Project

General

Profile

Activity

From 03/27/2012 to 04/25/2012

04/25/2012

09:51 PM Revision b30e3be4: options for auto-summary/supernet
Andrew Lowther
06:55 PM Feature #2386: Bridge member that is not an assigned interface
I'm adding screenshots of a configuration I use that would benefit from this. For firewall rules, the only interface... Ryan J
06:27 PM Revision 655e4d41: The descr field might not exist, use a uppercase friendly name
Seth Mos
03:17 PM Bug #2314: Members to bridge not added
This is probably due to the changes made in
commit:2064fa2eb4e2bca59f7c675969ee13752283d4c1
And in pfSense-tools... Jim Pingle
06:39 AM Revision 0cfaf2c8: Revert "Use 'Packet Loss or High Latency' as the default option when creating a new gateway group"
This reverts commit 6ee04b69c8ace44e798e29e665039455aad1c439. Warren Baker
06:39 AM Revision 8de4a8bc: Revert "Use 'Packet Loss or High Latency' - use a fullstop, fixes #2397"
This reverts commit 1cc71979e44d7955084a0cdb50d7698239fac770. Warren Baker
05:03 AM Revision f81398b0: Merge pull request #96 from irvingpop/master
Simple OpenVPN bridge wording fix Chris Buechler
05:00 AM Revision 850ae59e: Correct wording "Server Bridge DHCP Start" is shown instead of "Server Bridge DHCP End"
Irving Popovetsky
02:59 AM pfSense Packages Bug #2396 (Closed): apache_mod_security_package missing mod_proxy.so (and perhaps others)
Chris Buechler
02:40 AM Todo #2397 (Rejected): Gateway Groups
Currently when defining a new Gateway group, the default trigger level is set to 'Member Down'.
It ideally should be... Warren Baker
02:40 AM Todo #2397: Gateway Groups
Applied in changeset commit:8de4a8bc4d52755dce1fbf2fe80d45687397a429. Warren Baker
01:22 AM Todo #2397: Gateway Groups
Hrmm. I think http://doc.pfsense.org/index.php/Multi-WAN_2.0#Trigger_Level needs to be changed then to indicate this ... Warren Baker
01:03 AM Todo #2397: Gateway Groups
"member down" doesn't mean link down, or it never has historically up to and including recent 2.1, it means it's comp... Chris Buechler

04/24/2012

07:19 PM Revision 1cc71979: Use 'Packet Loss or High Latency' - use a fullstop, fixes #2397
Warren Baker
07:18 PM Revision 6ee04b69: Use 'Packet Loss or High Latency' as the default option when creating a new gateway group
Warren Baker
03:20 PM Todo #2397 (Feedback): Gateway Groups
Applied in changeset commit:1cc71979e44d7955084a0cdb50d7698239fac770. Warren Baker
03:12 PM Todo #2397: Gateway Groups
Make sure to touch gwlb.inc return_gateways_array(); it defaults to memberdown for any dynamic gateway. That needs to... Seth Mos
02:51 PM Todo #2397 (Rejected): Gateway Groups
Currently when defining a new Gateway group, the default trigger level is set to 'Member Down'.
It ideally should be... Warren Baker
02:37 PM pfSense Packages Bug #2396: apache_mod_security_package missing mod_proxy.so (and perhaps others)
Sorry for the duplicate, I hadn't seen issue #2318. Robin McLeod
02:35 PM pfSense Packages Bug #2396 (Closed): apache_mod_security_package missing mod_proxy.so (and perhaps others)
Related to issue #1244
This was supposed to have been fixed but I'm still getting the following error on a fresh i... Robin McLeod
10:03 AM Bug #2395 (Closed): Port forwards with destination "any" on OpenVPN interface creates invalid rules
Seems to be a duplicate of #1882 which should be fixed in RELENG_2_0 and master. Jim Pingle
07:52 AM Bug #2395 (Closed): Port forwards with destination "any" on OpenVPN interface creates invalid rules
These two lines: ... Chris Buechler
06:50 AM Revision f7cd5647: Make sure to stop the dhcpleases6 process
Seth Mos
02:14 AM Revision cb062635: routes should not be skipped when IPsec is on WAN, as WAN may not be the default gateway.
Chris Buechler
02:14 AM Revision 58070e1c: routes should not be skipped when IPsec is on WAN, as WAN may not be the default gateway.
Chris Buechler

04/23/2012

07:40 PM Bug #2394 (Resolved): IPsec keepalive doesn't work with 0.0.0.0/0 local subnet
When you have a keepalive IP defined in a phase 2 that uses 0.0.0.0/0 (everything) as the local network, the logic th... Chris Buechler
06:49 PM Bug #2314: Members to bridge not added
I can also confirm this behaviour on:
2.1-DEVELOPMENT (amd64)
built on Sun Apr 22 05:15:07 EDT 2012
FreeBSD 8.3-... Daniel Llewellyn
11:50 AM Bug #2278: IPv6 Carp vip both master on FreeBSD 8.3
Hy,
It's works for me ! Thank you very much !
Have you a idea of the date of integration in official image ?
Regards Pierre BLONDEAU
09:27 AM Revision 2fc4190f: Merge pull request #95 from phil-davis/master
Remove existing RRD files before restoring from XML Seth Mos
09:09 AM Revision 6a7b35ea: Delete any existing /var/db/rrd/*.rrd files before restoring from the XML
Phil Davis
09:01 AM Revision 905ea336: Minor corrections to function names in error messages
Phil Davis
04:35 AM Revision 7c382a88: go back to scrub rather than "scrub in", the latter breaks MSS clamping for egress traffic the way we use it
Chris Buechler
04:33 AM Revision 912d1887: go back to scrub rather than "scrub in", the latter breaks MSS clamping for egress traffic the way we use it.
Chris Buechler
12:59 AM Bug #2384: "Network interface mismatch" displayed for some valid configurations
Reverted the get_interface_list() part. I had forgotten that the interfaces named in $vfaces don't show for interfac... Erik Fonnesbeck
12:35 AM Bug #2210 (Resolved): "scrub in" usage needs evaluated
reverted back to original behavior without "in" after further evaluation and discussion with Ermal. Chris Buechler

04/22/2012

10:39 PM Revision d887d7f9: Revert change to get_interface_list()'s $vfaces list for now. Interfaces in this list that are supposed to be listed on Interfaces: Assign need special logic on that page, which has not been added yet.
Erik Fonnesbeck
05:08 PM pfSense Packages Bug #1737 (Closed): ospfd - Route deleted after reboot and reload of the ospfd process
closing since openospfd is being ditched in favor of quagga Chris Buechler
04:41 PM Bug #2393 (Closed): PF not "forgetting" older IP addresses after a change on the WAN interface
duplicate Chris Buechler
11:02 AM Bug #2393 (Closed): PF not "forgetting" older IP addresses after a change on the WAN interface
Hi,
when starting pfsense and the cable modem from my provider together at the same time, the cable modem comes up... Oliver Loch
12:11 PM Bug #2392: Adding outgoing, floating rule for DNS on the WAN interface breaks DNS lookups.
DNS damn autocorrect. Oliver Loch
12:10 PM Bug #2392: Adding outgoing, floating rule for DNS on the WAN interface breaks DNS lookups.
When I do what I wrote in the first post, the DNA lookup via dnsmasq stops working -> bug.
Oliver Oliver Loch
11:45 AM Bug #2392: Adding outgoing, floating rule for DNS on the WAN interface breaks DNS lookups.
Well not meaning to be pedantic about it, but the bug/pebkac question should be solved on the forum before opening a ... Jim Pingle
11:34 AM Bug #2392: Adding outgoing, floating rule for DNS on the WAN interface breaks DNS lookups.
Yeah, you're right, but when i try to differ between a bug and pebcak, one should be able to ask the question.
I'm... Oliver Loch
11:11 AM Bug #2392: Adding outgoing, floating rule for DNS on the WAN interface breaks DNS lookups.
That's really a question for the forum, not the ticket system. Such discussion doesn't belong on here. Jim Pingle
11:08 AM Bug #2392: Adding outgoing, floating rule for DNS on the WAN interface breaks DNS lookups.
Hi,
yes it's also breaking if I don't assign the traffic to a queue.
The default queue is used anyway, which is... Oliver Loch
10:57 AM Bug #2392: Adding outgoing, floating rule for DNS on the WAN interface breaks DNS lookups.
Does it break without the QoS parts on the rule?
QoS on floating rules should be using the "match" action, not "pa... Jim Pingle
10:54 AM Bug #2392 (Closed): Adding outgoing, floating rule for DNS on the WAN interface breaks DNS lookups.
Hi,
when adding a floating rule that allows outgoing traffic on the wan interface from the wan address to any tcp/... Oliver Loch
03:21 AM Todo #1940: Integrate rSyslogd
Another vote for rsyslog here too . We too would like to monitor remote deployments. Joe Black

04/21/2012

07:12 PM Bug #2391 (Rejected): Change of Descriptions of Firewall:Rules by XMLRPC Sync
this is by design for complex reasons. it has another ticket already Chris Buechler
06:52 PM Bug #2391 (Rejected): Change of Descriptions of Firewall:Rules by XMLRPC Sync
I created a pfSense cluster with 2 members, using CARP IPs and XMLRPC for configuration sync.
I noticed that XMLRP... Dim Hatz
07:11 PM Bug #2390 (Closed): Change of Descriptions of Firewall:Rules by XMLRPC Sync
Chris Buechler
06:53 PM Bug #2390: Change of Descriptions of Firewall:Rules by XMLRPC Sync
posting error, please remove (replaced by #2391) Dim Hatz
06:51 PM Bug #2390 (Closed): Change of Descriptions of Firewall:Rules by XMLRPC Sync
QoS - Catch TOS 0x30 traffic Squid cache HIT Dim Hatz
03:08 PM Bug #2389: CP asks for a voucher code from MACs in the passthrough list
I just tried changing "set 0" to "set 1" for the MAC entries (rules 2-7) and it didn't fix things. Those MACs are sti... Dim Hatz

04/20/2012

08:08 PM Revision d008a24e: Unbreak the system general DNS settings, it would not work anymore when set to none.
Seth Mos
04:42 PM Revision 58106afc: Enable a second pty
Ermal LUÇI
03:23 PM Revision b4a89a68: Generate the correct corresponding link local from the carp mac.
Seth Mos
08:38 AM Revision 40fa6dde: Allow optionally using the type of NAT reflection implementation used for 1:1 mappings with port forwards as well, in addition to allowing the old type, which is still useful in its own way.
Erik Fonnesbeck
07:18 AM Revision 0c963226: Add message stating which interfaces are missing.
Suggestion from http://forum.pfsense.org/index.php/topic,48366.0.html Erik Fonnesbeck
07:11 AM Revision fd863e5c: Add some missing interface types in is_interface_mismatch() and get_interface_list()'s $vfaces. Fixes #2384
Erik Fonnesbeck
06:20 AM Revision a6aedcd1: Clean up filter_generate_reflection_nat, remove obsolete checks, and add new checks that are now needed. Ticket #2240
Erik Fonnesbeck
06:20 AM Revision 112f5602: Use filter_get_direct_networks_list instead of dumping a copy of the routing table. Ticket #2240
Erik Fonnesbeck
06:20 AM Revision 868cd12c: Modify filter_get_direct_networks_list to optionally return an array instead, which includes subnet, friendly interface, and gateway (if applicable), for ticket #2240
Erik Fonnesbeck
03:40 AM Bug #2384 (Feedback): "Network interface mismatch" displayed for some valid configurations
Applied in changeset commit:fd863e5cebe67258ed48387d6471c4411701cf6b. Erik Fonnesbeck
02:47 AM Feature #2240 (Feedback): Find interface subnets and static routes without the routing table in outbound NAT rule generation for reflection
I can't change the status of "todo" type tickets for some reason, so I'm changing this one to "feature"
With these... Erik Fonnesbeck
01:35 AM Bug #2253: Quality Graphs not generated after 'Reset RRD Data'
This needs to call setup_gateways_monitor() in after enable_rrd_graphing() to fix. Seth Mos
01:33 AM Feature #2356: Fill the "Track Interface" prefix drop down list asynchronously
I'm fine with a text box, make sure the input validation is correct.
The math function the filled the drop down is p... Seth Mos

