Activity

30 days up to

User

Subprojects

Activity

From 04/20/2011 to 05/19/2011

05/19/2011

10:45 PM Bug #1546 (Closed): Traffic Shaper fails to handle UDP traffic: I and some others are having problems with the traffic shaper handling UDP traffic, the traffic dont pass thru the as... Guilherme Barreto
10:07 PM Bug #1545 (Resolved): Dynamic DNS updates fail on 3G connections: I'm having (and have been having for a long time with 2.0, even pre-RC) problems with the dynamic DNS service not upd... Ross Williamson
09:03 PM Revision b7d56b64: Fixes #1508. When an interface is configured as static and an up event comes manually trigger rc.newwanip so gateway and other services get restarted properly.: Ermal LUÇI
06:51 PM Revision e4aa1eae: Merge remote branch 'upstream/master': Jim Pingle
06:47 PM Revision 43a68abc: Fix clearing of PPTP/PPPoE/L2TP server raw logs. Fixes #1340: Jim Pingle
06:41 PM Bug #1386: Nested port aliases causes "Unknown port" error upon loading filters: Please find the requested files attached.
The error occured when I create a port alias group "HR_Orion", containin... Frank Zavelberg
06:26 PM Revision 51f8a7f8: Correct password variable name for input validation test on PPTP users. Fixes #1239: Jim Pingle
06:26 PM Feature #1520: Option to disable the automatic default gateway (re)selection: Seth's referring to ESP rather than GRE there Chris Buechler
07:32 AM Feature #1520: Option to disable the automatic default gateway (re)selection: One of the issues that came up was with Racoon. Even if the default gateway came back to the WAN interface the tunnel... Seth Mos
05:35 PM Bug #1433: Config sync causes CARP state change: I have made changes on the system which should fix this.
Please test latest snaps. Ermal Luçi
05:34 PM Revision bac9941b: Reject alias names that are too long. Fixes #1510: Jim Pingle
05:30 PM Bug #1342 (Closed): kernel crash with RC1 on vmware: No more interest from the author. Ermal Luçi
05:22 PM Bug #1523: DHCP settings checks only one interface IP via ifconfig to validate settings: Well you can't have two active subnets on an interface for DHCP, so it doesn't make sense to make another tab when it... Jim Pingle
05:19 PM Bug #1523: DHCP settings checks only one interface IP via ifconfig to validate settings: Well i would like this to be closed or turned to a feature.
The way dhcpd is configured from GUI is trhough tabs tha... Ermal Luçi
05:05 PM Bug #1508 (Feedback): Wan Fai lback: Applied in changeset commit:b7d56b6412280d9dde10af0175dcc84eb75a85f2. Ermal Luçi
04:54 PM Revision 12ac39e8: Merge remote branch 'upstream/master': Conflicts:
conf.default/config.xml Jim Pingle
04:51 PM Revision dfa6deda: Fix array parsing of rc files. Resolves #1541: Jim Pingle
04:41 PM Feature #1544 (Resolved): Syslog Features: If possible would you consider adding any/all of the following features to syslog host fields in diag_logs_settings.p... Alex Vergilis
04:37 PM Bug #1543: 2 Different Simultaneous OpenVPN Clients - Packet Loss: K Mullin wrote:
> I have tried individual Outbound NAT rules for each OPT interface, this actually doesn't work even... K Mullin
04:24 PM Bug #1543: 2 Different Simultaneous OpenVPN Clients - Packet Loss: Attached are original tcpdumps of a few ICMP packets. As well as a screenshot of the Outbound NAT rules.
I have tr... K Mullin
04:10 PM Bug #1543: 2 Different Simultaneous OpenVPN Clients - Packet Loss: Uploads to here should be fixed. It would be helpful to see exactly how your outbound NAT rule(s) are configured.
... Jim Pingle
03:35 PM Bug #1543: 2 Different Simultaneous OpenVPN Clients - Packet Loss: I've tried assigning both OpenVPN instances to an OPT interfaces, this does not seem to have any effect.
Which con... K Mullin
03:03 PM Bug #1543: 2 Different Simultaneous OpenVPN Clients - Packet Loss: Do you have both of these OpenVPN interfaces assigned as OPT interfaces?
Seeing your full config might be helpful.... Jim Pingle
02:56 PM Bug #1543 (Closed): 2 Different Simultaneous OpenVPN Clients - Packet Loss: 2.0-RC2 (i386) (NANOBSD)
built on Sun May 15 04:00:16 EDT 2011
I'm using a recent build, and I have 2 simultaneo... K Mullin
03:08 PM Revision c1f4af16: Show the DUID instead of the MAC. Fix online test.: Jim Pingle
02:50 PM Bug #1340 (Feedback): PPTP Rar "Clear Log" button does not work: Applied in changeset commit:43a68abc9d16878cedac8ffda46fc12af5bb18ef. Jim Pingle
02:44 PM Revision bcb24b81: Misc DHCPv6 lease view improvements (at least shows the IP...): Jim Pingle
02:35 PM Bug #1336: PPTP VPN NAT on WAN or other external interface: I have setup multiple PPTP servers on i386 within the last week, and it worked fine, including NAT out to the Interne... Jim Pingle
02:25 PM Bug #1239 (Feedback): PPTP - Assign password to a user with ñ: Applied in changeset commit:51f8a7f8d553ff4418168e9840b0f01a49e9ed6f. Jim Pingle
02:19 PM Bug #1049 (Resolved): After reinstalling packages at bootup, WebUI not accessable (NanoBSD): Closing this out. The underlying cause of the original errors have been fixed, and if there are any left they are pac... Jim Pingle
01:42 PM Bug #1535 (Closed): Special Characters in IPsec PSK can cause problems: This was something else entirely, a red herring. Jim Pingle
01:38 PM Bug #1522 (Resolved): Changing interface IP doesn't (always?) remove old interface IP: Confirmed this is fixed now. Jim Pingle
01:35 PM Bug #1510 (Feedback): Aliases names over 32 characters in length cause table problem errors: Applied in changeset commit:bac9941b5ea3fb67f7203726d426afdf84576150. Jim Pingle
01:15 PM Bug #1541: /etc/rc.start/stop_packages do not start/stop .sh files: Applied in changeset commit:dfa6dedad7a3741cc621669077304f44c2c79467. Jim Pingle
01:13 PM Bug #1541 (Feedback): /etc/rc.start/stop_packages do not start/stop .sh files: Should be fixed by https://github.com/bsdperimeter/pfsense/commit/dfa6dedad7a3741cc621669077304f44c2c79467 Jim Pingle
08:25 AM Bug #1541 (Resolved): /etc/rc.start/stop_packages do not start/stop .sh files: Hi,
foreach doesn't works after array_flip()...
=================
--- ./etc/rc.start_packages.orig 2011-05... Thomas NOEL
12:56 PM Revision 153fa447: Fix conf.default version: Jim Pingle
12:56 PM Revision a83d01d8: Fix conf.default version: Jim Pingle
12:50 PM Revision 27d0722d: Merge remote branch 'upstream/master': Jim Pingle
11:00 AM Bug #1542: Fatal Error during Upgrade from 2.0-RC1 to latest snapshot 2.0-RC2<May 18 built>: created forum thread: http://forum.pfsense.org/index.php/topic,36898.0.html Epi Salamanca
10:32 AM Bug #1542 (Feedback): Fatal Error during Upgrade from 2.0-RC1 to latest snapshot 2.0-RC2<May 18 built>: That error would point to your config being empty or unparseable. Look farther back in the boot log for more detail. ... Jim Pingle
10:27 AM Bug #1542 (Closed): Fatal Error during Upgrade from 2.0-RC1 to latest snapshot 2.0-RC2<May 18 built>: Hi,
I've just upgraded from pfSense-2.0-RC1-i386-20110226-1530.iso
to latest snapshot (pfSense-2.0-RC1-i386-2011... Epi Salamanca
07:19 AM Bug #1540: Captive Portal Vouchers Synchronization: It is not an autocomplete problem, I did the test on several browsers and computers.
I tried to delete the credent... Toon Vandenneucker
06:51 AM Bug #1540: Captive Portal Vouchers Synchronization: Toon Vandenneucker wrote:
> I know I can't do that, but I can't make the master stop from synchronizing its database... Michele Di Maria
04:24 AM Bug #1540: Captive Portal Vouchers Synchronization: I know I can't do that, but I can't make the master stop from synchronizing its database from the slave.
Even when I... Toon Vandenneucker
03:45 AM Bug #1540 (Feedback): Captive Portal Vouchers Synchronization: it sounds like you're syncing from the slave to the master and the master to the slave, you can't do that. Chris Buechler
03:25 AM Bug #1540 (Closed): Captive Portal Vouchers Synchronization: I've set up two teaming firewalls. On the master, I've defined a voucher roll.
When I want my slave to retrieve the ... Toon Vandenneucker

05/15/2011

08:50 PM Bug #1529 (Feedback): bug related to ID: 57f2840e1faacf50b1a93d7954bb576eca77475b: Applied in changeset commit:4e4de1d1af14cd8849418ca46c144966a8129a4c. Ermal Luçi
10:56 AM Bug #1529 (Resolved): bug related to ID: 57f2840e1faacf50b1a93d7954bb576eca77475b: i get this under dhcp leases and arp table
Warning: file(/usr/local/share/nmap/nmap-mac-prefixes): failed to open ... Bipin Chandra
07:15 PM Revision dcbbcf64: Remove onlink flags: Seth Mos
02:28 PM Feature #1530: Super vlan(RFC 3069): I forgot to mention that in the post above, translated from google, the vlans from ng_vlan can be safely exchanged wi... Ermal Luçi
02:27 PM Feature #1530 (Needs Patch): Super vlan(RFC 3069): According to this forum post http://forum.pfsense.org/index.php/topic,36722.msg189344.html#msg189344 the super-vlan c... Ermal Luçi
09:58 AM Feature #1431: PPPoE LQR Echo: updated to RC2 build on 15th May .. PPPoE connection does not disconnect at all, are there any changes on the ppp mod... Calvin Teh

