Activity

30 days up to

User

Subprojects

Activity

From 10/13/2011 to 11/11/2011

11/11/2011

08:08 PM Revision 9eced774: username-as-common-name is not compatible with server-bridge, so don't put it in the config if server-bridge is active. Testing is needed to determine if there is any other negative impact, but with both present, openvpn will not start.: Jim Pingle
02:01 PM Bug #1992: OpenVPN in tap mode, allow transparant interface: Checked in a fix for that, should be up now. Jim Pingle
01:24 PM Bug #1992: OpenVPN in tap mode, allow transparant interface: Hmm, when trying to define the bridges' DHCP scope after selecting the to-be bridged interface (This is the second VP... Jasper Backer
12:14 PM Bug #1992: OpenVPN in tap mode, allow transparant interface: Installed it, testing. Jasper Backer
11:05 AM Bug #1992: OpenVPN in tap mode, allow transparant interface: Some notes on using that:
First, read all of the text descriptions on the new fields that show up when you switch ... Jim Pingle
11:03 AM Bug #1992: OpenVPN in tap mode, allow transparant interface: I committed the initial revision to the repo just now:
https://github.com/bsdperimeter/pfsense-packages/commit/dafa2... Jim Pingle
07:00 AM Bug #1992: OpenVPN in tap mode, allow transparant interface: Sounds like a good solution. Looking forward to it, as installing a (even beta) package instead of manually editing f... Jasper Backer
06:21 AM Bug #1992: OpenVPN in tap mode, allow transparant interface: Jim is making it into a package for 2.0.x users, so it can be fully vetted in all possible scenarios during the 2.1 r... Chris Buechler
04:50 AM Bug #1992: OpenVPN in tap mode, allow transparant interface: Would be really great if these changes would hit 2.0.1. Doesn't look like it would break existing installations to me... Jasper Backer
12:34 PM Feature #2006 (Resolved): CP ipfw fwd all non-authenticated clients' TCP connections to 127.0.0.1,8000: I noticed that in 2.0REL captiveportal.inc adds an ipfw rule to forward all un-authenticated clients' TCP connections... Dim Hatz
09:58 AM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: Yes but the 2.0 tries to be smarter in regards to the whole system about events.
This makes a lot of things better b... Ermal Luçi
09:53 AM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: As Derrick says,it's running on 1.2.3 with wan ip very well,my opinion it's userful to control pptp Server address bo... Hafiz Rafiyev
07:25 AM Bug #2005: URL aliases need validation of fetched data: I filed a related report in http://redmine.pfsense.org/issues/1991 Dim Hatz

11/10/2011

10:30 PM Bug #2005 (Resolved): URL aliases need validation of fetched data: If a user puts in a URL for an alias that contains invalid data, filter reloads fail. Need to validate what's returne... Chris Buechler
09:48 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: Chris Buechler wrote:
> It works (aside from now having this consequence), but yes it is technically not correct, an... Derrick Conner
09:23 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: It works (aside from now having this consequence), but yes it is technically not correct, and has never been shown th... Chris Buechler
08:42 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: So, does this mean I've been setting up 1.2.3 wrong all this time and it still works? Let me make sure I understa... Derrick Conner
06:54 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: David: you can still do just that without using the WAN IP there, any unused private IP is fine. Chris Buechler
06:30 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: Yes, I can confirm that setting that IP to an IP other than the WAN IP does avoid the problem.
I believe we origin... David Rees
05:11 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: Looks like Ermal figured out what triggers this - if you have the "PPTP Server IP" configured as your WAN IP, which i... Chris Buechler
09:37 PM Revision 1379d66f: Add an indication in the certificate list to show if a certificate is internally capable of being a CA (basicConstraints has CA:TRUE) or if the nsCertType is set to server.: Jim Pingle
05:02 PM Revision 035c5573: Fix order of client/server IPs and add a note, and clarify variable names. Fixes #2004.: Jim Pingle
05:01 PM Revision 298fe5ae: Fix order of client/server IPs and add a note, and clarify variable names. Fixes #2004.: Jim Pingle
03:58 PM pfSense Packages Bug #1982 (Feedback): Snort exits on rules update and does not restart: Update pushed on package. Ermal Luçi
03:58 PM pfSense Packages Bug #1982: Snort exits on rules update and does not restart: It is build like that by default on pfsense. Ermal Luçi
03:08 PM pfSense Packages Bug #1982: Snort exits on rules update and does not restart: It seems that compiling snort with --enable-reload will allow snort to reload on receiving a SIGHUP without requiring... Dim Hatz
03:35 PM Revision 21762198: Trim filename before use to clear away any unnecessary whitespace. Fixes client export package install (and probably others): Jim Pingle
12:48 PM Feature #1120 (Closed): Add checkbox on OpenVPN server/client to use cryptodev: This was implemented quite a while ago as a drop-down menu to select crypto accelerators (if present). Jim Pingle
12:48 PM Feature #1184 (Feedback): Certificate Manager - Ability to add nsCertType=SERVER extension to certificates: This was implemented yesterday in 2.1 and merged into 2.0.1.
https://github.com/bsdperimeter/pfsense/commit/7aaabd... Jim Pingle
12:41 PM Feature #1217: Change OpenVPN local/remote networks to lists instead of single boxes: Tried to work this out last week and found that our rowhelper code only works for once instance per page, so having i... Jim Pingle
12:40 PM Feature #1222 (Closed): Support for tun or tap mode in openvpn server: The tun/tap switch was added before 2.0 shipped, but had some issues that have since been fixed on mainline. Jim Pingle
12:37 PM Feature #1326 (Feedback): OpenVPN Server in tap mode: There were issues in the code, but they should be OK now. Fixed in mainline, not sure if it'll get backported to 2.0.... Jim Pingle
12:20 PM Bug #2004 (Feedback): Client Specific Override ->Tunnel Network: Jim Pingle
11:53 AM Bug #2004: Client Specific Override ->Tunnel Network: Ah, yeah you're right, the parameters to ifconfig-push in the csc file are backwards. It should be the other way to c... Jim Pingle
12:20 PM Bug #1992 (Feedback): OpenVPN in tap mode, allow transparant interface: Jim Pingle
12:20 PM Bug #1992: OpenVPN in tap mode, allow transparant interface: There were issues in the code, but they should be OK now. Fixed in mainline, not sure if it'll get backported to 2.0.... Jim Pingle

