Activity

30 days up to

User

Subprojects

Activity

From 01/21/2012 to 02/19/2012

02/19/2012

10:06 PM Bug #910 (Resolved): CARP+Bridging+NAT can lead to "freeze"/"lockup": Chris Buechler
10:05 PM Feature #803 (Resolved): Ability to circumvent adding of policy route negation rules for VPNs: Chris Buechler
10:05 PM Feature #1204 (Needs Patch): Captive Portal Chart: Chris Buechler
10:05 PM Feature #1357 (Needs Patch): captive portal informations throught SNMP: Chris Buechler
09:49 PM Bug #126 (Resolved): XML parser errors when enabling SSH: Chris Buechler
09:42 PM Feature #2205 (Feedback): relayd enhancements in system_advanced_misc.php: New tab added for global relayd settings. Pierre POMES
11:24 AM Bug #2213: Call to undefined function hash() in /etc/inc/auth.inc on line 507: OK. I'll upgrade to 5.3... I did look at 2115 prior to this submittal. Must have missed the requirement. No worries. ... Delete Account
11:17 AM Bug #2213 (Closed): Call to undefined function hash() in /etc/inc/auth.inc on line 507: This is because you must be using PHP 5.3 on the current code, not PHP 5.2.x. It was switched a while back. See #2115 Jim Pingle
11:16 AM Bug #2213: Call to undefined function hash() in /etc/inc/auth.inc on line 507: Crash report begins. Anonymous machine information:
i386
8.1-RELEASE-p6
FreeBSD 8.1-RELEASE-p6 #0: Mon Dec 12 1... Delete Account
11:10 AM Bug #2213 (Closed): Call to undefined function hash() in /etc/inc/auth.inc on line 507: Attempting to add a new user for captive portal testing purposes. Created a test user and clicked save... received th... Delete Account

02/18/2012

08:48 PM Bug #2212 (Resolved): dhclient not stopped after changing interface from DHCP to other type: after changing an interface away from DHCP, dhclient is left running. Chris Buechler
08:09 PM Feature #2205: relayd enhancements in system_advanced_misc.php: You are right, it is confusing.
According to relayd man page, these parameters can be applied globally and for eac... Pierre POMES
07:39 PM Revision cb2d0164: Add missing ;: Scott Ullrich
06:33 PM Revision f4782390: Merge pull request #51 from Joecowboy/master: Fix for White Space causing an error with Wifi Mode Scott Ullrich
06:25 PM Revision ebc2ee61: A friend of mine was having the same issue that was stated in another pull request with the explode function and white space. So when you commit changes on WLAN would throw and error stating MODE must have SSID set. Dropped the explode function all together, initialized the array first and then pushed the SSID onto the array if Mode is set to Access in your wireless configuration. No more Mode set issue. :D: Daniel Rasmussen
02:03 PM Feature #2211: tun interfaces should not be hidden from Interfaces>assign: Probably just rename the interface as we do for openvpn.
Otherwise some consequenceis might arise.
Most all of th... Ermal Luçi
02:18 AM Feature #2211 (Closed): tun interfaces should not be hidden from Interfaces>assign: tunX interfaces are hidden from assignment and should not be. they're useful in a number of circumstances when manual... Chris Buechler

02/17/2012

08:32 PM Bug #2210 (Resolved): "scrub in" usage needs evaluated: This commit:
https://github.com/bsdperimeter/pfsense/commit/a87c88106ab366f046baf0f459c445a055eea5f9
changed fro... Chris Buechler
08:20 PM Bug #2209 (Resolved): PPPoE MTU is not correctly set from values on interfaces.php: Setting the MTU on interfaces.php is ignored, and overridden by what's configured on the PPP instead. What's set by i... Chris Buechler
05:17 PM Bug #1351: Mobile IPsec no traffic pass trough after 2nd connect after 5 minutes: Need to rebuild the ipsec-tools port and use it in pfSense build. Ermal Luçi
01:54 PM Bug #1351: Mobile IPsec no traffic pass trough after 2nd connect after 5 minutes: Ermal,
Any chance you could shed some light on how to do that? I've got a few clients who this is affecting quite ... Arthur Brownlee IV
01:52 PM Bug #1705: Multi-WAN Failover loses default route: Bump in a new mode:
"Gateways status could not be determined, considering all as up/active."
Sent at least a few ... Harry Coin

02/16/2012

01:28 PM Bug #437 (Feedback): Y2K38 bug in user manager expiration: Ermal Luçi
12:59 PM Bug #437: Y2K38 bug in user manager expiration: that should have said commit:e32805d9 Yehuda Katz
12:56 PM Bug #437: Y2K38 bug in user manager expiration: I see that Seth merged my pull request: e32805d9 Yehuda Katz
11:35 AM pfSense Packages Bug #2208 (Resolved): Snort: Only the last updated rules get extracted, others get deleted: Steps to reproduce:
1. Install Snort via the Package Manager
2. Configure Global Settings to download Snort.org rul... Seb A
10:47 AM Bug #2207 (Resolved): Date header for E-mail incorrect.: PFSense E-mail notification date header: "Date: Thu, 16 Feb 2012 16:43:35 CET"
Date deceleration according to RFC822... Peter O

02/12/2012

10:40 AM pfSense Packages Bug #2198 (Rejected): OpenVPN Client Export Utility - When VPN Server mode is SSL/TLS + User Auth no certs to export: Not sure why it doesn't work for you, I've setup 3-4 VPNs this week in SSL/TLS + User Auth mode and it works fine to ... Jim Pingle
10:37 AM pfSense Packages Bug #2198 (Rejected): OpenVPN Client Export Utility - When VPN Server mode is SSL/TLS + User Auth no certs to export: When running an OpenVPN server in server mode "User Auth" or "SSL/TLS" the Client export Utility allows to export con... Alexander Wilke

02/11/2012

05:26 AM Bug #2165 (Feedback): IE 9 causes log out on Status>Traffic Graph: Fix tested with IE9, IE8 (with Adobe SVG plugin), Firefox, and Chrome. Erik Fonnesbeck
05:09 AM Revision c93b202d: Change to embed to prevent IE9 from misbehaving. Ticket #2165: Erik Fonnesbeck

