Activity
From 05/22/2012 to 06/20/2012
06/20/2012
-
04:32 PM pfSense Packages Bug #2350: Freeradius2 does not start up
- .PBIs for amd64 and i386 are now up.
freeradius.inc was modified to fit pfsense2.1 environment.
Basic authenticatio... -
03:27 PM pfSense Packages Bug #2509 (Resolved): Snort pfsense_rules should go away
- Snort's pfsense_rules no longer exists and should be removed from the package.
-
05:45 AM Bug #1841: TCP state issue when traffic passing through a GRE tunnel within IPSEC
- Sorry, should have mentioned, both pairs of firewalls are running 2.0.1
-
- I have the same problem as well, over gif tunnels as well as gre.
I use IPSEC transport mode between the CARP WAN ...
06/19/2012
-
04:15 PM Bug #2038: Some 3G WANs on 2.0.x do not come up on cold boot
- Found a generic 3G modem device wader that caters to a lot of existing kit. Biggest drawback is that it's python. Not...
-
02:43 PM Bug #2507 (Rejected): nanobsd is incredibly slow to save
- Duplicate of #2401
-
02:42 PM Bug #2507 (Rejected): nanobsd is incredibly slow to save
- Since upgrading to 2.1 snapshots the web interface is incredibly slow to save any settings. The pages load quickly en...
-
-
01:35 PM Bug #2458: Pfsense not registering DNS servers found by PPP
- Works for me too now, thanks a lot.
-
-
10:11 AM pfSense Packages Bug #2345: Varnish3 Install Fails on pfsense 2.1 Head
- I can now confirm that the latest snapshot [2.1-BETA0 (amd64) built on Mon Jun 18 20:06:29 EDT 2012] fixes the proble...
-
- Aliases can have both IPv4 and IPv6 addresses. Ermal did add some IPv6 support bits, but I'm not sure if he added qua...
-
02:17 AM Feature #1668: OpenVPN Client Export support Tunnelblick
- Creating a Tunnelblick configuration (not a installer bundle) seems pretty straightforward as the uncompressed config...
06/18/2012
-
11:45 PM Bug #2506 (Resolved): filterdns needs help for IPv6
- filterdns appears to solely use IPv4 IPs in aliases. Need to determine how to handle that, especially whether PF tabl...
-
- I'd like to be able to disable and enable multiple firewall rules at once. It would make it easier for troubleshootin...
-
- Just tested a upgrade from a 2.0.2 VM to 2.1, configured WAN for DHCP6 and LAN as track, prefix id. 0
Does not bring... -
- I saw room for improvement regardless, we now have a ipprotocol tag so we don't have to guess the address family. Jus...
-
- edit a static IPv4 gateway, blank out the monitor IP, save. Edit it again, try to put in a monitor IP, and it does this.
-
- Can you give me what specific case this applies too? I can't replicate it with a static IPv4 gateway.
-
- Not able to replicate just yet.
I have a static gateway on my LAN for the Cisco 1811 and I can add a monitor IP just... -
- Ok, replaced cut with awk and now it does what I intended, fixed on PPPoE test and PPP 3G test. (v4 only)
-
-
- Yeah, *99# is the default dial string for these types of devices, similar to bluetooth. Pretty much the defined dial ...
-
- Appears to be resolved?
-
- Ok, so I added code to add the IP alias for IPv6, but removing does not work.
Ermal, can you add support for IPv6 ... -
- I will wait a couple of days, try the new snapshot and report back the status.
In the mean time, thanks! -
- This is because the package is set to download from a non-pfSense site, something we're trying to clean up. The PBI i...
-
- I can confirm this workaround to work on 2.1 [2.1-BETA0 (amd64) built on Mon Jun 11 18:14:31 EDT 2012].
-
03:06 AM Bug #2349: vlan(4) needs altq adaption on FreeBSD 8.3++
- Working great for me now, thanks Ermal for your hard work!
06/17/2012
-
09:43 PM Feature #2504 (New): lagg enhancements
- The FreeBSD man page for lagg gives an example of configuring a lagg with a WiFi interface as a member.
The pfSens... -
- adding a monitor IP to a static IPv4 gateway results in "The IPv6 monitor address <IPv4 IP> can not be used with a IP...
-
- Should be fixed now, caused by external config loader.
-
- PHP Errors:
[01-Jan-2000 01:11:16 UTC] PHP Fatal error: Cannot redeclare encrypted_configxml() (previously declared...
