Project

General

Profile

Activity

From 11/26/2010 to 12/25/2010

12/25/2010

06:36 PM Bug #829: WAN stays assigned to pppoe0 interface after switching type from PPPoE to Static
Alexandre Paradis wrote:
> Right now it seems to work, but my pppoe was on a OPT1 interface, i will try again on ano... Alexandre Paradis
06:35 PM Bug #829: WAN stays assigned to pppoe0 interface after switching type from PPPoE to Static
Right now it seems to work, but my pppoe was on a OPT1 interface, i will try again on another box with pppoe as prima... Alexandre Paradis
06:24 PM pfSense Packages Bug #770 (Resolved): imspector don't install on 2.0-BETA3-20100727
Chris Buechler
05:27 PM pfSense Packages Bug #770: imspector don't install on 2.0-BETA3-20100727
Seems to work now !
Beginning package installation for imspector...
Downloading package configuration file... d... Alexandre Paradis
05:19 PM Bug #1075 (Feedback): rrd graphs missing / duplicate
Chris Buechler
05:13 PM Bug #555 (Resolved): Certificate Revocation List (CRL) missing from Certificate Manager
Chris Buechler
04:56 PM Bug #950 (Resolved): Package installation failures leaves package installed
Chris Buechler
04:54 PM Feature #935: User manager RADIUS authentication method
needs refinement in the future Chris Buechler
04:54 PM Feature #935 (New): User manager RADIUS authentication method
Chris Buechler
04:53 PM Bug #912 (Resolved): PPTP/PPPoE/L2TP VPN logs missing
Chris Buechler
04:53 PM Bug #987 (Resolved): PPPoE Server instances cannot be disabled
Chris Buechler
04:52 PM Bug #714 (Resolved): Cellular RRD Graph Shows w/o 3G Modem Installed
Chris Buechler
04:52 PM Bug #863 (New): floating rules breaks passive mode ftp
Chris Buechler
04:51 PM Bug #1123 (Resolved): FEC type lagg not shown as VLAN-capable
Chris Buechler
04:51 PM Bug #1101 (Resolved): Wake-on-Lan display issue
Chris Buechler
04:51 PM Bug #1025 (Resolved): OpenVPN in client mode requires local port set for multiple instances
Chris Buechler
04:50 PM Feature #934 (New): Add RADIUS support to Diag>Auth page
Chris Buechler
04:48 PM Bug #959 (Resolved): Config sync removes alias VIPs on the slave
Chris Buechler
04:47 PM Bug #841 (Resolved): hostapd doesn't work with spoofed MAC (but should be able to)
Chris Buechler
04:45 PM Todo #765 (Resolved): Patch: Add custom DHCP configuration
Chris Buechler
04:43 PM Bug #944 (New): Moving VLANs to lagg doesn't remove old VLANs
Still leaves behind the old VLAN. ... Chris Buechler
04:41 PM Bug #921 (Resolved): Gateway monitoring stops after interface goes down
Chris Buechler
04:41 PM Bug #786 (Resolved): UDP traffic blocked by a floating rule
can't replicate Chris Buechler
04:38 PM Todo #764 (Resolved): Patch: Add per-host netboot filename to DHCP static mappings
Chris Buechler
04:37 PM Feature #810 (Resolved): Allow multiple servers for DHCP relay
Chris Buechler
04:37 PM Bug #743 (Resolved): Installation: textual label: (Select task="Advanced Installation") <> (Are you sure="Custom Install")
Chris Buechler
04:36 PM Bug #725 (Resolved): DHCP Relay missing logic for dynamic routes
Chris Buechler
04:36 PM Bug #88 (Resolved): TXCSUM forced on at boot which breaks wireless bridging
Chris Buechler
04:34 PM Bug #821 (Resolved): Captive Portal URL redirect macro is not correct when using a forced redirect
Chris Buechler
04:33 PM Bug #774 (Resolved): $priv array defined in priv.defs.inc doesnt store all match values
Chris Buechler
04:33 PM Bug #657 (Resolved): Setting IBSS on a wireless interface doesn't take effect when applied
Chris Buechler
04:33 PM Bug #645 (Resolved): OpenVPN Settings do not sync to peers
Chris Buechler
04:32 PM Bug #646 (Resolved): DHCP Daemon settings do not sync to peers
Chris Buechler
04:32 PM Feature #635 (Resolved): Update ipfw-classifyd
Chris Buechler
04:32 PM Bug #388 (Resolved): Setup GEOM Mirror with BSD Installer errors out
Chris Buechler
04:28 PM Bug #755: dnswatch not working
Warren: have you tested this? Chris Buechler
04:27 PM Bug #682 (New): WAN traffic graph is broken with MLPPP
Chris Buechler
04:26 PM Bug #853 (New): PPPoE Server radius config not applied
Ports for RADIUS and accounting are still not used Chris Buechler
04:22 PM Bug #715 (Resolved): RRD Graph on Throughput Contains No Info
Chris Buechler
04:22 PM Bug #632 (Resolved): Change type of Virtual IP not work.
Chris Buechler
04:21 PM Feature #861 (Resolved): Clicking MAC Address in DHCP Leases Sends WOL Packet
Chris Buechler
04:21 PM Bug #835 (Resolved): Captive portal non redirecting correctly when logout popup is enabled
Chris Buechler
04:20 PM Feature #951 (Resolved): CARP doesn't sync Layer 7 rule groups
Chris Buechler
04:20 PM Bug #920 (Resolved): Routing groups don't change monitor IP address when PPPoE reconnects
Chris Buechler
04:20 PM Bug #892 (Resolved): loader.conf.local changes lost after nanobsd upgrade
Chris Buechler
04:19 PM Bug #947 (Resolved): existing lagg members should not be able to be added to lagg
Chris Buechler
04:18 PM Feature #1086 (Resolved): [patch] CARP IPs as outer source addressed for GRE and GIF tunnels
Chris Buechler
04:17 PM Bug #883 (Resolved): Renaming gateway doesn't update static routes
Chris Buechler
04:15 PM Bug #960 (Resolved): Problem with config sync + ipsec + special characters
Chris Buechler
04:15 PM Bug #985 (Resolved): L2TP server is not using renamed interfaces
Chris Buechler
04:15 PM Bug #1022 (Resolved): DNS rebind check blocks web gui access to configured host if changed during setup wizard
Chris Buechler
04:12 PM Bug #695 (Resolved): In firewall rules and NAT some wrong displaying.
Chris Buechler
04:12 PM Bug #907 (Resolved): Prefer older IPsec SAs doesn't change when checked/unchecked
Chris Buechler
04:11 PM Bug #954 (New): Switching to manual outbound NAT creates incorrect rule for PPTP server
Not fixed. It uses the server address rather than the client addresses. Chris Buechler
04:10 PM Bug #1006 (Resolved): XMLRPC sync from the CLI as well as the UI Fail on error conditions
Chris Buechler
04:09 PM Bug #1051 (Resolved): radius support in racoon
Chris Buechler
04:08 PM Bug #1015 (Resolved): Gateways IP subnet check needs to check IP aliases
Chris Buechler
04:07 PM Bug #1018 (Resolved): Dynamic DNS issue with multiple Dyndns-Entries
Chris Buechler
04:07 PM Bug #1066 (Resolved): Remove old dynamic caches
Chris Buechler
04:06 PM Bug #1041 (Resolved): IP Alias VIPs are not available for use by IPsec
Chris Buechler
04:06 PM Bug #1132: bogons table not kept after upgrade
Scott probably fixed it in Revision e584baa8903c7f83d8de6440563b200aacd1e53c
Will check in next snapshot. Alexandre Paradis
03:42 PM Bug #1132 (Closed): bogons table not kept after upgrade
that's by design. copy included with releases has been updated. Chris Buechler
12:46 PM Bug #1132 (Closed): bogons table not kept after upgrade
The bogons table is kept updated after a reboot without upgrading, but its being overwriten when we update to a newer... Alexandre Paradis
04:05 PM Bug #1096 (Resolved): pf TSO patch fallout - squid (and potentially other) issues
Chris Buechler
04:05 PM Bug #1073 (Resolved): Disabled 1:1 NAT entries need to be grayed out
Chris Buechler
03:51 PM Bug #1093 (New): Problems with em(4)
This is obviously not entirely fixed, though the bulk of the issues are gone. Something bad in the RELENG_8 driver st... Chris Buechler
03:49 PM Bug #1106 (Resolved): Error in boot process
Chris Buechler
03:43 PM Bug #1133: Static DHCP lease showing offline
wouldn't scale, and would take way too long to load the page. It works, I just tried it. Chris Buechler
03:41 PM Bug #1133: Static DHCP lease showing offline
even if i ping from the lan interface, its still offline. maybe we could setup a way to ping certain specific lease s... Alexandre Paradis
03:39 PM Bug #1133 (Rejected): Static DHCP lease showing offline
works fine. the host has to be active in the firewall's ARP cache to show online, so it won't if it's not accessing t... Chris Buechler
02:57 PM Bug #1133 (Rejected): Static DHCP lease showing offline
Static dhcp lease is showing offline in the dhcp lease page, even if the computer is online. Alexandre Paradis

12/24/2010

04:47 PM Bug #1130: NAT reflection broken...
Seems related to the fact that if port 80 is used for access to the webgui, port 80 doesnt seem to be able nat reflec... Brian Jensen
06:01 AM Bug #1130 (Resolved): NAT reflection broken...
I cant get NAT reflection to work or stay working.
The recent build got it working again, until I changed it and c... Brian Jensen
09:19 AM Bug #1093: Problems with em(4)
Then close it. I am not buying another NIC to test it. I can say that the PCI Express NIC I have never had any trou... Shannon McMahon
07:34 AM Bug #1093: Problems with em(4)
I'm on i386 full latest and never had any problems either. I got 2 dual GBit intel pci-x nics using em drivers.. Max Riedel
07:16 AM Bug #1093: Problems with em(4)
I am using 23rd Dec BETA4 amd64 on vmware with em driver.
I have been using this for some time and have never ha... Jon Gerdes
09:11 AM Bug #757: PPPoE Disconnect button with multiple PPPoE interfaces
Hi there - I'm still following this issue. I will update to the latest snap when I'm back onsite later today and rep... Pho Bia
07:06 AM Bug #1106: Error in boot process
I have not seen this error on yesterday's BETA4.
I have rebooted twice just to be sure so I think it is safe to ... Jon Gerdes
06:58 AM pfSense Packages Bug #1131 (Closed): str_split function missing in squidGuard
squidGuard gives errors under pfSense 1.2.3 because php4 does not provide the str_split function required by squidGua... Luis Soltero
06:52 AM pfSense Packages Bug #719: Squid doesn't use local DNS cache (and fails after WAN failover)
i agree that this is a good idea especially when running in a multi-wan environment where upstream proxies are used t... Luis Soltero
03:38 AM Bug #1081 (Resolved): traffic shaper wizard loops endless back to VOIP-settings
Chris Buechler
02:49 AM Bug #1081: traffic shaper wizard loops endless back to VOIP-settings
ok under 2.0-BETA4 (i386) built on Thu Dec 23 13:17:58 EST 2010 Michel Samovojski

12/23/2010

08:39 PM Bug #636: layer7 not work correctly
Just updated to 2.0-BETA4 (i386) built on Thu Dec 23 15:39:33 EST 2010. Created a new L7 group for HTTP. Applied the ... Seth Scardefield
02:43 PM Feature #1129 (Resolved): Add enable/disable toggle for VPN tunnels
It would be nice eventually to have an enable/disable toggle button (with a confirmation dialog) for VPN tunnels that... Jim Pingle
01:48 PM Bug #1127 (Resolved): bug in apinger halts failover and load balancing
Committed thanks. Ermal Luçi
01:46 AM Bug #1127 (Resolved): bug in apinger halts failover and load balancing
on pfSense 1.2.3-RELEASE
Running in Failover mode between WAN and OPT1 I noticed that once in a while monitoring ... Luis Soltero
01:40 PM Bug #1128 (Resolved): Captive Portal Error
Fixed thank you for reporting. Ermal Luçi
11:13 AM Bug #1128 (Resolved): Captive Portal Error
on Version 2.0-BETA4 (i386) built on Thu Dec 23 03:37:06 EST 2010
After Auth on Captive Portal the following error ... Behzad Barzideh

12/22/2010

11:51 PM Bug #1116: IPsec error, racoon won't start with more than one phase 2
Well of course they should, but whether or not both Cisco and Shrew will work with the same config is the question. :... Jim Pingle
11:47 PM Bug #1116: IPsec error, racoon won't start with more than one phase 2
If you're asking if multiple P2 networks should be supported then YES! I was using this regularly from Shrew and my i... David Szpunar
05:46 PM Bug #1116: IPsec error, racoon won't start with more than one phase 2
I think that sounds right, it should do the right thing automatically then.
Not sure if we should prevent someone ... Jim Pingle
05:41 PM Bug #1116: IPsec error, racoon won't start with more than one phase 2
Ok, so:
- for multi p2, use complete sainfo.
- for mobile single p2, for pure-psk or psk/xauth, generate anonymous ... Pierre POMES
03:59 PM Bug #1116: IPsec error, racoon won't start with more than one phase 2
Sounds OK, though we also had reports that the Cisco VPN client would only connect with sainfo anonymous even without... Jim Pingle
03:09 PM Bug #1116: IPsec error, racoon won't start with more than one phase 2
I check the code a little, we can have "sainfo anonymous" when setting the phase2 to "transport". So for such mobiles... Pierre POMES
05:23 PM Bug #1126 (Resolved): Duplicate "System Activity" in /etc/inc/priv.defs.inc
Fixes incorrect label that displays in system_groupmanager_addprivs.php Screen shot and git patch attached John Place
03:46 PM Bug #1075: rrd graphs missing / duplicate
There were some commits related to RRD can you please try a new snapshot. Ermal Luçi
03:45 PM Bug #1107: mpd on AMD64 generates invalid checksums with NAT
Does you vpn have lower mtu than openvpn?
That would explain it with that DF bit set on packets. Ermal Luçi
03:40 PM Bug #749 (Feedback): Downstream queues should not be assigned to LAN interfaces
Traffic_shaper_wizard, traffic_shaper_wizard_dedicated and Traffic_shaper_wizard_multi_all will not show this problem... Ermal Luçi
02:54 PM Bug #927 (Closed): 3G modem rendered un-usable by forced cycling of connection
I do not think there is any issue here so move along. Ermal Luçi
02:51 PM Bug #757: PPPoE Disconnect button with multiple PPPoE interfaces
Committed the last missing fix.
Please test again. Ermal Luçi
02:29 PM Bug #636: layer7 not work correctly
Committed another fix can you please try again with newer snapshots.
It will be worth to try even blocking http with... Ermal Luçi
01:41 PM Bug #863: floating rules breaks passive mode ftp
Tested with latest snapshot (2.0-BETA 4 (i386) built on Tue Dec 21 12:44:54 EST 2010), and still not working. Activ... Jesse Norell
11:51 AM Bug #886: RRD graph generation time scaling not written correctly
hmm, the quality RRD doesn't seem to be working recently, although for entirely different reasons I'm sure. Adam Stylinski
11:17 AM Feature #1103: Wake-on-Lan Widget for Dashboard (with code)
I just found out about 'convert_friendly_interface_to_friendly_descr()' from another ticket.
Should I submit another... Yehuda Katz
10:38 AM Bug #1125 (Resolved): RRD Graphs broken on built on Mon Dec 20 22:18:43 EST 2010
A fix was already checked in today for this:
https://rcs.pfsense.org/projects/pfsense/repos/mainline/commits/0d86d... Jim Pingle
10:30 AM Bug #1125 (Resolved): RRD Graphs broken on built on Mon Dec 20 22:18:43 EST 2010
When trying to access the graphs the following error occurs:
Parse error: syntax error, unexpected '{' in /usr/loc... James Lepthien
10:31 AM Feature #861 (Feedback): Clicking MAC Address in DHCP Leases Sends WOL Packet
There was already a bit of text that would pop up when you put the cursor over the link. With the addition of the co... Erik Fonnesbeck
09:35 AM Bug #1101 (Feedback): Wake-on-Lan display issue
Applied in changeset commit:"f39b73ad06be35f2da4b227e4894f56d412e4175". Erik Fonnesbeck
09:17 AM Bug #1121: wireless interface antenna settings not applied at boot
I've committed a fix for an issue that it may possibly display the wrong option as selected and may possibly save the... Erik Fonnesbeck
12:28 AM Bug #1121: wireless interface antenna settings not applied at boot
diversity setting command doesn't appear in that file, i pasted the exact contents of the file.
the order of the com... Bipin Chandra
09:00 AM Bug #1081 (Feedback): traffic shaper wizard loops endless back to VOIP-settings
https://rcs.pfsense.org/projects/pfsense/repos/mainline/commits/475c1932c3158a4e9ca718ae3ba2a2eee739ef61
Please tr... Ermal Luçi

