Project

General

Profile

Activity

From 02/03/2011 to 03/04/2011

03/04/2011

10:05 PM Revision fd4151a9: Enforce session establishment.
Ermal LUÇI
10:02 PM Revision bb7469ca: Enforce session establishment.
Ermal LUÇI
10:00 PM Revision de4333ba: Enforce session establishment.
Ermal LUÇI
09:53 PM Revision 9fbb3599: Add missing pages to the authentication system.
Ermal LUÇI
08:50 PM Revision c53eb903: Be smart and remove the needs package sync toggle since the begining otherwise not behaving packages might mess up the whole thing.
Ermal LUÇI
08:27 PM Revision ce1942d6: Oops more make code correct.
Ermal LUÇI
08:24 PM Revision 328c1def: Oops make code correct.
Ermal LUÇI
08:15 PM Revision 006802ab: * Prevent concurrent logins on CP to not be recorded on the DB.
* Make the locking more complex to avoid locking exclusively during pruning task which would hurt a lot CP performanc... Ermal LUÇI
07:52 PM Bug #1292: PPTP server with Radius breaks on upgrade from 1.2.3 to 2.0
here's a pretty stock config that exhibits problems Chris Buechler
04:28 PM Bug #1292: PPTP server with Radius breaks on upgrade from 1.2.3 to 2.0
Can you post your pptp section from the 1.2.3 config? Ermal Luçi
06:11 PM Bug #1251: /tmp/post_upgrade_command.php is not executing when going from 1.2.3 to 2.0
Ermal Luçi wrote:
> From post_upgrade_command.php
> [...]
>
> Shouldn't that be unconditional?
Shouldn't run ... Chris Buechler
04:27 PM Bug #1251: /tmp/post_upgrade_command.php is not executing when going from 1.2.3 to 2.0
From post_upgrade_command.php... Ermal Luçi
05:37 PM Revision 9ccecb65: If the interface triggering rc.newwanip is not assigned just reload packages and the filter and exit.
Ermal LUÇI
04:53 PM Feature #620: No privilege choice to allow access to Dashboard
Although that is not easy on 2.0
You need to add also
Allow access to the 'XMLRPC Interface Stats' page. Ermal Luçi
04:34 PM Bug #1107 (Feedback): mpd on AMD64 generates invalid checksums with NAT
You should be able to fix this by setting a MSS or lowering the mtu on openvpn interface. MTU seems to be your problem. Ermal Luçi
04:32 PM Bug #1270 (Feedback): bug with captive portal widget
Can you please try latest snapshot.
I incidentally should have resolved this as well during locking fixes on CP. Ermal Luçi
04:20 PM Bug #1310: Check pakcage .inc files before including to avoid potential breakage
That is too much overhead to be done dynamically.
eval() was supposed to help here but you cannot catch fatal parser... Ermal Luçi
04:18 PM Bug #1318: Certificate error: certificate subject does not match signing request subject
Can you show the subject that is displayed on pfSense screen of the signing request? Ermal Luçi
04:01 PM Revision 17a5b095: Correct one more variable in the process
Seth Mos
03:51 PM Revision 4f332466: Fix broken gateway logic that mixed up v4 and v6
Seth Mos
01:09 PM Revision 1b761f36: Check if the protocol is empty, not just if it's set. Fixes #1323
Jim Pingle
01:04 PM Revision 1c1a74fa: Only change protocol if it's set and not empty.
Jim Pingle
08:10 AM Bug #1323 (Feedback): Wrong rule file generation with build "Thu Mar 3 19:27:51 EST 2011"
Applied in changeset commit:"1b761f36b7c2c484f894e6412a1efad769533696". Jim Pingle
06:16 AM Bug #1323: Wrong rule file generation with build "Thu Mar 3 19:27:51 EST 2011"
/etc/inc/filter.inc, change line 1763 into
if(isset($rule['protocol']) && !empty($rule['protocol'])) { Martin Dupont
05:45 AM Bug #1323 (Resolved): Wrong rule file generation with build "Thu Mar 3 19:27:51 EST 2011"
The file which creates rules for pf (probably filter.inc), is creating wrong lines for rules which have no specific p... Martin Dupont
02:59 AM Bug #943: 2.0-BETA4 Dynamic DNS updates not working
I am seeing this behaviour on RC1 (and was also on several Beta 5 builds prior to updating to RC1) with a 3G connecti... Ross Williamson

03/03/2011

09:13 PM Revision 7ec0e6e2: Add upgrade code to ensure rule protocols are all lower case.
Jim Pingle
08:40 PM Revision 06b3df52: Make this lowercase before checking, or people who ended up with TCP or UDP in their config might end up with rules that have no port specified, leaving them a bit more open than expected.
Jim Pingle
08:30 PM Revision 4e8e7662: Blind coded a edit page for IPv6. the subnet check needs to be written entirely. Checking if the IP address falls within the v6 subnet isn't so hard, what is harder is making sure that the ip does not fall within the dynamic subnet. For that we need proper subnet math calculus. Which we don't have yet.
Seth Mos
08:18 PM Revision 11085d2a: Add the neighbour table to the menu
Seth Mos
08:16 PM Revision aed47758: Fix the link to point to the v6 edit page instead
Seth Mos
08:15 PM Feature #1322 (Rejected): Squid 3
Im adding packages, squid3 is marked as alpha,
this is correct? ?? ?? Joaquim Soares Soares
08:13 PM Revision 0461114f: Add the IPv6 Neighbour list status page
Seth Mos
04:56 PM Bug #1320 (Closed): make src-nodes configurable
already done in 2.0
 Chris Buechler
04:44 PM Bug #1320 (Closed): make src-nodes configurable
We recently run into the 10,000 src-nodes limitations on our firewall (1.2.3) and had to increase it manually.
Her... Nick Brachet
04:54 PM Feature #1321 (Closed): Expose the maximum number of state entries a rule can create
We recently ran into an issue where we ran out of state entries which effectively made the firewall unresponsive. Sti... Nick Brachet
04:30 PM Revision 4f4e85df: Make sure we tell the code that the interface exists otherwise multiple laggs might get created.
Ermal LUÇI
04:30 PM Revision ee487a68: Not needed anymore.
Ermal LUÇI
02:24 PM Revision 6be90004: Ensure the protocol on the firewall rule from the OpenVPN wizard ends up lower case, or it causes some GUI irregularities. Seen http://forum.pfsense.org/index.php/topic,33865.0.html and elsewhere.
Jim Pingle
05:42 AM Revision 67b0ed57: lower limit to 101 MB
Chris Buechler
01:56 AM Bug #560 (Resolved): loader.conf is empty after a firmware update.
overwriting the changes is normal and unavoidable, just make sure your customizations are in .local and you can make ... Chris Buechler
01:26 AM Bug #560: loader.conf is empty after a firmware update.
Just upgraded from 1.2.3 Embedded to 2.0-RC1 Embedded. Loader.conf was NOT blank, but the changes I had put in there... Braden McGrath
01:24 AM Bug #560: loader.conf is empty after a firmware update.
Just upgraded from 1.2.3 Embedded to 2.0-RC1 Embedded. Loader.conf was NOT blank, but the changes I had put in there... Braden McGrath
12:42 AM Bug #1319 (Closed): Memory Warning on 128MB
Because when you tell vsphere to give 128 MB RAM, it only gives 102 MB usable to the OS. ... Chris Buechler

03/02/2011

11:54 PM Bug #1319 (Closed): Memory Warning on 128MB
Hi,
I'm running the latest 2.0-RC1 (built on Wed Mar 2 17:47:38 EST 2011) on a vSphere 4 VM with exactly +128MB o... Jorge Fabregas
08:24 PM Bug #636: layer7 not work correctly
I am identical to Adam. Running 2.0-RC1 (i386) built on Wed Mar 2 12:33:12 EST 2011.
I have a L7 container for blo... Seth Scardefield
07:26 PM Bug #1318 (Resolved): Certificate error: certificate subject does not match signing request subject
Hi - I'm trying to apply a certificate from StartCom/Startssl.com to my PFSense 2.0-RC1 (amd64) -built on Wed Mar 2 ... Zinger daZinger
05:24 PM Revision 56f25370: Simplify is_macaddr regex.
Erik Fonnesbeck
05:08 PM Revision c5682801: Slight regex fix on is_macaddr - the previous regex was letting through a mac without : separators, leading to improper validation and potentially invalid dhcp configs. Seen here http://forum.pfsense.org/index.php/topic,33830.0.html
Jim Pingle
03:25 PM Bug #754: hifn driver and AES192 and 256
pfSense 2.0-RC1-nanoBSD (i386) built on Sat Feb 26 16:33:51 EST 2011
Running on Soekris net5501 with Hardware crypt... Alexander Norberg
02:09 PM Revision 199791f9: Show friendly names of interface for root queues of ALTQ.
Ermal LUÇI
01:57 PM Revision 93c1127f: Add GUI option to CARP settings for syncing certs. It was in the backend code but not the GUI. Fixes #1316
Jim Pingle
11:52 AM Revision e77ecd8e: Attempt to mitigate fork bombs of rc.newipsecdns. Alternatively we should probably bail out with a exit(0);
instead. Seth Mos
09:39 AM Revision e269b621: Merge remote branch 'upstream/master'
Seth Mos
09:14 AM Revision d161b4d4: Always write out the filterdns-ipsec.hosts file, otherwise deleted tunnels will never get removed from the
filterdns-ipsec.hosts Seth Mos
09:08 AM Bug #1317 (Resolved): Voucher database synchronization
I have 2 pfsense, one in the DMZ and one in LAN.
The LAN manages the vouchers,
on the page -> status_captivepor... Stefan baldus
09:00 AM Bug #1316 (Feedback): User certificates are not synced to backups via XMLRPC
Applied in changeset commit:"93c1127fd84ee4c7ced02dcdee39db3eb93612f1". Jim Pingle
08:14 AM Feature #1260: Allow other Backends for Remote Access ( SSL/TLS + User Auth )
Most likely you're looking at /etc/openvpn.inc and /usr/local/www/vpn_openvpn_server.php - and if you want to fixup t... Jim Pingle
08:08 AM Revision bb3c6562: Add the toggle to disable successful login messages, show actual help text for redirect item
Seth Mos
07:47 AM Revision 4fc3855f: Make it possible to turn off successful login messages, this should quiet the console, system logs
Seth Mos
07:21 AM Revision 829fa12e: Add a check that should prevent configuration of racoon with duplicate phase 1 IP entries.
Seth Mos
04:51 AM Revision baca83aa: Fix page title text. Replace "Firewall" with "Interfaces" in title.
Marcus Brown
12:25 AM Revision 539d5973: Remove custom code for checking ip_addr and use the pfsense provided one.
Ermal LUÇI
12:23 AM Revision cf46a14f: Do not be so drastic on normal failure.
Ermal LUÇI
12:21 AM Revision dcc897e5: Since its only called during bootup there is no need to do conditionals here. Always sync config and start the miniupnpd process.
Ermal LUÇI
12:18 AM Revision 88cbd62a: More fixes to comments and code for upnpd. Also bring up to speed the stop/start logic.
Ermal LUÇI
12:05 AM Revision 2816f43f: Improve logging and some tests during miniupnpd config generation.
Ermal LUÇI

