrich
08:27 PM Revision fdf4e791: Set net.inet.carp.log=1. Ticket #1038
Scott Ullrich
08:18 PM Revision 74efe8bc: Deactivate cpu graph. Will bring back in 2.1
Scott Ullrich
08:07 PM Revision 7ff41586: Disable firewall rule drag and drop. Will bring this feature back in 2.1
Scott Ullrich
06:29 PM Feature #1010: Privilege setting for allowing login access through captive portal
An alternate patch that does not automatically create a captive portal group when enabling captive portal, leaving it... Erik Fonnesbeck
06:14 PM Feature #1010: Privilege setting for allowing login access through captive portal
Pushing this off to 2.1. Scott Ullrich
03:26 PM Feature #1010: Privilege setting for allowing login access through captive portal
Code was completed and thoroughly tested some time ago. Just need to know whether this should be pushed or left to a... Erik Fonnesbeck
06:28 PM Bug #560 (New): loader.conf is empty after a firmware update.
I just tested it again, it's still getting wiped out somehow during the update process. Jim Pingle
06:09 PM Bug #560 (Feedback): loader.conf is empty after a firmware update.
Scott Ullrich
05:53 PM Bug #560: loader.conf is empty after a firmware update.
I just downloaded http://snapshots.pfsense.org/FreeBSD_RELENG_8_1/i386/pfSense_HEAD/updates/pfSense-Full-Update-2.0-B... Scott Ullrich
06:23 PM pfSense Packages Bug #1046: pfSense 2.0 beta 4 - Amd64: Discrepancy between package files repository and http://www.pfsense.com/packages/pkg_config.8.xml.amd64
corrected: ... Francisco Brasileiro
05:54 PM pfSense Packages Bug #1046: pfSense 2.0 beta 4 - Amd64: Discrepancy between package files repository and http://www.pfsense.com/packages/pkg_config.8.xml.amd64
All files are present now (verified with a modified version of that one-liner, I couldn't get that to work). Jim Pingle
05:11 PM pfSense Packages Bug #1046: pfSense 2.0 beta 4 - Amd64: Discrepancy between package files repository and http://www.pfsense.com/packages/pkg_config.8.xml.amd64
All of the entries that were not found should be fixed now, or will be once the last build finishes (for mod_security). Jim Pingle
12:41 PM pfSense Packages Bug #1046: pfSense 2.0 beta 4 - Amd64: Discrepancy between package files repository and http://www.pfsense.com/packages/pkg_config.8.xml.amd64
OK, I'll have a look at these. Jim Pingle
11:21 AM pfSense Packages Bug #1046: pfSense 2.0 beta 4 - Amd64: Discrepancy between package files repository and http://www.pfsense.com/packages/pkg_config.8.xml.amd64
Opss.
I forgot to quote the excerpt from the xml file.
Sorry Fulvio Scapin
11:20 AM pfSense Packages Bug #1046: pfSense 2.0 beta 4 - Amd64: Discrepancy between package files repository and http://www.pfsense.com/packages/pkg_config.8.xml.amd64
Jim P wrote:
> Do you have a link to something that mentions specific packages that show issues like this? There are... Fulvio Scapin
06:11 PM Bug #754: hifn driver and AES192 and 256
We need to follow up on the PR above, a customer needs this.
Chris Buechler
05:56 PM Bug #754: hifn driver and AES192 and 256
Still not fixed in FreeBSD. Delaying ticket to 2.1. Scott Ullrich
06:09 PM Bug #1000: lagg not working set to failover.
Rick,
Please show a ifconfig -a output and arp -a output Scott Ullrich
05:46 PM Bug #1051 (Feedback): radius support in racoon
Even though we had explicitly set the option to use radius, it still was not compiled in. So I changed the Makefile t... Jim Pingle
05:00 AM Bug #1051 (Resolved): radius support in racoon
there is no radius support compiled in racoon daemon Ravine Pick
05:44 PM Todo #765: Patch: Add custom DHCP configuration
I just emailed Jonathan to check this ticket.
 Scott Ullrich
05:43 PM Todo #765 (Feedback): Patch: Add custom DHCP configuration
Scott Ullrich
03:20 PM Todo #765: Patch: Add custom DHCP configuration
Bump. Please check to see if this is resolved. We would like to go to RC1 soon and this is lingering. Scott Ullrich
05:39 PM Feature #1009 (New): Active Directory group membership checking
We need a patch of changes here. auth.inc has diverged too much at this point. And even then Ermal does not agree w... Scott Ullrich
05:35 PM Feature #1009 (Feedback): Active Directory group membership checking
Scott Ullrich
05:15 PM Feature #1009: Active Directory group membership checking
i have been using this patch.
have not seen any issues so far.
 vito B
05:36 PM Bug #830: Service provider information should be saved
I just spent some considerable time on #2 and had no luck. Both Ermal and myself agree that this is not doable witho... Scott Ullrich
03:36 PM Bug #1030 (Feedback): Interface case change in apinger.conf needs reverted
Reverted offending commits. Please test.
 Scott Ullrich
03:26 PM Bug #1038 (Feedback): System Tuneables net.inet.carp.log not Working
Scott Ullrich
03:22 PM Bug #875: Uninstalling packages can remove system libraries
This ticket will require us moving to a PBI style package system where the libraries are self contained in the progra... Scott Ullrich
03:17 PM Bug #345: CPU graph widget reports wrong usage with SMP
widget deactivated in 2.0. Will bring back in 2.1. Scott Ullrich
03:14 PM Bug #437: Y2K38 bug in user manager expiration
Lets address in 2.1. Scott Ullrich
03:10 PM Bug #878 (New): Drag and Drop firewall rules causes corruption
I have disabled this feature. We will bring back in 2.1. Scott Ullrich
02:54 PM Revision 5b2f628e: Add exit; so the redirection actually works.
Ermal LUÇI
01:50 PM Revision 1bab0df1: Add suggested fix from ticket #1037
Jim Pingle
01:32 PM Bug #841: hostapd doesn't work with spoofed MAC (but should be able to)
Keep in mind that hostapd was designed as a tool to use for every aspect of configuring the wireless interface on Lin... Erik Fonnesbeck
10:20 AM Bug #841: hostapd doesn't work with spoofed MAC (but should be able to)
Well by just reading the supplied config file it states... Ermal Luçi
12:45 PM Bug #975 (Resolved): CARP / vip interface disappears on slave after interface change
Chris Buechler
10:42 AM Bug #975: CARP / vip interface disappears on slave after interface change

Yes, I had been unable to update because of problems with the amd64 build and met with disaster that
meant had to... Rob Lister
12:40 PM Bug #1037 (Resolved): Openvpn broken when used with LDAPS backend
Chris Buechler
11:10 AM Bug #1037: Openvpn broken when used with LDAPS backend
It's confirmed-working with 1bab0df1b7fd06ecb2818f69187214a70de238b9
The other bug I was referring to:
bug #1052:... Florent Daigniere
05:21 AM Bug #1037: Openvpn broken when used with LDAPS backend

Nope. Still broken.
You are missing a semi-column in befad72821f522bf2c23a883f72ade8af48b8533.
-$sed .= " \$m... Florent Daigniere
11:53 AM Revision c45d1cfe: Remove old reference to function. Reported-by: http://forum.pfsense.org/index.php/topic,30508.0.html
Ermal LUÇI
10:39 AM Bug #1040 (Resolved): link doesn't work "add a new one."
Jim Pingle
10:34 AM Bug #1040: link doesn't work "add a new one."
Works ticket can be closed Perry Mason
10:21 AM Bug #831: Status -> System logs - > DHCP bug
Hard to say right now since the upgrade to a new version of the DHCP daemon has caused an issue with logging.
It m... Jim Pingle
10:04 AM Bug #831: Status -> System logs - > DHCP bug
What happens when you just clear the file instead of removing and re-creating the file? I've seen more programs havin... Peter O
09:42 AM Bug #1039 (Feedback): Error on Syncronisation slave - DIOCADDRULE: Device busy
Possible fix committed. Ermal Luçi
07:27 AM Bug #1053 (Closed): CBQ per se, in kernel
plz refer to this forum thread
http://forum.pfsense.org/index.php/topic,29018.0.html Bipin Chandra
05:27 AM Bug #1052: Certificate validation of the LDAPS servers is not enforced
One of the places where it should be fixed is openvpn's configuration with LDAPS (see bug #1037) Florent Daigniere
05:26 AM Bug #1052 (Resolved): Certificate validation of the LDAPS servers is not enforced
Hi,
Looking around in the source code, it seems that the certificate validation for LDAPS servers is not enforced.... Florent Daigniere
02:19 AM Revision f3c91cb5: Reintroduce this optimization, but use the correct return value this time.
Erik Fonnesbeck
01:27 AM Revision d04e8082: Unbreak sysctl handling.
Scott Ullrich
12:55 AM Revision 84cf0b3e: Use exec()
Scott Ullrich
12:04 AM Revision 690d24af: Add pfSsh.php externalconfiglocator playback script
Scott Ullrich

11/28/2010

11:10 PM Revision 8850a528: Nuke newline
Scott Ullrich
11:05 PM Revision c58b5f44: Skip slices on bootup device
Scott Ullrich
10:34 PM Revision 70bea648: Cleanup
Scott Ullrich
10:30 PM Revision b3405363: Use product name
Scott Ullrich
10:17 PM Revision 651a6867: Use head binary and eliminate a pipe to avoid broken pipe warning
Scott Ullrich
09:59 PM Revision 6edc4c0c: Fix misc errors. File now restores and throws an alert when completed.
Scott Ullrich
09:23 PM Revision a620ea36: Add php header
Scott Ullrich
07:26 PM Revision 58ba038a: Handle slices
Scott Ullrich
07:13 PM Revision 46dd9586: Only check / and /config for config.xml. Otherwise you might step on a nanobsd installation.
Scott Ullrich
07:03 PM Revision 206f684d: Adding external configuration loader which will look on all found disks except bootup disk for config.xml. If tconfig.xml is found on an external disk then it tests the roobobj to ensure its a valid file then calls test_config() to ensure it is a valid xml file. Once the file is validated a backup_config() is called to backup the current configuration and finally the file is installed using restore_backup()
Scott Ullrich
06:44 PM Bug #841: hostapd doesn't work with spoofed MAC (but should be able to)
One way to test this: you can start hostapd with ether matching bssid and once started you can change ether to anythi... Erik Fonnesbeck
06:28 PM Bug #841: hostapd doesn't work with spoofed MAC (but should be able to)
Each wireless clone has two different types of MAC addresses - in ifconfig, one is labeled ether and one is labeled b... Erik Fonnesbeck
05:31 PM Bug #841 (New): hostapd doesn't work with spoofed MAC (but should be able to)
Chris Buechler
05:28 PM Bug #841: hostapd doesn't work with spoofed MAC (but should be able to)
Can you state an example of this?
If i get you right and this is the same as form vlan interfaces than its by desi... Ermal Luçi
06:44 PM Bug #1013: Captive Portal Reauthentication broken
Please change status to new.
Bug1050:
As described in Bug#1013 the reauthentication feature is broken! I install... L J
05:48 PM Bug #1013 (Feedback): Captive Portal Reauthentication broken
Chris Buechler
05:48 PM Bug #1050 (Rejected): Captive Portal Reauthentication broken
duplicate of #1013 Chris Buechler
05:43 PM Bug #1050 (Rejected): Captive Portal Reauthentication broken
As described in Bug#1013 the reauthentication feature is broken! I installed a 1.2.3 stable machine and configured th... L J
01:31 PM Bug #1049 (Resolved): After reinstalling packages at bootup, WebUI not accessable (NanoBSD)
After a firmware update and the first reboot of pfSense installed packages get reinstalled. Sometimes all packages ge... James Lepthien

