Activity

30 days up to

User

Subprojects

Activity

From 01/04/2011 to 02/02/2011

01/29/2011

05:25 PM Bug #1231 (Feedback): Upgrading pfSense Removed Internal CA: There have been a couple positive reports that some commits I made last week may have solved this. I'll leave it in '... Jim Pingle
05:07 PM Revision a49b2235: Missing colour for RRD would have caused errors in creating the graphs.: Warren Baker
06:35 AM Feature #1241 (Resolved): Custom Dynamic DNS: Because there are so many services which require an updated IP Address, which provide some kind of API via an HTTP re... Matt Corallo
12:40 AM Revision 44ab93a4: Correct configuration file name.: Ermal LUÇI

01/28/2011

10:22 PM Bug #1240 (Rejected): NAT & Alias NEtWORK: This is a duplicate of internal (private) ticket #1045 - it should be in 2.0, it just isn't there yet. Jim Pingle
10:15 PM Bug #1240 (Rejected): NAT & Alias NEtWORK: It should not be possible to use aliases network "in Nat outbound? ?????
Joaquim Soares Soares
10:09 PM Revision a3755fe7: Exclude loader.conf from being update during kernel update: Scott Ullrich
09:07 PM Bug #1239 (Resolved): PPTP - Assign password to a user with ñ: Hi there,
VPN / PPTP / User, assign a password with an accent generated an error in the config file. pfSense resto... Ricardo Ramirez R.
08:58 PM Bug #1220 (Feedback): Setup dumpon/savecore and friends to aid debugging: This should be good in the latest snaps. Jim Pingle
08:04 PM Bug #1238 (Closed): Dynamic DNS update with Freedns not working?: Hello PFSense-Team,
I just tried to get a free-dns account to work. With dyndns and no-ip it is working but howeve... Thomas Burger
07:32 PM Revision 9d3d8d00: Merge branch 'master' into inc: Conflicts:
etc/inc/captiveportal.inc
etc/inc/config.console.inc
etc/inc/config.lib.inc
... Vinicius Coque
06:38 PM Revision 1596d9c1: Merge remote branch 'mainline/master': Vinicius Coque
04:51 PM Bug #560: loader.conf is empty after a firmware update.: I discovered another vector for loader.conf being emptied - it's included in the kernel archives (kernel_Dev.gz, kern... Jim Pingle
04:03 PM Revision 9b2e42c9: When setting the ip from the console also enable the interface otherwise the HTTP_REFERER checks will not let you use the GUI.: Ermal LUÇI
03:16 PM Revision 20413b72: Added Captive Portal RRD graphs, there are two graphs one for the number of logged in users since last rrd poll, and concurrent number of users logged in.: Warren Baker
02:39 PM Revision 9d0b0635: Make this actually work as it should. The warnings about default queue should be ok now.: Ermal LUÇI
02:27 PM Revision 161cc65b: Activate the firewall rules for DHCPDv6.: Add pass in to port 546, pass out to 547 Seth Mos
02:17 PM Revision b3cf4d5a: adjust the firewall rules to allow for proper ICMP6 allow so that normal pmtu works: Seth Mos

01/27/2011

09:54 PM Revision fc05822b: Don't pass these by reference. Might be related to ticket #1231: Jim Pingle
06:48 PM Todo #1237 (Resolved): Restore patch for adding gif(4) to bridge(4): bridge(4) before allowed gif(4) to be added as member with lower mtu.
This should be restored since naturally gif(4)... Ermal Luçi
06:43 PM Bug #317 (Resolved): SSH authorized keys lost on upgrade on embedded: Confirmed on forums http://forum.pfsense.org/index.php/topic,31906.0.html Ermal Luçi
03:59 PM pfSense Packages Bug #1236 (Closed): Anyterm package doesn't start after upgrade: After an upgrade, Anyterm doesn't start automaticly.
Restarting the service won't work. I have to reinstall the pack... Alexandre Paradis
03:48 PM Bug #1216 (Resolved): OpenVPN client interfaces should not be NATed out of when assigned: This is fixed since we have people on forum complaining for the now missing nat. Ermal Luçi
03:47 PM Bug #1093 (Feedback): Problems with em(4): The problems should be fixed in latest snapshot that comes out. Ermal Luçi
03:45 PM Bug #1154 (Feedback): Kernel panic after connecting to OpenVPN: You can even update at the next snapshot that will come out.
It should fix the issues. Ermal Luçi
09:46 AM Bug #1235 (Resolved): pfsense 2.0 load balancing with a https monitor seems to default timeout 200ms causing constant timeouts: Hi,
I've been failing with load balancing between two https web servers on pfsense 2.0.
I have two https server... Gary Richards
07:34 AM Revision 6ac28fbd: Add the bogonsv6 file, it's empty for now: Seth Mos
05:05 AM pfSense Packages Bug #1234: bge NIC not working: Thank you Chris.
I will try replicate the error on a fresh BSD box. Danilo Chilene
04:58 AM pfSense Packages Bug #1234 (Rejected): bge NIC not working: we don't develop or control the drivers, there is apparently an issue with that particular chipset and FreeBSD 8.1, y... Chris Buechler
04:46 AM pfSense Packages Bug #1234 (Rejected): bge NIC not working: Hello,
I have a PFsense 2.0-BETA5 (amd64) built on Wed Jan 26 01:53:43 EST 2011 running on a HP hardware and none ... Danilo Chilene

01/26/2011

10:47 PM Revision a798fd3e: At least bring the interface up. Sometimes even though the linkup is reported interfaces like em(4) do not come up.: Ermal LUÇI
10:44 PM Revision c3770c78: Ups actually single quotes are needed when / is the first char of a command. Requirment enforced by the parser.: Ermal LUÇI
10:15 PM Revision f7f22750: Remove last references to dnswatch.: Ermal LUÇI
09:12 PM Revision f8c10a18: Use filterdns instead of dnswatch which will be retired.: Ermal LUÇI
07:41 PM Bug #1233: License Error for ipw_bss, ipw_ibss, wpi, ipw_monitor, etc.: Maybe (I think there is a really old ticket for that) but it was considered beyond the scope of what we wanted to do ... Jim Pingle
07:37 PM Bug #1233: License Error for ipw_bss, ipw_ibss, wpi, ipw_monitor, etc.: Wouldn't it be possible to present the user with the license file during install, then have a check box they explicit... Steve Vigneau
07:35 PM Bug #1233 (Rejected): License Error for ipw_bss, ipw_ibss, wpi, ipw_monitor, etc.: Those have always been there.
It's an unfortunate requirement for certain Intel cards. If you have the card you ha... Jim Pingle
07:33 PM Bug #1233 (Rejected): License Error for ipw_bss, ipw_ibss, wpi, ipw_monitor, etc.: While watching _2.0-BETA5 (i386) built on Wed Jan 26 10:45:46 EST 2011_ boot I noticed this. It can also be seen in d... Steve Vigneau
07:36 PM Bug #1232: Unable to load dynamic library '/usr/local/lib/php/20060613/mhash.so' - /usr/local/lib/libmhash.so.2: For what it's worth, I just tried to change a user's password and received this:
_Fatal error: Call to undefined f... Steve Vigneau
07:29 PM Bug #1232 (Resolved): Unable to load dynamic library '/usr/local/lib/php/20060613/mhash.so' - /usr/local/lib/libmhash.so.2: Noticed a number of these while booting and on the console:
PHP Warning: PHP Startup: Unable to load dynamic libr... Steve Vigneau
06:40 PM Revision 422b8b4e: Switch to filterdns new and shiny for taking care of dns in CP.: Ermal LUÇI
06:29 PM Revision c3c7fc06: These are pf type aliases.: Ermal LUÇI
05:44 PM Revision 1749da31: Fix exec bit for savecore: Jim Pingle
05:42 PM Revision e5323cca: Run dumpon earlier, split dumpon/ddb from savecore and run savecore later.: Jim Pingle
04:21 PM Revision 9caffe86: Remove duplicate advbase in ifconfig command: Seth Mos
02:40 PM Revision 9740fad8: Merge remote branch 'upstream/master': Conflicts:
etc/inc/system.inc Seth Mos
02:30 PM Bug #1231: Upgrading pfSense Removed Internal CA: We've been trying to track that down for a bit.
See this thread:
http://forum.pfsense.org/index.php/topic,32372.0... Jim Pingle
02:22 PM Bug #1231 (Resolved): Upgrading pfSense Removed Internal CA: Updated from a version of pfSense from early today to the latest version (2.0-BETA5 (i386) built on Wed Jan 26 10:45:... Steve Vigneau
01:32 PM Bug #1230 (Closed): Switching pfSense to HTTP from HTTPS Doesn't Free Up Certificate: Duplicate of #1171 Jim Pingle
01:29 PM Bug #1230 (Closed): Switching pfSense to HTTP from HTTPS Doesn't Free Up Certificate: When pfSense is switched from HTTPS to HTTP the certificate that had previously been selected for HTTPS is still list... Steve Vigneau
01:27 PM Revision 22599010: Show the TCP protocol for ipv6 filter rules: Seth Mos
12:22 PM Revision 1f321f66: Move the ICMP rules further to the top in order for normal neighbour contact via icmp6 to work: Seth Mos
12:14 PM Revision 80766f71: Do not block fec0::/10 as this includes fe80:: local link addresses which breaks everything else: Seth Mos
11:55 AM Revision 1525ca4c: reference the IPv6 bogons table as well: Seth Mos
11:53 AM Revision 7de4359a: Add the bogonsv6 table for the IPv6 bogons: Seth Mos
10:54 AM Revision b0538842: Add the IPv6 fc00::/7 and fEc0::/10 to the Private block on WAN: Seth Mos
10:45 AM Revision 23f1acdd: Setup packet spoofing rules for inet and inet6: Adjust the default Deny All rules for inet and inet6, rename labels Seth Mos
10:43 AM Revision aec7edd4: Adjust firewall rule to reflect inet or inet6: Seth Mos
10:41 AM Revision 29bed6ca: Adjust the loopback firewall rules for inet and inet6 and give them unique labels: Seth Mos
10:17 AM Revision ee4fc984: Silence warnings.: Ermal LUÇI
01:24 AM Bug #1177: Passive FTP: Looks like FTP is working better with build from Tue Jan 25 06:07:53. Did not get a chance to really hammer on it. Th... Lee Thornhill
01:05 AM Revision b638ef51: BP: Add gettext() function #multilang: Carlos Eduardo Ramos

