Activity

30 days up to

User

Subprojects

Activity

From 10/26/2011 to 11/24/2011

11/24/2011

04:30 AM Feature #2026 (Resolved): [Patch] Multiple SMTP notice recipients: When trying to use multiple smtp notification recipients in 2.0, I ran into the fact that it isn't possible to enter ... Peter O
04:26 AM Feature #2025 (New): Captive Portal: Easy accessible Logout page instead of Logout pop-up window: I suggest a functionality that allows using a logout page instead of a pop-up. The reason why I am suggesting this is... Mark Dammer
03:39 AM Feature #2024 (New): RRD Graphs for packages: It would be nice to have some sort of feature, in the current RRD graphing, to provide the ability for packages to pl... Warren Baker

11/19/2011

05:22 PM Bug #2015 (Closed): Firewall: Shaper, By Queues View. Needs a couple of little fixes: Hi,
in the "Firewall: Shaper, By Queues View" page of the webConfigurator, there are a couple of small things to fix... Michele Di Maria
12:56 PM Bug #2014 (Rejected): snort: nothing here to make this an acceptable bug report, post to the list or forum. Please don't open tickets unless they ... Chris Buechler
09:57 AM Bug #2014: snort: /rules/snort_voip.rules(89) Undefined variable in the string: $SIP_SERVERS not availible
09:53 AM Bug #2014 (Rejected): snort: /rules/snort_file-identify.rules(26) ***PortVar Lookup failed on '$FILE_DATA_PORTS'. not availible
11:14 AM Revision 7492f21d: Only create config for enabled DHCPv6 server entries, prevent duplicate network configuration.: Seth Mos
11:06 AM Revision 5747a735: Also include services so that we can restart the LAN rtadvd process if needed.: Seth Mos

11/18/2011

05:33 PM Feature #2013 (Closed): Package log file size: Currently if a package has logging via syslog enabled, a 10K clog log file is created. Possibly this size should be i... Warren Baker
04:51 PM Bug #2012 (Resolved): 4th+ CARP member will not work with default automatic skew: I created a pfSense cluster with 4 members. I'm using CARP IPs and XMLRPC for configuration sync. As designed, the sk... Brian Scholer
08:23 AM Bug #1572: DHCP + MAC spoofing leads to link cycling: Justin Mitchell wrote:
> I'm having a similar issue to this so I wonder if it's linked. I'm running my WAN interface... Justin Mitchell
08:18 AM Bug #1572: DHCP + MAC spoofing leads to link cycling: I'm having a similar issue to this so I wonder if it's linked. I'm running my WAN interface in DHCP. If I try and cha... Justin Mitchell

11/17/2011

01:52 PM Feature #2006: CP ipfw fwd all non-authenticated clients' TCP connections to 127.0.0.1,8000: Using TCP RST and ICMP Destination Unreachable, trying to be kind to un-authenticated CP clients... Dim Hatz

11/16/2011

09:44 PM Revision 55aaceb3: Add a ddb.conf that will trigger textdumps for all panics and similar crashes, not leave some crashes at a db> prompt.: Jim Pingle
09:44 PM Revision 36a4cc17: Add a ddb.conf that will trigger textdumps for all panics and similar crashes, not leave some crashes at a db> prompt.: Jim Pingle
09:38 PM Revision 002cacab: Fix this ifconfig-push to also account for tap.: Jim Pingle
08:46 PM Revision 459e9333: If there is a tunnel network in tap mode, the second parameter is a subnet mask, not the other IP.: Jim Pingle
07:21 PM Bug #2011: Two NICs running CARP on the same network segment generate log flood: maybe it's the case to put a line here about that:
http://doc.pfsense.org/index.php/CARP_Configuration_Troubleshoo... Michele Di Maria
02:18 PM Bug #2011 (Rejected): Two NICs running CARP on the same network segment generate log flood: not a bug. Chris Buechler
02:17 PM Bug #2011 (Rejected): Two NICs running CARP on the same network segment generate log flood: Hello,
I am running pfSense with two NICs running CARP on the same VLAN of the same switch. It happens that in t... Michele Di Maria
05:04 PM Revision bf7b597a: Actually save the value typed in the bandwidth limit box for the openvpn client instead of ignoring it.: Jim Pingle
05:02 PM Revision b422360c: Actually save the value typed in the bandwidth limit box for the openvpn client instead of ignoring it.: Jim Pingle
04:49 PM Bug #2009 (Rejected): Reject rules for egress traffic in floating fail to log: reject is logged by pf as block, there is no reject in the logs. Chris Buechler
10:25 AM Bug #2009: Reject rules for egress traffic in floating fail to log: Hi Jim,
With the NSA 3110 we were testing with ICMP. In my testing here with my personal box I have changed the ru... Sam Wilson
08:02 AM Bug #2009: Reject rules for egress traffic in floating fail to log: The "reject" action only works for TCP and UDP. Other traffic is just blocked/dropped since it has no concept of reje... Jim Pingle
08:00 AM Bug #2009 (Rejected): Reject rules for egress traffic in floating fail to log: Hi All,
A colleague and I spent a few hours tonight with a NSA 3110 and later with my home firewall trying to diag... Sam Wilson
03:47 PM Revision 4ec48253: Check uppercase strings: Scott Ullrich
03:46 PM Revision 90b3c01c: Check uppercase strings: Scott Ullrich
03:42 PM Revision 9870b4a2: Ensure style is set to a valid item: Scott Ullrich
03:41 PM Revision 5d7791a2: Ensure style is set to a valid item: Scott Ullrich
02:01 PM Bug #2010: VLAN parent interface / altq interface wrong assumptions about int_family name format: Please Ignore int_family.patch Andre Keller
01:57 PM Bug #2010: VLAN parent interface / altq interface wrong assumptions about int_family name format: There is another part to this in inc/globals.inc Andre Keller
12:49 PM Bug #2010 (Resolved): VLAN parent interface / altq interface wrong assumptions about int_family name format: Hi
I ran into an issue with vmxnet3 NICs on current pfsene-2.1 developement release.
VMware stupidly choose vmx... Andre Keller
02:00 PM Bug #598: Need to block carp traffic to hosts self to avoid loops: Hi,
this change is causing a lot of logs in the case there are two nics on the same network segment. See http://foru... Michele Di Maria
02:12 AM Revision c69c58e2: Converting from scriptaculous to jQuery: Adding jQuery UI, so now we can use effects and widgets provided by this library and remove scriptaculous code. Build... Vinícius Coque