11/27/2010

10:19 PM Feature #1032: Add all interfaces to Packet Capture drop-down
Yeah I think vip* (CARP) and lo0 would be the only two things to exclude, otherwise everything ifconfig returns. I ca... Chris Buechler
07:35 PM Bug #1048 (Rejected): Wireless clone can't be assigned to new interface (NanoBSD)
at least one Atheros chipset I have will panic like that with VAP. Driver problem, nothing we can do about it, needs ... Chris Buechler
06:57 PM Bug #1048 (Rejected): Wireless clone can't be assigned to new interface (NanoBSD)
Configuring a wireless clone works, but after you try to assign that clone to say interface OPT2 pfSense automaticall... James Lepthien
03:34 PM Bug #485 (Resolved): fake start with status_services.php and installed packages
Chris Buechler
03:33 PM Bug #975: CARP / vip interface disappears on slave after interface change
Rob, is this fixed on the latest snapshot? Chris Buechler
03:32 PM Bug #996 (Resolved): DHCP address not pulled with spoofed MAC address on WAN
Chris Buechler
03:32 PM Bug #1047 (Resolved): Disable TSO, hardware checksum don't work for unassigned but active interfaces
Interfaces that are unassigned but active (ex: part of a lagg, possibly VLAN parent-only) don't have TSO, hardware ch... Chris Buechler
03:30 PM Todo #703 (Resolved): Checkboxes to disable TSO and LRO
Chris Buechler
03:29 PM Feature #13 (Resolved): wireless page to have option to select transmit and receive antennas
Chris Buechler
03:27 PM Bug #754 (New): hifn driver and AES192 and 256
need to determine if there is a reason this patch in kern/120270 hasn't been committed. Chris Buechler
03:19 PM Bug #777 (Resolved): Edit File wipes out file on save
Chris Buechler
03:15 PM Bug #841: hostapd doesn't work with spoofed MAC (but should be able to)
This is not something that was ever resolved. Either hostapd should be fixed or a workaround should be put in place ... Erik Fonnesbeck
03:08 PM Bug #841 (Resolved): hostapd doesn't work with spoofed MAC (but should be able to)
Chris Buechler
03:15 PM Bug #990 (Resolved): xss in pfsense I was testing beta 4 pfSense-2.0-BETA4-20100902-0947.iso
Chris Buechler
03:15 PM Bug #826 (Resolved): Status > OpenVPN hangs when using TCP w/OpenVPN Int. "any"
Chris Buechler
03:14 PM Bug #302 (Resolved): Shaper wizard remembers values on error, but are disabled
Chris Buechler
03:13 PM Feature #887 (Resolved): Add an option for stricter OpenVPN ssl/tls+user auth checking
Chris Buechler
03:12 PM Feature #762 (Resolved): Display ICMP type on firewall rule list
Chris Buechler
03:11 PM Bug #831 (Resolved): Status -> System logs - > DHCP bug
Chris Buechler
03:10 PM Bug #320 (Resolved): Using special characters (e.g. åäö) in certificate "Descriptive name" breaks entire WebGUI
Chris Buechler
03:07 PM Bug #991 (Resolved): multiple XSS issues
Chris Buechler
03:06 PM Bug #845 (Resolved): Need patch for PR usb/140883
Chris Buechler
02:47 PM Revision 0ba17c67: Ooops add missing or.
Ermal LUÇI
09:51 AM Bug #1037: Openvpn broken when used with LDAPS backend
Try the latest snapshot and see if i got this right this time. Ermal Luçi

11/26/2010

11:06 PM Revision b9bc333b: Increase suhosin maximum memory to avoid this error: ALERT - script tried to increase memory_limit to 268435456 bytes which is above the allowed value (attacker 'REMOTE_ADDR not set', file '/etc/inc/config.inc', line 59)
Scott Ullrich
10:57 PM Revision 990d7c03: Check for pfsense root object name in config.xml as a fallback if the configured name is not found.
Erik Fonnesbeck
09:54 PM Revision befad728: Ticket #1037. Move environment manipulation to the authentication script since escaping slashes is not so easz on dynamic built paths.
Ermal LUÇI
09:35 PM Revision bad29897: No need to go through the array when the key can be tested directly.
Ermal LUÇI
09:26 PM Revision adc96206: Remove temporary hack which spams console during boot.
Ermal LUÇI
08:54 PM Revision 9a7f6731: Use php_uname where possible.
Ermal LUÇI
08:03 PM Revision 7a755156: Do not exec but use php_uname
Ermal LUÇI
12:20 PM Revision cfa62e06: include broadcast address to allow dhcp to work.
Ermal LUÇI
11:02 AM pfSense Packages Bug #1046 (Feedback): pfSense 2.0 beta 4 - Amd64: Discrepancy between package files repository and http://www.pfsense.com/packages/pkg_config.8.xml.amd64
Do you have a link to something that mentions specific packages that show issues like this? There are quite a large n... Jim Pingle
05:41 AM pfSense Packages Bug #1046 (Resolved): pfSense 2.0 beta 4 - Amd64: Discrepancy between package files repository and http://www.pfsense.com/packages/pkg_config.8.xml.amd64
As reported recently, several packages have been updated (removing the old ones) at http://files.pfsense.org/packages... Fulvio Scapin

11/25/2010

03:03 PM Bug #1037: Openvpn broken when used with LDAPS backend
There seems to be an escaping problem, with your patch server1.php contains
sed: 2: "s/\/\/<template>/$authm ...":... Florent Daigniere
06:02 AM Bug #1037 (Feedback): Openvpn broken when used with LDAPS backend
Committed your suggestions to repo.
Thank you.
 Ermal Luçi
12:31 PM Revision 979c816c: Do not guess the defaultgw this is static info.
Ermal LUÇI
12:29 PM Revision a980df9c: Resolves #1040. Fix dynamic addition of gateways from routes edit screen.
Ermal LUÇI
11:57 AM Revision e1b17c7a: Ticket #1037. Add suggestion in the ticket for using the CA supplied to openvpn for authenticating to SSL LDAP.
Ermal LUÇI
11:11 AM Revision 02d7e4a4: Resolves #1043. Do not allow limiters in floating rules without direction. It is invalid practice and while the backend skips it the user should be warned.
Ermal LUÇI
06:35 AM Bug #1040 (Feedback): link doesn't work "add a new one."
Applied in changeset commit:"a980df9c1b8e839880295d37f6fba990cb98a30c". Ermal Luçi
06:05 AM Bug #1044 (Closed): Authentication servers in LDAP and TLS mode needs ca certificate
A described in Ticket #1037 for TLS mode the ca certificate should be specified before attempting a connect.
There... Ermal Luçi
05:20 AM Bug #1043 (Feedback): Inadequate input validation on limiters with floating rules
Applied in changeset commit:"02d7e4a43b6c6e1f8345c7561394305185905b33". Ermal Luçi
01:28 AM Bug #1043 (Resolved): Inadequate input validation on limiters with floating rules
With floating rules, it's possible to create an invalid ruleset by specifying a limiter on a rule without a direction... Chris Buechler

11/24/2010

06:08 PM Revision fedab998: Nuke trailing c/r
Scott Ullrich
06:04 PM Revision 6bd471ee: Nuke trailing c/r
Scott Ullrich
06:03 PM Revision 31c3942c: Set memory to 256M on amd64
Scott Ullrich
04:06 PM Bug #1023 (Resolved): Carp Status Incorrect
Chris Buechler
06:56 AM Bug #1023: Carp Status Incorrect
Tried the snapshot from today and
everything seems Fixed.
Thank You Martin Klein
03:41 PM Bug #1042 (Resolved): CARP VIP Descriptions incorrect on IPsec/OpenVPN
CARP VIPs in the list for use by IPsec and OpenVPN are shown with the interface name (e.g. VIP22) instead of the CARP... Jim Pingle
03:29 PM Bug #1041 (Resolved): IP Alias VIPs are not available for use by IPsec
IP aliases are not in the drop-down list for use in IPsec, but CARP VIPs are. Both should be usable for IPsec.
(An... Jim Pingle
03:29 PM Bug #1040: link doesn't work "add a new one."
thought I'd already opened a ticket for this but apparently not. That's been broken for at least 2-3 months, not sure... Chris Buechler
02:37 PM Bug #1040 (Resolved): link doesn't work "add a new one."
In system_routes_edit.php Choose which gateway this route applies to or add a new one.
Maybe just remove it. I can... Perry Mason
12:56 PM Bug #1039 (Resolved): Error on Syncronisation slave - DIOCADDRULE: Device busy
On 10 - 30 % of config synchronisations to a slave machine we
get a notification from the slave:
There were erro... Martin Klein
12:32 PM Bug #1038 (Resolved): System Tuneables net.inet.carp.log not Working
We are running a carp failover bundle in the same network with a
vrrp router pair and therefore we get a lot of unn... Martin Klein
11:49 AM Bug #1037 (Resolved): Openvpn broken when used with LDAPS backend
The connection to LDAP fails if SSL is used
To get it to work, I had to add the following to /var/etc/openvpn/serv... Florent Daigniere
10:42 AM Revision e46616a7: Fix text for the P1 table header.
Erik Fonnesbeck
03:30 AM Feature #702 (Feedback): Page with status for "Traffic Shaper: Limiter"
There is one on new snapshots under diagnostics Ermal Luçi
12:55 AM Bug #943: 2.0-BETA4 Dynamic DNS updates not working
> Can you try with a new snapshot i committed fix to retry resolving 3 times before bailing.
Will do ... but with ... Jeppe Oland

11/23/2010

11:54 PM Revision 7fd51c68: Add st and si options
Scott Ullrich
10:54 PM Revision 79992f17: Rename to pfInfo for consistency
Scott Ullrich
10:48 PM Revision 9242ba15: Adding Diagnostics: Limiter
Scott Ullrich
10:41 PM Revision b3584478: Increase setTimeout
Scott Ullrich
10:37 PM Revision 438d04f6: Adding Diagnostics: pf Info which shows the output of pfctl -vvi and pfctl -vvI via AJAX
Scott Ullrich
10:01 PM Revision 004b1e69: Cleanup code and fix dynamic firewall log reverse view, fixes #1031
Jim Pingle
06:54 PM Revision d9114ce0: Ensure returned item is an array.
Scott Ullrich
06:52 PM Revision 19f101d7: Return CARP IP Addresses in get_configured_ip_addresses()
Scott Ullrich
05:05 PM Bug #1031 (Feedback): Firewall Log - Dynamic Update update only first row
Applied in changeset commit:"004b1e6998c7e36fa3a4ba64c910b626946decfa". Jim Pingle
12:47 PM Bug #1031: Firewall Log - Dynamic Update update only first row
Yes i do, reverse order is enabled. Francisco Brasileiro
04:58 PM Revision bafe2769: Remove this since it does not make anymore sense after code arrangements.
Ermal LUÇI
04:57 PM Revision a0b205f0: Do not output done. because it does not related overall to the output messages.
Ermal LUÇI
12:58 PM Revision 2bfade90: Initialize variable. Ticket #1023.
Ermal LUÇI
12:57 PM Revision 4ed5ad5a: Ticket #1023. Correct carp status even on the status page.
Ermal LUÇI
12:47 PM Revision 108cfddf: Ticket #1023. Correct the widget code bringing it full speed with latest carp code.
Ermal LUÇI
11:33 AM Revision 83ae8103: Try 3 times to resolve the host to ip before giving up. Leave a proper log if we fail to resolve. Ticket #943.
Ermal LUÇI
11:32 AM Revision 51d0f816: Use full path to command binaries.
Ermal LUÇI
11:27 AM pfSense Packages Bug #1033 (Resolved): Please start bandwidthd to populate this directory
Chris Buechler
11:21 AM pfSense Packages Bug #1033: Please start bandwidthd to populate this directory
Bandwidthd is runing when I reloading firefox. Thank you for your help from my bottom heart.
 samuel tang
09:52 AM pfSense Packages Bug #1033: Please start bandwidthd to populate this directory
I uninstalled and reinstalled, then started bandwidthd again, and it collected data properly. Are you checking "draw ... Jim Pingle
09:42 AM pfSense Packages Bug #1033: Please start bandwidthd to populate this directory
my pc is i386.
according to your suggesting: uninstall package and reinstall it. I checked status >status see the ... samuel tang
09:45 AM pfSense Packages Bug #679: HAVP error message shows up behind top menu.
Lars Hupfeldt Nielsen wrote:
> Yes, I'm using NanoBSD, on Alix boards. There are no fields for build/platform detail... Serg Dvoriancev
09:42 AM pfSense Packages Bug #669: HAVP does not remove "Antivirus" menu point when de-installed.
Ermal Luçi wrote:
> Possibly fixed with latest package improvements.
I've had in recent days a lot installations of... Serg Dvoriancev
08:31 AM Bug #1034 (Closed): timezone settings not working in smtp notifications
I have two pfsense installations *2.0-BETA4 (i386) built on Sun Nov 14 17:23:12 EST 2010*
which both have the follo... Fabian Schmidt
06:51 AM Bug #1023 (Feedback): Carp Status Incorrect
Ermal Luçi
05:39 AM Bug #943: 2.0-BETA4 Dynamic DNS updates not working
@Jeppe Oland
can you try with a new snapshot i committed fix to retry resolving 3 times before bailing.
@Hugo ple... Ermal Luçi
04:42 AM Bug #943: 2.0-BETA4 Dynamic DNS updates not working
Same problem. Dyndns(dynamic) only updates when saving.
No wildcards
Full new install no config restore.
ADSL(op... Hugo Sousa