06/16/2012
-
- Add an option to firewall_rules_edit.php for no-sync to keep states from being synced via pfsync.
06/15/2012
-
06:56 PM Feature #2462 (Feedback): New 3G (PPP) provider
-
- Okay, it's *actually* in github now. Forgot to 'git push' again. ;-)
-
- Seth, serviceproviders.xml is in our repos but there's an upstream.
I'm not sure how to specify the "phone number" o... -
- Seems like low hanging fruit.
Add a PPP device under interfaces assign, there, create a new PPP and there is a dro... -
- Seth, this one's way over my head. (at least for now.)
-
- This needs both frontend and backend code. Darren can you have a look.
-
- Johannes, am I correct in understanding that you want to announce multiple prefixes with multiple settings? e.g. diff...
-
- Regarding the "common list" you mentioned, there seem to be quite a few minor variations of it but yeah I find that t...
-
- Sorry, forgot about the bit that actually modifies /var/etc/radvd.conf. The bit that modifies /cf/conf/config.xml is...
-
02:49 PM Feature #2361: router adv. daemon only allows for one subnet / limited options
- user interface to add subnets looks great. But settings are not reflected in /var/etc/radvd.conf . Should the be? wi...
-
03:47 PM Bug #2496: The use of php exec() and php system() with pipe '|' will fail if the first output of a os command is long enough.
- Maybe xdebug issue or something else.
-
02:41 PM Bug #2496: The use of php exec() and php system() with pipe '|' will fail if the first output of a os command is long enough.
- Hi Chris
I don't know why you guys can't reproduce this.
The code is being watched live through Xdebug v2.1.3 a... -
- Not sure what you're seeing, but none of us can replicate that with the exact same thing you're doing substituting di...
-
- System:
uname -a
FreeBSD pfSense.localdomain 8.3-RELEASE-p2 FreeBSD 8.3-RELEASE-p2 #0: Mon Jun 11 02:55:34 EDT ... -
- No and please discuss this on the forum.
-
09:35 AM Bug #2497 (Rejected): Captive Portal authentication is bypassed
- As suggested in http://forum.pfsense.org/index.php/topic,50311.0.html the "CP multiinstance patch" might have broken ...
-
- Jim P wrote:
> Don't forget about the widget, too :-)
done.
-
- Seth or Darren will need to look over the enable test probably, I'm not sure what all is needed there.
Don't forget ... -
- Added in commit:0ed8d746e2.
Needs Feedback / Closing.
06/14/2012
-
-
- Hugh, your patch is in github now.
-
- Applied in changeset commit:8c4ee06242721655f29d98064516d0c26f723b68.
-
- and forgot to commit that work until just now
-
- just added subnets and support for aliases.
-
- Applied in changeset commit:622caf8fee84e0744da2b4cd9ea5d1fc4c499388.
-
-
- fixed in github.
not quite sure that dropdowns need additional validation because you can't select an option that ... -
12:24 PM Bug #2398: tftpd and tftp-proxy (inetd?) dies after WAN periodic reset
- I've not spotted the trigger condition, but I can confirm I'm seeing the same condition
with '2.1-DEVELOPMENT (amd64... -
- Having upgraded from stable to 2.1-BETA0 (i386) (built on Mon Jun 11 03:04:03 EDT 2012), a strange issue has occurred...
06/13/2012
-
- Some of this is already done but doesn't actually report an error to the user, it simply leaves the invalid parameter...
06/12/2012
-
- diag_packet_capture.php does minimal if any input validation. Every field on that page needs to be verified.
Interf... -
03:53 PM Bug #2437: PHP missing bcmath (that was solved for pfSense 2.0 two years ago, re-discovered in the latest pfSense 2.1)
- The fix provided by Seth Mos fixes the issue with bcmod() when running it from php command line, but it still doesn't...
-
11:03 AM Bug #2493: WAN loadbalancing rule fails on second/third safe
- Jim P wrote:
> Does it work if you disable "sticky" in System > Advanced on the Misc tab?
Yes - disabling stick... -
- $title =~ s/safe/save/
-
- Does it work if you disable "sticky" in System > Advanced on the Misc tab?
-
- Source routing rule is fine during the first time round. And appears in the pfctl output as:...
-
- See commit:8ec0a8bc and #2068.
-
- Ermal Luçi wrote:
> Seems the fix has been committed!