01/25/2011

11:12 PM Revision 0ad7bcd8: Fix case for disabling RRD graphing for spamd package.: Erik Fonnesbeck
10:44 PM Bug #1220 (New): Setup dumpon/savecore and friends to aid debugging: Something isn't quite right with textdump support. I can trigger the panic, I see the textdump script run, but saveco... Jim Pingle
05:06 PM Bug #1220 (Feedback): Setup dumpon/savecore and friends to aid debugging: dumpon/savecore are now run at boot on full installs (with swap space). Of course you'll need enough swap space to ho... Jim Pingle
10:23 PM Revision 27d5c1dd: Setup textdumps too while we're at it. Handy.: Jim Pingle
10:05 PM Revision 726b5d85: Fix exec bits on rc.dumpon: Jim Pingle
10:03 PM Revision 1e2ee714: Redirect to correct page: Scott Ullrich
10:02 PM Revision c3a56ba9: Add support for dumpon/savecore to run on full installs.: Jim Pingle
10:02 PM Revision 3b39d0ac: Whitespace fix: Jim Pingle
10:00 PM Revision 1b01056c: Redirect to correct page: Scott Ullrich
08:20 PM Revision 96920d07: Restart lighty captive portal after sync: Scott Ullrich
08:11 PM Revision c4e228f3: Transform PORTAL_REDIRURL variable: Scott Ullrich
07:55 PM Revision ec192fe5: Fix url. Do not include mod_accesslog twice: Scott Ullrich
07:24 PM Bug #560: loader.conf is empty after a firmware update.: Apologies. Please disregard my previous comment.
Wrongly perceived the issue to be that values entered manually in... R M
07:09 PM Revision 2953848b: remove single quotes: Scott Ullrich
06:50 PM Revision eac181ca: BP: Add gettext() function #multilang: Carlos Eduardo Ramos
06:38 PM Revision 9abe1997: Brute force dnswatch kill if needed: Scott Ullrich
06:24 PM Revision a00e1d89: move pre-auth url before after auth url for consistency.: Scott Ullrich
06:23 PM Revision f6a0f982: Set form field type, make URL boxes same size: Scott Ullrich
06:22 PM Revision 76607020: move option near the other: Scott Ullrich
06:19 PM Revision ecc19349: Increase textbox size. Clarify the original Redirection URL purpouse: Scott Ullrich
06:13 PM Revision 38060391: Handle PORTAL_REDIRURL variable: Scott Ullrich
06:09 PM Revision e0f1a8d6: Adding CP pre-authentication redirect URL box: Scott Ullrich
06:03 PM Revision 75d12406: Launch dnswatch correctly.: Scott Ullrich
06:00 PM Revision 8b73cc7e: Allowed hostname is now working. Make bw up and down checks a bit more strict using intval() and comparing >0. Fix bw and upload checks allowing either to be set.: Scott Ullrich
05:58 PM Revision 0b108eda: Allowed hostname is now working. Make bw up and down checks a bit more strict using intval() and comparing >0. Fix bw and upload checks allowing either to be set.: Scott Ullrich
05:31 PM Revision 620ac186: Misc fixups: Scott Ullrich
05:30 PM Revision 79e99eb4: Make allowedhostname an array.: Scott Ullrich
05:12 PM Revision 9592c132: Prevent drop down menu creation: Scott Ullrich
05:11 PM Revision d413cd50: Adding switch to prevent dropdown menu creation.: Scott Ullrich
05:07 PM Revision 4e978135: Adding tab for allowed hostnames: Scott Ullrich
04:55 PM Revision 55c18b30: Adding preliminary version of allowed hostnames. Allowed hostnames function similar to allowed IP addresses and permit the captive portal to pass traffic out. An example usage of this is to allow access to a hotel web page freely and then require authentcation hotlinking from this point.: Scott Ullrich
04:35 PM Revision f23a6091: Fix formatting. Die, VIM, DIE!: Scott Ullrich
03:32 PM Revision 5060dea7: Reformat file. VIM needs to die a flaming death.: Scott Ullrich
03:18 PM Bug #1221: igb driver mbuf allocation problems on multicore machines aka Could not setup receive structures: All that has been discussed at length (and not on an unrelated ticket), it was much easier to leave loader.conf.local... Jim Pingle
03:15 PM Bug #1221: igb driver mbuf allocation problems on multicore machines aka Could not setup receive structures: Thanks for the response Jim.
Since there's no man pages available in pfSense, my reference regarding the matter wa... R M
10:38 AM Bug #1221: igb driver mbuf allocation problems on multicore machines aka Could not setup receive structures: bug #560 isn't really relevant to this, you should store your personal customizations in loader.conf.local - that fil... Jim Pingle
03:17 PM Bug #1027 (Resolved): Config restore triggers HTTP_REFERER check on interface mismatch: Ermal Luçi
03:13 PM Bug #1154: Kernel panic after connecting to OpenVPN: Please test with the kernel located at http://files.pfsense.org/kernel.gz
Just copy it to /boot/kernel/kernel.gz and ... Ermal Luçi
03:12 PM Bug #1194 (Closed): Captive Portal Logout Issue: Linked with #836 Ermal Luçi
01:49 PM Todo #1229 (Closed): Captive Portal configuration page needs advanced button love: The captive portal page has grown and grown and has a lot of features that most people will not be using.
In the s... Scott Ullrich
10:32 AM Revision f0e69fca: don't show version on this page either, to match the other pages: Chris Buechler
09:18 AM Bug #1228 (Rejected): Autoreboot: Please post in the forum for help in gathering more information. There are already several threads for similar issues... Jim Pingle
08:17 AM Bug #1228 (Rejected): Autoreboot: Hi! I've 2.0-BETA5 (i386)
built on Mon Jan 24 07:08:15 EST 2011 installed on a alix 2d3 and another installation on... Andrea Cutelle'
09:16 AM Revision d11e01f4: Comment out this code since it currently segfaults and get_real_interface could cause major slowdown here for some configurations.: Erik Fonnesbeck
08:34 AM Revision 5357f386: Remove extra call to get_real_interface.: Erik Fonnesbeck
08:26 AM Bug #729: if_bridge unpredictable filter interface selection: Chris, was that in response to the issue I noted or the original one? I could understand the IP of the management int... Derek Buttineau
08:03 AM Revision 56919157: Use the first element of the array instead of the array itself for the comparison.: Erik Fonnesbeck
07:47 AM Bug #1226: Possible DOS in CARP synchronization: I can reproduce it only using a "big" configuration file (~120 firewall rules + 10 interfaces) and with moderate HW p... Alexander Kalashnikov
03:04 AM Bug #1226: Possible DOS in CARP synchronization: I can't replicate this even clicking the force sync button as fast and as many times as I possibly can, it just works... Chris Buechler
07:45 AM Revision a1476a94: Revert "I think this is supposed to be get_real_interface too, not get_parent." - This function should not call get_real_interface here to avoid slowdown from recursion.: This reverts commit 54ac5d9080c2ea6669af07aa49a5ce660f2ede76. Erik Fonnesbeck
07:16 AM Revision 20cb9803: Make get_parent_interface return an array to handle MLPPP and make it find vlan parents too.: Also, update interface_netgraph_needed to handle MLPPP on vlans. Marcus Brown
04:36 AM Revision a3af8146: Add NULL check to wireless functions.: The old interface_translate_type_to_real function used previously would return OPTX
if it was passed "OPTX" and OPTX ... Marcus Brown
04:27 AM Revision 54ac5d90: I think this is supposed to be get_real_interface too, not get_parent.: Revert if I mis-understood. Marcus Brown
04:16 AM Revision d5dfcb52: Change name of function "interface_translate_type_to_real" to match what it's doing (or should be doing.): Next commits will change functionality of this function because before now
it's identical to "get_real_interface" fun... Marcus Brown

01/24/2011

11:14 PM Revision 67bc955d: handle alternate xml_rootobj correctly when doing config backups w/RRD data: Chris Buechler
10:48 PM Revision a1d52f81: Resolves #1216. Do not create nat entries on ovpn interfaces.: Ermal LUÇI
07:34 PM Revision 261c7de8: Warn users a different way if packages are being reinstalled in the background. Only lock out package pages, still print a giant warning on the others. (Some people were getting stuck in this state http://forum.pfsense.org/index.php/topic,32531.0.html ): Jim Pingle
07:30 PM Bug #1227 (Closed): Unifying multiple interfaces into bridge breaks connectivity: there was some breakage in bridging the past few days, fixed today. If you still have issues with a new snapshot plea... Chris Buechler
07:09 PM Bug #1227 (Closed): Unifying multiple interfaces into bridge breaks connectivity: I have following machine:
Dual-core Atom CPU @ 1.8 GHz
1 x 1GB RAM
2 GB Flash storage
1000/100/10 Ethernet adapte... Anton Vorobyov
06:10 PM Bug #1221: igb driver mbuf allocation problems on multicore machines aka Could not setup receive structures: Apologies. Doesn't look like I set the target version of the bug correctly which means it doesn't show up in the cust... R M
06:00 PM Bug #1155: [patch] status_gateways.php doesn't show last check time: I will move this to 2.1 because the way we use/reload apinger there will not always be a time to show which is not ri... Ermal Luçi
05:52 PM Bug #491 (Resolved): Dynamic DNS upgrade code not working: Ermal Luçi
05:50 PM Bug #1216 (Feedback): OpenVPN client interfaces should not be NATed out of when assigned: Applied in changeset commit:"a1d52f81879fc1f2253eeef5189adfa2e6396c11". Ermal Luçi
05:24 PM Revision 8633930d: Actually send a notice even if no default queue could not be found. This might be serious in some cases.: Ermal LUÇI
05:18 PM Revision ef8fca71: Do not put the queue config on the rules if there is no default queue, just log it. This prevents errors in rules loading which is worse than having no shaper.: Ermal LUÇI
05:08 PM Bug #729: if_bridge unpredictable filter interface selection: it works exactly as it should per the man page, there are just certain ways you shouldn't configure it or you should ... Chris Buechler
05:04 PM Revision 00ca3fb1: Log the errors we know for not allowing a queue to be added.: Ermal LUÇI
04:55 PM Bug #1093: Problems with em(4): I committed the driver from STABLE so it should be on new snapshots.
Please anybody with the issue test that snapshot. Ermal Luçi
04:54 PM Revision 49946455: Do proper input validation on traffic shaper wizards to not allow empty fiedls.: Ermal LUÇI
04:53 PM Bug #1151 (Resolved): Outgoing pptp Traffic-Flow stops after a while: Ermal Luçi
04:52 PM Bug #1183 (Resolved): Alias change reloads filter twice: Ermal Luçi
04:38 PM Revision 8d9c3f76: Properly check empty fields when specifying bandwidth values.: Ermal LUÇI
09:38 AM Bug #1226: Possible DOS in CARP synchronization: UPD:
System can be only rebooted by issuing ssh [ip] reboot -q Alexander Kalashnikov
08:05 AM Feature #1225: static port range and outbound rules source port range (only to be tested and integrated, already coded): We use a sip server which handles both trunking and remote users. We typically use static port NAT for both functions... Tony Graziano
04:56 AM Feature #1225: static port range and outbound rules source port range (only to be tested and integrated, already coded): When a SIP peer starts the dialog, it sends thru SDP the port on which it is expecting the RTP stream.
There are of ... Martin Dupont
07:34 AM Revision 71f88d75: Add the npt tag which is used by the IPv6 tree to the 2.0 mainline tree.: This prevents a config blowup when a ipv6 config loads on 2.0. Seth Mos
02:28 AM Bug #1177: Passive FTP: yes, the same behaviour for me.
still getting a lot of timeout/reconnets.
on thre other hand it looks much better... Michael Heller