12/21/2010

11:11 PM Bug #1121: wireless interface antenna settings not applied at boot
Is the diversity setting in there as well, or is it missing? Do the commands work when used in the exact order in wh... Erik Fonnesbeck
02:34 AM Bug #1121: wireless interface antenna settings not applied at boot
i use the atheros based Compex WLM54SAG23 which doesnt have 802.11n so that cant be an issue, on the opt1 page i have... Bipin Chandra
08:44 PM Bug #919 (Resolved): dynamic gateway handling is broken
It has been working correctly for several snapshots now. Ermal Luçi
08:43 PM Bug #672 (Resolved): Reflection, netcat usage error
This avoids errors and does the right thing now. Ermal Luçi
08:42 PM Bug #867 (Resolved): Activating vlan interface via webgui deletes interface
Ermal Luçi
08:39 PM Feature #850 (Resolved): Rename "Overload Tables" in the Diagnostics menu to "Tables"
Ermal Luçi
08:38 PM Bug #694 (Resolved): Change interface with virtual IPs
Ermal Luçi
08:37 PM Bug #823 (Resolved): Adding an interface drops connectivity
This is done totally differently and in a more smart way now. Ermal Luçi
08:36 PM Bug #758 (Resolved): sshlockout_pf doesn't work on 64 bit
This is not anymore the case. Ermal Luçi
08:15 PM Todo #1071 (Feedback): Reevaluate locks
The necessary places for re-evaluation of locks are completed.
If there are other areas this needs to be done post 2.0. Ermal Luçi
07:28 PM Bug #1013: Captive Portal Reauthentication broken
I just committed fixes to this please test latest snapshots. Ermal Luçi
07:03 PM Bug #847 (Resolved): Deleting interface leaves remnant in interface groups
Ermal Luçi
07:02 PM Bug #1058 (Resolved): filterdns not honoring quit signal
Ermal Luçi
07:02 PM Bug #911 (Resolved): Need option to disable state killing on WAN failure
Confirmed working from forums. Ermal Luçi
07:01 PM Bug #1061 (Resolved): Error after upgrade to latest version
Ermal Luçi
06:57 PM Bug #1042 (Resolved): CARP VIP Descriptions incorrect on IPsec/OpenVPN
Ermal Luçi
06:54 PM Bug #863: floating rules breaks passive mode ftp
This should be ok on latest snapshots as confirmed by others.
Please confirm or this will be put to resolved status. Ermal Luçi
06:46 PM Bug #1123 (Feedback): FEC type lagg not shown as VLAN-capable
Ermal Luçi
06:55 AM Bug #1123 (Resolved): FEC type lagg not shown as VLAN-capable
lagg using FEC do not show up as VLAN-capable, though it works w/VLANs when manually hacked in. Chris Buechler
04:35 PM pfSense Packages Feature #1100 (Feedback): Add additional ports to squid (includes patch)
Applied in changeset commit:"dd44ad60dc3f3f7e736e26644f7ea706127a6779". Jim Pingle
01:31 AM pfSense Packages Feature #1100: Add additional ports to squid (includes patch)
This is the correct one.
The SSH program I use to copy the files from my pfSense dev box to my regular computer some... Yehuda Katz
01:29 AM pfSense Packages Feature #1100: Add additional ports to squid (includes patch)
Of course, again, I upload the wrong files.
Please wait... Yehuda Katz
01:27 AM pfSense Packages Feature #1100: Add additional ports to squid (includes patch)
OK. I moved the options to the AC page. Yehuda Katz
01:01 PM pfSense Packages Bug #1124 (Resolved): Bandwidthd has missing dependencies
Jim Pingle
01:00 PM pfSense Packages Bug #1124: Bandwidthd has missing dependencies
OK. I removed libpq.so.* from the package builder and rebuilt all packages just to be safe. Jim Pingle
12:35 PM pfSense Packages Bug #1124: Bandwidthd has missing dependencies
Bug seemed to be caused by a failed attempt to install ntop, reinstalling both pfsense and bandwidthd posed no proble... Mr Sparks
08:09 AM pfSense Packages Bug #1124: Bandwidthd has missing dependencies
i386 or amd64? Jim Pingle
08:08 AM pfSense Packages Bug #1124 (Resolved): Bandwidthd has missing dependencies
I found the following missing dependencies when installing bandwidthd:
libpq.so.5 (from postgresql-client-8.4.4_1.... Mr Sparks
07:06 AM Bug #1122 (Closed): Can't edit lagg entries
fixed after a gitsync actually, change not in newest snapshot yet. Chris Buechler
06:45 AM Bug #1122 (Closed): Can't edit lagg entries
When you edit a lagg entry, it doesn't show the active interfaces on the lagg as being selected, hence you cannot cha... Chris Buechler
04:33 AM Bug #1102 (Resolved): Captive Portal does not work after upgrade
Chris Buechler
04:17 AM Bug #1102: Captive Portal does not work after upgrade
Ermal Luçi wrote:
> I fixed it right now.
> https://rcs.pfsense.org/projects/pfsense/repos/mainline/commits/4cc2337... Thomas NOEL
03:23 AM Bug #1096: pf TSO patch fallout - squid (and potentially other) issues
I've been testing squid in transparent mode for the last few days at work and haven't noticed any problems.
Curren... Maciej Kazulak

12/20/2010

07:11 PM Bug #1121: wireless interface antenna settings not applied at boot
On a system I just tested it on, it is being applied just fine at boot. What type of card do you have? IIRC, I have... Erik Fonnesbeck
01:37 PM Bug #1121 (Closed): wireless interface antenna settings not applied at boot
wireless interface antenna settings not applied at boot as well as if u click save on the wireless page Bipin Chandra
05:42 PM Bug #812 (Feedback): RRD graph time axis not locked to latest times with higher average samples
I have just committed a 8 hour graph in git that should do what I outline above Seth Mos
04:20 PM Bug #812: RRD graph time axis not locked to latest times with higher average samples
It took me a great while and I've just remembered some of the how and what.
The gist of it is this, we do not have... Seth Mos
05:37 PM Bug #886 (Feedback): RRD graph generation time scaling not written correctly
in place of the 12 hour timespan I've made the 8hour timespan instead, which is easier to craft. This also has to do ... Seth Mos
05:22 PM Bug #636: layer7 not work correctly
Yes, after every firewall rule change I make, I close uTorrent, clear the states, and start uTorrent back up. Seth Scardefield
04:54 PM Bug #636: layer7 not work correctly
Did you clear states? Ermal Luçi
05:03 PM Bug #1111 (Resolved): SIGTERM to syslogd after enabling Remote syslog'ing
Jim Pingle
04:34 PM Bug #1111: SIGTERM to syslogd after enabling Remote syslog'ing
Thanks
this issue is fixed Mykolas Norvaišas
03:05 PM Feature #1119 (Feedback): Add a per-VIP override to hide it from expansion in drop-down fields
Applied in changeset commit:"e2c1d6c5cf3fda8b9fb370cdb50d4a3578c8efa6". Jim Pingle
01:23 PM Feature #1119: Add a per-VIP override to hide it from expansion in drop-down fields
Lazy loading can be a solution to this too.
We program javascript in the background to load, let say, 1000 entries a... Ermal Luçi
08:19 AM Feature #1119 (Resolved): Add a per-VIP override to hide it from expansion in drop-down fields
For some people using Proxy ARP VIPs on large networks (like a /16) the GUI can be very slow to display certain NAT s... Jim Pingle
03:02 PM Todo #881 (Resolved): Passive FTP over pfsense
Ermal Luçi
02:59 PM Bug #1102: Captive Portal does not work after upgrade
I fixed it right now.
https://rcs.pfsense.org/projects/pfsense/repos/mainline/commits/4cc233748fa7e79ac743364404152b... Ermal Luçi
02:01 PM pfSense Packages Feature #1100: Add additional ports to squid (includes patch)
One problem with what you have:
squid_resync_nac() which contains your change:... Jim Pingle
11:42 AM Feature #1120 (Closed): Add checkbox on OpenVPN server/client to use cryptodev
It would be handy to have a checkbox on the OpenVPN server and Client pages that would add "engine cryptodev" into th... Jim Pingle
12:27 AM Bug #1118 (Resolved): Adding NAT rule based on a NAT rule moves it to bottom of list
When adding a new NAT rule based on another NAT rule, it adds the new one to the bottom of the list. Doesn't matter m... Chris Buechler

12/19/2010

10:37 PM Bug #1096 (Feedback): pf TSO patch fallout - squid (and potentially other) issues
Chris Buechler
09:08 PM Todo #881: Passive FTP over pfsense
work for me too.
can connect from the LAN to remote FTP servers using PASV. Michel Samovojski
08:13 PM Bug #1116: IPsec error, racoon won't start with more than one phase 2
Will probably need some more logic in there then, because several types of mobile configurations will break without j... Jim Pingle
07:55 PM Bug #1116: IPsec error, racoon won't start with more than one phase 2
Note : the bug seems to be in /etc/inc/vpn.inc, line 640:... Pierre POMES
04:53 PM pfSense Packages Bug #310: Nut needs changes for latest version
I don't want to be the inpatient en annoying guy,
But could someone implement a fix so it recognizes both types of s... Marcus van Dam
03:51 PM pfSense Packages Bug #1117 (Resolved): TinyDNS-- Warning: Invalid argument supplied for foreach() in /usr/local/www/pkg.php on line 241
dns-server Version 1.0.6.14 running on pfsense 2.0-BETA4 (i386)built on Fri Dec 17 22:35:37 EST 2010 shows
Warnin... mike stratoti
12:53 PM Bug #636: layer7 not work correctly
2.0-BETA4 (i386) built on Sun Dec 19 06:36:15 EST 2010
I have tried all my same combination of firewall rules (def... Seth Scardefield
11:09 AM Bug #1102: Captive Portal does not work after upgrade
Hello,
I've tested today with pfSense-Full-Update-2.0-BETA4-20101219-0151.tgz (built on Sun Dec 19 05:36:18 EST) :... Thomas NOEL

12/18/2010

10:58 PM Bug #636: layer7 not work correctly
Using 2.0-BETA4 (i386) built on Sat Dec 18 09:51:58 EST 2010, I re-applied the Layer 7 rule I'd created before (which... David Szpunar
10:46 PM Bug #1116 (Resolved): IPsec error, racoon won't start with more than one phase 2
Mobile IPsec connection with more than one Phase 2 connections create an invalid /var/etc/racoon.conf file that preve... David Szpunar
02:00 PM Bug #1102: Captive Portal does not work after upgrade
I just upgrade to 2.0-BETA4 (i386) built on Sat Dec 18 09:51:58 EST 2010, and still the same problem.
Thanks
 Alfredo Frugone
10:59 AM Bug #1115 (Closed): squid bug
There was already a ticket on here for that, and it was closed because it was fixed. In the future, please update to ... Jim Pingle
07:33 AM Bug #1115: squid bug
Fixed on latest upgrade Dienis Rastegaeff
05:30 AM Bug #1115 (Closed): squid bug
Doesn't work "Transparent proxy" feature.
When it is enabled - blocks all HTTP traffic.
workaround - configuring us... Dienis Rastegaeff