11/15/2011

09:30 PM Revision 45736415: Add a gui field to set the source tracking timeout for sticky connections.: Jim Pingle
08:49 PM pfSense Packages Feature #2008 (Rejected): Packet display in snort alerts: Here's a quick hack to allow optional display of snort alerts packets.
Default is to not display. A checkbox is prov... Dick Nixon
06:09 PM Revision a02ecc94: Converting javascript code from scriptaculous to jQuery: Vinícius Coque
05:12 PM Revision 6134cc8f: now we use the Chosen javascript plugin for jQuery: Vinícius Coque
04:55 PM Revision bef629ac: Converting from scriptaculous to jQuery: Vinícius Coque
09:34 AM Bug #1629: invalid state table entries after WAN IP change: This is what my states look like for my effected device from Diagnostics --> States when my VoIP adapter shows offlin... Pho Bia
09:06 AM Bug #1629: invalid state table entries after WAN IP change: I also experience this with my SIP device (PAP2T). I thought my provider was to blame as changing the remote server ... Pho Bia
09:07 AM Bug #1052: Certificate validation of the LDAPS servers is not enforced: In the following scenario:
LDAP server 1 has a certificate signed by CA1 and is used on openvpn1
LDAP server 2 ... Florent Daigniere
08:31 AM Bug #1052: Certificate validation of the LDAPS servers is not enforced: For me it is ok as is I do not see any loosing on having what i committed. Ermal Luçi

11/14/2011

08:18 PM Revision 22aaee7d: Merge over the end period fix for the custom rrd graphs section.: Seth Mos
05:42 PM Revision 643c9f9f: Fix the Off by One so that delegated prefix id 0 is shown on the LAN interface settings page.: Seth Mos
01:42 PM Revision 906daddc: Ticket #1052. Merge patch referenced in ticket.: Ermal LUÇI
01:42 PM Revision 6daf497b: Ticket #1052. Merge patch referenced in ticket.: Ermal LUÇI
09:09 AM Bug #1052: Certificate validation of the LDAPS servers is not enforced: Hi Ermal,
You have commited v1 of the patch, can you please use v2 instead?
Thanks
Florent Florent Daigniere
08:38 AM Bug #1052: Certificate validation of the LDAPS servers is not enforced: Committed. Ermal Luçi

11/13/2011

09:15 AM Bug #1052: Certificate validation of the LDAPS servers is not enforced: In fact TLS_CACERTDIR shouldn't be set at all in this case. Here is v2 of the same patch.
I know it's late ... b... Florent Daigniere
08:32 AM Bug #1052: Certificate validation of the LDAPS servers is not enforced: What is in master is still not working; There's two problems:
1) the environment variables need to be set before y... Florent Daigniere

11/12/2011

02:00 PM Feature #2007 (Needs Patch): RRD Data -- Saving and Restoring: Under "Diagnostics: Backup/restore", there is no Option on the pull-down menu to backup/restore ONLY the RRD data sep... Brian Lewis