01/23/2011

10:48 PM Feature #150: Option to change syslog facility: In addition to facility, everything comes through as "warning" currently where some logs should be marked as informat... Chris Buechler
08:37 PM Bug #1226: Possible DOS in CARP synchronization: I'm sure that that is a pretty real scenario, since that two or more admins can make some changes simultaneously.
... Alexander Kalashnikov
08:21 PM Bug #1226: Possible DOS in CARP synchronization: You're hanging PHP by doing that, don't do that is the answer. Killing all php processes at the console or an existin... Chris Buechler
06:01 PM Bug #1226 (Closed): Possible DOS in CARP synchronization: When you press "Force config sync" couple of times in a very short period of time (4\5 in a second) the slave machine... Alexander Kalashnikov
08:06 PM Feature #1225: static port range and outbound rules source port range (only to be tested and integrated, already coded): I've never seen RTP have to be static, though a worthwhile feature to have post-2.0.
Chris Buechler
11:08 AM Feature #1225 (Closed): static port range and outbound rules source port range (only to be tested and integrated, already coded): When you go to NAT Outbound, you can create rules to make 1 port static, or to force the source port (for example, fo... Martin Dupont
02:41 PM Feature #1222: Support for tun or tap mode in openvpn server: This is a patch that adds the option to choose tun or tap mode for server Eino Efimov
05:36 AM Revision 1f17c623: it's 2011: Chris Buechler
04:58 AM Feature #1223: gateway group based sticky connections: Updated to a more feasible solution, per-rule isn't easily possible with the way it works. Chris Buechler
04:38 AM Feature #1223 (Closed): gateway group based sticky connections: There are some circumstances, that global sticky connections option isn't the best case.
One of that is an internal ... Falk Nisius
04:46 AM Bug #1224 (Resolved): Changing Aliasnames for Ports are not reflected in Rules: Renaming of Host-Alias, would be changed also in the Ruleset.
Renaming of Port-Alias, isn't seen in the Ruleset, per... Falk Nisius
02:49 AM Revision 3eb00b49: We don't want to detach netgraph nodes from interfaces that are used by: any PPPoE/PPTP/L2TP configurations. Marcus Brown

01/22/2011

09:04 PM Revision e5d83b70: Fix dhcp server group: Seth Mos
08:05 AM Revision e9d6c27f: fix variable and text for this log: Chris Buechler

01/21/2011

11:53 PM Bug #1177: Passive FTP: Updated to Fri Jan 21 06:52:27. Sorry, still no love. The number of tries before failure is inconsistent. After updat... Lee Thornhill
12:26 AM Bug #1177: Passive FTP: There were some changes to the patches this afternoon. Grab the next snap that comes out (it's almost done building n... Jim Pingle
12:24 AM Bug #1177: Passive FTP: -loaded the developer's kernel -> solid, cannot duplicate the crashes-
Nope just takes more tries to bring it down.
... Lee Thornhill
10:54 PM Revision 3d9e9252: Do not write the old ip to the cache file unless it changes. Might help in Ticket #943.: Ermal LUÇI
08:13 PM Revision 0e01b3c6: Fix OpenVPN wizard.: Jim Pingle
06:09 PM Feature #1222 (Closed): Support for tun or tap mode in openvpn server: Capability to change interface TAP or TUN for the server configuration in GUI. Eino Efimov
05:52 PM Bug #943: 2.0-BETA4 Dynamic DNS updates not working: Some other possible fix pushed. Ermal Luçi
10:31 AM Bug #943: 2.0-BETA4 Dynamic DNS updates not working: Attaching log from start of test through end. R B
10:13 AM Bug #943: 2.0-BETA4 Dynamic DNS updates not working: Post your system log from the time of the reconnect, especially anything that mentions rc.newwanip and entries around... Jim Pingle
10:00 AM Bug #943: 2.0-BETA4 Dynamic DNS updates not working: Updated to "Version 2.0-BETA5 (i386) built on Thu Jan 20 23:14:10 EST 2011", same behavior:
1. Unplug working br... R B
05:09 PM Revision 81e54dab: Use a better method to determine the FTP URL for FreeBSD based on the version being used. The old method worked with 8.1-RELEASE-p2 but failed with just 8.1-RELEASE.: Jim Pingle
03:58 PM Revision e9bcc5fe: Lock firmwarelock when upgrading packages: Scott Ullrich
02:38 PM Bug #910 (Feedback): CARP+Bridging+NAT can lead to "freeze"/"lockup": A patch to fix this issue has been committed. Ermal Luçi
01:41 PM Bug #1221 (Resolved): igb driver mbuf allocation problems on multicore machines aka Could not setup receive structures: I'm creating this ticket in relation to the following forum topic since I don't think an bug was submitted by the OP:... R M
10:38 AM Bug #1220 (Resolved): Setup dumpon/savecore and friends to aid debugging: On systems where we have a swap partition (read: full installs) we should setup the equivalent of the FreeBSD scripts... Jim Pingle
08:48 AM Revision 462f9006: Add filter code for adding the binat rules required for Network Prefix Translation: Seth Mos
08:35 AM Revision 36e81b98: Add the firewall_nat_npt* pages so that you can enter use binat for Network prefix translation: Seth Mos
08:34 AM Revision 292ef22a: Unbreak static routes: Add initial NPt Network Prefix Translation pages Seth Mos
07:50 AM Revision bb8f186e: fix text: Chris Buechler
03:18 AM Feature #1219 (New): Ship DTRACE enabled kernels in the images: It would be better to ship some dtrace enabled kernel with images and create some scripts to easy reporting info and ... Ermal Luçi
02:41 AM Revision eadb78bc: correct field type, no aliases allowed here: Chris Buechler

01/20/2011

10:19 PM Revision 582c58ae: Add drop-down to select OpenVPN hardware crypto (finds usable devices from "openssl engine" list) for clients and servers.: Jim Pingle
06:47 PM pfSense Packages Bug #1218 (Resolved): Freeradius package does not start when i do reboot: first of all i am not debeloper , i am not sure if this place is the right way to post the bug
Every time i reboot ,... Abdelmonem Abuelezz
05:52 PM Revision 1801c223: Add the empty check otherwise all static routes are skipped. Reported-by: Seth: Ermal LUÇI
05:33 PM Revision bca35cff: Add a checkbox for duplicate-cn on OpenVPN servers.: Jim Pingle
05:23 PM Feature #1217 (Needs Patch): Change OpenVPN local/remote networks to lists instead of single boxes: In 2.1 or beyond it would be nice to have the OpenVPN local and remote network boxes instead be lists of networks, so... Jim Pingle
04:33 PM Revision 09e11b69: Comment what this variable does: Scott Ullrich
04:30 PM Revision f0695975: Adding $builder_package_install variable. When set to true ignore library fixups and sync_package() directives.: Scott Ullrich
03:58 PM Bug #560: loader.conf is empty after a firmware update.: I'm seeing a slightly different behaviour which may be unique to having serial console enabled after a an update.
... R M
02:57 PM Bug #1216: OpenVPN client interfaces should not be NATed out of when assigned: to clarify, that is the tun interfaces are included as "nat on ...", though possibly only where the tun interfaces ar... Chris Buechler
02:49 PM Bug #1216 (Resolved): OpenVPN client interfaces should not be NATed out of when assigned: outbound NAT is applied on OpenVPN client interfaces when they are assigned, and should not be. Routing is almost alw... Chris Buechler
01:24 PM Bug #1209 (Resolved): cannot restore encrypted configuration file: Jim Pingle
01:22 PM Bug #1209: cannot restore encrypted configuration file: confirmed, I can now restore my encrypted config backup. thank you! Jesse Norell
01:18 PM Feature #1215 (Resolved): DHCP Bootp Flags: Need support for DHCP Bootp flags on WAN interface. Specifically 0x8000 (Broadcast).
Some ISP's do not set dhcp s... NOYB NOYB
01:11 PM Bug #1151: Outgoing pptp Traffic-Flow stops after a while: pptp also working here :) Christian Schwarz
12:40 PM Bug #1151: Outgoing pptp Traffic-Flow stops after a while: The lockup issue is likely separate. The forum thread for that is here: http://forum.pfsense.org/index.php/topic,3245... Jim Pingle
12:25 PM Bug #1151: Outgoing pptp Traffic-Flow stops after a while: I updated on 1/19 as well and my PPTP VPN stability issue seemed to be resolved. But, as Chris stated above, I am ha... Stefan Pinson
08:26 AM Bug #1151: Outgoing pptp Traffic-Flow stops after a while: Just updated to the latest versions the morning of 1/19 and in the afternoon, both versions introduced system lockups... Chris Baker
12:42 PM Feature #1214 (Closed): Firewall Schedule Time Should Be Allowed to Straddle Midnight: Jim Pingle
12:37 PM Feature #1214: Firewall Schedule Time Should Be Allowed to Straddle Midnight: Nevermind, I just realized that I can add multiple time ranges to the same schedule. See attached screenshot. My bad. Joe Kelly
12:31 PM Feature #1214 (Closed): Firewall Schedule Time Should Be Allowed to Straddle Midnight: I wanted to create a schedule for late night _plus_ wee hours of the morning. I entered a Start Time of 21 Hr 00 Min ... Joe Kelly
11:34 AM pfSense Packages Bug #1213 (Resolved): Mod_Security+Apache+Proxy: in general setting
"Bind to IP Address
This is the IP address the Proxy Server will listen on.
NOTE: Leave b... Dienis Rastegaeff
10:52 AM Bug #1075 (Resolved): rrd graphs missing / duplicate: Chris Buechler
09:59 AM Bug #1075: rrd graphs missing / duplicate: The problem seems solved, i will continue
to test it at different times of day.
If i find further problems I will ... Martin Klein
10:49 AM Revision 15705bc0: Enlarge subnet bits to 128: Seth Mos
09:37 AM Bug #1211 (Rejected): System Lockup after upgrading from December build to January 19th builds: This is not you hotline support.
Please use the forums for this issues. Ermal Luçi
08:19 AM Bug #1211 (Rejected): System Lockup after upgrading from December build to January 19th builds: After upgrading to yesterday mornings's build pfense locked up after a few hours. I then upgraded to the latest buil... Chris Baker
08:03 AM Revision d2619fa0: Merge remote branch 'upstream/master': Conflicts:
etc/inc/system.inc Seth Mos
12:08 AM Bug #1177: Passive FTP: was running the SMP kernel
loaded the developer's kernel -> solid, cannot duplicate the crashes Lee Thornhill

