Activity

30 days up to

User

Subprojects

Activity

From 11/07/2011 to 12/06/2011

12/06/2011

10:03 PM Revision 8a1ec636: Fixes this: http://redmine.pfsense.org/issues/2015: I was checking, but if someone of the stuff give it a check it would be much better, since this is a core feature! Michele Di Maria
09:55 PM Revision 4064f116: Merge pull request #27 from mdima/master: Fix for "Firewall: Shaper, By Queues View" Scott Ullrich
09:51 PM Revision d34ade52: Fixes this: http://redmine.pfsense.org/issues/2015: I was checking, but if someone of the stuff give it a check it would be much better, since this is a core feature! Michele Di Maria
08:33 PM Revision ebc21c01: Merge pull request #26 from mdima/master: Fix for some "duplicate menues" with some themes. Chris Buechler
08:29 PM Revision 0a029232: Fix for this: http://redmine.pfsense.org/issues/2037: Just changed some padding/margin in the CSS in order to avoid wrapping the menu.
Tested with Firefox 8, Chrome 15.0.8... Michele Di Maria
06:47 PM Bug #2041: DHCP failover Auto Generated Rules: This is the output from a firewall running pfSense 1.2.2. Notice that the auto generated rules like the one commented... Chris Mirchandani
01:18 PM Bug #2041 (Resolved): DHCP failover Auto Generated Rules: I am running the 2.0 final release AMD64. This install was performed via a flash drive images with a 2.0 beta memstic... Chris Mirchandani
04:55 PM Bug #2015: Firewall: Shaper, By Queues View. Needs a couple of little fixes: Ok, I was fixing it.
Please give it a check since this is a core feature! Two heads are better than one, and here i... Michele Di Maria
03:28 PM Bug #2037 (Feedback): Upon changing theme two "States" submenu appear in Diagnostics menu.: thanks, merged Chris Buechler
03:25 PM Bug #2037: Upon changing theme two "States" submenu appear in Diagnostics menu.: I just fixed it, I think it will be available in the next release.
I was just changing some padding/margin in the C... Michele Di Maria
02:52 PM pfSense Packages Bug #2033: Snort needs a couple of variables for SIP rules: I made a fix to this change waiting for merge... sorry, this time I tested on both machines. Michele Di Maria
09:07 AM Bug #2038: Some 3G WANs on 2.0.x do not come up on cold boot: this is driver-specific, or otherwise somehow not universal to all cases. My 4G card comes up fine on 2.0 and 2.0.1 a... Chris Buechler
05:03 AM Bug #1976 (Resolved): problems with CP MAC pass-through: fixed Chris Buechler
05:01 AM Bug #1886 (Resolved): Config upgrade needs to move MTU values to MSS: Chris Buechler
05:00 AM Bug #1758 (Resolved): Upgrade fails to upgrade RRD data for traffic and packets: Chris Buechler
04:59 AM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: moving back to normal priority since the fix is simply to fix the config, and removing target 2.0.1 since its release... Chris Buechler
04:52 AM Bug #1888 (Resolved): Upgrade ISC dhcpd to v4.2.2: Chris Buechler

12/05/2011

10:01 PM Feature #2040 (Resolved): Displaying nearby access points by power level: A nice feature that I never found in any box is the hability of ordering all
the nearby access points or ad-hoc peer... Borja Ruiz
09:23 PM Bug #2039 (Resolved): Adding a local interface conflicting with a static route in the routing table fails to add the link route: If you configure an interface with an IP subnet that exists in the routing table as a static route, after configuring... Chris Buechler
05:03 PM pfSense Packages Bug #2033: Snort needs a couple of variables for SIP rules: I updated the package, the service started at the "second try", but sometimes Snort does it after an update.
Btw,... Michele Di Maria
04:53 PM pfSense Packages Bug #2033 (Feedback): Snort needs a couple of variables for SIP rules: Scott Ullrich
04:53 PM pfSense Packages Bug #2033: Snort needs a couple of variables for SIP rules: Thanks! Scott Ullrich
12:05 AM Bug #2037: Upon changing theme two "States" submenu appear in Diagnostics menu.: They are all under /usr/local/www/themes/<theme name>/ Jim Pingle
12:01 AM Bug #2037: Upon changing theme two "States" submenu appear in Diagnostics menu.: Problem IS NOT there if chosing these themes:
pfsense
pfsense_ng
pfsense_dropdown
Problem is there while chosin... torontob toronbot

12/04/2011

04:16 PM Bug #2038 (Closed): Some 3G WANs on 2.0.x do not come up on cold boot: When booting a alix 2c3 with a Huawei 3G device the intial device boot will not succeed. A reboot or a saving (any) w... Seth Mos
04:11 PM Bug #2037: Upon changing theme two "States" submenu appear in Diagnostics menu.: It's a problem with that theme, not a "bug" in traditional sense.
The creator of the theme (or someone else with C... Jim Pingle
03:15 PM Bug #2037 (Resolved): Upon changing theme two "States" submenu appear in Diagnostics menu.: On a fresh install of pfSense 2.0 (stable and latest) and right after changing the theme from default to something li... torontob toronbot