11/22/2010

11:18 PM Bug #840 (Resolved): RRD scripts not collecting new data into the RRD
yeah this was fixed long ago Chris Buechler
05:14 PM Bug #840: RRD scripts not collecting new data into the RRD
This seems to work fine and has done for a wail. Jonathan Bastin
10:56 PM Bug #1031: Firewall Log - Dynamic Update update only first row
Looks like this only happens with the logs in reverse order. Forward order works fine. Jim Pingle
09:07 PM Bug #1031: Firewall Log - Dynamic Update update only first row
Do you have your logs set for forward or reverse order? (i.e. is the newest entry at the top or the bottom) Jim Pingle
09:59 AM Bug #1031 (Resolved): Firewall Log - Dynamic Update update only first row
When use Dynamic Update on Status -> System Logs -> Firewall -> Dynamic View only the first row is updated.
Curren... Francisco Brasileiro
08:01 PM pfSense Packages Bug #1033 (Feedback): Please start bandwidthd to populate this directory
Uninstall the package and then reinstall it. I fixed quite a few dependencies on it this afternoon. It started OK whe... Jim Pingle
07:50 PM pfSense Packages Bug #1033 (Resolved): Please start bandwidthd to populate this directory
built on Mon Nov 22 02:17:54 EST 2010
bandwidthd can not run samuel tang
06:38 PM Revision a2b6c52f: Add option to control automatic creation of NAT rules which assist forwarding rules that send traffic out to the same subnet it originated from.
Erik Fonnesbeck
04:55 PM Feature #1032: Add all interfaces to Packet Capture drop-down
Anything valid for tcpdump. So perhaps not lo0, carp, or other interfaces from which a packet capture would not work ... Jim Pingle
04:24 PM Feature #1032: Add all interfaces to Packet Capture drop-down
Do you mean all interfaces from returned by ifconfig ?
 Pierre POMES
03:18 PM Feature #1032: Add all interfaces to Packet Capture drop-down
Even better. :-) Jim Pingle
03:15 PM Feature #1032: Add all interfaces to Packet Capture drop-down
Changed to all interfaces, there are a number of scenarios in addition to OpenVPN where that capability would be help... Chris Buechler
02:55 PM Feature #1032 (Resolved): Add all interfaces to Packet Capture drop-down
It would be handy if all interfaces were available as targets for packet capture even without being assigned. Jim Pingle
04:23 PM Revision bddcbff2: When adding/editing a gateway, check IP alias subnets, too. Fixes #1015
Erik Fonnesbeck
03:53 PM Revision d48dbceb: Add other interfaces to local network selection and show proper names. Fixes #965
Erik Fonnesbeck
02:32 PM Revision e63d59c0: Do not save settings related to ports when protocol does not use ports. Ticket #953
Erik Fonnesbeck
01:39 PM Revision ae46e8b8: Do not save fields from translation section when "Do not NAT" is checked. Ticket #952
Erik Fonnesbeck
12:27 PM Revision 4389352c: In filter_generate_reflection_nat, generate a rule with the actual subnet instead of using the interface:network shortcut. Ticket #737
Erik Fonnesbeck
11:35 AM Bug #1015 (Feedback): Gateways IP subnet check needs to check IP aliases
Applied in changeset commit:"bddcbff2742d2855aa47b7af551aee11410183ca". Erik Fonnesbeck
11:05 AM Bug #965 (Feedback): IPSec configuration network selection doesn't match rest of UI
Applied in changeset commit:"d48dbceb9570a322e0ce8a7200847eeddfac22f9". Erik Fonnesbeck
09:47 AM Feature #953: On outbound NAT rule edit, hide ports when protocol does not use ports.
Should be fixed now. Erik Fonnesbeck
08:06 AM Feature #953: On outbound NAT rule edit, hide ports when protocol does not use ports.
This should probably leave out the port fields when saving when not set to a protocol that uses them. Erik Fonnesbeck
09:00 AM Feature #737: Make 1:1 NAT Reflection's NAT rule generation work for more setups
This thing is wrong because it slows down filter reload and things depends on it being snappy.
There is not justaf... Ermal Luçi
07:45 AM Feature #737 (Feedback): Make 1:1 NAT Reflection's NAT rule generation work for more setups
Erik Fonnesbeck
07:45 AM Feature #737: Make 1:1 NAT Reflection's NAT rule generation work for more setups
Looking back at this, I didn't really write up a very good description of it. Anyway, it should work for a wider ran... Erik Fonnesbeck
08:42 AM Feature #952: When "Do not NAT" is checked on outbound rule, the translation section should be hidden.
Should be fixed now. Erik Fonnesbeck
08:05 AM Feature #952: When "Do not NAT" is checked on outbound rule, the translation section should be hidden.
This should probably not be saving the fields in the translation section when do not nat is checked. Erik Fonnesbeck
08:33 AM Revision 1452fa57: Use correct names for integer and boolean types in DHCP options and fix typo in hexadecimal validation for strings. Fixes #962
Erik Fonnesbeck
05:23 AM Bug #943: 2.0-BETA4 Dynamic DNS updates not working
I am seeing the same problem on a clean boot of pfSense-2.0-BETA4-20101120-0520.iso - well a clean install followed b... Jeppe Oland
03:35 AM Bug #962 (Feedback): DHCP custom options must have type selection
Applied in changeset commit:"1452fa5788f6fd0cf73d957955b8bfeeac127541". Erik Fonnesbeck
02:28 AM Bug #962 (New): DHCP custom options must have type selection
One issue with this on the integers. It's putting int8, int16, uint8, etc. into dhcpd.conf file which is invalid synt... Chris Buechler
03:16 AM Bug #1030 (Closed): Interface case change in apinger.conf needs reverted
Interfaces are showing in upper case in apinger's conf now, splitting the RRDs into two different graphs. Unknown imp... Chris Buechler
02:51 AM Feature #1029 (Rejected): Add more native way to connect on WAN via DHCP+PPTP/L2TP
Please don't duplicate tickets. original is #624. It doesn't have a target version because we don't have plans of imp... Chris Buechler
02:45 AM Feature #1029 (Rejected): Add more native way to connect on WAN via DHCP+PPTP/L2TP
In some countries the connection to ISP works like this: A computer(pfsense in this case) takes an IP from the modem ... Lenny V.

11/21/2010

10:40 PM Revision b3a4ff7c: Add newlines
Scott Ullrich
09:26 PM Revision 279f4da8: nuke ;
Scott Ullrich
09:22 PM Revision 558dda01: Remove hw.bce.tso_enable item it is loader.conf only per jimp
Scott Ullrich
09:21 PM Revision f41b7bdf: Remove bce item it is loader.conf only per jimp
Scott Ullrich
09:20 PM Revision fb182cb2: Define hw.bce.tso_enable
Scott Ullrich
06:00 PM Bug #836: Captive portal logout popup windows doesn't disconnect the user
Could you explain what you mean in more detail? In particular, which page do you mean when you say "the logged in ov... Erik Fonnesbeck
05:56 PM Bug #836: Captive portal logout popup windows doesn't disconnect the user
Does NOT work actually. The user still remains at the logged in overview! L J
05:36 PM Revision ed32aef7: Don't consider the HTTP referrer check as passing if it was skipped. Ticket #1027
Erik Fonnesbeck
05:23 PM Revision 0f806eca: Upon restoring a config, replacing whole sections, or editing config.xml in edit.php, prevent possible accidental lockout from DNS rebind and HTTP referrer checks by disabling them until reboot or the next time they pass, whichever comes sooner. Ticket #1027
Erik Fonnesbeck
12:47 PM Bug #1027 (Feedback): Config restore triggers HTTP_REFERER check on interface mismatch
This workaround should prevent that from happening now. Erik Fonnesbeck
06:26 AM Bug #1027: Config restore triggers HTTP_REFERER check on interface mismatch
This also needs to be tested restoring a configuration that changes the host or domain, because that might trigger th... Erik Fonnesbeck

11/20/2010

11:15 PM Bug #560: loader.conf is empty after a firmware update.
I believe it still is, as a VM I keep updated has an empty loader.conf when it should the default entries.
It's a di... Jim Pingle
10:54 PM Bug #560: loader.conf is empty after a firmware update.
Is this still an issue on full installs? Note that there is a separate ticket for this on nanobsd. Erik Fonnesbeck
11:07 PM Feature #953 (Resolved): On outbound NAT rule edit, hide ports when protocol does not use ports.
Chris Buechler
11:02 PM Feature #953: On outbound NAT rule edit, hide ports when protocol does not use ports.
2.0-BETA4 (i386)built on Sat Nov 20 05:54:55 EST 2010 using Firefox.
Testing Firewall/NAT/Outbound Add a mappin... Chris Palmer
10:35 PM Feature #952: When "Do not NAT" is checked on outbound rule, the translation section should be hidden.
2.0-BETA4 (i386)built on Sat Nov 20 05:54:55 EST 2010
When "Do not NAT" is checked on an outbound NAT rule, the ... Chris Palmer
09:53 PM Bug #955 (Resolved): Static IP gateway does not upgrade from 1.2.x to 2.0
That looks good, thanks for the extra detail. Jim Pingle
09:37 PM Bug #955: Static IP gateway does not upgrade from 1.2.x to 2.0

That page shows
Name Interface Gateway Monitor IP Description
GW_WAN (default) WAN 172... Chris Palmer
09:23 PM Bug #955 (Feedback): Static IP gateway does not upgrade from 1.2.x to 2.0
The <gateway> tag under <wan> should _not_ be there with an IP post-upgrade, you should only have a gateway entry und... Jim Pingle
09:01 PM Bug #955 (Resolved): Static IP gateway does not upgrade from 1.2.x to 2.0
Chris Buechler
08:55 PM Bug #955: Static IP gateway does not upgrade from 1.2.x to 2.0
Setup 1.2.3 release on my test box today using a static wan address.
Let it update via Firmware/Auto Update to 2.0... Chris Palmer
09:37 PM Bug #1012 (Resolved): DHCP Setting error
Chris Buechler
09:29 PM Bug #1012: DHCP Setting error

Ver. 2.0-BETA4 (i386)built on Sat Nov 20 05:54:55 EST 2010
I made multiple changes to my dhcp server on the LAN,... Chris Palmer
07:42 PM Revision 2b8bdfe4: Add missing </item>
Scott Ullrich
07:40 PM Revision 24352196: oops, typo
Scott Ullrich
07:40 PM Revision feae85bc: Increase vfs.read_max to 32. See http://ivoras.sharanet.org/blog/tree/2010-11-19.ufs-read-ahead.html .. This can help dramatically if using Squid or any other packae that does a lot of hard disk reads.
Scott Ullrich
01:36 PM Bug #1028 (Closed): filter.inc - discover_pkg_rules
Chris Buechler
01:29 PM Bug #1028: filter.inc - discover_pkg_rules
Hmm.. sorry
I found my error in rules.
Task can be closed. Serg Dvoriancev
12:32 PM Bug #1028 (Closed): filter.inc - discover_pkg_rules
filter.inc
Function discover_pkg_rules
Symptoms:
Errors in syslog
check_reload_status: syncing firewall
php: ... Serg Dvoriancev
05:19 AM Revision c049daef: Disable this test, it was causing some package file downloads to be skipped for me, and nothing else seems to set/use this variable anywhere.
Jim Pingle
12:17 AM Feature #1020: Provide HTTP basic auth additional authentication option
Note I can't imagine this ever getting any consideration short of someone funding it or contributing the code. Chris Buechler
12:13 AM Feature #1020 (New): Provide HTTP basic auth additional authentication option
While not legit for reasons of obfuscating what you're running (almost every single commercial vendor does similar an... Chris Buechler

11/19/2010

06:24 PM Revision 37c8e07d: Fix reading the ip from the right file for dyndns.
Ermal LUÇI
03:44 PM Revision e3924384: Reorder some code and combine the nobind test with the lport code to ensure only the needed options are used in any given combination.
Jim Pingle
03:34 PM Revision ad88ff3f: Cleanup some code and properly handle failure of pkg_fetch_recursive.
Ermal LUÇI
03:31 PM Revision 5708241f: When the local port is left blank on an OpenVPN client, use 'lport 0' to direct the client to use a random source port. Fixes #1025
Jim Pingle
03:21 PM Revision d08b0064: Clarify message.
Ermal LUÇI
03:17 PM Revision 0cdf4e87: Use correct extension of tgz rather than tgz for automatically discovered dependencies.
Ermal LUÇI
11:03 AM Bug #729: if_bridge unpredictable filter interface selection
The original issue is sorted, however the problem from #22 could still be an issue. Jon Bruce
10:48 AM Bug #1025: OpenVPN in client mode requires local port set for multiple instances
Also confirmed that nobind only works if you do not choose an interface, so the old "dynamic sourceport" checkbox isn... Jim Pingle
10:35 AM Bug #1025 (Feedback): OpenVPN in client mode requires local port set for multiple instances
Applied in changeset commit:"5708241f9545924e07c820deecae5455354a6cbc". Jim Pingle
10:31 AM Bug #1025: OpenVPN in client mode requires local port set for multiple instances
Confirmed, lport 0 does make clients use a random source port. Jim Pingle
10:03 AM Bug #962: DHCP custom options must have type selection
Functions on Mon Nov 1 15:45:03 EDT 2010 firmware. Tested with "1(https://wsm.mydomain.com:5070/oap/sac_pkg" for a M... Jon Bruce
06:33 AM Bug #995 (Resolved): New x64 snapshots won't boot
Ermal Luçi
06:31 AM Bug #1017 (Resolved): fwrite problem after update
Ermal Luçi
06:30 AM Bug #918 (Resolved): CP redirection URL and logout on popup don't work
Ermal Luçi
06:30 AM Bug #1007 (Resolved): captive portal fatal error
Ermal Luçi
06:29 AM Bug #980 (Resolved): Dashboard from Captive Portal don't show connections ...
Ermal Luçi
06:29 AM Bug #980 (Closed): Dashboard from Captive Portal don't show connections ...
Ermal Luçi
06:24 AM Bug #1027: Config restore triggers HTTP_REFERER check on interface mismatch
This happens when the IP address has changed because of the restore. Erik Fonnesbeck
04:38 AM Bug #1027 (Resolved): Config restore triggers HTTP_REFERER check on interface mismatch
An HTTP_REFERER was detected other than what is defined in System -> Advanced (https://10.0.3.190/diag_backup.php). Y... Seth Mos
12:12 AM Revision c132bdb0: Honor the config parsed var if set.
Ermal LUÇI
12:10 AM Revision 1883455a: Hopefully now the reinclusion of config will not override vars.
Ermal LUÇI
12:03 AM Revision d8333a24: Use full path when we might not have full environment setup.
Ermal LUÇI
12:02 AM Revision 01a6e665: globals.inc is better first.
Ermal LUÇI
12:00 AM Revision d9426abc: More safety belts.
Ermal LUÇI