Ermail - what is the commit reference - I cannot find it ... -
- I don't see a reason to ever unset enable there, why is that there? Is that only if you re-assign interfaces and don'...
-
03:56 AM Bug #2490: Reassigning interfaces on console during restore causes them to be disabled, lose descriptions
- The reason I asked is that interfaces.php lets you store a blank descr in the config to get the default name.
-
- If descr is set the enable will not be removed.
For historic reason i left it there!
Please move on. -
- I don't think the dhcpv6 settings are synced up to the backup yet.
You'll need to configure that manually, and sel... -
08:11 AM Feature #1829: CARP with IPv6 support
- Finally got a snapshot that has working carp+radvd....
-
04:24 AM Feature #2492 (Needs Patch): identify changes lines before "apply"
- when a record in aliases or rules is changed one has to press "apply". in the meantime I would like to be able to see...
06/11/2012
-
- Is there any reason to ever unset the "enable" setting there? Is not the "enable" setting only set for opt interface...
-
- Applied in changeset commit:62784b050ad874bd8544531954b4b158036f9a23.
-
- When restoring a config, and reassigning interfaces at the console, somehow this happens:
* LAN/WAN are OK
* OPT in... -
09:59 PM pfSense Packages Feature #2487: DNS Servers Query Seqentially / Parallel
-
Attached patch file adds a DNS forwarder strict order option to System: General page.
The strict order option ... -
-
Looks like just adding the dnsmasq 'strict-order' option takes care of this.
Services: DNS Forwarder - Advance... -
-
-
System: General Setup
DNS Servers
Option for querying each server sequentially with a specified delay, rathe... -
- After disabling pfsync (in 2.0.1/2.0.2 at least), it isn't really disabled until you reboot.
-
- Seems the fix has been committed!
-
- When configuring more than one DDNS service to inform (e.g. if you have multiple WAN uplinks) - the first one will wo...
-
- The files are there now. If there are other errors after load them, start new forum threads/tickets as needed.
-
09:23 AM pfSense Packages Bug #2486: Snort Stable 2.9.2.3 pkg v. 2.1.1 platform: 2.0
- The problem is the rfile in the repository is snort-2.9.2.tbz not snort-2.9.2.3.tbz so it causes a 404. Same is true ...
-
- This should also, ideally, be able to setup bridges.
Something such as:
* Add new bridge
* Tell it which inter... -
- This is normal, cosmetic only, and harmless.
On FreeBSD, all IPs on an interface (aliases, and the actual "first" ... -
07:53 AM Bug #2488: WAN address changes to IP Alias ones randomly
- To be more precise, i've cuted this scenario in three screenshots,
1.png: Initial view of WAN address
2.png : Confi... -
- what do you mean "switches randomly"? There isn't any concept of primary vs. alias IPs, things like "WAN address" are...
-
- Hi everyone,
Recently updated my pfSense 2.0.1 to 2.1.
When configuring WAN address with IPv6 address, everything... -
10:05 AM Bug #2349: vlan(4) needs altq adaption on FreeBSD 8.3++
- I'll test this out sometime in the next 2 weeks and report back
-
- I am currently having this issue too and can confirm the problem is an error with both http://files.pfsense.org/packa...
06/10/2012
-
04:51 PM pfSense Packages Bug #2486 (Resolved): Snort Stable 2.9.2.3 pkg v. 2.1.1 platform: 2.0
- In my pfSense when i want to install snort:
I can't downlaod snort-2.9.2.3.tbz !
The older version was good...
B...
06/09/2012
-
- We should have an entry under Status > Services for radvd if it's enabled for any interface, to follow the custom of ...
-
- That's fine Johannes, not sure of the context for that in this case, generally comments like that would be reserved f...
-
- Resolved! Thanks
> Although I understand you file the ticket as high, we are not all full time paid developers or ... -
- Seems we need to revisit this again... If a NanoBSD upgrade reinstalls packages, once again it tends to completely ho...
-
06:49 PM Bug #2484 (Resolved): Serial console speed has no effect on NanoBSD
- Changing the serial console speed doesn't do anything on NanoBSD images - the console stays at 9600bps, even though t...
-
06:43 PM Bug #2483 (Closed): IPv6 Interface Aliases not functioning
- GUI supports adding an IPv6 alias - however it never actually updates the interface config.