03/01/2011

11:51 PM Revision b469b7fe: This is not true anymore as piece of code.
Ermal LUÇI
11:46 PM Revision 8df14984: Correctly get only the interface mac address rather than any other found mac on this interface.
Ermal LUÇI
11:40 PM Revision 05c4bfa0: Pass the -a parameters to pgrep to be certain we search ancestors as well. The side effects might be inoquos from the pfSense context.
Ermal LUÇI
06:18 PM Revision c8487604: Use the call to basename to remove the extension rather than trim, since trim takes a list of characters, not the exact string to remove. Suggested by http://forum.pfsense.org/index.php/topic,32967.0.html
Erik Fonnesbeck
06:03 PM Revision 8b19f4a7: This is not NAT, so put it under the Firewall Advanced heading instead.
Erik Fonnesbeck
05:19 PM Bug #1316: User certificates are not synced to backups via XMLRPC
Thanks, I searched a few times before submitting... hoping I didn't just miss something due to lack of sleep.
I ... Matt P
05:12 PM Bug #1316 (New): User certificates are not synced to backups via XMLRPC
I'll have to double check this tomorrow. I could swear I made a separate option for syncing certificates but I don't ... Jim Pingle
05:07 PM Bug #1316 (Feedback): User certificates are not synced to backups via XMLRPC
Certificates are synced if you have the option set on the CARP settings to sync them. User certificates are no differ... Jim Pingle
05:04 PM Bug #1316 (Resolved): User certificates are not synced to backups via XMLRPC
When firewalls A and B exist and A replicates settings to B through XMLRPC, user accounts on A are synced, as expecte... Matt P
03:50 PM Feature #1260: Allow other Backends for Remote Access ( SSL/TLS + User Auth )
Jim/Chris,
I plan on getting an important box updated to 2.0rc1 which requires secondary auth via ldap with SSL/TLS.... John Doe
02:57 PM pfSense Packages Bug #1315: ERROR 404 on packages area upper-left logo of psense.
/usr/local/www/fbegin.inc
@line 238
<div id="header-left"><a href="index.php" id="status-link"><img src="/themes... Albert Causing
02:52 PM pfSense Packages Bug #1315: ERROR 404 on packages area upper-left logo of psense.
reported by matrix3000 Albert Causing
02:49 PM pfSense Packages Bug #1315 (Closed): ERROR 404 on packages area upper-left logo of psense.
/usr/local/www/fbegin.inc
line
<div id="header-left"><a href="*index.php*" id="status-link"><img src="/themes/<?... Albert Causing
02:02 PM Bug #636: layer7 not work correctly
Still not working for me, Clear states and can still browse http. I only have one layer 7 container, and http is sele... Adam Piasecki
01:11 PM Revision 2936a57e: add subnet mask clarification for IPv6 and correct default count to 128 bits
Seth Mos
01:06 PM Revision e53de0b3: Merge remote branch 'upstream/master'
Seth Mos
10:16 AM pfSense Packages Bug #1314 (Resolved): Typo in snort package /s/viwed/viewed
Typo on the following page /snort/help_and_info.php
"viwed" is missing an "e" David Miller
10:09 AM Bug #1156: Upgrade from 1.2.3 to 2.0 with VMware tools installed will panic
Boot to single user mode, touch /conf/needs_package_sync, and then reboot. Jim Pingle
10:07 AM Bug #1156: Upgrade from 1.2.3 to 2.0 with VMware tools installed will panic
This is still an issue:
Install new VM from 1.2.3-Release LiveCD
Install Open VM Tools
Use automatic updater to ... Jon Gerdes
09:07 AM Bug #1313 (Rejected): 1:1 NAT missing /32 Option
Pierre is right. For /32, don't choose the Network option, use the Single Host option. Jim Pingle
08:51 AM Bug #1313: 1:1 NAT missing /32 Option
Hum... If you want to use a /32, use a "single host" for "type" field in the screen.
So I don't think this is a bu... Pierre POMES
08:44 AM Bug #1313 (Rejected): 1:1 NAT missing /32 Option
The 1:1 NAT configuration page firewall_nat_1to1_edit.php is missing the option for a /32 subnet to be assigned, the ... Nik Fox
03:26 AM Bug #1312 (Closed): NAT reflection/DNS Forwarder broken again
The RC1 i386- 20110226-1530 release has NAT reflection NOT working.
No matter if you enable or disable NAT reflect... Brian Jensen

02/28/2011

11:03 PM Bug #1137 (Resolved): Global reply-to disable checkbox missing from 2.0
confirmed works, thanks Chris Buechler
04:16 PM Bug #1137: Global reply-to disable checkbox missing from 2.0
*Feedback:* Fixed or Works-for-me
*Recommendation:* Close ticket or request details
*Findings:*
Running RC1 buil... Alex Kennedy
10:20 PM pfSense Packages Bug #1236: Anyterm package doesn't start after upgrade
Just upgraded to RC1, same issue. Alexandre Paradis
07:02 PM Revision 87ae1a2b: Fix page title.
Jim Pingle
06:28 PM Revision 6f5b2ff5: Merge remote branch 'upstream/master'
Scott Ullrich
05:25 PM Revision 566193a5: Only make gateway changes if we have been given a new gateway IP.
Jim Pingle
05:21 PM Revision d7b4e38f: Setup gateway monitoring since we just altered a gateway.
Jim Pingle
05:16 PM Revision e121bebd: Fix gateway handling in setup wizard.
Jim Pingle
04:42 PM Bug #636: layer7 not work correctly
Bump.
Does this ticket's status need to be changed to Feedback? Alex Kennedy
04:12 PM Revision 2d539f40: Only display gitsync settings on supported platforms.
Erik Fonnesbeck
03:53 PM Bug #1309 (Resolved): Firmware upgrade
thanks Chris Buechler
03:49 PM Bug #1309: Firmware upgrade
*Feedback:* Fixed.
*Recommendation:* Close ticket.
*Findings:*
Running RC1 build "Sat Feb 26 16:00:14 EST 2011" ... Alex Kennedy
03:53 PM Bug #1306: Load balancer user _relayd not created on upgrade
Alex Kennedy wrote:
> From /etc/pass line 20 after upgrade
Should Read:
> From */etc/passwd* line 20 after upgrade Alex Kennedy
03:33 PM Bug #1306 (Resolved): Load balancer user _relayd not created on upgrade
Thanks for the feedback! Jim Pingle
03:32 PM Bug #1306: Load balancer user _relayd not created on upgrade
*Feedback:* Fixed.
*Recommendation:* Close ticket.
*Findings:*
Upgrade from 1.2.3 to RC1 build "Sat Feb 26 16:00... Alex Kennedy
02:31 PM Bug #1311 (Closed): Cosmetic problem
Hello,
I found one "cosmetic" problem on the update page. Take a look at the pic.
Regards,
Bohosh bohosh bohosh

02/27/2011

09:21 PM Revision 4e0cb56e: Merge remote branch 'upstream/master'
Scott Ullrich
08:50 PM Revision cfaf6e69: Only show the you can monitor the filter reload process for filter related changes
Scott Ullrich
08:43 PM Revision 58b4b246: Flush the buffer
Scott Ullrich
11:33 AM Bug #1310 (Resolved): Check pakcage .inc files before including to avoid potential breakage
To prevent a broken package from causing even more breakage, we should probably do a check on the package .inc files ... Jim Pingle

02/26/2011

09:58 PM Bug #1097: Onload Javascript on Rules page of management GUI
I can confirm the onload javascript issue seems to be fixed when in Firefox (win32) on the following build;
2.0-BE... dasanco dasanco
07:20 PM Revision 4ed69f33: Do a more strict check on the return value of the download function. Fixes #1309
Jim Pingle
04:40 PM Revision 153e3cb5: Declare $g a global here.
Jim Pingle
04:34 PM Revision 73d885d7: Ensure the pkg staging area exists on nanobsd before trying to use it.
Jim Pingle
02:20 PM Bug #1309 (Feedback): Firmware upgrade
Applied in changeset commit:"4ed69f3394a336c2fe6c8fa81741e55036bd70b7". Jim Pingle
02:05 PM Bug #1309 (Resolved): Firmware upgrade
If a firmware upgrade is attempted through system_firmware_check.php, and the target url is unavailable, a non HTML f... Alex Vergilis

02/25/2011

10:14 PM Revision 0c4f8ca8: Merge remote branch 'upstream/master'
Scott Ullrich
05:45 PM Revision 17e7a243: missing $
Scott Ullrich
05:44 PM Revision da666ca8: missing $
Scott Ullrich
05:42 PM Revision a6f4ac66: misc whitespace cleanups
Scott Ullrich
04:37 PM Revision 0c13af6c: Give this another shot
Scott Ullrich
03:26 PM Revision ebcdcaaa: Fix admins group permission setting when upgrading from 1.2.3.
Jim Pingle
09:27 AM Revision bc75a430: Correct IPsec carp interface upgrade code, off by one
Seth Mos
08:03 AM Feature #1308 (Rejected): monitor IP on Gateway Groups
We have a unusual network scenario that uses failover. It used to work on pfSense 1.2.3, but now on 2.0 it isn't work... Vinícius Coque

02/24/2011

08:25 PM Feature #1307 (New): Request: Option To Resolve Addresses in State Table Summary
Would you please add a mechanism to resolve addresses listed in the state table summary? Perhaps a link next to each ... Steve Vigneau
06:51 PM Revision a09d8bfc: Use full path to pw
Jim Pingle
06:50 PM Revision 2aba8f77: Add missing _relayd group, and when upgrading from 1.2.3, add _relayd group and user.
Jim Pingle
06:20 PM Revision 072bc34c: Correct the test which displays an error if someone chose to save+test but doesn't have an ldap backend. Also, fix a typo.
Jim Pingle
03:51 PM Revision bcc85621: Fix find again... apparently -xdev is depreciated and tosses errors, replaced by -x
Jim Pingle
03:46 PM Revision 22beab88: Move this code up a bit and also use /root/tmp to fetch packages instead of /tmp so it won't fill up.
Jim Pingle
03:37 PM Revision 9011a843: If we're on nanobsd, pass -t to pkg_add to specify a different "staging area" path.
Jim Pingle
02:31 PM Bug #1306: Load balancer user _relayd not created on upgrade
Yes, new upgrades that happen on snapshots that include the commit I referenced will work fine. I changed the upgrade... Jim Pingle
02:24 PM Bug #1306: Load balancer user _relayd not created on upgrade
Yes adding the user does get the relayd service running. I wanted to open the bug so that the upgrade procsess can b... Roy Walker
01:53 PM Bug #1306 (Feedback): Load balancer user _relayd not created on upgrade
Should be fixed commit:2aba8f77a2c0de6690f973e331f130000d35c451
If you've already upgraded and you are missing the... Jim Pingle
01:09 PM Bug #1306 (Resolved): Load balancer user _relayd not created on upgrade
If upgrade from 1.2.3 to 2.0-Beta5 built on Fri Feb 18 06:31:46 EST 2011, the user _relayd which is needed for load b... Roy Walker
02:23 PM Revision 62958eae: Correct the vlan upgrade code to continue when we fixed up the interface
Seth Mos
02:17 PM Revision 583f4913: Correct the find command, pipe into xargs
Seth Mos
01:10 PM Revision 563b47bf: Make sure to resolve the gateway name before passing it off to the IPsec reload function
Seth Mos
01:10 PM Revision 3acab378: Correct variable name. This could never have deleted the static route for IPsec vpns on multi wan
Seth Mos
11:11 AM Bug #1051: radius support in racoon
I found the issue, next snap should be OK. Jim Pingle
11:10 AM Bug #1051: radius support in racoon
it's on amd64 Ravine Pick
11:03 AM Bug #1051: radius support in racoon
Need more info, i386 or amd64? Jim Pingle
11:01 AM Bug #1051: radius support in racoon
hello
I've just updated the system to build from Feb 23th 2011 and the issue reappeared. Ravine Pick