04/19/2012

10:23 PM Feature #1965: Support Multiple IPsec Peers
The biggest challenge is getting both ends to switch over correctly, as the remote would have to change its IP too. F... Chris Buechler
01:05 PM Feature #1965: Support Multiple IPsec Peers
More importantly would be a feature to at least have a "secondary wan" (Or a Gateway Group?) to use if the primary go... Jim Pingle
10:03 PM Feature #2356: Fill the "Track Interface" prefix drop down list asynchronously
as we discussed, I think it's fine as a text box, having a drop down with tens of thousands of values is nuts. will l... Chris Buechler
09:08 PM Feature #2356 (Feedback): Fill the "Track Interface" prefix drop down list asynchronously
Converting to a text field because I've determined that, no matter how implemented, a dropdown with 65,536 possible v... Darren Embry
06:43 PM Feature #2356 (Assigned): Fill the "Track Interface" prefix drop down list asynchronously
Something other than that simple print loop is causing the page loads to take so long.
65,536 print statements doesn... Darren Embry
06:27 PM Revision 3a83296f: fix for Bug #2334 quality rrd graphs do not automatically refresh
id attributes can't have a period, someone didn't read w3c specs on id attributes ;-) Darren Embry
05:44 PM Revision 4b340c90: Update the default URL here for our new FreeBSD release.
Seth Mos
05:30 PM Bug #2389: CP asks for a voucher code from MACs in the passthrough list
Looking further into this issue, the output of "ipfw -deS show" under pfsense 2.0.1 is exactly the same as above and ... Dim Hatz
05:04 PM Bug #2389 (Resolved): CP asks for a voucher code from MACs in the passthrough list
Installed 2.1-DEVEL 17-Apr-2012 and simply moved my conf*.xml from 2.0.1
For testing I used a CP configuration with ... Dim Hatz
03:12 PM Bug #2383 (Resolved): Firmware AutoUpdate preset url dropdown not showing on IPv6 only connection
Manifest should be OK now. The v6 server was missing a ServerAlias entry for updates.pfsense.com - confirmed they sho... Jim Pingle
02:55 PM Bug #2383: Firmware AutoUpdate preset url dropdown not showing on IPv6 only connection
v4 host contains
pfSense i386 stable updates http://updates.pfsense.org/_updaters
pfSense amd64 stable updates http... Seth Mos
02:42 PM Bug #2278 (Feedback): IPv6 Carp vip both master on FreeBSD 8.3
The latest snapshot I ran off by hand seems to do the trick with the updated CARP patches.
http://iserv.nl/files/p... Seth Mos
08:15 AM Bug #2278: IPv6 Carp vip both master on FreeBSD 8.3
Jim found a very descriptive similar issue on Open that appears to hit the exact same thing.
http://old.nabble.com/c... Seth Mos
02:40 PM Bug #2384: "Network interface mismatch" displayed for some valid configurations
The code recommended in the forum post seems appropriate. I think we only use stf for IPv6 specifically.
Commit that. Seth Mos
01:19 AM Bug #2384 (Resolved): "Network interface mismatch" displayed for some valid configurations
http://forum.pfsense.org/index.php/topic,48366.0.html
Should tap and the various IPv6 interfaces be added to the l... Erik Fonnesbeck
02:23 PM Bug #2334 (Resolved): quality rrd graphs do not automatically refresh
Fixed in commit:3a83296f.
And the refresh time is actually 6 minutes, not 5.
 Darren Embry
11:53 AM Revision 76e91d3f: Add SUBMISSION port, fixes #2387
Warren Baker
11:29 AM Bug #830 (Closed): Service provider information should be saved
that other issue is fixed, and this original one, it's way more trouble than it's worth. Chris Buechler
11:28 AM Bug #830: Service provider information should be saved
In latest pfSense snapshot, I'm not seeing this error that Chris reported:
> also I noted if you pick United State... Darren Embry
07:55 AM Feature #2387: Add (SMTP email) submission (port 587) to Firewall Rules GUI
Wow, that was fast! 15 mins! :D Seb A
07:50 AM Feature #2387: Add (SMTP email) submission (port 587) to Firewall Rules GUI
Applied in changeset commit:76e91d3ffee70fc047c64b6c9360df1e8eeffb9a. Warren Baker
07:49 AM Feature #2387 (Feedback): Add (SMTP email) submission (port 587) to Firewall Rules GUI
SUBMISSION port added in commit:76e91d3ffee70fc047c64b6c9360df1e8eeffb9a - it will be available in the next 2.1 snaps... Warren Baker
07:33 AM Feature #2387 (Resolved): Add (SMTP email) submission (port 587) to Firewall Rules GUI
People using e-mail clients to connect to e-mail servers should be using port 587 (not 25). Sometimes this will be th... Seb A
05:51 AM Feature #2386 (Pull Request Review): Bridge member that is not an assigned interface
As suggested on #2385, a solution for bridge members showing up in unwanted places in the web GUI and the rule set wo... Erik Fonnesbeck
05:25 AM Feature #2385 (Closed): Option to hide bridges or bridge members from pf-related pages based on bridge sysctls
This should not be done in this way.
It should be possible to create bridges without assigned interfaces that is the... Ermal Luçi
01:42 AM Feature #2385 (Closed): Option to hide bridges or bridge members from pf-related pages based on bridge sysctls
For configurations with bridges, it might be nice to have an option to hide bridges or bridge members from pf-related... Erik Fonnesbeck

04/18/2012

08:57 PM Revision 25ed9cf8: Add cheap hack to make syslogd forwarding to IPv6 work at bootup. Fixes #2370
Jim Pingle
06:23 PM Revision daac437f: Make sure VPN interface gateways are handled separately
Jim Pingle
05:00 PM Bug #2370 (Feedback): syslog.conf requires IPv6 literal
Applied in changeset commit:25ed9cf8a4c1bd4155ee4e1881821b9e10501916. Jim Pingle
04:54 PM Bug #2370: syslog.conf requires IPv6 literal
I added a cheap fix, if we have an ipv6 forwarding IP for syslog, it restarts syslog at the end of the boot cycle, wh... Jim Pingle
04:43 PM Bug #2372 (Resolved): Add static routes for gif,6rd and 6to4 endpoints
Seth Mos
04:37 PM Bug #2372: Add static routes for gif,6rd and 6to4 endpoints
It Works For Me(TM)
 Jim Pingle
05:59 AM Bug #2372: Add static routes for gif,6rd and 6to4 endpoints
Needs Jim to verify if it adds the right static routes, he has multi wan and multi tunnel. Seth Mos
04:10 PM Bug #2305 (Feedback): PBI db stored on var does not survive reboot
Jim Pingle
08:27 AM Bug #2305: PBI db stored on var does not survive reboot
Merged, thanks!
FYI- If you put something like "Fixes #2305" or "Ticket #2305" in the commit message, redmine will... Jim Pingle
02:33 AM Bug #2305: PBI db stored on var does not survive reboot
Pull request submitted 18 Apr 2012 to do as JimP suggests. Now the PBI db survives reboot. This should resolve this b... Phillip Davis
04:06 PM Revision 318a0812: Use curlies to be very sure, yes
Seth Mos
04:04 PM Revision da12a8a4: Make sure to push elements we don't recognize on the stack too.
Seth Mos
03:40 PM Revision eaa477d2: Add the subnet bits to the config
Seth Mos
03:33 PM Revision c3ce2ece: Add upgrade code that updates the dynamic gateway names to their new format new $if_$type.
Redmine Ticket #2332. I've tested a simple upgrade with 3 dynamic Wans with varying names and that appears to have su... Seth Mos
03:30 PM Revision bf4b2596: Update pf.os a bit
Jim Pingle
02:17 PM Revision c91e242e: Some updates/optimizations to smart widget
Jim Pingle
01:11 PM Revision 67102344: Add the correct fix to pick up the IPv6 gateway for slaac interfaces
Seth Mos
12:47 PM Bug #2332 (Feedback): gateways always renamed to "dynamic". Implement proper IPv6 support
Upgrade code checked in that I tested by upgrading a 2.0 vm with 3 dynamic wans, it upgraded accordingly but might ne... Seth Mos
12:31 PM Revision ef82d62b: Merge pull request #93 from phil-davis/patch-1
Store PBIs in /root/var/db/pbi so they persist across reboots. Jim Pingle
09:41 AM Revision c0b1bc81: Make sure that SLAAC gateways show up in return_gateways_array();
redmine ticket #1834 Seth Mos
09:28 AM Bug #2278: IPv6 Carp vip both master on FreeBSD 8.3
I have found the difference, it's the uptime of client. If I restart them all, IPv6 will not work on them. Pierre BLONDEAU
07:15 AM Bug #2278: IPv6 Carp vip both master on FreeBSD 8.3
on the one where it works :
ip -6 neigh show
2001:xxx:yyy::1 dev eth0 lladdr 00:00:5e:xx:xx:xx router DELAY
on th... Pierre BLONDEAU
07:05 AM Bug #2278: IPv6 Carp vip both master on FreeBSD 8.3
Can you check if the CARP vip address is in the NDP table of any of the other machines?
On linux http://tldp.org/HOW... Seth Mos
06:07 AM Bug #2278: IPv6 Carp vip both master on FreeBSD 8.3
I have this problem, but only on one of my carp ipv6 addresses and only a few machines (not all).
I thought it was f... Pierre BLONDEAU
09:26 AM Revision feb88a14: Add support for SLAAC on the WAN interface, this is required for Stateless autoconf addressing.
Normally this should only apply to Appliances that do not need to route. We automatically hook in the dhcp6 client to... Seth Mos
08:43 AM Revision 1a5f87d1: Handle multiple IPv6 DNS servers in rc.newwanipv6, remove chunk of broken code in the DHCPv6 server that added duplicate lines. Redmine ticket #2380
Seth Mos
07:21 AM Bug #2383 (Feedback): Firmware AutoUpdate preset url dropdown not showing on IPv6 only connection
fetch returns a 404... Seth Mos
07:14 AM Bug #2383 (Resolved): Firmware AutoUpdate preset url dropdown not showing on IPv6 only connection
On a IPv6 only connection the Preset URL drop down on system_firmware_settings.php is not showing.
It is possible ... Seth Mos
06:46 AM Feature #1834 (Feedback): Stateless autoconfig WAN type for IPv6
I've added the option SLAAC to the list, this hooks into the dhcp6 client to request information only.
But it does... Seth Mos
06:29 AM Revision 152c18f0: Store PBIs in /root/var/db/pbi so they persist across reboots.
Keep the existing code for old-style PKG packages in case users on 2.1 are doing anything with PKG packages by hand. ... Phil Davis
05:57 AM Bug #2380 (Resolved): 2 IPv6 nameserver advertisements fail to configure resolv.conf
Fix checked in, confirmed working, populates /var/etc/nameservers_v6{$if} with multiple nameservers
Ran into broken ... Seth Mos
12:37 AM pfSense Packages Bug #2285 (Resolved): swapstate_check.php is being run when the Squid cache is null
thanks for all your follow ups Chris Buechler
12:31 AM pfSense Packages Bug #2285: swapstate_check.php is being run when the Squid cache is null
This was resolved by pull request 224 on 14 March 2012. Phillip Davis
12:36 AM Bug #2301 (Resolved): Adding symlinks for conf files when PBI packages have names that are substrings of each other
Chris Buechler
12:33 AM Bug #2301: Adding symlinks for conf files when PBI packages have names that are substrings of each other
This was resolved by pull requests 65, 66 and 67 in March 2012. Phillip Davis
12:34 AM pfSense Packages Bug #2280 (Resolved): pfblocker date() and mktime() warnings from cron job
Chris Buechler
12:24 AM pfSense Packages Bug #2280: pfblocker date() and mktime() warnings from cron job
This was resolved by pull request 225 on 15 March 2012. Phillip Davis
12:34 AM pfSense Packages Bug #2283 (Resolved): pfblocker array handling when alias table is empty
Chris Buechler
12:27 AM pfSense Packages Bug #2283: pfblocker array handling when alias table is empty
This was resolved by pull request 225 on 15 Mar 2012 Phillip Davis