-
- crash report
Crash report begins. Anonymous machine information:
amd64
8.3-RELEASE-p2
FreeBSD 8.3-RELEASE-... -
- Fatal error: Call to undefined method dnpipe_class::GetName() in /usr/local/www/firewall_shaper_vinterface.php on lin...
-
- looking good so far. Only thing missing is the ability to set subnets for the RA. Right now, it does only advertise t...
06/08/2012
-
- here are the new fields:...
-
- Applied in changeset commit:163e4b91b10fd54374d69b02cb6caad5db262842.
-
- oh wait, i forgot to add fields for dns, searchdomain, use same settings to the RA tab.
-
- implemented, please do further testing.
commit:f347547 split dhcpv6 server and ra #2361
commit:1c8dbfb remove the... -
- I think I may have fixed the snapshot. Otherwise please reopen.
Although I understand you file the ticket as high,... -
- I believe Seth had said this was because the snapshot was missing something that should be in the next new snapshot. ...
-
- just found additional logs in routing.log confirming the issue with the configuration file:
Jun 8 14:11:50 pfsens... -
- as of today's update, radvd no longer starts. No obvious error message I can see so far, but the config file looks ba...
-
- If you try to push a route, or route directly, for the subnet containing the VPN server, OpenVPN would accept the rou...
-
04:13 PM Feature #2479 (New): Allow reordering of the traffic graphs on the dashboard
- Since the meaning of opt1-optN is variable, listing interfaces in sequence is not very meaningful in many cases. e.g....
-
- NTP was completely reworked for 2.0.2 and 2.1 - this wouldn't be valid there because of the new design.
-
11:50 AM Bug #2478 (Closed): NTPd turns off after restoring a config file
- I don't know if this is designed this way on purpose or not but when restoring an XML config file from a system where...
-
- This has been complete on check_reload/pfSctl side.
-
- This is the last time I'm going to say it - it's impossible to do in a way that isn't trivially reversible. There's a...
-
-
As I’ve been pointing out and you don’t seem to be grasping, just because there is "seemingly" (by your claims any... -
- Insecurely storing your config can certainly be a security issue with every firewall and router. Literally every rout...
-
-
Please stop misclassifying it as not a security issue.
Sorry you feel your responses here are a waste of your t... -
- It truly is impossible to securely resolve. You won't find anything that has a secure solution for encrypting such pa...
-
-
The point is that you should not be saying it is not a security issue. Rather that it is by design due to lack of... -
- you can call it anything you want, the reality is it's impossible to store such passwords in a hashed or encrypted ma...
-
- I can probably add that flag if a Null route is involved. Let me check
Try now. -
- this one works, but it's a bit ugly. the -reject or -blackhole might be nicer.
traceroute and ping loop at the pfs...
06/07/2012
-
-
You have stated that it is not a security issue. It clearly is. Not doing anything about it does not change that... -
- we have the ability to encrypt backups, that's what you should do. It's impossible to securely encrypt such passwords...
-
-
I did read the link. And it is still a security issues. Lack of interest in resolving it does not change the fac... -
- read the link. There are no alternatives for such passwords.
-
-
Just because it is by design does not mean it is not a security issue. Saving account passwords in plain text is ... -
- by design, not a security issue.
http://doc.pfsense.org/index.php/Why_are_some_passwords_stored_in_plaintext_in_con... -
-
Dynamic DNS account password is saved as plain text in XML config and backup files.
-
- Okay, you can set gateway IP addresses from the command line now. See config:c63e3594 and config:d23b53eb.
Puntin... -
- This is what you will now see:...
-
- > Note that http://dhcp and http://dhcp6 are not valid, it appears to be almost right.
> http://192.168.2.254:/
>... -
- Another new feature for the console menu to clarify console configuration. With the last as it is now, it is hard to ...
-
- > Tried to set to dhcp6 again, still set to Static IPv6. I think it's not setting the tag.
I'm actually going to j... -
- > When configuring interface WAN for dhcp6 it does not set $config['interfaces']['wan']['ipaddrv6'] to dhcp6. Are you...
-
- > When configuring interface WAN, as dhcp and dhcp6 I get the url http://dhcp/ displayed
Now should be showing IPv6 ... -
06:20 PM Bug #2475 (Resolved): Connection rate limiting does not work for Captive Portal
- Using pfSense 2.0.1. Installation of pfSense as a CP at a big exhibition fair failed because the connection rate limi...