01/19/2011

11:35 PM Revision 86ae3621: Allow setting package interfaces to loopback (lo0): Scott Ullrich
11:10 PM Bug #1177: Passive FTP: Same problems as I reported before using the i386 Wed Jan 19 11:47:04 build.
With testing tonight I was 3 for 3 on... Lee Thornhill
02:36 AM Bug #1177: Passive FTP: Also only able to retrieve the directory listing on the second try.
Response: 200 Switching to Binary mode.
Comma... Lee Thornhill
02:17 AM Bug #1177: Passive FTP: Testing with a client behind pfsense using Tue Jan 18 03:34:33. FTP helper takes down box when re-initializing a prev... Lee Thornhill
12:57 AM Bug #1177: Passive FTP: after some heavy tests I found out that there are a lot of connections droped by the default deny rule!
This finally... Michael Heller
12:37 AM Bug #1177: Passive FTP: 2.0-BETA5 (i386)
built on Tue Jan 18 03:34:33 EST 2011
confirmed.. FTP helper is working..
Branko Lukman
09:23 PM Revision daacb818: Ticket #1210. Also here unset any previous value if none posted.: Ermal LUÇI
09:20 PM Revision c2461a56: If no value is posted means we have no value to save in config and should unset any pervious set ones.: Ermal LUÇI
08:56 PM Revision f5bafe95: Resolves 1209. Correctly calculate the necessary data to return from an 'pfsense' format encrypted file.: Ermal LUÇI
06:57 PM Revision 38bdc48d: This logic was reversed fix it. Reported-by: Seth: Ermal LUÇI
06:53 PM Revision 33a2693c: don't show platform here (rebrands): Chris Buechler
06:25 PM Revision bcfe4ae5: Ticket #259 trim the \n from the command output and return only the numeric part of it.: Ermal LUÇI
06:07 PM Revision 1c4edc3c: If an outbound nat rule has a protocol specified, show it in the summary view.: Jim Pingle
05:42 PM Bug #755 (Resolved): dnswatch not working: https://rcs.pfsense.org/projects/pfsense-tools/repos/mainline/commits/750951f9b2bd4cdb1bde4748cc51a0258b59f5b3
Fixes... Ermal Luçi
04:18 PM Bug #1210 (Feedback): Erasing limiter advanced options does not save the change: Committed a fix https://rcs.pfsense.org/projects/pfsense/repos/mainline/commits/c2461a56d45b678213488ea1ced099a38ead267e Ermal Luçi
04:17 PM Bug #1210 (Resolved): Erasing limiter advanced options does not save the change: Create a limiter, add a delay, and save. Edit the limiter, erase the delay, and save. The value is still there, not b... Jim Pingle
03:55 PM Bug #1209: cannot restore encrypted configuration file: Applied in changeset commit:"f5bafe95a1fb4372288816debaa21b4f943a32e8". Ermal Luçi
03:54 PM Bug #1209 (Feedback): cannot restore encrypted configuration file: https://rcs.pfsense.org/projects/pfsense/repos/mainline/commits/f5bafe95a1fb4372288816debaa21b4f943a32e8
Fixes the i... Ermal Luçi
02:08 PM Bug #1209 (Resolved): cannot restore encrypted configuration file: I'm unable to restore an encrypted configuration file in the latest 2.0 snapshot. It fails with a "real" config back... Jesse Norell
01:49 PM Bug #1208 (Closed): Limiters don't work on non-quick rules: Limiters should not be allowed to be specified on non-quick floating rules as they don't work in such a scenario. Chris Buechler
01:48 PM Bug #1207 (Resolved): Renaming a limiter creates new limiter: when a limiter is renamed it creates a new one rather than renaming it. Chris Buechler
01:38 PM Bug #1198 (Resolved): Incorrect tls-auth setting for Peer to Peer SSL/TLS OpenVPN Server with tls-auth enabled: thanks Chris Buechler
01:36 PM Bug #1198: Incorrect tls-auth setting for Peer to Peer SSL/TLS OpenVPN Server with tls-auth enabled: Hi, I upgraded to the Jan 17th firmware yesterday and I can confirm that this bug is fixed. Thanks! Joe Kelly
01:24 PM Bug #259 (Feedback): When disabling a dhcp interface, dhclient is not stopped: Ermal Luçi
09:41 AM Bug #259 (New): When disabling a dhcp interface, dhclient is not stopped: Jim Pingle
09:29 AM Bug #259 (Feedback): When disabling a dhcp interface, dhclient is not stopped: I just tested this with a clean 2.0 BETA5 i386 install and I still see dhclient messages in the system logs. Seth Mos
12:58 PM Bug #863: floating rules breaks passive mode ftp: There is some improvement, I can now use an ftp client on LAN in both passive or active mode, but still can't use pas... Jesse Norell
10:51 AM Bug #1206 (Rejected): OpenVPN client is not Multi-WAN capable: Out of the box, a single client instance will not fail from WAN1 to WAN2 when coming from pfSense itself. You can sel... Jim Pingle
10:43 AM Bug #1206 (Rejected): OpenVPN client is not Multi-WAN capable: After several day of trying every possible solution, I have to report that the built-in OpenVPN client is not multi-W... Stefan Seidel
10:50 AM Bug #463: PPTP VPN rediction does not work: This still does not work in Beta5, I still had to make the rules by hand. The the option "Redirect incoming PPTP conn... tarz an
07:30 AM Revision 911a262f: Prevent a IPv6 address from breaking system routing. This is a hack because we don't have the proper ip validation in 2.0 mainline: Seth Mos
06:19 AM Feature #1205 (Closed): VPN: User-based / Group-based firewall rules: Firewall rules on a per-user or per-group basis would be very helpfull.
This means we could limit acces to certain ... Mark Laagland
02:36 AM Revision ff998f10: fix DNS rebinding descr: Chris Buechler
12:07 AM Bug #1130 (Resolved): NAT reflection broken...: Chris Buechler
12:05 AM Bug #1130: NAT reflection broken...: 2.0-BETA5 (i386)built on Tue Jan 18 02:47:41 EST 2011 everything works fine!
Problem seems to have been solved.
... Brian Jensen

01/18/2011

10:21 PM Revision 532cb894: Ticket #836 Ticket #1194 and http://forum.pfsense.org/index.php/topic,32175.msg166263.html#msg166263 suggest that now that CP actions are quite fast its better to send the logout data before actually disconnecting the client.: Ermal LUÇI
09:13 PM Revision 85e3f445: Do not put a config entry for dhcpd if we cannot determine the subnet address. Reported-by: http://forum.pfsense.org/index.php/topic,32303.0.html: Ermal LUÇI
08:46 PM Bug #1130 (Feedback): NAT reflection broken...: Chris Buechler
05:30 PM Bug #1130: NAT reflection broken...: I haven't been able to reproduce any of these issues at least on a snapshot that is more recent than the comments her... Erik Fonnesbeck
08:38 PM Revision ba4f6e1d: Better way to determine the username for config descrs: Jim Pingle
08:38 PM Revision fa09d1b8: Fix variable name reference: Jim Pingle
08:38 PM Revision b1224cdc: Fix references to what was apparently supposed to be $g['booting'] and not $bootup.: Jim Pingle
08:38 PM Revision f9c8e64c: Add a description to this write_config() so it's a little more obvious what it's doing in the logs.: Jim Pingle
08:22 PM Revision 3644e29c: The use of log_error() requires util.inc: Warren Baker
05:19 PM Bug #1194 (Feedback): Captive Portal Logout Issue: The fix for putting disconnect after logout window committed please test. Ermal Luçi
05:19 PM Bug #836: Captive portal logout popup windows doesn't disconnect the user: Patch committed please test. Ermal Luçi
05:00 PM Bug #1151 (Feedback): Outgoing pptp Traffic-Flow stops after a while: Committed a fix just now.
Grab a snapshot from tomorrow and test. Ermal Luçi
04:00 PM Revision 1bbbd3dd: No need to set this here, we already set it in config.inc (and it takes precedence): Jim Pingle
03:38 PM Revision 4b08378c: No need to set this here anymore. We set it higher by default.: Jim Pingle
02:58 PM Revision 7d9b3d5e: Add the cron job a different way. There have been a couple reports of losing CAs during the config upgrade and this was the only added function at the time.: Jim Pingle
02:36 PM Bug #1075: rrd graphs missing / duplicate: Have you tried this on a newer snapshot? The Current Period graph at 12:00am to 7:59am should be working properly no... Erik Fonnesbeck
01:44 PM Bug #755: dnswatch not working: Pushed a patch to check for null hostnames from the bt it seems null hostname was passed to the gethostbyname which m... Ermal Luçi
11:35 AM Bug #755: dnswatch not working: Just for issue tracking - I have, offlist, mailed gdb output from the core to Ermal. Warren Baker
08:52 AM Revision 2db19fec: Fix broken merge, change variable name to define inet family: Seth Mos
08:10 AM Revision 1f74cd2d: Merge remote branch 'upstream/master': Conflicts:
etc/inc/interfaces.inc
etc/inc/system.inc Seth Mos
07:49 AM Bug #1177: Passive FTP: the last snapshot
built on Jan 18 04:33:29 EST
is working for me. Michael Heller
06:12 AM Bug #1177: Passive FTP: Clients from internal network to oudside ftp servers are working without problems.
CLient connecting from the intern... Branko Lukman
05:26 AM Bug #1177: Passive FTP: Michael Heller wrote:
> my ftp server is located behind opt interface of pfsense (dmz)
> the clients from LAN side ... Michael Heller
05:25 AM Bug #1177: Passive FTP: my ftp server is located behind opt interface of pfsense (dmz)
the clients from LAN side cannot connect with passive... Michael Heller
05:11 AM Bug #1177: Passive FTP: Normal clients behind nat. The FTP server is behind a nat too (pfsense).
Clients can connect without any problem, ... Blaise Hurtlin
05:07 AM Bug #1177: Passive FTP: Can you be more specific if the rdr to internal server of passive ftp does not work or normal client behind nat passi... Ermal Luçi
02:38 AM Bug #1177: Passive FTP: I can confirm this bug. The same appens here, passive FTP does not work (build of Jan 16 2011) Blaise Hurtlin
02:25 AM Bug #1177: Passive FTP: same here.
internal passive ftp with any rules doesen't work either.
Running 2.0-BETA5 (i386)
builtonMon Jan 17 ... Michael Heller
02:08 AM Bug #1177: Passive FTP: Running 2.0-BETA5 (i386)
built on Mon Jan 17 19:56:49 EST 2011 with NAT and 2 external interfaces. Port 21 forwarde... Branko Lukman
07:36 AM Bug #1188: lighttpd not starting after update 20110111: It should be better now, I make a commit to help out with this:
http://redmine.pfsense.org/projects/pfsense/reposito... Jim Pingle
05:32 AM Bug #1188 (Closed): lighttpd not starting after update 20110111: Chris Buechler
05:31 AM Bug #1188: lighttpd not starting after update 20110111: I think we can close this bug. Later updates does not cause this issue. Mykolas Norvaišas
05:29 AM Bug #1196 (Rejected): Upgraded today (haven't for a week or slightly more) and my servers are now sending out multicast IGMP packets?!: this has nothing to do with IGMP proxy and likely nothing to do with your firewalls at all, at a minimum it's a confi... Chris Buechler

01/17/2011

10:11 PM Revision 96e889fc: Specify the -inet family so that accidental IPv6 addresses here don't break the system routing.: Seth Mos
09:29 PM Revision 2b7ca9b2: Add the default value for the new tunable debug.pfftpproxy to 0. It allows to disable the pfftpproxy. Also add it to the default config.xml though no upgrade code should be needed since people can create this from the gui and hopefully do not need to know about this anyway.: Ermal LUÇI
08:08 PM Revision 9d7d2388: Really do not deactivate netgraph if the underlying interface is needed by it!: Ermal LUÇI
03:33 PM Bug #863 (Feedback): floating rules breaks passive mode ftp: Try a newer snapshot than the date of this post it should fix the issue.
although this is not target for 2.0 the fix... Ermal Luçi
03:32 PM Bug #1177 (Feedback): Passive FTP: Try a snapshot newer than this post which should fix the issues. Ermal Luçi
09:35 AM Feature #1204 (Needs Patch): Captive Portal Chart: Hi,
Is it possible to add a chart about Captive Portal users, some statistics on number of users, bandwidth usage ... Heder Dorneles Soares

01/16/2011

07:01 PM Bug #1203 (Rejected): No WAN DHCP Discover Request: either not a bug or not one we can do anything about, will respond on forum. Chris Buechler
06:58 PM Bug #1203 (Rejected): No WAN DHCP Discover Request: No WAN DHCP Discover Request being generated.
ICMPv6 Neighbor Solicitaion is done, but no DHCP Discover is done.
... NOYB NOYB
05:55 PM Bug #755 (New): dnswatch not working: Chris Buechler
01:13 PM Bug #755: dnswatch not working: Unfortunately this is still core dumping for me on latest snaps. Warren Baker
04:16 PM Bug #1202 (Resolved): Shell access permission required for IPsec Xauth clients: In order for a client to successfully authenticate against an IPsec mobile setup that has Xauth enabled, the user mus... Jim Pingle
04:08 PM pfSense Packages Bug #1201 (Rejected): OpenVPN: That is a configuration issue, start a thread on the forum and someone can probably help you. Jim Pingle
04:05 PM pfSense Packages Bug #1201 (Rejected): OpenVPN: VPN is connecting
router is injected into the client
by
All clients windows with Ip 10.10.199.6/24
wan 2... Joaquim Soares Soares
07:53 AM Bug #816: USB Keyboard Detection - Boot Hangs: I cannot reproduce this error, and used pfsense on many machines mainly with usb kayboards. From Beta4 tested on Via ... Krzysztof Augustyn
06:40 AM Bug #836: Captive portal logout popup windows doesn't disconnect the user: http://redmine.pfsense.org/issues/1194 L J