11/09/2011

09:30 PM Bug #1697: Interface group doesn't apply to all interfaces in all cases: Ok, so our initial tests showed this issue was resolved. But when applying live traffic on the box, about 70% of the ... Chase Bolt
09:26 PM Feature #1997: Add date picker to the Custom RRD graph page to translate to unix time.: That is an EXCELLENT converter, probably the BEST and ONLY one which allows for free-form (eg. 11/9/2011 12:15:59) in... Simon Fong
03:34 AM Feature #1997: Add date picker to the Custom RRD graph page to translate to unix time.: Possible candidate.
http://morecavalier.com/index.php?whom=Apps%2FUnix+timestamp+converter Seth Mos
08:45 PM Revision 77a88814: When creating an internal certificate, offer the user a choice of what constraints to place upon the certificate (CA, Server, or User).: Jim Pingle
08:43 PM Revision 7aaabd69: When creating an internal certificate, offer the user a choice of what constraints to place upon the certificate (CA, Server, or User).: Jim Pingle
07:13 PM Bug #2004: Client Specific Override ->Tunnel Network: .8 shows same result
Tunnel network = 10.10.10.8/30
assigns 10.10.10.9 to the client
client log:
openvpn[2664... W FM
06:56 PM Bug #2004 (Rejected): Client Specific Override ->Tunnel Network: .9/30 is not a valid subnet definition, which may be influencing the output. Use .8/30
http://doc.pfsense.org/inde... Jim Pingle
06:51 PM Bug #2004 (Resolved): Client Specific Override ->Tunnel Network: Tunnel Network description says:
This is the virtual network used for private communications between this client an... W FM
06:14 PM Feature #2003 (Closed): Allow Aliases in routing: Accept Aliases in System: Static Routes: Edit route -> Destination network W FM
05:48 PM Revision 74a556a3: Rework this a little since using tap+tunnel network is valid, but using tap+tunnel network+bridging is not (will not do what the user expects/wants): Jim Pingle
02:52 PM pfSense Packages Bug #2002 (Closed): snort: does not list ipv6 address in alert or block
it shows up as n/a.. there is a fix by using clear alert
however the i... not availible
01:51 PM Bug #2000 (Rejected): intel x520 network card: That card should be covered by the ixgbe driver which is in both amd64 and i386 already. If the existing driver doesn... Jim Pingle
01:25 PM Bug #2000 (Rejected): intel x520 network card: Hi!
I wanna know if there is the module for this card intel x520 10gb for amd64 cuz i've seen it for i386,
i have... ximena zea
01:48 PM Bug #2001 (Rejected): snort status: That is nowhere near a usable bug report. Please post in the forum until an actual bug has been confirmed. Jim Pingle
01:46 PM Bug #2001 (Rejected): snort status: Snort is now unreliable not availible
08:54 AM Bug #1999 (Resolved): Existing voucher settings upset new CP Zones/Vouchers code: If you have existing voucher settings, and update a system to master/2.1, the voucher settings will cause some issues... Jim Pingle
12:58 AM Bug #1998 (Rejected): Unable to check for updates for pfSense 2.0-RELEASE: leaving the base URL blank doesn't remove it, you'll have to remove it from globals.inc. there are no bugs here. YOu ... Chris Buechler