02/23/2011

07:09 PM Revision 003d1b3d: And one more place for PKG_TMPDIR... just in case.
Jim Pingle
07:07 PM Revision 633ef551: Set PKG_TMPDIR here too, to help nanobsd pkg installs.
Jim Pingle
05:49 PM Revision c99c1e4e: Allow queues on top of bridge. Though more investigation is needed on its correct meaning.
Ermal LUÇI
05:36 PM Revision 6c67a28d: Set PKG_TMPDIR for embedded/nano because it will fill up /var trying to download packages otherwise. (From sullrich)
Jim Pingle
05:14 PM Revision 0030036f: Don't forget to clear username field so it doesn't show up on next edit.
And if for some reason user enters a username, store it for them. Marcus Brown
05:06 PM Revision ec465066: Merge branch 'master' of rcs.pfsense.org:pfsense/mainline
Marcus Brown
05:05 PM Revision d9cc4b24: Try again, a little cleaner: Prevent GUI from giving error for freeDNS service since username and password
Marcus Brown
04:54 PM Revision 1f9d17ef: Revert "Prevent GUI from giving error for freeDNS service since username and password"
This reverts commit 740f745922549283e29d3d964c7a60266d7dbf0a.
This is a little ugly. Let's do it a little differently. Marcus Brown
03:05 PM Revision 62ce9874: Update "Last Tested" date for freeDNS in comments
Marcus Brown
03:00 PM Revision 740f7459: Prevent GUI from giving error for freeDNS service since username and password
aren't required.
Also add a note for freeDNS users to enter "Authentication Token"
in Hostname field. Zero out fake ... Marcus Brown
02:45 PM Revision 4aa58d46: Correct the config path to the vip array
Seth Mos
02:19 PM Revision 443f2e6e: Attempted fix that should convert the old carp[$i] naming to vip[$vhid]
Seth Mos
02:07 PM Revision 3d039701: Make sure we iterate by the vlan number lest we end up with a empty variable? Hopefully fix new vlan name not being assigned to interfaces section
Seth Mos
02:01 PM Revision 685a26fc: Correct the gateway group member name to the correct GW_". strtoupper($if) uppercase. This fixes outbound load balancer pools upgraded from 1.2.3
not working Seth Mos
01:55 PM Revision 219585da: Do not cross filesystem boundaries when removing files lest we empty Seth' USB stick
Seth Mos
01:13 PM Feature #1305 (Resolved): Queue Action should have its own symbol on the floating tab
On the firewall rule floating tab, where it shows the list of all the floating rules, the "Queue" action should have ... Joe Kelly
01:07 PM Bug #1304 (Resolved): Quick option ignored for "Queue" action rules on floating tab
Hi,
I'm running 2.0-BETA5 (i386) built on Wed Feb 23 00:12:28 EST 2011.
Today I put 2 rules on the floating ta... Joe Kelly
08:03 AM Revision a299232e: Merge remote branch 'upstream/master'
Conflicts:
etc/inc/filter.inc
etc/inc/vpn.inc Seth Mos
02:32 AM Revision b8778031: Add a check if the configuration of dhcpd exists for wan before unset, resolves #1303
Luiz Gustavo S. Costa

02/22/2011

10:31 PM Revision c54c9d15: Remove direction from traffic shaper generated rules now that the match action is present to correctly put packets on proper queues. Before it was not possible since this would have also open firewall ports/holes.
Ermal LUÇI
09:35 PM Bug #1303: Removal interface without setting of wan causes error unset
Applied in changeset commit:"b877803194700f75cb264e7343695acf971fa07e". Luiz Gustavo S. Costa
09:33 PM Bug #1303 (Feedback): Removal interface without setting of wan causes error unset
Luiz Gustavo S. Costa
09:26 PM Bug #1303 (Resolved): Removal interface without setting of wan causes error unset
When trying to remove an interface on the assignment of interfaces, when we rename the wan interface or the definitio... Luiz Gustavo S. Costa
07:29 PM Revision 2d1298ce: Reset this var before this test, otherwise if the test is skipped, it will carry over the value from the previous run.
Jim Pingle
07:29 PM Revision 8364184a: Don't consider a cert as in use by the GUI if it's in HTTP mode. Fixes #1171
Jim Pingle
07:27 PM Revision ac631bba: Move all functions from index.php for captiveportal.inc
Luiz Gustavo S. Costa
02:39 PM Bug #1156: Upgrade from 1.2.3 to 2.0 with VMware tools installed will panic
Probably the same issue now as #1251 - /tmp/post_upgrade_command.php is not executing when going from 1.2.3 to 2.0, s... Jim Pingle
02:36 PM Bug #1251: /tmp/post_upgrade_command.php is not executing when going from 1.2.3 to 2.0
This is really a base system problem and not a problem with this package. Jim Pingle
02:36 PM Bug #1251: /tmp/post_upgrade_command.php is not executing when going from 1.2.3 to 2.0
The real problem here is that /tmp/post_upgrade_command.php is not being run after the 1.2.3 to 2.0 upgrade completes... Jim Pingle
02:30 PM Bug #1171 (Feedback): Switching from HTTPS to HTTP does not mark certificate as unused
Applied in changeset commit:"8364184a866a6fb0f75b3368eb27f0c4fc3b4d7b". Jim Pingle
01:30 PM Revision f1beeba5: Add Global reply-to disable checkbox, resolves the issue #1137
Luiz Gustavo S. Costa
12:25 PM Revision 196440c8: reversal of accidentally deleted files
Revert "Add Global reply-to disable checkbox, resolves the issue #1137"
This reverts commit c646776871dacebcaa4225b0... Luiz Gustavo S. Costa
06:26 AM Bug #1302: fatal trap 12:page fault while in kernel mode
Thanks.
upgrade
Version 2.0-BETA5 (i386)
built on Mon Feb 21 23:20:11 EST 2011 Kostya Baranov
04:55 AM Bug #1302 (Resolved): fatal trap 12:page fault while in kernel mode
this is already fixed, upgrade. Chris Buechler
04:47 AM Bug #1302 (Resolved): fatal trap 12:page fault while in kernel mode
Version 2.0-BETA5 (i386)
built on Sun Feb 6 04:04:00 EST 2011
My config is:
Motherboard: 3Q IPX7A-ION/330, Int... Kostya Baranov
02:43 AM Revision c6467768: Add Global reply-to disable checkbox, resolves the issue #1137
Luiz Gustavo S. Costa

02/21/2011

11:22 PM pfSense Packages Bug #1301 (Closed): Squid package become unusable through time if we use large disk cache
This happens when we use the default path for the cache dir (/var/squid/cache).
The function squid_resync() calls ... Louis-David Perron
09:47 PM Bug #1137 (Feedback): Global reply-to disable checkbox missing from 2.0
Chris Buechler
09:45 PM Revision 95938fae: Fix typo/spacing issue. Resolves #1300
Jim Pingle
08:11 PM Bug #1298 (Closed): Captive portal Idle timeout and Hard timeout not working
works fine with your exact config too, diff RADIUS server and using the default portal pages, but those doesn't impac... Chris Buechler
03:53 PM Bug #1298: Captive portal Idle timeout and Hard timeout not working
My laptop was turned off for 4 hours. Still didn't timeout.
Here is the output from the config file. I removed the... Tyler Antonio
03:37 PM Bug #1298 (Feedback): Captive portal Idle timeout and Hard timeout not working
works for me. first a 5 minute hard timeout, second a 2 minute inactivity timeout. note you pretty much have to unplu... Chris Buechler
03:06 PM Bug #1298 (Closed): Captive portal Idle timeout and Hard timeout not working
Clients stay logged in even after being inactive for longer than the idle timeout and and aren't disconnected after t... Tyler Antonio
06:58 PM Bug #943 (Resolved): 2.0-BETA4 Dynamic DNS updates not working
Chris Buechler
06:56 PM Bug #943: 2.0-BETA4 Dynamic DNS updates not working
The only thing it's less stupid than is finding out that was the problem. I have no idea when or how that got checke... R B
06:42 PM Bug #1300 (Resolved): Typo in TCP flags section of advanced firewall settings
Chris Buechler
04:45 PM Bug #1300 (Feedback): Typo in TCP flags section of advanced firewall settings
Applied in changeset commit:"95938fae08add39dabf08fe0b15eaddec5fca7ee". Jim Pingle
04:32 PM Bug #1300 (Resolved): Typo in TCP flags section of advanced firewall settings
In firewall_rules_edit.php at the bottom of the TCP flags section of the Advanced Settings it currently says "Use thi... David Miller
06:23 PM Revision 4661598e: Add the diag_ipsec_xml.php page, this provides a XML interface to the
tunnel status built for a Coltex BV monitoring system Seth Mos
04:52 PM Feature #1299: update /etc/bogons
Please compare /etc/bogons in 1.2.3 LiveCD and http://files.pfsense.org/bogon-bn-nonagg.txt, massive difference. Woul... don mkumba
04:30 PM Feature #1299 (Rejected): update /etc/bogons
every release already has the latest, it updates at the completion of the setup wizard for new installs, and automati... Chris Buechler
04:24 PM Feature #1299 (Rejected): update /etc/bogons
This is follow-up from http://redmine.pfsense.org/issues/1297
Basically the default /etc/bogons is fairly out-of-dat... don mkumba
04:32 PM Bug #1097: Onload Javascript on Rules page of management GUI
Can you please confirm that this happens still on latest snapshots? Ermal Luçi
02:46 PM Revision 9e050072: Prevent empty remote endpoints from skewing the log output
Seth Mos
02:19 PM Revision a2a13c97: Trigger a VPN tunnel reload after configuring IPsec, it will handle all the hostname tunnels after boot finishes
Seth Mos
01:47 PM Revision c2d7074e: Resolves #1288. Add alc(4) to altq(4) supported list.
Ermal LUÇI
01:17 PM Revision df82fae1: Don't forget to include $g, otherwise the check will fail and still perform a DNS resolve
Seth Mos
12:45 PM Revision 33d5cb7a: Hold off on resolve_retry during boot. The rest of the IPsec config is already delayed during boot for tunnels with hostnames
Seth Mos
12:29 PM Revision 71e91e50: Add more safeguards and IP address checks
Seth Mos
11:47 AM Revision 621a459a: Do not resolve the hostname during boot, also make really sure we have a IP address here.
Seth Mos
11:30 AM Revision 41393f1e: Prevent a empty remote gateway IP from ending up in the config
Seth Mos
11:21 AM Revision 603b4346: Make sure to initialize the remote gateway IP variable so that it does not end up with a broken config
Seth Mos
09:53 AM Todo #1237 (Feedback): Restore patch for adding gif(4) to bridge(4)
This is committed to the repo. Ermal Luçi
09:42 AM Revision b85f2451: Correct indentation
Warren Baker
09:40 AM Revision 7c50552d: Make sure it is an array before foreach.
Warren Baker
07:51 AM Bug #1288 (Resolved): Single Wan multi Lan Traffic Shaper Wizard :: "You do not have 2 of local interfaces!"
Should be fixed on new snapshot.
The alc(4) driver was not on altq(4) supported interface list. Ermal Luçi
02:15 AM Revision 0e3e825c: log when CP is restarted. ticket #1278
Chris Buechler