12/17/2010

09:31 PM Bug #1102: Captive Portal does not work after upgrade
That date is an hour before the fix was committed and comment here. "test new snapshots" always means a date of at le... Chris Buechler
09:23 PM Bug #1102: Captive Portal does not work after upgrade
Ermal Luçi wrote:
> Please test new snapshots it should be fixed.
I've just tested 2.0-BETA4 (i386) built on Fri ... Thomas NOEL
08:21 PM Bug #1102: Captive Portal does not work after upgrade
Thomas NOEL wrote:
> Hello,
>
> Found a solution : # /sbin/sysctl net.inet.ip.fastforwarding=1
>
> I think the... Nick K
03:51 PM Bug #1102 (Feedback): Captive Portal does not work after upgrade
Please test new snapshots it should be fixed. Ermal Luçi
01:46 PM Bug #1102: Captive Portal does not work after upgrade
Thomas NOEL wrote:
> Can you try this (on a shell) :
> # /sbin/sysctl net.inet.ip.fastforwarding=1
>
> It work... Karsten H.
10:20 AM Bug #1102: Captive Portal does not work after upgrade
Same problem here! As soon as I enable captive portal there is no redirect and no more internet access on that interf... Karsten H.
08:12 AM Bug #1102: Captive Portal does not work after upgrade
gerard grazzini wrote:
> with 2.0-BETA4 (i386) built on Fri Dec 17 01:17:30 EST 2010
> the Captive Portal still be ... Thomas NOEL
07:14 AM Bug #1102: Captive Portal does not work after upgrade
with 2.0-BETA4 (i386) built on Fri Dec 17 01:17:30 EST 2010
the Captive Portal still be broken for me ... gerard grazzini
04:39 AM Bug #1102: Captive Portal does not work after upgrade
Hello,
Found a solution : # /sbin/sysctl net.inet.ip.fastforwarding=1
I think the regression came from commit:4... Thomas NOEL
06:34 PM Bug #1087: vouchers need to save to CF periodically
I committed code to prevent that foreach error. Ermal Luçi
06:34 PM Bug #1030: Interface case change in apinger.conf needs reverted
Well as it is now it cannot use any lowercase name since it uses the gateway name!
Possibly on 2.x++ this can be fix... Ermal Luçi
06:29 PM Feature #385: Allow the use of Captive Portal to restrict services on the firewall itself.
Well there is a possiblity to add an ipfw rule with direction out and keep-state to provision this!?
 Ermal Luçi
06:27 PM Bug #1072 (Closed): Issues with increased CARP VHID limits
This is not anymore present in builds. Ermal Luçi
06:19 PM pfSense Packages Bug #1110 (Resolved): libgd.so.4 => not found (0x0) - bandwidthd won't start
I just installed OK on both i386 and amd64. All expected dependencies installed, ldd showed all libraries present.
... Jim Pingle
05:47 PM pfSense Packages Bug #1110: libgd.so.4 => not found (0x0) - bandwidthd won't start
Nah just uninstall the package by hitting the 'x' on the Installed Packages screen. Then find it in the list and try ... Jim Pingle
05:41 PM pfSense Packages Bug #1110: libgd.so.4 => not found (0x0) - bandwidthd won't start
Hello Jim,
just did the following on amd64:
- Update to Vesion 2.0-Beta4 from Fri Dec 17 01:17:30 EST 2010 to hav... Thomas Scholten
04:51 PM Bug #1088 (Resolved): CARP sync broken
Jim Pingle
04:46 PM Bug #1088: CARP sync broken
Tested with 2.0-BETA4 (i386) built on Fri Dec 17 01:17:30 EST 2010
Revision: http://redmine.pfsense.org/projects/pf... Francisco Brasileiro
03:53 PM Bug #636: layer7 not work correctly
I committed a change, please test newer snapshots. Ermal Luçi
01:20 PM Bug #1111 (Feedback): SIGTERM to syslogd after enabling Remote syslog'ing
Applied in changeset commit:"f889516190ab1ec29ab533c662d932bb4f02c392". Jim Pingle
12:55 PM pfSense Packages Bug #1098 (Resolved): Squid Installation fail on 2.0-BETA4 (amd64) built on Wed Dec 8 22:08:02 UTC 2010
Jim Pingle
12:24 PM pfSense Packages Bug #1098: Squid Installation fail on 2.0-BETA4 (amd64) built on Wed Dec 8 22:08:02 UTC 2010
Yes installed and running. Mukesh Patel
03:08 AM Feature #1113: WAN Interfaces with the same Gateway
ok, but couldn't be an arp-proxy the solution of the problem ?
Falk Falk Nisius
02:14 AM Feature #1113: WAN Interfaces with the same Gateway
There's one ARP table for the entire system regardless of how many NICs or jails or routing tables you have, and that... Chris Buechler
02:08 AM Feature #1113: WAN Interfaces with the same Gateway
excuse my investigation, its only for my understanding. if I wish to send an ip-packet from my box to an ip-adress, i... Falk Nisius
01:16 AM Feature #1113: WAN Interfaces with the same Gateway
layer 2 is the issue, not layer 3. Chris Buechler
01:14 AM Feature #1113: WAN Interfaces with the same Gateway
Yes You are right its ugly, but a small router with a 9V DC power supply beside is much uglier. I thought, that in Fr... Falk Nisius

12/16/2010

10:36 PM pfSense Packages Bug #1110: libgd.so.4 => not found (0x0) - bandwidthd won't start
It should be all clear on i386 now, too. Jim Pingle
03:32 PM pfSense Packages Bug #1110: libgd.so.4 => not found (0x0) - bandwidthd won't start
FYI- It should be OK on amd64 now:... Jim Pingle
02:32 PM pfSense Packages Bug #1110: libgd.so.4 => not found (0x0) - bandwidthd won't start
sorry i can only test the amd64 packages right now; still experiencing the same error Thomas Scholten
02:27 PM pfSense Packages Bug #1110 (Feedback): libgd.so.4 => not found (0x0) - bandwidthd won't start
This should have been set to feedback, not resolved just yet. Jim Pingle
02:25 PM pfSense Packages Bug #1110 (Resolved): libgd.so.4 => not found (0x0) - bandwidthd won't start
I did quite a bit of cleanup on the i386 package build machine today and did a complete fresh run just now. Can you t... Jim Pingle
02:17 PM pfSense Packages Bug #1110: libgd.so.4 => not found (0x0) - bandwidthd won't start
Hi,
i can confirm this issues. Running 'ldd /usr/local/bandwidthd/bandwidthd' as mentioned in Issue 1033 show a mi... Thomas Scholten
02:38 PM pfSense Packages Bug #1114 (Resolved): Snort Dashboard Widget has wrong link
When activating the Dashboard Widget for snort and clicking the widget title '' it leads to the url https://snort/sno... Thomas Scholten
02:29 PM Feature #1113: WAN Interfaces with the same Gateway
that's not a viable solution for the same reasons it doesn't work without having a jail, and it's extremely ugly. it'... Chris Buechler
02:15 PM Feature #1113: WAN Interfaces with the same Gateway
excuse, but my proposal is not the duplicate of the problem, what is part of the system, it is a way for the solution... Falk Nisius
01:58 PM Feature #1113 (Rejected): WAN Interfaces with the same Gateway
duplicate of #228. please look at the open features before opening one. Chris Buechler
01:55 PM Feature #1113 (Rejected): WAN Interfaces with the same Gateway
if someone has two Cablemodems from the same provider and get via DHCP different IP-Adresses, but the same gateway, t... Falk Nisius
01:56 PM pfSense Packages Bug #1091 (Closed): snort - mysql package installation fails
Duplicate of #1080 Jim Pingle
01:52 PM pfSense Packages Bug #1091: snort - mysql package installation fails
Think this is a duplicate to Bug #1080 which i just updated a few seconds ago Thomas Scholten
01:54 PM pfSense Packages Bug #668: Snort does not deinstall properly
just for the record. I just did a deinstall / install for another ticket and had no issues with deinstalling.
(updat... Thomas Scholten
01:51 PM pfSense Packages Bug #1080: Snort Installation fails
Thx to Dienis this helps intalling snort package, but i also experienced this error. AFAICS it depends on the url's u... Thomas Scholten
12:47 PM Bug #1111: SIGTERM to syslogd after enabling Remote syslog'ing
I confirm this bug. Alexander Kalashnikov
06:51 AM Bug #1111 (Resolved): SIGTERM to syslogd after enabling Remote syslog'ing
In Status->System Logs->Settings
When enabling "Enable syslog'ing to remote syslog server"
syslogd gets terminat... Mykolas Norvaišas
12:42 PM Feature #1103 (Resolved): Wake-on-Lan Widget for Dashboard (with code)
If it tested ok, I'll go ahead and close the ticket out.
Thanks for the contribution!
 Jim Pingle
12:35 PM Feature #1103: Wake-on-Lan Widget for Dashboard (with code)
It looks like it is working in "2.0-BETA4 (i386) - Thu Dec 16 04:59:28 EST 2010"
I tested display with 1, 2, and 3 e... Yehuda Katz
10:32 AM Bug #1112 (Resolved): IPsec GUI/backend missing RADIUS support
The User and Group choices for User Authentication in the IPsec Mobile GUI are hardcoded to only show "System" and no... Jim Pingle
09:39 AM Bug #1102: Captive Portal does not work after upgrade
Yes, that update should no longer contain the patch in question. So it may not be related to that one after all. Jim Pingle
09:37 AM Bug #1102: Captive Portal does not work after upgrade

Tested pfSense-Full-Update-2.0-BETA4-20101216-0237.tgz : no redirection... :(
Does this update include the (anti... Thomas NOEL
03:21 AM Bug #1096: pf TSO patch fallout - squid (and potentially other) issues
Updated to:
2.0-BETA4 (i386)
built on Wed Dec 15 20:50:23 EST 2010
Seems to work fine so far. Maciej Kazulak

12/15/2010

10:43 PM Bug #1093: Problems with em(4)
Arrggghhh!! Problem came back. page fault related to the intel nic. Shannon McMahon
09:32 PM Bug #1093: Problems with em(4)
I just reinstalled the Intel GB NIC. Loaded a build earlier today, and then just upgraded the build this evening. Al... Shannon McMahon
10:20 PM Feature #385: Allow the use of Captive Portal to restrict services on the firewall itself.
I just brought this up on the forum this week (http://forum.pfsense.org/index.php/topic,31079.0.html)
Regular user... Yehuda Katz
08:05 PM Bug #1102: Captive Portal does not work after upgrade
What was new at that time is the patch that was backed out of the firmware updates I built above, and it will also be... Jim Pingle
07:57 PM Bug #1102: Captive Portal does not work after upgrade
Thomas NOEL wrote:
> Thomas NOEL wrote:
> > the captive portal works with pfSense-Full-Update-2.0-BETA4-20101201-2... Thomas NOEL
02:17 PM Bug #1102: Captive Portal does not work after upgrade
Thomas NOEL wrote:
> the captive portal works with pfSense-Full-Update-2.0-BETA4-20101201-2252.tgz
works with pf... Thomas NOEL
01:37 PM Bug #1102: Captive Portal does not work after upgrade
Thomas NOEL wrote:
> However, I tested this firmware (...)
Just for information : the captive portal works with ... Thomas NOEL
12:35 PM Bug #1102: Captive Portal does not work after upgrade
Olé,
Jim P wrote:
> (...) It would help us narrow down the problem if you
> could test with the appropriate firm... Thomas NOEL
11:07 AM Bug #1102: Captive Portal does not work after upgrade
As a test, I have built a custom firmware image without the TSO patch that Chris mentioned. It would help us narrow d... Jim Pingle
10:56 AM Bug #1102: Captive Portal does not work after upgrade
Hello, the probleme is present for me too with build on : built on Tue Dec 14 05:32:26 EST 2010
and the probleme is ... gerard grazzini
06:20 AM Bug #1102: Captive Portal does not work after upgrade
Same here happened on snapshot 14December, 13 December, 8December.
So now I'm using December 1 snapshot. Life Form
07:25 PM Bug #1106 (Feedback): Error in boot process
Applied in changeset commit:"451e4a05edd8f1a65dde0e32f7d6015c3c20cfcb". Erik Fonnesbeck
07:10 PM Bug #1106: Error in boot process
I found that there was a change yesterday that unintentionally made it so that code would run when vouchers are disab... Erik Fonnesbeck
06:39 PM Bug #1106: Error in boot process
Erik Fonnesbeck wrote:
> Looking at the source code, it looks like that probably means you don't have any voucher ro... Yehuda Katz
06:33 PM Bug #1106: Error in boot process
Looking at the source code, it looks like that probably means you don't have any voucher rolls yet. However, this is... Erik Fonnesbeck
01:20 PM Bug #1106 (Resolved): Error in boot process
I am not sure how important this is, but I saw this error flash by during boot:
Enabling voucher support...
Warni... Yehuda Katz
05:07 PM pfSense Packages Bug #1110 (Resolved): libgd.so.4 => not found (0x0) - bandwidthd won't start
I did everything mentioned in http://redmine.pfsense.org/issues/1033. I'm running latest 2.0 firmware. Here's what I ... John Smith
04:57 PM Feature #1109 (Duplicate): Allow prepending exception entries to SPD
I'm using pfsense 2.0 at a remote office, with an IPSEC site-to-site tunnel. Let's say that we have lots of sites, s... Bill Fenner
03:55 PM Bug #1096: pf TSO patch fallout - squid (and potentially other) issues
I disabled the patch and have a new snapshot building now. The next new snapshot dated after this update should be OK. Jim Pingle
01:53 PM Bug #1107 (Resolved): mpd on AMD64 generates invalid checksums with NAT
The issue is that I think that the checksum for some reason is calculated wrong or byte swapped when routing (with NA... Andreas Winge
12:21 PM Feature #1099: pptp does not use User Manager
It has already been changed to reflect that. Jim Pingle
12:11 PM Feature #1099: pptp does not use User Manager
Then can the doc wiki be changed to say that this is not the case until the feature works?
Thanks. Moshe Katz
10:40 AM Feature #1103 (Feedback): Wake-on-Lan Widget for Dashboard (with code)
Applied in changeset commit:"254ac496401b2259a17dc2deee1fa19f963d89c6". Jim Pingle
09:57 AM Bug #1105 (Closed): WLAN Broadcom BCM 4306 problems -the fw file(bwn_v4_ucode5) not found
I'm using Broadcom BCM4306 802.11b/g Wireless in my pfSense 2.0 BETA 4 full.
(kernel: FreeBSD 8.1-RELEASE-p2 #1: Tue... Luka Birsa
08:09 AM Feature #1104 (Closed): mwl driver patch to enable generation of new BSSIDs for additional VAPs
The current version of the mwl driver we are using has something that is disabling the code that generates new BSSIDs... Erik Fonnesbeck
02:31 AM Bug #1090: clean up interfaces mess in setup wizard
It is assumed that the port for your WAN connection is already assigned to WAN before the setup wizard is even starte... Erik Fonnesbeck
01:56 AM Bug #1090: clean up interfaces mess in setup wizard
This is probably obvious, but the Setup Wizard will silently fail to create a valid PPPoE or PPTP link if the WAN is ... Marcus Brown
12:34 AM Bug #1090: clean up interfaces mess in setup wizard
As far as I could tell, it doesn't end up writing that to the config between those steps, but it would probably be be... Erik Fonnesbeck
02:20 AM Bug #1072: Issues with increased CARP VHID limits
In the patch file, I saw this change that commented out this line:... Erik Fonnesbeck