11/18/2010

11:58 PM Bug #1025: OpenVPN in client mode requires local port set for multiple instances
I'd have to check the config docs again but I think that if you specify a listening interface you have to use lport. ... Jim Pingle
11:24 PM Bug #1025: OpenVPN in client mode requires local port set for multiple instances
This made me notice a related regression from 1.2.x, you can specify a dynamic source port and it just adds "nobind" ... Chris Buechler
09:56 PM Bug #1025: OpenVPN in client mode requires local port set for multiple instances
I'll have to give that one a try. We are on the devel version of openvpn, current number is 201019, which according t... Jim Pingle
09:51 PM Bug #1025: OpenVPN in client mode requires local port set for multiple instances
Sorry, I misunderstood.
It seems the random port feature has been added recently when using "lport 0".
https://... Pierre POMES
08:32 PM Bug #1025: OpenVPN in client mode requires local port set for multiple instances
Yes I know that. When you do not specify a local port, it's still trying to take 1194 even though there is no config ... Jim Pingle
08:25 PM Bug #1025: OpenVPN in client mode requires local port set for multiple instances
Hi Jim,
Yes, the directive is "local_port" in config.xml:... Pierre POMES
05:37 PM Bug #1025: OpenVPN in client mode requires local port set for multiple instances
Is there a directive that indicates that in the config file? Mine are fighting for 1194 unless I hardcode.
I thoug... Jim Pingle
04:04 PM Bug #1025: OpenVPN in client mode requires local port set for multiple instances
it ought to just default to using a random port Chris Buechler
02:44 PM Bug #1025 (Resolved): OpenVPN in client mode requires local port set for multiple instances
If you create an OpenVPN client, the local port is left blank, and it will automatically use 1194
If you create a ... Jim Pingle
11:44 PM Revision d465a277: Fix fetching of package list.
Ermal LUÇI
06:56 PM Revision 21bc451b: Add myself to the copyright. Have modified enough the file.
Ermal LUÇI
06:49 PM Bug #928 (Resolved): pfSense freezes during boot if DHCP client interface doesn't get a reponse from DHCP server
Chris Buechler
06:12 PM Bug #928: pfSense freezes during boot if DHCP client interface doesn't get a reponse from DHCP server
Confirmed fixed in Mon Nov 15 17:03:26 EST 2010 firmware version. Jon Bruce
06:35 PM pfSense Packages Bug #1026 (Resolved): bandwidthd makes bad assumptions about subnets
The 'subnets' directive in the bandwidthd.conf uses the subnet of the selected interface. If you have multiple subnet... Chris Buechler
05:31 PM Revision 4830e56a: Some fixes for the upgrade code for captive portal users.
Erik Fonnesbeck
04:13 PM Revision 8784a3bb: Remove the old field even if empty in rename_field.
Erik Fonnesbeck
02:47 PM Bug #980: Dashboard from Captive Portal don't show connections ...
Dashboard works, screenshot attached. Disconnect error not seen either. Jon Bruce
02:34 PM Bug #1007: captive portal fatal error
Not seen in Mon Nov 15 17:03:26 EST 2010 firmware version. Same basic setup running, no errors. Jon Bruce
02:30 PM Bug #918: CP redirection URL and logout on popup don't work
Tested ok on firmware Mon Nov 15 17:03:26 EST 2010. Redirect works automatically. Jon Bruce
02:24 PM pfSense Packages Bug #1024 (Resolved): Snort GUI broken in latest snapshots
The GUI for /snort/snort_interfaces.php is broken. Ralf Wessling
02:05 PM pfSense Packages Bug #1008 (Resolved): Squidguard Log
Chris Buechler
09:12 AM pfSense Packages Bug #1008: Squidguard Log
Ok
It's working fine now ;-)
Thank you . Tahar GUEBLI
01:54 PM Bug #1023: Carp Status Incorrect
Sorry I dont have a screenshot at the moment but here are the ifconfigs:
machine 1:
vip21: flags=8<LOOPBACK> me... Martin Klein
12:55 PM Bug #1023: Carp Status Incorrect
Do you have a screenshot output of the CARP status and the ifconfig -a output that confirms these are producing confl... Jim Pingle
12:53 PM Bug #1023 (Resolved): Carp Status Incorrect
I Have Multiple Carp Interfaces (vip21 - vip24),
on the Status Page and the Dashboard Widget all
Interfaces have t... Martin Klein
01:04 PM Revision d7bf3178: Various fixes and improvements for the DNS rebind and HTTP referrer checks.
* Only compare with full host from referrer, since someone can put whatever they want at the left side of the period ... Erik Fonnesbeck
12:57 PM Revision 2addd5b2: Fix problem with syslog adding/removing for pacakges. Fix sync pacakges to call the right functions. Optimizations and code cleanup along the way.
Ermal LUÇI
09:47 AM Bug #570 (Resolved): When "No RDR" is checked on a port forward, hide fields that do not apply.
Yeah, seems to be fine. Erik Fonnesbeck
09:25 AM Bug #570: When "No RDR" is checked on a port forward, hide fields that do not apply.
This now works as expected. Casin Mirad
09:34 AM Revision 0bee2010: Save the host name and domain to a temporary location until the setup wizard is finished to prevent triggering the DNS rebind message. Fixes #1022 Also use this information to implement the redirect for changed host for ticket #455
Erik Fonnesbeck
07:23 AM Revision b8d4d7cd: Handling this properly when the web gui is on an alternate port number.
Erik Fonnesbeck
05:35 AM Bug #1013: Captive Portal Reauthentication broken
But then there would be a bug in older beta releases and in 1.2.3 Stable.
There every minute the client is reauthe... L J
04:55 AM Bug #1022 (Feedback): DNS rebind check blocks web gui access to configured host if changed during setup wizard
Applied in changeset commit:"0bee20108d6e6f5750b0164a3740a75bb411b77f". Erik Fonnesbeck
01:57 AM Bug #1022: DNS rebind check blocks web gui access to configured host if changed during setup wizard
In the title I meant to say configured host name. Erik Fonnesbeck
03:00 AM Revision 6898927f: Make this check more general in case someone makes a wizard that changes an opt interface's IP address and wants to use the "Reload in progress" step. Ticket #455
Erik Fonnesbeck
01:39 AM Bug #1014 (Resolved): auth-user-pass only works in i386 version
Chris Buechler
01:36 AM Bug #1014: auth-user-pass only works in i386 version
This is indeed working in the amd64 latest snapshot. Thank you very much.
I have not tried it in the i386 release ... Andreas Winge
12:37 AM Revision 9c37f8cd: Properly reflect ports in the GUI view of the anti-lockout rule since Ermal's changes restricted it to only ssh/gui ports.
Jim Pingle
12:16 AM Revision 916ee745: Show CRL download link only for imported certificates or CRLs with revoked certificates.
Jim Pingle
12:12 AM Revision 304af9d8: Some CRL fixes.
Jim Pingle
12:08 AM pfSense Packages Bug #1021 (Resolved): SSL not enabled in Squid package 2.7.9_4
Jim Pingle
12:00 AM pfSense Packages Bug #1021: SSL not enabled in Squid package 2.7.9_4
Thank you Jim, that is perfect. I reinstalled the package and now https_port works again.
Many thanks to you and ... Steve Hall

11/17/2010

11:17 PM Bug #1022 (Resolved): DNS rebind check blocks web gui access to configured host if changed during setup wizard
If you are accessing the web gui by the configured host name or host.domain and use the setup wizard to change the na... Erik Fonnesbeck
10:45 PM Revision fa15f4ae: Clear up some code.
Ermal LUÇI
10:42 PM Revision d98d6f7f: Boost timeout for file downloads to 60 seconds
Scott Ullrich
10:34 PM Bug #954: Switching to manual outbound NAT creates incorrect rule for PPTP server
Any particular reason you set this to feedback? I'm fairly sure the issue is not fully resolved by just that one com... Erik Fonnesbeck
03:23 PM Bug #954 (Feedback): Switching to manual outbound NAT creates incorrect rule for PPTP server
Ermal Luçi
10:30 PM Bug #455: On initial wizard reload button do not put browser on new assigned ip.
Except for that I just realized that the DNS rebind check wouldn't allow the old host name by default. This needs a ... Erik Fonnesbeck
10:16 PM Bug #455: On initial wizard reload button do not put browser on new assigned ip.
Is this last change something like what you meant?
By the way, this could also be designed to check whether the us... Erik Fonnesbeck
02:20 PM Bug #455: On initial wizard reload button do not put browser on new assigned ip.
The fix is not complete.
Please do it right.... Ermal Luçi
10:50 AM Bug #455 (Feedback): On initial wizard reload button do not put browser on new assigned ip.
Applied in changeset commit:"fd7f136b2665a1fda1df5329d24617413cf78847". Erik Fonnesbeck
08:17 PM Revision eab543ed: Ticket #1017. Move the fwrite and fd_log initializing to a function. Name the function pkg_debug to properly show what is its purpose and also make it write something only when $debug is set.
Ermal LUÇI
08:10 PM Bug #475: L2TP is not functional in the way users will expect
Some sample configurations linked here:
http://forum.pfsense.org/index.php/topic,30114.msg156037.html#msg156037 Jim Pingle
07:47 PM Revision 4c3d9312: Ticket #1017. Put a @ before each fwrite to silence errors. Also setup the log file in the beginning rather than on each individual function.
Ermal LUÇI
07:36 PM Revision 1ae5c631: Resolves #1018. Provide a more unique host name for the file.
Ermal LUÇI
06:31 PM pfSense Packages Bug #1021 (Feedback): SSL not enabled in Squid package 2.7.9_4
Try this again, I uploaded a recompiled binary for squid on 1.2.x. Jim Pingle
03:19 PM pfSense Packages Bug #1021 (Resolved): SSL not enabled in Squid package 2.7.9_4
Output in the latest Squid package under 1.2.3 shows:
# squid -v
Squid Cache: Version 2.7.STABLE9
configure opti... Steve Hall
05:34 PM Revision 53d41b68: The way this option is currently defined, the configuration variable is always set; for this case, isset is not the correct condition. Reported at http://forum.pfsense.org/index.php/topic,30153.0.html
Erik Fonnesbeck
04:42 PM pfSense Packages Bug #770: imspector don't install on 2.0-BETA3-20100727
Tried with: Version 2.0-BETA4 (i386) built on Wed Nov 17 10:33:31 EST 2010
Beginning package installation for imsp... Francisco Brasileiro
04:38 PM Bug #1017: fwrite problem after update
Works no warning is show. Ticket can be closed Perry Mason
02:46 PM Bug #1017 (Feedback): fwrite problem after update
Ermal Luçi
04:50 AM Bug #1017 (Resolved): fwrite problem after update
Removing package...
Starting package deletion for vnstat-1.10_2...done.
Removing vnstat2 components...
Tabs item... Perry Mason
03:35 PM Revision a219c643: Add workaround for referrer check to not be triggered on the previous IP address when redirected by the setup wizard.
Erik Fonnesbeck
03:25 PM Bug #875: Uninstalling packages can remove system libraries
I added some protection between packages but it is still not enough Ermal Luçi
03:17 PM Todo #765: Patch: Add custom DHCP configuration
Can you please check if the latest version of snapshots does this for you? Ermal Luçi
02:59 PM Bug #989 (Resolved): Unable to make a single outbound PPTP connection
Reported from other sources. Ermal Luçi
02:56 PM Bug #1013 (Closed): Captive Portal Reauthentication broken
This is working as mentioned.
Read the radius accounting RFC to understand why.
You will get data only after the cl... Ermal Luçi
02:35 PM Bug #1018 (Feedback): Dynamic DNS issue with multiple Dyndns-Entries
Applied in changeset commit:"1ae5c631e8ec83ed5acdd60419dc436c893fe6ef". Ermal Luçi
10:29 AM Bug #1018 (Resolved): Dynamic DNS issue with multiple Dyndns-Entries
Hello Community / Developer Team,
first of all: you are doing a great job and I really like what you have done so ... Thomas Burger
02:17 PM Feature #1020: Provide HTTP basic auth additional authentication option
PS: firewall off the port to the world and only allow from a management IP. Scott Ullrich
02:16 PM Feature #1020 (Rejected): Provide HTTP basic auth additional authentication option
We just spent considerable time moving from that model to the model we are using in 2.0. Sorry but we are not going ... Scott Ullrich
12:56 PM Feature #1020 (Closed): Provide HTTP basic auth additional authentication option
edit: see cmb's 20101120 explanation. original submitter's follows.
It would be nice if the Web interface could o... Martin Klein
02:01 PM Revision fd7f136b: Redirect to the correct IP at the end of the setup wizard if accessing it on an IP address that was changed. Fixes #455
Erik Fonnesbeck
12:32 PM Feature #1019 (Resolved): Lagg Failover Mode Master Interface
when creating a lagg interface in failover mode I am not able to choose the master interface.
The first interface in... Martin Klein
10:43 AM Revision 54dd88ba: Merge remote branch 'mainline/master' into inc
Conflicts:
etc/inc/pkg-utils.inc Renato Botelho
10:42 AM Revision 3ec86ca8: Merge remote branch 'mainline/master' into inc
Conflicts:
etc/inc/pkg-utils.inc Renato Botelho
10:32 AM Revision cfcebf07: Fix typo
Renato Botelho
04:47 AM Revision b450c94e: Fix typo in comment.
Jim Pingle
01:38 AM Revision f02f0675: Ensure this is an array before entering the foreach loop. Fixes #1012
Erik Fonnesbeck