05/14/2011

10:44 PM Revision 325e3163: Merge branch 'master' into smos-ipv6: Conflicts:
etc/inc/pfsense-utils.inc Bill Marquette
08:31 PM Revision 3f9492a7: Remove a space, this prevents the dhcp server from starting: Seth Mos
06:02 PM Todo #1528 (Resolved): Automatic outbound NAT from localhost needs a little work: Recently Ermal added rules for automatic outbound NAT to NAT from localhost out WAN, this works fine, but switching t... Jim Pingle
04:23 PM Revision 4450527f: Fix small typo: Evgeny Yurchenko
04:23 PM Revision 57f2840e: MAC prefix to vendor resolution at Status->Interfaces, Status->DHCP leases, Diagnostics->ARP table: Evgeny Yurchenko
04:16 PM Revision 92ca10c1: Merge branch 'axscode-pfs': Bill Marquette
04:08 PM Revision 23b774e0: Merge branch 'master' into yakatz-ssl: Bill Marquette
03:48 PM Revision 2ad2758f: Merge branch 'drcookie-he.net': Bill Marquette
03:44 PM Bug #1527: route-to should not override static routes: The point of policy routing is to override the system routing table, you don't want it to care at all about the routi... Chris Buechler
10:49 AM Bug #1527 (Closed): route-to should not override static routes: As it is today route-to in pf(4) does not check for any static routes before sending the packet.
In 1.2.3 there were... Ermal Luçi
03:08 PM Revision fed025ea: Teach row_helper about ipv6, should fix issue found here:: http://forum.pfsense.org/index.php/topic,36709.0.html Bill Marquette
02:53 PM Bug #1514: Limiters not syncing: Which part of the traffic shaper are you talking about?
Layer7, limiters or queues?
Ermal Luçi
02:39 PM Revision 8ea77433: Added HE.net (dns.he.net) to the list of available dyndns services.: Chris Wells
01:59 PM Revision 4e4de1d1: Resolves #1529. Check if the file exists before opening it.: Ermal LUÇI

05/13/2011

09:27 PM Bug #1526: OpenVPN Wizard created duplicate rules: I probably did leave it checked, and users certainly can change the rules. Still it might not hurt to do a quick scan... Chad Hower
07:54 PM Bug #1526: OpenVPN Wizard created duplicate rules: If you uncheck the box that tells the wizard to create the rules on the last step, it shouldn't make them. If you unc... Jim Pingle
06:24 PM Bug #1526 (Needs Patch): OpenVPN Wizard created duplicate rules: if you tell it to add a rule, it's going to add a rule. Chris Buechler
05:43 PM Bug #1526 (Needs Patch): OpenVPN Wizard created duplicate rules: Every time the openvpn wizard is run, it creates a new *:* rule in the OpenVPN Firewall Rules. This creates a lot of ... Chad Hower
07:24 PM Revision 5e80046a: Resolves #1524. USe the correct field from netstat parsed output.: Ermal LUÇI
05:37 PM Bug #1525 (Feedback): OpenVPN passtos does not work: Chris Buechler
08:51 AM Bug #1525: OpenVPN passtos does not work: Any way to try that same test compiling it on a FreeBSD client?
It's probably a FreeBSD-specific issue, if that's ... Jim Pingle
08:49 AM Bug #1525: OpenVPN passtos does not work: Just compiled
OpenVPN 2.2.0 x86_64-unknown-linux-gnu [SSL] [EPOLL] [eurephia] built on May 13 2011
and it work... Torsten Vielhak
08:15 AM Bug #1525: OpenVPN passtos does not work: It's working with Linux OpenVPN 2.1.1 x86_64-redhat-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Jan 5 2010
w... Torsten Vielhak
08:02 AM Bug #1525: OpenVPN passtos does not work: The keyword is in the config, see below. I will try an openvpn linux client. I think setting the TOS field is very OS... Torsten Vielhak
07:55 AM Bug #1525: OpenVPN passtos does not work: Does the passtos keyword appear in your OpenVPN config in /var/etc/openvpn/ for the tunnel?
If the keyword appears... Jim Pingle
07:51 AM Bug #1525 (Resolved): OpenVPN passtos does not work: I set up an OpenVPN tunnel, everthings works fine but if I try to use the passtos option of OpenVPN, the TOS Bits are... Torsten Vielhak
05:27 PM Revision e7237dd0: Fix interface recognition for diag > arp. It was't seeing wireless interfaces properly.: Jim Pingle
05:09 PM Revision b45630bf: Fix whitespace.: Jim Pingle
05:07 PM Revision f1273b82: Sync with dhcp leases reading code.: Jim Pingle
04:25 PM Bug #1524 (Feedback): Dhcrelay not running when DHCP server not in same subnet.: Applied in changeset commit:"5e80046a6b76d79356c3c24830cccd48ff144255". Ermal Luçi
04:09 AM Bug #1524 (Resolved): Dhcrelay not running when DHCP server not in same subnet.: Hello everybody,
I found a bug : if you activate DHCP Relay and provide a DHCP server not in the network from sele... Alexis Olivier
02:25 PM Bug #1519 (Feedback): sshlockout truncates ip: Applied in changeset commit:"08212a218dff0400190dc052c5e73c9ed2fbf18b". Ermal Luçi
01:45 PM Revision 60c5d29b: Test for array before using variable as one.: Jim Pingle
11:43 AM Revision 69be9601: Merge remote branch 'upstream/master': Conflicts:
etc/inc/vslb.inc
etc/version Seth Mos
11:18 AM Bug #1508: Wan Fai lback: I see in the logs "Filter Reload" when wan comes back up. I've also ran the PfSctl -c 'filter reload' manually and i... Phil Parris

05/12/2011

06:04 PM Revision 042578fd: Fix comment: Jim Pingle
05:59 PM Revision dc073abd: Also skip the rewind binding state or leases show expired. Reported at http://forum.pfsense.org/index.php/topic,36657.0.html: Jim Pingle
05:26 PM Revision 2b094d21: This function takes two parameters, fix PHP error. Reported at http://forum.pfsense.org/index.php/topic,36648.0.html: Jim Pingle
05:03 PM Revision eb06ca8e: Revert this change. reload_all() already sends a reload message. Unfortunately there is still something else lurking that causes a delay when loading the wizard step: Scott Ullrich
03:41 PM Revision 9545fe7a: Use send_event(): Scott Ullrich
03:39 PM Bug #1523 (Closed): DHCP settings checks only one interface IP via ifconfig to validate settings: The DHCP configuration checks the IP address of an interface to ensure that the range is valid. However, it only chec... Jim Pingle
03:38 PM Revision 602e9806: Use send_message and issue the reload all operation in the background: Scott Ullrich
03:22 PM Bug #1522 (Resolved): Changing interface IP doesn't (always?) remove old interface IP: When you change the IP of an interface (ex: LAN) using the Interfaces > [name] page, the old IP remains on the interf... Jim Pingle
02:45 PM Revision 1031c9ea: Make autocomplete on the login form optional.: Jim Pingle
01:10 PM pfSense Packages Bug #585 (Closed): Unable to start the ntop service: Installed a few more times and it seems to work fine. Closing the ticket. Jim Pingle
11:28 AM Todo #1521 (New): Multipath Routing GUI Support: It would be nice to have multiple gateways for a given route with metrics that get properly respected for route prefe... Jim Pingle
11:10 AM Feature #1520 (Closed): Option to disable the automatic default gateway (re)selection: The method that moves the default gateway to another gateway when the preferred goes down is very convenient, but we ... Jim Pingle
09:46 AM Bug #1519 (Resolved): sshlockout truncates ip: Reproted here http://forum.pfsense.org/index.php/topic,36641.0.html.
There is a bug in sshlockout where the buffer u... Ermal Luçi

05/11/2011

09:03 PM Revision a1bad141: Fix IPsec descr trimming for rule labels. Ticket #1426: Jim Pingle
08:40 PM Revision b148ab81: Skip step #9 for non pfSense branded installations: Scott Ullrich
08:12 PM Revision 4bc2c676: Test for array/size before foreach: Jim Pingle
08:10 PM Revision 728003c8: Various CRL fixes, handle empty internal CRLs better.: Jim Pingle
07:26 PM Revision 51b9e41d: Reload the wizard and then redirect to a wizard completed step. Prompt the user to donate to the project.: Scott Ullrich
07:02 PM Revision 00c36201: version bump to rc2: Scott Ullrich
06:27 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: The "unrecognized route message ..." log indicates some sort of routing table change that could impact racoon. Run 'r... Chris Buechler
02:43 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: I'm also experiencing the same issue and have had to disable PPTP on our 2.0-RC1 (i386). I get the same message in t... Jason Hoch
01:18 PM Revision cd9fa56b: Fix the input validation, typo in the field name. Mark the prefix delegation range as not required.: Seth Mos
12:20 PM Revision 4edbcf6d: fix accidental linebreak to cause the pid to always return 0: Seth Mos
09:37 AM pfSense Packages Bug #585: Unable to start the ntop service: We're using the latest version of ntop from the FreeBSD ports tree.
The only other thing I can think of that might... Jim Pingle
12:56 AM pfSense Packages Bug #585: Unable to start the ntop service: I did, no way, still stops after few time...
maybe updating ntop to the latest version could help, but anyway it's ... Michele Di Maria

05/10/2011

05:29 PM pfSense Packages Bug #585: Unable to start the ntop service: One of the many joys of ntop... you might try to remove the package and reinstall it, to make sure it's got all of th... Jim Pingle
05:24 PM pfSense Packages Bug #585: Unable to start the ntop service: Hello,
on my secondary machine (CARP as backup) the service starts, but after 1 minute the service stops and I see o... Michele Di Maria
09:07 AM pfSense Packages Bug #585 (Feedback): Unable to start the ntop service: Should be OK now. Try to install/reinstall the package, save the settings, it should start. Jim Pingle
04:00 PM Feature #1518 (Rejected): Openvpn server + bridge: duplicate of #1326 Chris Buechler
03:38 PM Feature #1518 (Rejected): Openvpn server + bridge: I have this interface config on FreeBSD server, and it works ok:
#ifconfig
.....
msk0: flags=8943<UP,BROADCAST,RUN... kropalik -
12:51 PM Revision 9eafb7e2: Properly kill the dhcp6 client: Seth Mos
12:46 PM Revision 9d158467: Save the IPv6 DNS server and search domain to /var/etc/ so that system resolv conf picks it up.: Seth Mos
09:06 AM pfSense Packages Bug #1513 (Closed): Ntop: Duplicate of/same issues as #585 Jim Pingle
08:46 AM Revision c65d3051: Correct the dhcp6c function name, accept router advertisements: Seth Mos
08:42 AM Revision 1a0b04df: Add the new rc.newwanipv6 script. Needs more work. Dhcp6c client does not pass a argument. Always assuming WAN for no: Seth Mos
08:40 AM Revision 0d6dedb9: Prevent incorrect rtadvd.conf generation if the prefix is not yet set on the LAN interface: Seth Mos
05:11 AM Bug #944: Moving VLANs to lagg doesn't remove old VLANs: Bug still exists in 2.0-RC1 (amd64) build on Mon May 9 04:17:17 EDT 2011.
Tested:
# create vlan 66 on em0 -> ifco... Andreas Bochem
04:30 AM Bug #1517 (Closed): Captive Portal sends RADIUS output accounting packets with zero value: There seem to be no proper accounting for the downstream data - only upstream traffic is counted. A check with Wiresh... Mark Dammer