11/11/2011

08:08 PM Revision 9eced774: username-as-common-name is not compatible with server-bridge, so don't put it in the config if server-bridge is active. Testing is needed to determine if there is any other negative impact, but with both present, openvpn will not start.: Jim Pingle
02:01 PM Bug #1992: OpenVPN in tap mode, allow transparant interface: Checked in a fix for that, should be up now. Jim Pingle
01:24 PM Bug #1992: OpenVPN in tap mode, allow transparant interface: Hmm, when trying to define the bridges' DHCP scope after selecting the to-be bridged interface (This is the second VP... Jasper Backer
12:14 PM Bug #1992: OpenVPN in tap mode, allow transparant interface: Installed it, testing. Jasper Backer
11:05 AM Bug #1992: OpenVPN in tap mode, allow transparant interface: Some notes on using that:
First, read all of the text descriptions on the new fields that show up when you switch ... Jim Pingle
11:03 AM Bug #1992: OpenVPN in tap mode, allow transparant interface: I committed the initial revision to the repo just now:
https://github.com/bsdperimeter/pfsense-packages/commit/dafa2... Jim Pingle
07:00 AM Bug #1992: OpenVPN in tap mode, allow transparant interface: Sounds like a good solution. Looking forward to it, as installing a (even beta) package instead of manually editing f... Jasper Backer
06:21 AM Bug #1992: OpenVPN in tap mode, allow transparant interface: Jim is making it into a package for 2.0.x users, so it can be fully vetted in all possible scenarios during the 2.1 r... Chris Buechler
04:50 AM Bug #1992: OpenVPN in tap mode, allow transparant interface: Would be really great if these changes would hit 2.0.1. Doesn't look like it would break existing installations to me... Jasper Backer
12:34 PM Feature #2006 (Resolved): CP ipfw fwd all non-authenticated clients' TCP connections to 127.0.0.1,8000: I noticed that in 2.0REL captiveportal.inc adds an ipfw rule to forward all un-authenticated clients' TCP connections... Dim Hatz
09:58 AM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: Yes but the 2.0 tries to be smarter in regards to the whole system about events.
This makes a lot of things better b... Ermal Luçi
09:53 AM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: As Derrick says,it's running on 1.2.3 with wan ip very well,my opinion it's userful to control pptp Server address bo... Hafiz Rafiyev
07:25 AM Bug #2005: URL aliases need validation of fetched data: I filed a related report in http://redmine.pfsense.org/issues/1991 Dim Hatz

11/10/2011

10:30 PM Bug #2005 (Resolved): URL aliases need validation of fetched data: If a user puts in a URL for an alias that contains invalid data, filter reloads fail. Need to validate what's returne... Chris Buechler
09:48 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: Chris Buechler wrote:
> It works (aside from now having this consequence), but yes it is technically not correct, an... Derrick Conner
09:23 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: It works (aside from now having this consequence), but yes it is technically not correct, and has never been shown th... Chris Buechler
08:42 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: So, does this mean I've been setting up 1.2.3 wrong all this time and it still works? Let me make sure I understa... Derrick Conner
06:54 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: David: you can still do just that without using the WAN IP there, any unused private IP is fine. Chris Buechler
06:30 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: Yes, I can confirm that setting that IP to an IP other than the WAN IP does avoid the problem.
I believe we origin... David Rees
05:11 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: Looks like Ermal figured out what triggers this - if you have the "PPTP Server IP" configured as your WAN IP, which i... Chris Buechler
09:37 PM Revision 1379d66f: Add an indication in the certificate list to show if a certificate is internally capable of being a CA (basicConstraints has CA:TRUE) or if the nsCertType is set to server.: Jim Pingle
05:02 PM Revision 035c5573: Fix order of client/server IPs and add a note, and clarify variable names. Fixes #2004.: Jim Pingle
05:01 PM Revision 298fe5ae: Fix order of client/server IPs and add a note, and clarify variable names. Fixes #2004.: Jim Pingle
03:58 PM pfSense Packages Bug #1982 (Feedback): Snort exits on rules update and does not restart: Update pushed on package. Ermal Luçi
03:58 PM pfSense Packages Bug #1982: Snort exits on rules update and does not restart: It is build like that by default on pfsense. Ermal Luçi
03:08 PM pfSense Packages Bug #1982: Snort exits on rules update and does not restart: It seems that compiling snort with --enable-reload will allow snort to reload on receiving a SIGHUP without requiring... Dim Hatz
03:35 PM Revision 21762198: Trim filename before use to clear away any unnecessary whitespace. Fixes client export package install (and probably others): Jim Pingle
12:48 PM Feature #1120 (Closed): Add checkbox on OpenVPN server/client to use cryptodev: This was implemented quite a while ago as a drop-down menu to select crypto accelerators (if present). Jim Pingle
12:48 PM Feature #1184 (Feedback): Certificate Manager - Ability to add nsCertType=SERVER extension to certificates: This was implemented yesterday in 2.1 and merged into 2.0.1.
https://github.com/bsdperimeter/pfsense/commit/7aaabd... Jim Pingle
12:41 PM Feature #1217: Change OpenVPN local/remote networks to lists instead of single boxes: Tried to work this out last week and found that our rowhelper code only works for once instance per page, so having i... Jim Pingle
12:40 PM Feature #1222 (Closed): Support for tun or tap mode in openvpn server: The tun/tap switch was added before 2.0 shipped, but had some issues that have since been fixed on mainline. Jim Pingle
12:37 PM Feature #1326 (Feedback): OpenVPN Server in tap mode: There were issues in the code, but they should be OK now. Fixed in mainline, not sure if it'll get backported to 2.0.... Jim Pingle
12:20 PM Bug #2004 (Feedback): Client Specific Override ->Tunnel Network: Jim Pingle
11:53 AM Bug #2004: Client Specific Override ->Tunnel Network: Ah, yeah you're right, the parameters to ifconfig-push in the csc file are backwards. It should be the other way to c... Jim Pingle
12:20 PM Bug #1992 (Feedback): OpenVPN in tap mode, allow transparant interface: Jim Pingle
12:20 PM Bug #1992: OpenVPN in tap mode, allow transparant interface: There were issues in the code, but they should be OK now. Fixed in mainline, not sure if it'll get backported to 2.0.... Jim Pingle