04/17/2012

11:16 PM Feature #1965: Support Multiple IPsec Peers
Another possible method...
https://trac.ipsec-tools.net/wiki/FailOver Jim Pingle
10:32 PM Bug #1874: Captive Portal Login dies on empty input
The patch for this broke the ability to use empty passwords. I opened issue 2377 before I realized the changes were r... Michael Newton
10:19 PM Bug #2382 (Resolved): RADIUS attribute Service-Type should not be sent with accounting packets
According to RFC 2865, Service-Type "MAY be used in both Access-Request and Access-Accept packets". No mention is mad... Michael Newton
05:06 PM pfSense Packages Bug #2381 (Resolved): nrpe2 not restarting on save or service restart
When changing the config of nrpe2 and you click Save or restarting nrpe from the Services menu, nrpe is not restarted... Craig Gill
04:17 PM Bug #1827 (Resolved): rc.newwanipv6 needs work
Added seperate ticket for the double DNS server issue. Doesn't currently cause recursive configure. Marking resolved ... Seth Mos
04:12 PM Bug #1827: rc.newwanipv6 needs work
Seems to be working ok, as-is. We'll open seperate tickets when we encounter other issues.
It fires ok for the DHC... Seth Mos
04:16 PM Bug #2284 (Resolved): rc.newwanip handle case when gifs config is null
doesn't throw a error for me anymore. Seth Mos
04:13 PM Feature #2320 (Resolved): Javascript helper to toggle subnet mask length for IPv4/IPv6 during input
yeah seems fine to me Chris Buechler
03:58 PM Feature #2320: Javascript helper to toggle subnet mask length for IPv4/IPv6 during input
I like it so far, it appears to work as intended for me. Consider resolved? Seth Mos
04:13 PM Feature #1663 (New): DHCPv6 relay
Seth Mos
04:10 PM Bug #2065 (Resolved): PHP Warning on Interface Creation (master/IPv6 branch)
Ran into this issue as well, added a is_array() check for the DHCPdv6 array. Seth Mos
03:56 PM Bug #2332: gateways always renamed to "dynamic". Implement proper IPv6 support
Ok, so I now name the dynamic gateways by their config type, Jim uncovered a few corner cases and I'll look into what... Seth Mos
03:39 PM Revision 2f0a49e9: Add contributed SMART Status widget - http://forum.pfsense.org/index.php/topic,48447.0.html
Jim Pingle
02:48 PM Bug #2278: IPv6 Carp vip both master on FreeBSD 8.3
The last good snapshot is from http://files.pfsense.org/jimp/ipv6/
I'm still running the snapshots from Nov 25th o... Seth Mos
12:15 PM Bug #2278: IPv6 Carp vip both master on FreeBSD 8.3
I have a similar problem on 2.1-DEVELOPMENT (i386) built on Tue Apr 10 21:11:54 EDT 2012.
13 IPv4 carp OK
3 IPv6... Pierre BLONDEAU
01:33 PM Revision 4f8adcb6: Include the ntp facility also, should fix ntp logging
Jim Pingle
11:39 AM Bug #2305: PBI db stored on var does not survive reboot
We do this for NanoBSD in /etc/rc:... Jim Pingle
10:27 AM Bug #2380 (Resolved): 2 IPv6 nameserver advertisements fail to configure resolv.conf
When we get 2 IPv6 DNS servers through rc.newwanipv6 we need to explode(" ", $ENV['new_domain_name_servers']) before ... Seth Mos
10:22 AM Bug #2370: syslog.conf requires IPv6 literal
The binary is correct now but for whatever reason at bootup it does not send logs over IPv6. If you save the syslog s... Jim Pingle
09:58 AM Feature #1834: Stateless autoconfig WAN type for IPv6
Further investigation:
We need to extend the DHCP6 settings on the interfaces.php with the following information m... Seth Mos
09:04 AM Revision 3e7016fd: Merge pull request #92 from phil-davis/patch-1
Fix typos so that Status:Traffic Graph top bandwidth users is visible Chris Buechler
08:54 AM Revision 7f8f5d01: Fix typos where css('dislay') is missing a 'p' - now the top ten bandwidth users by host IP is visible on the Status:Traffic Graph
Phil Davis
06:32 AM Bug #2379 (Closed): When using squid as a proxy server Traphic graph does not show the LAN specific Ip addresses
When using squid as a proxy server Traffic graph does not show the LAN specific Ip addresses that
are passing throu... saye saye
06:26 AM Bug #1738: Restore fails when username in backup is not matching
Besides It affects to version 2.0.1 also.
 saye saye
06:24 AM Bug #1738: Restore fails when username in backup is not matching
I do not know why this big issue has such a low priority?
Some bugs prevent us from reliably doing things and trus... saye saye
04:38 AM Bug #2378 (Resolved): Captive portal selects additional interfaces where it shouldn't
Hello all,
There's still an annoying bug in the captive portal of pfsense 2.1 Devel. It was already present in t... Mathieu Déom

04/16/2012

08:07 PM Bug #2377: Captive portal fails on empty RADIUS password
Sorry, should be under category "Captive Portal" but I can't make that change now. Michael Newton
08:07 PM Bug #2377 (Closed): Captive portal fails on empty RADIUS password
An empty password is not sent to the RADIUS server for verification, it just produces an error. PHP code is checking ... Michael Newton
05:00 PM Revision 2e03f3e2: Strip the ::1 from the 6to4 gateway address
Seth Mos
04:45 PM Revision b5191708: Re-order the system routing configure after the tunneled interfaces are configured.
Seth Mos
03:40 PM Bug #2370: syslog.conf requires IPv6 literal
Copied one of the resulting binaries to a VM and that does seem to have done the trick, I'm getting messages to my se... Jim Pingle
03:29 PM Bug #2370: syslog.conf requires IPv6 literal
I added a patch to the pfPort and rebuilt it on the snapshot servers, we'll see how it goes. Jim Pingle
02:01 PM Bug #2370: syslog.conf requires IPv6 literal
That may be the difference, as I don't remember it being pfPorts before. Somewhere along the way we may have switched... Jim Pingle
01:45 PM Bug #2370: syslog.conf requires IPv6 literal
It's not the configured IPv6 IP as one binary is working and the other one is not. But I noticed that I may have used... Cyrill B
11:09 AM Bug #2370: syslog.conf requires IPv6 literal
Yours is larger because the binary is not stripped. I inspected the source and found that the patch was applied even ... Jim Pingle
10:03 AM Feature #2117: 6RD support for ISPs like Swisscom
Add a Enable 6rd checkbox on the 6rd or DHCP4 settings to automatically configure 6rd from DHCP option 212.
http:/... Seth Mos
08:12 AM Revision 4b2bf4fc: Prevent a invalid argument on a empty array
Seth Mos
08:03 AM Revision c08a5659: Only add the IPv4 gateway in the DHCPv4 config if we have a IPv4 gateway defined on the system at all.
This makes clients trying the IPv4 transport fail a lot faster, and thus more graceful. Seth Mos
05:48 AM Bug #2363 (Resolved): IPv6 default interface missing from firewall rule
Seth Mos
05:48 AM Bug #2372 (Feedback): Add static routes for gif,6rd and 6to4 endpoints
Added code in interfaces.inc that succesfully adds static routes for 6rd, 6to4 and gif endpoints. This should fix tun... Seth Mos

04/14/2012

07:20 PM Revision eb25c881: Merge pull request #91 from bcyrill/patch-5
Use appropriate syslog priorities. Scott Ullrich
07:19 PM Revision 239a2977: Use appropriate syslog priorities.
Cyrill B
07:16 PM pfSense Packages Bug #1244: apache_mod_security_package missing mod_proxy.so (and perhaps others)
Hello, any solution to this ?
thanks
 Carlos Cesario
06:53 PM Revision 64a8dbf2: Fix missing - on route parameter
Jim Pingle
06:53 PM Revision 711a20eb: Some IPv6 fixes for gateway groups
Jim Pingle
06:19 PM Revision 01a58d89: Add static routes for gif tunnel endpoints
Seth Mos
06:08 PM Revision c8ed8142: Add a static route for the IPv4 relay so that 6to4 or 6rd on a OPT interface works as expected.
Seth Mos
02:17 PM Bug #2370: syslog.conf requires IPv6 literal
No success with the current snapshot (Fri Apr 13 22:04:24 EDT 2012 / i386). Just tested it and it seems the syslogd b... Cyrill B
12:15 PM Bug #2370: syslog.conf requires IPv6 literal
Using a full install on the latest snapshot.
I thought perhaps the formatting was throwing it off, so I tried it w... Jim Pingle
11:27 AM Bug #830: Service provider information should be saved
05:28:23 < databeestje_> cmb: eri-- : dsevil : the core dump with xml2array() in combination with php 5.3 was caused ... Darren Embry

04/13/2012

08:27 PM Revision d86ef65f: Merge pull request #89 from bcyrill/patch-3
Fixed HTML tag. Jim Pingle
08:27 PM Revision 95837597: Merge pull request #90 from vizvayu/master
Mode selection options for PowerD Jim Pingle
07:13 PM Revision d46c3acd: Enable verbosity to actually put something in the logs
Ermal LUÇI
07:13 PM Revision ab9526e6: Resolves #2330. Check if there is a previous voucher config before wiping
Ermal LUÇI
07:02 PM Bug #2370: syslog.conf requires IPv6 literal
No error here, it's working for me. I couldn't test it with an actual IPv6 capable syslog server but I captured the p... Cyrill B
07:00 PM Revision f6bda83c: Show delegated prefixes on the DHCPv6 Leases display.
Jim Pingle
06:58 PM Revision 9c57f387: Enable verbosity to actually put something in the logs
Ermal LUÇI
06:10 PM Revision 86c707f3: quiet change: fix indentation of xml2array function
i.e., tabs instead of 4 spaces Darren Embry
04:50 PM Revision 59231855: Feature #1864 "Start" button for IPsec should be available for IP alias networks
might need more testing.
http://redmine.pfsense.org/issues/1864 Darren Embry
03:10 PM Bug #2330: vouchers disappear when saving
Applied in changeset commit:ab9526e619a948da1b4ab5f5c094e7204ecb4e94. Ermal Luçi
02:21 PM Bug #830: Service provider information should be saved
the statement... Darren Embry
01:55 PM Bug #830: Service provider information should be saved
failing somewhere in this call:... Darren Embry
01:52 PM Bug #830: Service provider information should be saved
I don't even get the countries filled in. /getserviceproviders.php yields a 500. Apparently this core dump. I'll s... Darren Embry
12:49 PM Feature #1864: "Start" button for IPsec should be available for IP alias networks
Just pushed commit:59231855 which is about all I can do at this point.
I don't have a way of testing whether the s... Darren Embry
12:24 PM Feature #1864: "Start" button for IPsec should be available for IP alias networks
In any of those cases it doesn't matter as long as there is a VIP somewhere inside of the IPsec subnet it will work.
... Jim Pingle
12:21 PM Feature #1864: "Start" button for IPsec should be available for IP alias networks
what if an ipsec had 192.168.2.0/28 and the virtual ip's had 192.168.2.1/24?
what if an ipsec had 192.168.2.0/24 and... Darren Embry
11:43 AM Feature #1864: "Start" button for IPsec should be available for IP alias networks
Would this be the proper link URL?
/diag_ipsec.php?act=connect&remoteid=192.168.44.0&source=192.168.2.1
And wha... Darren Embry
12:34 PM Revision 79909926: Increase Prefix delegation size choices
Seth Mos
12:33 PM Revision e1cc1f6d: Clarify text
Seth Mos
11:58 AM Revision e617e9b1: Do not throw a address family error when there is just 1 gateway.
Fix the input logic for ticket #1662 Seth Mos
10:41 AM Bug #2374: When entering values in firewall rules leading and trailing spaces are not deleted
Same thing happens for IPs also. Shouldn't be too hard to trim() before checking though. Jim Pingle
10:40 AM Bug #2374 (Resolved): When entering values in firewall rules leading and trailing spaces are not deleted
Hi,
as the topic says. If you enter a port number in the firewall rules page and you add a leading or trailing spa... Oliver Loch
10:30 AM Bug #1662 (Feedback): DNS server gateway selection missing input validation
Last commit should nail it.
This only happened when the system has just 1 gateway. Seth Mos