05/09/2011

11:16 PM Bug #1415 (New): Nat reflection is installing rules with 'Array': Chris Buechler
04:17 PM Bug #1415: Nat reflection is installing rules with 'Array': The problem looks still there when rules are applied to "port alias" with multiple entries...
The first entry of th... Michele Di Maria
09:23 PM Revision bfb3e717: Add a prefix pool for prefix delegation. Doesn't work yet. ISC dhcpd complaining about the network mask being too short.: Seth Mos
07:56 PM Bug #1516 (Resolved): EOLs are removed from advanced options in OpenVPN client overrides: That's how it has always worked. Separate statements with semicolons and they will go into the config properly. Jim Pingle
07:55 PM Bug #1516: EOLs are removed from advanced options in OpenVPN client overrides: I see now that the text below says separate by a semi colon, so its "user error". However many users will expect to s... Chad Hower
07:53 PM Bug #1516 (Resolved): EOLs are removed from advanced options in OpenVPN client overrides: OpenVPN, add a client override. Now try to add two lines of overrides in the advanced options. Save. Edit. The EOL wi... Chad Hower
09:49 AM Bug #1515 (Resolved): Upgrading from 1.2.3, Load Balancer Pool to Gateway Group needs to strip invalid characters: The Load Balancer pools on 1.2.3 had a lot looser restrictions on naming than pf does on 2.0's gateway groups.
For... Jim Pingle
08:26 AM Bug #1493: pf blocks all traffic following filter reload.: This system has 1 package listed in "Installed Packages":
Package Name: RRD Summary
Package Version: 1.1
I'll ... Aaron Roberts
04:14 AM Bug #1493: pf blocks all traffic following filter reload.: Somehow it's skipping the entire user generated rules section. The only way that entire section is skipped is if
<... Chris Buechler
07:51 AM Bug #1514 (Resolved): Limiters not syncing: Added some traffic shaping on one of our pf's, made sure Firewall->Virtual IPs->CARP Settings had "Synchronize traffi... Slaygon Censor
07:37 AM Bug #1425: pfSense stops receiving traffic on 'bge' driven interface: We are seeing this error aswell. We can safely push some 200-300 mbit of traffic, but going beyond that will stop tra... Slaygon Censor
04:16 AM Bug #1420 (Resolved): Changing a WAN's type from PPPoE to other breaks it: thanks Chris Buechler
04:09 AM Bug #1420: Changing a WAN's type from PPPoE to other breaks it: Hello
I did some tests on my 2.0-RC1 (i386) built on Thu May 5 00:36:37 EDT 2011 NanoBSD config.
1. Setup PPPo... Peter Baumann

05/08/2011

08:06 PM pfSense Packages Bug #1513 (Closed): Ntop: IN
2.0-RC1 (i386)
built on Sat May 7 22:58:48 EDT 2011
I installed ntop and ...
It does not seem possible ... Joaquim Soares Soares
11:19 AM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: I am trying to replicate after updating to 2.0-RC1 (amd64) built on Sat May 7 23:04:11 EDT 2011 , but i am unable to ... Harry Gonzalez
02:20 AM Revision a9392a4e: Merge branch 'master' of http://gitweb.pfsense.org/pfsense/mterron-clone into review/master: Chris Buechler

05/07/2011

11:59 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: need exact logs, copy and paste.
I don't think it's state killing related, Ermal had someone remove that and it d... Chris Buechler
10:55 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: Jim P wrote:
> Just a guess here, but last I knew, PPTP issued a pfctl -k (src) -k (dst) when disconnecting, and if ... Harry Gonzalez
10:49 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: Chris,
For the ipsec stuff:
If you can give me a link for a tutorial to get the ipsec working properly on ios i w... Harry Gonzalez
10:01 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: Just a guess here, but last I knew, PPTP issued a pfctl -k (src) -k (dst) when disconnecting, and if the IPs involved... Jim Pingle
08:10 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: IPsec works fine with iOS devices. The free OpenVPN client on OS X works fine too, it uses the same underlying softwa... Chris Buechler
06:16 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: Hi,
Im having the same problem on my pf box.
And it would appreciate if this is rise priority to high since P... Harry Gonzalez
09:40 PM Bug #845 (Resolved): Need patch for PR usb/140883: Ermal that means you need to log in.
I merged this
Chris Buechler
08:07 PM Revision c7ac47fd: Misc fixes to make the openvpn wizard stop re-creating a CA previously made via the wizard if you re-ran the wizard and chose a CA instead. Fixes #1512: Jim Pingle
05:35 PM Bug #1336: PPTP VPN NAT on WAN or other external interface: the problem caused by removing pptp patch by Eric at 16/3. you cansolve route problem at 32 bit version by using vers... Zeev Zalessky
04:10 PM Bug #1512 (Feedback): Ghost CAs: Applied in changeset commit:"c7ac47fd2d5ad66ff69a3e46c93bf41247929bc8". Jim Pingle
12:10 PM Bug #1512: Ghost CAs: I have seen CA/Certs come back before, but hadn't tried to track it down yet. I'll look into this and see what is goi... Jim Pingle
12:06 PM Bug #1512 (Resolved): Ghost CAs: Use wizard to create an openvpn server. Delete it. Delete the CA it used and all certs. Now create a new CA or do it ... Chad Hower
11:59 AM Bug #636: layer7 not work correctly: can you do a packet trace for bittorrent?
You sure its not encrypted?
Keep in mind that these are regex from http://... Ermal Luçi
07:51 AM Bug #1493: pf blocks all traffic following filter reload.: Oops, I lied.. I see the blocked packets in "Filter Logs", sorry.
Please find attached a tarball of /tmp from a pf... Aaron Roberts
04:14 AM Revision 2635f1f5: this should be checking for synchronizetoip not pfsyncpeerip: Chris Buechler
02:51 AM Revision 9c04a8c0: passive should always be on for mobile clients per racoon man page: Chris Buechler
12:58 AM Feature #1431: PPPoE LQR Echo: tried with v1.2.3 and v2.0rc1 it still produces the same problem on the same ISP.
i tried mofifying the /var/etc/m... Calvin Teh

