Project

General

Profile

Activity

From 10/28/2012 to 11/26/2012

11/26/2012

07:39 PM Bug #1874 (Closed): Captive Portal Login dies on empty input
Chris Buechler
07:36 PM Feature #2240 (Resolved): Find interface subnets and static routes without the routing table in outbound NAT rule generation for reflection
Chris Buechler
07:35 PM Feature #1834 (Resolved): Stateless autoconfig WAN type for IPv6
Chris Buechler
07:30 PM Bug #2638 (Resolved): Captive portal status widget on the Dashboard is not working
Chris Buechler
07:29 PM Bug #2670 (Resolved): Trafic shaping with virtio NIC
Chris Buechler
07:28 PM pfSense Packages Bug #2542 (Resolved): Quagga OSPF GUI produces wrong ospfd.conf
Chris Buechler
07:26 PM pfSense Packages Bug #82 (Closed): dns-server/tiny-dns-package not working after reinstallation
Chris Buechler
07:25 PM pfSense Packages Feature #872 (Needs Patch): Tunnel Information and Control protocol
Chris Buechler
07:24 PM pfSense Packages Bug #2353 (Resolved): squid-reverse installation failure
Chris Buechler
07:22 PM pfSense Packages Bug #719 (Resolved): Squid doesn't use local DNS cache (and fails after WAN failover)
current releases default to 127.0.0.1 in resolv.conf Chris Buechler
07:21 PM pfSense Packages Bug #2608 (Resolved): typo in pfblocker text
Chris Buechler
08:40 AM Revision f1f58a6f: Make this a bit more easier to read
Ermal LUÇI
08:32 AM Revision 0e296bce: No need to duplicate all this code here. If vouchers are enabled just display even the voucher input box along side the user/pass ones.
Ermal LUÇI
04:52 AM Bug #2692 (Resolved): RRD queue graph doe's not stack
Hi
Curently pfsense ovraps areas when drawing queue's. So if last queue is bigger than others, it will cover all ... Marek Grzybowski

11/24/2012

02:49 PM Feature #2599 (Needs Patch): Captive Portal autologin function better than MAC passthrough
Chris Buechler
02:47 PM Feature #2687: Allow GIF interfaces to work with IP aliases
we've been using gif with CARP virtual IPs for ages, works fine. IP aliases don't show in the list Chris Buechler
02:41 PM pfSense Packages Bug #2534 (Closed): OpenVPN authentication fails when using 'domain\username' format.
Chris Buechler
02:40 PM pfSense Packages Bug #2572 (Resolved): bgpd[30274]: /var/etc/openbgpd/bgpd.conf: owner not root or current user
Chris Buechler
02:39 PM pfSense Packages Bug #2575 (Resolved): OpenOSPFd pkg BETA 0.5.2 produces invalid ospfd.conf
Chris Buechler
02:09 PM Bug #2446 (Feedback): pfSense fails to queue UDP packets
The floating rule should be queue, not pass. Rules file isn't accessible, but configs like this are common and work f... Chris Buechler
02:03 PM Feature #177 (Resolved): IPv6 support
we have as feature-complete IPv6 as pretty much anything, and better in ways than many commercial and open source alt... Chris Buechler
01:59 PM Feature #1864 (Resolved): "Start" button for IPsec should be available for IP alias networks
Chris Buechler
01:59 PM Bug #2389 (Feedback): CP asks for a voucher code from MACs in the passthrough list
doesn't appear to be a problem anymore, leaving for feedback for now. Chris Buechler
01:57 PM Bug #2328 (Resolved): Numerous non-CP logs ending up in CP logs
this looks to have been fixed at some point, not seeing that on any of several installs.
Chris Buechler
01:54 PM Bug #2526 (Resolved): Limiter appears to break IPv6 connectivity
Chris Buechler
02:14 AM Bug #2682 (Feedback): User Manager server settings appear/disappear randomly, although they still appear to work in 2.1
can't replicate Chris Buechler
02:06 AM Bug #2463 (Resolved): system_gateways_edit.php rejects correct configurations with dynamic or vpn interfaces
Chris Buechler
02:05 AM Bug #2503 (Resolved): Changing monitor IP results in "The IPv6 monitor address <IPv4 IP> can not be used with a IPv4 gateway'."
Chris Buechler
02:04 AM Bug #2529 (Resolved): Captive Portal does not function after update snap or restart system
Chris Buechler
02:04 AM Bug #2639 (Resolved): Selecting a Country under Interfaces > (assign), PPPs tab, PPP Link type populates provider list with javascript code.
Chris Buechler
02:02 AM Bug #2635 (Resolved): Disabling IPsec leaves SPD
fixed Chris Buechler
02:01 AM Bug #2686 (Resolved): OpenVPN listens on interface address instead of VIP
confirmed working Chris Buechler