04/12/2012

11:11 PM Revision 8bdb6879: Feature #2123 Backup RRD files using the xml dump and restore from RRD tools
http://redmine.pfsense.org/issues/2123 Darren Embry
10:06 PM Revision 0d0cb047: Fix constant. LOG_ERROR should be LOG_ERR
Jim Pingle
09:20 PM Revision 39121390: Fixed HTML tag.
Cyrill B
07:08 PM Feature #2123 (Assigned): Backup RRD files using the xml dump and restore from RRD tools
implemented in commit:8bdb6879
I did a backup/restore config with RRD data and it seems to work just fine.
But ... Darren Embry
06:51 PM Revision d1edd7e5: Merge pull request #88 from bcyrill/patch-2
Fix tag order. Jim Pingle
06:50 PM Revision 098686af: Fix tag order.
Cyrill B
06:21 PM Bug #2370: syslog.conf requires IPv6 literal
Included the patch from the PR in snapshots to test it, and it doesn't seem to work. Like the other guy who posted on... Jim Pingle
11:05 AM Bug #2370: syslog.conf requires IPv6 literal
IPv6 IP fixed up in commit:bd29bb7baa068cb92828461207ea35f74b6c2383
Looking at the patch in the FreeBSD PR to see ... Jim Pingle
10:54 AM Bug #2370: syslog.conf requires IPv6 literal
Unfortunately it appears that syslogd can only send to IPv6 when using a hostname that resolves to a quad A. I have t... Jim Pingle
04:47 PM Revision 2fbd5513: Merge pull request #87 from bcyrill/patch-8
Fixed IPv4 regression. Handles addresses with and without port. Jim Pingle
04:29 PM Revision 5a27a095: Fixed IPv4 regression. Handles addresses with and without port.
Cyrill B
03:07 PM Revision bd29bb7b: Add brackets to a syslog server if it's an IPv6 IP. (Though FreeBSD's syslogd still won't send to it ... http://www.freebsd.org/cgi/query-pr.cgi?pr=150530&cat=misc )
Jim Pingle
12:39 PM Bug #1943: PPPoE won't reconnect after link loss when using vr(4) NICs on certain ISPs only
I commented out the line:
/usr/sbin/ngctl shutdown $1
from the file
/usr/local/sbin/ppp-linkdown
as recom... David Burgess
10:54 AM Bug #2373 (Resolved): There were error(s) loading the rules... (Floating rules bug)
The problem is fully described here -
http://forum.pfsense.org/index.php/topic,48022.0.html
In short - traffic sh... Vladimir Suhhanov
08:39 AM Revision a9d156bc: Merge pull request #84 from whjvenyl/patch-1
Update etc/inc/util.inc Seth Mos
08:21 AM Revision e371f8b9: Update etc/inc/util.inc
whjvenyl
07:24 AM Revision f9519c0e: fix typo. Ticket #2371
Chris Buechler
07:23 AM Revision f989a6ef: fix typo. Ticket #2371
Chris Buechler
05:45 AM Bug #2367: display negate rules in firewall_rules.php and evaluate when added
Normally the NEGATE rules will only trigger when the destination is set to "any".
If we change the foreach($config... Seth Mos
05:38 AM Bug #2372 (Resolved): Add static routes for gif,6rd and 6to4 endpoints
We need to add static routes for 6rd,6to4 and IPv6 GIF endpoints that do 6in4 traffic. Otherwise these tunnels will n... Seth Mos
05:28 AM Revision 3f5f7ad3: Add modified version of user https://github.com/bcyrill patch that requires a IPv6 literal when used with a port.
Seth Mos
05:28 AM Revision 4b51cc2e: Revert "Also validate IPv6 literals."
This reverts commit 21b586aa12ca35ccf54d4ddf66b0305e12e62a4d. Seth Mos
05:07 AM Revision a119ecf8: Modify get_configured_ip_aliases_list to optionally return the full vip entry and use this information to get the subnet and not just the IP in filter_get_direct_networks_list.
Erik Fonnesbeck
03:58 AM Revision e9eae060: For consistency, generate a masked out subnet IP from the IP alias instead of using the IP directly.
Erik Fonnesbeck
03:31 AM Revision e1fdb47b: Revert "RADIUS accounting updates are needed for PPPoE and L2TP too"
This reverts commit b6393be173ffd67eef1acaadf9624ce06b386d82. Chris Buechler
03:29 AM Revision 9caa10bc: this is only valid in mpd5 (really?...) Revert "RADIUS accounting updates are needed for PPPoE and L2TP too"
This reverts commit 02b14dcb49da8dc278e87785bb3f811336bf1fd0. Chris Buechler
03:19 AM Bug #2371 (Resolved): Typo in shaper.inc
fixed, thanks!
 Chris Buechler
03:02 AM Revision b6393be1: RADIUS accounting updates are needed for PPPoE and L2TP too
Chris Buechler
03:02 AM Revision 02b14dcb: RADIUS accounting updates are needed for PPPoE and L2TP too
Chris Buechler
12:43 AM Revision 6791c2ab: Also return IP alias VIP networks in filter_get_direct_networks_list.
Erik Fonnesbeck

04/11/2012

08:41 PM Revision 0d4bedeb: Merge pull request #82 from bcyrill/patch-7
Remove [] of literal IPv6 addresses Seth Mos
08:12 PM Revision 72cd706b: Remove [] of literal IPv6 addresses
Cyrill B
07:21 PM Revision 21b586aa: Also validate IPv6 literals.
Seth Mos
05:26 PM Bug #2371 (Resolved): Typo in shaper.inc
When I was fiddling with my traffic shaping, I found that my limits stopped loading. When I rebooted the firewall, I ... Tim Broberg
05:09 PM Bug #2370 (Resolved): syslog.conf requires IPv6 literal
If I remember correctly syslogd uses literal IPv6 addresses (e.g. in square brackets) in its configuration file (also... Cyrill B
04:37 PM Revision bf7f1e5f: Merge pull request #80 from bcyrill/patch-4
Removed flawed HTML. Scott Ullrich
04:34 PM Revision 2afb2c37: Removed flawed HTML.
Cyrill B
04:02 PM Revision e6138bf2: Remove duplicated function
Jim Pingle
03:58 PM Revision f898c1a9: Add alias support to static routes (needs some testing) Ticket #2239
Conflicts:
etc/inc/filter.inc
etc/inc/util.inc
usr/local/www/system_routes_edit.php Jim Pingle
02:47 PM Revision bb837468: When renaming a user, make sure to remove the previous user or it gets left in /etc/passwd.
Jim Pingle
02:46 PM Revision fdcf104c: When renaming a user, make sure to remove the previous user or it gets left in /etc/passwd.
Jim Pingle
12:51 PM Bug #2204: DHCP reports client lease, but DNS doesn't know about
This may be an error known for version 2.55 as used by pfSense. This bug has been fixed later and shall be resolved w... Thomas Schweikle
12:03 PM Feature #2239: Use Firewall Alias in Static Routing setup
Mostly done in RELENG_2_0 in commit:c9e04cd59054cf839af96cdf71cfc4cf58ccabaf and in master in commit:f898c1a98213ec6b... Jim Pingle
01:12 AM Revision 53c210dd: Added mode selection options for PowerD.
Cristian Feldman
12:02 AM Bug #2132 (Closed): Multi-wan inbound connections might cease to function when rules with forced-gateway exist on the same interface
replaced by #2367 which better specifies actual issues here. Chris Buechler
12:02 AM Bug #2367 (New): display negate rules in firewall_rules.php and evaluate when added
the fact the negate policy routing rule isn't shown is bad as it has lead to unintended consequences (ends up passing... Chris Buechler

04/10/2012

11:05 PM Bug #2366: Error in User Manager - Privileges are not being enforced
An example of what happens. User is sgroat. Granted admin access. Auth is through LDAP. When user logs on, logon is s... Stephen Groat
09:32 PM Bug #2366 (Rejected): Error in User Manager - Privileges are not being enforced
not a legit bug report. the CLI behavior is expected, and assigning privileges as described works. no idea what a "20... Chris Buechler
09:29 PM Bug #2366 (Rejected): Error in User Manager - Privileges are not being enforced
After adding a user and granting that user all privileges (both by adding to admin group and manually selecting all p... Stephen Groat
08:42 PM Revision c9e04cd5: Add alias support to static routes (needs some testing) Ticket #2239
Jim Pingle
08:56 AM Feature #2365 (Rejected): add color to rules
Duplicate of #130 Jim Pingle
08:51 AM Feature #2365 (Rejected): add color to rules
It would be nice to assign a color on each firewall rule.
This make more easy to indentify rule on the liste Laurent Jouanno
07:59 AM Feature #1829 (New): CARP with IPv6 support
Running radvd in debug mode... Seth Mos
03:44 AM Bug #1676 (Resolved): dead IPv6 gateway causes kernel panics
Considering this resolved, seen no hangs in a month Seth Mos

04/09/2012

10:12 PM Bug #2364 (Resolved): PPPoE Server doesn't restart correctly
After editing, saving, and applying changes on a PPPoE server, mpd is left not running. It logs the following
<pre... Chris Buechler
08:07 PM Bug #2324 (Closed): AES 256 doesn't work with glxsb
This has been opened as a FreeBSD PR. glxsb only supports AES128, anything higher breaks which it technically shouldn... Chris Buechler
02:45 PM Revision 2fe06a32: Remove this faulty piece of gateway code, it overwrites the existing entries that return_gateways_array() returns.
It doesn't take any address families into account either. Seth Mos
12:14 PM Revision 6e5d84ba: Restore this piece of logic, otherwise the firewall rules break.
Seth Mos
11:42 AM Bug #2363: IPv6 default interface missing from firewall rule
Thanks. just applied your patch manually to filter.inc, and it fixed the problem. Johannes Ullrich
09:28 AM Bug #2363 (Feedback): IPv6 default interface missing from firewall rule
Apologies for the breakage, I removed a piece of logic and didn't have the oversight to see what it would do.
It's... Seth Mos
07:44 AM Bug #2363 (Resolved): IPv6 default interface missing from firewall rule
This is a bug introduced by last yesterday's update. Worked fine before that. (2.1-DEVELOPMENT (amd64)
built on Sun... Johannes Ullrich