12/14/2010

11:43 PM Feature #1103: Wake-on-Lan Widget for Dashboard (with code)
Looks like it did not work again.
There is just one line missing from the end.
The last line should be:... Yehuda Katz
11:41 PM Feature #1103: Wake-on-Lan Widget for Dashboard (with code)
Looks like I uploaded and old version of the php file... Yehuda Katz
11:40 PM Feature #1103 (Resolved): Wake-on-Lan Widget for Dashboard (with code)
This is a dashboard widget for quick access to Wake-on-Lan. Yehuda Katz
11:22 PM Bug #1102: Captive Portal does not work after upgrade
I'm almost certain this is a duplicate of #1096, which describes the actual cause, but will leave it open to make sur... Chris Buechler
10:07 PM Bug #1102 (Resolved): Captive Portal does not work after upgrade
I upgraded to the latest snapshot 14 December but it failed the captive portal
access.
Whenever I activate captiv... Edan Pedragosa
10:28 PM Bug #1101: Wake-on-Lan display issue
Ok, it is not quite that simple.
(I would not be surprised if there was already be a function that does this.)
if... Yehuda Katz
09:35 PM Bug #1101: Wake-on-Lan display issue
It looks like a lot of my ticket got cut off.
if ($wolent['interface'] == "lan")
echo "LAN";
else
echo $confi... Yehuda Katz
09:32 PM Bug #1101 (Resolved): Wake-on-Lan display issue
Even if you have renamed the LAN interface, the page still shows saved clients on interface LAN.
The fix is easy, re... Yehuda Katz
08:35 PM Bug #1072: Issues with increased CARP VHID limits
According to packet dump
carp vhid=1
192.168.252.254 > 224.0.0.18: VRRPv2, Advertisement, vrid 1, prio 0, autht... Alexander Kalashnikov
07:03 PM Bug #1072: Issues with increased CARP VHID limits
yes Chris Buechler
07:01 PM Bug #1072: Issues with increased CARP VHID limits
Does anyone looking into the issue with broken CARP? Alexander Kalashnikov
07:48 PM Bug #1030: Interface case change in apinger.conf needs reverted
Changed to uppercase you mean?
I guess the question is: Should it also be reverted to lowercase?
(I think it should... Jeppe Oland
06:03 PM Bug #1030: Interface case change in apinger.conf needs reverted
Well that has changes since long time now.
It is more than 5-6 months it has changed! Ermal Luçi
07:13 PM pfSense Packages Bug #1098 (Feedback): Squid Installation fail on 2.0-BETA4 (amd64) built on Wed Dec 8 22:08:02 UTC 2010
Should be good now. Installs fine after a fresh package builder run. Jim Pingle
01:17 PM pfSense Packages Bug #1098: Squid Installation fail on 2.0-BETA4 (amd64) built on Wed Dec 8 22:08:02 UTC 2010
Known issue, something in the nightly rebuild is clobbering it. There's a forum thread already started for it as well... Jim Pingle
12:36 PM pfSense Packages Bug #1098 (Resolved): Squid Installation fail on 2.0-BETA4 (amd64) built on Wed Dec 8 22:08:02 UTC 2010
Squid 2.7.9 installation failed with following error on 2.0-BETA4 (amd64) built on Wed Dec 8 22:08:02 UTC 2010
perl... Mukesh Patel
07:12 PM Bug #1043 (Resolved): Inadequate input validation on limiters with floating rules
thanks Chris Buechler
06:19 PM Bug #1043: Inadequate input validation on limiters with floating rules
No problem.
It's working now.
Thank you.
 Alexander Kalashnikov
06:02 PM Bug #1043 (Feedback): Inadequate input validation on limiters with floating rules
Yeah, thank you for catching that wrong check. Ermal Luçi
06:27 PM pfSense Packages Feature #1100 (Resolved): Add additional ports to squid (includes patch)
Background:
People on our network use Citrix XenApp to connect to other locations.
Citrix XenApp uses TCP ports 149... Yehuda Katz
06:25 PM Bug #1088: CARP sync broken
It seems like that is only a cosmetic issue.
After a configuration sync filter reload status file just remains unt... Alexander Kalashnikov
05:55 PM Bug #1087: vouchers need to save to CF periodically
oh, yeah it has a save interval there, guessing that wasn't working previously. Needs testing. Chris Buechler
05:40 PM Bug #1087: vouchers need to save to CF periodically
Just test with a snapshot including all the changes.
Should be ok now. Ermal Luçi
05:26 PM Bug #1087: vouchers need to save to CF periodically
I backed out the changes I made. This was already present under the voucher config, there is an interval that can be ... Jim Pingle
05:25 PM Bug #1087: vouchers need to save to CF periodically
Applied in changeset commit:"d12003c99517c25105673c557aebec7e3fa55dcb". Jim Pingle
05:15 PM Bug #1087 (Feedback): vouchers need to save to CF periodically
Applied in changeset commit:"0d89a2fcac3deea06bdc4a481bbdfae4f18b1ff8". Jim Pingle
05:42 PM Bug #1093 (Feedback): Problems with em(4)
New driver is on new snapshots now. Ermal Luçi
02:45 PM Feature #1099 (Closed): pptp does not use User Manager
In the wiki (http://doc.pfsense.org/index.php/PPTP_VPN_Settings and http://doc.pfsense.org/index.php/User_Manager) it... Moshe Katz
01:47 PM Bug #1079 (Feedback): Load balancer widget doesn't work on 2.0
Should be fixed on new snaps. I completely rewrote it to use data from the new load balancer setup. Jim Pingle
12:34 PM Bug #1081 (New): traffic shaper wizard loops endless back to VOIP-settings
Chris Buechler
04:29 AM Bug #1081: traffic shaper wizard loops endless back to VOIP-settings
Ermal Luçi wrote:
> Fixed in latest snaps.
As of today with snap (i386) built on Mon Dec 13 21:32:21 EST its stil... igor igor
10:05 AM Bug #1085 (Feedback): Status: Load Balancer: Virtual Server fails to display a correct status for «some» "virtual server" names
Applied in changeset commit:"5ca559d227855d9293a1d194e6981b8275e043ae". Jim Pingle
09:19 AM Bug #1096: pf TSO patch fallout - squid (and potentially other) issues
Same issue here.
Performed an auto update today. Installed squid. Normal proxy works ok, transparent does not. Fro... Maciej Kazulak
08:37 AM Bug #757: PPPoE Disconnect button with multiple PPPoE interfaces
FYI, this behavior and surrounding trouble about the disconnect button is because one user felt that if the "disconne... Marcus Brown
08:28 AM Bug #1090: clean up interfaces mess in setup wizard
Committed the removal of the dropdown interfaces select box.
About the temp variable, I couldn't really figure out... Marcus Brown
08:25 AM Bug #1090 (Feedback): clean up interfaces mess in setup wizard
Applied in changeset commit:"841c4125a6b4488c16a0c69e7642779f294fa449". Marcus Brown

12/13/2010

09:37 PM Bug #1043: Inadequate input validation on limiters with floating rules
It seems like the issue is still present but only for gateways check since the $_POST['gateway'] contains an empty st... Alexander Kalashnikov
09:01 PM Bug #1043: Inadequate input validation on limiters with floating rules
Sure I can read code and any text since I've read your response and writing an answer here.
I'm sorry for that I've ... Alexander Kalashnikov
05:07 PM Bug #1043: Inadequate input validation on limiters with floating rules
Hah it seems you cannot read code!
That code is correct! Ermal Luçi
04:18 PM Bug #960 (Feedback): Problem with config sync + ipsec + special characters
Hi Thiago,
This problem should be solved now. Can you try again ?
Thanks !
Pierre
 Pierre POMES
11:47 AM Bug #960: Problem with config sync + ipsec + special characters
Other information:
1) In the GUI, I used "CARP LAN éé" as description
2) config.xml shows :... Pierre POMES
11:21 AM Bug #960: Problem with config sync + ipsec + special characters
Hi,
This also happens for other descriptions, I tested for a carp VIP description and the problem is the same (als... Pierre POMES
02:26 PM Bug #1097: Onload Javascript on Rules page of management GUI
I ask because I've been on several systems with a lot of rules and never seen anything like you describe, and figured... Chris Buechler
02:22 PM Bug #1097: Onload Javascript on Rules page of management GUI
You've got me a bit worried with that question?!
I cannot get the 2.0-BETA4 GUI to even load in IE7, on any machine,... dasanco dasanco
12:38 PM Bug #1097: Onload Javascript on Rules page of management GUI
You seeing this in IE? Chris Buechler
12:32 PM Bug #1097 (Closed): Onload Javascript on Rules page of management GUI
I attempted to install and run a test bed running 2.0-BETA4.
I proceeded to import existing rules from a live 1.2.3 ... dasanco dasanco
02:44 AM pfSense Packages Bug #1094: Clicking pfSense logo start deinstall/reinstall of HAVP package
It is possible to repeat again? Serg Dvoriancev

12/12/2010

11:53 PM Bug #1096 (Resolved): pf TSO patch fallout - squid (and potentially other) issues
With commit:c57f939b20a6a7a66351ce973843ce7d8564ed72 ( https://rcs.pfsense.org/projects/pfsense-tools/repos/mainline/... Jim Pingle
07:32 PM Bug #1093: Problems with em(4)
FYI: Let me know when you change the driver. I can throw the Intel NIC back in and test at that point. Shannon McMahon
07:31 PM Bug #1093: Problems with em(4)
Ah, interesting. I assumed it was the BSD 8 default driver.
 Shannon McMahon
07:29 PM Bug #1093: Problems with em(4)
Thanks for confirming, it is a pfSense issue though as we changed the driver, need to change back to what we had prev... Chris Buechler
07:17 PM Bug #1093: Problems with em(4)
I think your hunch was on the money. I looked into known issues with em(4), and subsequently yanked the dual GB Inte... Shannon McMahon
01:39 AM Bug #1093 (New): Problems with em(4)
this sounds like the same thing I hit last night on em(4) as well, any traffic initiated by or destined to the host i... Chris Buechler
01:12 AM Bug #1093: Problems with em(4)
I just updated to the latest build. I then initiated an install of squid as an example. shortly after starting the ... Shannon McMahon
12:48 AM Bug #1093 (Feedback): Problems with em(4)
Needs a lot more detail.
I'm running snapshots later than that on amd64 and they do not crash. We need at the ver... Jim Pingle
12:45 AM Bug #1093 (Resolved): Problems with em(4)
Some time after Dec 2, something has changed in the build. Now, when I attempt to upgrade to newer builds, or instal... Shannon McMahon
05:44 PM pfSense Packages Bug #1094: Clicking pfSense logo start deinstall/reinstall of HAVP package
If you did this after a firmware update, the flag file that tells the GUI it needs to reinstall all packages may stil... Jim Pingle
05:20 PM pfSense Packages Bug #1094: Clicking pfSense logo start deinstall/reinstall of HAVP package
That should say 'logo' but I don't think I can edit the title. Lars Hupfeldt Nielsen
05:15 PM pfSense Packages Bug #1094 (Resolved): Clicking pfSense logo start deinstall/reinstall of HAVP package
Hi, after installation of HAVP, when still on the package installation page, click the pfSense logo and an immediate ... Lars Hupfeldt Nielsen
05:39 PM pfSense Packages Bug #1095 (Rejected): HAVP attempts to write to readonly file system
Duplicate of #679. Please don't open new tickets if there is an existing ticket for the same issue. Put the full text... Jim Pingle
05:22 PM pfSense Packages Bug #1095 (Rejected): HAVP attempts to write to readonly file system
Error message shown in browse:
-----
Warning: file_put_contents(/usr/local/etc/havp/havp_conf.xml): failed to open ... Lars Hupfeldt Nielsen
05:37 PM pfSense Packages Bug #679 (New): HAVP error message shows up behind top menu.
Jim Pingle
05:03 PM pfSense Packages Bug #679: HAVP error message shows up behind top menu.
Hi, the problem persists, see attached image.
----
Version 2.0-BETA4 (i386)
built on Sat Dec 11 21:35:41 EST 20... Lars Hupfeldt Nielsen
06:52 AM Bug #1072: Issues with increased CARP VHID limits
Understood.
So the pfSense is not compatible with *BSD.
And I understood why CARP is broken now. Alexander Kalashnikov
05:17 AM Bug #1092 (Closed): Changing NAT Port forward port setting not applied to firewall rule
I've tested every possible scenario here and they all work. Chris Buechler
05:14 AM Bug #1092: Changing NAT Port forward port setting not applied to firewall rule
Correct the associated filter rule. Just tried to replicate but couldn't. I must have missed the apply button or look... Perry Mason
02:45 AM Bug #1092: Changing NAT Port forward port setting not applied to firewall rule
with a linked rule you mean? Chris Buechler
01:04 AM Bug #1043 (New): Inadequate input validation on limiters with floating rules
Chris Buechler

12/11/2010

07:39 PM Bug #1030: Interface case change in apinger.conf needs reverted
For me, the quality graph was always the offending one. Jeppe Oland
07:38 PM Bug #943: 2.0-BETA4 Dynamic DNS updates not working
Any ideas on this one? Jeppe Oland
03:34 PM Bug #959: Config sync removes alias VIPs on the slave
Hi Thiago,
I finally added your suggestion, everything is ok on my pair of boxes
Revision 00752d5a82baea1f05c8d... Pierre POMES
11:51 AM Bug #1092 (Closed): Changing NAT Port forward port setting not applied to firewall rule
Was changing sip to alias with 5060 and 16300:16700 Perry Mason
10:36 AM Bug #1072: Issues with increased CARP VHID limits
We have a patch in the builds which expands the field to two bytes. Jim Pingle
05:59 AM Bug #1072: Issues with increased CARP VHID limits
vhid field in CARP packet is one byte long, so this GUI change does not make any sense. Alexander Kalashnikov
07:41 AM Bug #1088: CARP sync broken
I'm not sure fixed it or not, because after a configuration sync "Filter reload status" just hangs on "Syncing CARP d... Alexander Kalashnikov
06:29 AM Bug #1043: Inadequate input validation on limiters with floating rules
The same needs to be done in:
&& $_POST['gateway'] != "default" && (empty($_POST['direction']) || $_POST['directio... Alexander Kalashnikov
06:14 AM Bug #1043: Inadequate input validation on limiters with floating rules
Unfortunatelly it's not fixed.
Problem is in program logic:
http://redmine.pfsense.org/projects/pfsense/repositor... Alexander Kalashnikov
12:01 AM pfSense Packages Bug #1091 (Closed): snort - mysql package installation fails
The snort package fails to install due to not being able to download mysql-client-5.1.53 after upgrade to "2.0-BETA4 ... Tom Bauer