12/03/2011

10:55 PM Revision b09ec44b: Require guiconfig.inc: Scott Ullrich
10:54 PM Revision 89597244: Require guiconfig.inc: Scott Ullrich
06:35 PM Bug #2036 (Feedback): 2.0 crash on WRAP PC Engines WRAP.1D: can't do anything with that, need a back trace. Chris Buechler
06:32 PM Bug #2036 (Closed): 2.0 crash on WRAP PC Engines WRAP.1D: after running 1.2.3 for more than one year without problems, my wrap crashes with 2.0 randomly.
After the latest cr... Hartmut W
10:46 AM Feature #2035 (Needs Patch): Add hw.intr_storm_threshold in sysctl tunning list.: As discussed with cmb, it would be nice to add hw.intr_storm_threshold in the sysctl list in the GUI.
FreeBSD's d... Pierre POMES

11/28/2011

06:54 PM Feature #2032 (Resolved): add functionality to encrypt the private key in a Viscosity bundle (OpenVPN Client Export): these patches allow the choice of encrypting the OpenVPN private key with a passphrase when downloading a Viscosity b... Bill McGonigle
06:36 PM Bug #2031 (Resolved): add help text for Certificate Manager serial number: I got confused by the 'Serial' field label in the CA manager for a CA certificate. I figured it was the CA's serial,... Bill McGonigle
06:51 AM Bug #2030 (Feedback): Timezones need to update for Russia: AFAIK this updates automatically with the zoneinfo from the base FreeBSD version being used, so it'll fix itself on 9... Chris Buechler
06:39 AM Bug #2030 (Resolved): Timezones need to update for Russia: Russian users can't set correct time because timzone info is old.
Need to update /usr/share/zoneinfo.tgz and some f... Nikolai Pogoreltsev
04:45 AM Bug #2028 (Resolved): Passive FTP with the same data port only works once: Using FTP through pfSense to a server that uses always the same port for passive data connections only works for the ... Frank Brendel

11/27/2011

07:09 PM Revision 16106d2e: Fix for redmine ticket #1993. Allow saving multiple dynamic entries.: Make sure that return_gateways_status() also returns all gateways that have monitoring disabled as up. Seth Mos
07:09 PM Revision c8423ac0: Concatenate array, using array_merge() will clobber numerical gateway group entries.: Seth Mos
06:33 PM Revision 50fd2013: Concatenate array, using array_merge() will clobber numerical gateway group entries.: Seth Mos
05:56 PM Revision f328ad12: Fix for redmine ticket #1993. Allow saving multiple dynamic entries.: Make sure that return_gateways_status() also returns all gateways that have monitoring disabled as up. Seth Mos
02:50 PM Bug #1993 (Resolved): Unmonitored gateways cause wrong route-to: It appears that fixing the backend functions resolves the incorrect filter rule generation.
Also fixed a issue whe... Seth Mos
10:51 AM Bug #1993: Unmonitored gateways cause wrong route-to: Not sure what sort of interface configuration this applies to.
Setting up a tripple DHCP now
Ok. When I configure 3... Seth Mos

11/26/2011

02:08 AM Bug #2027 (Resolved): "kip" firewall log parsing bug: Some filter log lines include "kip" in front of the IP and the current parsing code incorrectly shows that as part of... Chris Buechler

11/25/2011

05:45 PM Feature #2024: RRD Graphs for packages: Something we considered back then. Which is a few years ago. Add a include file that we generate a tab for in the UI.... Seth Mos

11/24/2011

04:30 AM Feature #2026 (Resolved): [Patch] Multiple SMTP notice recipients: When trying to use multiple smtp notification recipients in 2.0, I ran into the fact that it isn't possible to enter ... Peter O
04:26 AM Feature #2025 (New): Captive Portal: Easy accessible Logout page instead of Logout pop-up window: I suggest a functionality that allows using a logout page instead of a pop-up. The reason why I am suggesting this is... Mark Dammer
03:39 AM Feature #2024 (New): RRD Graphs for packages: It would be nice to have some sort of feature, in the current RRD graphing, to provide the ability for packages to pl... Warren Baker

11/23/2011

07:15 PM Bug #1275: Web management GUI; "Help" menu wraps around, and blocks access to "System" menu.: Use the default pfsense_ng theme or one of the others that doesn't have that issue, some of the non-default themes we... Chris Buechler
07:12 PM Bug #1275: Web management GUI; "Help" menu wraps around, and blocks access to "System" menu.: I just loaded pfSense 2.0 and while 1.2.3 was perfectly formatted 2.0 has this issue for me. I am not using any zoom ... Wayne Perry
03:56 PM Revision 34d0f40c: Clear the PHP errors when 'no' is pressed also.: Jim Pingle
03:23 PM Revision dc43ff1e: Show the PHP errors reported on the index page in the crash report so users are not confused by an empty report screen. Include them in the report and also clear them after sending.: Jim Pingle