04/08/2012

06:55 PM Revision c616b3c7: Correct the variable names for the duplicate stf check
Seth Mos
06:47 PM Bug #2362 (Resolved): Deleting last/only port forward doesn't remove from secondary
if you delete the last/only port forward from the primary, it doesn't get removed from the secondary on config sync. Chris Buechler
06:41 PM Revision 4e83a8f2: Remove this piece of code, it loads even on interfaces not configured for track. Really needs asynchronous javascript.
Seth Mos
06:37 PM Revision 319c2bfd: Also use the prefix calculation function here.
Seth Mos
06:36 PM Revision 8b198c64: Prevent duplicate 6rd or 6to4 interfaces, these conflict and both use the stf0 adapter. Only 1 can be active.
Move piece of code into function, we need it more places, tighten rules for proto 41 traffic.
Attempt to micro optimi... Seth Mos
06:13 PM Revision e7a9f730: Merge pull request #79 from bcyrill/patch-3
Merge array and keep unchanged values. Scott Ullrich
06:07 PM Revision adc3353e: Merge array and keep unchanged values.
Cyrill B
05:12 PM Feature #2361 (Resolved): router adv. daemon only allows for one subnet / limited options
The router adv. daemon configuration probably deserves its own page, instead of tugging it under dhcpv6.
For examp... Johannes Ullrich
05:10 PM Bug #2360 (Resolved): OpenVPN "tap" mode not working
OpenVPN establishes the connection fine, but the bridge is not setup correctly. ARP replies are not answered via the ... Johannes Ullrich
05:08 PM Bug #2314: Members to bridge not added
confirming this issue on 2.1-DEVELOPMENT (amd64)
built on Sat Apr 7 22:44:34 EDT 2012
FreeBSD 8.3-RC2
(install... Johannes Ullrich
05:06 PM Bug #2359 (Resolved): Typo: OpenVPN Configuration Page has two items "Server DHCP Bridge Start"
Line 1146 /usr/local/www/vpn_openvpn_server.php should say "Server DHCP Bridge End" (not "Start" as it currently say... Johannes Ullrich
04:48 PM Feature #2358 (Resolved): NAT64 support
example http://ecdysis.viagenie.ca/ Seth Mos
04:47 PM Feature #2357 (New): Support Dual Stack Lite
Tunnel IPv4 over Native IPv6.
 Seth Mos
04:17 PM Feature #2356 (Resolved): Fill the "Track Interface" prefix drop down list asynchronously
When a interface is selected as a IPv6 "Track interface" type it will calculate all possible prefix posibilities in a... Seth Mos
04:10 PM Bug #2352 (Resolved): Only allow 1 6rd or 6to4 interface
Code checked in that triggers for me. It succesfully blocks a 2nd 6to4 or 6rd. Seth Mos
11:56 AM pfSense Packages Bug #2355 (Resolved): Tinydns logs won't parse records containing ":0" in the time stamp
Log record from tinydns containing :0 in the time stamp aren't showing up in the log
for example 2012-04-08 12:36:08... Anton Bontes
04:52 AM Bug #1107: mpd on AMD64 generates invalid checksums with NAT
PPPoE server also impacted. Chris Buechler
02:33 AM Feature #1826: PPPoE server IPv6 support
After talking with Jim about it we both agree that this is a huge undertaking.
You would need either static addres... Seth Mos

04/07/2012

10:20 PM Revision 26b89905: Move some constants in gitsync closer to the top of the source code and add some new ones of potential interest to those reconfiguring gitsync. Also modify messages to indicate that Git URLs are also allowed.
Erik Fonnesbeck
09:55 PM Revision 0b4ae4b5: Check for this function before calling it to avoid an error when hitting that line for pages that don't include the js file for it.
Erik Fonnesbeck
06:25 PM Revision 93cd15be: Correct typo in the filter rule
Seth Mos
05:20 PM Revision 5411c084: Add automatic firewall rules that allow traffic destined for a downstream delegated prefix.
The downstream router is the one to decide what to do with it. This can still be overridden by user rules, just like ... Seth Mos
03:37 PM Revision d48ed103: Change the command to reflect the new, just added dhcpleases6 binary for triggering route injection.
Seth Mos
02:47 PM Feature #2347: Add routes into the routing table for delegated IPv6 prefixes.
ok, the dhcpleases6 triggers adding of routes and that works, I can still access the ipv6 internet from behind 3 rout... Seth Mos
04:22 AM Feature #2347 (Feedback): Add routes into the routing table for delegated IPv6 prefixes.
* Code checked in, Ermal added a command option to dhcpleases to trigger the external php script that adds routes for... Seth Mos
01:18 PM Revision 8d923616: it needs to point to a existing file otherwise it will not launch.
Seth Mos
11:13 AM Revision acbb62fd: Add the -h parameter which is required for dhcpleases, might need to be removed later.
Seth Mos
09:43 AM pfSense Packages Bug #2350: Freeradius2 does not start up
pfSense 2.1 needs .pbi packages for installation. At the moment there are no pbis for freeradius2. Alexander Wilke
06:03 AM pfSense Packages Bug #2353: squid-reverse installation failure

2.1-DEVELOPMENT (amd64)
built on Thu Apr 5 12:15:36 EDT 2012
FreeBSD 8.3-RC2 E. Pek
06:02 AM pfSense Packages Bug #2353 (Resolved): squid-reverse installation failure
Beginning package installation for squid-reverse .
Downloading package configuration file... done.
Saving updated p... E. Pek
04:21 AM Bug #2352 (Resolved): Only allow 1 6rd or 6to4 interface
Currently it is possible to configure more then 1 interface for 6to4/6rd, however, both use the same stf0 adapter so ... Seth Mos

04/06/2012

11:45 PM Revision ee965a5c: fix for Bug #2231 --- Dashboard: Traffic Graph: Unable to save settings
Darren Embry
09:43 PM Revision 556e760d: fix indentation.
Darren Embry
08:56 PM Revision 1ed88e06: fix a syntax error
Darren Embry
07:57 PM pfSense Packages Bug #2351 (Resolved): Bandwidthd does not start up
2.1-DEVELOPMENT (amd64)
built on Thu Apr 5 12:15:36 EDT 2012
FreeBSD 8.3-RC2
Bandwidthd package 2.0.1.3
Band... E. Pek
07:50 PM pfSense Packages Bug #2350 (Resolved): Freeradius2 does not start up
On
2.1-DEVELOPMENT (amd64)
built on Thu Apr 5 12:15:36 EDT 2012
FreeBSD 8.3-RC2
Installing Freeradius2 seems ... E. Pek
07:41 PM Bug #2231 (Resolved): Dashboard: Traffic Graph: Unable to save settings
fixed in commit:ee965a5c
I feel kinda sorta like this patch took longer and involved much more changed lines of co... Darren Embry
12:49 PM Bug #2231: Dashboard: Traffic Graph: Unable to save settings
the issue still exists in
2.1-DEVELOPMENT (i386) built on Thu Apr 5 11:32:38 EDT 2012 FreeBSD 8.3-RC2
with Firef... Rob Logan
06:15 PM Revision 0416d9a0: fix for #2289: Logic error in firewall rule interface selection for drop-down menu case
Darren Embry
06:10 PM Bug #2349 (Resolved): vlan(4) needs altq adaption on FreeBSD 8.3++
The vlan(4) code has been put to use if_transmit interface on 8.3 and up of FreeBSD and a solution needs to be found ... Ermal Luçi
06:08 PM Revision 092462dc: Add a dhcpleases monitor to the DHCPv6 server which will trigger automatic creation of routes into the routing table so that prefix delegation will just work.
Redmine ticket #2347 Seth Mos
05:16 PM Revision 48cb641a: Merge pull request #78 from Whizkidzz/master
Added "interface_selection" to enable interface selection in tinydns Scott Ullrich
05:14 PM Revision 9d14f808: Merge pull request #77 from Whizkidzz/RELENG_2_0
Releng 2 0 Scott Ullrich
05:09 PM Revision d33e772f: Merge pull request #76 from bcyrill/patch-2
Fixed Bug #2348 Scott Ullrich
05:00 PM Revision adb29e55: Fixed Bug #2348
Cyrill B
04:31 PM Revision 05d908db: Added "interface_selection" type to enable interface selection in tinydns server
This is usefull in multiwan setup and to check if a server behind pfsense is still running.
So that tinydns can chang... Anton Bontes
03:04 PM Revision f3d91215: Bug #2329: checkbox js problem on diag_logs_settings.php
Darren Embry
02:58 PM Revision c8610dc9: aggh javascript lines terminated by \n instead of semicolon
Darren Embry
02:45 PM Revision 3df59bab: don't delete port aliases used by load balancer
Darren Embry
02:41 PM Revision 3f3ab846: Merge pull request #75 from bcyrill/patch-1
Replace is_function with function_exists Ermal LUÇI
02:21 PM Revision 85a46fbd: Added interface_selection to choose a interface in tinydns failover selection
Changed the $text so that no "option value" is preselected when adding a newrow with addrowto function. Anton Bontes
02:17 PM Revision 44c70591: Added rowsize[] for use in row_helper_dynamic.js
Anton Bontes
02:14 PM Revision 91b2f623: Replace is_function with function_exists
Cyrill B
02:13 PM Revision 177a823e: Added empty option line so not to write to config.xml if not filled in
Anton Bontes
02:10 PM Bug #2289 (Resolved): Logic error in firewall rule interface selection for drop-down menu case
Darren Embry
02:10 PM Bug #2289: Logic error in firewall rule interface selection for drop-down menu case
fixed in commit:0416d9a0 Darren Embry
02:01 PM Revision de69fab3: Added interface_selection for use in tinydns
Corrected the use of objectsize so that if its "undefined" the correct "rowsize[]" is used
which if used outside the ... Anton Bontes
12:37 PM Bug #2063: PHP Memory Usage too high for 128MB RAM Systems (like ALIX)
I'm not sure where it is in the code offhand, but it's configured under System>Advanced and should be easy to track b... Chris Buechler
12:15 PM Bug #2330 (Feedback): vouchers disappear when saving
I've troubleshooted and confirmed that in this scenario, lines 229-244 here are being executed when you click "Save";... Darren Embry
11:04 AM Bug #2329 (Resolved): checkbox js problem on diag_logs_settings.php
Darren Embry
11:00 AM Bug #2329: checkbox js problem on diag_logs_settings.php
fixed in commit:f3d91215 Darren Embry
10:40 AM Bug #2348 (Resolved): rc.filter_synchronize is broken
The recent "Move CARP settings from pkg XML to a real PHP page" (commit:f97a5b0419d0350cc85b91d180238975c308ac07) bro... Cyrill B
09:56 AM Feature #2347: Add routes into the routing table for delegated IPv6 prefixes.
... Seth Mos
08:30 AM Feature #2347 (Resolved): Add routes into the routing table for delegated IPv6 prefixes.
Currently we support Prefix Delegation in the DCHPv6 server (ISC dhcpd 4.2.3). However, the dhcpd server does not add... Seth Mos
09:28 AM Revision eab2db68: Make sure that we use the right interface for 6rd
Seth Mos
09:27 AM Revision df52abf1: Unbreak rc.filter_synchronize, add )
Seth Mos
07:38 AM Bug #2333 (Resolved): CARP filter_synchronize PHP error, can not break
Seth Mos
07:01 AM Feature #2117 (Feedback): 6RD support for ISPs like Swisscom
More debugging revealed the following, SwissCom and ATT do not filter inbound IPv6 traffic for IPv4 space they do not... Seth Mos