02/20/2011

10:31 PM Revision 75bf4f14: fix default password display
Chris Buechler
09:26 PM Bug #812 (Resolved): RRD graph time axis not locked to latest times with higher average samples
Chris Buechler
09:25 PM Bug #816: USB Keyboard Detection - Boot Hangs
this is definitely hardware-specific as I have a ton of hardware that works fine with USB keyboards, and we aren't go... Chris Buechler
09:19 PM Bug #906 (Resolved): Orphaned rules from deleted interfaces are still present in config
this is ok as is since the original bug was fixed. for the few who may have orphaned rules, it's not a big enough dea... Chris Buechler
09:13 PM Bug #1278 (Resolved): log when captive portal restarts
committed, thanks Chris Buechler
08:34 PM Bug #1297: /etc/bogons out-of-date
ignore, all ok, /etc/crontab:
1 3 1 * * root /usr/bin/nice -n20 /etc/rc.update_bogo... don mkumba
08:34 PM Bug #1297: /etc/bogons out-of-date
yes it's updated automatically, yours is failing for some reason (lacking DNS is most commonly the reason). It isn't ... Chris Buechler
08:31 PM Bug #1297: /etc/bogons out-of-date
nothing wrong with dns, it's just this code, which causes the script to sleep, if run with no arguments:
# Sleep f... don mkumba
08:15 PM Bug #1297: /etc/bogons out-of-date
and it's fairly out-of-date, comparing to the current http://files.pfsense.org/bogon-bn-nonagg.txt
 don mkumba
08:06 PM Bug #1297 (Rejected): /etc/bogons out-of-date
not a bug. fix your DNS so it can update, and run "/etc/rc.update_bogons.sh now" so it doesn't sleep.
Chris Buechler
08:03 PM Bug #1297 (Rejected): /etc/bogons out-of-date
I'm running version 1.2.3, and have noticed my IP belonging 2.120.0.0/15 is being blocked as bogons. Digging around I... don mkumba
10:26 AM Bug #1296 (Resolved): SMART status not work, when hard drive controlller digit more than 9
Works now - http://forum.pfsense.org/index.php/topic,33481.0.html Jim Pingle
01:33 AM Bug #1296: SMART status not work, when hard drive controlller digit more than 9
Once you have a chance to update, please check if it really is fixed for you. I haven't gotten any feedback on the fo... Jim Pingle
01:30 AM Bug #1296: SMART status not work, when hard drive controlller digit more than 9
Excuse, I was late, couldn't check up as there was no access to hardware. Thank's ! Nikolai Pogoreltsev
01:18 AM Bug #1296 (Feedback): SMART status not work, when hard drive controlller digit more than 9
What snapshot are you on? I committed a fix for this a few days ago:
commit:3e8b3cccab55f02be654ba342ac9d0e02c719d78 Jim Pingle
01:14 AM Bug #1296 (Resolved): SMART status not work, when hard drive controlller digit more than 9
The bookmark diagnostic - smart status doesn't work when hard drive is connected to the controler with number more th... Nikolai Pogoreltsev

02/19/2011

08:54 PM Bug #1294: OpenVPN remote access (site-to-site) VPN Clients aren't listed
SSL/TLS Peer-to-Peer OpenVPN, so I'm guessing that's PKI. This is on the server side - the client side shows the conn... michael rudel
05:01 PM Bug #1294: OpenVPN remote access (site-to-site) VPN Clients aren't listed
Are you talking about shared key clients/servers, or site-to-site PKI clients? And when viewed from which side?
Op... Jim Pingle
04:05 PM Bug #1294 (Closed): OpenVPN remote access (site-to-site) VPN Clients aren't listed
Remote access / site-to-site VPN clients that are connected do NOT show up on the OpenVPN status page or the dashboar... michael rudel
04:09 PM Feature #1295 (Rejected): SSH binds to all available "Virtual IP" IP aliases
SSH, by default, in a pfSense installation, binds to all available "Virtual IP" IP aliases.
It would be nice to b... michael rudel
03:57 PM pfSense Packages Bug #1293 (Resolved): Imspector doesn't log anything on 2.0
Imspector doesn't seem to log anything on pfSense 2.0.. in fact, looking at the configuration files generated from th... michael rudel
12:23 PM Bug #1288: Single Wan multi Lan Traffic Shaper Wizard :: "You do not have 2 of local interfaces!"
Interesting/surprising update:
I reconfigured this box and tested it as a dual WAN single LAN setup and found that... brandon b

02/18/2011

08:52 PM Bug #1292: PPTP server with Radius breaks on upgrade from 1.2.3 to 2.0
After clearing the PPTP configuration from config.xml I was able to setup the PPTP server (so the page does work). H... Roy Walker
06:20 PM Bug #1292 (Resolved): PPTP server with Radius breaks on upgrade from 1.2.3 to 2.0
If upgrading from 1.2.3 to 2.0 (BETA5-02182011) and you have a PPTP server with Radius configured. It breaks the PPT... Roy Walker
04:33 PM Bug #1288: Single Wan multi Lan Traffic Shaper Wizard :: "You do not have 2 of local interfaces!"

[2.0-BEAT5][admin@pfSense.localdomain]/root(34): ifconfig
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> ... brandon b
09:59 AM Bug #1288: Single Wan multi Lan Traffic Shaper Wizard :: "You do not have 2 of local interfaces!"
Possibly your nic type does not support altq.
Can you do an ifconfig and paste the output here?
 Ermal Luçi
06:42 AM Revision c7d56176: fix log text
Chris Buechler

02/17/2011

07:45 PM Revision 94d455da: Enforce FreeBSD's max username length of 16 chars. http://forum.pfsense.org/index.php/topic,33410.0.html
Jim Pingle
05:54 PM Revision 70edf50d: Fix whitespace formatting.
Jim Pingle
05:35 PM Revision 98776e04: Allow sorting of DNS forwarder entries.
Jim Pingle
01:05 PM Bug #1284: Syslog does not work with CLOG disabled
Maybe I found the problem.
On system boot, it checks if disablesyslogclog tag exists on config.xml, then create re... Vinícius Coque
07:31 AM Feature #1225 (Closed): static port range and outbound rules source port range (only to be tested and integrated, already coded)
Jim Pingle
02:39 AM Feature #1225: static port range and outbound rules source port range (only to be tested and integrated, already coded)
I can't find how to close the task myself, so if someone could tell me how to (if I can!) or could close it... Martin Dupont
02:36 AM Feature #1225: static port range and outbound rules source port range (only to be tested and integrated, already coded)
This is rendered useless by support of port alias. No need to implement this anymore. Martin Dupont
04:07 AM Bug #1291 (Closed): Inner VPN Roadwarrior IPSEC in Tunnel VPN IPSEC not working with Firewall Scrub enabled
Running 2.0-BEAT5 (i386) built on Tue Feb 15 16:36:07 EST 2011.
WAN is an xl0 ethernet card, LAN is a sge0 ethernet ... Davide B
02:20 AM Bug #1290 (Closed): IPsec roadwarrior use case: Traffic from LAN does not hit established tunnel
Hello.
Remote Access IPsec client (Shrew) connecting to pfSense firewall terminating the IPsec connection does not... Tero Mononen
01:33 AM Bug #1289 (Resolved): IPsec mobile remote access (roadwarrior) responder (server) configuration
Hello.
IPsec mobile client configuration (Hybrid XAuth Server) does not put 'passive on' directive into racoon.con... Tero Mononen