12/10/2010

08:50 PM Bug #1041 (Feedback): IP Alias VIPs are not available for use by IPsec
VIP aliases should now work with ipsec. Pierre POMES
03:42 PM Bug #1090 (Resolved): clean up interfaces mess in setup wizard
Revision 389c778ec29d929a17843139f8cddf337b8fa9ad by gnhb added an interface drop down to the WAN configuration page ... Chris Buechler
03:23 PM Bug #1043 (Feedback): Inadequate input validation on limiters with floating rules
I fixed even the regression caused by fixing the limiters.
Test it with latest snapshots. Ermal Luçi
11:18 AM Bug #1043: Inadequate input validation on limiters with floating rules
this particular issue isn't a problem, but yeah the fix broke other things. Chris Buechler
11:17 AM Bug #1043: Inadequate input validation on limiters with floating rules
Whoops, didn't see the comment by Alexander when I posted.
I can confirm the bug he reported, setting direction t... Josh Stompro
11:14 AM Bug #1043: Inadequate input validation on limiters with floating rules
Tested on 2.0-beta4 (i386) Dec 10 02:17:09:EST 2010
When I tried to add a limiter (In/Out, which is not a very des... Josh Stompro
10:06 AM Bug #1043 (New): Inadequate input validation on limiters with floating rules
Chris Buechler
09:52 AM Bug #1043: Inadequate input validation on limiters with floating rules
This fix led to that every rule in Floating tab MUST contain a direction.
So now it's unable to create there a rule ... Alexander Kalashnikov
02:37 PM Bug #1088: CARP sync broken
Ok should be better than before on latest snapshot.
Be careful to have all the related commits. Ermal Luçi
06:42 AM Bug #1088: CARP sync broken
Still broken.
Dec 10 13:41:43 php: : The other member is on older version of . Sync will not be done to prevent p... Alexander Kalashnikov
03:25 AM Bug #1088: CARP sync broken
Will check in 5 hrs.
Current snapshots has been compiled with an old code. Alexander Kalashnikov
12:13 PM pfSense Packages Bug #679 (Closed): HAVP error message shows up behind top menu.
Sounds good. Closing for now unless someone can reconfirm it with modern versions. Jim Pingle
12:01 PM pfSense Packages Bug #679: HAVP error message shows up behind top menu.
In my opinion this is should be closed. There have been changes in the code, solve the this problem. Serg Dvoriancev
11:00 AM pfSense Packages Bug #979 (Resolved): Broken LightSquid installation on 2.0 amd64
Jim Pingle
10:57 AM pfSense Packages Bug #979: Broken LightSquid installation on 2.0 amd64
Works. Thank you. Alexander Kalashnikov

12/09/2010

07:18 PM Bug #1088 (Feedback): CARP sync broken
Check new snapshots. Ermal Luçi
03:36 PM Bug #1088 (Resolved): CARP sync broken
After http://redmine.pfsense.org/projects/pfsense/repository/revisions/7380bcdbe4be18bcb007f283b71fd5f83b51fced revis... Alexander Kalashnikov
05:10 PM Bug #1083: aliases cause error when creating NAT 1:1 rules
just need to remove alias capabilities from 1:1 NAT for now (it's not valid syntax in PF, though it's simply user spa... Chris Buechler
04:55 PM pfSense Packages Bug #1089 (Rejected): Carp and SYNC broken after upgrade to latest snapshot
Duplicate of #1088 Jim Pingle
04:51 PM pfSense Packages Bug #1089 (Rejected): Carp and SYNC broken after upgrade to latest snapshot
After upgrade to latest snapshot the sync was stoped.
Dec 9 17:53:20 hsfw-1 check_reload_status: syncing firewall... Francisco Brasileiro
03:43 PM Feature #1086: [patch] CARP IPs as outer source addressed for GRE and GIF tunnels
Should be ok in new snapshots.
The method used is different. Ermal Luçi
10:56 AM Feature #1086: [patch] CARP IPs as outer source addressed for GRE and GIF tunnels
Forgot to add the patch to visualise CARP IPs/Parent Interfaces in the GRE/GIF interfaces summary... Fulvio Scapin
08:31 AM Feature #1086 (Feedback): [patch] CARP IPs as outer source addressed for GRE and GIF tunnels
https://rcs.pfsense.org/projects/pfsense/repos/mainline/commits/11decf6ef66b329df6bd0e39ccfc57134c46d8d8
Thanks. Ermal Luçi
08:20 AM Feature #1086 (Resolved): [patch] CARP IPs as outer source addressed for GRE and GIF tunnels
I applied the code from the ipsec/openvpn interface lists to include CARP VIP interfaces as outer source addresses fo... Fulvio Scapin
01:30 PM pfSense Packages Bug #1084 (Resolved): nmap package libpcap errors
Thanks for testing Jim Pingle
01:30 PM pfSense Packages Bug #1084: nmap package libpcap errors
Updated to latest snapshot and it's working now. Karsten leone
08:42 AM Bug #1087 (Resolved): vouchers need to save to CF periodically
Vouchers need to save to CF periodically the same as we have options for RRD and DHCP leases to avoid losing usage in... Chris Buechler
06:32 AM Bug #1085 (Resolved): Status: Load Balancer: Virtual Server fails to display a correct status for «some» "virtual server" names
I've noticed how inserting characters like «-» in a virtual server name breaks the regex match on the output of «rela... Fulvio Scapin
04:23 AM Feature #13: wireless page to have option to select transmit and receive antennas
on latest snap, 9th dec, i have set diversity to 1 as i have connected antennas on both connectors and set the tx and... Bipin Chandra

12/08/2010

05:52 PM pfSense Packages Bug #1084: nmap package libpcap errors
That issue has been fixed in HEAD since yesterday but a new snapshot hasn't uploaded yet. When a new snapshot is uplo... Jim Pingle
05:51 PM pfSense Packages Bug #1084: nmap package libpcap errors
That fixed the libpcap errors. It still goes to the dashboard page when I select Diagnostics -> NMap. Karsten leone
01:42 PM pfSense Packages Bug #1084 (Feedback): nmap package libpcap errors
I fixed some dependency issues, recompiled, and reuploaded nmap. Installs and runs fine for me now. Jim Pingle
01:09 PM pfSense Packages Bug #1084 (Resolved): nmap package libpcap errors
I installed the nmap package and when I go to Diagnostics -> NMap, I'm redirected to the dashboard page. When I run ... Karsten leone
10:00 AM Bug #845 (New): Need patch for PR usb/140883
Apparently a better version of this driver was posted to fix some bugs:
http://svn.freebsd.org/viewvc/base?view=re... Jim Pingle
05:10 AM Bug #1039 (Resolved): Error on Syncronisation slave - DIOCADDRULE: Device busy
thanks Chris Buechler
05:10 AM Bug #1039: Error on Syncronisation slave - DIOCADDRULE: Device busy
On the Dec 7 snapshot
the problem seems to be fixed.
Thank You Martin Klein

12/07/2010

04:59 PM Bug #1083 (Resolved): aliases cause error when creating NAT 1:1 rules
I can create 1:1 NAT rules using IP Addresses, for instance entering 192.168.1.3 as a source IP.
Creating an alias w... Ryan Perkins
03:42 PM Bug #1082 (Rejected): Proxy server: Cache management : Do not cache ne fonctionne pas
Please use the forum for this issue. It's not a bug in the GUI, but something that needs fixed in your config.xml - T... Jim Pingle
03:39 PM Bug #1082 (Rejected): Proxy server: Cache management : Do not cache ne fonctionne pas
Bonjour,
Je dois mettre certain site dans le "Do not cache" afin que ceux si ne passe pas par le proxy, surtout pa... Franck LUDJET
03:32 PM Feature #811 (Resolved): PPTP/GRE NAT multiple connections to single server
Ermal Luçi
02:09 PM Feature #811: PPTP/GRE NAT multiple connections to single server
working for me under
2.0-BETA4 (i386) built on Sat Dec 4 01:44:52 EST 2010 Michel Samovojski
03:09 PM Bug #1039: Error on Syncronisation slave - DIOCADDRULE: Device busy
Please update to newer snapshots.
This should be fixed now. Ermal Luçi
03:08 PM Bug #833 (Resolved): route-to for firewall-initiated traffic stops functioning when default gateway unreachable
Ermal Luçi
03:07 PM Bug #1081 (Feedback): traffic shaper wizard loops endless back to VOIP-settings
Fixed in latest snaps. Ermal Luçi
11:00 AM Bug #1081 (Resolved): traffic shaper wizard loops endless back to VOIP-settings
Every traffic shaper wizard loops endless back to VOIP-settings. Respective forum-entry:
http://forum.pfsense.org/... igor igor
12:34 PM pfSense Packages Bug #1080: Snort Installation fails
Workaround is
pkg_add -r http://files.pfsense.org/packages/8/All/mysql-client-5.1.53.tbz
from command line
than... Dienis Rastegaeff
10:32 AM pfSense Packages Bug #1080 (Feedback): Snort Installation fails
Actually, this should be working either way, unless snort is pulling that from a non-standard URL. That file is prese... Jim Pingle
08:01 AM pfSense Packages Bug #1080: Snort Installation fails
We need more info. We especially need to know if you are using amd64 or i386. Jim Pingle
04:16 AM pfSense Packages Bug #1080 (New): Snort Installation fails
it's a legit issue that needs to be fixed, probably missing binaries since the package rebuilds. Chris Buechler
04:14 AM pfSense Packages Bug #1080 (Closed): Snort Installation fails
Please follow the forum for such things. Ermal Luçi
02:45 AM pfSense Packages Bug #1080: Snort Installation fails
It's about Snort package :) Dienis Rastegaeff
02:31 AM pfSense Packages Bug #1080 (Closed): Snort Installation fails
Error
mysql-client-5.1.53 could not download.
of mysql-client-5.1.53 failed! Dienis Rastegaeff
04:36 AM Bug #636 (New): layer7 not work correctly
this is broken again. Chris Buechler
04:20 AM pfSense Packages Bug #901 (Closed): Squid "Don't filter for RFC1918" doesn't work for PPTP (patch included)
Ermal Luçi
04:20 AM pfSense Packages Bug #901: Squid "Don't filter for RFC1918" doesn't work for PPTP (patch included)
You can do this from theGUI on 2.0.
I will close this since it will not be fixed on 1.2.3 so near to 2.0 release. Ermal Luçi
04:17 AM pfSense Packages Bug #844: Open VM Tools Won't install
Please try new snapshots since all pacakges have been recompiled. Ermal Luçi
04:16 AM pfSense Packages Bug #979 (Feedback): Broken LightSquid installation on 2.0 amd64
Please try the new snapshots. Ermal Luçi
04:15 AM pfSense Packages Bug #1024 (Closed): Snort GUI broken in latest snapshots
Should be fixed.
It was a issue of newer security features. Ermal Luçi

12/06/2010

08:30 PM Bug #1042 (Feedback): CARP VIP Descriptions incorrect on IPsec/OpenVPN
Now VIP descriptions should look like in firewall/nat screens. Pierre POMES
04:42 PM Feature #1064: VoIP - Dynamic Pinholes for RTP
The kernel option is similar to how we do PPTP or FTP today.
Just you have to be very intimate with the internals of... Ermal Luçi
03:27 PM Feature #1064: VoIP - Dynamic Pinholes for RTP
Ermal,
I see in the source of pfctl that ioctl is the underlying mechanism being used to dynamically add rules to ... Ken Leland
02:10 PM Feature #1064: VoIP - Dynamic Pinholes for RTP
There are 2 other choices to do that.
1- kernel
2- state adding through ioctl Ermal Luçi
11:16 AM Feature #1064: VoIP - Dynamic Pinholes for RTP
Ermal, I want to implement this myself along with 2 of my colleagues. The purpose of this ticket is to discuss the d... Ken Leland
05:33 AM Feature #1064: VoIP - Dynamic Pinholes for RTP
What i do not understand is if you want to implement this yourself or want pfSense help on it? Ermal Luçi
03:35 PM Bug #829 (Feedback): WAN stays assigned to pppoe0 interface after switching type from PPPoE to Static
Ermal Luçi
02:11 PM Bug #962 (Resolved): DHCP custom options must have type selection
Thank you for testing. Ermal Luçi
10:49 AM Bug #962: DHCP custom options must have type selection
This fix/feature worked just fine with the Sun Dec 5th 07:23:23 EST 2010 nanobsd snapshot.
I added one option of e... Josh Stompro
01:55 PM Bug #1074 (Closed): Monitor IP Gateway ignored
Remove these two stale entries from your config ... Ermal Luçi
07:24 AM Bug #1074: Monitor IP Gateway ignored
system log, full xml and apinger.conf posted Danny Bogaards
06:51 AM Bug #1074: Monitor IP Gateway ignored
I cannot reproduce this on latest snapshots.
Please post even your system log and your full config.xml otherwise thi... Ermal Luçi
06:13 AM Bug #1074: Monitor IP Gateway ignored
Hereby I upload some screenshots. Danny Bogaards
05:53 AM Bug #1074: Monitor IP Gateway ignored
Can you please paste some screenshots here of your gateways? Ermal Luçi
03:11 AM Bug #1074 (Closed): Monitor IP Gateway ignored
If I set an alternative 'Monitor IP' for a gateway, this is ignored. Is +is+ stored in config.xml though!
config.x... Danny Bogaards
07:11 AM Bug #491 (Feedback): Dynamic DNS upgrade code not working
Ermal Luçi
06:55 AM Bug #1030: Interface case change in apinger.conf needs reverted
That is the gateway quality graph not the interfaces one :)
As far as i can tell the interface graphs all use the no... Ermal Luçi
06:34 AM Bug #1073 (Feedback): Disabled 1:1 NAT entries need to be grayed out
Ermal Luçi
05:47 AM Bug #1078 (Rejected): ipsec tunnel stalled if peer ip is updated
again this needs to go to the forum or list first unless you can provide the appropriate level of detail to pinpoint ... Chris Buechler
05:12 AM Bug #1078 (Rejected): ipsec tunnel stalled if peer ip is updated
until restarting racoon Grischa Zengel
05:42 AM Bug #1077 (Rejected): Pfsense needs very long for booting
Please post details to the forum and someone can help you determine the actual problem, this isn't nearly specific en... Chris Buechler
04:46 AM Bug #1077 (Rejected): Pfsense needs very long for booting
after booting the system needs more than 10 minutes for init files.
2.0-BETA4 (i386) built on Sun Dec 5 06:21:36 E... Grischa Zengel
05:32 AM Bug #1079 (Resolved): Load balancer widget doesn't work on 2.0
The load balancer dashboard widget on pfsense 2.0 doesn't work.
Further investigation suggests it's expecting data... Gary Richards
04:40 AM Bug #1075 (Resolved): rrd graphs missing / duplicate
On the rrd page the first graph
(11 hours / 1 min avg) is shown twice
instead of the daily graph.
See included scr... Martin Klein

