Activity

30 days up to

User

Subprojects

Activity

From 03/28/2011 to 04/26/2011

04/26/2011

09:08 PM Revision c41997ce: Allow users to select SSL/TLS+User Auth with external authentication sources.: Jim Pingle
09:07 PM Bug #1105: WLAN Broadcom BCM 4306 problems -the fw file(bwn_v4_ucode5) not found: it can be built on a stock FreeBSD 8.1 system and copied over. Chris Buechler
08:39 PM Bug #1380 (Closed): NAT reflection of UDP (or DNS?) doesn't work, spawns thousands of processes: #1415 duplicated this Chris Buechler
08:35 PM Bug #1347 (Resolved): ntpd not starting: Chris Buechler
08:30 PM Feature #1322 (Rejected): Squid 3: this is not a legit bug report, ask questions on the forum or mailing list. Chris Buechler
08:29 PM Bug #1358 (Resolved): OpenVPN Upgrade Issue: Chris Buechler
08:29 PM Bug #1403: Filter Rules description do not get saved when "(quote) present as character: under what circumstances is this a problem? The input validation doesn't allow quotes in rule descriptions. Chris Buechler
08:27 PM Bug #1355 (Closed): Clearing PPTP Raw Logs does not work: duplicate of #1340 Chris Buechler
06:37 PM Revision 7100a85c: No need to include head.inc twice: Jim Pingle
02:18 PM Revision 0b9d02f3: Don't just blindly echo to the ntpd.log, it's a clog file and that will break it.: Jim Pingle
02:08 PM Bug #1483 (Rejected): OpenVPN peer-2-peer routing doesn't work: it works, you have a config issue of some sort. post to the forum or mailing list for help. Chris Buechler
02:03 PM Bug #1483 (Rejected): OpenVPN peer-2-peer routing doesn't work: Hi,
i have here installed pfsense 2.0-RC1 (i386) built on Thu Apr 14 19:19:42, and i tried to establish a peer-2-p... Herbert Lueger
02:00 PM Bug #1433: Config sync causes CARP state change: Ok for the first one...
For the second one I attach you two different crashes I just caused while making changes on... Michele Di Maria
06:48 AM Bug #1433: Config sync causes CARP state change: The second picture seems and issue from the shaper.
I cannot tell anything if i do not see the trace, type bt on the... Ermal Luçi
09:59 AM Feature #1482 (Resolved): Captive Portal support for a configurable RADIUS NAS ID: When running network traces to examine the packets sent/received during Captive Portal authentication and accounting ... Richard Gate
07:05 AM Revision 787de45a: Push the ipv6 routes for the local network with push route-ipv6: Seth Mos
03:44 AM Bug #1445: Trouble with interface msk0 (Marvell Yukon 88E8057 Gigabit Ethernet): There is a driver bug logged, have a look at http://www.freebsd.org/cgi/query-pr.cgi?pr=156493 - otherwise one person... Warren Baker

04/25/2011

08:12 PM Revision 97ffc513: Add the ipv6 configuration options for routing ipv6 over the tunnel. Currently only a /64 is supported for the routed network, so use a /64 and then route the /56: Seth Mos
07:50 PM Revision 9f5d14ce: Show OpenVPN instances on Status > Traffic Graphs, with descriptions.: Jim Pingle
07:07 PM Bug #1402: When creating a QinQ it works until reboot.: Thanks Ermal for your response but when I create the step 1, and assign the member 1000 and click save, I get the nex... Juan José Ponce Domínguez
04:03 PM Bug #1402: When creating a QinQ it works until reboot.: You do not need to create teh vlan in step2 since it is done automatically by the GUI. Ermal Luçi
05:57 PM Bug #1151: Outgoing pptp Traffic-Flow stops after a while: Hmm... I use the RC1 (i386) version and have this problem, that's the reason I asked. The pptp Traffic-Flow stops aft... George M
05:53 PM Bug #1151: Outgoing pptp Traffic-Flow stops after a while: yes. if it's marked as resolved, it's resolved. Chris Buechler
05:52 PM Bug #1151: Outgoing pptp Traffic-Flow stops after a while: Is this bug fixed in the RC1 version? George M
05:43 PM Bug #1420: Changing a WAN's type from PPPoE to other breaks it: probably, that would be consistent with 1.2.x Chris Buechler
02:48 PM Bug #1420: Changing a WAN's type from PPPoE to other breaks it: Should it delete the already created pppoe config? Ermal Luçi
05:17 PM Revision b1ba04cf: Add ipv6 tunnel remote subnets: Seth Mos
03:42 PM Bug #1445: Trouble with interface msk0 (Marvell Yukon 88E8057 Gigabit Ethernet): I am having problems too with the msk0 Marvell Yukon Gigabit on an iMac.
I will get a watchdog timeout on that int... Per Møller Olsen
02:45 PM Bug #846 (Closed): if_bridge triggers link state cycling on em(4): Ermal Luçi
12:55 PM Bug #1433: Config sync causes CARP state change: Ok, I understand... I try to explain you the problems I encounter, you give me your opinion if it's related to this i... Michele Di Maria
10:40 AM Bug #1433: Config sync causes CARP state change: I am sorry but it will still go up and down on slave but it want cause any issues!
If you can reproduce the issue ... Ermal Luçi
11:14 AM Todo #1481 (Needs Patch): Bring back console menu banner link indication: On 1.2.3 if an interface is up, it had a * next to it to indicate the link state. This was removed a while ago on 2.0... Jim Pingle

04/24/2011

07:04 PM Feature #1477: IGMPPROXY spamming the main systemlog: We're not running igmpproxy with verbose logging enabled, not sure if that log level is from something in the pfport ... Chris Buechler
03:02 PM Feature #1477 (Resolved): IGMPPROXY spamming the main systemlog: Since Igmpproxy is finally working now theres only one big problem left:
Igmpproxy is massivly spamming the main s... M Schweitzer
06:54 PM Bug #1478: some characters in FW rule descriptions do not sync properly: that's intentional. though with CDATA now they may be safe, it's not going to change for now. Chris Buechler
04:39 PM Bug #1478 (Resolved): some characters in FW rule descriptions do not sync properly: Parentheses, periods and commas: "(", ")", ",", "." all get stripped out of the firewall rule description on the seco... Adam Thompson
05:15 PM Todo #1373: Upgrade OpenVPN: Added the IPv6 payload patch from Gert Doering for full IPv6 support. Seth Mos

04/23/2011

09:08 AM Feature #1449: LAG setup from CLI (like VLANs): I would like to +1 on this request. I currently use a basic config exported from a working system, change it and use ... Marcus van Dam
04:19 AM Bug #1432 (Resolved): Carp Vips are promoted to master before firewall filter load: thanks Chris Buechler
04:09 AM Bug #1432: Carp Vips are promoted to master before firewall filter load: Tested and working! (see image) the red lines at 10:03:50 and 10:05:05 represents the moments where the secondary mac... Michele Di Maria
04:17 AM Bug #1433: Config sync causes CARP state change: mmhh... with build "Fri Apr 22 18:24:14 EDT 2011" i386 on both machines, when I modify something on the master machin... Michele Di Maria