05/06/2011

11:22 PM Bug #1511 (Resolved): panic in pfi_dynaddr_update: some info here:
http://forum.pfsense.org/index.php/topic,36004.0/topicseen.html
I can replicate this on at least... Chris Buechler
10:48 PM Bug #1341: Removing last host from alias does not truly remove it, host continues to be affected by rules: Thank you! G D
10:00 PM Bug #1341 (Resolved): Removing last host from alias does not truly remove it, host continues to be affected by rules: this has been fixed Chris Buechler
10:05 PM Bug #1079 (Resolved): Load balancer widget doesn't work on 2.0: Chris Buechler
10:05 PM Bug #636: layer7 not work correctly: Same as several others. HTTP block is working now, but it still does nothing for BitTorrent. Seth Scardefield
10:05 PM Todo #734 (Resolved): Fix up appearance of SSH tunnel shell: Chris Buechler
10:04 PM Bug #1063 (Resolved): Load balancer status doesn't work if the virtual server name contains a '.': Chris Buechler
10:03 PM Bug #1030 (Closed): Interface case change in apinger.conf needs reverted: Chris Buechler
10:01 PM Bug #738 (Resolved): Incorrect filter.inc packages: Chris Buechler
09:57 PM Bug #942 (Resolved): dhcp relay breaks: working fine everywhere I've set it up Chris Buechler
09:53 PM Bug #1323 (Resolved): Wrong rule file generation with build "Thu Mar 3 19:27:51 EST 2011": Chris Buechler
09:53 PM Bug #1316 (Resolved): User certificates are not synced to backups via XMLRPC: Chris Buechler
09:53 PM Bug #1311 (Needs Patch): Cosmetic problem: Chris Buechler
09:51 PM Bug #1289: IPsec mobile remote access (roadwarrior) responder (server) configuration: forgot ticket in commit, change here: https://rcs.pfsense.org/projects/pfsense/repos/mainline/commits/9c04a8c07993357... Chris Buechler
09:50 PM Bug #1289 (Resolved): IPsec mobile remote access (roadwarrior) responder (server) configuration: fixed Chris Buechler
09:45 PM Bug #1252 (Resolved): bug in header.inc: Chris Buechler
09:45 PM Bug #1232 (Resolved): Unable to load dynamic library '/usr/local/lib/php/20060613/mhash.so' - /usr/local/lib/libmhash.so.2: Chris Buechler
09:44 PM Bug #1173 (Closed): RRD Graph for cellular - not working for huawei E1762: it's not supposed to work with that modem so this isn't a bug. There is a feature open to add support for more modems. Chris Buechler
09:42 PM Bug #552 (Resolved): OpenDNS dynamic dns update does not work: Chris Buechler
09:31 PM Feature #1431: PPPoE LQR Echo: Do the affected ISPs work with v1.2.3?
Do you have the "set link keep-alive ..." in /var/etc/mpd_wan.conf? Chris Buechler
09:28 PM Bug #1448 (Closed): PPTP VPN Radius authentication and accounting don't work: this isn't an actual issue, there is a separate issue for the broken checksums Chris Buechler
09:28 PM Bug #1509 (Feedback): Traffic Shaper (altq) not working with 82574L interfaces?: definitely works with em interfaces, not sure about 82574L specifically but shouldn't be different than any other. Chris Buechler
12:25 PM Bug #1509 (Closed): Traffic Shaper (altq) not working with 82574L interfaces?: I was using traffic shaper with realtek interfaces, and it always worked really well. After changing from realtek to ... Vinícius Coque
09:27 PM Revision 5b06d9cc: Reorder instructions and do not reload dns if its not allowed from the dns allow override setting.: Ermal LUÇI
09:23 PM pfSense Packages Bug #668 (Resolved): Snort does not deinstall properly: Chris Buechler
09:22 PM pfSense Packages Bug #854 (Resolved): Unable to access web config interface for package NRPEv2: Chris Buechler
09:22 PM pfSense Packages Bug #945 (Resolved): vhosts package in pfsense 2.0: Chris Buechler
09:21 PM pfSense Packages Todo #767 (Resolved): Update pfflowd: this was implemented a while back plus some additional enhancements Chris Buechler
09:19 PM pfSense Packages Bug #1314 (Resolved): Typo in snort package /s/viwed/viewed: fixed Chris Buechler
09:17 PM pfSense Packages Bug #1117 (Resolved): TinyDNS-- Warning: Invalid argument supplied for foreach() in /usr/local/www/pkg.php on line 241: fixed a while back Chris Buechler
09:14 PM pfSense Packages Bug #1094 (Resolved): Clicking pfSense logo start deinstall/reinstall of HAVP package: Chris Buechler
09:13 PM pfSense Packages Bug #550 (Closed): "Frickin" 2.0 package does not install properly.: package no longer exists Chris Buechler
09:12 PM pfSense Packages Bug #578 (Resolved): Snort to OpenVPN menu navigation: Chris Buechler
09:11 PM pfSense Packages Bug #1065 (Resolved): error after rules installation: Chris Buechler
09:11 PM pfSense Packages Bug #1157 (Closed): Open VMware Tools installed, enable VMXNET2 interface -> crash pfSense: this is probably fixed with the most recent package. If not, it's not our bug, it's in some other component we can't ... Chris Buechler
09:09 PM pfSense Packages Bug #844 (Resolved): Open VM Tools Won't install: this is fixed Chris Buechler
09:09 PM pfSense Packages Bug #1385 (Resolved): Open-VM-Tools not working anymore: fixed, more under #1423 Chris Buechler
09:08 PM pfSense Packages Bug #1423 (Resolved): Open-VM-Tools package script files broken in 2.0rc-1: Chris Buechler
08:08 PM pfSense Packages Bug #1423: Open-VM-Tools package script files broken in 2.0rc-1: Looks good here as well.
Thanks guys! John Doe
08:07 PM pfSense Packages Bug #1423: Open-VM-Tools package script files broken in 2.0rc-1: Looks good here as well.
Thanks guys! John Doe
04:59 PM pfSense Packages Bug #1423 (Feedback): Open-VM-Tools package script files broken in 2.0rc-1: After Scott's last set of changes, I tried this on both 32-bit and 64-bit VMware pfSense 2.0 VMs and the tools instal... Jim Pingle
09:02 PM Revision 978cf4fd: Actaully put the route adding under the conditional logic checking. Ticket #1408.: Ermal LUÇI
08:55 PM Revision 114a9292: If we are disabling the radius inputs, also disable the secondary radius inputs.: Jim Pingle
08:55 PM Revision c07b2675: This field should be server2: Jim Pingle
08:36 PM Revision ac655e1b: Use the availble constant on php for this and also the right value that comes with it since PHP never supported u_int. There is a bug open still on PHP about bcmod but some more info is needed.: Ermal LUÇI
07:36 PM Revision 6f5ed6f0: Reorder where inetd gets started to after where the package rules are generated, so that a package can add a line to inetd.conf using that process.: Jim Pingle
07:05 PM Bug #1336: PPTP VPN NAT on WAN or other external interface: I use pfSense 2.0 RC1 i386 with multi-WAN in my production environment, I meet the same issue. Is there any solution ... Shadow Hwang
01:10 PM Bug #1336: PPTP VPN NAT on WAN or other external interface: The problem is related to 64 bit only. Zeev Zalessky
01:08 PM Bug #1336: PPTP VPN NAT on WAN or other external interface: I should also mention, I do not have multi-WAN setup. So this issue does not appear to be limited to multi-WAN setups. David Prinzing
01:07 PM Bug #1336: PPTP VPN NAT on WAN or other external interface: I am unable to get the most modern 2.0 RC1 amd64 build to route PPTP VPN traffic to the web. Version 1.2.3 works fin... David Prinzing
06:43 PM Bug #1510 (Resolved): Aliases names over 32 characters in length cause table problem errors: If one creates an alias with a name over 32 characters, it will cause table name problems when trying to use the alia... Bill McGonigle
05:27 PM Bug #747 (Resolved): Root schedulers (ie PRIQ) cannot be configured on interfaces that don't report bandwidth: Ermal Luçi
02:47 PM Bug #1507: openvpn.inc Local line in openvpn.inc failover: It seems I missed the Any on the local interface selection in the client config. This can be closed.
Thank You Phil Parris
02:21 PM Bug #1507: openvpn.inc Local line in openvpn.inc failover: it is updated when the interface is changed. It is required for the client config in multi-WAN scenarios. Chris Buechler
07:37 AM Bug #1507: openvpn.inc Local line in openvpn.inc failover: When you failover to opt1 the client configuration is not updated with opt1's ip address. I'm not expecting existing... Phil Parris
02:39 PM Bug #1151: Outgoing pptp Traffic-Flow stops after a while: I use now the version '2.0-RC1 (i386) built on Thu May 5 18:22:32 EDT 2011' and it's still the same behavior, the tra... George M
02:19 PM Revision de06b5b7: Enable debugging for the dhcp6c client so we can better track if it's working right: Seth Mos
01:08 PM Revision 000d9e71: Add the ipv6 allow tag to the default config.: Add a default allow rule for the LAN with IPv6
Add a dhcp-pd sla-id of 0 for the WAN.
Add a dhcp-pd length of 0 for t... Seth Mos
12:36 PM Bug #1386: Nested port aliases causes "Unknown port" error upon loading filters: I would need the /tmp/rules.debug
also the port alias section from config.xml Ermal Luçi
12:09 PM Revision ed395640: Add DHCP-PD support if the WAN interface is set to DHCP.: Select a DHCP-PD prefix length in correspondence with your ISP. If set to "none" it will not be requested and normal ... Seth Mos
02:19 AM Bug #1508: Wan Fai lback: Could be the same thing I see on my wan2. When I look in /tmp/rules.debug gateways hasn't recovered. In a shell scrip... Perry Mason

05/05/2011

08:47 PM Revision f02c3e1d: Misc OpenVPN CRL selection fixes.: Jim Pingle
08:41 PM Revision 93a138ab: Add a field for the prefix pools. Fix the DUID check: Seth Mos
08:27 PM Revision a59831e7: If we have deleted the last cert from the CRL, blank out the text.: Jim Pingle
08:14 PM Revision 461aa9d0: When deleting a CA, delete its associated CRLs.: Jim Pingle
07:56 PM Revision 85936586: Enable accidentally commented out dhclient command for ipv4: Charlie
07:46 PM Revision 0d8562ed: Fix the parse error, missing bracket.: Charlie
07:29 PM Revision 7149c4e7: Add backend support for the dhcp v6 client: Seth Mos
06:42 PM Bug #1508: Wan Fai lback: Changing anything in the web interface to do with gateways makes the system failback but this is a manual process.
... Phil Parris
06:39 PM Bug #1508: Wan Fai lback: Subject should say "Wan Fail Back" Phil Parris
06:39 PM Bug #1508 (Resolved): Wan Fai lback: When the WAN interface has a static ip and the system fails over the gateway to a tier2 opt1 interface it will not fa... Phil Parris
06:35 PM Bug #1386: Nested port aliases causes "Unknown port" error upon loading filters: What feedback exactly would you require? I was of the impression that I described the "procedure to reproduce the pro... Frank Zavelberg
05:18 PM Bug #1386 (Feedback): Nested port aliases causes "Unknown port" error upon loading filters: Can you please give more detail on this?
Seems not many people havie seen this! Ermal Luçi
06:32 PM Bug #1507 (Rejected): openvpn.inc Local line in openvpn.inc failover: to change an OpenVPN client from WAN to OPT1 you have to change its config from WAN to OPT1, there is no failover of ... Chris Buechler
06:27 PM Bug #1507 (Rejected): openvpn.inc Local line in openvpn.inc failover: if (!empty($iface_ip)) {
$conf .= "local {$iface_ip}\n";
}
in /etc/inc/openvpn.inc c... Phil Parris
05:50 PM Bug #1493: pf blocks all traffic following filter reload.: pftop shows only traffic being passed, not blocked. check /tmp/rules.debug and the loaded rulesets and other info in ... Chris Buechler
12:19 PM Bug #1493: pf blocks all traffic following filter reload.: Hi, can you let me know what information would be useful?
At present, the only system logs immediately preceding f... Aaron Roberts
02:08 PM Bug #636 (Feedback): layer7 not work correctly: I pushed this https://rcs.pfsense.org/projects/pfsense-tools/repos/mainline/commits/99030511af941f6679b15a8920e720486... Ermal Luçi
12:58 PM Feature #1506 (New): Notifications should spool: If the firewall can't connect to the mail server notifications fail and never attempt to notify again. A nice featur... Phil Parris
12:55 PM Bug #1505 (Closed): usb 3g 760 modem doesn't respond: The first time you insert the 3g modem it will work properly, if you disconnect or soft reboot ppp can't connect stat... Phil Parris
12:52 PM Feature #1504 (Closed): Verizon 3g usb760: Pfsense is not ejecting the cdrom when you insert/boot a verizon usb760 3g card. Without ejecting the cd-rom you don'... Phil Parris
11:50 AM Revision e7230cb3: Add firewall rules so that the DHCPv6 replies can come back in: Seth Mos
10:23 AM Revision 5fd3cb92: Ticket #CZH-831780. If gif(4) is part of a bridge and its mtu is smaller than 1500(ethernet standard) do not consider it in finding the smaller mtu because we have a patch to allow gif(4) be member of a bridge with smaller mtu. See https://rcs.pfsense.org/projects/pfsense-tools/repos/mainline/commits/67d3135722db4a3c911761ead5c881ccaef02c65 for details.: Ermal LUÇI
08:18 AM Bug #1502: web interface needs to be manually started: when RC1 boots the web interface does not come up (at least here).
Once I see the LCD display come alive I then have... Leon Zetekoff
08:16 AM Bug #1502 (Closed): web interface needs to be manually started: That is definitely not normal, but there is not enough information here to reach any kind of conclusion. Please post ... Jim Pingle
08:14 AM Bug #1502 (Closed): web interface needs to be manually started: it seems since I switched to using rc1 when PFSense is rebooted I have to ssh in and then restart the web configurato... Leon Zetekoff
08:18 AM Bug #1503 (Closed): autoupdater and reboots: That is also not normal behavior, and not something that anyone else has seen that I'm aware of. Between your previou... Jim Pingle
08:16 AM Bug #1503 (Closed): autoupdater and reboots: seems that the autoupdater may not be rebooting and shutting down instead. Also, the web interface keeps showing that... Leon Zetekoff
07:07 AM Revision c495f88b: Add the dhcp6 client into the backend code. Needs scripts for up down events also.: Seth Mos
05:02 AM Bug #1501 (Closed): Captive Portal Logout popup does not work: The logout popup for the captive portal does not work. People can still use the network and RADIUS is getting its acc... Mark Dammer