10/30/2011

10:29 AM Feature #1548 (Closed): IPSEC Secondary Gateway: Closing, using #1965 instead. Jim Pingle
03:35 AM Feature #1965: Support Multiple IPsec Peers: It looks a duplicate of this:
http://redmine.pfsense.org/issues/1548
Actually this is explained better :D Michele Di Maria

10/29/2011

05:35 AM pfSense Packages Bug #1961: Spoink and IP banning: yes, it would be great!
As you understand, I personally don't want to focus on the solution itself, for me any solu... Michele Di Maria
02:22 AM Feature #1984 (Resolved): Allow CP Voucher submission via URL so they can be distributed as QR code: In addition to the web form, allow the submission of voucher via URL e.g.... Dim Hatz

10/28/2011

07:39 PM Bug #1983 (Resolved): Cancel Button generates a Confirm Form Resubmission message: Add or edit a rule (such as a firewall rule) and apply it, leaving the "The settings have been applied." message open... Cam Cook
03:34 PM Revision 5cf74791: Reformat the DNS Forwarder page a bit so it conforms with the other pages. Add some headers to make it more clear what each section does. Cosmetic changes only.: Jim Pingle
03:32 PM Revision 6661dbcf: Reformat the DNS Forwarder page a bit so it conforms with the other pages. Add some headers to make it more clear what each section does. Cosmetic changes only.: Jim Pingle
02:44 PM pfSense Packages Bug #1982 (Resolved): Snort exits on rules update and does not restart: Using Snort 2.9.0.5 pkg v. 2.0 on pfSense 2.0... using either autoupdate of rules or manual update of rules, if Snort... Seb A
01:50 PM pfSense Packages Bug #1942: snort_blocked.php loads blank: I've noticed that the snort_blocked.php page uses a lot of CPU in the php process. It takes a long time to render for... Seb A
01:36 AM pfSense Packages Bug #1942: snort_blocked.php loads blank: Blank Page happens also on pfsense 2.0 final at these URL
#blocked pages
/snort/snort_blocked.php
#alerts
/snor... tb o
01:45 PM pfSense Packages Bug #1961: Spoink and IP banning: Another solution is to remove Spoink and use SnortSam in it's place in the Snort package. I think this is in the dev ... Seb A

10/27/2011

09:10 PM Revision 26ba572a: Merge pull request #15 from marcelloc/patch-2: Fix missing description in rowhelper. Scott Ullrich
09:09 PM Revision b65ce59a: Fix missing description in rowhelper.: Marcello Silva Coutinho
08:28 PM Feature #290: Add Multi-WAN awareness to UPnP: I just tested pfSense 2.0-RELEASE and with multiple WAN w/ multiple public IP addresses, selecting the LAN interface ... Simon Fong
02:29 PM Revision ea9a4cc8: Assume a default value of 1 for cert_depth to disallow chaining.: Jim Pingle
02:29 PM Revision 77ed2f4c: Add GUI option to limit the certificate depth allowed when OpenVPN clients are connecting.: Jim Pingle
02:29 PM Revision 3f9c1775: Specify full path to openssl.cnf, and select the relevant section to use when generating certificates.: Jim Pingle
02:28 PM Revision 41936acc: Assume a default value of 1 for cert_depth to disallow chaining.: Jim Pingle
02:28 PM Revision 98963f27: Add GUI option to limit the certificate depth allowed when OpenVPN clients are connecting.: Jim Pingle
02:28 PM Revision 87b4deb2: Specify full path to openssl.cnf, and select the relevant section to use when generating certificates.: Jim Pingle
11:10 AM Bug #1918: update status: Just tried in three different browsers (2 of which I never access this device with) and an incognito window in Chromi... Dave Wilde