04/22/2011

08:42 PM Bug #1453 (Closed): Voucher RSA key generation problem: Chris Buechler
10:04 AM Bug #1453: Voucher RSA key generation problem: I reinstalled pfSense, and RSA key regeneration works well. I'm unable to reproduce this problem. Peter Soos
05:57 AM Bug #1453 (Closed): Voucher RSA key generation problem: I just installed pfsense 2.0-RC1 (i386) built on Fri Apr 22 01:23:40 EDT 2011 on an Alix 2D3 board. I tested the Vou... Peter Soos
07:48 PM Revision e3dc055a: Actually correct check meaning.: Ermal LUÇI
07:23 PM Revision bd17f93d: Do not an ip of all 1s as a gateways since it cannot be pinged.: Ermal LUÇI
06:28 PM Revision bce14123: Actually call interfaces_carp_setup after the carp interfaces are created so carp traffic can only flow after we have all vips up and running. This prevents premption more early than necessary. Ticket #1432.: Ermal LUÇI
04:40 PM Bug #1433 (Feedback): Config sync causes CARP state change: Applied in changeset commit:"9411fbf73e52f01730da3fc8ba663bc901087144". Ermal Luçi
04:40 PM Bug #1432: Carp Vips are promoted to master before firewall filter load: Applied in changeset commit:"9411fbf73e52f01730da3fc8ba663bc901087144". Ermal Luçi
02:32 PM Bug #1432: Carp Vips are promoted to master before firewall filter load: I pushed another change so try with that.
Though i think carp needs to be teached about a 'start' sysctl as it has a... Ermal Luçi
03:23 PM Revision d8da6350: Provide a method for rebrands to force a theme. Otherwise upgrading nanobsd from pfSense to a rebrand image without the theme in the config.xml will have a broken GUI since the theme isn't there.: Jim Pingle
09:42 AM Feature #1457: Bridge as interface: Reassign the bridge0 interface as LAN, and assign your old LAN interface as a separate interface that is a member of ... Jim Pingle
09:39 AM Feature #1457: Bridge as interface: Yes but nat all LAN interface functionality can be moved to bridge interface yet (e.g. firewall anti-lockout). If you... Peter Soos
06:30 AM Feature #1457 (Closed): Bridge as interface: already exists in 2.0, assign bridgeX Chris Buechler
06:28 AM Feature #1457 (Closed): Bridge as interface: Please add possibility to handle a bridge as an interface (e.g. add one IP address etc.). It would be useful if you a... Peter Soos
06:19 AM Feature #1456 (Closed): Vouchers expire at fixed time: Please add a feature to create vouchers valid to a fixed time/date not for an amount of time.
Peter Soos
06:16 AM Feature #1455 (Resolved): Voucher manager only user: If you add a user responsible the voucher management of captive portal only with rights for vouchers only he/she have... Peter Soos
06:02 AM Bug #1454 (Resolved): Voucher error messages character set problem: If you use accented characters outside the ASCII character set, the WebCfg seems to save the messages but it does not... Peter Soos
05:57 AM Todo #1373: Upgrade OpenVPN: Needs to have this fix to make OpenVPN 2.2-RC2 work.
http://openvpn.git.sourceforge.net/git/gitweb.cgi?p=openvpn/open... Seth Mos
04:57 AM pfSense Packages Bug #1452 (Resolved): Snort: broken link in snort_rules_edit.php [2.8.6.1 pkg v. 1.35]: Patch attached Yuri Krichevsky
12:31 AM Revision de7222fb: correctly unmount drives where a config doesn't exist: Chris Buechler

04/21/2011

09:52 PM Feature #1451: Certificate errors after CARP election: There's only one cert on each. However, I don't think the 2ry has been rebooted since setup; I'll do that and confir... Adam Thompson
09:44 PM Feature #1451: Certificate errors after CARP election: config sync does indeed sync the cert that's used, and there currently isn't any way to do otherwise. But, if you sta... Chris Buechler
09:43 PM Feature #1451: Certificate errors after CARP election: On the slave, go to System > Advanced, on the Admin tab, make sure the cert selected there is the same as the cert se... Jim Pingle
09:41 PM Feature #1451: Certificate errors after CARP election: Hmm... in that case, I think this is a bug, not a feature. If the identical certificate is being offered from both m... Adam Thompson
09:19 PM Feature #1451 (Feedback): Certificate errors after CARP election: Usually you would want to access the GUI on the boxes directly by accessing their actual IPs, not the CARP VIP, since... Jim Pingle
07:03 PM Feature #1451 (Resolved): Certificate errors after CARP election: Using CARP VIP to administer pfSense, after the backup is promoted to master, Firefox complains about SSL certificate... Adam Thompson
09:39 PM Revision 2d4003aa: If the bandwidth value is coming from radius scale it up to the requested Kbit/s unit.: Ermal LUÇI
08:05 PM Revision 2594f401: missed a bit of my last commit: Yehuda Katz
07:33 PM Revision 908cbaf9: Set user when removing privileges, otherwise things like the user's shell would not be reset until pressing save, which is inconsistent with that step not being needed when adding privileges.: Jim Pingle
06:54 PM Feature #1450 (Closed): XMLRPC syncs all VPN types *except* PPTP: Just got burned by this... I never noticed that XMLRPC Sync keeps IPSEC and OpenVPN in sync, but not PPTP. Even if t... Adam Thompson
06:34 PM Revision a29aeb47: Merge branch 'master' of http://gitweb.pfsense.org/pfsense/mainline.git: Yehuda Katz
06:33 PM Revision ea7763c0: ignore dreamweaver temp files: Yehuda Katz
06:29 PM Revision a828210b: checking moduli of ssl csr request and response: Yehuda Katz
06:22 PM Bug #1433: Config sync causes CARP state change: Do we have the ability to diff chunks of the config xml? If diff(old-carp-config,new-carp-config)==zero-changes, don... Adam Thompson
03:09 PM Bug #1433: Config sync causes CARP state change: pfSense is a long time having this code.
It was done because otherwise lots of code need to be added just to test fo... Ermal Luçi
06:11 PM Bug #1391: Disable auto-added VPN rules missing: Perhaps I'm missing something - I have yet to see a single auto-added FW rule for VPNs on my boxes: I thought the che... Adam Thompson
06:03 PM Feature #1449 (Closed): LAG setup from CLI (like VLANs): Provide a mechanism during initial interface assignment to create LAGs, not just VLANs. In a moderately complex envi... Adam Thompson
05:48 PM Bug #747: Root schedulers (ie PRIQ) cannot be configured on interfaces that don't report bandwidth: I put a patch for this and it would give by default to an interface 100Mbit line if it is not reported automatically. Ermal Luçi
05:46 PM Bug #1381 (Closed): GRE tunnel interface IP address updated after reboot only: Its an OP issue. Ermal Luçi
05:27 PM Todo #1438: Add override for CSR request->response subject mismatch: New merge request sent Yehuda Katz
05:10 PM Revision 1f0c76cf: Fix PPPoE upgrade, the <pppoe> tag is considered an array these days and the upgrade code wasn't treating it properly, accessing it directly instead of using the first entry ([0]). Fixes #1439 - PPPoE credentials upgrade properly now.: Jim Pingle
02:33 PM Revision 46698c3f: Reject encrypted CA private keys. Resolves #1446: Jim Pingle
01:59 PM Revision 0cc5ab42: Confirmed working fix for ticket #1417 - with this change I have two-way connectivity on Site-to-Site (SSL/TLS) with iroutes.: Jim Pingle
01:10 PM Bug #1439: WAN PPPoE config dropped on update from 1.2.3 (nanobsd) to 2.0-RC1 (snapshot 20110415-1518): Applied in changeset commit:"1f0c76cfd7086aa90ea97a9775f2f024390a02ec". Jim Pingle
10:35 AM Bug #1446: Export of internal generated cerificate (crt) ist empty when made from encrypted CA key: Applied in changeset commit:"46698c3f3c5e3f2e98829757616ddda3ce779b6d". Jim Pingle
10:07 AM Bug #1446: Export of internal generated cerificate (crt) ist empty when made from encrypted CA key: Prompting for the password is too large of a change to try squeezing in at this point in the release cycle. I'll look... Jim Pingle
02:38 AM Bug #1446: Export of internal generated cerificate (crt) ist empty when made from encrypted CA key: I thing I found the problem. The imported CA-private key was encrypted:
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: ... Claudio Thomas
10:00 AM Bug #1417: OpenVPN client specific overrides doesnt work by default: OK, I finally got it all the way straightened out. I confirmed it worked between two test VM networks with my last co... Jim Pingle
05:56 AM Bug #1417: OpenVPN client specific overrides doesnt work by default: For me, the client-config-dir works with the build "Fri Apr 15 18:54:32 EDT 2011". I didn't upgrade yet.
I read th... Raffael Schmid
07:12 AM pfSense Packages Bug #1385: Open-VM-Tools not working anymore: Jim P wrote:
> We need to fix the automated build process, not upload new binaries.
Any news on that problem?
... Charles AMPEAU
06:51 AM Bug #1448 (Feedback): PPTP VPN Radius authentication and accounting don't work: I find it very hard to believe there is any difference between amd64 and i386, all my systems that work fine are i386... Chris Buechler
06:44 AM Bug #1448: PPTP VPN Radius authentication and accounting don't work: Just tested with 64bit version. it's work directly after install using same config backup. 32 bit not working (latest... Zeev Zalessky
03:14 AM Bug #1448: PPTP VPN Radius authentication and accounting don't work: it is definitely working on 32 bit. Chris Buechler
03:12 AM Bug #1448: PPTP VPN Radius authentication and accounting don't work: please reopen it. PPTP Auth via radius not working in 32bit version!!!! Zeev Zalessky
03:27 AM pfSense Packages Bug #1423: Open-VM-Tools package script files broken in 2.0rc-1: _Include file open-vm-tools.inc could not be found for inclusion._
but why ? Anonymous
03:23 AM pfSense Packages Bug #1423: Open-VM-Tools package script files broken in 2.0rc-1: The EOFA has gone now... Anonymous