12/05/2010

10:21 PM Bug #1073 (Resolved): Disabled 1:1 NAT entries need to be grayed out
Disabled 1:1 NAT entries need to be grayed out like disabled firewall rules are.
Chris Buechler
06:50 PM Bug #1072 (Closed): Issues with increased CARP VHID limits
The increase to 65535 VHIDs has made firewall_virtual_ip_edit.php very slow. Aside from that, having 65535 VHIDs woul... Chris Buechler
06:41 PM Bug #1030: Interface case change in apinger.conf needs reverted
The quality RRDs are still using the uppercase interface name, where they previously always used lowercase and still ... Chris Buechler
06:07 PM Bug #491 (New): Dynamic DNS upgrade code not working
This is reportedly not working, config is gone after upgrade. Chris Buechler
05:48 PM Bug #812: RRD graph time axis not locked to latest times with higher average samples
This change was by design as it shows the full period rather than up to now (where 1 day = midnight to midnight). It'... Chris Buechler
03:10 PM Bug #636: layer7 not work correctly
Not working for me either. I have tried every combination of firewall rules I can think of as per conversation noted ... Seth Scardefield
02:19 PM Bug #1049: After reinstalling packages at bootup, WebUI not accessable (NanoBSD)
Sorry. One more thing. After reboot and installing the Backup package I now get a "404 - Not Found" error when trying... James Lepthien
02:17 PM Bug #1049: After reinstalling packages at bootup, WebUI not accessable (NanoBSD)
Tried again with snap from 12/5 and my RRD Summary and shellcmd packages got reinstalled, not my avahi and Backup pac... James Lepthien
02:29 AM Bug #543 (Resolved): IP alias input validation problem
Chris Buechler
02:27 AM Bug #568 (Resolved): firewall rules advanced clean up
Chris Buechler
02:26 AM Bug #477 (Resolved): Swap usage graphic on dashboard is incorrect
Chris Buechler
02:25 AM Bug #374 (Resolved): "Register DHCP leases in DNS forwarder" doesn't work
Chris Buechler
02:24 AM Bug #860 (Resolved): Multiple PARP entries do not function
Chris Buechler
02:21 AM Feature #952 (Resolved): When "Do not NAT" is checked on outbound rule, the translation section should be hidden.
Chris Buechler
12:28 AM Todo #1071 (Closed): Reevaluate locks
Since the change to the lock function in util.inc to make shared locks the default instead of exclusive locks, most l... Erik Fonnesbeck

12/04/2010

09:41 PM Feature #1064: VoIP - Dynamic Pinholes for RTP
divert probably not a good solution for this scenario, that's good where you want to examine individual packets and p... Chris Buechler
07:31 PM Feature #1064: VoIP - Dynamic Pinholes for RTP
Using divert in pf lets you have a userspace daemon that gets only the traffic specified by a given rule sent through... Jim Pingle
05:40 PM Feature #1064: VoIP - Dynamic Pinholes for RTP
Documentation for Berkeley Packet Filter indicates that the requisite filtering exists.
"In addition, it supports ... Ken Leland
05:04 PM Feature #1064: VoIP - Dynamic Pinholes for RTP
Thanks Chris.
As I understand your suggestion, we would have a user space daemon running and passively listening (... Ken Leland
04:05 PM Feature #1064: VoIP - Dynamic Pinholes for RTP
This is definitely not something that should be in kernel, we wouldn't accept that. It should passively listen and ad... Chris Buechler
03:36 PM Feature #1064: VoIP - Dynamic Pinholes for RTP
We have concluded that this logic belongs in pf.
Here are a couple of the other options we evaluated and why we co... Ken Leland
04:10 PM Bug #829 (New): WAN stays assigned to pppoe0 interface after switching type from PPPoE to Static
Chris Buechler
08:42 AM Bug #829: WAN stays assigned to pppoe0 interface after switching type from PPPoE to Static
I have the same problem from pppoe to DHCP.
2.0-BETA4 (i386)
built on Fri Dec 3 15:21:00 EST 2010 Alexandre Paradis
11:16 AM pfSense Packages Feature #1070 (Rejected): OpenVPN Client Export Utility : names of files in configuration archive
If you, for example, connect to two external routers and your certname is the same on both, using the hostname to dis... Jim Pingle
11:10 AM pfSense Packages Feature #1070 (Rejected): OpenVPN Client Export Utility : names of files in configuration archive
when exporting configuration archive for an openvpn client, having certname.* or clientname.* instead of pfsense-udp-... Julien ROLAND
11:13 AM Bug #1069 (Rejected): creating a 100 years valid CA makes this CA cert expires at year 1974
Sounds like a y2k38 issue (32-bit timestamp rollover), though in this case it's a PHP or OpenSSL bug. We pass the lif... Jim Pingle
10:45 AM Bug #1069 (Rejected): creating a 100 years valid CA makes this CA cert expires at year 1974
a CA cert, created today, with 36500 days of validity, have the following valid period:
from 2010-12-04 to 1974-10-04 Julien ROLAND
08:04 AM Bug #636: layer7 not work correctly
not working for me either. december 2 snapshot i386 Basel G.
04:08 AM Todo #765: Patch: Add custom DHCP configuration
My apologies; I'm not actually going to be able to test this for at least a few more weeks. I don't have physical ac... Jonathan Dieter
01:29 AM Bug #749: Downstream queues should not be assigned to LAN interfaces
I haven't had time to test it yet, but what I believe this is referring to is the queue for Internet traffic being at... Chris Buechler

12/03/2010

06:01 PM Todo #734: Fix up appearance of SSH tunnel shell
This is about the shell that a user sees when they have only the SSH tunnel privilege set and log in by SSH. Since i... Erik Fonnesbeck
05:10 PM Todo #734: Fix up appearance of SSH tunnel shell
Should this ticket be in feedback? It doesn't look like anything was actually done to resolve it, and the initial re... Josh Stompro
05:32 PM Bug #749: Downstream queues should not be assigned to LAN interfaces
Chris Buechler wrote:
> The wizard in 1.2.3 creates seriously bad, wrong queues with behavior that cannot be duplica... Josh Stompro
04:58 PM Bug #673: SSHD keys not created on restore
As far as I know, there is already reference counting for the conf_mount_rw/ro functions, so that it isn't mounted re... Erik Fonnesbeck
03:45 PM Bug #673: SSHD keys not created on restore
I added a little bit of debugging code to the end of the config_mount_ro function in config.lib.inc, send off an aler... Josh Stompro
12:38 PM Bug #673: SSHD keys not created on restore
I think there might still be an issue here, for Nanobsd at least.
Tested this with "2.0-Beta4 (I386) Built on Thu ... Josh Stompro
04:56 PM Feature #520 (Resolved): ALIX reset button
Yeah it should probably get documented in the wiki, and will surely be in the book. Jim Pingle
04:36 PM Feature #520: ALIX reset button
I can confirm that this is working.
Tested with snapshot "pfsense 2.0-beta4-nanobsd (i386) Dec 2 11:27:45 EST 2010... Josh Stompro
04:56 PM Bug #499 (Resolved): DHCP custom options on multiple interfaces not handled properly
Jim Pingle
04:53 PM Bug #499: DHCP custom options on multiple interfaces not handled properly
I can confirm that this is resolved in snapshot " Nanobsd i386 Beta4 Dec 2 11:27:45 EST 2010"
Entering the same th... Josh Stompro
02:51 PM Bug #1067 (Closed): GUI bug in displaying Status -> Wireless
Jim Pingle
11:22 AM Bug #1067: GUI bug in displaying Status -> Wireless
New variable fixes bug if no wireless is in system (see attached screenshot).
 CHess Master
09:25 AM Bug #1067 (Feedback): GUI bug in displaying Status -> Wireless
Applied in changeset commit:"273e9bf7dda8b7eb614bbb99d54389ba9c5f2238". Jim Pingle
02:22 AM Bug #1067 (Closed): GUI bug in displaying Status -> Wireless
Current version: 2.0-BETA4 (i386)
Built On: Tue Nov 30 13:09:03 EST 2010
When on the page "Traffic Graph",... Anonymous
12:41 PM Bug #1031 (Resolved): Firewall Log - Dynamic Update update only first row
Chris Buechler
11:46 AM Bug #1031: Firewall Log - Dynamic Update update only first row
Verified updates properly on:
2.0-BETA4 (i386)built on Wed Dec 1 17:21:34 EST 2010 CHess Master
10:23 AM Bug #1056 (Resolved): DHCP logs are empty since isc-dhcp-server upgrade
Thanks for the feedback! Jim Pingle
10:14 AM Bug #1056: DHCP logs are empty since isc-dhcp-server upgrade
Confirming, I now have logs showing DHCP requests and replies (as well as when the leases are saved to a file), in th... David Szpunar
10:08 AM Bug #636: layer7 not work correctly
This issue has not been resolved, including for me personally (no Layer 7 rules applied), per discussion at http://fo... David Szpunar
09:29 AM Bug #706 (Closed): OpenVPN client export needs to include remote-cert-tls server
We discovered that it was not compatible with the way we built the server certificates. See https://rcs.pfsense.org/p... Jim Pingle
02:14 AM Bug #706: OpenVPN client export needs to include remote-cert-tls server
The export does not include the option "remote-cert-tls server"
Exported config file:
dev tun
persist-tun
persi... Anonymous
09:15 AM pfSense Packages Bug #1068: RRD Graphs not working on 64Bit Beta 4
Thanks. Although, it wasn't terribly intuitive when the firewall said there was an available update... I would think... Shannon McMahon
08:55 AM pfSense Packages Bug #1068 (Rejected): RRD Graphs not working on 64Bit Beta 4
You aren't running a 64-bit snapshot. You probably accidentally applied a 32-bit (i386) update after installing the a... Jim Pingle
08:38 AM pfSense Packages Bug #1068 (Rejected): RRD Graphs not working on 64Bit Beta 4
Installed build:
2.0-BETA4 (i386)
built on Thu Dec 2 09:23:11 EST 2010
Since install, RRD Graphs error:There... Shannon McMahon
04:26 AM Bug #1049: After reinstalling packages at bootup, WebUI not accessable (NanoBSD)
Tried again via console update this time and snap http://snapshots.pfsense.com/FreeBSD_RELENG_8_1/i386/pfSense_HEAD/u... James Lepthien
04:04 AM Bug #1066: Remove old dynamic caches
Error gone and cache file left behind in /conf/ Perry Mason

12/02/2010

07:34 PM Bug #1056: DHCP logs are empty since isc-dhcp-server upgrade

2.0-BETA4 (i386)
built on Thu Dec 2 09:23:11 EST 2010
This is what I got with this version on my test box...
... Chris Palmer
05:47 PM Bug #841 (Feedback): hostapd doesn't work with spoofed MAC (but should be able to)
The workaround I've committed should be sufficient to handle the hostapd issue until the bug gets fixed (if ever). Erik Fonnesbeck
05:29 PM Bug #841: hostapd doesn't work with spoofed MAC (but should be able to)
When using this patch it causes issues when hostapd is run at startup, preventing clients from associating. When hos... Erik Fonnesbeck
12:39 AM Bug #841: hostapd doesn't work with spoofed MAC (but should be able to)
The test utility I had made before for reading the BSSID was actually crashing in an unrelated section and I must not... Erik Fonnesbeck
04:28 PM Bug #943: 2.0-BETA4 Dynamic DNS updates not working
Trust me - I tried.
Yesterday, the server kept giving me "Internal error" whenever I updated this bug ... other bugs... Jeppe Oland
03:56 PM Bug #943: 2.0-BETA4 Dynamic DNS updates not working
Can you show me the new logs please? Ermal Luçi
03:08 AM Bug #943: 2.0-BETA4 Dynamic DNS updates not working
Sorry, but it doesn't seem to be working.
I tested with a clean install of pfSense-2.0-BETA4-20101201-1616.iso fol... Jeppe Oland
04:04 PM Bug #651: Multiple gateways on WAN interface
Please test new snapshots.
This should be fixed from that time. Ermal Luçi
03:53 PM Bug #713 (Resolved): Shaper Wizard: When backlogged, high priority queues get zero bandwidth
Ermal Luçi
01:10 PM Bug #713: Shaper Wizard: When backlogged, high priority queues get zero bandwidth
I can confirm this as resolved. The qACK and QOthersHigh get created without the Link Share M1 or D options set now.... Josh Stompro
03:52 PM Feature #702 (Resolved): Page with status for "Traffic Shaper: Limiter"
Ermal Luçi
01:15 PM Feature #702: Page with status for "Traffic Shaper: Limiter"
I think this is resolved also. Looking at the Dec 2nd snapshot, I see a new option under Diagnostics -> Limiter Info... Josh Stompro
03:50 PM pfSense Packages Bug #1065 (Feedback): error after rules installation
Should be fixed.
Reinstall. Ermal Luçi
03:32 AM pfSense Packages Bug #1065 (Resolved): error after rules installation
when i am tryng to gep the page
/snort/snort_rules.php?id=1
It says "Fatal error: Cannot redeclare csrf_startup()... Dienis Rastegaeff
03:48 PM Bug #875: Uninstalling packages can remove system libraries
Well i did a lot of testing today on this.
The only plausible option is to hardlink /usr/local/lib files that ship w... Ermal Luçi
03:30 PM Bug #1063 (Feedback): Load balancer status doesn't work if the virtual server name contains a '.'
Applied in changeset commit:"0a0774b511c6833a2b87975c21fdb3b10897d6c9". Jim Pingle
03:28 PM Bug #1063: Load balancer status doesn't work if the virtual server name contains a '.'
Actually nevermind, I think I got it. Commit is pending. Jim Pingle
03:15 PM Bug #1063: Load balancer status doesn't work if the virtual server name contains a '.'
How about:... Jim Pingle
09:38 AM Bug #1063: Load balancer status doesn't work if the virtual server name contains a '.'
Bah, attached in a slightly more readable format Gary Richards
09:36 AM Bug #1063: Load balancer status doesn't work if the virtual server name contains a '.'
@
: relayctl show summary
Id Type Name Avlblty Status
1 redirect test ... Gary Richards
09:24 AM Bug #1063: Load balancer status doesn't work if the virtual server name contains a '.'
Can you show the output of:... Jim Pingle
11:39 AM Bug #302: Shaper wizard remembers values on error, but are disabled
I see this same error again when using the Dec 2nd nanobsd snapshot.
2.0-Beta4 (i386) built on Thu Dec 2 03:39:46 E... Josh Stompro
11:31 AM Bug #733: Shaper: Unexplained 30% bandwidth max restriction in p2p catch all
I have few more questions about this issue.
Is the user just supposed to know that custom bandwidths = p2p catchal... Josh Stompro
09:12 AM Bug #1030: Interface case change in apinger.conf needs reverted
Well seems ok now.
Chris why do you think this is not fixed? Ermal Luçi
04:49 AM Bug #1030 (New): Interface case change in apinger.conf needs reverted
That revert was correct but not for fixing this. Chris Buechler
04:36 AM Bug #1030: Interface case change in apinger.conf needs reverted
Not sure it works (pfSense-2.0-BETA4-20101201-1616.iso).
I restored my configuration just before midnight, and the R... Jeppe Oland
08:25 AM Bug #1066 (Feedback): Remove old dynamic caches
Applied in changeset commit:"b8e2fd16e45c21e9942da71020682a3b79f05a69". Jim Pingle
05:25 AM Bug #1066: Remove old dynamic caches
should have looked like this :)... Perry Mason
05:14 AM Bug #1066 (Resolved): Remove old dynamic caches
php: /services_dyndns_edit.php: The command '/bin/rm /conf/dyndns_opt2opendns'Fullrate'.cache' returned exit code '1'... Perry Mason
02:23 AM Bug #1060 (Resolved): Firewall Aliases, no tooltip in Rules if apostrophe in detail description
thanks Chris Buechler
02:18 AM Bug #1060: Firewall Aliases, no tooltip in Rules if apostrophe in detail description
Confirmed fixed on latest snapshot, using same aliases from same config as the bug was submitted, and tooltip now sho... David Szpunar
02:14 AM Bug #1049: After reinstalling packages at bootup, WebUI not accessable (NanoBSD)
I was able to get in remotely (through another firewall/VPN) and revert the VM to a (VM) snapshot from Nov. 3rd that ... David Szpunar
01:50 AM Bug #1049: After reinstalling packages at bootup, WebUI not accessable (NanoBSD)
I just upgraded from a snapshot from yesterday to the most recent snapshot, full ISO install on a VM, with Open VM To... David Szpunar