11/09/2011

09:30 PM Bug #1697: Interface group doesn't apply to all interfaces in all cases: Ok, so our initial tests showed this issue was resolved. But when applying live traffic on the box, about 70% of the ... Chase Bolt
09:26 PM Feature #1997: Add date picker to the Custom RRD graph page to translate to unix time.: That is an EXCELLENT converter, probably the BEST and ONLY one which allows for free-form (eg. 11/9/2011 12:15:59) in... Simon Fong
03:34 AM Feature #1997: Add date picker to the Custom RRD graph page to translate to unix time.: Possible candidate.
http://morecavalier.com/index.php?whom=Apps%2FUnix+timestamp+converter Seth Mos
08:45 PM Revision 77a88814: When creating an internal certificate, offer the user a choice of what constraints to place upon the certificate (CA, Server, or User).: Jim Pingle
08:43 PM Revision 7aaabd69: When creating an internal certificate, offer the user a choice of what constraints to place upon the certificate (CA, Server, or User).: Jim Pingle
07:13 PM Bug #2004: Client Specific Override ->Tunnel Network: .8 shows same result
Tunnel network = 10.10.10.8/30
assigns 10.10.10.9 to the client
client log:
openvpn[2664... W FM
06:56 PM Bug #2004 (Rejected): Client Specific Override ->Tunnel Network: .9/30 is not a valid subnet definition, which may be influencing the output. Use .8/30
http://doc.pfsense.org/inde... Jim Pingle
06:51 PM Bug #2004 (Resolved): Client Specific Override ->Tunnel Network: Tunnel Network description says:
This is the virtual network used for private communications between this client an... W FM
06:14 PM Feature #2003 (Closed): Allow Aliases in routing: Accept Aliases in System: Static Routes: Edit route -> Destination network W FM
05:48 PM Revision 74a556a3: Rework this a little since using tap+tunnel network is valid, but using tap+tunnel network+bridging is not (will not do what the user expects/wants): Jim Pingle
02:52 PM pfSense Packages Bug #2002 (Closed): snort: does not list ipv6 address in alert or block
it shows up as n/a.. there is a fix by using clear alert
however the i... not availible
01:51 PM Bug #2000 (Rejected): intel x520 network card: That card should be covered by the ixgbe driver which is in both amd64 and i386 already. If the existing driver doesn... Jim Pingle
01:25 PM Bug #2000 (Rejected): intel x520 network card: Hi!
I wanna know if there is the module for this card intel x520 10gb for amd64 cuz i've seen it for i386,
i have... ximena zea
01:48 PM Bug #2001 (Rejected): snort status: That is nowhere near a usable bug report. Please post in the forum until an actual bug has been confirmed. Jim Pingle
01:46 PM Bug #2001 (Rejected): snort status: Snort is now unreliable not availible
08:54 AM Bug #1999 (Resolved): Existing voucher settings upset new CP Zones/Vouchers code: If you have existing voucher settings, and update a system to master/2.1, the voucher settings will cause some issues... Jim Pingle
12:58 AM Bug #1998 (Rejected): Unable to check for updates for pfSense 2.0-RELEASE: leaving the base URL blank doesn't remove it, you'll have to remove it from globals.inc. there are no bugs here. YOu ... Chris Buechler