04/20/2011

08:28 PM Bug #1448 (Closed): PPTP VPN Radius authentication and accounting don't work: doubly confirmed, accounting and auth work fine. The posted config is correct. If you're seeing no traffic to your RA... Chris Buechler
08:18 PM Bug #1448 (Feedback): PPTP VPN Radius authentication and accounting don't work: it works fine. Also disables fine, you have to actually disable it by unchecking, you can't just take out the IP. Chris Buechler
08:01 PM Bug #1448: PPTP VPN Radius authentication and accounting don't work: Instead of opening a new bug i figured i would add to this.
I am having the same issue with PPTP authenticating to... Brian G
03:33 PM Bug #1448: PPTP VPN Radius authentication and accounting don't work: attached files from requested directory Zeev Zalessky
03:19 PM Bug #1448: PPTP VPN Radius authentication and accounting don't work: Can you show the contents of cat /var/etc/pptp-vpn/* Ermal Luçi
10:45 AM Bug #1448 (Closed): PPTP VPN Radius authentication and accounting don't work: PPTP VPN configured to use radius authentication and accounting. no traffic to radius server. no users authentication... Zeev Zalessky
10:59 AM Bug #1446: Export of internal generated cerificate (crt) ist empty when made from encrypted CA key: Might be something specific to your CA then, hard to say without trying it out. I imported a CA I had made a long tim... Jim Pingle
10:55 AM Bug #1446: Export of internal generated cerificate (crt) ist empty when made from encrypted CA key: Annexed the properties of the imported CA-certificate in case that the properties of the CA are the problem.
(create... Claudio Thomas
10:46 AM Bug #1446: Export of internal generated cerificate (crt) ist empty when made from encrypted CA key: Tag in /cf/conf/config.xml is empty:
<cert>
<refid>4daeeb458a580</refid>
<descr><![CDATA[thomas_c]]></descr>
... Claudio Thomas
08:33 AM Bug #1446 (Feedback): Export of internal generated cerificate (crt) ist empty when made from encrypted CA key: I performed that exact same sequence (imported a CA, generated a certificate, and exported) and I got the expected da... Jim Pingle
07:32 AM Bug #1446 (Resolved): Export of internal generated cerificate (crt) ist empty when made from encrypted CA key: After generating a own certificate the exported crt is empty.
How the problem can be reproduced:
# An own CA-cert... Claudio Thomas
09:03 AM Bug #1417: OpenVPN client specific overrides doesnt work by default: Yeah I had the wording in that wrong. There may be something else going on in P2P/TLS then. People on the forum were ... Jim Pingle
02:49 AM Bug #1417 (Feedback): OpenVPN client specific overrides doesnt work by default: that commit looks like it would have been ok, it was changed for P2P TLS, not shared key. Chris Buechler
02:44 AM Bug #1417: OpenVPN client specific overrides doesnt work by default: Hm, okay. But I use certificate based authentication....
So please reopen? Raffael Schmid
07:46 AM Feature #1447 (Resolved): Export certificates in pkcs12 format: It would help if the stored certificates could be exported also in PKCS12-format, because many clients (like some on ... Claudio Thomas

04/19/2011

11:59 PM Revision bd24573b: Backing out changes from ticket #1417, it was not a valid openvpn config that the user was trying to make.: Jim Pingle
09:06 PM Revision 673ee7b1: Harden SSL settings a bit. Verified OK with @cmb and @billm: Scott Ullrich
07:56 PM Bug #1417 (Closed): OpenVPN client specific overrides doesnt work by default: Apparently it's just not allowed to have a shared key tunnel and push with client-config-dir. Backing out changes, as... Jim Pingle
03:37 PM Bug #1318: Certificate error: certificate subject does not match signing request subject: Also confirmed with RapidSSL with GeoTrust as the intermediate CA.
2.0-RC1 (amd64)
built on Thu Apr 14 11:13:23 ... R M
05:34 AM Bug #1432: Carp Vips are promoted to master before firewall filter load: I caught it, the master firewall started to work after this log line:
Apr 19 10:03:27 pfsense1 check_reload_status... Michele Di Maria
04:13 AM Bug #1432: Carp Vips are promoted to master before firewall filter load: The situation has improved, but not resolved yet... (tested with build 18 23:29:41 EDT 2011 i386)
In the image att... Michele Di Maria

04/18/2011

10:31 PM Bug #1433: Config sync causes CARP state change: the secondary has no need to blow away its CARP IPs and recreate them unless there has been a CARP change, and never ... Chris Buechler
06:07 PM Bug #1433: Config sync causes CARP state change: In etc/inc/interfaces.inc, before line 1827, there could be something like:
$ints = get_interface_arr(true);
fore... Michele Di Maria
03:25 PM Bug #1433: Config sync causes CARP state change: Makes sense that the VIPS are destroyed and recreated after reconfiguring on the backup machine, unfortunately when t... Michele Di Maria
02:45 PM Bug #1433: Config sync causes CARP state change: Well this is normal considering that the slave just destroys and recreates its vips and an election occurs in carp co... Ermal Luçi
10:27 PM Revision 6c9cf466: Slightly different fix for #1417 that doesn't mess up other parameters needed by p2p_tls: Jim Pingle
07:18 PM Revision e2e934e0: override option for certificate subject mismatch: Yehuda Katz
06:56 PM Revision 359f6307: Block instead of allowing proto carp/pfsync during bootup since this may cause issues. Ticket #1432: Ermal LUÇI
06:25 PM Revision 42c07003: Add an option under advanced->misc to specify a proxy for retreiving pfsense package info or downloading packages.: Ermal LUÇI
05:08 PM Revision e8503ff4: Only start log update ajax timer if the updateDelay is defined. http://forum.pfsense.org/index.php/topic,35771.0.html: Jim Pingle
04:38 PM Bug #1439: WAN PPPoE config dropped on update from 1.2.3 (nanobsd) to 2.0-RC1 (snapshot 20110415-1518): Here's the old and the new config. I replaced passwords and usernames, also removed some settings like firewall filt... Malte Stretz
11:35 AM Bug #1439 (Feedback): WAN PPPoE config dropped on update from 1.2.3 (nanobsd) to 2.0-RC1 (snapshot 20110415-1518): The upgrade log won't tell us anything relevant here. We need the before and after upgrade versions of your config.xm... Jim Pingle
04:19 PM Todo #1438: Add override for CSR request->response subject mismatch: Better than a patch: I did a merge request on https://rcs.pfsense.org/projects/pfsense/repos/yakatz-sandbox/commits/e... Yehuda Katz
02:32 PM Todo #1438: Add override for CSR request->response subject mismatch: What I meant to say there is this patch fixes the problem.
I am working on a patch that will actually completely wor... Yehuda Katz
02:24 PM Todo #1438: Add override for CSR request->response subject mismatch: Here is the simple patch. A better one is on the way. Yehuda Katz
02:58 PM Bug #1426 (Feedback): IPsec descriptions need trimmed in rule labels: This seems to have been fixed by Seth. Ermal Luçi
02:55 PM Bug #1432 (Feedback): Carp Vips are promoted to master before firewall filter load: Ermal Luçi
02:47 PM Bug #636: layer7 not work correctly: Still not working here either (2.0-RC1 (i386) built on Mon Apr 18 10:01:33 EDT 2011). L7 container set to block HTTP.... Seth Scardefield
02:31 PM Bug #1444: Reconfiguring interfaces doesn't deconfigure previous ones: No its not like #174. This is in console and i am not sure that it has been forseen for such use.
I will give a look... Ermal Luçi
12:18 PM pfSense Packages Bug #1443: Squid errors on updating version: I definitely have the errors, as does Nachtfalke as per http://forum.pfsense.org/index.php/topic,35673.0.html
I in... Lloyd Collins
12:15 PM pfSense Packages Bug #1443: Squid errors on updating version: I can't reproduce this. I have installed/reinstalled/uninstalled and starting and stopping the service works as expec... Jim Pingle
09:08 AM Revision 81b44848: Surround the IPv6 address with brackets: Seth Mos
06:39 AM Feature #1431: PPPoE LQR Echo: I try setting up suggest by Calvin Teh, and it working, but after restart it come back to the problem. azwan rizal
06:39 AM Feature #1431: PPPoE LQR Echo: I try setting up suggest by Calvin Teh, and it working, but after restart it come back to problem. azwan rizal
01:37 AM Feature #1431: PPPoE LQR Echo: I'm also having same problem. Any update regarding this issue azwan rizal