10/26/2011

10:40 PM Bug #1918: update status: In almost all cases, such errors are resolved by clearing your browser's cache or closing and opening the browser ses... Jim Pingle
09:22 PM Bug #1918: update status: Just noticed the same problem. This is a stock release that was upgraded from RC1 to RELEASE. I haven't altered any... Dave Wilde
10:38 PM Bug #1981 (Closed): lighttpd errorlog using text rather than clog format: Please note that the format of /var/log/lighttpd.error is text rather than clog, which could potentially eat up disks... Dim Hatz
09:14 PM Revision 4659f856: Fix up syslog settings a bit, add some missing options, fix formatting of syslog.conf, correct behavior of 'everything', code cleanup.: Jim Pingle
09:14 PM Revision 236524c2: Fix up syslog settings a bit, add some missing options, fix formatting of syslog.conf, correct behavior of 'everything', code cleanup.: Jim Pingle
05:48 PM Feature #1938: Filter messages broken into multiple syslog messages: Wow, that's troubling. I escaped it because it looked like PHP was swallowing the backslash. But I'm looking now and ... Ted Lum
05:14 PM Feature #1938: Filter messages broken into multiple syslog messages: A warning to those trying the proposed change, it doesn't quite work as written. It works if you run it from the comm... Jim Pingle
01:17 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: Chris Buechler wrote:
> we're working on it. a partial fix will be in 2.0.1 though not sure we can get it entirely f... Derrick Conner
01:15 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: we're working on it. a partial fix will be in 2.0.1 though not sure we can get it entirely fixed for then (it's comin... Chris Buechler
01:12 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: Hafiz Rafiyev wrote:
> anybody working on this urgent bug?
Not that I am aware of. I also have an embedded test... Derrick Conner
12:09 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: anybody working on this urgent bug? Hafiz Rafiyev
10:14 AM Bug #1928: Can't sync voucher database when carp peer is also active: I deleted the CARP sync so that the voucher database keeps syncing fine but when the master goes down I still can't g... Sander Naudts
09:29 AM Revision 12a2f395: Fix the 2nd grow command, add space: Ticket #1758 Seth Mos
08:13 AM Revision 16cc1c10: Increase the GROW for the 60 minute RRA so that we have atleast 2160 entries for 3 months worth of data.: Seth Mos
06:45 AM Revision 4fe54cdf: Add back the accidentally removed xml rrd restore line, otherwise we still don't have the new RRD file: Ticket #1758 Seth Mos

10/25/2011

08:05 PM Revision b0b48a57: Correct typo in command.: Ticket #1758 Seth Mos
07:49 PM Revision eb346e0b: Ok, let's try not to corrupt the RRD files on upgrade. Leave the RRA arc: hives for the 720 minutes average at 1000.
Then run a rrdtool resize command to grow the RRA by 1000 and 2000 for the... Seth Mos
06:26 PM Revision d7778a7b: Ok, let's try not to corrupt the RRD files on upgrade. Leave the RRA archives for the 720 minutes average at 1000.: Then run a rrdtool resize command to grow the RRA by 1000 and 2000 for the 60 and 720 average respectively.
Attempts ... Seth Mos
05:34 PM Bug #1980 (Closed): RFC 2136 will not update two records for one interface: If you have two entries for the same interface, only the top one in the list will be updated when the address of that... Andreas Winge
03:06 PM Revision 4d89e4d7: Do not pass the ldap port separately, but add it to the LDAP URL. PHP's ldap_connect() ignores the passed port parameter if the first parameter is a URL instead of a hostname.: Jim Pingle
03:05 PM Revision 9f27de6d: Do not pass the ldap port separately, but add it to the LDAP URL. PHP's ldap_connect() ignores the passed port parameter if the first parameter is a URL instead of a hostname.: Jim Pingle
01:42 PM Feature #1979 (Resolved): Allow user-defined rules to utilize built-in system aliases: It would be useful to have some stock aliases that come by default which are not editable by users. These aliases wou... Jim Pingle
01:03 PM Feature #1913 (Resolved): Add relayd to Status > Services: Chris Buechler
08:47 AM Bug #1978 (Resolved): Multi-WAN+Multi-LAN shaper wizard VoIP bandwidth check is wrong: In traffic_shaper_wizard_multi_all.xml wizard when you get to the VoIP bandwidth screen there is a box for each WAN, ... Jim Pingle
12:00 AM Bug #1948 (Resolved): VoIP Rule from shaper wizard doesn't work as the description implies: Chris Buechler