04/05/2012

11:10 PM Revision c2feff64: restore default dropdown values of 24/64 bits
now that feature #2320 behavor is a bit different regarding change of
existing set value when switching between ipv4 ... Darren Embry
11:09 PM Revision b771e469: change behavior a bit on #bits dropdown
this is prepwork for restoring 24/64 bit defaults in vpn_ipsec_phase2 Darren Embry
10:17 PM Revision 6255beda: add feature #2320 to vpn_ipsec_phase2.php.
note: had to disable existing behavior that modified the value of the
behavior.
existing behavior that disables/enab... Darren Embry
10:17 PM Revision 0f907a68: bug fix for #2320: on firewall_virtual_ip_edit.php it jumps to a length of 1 on a valid ipv4
Darren Embry
10:17 PM Revision f57a578d: work around a redeclaration error.
i'm going to start a discussion about making sure all require() calls
become require_once() calls but until then i ha... Darren Embry
09:11 PM Revision f99aa333: Unbreak interface.inc after manual merge
Ermal LUÇI
09:08 PM Revision 87744d53: missed a spot for feature #2320 toggle subnet mask
Darren Embry
09:07 PM Revision 4459f03d: Remove slipped line
Ermal LUÇI
08:48 PM Revision d7afd900: use existing filter_expand_alias (well, via a wrapper) instead of
reinventing it Darren Embry
08:30 PM Revision 67898061: Unbreak openvpn
Ermal LUÇI
08:30 PM Revision d34b186c: Unbreak openvpn
Ermal LUÇI
08:24 PM Revision ccf346dd: Bump config version to take care of new vips
Ermal LUÇI
08:23 PM Revision 00b97dee: Reread config after doing footshooting
Ermal LUÇI
08:22 PM Revision 7b47bd4c: Make vips vhid be unique per parent interface!
Ermal LUÇI
08:13 PM Revision 4d0c032c: Make vips vhid be unique per parent interface!
Ermal LUÇI
07:06 PM Feature #2320: Javascript helper to toggle subnet mask length for IPv4/IPv6 during input
I've restored default 24/64 bits.
I had to modify the normal behavior on dropdown value changes between ipv6 and i... Darren Embry
06:47 PM Feature #2320: Javascript helper to toggle subnet mask length for IPv4/IPv6 during input
Okay, all my changesets are committed now. Gotta think hard about this one then. Darren Embry
06:07 PM Feature #2320: Javascript helper to toggle subnet mask length for IPv4/IPv6 during input
it should still default that way on IPsec. For v4 addresses, show 1-32 and default to 24, and for v6, show 1-128 and ... Chris Buechler
06:03 PM Feature #2320: Javascript helper to toggle subnet mask length for IPv4/IPv6 during input
In vpn_ipsec_phase2.php there is some existing client-side JavaScript logic that changes the selected value for the #... Darren Embry
05:33 PM Feature #2320: Javascript helper to toggle subnet mask length for IPv4/IPv6 during input
fixed firewall_virtual_ip_edit.php (will commit soonish)
 Darren Embry
05:04 PM Feature #2320: Javascript helper to toggle subnet mask length for IPv4/IPv6 during input
added on system_routes_edit.php Darren Embry
03:38 PM Feature #2320: Javascript helper to toggle subnet mask length for IPv4/IPv6 during input
Add on system_routes_edit.php too (needs gateways defined to save)
on firewall_virtual_ip_edit.php it jumps to a len... Seth Mos
06:36 PM Revision 01ed452e: Load Balancer: allow port aliases in Pools and Virtual Servers. (PEV-394754)
Darren Embry
06:31 PM Todo #2346 (Closed): do we need to change our require() calls to require_once()?
Not sure if this is the right venue to start a discussion, but...
My change to vlsb.inc as part of this changeset:... Darren Embry
06:15 PM Revision 99f6b2a9: Merge pull request #74 from irvingpop/master
Modify low-RAM threshold for disabling PHP APC Scott Ullrich
06:04 PM Revision 430b921b: Update etc/rc.php_ini_setup
Irving Popovetsky
05:47 PM Revision c1a104c7: Correct the fieldname we need to look into so we actually configure the tunneled interfaces.
Seth Mos
05:47 PM Revision cb515a86: Add a fix so that proper rules for 6to4 and 6rd are created which would otherwise generate rule errors.
Aren't tunneled interfaces fun! Seth Mos
05:10 PM Revision 0917cb21: load balancer: allow IPv4 subnets up to 64 addresses in Pools and Virtual Servers (PEV-394754)
Darren Embry
05:10 PM Revision 9859b2b5: minor changes
- aggh hard tab in a string
- aggh brackets in case clauses Darren Embry
05:10 PM Revision 939b2d75: normalize indentation.
Darren Embry
04:28 PM pfSense Packages Bug #2345 (Resolved): Varnish3 Install Fails on pfsense 2.1 Head
I've found a little bug in /etc/inc/pkg-utils.inc on pFsense 2.1 HEAD Releases with pbi support.
It's because of t... Julian Sternberg
03:33 PM Revision 6fb4a0b1: Add post config and correct variable names
Warren Baker
03:14 PM Revision 7839ec18: Remove custom options from basic settings page
Warren Baker
03:10 PM Revision ac2cfab2: Ensure interfaces are saved correctly
Warren Baker
02:45 PM Revision a7caf4d6: fix typo
Warren Baker
02:41 PM Revision 49f81faa: Add unbound user
Warren Baker
02:19 PM Revision 27bb6557: Setup chroot environment for unbound
Warren Baker
02:04 PM Bug #2063: PHP Memory Usage too high for 128MB RAM Systems (like ALIX)

Pull request for solution #1 here: https://github.com/bsdperimeter/pfsense/pull/74
Regarding #2 (auto-set the ... Irving Popovetsky
01:17 PM Revision 3f2e3bcf: Remove Extra brace
Warren Baker
01:09 PM Revision 9e7cc68f: Use global variable
Warren Baker
01:08 PM Revision 89fd3ed3: Use isset() for DNSSEC status
Warren Baker
01:07 PM Revision 4b7ea181: Specify path to unbound config file
Warren Baker
12:18 PM Revision 830a82e7: Merge pull request #73 from phil-davis/master
Minor text typo fixes to recent unbound file commits Warren Baker
12:16 PM Revision 8314e2a3: Handle enable/disable options
Warren Baker
12:01 PM Revision 72049148: A minor typo fixed
Phil Davis
11:54 AM Revision fc6e0fbf: Was looking at what is coming in new builds and noticed a couple of typos and small point of English grammar, so thought it worth 5 minutes to update it.
Phil Davis
11:31 AM Revision 4ed3cc97: Add input checks
Warren Baker
11:21 AM Revision f196aba3: Add select box for outgoing queries
Warren Baker
11:13 AM Revision 467748e3: Better descriptions and cosmetics
Warren Baker
11:08 AM Revision 43a987e4: Add ACL id functions
Warren Baker
11:04 AM Revision eac1d3f9: Correct wording
Warren Baker
11:03 AM Revision bd82f06b: Correct links
Warren Baker
10:59 AM Revision 2bb29c16: A whole bunch of changes to the general settings page and advanced settings
Warren Baker
10:59 AM Revision 27d98335: Add Access Lists page for Unbound ACLs
Warren Baker
09:19 AM Revision 431f6526: Merge branch 'master' of github.com:bsdperimeter/pfsense
Warren Baker
09:18 AM Revision 14b1279d: Add Unbound GUI bits
Warren Baker
07:38 AM Bug #2333: CARP filter_synchronize PHP error, can not break
This was a setup with 2 carp members that only shared a single ipv6 vip.
Config sync was on the LAN interface over... Seth Mos
07:27 AM Bug #2338: outbound NAT rules rewrite themselves if active interface is deleted
the issue is it removes the interface from the outbound NAT rule and then assumes WAN when there is no interface. del... Chris Buechler

04/04/2012

06:16 PM Revision df0e1f2d: Good catch jim :)
Ermal LUÇI
06:05 PM Revision 870952cf: Just php does not like this variable name and just prepends the 1 in output!
Ermal LUÇI
05:44 PM Revision 08ab5cd2: Expand these checks to include 'dynamic' or they'll never match dynamic gateways, leading to issues with routing.
Jim Pingle
03:43 PM Revision 08743d6d: Set the table limit before loading tables. This may help in cases where a ruleset fails to load due to table size, and the user increases the size but still can't load the rules.
Jim Pingle
03:36 PM Revision 73c8a6c7: Make sure that we reconfigure the tunneled interfaces when we get a new ipv4 address.
Seth Mos
03:35 PM Revision da664d19: Fix newlines
Jim Pingle
03:34 PM Revision 1ab1f0a9: Fix newlines
Jim Pingle
03:29 PM Revision 5bf2cc84: Change the firewall rules to prevent firewall rule errors
Seth Mos
01:53 PM Revision 4a41dff7: Bail out without a valid IPv6 address so we don't generate a invalid dhcpv6 server config
Seth Mos
12:55 PM Revision 479f0fda: Add realif overrides for tunneled interface, we want to override get_real_interface() here as it does not know address families and we don't know which the user wants.
Seth Mos
12:51 PM Revision 1132ff35: Add section for the dhcp6link status
Seth Mos
12:06 PM Revision 74c834f1: Add better hardening to the dynamic gateway code, handle IPv6 networks better
Prevent duplicate monitor IP addresses in the apinger configuration, otherwise we might end up with -4 million milise... Seth Mos
11:21 AM Bug #2338 (Resolved): outbound NAT rules rewrite themselves if active interface is deleted
To recreate:
1. Configure a working system with WAN, LAN, OPTx
2. Disable Automatic Outbound NAT and deleted auto... David Burgess
10:59 AM Revision 04747c75: dl(), which is used by PEAR, is deprecated in 5.3 and fails to thus load this extension. No updates to PEAR either, so we can either always load like here or mod PEAR.inc. Should fix #2336
Warren Baker
07:04 AM Bug #2336: PHP extensions missing in amd64 builds (at least)
The RADIUS one is due to 5.3 and the deprecated dl() function. PEAR.inc makes use of dl() when loading the radius mod... Warren Baker
07:00 AM Bug #2336 (Feedback): PHP extensions missing in amd64 builds (at least)
Applied in changeset commit:04747c755f5453e059561ae01171a449c9b14432. Warren Baker
04:07 AM Bug #2336: PHP extensions missing in amd64 builds (at least)
Chris Buechler wrote:
> with MSCHAP:
The MSCHAP problem should be fixed with commit:bfc051081019abb7276223c89a45... Warren Baker

04/03/2012

08:19 PM Revision 6ffef738: Merge pull request #71 from ebrandi/r53dyndns
Patch to add Route 53 as new Dynamic DNS provider into dyndns infrastructure Ermal LUÇI
06:59 PM Revision 4aab9c6c: If the end of the prefix6 range does not align with a multiple of the delegation size then dhcpd will not start.
The dhcp6 server page will need input validation for this. Seth Mos
05:43 PM Bug #2336 (Resolved): PHP extensions missing in amd64 builds (at least)
Trying CP w/RADIUS in latest 2.1 snapshot results in:
with PAP:... Chris Buechler
12:54 PM Revision bfab2419: Add a command that should be able to extract the DUID for us.
Seth Mos
12:15 PM Revision 5632ae55: Add filter code that will automatically add pass rules for delegated IPv6 prefixes.
These rules can be overridden by user rules. Seth Mos
11:55 AM Revision ea2ab24d: Adjust the delegated prefix length for 6to4 to 16 bits
Seth Mos
11:12 AM Revision f9eb5ebb: Fix the comment text for 6to4 proto 41 rules.
Make sure that the DHCPv6 firewall rules for track6 interfaces are added. Seth Mos
10:48 AM Revision 3d05e59a: Remove debugging print_r();
Seth Mos
10:36 AM Revision c45b079d: Make sure that we can create a /64 delegation for very short prefixes.
Seth Mos
10:26 AM Feature #2016: DHCPv6 Server doesn't load if NTP server specified
http://linux.die.net/man/5/dhcp-options Seth Mos
08:40 AM Revision 89a5203c: Improve the prefix delegation math somewhat.
Seth Mos
08:27 AM Revision a6610d82: Automatically configure DHCPv6 servers for interfaces set to track6 another WAN.
If the prefix length permits it we setup DHPP-PD for the LAN clients so it can be daisy chained. Seth Mos
06:34 AM Revision 50a6400f: Add more possible prefix lengths for the DHCPv6 server for prefix delegation.
Seth Mos
04:11 AM Revision 78affc3c: Set the IPaddrv6 field for the lan to track6 so it autoconfigures from the WAN.
I forgot to remove the link local address it had in it on the original commit. Seth Mos
04:04 AM Revision 0ca7f8fe: Fix botched config.xml merge error. Remove duplicate ipaddrv6 tag.
Seth Mos