04/17/2011

08:25 PM pfSense Packages Bug #1443: Squid errors on updating version: More information:
Reinstalling the package allows it to run for the period of time that the system is up. As soon ... Lloyd Collins
08:12 PM Bug #1445 (Rejected): Trouble with interface msk0 (Marvell Yukon 88E8057 Gigabit Ethernet): not convinced that's a driver problem, sounds like it may be config related, but if it is, not something we can fix. ... Chris Buechler
11:26 AM Bug #1445 (Rejected): Trouble with interface msk0 (Marvell Yukon 88E8057 Gigabit Ethernet): This is a follow-up to bug 1444. Installed via pfSense-memstick-2.0-RC1-i386-20110417-0359.img.gz.
As described i... Malte Stretz
03:43 PM pfSense Packages Bug #1315: ERROR 404 on packages area upper-left logo of psense.: PS: the files changed are:
config/snort/index.php
config/snort/snort.xml
Thanks!
Michele Michele Di Maria
02:58 AM pfSense Packages Bug #1315: ERROR 404 on packages area upper-left logo of psense.: According to this thread http://forum.pfsense.org/index.php/topic,33812.0.html I added a index.php in the snort direc... Michele Di Maria
03:39 PM pfSense Packages Bug #1114: Snort Dashboard Widget has wrong link: ps: the file changed is
config/widget-snort/snort_alerts.inc
Thanks! Michele Di Maria
02:46 AM pfSense Packages Bug #1114: Snort Dashboard Widget has wrong link: Made the change, waiting for someone to merge my git clone in the master Michele Di Maria
11:28 AM Bug #1444: Reconfiguring interfaces doesn't deconfigure previous ones: BTW, this sounds like bug 174, fixed a year ago. Malte Stretz
10:56 AM Bug #1444 (Resolved): Reconfiguring interfaces doesn't deconfigure previous ones: I just installed 2.0-RC1 via pfSense-memstick-2.0-RC1-i386-20110417-0359.img.gz with the quick install wizard (SMP ke... Malte Stretz
05:27 AM Revision 5381b341: Don't include RFC1918 in bogons.: Jim Pingle

04/16/2011

10:19 PM Revision 988d498c: sync bogons: Chris Buechler
10:12 PM pfSense Packages Bug #1443: Squid errors on updating version: UPDATE: I have just reinstalled the latest version of 2.0RC1-i386-20110415-11416 and I still have the same issues. Th... Lloyd Collins
07:47 PM pfSense Packages Bug #1443 (Closed): Squid errors on updating version: As per http://forum.pfsense.org/index.php/topic,35673.0.html some of us are experiencing Squid errors when updating f... Lloyd Collins
06:26 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: Only if you're willing to pay to have it fixed. Otherwise it gets fixed when we get to it. Chris Buechler
03:03 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: is it possible to rise priority from normal to high?because i have to disable PPTP VPN on my production firewalls wit... Hafiz Rafiyev
12:05 AM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: any fix for this bug? Hafiz Rafiyev
06:20 PM Bug #1440 (Closed): Bogons list is outdated: cron job was broken when the server died recently, fixed. Chris Buechler
11:32 AM Bug #1440 (Closed): Bogons list is outdated: The pfsense bogon list in http://files.pfsense.org/mirrors/bogon-bn-nonagg.txt is hoplessly outdated. The following ... Nick Hilliard
06:09 PM Todo #1441 (Closed): IPv4 bogons list is now static: not going to remove it as it could possibly change though it most likely won't, and the same mechanism will be used f... Chris Buechler
11:52 AM Todo #1441 (Closed): IPv4 bogons list is now static: Once the IPv4 bogons list is updated with the updates in http://redmine.pfsense.org/issues/1440, the ipv4 bogon list ... Nick Hilliard
03:13 PM Bug #1442: Upgrade to 2.0-RC1 breaks 1.2.3 on other slice.: Actually, it wasn't clear to me that the config partition is shared between the slices. I thought it was stored with... Malte Stretz
01:22 PM Bug #1442 (Rejected): Upgrade to 2.0-RC1 breaks 1.2.3 on other slice.: That is a known and expected problem. There is no way around that since both slices share the same config. No code we... Jim Pingle
12:59 PM Bug #1442 (Rejected): Upgrade to 2.0-RC1 breaks 1.2.3 on other slice.: I just upgraded a firewall from 1.2.3 to todays snapshot, using pfSense-2.0-RC1-4g-i386-20110415-1518-nanobsd-upgrade... Malte Stretz
11:25 AM Bug #1439 (Resolved): WAN PPPoE config dropped on update from 1.2.3 (nanobsd) to 2.0-RC1 (snapshot 20110415-1518): I just upgraded a firewall from 1.2.3 to todays snapshot, using pfSense-2.0-RC1-4g-i386-20110415-1518-nanobsd-upgrade... Malte Stretz

04/15/2011

08:57 PM Revision 13399e17: Properly add dns and wins fields, load them on page load.: Seth Mos
08:54 PM Revision d7bccf3c: Generate a address from the bridge mac and configure a v6 address: Seth Mos
04:38 PM Revision a51493d1: Merge remote-tracking branch 'mainline/master' into inc: Conflicts:
etc/inc/gwlb.inc Vinicius Coque
04:11 PM Revision 7b2fdeb3: Properly set/unset voucher enable/disable bit.: Jim Pingle
03:17 PM Bug #954: Switching to manual outbound NAT creates incorrect rule for PPTP server: The internal automatic rule is wrong as well. Regardless of how many clients you have, the outbound NAT rule it makes... Jim Pingle
01:06 PM Revision 3df79aa0: Merge remote branch 'upstream/master': Conflicts:
usr/local/www/interfaces.php Seth Mos
12:53 PM Revision b9bbae04: Move the link to add a gateway up next to the drop-down box so it is more obvious.: Jim Pingle
12:37 PM Revision 6d3fd938: Change the wording and the link placement for adding a new gateway: Seth Mos
08:42 AM Revision b1c305e7: Merge remote branch 'upstream/master': Seth Mos
08:41 AM Revision cfd40454: Make it possible to add a IPv6 gateway using the ajax add button: Seth Mos
12:44 AM Todo #1438 (Resolved): Add override for CSR request->response subject mismatch: Just a bit of bug checking and the code that I mentioned on the mailing list will be ready (I am waiting on my CA to ... Yehuda Katz

04/14/2011

11:15 PM Bug #1437 (Resolved): More validation needed on CSR generation: It appears that if the countryName in the requested subject is not recognized by openssl, it throws these two errors ... Yehuda Katz
10:32 PM Feature #752 (Resolved): Ease policy routing across OpenVPN: this has been good for a while, using it on a number of installs. Chris Buechler
08:50 PM Revision ca90133b: Save a little space on the interface list for console assignment.: Jim Pingle
07:11 PM Bug #1436 (Resolved): firewall syslog stops working after reboot: 2.0-RC1 (i386)
built on Thu Apr 14 15:32:22 EDT 2011
You are on the latest version.
Platform nanobsd (1g)
H... Rob Lister
05:26 PM Revision d2903c0c: Test if a variable is set before trying to unset it. If a user has no rules in their config, then $config['filter'] would not be undefined, so unsettings $config['filter']['bypassstaticroutes'] would result in an error. http://forum.pfsense.org/index.php/topic,35702.0.html: Jim Pingle
02:35 PM pfSense Packages Feature #1435 (Needs Patch): Squid - add syslog capability: Hi,
Is it possible to add the squid log module rather than storing the logs
locally on the pfsense device?
If... Rob Lister
11:08 AM Feature #1434 (New): Radius Accounting in OpenVPN: Radius Accounting packets are critical to any enterprise implementation of OpenVPN due to compliance reasons. It is a... Fan Net
06:03 AM Bug #1149: nano build - upgrade size failure on USB flash drives: newbie on bsd and pfsense.
filed a bug week or so ago, got rejected. found this, exactly my problem.
currently ... juan peridot
06:00 AM Bug #1149: nano build - upgrade size failure on USB flash drives: newbie on bsd and pfsense.
filed a bug week or so ago, got rejected. found this, exactly my problem.
currently ... juan peridot

04/13/2011

08:13 PM Bug #1402: When creating a QinQ it works until reboot.: Is there any news about this issue??
Saludos! Juan José Ponce Domínguez
06:01 PM Bug #651: Multiple gateways on WAN interface: Ermal Luçi wrote:
> The problem with this is that apinger will bind to the same address and has no idea that the mon... Francesco R
04:34 PM Todo #648: Move "base" packages such as RIP, OLSR, etc, back into packages: Currently I know about at least 5 installations using the LiveCD in corporate installations
(+ my own one).
The r... Daniel Berlin
12:38 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: my pf info
2.0-RC1 (i386)
built on Tue Apr 12 11:38:49 EDT 2011 Hafiz Rafiyev
12:31 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: at last i found my periodically ipsec disconnect problem after researching in redmine,i'm using pptp from home to c... Hafiz Rafiyev
07:52 AM Revision c8cc0c1c: Add missing fields for l2tp to define dns and wins servers: Seth Mos