10/24/2011

11:57 PM Bug #1920 (Resolved): Incorrect title banner in 2 of 3 "Status: System Logs" Web Configurator pages.: Chris Buechler
11:55 PM Bug #1954 (Closed): Outbound manual nat rules could break CARP: Chris Buechler
11:54 PM Bug #1960 (Resolved): Typo in php script for update status: Chris Buechler
11:28 PM Bug #1888: Upgrade ISC dhcpd to v4.2.2: ISC DHCP 4.2.3 was released on 19 Oct 2011
http://www.isc.org/software/dhcp Dim Hatz
10:34 PM Revision ea1cea05: Converting javascript code from prototype to jQuery: Vinícius Coque
10:11 PM Bug #1976: problems with CP MAC pass-through: #1958 details the same issue, closed it in favor of this one. Chris Buechler
09:27 PM Bug #1976 (Resolved): problems with CP MAC pass-through: There are issues with the MAC pass-through, replicable in the following scenarios (use the attached config as a start... Chris Buechler
10:11 PM Bug #1958 (Closed): CP ipfw ruleset has two rules with the same number: forgot this was here, opened #1976 instead which has the specific problem. Chris Buechler
08:48 PM Revision c6023b4a: Show RTT and Loss on Status > Gateways, not just on the widget: Jim Pingle
08:47 PM Revision fc4fa6de: Show RTT and Loss on Status > Gateways, not just on the widget: Jim Pingle
06:21 PM Revision 8f096822: Don't run ldap_urlchange on page load if there is a custom port, otherwise it appears to ignore a custom LDAP port even when it's correct in the config.: Jim Pingle
06:20 PM Revision 230b3b1b: Don't run ldap_urlchange on page load if there is a custom port, otherwise it appears to ignore a custom LDAP port even when it's correct in the config.: Jim Pingle
07:32 AM Bug #1975 (Rejected): Weird Interface Names.: Looks like a problem with your setup, I've got 2.0 amd64 installed in VirtualBox and it's fine.
Given the crashes ... Jim Pingle
04:09 AM Bug #1975 (Rejected): Weird Interface Names.: Hello,
just installed the latest release 2.0 amd64 into virtualbox and got weird interface names.
I'm still inv... Oliver Loch

10/23/2011

07:06 PM Bug #1974 (Resolved): Captive Portal RADIUS accounting bytes wrong: As discussed here:
http://forum.pfsense.org/index.php/topic,39555.0.html
ipfw entrystats is returning wrong valu... Chris Buechler
01:22 AM Revision 79226d4f: fix text: Chris Buechler
01:21 AM Revision 9f07c343: fix text: Chris Buechler

10/22/2011

10:13 PM Revision e03ef9a0: Converting ajax code from prototype to jQuery: Vinícius Coque
10:00 PM pfSense Packages Feature #1973 (Closed): Update siproxd to v0.8.1: http://siproxd.sourceforge.net/index.php?op=changelog
> Release 0.8.1
> 10-Jul-2011
> This release fixes some bu... Dim Hatz
09:56 PM Bug #1336: PPTP VPN NAT on WAN or other external interface: Test 2.0-Release This problem has been resolved.
Thank you pfsense team effort. Shadow Hwang
07:02 PM Revision 78d84a88: Converting from prototype to jQuery status_*: Vinícius Coque
07:01 PM Revision ef9773a5: Converting from prototype to jQuery: Vinícius Coque

10/21/2011

10:11 PM pfSense Packages Bug #1749: Rules/ Categories update: I am seeing this issue with 2.0 release, amd64. The process that autogenerates oinkmaster_nnnnnn_em0.conf is creating... David Nadle
04:42 PM Bug #1968: webconfigurator dies: well,I will try to unlock as suggested next time if it happens again.
Something I did not mention here, related to... Franck Bourdonnec
03:20 PM Bug #1968: webconfigurator dies: Probably the rate command is hanging on status_graph.php and if a command hangs like that, it hangs up fastcgi, which... Jim Pingle
03:13 PM Bug #1968: webconfigurator dies: ok,
new freeze of web interface WITHOUT modification.
This eliminates totally 'syntax error'
I made following in... Franck Bourdonnec
03:05 PM Revision 2c73ba5f: Shorten the NEGATE rule label as these are too long: Seth Mos
03:02 PM Feature #1972 (Resolved): Allow /31 networks to be configured: http://svn.freebsd.org/changeset/base/226402
Needs to be allowed on the web interface. Ermal Luçi
02:39 PM Bug #1971 (Rejected): carp sync username not honored: Duplicate of #1736 Jim Pingle
02:33 PM Bug #1971 (Rejected): carp sync username not honored: Carp sync appears to not use the @Remote System Username@ anymore, but always sends @admin@ as the username.
I had... Jesse Norell
01:44 PM Revision 64758836: Shorten the NEGATE rule label as these are too long: Seth Mos
08:04 AM Bug #1970: IPsec stops routing after a while: Might be related to #1351
Also this post to the ipsec-tools list sounds similar:
http://sourceforge.net/mailarchi... Jim Pingle