11/08/2011

11:56 PM Bug #1998: Unable to check for updates for pfSense 2.0-RELEASE: Even if someone wants to check for updates, pfSense should do it ALOT less frequently. Simon Fong
11:51 PM Bug #1998 (Rejected): Unable to check for updates for pfSense 2.0-RELEASE: When I UN-CHECK "Use a URL server for firmware upgrades other than www.pfsense.org" under "Updater Settings", and "Ba... Simon Fong
09:57 PM Revision 1ab6bdb5: Fix up OpenVPN server tap modes, support various options for providing or passing through DHCP. (Work in progress): Jim Pingle
05:57 PM Revision 0389f034: Prevent link cycling when spoofing mac + DHCP. Fixes #1572: Jim Pingle
05:56 PM Revision 49db607f: Prevent link cycling when spoofing mac + DHCP. Fixes #1572: Jim Pingle
12:55 PM Bug #1572: DHCP + MAC spoofing leads to link cycling: Applied in changeset commit:49db607f186c37ad48b25640184051a6ae205ff4. Jim Pingle
12:55 PM Bug #1572 (Feedback): DHCP + MAC spoofing leads to link cycling: Applied in changeset commit:0389f03498994dbdaf47543a325b58d14b1cdbab. Jim Pingle
12:36 PM Feature #1997 (Resolved): Add date picker to the Custom RRD graph page to translate to unix time.: The current custom rrd graph page needs a startdate and enddate in unix time. This really needs a date picker that se... Seth Mos
12:34 PM Bug #1990 (Resolved): Custom RRD Graphs Does NOT Properly Graph "End" Value: Seth Mos
12:25 PM Bug #1990: Custom RRD Graphs Does NOT Properly Graph "End" Value: It was on the todo list but forgotten, I am not sufficiently at home in javascript to do the calendar thing.
Seth Mos
11:59 AM Bug #1990: Custom RRD Graphs Does NOT Properly Graph "End" Value: Thank you Seth for fixing this issue!!
If only I can input dates & times on the "Custom RRD Graphs" page in human ... Simon Fong
10:23 AM Bug #1996 (Resolved): status_graph.php is not displaying real-time bw stats: The new jquery code that was added to the file isn't displaying the real-time bw stats from the rate program. The ori... Cino .
09:07 AM pfSense Packages Bug #1985: inspecting gzipped http flows: My testing has confirmed that it is fix Cino .

11/07/2011

09:05 PM Bug #1995 (Closed): Cannot edit default queue: When attempting to edit the default queue, you get "Only one default queue per interface is allowed." and cannot save... Chris Buechler
09:04 PM Bug #1994 (Rejected): Remove priority on HFSC: Since there is no concept of priority in HFSC it should be removed from the GUI. Chris Buechler
09:03 PM Bug #749 (Resolved): Downstream queues should not be assigned to LAN interfaces: Chris Buechler
09:02 PM Bug #1910 (Resolved): Duplex description inconsistency: Chris Buechler
08:58 PM Bug #636 (Resolved): layer7 not work correctly: the problems in general with layer7 were fixed before 2.0 release. The fact that pushing a ton of traffic through it ... Chris Buechler
08:55 PM Bug #1697 (Feedback): Interface group doesn't apply to all interfaces in all cases: Chris Buechler
08:54 PM Bug #1888 (Feedback): Upgrade ISC dhcpd to v4.2.2: updated to 4.2.3 Chris Buechler
08:53 PM Bug #1950 (Resolved): "Bypass firewall rules for traffic on the same interface" doesn't work as intended: Chris Buechler
07:48 PM Bug #1993 (Resolved): Unmonitored gateways cause wrong route-to: Gateways that aren't monitored end up being the only ones put into gateway groups reportedly.
http://forum.pfsense.... Chris Buechler
06:41 PM Revision 0d5f874d: Actually reflect the end time instead of always $now.: Fix Ticket #1990 Seth Mos
05:32 PM Revision 64d84825: Fix display of CARP widget to properly show Disabled status, bring code more in line with the carp status page, and clean it up a bit.: Jim Pingle
05:31 PM Revision 9b1a73f3: Fix display of CARP widget to properly show Disabled status, bring code more in line with the carp status page, and clean it up a bit.: Jim Pingle
04:07 PM Bug #1992: OpenVPN in tap mode, allow transparant interface: Chris, it is not how it's supposed to be.. When using tap, the "Tunnel Network" should have the option of not being f... Jasper Backer
04:05 PM Bug #1992 (Rejected): OpenVPN in tap mode, allow transparant interface: bug reports have to have a specific bug, this is a support request, please post to the forum or list. Chris Buechler
09:25 AM Bug #1992 (Resolved): OpenVPN in tap mode, allow transparant interface: I am trying to create a Road-warrior situation where the client is supposed to get an IP from the DHCP server in the ... Jasper Backer
02:55 PM Bug #1990 (Feedback): Custom RRD Graphs Does NOT Properly Graph "End" Value: Found the cause, we were using $now instead of $end, this should resolve it.
Do take note that there is a 5 second h... Seth Mos
01:50 PM Bug #1572: DHCP + MAC spoofing leads to link cycling: I have one installs where this happens too, I've stopped the flapping by putting by putting a switch in between the c... Seth Mos