02/16/2011

10:07 PM Bug #1221 (Resolved): igb driver mbuf allocation problems on multicore machines aka Could not setup receive structures
Chris Buechler
09:48 PM Bug #1221: igb driver mbuf allocation problems on multicore machines aka Could not setup receive structures
Been testing hw.igb.num_queues="4" for the last week and so far it seems to be working with no problems so far with H... R M
09:40 PM Revision 8e559859: Minor english fixes from Bill
Scott Ullrich
09:39 PM Revision ccca3418: Merge remote branch 'upstream/master'
Scott Ullrich
09:22 PM Revision 0aba3822: Add IPsec and OpenVPN to packet capture. Ticket #1032
Jim Pingle
09:16 PM Bug #1288: Single Wan multi Lan Traffic Shaper Wizard :: "You do not have 2 of local interfaces!"
Update to reference this forum thread where a similar (though single lan) issue appears to be affecting another test ... brandon b
09:12 PM Bug #1288 (Resolved): Single Wan multi Lan Traffic Shaper Wizard :: "You do not have 2 of local interfaces!"
My test box has 3 total interfaces, all of which are properly connected to physical interfaces and function on their ... brandon b
08:32 PM Revision 3395ba20: Fix wording
Jim Pingle
07:33 PM Bug #1287 (Closed): CARP VIP sync sends incorrect interface
OK. I'll close this out. Feel free to post on the forums to see if anyone else has hit any similar VLAN issues. Jim Pingle
06:46 PM Bug #1287: CARP VIP sync sends incorrect interface
Yep, that's the issue, thanks Jim. I'm still having some trouble with the VLAN(s) passing traffic after failing over ... Mike McLaughlin
06:18 PM Bug #1287 (Feedback): CARP VIP sync sends incorrect interface
Check your config.xml on both - for CARP sync to function correctly the interfaces must exist on both units and they ... Jim Pingle
06:10 PM Bug #1287 (Closed): CARP VIP sync sends incorrect interface
When the CARP VIPs are set to sync from Master to Backup under the CARP Settings it immediately adds new VIPs to the ... Mike McLaughlin
06:53 PM Revision a8f9f07e: Comment out the "config write on bootup" error. This is normal now with the package reinstall, and the known issues with it should be OK now. The error is just confusing people.
Jim Pingle
06:19 PM Revision a3bac4ce: Do not rely on php new foreach by reference and use the old method of chaning array members by using full path. This fixes nat 1:1 upgrades.
Ermal LUÇI
06:04 PM Revision ed187b41: Change this form to a POST instead of using GET with button inputs. For some reason using the GET method was causing things to be invoked twice, which led to two concurrent XMLRPC syncs, which can cause issues.
Jim Pingle
05:15 PM Revision 72377228: Add automatic rules to pass DHCP failover traffic if a failover peer is defined. See http://forum.pfsense.org/index.php/topic,32731.msg172839.html#msg172839
Jim Pingle
04:31 PM Revision 3e8b3ccc: Use a better regex here, sometimes ad devices can be numbered >=10.
Jim Pingle
03:53 PM Bug #943: 2.0-BETA4 Dynamic DNS updates not working
R B wrote:
> Unfortunately I disagree - still not seeing DDNS update on a clean install of the NanoBSD images as not... M Schweitzer
11:50 AM Bug #943: 2.0-BETA4 Dynamic DNS updates not working
Unfortunately I disagree - still not seeing DDNS update on a clean install of the NanoBSD images as noted in comment ... R B
02:45 PM pfSense Packages Bug #1084: nmap package libpcap errors
Reinstall the package again, it should be OK now. Jim Pingle
02:47 AM pfSense Packages Bug #1084: nmap package libpcap errors
This error is back in 2.0-RC1
/libexec/ld-elf.so.1: Shared object "libpcap.so.1" not found, required by "nmap"
... Ralf Wessling
01:07 PM Revision 2d816c13: silence the music.
Jim Pingle
08:11 AM Revision f698b262: Merge remote branch 'upstream/master'
Seth Mos
06:30 AM Feature #1286 (Closed): Captive Portal sends WAN IP instead of Mac or custom string in "called-station-id" RADIUS attribute
The Captive Portal is sending the WAN IP in the RADIUS "called-station-id" attribute.
It has been mentioned before i... Mark Dammer
03:48 AM Bug #1053: CBQ per se, in kernel
any update on this? Bipin Chandra
02:50 AM pfSense Packages Bug #1285 (Closed): NTOP error in 2.0 RC-1
I installed the nmap package and when I go to Diagnostics -> NMap, I'm redirected to the dashboard page. When I run n... Ralf Wessling

02/15/2011

10:59 PM Revision b807a161: Break on 'You can also monitor the reload progress' instead of letting it wrap into a newline.
Scott Ullrich
08:16 PM Revision c10dbf92: Add snort2c table back in for now.
Jim Pingle
04:03 PM Revision efe8fa78: Pass $notices to print_notices(), since it requires a parameter.
Jim Pingle
12:03 PM Bug #1284 (Resolved): Syslog does not work with CLOG disabled
I put the tag disablesyslogclog on my config.xml to disable clog, since I have free disk space and want to keep all l... Vinícius Coque
10:15 AM Bug #1280 (Resolved): DHCP range validation is wrong then adding static mapping
Jim Pingle
10:02 AM Bug #1280: DHCP range validation is wrong then adding static mapping
Sorry, verified with 2.0-RC1 (i386) built on Mon Feb 14 03:24:30 EST 2011 rancor rancor
10:01 AM Bug #1280: DHCP range validation is wrong then adding static mapping
This issue has been solved.
My DHCP range is 192.168.10.10 to 192.168.10.199
Static mapping to:
192.168.10.9 -... rancor rancor
08:40 AM Bug #754: hifn driver and AES192 and 256
I did the test with and without glxsb activated. There was no difference in the results.
Could it be that the hifn... A B
07:42 AM Bug #754: hifn driver and AES192 and 256
F S wrote:
> Test System: alix 2d2 + vpn1411 card.
> Beta Version: pfSense-2.0-RC1-4g-i386-20110214-0324
>
> see... Jim Pingle
03:20 AM Bug #754: hifn driver and AES192 and 256
Test System: alix 2d2 + vpn1411 card.
Beta Version: pfSense-2.0-RC1-4g-i386-20110214-0324
seems like the vpn card... F S
02:18 AM Bug #943: 2.0-BETA4 Dynamic DNS updates not working
I think this can be closed now...
I've been testing it for about Two weeks and it works fine. M Schweitzer

02/14/2011

09:57 PM Revision ee21b736: Adding support for snortsam from Robert Z
Scott Ullrich
09:27 PM Revision bd40781a: add a ipprotocol variable to the easy add rules
Seth Mos
07:04 PM Bug #1283 (Resolved): Wording in script for configuring interfaces
In pfSense-2.0-beta5-20110210 there are a few sentences in the script for initially configuring interfaces that are w... Vaughan Chandler
03:08 PM Revision ad67f6af: Back to beta5
Scott Ullrich
02:15 PM Bug #1282: Default drop policy should log?
I do not agree and I do have logging on by default on block
I have 3 interfaces, WAN, LAN and DMZ
I added one ... rancor rancor
01:08 PM Bug #1282 (Rejected): Default drop policy should log?
It already does log:... Jim Pingle
01:05 PM Bug #1282 (Rejected): Default drop policy should log?
I have spent hours of debug different network configurations and VPN configurations (IPsec and OpenVPN) just to find ... rancor rancor
11:09 AM Bug #1281 (Closed): "Easy Rule: Pass this traffic" applies to phy. device and not VLAN device with name LAN
Ideally you shouldn't have the parent interface of VLANs assigned. If you use VLANs on a physical interface, anything... Jim Pingle
10:05 AM Bug #1281 (Closed): "Easy Rule: Pass this traffic" applies to phy. device and not VLAN device with name LAN
I setup a alix 2d2 box for some pfSense 2.0RC1 tests. Used image is pfSense-2.0-RC1-4g-i386-20110214-0324-nanobsd-upg... A B
09:36 AM Bug #754: hifn driver and AES192 and 256
I did a test with my alix 2d2 box and a vpn1411 card.
Here are the results with the fresh updated image (pfSense-2... A B
06:27 AM Bug #475: L2TP is not functional in the way users will expect
Another helpful link
http://kuapp.com/2010/07/14/how-to-setup-l2tpipsec-vpn-on-freebsd.html Ermal Luçi
12:19 AM Revision 49e4ebf8: Fix start/end test for an IP in DHCP pool. Resolves #1280
Jim Pingle

02/13/2011

09:54 PM Revision b5993a02: Fix update check fix. Skipped a parameter.
Jim Pingle
08:21 PM Bug #836 (Resolved): Captive portal logout popup windows doesn't disconnect the user
thanks. I also confirmed this a few days ago Chris Buechler
08:10 PM Bug #836: Captive portal logout popup windows doesn't disconnect the user
Ermal Luçi wrote:
> Patch committed please test.
I can verify pfSense 2.0 beta 5
When I first start to surf fr... rancor rancor
07:20 PM Bug #1280 (Feedback): DHCP range validation is wrong then adding static mapping
Applied in changeset commit:"49e4ebf8348d32e0ecc2dc7f9dc9d1d113c765ca". Jim Pingle
07:15 PM Bug #1280 (Resolved): DHCP range validation is wrong then adding static mapping
I'm using pfSense 2.0 beta5
DHCP range is 192.168.10.10 to 192.168.10.200
Static mapping to:
IP 192.168.10.201... rancor rancor
06:11 PM Revision a42e5d25: Get ready for tomorrow.
Scott Ullrich
04:37 PM Revision 4c37209a: Suppress curl errors (if we get a 404 it tosses its own error if there is no response body, just a 404 code.)
Jim Pingle
04:27 PM Revision ca640261: Add alias support for source and destination ports on outbound NAT.
Erik Fonnesbeck
04:14 PM Revision d164643a: Make update check a little more robust. Timeout after a few seconds, and if we get a non-200 http code, ignore the response.
Jim Pingle
03:08 PM Revision b43b7613: Check for aliases in 1:1 and outbound NAT rules, too.
Erik Fonnesbeck
02:44 PM Revision 43f2eca7: Use autocomplete='off' like all other fields that accept aliases, to prevent web browser auto-complete from covering up the alias list popup.
Erik Fonnesbeck
02:25 PM Revision c769f983: Simply code for determining whether an alias is currently in use.
Erik Fonnesbeck
01:44 PM Revision f1ac1733: In update_alias_names_upon_change function add capability to access more deeply nested sections and fields.
Erik Fonnesbeck
12:38 PM Revision b0aa7413: Use alias style and add AutoSuggestControl for source and destination address fields.
Erik Fonnesbeck
08:15 AM Revision 97bc0bcc: The doubled "$rule = array();" lines are probably a copy/paste error. Probably meant to paste the line that sets the rule type to the match action like the rest of what was added in the affected commit.
Erik Fonnesbeck

02/12/2011

09:07 PM Revision bd259571: Correctly verify the input on bandwith at voip step for traffic shaper wizards. Reported-by: http://forum.pfsense.org/index.php/topic,32833.0.html
Ermal LUÇI
06:34 PM Revision bd2b98c9: Remove any previous file with the same name as the one that will be downloaded. This avoid the gui to always show update availble even though the site could not be reached.
Ermal LUÇI
06:33 PM Revision 5ee6a457: Remove any previous file with the same name as the one that will be downloaded. This avoid the gui to always show update availble even though the site could not be reached.
Ermal LUÇI
06:31 AM Revision ac5eb23b: Catch up
Scott Ullrich