-
05:32 PM Bug #2012: 4th+ CARP member will not work with default automatic skew
- Proposed a fix:
https://github.com/bsdperimeter/pfsense/pull/127
This will make the 4th member work, at the very ... -
- Should be fixed in
commit:1624b5f1e2f6fa8015f24eaa640269c22829fcdb -
- Something in one of the recent changes to pkg_edit.php has broken select_source.
For example, the interface select... -
- We probably want to split them off and keep them tied together.
What Jim and I agreed upon was tabs per interface,... -
- Which traffic graph? Status > Traffic Graphs?
If so, that's generated by the 'rate' program, and it's somewhat limit... -
- Dim: as I previously stated I believe I fixed this issue, but just to be on the safe side, I'm reassigning to you so ...
-
-
- I strongly believe this is the same issue as #2469, fixed in commit:db0d446f.
-
- implemented in commit:140e4bc6
-
- fixed in commit:db0d446f
-
- Confirmed that the latest available snapshot 07-06-2012 17:00 does not have the carp patch. Probably just sheer bad l...
-
- You need a snapshot with a kernel of June 7th or later
-
- if I choose carp int as RA interface, the radvd does not start....
-
- This has been moved to pacakges
06/06/2012
-
- Already fixed in git.
-
06:47 PM Bug #2473 (Rejected): OpenVPN fails to initialize on for either p2p_tls or p2p_shared_key.
- When a P2P mode is selected, OpenVPN fails to start. The logs indicate that the client-connect and client-disconnect...
-
- Needs hooks in gateway monitoring.
If a gateway is down we call pfCtl.... -
- Testing proved that CARP router advertisments work. Excellent.
-
- I've activated the CARP link local patch from Andrew on the 8.3 builds. It appears to work as it should.
I've comm...
06/05/2012
-
- Can you detail how to reproduce this?
The parent is inherited automagically and you do not select it yourself!!!! -
- We can close this, it's working fine as-is since your last fix and there's no reason not to just code around the othe...
-
- For me this is resolved.
Agreed that its easy to skip the non-user tunnels.
If needed be the change to not show the... -
- Its in 2.1
-
- For 2.1 this is solved in newer snapshots.
During transition to 9 this will be solved in more generic way. -
06:57 AM Bug #2446: pfSense fails to queue UDP packets
- Sorry for the delay, here is the file you asked for. The rule question, I guess, is the first one below the comment
... -
- applied that change to the other gateway lookup functions as well.
-
- This fixes the "different address family" problem...
06/04/2012
-
07:20 PM Bug #2469: Assign interfaces prompt is going WAN -> LAN -> OPT10
- Probably the same with http://redmine.pfsense.org/issues/2310 which I submitted a couple of months ago (you may want ...
-
-
- Seems to work now. Thank you!
-
- Fix applied
-
- the system_routes_edit.php does not allow /128 for a ipv6 route. the largest mask selectable is 127 bits.
running ... -
- ah I forgot you had already added that Jim.
-
- To clarify a little: We already do this on 2.0.2 and 2.1, if you bind the client instance to a CARP VIP, it will not ...
-
- updated with proper description
-
05:35 AM Feature #2472 (Closed): Option to tie OpenVPN client instance to CARP status
- Currently OpenVPN clients on backup CARP status hosts will still send out packets on that CARP IP, breaking that Open...
-
- Managed to track it down on a 2.0.2 RC. Turns out that the re-configure of a existing link brings the interface down ...
-
- there is a typo on line 324 gwlb.inc, but I fixed it by hand (locahost instead of localhost).
function return_gate... -
- Try now
-
- We'll add a option for that.
-
- we have quite a lot of unused ipv4 and ipv6 addresses. we have used to nullroute the large address blocks with our ol...
-
- Seems to work so far, filter.inc code needs to duplicate rules by address families to work for addresses, reply-to an...
06/03/2012
-
- Could be related to the changes from Darren who is working on the console menu.
I'll assign to Darren since he is ...
06/02/2012
-
- After prompting for WAN, then LAN, a current snapshot then asks the user about "Optional 10 interface", instead of "O...
-
- Instead of reporting that a network interface mismatch happened, then proceeding to the assign interfaces prompt, cur...
-
- When creating a new gateway group all gateways are showm, both ipv4 and ipv6. Add some ajax glue that will hide the o...
-
- Checked in support for the ZTE modem stats.
Should be easier to add new ones now too.
Do note that the ZTE modem will... -
- With includes changes ZTE 3G dongle now comes up correctly.