02/10/2012

10:08 PM pfSense Packages Feature #2197 (Closed): WebDav gateway: I'd like a WebDAV gateway package.
At a minimum, it'd need to support user authentication, and provide read-only a... Scott Brickey
07:49 PM Revision 0c1f27ff: Correct disconnection of macs: Ermal LUÇI
06:14 PM Bug #2196: Multiple crypto cards in a box may conflict in unexpected ways: 0x2000000 = 33554432 decimal (why that sysctl wants a hex mask but displays in decimal) Jim Pingle
06:13 PM Bug #2196: Multiple crypto cards in a box may conflict in unexpected ways: Just to keep this noted here.
Seems -1 is not the value for software only but on 8.1 sources 0x02000000 is the value. Ermal Luçi
05:58 PM Bug #2196 (Not a Bug): Multiple crypto cards in a box may conflict in unexpected ways: If there are multiple crypto devices on a box (padlock, hifn, glxsb) it may lead to some abiguity or confusion about ... Jim Pingle
05:09 PM Feature #2143: Captive Portal - RADIUS - attribute: Acct-Terminate-Cause: We need to add an accounting on packet like this after the CP service has restarted:... Alexander Wilke
05:03 PM Bug #2164: Captive Portal - RADIUS - Acct-Session-Time does not reset when "stop/start accounting" is enabled: Hi,
I didn't get the patch too 100% applied with this command:... Alexander Wilke
11:54 AM Bug #2195 (Rejected): static route: Jim Pingle
11:53 AM Bug #2195 (Rejected): static route: Hello,
Static routes fails i have a multilan and multiwan environment because i use recommended settings a do not ... Nicanor Martinez
11:44 AM Bug #2184: Static route issue: Do not cross-post to the ticket system, this is for bug reports, not support discussions. Free support is given on th... Jim Pingle
11:41 AM Bug #2184: Static route issue: Hello,
Static routes fail in multilan y multiwan environment because i use recommended settings a not work, please... Nicanor Martinez

02/09/2012

04:26 PM Bug #2164: Captive Portal - RADIUS - Acct-Session-Time does not reset when "stop/start accounting" is enabled: Attached patch from request Ermal Luçi
08:40 AM Bug #2164: Captive Portal - RADIUS - Acct-Session-Time does not reset when "stop/start accounting" is enabled: Well this is an easy fix if it really works that way.
I am not sure what really the Acc-Session-Time measures but si... Ermal Luçi
12:56 PM pfSense Packages Bug #82 (New): dns-server/tiny-dns-package not working after reinstallation: Fixing up redmine's copies of the git repo it accidentally set this back to feedback in the process. Jim Pingle
12:52 PM pfSense Packages Bug #82 (Feedback): dns-server/tiny-dns-package not working after reinstallation: Applied in changeset commit:71bc2064b506456195c4aa0623aaf016c175aae9. Anonymous
12:53 PM Feature #2032: add functionality to encrypt the private key in a Viscosity bundle (OpenVPN Client Export): Applied in changeset commit:8490db315678c14c6b580e6d23718e8f089487c9. Jim Pingle
12:53 PM pfSense Packages Feature #1100: Add additional ports to squid (includes patch): Applied in changeset commit:dfbb5e15dfdcacafbb7544257da252a0c4ea33ed. Jim Pingle
12:33 PM pfSense Packages Bug #1765 (Resolved): Unable able to clear Snort Alerts: Thanks Cino. Ermal Luçi
10:03 AM pfSense Packages Bug #1765: Unable able to clear Snort Alerts: this has been resolved. you can close out this ticket Cino .
11:57 AM Bug #2031: add help text for Certificate Manager serial number: Applied in changeset commit:bfa526dc396cd4bfd79b70cc554fd4a2df394e1f. Jim Pingle
10:07 AM pfSense Packages Bug #1747: Barnyard2: barnyard2 works, i still have to manually install the file but it could because I'm running 2.1-dev Cino .
10:05 AM Bug #2184: Static route issue: I'am sure my static routes is properly configured i am reporting a bug and is not solved yet.
Regards
Nicanor M... Nicanor Martinez
10:01 AM Bug #2184 (Rejected): Static route issue: Please keep discussion and support questions on the forum. This ticket system is for confirmed bugs only, and static ... Jim Pingle
09:59 AM Bug #2184 (Rejected): Static route issue: Excuse me, i think is bug.
I trying instructions from forums since 2.0 beta versions and i can't solve the proble... Nicanor Martinez
10:05 AM Bug #1729: IMSpector-wip is missing some files for install: i believe this has been resolved but i'm unable to test Cino .
10:01 AM Bug #2182: Static Route issue: Please keep discussion and support questions on the forum. This ticket system is for confirmed bugs only, and static ... Jim Pingle
09:56 AM Bug #2182: Static Route issue: Excuse me, i think is bug.
I trying instructions from forums since 2.0 beta versions and i can't solve the proble... Nicanor Martinez
01:09 AM Bug #2182 (Rejected): Static Route issue: not a bug. read the reply you got on the forum Chris Buechler
12:54 AM Bug #2182 (Rejected): Static Route issue: Since beta version of pfsense 2 i have problems with static routes, traffics between static routes stop, all is confi... Nicanor Martinez