11/16/2010

11:26 PM Bug #1014 (Feedback): auth-user-pass only works in i386 version
I enabled the SAVE_PW option which should use --enable-password-save on both i386 and amd64, and then recompiled Open... Jim Pingle
05:46 PM Bug #1014 (Resolved): auth-user-pass only works in i386 version
In the i386 version the configure commandline was (might be one or two typos here):
./configure --with-lzo-lib=/usr/... Andreas Winge
10:59 PM Revision aeaa7358: Make the pkg_fetch_recursive code stronger and try also to fetch from freebsd repo when fails to fetch from pfSense one.
Ermal LUÇI
10:54 PM Bug #1011 (Resolved): can not disable HTTP_REFERER check
Chris Buechler
04:39 AM Bug #1011: can not disable HTTP_REFERER check
I tested it and it is OK now.
Thanks ivan primus
10:52 PM Feature #1016 (Resolved): dyndns support for eurodns.com
changed files attached to support eurodns.com from Stefan Casier. Chris Buechler
10:50 PM Bug #970: Cannot add my gateway because the gateway IP is not in the same subnet
that's a diff issue, opened as #1015 Chris Buechler
01:49 AM Bug #970: Cannot add my gateway because the gateway IP is not in the same subnet
Gateway test should check in both subnet interface and IP ALIAS subnet.
At this moment, only subnet interface is che... Iñigo Martinez
10:50 PM Bug #1015 (Resolved): Gateways IP subnet check needs to check IP aliases
The gateways check for the IP being within the subnet doesn't check IP aliases on that interface. Chris Buechler
10:38 PM Revision 7b228323: Avoid exec() and use php calls.
Ermal LUÇI
10:11 PM Revision 1b28121f: Correctly form the url from where to fetch packages if a base is not specified. This unbreaks packages on amd64! Also do no remove a package which is required by other installations.
Ermal LUÇI
08:45 PM Bug #1012 (Feedback): DHCP Setting error
Applied in changeset commit:"f02f0675ccc2bfc59ad969ca0d100f3fd4f4e493". Erik Fonnesbeck
04:36 PM Bug #1012 (Resolved): DHCP Setting error
If I configure and apply the DHCP settings I recieve the following error: "Warning: Invalid argument supplied for for... L J
07:56 PM Revision fe81116d: Correct variable name.
Ermal LUÇI
07:40 PM Revision fcf92dae: * Use pkg_info -E pkgname* for testing if a package is installed.
* Do not call eval if we cannot include an .inc file since that will make the whole script fail.
* Keep the log from ... Ermal LUÇI
06:05 PM pfSense Packages Bug #669: HAVP does not remove "Antivirus" menu point when de-installed.
Possibly fixed with latest package improvements. Ermal Luçi
06:04 PM pfSense Packages Bug #770 (Feedback): imspector don't install on 2.0-BETA3-20100727
Try installing latest one after updating to latest snapshot. Ermal Luçi
04:38 PM Bug #1013 (Resolved): Captive Portal Reauthentication broken
B.0-BETA4 (i386)
built on Sun Nov 14 03:54:29 EST 2010
If the option "Accounting updates" with "no accounting u... L J
04:37 PM pfSense Packages Bug #1008: Squidguard Log
Fixed. Serg Dvoriancev
10:32 AM pfSense Packages Bug #1008: Squidguard Log
Yes, with pfSense-2.0-BETA4-20101111-2203, when click on Service -> Proxy Filter -> Log ( https://pfsense/pkg_edit.ph... Francisco Brasileiro
04:32 PM Revision 73c30884: Merge remote branch 'mainline/master' into inc
Renato Botelho
04:29 PM Revision 55910da7: Tighten check even more. Ticket #1006.
Ermal LUÇI
04:21 PM Revision b878ad36: Ticket #1006. Make sure to interpret the response as needed. First check if we got 0 and then check if we have a faultCode().
Ermal LUÇI
02:45 PM Bug #950 (Feedback): Package installation failures leaves package installed
With latest commits it seems quite stable. Ermal Luçi
11:31 AM Revision 39a8090a: Merge remote branch 'mainline/master' into inc
Conflicts:
etc/inc/PEAR.inc
etc/inc/filter.inc Renato Botelho
11:22 AM Bug #1006 (Feedback): XMLRPC sync from the CLI as well as the UI Fail on error conditions
I committed a fix for the error reported.
The solution for the other is to ask the people to input the protocol of t... Ermal Luçi
11:08 AM Bug #1000: lagg not working set to failover.
Can you show your system logs?
lagg(4) is made to handle this, so only if something in pfsense is putting down the w... Ermal Luçi
03:56 AM Revision e6b960cc: Make sure this isn't searching the referrer using a blank host or IP, which will always match the referrer.
Erik Fonnesbeck
03:35 AM Revision 55068970: Fix case for testing the referrer check setting. Ticket #1011
Erik Fonnesbeck
01:50 AM Feature #972: Allow adding gateways outside of interface subnet
Gateway test should check in both subnet interface and IP ALIAS subnet.
At this moment, only subnet interface is che... Iñigo Martinez

11/15/2010

10:50 PM Bug #1011 (Feedback): can not disable HTTP_REFERER check
Erik Fonnesbeck
10:50 AM Bug #1011 (Resolved): can not disable HTTP_REFERER check
This is case on 2 my installations. Check can't be disabled, and can not access web interface.
Using newest buids - ... ivan primus
09:18 PM Bug #996: DHCP address not pulled with spoofed MAC address on WAN
Just tested on Pfsense 2.0BETA4 (built on Fri Nov 12 19:00:39 EST 2010), appears to work (running from Virtualbox wit... c c
09:17 PM Bug #996: DHCP address not pulled with spoofed MAC address on WAN
Just tested on Pfsense 2.0BETA4 (built on Fri Nov 12 19:00:39 EST 2010), appears to work (running from Virtualbox wit... c c
09:17 PM Bug #996: DHCP address not pulled with spoofed MAC address on WAN
Just tested on Pfsense 2.0BETA4 (built on Fri Nov 12 19:00:39 EST 2010), appears to work (running from Virtualbox wit... c c
08:19 PM Bug #621: Certificate Manager won't accept a windows CA signed certificate
The message you mentioned is shown simply when a certain string comparison fails. If it would be appropriate, it cou... Erik Fonnesbeck
08:22 AM Bug #621: Certificate Manager won't accept a windows CA signed certificate
Well, as I said, I'm not too familiar with how certificates work. But I would guess that it computes some sort of has... Maxim Hansen
08:01 PM Revision efe259cf: Remove these anchors they just provide overhead and are not really used much in pfSense.
Ermal LUÇI
07:55 PM Revision d268d457: Remove gre helping rules they are not anymore needed.
Ermal LUÇI
07:16 PM Revision 99b1cc43: Disable CSRF checks on the backup page.
Scott Ullrich
06:50 PM Revision 0dcdbc85: Send errors to 2>
Scott Ullrich
02:24 PM Bug #989 (Feedback): Unable to make a single outbound PPTP connection
Grab newer snapshots it should work ok now. Ermal Luçi
11:46 AM Revision 172007f5: Merge remote branch 'upstream/master'
Conflicts:
etc/inc/filter.inc
etc/inc/system.inc
usr/local/www/interfaces.php
usr/loc... Seth Mos
09:53 AM Revision 4f376815: Properly format the IPv6 address within brackets so that Carp sync to a ipv6 address works
Seth Mos
08:37 AM Revision 3c009080: Adjust the config file for dhcpv6. We can not support Failover at this point, missing docs.
Seth Mos
08:22 AM Revision cf327478: We do not have a ipv6 specific function, the old one now understands ipv6
Seth Mos
08:21 AM Revision a05b2f42: add support for IPv6 routing tables for IPv6 so that guess_interface_from_ip works
Seth Mos
02:16 AM pfSense Packages Bug #1008: Squidguard Log
yes with snapshot 2.0-BETA4 (i386)built on Fri Nov 12 19:40:58 EST 2010 FreeBSD 8.1-RELEASE-p1. Mukesh Patel

11/14/2010

07:46 PM Revision 64ec1ddf: Add nocsrf flag
Scott Ullrich
07:29 PM Revision 364ecdd1: Fix misnamed form field on CRL import.
Jim Pingle
03:40 PM pfSense Packages Bug #1008: Squidguard Log
Any body repeat this bug to? I can't. Serg Dvoriancev
02:55 PM Revision fbd96b06: Fix variable names. Ticket #954
Erik Fonnesbeck
02:23 PM Bug #1005 (Resolved): Unable to kill individual states from Diagnostics > States
Thanks for the testing/feedback! Jim Pingle
02:15 PM Bug #1005: Unable to kill individual states from Diagnostics > States
Works ok for me on 2.0-BETA4 (i386) built on Sun Nov 14 03:54:29 EST 2010. José María Tudela
01:54 PM Bug #1005: Unable to kill individual states from Diagnostics > States
I just tested this on two 2.0 firewalls of the Sat Nov 13 21:38:35 EST 2010 build and it worked as expected. No error... Phil G
01:59 PM Revision bd32ac6c: Fix case of variable name for swap usage. Ticket #477
Erik Fonnesbeck
01:40 PM Bug #943: 2.0-BETA4 Dynamic DNS updates not working
I'm running a clean install of NanoBSD 4GB dated Oct 8, 2010 and I'm not having any issues with this. John Bradshaw
12:36 PM Revision ba8e0870: Copy /boot/loader.conf.local to the newly imaged slice. Ticket #892
Erik Fonnesbeck
11:05 AM Revision 0aa72c10: Don't perform referer check if display_error_form is not defined (captive portal), just like as is done for the DNS rebind check. Ticket #1007
Erik Fonnesbeck
10:10 AM Revision 0532e54d: Rework handling of ports for reflection on port forwards to work properly with port aliases. Ticket #672
Erik Fonnesbeck
10:01 AM Bug #954: Switching to manual outbound NAT creates incorrect rule for PPTP server
It at least picks up an IP address now, but I'm not sure if it is the right one. It is also still using /32 for the ... Erik Fonnesbeck
09:27 AM Bug #345: CPU graph widget reports wrong usage with SMP
If it is still doing this, I'm not sure how the discrepancy between the two shows up, because as far as I can tell th... Erik Fonnesbeck
09:09 AM Bug #477 (Feedback): Swap usage graphic on dashboard is incorrect
Should be fixed now. Erik Fonnesbeck
08:04 AM Bug #927: 3G modem rendered un-usable by forced cycling of connection
Sorry, what I meant was that the call to "interface_bring_down($interface, true);" in the beginning of the "interface... Marcus Brown
07:43 AM Bug #927: 3G modem rendered un-usable by forced cycling of connection
Sorry, what I meant was that the call to "interface_bring_down($interface, true);" in the beginning of the "interface... Marcus Brown
07:32 AM Bug #927: 3G modem rendered un-usable by forced cycling of connection
Can we please just remove the non-sense with the 5 second sleep from the code? It's just a race condition waiting to ... Marcus Brown
07:45 AM Bug #892 (Feedback): loader.conf.local changes lost after nanobsd upgrade
Erik Fonnesbeck
06:57 AM Bug #621: Certificate Manager won't accept a windows CA signed certificate
I'm not really sure whether the order does matter or not. If it does not, maybe it should search for each of the fie... Erik Fonnesbeck
06:20 AM Bug #1007 (Feedback): captive portal fatal error
I've committed a check like what is done before the DNS rebind checks. With the change it should prevent the code gi... Erik Fonnesbeck
06:06 AM Revision 856d2bf9: Unset this reference before reusing the variable name to prevent corruption of groups.
Erik Fonnesbeck
01:48 AM Feature #736: Privileges for accessing each service that uses the user manager
Captive portal part split off to #1010 Erik Fonnesbeck
01:47 AM Feature #1010: Privilege setting for allowing login access through captive portal
Just wanted to note that I had already started on this sometime and have a significant part done, so that someone doe... Erik Fonnesbeck
01:40 AM Feature #1010 (Closed): Privilege setting for allowing login access through captive portal
Split from #736
It would be nice to have a privilege setting for captive portal so that when authenticating agains... Erik Fonnesbeck
12:38 AM Revision ac503653: Open link in new tab/window
Scott Ullrich