04/02/2012

09:16 PM Revision 6873d487: Remove this track6 line as it causes an xml error
Jim Pingle
03:14 PM Revision 6d778ed0: Changeout the told dhcp-pd config for the new track6 style autoconfiguration of the lan interface.
Seth Mos
02:23 PM Bug #2335 (New): IGMPProxy and CARP Results in System Instability Upon Reboot
This scenario was replicated on 3 PCs with various network cards on 2.01.
Enabling a CARP interface on a box with ... J P
12:29 PM Revision a94f97b5: Add quick to the DHCP6 client and server rules
Seth Mos
12:07 PM Revision 73778c3f: We want to actually compress the IPv6 address, not uncompress.
Seth Mos
11:47 AM Revision 6c99bb63: Correct variable names and foreach assignment
Seth Mos
11:35 AM Revision cab9d832: Correct the DHCP6 client function to reflect the track6 changes
Seth Mos
11:23 AM Revision 6f1da659: Open up the DHCPv6 server firewall ruiles
Seth Mos
11:03 AM Revision 37b1c848: Reverse the echo request and echo reply for input and output filters
Seth Mos
10:58 AM Revision dbcddabc: Adjust the DHCP6 client firewall rules
Seth Mos
10:47 AM Revision e53ffe8d: Remove this file, it causes other issues
Seth Mos
10:28 AM Revision 74fa57aa: Fix the find dhcp6 process function to report the actual pid instead of the grep pid.
Remove spurious double debug line Seth Mos
10:10 AM Revision 239e817a: Add missing DHCP6 track6 support function
Seth Mos

04/01/2012

03:01 PM Revision 556abcab: Adjust the firewall rules for 6rd and 6to4 proto 41 traffic
Ticket #2117 Seth Mos
01:47 PM Feature #2117: 6RD support for ISPs like Swisscom
Ok, I've switched the tree back to the modified stf device which does receive IPv6 packets by proto 41 and can also s... Seth Mos
11:06 AM Revision 4aa569bd: Comment out the srd 6rd device and put in the patched stf device commands.
Still doesn't work but Ermal might be able to debug easily Seth Mos
10:43 AM Revision 2d5ca06e: A few more improvement such that tracking interfaces are automatically configured from the client interface
Seth Mos
08:03 AM Revision 1aa19130: Remove suprious debugging line
Seth Mos
07:55 AM Revision 86a139fc: Add interface tracking support for native dynamic IPv6 interfaces like dhcp6 too.
Correct the function name to reflect the RA daemon changeout Seth Mos
07:50 AM Revision 69b54cbe: Add logic that (re)configures the dependent interface that has interface tracking setup for a tunneled IPv6 protocol.
Seth Mos
07:41 AM Revision a11a839d: Add the stf0 interface to interface_has_gateway_v6() for 6to4
Seth Mos
06:27 AM Feature #2123: Backup RRD files using the xml dump and restore from RRD tools
Not sure if instructions here are clear enough, ask away.
The current RRD backups perform a tar command on /var/db... Seth Mos
06:05 AM Bug #2334 (Resolved): quality rrd graphs do not automatically refresh
With the RRD page left open on the quality graphs these do not automatically refresh. Perhaps check if jQuery is stil... Seth Mos
06:00 AM Bug #2333 (Resolved): CARP filter_synchronize PHP error, can not break
PHP Errors:
[01-Apr-2012 08:31:40 UTC] PHP Fatal error: Cannot break/continue 1 level in /etc/rc.filter_synchronize... Seth Mos
05:49 AM Bug #2332 (Resolved): gateways always renamed to "dynamic". Implement proper IPv6 support
When a dynamic IPv6 type is specified all gateways will be tagged "dynamic".
Trying to modify an existing static v... Seth Mos
05:03 AM Revision cd132e86: This patch add Route 53 as new Dynamic DNS provider into dyndns infrastructure.
Due requeriments to handle requests to Amazon AWS API, it need root certificates package (ca_root_nss-3.12.4.tbz) and... Edson Brandi
03:59 AM Bug #2306: USB ports show up as network interfaces
they show as network interfaces on stock FreeBSD 8.3 and newer, some gripes on FreeBSD lists on it, no responses as t... Chris Buechler
03:58 AM Bug #2231: Dashboard: Traffic Graph: Unable to save settings
Do you have enough information to on this? Seth Mos

03/31/2012

06:41 PM Revision 20a7cb15: Add interface tracking support. With this it is now possible for dynamic IPv6 interfaces to setup the corresponding lan interface for RA.
DHCP6 with prefix delegation to follow later for automatic daisychaining. Seth Mos
02:23 PM Bug #2331 (Rejected): Saving default queue results in error message
Hi,
when changing the traffic shaper queue that is marked as "default", the system complains that there can only b... Oliver Loch
09:50 AM Revision d7d2dc52: Do not process for disabled interfaces
Seth Mos
09:40 AM Revision c18a10cc: Make sure we only generate entries for radvd when we actually have a IPv6 prefix
Seth Mos
06:30 AM Bug #2278 (New): IPv6 Carp vip both master on FreeBSD 8.3
Chris Buechler
06:08 AM Feature #1825: Dynamic DNS client IPv6 support
pushing to 2.2 since it seems it's not supported by any of the providers yet. Chris Buechler
06:01 AM Feature #1828 (Resolved): Server load balancer IPv6 support
Chris Buechler
06:00 AM Bug #2066 (Resolved): Error when deleting all-numerical user from a "user manager"
confirmed fixed Chris Buechler
05:58 AM Todo #647 (Resolved): Move CARP settings from pkg XML to a real PHP page
this all seems good, tested on config upgrade and starting from scratch on 2.1.
Chris Buechler
05:48 AM Bug #2330 (Resolved): vouchers disappear when saving
config attached to replicate.
Browse to Services>CP, edit the zone, go to the Vouchers tab. You'll see the vouche... Chris Buechler
05:45 AM Bug #2311 (Resolved): Wrong redirection URL (from http -> https) missing colon char
this particular issue is fixed Chris Buechler
05:40 AM Bug #1999 (Resolved): Existing voucher settings upset new CP Zones/Vouchers code
confirmed fixed Chris Buechler
04:44 AM Revision 04e999cf: more changes CARP -> HA where CARP != CARP.
Chris Buechler
01:48 AM Bug #1700 (Resolved): Captive Portal cannot work on master branch
this fixed CP in general, CP+IPv6 is a separate ticket for 2.2. Chris Buechler
01:24 AM Feature #2321 (Resolved): Move log locations
looks good Chris Buechler
01:23 AM Bug #2329 (Resolved): checkbox js problem on diag_logs_settings.php
When initially loading diag_logs_settings.php, the checkboxes under "Remote Syslog Contents" for "System events", "Fi... Chris Buechler
01:21 AM Bug #2328 (Resolved): Numerous non-CP logs ending up in CP logs
a number of logs not related to CP are ending up in the CP logs. The following a few examples. ... Chris Buechler
01:17 AM Feature #2034 (Resolved): Include VirtIO network driver
Chris Buechler
01:16 AM Bug #2072 (Closed): Limitation on multiple outbound PPTP connections
duplicate of #208 Chris Buechler
01:12 AM Bug #2289 (Assigned): Logic error in firewall rule interface selection for drop-down menu case
attached config replicates this Chris Buechler
12:59 AM Feature #2320: Javascript helper to toggle subnet mask length for IPv4/IPv6 during input
seems good to me, will let Seth give the final approval. Chris Buechler
12:34 AM Feature #1997 (Resolved): Add date picker to the Custom RRD graph page to translate to unix time.
this is fixed, looks good.
Simon - this isn't the place for OT questions, please post to the forum or list.
Chris Buechler
12:32 AM Bug #830 (New): Service provider information should be saved
correct, but when you go back to that screen it loses which "Service Provider" entry you actually picked. eg if I pic... Chris Buechler
12:29 AM Feature #1864 (Assigned): "Start" button for IPsec should be available for IP alias networks
example config attached. See Status>IPsec. The one with "Local network" LAN has the Start button. If you check Firewa... Chris Buechler
12:24 AM Bug #2327 (Resolved): disabling reply-to on floating rules doesn't work
confirmed fixed Chris Buechler
12:20 AM Bug #2144: pfSense dyndns for Namecheap doesn't work with hostnames containing "."
can anyone confirm this is fixed? Chris Buechler

03/30/2012

08:40 PM Revision 0ffb5926: Add the new pages for the relocated logfiles and messages.
Ticket #2321 Seth Mos
08:33 PM Revision 6c582308: Make sure to add a semicolon to indicate end of line syntax
Seth Mos
08:10 PM Revision 380cd810: Correct the field name, otherwise we have invalid syntax
Seth Mos
06:38 PM Bug #2327 (Feedback): disabling reply-to on floating rules doesn't work
should be fixed already.
https://github.com/bsdperimeter/pfsense/commit/12c7b5778418734a7ebbd816bb75522ca17a2a54 Chris Buechler
06:30 PM Bug #2327 (Resolved): disabling reply-to on floating rules doesn't work
Checking the "disable reply-to" on floating rules doesn't work, the reply-to is still there. One example rule:
<p... Chris Buechler
02:11 PM pfSense Packages Bug #1244: apache_mod_security_package missing mod_proxy.so (and perhaps others)
Issue doesent seem to be fixed Fresh amd64 2.0.1 install here too and the same issue with missing mod_proxy.so on amd... Mikael Hugo
12:51 PM Bug #2326: Erroneous successful webGUI authentication with blank password and AD authentication backend
This behaviour is detailed in section 5.1 of rfc 2829 - http://www.ietf.org/rfc/rfc2829.txt
5.1. Anonymous authent... Kane Rason
12:34 PM Bug #2326 (Closed): Erroneous successful webGUI authentication with blank password and AD authentication backend
Erroneous successful authentication to the webGUI when using Active Directory authentication and no password is speci... Kane Rason
08:08 AM Revision 31c43fd3: Add 6to4 support for automatic tunneling.
Seth Mos