11/06/2011

11:58 AM Revision abf421ce: Issue proper start and error messages during voucher loading: Ermal LUÇI
11:25 AM Revision 6cf64278: Check that we have an array to avoid php warnings++: Ermal LUÇI
11:23 AM Revision c535b28c: Check that we have an array to avoid php warnings: Ermal LUÇI

11/05/2011

06:52 PM Revision 4246293e: Merge pull request #17 from marcelloc/patch-4: Reduce fetch connection timeout from one minute to 5 seconds Scott Ullrich
11:12 AM Revision 83773d85: reduce fetch connection timeout from one minute to 5 seconds: this value changes only initial connection timeout, not download timeout. Marcello Silva Coutinho

11/04/2011

10:51 PM Revision 783321d0: If sticky is enabled, show a tab under Diag > States to view the source tracking table and clear it if needed.: Jim Pingle
03:05 PM Bug #1991 (Resolved): URL Table aliases issue after config restore: In a freshly installed 2.0 system, when restoring a previous config.xml, there seems to be an issue with error-handli... Dim Hatz
01:16 PM Bug #1990 (Resolved): Custom RRD Graphs Does NOT Properly Graph "End" Value: When I try to Set a "Start" value in Unix time AND an "End" value in Unix time, the "End" value turns into current Un... Simon Fong
06:07 AM Revision 7b7f9007: description is optional: Chris Buechler
06:06 AM Revision 8c4f1f7d: description is optional: Chris Buechler
06:05 AM Revision 9e57fc6e: description is optional: Chris Buechler
06:04 AM Revision e9e99042: description is optional: Chris Buechler

11/03/2011

08:13 PM Bug #1989 (Rejected): snort engine: no idea what you're referring to but this is nowhere near a legit bug report, post to the forum or list. Chris Buechler
06:59 PM Bug #1989 (Rejected): snort engine: snort has difficulty parsing data not availible
07:24 PM Bug #1697: Interface group doesn't apply to all interfaces in all cases: This appears fixed. Pings flow through both interfaces in a group, matching on the correct rule.
Tested on 2.0-RE... Chase Bolt
05:35 PM Bug #1988 (Resolved): Static ARP entries attempted to be applied on disabled interfaces: Static ARP entries on disabled interfaces are tried to be applied and fail since that network doesn't exist. Need a c... Chris Buechler
05:30 PM Revision f4c2d976: If sticky is enabled, show a tab under Diag > States to view the source tracking table and clear it if needed.: Jim Pingle
04:43 PM Revision 19f576fd: Allow carriage returns to separate filenames as well as spaces: Scott Ullrich

11/02/2011

09:03 PM Revision 10e5f4f3: Bump to 2.0.1-R: Jim Pingle
08:41 PM Feature #1682 (Closed): second MAC address for one IP address: that's already possible, just have to use a different hostname Chris Buechler
07:23 PM Revision 2bd6b12b: Adding missing file: Scott Ullrich
06:51 PM Revision 44d55df6: Only symlink files once: Scott Ullrich
06:50 PM Revision 764bd0ac: Download correct filenames: Scott Ullrich
03:19 PM pfSense Packages Bug #1982: Snort exits on rules update and does not restart: As reported above, this affects both i386 and x86 architectures according to reports in the link I gave:
http://foru... Seb A
03:05 PM Revision e3db5627: Fixes #1976. Correct passthrough mac entries to not overwrite each other this is different from allowed ips that used tables.: Ermal LUÇI
02:59 PM Revision a135349d: Fixes #1976. Correct passthrough mac entries to not overwrite each other this is different from allowed ips that used tables.: Ermal LUÇI
11:05 AM Bug #1976: problems with CP MAC pass-through: Applied in changeset commit:e3db5627224a0293f74e0d032a9b230f98f85952. Ermal Luçi
10:55 AM Bug #1976 (Feedback): problems with CP MAC pass-through: Applied in changeset commit:a135349d62a1932cb1ab9c29436efcd8e8a383d5. Ermal Luçi