12/01/2010

10:47 PM Feature #1064: VoIP - Dynamic Pinholes for RTP
If you need development assistance along the way and have a budget for it, contact me via email (cmb at pfsense dot o... Chris Buechler
10:44 PM Feature #1064: VoIP - Dynamic Pinholes for RTP
Great, we'll start reviewing code to determine if it should be a package or part of the base system. Once we have a ... Ken Leland
10:39 PM Feature #1064: VoIP - Dynamic Pinholes for RTP
Ah that's the first RTP-only security issue I've noticed, that does indeed make it worthwhile. Re-inviting is apparen... Chris Buechler
10:23 PM Feature #1064: VoIP - Dynamic Pinholes for RTP
As far as RTP changing ports during a call, in asterisk language its called re-inviting, and if it is non-standard, a... Ken Leland
10:13 PM Feature #1064: VoIP - Dynamic Pinholes for RTP
The application we intend to use this for is as follows:
Asterisk Cluster -- pfSense -- Public Internet -- VoIP Ph... Ken Leland
10:00 PM Feature #1064: VoIP - Dynamic Pinholes for RTP
RTP is easy to accommodate without that mess, tons of VoIP providers run as is with no difficulties. It's most common... Chris Buechler
09:40 PM Feature #1064 (Closed): VoIP - Dynamic Pinholes for RTP
The media stream for a SIP call uses dynamically assigned port numbers. These port numbers can change several times d... Ken Leland
09:48 PM Bug #749 (New): Downstream queues should not be assigned to LAN interfaces
The wizard in 1.2.3 creates seriously bad, wrong queues with behavior that cannot be duplicated all over again. Where... Chris Buechler
05:08 PM Bug #749: Downstream queues should not be assigned to LAN interfaces
The wizard is the same as in 1.2.3 it just takes more values for multiple interfaces.
And for me this is not much di... Ermal Luçi
12:28 PM Bug #749: Downstream queues should not be assigned to LAN interfaces
What would be the best design to handle shaping and routing?
I just ran into a duh moment after a site with limite... Josh Stompro
08:30 PM Bug #841: hostapd doesn't work with spoofed MAC (but should be able to)
Tried that hostapd configuration setting and got "bssid item not allowed for the default interface and this driver", ... Erik Fonnesbeck
06:55 PM Bug #1000: lagg not working set to failover.
I think its an em(4) problem since it is not reporting that it lost its link state. Ermal Luçi
01:45 PM Bug #682: WAN traffic graph is broken with MLPPP
Same issue exists for me in November 20 snapshot, all the way up to 8 lines. David Burgess
12:24 PM Bug #1063 (Resolved): Load balancer status doesn't work if the virtual server name contains a '.'
Hi,
I've spent a while trying to work out why a test load balancer config I created seemed to be working fine, but... Gary Richards
12:14 PM Bug #1061: Error after upgrade to latest version
I had https, but i hadn't used 443 explicitly.
Nevertheless, pfSense-Full-Update-2.0-BETA4-20101130-0828.tgz was the... Ilias-Dimitrios Vrachnis
12:03 PM Bug #1061 (Feedback): Error after upgrade to latest version
Should be fixed in the next new snapshot. In the meantime if you go to System > Advanced, on the admin tab, and expli... Jim Pingle
11:37 AM Bug #1061: Error after upgrade to latest version
I can confirm this too.
I'm currently downloading an older snapshot to test.
i'll report back if i'm successful
... Ilias-Dimitrios Vrachnis
09:46 AM Bug #1061 (Resolved): Error after upgrade to latest version
/diag_tables.php show nothing in dropdown menu
AND
Filter Reload Status
"There were error(s) loading the rules: /t... Dienis Rastegaeff
10:06 AM Bug #1049: After reinstalling packages at bootup, WebUI not accessable (NanoBSD)
I have avahi, rrd summary and shellcmd installed. But I guess it is not shellcmd because I just installed it yesterda... James Lepthien
09:39 AM Bug #1049: After reinstalling packages at bootup, WebUI not accessable (NanoBSD)
I just updated an ALIX with cron, OpenVPN client export, shellcmd, blinkled, and siproxd installed. It worked fine. I... Jim Pingle
09:29 AM Bug #1049: After reinstalling packages at bootup, WebUI not accessable (NanoBSD)
Just want to let you know that the same problem is here too. ALIX Box with latest pfsense 2.0 snapshot.
This problem... Peter Baumann
09:25 AM Bug #1049: After reinstalling packages at bootup, WebUI not accessable (NanoBSD)
Sure it works without any packages installed. But the ticket is for when you have some packages installed... James Lepthien
09:22 AM Bug #1049: After reinstalling packages at bootup, WebUI not accessable (NanoBSD)
FYI I've upgrade (with no package) and it worked. Perry Mason
07:11 AM Bug #1049: After reinstalling packages at bootup, WebUI not accessable (NanoBSD)
Now tried with snaps from 11/30 and 12/1 and it even got worse. Installed the 12/1 and wanted to connect to the WebUI... James Lepthien
09:55 AM Feature #1062 (Resolved): Add per-rule delete ("X") button to Outbound NAT rules
Firewall rules, port forwards, etc, each have per-entry delete ("X") buttons, but not outbound NAT rules. For consist... Jim Pingle
09:03 AM Bug #1058 (Feedback): filterdns not honoring quit signal
Fixed. Ermal Luçi
05:56 AM Bug #1060 (Feedback): Firewall Aliases, no tooltip in Rules if apostrophe in detail description
Committed. Ermal Luçi
12:05 AM Bug #1060 (Resolved): Firewall Aliases, no tooltip in Rules if apostrophe in detail description
When editing aliases under Firewall->Aliases, if I have an alias of type Host(s) and in the Description field to the ... David Szpunar
05:28 AM Bug #847 (Feedback): Deleting interface leaves remnant in interface groups
Well this is indirectly resolved by the latest commit(referenced to this issue to).
link_interface_to_group() functio... Ermal Luçi
03:02 AM Bug #847 (New): Deleting interface leaves remnant in interface groups
It either:
1) shouldn't allow deleting an interface that's in an interface group
or
2) should automatically remov... Chris Buechler
02:43 AM Bug #847: Deleting interface leaves remnant in interface groups
This bug still exists, I just tested it on the most recent snapshot from this afternoon. I created an interface (opt1... David Szpunar

11/30/2010

11:44 PM Bug #965 (Resolved): IPSec configuration network selection doesn't match rest of UI
thanks Chris Buechler
11:41 PM Bug #965: IPSec configuration network selection doesn't match rest of UI
Confirmed that I've seen this fix in action when heavily configuring several IPsec VPN (site-to-site and Mobile) conf... David Szpunar
10:07 PM Bug #1000: lagg not working set to failover.
Output attached Rick Baranowski
08:29 PM Bug #1059 (Closed): ipfw-classifyd is running but qos is not enabled or configured
Oops, there was a layer7 container. Deleted. Scott Ullrich
08:28 PM Bug #1059 (Closed): ipfw-classifyd is running but qos is not enabled or configured
QOS is not enabled/configured. ipfw-classifyd is running:
[2.0-BETA4][root@hostname]/root(106): ps awux | grep 18... Scott Ullrich
08:10 PM Bug #1058 (Resolved): filterdns not honoring quit signal
[2.0-BETA4][root@hostname]/root(85): ps awux | grep filterdns | wc -l
11
Chris was seeing 24 of them. The... Scott Ullrich
06:39 PM Bug #1056 (Feedback): DHCP logs are empty since isc-dhcp-server upgrade
This should be solved with latest commits. Ermal Luçi
08:31 AM Bug #1056 (Resolved): DHCP logs are empty since isc-dhcp-server upgrade
Since we upgraded to isc-dhcp41-server a few weeks ago, the DHCP logs tab is empty.
The config directives are stil... Jim Pingle
04:23 PM Bug #1039: Error on Syncronisation slave - DIOCADDRULE: Device busy
We are not running uPNP.
We have a few filter and nat rules
and we are running the following services:
carp (... Martin Klein
10:58 AM Bug #1039: Error on Syncronisation slave - DIOCADDRULE: Device busy
By any chance you have services like uPNP running? Ermal Luçi
07:05 AM Bug #1039: Error on Syncronisation slave - DIOCADDRULE: Device busy
I am sorry to say but on a Tue Nov 30 02:04:03 EST 2010
Snapshot the problem is not fixed. Martin Klein
11:57 AM Bug #1049: After reinstalling packages at bootup, WebUI not accessable (NanoBSD)
The commit to fix this just happened. It won't be in a new snapshot until one gets built that includes the fix. It ma... Jim Pingle
11:55 AM Bug #1049: After reinstalling packages at bootup, WebUI not accessable (NanoBSD)
Tried updating to latest snap from 11/30 just now. That update broke my box. Boots up says something about an error i... James Lepthien
11:31 AM Bug #1049: After reinstalling packages at bootup, WebUI not accessable (NanoBSD)
Can you please try with the latest version of snapshots. Ermal Luçi
11:30 AM Bug #1052: Certificate validation of the LDAPS servers is not enforced
the selection of CA for LDAPS should be in the auth server settings, then everything else should point appropriately ... Chris Buechler
09:58 AM Bug #1052: Certificate validation of the LDAPS servers is not enforced
Let me clarify:
The situation was that ALL openvpn authentication requests were failing when it wasn't specified (... Florent Daigniere
09:42 AM Bug #1052: Certificate validation of the LDAPS servers is not enforced
You suggested TLS_REQCERT=never while it seems that default setting is 'try' which is the recommended one!?
TLS is h... Ermal Luçi
11:03 AM Feature #1057 (Needs Patch): Limiter mask only supports dest/src ip
Some scenario's benefit from src port differentiation using dynamic pipes. IE. Terminal Server connections from a NAT... Bastian Slikkerveer
10:58 AM Bug #1038 (Resolved): System Tuneables net.inet.carp.log not Working
Ermal Luçi
10:58 AM Bug #1038: System Tuneables net.inet.carp.log not Working
Yeah but that is another issue perse. Ermal Luçi
07:03 AM Bug #1038: System Tuneables net.inet.carp.log not Working
Using Tue Nov 30 02:04:03 EST 2010 Snapsot
net.inet.carp.log stayes at 1, wich fixes
the problem for me. But if i... Martin Klein
10:54 AM Bug #729: if_bridge unpredictable filter interface selection
This possibly is to late for 2.0 since there are if_bridge(4) chagnes involved which might become problematic.
The p... Ermal Luçi
10:51 AM Bug #911 (Feedback): Need option to disable state killing on WAN failure
Ermal Luçi
10:29 AM Bug #621: Certificate Manager won't accept a windows CA signed certificate
Possibly this is related to format of the cer ie DER....
So this must be an argument that must be supplied during im... Ermal Luçi
10:25 AM Bug #1047 (Feedback): Disable TSO, hardware checksum don't work for unassigned but active interfaces
Patch committed. Ermal Luçi
09:20 AM Bug #947: existing lagg members should not be able to be added to lagg
Applied in changeset commit:"0a1eabbe814498d962a3f06f288bab0c39e4b512". Ermal Luçi
09:18 AM Bug #947 (Feedback): existing lagg members should not be able to be added to lagg
Ermal Luçi
08:33 AM Bug #1055: system is broken after upgrade
That's already been fixed by commit:e2d052b - wait for a new snap. Jim Pingle
08:32 AM Bug #1055: system is broken after upgrade
squid says that cannot create child processes, all ip settings are gone and i cannot connetct to it remotely.
er... Dienis Rastegaeff
08:22 AM Bug #1055 (Rejected): system is broken after upgrade
That is way too vague for a problem report.
We need exact error messages, and specifics about what does and does n... Jim Pingle
08:19 AM Bug #1055 (Rejected): system is broken after upgrade
my pfsense shows errors after upgrade to 20101130-0125
after reinstallation from this image (pfSense-2.0-BETA4-20101... Dienis Rastegaeff
08:26 AM Bug #831: Status -> System logs - > DHCP bug
That is a completely different issue that needs a new ticket. Jim Pingle
08:13 AM Bug #831: Status -> System logs - > DHCP bug
i guess this needs to be opened again as currently the dhcp log doesn't show anything after the upgrade Bipin Chandra
07:46 AM pfSense Packages Bug #1046 (Resolved): pfSense 2.0 beta 4 - Amd64: Discrepancy between package files repository and http://www.pfsense.com/packages/pkg_config.8.xml.amd64
It was just added overnight. It will be picked up the next time the binaries are built. I'm closing this one out for ... Jim Pingle
04:16 AM pfSense Packages Bug #1046: pfSense 2.0 beta 4 - Amd64: Discrepancy between package files repository and http://www.pfsense.com/packages/pkg_config.8.xml.amd64
Ehm, errata corrige.
It appears that the newly (quite newly) added Postfix Forwarder Package is missing. Fulvio Scapin
04:12 AM pfSense Packages Bug #1046: pfSense 2.0 beta 4 - Amd64: Discrepancy between package files repository and http://www.pfsense.com/packages/pkg_config.8.xml.amd64
Verified the change. Thanks
@Francisco Brasileiro:
Thanks for the formatting ;)
 Fulvio Scapin