04/12/2011

10:18 PM Revision a93020d5: Do not send growl notices twice: Scott Ullrich
10:08 PM Revision 2632934e: Remove blank trailing c/r.: Scott Ullrich
10:08 PM Revision 10c3d4c0: Notify via smtp as well as growl: Scott Ullrich
05:52 PM Revision cd11a142: Drop the ntpdate sync in favor of using ntpd -s, which should have the same net effect without needing the shell script that has been prone to hanging.: Jim Pingle
05:14 PM Bug #1397 (Resolved): ntpdate sync not functioning properly: Jim Pingle
05:13 PM Bug #1397: ntpdate sync not functioning properly: Hi Jim P,
That change seemed to do the trick. NTP is running just perfectly after making those changes and rebooti... Damon Morda
04:58 PM Bug #1397: ntpdate sync not functioning properly: I updated this again with commit:cd11a14
ntpdate sync is completely gone, since simply starting ntpd with -s will ... Jim Pingle
04:58 PM Bug #1347: ntpd not starting: I updated this again with commit:cd11a14
ntpdate sync is completely gone, since simply starting ntpd with -s will ... Jim Pingle
04:29 PM Revision 2816c5a1: Fix Parse error: Seth Mos
02:04 PM Revision d67b6b17: Also exclude grep from running processes when grepping for a running packet capture. Also, fix other test to match the recent changes made.: Jim Pingle
08:43 AM Revision 2521266a: Only pick up the ipv6 addresses from the DNS servers section: Seth Mos
08:40 AM Revision af8f910e: Merge remote branch 'upstream/master': Seth Mos
08:39 AM Revision 86966fba: Merge remote branch 'upstream/master': Conflicts:
etc/inc/filter.inc
usr/local/www/themes/the_wall/rrdcolors.inc.php Seth Mos
01:24 AM Feature #1431: PPPoE LQR Echo: tricking the WAN interface to become a DHCP connection and back to PPPoE works . However after a system restart, the ... Calvin Teh
01:05 AM Feature #1431: PPPoE LQR Echo: I don't have anything with PPPoE handy but it looks at a glance like keep-alive should always be present. From interf... Chris Buechler
12:37 AM Bug #1433 (Resolved): Config sync causes CARP state change: Any config change causes the CARP IPs on the secondary to come up as master and back down to backup, which is unneces... Chris Buechler

04/11/2011

08:58 PM Revision 127eb8e0: Add a toggle under System > Advanced on the misc tab to enable/disable debug mode for racoon.: Jim Pingle
09:25 AM pfSense Packages Bug #1385: Open-VM-Tools not working anymore: Confirm not working on amd64 platform as well
2.0-RC1 (amd64)
built on Sun Apr 10 21:49:29 EDT 2011 Calvin Teh
09:19 AM Bug #1428 (Resolved): DNS servers not assigned: I was able to reproduce this, and committed a fix on Saturday. This is fixed on current snapshots, and confirmed with... Jim Pingle
09:04 AM Bug #1428: DNS servers not assigned: Same problem here after update... ISP DNS servers not applied. Had to enter DNS servers manually.
2.0-RC1 (i386)
... Chuck Evangelista
07:15 AM Bug #1381: GRE tunnel interface IP address updated after reboot only: you can close it. it's work as explained in your update Zeev Zalessky
04:44 AM Bug #1432 (Resolved): Carp Vips are promoted to master before firewall filter load: When the "master" machine boots, the CARP ips are promoted to master immediately, even before the firewall filters ar... Michele Di Maria
01:10 AM Bug #1399: rrdtool respawning too fast: Noticed this message in syslog long ago. Maxim Luppov
12:56 AM Feature #1431: PPPoE LQR Echo: one thing that I have noticed is , when WAN interface is on DHCP the keep alive option is working perfectly fine. Cha... Calvin Teh

04/10/2011

11:48 PM Feature #1431: PPPoE LQR Echo: mpd5 mentions it as a "set link keep-alive seconds max" parameter under mpd.conf .. but that mpd.conf is no where to ... Calvin Teh
09:42 PM Feature #1431: PPPoE LQR Echo: you'll have to look into mpd 5 and see if it supports that. Chris Buechler
09:28 PM Feature #1431 (Closed): PPPoE LQR Echo: Some ISPs that I have experienced with locally requires LQR echo reply sent from the client to ensure that the sessio... Calvin Teh
09:43 PM Bug #1413 (Closed): PPPoE connection disconnects consistently: actual cause in #1431 Chris Buechler
09:02 PM Bug #1413: PPPoE connection disconnects consistently: Dear All,
I have found the root cause of the issue that the ISP requires a LCP echo inteval reply of 30 seconds in... Calvin Teh
05:10 AM Bug #1347: ntpd not starting: with the Fri Apr 8 18:33:38 EDT 2011 build the
issue seems to be gone.
Thank you Martin Klein

04/09/2011

04:31 PM Bug #1428: DNS servers not assigned: need dhclient logs, that just looks like you aren't being assigned DHCP servers. Chris Buechler
01:36 PM Bug #1428: DNS servers not assigned: They should be assigned via DHCP by the ISP but PFSense will not accept them so I have assigned them manually in gene... Lloyd Collins
11:36 AM Bug #1428: DNS servers not assigned: Not enough info here. Are these assigned manually? By DHCP? Any errors in the logs or console? Jim Pingle
09:25 AM Bug #1428 (Resolved): DNS servers not assigned: I just updated my PFsense install to the latest version (2.0-RC1 (i386)built on Fri Apr 8 18:33:38 EDT 2011) and DNS ... Lloyd Collins
04:00 PM Revision 4eb4b18a: Revert changes to dhclient-script. Appears to have broken DNS servers from DHCP. Ticket #1428: Jim Pingle
06:43 AM Bug #1413: PPPoE connection disconnects consistently: here are the screenshot attachments for the PPPoE configuration Calvin Teh

04/08/2011

08:08 PM Revision e9e06fb2: Fix copy/paste error: Jim Pingle
07:39 PM Bug #1397: ntpdate sync not functioning properly: Hi Jim P,
I've also applied your commits, but it didn't resolve the issue. Once I applied them and started the dis... Damon Morda
05:28 PM Bug #1397: ntpdate sync not functioning properly: The ntp issue would be separate (it has its own ticket), but I didn't test with openvpn. I suspect that's because Ope... Jim Pingle
04:59 PM Bug #1397: ntpdate sync not functioning properly: Jimp, I've applied your commits and I see the service is now running fine at startup and is able to stop and restart ... Angel Torres
11:49 AM Bug #1397 (Feedback): ntpdate sync not functioning properly: Should be fixed as of commit:edf99ce (See also commit:2db351a and commit:54c1859) Jim Pingle
06:15 PM Revision ac6651c9: Make sure a theme directory actually exists before blindly using it.: Jim Pingle
03:46 PM Revision edf99ce4: Rework ntpdate_sync_once.sh, so it makes sure ntp/ntpdate/itself are not running before trying to sync time, and then launch ntpd at the end for time sync (last commit was premature): Jim Pingle
03:20 PM Revision 54c18594: Don't unconditionally start ntpd after doing ntpdate, it might be disabled.: Jim Pingle
03:20 PM Revision 2db351a7: Send ntpdate output to syslog: Jim Pingle
02:10 PM Bug #1427: Typo? in /tmp/post_upgrade_command prevents UP kernel upgrade: Use the pre button for code.
The issue here is somewhat moot: The UP kernel is eventually going to be phased out. ... Jim Pingle
02:08 PM Bug #1427: Typo? in /tmp/post_upgrade_command prevents UP kernel upgrade: Let's try one more time...
> if [ $KERNELTYPE = "UP" ]; then
> > -if [ -f /kernels/kernel_SMP.gz ]; then-
> > +if ... Yehuda Katz
02:07 PM Bug #1427: Typo? in /tmp/post_upgrade_command prevents UP kernel upgrade: The formatting of that ticket came out really bad.
> if [ $KERNELTYPE = "UP" ]; then
> > if [ -f /kernels/kernel_SM... Yehuda Katz
02:05 PM Bug #1427 (Resolved): Typo? in /tmp/post_upgrade_command prevents UP kernel upgrade: From the mailing list:... Yehuda Katz
12:59 PM Revision fbfd675a: Add an IPsec xauth permission. Try to use the nologin shell first (just unlock the account). Ticket #1202: Jim Pingle
12:28 PM Revision 02d99511: Putting client-config-dir in the config is valid also for p2p_tls servers. Fixes #1417.: Jim Pingle
11:54 AM Bug #1347 (Feedback): ntpd not starting: Jim Pingle
11:52 AM Bug #1347: ntpd not starting: If you have a WAN failure or don't have working DNS, then launching ntpd is just as useless because it uses the same ... Jim Pingle
08:30 AM Bug #1417: OpenVPN client specific overrides doesnt work by default: Applied in changeset commit:"02d99511539a3312f8aab54b7dd1cdcaec9c0847". Jim Pingle
08:22 AM Bug #1417: OpenVPN client specific overrides doesnt work by default: Strike that. Looking at the backend code, you must be using "Peer to Peer (SSL/TLS)". It seems that one case was miss... Jim Pingle
08:17 AM Bug #1417: OpenVPN client specific overrides doesnt work by default: What exact settings are you using for your OpenVPN server?
I just set up an instance with the wizard and it does h... Jim Pingle
03:59 AM Bug #1417: OpenVPN client specific overrides doesnt work by default: I have the following content in the client specific configuration.... Raffael Schmid
03:19 AM Bug #1426 (Resolved): IPsec descriptions need trimmed in rule labels: On configs upgraded from 1.2.3 at a minimum, and possibly others, the automatically generated IPsec rules do not trim... Chris Buechler