02/08/2012

10:43 PM Bug #1001 (Resolved): Captive portal session reuse invalid when MAC changes: this is addressed in #2082 Chris Buechler
10:41 PM Feature #1831: Captive portal IPv6 support: there is a lot involved here, people will expect to auth both v4 and v6 IPs in a single shot which complicates everyt... Chris Buechler
09:04 PM Revision 10fb17c1: Resolves #2052. Remove duplicate rule: Ermal LUÇI
09:03 PM Revision c92fb4c4: Resolves #2052. Remove duplicate rule: Ermal LUÇI
06:07 PM Feature #1520: Option to disable the automatic default gateway (re)selection: The short version is racoon need to learn to differentiate packets by their incoming interface.
A patch is present o... Ermal Luçi
04:00 PM Bug #2052: CP ipfw duplicate rules: Applied in changeset commit:c92fb4c4dea298072593b2aae22aed43dcf44972. Ermal Luçi
04:00 PM Bug #2052 (Feedback): CP ipfw duplicate rules: Applied in changeset commit:10fb17c167e72f7ba83b526f6435be45deeb34be. Ermal Luçi
12:08 PM Revision 09f638b6: Make sure to pass the string, not the array: Seth Mos
11:59 AM Bug #2174 (Closed): Using Show States with a large number of states causes an error: I'm running pfSense 2.0.1. I have the system configured to support 800K states, it generally has around 450K states ... Steve Boyle
11:57 AM Bug #2173 (Closed): pfsync errors: After upgrading from 2.0-RC3 to 2.0.1, the pfsync0 interface started reporting send errors.
[2.0.1-RELEASE][admin@ho... Steve Boyle
11:54 AM Revision 51c57aae: Perform actual 128 bit operations to make sure we get the math right.: Seth Mos
07:59 AM Revision fa3ee91d: Another try to eliminate the warning 'PHP Warning: Cannot modify header information - headers already sent by (output started at /etc/inc/authgui.inc:201) in /usr/local/www/guiconfig.inc on line 47': Ermal LUÇI
07:59 AM Revision 9252d093: Another try to eliminate the warning 'PHP Warning: Cannot modify header information - headers already sent by (output started at /etc/inc/authgui.inc:201) in /usr/local/www/guiconfig.inc on line 47': Ermal LUÇI
07:14 AM Bug #2171 (Closed): PHP fast-cgi and exit behaviour: All present php scripts in pfSense call exit after sending a redir or finding an error or wanting to just finish proc... Ermal Luçi
06:38 AM Revision c58715af: Change to embed to prevent IE9 from misbehaving. Ticket #2165: Erik Fonnesbeck
05:32 AM Revision c28fae2f: Revert "Check if a session already exists to avoid errors issued by php on sesion_start being called on existing session": This reverts commit 9b2de7e2a6afab31e1a62ac8d54435975a22a9a7. Erik Fonnesbeck
04:39 AM Feature #1169: Add load balancer status in SNMP: It is also necessary to add a text inside snmpd web configuration field where you can add customs commands, or someth... Daniele Palumbo

02/07/2012

09:25 PM pfSense Packages Feature #2170 (Closed): Enable AirPrint mdns via Avahi: Can we have Avahi adjusted to allow mdns broadcasts for Apple AirPrint?
This will allow iOS devices to print via C... kevev kevev
08:35 PM Revision 9b2de7e2: Check if a session already exists to avoid errors issued by php on sesion_start being called on existing session: Ermal LUÇI
08:26 PM Revision 2890cae5: Fixes #2082. Actually just correct the log to display the correct information: Ermal LUÇI
08:24 PM Revision fbdc4b56: Fixes #2082. Actually just correct the log to display the correct information: Ermal LUÇI
08:20 PM Revision 443abb31: Fixes #2082. Correct checking of existing session to take into consideration when possible/needed the mac address: Ermal LUÇI
08:19 PM Revision 843a6fe2: Fixes #2082. Correct checking of existing session to take into consideration when possible/needed the mac address: Ermal LUÇI
08:01 PM Revision 5c0d5003: Correct field name: Ermal LUÇI
07:06 PM Revision 67e73dcd: Fixes #1999. Upgrade bvoucher config as well during CP upgrade to multi-instance: Ermal LUÇI
04:30 PM Revision c7fc14a1: Since the CARP interface name changed to vip, devd needs to follow that change as well.: Jim Pingle
04:29 PM Revision 125a1098: Since the CARP interface name changed to vip, devd needs to follow that change as well.: Jim Pingle
03:43 PM Bug #1527 (Closed): route-to should not override static routes: Follow on #1136 Ermal Luçi
03:35 PM Feature #1099: pptp does not use User Manager: The only way to solve this is teach mpd about external script used to authenticate users, as for OpenVPN/IPSec etc.
... Ermal Luçi
03:25 PM Bug #2082: Captive Portal error when client IPs are reused: A non-fatal warning there would be nice. I'm not sure we should prevent it outright but they should be aware that it ... Jim Pingle
03:25 PM Bug #2082: Captive Portal error when client IPs are reused: Applied in changeset commit:fbdc4b568453198fda514800286825fa9e74896f. Ermal Luçi
03:25 PM Bug #2082: Captive Portal error when client IPs are reused: Applied in changeset commit:2890cae51a424519662922e558bc939077b66c7c. Ermal Luçi
03:22 PM Bug #2082: Captive Portal error when client IPs are reused: Changed error message. Probably should even warn user on dhcp timeout lower than CP timeout? Ermal Luçi
03:20 PM Bug #2082: Captive Portal error when client IPs are reused: Applied in changeset commit:843a6fe25ac303ceda46450a3f4ac24f69a54ecb. Ermal Luçi
03:20 PM Bug #2082 (Feedback): Captive Portal error when client IPs are reused: Applied in changeset commit:443abb317d52d57fba132eef7ebffa839538a0e4. Ermal Luçi
03:06 PM Bug #2127 (Feedback): Full Update Image Size is too large on 2.1: I removed the 3 biggest files there _Dev kernels and uniprocessor one since their presence is not really needed these... Ermal Luçi
02:05 PM Bug #1999 (Feedback): Existing voucher settings upset new CP Zones/Vouchers code: Applied in changeset commit:67e73dcd0663222e2d9c803e50a4a15104f8bc08. Ermal Luçi

02/06/2012

04:12 PM Revision 8b320242: Unset previously set voucher sync information: Ermal LUÇI
04:10 PM Revision 2720e1ce: Unset previously set voucher sync information: Ermal LUÇI
02:15 PM Bug #2166 (Resolved): Dynamic DNS not updating: RFC 2136 DNS is not updating when no DynDNS config is present.
Version:
2.0.1-RELEASE (amd64)
built on Mon Dec... Johan Braeken