11/13/2010

07:58 AM Feature #1009 (Closed): Active Directory group membership checking
Hi,
This is the auth.inc I have modified to handle AD group membership checking.
It does not support nested gro... Eric Machabert
05:55 AM pfSense Packages Bug #1008 (Resolved): Squidguard Log
With the last snapshot 2.0-BETA4 (i386)built on Fri Nov 12 19:40:58 EST 2010 FreeBSD 8.1-RELEASE-p1 ,
the access t... Tahar GUEBLI
05:44 AM Revision bddc8818: Form image buttons are submit buttons and thus default buttons, causing unwanted behavior with the enter key. Use links instead, where possible.
Erik Fonnesbeck
04:32 AM Bug #1006: XMLRPC sync from the CLI as well as the UI Fail on error conditions
To be more specific, if the Master if configured for https and the slave for http this causes a 0 length response tha... Seth Mos
03:05 AM Revision 6f7a9978: Add style to rowhelper normal text fields in packages for consistency.
Erik Fonnesbeck

11/12/2010

11:51 PM Revision 21699e76: Fix test for altq on vlans and wlan.
Ermal LUÇI
11:34 PM Revision 83fcd140: CSRF startup code has been moved to guiconfig.inc
Scott Ullrich
11:30 PM Revision fafd303e: Unbreak AJAX
Scott Ullrich
09:56 PM Bug #958 (Resolved): reply-to for 1:1 from other directly connected subnets not functioning correctly
Chris Buechler
01:12 PM Bug #958: reply-to for 1:1 from other directly connected subnets not functioning correctly
Well, I did mention it was a floating rule, back in comment #7...
Adding the rules to the specific interface works... Adam Thompson
05:45 AM Bug #958: reply-to for 1:1 from other directly connected subnets not functioning correctly
Can you please try adding rules to your opt2 interface to allow the traffic for all your 1:1 ips.
This will make sur... Ermal Luçi
09:45 PM Revision f48d337f: Add ipv6 local addresses to the IP address list for the rebinding check
Seth Mos
09:38 PM Revision 293079d1: Make sure that we enable SSL properly for the ipv6 vhost as well
Seth Mos
09:05 PM Revision c895ab7b: Misc XSS fixes
Scott Ullrich
05:29 PM Revision 2bf0ada5: Protect against XSS by someone broadcasting an HTML SSID... (better to be safe...)
Jim Pingle
05:15 PM Revision f01d8c49: One more potential XSS vector. Not sure how it would have text injected here, but better safe than sorry.
Jim Pingle
05:02 PM Revision 060d4c5e: More notice XSS fixes.
Jim Pingle
04:36 PM Revision dd5bf424: Fix XSS issues
Scott Ullrich
04:35 PM Revision 4656943e: Fix a theoretical/potential XSS in the http_referer check warning.
Jim Pingle
04:29 PM Revision 190d5d58: Fix XSS in notices.
Jim Pingle
04:03 PM Revision 225a2f0b: Bring in XSS id fixes from m0n0wall
Scott Ullrich
02:38 PM Feature #820: Expose interface for PF address pools on outbound NAT rules
I just wanted to note that the linked documentation is for the newer pf syntax, but the applicable section is still r... Erik Fonnesbeck
11:53 AM Revision 5812e717: Add whitespace to avoid breaking the resulting rule.
Ermal LUÇI
11:52 AM Revision f27789bf: Whitespace fixes.
Ermal LUÇI
11:51 AM Revision f829d532: Make sure there is a direction specified otherwise errors might occur.
Ermal LUÇI
11:49 AM Revision 9869cf3e: Initialize rule keeping array to avoid possible caching effects on php.
Ermal LUÇI
10:55 AM Bug #1007: captive portal fatal error
I'm not trying to open a page with any form of redirect, just google.com or a blank "test" page on a remote httpd.
 Dan Emmons
10:52 AM Bug #1007 (Resolved): captive portal fatal error
running build pfSense-2.0-BETA4-20101111-2203 x86
Configured pfsense for Captive Portal with DNS forward and no ... Dan Emmons
09:17 AM Revision 19310a56: Clarify these descriptions a bit more on 1:1 edit.
Erik Fonnesbeck

11/11/2010

08:35 PM Revision e9cfd6b0: Once more, with feeling
Seth Mos
08:31 PM Revision d99bcf10: Alter the requires to their new file names
Seth Mos
08:27 PM Revision b3c6aec9: Update the current XML RPC client and server parts from the PEAR library, now version 1.5.4
Seth Mos
08:09 PM Bug #958: reply-to for 1:1 from other directly connected subnets not functioning correctly
I've just upgraded and confirmed that it does work perfectly for port-forward NAT, but it does still break for 1:1 NA... Adam Thompson
02:13 PM Bug #958: reply-to for 1:1 from other directly connected subnets not functioning correctly
Can you post your config here?
Please sanitize you ip's but leave the subnets real per se.
I still do not understan... Ermal Luçi
11:44 AM Bug #958: reply-to for 1:1 from other directly connected subnets not functioning correctly
I know you said it wasn't relevant, but I tried setting the Gateway parameter on the firewall rule: no effect whatsoe... Adam Thompson
11:37 AM Bug #958: reply-to for 1:1 from other directly connected subnets not functioning correctly
As I mentioned in #7, the tcpdump output didn't change at all after updating to the snapshot mentioned there.
So... Adam Thompson
07:32 PM Bug #1004 (Resolved): Captive Portal Problem
Chris Buechler
11:16 AM Bug #1004: Captive Portal Problem
just install the update: 2.0-BETA4 (i386) - built on Thu Nov 11 00:34:31 EST 2010
and now seam's to work for me ...... gerard grazzini
05:35 AM Bug #1004: Captive Portal Problem
update to
2.0-BETA4 (i386) - built on Wed Nov 10 10:44:38 EST 2010
the problem seam's to steel be present ... gerard grazzini
03:39 PM Revision 5b6661d8: Fix more typos, I can't code for toffees
Seth Mos
03:33 PM Revision 4f66ad1f: Fix the syntax error
Seth Mos
03:26 PM Revision 543ecd59: Use the information from the wiki about letting lighty listen on v4 and v6 together.
http://redmine.lighttpd.net/projects/lighttpd/wiki/IPv6-Config Seth Mos
03:19 PM Bug #980: Dashboard from Captive Portal don't show connections ...
just a little complement : the dashboard works,
but when i tray to disconnect e guest (click on the cross) i recive ... gerard grazzini
11:19 AM Bug #980: Dashboard from Captive Portal don't show connections ...
hello, i can't give feedback regarding an other bug that block the captive protal (bug # 1004)
but, i just install t... gerard grazzini
02:55 PM Bug #1006 (Resolved): XMLRPC sync from the CLI as well as the UI Fail on error conditions
When the backup doesn't allow connecting to the webui there should be a timeout event.
Instead we have this.
[2.0... Seth Mos
02:44 PM Revision ca94f214: Enable IPv6 binding for Lighttpd
Seth Mos
02:17 PM Revision a2f38ac4: Handle AJAX
Scott Ullrich
10:51 AM Revision 6f567a59: NiftyCheck already included in bottom-loader.js otherwise div mainarea gets rounded twice.
Warren Baker
09:53 AM Revision cea355a5: Separate this into the original case with the floating rule cases above it to fix some scenarios where the order was still wrong.
Erik Fonnesbeck
09:24 AM Revision cb53651f: Small rework of code for applying drag and drop reordering of rules and some extra checks added to fix some potential bugs. Ticket #878
Also minimizes the extent of the changes performed (useful when comparing config.xml files from before and after). Erik Fonnesbeck
07:51 AM Revision a5ebdeff: Fix handling of floating rules in the drag and drop reordering code. Fix for part of ticket #878
Erik Fonnesbeck
05:58 AM Revision baaa8bb1: Move this function to allow removing it from easyrule.
Erik Fonnesbeck
05:43 AM Revision 88bc2760: Fix filter_rules_sort's compare function to know about floating rules so it won't change their order.
Erik Fonnesbeck
04:48 AM Bug #878 (Feedback): Drag and Drop firewall rules causes corruption
I can't reproduce this in IE8 with the steps you mentioned, though I didn't try it there before making the changes. ... Erik Fonnesbeck
03:40 AM Bug #878: Drag and Drop firewall rules causes corruption
No this was all specific to the lan interface as I was testing on that. I didn't try setting up floating rules to see... Warren Baker
02:31 AM Bug #878: Drag and Drop firewall rules causes corruption
On one system where I personally encountered the duplicate (about 8 times duplicated) rules issue, there are no float... Chris Buechler
01:14 AM Bug #878: Drag and Drop firewall rules causes corruption
It is possible this is not a browser-specific issue, but actually caused by not handling floating rules correctly. D... Erik Fonnesbeck
04:27 AM Revision ea57ccb8: Use this sort before saving, so the rule just added is sorted into the proper category like the rest.
Erik Fonnesbeck
04:14 AM Revision ce2078f7: Unbreak graphs
Scott Ullrich
02:56 AM Revision 2b30323e: Copy logic for when to show the cellular tab from status_rrd_graph.php. Fixes #714
Jim Pingle
01:30 AM Revision fa6c42d0: Return this field to its old name to prevent a conflict of names and since the code that uses it still refers to it by that name. Issue reported at http://forum.pfsense.org/index.php/topic,29985.0.html
This caused the full name field to be ignored when creating a user and prevented making a certificate at the creation... Erik Fonnesbeck