Rewrote the stats utility to poke at the application p... -
- OPtion 2 Set interface IP address.
When configuring interface WAN, as dhcp and dhcp6 I get the url http://dhcp/ disp...
06/01/2012
-
- Andrew working on this
-
- Applied in changeset commit:85a236e9dd5db87197ed6855995da609bf310bff.
-
- Any update on this issue? I haven't tried since it was reported broken.. Its a show stopper for me to update freebsd ...
-
- Thanks, however the captive portal in the latest snapshots doesn't work, I believe there is a bug open about that: 24...
-
- I just checked in more code, and the fix that allows you to actually save the ipprotocol value.
So edit and save t...
05/31/2012
-
- ThorstenK code, posted in forum, works flawlessly for me (I use IPv4 only)
-
- 2.1-BETA0 (i386)
built on Wed May 30 19:35:31 EDT 2012
FreeBSD 8.3-RELEASE-p2
The script IS NOT working for me... -
-
- If you want to make a new ticket for the memory issue I guess you can do that. :-)
-
- Should I still look into the memory issue? My understanding is some of that XML parsing code we've been using has bi...
-
-
- I can confirm that restoring an entire RRD file from a i386 onto a amd64 works as expected. Great work!
I must have ... -
- When trying to restore just the RRD section on a current 31-5-2012 snapshots I get the following error....
-
- Duplicate of #1974
-
- Thus the radius reported bytes-in / bytes-out values are incorrect which leads to incorrect traffic stats recorded fo...
-
- This has been fixed on latest snapshots.
Please try those. -
- I've added code that allows for setting a firewall rule to IPv4+IPv6
Limitations:
- only allows tcp/udp and icmp
... -
- Code checked in, I finally gave in and added a drop down for the internet protocol. There is just too much that could...
-
- Confirmed
05/30/2012
-
-
- Running bcmod() works now.
Thanks. -
- Applied in changeset commit:88165371efbc79fdc0194de26814eacca68d2a5c.
-
- Please put the file on /tmp/rules.debug after anonymizing addresses here to verify what you say.
-
- Its by design that you will not be granted access to the portal if you submitted multiple vouchers and one of them is...
-
- Applied in changeset commit:1710305617db80cde51a961077c3d18959c238d3.
-
- Applied in changeset commit:4dc04853f4588043bd39a6e304cbb33388937744.
-
- Does not seem like the fix is working.
I am running pfSense 2.1 built on April 24 and the reported bytes-in and by... -
- Please use the forum to discuss such issues. If you need to start a new ticket for a new issue, that's fine, but this...
-
12:48 PM Bug #2464: The traffic graph permission does not allow a user to load the graph.
- Actually this is becoming more complicated than I hoped. I gave the user the permission you mentioned, and now graph....
-
- I would like to reopen this as a feature request, then, that Status: Traffic Graph implies Diagnostics: Interface Tra...
-
- You also need to assign the permission for graph.php (the actual graph), which is "Diagnostics: Interface Traffic pag...
-
- I wanted a user to be allowed to view the traffic graph, so I created a user for her, and assigned her only the permi...
-
10:08 AM Feature #1361: DNSMasq, source interface and IPSec VPNs
- Sorry a beginner at this. The patch file was the wrong way around.
-
- Sorry this update has taken so long. I have checked the file still applies and added the capability to handle the _m...
-
- Applied in changeset commit:fec04267ea5303333839a45149e3cc2edc8250ff.
-
- After the last commit, racoon no longer crashes, but now it's listing all tunnels in the 'show-users' output, but non...
-
- For my current configuration and settings issue is fixed.
05/29/2012
-
- Apparently you can do this in jQuery by sticking one line in the file somewhere:...
-
- Doing a diff between config.xml versions, I noticed that my pfsense's password was stored in plaintext format in
<pr... -
- thanks
-
07:53 PM Feature #1241: Custom Dynamic DNS
- This was merged, and can be closed.
-
07:56 PM Feature #336: Option to create lagg under assign interfaces
- *+1* This is important to me. Although, right now I am about to try and figure out how to do it manually since I need...
-
- eg. Gateway of dynamic makes the "Monitor IP" setting reject everything as having a "different Address Family"
Addit... -
- pfSense currently doesn't include the 3G provider I'm using. Here's the provider's data:
Country: Slovenia
Provid...