02/04/2012

03:50 PM Feature #2143: Captive Portal - RADIUS - attribute: Acct-Terminate-Cause: There seems to be a function in /etc/inc/captiveportal.inc which has "Acct-Terminate-Cause = 7" but it seems not to w... Alexander Wilke
11:41 AM Revision 530b980c: Add nat rule if the target is in a subnet handled by a static route whose gateway is in the interface's subnet. Ticket #2163: Erik Fonnesbeck
11:41 AM Revision aa8d9918: Add static route subnets if their gateway is within the source subnet for the nat rule. Ticket #2163: Erik Fonnesbeck
11:14 AM Revision b9f637a7: Add nat rule if the target is in a subnet handled by a static route whose gateway is in the interface's subnet. Ticket #2163: Erik Fonnesbeck
09:30 AM Revision 1716682b: Add static route subnets if their gateway is within the source subnet for the nat rule. Ticket #2163: Erik Fonnesbeck
08:12 AM Revision 467a0304: Use the specific IP for NAT IP in filter_generate_reflection_nat to prevent a condition with multiple subnets on the same interface where replies get sent to the wrong IP.: Erik Fonnesbeck
08:07 AM Revision bf443dfe: Use the specific IP for NAT IP in filter_generate_reflection_nat to prevent a condition with multiple subnets on the same interface where replies get sent to the wrong IP.: Erik Fonnesbeck
06:49 AM Bug #2163 (Feedback): 1:1 NAT Reflection helper rules do not cover static route subnets: It should be good now with these two fixes and the one just before them for a separate related issue. Erik Fonnesbeck
02:42 AM Bug #2163: 1:1 NAT Reflection helper rules do not cover static route subnets: It appears that this only happens when the gateway referenced by the static route is directly reachable (on the same ... Erik Fonnesbeck
05:53 AM Revision 459bb026: correct branches in gitsync: Chris Buechler

02/03/2012

10:58 PM Bug #2165 (Resolved): IE 9 causes log out on Status>Traffic Graph: Browsing to Status>Traffic Graph in IE 9 logs the session out the web interface.
Attached is the contents of "Fol... Chris Buechler
08:28 PM Revision a748b372: Rename function and use variable: Warren Baker
08:24 PM Revision 5a7e41e6: Add builder binary: Warren Baker
08:23 PM Revision 8ff4e4d4: Support for configuring the configuring Unbound service: Warren Baker
06:53 PM Bug #2039: Adding a local interface conflicting with a static route in the routing table fails to add the link route: updated with proper description of problem Chris Buechler
03:48 PM Bug #2164 (Resolved): Captive Portal - RADIUS - Acct-Session-Time does not reset when "stop/start accounting" is enabled: Acct-Session-Time needs reset to value 0 when accounting-stop packet is sent. This is done when "no accounting update... Alexander Wilke
11:43 AM Bug #2163 (Resolved): 1:1 NAT Reflection helper rules do not cover static route subnets: If you enable NAT reflection for 1:1 NAT and also the outbound NAT rules to assist 1:1 NAT, the resulting rules only ... Jim Pingle
12:03 AM Revision 317b7e43: Revert "Combine RTT and Loss so that IPV6 addresses do not cause spillage into other widgets." - until I find the code that does ajax as well.: This reverts commit 1d09d6dbcd80546aec7bc3a91d3c862b00662662. Scott Ullrich

02/02/2012

11:58 PM Revision 1d09d6db: Combine RTT and Loss so that IPV6 addresses do not cause spillage into other widgets.: Scott Ullrich
05:13 PM Feature #2147: Cert Manager - additional download button for .p12: No that's fine, and that would work, but since you mentioned the client export package .p12 that's why I made the oth... Jim Pingle
05:09 PM Feature #2147: Cert Manager - additional download button for .p12: No need to include the CA.crt into pkcs12 (cert.crt + cert.key).
Just make a pkcs12 from the corresponding .crt an... Alexander Wilke
11:49 AM Feature #2147: Cert Manager - additional download button for .p12: The GUI uses PHP's built-in OpenSSL commands, and the Client Export package uses shell commands.
The PHP version o... Jim Pingle
04:20 PM Revision 6fbe0168: If the sticky option is changed, restart relayd. Fixes #2157: Jim Pingle
03:12 PM Revision eb7454c4: Don't use $pconfig in widgets, it has unintended side effects.: Jim Pingle
03:11 PM Revision 1bd549c4: Don't use $pconfig in widgets, it has unintended side effects.: Jim Pingle
01:12 PM Bug #1736: Allow other users to be used as authenticator in xmlrpc exchanges: Adding this to help prevent duplicate bugs...
In the Firewall -> Virtual IPs scree, in the CARP Settings tab, the ... Tommy McNeely
11:20 AM Bug #2157 (Feedback): Changing relayd settings in system_advanced_misc.php does not trigger relayd config update/reload: Applied in changeset commit:6fbe0168416bdb5d410cb36fdf531b317d3e072a. Jim Pingle

02/01/2012

09:53 PM Revision f33030aa: PPTP upgrade needs to declare $config a global.: Jim Pingle
09:52 PM Revision 5bcb312a: PPTP upgrade needs to declare $config a global.: Jim Pingle
08:33 PM Revision 6bc32273: Merge pull request #45 from namezero111111/patch-11: Wireless client config should allow blank SSID (resubmit, fixed blank li... Jim Pingle
08:29 PM Revision cb3c3fe4: Wireless client config should allow blank SSID (resubmit, fixed blank lines): Andy I.
06:28 PM Revision de5aec97: If the old bindlan option is there, assume the lan interface for binding.: Jim Pingle
06:28 PM Revision c82b2c3f: Change SNMP binding option to work on any eligible interface/VIP. Fixes #2158: Jim Pingle
06:27 PM Revision bc146558: If the old bindlan option is there, assume the lan interface for binding.: Jim Pingle
06:23 PM Revision 18d4d360: Change SNMP binding option to work on any eligible interface/VIP. Fixes #2158: Jim Pingle
05:58 PM Revision d835ffc8: Also write out the rules that caused the problem to ease troubleshooting.: Warren Baker
02:35 PM Bug #2159 (Resolved): Upgrade code breaks RRD databases on nano: Feb 1 20:28:40 php: /status_rrd_graph_img.php: Failed to create graph with error code 1, the error is: ERROR: No DS ... Seth Mos
01:25 PM Bug #2158: SNMP bind needs to list all interfaces/VIPs: Applied in changeset commit:18d4d360a3a5de5c80ab3940ce2cf80bee3859e6. Jim Pingle
01:25 PM Bug #2158 (Feedback): SNMP bind needs to list all interfaces/VIPs: Applied in changeset commit:c82b2c3f212e7c008146df624e0423d0f10770ab. Jim Pingle
08:19 AM Bug #2158 (Resolved): SNMP bind needs to list all interfaces/VIPs: The SNMP GUI has a "bind to LAN interface" option but that is a bit ambiguous and not so useful in 2.x. It also doesn... Jim Pingle
12:36 PM Revision dd576193: Add code that expresses the default gateway calculated from the broker address.: The stf adapter was correctly setup from the WAN IPv4 address apparently
Adds to ticket #2117 Seth Mos
11:36 AM Revision f87ccbed: Add more backend code to calculate the 6RD broker IPv6 address from the IPv4 broker address.: Adds to ticket #2117 Seth Mos
09:27 AM Bug #2130 (Resolved): Invalid netmask on IPv4 addresses core dumps filterdns: Seth Mos
07:46 AM Feature #2117: 6RD support for ISPs like Swisscom: from reading the sparse documentation one needs to calculate the IPv6 prefix address for the broker inside the give p... Seth Mos