05/04/2011

11:39 PM Revision 4a916dc8: Timeout is either a global option and/or a table stanza option. For now made it a global option.: For the future each pool should probably have a configurable timeout. Warren Baker
09:54 PM Revision 8b1e7d04: Correct wrong key for checking if a interface type switched. Ticket #1420: Ermal LUÇI
09:31 PM Revision 56da23dc: Fixes #1394. Create a function get_itnerface_default_mtu and use it for resetting the mtu of a interface to default when needed. This adds the overhead of fetching the interface mtu and comparing with the default one every interface configuration run.: Ermal LUÇI
07:42 PM Bug #1235 (Feedback): pfsense 2.0 load balancing with a https monitor seems to default timeout 200ms causing constant timeouts: I have added a patch for this but for now made this a global option. We should, at a later stage add the option for c... Warren Baker
02:25 PM Bug #1235: pfsense 2.0 load balancing with a https monitor seems to default timeout 200ms causing constant timeouts: Did some quick tests: The timeout option is only valid as a global config or in the table stanza, not in a redirect ... John Welter
02:17 PM Bug #1235: pfsense 2.0 load balancing with a https monitor seems to default timeout 200ms causing constant timeouts: I have confirmed this issue. The default relayd timeout of 200ms is being used even with a timeout specified inside ... John Welter
07:18 PM Feature #1492: Captive Portal Interim Updates: Not sure we want to expose this for 2.0, potential for fallout since that's never been exposed, though it's probably ... Chris Buechler
09:44 AM Feature #1492 (Resolved): Captive Portal Interim Updates: Currently there is nothing in webGUI to configure how often Captive Portal pruning should be executed. So the default... Warren Baker
07:14 PM Bug #1493 (Feedback): pf blocks all traffic following filter reload.: not enough info to do anything with this. Definitely not a universal issue, maybe something specific to KVM or someth... Chris Buechler
12:17 PM Bug #1493 (Resolved): pf blocks all traffic following filter reload.: Version: 2.0-RC1 (i386) built on Tue Apr 19 23:03:17 EDT 2011
Hardware: /usr/libexec/qemu-kvm -S -M rhel5.4.0 -cpu... Aaron Roberts
05:58 PM Revision 131f3a50: Disable this log message, as it can be extremely spammy in the logs.: Jim Pingle
05:52 PM Bug #1420 (Feedback): Changing a WAN's type from PPPoE to other breaks it: Test latest snapshots. Ermal Luçi
05:42 PM Bug #636: layer7 not work correctly: @Jonathan,
can you show any picture of your configuration and the system log with the relevant layer7 logs(they sh... Ermal Luçi
03:48 PM Bug #636: layer7 not work correctly: Okay,
On image 2.0-RC1 (i386)
built on Tue May 3 10:51:27 EDT 2011
Confirmed that it works as previous comme... Rob Lister
09:20 AM Bug #636: layer7 not work correctly: I haven't tried any advance layer 7 rules yet but I do agree with Jonathan that a simple rule to block traffic(I bloc... Cino .
05:22 AM Bug #636: layer7 not work correctly: I've tested with a snapshot from the evening of the 3rd. It appears to be partially working now. If I create a simple... Jonathan Puddle
05:30 PM Bug #1394 (Feedback): MTU does not reset: Applied in changeset commit:"56da23dc5ffebdb6cf52f3b46abebc0ef56e9861". Ermal Luçi
02:58 PM Bug #1494 (Closed): Limiter does not apply to active FTP: The only way to do active FTP work is enabling functionality ftp.proxy.handle which brings the problem of not applyin... Alvaro Albani Costa
12:26 PM Revision a9543eae: Remove the dhcp6 type, add the DUID field to the dhcp config.: Seth Mos
10:50 AM Feature #1489: Can't configure PPPoE over VLAN: Howdy Mr. Stretz,
It is possible to do what you want without changing code, but it requires an extra step.
You ca... Marcus Brown
09:49 AM Feature #1489 (New): Can't configure PPPoE over VLAN: Marking item as future as this is a legitimate problem.
Scott Ullrich
05:37 AM Feature #1489: Can't configure PPPoE over VLAN: I'm confused. You write "for now" though close this bug. Does that mean forever? I had a look at the code and with... Malte Stretz
10:07 AM Revision cfd2ca3c: Remove stray debugging lines in VPN: Seth Mos
10:06 AM Revision 776603cd: Remove debugging: Seth Mos
08:58 AM Revision 2fb056d8: More DHCPv6 server fixes, split the function out into seperate v4 and v6. Make the router advertisement stand alone on the dhcp server page.: Seth Mos
07:05 AM Bug #1491 (Closed): Optional interface problem pinging LAN interface static IP's: Please use the forum at http://forum.pfsense.org/ for support questions, and post as much detail there in a thread as... Jim Pingle
06:48 AM Bug #1491 (Closed): Optional interface problem pinging LAN interface static IP's: There are 3 interface, WAN(pppoe),LAN and WLAN(optional wireless AP).
DHCP server is turned on on all interfaces.
O... Tihomir Kisicek
03:30 AM Bug #845: Need patch for PR usb/140883: Only owners can process and verify merge requests! Ermal Luçi
02:12 AM Bug #845: Need patch for PR usb/140883: merge request for this: https://rcs.pfsense.org/projects/pfsense-tools/repos/mainline/merge_requests/72
Chris Buechler
12:19 AM Bug #1486 (Resolved): relayd does not set sticky-address option when set in advanced/misc: Chris Buechler

05/03/2011

11:04 PM Bug #1486: relayd does not set sticky-address option when set in advanced/misc: I tested the Tue May 3 11:16:02 EDT 2011 and the bug is fixed. Thanks for the quick turn around! John Welter
04:30 AM Bug #1486: relayd does not set sticky-address option when set in advanced/misc: There was a typo s/conf/config/ - this has been fixed.
Applied in change set commit:327ef8eb3244f79e1b669dca792c83... Warren Baker
12:48 AM Bug #1486: relayd does not set sticky-address option when set in advanced/misc: Unfortunately this still doesn't fix the issue. I tested and (isset($conf['system']['lb_use_sticky'])) returns false... John Welter
07:20 PM Revision ab1047d4: Make sure to send both the managed and other config flags.: Seth Mos
12:55 PM Feature #1489 (Closed): Can't configure PPPoE over VLAN: Its the way it works for now.
So please assign your vlan and choose the assigned interface as parent. Ermal Luçi
07:44 AM Feature #1489 (Closed): Can't configure PPPoE over VLAN: I currently have to run a PPPoE link over a 802.1Q tagged VLAN (don't ask...). When I go to [[http://10.49.1.1/inter... Malte Stretz
12:25 PM Bug #1402: When creating a QinQ it works until reboot.: Im just trying to connect two pfsense and pass into a parent vlan 2 vlans.
!qinq.jpg! Juan José Ponce Domínguez
10:20 AM Bug #1488: "There are no packages currently installed." is a lie: Looks like all packages failed to reinstall for some reason, so I guess the problem isn't/wasn't in the packages but ... Malte Stretz
10:12 AM Bug #1488: "There are no packages currently installed." is a lie: That is because a package failed to reinstall, which is not related to this. If a package fails during the reinstall ... Jim Pingle
10:04 AM Bug #1488: "There are no packages currently installed." is a lie: But anyterm and darkstat are still packages, right? I still have their entries in the menu (though they are broken d... Malte Stretz
09:02 AM Bug #1488 (Closed): "There are no packages currently installed." is a lie: OpenVPN is not a package on 2.0, it's part of the base system. OpenNTPd is also part of the base system, even if it i... Jim Pingle
07:28 AM Bug #1488 (Closed): "There are no packages currently installed." is a lie: I upgraded from 1.2.3 nanobsd to 2.0-rc1 (currently a snapshot built on Mon May 2 21:11:55 EDT 2011).
The package ... Malte Stretz
10:06 AM Feature #1490: The Package Manager should hide packages for old platforms per default: Ah, ok, that wasn't obvious from the output. I'd suggest changing the string "platform:" to "minimum version:". Malte Stretz
08:56 AM Feature #1490 (Closed): The Package Manager should hide packages for old platforms per default: that's the minimum version, if they aren't compatible they aren't in 2.0's package lists. Chris Buechler
08:19 AM Feature #1490 (Closed): The Package Manager should hide packages for old platforms per default: A quick glance at the list of Available Packages in the Package Manager shows a lot of packages. But most of these p... Malte Stretz
08:12 AM Revision 0130b756: Some more whitespace fixes.: Warren Baker
08:09 AM Revision dcb846e3: Merge remote branch 'upstream/master': Conflicts:
usr/local/www/status_rrd_graph_img.php Seth Mos
08:07 AM Revision 327ef8eb: Use correct config variable and fix some whitespaces.: Warren Baker
03:40 AM Bug #1487 (Rejected): INTERNET PROBLEM: this is not a support site and not a valid bug report, use the forum or mailing list. Chris Buechler
03:03 AM Bug #1487 (Rejected): INTERNET PROBLEM: We are using pfsense as a software & firewall.We have lot of windows & linux mechines.Yesterday i reinstalled the pfs... Nikhil Subramanian