05/28/2012
-
08:34 PM Bug #2458: Pfsense not registering DNS servers found by PPP
- Using snap built on Mon May 28 10:16:21 EDT 2012 I cannot reproduce the log from using the ppp-linkup (Revision 70317...
-
- My comment may be invalid as I have a different response from snap 2.1-DEVELOPMENT (i386)
built on Mon May 28 10:16... -
- My modem is a Huawei LTE e398
The modified ppp-linkup script fails for me and results in the modem being unrespon... -
- I committed a fixed ppp-linkup script. It looks like what used to be 2 different variables is now a single variable.
... -
- 2.1-DEVELOPMENT (i386) - built May 27 05:31:49 EDT 2012 on i386
If system general DNS settings are left empty no d... -
- The ZTE MF190 I have here doesn't like pfSense at all. Although the /dev/cuaU0.2 responds to AT and is willing to wor...
-
-
- Yep, the GUI bug seems to be fixed.
I can even get an AH tunnel up (but so far no traffic goes through it, but if it... -
- It's supposed to be selectable there for IP Alias type VIPs, so they can ride on top of the carp interface. (As a mea...
-
- Changes have been committed but I still see Carp vips showing up in different places.
E.g. Add a carp vip on the v... -
- Why do you need an empty pass?
-
- Cold boot on the alix with 2.0.2 RC1 works. However, the moment the link goes down it enters the up down cycle simila...
-
- Through some miracle the alias type was not set in the config.
[2] => Array
(
...
05/26/2012
-
- A bit better info now, the i386/amd64 bit was a red herring, it can crash on both. They key factor is that you have t...
-
- Ermal - running the show-users command with no users connected seems to crash racoon with no logged error, just a cor...
-
- I'll check it out as soon as a snapshot is live that incorporates the change...
-
08:41 AM Bug #2455 (Feedback): IPSec Phase 2 settings GUI doesn't take into account AH vs ESP selection properly
- Should be ok now, could you test again ?
Thanks.
Pierre -
-
10:44 AM Bug #1629: invalid state table entries after WAN IP change
- Same deal, 2.0.1-RELEASE and this happens every so often, but not on every IP change. I can delete the 2 state entri...
-
03:20 AM pfSense Packages Bug #2457 (Resolved): Lightsquid 1.8.2 pkg v.2.32 logpath is wrong in lightsquid.cfg
- In my pfSense router:
2.1-DEVELOPMENT (amd64)
built on Mon May 14 10:01:41 EDT 2012
FreeBSD 8.3-RELEASE-p1
...
05/25/2012
-
- There are two things that would massively increase the usefulness of that widget:
a) remember or allow to be confi... -
- Thanks Jim, sorry I was a bit frustrated - not with you guys, with myself for not testing the build before running it...
-
- OK, iff there are PPTP issues, that would be a new/separate ticket. Try to confirm with others on the forum first. Th...
-
- At least I have no annoying error messages anymore and looks like shaping is working, but i need more time to test it...
-
- This bug appears fixed Ermal, BUT the changes seem to have broken the PPTP server *and* traffic shaping still doesn't...
-
- Ok, this is definitely not fixed, I can't make sense of it. Deferring.
-
- Applied in changeset commit:6e0b68bfdea29b2943b6f104373f43cc56537bd8.
-
- On the VPN:IPsec:Edit Phase 2 page there is the section Phase 2 proposal (SA/Key Exchange)
If under Protocol ESP i... -
- Now that the traffic shaper itself is fixed, this is the bug I run up against, LOL. Thanks for your hard work Ermal! ...
-
06:10 AM Bug #2454 (Feedback): Captive portal return wrong authentication URL
- Applied in changeset commit:ac10faad42081ccfe48a37aa9814bc4684ffb701.
-
05:45 AM Bug #2454 (Resolved): Captive portal return wrong authentication URL
- Since the last update "Built On: Sun May 13 02:42:10 EDT 2012" our captive portal doesn't work anymore.
The redir... -
- not a bug, and this isn't a place to ask questions, please post to the forum or mailing list.
05/24/2012
-
- In Interfaces>(assign) you can create a new interface. The first one is WAN, the second is LAN, and then it starts wi...
-
- Additional information:
http://forum.pfsense.org/index.php/topic,49745.0.html
-
11:11 AM Bug #2451: IPv6 rule: 'add network' becomes 'add single host'
- block return in quick on $WIRED inet6 from any to 2a00:1450:: label "USER_RULE: TmpReject YouTube"
-
- can you include what ends up in the /tmp/rules.debug?