01/31/2012

07:06 PM Revision 7a58a4ca: Only do foreach on the p2's if it's actually an array.: Jim Pingle
07:04 PM Revision a11df336: Only do foreach on the p2's if it's actually an array.: Jim Pingle
06:04 PM Bug #2157 (Resolved): Changing relayd settings in system_advanced_misc.php does not trigger relayd config update/reload: When changing relayd settings in this screen (for example: "use sticky connections"), /var/etc/relayd.conf should be ... Pierre POMES
02:50 PM pfSense Packages Bug #2156 (Closed): Can't install TinyDNS: unexpected '&': 1.2.3 is no longer supported. If someone would like to make a merge request in git for a separate package for 1.2.3 t... Chris Buechler
12:18 PM pfSense Packages Bug #2156: Can't install TinyDNS: unexpected '&': Looks like the IPv6 code I added last June might be breaking this in two ways on 1.2.3. First because PHP4 doesn't li... Jim Pingle
06:33 AM pfSense Packages Bug #2156 (Closed): Can't install TinyDNS: unexpected '&': I was trying to install TinyDNS under my installation of pfsense ..
It got to the Installing dns-server and its de... Ahmed El Gamil
01:04 PM Bug #2149: PPTP Split Tunnel: Yeah I would also be interested in finding out which PPTP server supports that. All the ones I have used don't provid... Warren Baker

01/30/2012

09:40 PM Revision 9f2bf2e2: Fix exec bit: Jim Pingle
09:40 PM Revision 51f4e64b: Add a small script to disable APM on ATA drives if they claim to support it. Leaving this on will kill drives long-term, especially laptop drives, by generating excessive Load Cycles.: The APM bit set will persist until the drive is power cycled, so it's necessary to run on each boot to be sure. Jim Pingle
09:27 PM Revision a000752b: Fix exec bit: Jim Pingle
09:24 PM Revision 92ac3b3d: Add a small script to disable APM on ATA drives if they claim to support it. Leaving this on will kill drives long-term, especially laptop drives, by generating excessive Load Cycles.: The APM bit set will persist until the drive is power cycled, so it's necessary to run on each boot to be sure. Jim Pingle
07:32 PM Bug #2149: PPTP Split Tunnel: I'm not aware of any PPTP server that does that in a way that works for all clients, which are you using that does? E... Chris Buechler
09:50 AM Bug #2149: PPTP Split Tunnel: I think your may mean that is it not possible for the PPTP Server used by pfSense to send routes to PPTP clients as I... Chris Mirchandani
02:18 AM Bug #2149 (Rejected): PPTP Split Tunnel: it's not possible to send routes to PPTP clients, has to be done on the client. Chris Buechler
01:18 AM Bug #2149 (Rejected): PPTP Split Tunnel: Establishing a PPTP tunnel with pfSense does not pass routes to PPTP VPN clients. This may or may not be intended so ... Chris Mirchandani
07:28 PM Feature #2148 (Closed): Dynamic DNS Update Frequency: the cron package allows editing that easily, don't think it's worthwhile for us to bother otherwise. though if you're... Chris Buechler
09:43 AM Feature #2148: Dynamic DNS Update Frequency: Chris,
My suggestion is not to change the time it runs for everyone. My suggestion is to show the time/frequency i... Chris Mirchandani
01:54 AM Feature #2148: Dynamic DNS Update Frequency: You can change your cron job in that case. We're not going to run something every 3 minutes on everyone's system that... Chris Buechler
01:13 AM Feature #2148: Dynamic DNS Update Frequency: Chris,
Updates may take place if the IP on the WAN interface changes, but not if the pfSense device is behind a DS... Chris Mirchandani
04:11 PM Feature #1829: CARP with IPv6 support: Patch committed for FreeBSD 8. Ermal Luçi
04:41 AM Feature #1829: CARP with IPv6 support: If feasible, add support for manually configuring the link-local address to send by way of a patch to rtadvd.
We cou... Seth Mos
02:53 PM Bug #2155 (Resolved): CP sends voucher as username to RADIUS when "re-auth every minute enabled": When using Captive Portal + RADIUS + vouchers then CaptivePortal sends the voucher code as username to RADIUS when "r... Alexander Wilke
11:01 AM Feature #2152 (Needs Patch): Pass-through MAC and Vouchers: When I enable Pass-though MAC automatic additions it adds both the people that authenticate using my radius and my vo... Nathan Achey
04:34 AM Feature #2151 (Resolved): Add IPv6 support to the pfSense module: Lifted from /etc/inc/interfaces.inc FIXME notes.
We need something to set the IPv6 address. And we need to have a fu... Seth Mos
03:17 AM Bug #2150 (Rejected): PPTP DNS Issue: thanks Warren, definitely not an issue as described then. Chris, post to the forum or mailing list for help. Chris Buechler
03:03 AM Bug #2150: PPTP DNS Issue: It works fine for me on amd64. No problems at all.
Try use tcpdump and see if the dns traffic is even hitting the FW. Warren Baker
02:34 AM Bug #2150 (Feedback): PPTP DNS Issue: most people run exactly that way, it works. I just double checked another install to verify. Though I don't have an a... Chris Buechler
01:26 AM Bug #2150 (Rejected): PPTP DNS Issue: For PPTP clients DNS fails, I get a DNS time out, on every IP on a pfSense interface for which DNS is configured incl... Chris Mirchandani