10/20/2011

05:14 PM Bug #1969: IPsec refuses connection after first Cisco Client connection: I believe this to be the same issue as bug 1970, except that somehow the Cisco client is not disconnecting properly (... c c
05:12 PM Bug #1970: IPsec stops routing after a while: Attached are logfiles. First is a connection while racoon is in a hung state, followed by 4 pings to 8.8.8.8 (all ti... c c
05:05 AM Bug #1970 (Resolved): IPsec stops routing after a while: Using the same setup as this bug:
http://redmine.pfsense.org/issues/1969
It appears that after a while with no cl... c c
02:49 PM Bug #1968: webconfigurator dies: no, no other addon, pure valilla pfsense 2.0 !
It is not my habit to spell www.something Www.something.
I have no... Franck Bourdonnec
02:32 PM pfSense Packages Bug #1443: Squid errors on updating version: This is now less of an issue as I have found that Squid will still run correctly. The error messages still appear, bu... Lloyd Collins
02:09 PM Bug #1402: When creating a QinQ it works until reboot.: Hi,
I'm experiencing the same trouble with qinq.
*My platform* : Pfsense 2.0 amd64
*What I am trying to do* ... Antoine Rodriguez
12:52 AM pfSense Packages Bug #1749: Rules/ Categories update: I too have noticed this problem. Even though Snort will say "reapplying enabled/disabled rules" when doing an updated... Kyle Britton

10/19/2011

11:20 PM Bug #1969 (Resolved): IPsec refuses connection after first Cisco Client connection: Full details etc in thread
http://forum.pfsense.org/index.php/topic,41631.0.html
I have mobile IPsec set up, and... c c
07:02 PM Bug #1968 (Feedback): webconfigurator dies: it's not that simple. need the specific problem, this isn't adequate as a bug report. I suspect it's an installed pac... Chris Buechler
06:31 PM Bug #1968 (Closed): webconfigurator dies: --- /conf/backup/config-1319057958.xml 2011-10-19 23:18:58.000000000 +0200
+++ /conf/backup/config-1319057344.xml 20... Franck Bourdonnec
06:43 PM Revision 976db9de: More typos/text fixes.: Jim Pingle
06:39 PM Revision f65555eb: More typos/text fixes.: Jim Pingle
05:59 PM Revision a499d560: Fix typo: Jim Pingle
05:59 PM Revision 7b230103: Fix typo: Jim Pingle
05:16 PM Revision 7492e6c3: Fix typo: Jim Pingle
05:16 PM Revision 08847295: Fix typo: Jim Pingle
06:55 AM Revision 1005d4bf: Add the OOM memory restructuring fix from Ticket #1758 into mainline for nanoBSD upgrades.: Seth Mos
03:11 AM pfSense Packages Bug #1443: Squid errors on updating version: I just checked and this is happening in the release version as well, in both VMware and on physical hardware. Lloyd Collins

10/18/2011

03:22 PM Bug #1856 (Closed): Removing a Phase 2 does not remove the SPD policy: Failed to replicate on current code.
more /tmp/spd.conf.reload.1318965869.ob2B1v
spddelete -6 2001:470:d72c:0:0:... Seth Mos
08:41 AM Revision 1e3c94dd: Modify code to remove memory usage to prevent a Out of Memory condition when upgrading the RRD database on a 128MB system.: Ticket #1758 Seth Mos
07:33 AM Revision 9dfd60db: Add a check to prevent this gateway code from triggering the address family check. This might not be all that is needed for Ticket #1949: Seth Mos
05:54 AM Bug #1758 (Feedback): Upgrade fails to upgrade RRD data for traffic and packets: Ok, so the code now triggers properly on a nanobsd system but it causes a Out of Memory situation on a 128MB system (... Seth Mos
03:36 AM Bug #1949 (Feedback): can not set gateway group on a filter rule.: The fix seems to work as intended, I tried switching filter rules back and forth on protocol, gateways, groups and ad... Seth Mos
03:01 AM Bug #1950 (Feedback): "Bypass firewall rules for traffic on the same interface" doesn't work as intended: The direct_networks table was never used but initially created for the purpose of negate policy based routing rules. ... Seth Mos