11/22/2011

07:59 PM Revision 96f9e3fa: Unbreak the tree, pointy hat to me.: Fix for ticket #2022 Seth Mos
07:14 PM Revision af6f42c1: Ecnlose the host-name in quotes so that numerical values work.: Fixes ticket #2020 Seth Mos
07:10 PM Revision 2f590513: Enclose the hostname in quotes so that numerical values work too.: Fixes Ticket #2020 Seth Mos
07:06 PM Revision 361bb4a9: Correct logic mismatch, skip on RA mode disabled and dhcp is not enabled.: Fix ticket #2022 Seth Mos
07:01 PM Revision 7d504365: Comment out TFTP and NTP UI fields and block the code in services.inc.: ISC dhcpd does not support these yet. See redmine ticket #2016 Seth Mos
05:51 PM Revision 45e4510b: Fix exec bit; Add short message about maybe needing to reboot/restart services.: Jim Pingle
04:55 PM Revision 7d7ce752: Add first revision of a script to restore backups from the config history at the console.: Jim Pingle
04:55 PM Revision 8059f9cb: Add version to backup.cache in one more place: Jim Pingle
04:55 PM Revision 92420c0a: Also show the config version in the backup history.: Jim Pingle
04:05 PM Revision 5e555f9e: Merge pull request #21 from Podilarius/master: Declare $rtadvdifs as an array before it is used to prevent error on dhcpdv6 start up. Scott Ullrich
04:02 PM Bug #2022: rtadvd not configured properly: Heh, you're missing a close bracket on line 98 Lih Wei Chia
03:21 PM Bug #2022 (Resolved): rtadvd not configured properly: Seth Mos
03:21 PM Bug #2022: rtadvd not configured properly: Thank you for your report, it's fixed. I meant to do something else there.
Seth Mos
03:08 PM Bug #2022 (Resolved): rtadvd not configured properly: (Hopefully I got it right this time)
It appears that the conditional in line 95 in services_rtadvd_configure() in ... Lih Wei Chia
04:02 PM Revision ffcc7357: Declare rtadvdifs as an array before it is used. This prevents an error on dhcpd for ipv6 start.: Richard Adams
03:29 PM Bug #2020 (Resolved): dhcpd fails to start when a static lease's hostname is numerical.: Fixes checked in, thank you for your report. Seth Mos
09:24 AM Bug #2020 (Resolved): dhcpd fails to start when a static lease's hostname is numerical.: For instance, I had a static dhcp lease with the hostname set to 6013. However, when I enabled this interface's dhcpd... Jeff Shaw
03:07 PM Feature #2016: DHCPv6 Server doesn't load if NTP server specified: Hurrah, it appears there is a draft, but no support.
http://tools.ietf.org/html/draft-ietf-ntp-dhcpv6-ntp-opt-06
... Seth Mos
01:29 PM Revision a8db7391: Resolves #2018. Add an id to the html object to make javascript work: Ermal LUÇI
01:29 PM Revision f64532e5: Resolves #2018. Add an id to the html object to make javascript work: Ermal LUÇI
01:28 PM Bug #2019 (Closed): Web UI says dhcpd started successfully even if it didn't.: general issue covered elsewhere. Chris Buechler
08:47 AM Bug #2019 (Closed): Web UI says dhcpd started successfully even if it didn't.: My system log says dhcpd failed to start, which it did, but after changing the config in Services->DHCP Server, or st... Jeff Shaw
01:01 PM Bug #2017: DHCPv6 Server not registering client names in DNS: Ok, but how about doing it for hosts with reservations? The hostname is available in the reservation. (Yes, I know if... Peter Linss
12:54 PM Bug #2017 (Closed): DHCPv6 Server not registering client names in DNS: I don't see how this can be made, ipv6 clients do not send a hostname. Neither do I see a possibility to match the DU... Seth Mos
02:56 AM Bug #2017 (Closed): DHCPv6 Server not registering client names in DNS: Setup both DHCP and DHCPv6 servers, using dsnmasq, client's IPv4 addresses are showing up in DNS, but IPv6 addresses ... Peter Linss
12:50 PM pfSense Packages Bug #2021: OpenVPN Client Export Utility not installing: On 2.1 it does (and will for a while) because the package backend was changed to PBIs and there are bound to be issue... Jim Pingle
12:48 PM pfSense Packages Bug #2021: OpenVPN Client Export Utility not installing: Righto, didn't know the base code affected that. Gitsynched and it installs fine now. Thanks! Lih Wei Chia
12:43 PM pfSense Packages Bug #2021 (Rejected): OpenVPN Client Export Utility not installing: I just installed this in an AMD64 VM about 5 minutes ago and it works fine. Be sure you are gitsynced to current mast... Jim Pingle
12:41 PM pfSense Packages Bug #2021 (Rejected): OpenVPN Client Export Utility not installing: It appears the latest client export utility's xml's screwy:
<depends_on_package_pbi>p7zip-9.20.1-amd64.pbi zip-3.0... Lih Wei Chia
08:30 AM Bug #2018: LDAP browser does not work in edit authentication servers page: Applied in changeset commit:a8db73919ca72947678142249138ba6c55841c5b. Ermal Luçi
08:25 AM Bug #2018 (Feedback): LDAP browser does not work in edit authentication servers page: Applied in changeset commit:f64532e5cb1a0f39c2ab84252754f5dd5967db3d. Ermal Luçi
07:59 AM Bug #2018 (Resolved): LDAP browser does not work in edit authentication servers page: There is a Javascript error in the edit authentication servers page /system_authservers.php?act=edit&id=0
Here the S... Max Lyth