05/02/2011

10:26 PM Revision 8c218e1d: Give time to filterdns to exit gracefully and after that start a new process.: Ermal LUÇI
10:04 PM Revision 9b0ddd8c: Resolves #1486. When sticky option is selected under advanced->misc honor it even in the relayd.conf setting.: Ermal LUÇI
08:57 PM Revision 0b1321e2: Bring back the optimization on max-packets at pf(4) level now that the issues with daemon have been identified.: Ermal LUÇI
08:57 PM Revision 81e14406: Bring back the optimization on max-packets at pf(4) level now that the issues with daemon have been identified.: Ermal LUÇI
08:57 PM Revision 2dc14ea2: Now that layer7 daemon issues are resolved bring back this optimization.: Revert "Do not write ont rules anymore max-packets. This apparently was done by me in a previous commit, it helps wit... Ermal LUÇI
08:52 PM Bug #1485 (Resolved): WebUI password changes do not change shell and VPN passwords: thanks Chris Buechler
01:43 PM Bug #1485: WebUI password changes do not change shell and VPN passwords: Thanks for quick fix! It works.
I updated to 2.0 RC1 built Fri Apr 29 21:19:09 EDT 2011. I changed the privileges ... Anton Cohen
07:32 PM Revision b01adece: Set default colors explicity, the theme can then override them. This prevents missing colors in themes from crashing the graphs.: Jim Pingle
06:36 PM Revision 49825b17: If the rrd multiplier is negative, use 5% for out instead of 95% for the 95th percentile line.: Jim Pingle
06:05 PM Bug #1486 (Feedback): relayd does not set sticky-address option when set in advanced/misc: Applied in changeset commit:"9b0ddd8cf37fbf4e453d476a985f00e36bbb0861". Ermal Luçi
04:47 PM Bug #1486 (Resolved): relayd does not set sticky-address option when set in advanced/misc: When the sticky session flag is set in advanced/misc and then a relayd pool setup the sticky-session option is not se... John Welter
05:02 PM Bug #636: layer7 not work correctly: I put a patch yesterday in the layer7 daemon used for classification.
It was forgetting the protocols during reload.... Ermal Luçi
04:53 PM Revision 3bae60be: Add a newline to the igmpproxy config to resolve issues of it not parsing correctly the file. Reported-by: http://forum.pfsense.org/index.php/topic,36279.0.html: Ermal LUÇI
11:00 AM Bug #1402: When creating a QinQ it works until reboot.: Usually it will be needed for the QinQ vlan, 1000 3000, in your case.
I cannot answer to you without a clear descr... Ermal Luçi

04/30/2011

12:15 PM Bug #1402: When creating a QinQ it works until reboot.: Do I have to change the MTU of the interface involved in order to get work?. Is just an idea.... Juan José Ponce Domínguez

04/29/2011

07:43 PM Revision c639315e: Set password on the OS instead of just the gui. Fixes #1485: Jim Pingle
06:23 PM Revision f7ea0505: Remove static routes that are added for dns servers when allow override is allowed when a ppp interface goes down. Code borrowed from dhclient-script.: Ermal LUÇI
06:19 PM Revision a73a9886: Ticket #1408. Honor the allow override settings even for ppp devices.: Ermal LUÇI
06:15 PM Revision e5f3359c: Send route delete message to blackhole.: Ermal LUÇI
06:13 PM Revision cfe92577: Ticket #1408. Do not add static routes for automatically learned dns servers from dhcp if Allow override is not selected.: Ermal LUÇI
03:45 PM Bug #1485 (Feedback): WebUI password changes do not change shell and VPN passwords: Applied in changeset commit:"c639315e3c86ae6cc2a1d1030347340f340f8270". Jim Pingle
03:40 PM Bug #1485: WebUI password changes do not change shell and VPN passwords: I committed an ipsec xauth permission for users to fix #1202 a couple weeks ago, you should be using that instead.
... Jim Pingle
03:25 PM Bug #1485 (Resolved): WebUI password changes do not change shell and VPN passwords: Version:
2.0-RC1 (amd64)
Goal:
Have user accounts that only work for IPSec VPN access. And allow the user to cha... Anton Cohen
03:34 PM Bug #1202 (Feedback): Shell access permission required for IPsec Xauth clients: The previous commit should fix this, but needs additional testing. Jim Pingle
02:24 PM Bug #1402: When creating a QinQ it works until reboot.: Sorry the last image is like this for example:
!3.png! Juan José Ponce Domínguez
02:15 PM Bug #1402: When creating a QinQ it works until reboot.: Hello,
I have tested the changes and now the members are displayed correctly, thanks for that.
So I tryied agai... Juan José Ponce Domínguez
02:15 PM Bug #1408 (Feedback): DHCP DNS servers still get routes even if allow override is unchecked: Committed a fix. Ermal Luçi
01:53 AM Bug #1415: Nat reflection is installing rules with 'Array': Here you are:
@$ ps -ax | grep inetd
7108 ?? Ss 0:44.47 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/ine... Michele Di Maria

04/28/2011

09:21 PM Revision 9cf46050: Correct saving of qinq specified members and also correctly destroy parent vlan when deleteing the interfaces. Also take care of attaching to netgraph now that we detach by default.: Ermal LUÇI
08:44 PM Revision a7ee5777: Remove rndtest sysctl since the kernel module is not anymore part of our kernels. Leftover noticed by: Jim: Ermal LUÇI
08:31 PM Revision 2d14181b: Remove rndtest sysctl since the kernel module is not anymore part of our kernels.: Ermal LUÇI
07:53 PM Revision 27dfd848: Bring comment up-to-date: Ermal LUÇI
07:33 PM Revision 65531b4b: Make sure that openvpn tunnels are not impacted by hitting 'Save' on the Interface->Configuration page when assigned.: Ermal LUÇI
07:29 PM Revision d1ae9705: Use the needed variable here so hitting 'Save' from Interface->Configuration section does not leave the assigned gif interfaces without tunnel addresses.: Ermal LUÇI
07:16 PM Revision 40b0c024: Correct code description during assignment: Ermal LUÇI
07:09 PM Revision d7f1891b: Some configurations might have gre/gif on top of carp. Make sure to handle this configurations and to bring the tunnel correctly up.: Ermal LUÇI
05:58 PM Bug #1415: Nat reflection is installing rules with 'Array': Can you show the content of /var/etc/inetd.conf?
Also ps -ax | grep inetd Ermal Luçi
05:20 PM Bug #1402 (Feedback): When creating a QinQ it works until reboot.: Try again. https://rcs.pfsense.org/projects/pfsense/repos/mainline/commits/9cf46050fc708f3a3395c7800acf5d81a69b1013
... Ermal Luçi
02:25 PM Revision 03f824a5: Remove the quotes, these break the advertisement: Seth Mos
01:27 PM Revision 61fbafc2: Hopefully fix the router advertisement: Seth Mos
11:11 AM Bug #1318: Certificate error: certificate subject does not match signing request subject: I can also confirm this is the case with PositiveSSL's issued from Comodo.
2.0-RC1 (amd64)
built on Thu Apr 28... David Prinzing
11:10 AM Todo #1373: Upgrade OpenVPN: Change for the netsh interface on windows 7, use set address, instead of add address. Otherwise the command will exit... Seth Mos
10:56 AM Todo #1373: Upgrade OpenVPN: The current openvpn-ipv6 port has both the endpoint and payload patch for IPv6. The current installer we include in t... Seth Mos
09:33 AM Revision fcdc8943: Merge remote branch 'upstream/master': Conflicts:
etc/inc/pfsense-utils.inc Seth Mos
09:18 AM Feature #1431: PPPoE LQR Echo: I'm still waiting ISP (TM Net) to reply regarding this issue. I ask them if they can disable LQR echo. I will update ... azwan rizal
01:53 AM Feature #1431: PPPoE LQR Echo: so far tricking the WAN interface in and out of DHCP works, but I don't understand why is this working Calvin Teh
01:50 AM Feature #1431: PPPoE LQR Echo: Alot of us are having the same problem with the same ISP and modem provided. The same issue occurs when PPPoE through... Anonymous One
09:09 AM Revision 753bd64d: Change the rtadvd daemon options to a more readable format that should hopefully work better.: Seth Mos
01:10 AM Revision 1dfb7795: fix typo: Chris Buechler
12:25 AM Revision b0c2087e: Comment out debug print: Jim Pingle

04/27/2011

10:13 PM Todo #1438: Add override for CSR request->response subject mismatch: My semester ends in about 2-3 weeks. At that point I will look around in the code for other places where this type of... Yehuda Katz
10:11 PM Todo #1438: Add override for CSR request->response subject mismatch: tested this with a cert from namecheap, originally was seeing the issue described here, synced up to Yehuda's git clo... Chris Buechler
07:02 PM Bug #1336: PPTP VPN NAT on WAN or other external interface: Any news with this bug? Zeev Zalessky
07:02 PM Bug #1151: Outgoing pptp Traffic-Flow stops after a while: actually I was wrong, this wasn't fixed in the official RC1 release, it's been in snapshots since early March though. Chris Buechler
11:14 AM Bug #1151: Outgoing pptp Traffic-Flow stops after a while: I think the problem is that I use a Bridge between LAN and OPT1. I have 3 interfaces
WAN
LAN
OPT1
The WAN-In... George M
06:58 PM Bug #1448: PPTP VPN Radius authentication and accounting don't work: i found why its don't work. Eri removed pptp proxy patch at 16/3/2011. i have amd64 iso from 10 Mar 2011 and this iso... Zeev Zalessky
04:03 PM Revision f35abee2: Whitespace cleanup, code cleanup, add choice to filter on ipv4/ipv6 and also accept a subnet to filter on via the host field.: Jim Pingle
09:33 AM Bug #1484 (Rejected): Captive Portale: because there is no way to tell that "username" is the same as "domain\username" or "username@domain" or other possib... Chris Buechler
06:10 AM Bug #1484 (Rejected): Captive Portale: Hi, I've enabled "Disable concurrent logins" in Captive Portal and I've configured a Radius Server (Windows Active Di... Vico B.
08:07 AM Bug #1433: Config sync causes CARP state change: I tryed the latest snapshot and I'm still having the CARP switch issue.
Each time I apply a change,using LAN CARP as... Eric Machabert
06:19 AM Feature #1482: Captive Portal support for a configurable RADIUS NAS ID: Hi just found out that the code in /etc/inc/radius.inc function putStandardAttributes() does not call the getNasId() ... Richard Gate
12:31 AM Bug #1415: Nat reflection is installing rules with 'Array': Processes are not spawn anymore but for example nat reflection seems anyway not working properly...
Examples: A nsl... Michele Di Maria