11/10/2010

11:14 PM Revision f233231b: Take into account if we have redirection active to allow even port 443.
Ermal LUÇI
11:14 PM Revision 30bd17f5: Make the antilockout rule match the webgui and ssh(if enabled) rather than any traffic destined to pfSense itself.
Ermal LUÇI
10:22 PM Revision 29f76490: Only use escapeshellarg when passing the arguments to the shell. Fixes #1005
Jim Pingle
10:00 PM Bug #878: Drag and Drop firewall rules causes corruption
I've had numerous reports of it in the past two months from talking to people. Click and drag around and you'll event... Chris Buechler
09:40 PM Bug #878: Drag and Drop firewall rules causes corruption
I am having trouble replicating this problem in Chrome on Mac. Can someone else confirm? Scott Ullrich
10:00 PM Bug #714 (Feedback): Cellular RRD Graph Shows w/o 3G Modem Installed
Applied in changeset commit:"2b30323ef3ebbd11d84e913db3b33e514b0657a6". Anonymous
09:50 PM Bug #714: Cellular RRD Graph Shows w/o 3G Modem Installed
Oddly enough I do not see it on my ALIX, but I do see it on my amd64 full install, and only on the Settings tab, no o... Jim Pingle
09:42 PM Bug #714: Cellular RRD Graph Shows w/o 3G Modem Installed
I am not seeing any kind of cellular items on my box at this time. Scott Ullrich
09:49 PM Bug #918 (Feedback): CP redirection URL and logout on popup don't work
Setting this to feedback for now, since the first issue is fixed and the second one as described is intended behavior... Erik Fonnesbeck
09:42 PM Revision dd18038e: * Call get_configured_interface_* functions only once in the code
* Optimize the test if the passed interface is a vaild one
* Fix the apply settings to actually do something rather t... Ermal LUÇI
08:09 PM Revision e7d3fc15: Small improvement no functional change.
Ermal LUÇI
07:40 PM Revision fa112436: Use php calls rather than forking to shell.
Ermal LUÇI
07:34 PM Revision b06d7ebb: Use exec and check return value of command to avoid priting messages of stderr to console.
Ermal LUÇI
07:16 PM Revision 35d26b25: Not sure why sometimes works sometimes does not work when bound to localhost the lighttpd instance of CP. Back to previous setup! Though security of it is debatble.
Ermal LUÇI
06:43 PM Revision 7f8d463f: Bring interfaces up only if there is a mismatch to allow them to be reassigned.
Ermal LUÇI
06:27 PM Revision e9d7afeb: Ticket #904. Hmm fix the interface_has_gateway() too.
Ermal LUÇI
06:25 PM Revision f6b30142: Ticket #904. Actually correctly handle the assigned openvpn client as a dynamic gateway rather than breaking the behaviour of the system. Strange nobody has noticed broken gateway behaviour with openvpn assigned!
Ermal LUÇI
06:18 PM Revision c422a169: Actually was coorect before. 3rd parameter is length not index.
Revert "Correct this to make it actually work. This is also mentioned in Ticket #904 though it was already implemente... Ermal LUÇI
05:45 PM Revision 0bb28795: Correct HTTP_REFERER check when using an IP Address vs the Firewalls hostname
Scott Ullrich
05:25 PM Bug #1005 (Feedback): Unable to kill individual states from Diagnostics > States
Applied in changeset commit:"29f76490d8db635646472f9e38f8402f31bb0e33". Jim Pingle
04:57 PM Bug #1005 (Resolved): Unable to kill individual states from Diagnostics > States
Reported here: http://forum.pfsense.org/index.php/topic,29968.0/topicseen.html
You can no longer kill individual s... Jim Pingle
05:25 PM Revision 612fa572: Note that this textbox controls HTTP_REFERER hostname checks as well
Scott Ullrich
05:00 PM Revision 9734b054: Remove trailing carriage return
Scott Ullrich
04:56 PM Revision 4fe9c2dc: * Adding function get_configured_ip_addresses() which returns all interfaces and their configured IP address
* Add checkbox to System -> Advanced -> Admin for HTTP_REFERER checks
* Add and enforce HTTP_REFERER check if checkbo... Scott Ullrich
04:44 PM Bug #996 (Feedback): DHCP address not pulled with spoofed MAC address on WAN
DHCP on spoofed mac address is fixed on latest snapshots.
The restore of mac address needs more work not sure if it ... Ermal Luçi
02:49 PM Revision daab67a1: Fix misc XSS issues from davey b
Scott Ullrich
02:21 PM Bug #990 (Feedback): xss in pfsense I was testing beta 4 pfSense-2.0-BETA4-20100902-0947.iso
Ermal Luçi
02:16 PM Bug #1004 (Feedback): Captive Portal Problem
Try with newer snapshots. Ermal Luçi
09:49 AM Bug #1004: Captive Portal Problem
ok, the captive portal doesn't work!
the cp worked fine before the upgrade , after doesn't work correctly Andrea Cutelle'
09:04 AM Bug #1004: Captive Portal Problem
Why should it!
That is a design choice made lately
 Ermal Luçi
06:29 AM Bug #1004: Captive Portal Problem
just to confirm that i have the same issue with "built on Tue Nov 9 22:11:55 EST 2010"
the problem appear for me app... gerard grazzini
05:05 AM Bug #1004 (Resolved): Captive Portal Problem
hi, after an upgrade to 2.0-BETA4 (i386)
built on Tue Nov 9 11:59:46 EST 2010
FreeBSD 8.1-RELEASE-p1
port 8000 ... Andrea Cutelle'
01:34 PM Revision fe73e93f: check the correct routing table array otherwise we can never change the default route
Seth Mos
10:03 AM Revision f0ce6758: Add option to System: Firmware: Settings for running gitsync after installing an update, hidden/disabled if git has not been installed yet.
Erik Fonnesbeck
07:28 AM Revision 2545af04: Remove csrf-magic include from functions.inc -- it was causing problems with console PHP scripts.
Erik Fonnesbeck
07:18 AM Bug #747: Root schedulers (ie PRIQ) cannot be configured on interfaces that don't report bandwidth
Well if an assumption has to be made, it'd be best assume that the interface speed is to the fastest physical interfa... Mr Horizontal
07:16 AM Feature #753: Add OpenVPN foreign_option support
Essentially this relates to the fact when you have an interface bound to an OpenVPN tun device when the VPN is a clie... Mr Horizontal
07:00 AM Bug #754: hifn driver and AES192 and 256
This is still not fixed as of 10 Nov 2010... Mr Horizontal

11/09/2010

11:37 PM Revision 6f2cc3a6: Correct this to make it actually work. This is also mentioned in Ticket #904 though it was already implemented.
Ermal LUÇI
10:17 PM Revision 7673cdb5: Use a shell script rather than bad hack to execute php code for pppoe periodic reset.
Ermal LUÇI
08:10 PM Revision 12dfe8ca: Fix display of queues on rules and layer7 containers.
Ermal LUÇI
06:07 PM Revision 506f6e90: Ensure csrf magic is loaded
Scott Ullrich
05:35 PM Todo #881: Passive FTP over pfsense
Appears to work for me also. Running 20101108 20:20:58.
I can connect from the LAN to remote FTP servers using PASV... Peter Hinman
04:44 PM pfSense Packages Bug #1003: captive portal not forwarding
..and have tried both workarounds per #868 Dan Emmons
04:39 PM pfSense Packages Bug #1003: captive portal not forwarding
I should add that squid isn't running, and is not configured.
output from netstat looks like its binding tcp8000... Dan Emmons
04:36 PM pfSense Packages Bug #1003 (Rejected): captive portal not forwarding
duplicate of #868 Chris Buechler
03:07 PM pfSense Packages Bug #1003 (Rejected): captive portal not forwarding
Using pfSense-2.0-BETA4-20101109-0201 and pfSense-2.0-BETA4-20101104-0049
Configured captive portal for MAC bypass... Dan Emmons
04:38 PM Revision 034f08e7: Fix Misc XSS issues
Scott Ullrich
04:26 PM Revision fea09886: Revert
Scott Ullrich
04:23 PM Revision 9b2bc1af: Testing csrf-magic
Scott Ullrich
03:28 PM Revision 5626a349: Set session.use_trans_sid to true
Scott Ullrich
02:05 PM Bug #995: New x64 snapshots won't boot
Confirmed. New snapshot just uploaded boots OK in my amd64 VM.
2.0-BETA4 (amd64)
built on Tue Nov 9 17:26:01 UTC 2010 Jim Pingle
12:41 PM Bug #995 (Feedback): New x64 snapshots won't boot
This should be fixed from latest commits. Ermal Luçi
12:14 PM Revision 678dfd0f: Add a setting for the data type of values used with DHCP option numbers and input validation for each type. Fixes #962
Erik Fonnesbeck
11:58 AM Bug #943: 2.0-BETA4 Dynamic DNS updates not working
Will look at doing so, but it may be a day or two. I may just set up a VM with a vanilla NanoBSD installation and te... R B
11:58 AM Revision 12984150: Merge remote branch 'mainline/master' into inc
Conflicts:
etc/inc/pkg-utils.inc
etc/inc/system.inc Renato Botelho
10:02 AM Revision 5d27a3dc: Add a function type to the field types allowed, to allow more field types without directly adding all of them to row helper.
Erik Fonnesbeck
09:09 AM Feature #814: GUI should allow to bind openvpn on different ip same port
The wizard also needs adjusted to accept this scenario (Reported in #1002, but that was closed in favor of using this... Jim Pingle
09:08 AM Bug #1002 (Closed): openvpn wizard refuses to allow same port but different interfaces
Collapsing this into #814 since it's really the same core issue. Jim Pingle
06:44 AM Bug #1002 (Closed): openvpn wizard refuses to allow same port but different interfaces
Create an openvpn server using the wizard, listening on one interface on udp/1194
Try to create another OVPN serve... Jon Gerdes
09:02 AM Bug #859 (Resolved): OpenVPN wizard stopped working
Jim Pingle
06:56 AM Bug #859: OpenVPN wizard stopped working
I've created several OVPN servers via the wizard and can't reproduce the reported bug. Jon Gerdes
09:02 AM Bug #900 (Resolved): OpenVPN Wizard: Server Certificate Wizard
Jim Pingle
06:37 AM Bug #900: OpenVPN Wizard: Server Certificate Wizard
I created a new server cert using wizard. It refused to allow me to continue unless all fields were filled in. I al... Jon Gerdes
09:01 AM Bug #971 (Resolved): OpenVPN wizard - wrong interface names
Jim Pingle
06:22 AM Bug #971: OpenVPN wizard - wrong interface names
I was able to create a new OVPN server and select interfaces using their descriptive names.
Current version: 2.0-B... Jon Gerdes
07:25 AM Bug #962 (Feedback): DHCP custom options must have type selection
Applied in changeset commit:"678dfd0fa8d629bd45edad576c99d03aa8f40d70". Erik Fonnesbeck
02:23 AM Revision 58685470: fix input validation for GRE
Chris Buechler
12:48 AM Bug #636: layer7 not work correctly
under my side i can see the blocked rules in filter logs but torrent working Michel Samovojski

11/08/2010

11:22 PM Bug #1001 (Resolved): Captive portal session reuse invalid when MAC changes
Whenever the CP session timeout is longer than the DHCP lease length, and a different device gets assigned an IP, a n... Chris Buechler
10:42 PM Revision 58db1fc4: Kill dhcplease before writing the hosts file so that it does not scramble the content from kqueue events.
Ermal LUÇI
10:21 PM Revision 6e8b0ec3: Add a button to connect a non-mobile IPsec VPN from Status > IPsec. Sends a ping from a local IP in the p2 subnet (if one exists on the router) to the remote p2 subnet.
Jim Pingle
09:50 PM Bug #1000: lagg not working set to failover.
the not coming back after the panic is another issue entirely that needs another ticket open on it, I have a config f... Chris Buechler
04:22 PM Bug #1000 (Closed): lagg not working set to failover.
I have been testing pfsense2.0 Beta4 11-07-2010 and the lagg interfaces with failover don't seem to be working. I am ... Rick Baranowski
03:53 PM Revision 61ab4cd3: Return disabled interfaces as well
Scott Ullrich
03:52 PM Revision 157b9d46: Return disabled interfaces as well
Scott Ullrich
01:25 PM Bug #943: 2.0-BETA4 Dynamic DNS updates not working
Your log makes me suggest you reinstall from scratch because you might have some corrupted/modified files.
 Ermal Luçi
01:20 PM Bug #958: reply-to for 1:1 from other directly connected subnets not functioning correctly
Can you show some debugging info's?!
Tracing of traffic etc to actually see what the issue is for you? Ermal Luçi
01:19 PM Bug #950: Package installation failures leaves package installed
you tried those packages on 2.0 or 1.2.x? Ermal Luçi
07:27 AM Bug #950 (New): Package installation failures leaves package installed
Jim Pingle
06:03 AM Bug #950: Package installation failures leaves package installed
get the problem with imspector 0.8-9
2.0-BETA4 (i386)
built on Wed Nov 3 02:54:06 EDT 2010
FreeBSD 8.1-RELEASE-... Hugo Sousa
07:26 AM Bug #964 (Resolved): Changing DHCP pool size allows overlap with static leases
Jim Pingle
05:40 AM Bug #964: Changing DHCP pool size allows overlap with static leases
edit : I don't have the lastest build, but a later one than this patch :
* 2.0-BETA4 (i386)
built on Tue Nov 2 14:... Bastien Semene
05:38 AM Bug #964: Changing DHCP pool size allows overlap with static leases
Just tested, the DHCP Server GUI correctly forbidden me to extend the DHCP pool size while overlapping a static entry... Bastien Semene
07:25 AM Bug #902 (Resolved): configuring cron issue
Jim Pingle
12:37 AM Bug #902: configuring cron issue
u can close this, seems resolved Bipin Chandra
06:55 AM Revision 08452bff: Cosmetic issue, add space before 'done', otherwise package XML name and done are combined.
Warren Baker
06:44 AM Revision 4395500c: Recent move (d32d3970d58683d02f89073103eb595eaa8f395f) of routed/ items required additional files to be updated to reflect correct path.
Warren Baker

11/07/2010

09:29 PM Bug #958 (Feedback): reply-to for 1:1 from other directly connected subnets not functioning correctly
Chris Buechler
06:43 PM Bug #995: New x64 snapshots won't boot
Attaching a screencap of a panic+backtrace from booting a dev kernel on amd64 Jim Pingle
12:34 PM Bug #943: 2.0-BETA4 Dynamic DNS updates not working
Tested again with NanoBSD 1GB snapshot dated "Sun Nov 7 06:14:22 EST 2010" and still exhibiting the same behavior. U... R B
01:34 AM Bug #943: 2.0-BETA4 Dynamic DNS updates not working
Ermal -
Yes, I was running the latest snapshot two weeks ago when you asked me to try again, I made sure the snapsho... R B
09:29 AM Bug #966 (Resolved): DHCP static lease inside the pool is not rejected
Thanks for testing!
 Jim Pingle
03:52 AM Bug #966: DHCP static lease inside the pool is not rejected
seem to be okay i get this message if ill try to add ip from my dhcp range
The following input errors were detecte... Michel Samovojski
03:48 AM Bug #950: Package installation failures leaves package installed
get the problem with this packages "ifBWStats Diagnostics 1.0" Michel Samovojski
01:41 AM pfSense Packages Bug #999 (Resolved): vhosts does not show up as started
In pfSense 1.x, checking whether a service was started was done using @ps axwu | grep '\b{$process}\b' | grep -v 'gre... Moshe Katz