11/21/2011

11:36 PM Revision 67e5f6bb: Merge pull request #20 from Podilarius/master: Add Missing ; back Chris Buechler
11:19 PM Revision 88d3861f: Update etc/inc/services.inc: Richard Adams
11:02 PM Revision 22201e1a: converting browser JS code from scriptaculous to jQuery: Vinícius Coque
09:46 PM Revision 030e4b31: Removing scriptaculous effects, now we use jQuery UI for visual effects: Vinícius Coque
09:43 PM Revision 5d0d5eb0: Fix errors caused by javascript code processed by jquery .html() method.: Vinícius Coque
09:35 PM Feature #2016 (Resolved): DHCPv6 Server doesn't load if NTP server specified: Error message in log:
php: /services_dhcp.php: The command '/usr/local/sbin/dhcpd -6 -user dhcpd -group _dhcp -chroo... Peter Linss
07:15 PM Revision c377a909: Add a comment in the code and a log message to notify the shutdown of rtadvd: Seth Mos
07:12 PM Revision 1e7e2e43: Remove the double colon, typo.: Seth Mos
07:03 PM Revision 82769dfe: Add strategic sleep commands into the configure and renewal process so that prefix delegation gets a chance to work.: Seth Mos
05:31 PM Revision 39cad6ae: Use low router lifetimes of 60, 120 and 180 seconds, make sure that rtadvd stops gracefully as it then will send a RA with a lifetime of 0 so that host pick up network renumbering.: Seth Mos
04:40 PM Revision 1dd8c3b6: Select the newest of processes to make the command better: Ermal LUÇI
04:40 PM Revision 29b97efa: Select the newest of processes to make the command better: Ermal LUÇI
04:13 PM Revision 673966e4: Setup the serial port in the factory reset as well, in case the default config in a rebrand has the serial console active.: Jim Pingle
02:19 PM Revision 927ea6e1: Fix display of widgets with configuration controls in IE. From Gertjan on the forum. See http://forum.pfsense.org/index.php/topic,42977.0.html: Jim Pingle

11/19/2011

05:22 PM Bug #2015 (Closed): Firewall: Shaper, By Queues View. Needs a couple of little fixes: Hi,
in the "Firewall: Shaper, By Queues View" page of the webConfigurator, there are a couple of small things to fix... Michele Di Maria
12:56 PM Bug #2014 (Rejected): snort: nothing here to make this an acceptable bug report, post to the list or forum. Please don't open tickets unless they ... Chris Buechler
09:57 AM Bug #2014: snort: /rules/snort_voip.rules(89) Undefined variable in the string: $SIP_SERVERS not availible
09:53 AM Bug #2014 (Rejected): snort: /rules/snort_file-identify.rules(26) ***PortVar Lookup failed on '$FILE_DATA_PORTS'. not availible
11:14 AM Revision 7492f21d: Only create config for enabled DHCPv6 server entries, prevent duplicate network configuration.: Seth Mos
11:06 AM Revision 5747a735: Also include services so that we can restart the LAN rtadvd process if needed.: Seth Mos

11/18/2011

05:33 PM Feature #2013 (Closed): Package log file size: Currently if a package has logging via syslog enabled, a 10K clog log file is created. Possibly this size should be i... Warren Baker
04:51 PM Bug #2012 (Resolved): 4th+ CARP member will not work with default automatic skew: I created a pfSense cluster with 4 members. I'm using CARP IPs and XMLRPC for configuration sync. As designed, the sk... Brian Scholer
08:23 AM Bug #1572: DHCP + MAC spoofing leads to link cycling: Justin Mitchell wrote:
> I'm having a similar issue to this so I wonder if it's linked. I'm running my WAN interface... Justin Mitchell
08:18 AM Bug #1572: DHCP + MAC spoofing leads to link cycling: I'm having a similar issue to this so I wonder if it's linked. I'm running my WAN interface in DHCP. If I try and cha... Justin Mitchell

11/17/2011

01:52 PM Feature #2006: CP ipfw fwd all non-authenticated clients' TCP connections to 127.0.0.1,8000: Using TCP RST and ICMP Destination Unreachable, trying to be kind to un-authenticated CP clients... Dim Hatz