01/29/2012

05:09 PM Feature #2148 (Rejected): Dynamic DNS Update Frequency: It updates on every IP change, the cron job is only to update if the IP hasn't changed in 25 days so the provider doe... Chris Buechler
01:45 PM Feature #2148 (Closed): Dynamic DNS Update Frequency: The current Dynamic DNS configuration does not check for IP address changes often enough to be useful in many situati... Chris Mirchandani
04:22 PM Feature #2143: Captive Portal - RADIUS - attribute: Acct-Terminate-Cause: I bought a FreeRADIUS book: "FreeRADIUS Beginner's Guide by Dirk van der Walt" and I uploaded to excerpts which expla... Alexander Wilke

01/28/2012

04:56 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: http://sourceforge.net/mailarchive/forum.php?thread_name=91C62B8E3E2A4F75893DCBCD634ECACF%40Avitos&forum_name=ipsec-t... Ermal Luçi
12:41 PM Feature #2147 (Resolved): Cert Manager - additional download button for .p12: Cert Manager in pfsense allows to download the .crt and .key file of CA and certificates. But on windows clients we n... Alexander Wilke

01/27/2012

06:38 PM Bug #1698: IPSec tunnel from CARP backup interface: This needs to teach racoon about carp interface status. Ermal Luçi
06:36 PM Bug #1393 (Closed): IPSec Xauth: Follow-up on #1112 Ermal Luçi
06:32 PM Bug #1872 (Closed): ipsec-tools strict DPD cookie check: This probably should just be skipped since its just related to old gear.
Closing for now, can reopen later on. Ermal Luçi
06:28 PM Bug #1351: Mobile IPsec no traffic pass trough after 2nd connect after 5 minutes: This is the same as #1970.
Please try with the new ipsec-tools port from pfPorts. Ermal Luçi
06:13 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: sounds fine, just file an alert for already-existing configs that are wrong, and add the input validation to prevent ... Chris Buechler
05:32 PM Bug #1421: Disconnecting PPTP VPNs drops IPsec when using wrong PPTP server IP: The changes to ipsec-tools are a bit too intrusive to teach racoon about interface indexes.
I think the better optio... Ermal Luçi
06:10 PM Bug #1970 (Feedback): IPsec stops routing after a while: Applied in changeset commit:d2a5443f5d0f9747be874a4f8787ca18348a8461. Ermal Luçi
05:52 PM Feature #2117: 6RD support for ISPs like Swisscom: earlier 6rd work. http://bougaidenpa.org/masakazu/archives/54 Seth Mos
04:05 PM Feature #1986 (Feedback): Find a way to list logged in IPsec xauth users: pfPort patched.
new racoonctl option show-users Ermal Luçi
04:04 PM Bug #1112 (Feedback): IPsec GUI/backend missing RADIUS support: Patch committed to pfPort of ipsec-tools.
Btw probably it is not needed to compile racoon with LDAP and RADIUS suppor... Ermal Luçi
02:38 AM Feature #2146 (Resolved): Allow concurrent logins when using vouchers: When using vouchers it is not possible to use them more then once, even when enabling 'allow concurrent logins'. Usin... Igor Ybema

01/26/2012

05:18 PM Revision e8fc69ff: Be smarter about how to split a Namecheap hostname into host/domain. Fixes #2144: Jim Pingle
05:11 PM Revision 89bbb204: Be smarter about how to split a Namecheap hostname into host/domain. Fixes #2144: Jim Pingle
04:18 PM Feature #2143: Captive Portal - RADIUS - attribute: Acct-Terminate-Cause: The problem is that I cannot implement this but probably can help on testing. If it will not find a way into 2.1 than... Alexander Wilke
12:15 PM Bug #2144: pfSense dyndns for Namecheap doesn't work with hostnames containing ".": Applied in changeset commit:89bbb204ad58c4d0250ebabf34ebec1996a53088. Jim Pingle
12:15 PM Bug #2144 (Feedback): pfSense dyndns for Namecheap doesn't work with hostnames containing ".": Applied in changeset commit:e8fc69ff43bb089f90de4f87f02db44f55a96b40. Jim Pingle
12:03 PM Bug #2144: pfSense dyndns for Namecheap doesn't work with hostnames containing ".": Except that would break everyone's current settings unless we tried to be smart with some upgrade code (which could s... Jim Pingle
11:55 AM Bug #2144: pfSense dyndns for Namecheap doesn't work with hostnames containing ".": It's probable that other dyndns providers also accept hostnames including dots, since it's legal A record syntax. Thi... Doug Dimick
11:42 AM Bug #2144: pfSense dyndns for Namecheap doesn't work with hostnames containing ".": (Copying my reply from the forum post here)
Yeah we split on ., I didn't realize their client supported that syntax.... Jim Pingle
11:38 AM Bug #2144 (Resolved): pfSense dyndns for Namecheap doesn't work with hostnames containing ".": Namecheap happily supports hostnames like www.sub.domain.com. Their Windows dyndns client also supports hostnames tha... Doug Dimick
06:38 AM Revision 6f0dc800: Merge pull request #42 from Joecowboy/master: . Seth Mos
04:46 AM Revision 83e7491d: Update usr/local/www/widgets/javascript/cpu_graphs.js: Daniel Rasmussen