02/11/2011

05:32 PM Revision b3205cc3: Convert the shapers to the match action so the generated rules do not impact the filtering policy implemented.
Ermal LUÇI
05:26 PM Revision a391d0ab: Allow match action on Floating rules and exposed it with name Queue. More validation is needed.
Ermal LUÇI
05:18 PM Revision a39c7dae: Allow action match to be passed down to pf.
Ermal LUÇI
05:14 PM Bug #754 (Feedback): hifn driver and AES192 and 256
This has been committed to repo.
Please test. Ermal Luçi
11:40 AM Revision b8452906: BP: fix syntax error on gettext implementation
Vinicius Coque
08:55 AM Bug #1279 (Resolved): Filesystem on NanoBSD is left read/write at first bootup after package reinstallation
It should be read only by the end of the boot process, but it doesn't seem to be making that change when packages wer... Jim Pingle
08:28 AM Bug #1278 (Resolved): log when captive portal restarts
Hi,
When captive portal is reconfigured, it restarts and disconnects all clients. We have a message on the service... Thomas NOEL
08:28 AM Revision d6109468: Delay resolving dynamic DNS tunnels during boot
Seth Mos
08:14 AM Bug #1121: wireless interface antenna settings not applied at boot
/tmp/ath0_wlan0_setup.sh has the below
/sbin/sysctl dev.ath.0.diversity='0'
/sbin/sysctl dev.ath.0.txantenna='1'
... Bipin Chandra
08:13 AM Revision 1d564143: Merge remote branch 'upstream/master'
Seth Mos
08:09 AM Revision 07dfd121: Add a IPv6 enable option in the mpd5 config
Seth Mos
07:33 AM Bug #769 (Resolved): OpenVPN interface assignment on upgrade
Ermal Luçi
07:31 AM Bug #1276 (Closed): Packet capture for wireshark desn't work
If it does not work and you want the max length please put a 0 in there instead of 65k. Ermal Luçi
05:08 AM Bug #1276 (Closed): Packet capture for wireshark desn't work
When the packet size is set to 65535, the form reset the value and the import in wireshark doesn't work. Xavier MORTELETTE
07:25 AM Bug #906: Orphaned rules from deleted interfaces are still present in config
This was a bug which is fixed.
There is no magic autofix for this rather than telling people to clean their config.
... Ermal Luçi
07:25 AM Revision d0399410: Do not resolve the dyndns hostnames during boot. With many tunnels that have a hostname this can
cause huge boot issues if the DNS server is slow or not responding at all. By skipping those but
adding them to the D... Seth Mos
07:22 AM Bug #475: L2TP is not functional in the way users will expect
This cannot be achived in 2.0 timeframe. Ermal Luçi
07:22 AM Bug #1224 (Resolved): Changing Aliasnames for Ports are not reflected in Rules
Ermal Luçi
07:21 AM Bug #1207 (Resolved): Renaming a limiter creates new limiter
Ermal Luçi
07:20 AM Bug #1208 (Closed): Limiters don't work on non-quick rules
This is more a confusion between what a non-quick rule can match or not rather than it does not work.
Its not a bug ... Ermal Luçi
05:16 AM Bug #1277 (Resolved): Rip propagation
When the rip is activate, and set to Ripv2 with password, all interface broadcast a RIPv1 response. Xavier MORTELETTE
04:19 AM Bug #1273 (Resolved): bugs if pfs_version_compare
Ermal Luçi
01:10 AM Revision 554d3bc2: fix text
Chris Buechler

02/10/2011

11:58 PM pfSense Packages Bug #585: Unable to start the ntop service
I hate being an utter n00b, but how does one attempt to install the various missing packages? I would love to get n... Joshua Schmidlkofer
09:52 PM Bug #1275: Web management GUI; "Help" menu wraps around, and blocks access to "System" menu.
That's true of all browsers, you'll have to use one of the alternate themes that lists the menus down the left side o... Chris Buechler
09:49 PM Bug #1275 (Closed): Web management GUI; "Help" menu wraps around, and blocks access to "System" menu.
See attached screenshot.
I have my web browser set up to use a slightly larger font size, due to limited eyesight.... Anonymous
09:36 PM Revision e35d6cda: There is no need to call the script to reconfigure CP here. Even more when it breaks all kind of things.
Ermal LUÇI
09:11 PM Bug #1256 (Resolved): DPD does not work in ipsec-tools 0.7.3
confirmed fixed in latest snapshots.
Chris Buechler
04:16 PM Revision 8c5df705: Also fix easyrule and auto->manual nat switch code. Ticket #1243
Jim Pingle
03:58 PM Revision 93c2c1e6: Generalize pppoe server enabled check and use it elsewhere in the GUI that needed fixed. Still needs changes in filter.inc - Ticket #1243
Jim Pingle
03:08 PM Revision 2c1b25d6: Merge remote branch 'upstream/master'
Seth Mos
03:05 PM Revision 9103d9ee: Fix static routes, typo in the variable name
Seth Mos
02:44 PM Revision 0fc6be3f: Allow autocomplete on login form (Fixes saving password on Firefox and Chrome)
Jim Pingle
02:04 PM Revision b6a1d960: Add the 1.2.3 dashboard package's /usr/local/www/filter_log.inc to the obsoleted files list. (It's in /etc/inc/ now)
Jim Pingle
01:34 PM Revision bda131b2: Fix a date compare bug, resolves #1273
Jim Pingle
12:19 PM Bug #1271: My VPN (openvpn + Ldap) still broken
Tradução do português para inglês
But with this bug but
includes the export script on the client side command po... Joaquim Soares Soares
11:21 AM Bug #1243: GUI/Backend code needs updated after multi-PPPoE-server code switch
Ermal said he'd have a look at the filter.inc part when he gets a chance. Every other reference to the old style conf... Jim Pingle
11:00 AM Bug #1243 (New): GUI/Backend code needs updated after multi-PPPoE-server code switch
I fixed the places in the GUI that you saw (in a more general way) but the filter.inc changes need more care. What yo... Jim Pingle
11:20 AM Bug #1208: Limiters don't work on non-quick rules
Well it depends. If they match the rule than they work otherwise they don't.
I think i should teach the match rules e... Ermal Luçi
10:18 AM Revision 6715c2a2: Fix the IP address check to allow for interfaces that just have a IPv6 address but no IPv4
Seth Mos
08:35 AM Bug #1273 (Feedback): bugs if pfs_version_compare
Applied in changeset commit:"bda131b275f0761f15533da8dc633a4c0a452bf2". Jim Pingle
08:33 AM Bug #1273: bugs if pfs_version_compare
Committed, thanks! Jim Pingle
08:21 AM Bug #1273 (Resolved): bugs if pfs_version_compare
There are two bugs in functions which compare pfSense versions.
It doesn't work when update version is older than th... Thomas NOEL
07:15 AM Bug #1154: Kernel panic after connecting to OpenVPN
Peter Overtoom wrote:
> I don't know when it's supposed to be fixed but when trying yesterday on a fresh 1.2.3 insta... Jim Pingle
05:26 AM Bug #1154: Kernel panic after connecting to OpenVPN
I don't know when it's supposed to be fixed but when trying yesterday on a fresh 1.2.3 install with openvm tools, I s... Peter O
04:12 AM Bug #1154 (Closed): Kernel panic after connecting to OpenVPN
This is cause from mbuf tag patch and for 2.0 this is fixed.
I will close it since it is not anymore relevant. Ermal Luçi
05:56 AM Bug #1221 (Feedback): igb driver mbuf allocation problems on multicore machines aka Could not setup receive structures
This is a tunable that can be recommended as a workaround or ship by default!
hw.igb.num_queues Ermal Luçi

02/09/2011

11:05 PM pfSense Packages Bug #1272 (Closed): AXFR Zone transfers not working in v2 Beta5
This bug seems to have been previously cleared (refer bug issue 119) however as of 10 Feb, it's present when using pf... Peter Atkinson
10:06 PM Revision 30ef6f8d: Allow renaming even shaper queues as an improvement.
Ermal LUÇI
09:52 PM Revision 50124de1: Check if this is an array first, just in case.
Jim Pingle
09:41 PM Revision 1cbe86f0: Fixes #1207. Allow renaming a limiter. Also prevent a limiter to be deleted if it is referenced in filter rules.
Ermal LUÇI
09:11 PM Revision dabcf28c: Turn off file size check
Scott Ullrich
08:33 PM Revision 652ed95d: Merge remote branch 'upstream/master'
Scott Ullrich
07:13 PM Revision c90ba62d: Fix an issue with dhcp parameters not specifying a defaultgw and the dhcp is the only interface with gateway as a result the box is left wihtout a default gw. Some sporadic reports have been done on this.
Ermal LUÇI
04:40 PM Bug #1207 (Feedback): Renaming a limiter creates new limiter
Applied in changeset commit:"1cbe86f032a6dc1480c5b62d1d9a641a29105bac". Ermal Luçi
04:11 PM Bug #1271 (Rejected): My VPN (openvpn + Ldap) still broken
Please use the forum for support. This isn't a valid bug.
Our OpenVPN doesn't talk to LDAP directly, it uses a scr... Jim Pingle
03:45 PM Bug #1271 (Rejected): My VPN (openvpn + Ldap) still broken
My VPN (openvpn + Ldap) still broken
I noticed you did not install the operating openvpn-auth-ldap ??? !!!!
I th... Joaquim Soares Soares
03:41 PM Revision 8b0041e0: Fix typo in the subnetmask for the unblockable icmp types. This makes the all-routers work again
Seth Mos
02:16 PM Bug #757 (Resolved): PPPoE Disconnect button with multiple PPPoE interfaces
Chris Buechler
08:46 AM Bug #757: PPPoE Disconnect button with multiple PPPoE interfaces
I am able to use the disconnect button to stop PPPOE sessions from the Interfaces screen. Thanks. Pho Bia
11:00 AM Bug #1270 (Resolved): bug with captive portal widget
Hi,
Small but annoying bug with the captive portal *widget*.
If I click on the "disconnect" button, the user is... Thomas NOEL
07:36 AM Bug #1266: now my VPN is broken
Okay, but passtos, was included in the pfsense configuration file client [pfSense-udp-1194-config.ovpn]
If I remov... Joaquim Soares Soares
01:30 AM Bug #1266 (Rejected): now my VPN is broken
you can't use passtos with Windows hosts, not a bug.
Chris Buechler