10/17/2011

05:10 PM pfSense Packages Bug #1966 (Resolved): 500 Error On Graph Request of LightSquid: System
------
I have PfSense version 2.0 (built on Tue Sep 13 17:33:40 EDT 2011), installed Squid 2.7.9_4.2 and Lig... Steve Beaudoin
03:13 PM Revision 7cc56826: Add missing ?, fix uname display. Fixes #1960: Jim Pingle
03:12 PM Revision ebcd13ca: Add missing ?, fix uname display. Fixes #1960: Jim Pingle
02:57 PM Feature #1965 (Resolved): Support Multiple IPsec Peers: In the future it would be nice to have IPsec allow connections to/from multiple peers for the same tunnel, for failov... Jim Pingle
11:10 AM Bug #1960: Typo in php script for update status: Applied in changeset commit:ebcd13cac1f5d83f7352016c9bc750adfd6e21fa. Jim Pingle
11:10 AM Bug #1960 (Feedback): Typo in php script for update status: Applied in changeset commit:7cc56826c8036cac40b95aab8e1c6349741e5e01. Jim Pingle
11:10 AM Bug #1964: Changing MTU on pfSense 2.0 doesn't work: The ticket system is not for troubleshooting or help - please keep it on the forum. Jim Pingle
11:04 AM Bug #1964: Changing MTU on pfSense 2.0 doesn't work: Why in pfsense 1.2.3 or in a linux-based firewall as Kerio Control it works and in pfSense 2.0 it doesn't work???
I'... Alessandro Bolletta
11:00 AM Bug #1964: Changing MTU on pfSense 2.0 doesn't work: Then your MTU is 1496. It changed as it was supposed to - which means the MTU change is not the problem, and you have... Jim Pingle
10:59 AM Bug #1964: Changing MTU on pfSense 2.0 doesn't work: Yes, I get the same ifconfig when I change MTU on the WebGUI, but it doesn't work, while if I do the same things in p... Alessandro Bolletta
10:52 AM Bug #1964 (Rejected): Changing MTU on pfSense 2.0 doesn't work: Please keep the discussion on the forum until a bug is confirmed. Changing the MTU works fine.
[2.0-RELEASE][root@... Jim Pingle
10:35 AM Bug #1964 (Rejected): Changing MTU on pfSense 2.0 doesn't work: I tried to change MTU on pfSense 2.0 into 1496 because of my internet connection needs. While i could get it working ... Alessandro Bolletta
02:08 AM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: Hafiz Rafiyev wrote:
> any progress abouts this bug?
Don't know. Was never contacted after my last comment nearl... David Rees
01:56 AM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: I second that question! Is there something anyone needs, such as access to an online system that can reproduce ... Derrick Conner
01:36 AM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: any progress abouts this bug? Hafiz Rafiyev

10/16/2011

08:05 PM Revision ebfc87d6: Converting from prototype to jQuery: Vinicius Coque
08:05 PM Revision e3c1ea9b: converting from prototype to jQuery: Vinicius Coque
05:54 PM Bug #1963 (Resolved): CP Voucher submission - 'Enter' button does not submit form in MSIE: Please note that the default webpage generated by get_default_captive_portal_html() /etc/inc/captiveportal.inc with a... Dim Hatz
08:35 AM Feature #1962 (Closed): disconnect specific pptpd interface from command line: For pfsense usage in secured network ability to disconnect specific dialin user or interface is must.
if some one k... Zeev Zalessky
12:49 AM pfSense Packages Bug #1961 (Closed): Spoink and IP banning: Hello,
this request follows this post on the Forum: http://forum.pfsense.org/index.php/topic,41895.0.html.
Su... Michele Di Maria

10/15/2011

07:26 PM Bug #1960 (Resolved): Typo in php script for update status: Hi,
I've just been messing with the Dashboard and found a "bug" in the html source as shown in the picture added. Oliver Loch
02:09 PM Bug #1959: openssl does not accept ECC-certificates: funny that it's possible to create a ecc-certificate using the older binary but it only works on the newer one …. Michal Fresel
02:07 PM Bug #1959: openssl does not accept ECC-certificates: related to this one #1851 Michal Fresel
02:06 PM Bug #1959 (Resolved): openssl does not accept ECC-certificates: The default openssl-package will not work with ECC-certificates... Michal Fresel
12:37 PM Bug #1851: ECC-Cert breaks the webconfigurator: maybe testing using the php-function "openssl_pkey_get_details" and checking for return-level could sanitize uploadin... Michal Fresel
12:04 PM Revision e1fd8311: Fixes #1948. Do not specify an interface for the Voip rules that intend a source ip.: Ermal LUÇI
12:04 PM Revision 8800783f: Fixes #1948. Do not specify an interface for the Voip rules that intend a source ip.: Ermal LUÇI
08:05 AM Bug #1948: VoIP Rule from shaper wizard doesn't work as the description implies: Applied in changeset commit:8800783f5d513c7ff0cbb890d988f95ac9db4df9. Ermal Luçi
08:05 AM Bug #1948 (Feedback): VoIP Rule from shaper wizard doesn't work as the description implies: Applied in changeset commit:e1fd8311bd36906e423c4c711dc3133078e8a464. Ermal Luçi
07:56 AM Feature #1901: Maintain IP range tables for popular Internet sites: I do not like that since you cannot draw the line what is more important and what is to skip. Ermal Luçi
07:54 AM Bug #1944 (Closed): Typo in /etc/inc/voucher.inc: Either was fixed from someone else or it was not an issue.
It is correct in code either way. Ermal Luçi
07:46 AM Bug #1956 (Closed): Detect if logout was succesful: I do not see any usefulness on this! Ermal Luçi
07:45 AM Bug #1957: Remove button-inside-hyperlink usage from web forms: Patches accepted! Ermal Luçi
06:59 AM Bug #1958: CP ipfw ruleset has two rules with the same number: notes from originator: ... Chris Buechler