04/07/2011

08:17 PM Revision b510be5c: use same egrep statement for both checks: Scott Ullrich
08:16 PM Revision 1fd807da: Use full path to egrep: Scott Ullrich
08:15 PM Revision d0cc727e: Use full path to egrep: Scott Ullrich
08:11 PM Revision 955f2d78: Use some Seth egrep foo to protect from compromised DHCP servers. CVE-2011-0997: Scott Ullrich
07:32 PM Bug #1425: pfSense stops receiving traffic on 'bge' driven interface: The FreeBSD bug indicates that the bug is triggered by high traffic/bandwidth via the interface.
If someone can re... Chris Smith
06:59 PM Bug #1425: pfSense stops receiving traffic on 'bge' driven interface: It will be 8.1. Will see if we can easily back port the 8.2 driver if that is the fix. Chris Buechler
06:30 PM Bug #1425 (Closed): pfSense stops receiving traffic on 'bge' driven interface: Hi guys,
This bug has happened to our installation twice, now. Seemingly randomly, the bge0 interface (I have bge0... Chris Smith
05:13 PM pfSense Packages Bug #1390 (Resolved): pfflowd amd64 binary missing: Ermal Luçi
04:35 PM Revision e05458b0: Remove extra variable set: Scott Ullrich
04:34 PM Revision 7ec2a858: Remove copy paste: Scott Ullrich
04:33 PM Revision 0c951d9b: Unbreak check if capture is running: Scott Ullrich
04:00 PM Revision 5d788161: When using ' variables are not expanded. Use double quotes so that the variable is exanded: Scott Ullrich
03:49 PM Revision c76fc19f: Don't test for a user cert here either, see previous commit.: Jim Pingle
03:47 PM Revision 72d8453d: Don't test if a cert is in use here, you could in theory use a cert for a user and a server.: Jim Pingle
01:55 PM Bug #1402: When creating a QinQ it works until reboot.: Ok here are some screenshots:
1. First I create the QinQ with the SVLAN 13 and as member the VLAN 1000.
!1.png!
... Juan José Ponce Domínguez
05:30 AM Bug #1402: When creating a QinQ it works until reboot.: Please provide the logs and screenshots to help with this. Ermal Luçi
10:58 AM pfSense Packages Bug #1385: Open-VM-Tools not working anymore: I can confirmed this issue on i386 platform :... Charles AMPEAU
10:55 AM Bug #1342: kernel crash with RC1 on vmware: I just reinstalled to i386 (and change VM type to FreeBSD 32bits). It seems much more stable now...
Let's wait a f... Charles AMPEAU
08:05 AM Bug #1413: PPPoE connection disconnects consistently: here is an attachment of the packet capture done on the WAN interface. Ping was initiated as soon the PPPoE connectio... Calvin Teh
07:56 AM Feature #1424 (Closed): OpenVPN entry on interface groups: It would be consistent to add/show the OpenVPN, PPPoE, PPTP, etc.. under interface groups as permanent entries since ... Ermal Luçi
07:27 AM pfSense Packages Bug #1423 (Resolved): Open-VM-Tools package script files broken in 2.0rc-1: /usr/local/pkg/open-vm-tools.inc seems to have issues.
One of which is an erroneous "A " at the end of a here doc ... John Doe
07:10 AM Feature #1422 (Closed): short voucher codes: Please add an option for shorter voucher codes. For home use 5 or 6 chars codes would be sufficient instead of the or... Pavel Pilat
03:38 AM Bug #1418: SNMP bind to LAN: Thanks Ermal, lastest snapshot is OK.
Regards Charles AMPEAU

04/06/2011

11:53 PM Revision 8fee59d6: Fix link; use same message for missing certs.: Jim Pingle
11:41 PM Revision 0930bd01: Make the default openvpn cert authority message a bit relaxed and let user know about the wizard option as well: Scott Ullrich
11:31 PM Bug #1402: When creating a QinQ it works until reboot.: mmmm...sorry because I am not giving any screenshot, but im not at the office right now.
I have been testing like ... Juan José Ponce Domínguez
10:56 PM Bug #1421 (Rejected): Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: Disconnecting PPTP VPNs drops IPsec when using a public IP as the PPTP server IP, which is an incorrect configuration... Chris Buechler
10:47 PM Bug #1420 (Resolved): Changing a WAN's type from PPPoE to other breaks it: When a WAN interface set for PPPoE is switched to any other type, it breaks it, as it leaves that interface assigned ... Chris Buechler
07:01 PM Bug #1381: GRE tunnel interface IP address updated after reboot only: It's work. please update documentation Zeev Zalessky
06:23 PM Revision 87bb66af: Correct text to include PPTP as well.: Ermal LUÇI
06:22 PM Revision 9a36dc9d: Resolves #1391. Bring back VPN auto rule disable advanced setting.: Ermal LUÇI
05:36 PM Revision ab75b4ee: CRL is read in as an array now, so even in the imported config it will appear to be an array even though it can only have one value. Fixes #1358: Jim Pingle
05:14 PM Revision 6177fd92: Fixup text.: Jim Pingle
04:55 PM Revision 557300a7: Actually re-parse the config if a valid config was not written. (Should help stop installs from blowing up on failed config upgrades). Save the bad config for inspection, and print a message to the console about what was done.: Jim Pingle
02:59 PM Revision 4c613f84: Correct error message for gateways to report down when the gateway is down and not high latency.: Ermal LUÇI
02:58 PM Revision 19d91466: Another sweep at keeping the default route always present when the default setup route is marked as down. This now adds checks for configuration where a defaultgw is not specified by the user but deduced automatically.: Ermal LUÇI
02:26 PM Bug #802: Interface reassignment with VLANs after config restore to diff hardware doesn't work: Forward to me to take a look. Ermal Luçi
02:25 PM Bug #1391 (Feedback): Disable auto-added VPN rules missing: Applied in changeset commit:"9a36dc9d241e004e7bcdec25def3b7b0c9d94cff". Ermal Luçi
02:23 PM Bug #1410: pfSense remains without default route: Another improvement was committed related to this.
It now considers gateways that are not marked as default in the GUI. Ermal Luçi
10:54 AM Bug #1410: pfSense remains without default route: Ermal Luçi wrote:
> A setup with multiple WANs can losse its default route when its gateway is marked as down from a... Andrea Gambacorta
01:45 PM Bug #1358 (Feedback): OpenVPN Upgrade Issue: Applied in changeset commit:"ab75b4ee5475fe1be718cb0e93d0a34f293c5ed0". Jim Pingle
11:30 AM Bug #1417 (Feedback): OpenVPN client specific overrides doesnt work by default: I know for a fact this works without doing that, need more info. Chris Buechler
10:49 AM Revision d10da0f9: Resolves #1418. Correct test to actully do what's intended.: Ermal LUÇI
10:43 AM Bug #1342: kernel crash with RC1 on vmware: are these all 64 bit? Chris Buechler
07:28 AM Bug #1342: kernel crash with RC1 on vmware: Same problem here... With lastest snapshot update applied (pfSense-Full-Update-2.0-RC1-amd64-20110405-1827.tgz)
!k... Charles AMPEAU
10:42 AM Revision 5766add8: If the supplied gateway is all ones(255.255.255.255) do not report it as a gateway since its useless.: Ermal LUÇI
10:41 AM Bug #1419 (Rejected): Incorrect Intel License information in dmesg: just a fact of the Intel driver, we don't include doc. You'll have to get it from a stock FreeBSD. Chris Buechler
10:26 AM Bug #1419 (Rejected): Incorrect Intel License information in dmesg: Running:
FreeBSD fw 8.1-RELEASE-p2 FreeBSD 8.1-RELEASE-p2 #1: Tue Apr 5 17:09:22 EDT 2011 sullrich@FreeBSD_8.0_pfS... Ken Seefried
10:16 AM Bug #1407 (New): GUI is sluggish without working DNS: That may help with multi-wan, but doesn't help the case when there is only one WAN, or all WANs are down. Jim Pingle
05:28 AM Bug #1413: PPPoE connection disconnects consistently: will furnish with a screenshot since the VM is disabled at the moment. However what I have configured on the WAN inte... Calvin Teh
04:57 AM Bug #1413: PPPoE connection disconnects consistently: Show your pppoe configuration please Ermal Luçi
04:53 AM Bug #1418 (Resolved): SNMP bind to LAN: Thanks committed. Ermal Luçi
04:41 AM Bug #1418 (Resolved): SNMP bind to LAN: Hi,
With 2.0, it's impossible to make bsnmpd bind to LAN. It's very usefull when we want to access SNMP data from ... Charles AMPEAU
02:01 AM Bug #1351: Mobile IPsec no traffic pass trough after 2nd connect after 5 minutes: Rob Eckel wrote:
> I solved the problem that I was experiencing today. I noticed that the step of the connection th... Rob Eckel
12:49 AM Bug #1351: Mobile IPsec no traffic pass trough after 2nd connect after 5 minutes: I solved the problem that I was experiencing today. I noticed that the step of the connection that it was stalling o... Rob Eckel