01/25/2012

08:39 PM Revision 6763033d: Include admin user in bootup account sync: Jim Pingle
08:28 PM Revision b357f0a6: Include admin user in bootup account sync: Jim Pingle
06:50 PM Feature #933 (Closed): Add IPsec option to allow the client to save the Xauth password: Since no complaints received. Ermal Luçi
05:40 PM Revision a843870d: Fix LZO setting for Upgraded OpenVPN (was turning compression on even if old config had it disabled.): Jim Pingle
05:40 PM Revision 0d2156e5: Fix LZO setting for Upgraded OpenVPN (was turning compression on even if old config had it disabled.): Jim Pingle
05:20 PM Feature #2143: Captive Portal - RADIUS - attribute: Acct-Terminate-Cause: if you can implement and fully test and submit a merge request we'll get it in for 2.1, otherwise this probably can't... Chris Buechler
05:15 PM Feature #2143: Captive Portal - RADIUS - attribute: Acct-Terminate-Cause: This is the RFC:
http://freeradius.org/rfc/rfc2866.html#Acct-Terminate-Cause Alexander Wilke
05:13 PM Feature #2143 (Resolved): Captive Portal - RADIUS - attribute: Acct-Terminate-Cause: When using Captive Portal with RADIUS and Captive Portal is restarting the FreeRADIUS server does not get any informa... Alexander Wilke
05:17 PM Revision 1f78ab3a: Make sure we stop the configure if the device does not have a public address: Ticket #2117 Seth Mos
05:17 PM Revision 668e8961: Add backend 6RD support. We don't have the required patch yet for our stf driver.: Needs hooks into our gateway code to handle the default gateway since the stf interface does use router solicitations... Seth Mos
05:11 PM Revision 48e24ada: Fix upgrade code for 1.2.3 with assigned OpenVPN interface.: Jim Pingle
05:11 PM Revision d87d2f67: Fix upgrade code for 1.2.3 with assigned OpenVPN interface.: Jim Pingle
04:34 PM Revision c3ae41e6: Don't ignore when multiple OpenVPN DNS, NTP, WINS, etc servers were specified in 1.2.3 when upgrading. 1.2.3 separated by ;, 2.x uses separate vars.: Jim Pingle
04:33 PM Revision 4724f8b8: Don't ignore when multiple OpenVPN DNS, NTP, WINS, etc servers were specified in 1.2.3 when upgrading. 1.2.3 separated by ;, 2.x uses separate vars.: Jim Pingle
04:16 PM Feature #2117: 6RD support for ISPs like Swisscom: A healthy chunk of code is already in there. Come to think of it, 6to4 is very similar to this, but the patch for stf... Seth Mos
05:48 AM Feature #2117: 6RD support for ISPs like Swisscom: Got a reply from Swisscom clarifying their 6RD deployment, past trial, now production.
Our productive network uses 6... Seth Mos
03:59 PM Revision a15a7738: Safer for 1.2.3 upgrades to assume OpenVPN interface == any, since 1.2.3 didn't have a way to bind to an interface. Otherwise people accepting connections on opt interfaces on 1.2.3 will break on upgrade until the proper interface is selected in the GUI: Jim Pingle
03:56 PM Revision 3ef4cae6: Safer for 1.2.3 upgrades to assume OpenVPN interface == any, since 1.2.3 didn't have a way to bind to an interface. Otherwise people accepting connections on opt interfaces on 1.2.3 will break on upgrade until the proper interface is selected in the GUI: Jim Pingle
02:45 PM Revision 32dc8109: Clarify the UI text with example IPv6 prefix.: Ticket #2117 Seth Mos
02:45 PM Revision 0eb78676: Disable debug statement: Ticket #2117 Seth Mos
01:33 PM Revision 7d567088: Add gui knobs for 6RD support ticket #2217: Seth Mos
10:17 AM Revision b5a97555: Remove rtsol debugging output: Seth Mos

01/24/2012

09:14 PM Revision aa291f19: Comment out debug print for cert verification: Jim Pingle
09:14 PM Revision e5a2fed7: Comment out debug print for cert verification: Jim Pingle
08:04 PM Revision 9261370d: Check to see if the pid file exists before trying to kill anyprocess: Ermal LUÇI
08:04 PM Revision d224df18: Check to see if the pid file exists before trying to kill anyprocess: Ermal LUÇI
05:11 PM pfSense Packages Bug #2142 (Resolved): Squid Reverse Proxy should have login=PASS on all peers: I noticed that after configuring reverse proxy, I couldnt log into any machines that were behind the proxy.
After di... Ryan Davies
01:26 PM Feature #709: Add DHCP lease counts to the DHCP leases page: See also some notes in #2141 Jim Pingle
01:26 PM Feature #2141 (Closed): DHCP Lease Consumption Graph/Chart: Upon further searching, we already have a ticket for this... #709 Jim Pingle
12:55 PM Feature #2141: DHCP Lease Consumption Graph/Chart: Probably too much computation to do for a widget, and maybe even too much to do automatically for the leases view, si... Jim Pingle
12:49 PM Feature #2141 (Closed): DHCP Lease Consumption Graph/Chart: IPv4 (probably not sane for IPv6?) DHCP Lease consumption graph/chart in style of the Summary View on the Firewall Lo... Larry Titus
08:30 AM Bug #2130 (Feedback): Invalid netmask on IPv4 addresses core dumps filterdns: Applied in changeset commit:7f662df6657787d75b5fb3773199a3077485e4d9. Ermal Luçi
08:28 AM Bug #2130: Invalid netmask on IPv4 addresses core dumps filterdns: It was not a issue of not handling netmask but an issue with threads accessing free'd data. Ermal Luçi