11/16/2011

09:44 PM Revision 55aaceb3: Add a ddb.conf that will trigger textdumps for all panics and similar crashes, not leave some crashes at a db> prompt.: Jim Pingle
09:44 PM Revision 36a4cc17: Add a ddb.conf that will trigger textdumps for all panics and similar crashes, not leave some crashes at a db> prompt.: Jim Pingle
09:38 PM Revision 002cacab: Fix this ifconfig-push to also account for tap.: Jim Pingle
08:46 PM Revision 459e9333: If there is a tunnel network in tap mode, the second parameter is a subnet mask, not the other IP.: Jim Pingle
07:21 PM Bug #2011: Two NICs running CARP on the same network segment generate log flood: maybe it's the case to put a line here about that:
http://doc.pfsense.org/index.php/CARP_Configuration_Troubleshoo... Michele Di Maria
02:18 PM Bug #2011 (Rejected): Two NICs running CARP on the same network segment generate log flood: not a bug. Chris Buechler
02:17 PM Bug #2011 (Rejected): Two NICs running CARP on the same network segment generate log flood: Hello,
I am running pfSense with two NICs running CARP on the same VLAN of the same switch. It happens that in t... Michele Di Maria
05:04 PM Revision bf7b597a: Actually save the value typed in the bandwidth limit box for the openvpn client instead of ignoring it.: Jim Pingle
05:02 PM Revision b422360c: Actually save the value typed in the bandwidth limit box for the openvpn client instead of ignoring it.: Jim Pingle
04:49 PM Bug #2009 (Rejected): Reject rules for egress traffic in floating fail to log: reject is logged by pf as block, there is no reject in the logs. Chris Buechler
10:25 AM Bug #2009: Reject rules for egress traffic in floating fail to log: Hi Jim,
With the NSA 3110 we were testing with ICMP. In my testing here with my personal box I have changed the ru... Sam Wilson
08:02 AM Bug #2009: Reject rules for egress traffic in floating fail to log: The "reject" action only works for TCP and UDP. Other traffic is just blocked/dropped since it has no concept of reje... Jim Pingle
08:00 AM Bug #2009 (Rejected): Reject rules for egress traffic in floating fail to log: Hi All,
A colleague and I spent a few hours tonight with a NSA 3110 and later with my home firewall trying to diag... Sam Wilson
03:47 PM Revision 4ec48253: Check uppercase strings: Scott Ullrich
03:46 PM Revision 90b3c01c: Check uppercase strings: Scott Ullrich
03:42 PM Revision 9870b4a2: Ensure style is set to a valid item: Scott Ullrich
03:41 PM Revision 5d7791a2: Ensure style is set to a valid item: Scott Ullrich
02:01 PM Bug #2010: VLAN parent interface / altq interface wrong assumptions about int_family name format: Please Ignore int_family.patch Andre Keller
01:57 PM Bug #2010: VLAN parent interface / altq interface wrong assumptions about int_family name format: There is another part to this in inc/globals.inc Andre Keller
12:49 PM Bug #2010 (Resolved): VLAN parent interface / altq interface wrong assumptions about int_family name format: Hi
I ran into an issue with vmxnet3 NICs on current pfsene-2.1 developement release.
VMware stupidly choose vmx... Andre Keller
02:00 PM Bug #598: Need to block carp traffic to hosts self to avoid loops: Hi,
this change is causing a lot of logs in the case there are two nics on the same network segment. See http://foru... Michele Di Maria
02:12 AM Revision c69c58e2: Converting from scriptaculous to jQuery: Adding jQuery UI, so now we can use effects and widgets provided by this library and remove scriptaculous code. Build... Vinícius Coque

11/15/2011

09:30 PM Revision 45736415: Add a gui field to set the source tracking timeout for sticky connections.: Jim Pingle
08:49 PM pfSense Packages Feature #2008 (Rejected): Packet display in snort alerts: Here's a quick hack to allow optional display of snort alerts packets.
Default is to not display. A checkbox is prov... Dick Nixon
06:09 PM Revision a02ecc94: Converting javascript code from scriptaculous to jQuery: Vinícius Coque
05:12 PM Revision 6134cc8f: now we use the Chosen javascript plugin for jQuery: Vinícius Coque
04:55 PM Revision bef629ac: Converting from scriptaculous to jQuery: Vinícius Coque
09:34 AM Bug #1629: invalid state table entries after WAN IP change: This is what my states look like for my effected device from Diagnostics --> States when my VoIP adapter shows offlin... Pho Bia
09:06 AM Bug #1629: invalid state table entries after WAN IP change: I also experience this with my SIP device (PAP2T). I thought my provider was to blame as changing the remote server ... Pho Bia
09:07 AM Bug #1052: Certificate validation of the LDAPS servers is not enforced: In the following scenario:
LDAP server 1 has a certificate signed by CA1 and is used on openvpn1
LDAP server 2 ... Florent Daigniere
08:31 AM Bug #1052: Certificate validation of the LDAPS servers is not enforced: For me it is ok as is I do not see any loosing on having what i committed. Ermal Luçi

11/14/2011

08:18 PM Revision 22aaee7d: Merge over the end period fix for the custom rrd graphs section.: Seth Mos
05:42 PM Revision 643c9f9f: Fix the Off by One so that delegated prefix id 0 is shown on the LAN interface settings page.: Seth Mos
01:42 PM Revision 906daddc: Ticket #1052. Merge patch referenced in ticket.: Ermal LUÇI
01:42 PM Revision 6daf497b: Ticket #1052. Merge patch referenced in ticket.: Ermal LUÇI
09:09 AM Bug #1052: Certificate validation of the LDAPS servers is not enforced: Hi Ermal,
You have commited v1 of the patch, can you please use v2 instead?
Thanks
Florent Florent Daigniere
08:38 AM Bug #1052: Certificate validation of the LDAPS servers is not enforced: Committed. Ermal Luçi

11/13/2011

09:15 AM Bug #1052: Certificate validation of the LDAPS servers is not enforced: In fact TLS_CACERTDIR shouldn't be set at all in this case. Here is v2 of the same patch.
I know it's late ... b... Florent Daigniere
08:32 AM Bug #1052: Certificate validation of the LDAPS servers is not enforced: What is in master is still not working; There's two problems:
1) the environment variables need to be set before y... Florent Daigniere