04/26/2011

09:08 PM Revision c41997ce: Allow users to select SSL/TLS+User Auth with external authentication sources.: Jim Pingle
09:07 PM Bug #1105: WLAN Broadcom BCM 4306 problems -the fw file(bwn_v4_ucode5) not found: it can be built on a stock FreeBSD 8.1 system and copied over. Chris Buechler
08:39 PM Bug #1380 (Closed): NAT reflection of UDP (or DNS?) doesn't work, spawns thousands of processes: #1415 duplicated this Chris Buechler
08:35 PM Bug #1347 (Resolved): ntpd not starting: Chris Buechler
08:30 PM Feature #1322 (Rejected): Squid 3: this is not a legit bug report, ask questions on the forum or mailing list. Chris Buechler
08:29 PM Bug #1358 (Resolved): OpenVPN Upgrade Issue: Chris Buechler
08:29 PM Bug #1403: Filter Rules description do not get saved when "(quote) present as character: under what circumstances is this a problem? The input validation doesn't allow quotes in rule descriptions. Chris Buechler
08:27 PM Bug #1355 (Closed): Clearing PPTP Raw Logs does not work: duplicate of #1340 Chris Buechler
06:37 PM Revision 7100a85c: No need to include head.inc twice: Jim Pingle
02:18 PM Revision 0b9d02f3: Don't just blindly echo to the ntpd.log, it's a clog file and that will break it.: Jim Pingle
02:08 PM Bug #1483 (Rejected): OpenVPN peer-2-peer routing doesn't work: it works, you have a config issue of some sort. post to the forum or mailing list for help. Chris Buechler
02:03 PM Bug #1483 (Rejected): OpenVPN peer-2-peer routing doesn't work: Hi,
i have here installed pfsense 2.0-RC1 (i386) built on Thu Apr 14 19:19:42, and i tried to establish a peer-2-p... Herbert Lueger
02:00 PM Bug #1433: Config sync causes CARP state change: Ok for the first one...
For the second one I attach you two different crashes I just caused while making changes on... Michele Di Maria
06:48 AM Bug #1433: Config sync causes CARP state change: The second picture seems and issue from the shaper.
I cannot tell anything if i do not see the trace, type bt on the... Ermal Luçi
09:59 AM Feature #1482 (Resolved): Captive Portal support for a configurable RADIUS NAS ID: When running network traces to examine the packets sent/received during Captive Portal authentication and accounting ... Richard Gate
07:05 AM Revision 787de45a: Push the ipv6 routes for the local network with push route-ipv6: Seth Mos
03:44 AM Bug #1445: Trouble with interface msk0 (Marvell Yukon 88E8057 Gigabit Ethernet): There is a driver bug logged, have a look at http://www.freebsd.org/cgi/query-pr.cgi?pr=156493 - otherwise one person... Warren Baker

04/25/2011

08:12 PM Revision 97ffc513: Add the ipv6 configuration options for routing ipv6 over the tunnel. Currently only a /64 is supported for the routed network, so use a /64 and then route the /56: Seth Mos
07:50 PM Revision 9f5d14ce: Show OpenVPN instances on Status > Traffic Graphs, with descriptions.: Jim Pingle
07:07 PM Bug #1402: When creating a QinQ it works until reboot.: Thanks Ermal for your response but when I create the step 1, and assign the member 1000 and click save, I get the nex... Juan José Ponce Domínguez
04:03 PM Bug #1402: When creating a QinQ it works until reboot.: You do not need to create teh vlan in step2 since it is done automatically by the GUI. Ermal Luçi
05:57 PM Bug #1151: Outgoing pptp Traffic-Flow stops after a while: Hmm... I use the RC1 (i386) version and have this problem, that's the reason I asked. The pptp Traffic-Flow stops aft... George M
05:53 PM Bug #1151: Outgoing pptp Traffic-Flow stops after a while: yes. if it's marked as resolved, it's resolved. Chris Buechler
05:52 PM Bug #1151: Outgoing pptp Traffic-Flow stops after a while: Is this bug fixed in the RC1 version? George M
05:43 PM Bug #1420: Changing a WAN's type from PPPoE to other breaks it: probably, that would be consistent with 1.2.x Chris Buechler
02:48 PM Bug #1420: Changing a WAN's type from PPPoE to other breaks it: Should it delete the already created pppoe config? Ermal Luçi
05:17 PM Revision b1ba04cf: Add ipv6 tunnel remote subnets: Seth Mos
03:42 PM Bug #1445: Trouble with interface msk0 (Marvell Yukon 88E8057 Gigabit Ethernet): I am having problems too with the msk0 Marvell Yukon Gigabit on an iMac.
I will get a watchdog timeout on that int... Per Møller Olsen
02:45 PM Bug #846 (Closed): if_bridge triggers link state cycling on em(4): Ermal Luçi
12:55 PM Bug #1433: Config sync causes CARP state change: Ok, I understand... I try to explain you the problems I encounter, you give me your opinion if it's related to this i... Michele Di Maria
10:40 AM Bug #1433: Config sync causes CARP state change: I am sorry but it will still go up and down on slave but it want cause any issues!
If you can reproduce the issue ... Ermal Luçi
11:14 AM Todo #1481 (Needs Patch): Bring back console menu banner link indication: On 1.2.3 if an interface is up, it had a * next to it to indicate the link state. This was removed a while ago on 2.0... Jim Pingle

04/24/2011

07:04 PM Feature #1477: IGMPPROXY spamming the main systemlog: We're not running igmpproxy with verbose logging enabled, not sure if that log level is from something in the pfport ... Chris Buechler
03:02 PM Feature #1477 (Resolved): IGMPPROXY spamming the main systemlog: Since Igmpproxy is finally working now theres only one big problem left:
Igmpproxy is massivly spamming the main s... M Schweitzer
06:54 PM Bug #1478: some characters in FW rule descriptions do not sync properly: that's intentional. though with CDATA now they may be safe, it's not going to change for now. Chris Buechler
04:39 PM Bug #1478 (Resolved): some characters in FW rule descriptions do not sync properly: Parentheses, periods and commas: "(", ")", ",", "." all get stripped out of the firewall rule description on the seco... Adam Thompson
05:15 PM Todo #1373: Upgrade OpenVPN: Added the IPv6 payload patch from Gert Doering for full IPv6 support. Seth Mos

04/23/2011

09:08 AM Feature #1449: LAG setup from CLI (like VLANs): I would like to +1 on this request. I currently use a basic config exported from a working system, change it and use ... Marcus van Dam
04:19 AM Bug #1432 (Resolved): Carp Vips are promoted to master before firewall filter load: thanks Chris Buechler
04:09 AM Bug #1432: Carp Vips are promoted to master before firewall filter load: Tested and working! (see image) the red lines at 10:03:50 and 10:05:05 represents the moments where the secondary mac... Michele Di Maria
04:17 AM Bug #1433: Config sync causes CARP state change: mmhh... with build "Fri Apr 22 18:24:14 EDT 2011" i386 on both machines, when I modify something on the master machin... Michele Di Maria

04/22/2011

08:42 PM Bug #1453 (Closed): Voucher RSA key generation problem: Chris Buechler
10:04 AM Bug #1453: Voucher RSA key generation problem: I reinstalled pfSense, and RSA key regeneration works well. I'm unable to reproduce this problem. Peter Soos
05:57 AM Bug #1453 (Closed): Voucher RSA key generation problem: I just installed pfsense 2.0-RC1 (i386) built on Fri Apr 22 01:23:40 EDT 2011 on an Alix 2D3 board. I tested the Vou... Peter Soos
07:48 PM Revision e3dc055a: Actually correct check meaning.: Ermal LUÇI
07:23 PM Revision bd17f93d: Do not an ip of all 1s as a gateways since it cannot be pinged.: Ermal LUÇI
06:28 PM Revision bce14123: Actually call interfaces_carp_setup after the carp interfaces are created so carp traffic can only flow after we have all vips up and running. This prevents premption more early than necessary. Ticket #1432.: Ermal LUÇI
04:40 PM Bug #1433 (Feedback): Config sync causes CARP state change: Applied in changeset commit:"9411fbf73e52f01730da3fc8ba663bc901087144". Ermal Luçi
04:40 PM Bug #1432: Carp Vips are promoted to master before firewall filter load: Applied in changeset commit:"9411fbf73e52f01730da3fc8ba663bc901087144". Ermal Luçi
02:32 PM Bug #1432: Carp Vips are promoted to master before firewall filter load: I pushed another change so try with that.
Though i think carp needs to be teached about a 'start' sysctl as it has a... Ermal Luçi
03:23 PM Revision d8da6350: Provide a method for rebrands to force a theme. Otherwise upgrading nanobsd from pfSense to a rebrand image without the theme in the config.xml will have a broken GUI since the theme isn't there.: Jim Pingle
09:42 AM Feature #1457: Bridge as interface: Reassign the bridge0 interface as LAN, and assign your old LAN interface as a separate interface that is a member of ... Jim Pingle
09:39 AM Feature #1457: Bridge as interface: Yes but nat all LAN interface functionality can be moved to bridge interface yet (e.g. firewall anti-lockout). If you... Peter Soos
06:30 AM Feature #1457 (Closed): Bridge as interface: already exists in 2.0, assign bridgeX Chris Buechler
06:28 AM Feature #1457 (Closed): Bridge as interface: Please add possibility to handle a bridge as an interface (e.g. add one IP address etc.). It would be useful if you a... Peter Soos
06:19 AM Feature #1456 (Closed): Vouchers expire at fixed time: Please add a feature to create vouchers valid to a fixed time/date not for an amount of time.
Peter Soos
06:16 AM Feature #1455 (Resolved): Voucher manager only user: If you add a user responsible the voucher management of captive portal only with rights for vouchers only he/she have... Peter Soos
06:02 AM Bug #1454 (Resolved): Voucher error messages character set problem: If you use accented characters outside the ASCII character set, the WebCfg seems to save the messages but it does not... Peter Soos
05:57 AM Todo #1373: Upgrade OpenVPN: Needs to have this fix to make OpenVPN 2.2-RC2 work.
http://openvpn.git.sourceforge.net/git/gitweb.cgi?p=openvpn/open... Seth Mos
04:57 AM pfSense Packages Bug #1452 (Resolved): Snort: broken link in snort_rules_edit.php [2.8.6.1 pkg v. 1.35]: Patch attached Yuri Krichevsky
12:31 AM Revision de7222fb: correctly unmount drives where a config doesn't exist: Chris Buechler