02/08/2011

10:28 PM Revision 36d6af43: Resolves #1224. Correctly change name on port alias in firewall rules if the alias name changes.
Ermal LUÇI
05:32 PM Bug #846: if_bridge triggers link state cycling on em(4)
I will close this if no more input comes.
This is only related to how if_bridge works, while it is questionable why ... Ermal Luçi
05:30 PM Bug #1224 (Feedback): Changing Aliasnames for Ports are not reflected in Rules
Applied in changeset commit:"36d6af4399089ea910befb6e5b29b894ae4c50cd". Ermal Luçi
05:16 PM Bug #1265 (Resolved): config.console asks for WAN & LAN but displays LAN & WAN
Ermal Luçi
09:15 AM Bug #1265 (Feedback): config.console asks for WAN & LAN but displays LAN & WAN
Applied in changeset commit:"9552450897319ab9e8810bd1a487d2936122c2d3". Ermal Luçi
09:14 AM Bug #1265: config.console asks for WAN & LAN but displays LAN & WAN
Committed thx. Ermal Luçi
08:44 AM Bug #1265 (Resolved): config.console asks for WAN & LAN but displays LAN & WAN
Very small bug, but, hey... we want a perfect system, aren't we ? :)
On the very first configuration (first boot o... Thomas NOEL
05:15 PM Bug #1263 (Resolved): "Alternate Update URL" is not used on system information widget
Ermal Luçi
09:20 AM Bug #1263 (Feedback): "Alternate Update URL" is not used on system information widget
Applied in changeset commit:"c3606a3b47230707d1a793ead4837822a183d392". Ermal Luçi
09:19 AM Bug #1263: "Alternate Update URL" is not used on system information widget
Committed thx. Ermal Luçi
08:36 AM Bug #1263 (Resolved): "Alternate Update URL" is not used on system information widget
"Alternate Update URL" is not used on system information widget. The widget always use http://snapshot.pfsense...
... Thomas NOEL
05:15 PM Bug #1264 (Resolved): httpsname is forgotten on services/captiveportal config
Ermal Luçi
09:20 AM Bug #1264 (Feedback): httpsname is forgotten on services/captiveportal config
Applied in changeset commit:"8f29b8923411e3d4a1cbec520c385c6dad91490a". Ermal Luçi
09:16 AM Bug #1264: httpsname is forgotten on services/captiveportal config
Committed thx. Ermal Luçi
08:39 AM Bug #1264 (Resolved): httpsname is forgotten on services/captiveportal config
httpsname is forgotten on the services/captiveportal config page.
Here is a patch... Thomas NOEL
03:51 PM Revision a120c194: BP: Fix gettext implementation
Vinicius Coque
03:18 PM Revision aa0103f5: Disable the wins server input boxes, these don't work on v6
Seth Mos
02:31 PM Feature #1257 (New): Handle encypted CA/Certificate private keys
Not sure if this will make 2.0 or not. It may have to wait for 2.1 at this point, it may end up a documented limitati... Jim Pingle
01:49 PM Feature #1257: Handle encypted CA/Certificate private keys
One more clarification...
I just checked and see that the private key is encrypted, so cert signing must fail since ... Brad Langhorst
01:38 PM Feature #1257: Handle encypted CA/Certificate private keys
When you imported the CA, did you import both the cert and private key of the CA?
All of the certificates are made... Jim Pingle
01:35 PM Feature #1257: Handle encypted CA/Certificate private keys
Seems to be related to importing of a certificate authority.
To isolate a bit... I created an internal certificate... Brad Langhorst
02:20 PM Revision c3606a3b: Resolves #1263. Use correct config toggle for detecting alternate url for firmware.
Ermal LUÇI
02:18 PM Revision 8f29b892: Resolves #1264. Read even the httpsname option from config so it displays correctly.
Ermal LUÇI
02:15 PM Revision 95524508: Resolves #1265. Show the interfaces in the same order requested during assignment on console.
Ermal LUÇI
02:15 PM Feature #1269 (Closed): define a default end date for for new certs by CA
This would make it easier to set up all certificates to expire on a specific day (thus simplifying the admin burden o... Brad Langhorst
02:12 PM Feature #1268 (New): Allow mass renewing of certs
Im thinking of a UI that would allow checking off of all the certs to renew.
filtering by expiration date would ma... Brad Langhorst
02:08 PM Feature #1267 (Resolved): Show certificate expiration dates in UI
would be handy to see when the certs will expire. Brad Langhorst
01:46 PM Bug #1266 (Rejected): now my VPN is broken
----------------------
Using My Cert My client
----------------
** Log in client
Tue Feb 08 11:56:58 2011 ... Joaquim Soares Soares
09:19 AM Bug #1248 (Resolved): CARP failover isn't happening as a group (preemption)
It was just a misconfiguration. Ermal Luçi
05:40 AM Revision 45666137: fix text (remove entirely, comment is related to an open feature request). ticket #1262
Chris Buechler
05:11 AM Bug #1177: Passive FTP
Been running recent builds on i386 and
no problems so far.
Thank You for your Work. Martin Klein
12:28 AM Bug #1177: Passive FTP
No problems for the last several builds. Thank you! Lee Thornhill
03:18 AM Revision 8e572710: Increase a bit
Scott Ullrich
03:17 AM Revision 2988636c: Limit file sizes to roughly 143k
Scott Ullrich
03:16 AM Revision 85c3229a: Limit file sizes to roughly 143k
Scott Ullrich
02:52 AM Revision 9b700cf2: Global g
Scott Ullrich
02:52 AM Revision 4b665f74: Adding crashreporterurl for rebrands
Scott Ullrich
02:44 AM Revision f75a4575: s/er//
Scott Ullrich
02:44 AM Revision c26c01d7: Spell out more clearly
Scott Ullrich
02:37 AM Revision 36365f49: Add a global g option named disablecrashreporter which defaults to false for rebrands
Scott Ullrich
02:08 AM Revision d440e668: fix text
Chris Buechler
12:44 AM pfSense Packages Bug #1218: Freeradius package does not start when i do reboot
I am running the FEB 7th Beta5 build. Free radius starts, and the services page confirms this. However, it seems that... Brian G
12:38 AM Todo #1262 (Resolved): Typo in ifup script
fixed, thanks Chris Buechler

02/07/2011

10:57 PM Todo #1262 (Resolved): Typo in ifup script
/usr/local/sbin/ovpn-linkup
# write nameservers to file needs dns fidnings?!
... John Doe
10:47 PM Feature #1260: Allow other Backends for Remote Access ( SSL/TLS + User Auth )
We were really overthinking it, it can be as simple as forcing individual certificates to be created. It doesn't have... Chris Buechler
07:00 PM Feature #1260: Allow other Backends for Remote Access ( SSL/TLS + User Auth )
Ok, I understand but that's a bit pedantic as this is how it is in every other installation outside of pfSense. My vo... John Doe
06:49 PM Feature #1260: Allow other Backends for Remote Access ( SSL/TLS + User Auth )
It's currently done that way because only with Local auth can you manage both the users and the certificates easily i... Jim Pingle
06:41 PM Feature #1260 (Resolved): Allow other Backends for Remote Access ( SSL/TLS + User Auth )
Currently in 2.0 BETA5, only the local user db is allowed for use in a Remote Access ( SSL/TLS + User Auth ) template... John Doe
10:32 PM Revision 63526c2c: Note that we are deleting the local crash reports
Scott Ullrich
10:19 PM Revision e8aef0ec: minicron is now used on a number of items in the gui. tell the cp prune process to use the pid name cp-prunedb.pid
Scott Ullrich
10:12 PM Revision aa69dbd2: Do not launch multiple copies of the captive portal database pruner.
Scott Ullrich
08:00 PM Bug #1261 (Rejected): OpenVPN Requires Unique Local Ports regardless of Interface
duplicate of #814 Chris Buechler
07:50 PM Bug #1261 (Rejected): OpenVPN Requires Unique Local Ports regardless of Interface
The OpenVPN GUI permits the creation of multiple tunnels, but requires that each have a unique local port. As far as... Joshua Schmidlkofer
05:42 PM Revision 166c7354: Echo out server response
Scott Ullrich
04:40 PM Bug #1259 (Rejected): This OpenVPN Broken? ????
works fine, post to the forum. Chris Buechler
04:40 PM Bug #1259 (Rejected): This OpenVPN Broken? ????
Use Wizard in openvpn, and exported the OpenVPN Client
BUT
Open Vpn does not work
This OpenVPN Broken? ???? Joaquim Soares Soares
03:43 PM Revision 90716b8c: Merge remote branch 'upstream/master'
Scott Ullrich
03:39 PM Revision 4a1ab618: Ask the person to actually read the page before clicking yes
Scott Ullrich
03:28 PM Revision 4cd81611: Fix check to ignore minfree (and the rest of $skip_files)
Jim Pingle
03:25 PM Bug #1254: IPsec dynamic tunnels don't reload correctly
Joe - the second issue you noticed requires DPD to function, see my post on the 2.0 board on the forum re: ipsec-tool... Chris Buechler
01:35 PM Bug #1254: IPsec dynamic tunnels don't reload correctly
If this is the same issue as the one discussed in the forum thread "VPN IPsec Remote gateway using DDNS doesn't updat... Joe Kelly
10:59 AM Todo #595: Test IPsec with NAT
Here my test case for qualifying pfSense for VPN and NAT.
Hope It'll help before pfSense 2.1.
(works great under Xe... Fabien Allaine
09:32 AM pfSense Packages Feature #105: SquidGuard: Add progress bar for blacklist fetch with cancel/resume button
> A progress bar for fetching the blacklist file is needed in the SquidGuard package.
Exists.
>I noticed that wh... Serg Dvoriancev
09:06 AM Feature #1257 (Rejected): Handle encypted CA/Certificate private keys
I can't replicate this - I can make certificates several different ways on current snapshots and they are complete in... Jim Pingle
07:34 AM Revision 2f14d021: Make it possible to set the default gateway bit for 1 ipv4 gateway and 1 ipv6 gateway
Seth Mos
07:23 AM Revision 7f00afac: Remove the icmp6 ping requests from the mandatory allow rulE
Seth Mos
04:43 AM Revision 104faa07: Move routine under includes. Simplify the file skip check
Scott Ullrich
04:40 AM Revision ee3f28cc: s/We have/product name has/
Scott Ullrich
04:32 AM Revision 4261af1d: Include newlines
Scott Ullrich
04:29 AM Revision e0a7f441: Include filename of files in report
Scott Ullrich