11/12/2011

02:00 PM Feature #2007 (Needs Patch): RRD Data -- Saving and Restoring: Under "Diagnostics: Backup/restore", there is no Option on the pull-down menu to backup/restore ONLY the RRD data sep... Brian Lewis

11/11/2011

08:08 PM Revision 9eced774: username-as-common-name is not compatible with server-bridge, so don't put it in the config if server-bridge is active. Testing is needed to determine if there is any other negative impact, but with both present, openvpn will not start.: Jim Pingle
02:01 PM Bug #1992: OpenVPN in tap mode, allow transparant interface: Checked in a fix for that, should be up now. Jim Pingle
01:24 PM Bug #1992: OpenVPN in tap mode, allow transparant interface: Hmm, when trying to define the bridges' DHCP scope after selecting the to-be bridged interface (This is the second VP... Jasper Backer
12:14 PM Bug #1992: OpenVPN in tap mode, allow transparant interface: Installed it, testing. Jasper Backer
11:05 AM Bug #1992: OpenVPN in tap mode, allow transparant interface: Some notes on using that:
First, read all of the text descriptions on the new fields that show up when you switch ... Jim Pingle
11:03 AM Bug #1992: OpenVPN in tap mode, allow transparant interface: I committed the initial revision to the repo just now:
https://github.com/bsdperimeter/pfsense-packages/commit/dafa2... Jim Pingle
07:00 AM Bug #1992: OpenVPN in tap mode, allow transparant interface: Sounds like a good solution. Looking forward to it, as installing a (even beta) package instead of manually editing f... Jasper Backer
06:21 AM Bug #1992: OpenVPN in tap mode, allow transparant interface: Jim is making it into a package for 2.0.x users, so it can be fully vetted in all possible scenarios during the 2.1 r... Chris Buechler
04:50 AM Bug #1992: OpenVPN in tap mode, allow transparant interface: Would be really great if these changes would hit 2.0.1. Doesn't look like it would break existing installations to me... Jasper Backer
12:34 PM Feature #2006 (Resolved): CP ipfw fwd all non-authenticated clients' TCP connections to 127.0.0.1,8000: I noticed that in 2.0REL captiveportal.inc adds an ipfw rule to forward all un-authenticated clients' TCP connections... Dim Hatz
09:58 AM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: Yes but the 2.0 tries to be smarter in regards to the whole system about events.
This makes a lot of things better b... Ermal Luçi
09:53 AM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: As Derrick says,it's running on 1.2.3 with wan ip very well,my opinion it's userful to control pptp Server address bo... Hafiz Rafiyev
07:25 AM Bug #2005: URL aliases need validation of fetched data: I filed a related report in http://redmine.pfsense.org/issues/1991 Dim Hatz

11/10/2011

10:30 PM Bug #2005 (Resolved): URL aliases need validation of fetched data: If a user puts in a URL for an alias that contains invalid data, filter reloads fail. Need to validate what's returne... Chris Buechler
09:48 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: Chris Buechler wrote:
> It works (aside from now having this consequence), but yes it is technically not correct, an... Derrick Conner
09:23 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: It works (aside from now having this consequence), but yes it is technically not correct, and has never been shown th... Chris Buechler
08:42 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: So, does this mean I've been setting up 1.2.3 wrong all this time and it still works? Let me make sure I understa... Derrick Conner
06:54 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: David: you can still do just that without using the WAN IP there, any unused private IP is fine. Chris Buechler
06:30 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: Yes, I can confirm that setting that IP to an IP other than the WAN IP does avoid the problem.
I believe we origin... David Rees
05:11 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: Looks like Ermal figured out what triggers this - if you have the "PPTP Server IP" configured as your WAN IP, which i... Chris Buechler
09:37 PM Revision 1379d66f: Add an indication in the certificate list to show if a certificate is internally capable of being a CA (basicConstraints has CA:TRUE) or if the nsCertType is set to server.: Jim Pingle
05:02 PM Revision 035c5573: Fix order of client/server IPs and add a note, and clarify variable names. Fixes #2004.: Jim Pingle
05:01 PM Revision 298fe5ae: Fix order of client/server IPs and add a note, and clarify variable names. Fixes #2004.: Jim Pingle
03:58 PM pfSense Packages Bug #1982 (Feedback): Snort exits on rules update and does not restart: Update pushed on package. Ermal Luçi
03:58 PM pfSense Packages Bug #1982: Snort exits on rules update and does not restart: It is build like that by default on pfsense. Ermal Luçi
03:08 PM pfSense Packages Bug #1982: Snort exits on rules update and does not restart: It seems that compiling snort with --enable-reload will allow snort to reload on receiving a SIGHUP without requiring... Dim Hatz
03:35 PM Revision 21762198: Trim filename before use to clear away any unnecessary whitespace. Fixes client export package install (and probably others): Jim Pingle
12:48 PM Feature #1120 (Closed): Add checkbox on OpenVPN server/client to use cryptodev: This was implemented quite a while ago as a drop-down menu to select crypto accelerators (if present). Jim Pingle
12:48 PM Feature #1184 (Feedback): Certificate Manager - Ability to add nsCertType=SERVER extension to certificates: This was implemented yesterday in 2.1 and merged into 2.0.1.
https://github.com/bsdperimeter/pfsense/commit/7aaabd... Jim Pingle
12:41 PM Feature #1217: Change OpenVPN local/remote networks to lists instead of single boxes: Tried to work this out last week and found that our rowhelper code only works for once instance per page, so having i... Jim Pingle
12:40 PM Feature #1222 (Closed): Support for tun or tap mode in openvpn server: The tun/tap switch was added before 2.0 shipped, but had some issues that have since been fixed on mainline. Jim Pingle
12:37 PM Feature #1326 (Feedback): OpenVPN Server in tap mode: There were issues in the code, but they should be OK now. Fixed in mainline, not sure if it'll get backported to 2.0.... Jim Pingle
12:20 PM Bug #2004 (Feedback): Client Specific Override ->Tunnel Network: Jim Pingle
11:53 AM Bug #2004: Client Specific Override ->Tunnel Network: Ah, yeah you're right, the parameters to ifconfig-push in the csc file are backwards. It should be the other way to c... Jim Pingle
12:20 PM Bug #1992 (Feedback): OpenVPN in tap mode, allow transparant interface: Jim Pingle
12:20 PM Bug #1992: OpenVPN in tap mode, allow transparant interface: There were issues in the code, but they should be OK now. Fixed in mainline, not sure if it'll get backported to 2.0.... Jim Pingle