04/05/2011

07:55 PM Revision 262595f0: Unbreak inetd.conf generation to avoid entries containing Array entries. This gixes nat reflection and a spamming of the system with nc processes with wrong parameters.: Ermal LUÇI
03:55 PM Bug #1417: OpenVPN client specific overrides doesnt work by default: yeah, dunno how to change the attributes... :) I'm talking about an installation inside kvm with 2.0 rc1. Raffael Schmid
02:53 PM Bug #1417 (Resolved): OpenVPN client specific overrides doesnt work by default: Hi
I wanted to use the "client specific overrides"-feature. But it didn't push the configuration until I put the f... Raffael Schmid
03:54 PM Bug #1415 (Feedback): Nat reflection is installing rules with 'Array': Just committed a fix for this.
https://rcs.pfsense.org/projects/pfsense/repos/mainline/commits/262595f0d5756ad4411e3... Ermal Luçi
09:22 AM Bug #1415: Nat reflection is installing rules with 'Array': 19001 dgram udp nowait/0 nobody /usr/bin/nc nc -u -w 2000 Array 25535
19002 dgram udp nowait/0 nobody /usr/bin/nc ... Scott Ullrich
09:21 AM Bug #1415 (Resolved): Nat reflection is installing rules with 'Array': This leads to 10K+ nc processes which never go away and at some point will exhaust your firewalls resources.
Scott Ullrich
03:16 PM Revision 5b64e336: Fix variable name: Jim Pingle
03:02 PM Bug #1107: mpd on AMD64 generates invalid checksums with NAT: I tried this with the same result as before. Lowered the MTU on the OpenVPN interface to match the MTU of the PPTP in... Andreas Winge
11:02 AM Bug #1416 (Rejected): RRD failures for Traffic and Packets graphs: It works for me on the most recent snapshot with fresh rrd files. Try to rm /var/db/rrd/* and press save on the RRD s... Jim Pingle
10:12 AM Bug #1416 (Rejected): RRD failures for Traffic and Packets graphs: None of the Traffic and Packet graphs work on my ALIX.2D3 systems for the latest builds. Here's a sample output for a... Alex Vergilis
08:18 AM Bug #1414 (Closed): dhclient fail on wifi: If using dhcp on a wifi interface dhclient fails because it is executed before wpa_supplicant is finished configureri... Torben Hørup
06:08 AM Feature #1411: Gateway Group as default gateway: I could see use for this too. Jonathan Puddle
05:28 AM Bug #1351: Mobile IPsec no traffic pass trough after 2nd connect after 5 minutes: Hi,
Tested again , tried many different situations. They all have the same problem.
It's definitely a routing/fil... ronald meulendijks
03:57 AM Bug #1351: Mobile IPsec no traffic pass trough after 2nd connect after 5 minutes: One thing that is different in my setup is that the other end is racoon as well, not shrewsoft client. With the racoo... Andy Giles
02:18 AM Bug #1413 (Closed): PPPoE connection disconnects consistently: ISP uses VLAN 500 to provide VDSL2 connectivity through a Huawei HG655A BTU. VLAN tagging is done on a separate Mikro... Calvin Teh

04/04/2011

09:23 PM Bug #1347: ntpd not starting: The script /usr/local/sbin/ntpdate_sync_once.sh is looping until the initial synchro with ntpdate is sucessfull. Once... Pierre POMES
05:41 PM Revision 0ef48aed: Make sure all themes have the right colors defined.: Jim Pingle
03:42 PM Bug #1401: VLANs and Web settings "TCP Segmentation Offload": I´m on a bussiness trip and can check that first on Friday... Sorry. Stefan Voni
09:44 AM Bug #1401: VLANs and Web settings "TCP Segmentation Offload": Can you please verify that after saving the new options under system->advanced for disabling TSO and than going to th... Ermal Luçi
03:05 PM Revision 1309fadd: <script/> tags are put in the function build_javascript no need to put them here. Prevents errors reported at:http://forum.pfsense.org/index.php/topic,34139.0.html: Ermal LUÇI
01:42 PM Revision f599d893: Merge remote-tracking branch 'mainline/master' into inc: Conflicts:
etc/inc/shaper.inc Vinicius Coque
12:17 PM Bug #802 (New): Interface reassignment with VLANs after config restore to diff hardware doesn't work: Changing back to new. I have a configuration file here that will utterly wreack havoc if someone wants to take a lo... Scott Ullrich
11:09 AM Revision 1d60ed9b: Try to always keep pfSense with a default gateway to avoid errors for service running from pfSense itself. Previously PBR should be configured for such services. While PBR is a better fix this at least keeps users from complaining in simple setups. Reported by many.: Ermal LUÇI
11:01 AM Bug #1412 (Resolved): Assign a user the "WebCfg - System: User Manager Page" does'nt allow access: When trying to add to a blank user the following rights :
WebCfg - System: User Manager page
WebCfg - System: Us... Geoffrey Chavepeyer
10:32 AM Revision f206afb5: On interface ip change reload even igmpproxy. Reported-by: http://forum.pfsense.org/index.php/topic,34372.0.html: Ermal LUÇI
10:24 AM Revision 056df2d9: Add -a to include all updaterrd.sh scripts running and also remove top killing since its not used anymore in stat gathering.: Ermal LUÇI
09:31 AM Bug #1408: DHCP DNS servers still get routes even if allow override is unchecked: Seems like a pretty bad bug if you checked the option to ignore the DNS servers and yet they get static routes. I'd p... Jim Pingle
09:24 AM Bug #1408: DHCP DNS servers still get routes even if allow override is unchecked: This is caused by the dhclient script.
I do not think this should be fixed for 2.0 as this has been the behavior unt... Ermal Luçi
09:17 AM Bug #1407 (Feedback): GUI is sluggish without working DNS: Can you try a snapshot from tomorrow.
I fixed #1410 and that would fix this as well. Ermal Luçi
09:03 AM Bug #1381: GRE tunnel interface IP address updated after reboot only: On step3 you just enable the interface and leave it as type none.
That will make your GRE work. Ermal Luçi
07:47 AM Feature #1411 (Duplicate): Gateway Group as default gateway: Hi,
can i propose the feature in subject?
Now if the default gateway go down pfsense arent able to download the p... Andrea Gambacorta
06:51 AM Bug #1342: kernel crash with RC1 on vmware: This seems like a hardware problem.
Either motherboard or your harddisk controller! Ermal Luçi
05:44 AM Bug #1342: kernel crash with RC1 on vmware: Here is a backtrace screenshot.
I don't know if it helps you...
Thomas NOEL
05:15 AM Bug #1410 (Resolved): pfSense remains without default route: A setup with multiple WANs can losse its default route when its gateway is marked as down from apinger.
This results... Ermal Luçi

04/03/2011

08:30 PM Bug #636: layer7 not work correctly: +1 for this not working.
I have a bridged interface (one WLAN and one LAN) but tried it without the bridged inte... Rob Lister
12:49 PM Bug #1409 (Rejected): Open VM Tools install error: duplicate Chris Buechler
10:17 AM Bug #1409 (Rejected): Open VM Tools install error: Beginning package installation for Open-VM-Tools...
Downloading package configuration file... done.
Saving updated ... Ralf Wessling
10:07 AM Bug #373: Package Manager not available in menus: Packages cannot be used from the LiveCD, and there is no way to support them while running from the LiveCD. Adding pa... Jim Pingle
09:53 AM Bug #373: Package Manager not available in menus: I'm running version 1.2.3-RELEASE and no option in the system menu to add packages either. If it's related to runn... J Smith