01/15/2011

05:52 PM Bug #836: Captive portal logout popup windows doesn't disconnect the user: Status -> Captive portal
There the user who are currently logged in are shown and a user who loggs out via button ... L J
03:03 PM Revision 756720e2: Ticket #1198. Fix code when checking client or server: Pierre POMES
11:30 AM pfSense Packages Bug #1200 (Closed): Navigational link in Shellcmd package broken: If you navigate to Services->Shellcmd and you want to get to the pfSense Dashboard by clicking the logo in the top le... James Lepthien
11:29 AM pfSense Packages Bug #1199 (Closed): Navigational link in Backup package broken: If you navigate to Diagnostics->Backup Files/Dir and you want to get to the pfSense Dashboard by clicking the logo in... James Lepthien
10:02 AM Bug #1198 (Feedback): Incorrect tls-auth setting for Peer to Peer SSL/TLS OpenVPN Server with tls-auth enabled: Hi !
Thanks for your detailed report. The problem should be fixed in the next snapshot.
Regards,
Pierre Pierre POMES
03:36 AM Bug #1183: Alias change reloads filter twice: This is now working correctly. Tested with NanoBSD built on Thu Jan 13 20:30:46 EST 2011. James Lepthien
03:35 AM Bug #1187 (Resolved): Creating NAT rule with valid (but long) label causes error loading pf rules: thanks Chris Buechler
03:33 AM Bug #1187: Creating NAT rule with valid (but long) label causes error loading pf rules: That is now working correctly - tested on NanoBSD built on Thu Jan 13 20:30:46 EST 2011. James Lepthien

01/14/2011

07:58 PM Revision 5a05633a: Fix serial port note text.: Jim Pingle
07:32 PM Bug #1198 (Resolved): Incorrect tls-auth setting for Peer to Peer SSL/TLS OpenVPN Server with tls-auth enabled: I found the following bug in pfSense 2.0-BETA4 (i386) built on Tue Dec 21 15:02:48 EST 2010.
I setup an OpenVPN se... Joe Kelly
07:14 PM Revision 75e9ed89: Remove extra brace: Jim Pingle
05:20 PM Revision 546f30ca: Better test for an empty CA to avoid writing out an empty CA file (some on the forum are seeing this.): Jim Pingle
04:15 PM Bug #1197 (Closed): Cannot log into the web interface using Opera Internet Browser v11: Thanks for letting us know what it was. At least it will be on here for others to see (and find via Google) if they h... Jim Pingle
04:10 PM Bug #1197: Cannot log into the web interface using Opera Internet Browser v11: I got it working after a some additional trial and error. I updated the site preferences for the pfsense web interfa... N L
03:46 PM Bug #1197: Cannot log into the web interface using Opera Internet Browser v11: Post in the forum and see if anyone else has any ideas there, or if anyone else has the same experience.
Also, if ... Jim Pingle
03:31 PM Bug #1197: Cannot log into the web interface using Opera Internet Browser v11: Works fine in Opera 11 on Windows for me too.
N L wrote:
>
> Any ideas?
Your Opera is broken? :) Chris Buechler
03:28 PM Bug #1197: Cannot log into the web interface using Opera Internet Browser v11: Jim P wrote:
> It works fine in Opera 11 on Windows and FreeBSD for me. Has since Opera 11 released.
Any ideas? N L
03:07 PM Bug #1197 (Feedback): Cannot log into the web interface using Opera Internet Browser v11: It works fine in Opera 11 on Windows and FreeBSD for me. Has since Opera 11 released. Jim Pingle
03:01 PM Bug #1197 (Closed): Cannot log into the web interface using Opera Internet Browser v11: This issue arises when attempting to log into the web interface using the Opera Internet Browser (version 11 tested).... N L
11:16 AM Bug #1196 (Rejected): Upgraded today (haven't for a week or slightly more) and my servers are now sending out multicast IGMP packets?!: I upgraded my pfsense 2.0 test boxes today for the first time in about a week.
All of a sudden my firewall logs ar... Gary Richards
08:46 AM Bug #1195 (Rejected): FTP: Duplicate of #1177, other issue is related/known. Jim Pingle
08:16 AM Bug #1195 (Rejected): FTP: I updated my pfsense box to 2.0-BETA5 built on jan 13 2011.
During my test I found out that my ftp server which is... Michael Heller
07:37 AM Bug #1194 (Closed): Captive Portal Logout Issue: There is a bug in the way the captive portal handles forced logout initiated by the user. Please see
http://forum.... Luis Soltero
06:36 AM Bug #1193 (Resolved): Traffic Shaper default queue Problem: As reported here a bug in traffic shaper:
When 2 or more queues are selected as default queue, you get a
_[filter... igor igor
12:42 AM pfSense Packages Bug #1080: Snort Installation fails: Installation of snort FAILED!
2.0-BETA5 (i386)
built on Thu Jan 13 19:33:19 EST 2011
As on 14-01-2011 Koti SK

01/13/2011

04:38 PM Feature #1192 (Resolved): Certificate Manager - Ability to Encrypt Private Keys When Exporting: I'm currently running pfSense 2.0-BETA5 (i386) built on Tue Jan 11 15:17:51 EST 2011. I love the Certificate Manager... Joe Kelly
03:26 PM Bug #1179 (Resolved): After NanoBSD Firmware upgrade pfSense doesn't reboot automatically: Jim Pingle
03:00 PM Bug #1179: After NanoBSD Firmware upgrade pfSense doesn't reboot automatically: Worked for me now. Just did an update to latest snap and it rebooted automatically. James Lepthien
02:33 PM Revision 396cfe2e: Validate imported CA/Cert a bit more strongly. Should fix #1190: Jim Pingle
11:35 AM Feature #1191 (Closed): Enable dynamic VLAN assignment at Captive Portal: Idea:
The Captive Portal Interface assigns an IP via the internal DHCP Server whitch lease time is limited to 10-30 ... L J
10:55 AM Bug #1168: Some description fields don't accept umlauts: Applied in changeset commit:"72b7aa4a8ebb397c21f923cc43a2fa6071a907e6". Jim Pingle
10:55 AM Bug #1187: Creating NAT rule with valid (but long) label causes error loading pf rules: Applied in changeset commit:"3b83b51ad2dd7d1ed3ecb0faab251813b3678a8e". Jim Pingle
10:55 AM Bug #1190 (Feedback): Incorrectly pasted SSL Cert breaks the webconfigurator: Applied in changeset commit:"396cfe2ee573696436e2c310f4d2610c1610965a". Jim Pingle
09:03 AM Bug #1190: Incorrectly pasted SSL Cert breaks the webconfigurator: We already validate the first line, but not the last. Extra safety belts may not hurt though.
The cert on the file... Jim Pingle
08:58 AM Bug #1190: Incorrectly pasted SSL Cert breaks the webconfigurator: Actually, I lie. That hasn't fixed it. /var/etc/cert.pem is being replaced when the webConfigurator restarts?!
Help! Gary Richards
08:55 AM Bug #1190 (Resolved): Incorrectly pasted SSL Cert breaks the webconfigurator: I just pasted an SSL cert into the cert manager to use as the cert for the web interface. I managed to paste the cert... Gary Richards
09:56 AM Bug #1188: lighttpd not starting after update 20110111: By default there is no CA with the stock HTTPS certificate, so a missing CA isn't really a problem. Jim Pingle
08:24 AM Bug #1188: lighttpd not starting after update 20110111: I see CA info is lost after update
*System: Certificate Authority Manager* shows no authorities (empty).
*System... Mykolas Norvaišas
07:27 AM Bug #1188: lighttpd not starting after update 20110111: one more note
webgui fails to start with my custom SSL certificate. With "webConfigurator default" certicicate HTT... Mykolas Norvaišas
06:46 AM Bug #1188: lighttpd not starting after update 20110111: This also happened to me on 2.0-BETA5 (i386) built on Thu Jan 13 02:45:05 EST 2011.
Editing config.xml to accept htt... Floris van Lint
06:01 AM Bug #1188: lighttpd not starting after update 20110111: starts working after reverting to HTTP Mykolas Norvaišas
06:00 AM Bug #1188 (Closed): lighttpd not starting after update 20110111: Webgui stopped working in HTTPS after update pfSense 2.0 BETA5 amd64 20110111... Mykolas Norvaišas
09:47 AM Bug #749 (New): Downstream queues should not be assigned to LAN interfaces: this doesn't mean downstream queues shouldn't exist at all, they should. Chris Buechler
08:50 AM Bug #749 (Resolved): Downstream queues should not be assigned to LAN interfaces: Though discussions on reverting this behaviour is ongoing. Ermal Luçi
09:03 AM Feature #1189: Gateway: Multiple monitor ips: biatche biatche wrote:
>
> I don't think many here would care for it, since most of you are from the 1st world w... Max Riedel
07:32 AM Feature #1189 (Duplicate): Gateway: Multiple monitor ips: Would be my first time making an entry here so if it's not within the rules bear with me thanks.
For gateways to s... Irwin Leong
05:07 AM Bug #621 (Resolved): Certificate Manager won't accept a windows CA signed certificate: Ermal Luçi
01:09 AM Bug #621: Certificate Manager won't accept a windows CA signed certificate: I think you fixed the problem. With the snapshot [2.0-BETA5 (i386) built on Wed Jan 12 18:38:12 EST 2011] I am able ... Brian McAndrew

01/12/2011

09:39 PM Revision ad0d6389: Bail on reinstalling all packages if we can't contact the package repo.: Jim Pingle
07:26 PM Revision 7201ca27: We no longer use /var/run/config.lock - catch up to other progress. Also, use lockf to test if the config is locked now, with a 30 second timeout.: Jim Pingle
07:19 PM Revision 311f93cd: Ticket #621. Sort even csr subject to have the matching go ok during import of externally signed cers.: Ermal LUÇI
06:45 PM Bug #1154: Kernel panic after connecting to OpenVPN: Successfully grabbed the panic in developer:
Kernel page fault with the following non-sleepable locks held:
exclu... Nick K
06:06 PM Revision 3b83b51a: Only copy 52 chars of a user descr to the pf rule. When added to the "USER_RULE: " prefix (11 chars) we hit the 63 char limit. Fixes #1187: Jim Pingle
05:23 PM Bug #1179 (Feedback): After NanoBSD Firmware upgrade pfSense doesn't reboot automatically: Should be OK after this commit:
https://rcs.pfsense.org/projects/pfsense/repos/mainline/commits/7201ca277ed66540baea... Jim Pingle
02:23 PM Bug #621: Certificate Manager won't accept a windows CA signed certificate: Ok i fixed even the CSR. Can you please try the latest snapshot or the do the last patch listed here manually? Ermal Luçi
01:49 PM Bug #1187 (Feedback): Creating NAT rule with valid (but long) label causes error loading pf rules: Should be OK with the commit I made, commit:3b83b51ad2dd7d1ed3ecb0faab251813b3678a8e Jim Pingle
09:42 AM Bug #1187 (Resolved): Creating NAT rule with valid (but long) label causes error loading pf rules: I created a Firewall: NAT: Port Forward: rule with a description of: "Redirect tftp requests to tftp-proxy running lo... Gary Richards
03:32 AM Bug #1186 (Confirmed): When in pure routing mode the rrd graphs are blank: When the filtering is disabled the graphs have no data to graph since we switched to pf counters.
Probably should ha... Ermal Luçi
02:37 AM Revision a8c35980: Revert "nuke content size.": This reverts commit 456962bde2b5b64f2feca58728d96c9c45463f1d. Scott Ullrich