11/01/2011

08:31 PM Revision 1cad6f6c: Convert MTU from 1.2.3 to MSS on 2.0, fixes #1886: Jim Pingle
08:30 PM Revision f6ee561e: Convert MTU from 1.2.3 to MSS on 2.0, fixes #1886: Jim Pingle
07:19 PM Revision 520d4137: Fix SMTP monitor check in upgrade code, too.: Jim Pingle
07:18 PM Revision 8081f316: Fix SMTP monitor check in upgrade code, too.: Jim Pingle
07:18 PM Bug #1987 (Resolved): GRE tunnel - Route search type: When configuring GRE tunnels, you have the option "Route search type", which should activate the LINK1 flag to the GR... Serghei Gutanu
07:14 PM Revision 3c19d44a: Fix default SMTP monitor parameters so they will properly check to see if an SMTP banner is received.: Jim Pingle
07:12 PM Revision 146a1717: Relayd expects send/expect arguments to be quoted strings. (And expect must be a pattern, not just a partial string): Jim Pingle
07:10 PM Revision 07c49a36: Fix default SMTP monitor parameters so they will properly check to see if an SMTP banner is received.: Jim Pingle
07:09 PM Revision 54d1a165: Relayd expects send/expect arguments to be quoted strings. (And expect must be a pattern, not just a partial string): Jim Pingle
06:15 PM Bug #1951: Auto generated reply-to rules not working: For the record, this must have been "upgrade rot". After doing a clean 2.0-Release install and restoring the exact sa... Larry Titus
05:02 PM Bug #1970: IPsec stops routing after a while: Proposed patch
http://sourceforge.net/mailarchive/message.php?msg_id=28279523 Dim Hatz
04:30 PM Bug #1886: Config upgrade needs to move MTU values to MSS: Applied in changeset commit:f6ee561edb89615910f316912ec033ab32e2960f. Jim Pingle
04:30 PM Bug #1886 (Feedback): Config upgrade needs to move MTU values to MSS: Applied in changeset commit:1cad6f6c891f7c70b36cfbdbaf4126084ab729ee. Jim Pingle
03:50 PM Feature #1986 (Resolved): Find a way to list logged in IPsec xauth users: At the moment there is no way to get a list of logged in users from racoonctl, setkey, or any other utility we're awa... Jim Pingle
12:35 PM pfSense Packages Bug #1765: Unable able to clear Snort Alerts: Applied in changeset commit:b4542701c3f275b74a309f0db7682086b6d7b461. Ermal Luçi
12:04 PM pfSense Packages Bug #1765: Unable able to clear Snort Alerts: I've confirmed that option 1 works on my box also.. Thanks Leon Topliss Cino .
11:07 AM pfSense Packages Bug #1765: Unable able to clear Snort Alerts: Hello, my first post here so hope its helpful. Not seeing the fix when i uninstall and reinstall. The Clear button se... Leon Topliss
12:15 PM pfSense Packages Bug #1982: Snort exits on rules update and does not restart: what platform btw? I'm running i386 and don't have this issue. Mine is set to update every 12 hours. Once in a while,... Cino .
03:55 AM pfSense Packages Bug #1985 (Feedback): inspecting gzipped http flows: Applied in changeset commit:4bd57d115d2fee37a0d9e8e999d6bfd3b986f3e1. Ermal Luçi

10/31/2011

11:20 PM pfSense Packages Bug #1985 (Resolved): inspecting gzipped http flows: brings back to fatal error in .conf
Enable 'extended_response_inspection' inspection before setting 'inspect_gzip' not availible
08:25 PM Revision 196d0085: Setup serial bits after upgrade on NanoBSD, too.: Jim Pingle
07:02 PM Revision 9d99eb95: Allow the serial speed adjustment to work for nanobsd as well.: Jim Pingle
03:35 PM Revision c1becc31: Add field to the GUI to select the serial console speed (May work as-is, needs more testing/feedback): Jim Pingle

10/30/2011

10:29 AM Feature #1548 (Closed): IPSEC Secondary Gateway: Closing, using #1965 instead. Jim Pingle
03:35 AM Feature #1965: Support Multiple IPsec Peers: It looks a duplicate of this:
http://redmine.pfsense.org/issues/1548
Actually this is explained better :D Michele Di Maria

10/29/2011

05:35 AM pfSense Packages Bug #1961: Spoink and IP banning: yes, it would be great!
As you understand, I personally don't want to focus on the solution itself, for me any solu... Michele Di Maria
02:22 AM Feature #1984 (Resolved): Allow CP Voucher submission via URL so they can be distributed as QR code: In addition to the web form, allow the submission of voucher via URL e.g.... Dim Hatz

10/28/2011

07:39 PM Bug #1983 (Resolved): Cancel Button generates a Confirm Form Resubmission message: Add or edit a rule (such as a firewall rule) and apply it, leaving the "The settings have been applied." message open... Cam Cook
03:34 PM Revision 5cf74791: Reformat the DNS Forwarder page a bit so it conforms with the other pages. Add some headers to make it more clear what each section does. Cosmetic changes only.: Jim Pingle
03:32 PM Revision 6661dbcf: Reformat the DNS Forwarder page a bit so it conforms with the other pages. Add some headers to make it more clear what each section does. Cosmetic changes only.: Jim Pingle
02:44 PM pfSense Packages Bug #1982 (Resolved): Snort exits on rules update and does not restart: Using Snort 2.9.0.5 pkg v. 2.0 on pfSense 2.0... using either autoupdate of rules or manual update of rules, if Snort... Seb A
01:50 PM pfSense Packages Bug #1942: snort_blocked.php loads blank: I've noticed that the snort_blocked.php page uses a lot of CPU in the php process. It takes a long time to render for... Seb A
01:36 AM pfSense Packages Bug #1942: snort_blocked.php loads blank: Blank Page happens also on pfsense 2.0 final at these URL
#blocked pages
/snort/snort_blocked.php
#alerts
/snor... tb o
01:45 PM pfSense Packages Bug #1961: Spoink and IP banning: Another solution is to remove Spoink and use SnortSam in it's place in the Snort package. I think this is in the dev ... Seb A