11/29/2010

10:10 PM Bug #947 (New): existing lagg members should not be able to be added to lagg
Chris Buechler
11:56 AM Bug #947: existing lagg members should not be able to be added to lagg
Also interfaces available after added to a lagg interface. for example:
I created lagg interface with em2 and em3 in... Serdar Cihaner
09:41 PM Bug #1042: CARP VIP Descriptions incorrect on IPsec/OpenVPN
It's not broken as is, let's not break it. Taking the VIPxx and getting the description is easy enough. Chris Buechler
09:23 PM Bug #1042: CARP VIP Descriptions incorrect on IPsec/OpenVPN
Yes, I agree.
And it would be probably better to store the ip rather than the inferface in config.xml. At least fo... Pierre POMES
09:06 PM Bug #1042: CARP VIP Descriptions incorrect on IPsec/OpenVPN
That may explain the difference in why it was coded that way but it's still not optimal for the user. I'd really pref... Jim Pingle
08:57 PM Bug #1042: CARP VIP Descriptions incorrect on IPsec/OpenVPN
Jim P wrote:
> CARP VIPs in the list for use by IPsec and OpenVPN are shown with the interface name (e.g. VIP22) inst... Pierre POMES
06:29 PM Feature #1010: Privilege setting for allowing login access through captive portal
An alternate patch that does not automatically create a captive portal group when enabling captive portal, leaving it... Erik Fonnesbeck
06:14 PM Feature #1010: Privilege setting for allowing login access through captive portal
Pushing this off to 2.1. Scott Ullrich
03:26 PM Feature #1010: Privilege setting for allowing login access through captive portal
Code was completed and thoroughly tested some time ago. Just need to know whether this should be pushed or left to a... Erik Fonnesbeck
06:28 PM Bug #560 (New): loader.conf is empty after a firmware update.
I just tested it again, it's still getting wiped out somehow during the update process. Jim Pingle
06:09 PM Bug #560 (Feedback): loader.conf is empty after a firmware update.
Scott Ullrich
05:53 PM Bug #560: loader.conf is empty after a firmware update.
I just downloaded http://snapshots.pfsense.org/FreeBSD_RELENG_8_1/i386/pfSense_HEAD/updates/pfSense-Full-Update-2.0-B... Scott Ullrich
06:23 PM pfSense Packages Bug #1046: pfSense 2.0 beta 4 - Amd64: Discrepancy between package files repository and http://www.pfsense.com/packages/pkg_config.8.xml.amd64
corrected: ... Francisco Brasileiro
05:54 PM pfSense Packages Bug #1046: pfSense 2.0 beta 4 - Amd64: Discrepancy between package files repository and http://www.pfsense.com/packages/pkg_config.8.xml.amd64
All files are present now (verified with a modified version of that one-liner, I couldn't get that to work). Jim Pingle
05:11 PM pfSense Packages Bug #1046: pfSense 2.0 beta 4 - Amd64: Discrepancy between package files repository and http://www.pfsense.com/packages/pkg_config.8.xml.amd64
All of the entries that were not found should be fixed now, or will be once the last build finishes (for mod_security). Jim Pingle
12:41 PM pfSense Packages Bug #1046: pfSense 2.0 beta 4 - Amd64: Discrepancy between package files repository and http://www.pfsense.com/packages/pkg_config.8.xml.amd64
OK, I'll have a look at these. Jim Pingle
11:21 AM pfSense Packages Bug #1046: pfSense 2.0 beta 4 - Amd64: Discrepancy between package files repository and http://www.pfsense.com/packages/pkg_config.8.xml.amd64
Opss.
I forgot to quote the excerpt from the xml file.
Sorry Fulvio Scapin
11:20 AM pfSense Packages Bug #1046: pfSense 2.0 beta 4 - Amd64: Discrepancy between package files repository and http://www.pfsense.com/packages/pkg_config.8.xml.amd64
Jim P wrote:
> Do you have a link to something that mentions specific packages that show issues like this? There are... Fulvio Scapin
06:11 PM Bug #754: hifn driver and AES192 and 256
We need to follow up on the PR above, a customer needs this.
Chris Buechler
05:56 PM Bug #754: hifn driver and AES192 and 256
Still not fixed in FreeBSD. Delaying ticket to 2.1. Scott Ullrich
06:09 PM Bug #1000: lagg not working set to failover.
Rick,
Please show a ifconfig -a output and arp -a output Scott Ullrich
05:46 PM Bug #1051 (Feedback): radius support in racoon
Even though we had explicitly set the option to use radius, it still was not compiled in. So I changed the Makefile t... Jim Pingle
05:00 AM Bug #1051 (Resolved): radius support in racoon
there is no radius support compiled in racoon daemon Ravine Pick
05:44 PM Todo #765: Patch: Add custom DHCP configuration
I just emailed Jonathan to check this ticket.
 Scott Ullrich
05:43 PM Todo #765 (Feedback): Patch: Add custom DHCP configuration
Scott Ullrich
03:20 PM Todo #765: Patch: Add custom DHCP configuration
Bump. Please check to see if this is resolved. We would like to go to RC1 soon and this is lingering. Scott Ullrich
05:39 PM Feature #1009 (New): Active Directory group membership checking
We need a patch of changes here. auth.inc has diverged too much at this point. And even then Ermal does not agree w... Scott Ullrich
05:35 PM Feature #1009 (Feedback): Active Directory group membership checking
Scott Ullrich
05:15 PM Feature #1009: Active Directory group membership checking
i have been using this patch.
have not seen any issues so far.
 vito B
05:36 PM Bug #830: Service provider information should be saved
I just spent some considerable time on #2 and had no luck. Both Ermal and myself agree that this is not doable witho... Scott Ullrich
03:36 PM Bug #1030 (Feedback): Interface case change in apinger.conf needs reverted
Reverted offending commits. Please test.
 Scott Ullrich
03:26 PM Bug #1038 (Feedback): System Tuneables net.inet.carp.log not Working
Scott Ullrich
03:22 PM Bug #875: Uninstalling packages can remove system libraries
This ticket will require us moving to a PBI style package system where the libraries are self contained in the progra... Scott Ullrich
03:17 PM Bug #345: CPU graph widget reports wrong usage with SMP
widget deactivated in 2.0. Will bring back in 2.1. Scott Ullrich
03:14 PM Bug #437: Y2K38 bug in user manager expiration
Lets address in 2.1. Scott Ullrich
03:10 PM Bug #878 (New): Drag and Drop firewall rules causes corruption
I have disabled this feature. We will bring back in 2.1. Scott Ullrich
01:32 PM Bug #841: hostapd doesn't work with spoofed MAC (but should be able to)
Keep in mind that hostapd was designed as a tool to use for every aspect of configuring the wireless interface on Lin... Erik Fonnesbeck
10:20 AM Bug #841: hostapd doesn't work with spoofed MAC (but should be able to)
Well by just reading the supplied config file it states... Ermal Luçi
12:45 PM Bug #975 (Resolved): CARP / vip interface disappears on slave after interface change
Chris Buechler
10:42 AM Bug #975: CARP / vip interface disappears on slave after interface change

Yes, I had been unable to update because of problems with the amd64 build and met with disaster that
meant had to... Rob Lister
12:40 PM Bug #1037 (Resolved): Openvpn broken when used with LDAPS backend
Chris Buechler
11:10 AM Bug #1037: Openvpn broken when used with LDAPS backend
It's confirmed-working with 1bab0df1b7fd06ecb2818f69187214a70de238b9
The other bug I was referring to:
bug #1052:... Florent Daigniere
05:21 AM Bug #1037: Openvpn broken when used with LDAPS backend

Nope. Still broken.
You are missing a semi-column in befad72821f522bf2c23a883f72ade8af48b8533.
-$sed .= " \$m... Florent Daigniere
10:39 AM Bug #1040 (Resolved): link doesn't work "add a new one."
Jim Pingle
10:34 AM Bug #1040: link doesn't work "add a new one."
Works ticket can be closed Perry Mason
10:21 AM Bug #831: Status -> System logs - > DHCP bug
Hard to say right now since the upgrade to a new version of the DHCP daemon has caused an issue with logging.
It m... Jim Pingle
10:04 AM Bug #831: Status -> System logs - > DHCP bug
What happens when you just clear the file instead of removing and re-creating the file? I've seen more programs havin... Peter O
09:42 AM Bug #1039 (Feedback): Error on Syncronisation slave - DIOCADDRULE: Device busy
Possible fix committed. Ermal Luçi
07:27 AM Bug #1053 (Closed): CBQ per se, in kernel
plz refer to this forum thread
http://forum.pfsense.org/index.php/topic,29018.0.html Bipin Chandra
05:27 AM Bug #1052: Certificate validation of the LDAPS servers is not enforced
One of the places where it should be fixed is openvpn's configuration with LDAPS (see bug #1037) Florent Daigniere
05:26 AM Bug #1052 (Resolved): Certificate validation of the LDAPS servers is not enforced
Hi,
Looking around in the source code, it seems that the certificate validation for LDAPS servers is not enforced.... Florent Daigniere

11/28/2010

06:44 PM Bug #841: hostapd doesn't work with spoofed MAC (but should be able to)
One way to test this: you can start hostapd with ether matching bssid and once started you can change ether to anythi... Erik Fonnesbeck
06:28 PM Bug #841: hostapd doesn't work with spoofed MAC (but should be able to)
Each wireless clone has two different types of MAC addresses - in ifconfig, one is labeled ether and one is labeled b... Erik Fonnesbeck
05:31 PM Bug #841 (New): hostapd doesn't work with spoofed MAC (but should be able to)
Chris Buechler
05:28 PM Bug #841: hostapd doesn't work with spoofed MAC (but should be able to)
Can you state an example of this?
If i get you right and this is the same as form vlan interfaces than its by desi... Ermal Luçi
06:44 PM Bug #1013: Captive Portal Reauthentication broken
Please change status to new.
Bug1050:
As described in Bug#1013 the reauthentication feature is broken! I install... L J
05:48 PM Bug #1013 (Feedback): Captive Portal Reauthentication broken
Chris Buechler
05:48 PM Bug #1050 (Rejected): Captive Portal Reauthentication broken
duplicate of #1013 Chris Buechler
05:43 PM Bug #1050 (Rejected): Captive Portal Reauthentication broken
As described in Bug#1013 the reauthentication feature is broken! I installed a 1.2.3 stable machine and configured th... L J
01:31 PM Bug #1049 (Resolved): After reinstalling packages at bootup, WebUI not accessable (NanoBSD)
After a firmware update and the first reboot of pfSense installed packages get reinstalled. Sometimes all packages ge... James Lepthien

11/27/2010

10:19 PM Feature #1032: Add all interfaces to Packet Capture drop-down
Yeah I think vip* (CARP) and lo0 would be the only two things to exclude, otherwise everything ifconfig returns. I ca... Chris Buechler
07:35 PM Bug #1048 (Rejected): Wireless clone can't be assigned to new interface (NanoBSD)
at least one Atheros chipset I have will panic like that with VAP. Driver problem, nothing we can do about it, needs ... Chris Buechler
06:57 PM Bug #1048 (Rejected): Wireless clone can't be assigned to new interface (NanoBSD)
Configuring a wireless clone works, but after you try to assign that clone to say interface OPT2 pfSense automaticall... James Lepthien
03:34 PM Bug #485 (Resolved): fake start with status_services.php and installed packages
Chris Buechler
03:33 PM Bug #975: CARP / vip interface disappears on slave after interface change
Rob, is this fixed on the latest snapshot? Chris Buechler
03:32 PM Bug #996 (Resolved): DHCP address not pulled with spoofed MAC address on WAN
Chris Buechler
03:32 PM Bug #1047 (Resolved): Disable TSO, hardware checksum don't work for unassigned but active interfaces
Interfaces that are unassigned but active (ex: part of a lagg, possibly VLAN parent-only) don't have TSO, hardware ch... Chris Buechler
03:30 PM Todo #703 (Resolved): Checkboxes to disable TSO and LRO
Chris Buechler
03:29 PM Feature #13 (Resolved): wireless page to have option to select transmit and receive antennas
Chris Buechler
03:27 PM Bug #754 (New): hifn driver and AES192 and 256
need to determine if there is a reason this patch in kern/120270 hasn't been committed. Chris Buechler
03:19 PM Bug #777 (Resolved): Edit File wipes out file on save
Chris Buechler
03:15 PM Bug #841: hostapd doesn't work with spoofed MAC (but should be able to)
This is not something that was ever resolved. Either hostapd should be fixed or a workaround should be put in place ... Erik Fonnesbeck
03:08 PM Bug #841 (Resolved): hostapd doesn't work with spoofed MAC (but should be able to)
Chris Buechler
03:15 PM Bug #990 (Resolved): xss in pfsense I was testing beta 4 pfSense-2.0-BETA4-20100902-0947.iso
Chris Buechler
03:15 PM Bug #826 (Resolved): Status > OpenVPN hangs when using TCP w/OpenVPN Int. "any"
Chris Buechler
03:14 PM Bug #302 (Resolved): Shaper wizard remembers values on error, but are disabled
Chris Buechler
03:13 PM Feature #887 (Resolved): Add an option for stricter OpenVPN ssl/tls+user auth checking
Chris Buechler
03:12 PM Feature #762 (Resolved): Display ICMP type on firewall rule list
Chris Buechler
03:11 PM Bug #831 (Resolved): Status -> System logs - > DHCP bug
Chris Buechler
03:10 PM Bug #320 (Resolved): Using special characters (e.g. åäö) in certificate "Descriptive name" breaks entire WebGUI
Chris Buechler
03:07 PM Bug #991 (Resolved): multiple XSS issues
Chris Buechler
03:06 PM Bug #845 (Resolved): Need patch for PR usb/140883
Chris Buechler
09:51 AM Bug #1037: Openvpn broken when used with LDAPS backend
Try the latest snapshot and see if i got this right this time. Ermal Luçi

11/26/2010

11:02 AM pfSense Packages Bug #1046 (Feedback): pfSense 2.0 beta 4 - Amd64: Discrepancy between package files repository and http://www.pfsense.com/packages/pkg_config.8.xml.amd64
Do you have a link to something that mentions specific packages that show issues like this? There are quite a large n... Jim Pingle
05:41 AM pfSense Packages Bug #1046 (Resolved): pfSense 2.0 beta 4 - Amd64: Discrepancy between package files repository and http://www.pfsense.com/packages/pkg_config.8.xml.amd64
As reported recently, several packages have been updated (removing the old ones) at http://files.pfsense.org/packages... Fulvio Scapin
 

Also available in: Atom