01/11/2011

10:11 PM Bug #1154: Kernel panic after connecting to OpenVPN: We also reference the problem in http://forum.pfsense.org/index.php/topic,31721.0.html Nick K
09:27 PM Feature #1185 (Closed): PHP compression activation: Need to reactivate PHP compression:
- turn on zlib.output_compression in php.ini.
- make sure all generated downloa... Pierre POMES
05:13 PM Bug #1013 (Resolved): Captive Portal Reauthentication broken: Ermal Luçi
01:57 PM Bug #1013: Captive Portal Reauthentication broken: Update to new version did not work, reinstall did. Ticket could be closed!
Thx. L J
02:13 PM Feature #1184 (Resolved): Certificate Manager - Ability to add nsCertType=SERVER extension to certificates: Hi,
I'm running psSense 2.0-BETA4 (i386) built on Mon Dec 20 20:21:46 EST 2010. Loving it so far!
I am setting... Joe Kelly
02:28 AM Revision 34bf3b3b: Ticket #1183. Skip call to filter_configure() here, this will be done when user will click on 'apply changes' button in firewall_aliases.php: Pierre POMES

01/10/2011

11:38 PM Bug #1154: Kernel panic after connecting to OpenVPN: Chris,
Here is my thread on this also from dec 13
Old snaps worked fine. (oct) this happens on a few different fir... vito B
10:58 PM Revision 001cbed2: Sort installed packages in a case insensitive way on the widget and installed packages list.: Jim Pingle
10:57 PM Revision c1261315: Whitespace fixes: Jim Pingle
10:49 PM Revision b2254c7f: Sort services on the services status page and widget.: Jim Pingle
09:35 PM Bug #636: layer7 not work correctly: I currently get:
@ipfw-classifyd: unable to write to divert socket: No buffer space available@
If I have an l7 cl... James Snyder
09:29 PM Bug #1183 (Feedback): Alias change reloads filter twice: Keep the same logic as for firewall rules, and remove call to filter_configure when user saves the changes in firewal... Pierre POMES
09:12 PM Bug #1183: Alias change reloads filter twice: The first cal to filter_configure() occurs when saving the changes in firewall_aliases_edit.php.
The second one occ... Pierre POMES
06:01 PM Bug #1183 (Resolved): Alias change reloads filter twice: After changing an alias, the filter reloads twice, which can lead to a race condition "device busy" like the attached... Chris Buechler
09:23 PM Revision 887b5af5: Be more restrictive with PPTP passwords, invalid characters can blow up the config.: Jim Pingle
09:11 PM Revision d0dc2fd1: Bump config version, add upgrade code to setup cron job for URL table update script.: Jim Pingle
09:11 PM Revision dc074b0f: Update config.xml to a more recent version, include a cron job for URL table aliases updates.: Jim Pingle
09:06 PM Revision b7ff3186: Ticket #875. While ldconfig should be called by pkg code itself do it explicitly to have the cache file rebuilt with correct list.: Ermal LUÇI
08:52 PM Revision 24e61cce: Ticket #317. Unconditionally synchronize users on bootup this might prevent some reports of ssh keys not being there.: Ermal LUÇI
08:10 PM Bug #621: Certificate Manager won't accept a windows CA signed certificate: The latest snapshot [2.0-BETA5 (i386) built on Mon Jan 10 13:14:45 EST 2011], it still shows the error. Attached are... Brian McAndrew
03:11 PM Bug #621: Certificate Manager won't accept a windows CA signed certificate: I do not think that patch is in a Jan 7 snapshot.
Please try a more recent one. Ermal Luçi
05:21 PM Revision 0f70d563: Ticket #944. Do not use the interface_bring_down fucntion here since it is meant for assigned interfaces. Directly destroy previous vlan interface if parent changes.: Ermal LUÇI
05:00 PM Revision d0d70b03: Ticket #1013. Force NAS_PORT to be of type integer to avoid it being interpreted as char and generate wrong radius packet.: Ermal LUÇI
04:33 PM Todo #1139: Email notification test button: no target, some point in the future. Chris Buechler
04:32 PM Todo #1139: Email notification test button: Hi,
Targetted for 2.0 or 2.1 ?
Pierre
Pierre POMES
04:31 PM Bug #1090 (Resolved): clean up interfaces mess in setup wizard: Ermal Luçi
04:29 PM Todo #1071: Reevaluate locks: Most of what is necessary for 2.0 has been done.
I will leave this open for Future version for any other part that n... Ermal Luçi
04:25 PM Bug #853 (Resolved): PPPoE Server radius config not applied: Ermal Luçi
04:07 PM Bug #875: Uninstalling packages can remove system libraries: I added a ldconfig call to rebuilt the lib caches 'just in case'. Ermal Luçi
12:38 AM Bug #875: Uninstalling packages can remove system libraries: for instance: ... Chris Buechler
12:36 AM Bug #875: Uninstalling packages can remove system libraries: there are still possibilities here to destroy the system by uninstalling packages. Chris Buechler
03:58 PM Revision c97297fd: Add EasyRule images to all other themes. Should work in all themes now.: Jim Pingle
03:50 PM Bug #317 (Feedback): SSH authorized keys lost on upgrade on embedded: Can yo please try a snapshot from tomorrow and see if it works? Ermal Luçi
02:35 PM Revision f4015bd7: Turn back off zlib compression: Scott Ullrich
11:38 AM Todo #1182 (Closed): Integrate minicron to check_reload_status: It would be desirable to have minicron go away and integrate it with check_reload_status.
1) minicron is not complic... Ermal Luçi
11:26 AM Bug #944 (Feedback): Moving VLANs to lagg doesn't remove old VLANs: Committed the other fix because the previous relied on interface being assigned. Ermal Luçi
11:05 AM Bug #1013 (Feedback): Captive Portal Reauthentication broken: Ermal Luçi
11:02 AM Bug #1013: Captive Portal Reauthentication broken: I just committed a fix for the issue Chris reported.
L J -> if you ahve no output from that command means you will... Ermal Luçi
10:09 AM Feature #1181 (Closed): Allow a way to add protocols (such as udp) to a load balancer: I've been trying to configure load balanced DNS with pfsense 2.0. It occurred to me fairly quickly that this might no... Gary Richards
07:43 AM pfSense Packages Feature #1180 (Rejected): I'd love to see a central management in pfsense: There is already something in the works, but it's a separate piece of software (still very early in development). It ... Jim Pingle
05:30 AM pfSense Packages Feature #1180 (Rejected): I'd love to see a central management in pfsense: Hello,
i'd love to see a central management solution for the multiple pfsense firewalls. If you have more than one... Thomas Scholten
05:01 AM pfSense Packages Bug #1114: Snort Dashboard Widget has wrong link: Just a little update. Now i monitored several alerts so the depending files should exist. The link is still broken an... Thomas Scholten
03:45 AM Revision 17dd7ff3: allow 127.0.0.1 and localhost for HTTP_REFERER checks: Chris Buechler

01/09/2011

07:30 PM Bug #1178: Unable to select VLAN in PPPs interfaces: You've fallen prey to excess complexity. :) The UI is admittedly not intuitive.
Here are the steps to follow.
)... Marcus Brown
06:29 PM Revision 10e4d55e: Fix HTML errors reported by Eclipse using PHP perspective: Pierre POMES
11:49 AM Bug #1177: Passive FTP: To your First Question using 8.01 snapshot the
problem still exists.
Attached are pcap files (passwords/usernames... Martin Klein
03:50 AM Bug #1179 (Resolved): After NanoBSD Firmware upgrade pfSense doesn't reboot automatically: When the NanoBSD upgrade by webinterface is done the message 'NanoBSD Firmware upgrade is complete. Rebooting in 10 ... James Lepthien
03:11 AM Bug #1152 (Resolved): Client mode OpenVPN gateways sometimes not added to apinger: the main issue here is fixed. the remaining is just that it shows "Gathering data" on AJAX reloads only (status page ... Chris Buechler
03:03 AM Bug #733 (Resolved): Shaper: Unexplained 30% bandwidth max restriction in p2p catch all: Chris Buechler
02:57 AM Feature #753 (New): Add OpenVPN foreign_option support: OpenVPN interface assignments work fine set to type "none" as they should be, they have an automatically handled dyna... Chris Buechler
02:38 AM Bug #944 (New): Moving VLANs to lagg doesn't remove old VLANs: no change. When changing a VLAN from a physical interface to lagg or vice versa, it leaves the old VLAN interface as ... Chris Buechler
02:23 AM Bug #755 (Resolved): dnswatch not working: Chris Buechler
02:23 AM Bug #1087 (Resolved): vouchers need to save to CF periodically: Chris Buechler
02:22 AM Bug #1083 (Resolved): aliases cause error when creating NAT 1:1 rules: Chris Buechler
02:21 AM Feature #820 (Resolved): Expose interface for PF address pools on outbound NAT rules: looks like this is all good. Chris Buechler

01/08/2011

04:10 PM Revision 5186f104: Added Unbound to the package section for correct link to doc site.: Warren Baker
10:23 AM Bug #1049: After reinstalling packages at bootup, WebUI not accessable (NanoBSD): Keep an eye on it for your next firmware upgrade. Even though there weren't any more changes to that part, I'm curiou... Jim Pingle
07:47 AM Bug #1049: After reinstalling packages at bootup, WebUI not accessable (NanoBSD): I tested this now with snapshot 1/8 and the problem is kinda gone. Although not all packages got reinstalled automati... James Lepthien