-
- I tried to add a reject rule for a range of IPv6 addresses:
"Reject TCP IPv6 to type network 2a00:1450:: CIDR ... -
- Also note, as I wrote in the original post, that ICMP echo request packets are correctly assigned to the queue for sp...
-
- PBX is an alias consisting of two public IP addresses belonging to a public IP subnet defined on the interface opt1 a...
-
- It's igmpproxy doing it. I get it too. As a workaround for myself I have just added igmpproxy to syslog and yes I agr...
-
- I am sorry if I report intended behaviour. But I don't understand why rules of type reject only are allowed with TCP....
-
- Note that a existing rule on a different interface with the same alias actually works and is successfully expanded.
... -
- The following input errors were detected:
mngtports is not a valid start destination port. It must be a port a... -
- I performed more devd.conf changes, the media type is not recognized so I made it act on the _wlan subsystem now.
I ...
05/23/2012
-
- This mostly works.
Just destination which is the system itself needs some more fixes, though its useable. -
- we currently already have rc.newipsecdns which does purging and reloading of tunnels. You can pass the function the o...
-
- Applied in changeset commit:d01de40fa6d6a05e03351f0ccd83c64f82a4a2e5.
-
- I am sorry but you can use no authentication for empty passwords.
It works as its expected. -
- Applied in changeset commit:062676f880878f788315991de861a71ccb86a478.
-
- I wonder if you are not being bitten by the order of events happening.
If PBX has internal LAN addresses than this r... -
- Sorry about that, her it is, properly unformatted:...
-
- yes, the config for the rule in question is:
<rule>
<id/>
- <type>pass</type>
- <interface>opt1</inte... -
- We switched to ntp.org's ntpd so this is no longer of concern.
-
- I just updated a NanoBSD install and it's fine, /tmp is at 0% used. GUI login is OK.
I'd have to guess that squid ... -
12:56 PM pfSense Packages Bug #2449: Console "Filesystem is full" on NanoBSD version
- Apologies for not giving more information Jim. Let me tell you what ive done:
1. I am currently running a build fr... -
- Not nearly enough information here - specifically we need to know at least what size nanobsd image you're running and...
-
- Tried to upgrade the NanoBSD embedded version and now getting an error on console saying /tmp write failed: Filesyste...
-
- With new snapshots this should be resolved.
Issue was patch missing on 8.3 snaps -
- Applied in changeset commit:6805d2d25f75ccb6d9b1da3814ba2244b3e3107e.
-
- I am using it for HAProxy in a virtualized environment where we have two sites which are part of the same vCenter (we...
-
- I am unsure why you'd want more than 3 members!
-
- Applied in changeset commit:35b714597c8947376b350681c361b38e2569747a.
-
- This is the upgrade code existing there.
Normally the section with s///g should have taken care of that.
Probably y... -
- Chapter 7.5 of the "HUAWEI UMTS Datacard Modem AT Command Interface Specification" lists the ^MODE messages to determ...
05/22/2012
-
- may just be bad timing/false alarm... will open if I can reproduce it again.
-
- Packages are not being built on the nightly run properly because snort is causing the build to fail.
Observe:
<pr... -
- Can you detail the rule you say assigns the traffic to your desired queue?
-
- Some extra details:
The floating rule assigning traffic A to the special queue should be set to "apply the action ... -
- Replication instructions:
Create CBQ or PRIQ shaper on WAN interface and create a default queue and another queue ... -
06:19 PM Bug #2447 (Resolved): Duplicated destination IPs in easy rule.
- On snapshot released Tue May 22 08:05:51 EDT 2012
Easy rule adds duplicated "destination" IPs instead of "source"... -
05:10 AM Bug #2409: ipfw - entryzerostats
- in version 2.1.0 (bild 18May2012) an error is confirmed.
-
- This turned out to be a specific issue with ZTE modems and pin lock.
I've switched to a huawei modem and found a g... -
- Ermal - you can put the time to Coltex
-
-
- Still hitting the double master issue in the Xs4all DC carp
-
- $i = 0;
foreach($config['ipsec']['phase1'] as $phase1) {
if($phase1['interface'] == "vip131")
$config['ipsec'][... -
- Because of the vip renaming per interface any IPsec VPN tunnels, or endpoints referencing a CARP vip are now broken a...
Also available in: Atom