03/29/2012

09:26 PM Bug #2324 (Feedback): AES 256 doesn't work with glxsb
this is an OS issue outside our control, try with 2.1 which has a newer base OS.
Chris Buechler
01:42 PM Bug #2324 (Closed): AES 256 doesn't work with glxsb
Enabling glxsb on Alix board (Netgate m1n1wall 2D13) prevents AES256 IPSec Phase2 connections from establishing:
M... Todd Blum
07:42 PM Revision 3f9cc8e4: Commit the config backend code for the switch to radvd
Seth Mos
04:29 PM Revision e12c63db: fix for bug #2322: Fix CP secondary RADIUS auth source GUI
http://redmine.pfsense.org/issues/2322 Darren Embry
03:18 PM Revision a53794c9: possible fix for Bug #2311: Wrong redirection URL (from http -> https) missing colon char
Darren Embry
03:05 PM Bug #1700: Captive Portal cannot work on master branch
Grab CP since i am more acustomed to it Ermal Luçi
02:27 PM Bug #1700: Captive Portal cannot work on master branch
Just to be clear, someone else needs to look at this to figure out what to do on ipv6 so I'm going to assign this bac... Darren Embry
03:02 PM Bug #2311: Wrong redirection URL (from http -> https) missing colon char
OK, just synced my 2.1 with the file from git, and the malformed 302 redirection URL issue seems fixed.
However:
... Dim Hatz
02:21 PM Bug #2311 (Assigned): Wrong redirection URL (from http -> https) missing colon char
Chris, I'm pretty sure I fixed the problem just from looking at the code but I need you to test this please because f... Darren Embry
12:59 PM Bug #2311: Wrong redirection URL (from http -> https) missing colon char
Yes, it's the standard CP with SSL login enabled, i.e. CP answers http requests (forwarded via ipfw to 127.0.0.1:8000... Dim Hatz
11:13 AM Bug #2311 (Feedback): Wrong redirection URL (from http -> https) missing colon char
I believe I found and fixed the bug but can you provide steps to reproduce along with config.xml?
And this is with... Darren Embry
02:29 PM Feature #2320: Javascript helper to toggle subnet mask length for IPv4/IPv6 during input
Chris, I'm reassigning this to you so you can test this or have someone else test it out. I'm pretty sure I've found... Darren Embry
02:28 PM Bug #1874: Captive Portal Login dies on empty input
Ermal, I strongly believe you should be assigned this one then, so I will assign accordingly. :-)
 Darren Embry
02:26 PM Bug #2261 (Resolved): Spanning Tree interface priority options do not alter Bridge
I'm closing this then. Darren Embry
02:21 PM Bug #2325 (Duplicate): Limiters don't work on OPT WAN rules w/rdr
Putting a limiter on an OPT WAN (any WAN that doesn't have the default gateway) breaks traffic through rdrs (at a min... Chris Buechler
01:03 PM Bug #830 (Feedback): Service provider information should be saved
I guess you're talking about Service Provider stuff under PPP configuration when you select PPP as an IPv4 configurat... Darren Embry
12:43 PM Feature #1864 (Feedback): "Start" button for IPsec should be available for IP alias networks
If you could give me steps to reproduce/get to state where there should be a start button but isn't one, that would b... Darren Embry
12:24 PM Bug #2322 (Resolved): Fix CP secondary RADIUS auth source GUI
fixed in changeset e12c63d
 Darren Embry
12:16 PM Bug #2322 (Assigned): Fix CP secondary RADIUS auth source GUI
Darren Embry
12:12 PM Bug #2322: Fix CP secondary RADIUS auth source GUI
that's correct Chris Buechler
11:53 AM Bug #2322 (Feedback): Fix CP secondary RADIUS auth source GUI
Darren Embry
11:53 AM Bug #2322: Fix CP secondary RADIUS auth source GUI
So right now we have:... Darren Embry
12:09 PM Feature #1361 (Feedback): DNSMasq, source interface and IPSec VPNs
Darren Embry
12:08 PM Feature #1361: DNSMasq, source interface and IPSec VPNs
Hugh, any chance you can provide the patch in the form of a *unified diff* or *context diff* please, and *attach* it ... Darren Embry
11:40 AM Revision adc91ab7: Unbreak the 6rd config setting now that the javascript was fixed.
Pointy hat to /me
Ticket #2304 Seth Mos
10:20 AM Revision e0977fed: Move some of the log file tabs around.
Add seperate tabs for dnsmasq,unbound as well as gateways. Seth Mos
08:53 AM Bug #2304 (Resolved): The javascript to enable and disable the various config boxes fail since adding the 6rd IPv6 config type
My bad, fixed now. Seth Mos
08:47 AM Bug #2304 (Assigned): The javascript to enable and disable the various config boxes fail since adding the 6rd IPv6 config type
Ok, the javascript successfully works now, but I can not save the interface config when I select "6rd" and press save... Seth Mos
08:15 AM Bug #1996: status_graph.php is not displaying real-time bw stats
The rate binary does not have any support for IPv6. This is unfortunate.
I've emailed the author. Seth Mos
07:36 AM Feature #2321: Move log locations
Just committed.
https://github.com/bsdperimeter/pfsense/commit/e0977fed0fabd99dcfec0611bf27f133c85b24fd Seth Mos
05:54 AM Feature #2321: Move log locations
Yes, we will move the System logs to a new top level tab as Discussed in IRC with Chris.
+System
- General
- Gat... Seth Mos
07:17 AM Revision 8e4893fc: Merge pull request #69 from ovidiucp/master
Fix domain search list for MacOS X clients Seth Mos
05:19 AM Feature #2323 (New): GUI doesn't allow to configure DHCP server to serve IP addresses belonging to subnets wich are not associated with an interface
What I'm trying to do is actually to relay DHCP requests received in multicast by a switch to pfSense using unicast.
... Romain De Rasse
04:48 AM Revision 107e8acc: Make domain search list work for MacOS X clients, by adding
option domain-search "domain1", "domain2", "domain3";
to /var/dhcpd/etc/dhcpd.conf
I reported this as a bug on the ... Ovidiu Predescu

03/28/2012

10:50 PM Revision f51d5d57: feature #2320: JS helper to toggle subnet mask for ipv4/v6 during input
http://redmine.pfsense.org/issues/2320 Darren Embry
10:31 PM Revision 979b179d: prep work for feature #2320: tag for ipv4v6 fields
Darren Embry
08:58 PM Revision 980ded5a: prep work for feature #2320: stub js function
Darren Embry
08:57 PM Revision a94c3e43: prep work for feature #2320: tag dynamic fields for ipv4v6
Darren Embry
08:56 PM Revision a8fe61f1: prep work for feature #2320: tag fields for ipv4v6
Darren Embry
08:19 PM Bug #1946 (Closed): /usr/local/www/services_captiveportal.php
#2322 open to fix what this broke and clear up the reason for the confusion. Chris Buechler
08:18 PM Bug #2322 (Resolved): Fix CP secondary RADIUS auth source GUI
CP in 2.1 supports a secondary authentication source for RADIUS, so you can pick between two authentication sources d... Chris Buechler
08:09 PM Bug #1525 (Resolved): OpenVPN passtos does not work
Chris Buechler
08:09 PM Bug #1537 (Closed): Openvpn Client Exporter does not clean up itself
Chris Buechler
08:08 PM Bug #2004 (Resolved): Client Specific Override ->Tunnel Network
Chris Buechler
08:07 PM Bug #2027 (Resolved): "kip" firewall log parsing bug
Chris Buechler
08:07 PM Bug #1625 (Resolved): installer shouldn't offer to install over boot drive/partition or install bootblocks on boot drive
Chris Buechler
08:04 PM Bug #2080 (Closed): display_error_form in /etc/inc/authgui.inc does not set a HTTP status code
Chris Buechler
08:04 PM Bug #2068 (Resolved): dyndns update (rfc 2136) error when more as one entry
Chris Buechler
07:56 PM Feature #675 (Closed): Autocreation of rules to allow all traffic between bridged interfaces
Chris Buechler
07:56 PM Feature #603 (Resolved): Add proxy support for internal HTTP functions
Chris Buechler
07:55 PM Bug #673 (Resolved): SSHD keys not created on restore
Chris Buechler
07:55 PM Feature #677 (Resolved): Allow custom SMTP port for notifications
Chris Buechler
07:54 PM Feature #690 (Closed): Move SSH Authentication Attempts from System Log to New Log
Chris Buechler
07:52 PM Feature #796 (Resolved): Add 95th Percentile Line to RRD
Chris Buechler
07:52 PM Feature #697 (Needs Patch): Updateprocedure in the GUI
Chris Buechler
07:51 PM Feature #1057 (Needs Patch): Limiter mask only supports dest/src ip
Chris Buechler
07:49 PM Feature #1368 (Needs Patch): DHCP Leases - description column
Chris Buechler
07:49 PM Feature #1369 (Needs Patch): DHCP Leases - Hostname Unsuitable for Printing
Chris Buechler
07:46 PM Feature #1504 (Needs Patch): Verizon 3g usb760
Chris Buechler
07:46 PM Bug #1505 (Needs Patch): usb 3g 760 modem doesn't respond
Chris Buechler
07:45 PM Bug #1600 (Resolved): Captive Portal Reauthentication
Chris Buechler
07:44 PM Bug #1554 (Resolved): Voucher page turns grey after parameter change
Chris Buechler
07:41 PM Feature #1864 (Assigned): "Start" button for IPsec should be available for IP alias networks
Chris Buechler
07:41 PM Bug #1865 (Resolved): Fatal error by saving System: Advanced: Miscellaneous
Chris Buechler
07:41 PM Feature #1867 (Closed): RFE: DHCP Server option to set interface-MTU option to lowest WAN interface value
that's generally undesirable. That's why MSS clamping exists. Chris Buechler
07:40 PM Bug #1882 (Resolved): Invalid pf rule generated from a port forward with dest=any on an interface with ip=none
Chris Buechler
07:38 PM Feature #2057 (Resolved): Ability to disable the auto-added "Negate policy routing" for VPNs
Chris Buechler
07:27 PM Feature #1361 (Assigned): DNSMasq, source interface and IPSec VPNs
need to merge the above diff though it may not cleanly apply anymore and need some manual help. Chris Buechler
07:25 PM Feature #1520 (Closed): Option to disable the automatic default gateway (re)selection
this particular feature as noted in the original post is good and has been since 2.0, if there are other issues they ... Chris Buechler
07:23 PM Bug #830 (Assigned): Service provider information should be saved
Chris Buechler
07:21 PM Bug #2311 (Assigned): Wrong redirection URL (from http -> https) missing colon char
Chris Buechler
07:20 PM Feature #2321 (Feedback): Move log locations
Need more info.
Are we going to move System under a new top-level tab?
If yes what's that new top-level tab going... Darren Embry
04:09 PM Feature #2321 (Resolved): Move log locations
The current System logs are getting a bit crowded.
In discussion with Chris we thought making System a 2nd tab row... Seth Mos
06:46 PM Feature #2320 (Feedback): Javascript helper to toggle subnet mask length for IPv4/IPv6 during input
Pretty much done. I've done *some* testing but I want others to test as well. Darren Embry
03:51 PM Feature #2320 (Resolved): Javascript helper to toggle subnet mask length for IPv4/IPv6 during input
There are numerous places in the UI where one is free to enter a IPv4 or IPv6 address, however, the max subnet mask l... Seth Mos
01:53 PM Feature #2319 (Resolved): include SSD TRIM option in installer
With FreeBSD 8.3 now supporting SSD TRIM, it would be beneficial to SSD users to have the option to enable this featu... David Burgess
11:28 AM Feature #1828 (Feedback): Server load balancer IPv6 support
I believe this just needs more testing. I have used our relayd on 2.1 to run a DNS LB even on IPv6 IPs, so I know it ... Jim Pingle
12:59 AM Revision 17aa0c18: Ticket #2317: typo, use ipaddrv6 instead of ipaddr
Pierre POMES

03/27/2012

10:23 PM pfSense Packages Bug #2318 (Resolved): Mod_Proxy
Hi, after install mod_security package in pf 2.0.1 amd64, I get this error.
The mod_proxy doesn't exists.
The ... Carlos Cesario
08:56 PM Bug #2317 (Resolved): DHCPv6 static mapping
Chris Buechler
08:55 PM Bug #2317 (Feedback): DHCPv6 static mapping
Thanks, should be fixed now.
 Pierre POMES
08:45 PM Bug #2317 (Resolved): DHCPv6 static mapping
Get error when I try to Apply Changes on page Services: DHCPv6 server, after adding static mapping
Warning: inet_p... Andreas Cider
07:46 PM Feature #1997: Add date picker to the Custom RRD graph page to translate to unix time.
I can't speak for daylight saving time handling but the rest of your needs are fit by this.
http://trentrichardson... Darren Embry
02:58 PM Bug #2314: Members to bridge not added

If this is related to what Im seeing here- http://forum.pfsense.org/index.php/topic,46738.0.html
then this sta... Chris Palmer
04:14 AM Bug #2314: Members to bridge not added
I did the daily update via the webgui, so I guess that's a binary update. Florian Hibler
03:09 AM Bug #2314: Members to bridge not added
You did a binary upgrade or just gitsync to 2.1? Ermal Luçi
 

Also available in: Atom