01/07/2011

10:39 PM Revision 1c42331b: Stop spewing backup info on bootup: Scott Ullrich
10:28 PM Revision 52f4c092: Add back booting check that existed prior to refcount code. We will improve upon this next week.: Scott Ullrich
09:37 PM Revision b89c34aa: Ticket #621. sort the contents of array used for generating subject by keys so whenever we do subject comparison we will not have problem just because of the array keys ordering.: Ermal LUÇI
08:58 PM Bug #621: Certificate Manager won't accept a windows CA signed certificate: Using the latest snapshot [2.0-BETA5 (i386) built on Fri Jan 7 15:25:33 EST 2011], it still shows the error:
The cer... Brian McAndrew
06:19 PM Bug #621: Certificate Manager won't accept a windows CA signed certificate: I will try it out sometime during the weekend, and get back to you.
Thanks! :D Maxim Hansen
04:36 PM Bug #621 (Feedback): Certificate Manager won't accept a windows CA signed certificate: Patch is on latest snapshot please test with them. Ermal Luçi
02:34 PM Bug #621: Certificate Manager won't accept a windows CA signed certificate: After checking this more thoroughly this seems to be just about the diff in the created subject.
Another method sh... Ermal Luçi
07:44 PM Bug #1013 (New): Captive Portal Reauthentication broken: There is still a regression here with reauthentication. It does re-authenticate, but at least MS IAS refuses the requ... Chris Buechler
05:44 PM Bug #1013: Captive Portal Reauthentication broken: The command above gives no result. I captured the traffic for 2 minutes after logging in.
Could you please post wh... L J
02:04 PM Bug #1013: Captive Portal Reauthentication broken: I just tested this and it works fine.
19:02:26.807863 IP 192.168.30.1.30906 > pfSense.localdomain.radius: RADIUS, Ac... Ermal Luçi
06:21 PM Bug #1049: After reinstalling packages at bootup, WebUI not accessable (NanoBSD): Should be OK on the next new snapshot dated after this post. (Note that the one building right now does not include t... Jim Pingle
04:07 PM Bug #1049: After reinstalling packages at bootup, WebUI not accessable (NanoBSD): This is easy to reproduce with siproxd as well, no firmware update required.
Just rm /usr/local/pkg/siproxd* and r... Jim Pingle
10:28 AM Bug #1049: After reinstalling packages at bootup, WebUI not accessable (NanoBSD): Just had the problem with the gui not showing when upgrading from 2.0beta4 to beta5. after a reboot it came back up Chris Baker
05:33 PM Bug #1178: Unable to select VLAN in PPPs interfaces: When I select WAN interface in PPP editor for pppoe0, I get a kernel panic. Xavier Romain
05:19 PM Bug #1178: Unable to select VLAN in PPPs interfaces: Some screenshots may help you to understand my problem... Xavier Romain
05:11 PM Bug #1178: Unable to select VLAN in PPPs interfaces: For 2.0 you have either to assign vlan and on interfaces->$assignedone choose pppoe.
Or assign the vlan and then on ... Ermal Luçi
05:03 PM Bug #1178 (Closed): Unable to select VLAN in PPPs interfaces: VLAN interfaces does not appear in PPPs link interfaces.
I have two physical interfaces:
- le0 (used for LAN)
- ... Xavier Romain
03:53 PM Revision b2b15543: Need to use Unlink in tar: Scott Ullrich
12:57 PM Bug #1177: Passive FTP: Please post packet traces on both sides of the connection.
And the 7 snapshot has another fix in that area so try wit... Ermal Luçi
08:17 AM Bug #1177 (Resolved): Passive FTP: On a Thu Jan 6 02:48:15 EST 2011 Snapshot
I am no longer able to connect to an internal
ftp server using pasv mode.... Martin Klein
11:37 AM Bug #1151: Outgoing pptp Traffic-Flow stops after a while: 2.0BETA5 Built on 1/7/11 still has this problem. My current work around is to do a constant ping to something on the... Chris Baker
08:59 AM Bug #1175 (Resolved): Captive Portal Status Fatal error:: Jim Pingle
08:56 AM Bug #1175: Captive Portal Status Fatal error:: OK Ok solved Joaquim Soares Soares
08:29 AM Bug #1175 (Feedback): Captive Portal Status Fatal error:: Are you sure this is still a problem on current snapshots? A fix was committed days ago:
https://rcs.pfsense.org/p... Jim Pingle
07:50 AM Bug #1175 (Resolved): Captive Portal Status Fatal error:: Captive Portal Status not disconnect_client() in widget
Fatal error: Call to undefined function captiveportal_di... Joaquim Soares Soares
07:23 AM Bug #636: layer7 not work correctly: Max Riedel wrote:
> I just tried it with ssh.
> I created a new Layer7 group, enabled it, gave it a name, selected ... Max Riedel
07:19 AM Bug #636: layer7 not work correctly: I just tried it with ssh.
I created a new Layer7 group, enabled it, gave it a name, selected ssh as protocol action ... Max Riedel
07:18 AM Feature #1174 (Closed): Allow a way to force a vip configured on the 'CARP master server' to use another host at the master for the vip: I have a pair of pfsense 2.0 beta servers. I'm syncing config between the servers so that I edit on my 'primary' serv... Gary Richards

01/06/2011

11:56 PM Revision 06e57df8: Shorten english: Scott Ullrich
11:30 PM Revision c2272d6d: Scroll the textarea to bottom on each update: Scott Ullrich
11:09 PM Revision 61f0a115: Take into account< 10 too: Scott Ullrich
11:06 PM Bug #1173 (Closed): RRD Graph for cellular - not working for huawei E1762: It was suggested that I open a bug report for this RRD issue:
I can report that my Huawei E1762 USB modem seems to... Jai Lamerton
11:02 PM Revision a0e157e9: When installing packages on console (downloading) only show every 10% meaning 10% 20% 30% instead of 1% 2% 3% 4% 5%, etc: Scott Ullrich
10:48 PM Revision 86af45ec: Ensure $pkg is defined. Send pkg_delete errors to /tmp/pkg-delete_errors.txt: Scott Ullrich
10:37 PM Revision 64974db7: Fix package dependency check code now that we no longer nuke /var/db/pkg/ before operating on packages: Scott Ullrich
09:53 PM Revision 28ed552d: Strip off the space between @depend and the package name. Otherwise it will return a space in front of the pkgname: Scott Ullrich
09:39 PM Revision 550fea7a: Do not unlink file, it's handled by behind the scenes pkg-utils.inc code: Scott Ullrich
09:06 PM Revision 7aa9ab00: Fix typo: Scott Ullrich
08:58 PM Revision 608b154d: Shorten repo download message: Scott Ullrich
08:55 PM Revision ca99d6a6: Do not show already installed messages which fill up the textarea too many times: Scott Ullrich
08:49 PM Revision 0c78d2d0: Include pkg-utils.inc: Scott Ullrich
07:33 PM Bug #1171: Switching from HTTPS to HTTP does not mark certificate as unused: This is probably because even though HTTP is chosen, the certref is still kept in the config, so if they go back to H... Jim Pingle
06:29 PM Bug #1171 (Resolved): Switching from HTTPS to HTTP does not mark certificate as unused: If you switch from HTTPS to HTTP, the certificate used for HTTPS is still marked as used where it should not be. Chris Buechler
06:53 PM Revision 72b7aa4a: Also CDATA protect the detail field. Fixes #1168: Jim Pingle
06:52 PM Revision d865241e: Don't run mb_convert_encoding on descr field, it's cdata protected in the config now and this just causes some characters to be lost on input. Ticket #1168: Jim Pingle
06:40 PM Feature #1172 (Closed): CRL revoke button on certificates screen.: duplicate of #1170 Chris Buechler
06:36 PM Feature #1172 (Closed): CRL revoke button on certificates screen.: It would be nice to have a revoke button under the certificates screen.
This would make easy using CRLs and more int... Ermal Luçi
06:30 PM Bug #161 (Resolved): HTTPS certificates invalid - duplicate serial: this is actually only possible if you manually screw with your certs in the config, it generates serials correctly un... Chris Buechler
10:30 AM Bug #161: HTTPS certificates invalid - duplicate serial: I don't have this issue on the snapshot of today 20110106-0206. Running firefox 3.6.13. Sander Naudts
06:28 PM Feature #1170 (Resolved): Certificates tab should have revoke option in addition to delete: To ease the process of revoking a cert, system_certmanager.php should have an option to revoke a certificate Chris Buechler
02:17 PM Bug #1168 (Feedback): Some description fields don't accept umlauts: Not sure why it didn't associate itself on the ticket, but this should be fixed by the following commit:
https://r... Jim Pingle
08:51 AM Bug #1168: Some description fields don't accept umlauts: The per-entry description field, internally called "detail", is not CDATA escaped like the main description field so ... Jim Pingle
07:15 AM Bug #1168 (Resolved): Some description fields don't accept umlauts: Entering chars like umlauts in the description-fields of aliases, they are not shown later.
Entering umlauts in the ... igor igor
12:31 PM Bug #317 (New): SSH authorized keys lost on upgrade on embedded: This has apparently started happening again:
http://forum.pfsense.org/index.php/topic,31906.0.html
Jim Pingle
10:27 AM pfSense Packages Bug #1166 (Closed): incorrect url for unbound-1.4.7: Alright, I'll close this out then. Jim Pingle
10:23 AM pfSense Packages Bug #1166: incorrect url for unbound-1.4.7: Works for me after a few hours of sleep :-) Case closed. Steve MacGregor
08:19 AM pfSense Packages Bug #1166 (Feedback): incorrect url for unbound-1.4.7: Can you try this again? http://files.pfsense.org/packages/8/All/unbound-1.4.7.tbz Is present on our server. When I f... Jim Pingle
05:52 AM pfSense Packages Bug #1166 (Closed): incorrect url for unbound-1.4.7: I noticed this issue after upgrading to the latest snapshot. I had all kinds of unspecified problems with the upgrade... Steve MacGregor
08:59 AM Feature #1169: Add load balancer status in SNMP: If there is, it won't be trivial to do. We use bsnmpd, and last I looked it did not support an exec call for custom O... Jim Pingle
08:54 AM Feature #1169 (Closed): Add load balancer status in SNMP: Hi,
Is it possible to add an OID entry to get the status of the wan load balancer in SNMP? Eg: WAN1 on/offline, OP... Sander Naudts
08:14 AM pfSense Packages Bug #1165 (Rejected): Fatal error: Cannot redeclare alias_expand_urltable() (previously declared in /etc/inc/util.inc:490) in /etc/inc/util.inc on line 505: The ticket system is English only, please, and it's not a place to request support. Post on the French forum (http://... Jim Pingle
05:38 AM pfSense Packages Bug #1165 (Rejected): Fatal error: Cannot redeclare alias_expand_urltable() (previously declared in /etc/inc/util.inc:490) in /etc/inc/util.inc on line 505: bonjour tout le monde
j'ai une erreur avec pfsense
Fatal error: Cannot redeclare alias_expand_urltable() (previou... dhia sgha
08:09 AM pfSense Packages Bug #1167 (Rejected): Fatal error: Cannot redeclare alias_expand_urltable() (previously declared in /etc/inc/util.inc:490) in /etc/inc/util.inc on line 505: Duplicate of #1165 Jim Pingle
07:44 AM pfSense Packages Bug #1167: Fatal error: Cannot redeclare alias_expand_urltable() (previously declared in /etc/inc/util.inc:490) in /etc/inc/util.inc on line 505: Salut,
en anglais svp :)
english please :) Alexandre Paradis
06:15 AM pfSense Packages Bug #1167 (Rejected): Fatal error: Cannot redeclare alias_expand_urltable() (previously declared in /etc/inc/util.inc:490) in /etc/inc/util.inc on line 505: bonjour tout le monde
j'ai une erreur avec pfsense
Fatal error: Cannot redeclare alias_expand_urltable() (previou... dhia sgha
04:52 AM pfSense Packages Bug #1164: Installing pfSense 2.0 on a Dell PowerEdge R210: Okay, thanks for the warning.
Lauro Lauro Trajano
02:04 AM pfSense Packages Bug #1164 (Rejected): Installing pfSense 2.0 on a Dell PowerEdge R210: This is not the forum, please go to forum.pfsense.org and post there. This is only for specific, detailed bug reports... Chris Buechler
01:59 AM pfSense Packages Bug #1164 (Rejected): Installing pfSense 2.0 on a Dell PowerEdge R210: Hi all,
This is my first post in this forum
I hope to contribute with friends.
Well, I have the following prob... Lauro Trajano