10/14/2011

08:03 PM Bug #1958 (Closed): CP ipfw ruleset has two rules with the same number: Not at all sure if it's an issue or not (haven't used ipfw before), but I've noticed that on my system 'ipfw show' pr... Dim Hatz
09:24 AM Bug #1957 (Resolved): Remove button-inside-hyperlink usage from web forms: Having an <input type="button"> inside an <a href="..."> is technically a violation of HTML5. Also, it makes the butt... David Nadle
05:20 AM Bug #1951 (Rejected): Auto generated reply-to rules not working: no specific bug here, need to post things like this to the list or forum first as it's more likely a config issue as ... Chris Buechler
04:03 AM Bug #1956 (Closed): Detect if logout was succesful: Currently, a message "You have been disconnected." is shown regardless whether the user was logged in before or not. ... Benjamin P

10/13/2011

07:51 PM Revision cf37ec23: Remove the old direct_networks table which is not used throughout the filter code. Instead we now create a negate_networks table which contains both vpns, directly connected networks (static routes) which should never be tagged for policy routing which breaks traffic.: This fixes Ticket #1950 and needs to be MFC to 2.0 for 2.0.1 Seth Mos
06:47 PM Revision c066ea8a: Remove the old direct_networks table which is not used throughout the filter code. Instead we now create a negate_networks table which contains both vpns, directly connected networks (static routes) which should never be tagged for policy routing which breaks traffic.: This fixes Ticket #1950 and needs to be MFC to 2.0 for 2.0.1
Conflicts:
etc/inc/filter.inc Seth Mos
02:58 PM Revision f7dc7ce1: Add no nat/rdr rules for carp protocol so people do not screw their setups.: Ermal LUÇI
02:58 PM Revision 378b2987: Add no nat/rdr rules for carp protocol so people do not screw their setups.: Ermal LUÇI
12:28 PM Revision 7ad4b1f4: Move the old databases to the backup folder in conf: Fixes ticket #1758 Seth Mos
12:28 PM Revision eb5e790f: Restore the RRD backup before attempting a migration as this bites the nanobsd users.: We immediately backup the new databases to a new rrd.tgz file. The old database will be moved to /root
Fix for ticket... Seth Mos
12:15 PM Revision 8fa054b1: Move the old databases to the backup folder in conf: Fixes ticket #1758 Seth Mos
12:12 PM Revision e34cf1f6: Restore the RRD backup before attempting a migration as this bites the nanobsd users.: We immediately backup the new databases to a new rrd.tgz file. The old database will be moved to /root
Fix for ticket... Seth Mos
11:34 AM Bug #1951: Auto generated reply-to rules not working: 6 Screenshots attached. The Floating and Interface Group rules were only enabled one at a time. They are both disable... Larry Titus
11:10 AM Bug #1951: Auto generated reply-to rules not working: Without showing what you configured on the floating rules i cannot give you a real answer.
My first guess is that ... Ermal Luçi
11:09 AM Bug #1954 (Feedback): Outbound manual nat rules could break CARP: A fix has been put in for 2.0.1 to prevent nat from messing with carp packets. Ermal Luçi
11:07 AM Bug #1954 (Closed): Outbound manual nat rules could break CARP: If user create manual outbound rules with source any it can break carp protocol.
Prevent this by adding protection n... Ermal Luçi
11:07 AM Bug #1948: VoIP Rule from shaper wizard doesn't work as the description implies: That is true actually.
I will try to put a reasonable fix soon.
For now just remove the interface that is auto-se... Ermal Luçi
06:00 AM Bug #1758: Upgrade fails to upgrade RRD data for traffic and packets: Just a FYI in case people want to upgrade their 1.2.3 databases on their 2.0 installs. Executing the following code o... Seth Mos

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

11/11/2011

11/10/2011

11/09/2011

11/08/2011

11/07/2011

11/06/2011

11/05/2011

11/04/2011

11/03/2011

11/02/2011

11/01/2011

10/31/2011

10/30/2011

10/29/2011

10/28/2011

10/27/2011

10/26/2011

10/25/2011

10/24/2011

10/23/2011

10/22/2011

10/21/2011

10/20/2011

10/19/2011

10/18/2011

10/17/2011

10/16/2011

10/15/2011

10/14/2011

10/13/2011