10/27/2011

09:10 PM Revision 26ba572a: Merge pull request #15 from marcelloc/patch-2: Fix missing description in rowhelper. Scott Ullrich
09:09 PM Revision b65ce59a: Fix missing description in rowhelper.: Marcello Silva Coutinho
08:28 PM Feature #290: Add Multi-WAN awareness to UPnP: I just tested pfSense 2.0-RELEASE and with multiple WAN w/ multiple public IP addresses, selecting the LAN interface ... Simon Fong
02:29 PM Revision ea9a4cc8: Assume a default value of 1 for cert_depth to disallow chaining.: Jim Pingle
02:29 PM Revision 77ed2f4c: Add GUI option to limit the certificate depth allowed when OpenVPN clients are connecting.: Jim Pingle
02:29 PM Revision 3f9c1775: Specify full path to openssl.cnf, and select the relevant section to use when generating certificates.: Jim Pingle
02:28 PM Revision 41936acc: Assume a default value of 1 for cert_depth to disallow chaining.: Jim Pingle
02:28 PM Revision 98963f27: Add GUI option to limit the certificate depth allowed when OpenVPN clients are connecting.: Jim Pingle
02:28 PM Revision 87b4deb2: Specify full path to openssl.cnf, and select the relevant section to use when generating certificates.: Jim Pingle
11:10 AM Bug #1918: update status: Just tried in three different browsers (2 of which I never access this device with) and an incognito window in Chromi... Dave Wilde

10/26/2011

10:40 PM Bug #1918: update status: In almost all cases, such errors are resolved by clearing your browser's cache or closing and opening the browser ses... Jim Pingle
09:22 PM Bug #1918: update status: Just noticed the same problem. This is a stock release that was upgraded from RC1 to RELEASE. I haven't altered any... Dave Wilde
10:38 PM Bug #1981 (Closed): lighttpd errorlog using text rather than clog format: Please note that the format of /var/log/lighttpd.error is text rather than clog, which could potentially eat up disks... Dim Hatz
09:14 PM Revision 4659f856: Fix up syslog settings a bit, add some missing options, fix formatting of syslog.conf, correct behavior of 'everything', code cleanup.: Jim Pingle
09:14 PM Revision 236524c2: Fix up syslog settings a bit, add some missing options, fix formatting of syslog.conf, correct behavior of 'everything', code cleanup.: Jim Pingle
05:48 PM Feature #1938: Filter messages broken into multiple syslog messages: Wow, that's troubling. I escaped it because it looked like PHP was swallowing the backslash. But I'm looking now and ... Ted Lum
05:14 PM Feature #1938: Filter messages broken into multiple syslog messages: A warning to those trying the proposed change, it doesn't quite work as written. It works if you run it from the comm... Jim Pingle
01:17 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: Chris Buechler wrote:
> we're working on it. a partial fix will be in 2.0.1 though not sure we can get it entirely f... Derrick Conner
01:15 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: we're working on it. a partial fix will be in 2.0.1 though not sure we can get it entirely fixed for then (it's comin... Chris Buechler
01:12 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: Hafiz Rafiyev wrote:
> anybody working on this urgent bug?
Not that I am aware of. I also have an embedded test... Derrick Conner
12:09 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: anybody working on this urgent bug? Hafiz Rafiyev
10:14 AM Bug #1928: Can't sync voucher database when carp peer is also active: I deleted the CARP sync so that the voucher database keeps syncing fine but when the master goes down I still can't g... Sander Naudts
09:29 AM Revision 12a2f395: Fix the 2nd grow command, add space: Ticket #1758 Seth Mos
08:13 AM Revision 16cc1c10: Increase the GROW for the 60 minute RRA so that we have atleast 2160 entries for 3 months worth of data.: Seth Mos
06:45 AM Revision 4fe54cdf: Add back the accidentally removed xml rrd restore line, otherwise we still don't have the new RRD file: Ticket #1758 Seth Mos

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

11/24/2011

11/23/2011

11/22/2011

11/21/2011

11/19/2011

11/18/2011

11/17/2011

11/16/2011

11/15/2011

11/14/2011

11/13/2011

11/12/2011

11/11/2011

11/10/2011

11/09/2011

11/08/2011

11/07/2011

11/06/2011

11/05/2011

11/04/2011

11/03/2011

11/02/2011

11/01/2011

10/31/2011

10/30/2011

10/29/2011

10/28/2011

10/27/2011

10/26/2011