04/21/2011

09:52 PM Feature #1451: Certificate errors after CARP election: There's only one cert on each. However, I don't think the 2ry has been rebooted since setup; I'll do that and confir... Adam Thompson
09:44 PM Feature #1451: Certificate errors after CARP election: config sync does indeed sync the cert that's used, and there currently isn't any way to do otherwise. But, if you sta... Chris Buechler
09:43 PM Feature #1451: Certificate errors after CARP election: On the slave, go to System > Advanced, on the Admin tab, make sure the cert selected there is the same as the cert se... Jim Pingle
09:41 PM Feature #1451: Certificate errors after CARP election: Hmm... in that case, I think this is a bug, not a feature. If the identical certificate is being offered from both m... Adam Thompson
09:19 PM Feature #1451 (Feedback): Certificate errors after CARP election: Usually you would want to access the GUI on the boxes directly by accessing their actual IPs, not the CARP VIP, since... Jim Pingle
07:03 PM Feature #1451 (Resolved): Certificate errors after CARP election: Using CARP VIP to administer pfSense, after the backup is promoted to master, Firefox complains about SSL certificate... Adam Thompson
09:39 PM Revision 2d4003aa: If the bandwidth value is coming from radius scale it up to the requested Kbit/s unit.: Ermal LUÇI
08:05 PM Revision 2594f401: missed a bit of my last commit: Yehuda Katz
07:33 PM Revision 908cbaf9: Set user when removing privileges, otherwise things like the user's shell would not be reset until pressing save, which is inconsistent with that step not being needed when adding privileges.: Jim Pingle
06:54 PM Feature #1450 (Closed): XMLRPC syncs all VPN types *except* PPTP: Just got burned by this... I never noticed that XMLRPC Sync keeps IPSEC and OpenVPN in sync, but not PPTP. Even if t... Adam Thompson
06:34 PM Revision a29aeb47: Merge branch 'master' of http://gitweb.pfsense.org/pfsense/mainline.git: Yehuda Katz
06:33 PM Revision ea7763c0: ignore dreamweaver temp files: Yehuda Katz
06:29 PM Revision a828210b: checking moduli of ssl csr request and response: Yehuda Katz
06:22 PM Bug #1433: Config sync causes CARP state change: Do we have the ability to diff chunks of the config xml? If diff(old-carp-config,new-carp-config)==zero-changes, don... Adam Thompson
03:09 PM Bug #1433: Config sync causes CARP state change: pfSense is a long time having this code.
It was done because otherwise lots of code need to be added just to test fo... Ermal Luçi
06:11 PM Bug #1391: Disable auto-added VPN rules missing: Perhaps I'm missing something - I have yet to see a single auto-added FW rule for VPNs on my boxes: I thought the che... Adam Thompson
06:03 PM Feature #1449 (Closed): LAG setup from CLI (like VLANs): Provide a mechanism during initial interface assignment to create LAGs, not just VLANs. In a moderately complex envi... Adam Thompson
05:48 PM Bug #747: Root schedulers (ie PRIQ) cannot be configured on interfaces that don't report bandwidth: I put a patch for this and it would give by default to an interface 100Mbit line if it is not reported automatically. Ermal Luçi
05:46 PM Bug #1381 (Closed): GRE tunnel interface IP address updated after reboot only: Its an OP issue. Ermal Luçi
05:27 PM Todo #1438: Add override for CSR request->response subject mismatch: New merge request sent Yehuda Katz
05:10 PM Revision 1f0c76cf: Fix PPPoE upgrade, the <pppoe> tag is considered an array these days and the upgrade code wasn't treating it properly, accessing it directly instead of using the first entry ([0]). Fixes #1439 - PPPoE credentials upgrade properly now.: Jim Pingle
02:33 PM Revision 46698c3f: Reject encrypted CA private keys. Resolves #1446: Jim Pingle
01:59 PM Revision 0cc5ab42: Confirmed working fix for ticket #1417 - with this change I have two-way connectivity on Site-to-Site (SSL/TLS) with iroutes.: Jim Pingle
01:10 PM Bug #1439: WAN PPPoE config dropped on update from 1.2.3 (nanobsd) to 2.0-RC1 (snapshot 20110415-1518): Applied in changeset commit:"1f0c76cfd7086aa90ea97a9775f2f024390a02ec". Jim Pingle
10:35 AM Bug #1446: Export of internal generated cerificate (crt) ist empty when made from encrypted CA key: Applied in changeset commit:"46698c3f3c5e3f2e98829757616ddda3ce779b6d". Jim Pingle
10:07 AM Bug #1446: Export of internal generated cerificate (crt) ist empty when made from encrypted CA key: Prompting for the password is too large of a change to try squeezing in at this point in the release cycle. I'll look... Jim Pingle
02:38 AM Bug #1446: Export of internal generated cerificate (crt) ist empty when made from encrypted CA key: I thing I found the problem. The imported CA-private key was encrypted:
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: ... Claudio Thomas
10:00 AM Bug #1417: OpenVPN client specific overrides doesnt work by default: OK, I finally got it all the way straightened out. I confirmed it worked between two test VM networks with my last co... Jim Pingle
05:56 AM Bug #1417: OpenVPN client specific overrides doesnt work by default: For me, the client-config-dir works with the build "Fri Apr 15 18:54:32 EDT 2011". I didn't upgrade yet.
I read th... Raffael Schmid
07:12 AM pfSense Packages Bug #1385: Open-VM-Tools not working anymore: Jim P wrote:
> We need to fix the automated build process, not upload new binaries.
Any news on that problem?
... Charles AMPEAU
06:51 AM Bug #1448 (Feedback): PPTP VPN Radius authentication and accounting don't work: I find it very hard to believe there is any difference between amd64 and i386, all my systems that work fine are i386... Chris Buechler
06:44 AM Bug #1448: PPTP VPN Radius authentication and accounting don't work: Just tested with 64bit version. it's work directly after install using same config backup. 32 bit not working (latest... Zeev Zalessky
03:14 AM Bug #1448: PPTP VPN Radius authentication and accounting don't work: it is definitely working on 32 bit. Chris Buechler
03:12 AM Bug #1448: PPTP VPN Radius authentication and accounting don't work: please reopen it. PPTP Auth via radius not working in 32bit version!!!! Zeev Zalessky
03:27 AM pfSense Packages Bug #1423: Open-VM-Tools package script files broken in 2.0rc-1: _Include file open-vm-tools.inc could not be found for inclusion._
but why ? Anonymous
03:23 AM pfSense Packages Bug #1423: Open-VM-Tools package script files broken in 2.0rc-1: The EOFA has gone now... Anonymous

04/20/2011

08:28 PM Bug #1448 (Closed): PPTP VPN Radius authentication and accounting don't work: doubly confirmed, accounting and auth work fine. The posted config is correct. If you're seeing no traffic to your RA... Chris Buechler
08:18 PM Bug #1448 (Feedback): PPTP VPN Radius authentication and accounting don't work: it works fine. Also disables fine, you have to actually disable it by unchecking, you can't just take out the IP. Chris Buechler
08:01 PM Bug #1448: PPTP VPN Radius authentication and accounting don't work: Instead of opening a new bug i figured i would add to this.
I am having the same issue with PPTP authenticating to... Brian G
03:33 PM Bug #1448: PPTP VPN Radius authentication and accounting don't work: attached files from requested directory Zeev Zalessky
03:19 PM Bug #1448: PPTP VPN Radius authentication and accounting don't work: Can you show the contents of cat /var/etc/pptp-vpn/* Ermal Luçi
10:45 AM Bug #1448 (Closed): PPTP VPN Radius authentication and accounting don't work: PPTP VPN configured to use radius authentication and accounting. no traffic to radius server. no users authentication... Zeev Zalessky
10:59 AM Bug #1446: Export of internal generated cerificate (crt) ist empty when made from encrypted CA key: Might be something specific to your CA then, hard to say without trying it out. I imported a CA I had made a long tim... Jim Pingle
10:55 AM Bug #1446: Export of internal generated cerificate (crt) ist empty when made from encrypted CA key: Annexed the properties of the imported CA-certificate in case that the properties of the CA are the problem.
(create... Claudio Thomas
10:46 AM Bug #1446: Export of internal generated cerificate (crt) ist empty when made from encrypted CA key: Tag in /cf/conf/config.xml is empty:
<cert>
<refid>4daeeb458a580</refid>
<descr><![CDATA[thomas_c]]></descr>
... Claudio Thomas
08:33 AM Bug #1446 (Feedback): Export of internal generated cerificate (crt) ist empty when made from encrypted CA key: I performed that exact same sequence (imported a CA, generated a certificate, and exported) and I got the expected da... Jim Pingle
07:32 AM Bug #1446 (Resolved): Export of internal generated cerificate (crt) ist empty when made from encrypted CA key: After generating a own certificate the exported crt is empty.
How the problem can be reproduced:
# An own CA-cert... Claudio Thomas
09:03 AM Bug #1417: OpenVPN client specific overrides doesnt work by default: Yeah I had the wording in that wrong. There may be something else going on in P2P/TLS then. People on the forum were ... Jim Pingle
02:49 AM Bug #1417 (Feedback): OpenVPN client specific overrides doesnt work by default: that commit looks like it would have been ok, it was changed for P2P TLS, not shared key. Chris Buechler
02:44 AM Bug #1417: OpenVPN client specific overrides doesnt work by default: Hm, okay. But I use certificate based authentication....
So please reopen? Raffael Schmid
07:46 AM Feature #1447 (Resolved): Export certificates in pkcs12 format: It would help if the stored certificates could be exported also in PKCS12-format, because many clients (like some on ... Claudio Thomas

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

05/19/2011

05/18/2011

05/17/2011

05/16/2011

05/15/2011

05/14/2011

05/13/2011

05/12/2011

05/11/2011

05/10/2011

05/09/2011

05/08/2011

05/07/2011

05/06/2011

05/05/2011

05/04/2011

05/03/2011

05/02/2011

04/30/2011

04/29/2011

04/28/2011

04/27/2011

04/26/2011

04/25/2011

04/24/2011

04/23/2011

04/22/2011

04/21/2011

04/20/2011