11/09/2011

09:30 PM Bug #1697: Interface group doesn't apply to all interfaces in all cases: Ok, so our initial tests showed this issue was resolved. But when applying live traffic on the box, about 70% of the ... Chase Bolt
09:26 PM Feature #1997: Add date picker to the Custom RRD graph page to translate to unix time.: That is an EXCELLENT converter, probably the BEST and ONLY one which allows for free-form (eg. 11/9/2011 12:15:59) in... Simon Fong
03:34 AM Feature #1997: Add date picker to the Custom RRD graph page to translate to unix time.: Possible candidate.
http://morecavalier.com/index.php?whom=Apps%2FUnix+timestamp+converter Seth Mos
08:45 PM Revision 77a88814: When creating an internal certificate, offer the user a choice of what constraints to place upon the certificate (CA, Server, or User).: Jim Pingle
08:43 PM Revision 7aaabd69: When creating an internal certificate, offer the user a choice of what constraints to place upon the certificate (CA, Server, or User).: Jim Pingle
07:13 PM Bug #2004: Client Specific Override ->Tunnel Network: .8 shows same result
Tunnel network = 10.10.10.8/30
assigns 10.10.10.9 to the client
client log:
openvpn[2664... W FM
06:56 PM Bug #2004 (Rejected): Client Specific Override ->Tunnel Network: .9/30 is not a valid subnet definition, which may be influencing the output. Use .8/30
http://doc.pfsense.org/inde... Jim Pingle
06:51 PM Bug #2004 (Resolved): Client Specific Override ->Tunnel Network: Tunnel Network description says:
This is the virtual network used for private communications between this client an... W FM
06:14 PM Feature #2003 (Closed): Allow Aliases in routing: Accept Aliases in System: Static Routes: Edit route -> Destination network W FM
05:48 PM Revision 74a556a3: Rework this a little since using tap+tunnel network is valid, but using tap+tunnel network+bridging is not (will not do what the user expects/wants): Jim Pingle
02:52 PM pfSense Packages Bug #2002 (Closed): snort: does not list ipv6 address in alert or block
it shows up as n/a.. there is a fix by using clear alert
however the i... not availible
01:51 PM Bug #2000 (Rejected): intel x520 network card: That card should be covered by the ixgbe driver which is in both amd64 and i386 already. If the existing driver doesn... Jim Pingle
01:25 PM Bug #2000 (Rejected): intel x520 network card: Hi!
I wanna know if there is the module for this card intel x520 10gb for amd64 cuz i've seen it for i386,
i have... ximena zea
01:48 PM Bug #2001 (Rejected): snort status: That is nowhere near a usable bug report. Please post in the forum until an actual bug has been confirmed. Jim Pingle
01:46 PM Bug #2001 (Rejected): snort status: Snort is now unreliable not availible
08:54 AM Bug #1999 (Resolved): Existing voucher settings upset new CP Zones/Vouchers code: If you have existing voucher settings, and update a system to master/2.1, the voucher settings will cause some issues... Jim Pingle
12:58 AM Bug #1998 (Rejected): Unable to check for updates for pfSense 2.0-RELEASE: leaving the base URL blank doesn't remove it, you'll have to remove it from globals.inc. there are no bugs here. YOu ... Chris Buechler