02/06/2011

11:31 PM Revision 5cb07d09: Fix typo
Scott Ullrich
11:06 PM Revision 8c5d112a: Not that we are deleting files
Scott Ullrich
10:47 PM Revision ee8ae159: Add link to kernel crash info on wikipedia for those who are not familiar with a panic
Scott Ullrich
10:45 PM Revision 9b091133: Make textarea read only
Scott Ullrich
10:42 PM Revision ffb9c06d: Include anonymous machine information in bug report including:
Crash report begins. Anonymous machine information:
i386
8.1-RELEASE-p2
FreeBSD 8.1-RELEASE-p2 #1: Sun Feb 6 05:07... Scott Ullrich
10:18 PM Revision 217e9af7: Merge remote branch 'upstream/master'
Scott Ullrich
10:16 PM Revision b9439789: Simplify message for crash reports
Scott Ullrich
10:16 PM Revision e143e829: Simplify message for crash reports
Scott Ullrich
09:35 PM Revision 7139a9bf: Merge remote branch 'upstream/master'
Scott Ullrich
09:34 PM Revision fca795f8: Set a savemsg when a crash report exists and show across top instead of redirecting
Scott Ullrich
09:32 PM Revision 56f024e8: Add <br/> between ipv6 and ipv4 blocks
Scott Ullrich
09:31 PM Revision 1bea00f9: Merge remote branch 'upstream/master'
Scott Ullrich
09:03 PM Revision f0e9bdfb: Ignore minfree file
Scott Ullrich
08:03 PM Revision b32ccfce: Merge remote branch 'upstream/master'
Seth Mos
07:44 PM Revision 998930ab: fix url for jumpto
Scott Ullrich
07:40 PM Revision f5208bf2: If product name == pfSense show a link to redmine / bug database
Scott Ullrich
07:24 PM Revision 4f09471c: Crash reporter is now working.
Scott Ullrich
06:51 PM Revision 3a6cda80: Correctly detect amount of files in /var/crash
Scott Ullrich
06:41 PM Revision 52cdb50b: Set textarea size
Scott Ullrich
06:11 PM Revision 812ed2bb: Redirect to crash reporter if a crash exists for processing. The crash reporter will either upload the data per the operators consent and or delete the data afterwards and redirect back.
Scott Ullrich
06:11 PM Revision 49c8f964: gettext()
Scott Ullrich
05:13 PM Bug #1154: Kernel panic after connecting to OpenVPN
It's probably one that ermal fixed a few weeks ago. Several people hit it on the forums and they are no longer able t... Jim Pingle
05:12 PM Bug #1154: Kernel panic after connecting to OpenVPN
I can't replicate this - anyone else? Chris Buechler
05:13 PM Bug #1093 (Resolved): Problems with em(4)
this seems to be fine. Chris Buechler
04:27 PM Bug #1156: Upgrade from 1.2.3 to 2.0 with VMware tools installed will panic
After upgrade, still panics and reboots. Craig Reynolds
02:23 PM Feature #1258 (Resolved): dyndns - DNS Made Easy
I agree that the ability to customize dyndns from the GUI makes the most sense (http://redmine.pfsense.org/issues/124... Chris Goundry
01:47 PM Bug #1251: /tmp/post_upgrade_command.php is not executing when going from 1.2.3 to 2.0
After uppgrading to latest 404 error dissappears...
But the bug remains.. Adde BC
09:41 AM Feature #1257: Handle encypted CA/Certificate private keys
the title of this bug should be "certificate file is not properly generated or saved." using internal cert auth Brad Langhorst
09:38 AM Feature #1257: Handle encypted CA/Certificate private keys
upon further investigation, i see that the crt was not saved.
here's a bit of the config file.
... Brad Langhorst
09:32 AM Feature #1257 (Pull Request Review): Handle encypted CA/Certificate private keys
when i export a certificate using
http://192.168.3.1/system_certmanager.php
i get an empty file.
the private ... Brad Langhorst
08:26 AM Revision c7f70dbc: fix NTP server IPs in openvpn config
Chris Buechler
05:13 AM Revision 020b954f: at least don't touch rrd here, that rrd won't exist anyway
Chris Buechler
05:05 AM Revision bfa49cae: Revert "the only thing ping_hosts.sh is used for is pinging IPsec hosts. comment out all this complexity that makes it do way more than it needs to (and was throwing an error on rrd, it shouldn't be touching rrd)" this is used by at least the DNS server pkg
This reverts commit 9fcf15773caa87261314bfe6e8a33a3f0d1d18bd. Chris Buechler
04:48 AM Revision 891b3fa2: need config.inc here, otherwise it fails to reload, config arrays are blank in vpn_ipsec*. Actual issue and fix for bug #1254
Chris Buechler
03:25 AM Bug #1255 (Resolved): GUI fails to correctly create NTP client options
fixed, thanks Chris Buechler
01:43 AM Bug #1255 (Resolved): GUI fails to correctly create NTP client options
When creating an Openvpn server instance, one or more entered ntp servers get rendered in the conf file missing the a... John Doe
01:49 AM Bug #1256 (Resolved): DPD does not work in ipsec-tools 0.7.3
this has been a known issue for a while, and we have a solution with ipsec-tools 0.8.0 (not yet committed), just open... Chris Buechler
01:47 AM Bug #1116 (Resolved): IPsec error, racoon won't start with more than one phase 2
the original bug is fixed, and the later issue with non-0 exit status on racoonctl is fixed in ipsec-tools 0.8.0.
Chris Buechler

02/05/2011

11:54 PM Bug #1254 (Resolved): IPsec dynamic tunnels don't reload correctly
updated ticket to actual problem, it appears actually that there is no caching at all in gethostbyname, it issues a D... Chris Buechler
01:25 PM Bug #1254: IPsec dynamic tunnels don't reload correctly
Use this test program to compare:
#!/usr/local/bin/php
<?php
$dns_record = "www.pfsense.org";
echo "gethost... Scott Ullrich
01:20 PM Bug #1254: IPsec dynamic tunnels don't reload correctly
We should test http://php.net/manual/en/function.dns-get-record.php vs gethostbyname Scott Ullrich
12:16 AM Bug #1254 (Resolved): IPsec dynamic tunnels don't reload correctly
/etc/rc.newipsecdns does not reload dynamic tunnels as it should. Chris Buechler
07:30 PM Bug #942: dhcp relay breaks
I'm seeing the same issue:... Jeremy Phillips
12:18 PM Bug #444: All mounts should be noatime
At this point I am not to keen on touching the BSDInstaller. We should set this ticket to future and deal with this... Scott Ullrich
12:15 PM Bug #1156 (Feedback): Upgrade from 1.2.3 to 2.0 with VMware tools installed will panic
Marking as feedback, the recent package changes should have resolved this.
 Scott Ullrich
12:14 PM Bug #1220 (Resolved): Setup dumpon/savecore and friends to aid debugging
This works ok marking as resolved.
 Scott Ullrich
12:12 PM Bug #560 (Feedback): loader.conf is empty after a firmware update.
This should be resolved. I fixed the bug in the kernel upgrade code that was causing this.
 Scott Ullrich
10:13 AM Bug #1238 (Closed): Dynamic DNS update with Freedns not working?
Jim Pingle
04:27 AM Bug #1238: Dynamic DNS update with Freedns not working?
Warren Baker wrote:
> Works for me - freedns works slightly different to the other 2 dyn providers you mentioned. Di... Thomas Burger
08:10 AM Revision 9fcf1577: the only thing ping_hosts.sh is used for is pinging IPsec hosts. comment out all this complexity that makes it do way more than it needs to (and was throwing an error on rrd, it shouldn't be touching rrd)
Chris Buechler
04:47 AM Revision e5a30665: fix text
Chris Buechler

02/04/2011

04:27 PM pfSense Packages Bug #1253: RRD Graphs dosen't work corect
Please post on the forum to ask questions of that nature, this is a bug tracking tool and not a general support system. Jim Pingle
04:25 PM pfSense Packages Bug #1253: RRD Graphs dosen't work corect
Ok, but If I can't see at the right moment what is the right speed of the transfer, how can I do that after 1 day? I ... bohosh bohosh
04:00 PM pfSense Packages Bug #1253 (Closed): RRD Graphs dosen't work corect
That's just the effect of averaging the data out over longer periods. As the timespan of each graph gets larger, the ... Jim Pingle
03:44 PM pfSense Packages Bug #1253 (Closed): RRD Graphs dosen't work corect
Hello,
I'm with the last version of 2.0-BETA5 (i386)
built on Fri Feb 4 02:36:03 EST 2011
I have attached 6 pict... bohosh bohosh
03:34 PM Bug #1252 (Resolved): bug in header.inc
there is a coding error in /usr/local/www/header.inc that should be corrected.
Please see
http://forum.pfsense.o... Luis Soltero
02:18 PM Revision 3fc4a490: Remove this compress line, it breaks the dhcpv6 config
Seth Mos
01:39 PM Revision 20f59893: Display the source subnet bits as 32 rather than 0 if it is empty.
Erik Fonnesbeck
01:20 PM Revision 6a97db1c: Allow aliases to be entered for source and destination addresses of outbound NAT rules.
Erik Fonnesbeck
01:04 PM Revision 9f1e3b2b: Add backend support for aliases on source and destination address of outbound NAT rules.
Erik Fonnesbeck
12:58 PM Revision b5efd82a: Display the last used repository and branch and add a couple more descriptions.
Erik Fonnesbeck
11:58 AM Revision 891012ce: Change destination back to the field type for fields that allow an alias - they appear to work there (or at least doesn't say it is an error?).
Erik Fonnesbeck
11:51 AM Revision b663d4ce: Remove redundant input validation for source port that also prevents use of port ranges.
Erik Fonnesbeck
10:03 AM Revision 393cd3fc: After finishing the installation clear the flag for package sync.
Ermal LUÇI
09:26 AM Bug #373: Package Manager not available in menus
I faced this issue too. It happens if you are running out of LiveCD. Install pfsense 2.0 to hard disk and then "Packa... sanjiv marathe
02:44 AM Bug #1177: Passive FTP
With 2.0-BETA5 (amd64)built on Thu Feb 3 22:33:00 EST 2011, it's not resolved. The LIST command times out from FTP cl... Blaise Hurtlin

02/03/2011

10:47 PM Revision 421f72a7: Fix url
Scott Ullrich
10:46 PM Revision 886caa75: Remove formatting in between textarea
Scott Ullrich
10:45 PM Revision 528d5abf: Set priv info
Scott Ullrich
10:39 PM Revision 45d72d82: Adding a page that will allow uploading of crash (panic) data. Once the server piece is in place we will detect crash data in php and redirect to this page to prompt if the operator would like to upload the data. Remove the crash data after upload or if the operator does not want to upload the crash data.
Scott Ullrich
10:08 PM Revision 54ac51b5: Make the subnet check failure better readable
Seth Mos
10:07 PM Revision cf6bc278: Fix the subnet check for gif tunnels by dropping the bits to 126.
Always compress the subnet address for easier reading Seth Mos
09:38 PM Revision a23a99cb: Lie to the system and report a subnetmask of 127 instead of 128. This should fix the subnetmask check
Seth Mos
07:12 PM Revision 1f676b67: Ticket #259. Actually kill dhlient when the interface type changes before going through apply changes otherwise the information would be lost and dhclient will remain running.
Ermal LUÇI
06:38 PM Revision 1ec2bedd: Ticket #1248. Do not set this higher since the slave will take more time to detect a switch needs to be done.
Ermal LUÇI
06:31 PM Bug #1210 (Resolved): Erasing limiter advanced options does not save the change
Ermal Luçi
05:14 PM Bug #1251 (Resolved): /tmp/post_upgrade_command.php is not executing when going from 1.2.3 to 2.0
In 1.2.3 i had a addon named "OpenVPN Status" after upgrade under Status menu i had two "Open VPN"
both of them went... Adde BC
04:56 PM Bug #444 (New): All mounts should be noatime
Looks like this only got applied to NanoBSD and not the full installs. The installer isn't putting noatime,sync in fs... Jim Pingle
02:14 PM Bug #1177 (Resolved): Passive FTP
Ermal Luçi
02:12 PM Bug #259: When disabling a dhcp interface, dhclient is not stopped
Found the remaining issue.
The previous, dhcp, interface type information was being lost when the apply changes butt... Ermal Luçi
06:43 AM Bug #259: When disabling a dhcp interface, dhclient is not stopped
Hi, in the 2011 02 02 snapshot the dhclient still isn't killed when switching to static from the console or UI.
Fe... Seth Mos
01:43 PM Bug #1248 (Feedback): CARP failover isn't happening as a group (preemption)
Should be resolved. Put it on feedback to wait for any last time problems. Ermal Luçi
12:41 PM Feature #1225: static port range and outbound rules source port range (only to be tested and integrated, already coded)
Mistake in the patch files.
In firewall_nat_out_edit.php, you should add after lin 223:
$natent['sourceportend'] ... Martin Dupont
08:13 AM Bug #1231 (Resolved): Upgrading pfSense Removed Internal CA
Several people on the forum who could reproduce this before are no longer losing their CA. Looks like it's fixed. Jim Pingle
08:01 AM Revision 6376913c: Merge remote branch 'upstream/master'
Seth Mos
 

Also available in: Atom