11/06/2010

10:26 PM Bug #943: 2.0-BETA4 Dynamic DNS updates not working
working well for me under this snapshot
Full 2.0-BETA4 (i386) built on Sat Oct 30 19:40:13 EDT 2010 FreeBSD 8.1-RE... Michel Samovojski
10:20 PM Revision d32d3970: Add routed/ items to obsoleted files. Force removal of file so that directories can be included in the future
Scott Ullrich
09:02 PM Revision 277d55d7: Ignore /var/etc directory to avoid these kinds of errors: tar: /var/etc/openvpn/client1.sock: tar format cannot archive socket
Scott Ullrich
07:34 PM Revision 818c54ee: Do not use sub array
Scott Ullrich
07:31 PM Revision 43a0ac8a: Make sure ipsec is incuded in valid interfaces
Scott Ullrich
07:24 PM Revision e5fee340: Move Note to bottom of page
Scott Ullrich
07:22 PM Revision 366e2be8: Show interface description
Scott Ullrich
06:40 PM Revision 2c4a13d9: Interface names should appear as uppercase
Scott Ullrich
06:38 PM Revision 9c3cac0c: Interface names should appear as uppercase
Scott Ullrich
06:34 PM Revision 5aaae0e3: Do not escape strings twice
Scott Ullrich
06:26 PM Revision 0f08affe: Misc fixes. Use htmlspecialchars() in more places. Use escaped shell argument.
Scott Ullrich
06:11 PM Revision 66d57db5: Interface names should appear as uppercase
Scott Ullrich
06:10 PM Revision 4cea35b3: Interface names should appear as uppercase
Scott Ullrich
06:08 PM Revision c1f95f5c: Various CRL fixes.
Jim Pingle
06:03 PM Revision e8ad860f: Interface names should appear as uppercase
Scott Ullrich
06:01 PM Revision 94556105: Define variable a bit earlier in case its shared
Scott Ullrich
06:00 PM Revision d815d5fa: Use get_configured_interface_list() so Ermal does not yell at me :)
Scott Ullrich
04:40 PM Revision 98bcf1f8: Fix misc input validation errors. Move routed/* to same dir as pkg items
Scott Ullrich
04:31 PM Revision 6a937188: Ensure passed interface is valid
Scott Ullrich
04:24 PM Revision 8625c24f: Use htmlspecialchars() for santitized output
Scott Ullrich
04:15 PM Revision 50b2f6ab: Ensure that we are working with a proper passed interface..
Scott Ullrich
03:59 PM Bug #998: Installer fails on gmirror device files
Just reinstalled, but i could not find any loadable geom modules, just some .so files in /lib/geom.
It seems that on... Marcus van Dam
03:06 PM Bug #998: Installer fails on gmirror device files
I will probably do a reinstall in a few minutes. So ill try and report back.
But please note that the problem is the... Marcus van Dam
02:34 PM Bug #998: Installer fails on gmirror device files
It still may be worth loading all of the geom* modules to see if that makes the /dev/mirror shortcut appear when it d... Jim Pingle
01:29 PM Bug #998: Installer fails on gmirror device files
I did not load anything extra. I was expecting the livecd to load all the modules as it recognizes the mirror disks.
... Marcus van Dam
12:28 PM Bug #998: Installer fails on gmirror device files
It's been a while since I tried a gmirror install, but is that still necessary if you kldload all of the gmirror/geom... Jim Pingle
12:26 PM Bug #998: Installer fails on gmirror device files
I just found the workaround,
Boot the livecd completely, then symlink /dev/gm0, gm0s1, gm0s1{a..z} to their /dev/mir... Marcus van Dam
11:53 AM Bug #998 (Closed): Installer fails on gmirror device files
When doing an install on a gmirror device (created at or before booting the livecd) it will be looking for the wrong ... Marcus van Dam
02:39 PM Bug #991: multiple XSS issues
Scott Ullrich wrote:
> We prefer to have one ticket open per issue. Even though there where multiple files affected... dave b
12:44 PM Bug #991 (Feedback): multiple XSS issues
Issues fixed in commits 98bcf1f8 6a937188 8625c24f 50b2f6ab
 Scott Ullrich
12:43 PM Bug #991: multiple XSS issues
We prefer to have one ticket open per issue. Even though there where multiple files affected it is still one issue.
... Scott Ullrich
10:12 AM Bug #995: New x64 snapshots won't boot
This is likely due to some recent performance patches added into the tree that behave OK on i386 but apparently not o... Jim Pingle

11/05/2010

08:56 PM Bug #958: reply-to for 1:1 from other directly connected subnets not functioning correctly
I finally had a chance to upgrade, and I'm sorry, but this *still* doesn't work (for me).
Now testing with 2.0-BETA4... Adam Thompson
01:36 PM Bug #958 (Resolved): reply-to for 1:1 from other directly connected subnets not functioning correctly
Jim Pingle
06:33 PM Revision c62d973d: Spelling fix.
Warren Baker
02:12 PM Revision 03976254: If the anti-lockout rule is active, show it in the rules list for the LAN interface (or WAN if the interface count is 1, same rules as in filter.inc for putting the rule in the ruleset)
Jim Pingle
01:35 PM Bug #969 (Resolved): NAT rdr work only on one interface
Jim Pingle
01:34 PM Bug #969: NAT rdr work only on one interface
Confirmed fixed in the latest snapshots. Matt Corallo
07:49 AM Bug #969: NAT rdr work only on one interface
This is fixed with commits on #958 issue and I think it can be closed. ivan primus
10:35 AM Feature #997 (Closed): Add per-user setting for activating menu
In the future it would be nice to have a per-user setting that controls whether or not a given user is shown the rc.i... Jim Pingle
09:35 AM Bug #991: multiple XSS issues
Chris Buechler wrote:
> please don't open a bunch of tickets where there is only one issue.
OH so you think I did... dave b
12:30 AM Bug #991: multiple XSS issues
please don't open a bunch of tickets where there is only one issue. Chris Buechler
12:41 AM Bug #994 (Closed): xss on the pfsense website ...
don't care, but fixed anyway Chris Buechler
12:29 AM Bug #992 (Closed): issue 3 THIS ONLY AFFECTS BETA 4 2.0
merged to #991 Chris Buechler
12:26 AM Bug #993 (Closed): issue 4 THIS AFFECTS STABLE
merged into #991 Chris Buechler

11/04/2010

06:30 PM Revision 428e66b6: Warn a user when entering the OpenVPN client/server screens that they need a CA/Cert if none exist.
Jim Pingle
05:18 PM Revision 9882cbef: Use addslashes() here to prevent unescaped quotes from causing PHP errors. Fixes advanced/custom options in OpenVPN wizard.
Jim Pingle
03:54 PM Bug #996 (Resolved): DHCP address not pulled with spoofed MAC address on WAN
Replaced production router ("old router") with pfSense 2.0BETA4 router ("test router" - 02-Nov-2010 snapshot) on broa... Ron Rosen
03:14 PM Revision f09ce147: Merge remote branch 'upstream/master'
Conflicts:
etc/inc/services.inc Seth Mos
03:11 PM Bug #928: pfSense freezes during boot if DHCP client interface doesn't get a reponse from DHCP server
Similar behavior observed in 02-Nov-2010 (embedded) snapshot. To reproduce:
# Connect LAN. (May not be necessary, bu... Ron Rosen
02:39 PM Revision 3339c56f: Use a different variable name here to avoid colliding with another of the same name.
Jim Pingle
11:00 AM Bug #995 (Resolved): New x64 snapshots won't boot
The 2 latest x64 snapshots won't boot. They give the error "Cannot dump. Device not defined or unavailable" ("Automat... Peter O
09:06 AM Revision 0996a81e: Enlarge the address fields so that ipv6 addresses fit properly
Seth Mos
07:58 AM Bug #994 (Closed): xss on the pfsense website ...
xss on the pfsense website ...
I don't know if anyone cares about this but you can xss www.pfsense.org.
http://www.... dave b
07:52 AM Bug #993 (Closed): issue 4 THIS AFFECTS STABLE
issue 4 THIS AFFECTS STABLE (for more information see the first of these issues).
xss via graph.php:
poc:
1. htt... dave b
07:50 AM Bug #992 (Closed): issue 3 THIS ONLY AFFECTS BETA 4 2.0
issue 3 THIS ONLY AFFECTS BETA 4 2.0 (for more information see the first of these issues).
xss via pkg_edit.php
p... dave b
07:49 AM Bug #991 (Resolved): multiple XSS issues
/pkg_edit.php?xml=olsrd.xml&id=%22/%3E%3Cscript%3Ealert%282%29;%3C/script%3E/status_graph.php?if=%22/%3E%3Cscript%3Ea... dave b
07:47 AM Bug #990 (Resolved): xss in pfsense I was testing beta 4 pfSense-2.0-BETA4-20100902-0947.iso
NOTE:
I haven't against the latest dev, because when I tried to update via today's snapshot it broke and will no lon... dave b
07:40 AM Bug #968 (Resolved): PHP error in user manager
Jim Pingle
04:59 AM Bug #968: PHP error in user manager
Seems to be fixed with that. Peter O
07:11 AM Bug #989 (Resolved): Unable to make a single outbound PPTP connection
2.0-BETA4 (i386)
built on Mon Nov 1 01:27:31 EDT 2010
FreeBSD 8.1-RELEASE-p1
Unable to make an outbound PPTP co... Jamie Heckford
04:56 AM Feature #988: DHCP with manual fix IP
Would come in handy to be able to access IP telephones on a fixed IP while being able to update alle phones connected... Peter O

11/03/2010

09:26 PM Revision 9ad0ab80: Use != here to avoid a potential issue with empty() testing intermediate arrays.
Jim Pingle
09:18 PM Revision 42724fdd: Add a button to the filter reload screen to force a config sync (only shows up if a config sync peer is defined).
Jim Pingle
09:00 PM Revision de651e21: Change the dhcpd startup for isc dhcpd server 4.1
Seth Mos
08:11 PM Revision 36600615: Fix saving of off/disabled PPPoE server instances. Fixes #987
Jim Pingle
08:08 PM Revision 79eea0c1: Activate code to allow ipsec to work normally.
Ermal LUÇI
04:44 PM Feature #988 (Rejected): DHCP with manual fix IP
I can't imagine any instance where it's remotely sane to use a static IP and pull other options via DHCP. Chris Buechler
04:34 PM Feature #988 (Rejected): DHCP with manual fix IP
When an interface is defined as "DHCP" type, it's can be helpful that the machine stay with a fix predefined ip (to b... gerard grazzini
04:22 PM Bug #984: Dashboard : Services Status : Captive Portal show wrong service ...
after last change and some irc discussion, i have upgrade to built from "Wed Nov 3 02:54:06 EDT 2010", and the thinks... gerard grazzini
04:15 PM Bug #987 (Feedback): PPPoE Server instances cannot be disabled
Applied in changeset commit:"366006156f697037e9db546a5be0394986bb0bc1". Jim Pingle
02:59 PM Bug #987 (Resolved): PPPoE Server instances cannot be disabled
When you try to turn off a configured PPPoE server instance, the GUI complains about input errors and does not disabl... Jim Pingle
02:53 PM Revision 4816e5ca: Merge remote branch 'mainline/master' into inc
Conflicts:
etc/inc/auth.inc
etc/inc/config.lib.inc
etc/inc/priv.defs.inc
etc/inc/syst... Renato Botelho
02:33 PM Todo #704 (Resolved): Load cpufreq.ko when powerd is enabled
Closing this as the error given is due to ALIX not really supporting powerd with the default TSC timecounter, which i... Jim Pingle
02:26 PM Revision b039f099: Don't show empty user IPsec keys.
Jim Pingle
01:25 PM Revision 9cb94dd4: Ticket #980. Bring CP widget up to date. Also bind lighty for CP to 127.0.0.1 it should not be accessible otherwise.
Ermal LUÇI
11:50 AM Revision 645ad665: This enabled finding of a carp vip on the ifconfig stack
Seth Mos
10:43 AM Revision 096cd5f5: Do not attempt to start relayd without entries
Seth Mos
10:32 AM Revision 6da3df4e: Enable both ipv4 and ipv6 forwarding before returning
Seth Mos
09:42 AM Revision 5bb1e653: Default to ipv6 routing on
Seth Mos
09:30 AM Revision 3502b5b1: Make it possible to create a inet6 carp address. This works surprisingly
What doesn't work is removing the previous IPv6 address from a interface. This should be hooked into the edit page Seth Mos
08:29 AM Bug #980 (Feedback): Dashboard from Captive Portal don't show connections ...
Ermal Luçi
07:49 AM Revision 105d618d: Merge remote branch 'upstream/master'
Seth Mos
04:44 AM Bug #943: 2.0-BETA4 Dynamic DNS updates not working
Are you sure that you have the latest snapshot?
Can you post a system log here?
Can you post your config here?
 Ermal Luçi
 

Also available in: Atom