11/08/2011

11:56 PM Bug #1998: Unable to check for updates for pfSense 2.0-RELEASE: Even if someone wants to check for updates, pfSense should do it ALOT less frequently. Simon Fong
11:51 PM Bug #1998 (Rejected): Unable to check for updates for pfSense 2.0-RELEASE: When I UN-CHECK "Use a URL server for firmware upgrades other than www.pfsense.org" under "Updater Settings", and "Ba... Simon Fong
09:57 PM Revision 1ab6bdb5: Fix up OpenVPN server tap modes, support various options for providing or passing through DHCP. (Work in progress): Jim Pingle
05:57 PM Revision 0389f034: Prevent link cycling when spoofing mac + DHCP. Fixes #1572: Jim Pingle
05:56 PM Revision 49db607f: Prevent link cycling when spoofing mac + DHCP. Fixes #1572: Jim Pingle
12:55 PM Bug #1572: DHCP + MAC spoofing leads to link cycling: Applied in changeset commit:49db607f186c37ad48b25640184051a6ae205ff4. Jim Pingle
12:55 PM Bug #1572 (Feedback): DHCP + MAC spoofing leads to link cycling: Applied in changeset commit:0389f03498994dbdaf47543a325b58d14b1cdbab. Jim Pingle
12:36 PM Feature #1997 (Resolved): Add date picker to the Custom RRD graph page to translate to unix time.: The current custom rrd graph page needs a startdate and enddate in unix time. This really needs a date picker that se... Seth Mos
12:34 PM Bug #1990 (Resolved): Custom RRD Graphs Does NOT Properly Graph "End" Value: Seth Mos
12:25 PM Bug #1990: Custom RRD Graphs Does NOT Properly Graph "End" Value: It was on the todo list but forgotten, I am not sufficiently at home in javascript to do the calendar thing.
Seth Mos
11:59 AM Bug #1990: Custom RRD Graphs Does NOT Properly Graph "End" Value: Thank you Seth for fixing this issue!!
If only I can input dates & times on the "Custom RRD Graphs" page in human ... Simon Fong
10:23 AM Bug #1996 (Resolved): status_graph.php is not displaying real-time bw stats: The new jquery code that was added to the file isn't displaying the real-time bw stats from the rate program. The ori... Cino .
09:07 AM pfSense Packages Bug #1985: inspecting gzipped http flows: My testing has confirmed that it is fix Cino .

11/07/2011

09:05 PM Bug #1995 (Closed): Cannot edit default queue: When attempting to edit the default queue, you get "Only one default queue per interface is allowed." and cannot save... Chris Buechler
09:04 PM Bug #1994 (Rejected): Remove priority on HFSC: Since there is no concept of priority in HFSC it should be removed from the GUI. Chris Buechler
09:03 PM Bug #749 (Resolved): Downstream queues should not be assigned to LAN interfaces: Chris Buechler
09:02 PM Bug #1910 (Resolved): Duplex description inconsistency: Chris Buechler
08:58 PM Bug #636 (Resolved): layer7 not work correctly: the problems in general with layer7 were fixed before 2.0 release. The fact that pushing a ton of traffic through it ... Chris Buechler
08:55 PM Bug #1697 (Feedback): Interface group doesn't apply to all interfaces in all cases: Chris Buechler
08:54 PM Bug #1888 (Feedback): Upgrade ISC dhcpd to v4.2.2: updated to 4.2.3 Chris Buechler
08:53 PM Bug #1950 (Resolved): "Bypass firewall rules for traffic on the same interface" doesn't work as intended: Chris Buechler
07:48 PM Bug #1993 (Resolved): Unmonitored gateways cause wrong route-to: Gateways that aren't monitored end up being the only ones put into gateway groups reportedly.
http://forum.pfsense.... Chris Buechler
06:41 PM Revision 0d5f874d: Actually reflect the end time instead of always $now.: Fix Ticket #1990 Seth Mos
05:32 PM Revision 64d84825: Fix display of CARP widget to properly show Disabled status, bring code more in line with the carp status page, and clean it up a bit.: Jim Pingle
05:31 PM Revision 9b1a73f3: Fix display of CARP widget to properly show Disabled status, bring code more in line with the carp status page, and clean it up a bit.: Jim Pingle
04:07 PM Bug #1992: OpenVPN in tap mode, allow transparant interface: Chris, it is not how it's supposed to be.. When using tap, the "Tunnel Network" should have the option of not being f... Jasper Backer
04:05 PM Bug #1992 (Rejected): OpenVPN in tap mode, allow transparant interface: bug reports have to have a specific bug, this is a support request, please post to the forum or list. Chris Buechler
09:25 AM Bug #1992 (Resolved): OpenVPN in tap mode, allow transparant interface: I am trying to create a Road-warrior situation where the client is supposed to get an IP from the DHCP server in the ... Jasper Backer
02:55 PM Bug #1990 (Feedback): Custom RRD Graphs Does NOT Properly Graph "End" Value: Found the cause, we were using $now instead of $end, this should resolve it.
Do take note that there is a 5 second h... Seth Mos
01:50 PM Bug #1572: DHCP + MAC spoofing leads to link cycling: I have one installs where this happens too, I've stopped the flapping by putting by putting a switch in between the c... Seth Mos

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

12/06/2011

12/05/2011

12/04/2011

12/03/2011

12/01/2011

11/30/2011

11/29/2011

11/28/2011

11/27/2011

11/26/2011

11/25/2011

11/24/2011

11/23/2011

11/22/2011

11/21/2011

11/19/2011

11/18/2011

11/17/2011

11/16/2011

11/15/2011

11/14/2011

11/13/2011

11/12/2011

11/11/2011

11/10/2011

11/09/2011

11/08/2011

11/07/2011