01/23/2012

07:15 PM Revision 9fd14591: Be more careful when creating and removing a user, to only alter a user if it really matches the passwd entry. Fixes #2066: pw usershow likes to ignore what you want even with -n and if the user is numeric and doesn't exist, it fetches by ui... Jim Pingle
07:13 PM Revision a82b1ab1: Be more careful when creating and removing a user, to only alter a user if it really matches the passwd entry. Fixes #2066: pw usershow likes to ignore what you want even with -n and if the user is numeric and doesn't exist, it fetches by ui... Jim Pingle
05:26 PM Bug #2138: RRD Wireless graph broken in BSS mode: Seth, the graph does not make sense when not using the card as an AP.
When using the interface as an AP you would ne... Christian Borchert
05:22 PM Bug #2138: RRD Wireless graph broken in BSS mode: Originally I made this graph for a wireless client connection so we could track the signal strength.
I'm not sure ... Seth Mos
05:19 PM Bug #2138 (New): RRD Wireless graph broken in BSS mode: http://forum.pfsense.org/index.php/topic,45194.0.html
I am using pfSense 2.0.1 amd64 with an Atheros card (D-Link ... Christian Borchert
02:15 PM Bug #2066: Error when deleting all-numerical user from a "user manager": Applied in changeset commit:a82b1ab12d1f433c7f0e9bfc6e952cf511de8045. Jim Pingle
02:15 PM Bug #2066 (Feedback): Error when deleting all-numerical user from a "user manager": Applied in changeset commit:9fd145911d89d7ca891d0e08a861474420361990. Jim Pingle
01:25 PM Bug #2066 (New): Error when deleting all-numerical user from a "user manager": Well the key here is that you're using a username that is all numbers, apparently. Not sure how well that was tested,... Jim Pingle
12:52 PM pfSense Packages Feature #2133 (Closed): Add ET's SidReporter to snort package: Please include ET's SidReporter (http://doc.emergingthreats.net/bin/view/Main/SidReporter) into the snortpackage?
... Christian Borchert
12:44 PM Bug #2131 (Closed): pfsync(4) version change breaks HA upgrade: It's noted in the upgrade guide for previous versions and we'll just have to expand that as we always do for new rele... Chris Buechler
11:13 AM Bug #2131: pfsync(4) version change breaks HA upgrade: I added this just to list possible options not really doing anything more with it.
Ermal Luçi
11:08 AM Bug #2131: pfsync(4) version change breaks HA upgrade: We always warn for that, this is no surprise.
We are usually shocked when it does work, since we expect failure he... Jim Pingle
04:06 AM Bug #2131 (Closed): pfsync(4) version change breaks HA upgrade: Since in FreeBSD 9 there is a new pfsync version upgrades will break the protocol so either a compat layer needs to b... Ermal Luçi
11:41 AM Feature #2026: [Patch] Multiple SMTP notice recipients: Something for version 2.1 maybe? Peter O
10:02 AM Revision 48a01262: Correct getNasIP in 2.0.x branch to be correct. There is no multi-zone support in 2.0.x: Ermal LUÇI
05:30 AM Bug #2132 (Closed): Multi-wan inbound connections might cease to function when rules with forced-gateway exist on the same interface: Scenario:
WAN interface WAN_TWO
There are rules on WAN_TWO with a forced gateway such as, for instance,... Fulvio Scapin
02:53 AM Bug #2130 (Resolved): Invalid netmask on IPv4 addresses core dumps filterdns: Jan 23 08:55:12 kernel: pid 7134 (filterdns), uid 0: exited on signal 11 (core dumped)
Jan 23 08:55:02 check_reloa... Seth Mos

01/22/2012

03:58 PM Feature #2129: TCP mss clamping for IPv6: the problem is that pf currently does not handle ipv6 fragments. the other case is IPsec tunnels and other VPN soluti... Seth Mos
12:30 PM Feature #2129: TCP mss clamping for IPv6: Ok I ran a test at ICSI Netalyzr, and ran into the same thing
IPv6 Path MTU (?): Warning
Your system can not send... JohnPoz _
12:14 PM Feature #2129: TCP mss clamping for IPv6: Where are you testing this exactly - my tests to http://test-ipv6.com/ show ok
Test IPv6 large packet
ok (0.204s)... JohnPoz _

01/21/2012

09:24 PM Revision 51e9533f: Removing unnecessary inclusions of prototype.js, guiconfig.inc already includes this file: Vinícius Coque
08:08 PM Revision 86cf3681: making small fixes on jQuery code: Vinícius Coque
07:39 PM Revision 30a8ef77: Converting javascript code to jQuery on installer webgui: Vinícius Coque
05:03 PM Bug #2127: Full Update Image Size is too large on 2.1: Not sure why the UP kernel is in that list either, since we don't use it. There's ~11MB right there... Jim Pingle
05:02 PM Bug #2127: Full Update Image Size is too large on 2.1: I'm sure there is a way to shrink it. Currently the kernels take up more room than anything else (combined, essential... Jim Pingle
04:59 PM Bug #2127: Full Update Image Size is too large on 2.1: I expect we can shrink that down considerably to get under 100 MB. It has to be including a number of unnecessary thi... Chris Buechler
02:56 PM Bug #2127 (Resolved): Full Update Image Size is too large on 2.1: The full update image size from the initial test builds on FreeBSD 9 is more than 100MB. The upload size limit on pfS... Jim Pingle
04:43 PM Feature #2129 (Resolved): TCP mss clamping for IPv6: There is no tcp mss clamping for ipv6 and pf is not doing it either. Rumor has it that OpenBSD has it now.
Your sy... Seth Mos
04:40 PM Feature #2128 (Bogus): Large DNS requests on dnsmaq: Not sure if unbound will fix this, but performing the ICSI netalyzr test it has issues with large dns requests.
Th... Seth Mos
02:48 PM Bug #2126 (Resolved): Build package binaries for FreeBSD 10.x: We need to get a set of FreeBSD 9.x PBI builders going to crank out the needed binaries for FreeBSD 9.x packages. Som... Jim Pingle
02:46 PM Bug #2125 (Resolved): Update Package XML for FreeBSD 10.x: We need 9.x equivalents of
pkg_config.8.xml
pkg_config.8.xml.amd64
We could start first with the purely PHP-bas... Jim Pingle
02:44 PM Bug #2124 (Resolved): Package system updates for FreeBSD 10.x: Several things need to happen to get packages going on FreeBSD 9, see subtasks. Jim Pingle
12:38 PM Feature #1104: mwl driver patch to enable generation of new BSSIDs for additional VAPs: I never mentioned previously in this ticket that I deleted the latter patch because a variant of the extra part of th... Erik Fonnesbeck
03:56 AM Revision f314bad6: Only add these lines if there is both an IP address and CIDR. Fixes #1882: Erik Fonnesbeck
03:30 AM Revision fa984be9: Only add these lines if there is both an IP address and CIDR. Fixes #1882: Erik Fonnesbeck

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

02/19/2012

02/18/2012

02/17/2012

02/16/2012

02/15/2012

02/14/2012

02/13/2012

02/12/2012

02/11/2012

02/10/2012

02/09/2012

02/08/2012

02/07/2012

02/06/2012

02/04/2012

02/03/2012

02/02/2012

02/01/2012

01/31/2012

01/30/2012

01/29/2012

01/28/2012

01/27/2012

01/26/2012

01/25/2012

01/24/2012

01/23/2012

01/22/2012

01/21/2012