01/05/2011

11:30 PM Revision 19e76a0b: Do not center hard drive upgrade image: Scott Ullrich
11:20 PM Revision 4944d592: Increase textarea column size.: Scott Ullrich
11:18 PM Revision bdf790aa: Clarify a few lines of text: Scott Ullrich
11:14 PM Bug #636: layer7 not work correctly: 2.0-BETA5 (i386) built on Wed Jan 5 12:00:59 EST 2011
Still doesn't appear to be working. Opened up the default LA... Seth Scardefield
04:06 PM Bug #636: layer7 not work correctly: I committed changes in kernel yet again which should impact even layer7.
Feedback from new snapshot is welcomed. Ermal Luçi
09:54 PM Revision 456962bd: nuke content size.: Scott Ullrich
09:50 PM Revision 9d308f58: Do not nuke /var/db/pkg now that 2.0 has better handling: Scott Ullrich
09:44 PM Revision 9b193619: Reinstall packages on bootup during console. Ticket #1156: Scott Ullrich
09:28 PM Revision fe868e1d: Revert "Swoop through and stop any packages prior to upgrade. Ticket #1156": This reverts commit cf42de70c84632bcee5d6d545b1242f14a73c618. Scott Ullrich
09:22 PM Revision cf42de70: Swoop through and stop any packages prior to upgrade. Ticket #1156: Scott Ullrich
09:10 PM Revision 7d62c4c8: Ticket #491. Correct username/password name fields so upgrade works correctly.: Ermal LUÇI
08:43 PM Revision 6ae19856: Actually use sigkillbypid.: Ermal LUÇI
08:41 PM Revision e7af9a80: Send a HUP to racoon which is equivalent to the reload-config racoonctl command which seems to not work in 0.7.3 of ipsec-tools.: Ermal LUÇI
08:23 PM pfSense Packages Bug #1163 (Rejected): Squid not restart in widget: pfSense-2.0-BETA5-20110105-1707.iso.gz in widget Squid stop by not restart
Joaquim Soares Soares
07:27 PM Revision 2646434b: Set status field to upgrade in progtress during upgrade: Scott Ullrich
06:02 PM pfSense Packages Bug #1024 (New): Snort GUI broken in latest snapshots: Chris Buechler
05:27 PM pfSense Packages Bug #1024: Snort GUI broken in latest snapshots: New Bug #1162 Nelson LeBlanc
05:16 PM pfSense Packages Bug #1024: Snort GUI broken in latest snapshots: I'm having this exact issue after upgrading to the latest Beta5 snapshot and installing the snort package. Nelson LeBlanc
02:41 PM pfSense Packages Bug #1024: Snort GUI broken in latest snapshots: This problem is back after snapshot from the 3 jan, still present in the snapshot from the 5 jan.
Problem first no... Flemming Dal Joergensen
05:33 PM pfSense Packages Bug #1162: Snort GUI broken in latest snapshot: Sorry, I thought this was appropriate since #1024 is closed. Nelson LeBlanc
05:29 PM pfSense Packages Bug #1162 (Rejected): Snort GUI broken in latest snapshot: duplicate of #1024 Chris Buechler
05:26 PM pfSense Packages Bug #1162: Snort GUI broken in latest snapshot: Clarification:
snort_interfaces.php was working fine BEFORE I added an interface. Nelson LeBlanc
05:23 PM pfSense Packages Bug #1162 (Rejected): Snort GUI broken in latest snapshot: The GUI for /snort/snort_interfaces.php is broken.
This is same issue as in Bug #1024.
I am having the same iss... Nelson LeBlanc
04:31 PM Bug #733: Shaper: Unexplained 30% bandwidth max restriction in p2p catch all: Its just a reload of the settings that take part in the les than 30% calculation. Ermal Luçi
04:29 PM Bug #1000 (Closed): lagg not working set to failover.: Closing since it relates to #1093. Ermal Luçi
04:26 PM Bug #1093: Problems with em(4): This is with 8.2 driver in the builds. Ermal Luçi
04:14 PM Bug #863: floating rules breaks passive mode ftp: Well its a bug per se but i would not consider it critical for 2.0.
Its rather unusual to filter outgoing on a box t... Ermal Luçi
04:09 PM Bug #491 (Feedback): Dynamic DNS upgrade code not working: Should be ok now. It was using not correct key values to assign. Ermal Luçi
03:10 PM Bug #1159 (Rejected): Traffic is not passed if GW is on same interface: this is a config issue of some sort, not a bug. I suspect related to the difference in automatic NATing where gateway... Chris Buechler
02:13 PM Bug #1159 (Rejected): Traffic is not passed if GW is on same interface: Hello,
Example:
WAN-Interface:10.0.0.2 GW1: 10.0.0.1
LAN-Interface:10.0.100.1 GW2: 10.0.100.2
OPT1-Interface: ... L J
02:38 PM Bug #1161 (Rejected): FTP-proxy don't start at boot: FTP proxy is in the kernel on 2.0 and has no daemon. Jim Pingle
02:36 PM Bug #1161 (Rejected): FTP-proxy don't start at boot: Hello,
ftp Helper seems don't work on pfsense 2.0 beta5 build on 01/01/2011
I d'on't find any process listen on... sebastien le guillerm
02:32 PM pfSense Packages Bug #1131 (Feedback): str_split function missing in squidGuard: Fixed per dvserg Jim Pingle
02:32 PM pfSense Packages Bug #1094 (Feedback): Clicking pfSense logo start deinstall/reinstall of HAVP package: Fixed per dvserg Jim Pingle
02:26 PM Bug #1013: Captive Portal Reauthentication broken: config file again (now it works ?!?) L J
02:24 PM Bug #1013: Captive Portal Reauthentication broken: There seems to be no feature for packet sniffing ;-). I used Wireshark at the RADIUS Server. The used user was test, ... L J
11:22 AM Bug #1075: rrd graphs missing / duplicate: Well the issue seems to change a bit depending
on the current time.
at 17:18 (gmt+1) i see :
1h , 1min avg
1d... Martin Klein
09:31 AM Bug #1158 (Resolved): DNS servers from DHCP/PPPoE missing: Jim Pingle
09:31 AM Bug #1158: DNS servers from DHCP/PPPoE missing: I had this problem too.
Works for me now on version Wed Jan 5 03:16:13 EST 2011
Thanks! Lori Paniak
06:19 AM Revision c22632db: fix text: Chris Buechler

01/04/2011

11:56 PM Revision 0b821acf: comment out unfinished OpenVPN Users alias option, can finish for a post-2.0 release: Chris Buechler
11:37 PM Bug #1141 (Resolved): smtp authentication not working: thanks Chris Buechler
11:32 PM Bug #1141: smtp authentication not working: Works for me.
Thanks! Lori Paniak
09:39 PM Bug #475: L2TP is not functional in the way users will expect: L2TP is likely just going to be plain L2TP for 2.0 and we can work out the IPsec bits later. The underlying software ... Chris Buechler
10:43 AM Bug #475: L2TP is not functional in the way users will expect: Hello,
This is functionality that I could really use, and would be happy to assist in any way that I can. However... Thomas Reagan
08:35 PM Bug #1116: IPsec error, racoon won't start with more than one phase 2: Hi David,
I am curious on the third subnet problem with your iPhone. In your pfSense IPSEC logs, do you have entri... Pierre POMES
12:11 PM Bug #1116: IPsec error, racoon won't start with more than one phase 2: Excellent, the iPhone access is not my priority right now though it is odd I could only get to two of the three subne... David Szpunar
07:16 PM Revision 99fbc94a: Forgot to up the array count.: Warren Baker
07:15 PM Revision 64c86313: Add kern.ipc.maxsockbuf to upgrade config and remove extra whitespace.: Warren Baker
07:00 PM Bug #1151: Outgoing pptp Traffic-Flow stops after a while: Thank you for the link.
Workarround seems to work in my environment, cause I just have one client, needing the pptp ... Christian Schwarz
06:32 PM Revision 807fd6cd: Unbreak dns server colletion. Pointyhat: myself: Ermal LUÇI
05:27 PM Revision abe7607f: Add sysctl for maximum socket buffer sizing. Set to 42621444. This is needed for some heavily loaded servers running unbound, squid, etc: Scott Ullrich
02:49 PM Bug #1075: rrd graphs missing / duplicate: I no longer see this issue.
mysnap
2.0-BETA5 (i386)
built on Mon Jan 3 13:22:20 EST 2011
JohnPoz _
02:24 PM Bug #1158: DNS servers from DHCP/PPPoE missing: I have 6 pfsense and one test.
Will test tomorrow.
Thank you.
Behzad Barzideh
02:14 PM Bug #1158: DNS servers from DHCP/PPPoE missing: It would not be in a new build yet. Do a gitsync (http://doc.pfsense.org/index.php/Updating_pfSense_code_between_snap... Jim Pingle
02:11 PM Bug #1158: DNS servers from DHCP/PPPoE missing: Sorry no go
2.0-BETA5 (i386) built on Tue Jan 4 07:15:40 EST 2011
Behzad Barzideh
01:44 PM Bug #1158 (Feedback): DNS servers from DHCP/PPPoE missing: https://rcs.pfsense.org/projects/pfsense/repos/mainline/commits/807fd6cd358c71dd48fb7766e49f05f86b93d3fb
Is the fix ... Ermal Luçi
12:19 PM Bug #1158: DNS servers from DHCP/PPPoE missing: I am seeing this in a VM as well. With DHCP on WAN, no DNS servers are present on the firewall. Jim Pingle
10:09 AM Bug #1158: DNS servers from DHCP/PPPoE missing: the WAN interface is on DHCP. the ISP DNS is missing.
under System: General Setup enter DNS. everything is working n... Behzad Barzideh
09:59 AM Bug #1158 (Resolved): DNS servers from DHCP/PPPoE missing: upgrade to 2.0-BETA5 (i386) built on Mon Jan 3 23:29:55 EST 2011.
could not access any web site.
performed DNS, re... Behzad Barzideh
05:33 AM Bug #911: Need option to disable state killing on WAN failure: Please don't post questions on tickets, post to the forum or mailing list. Chris Buechler
05:29 AM Bug #911: Need option to disable state killing on WAN failure: Can someone please confirm that when apinger detects a monitor IP as being down, provided there aren't any load balan... Jonathan Tripathy
02:57 AM pfSense Packages Bug #1157: Open VMware Tools installed, enable VMXNET2 interface -> crash pfSense: I (re)-found this topic on pfSense forum:
http://forum.pfsense.org/index.php?topic=25439.0
-----------
I remember ... test test
02:22 AM pfSense Packages Bug #1157 (Closed): Open VMware Tools installed, enable VMXNET2 interface -> crash pfSense: I tried to install Open VMware Tools, the tool successfully installed.
From the console I could see the system detec... test test
02:56 AM Bug #161 (New): HTTPS certificates invalid - duplicate serial: This has regressed it appears, after generating an internal certificate and changing the web interface to HTTPS, I en... Chris Buechler
02:20 AM Revision 0238cc4a: don't use hard coded theme: Chris Buechler
02:07 AM Bug #1154: Kernel panic after connecting to OpenVPN: We've done multiple production 2.0 OpenVPN deployments within the past week even and haven't seen this. Please attach... Chris Buechler
01:50 AM Revision 68fef56f: fix CP dashboard widget: Chris Buechler

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

02/02/2011

02/01/2011

01/31/2011

01/29/2011

01/28/2011

01/27/2011

01/26/2011

01/25/2011

01/24/2011

01/23/2011

01/22/2011

01/21/2011

01/20/2011

01/19/2011

01/18/2011

01/17/2011

01/16/2011

01/15/2011

01/14/2011

01/13/2011

01/12/2011

01/11/2011

01/10/2011

01/09/2011

01/08/2011

01/07/2011

01/06/2011

01/05/2011

01/04/2011