04/02/2011

01:28 PM Bug #1381: GRE tunnel interface IP address updated after reboot only: after full configuration of pfSense including all wan (4 interfaces)and all lan interfaces (3 interfaces) i started t... Zeev Zalessky
12:57 PM Bug #1408 (Resolved): DHCP DNS servers still get routes even if allow override is unchecked: If you have hardcoded DNS servers and _uncheck_ "Allow DNS server list to be overridden by DHCP/PPP on WAN", DNS serv... Jim Pingle
12:52 PM Bug #1407 (Resolved): GUI is sluggish without working DNS: If you don't have functional DNS, the GUI can be extremely sluggish.
Common scenario to reproduce:
* Multi-WAN se... Jim Pingle
09:36 AM Bug #1351: Mobile IPsec no traffic pass trough after 2nd connect after 5 minutes: Hi,
I have altered the Racoon.conf with the solution Andy Giles suggested. But no luck unfotunally.
altered the s... ronald meulendijks
05:31 AM pfSense Packages Feature #1406 (Resolved): Update LCDProc to v0.5.4: The new version has updated drivers for LCD Panels (many patches to the existing ones and new drivers added).
The f... Michele Di Maria
05:10 AM Feature #1405 (Duplicate): Show interface in the Floating Rules list: Since Floating Rules can apply to different interfaces, it would be useful if in the list this information was visibl... Michele Di Maria
02:34 AM Feature #1404 (Closed): Broadcom 10GbE bxe Driver: it'll automatically be available when that version of FreeBSD is a stable release and we put out a release based on i... Chris Buechler
01:59 AM Feature #1404 (Closed): Broadcom 10GbE bxe Driver: It looks like the Broadcom 10GbE driver (BCM57710/BCM57711) is now out. It would be great to have it included in pfSe... Thomas M

03/29/2011

10:17 PM Bug #1394 (Resolved): MTU does not reset: Version Info:
2.0-RC1 (amd64)
built on Sat Mar 26 00:18:39 EDT 2011
Steps to reproduce:
1. Go to Interfaces ->... Erik Chow
05:17 PM pfSense Packages Bug #1385: Open-VM-Tools not working anymore: the pkg_config.8.cml changes were now pushed to git, please ignore the message before... Anonymous
05:13 PM pfSense Packages Bug #1385: Open-VM-Tools not working anymore: We need to fix the automated build process, not upload new binaries. Jim Pingle
05:12 PM pfSense Packages Bug #1385: Open-VM-Tools not working anymore: please add this to pkg_config.8.xml as i cannot commit now :-(
<package>
<name>Open-VM-Tools</name>
<descr>... Anonymous
04:58 PM pfSense Packages Bug #1385: Open-VM-Tools not working anymore: it's build for http://files.pfsense.org/packages/8/All
it's the x86 build Anonymous
04:55 PM pfSense Packages Bug #1385: Open-VM-Tools not working anymore: the following packages can be found at http://pfsense.trendchiller.com/packages/
fusefs-kmod-0.3.9.p1.20080208_7.t... Anonymous
04:36 PM Revision bca0472d: Merge remote-tracking branch 'mainline/master' into inc: Conflicts:
etc/inc/voucher.inc Vinicius Coque
04:22 PM Bug #1391: Disable auto-added VPN rules missing: Yes you can override it but those who upgrade need the exact same functionality they had before without changing anyt... Chris Buechler
03:37 PM Bug #1391: Disable auto-added VPN rules missing: Well in 1.2.3 you could not override these settings at all while on 2.0 you can!
I do not think the setting is neces... Ermal Luçi
12:26 AM Bug #1391 (Resolved): Disable auto-added VPN rules missing: $config['system']['disablevpnrules'] in 1.2.3 disabled the auto-added WAN rules for IPsec and PPTP (and tun rules for... Chris Buechler
04:00 PM Revision a5187d43: Check for "aes 256" as IPsec encryption type, not just rijndael.: Jim Pingle
03:33 PM Bug #1393 (Closed): IPSec Xauth: Regarding this thread(http://forum.pfsense.org/index.php/topic,34135.0.html) racoon needs to be patched to allow XAut... Ermal Luçi
03:30 PM Bug #1318: Certificate error: certificate subject does not match signing request subject: I can also confirm this issue.
2.0-RC1 (i386)
built on Mon Mar 28 16:09:59 EDT 2011
The CSR (included) was ... Mark Laagland
03:27 PM Feature #1392 (Rejected): XMPP (Jabber) Notifications/Alerts: Would be great to have an option in the GUI, to send notifications to an XMPP account. Then you can receive messages ... Ken B
03:06 PM Revision 92273f24: Fix spamd rrd graph command.: Jim Pingle
01:54 PM Revision 49bb5c07: Add some upgrade code for IPsec mobile clients. Passes php -l but needs more testing.: Jim Pingle
12:25 PM Todo #576 (Feedback): Make sure IPsec upgrade code properly handles mobile clients: There was no IPsec mobile client upgrade code at all. I committed some with commit:49bb5c0 and it seems to work prope... Jim Pingle
12:02 PM Bug #1389: services don't start: Ok, I will configure again and see what happens. I am pretty sure that I configured bandwidthd. In any case, the wi... Erik Chow
09:11 AM Revision b0eaa10c: Trim spaces out to avoid problems from explode.: Ermal LUÇI
08:19 AM Revision ad6df0b3: Add back gre allowing rules since they are needed.: Ermal LUÇI
02:29 AM Bug #1317 (Resolved): Voucher database synchronization: thanks Chris Buechler
02:09 AM Bug #1317: Voucher database synchronization: Hi,
this can be closed. It is working now.
Thnx a lot
stefan Stefan baldus

03/28/2011

05:55 PM pfSense Packages Bug #1390 (Resolved): pfflowd amd64 binary missing: since the v0.8 pfflowd upgrade, the amd64 binary is missing Steve Beaudoin
05:51 PM Revision 75c8044a: Allow TCP and UDP for DHCP failover traffic.: Jim Pingle
04:26 PM Bug #1389 (Rejected): services don't start: you have to configure them before they will start. This isn't specific enough to be a legit bug report, please see
h... Chris Buechler
04:23 PM Bug #1389 (Rejected): services don't start: Version Info:
2.0-RC1 (amd64)
built on Sat Mar 26 00:18:39 EDT 2011
I installed bandwidthd (version 2.0.1.2), d... Erik Chow
04:17 PM Revision c6dfd289: In IPsec, s/mobileclients/client/, this was changed long ago in the config but not everywhere followed.: Jim Pingle
02:46 PM Revision 8f587b1d: Correct PPTP Clients alias address. The PPTP server address was been utlized instead, which resulted in an incorrect firewall rule when 'PPTP Clients' was configured.: Warren Baker
11:06 AM Feature #1388 (New): 3G outbound failover connection with auto dial-up and hang-up: I would like to see implemented a feature to use an USB 3G modems as a failover (not balancing) dial-up connection (*... Pio Pii
10:37 AM Revision 7f2c8034: Test the existence of route_vpn_gateway variable and if set use it as a gateway. Recommended-by: http://forum.pfsense.org/index.php/topic,24436.msg158589.html#msg158589: Ermal LUÇI
07:53 AM Bug #1243: GUI/Backend code needs updated after multi-PPPoE-server code switch: FWIW, the /etc/inc/filter.inc portion of Vinícius Coque's patch fixes my problem of PPPOE rules not being created for... Deon George
06:50 AM Bug #636: layer7 not work correctly: I can't tell. My system log is entirely saturated with "ipfw-classifyd: unable to write to divert socket: No buffer s... Jonathan Puddle
06:28 AM Bug #636: layer7 not work correctly: Do you have on your logs any information as 'identified proto(http)' ? Ermal Luçi
05:25 AM Bug #636: layer7 not work correctly: Using 2.0-RC1 (i386) built on Mon Mar 28 00:15:15 EDT 2011, and the error message is now gone (thanks!), but I am sti... Jonathan Puddle
06:32 AM Bug #1381: GRE tunnel interface IP address updated after reboot only: No you do not assign GRE as OPT7 but you assign GRE as OPT8 or more :) Ermal Luçi
12:12 AM Bug #1318: Certificate error: certificate subject does not match signing request subject: I am having the same issue. I tried to use a register.com SSL cert, which has intermediate CAs. Upon getting the ce... Erik Chow

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

04/26/2011

04/25/2011

04/24/2011

04/23/2011

04/22/2011

04/21/2011

04/20/2011

04/19/2011

04/18/2011

04/17/2011

04/16/2011

04/15/2011

04/14/2011

04/13/2011

04/12/2011

04/11/2011

04/10/2011

04/09/2011

04/08/2011

04/07/2011

04/06/2011

04/05/2011

04/04/2011

04/03/2011

04/02/2011

04/01/2011

03/31/2011

03/30/2011

03/29/2011

03/28/2011