11/23/2012

09:09 PM Revision c06bdb94: The context creation and memmber interfaces are only used during rules creation so make that contained only in init_rules and rule creation functions
Ermal LUÇI
08:02 PM Revision 13873bf0: Update copyright
Ermal LUÇI
08:02 PM Revision fad4d451: Update copyright
Ermal LUÇI
08:18 AM Bug #2688 (Feedback): Dynamic DNS IPsec endpoints not allowed through firewall rules
Should be fixed on new snapshots. Ermal Luçi

11/22/2012

04:43 PM Revision 3a4b0147: Resolves #2529. Load the ipfw module before any commands are executed on CP. Also move the filter_load_ipfw() to captiveportal.inc:captiveportal_load_modules() since no other place uses ipfw(4)
Ermal LUÇI
03:04 PM Revision af13aad6: Fix syntax and do not commit late :)
Ermal LUÇI
01:28 PM Revision 744d752b: Merge pull request #266 from phil-davis/master
Fix in/out packet count reporting Ermal LUÇI
12:46 PM Revision 4bdfa5dd: Fix in/out packet count reporting
There were a couple of wrong var names in the code, causing out packet counts to be reported wrong.
Should fix forum ... Phil Davis
10:50 AM Bug #2529 (Feedback): Captive Portal does not function after update snap or restart system
Applied in changeset commit:3a4b01476620d33b6d6200849231398f82e593c7. Ermal Luçi
09:17 AM Revision 080b4ce1: Create these dirs earlier rather than later to avoid the errors reported on http://forum.pfsense.org/index.php/topic,55998.0.html
Ermal LUÇI
09:16 AM Bug #2672 (Closed): Limiters and bridge have issue
Duplicate of #1634 Ermal Luçi
08:04 AM Revision 8eae2d03: Merge pull request #265 from PiBa-NL/outbound_nonat
outbound nat, remove non-applicable translation option 'any' Ermal LUÇI
06:53 AM Revision b164a351: Correct syntax
Warren Baker
05:24 AM Revision ae3f91d8: Fix parentheses matching
Erik Fonnesbeck
03:52 AM Bug #2636 (New): state mismatch issue on enc0 with amd64
no change Chris Buechler
03:04 AM Bug #2645 (Resolved): stristr() warning repeated dozens of times during boot
Chris Buechler
12:09 AM Revision 59ef521d: outbound nat, remove non-applicable option
Pi Ba

11/21/2012

11:16 PM Revision f382c6de: Correct check
Ermal LUÇI
11:07 PM Revision 70e46e62: The pppoe handle script
Ermal LUÇI
09:12 PM Bug #1898: Client Export on 2.0 Release creates corrupted Windows installers
Jim,
Thanks, that did it. c c
09:10 PM Bug #1898: Client Export on 2.0 Release creates corrupted Windows installers
Update the second, it looks like removing the top two lines of the executable down to "on line 525" uncorrupts the exe. c c
09:02 PM Bug #1898: Client Export on 2.0 Release creates corrupted Windows installers
Can you reinstall the package and try again? The server that runs files.pfsense.org was switched the other day and I ... Jim Pingle
08:59 PM Bug #1898: Client Export on 2.0 Release creates corrupted Windows installers
Also, as with the error above, here is the first few line of the generated executable when viewed from notepad:
> W... c c
08:56 PM Bug #1898: Client Export on 2.0 Release creates corrupted Windows installers
This issue is appearing again on 2.0.1 with the new 0.26 client export. Was working previously on 0.24, uninstalled ... c c
07:44 PM Revision 73472985: Well seems its useful at list for bringing a link up with a phone call :)
Revert "Ringback is a feature only for listening on incoming calls which is not supported for now."
This reverts com... Ermal LUÇI
07:40 PM Revision 7e196969: Correct reload of ppp interface after modifications in the assign->ppps section
Ermal LUÇI
04:19 PM Revision d77696d3: Fix typo
Erik Fonnesbeck
03:13 PM Revision a8f538a8: Wrap dir creation for openvpn in a function to reduce duplication, and use the function before places that could potentially write in the dir.
Jim Pingle
03:08 PM Revision ed490bdf: Create directory if it does not exists
Ermal LUÇI
03:05 PM Revision e63f73d1: Presence of a directory does not mean anthing. Just continue up. Pointy-hat: myself
Ermal LUÇI
02:46 PM Bug #2689 (Rejected): Client Export does not work when having multiple OpenVPN enabled
I'm not able to reproduce this. Please start a thread on the forum for a deeper discussion/diagnostic help. I have se... Jim Pingle
11:58 AM Revision 2e62a7c4: Add unset
Ermal LUÇI
11:53 AM Revision 292da16b: Add unset
Ermal LUÇI
11:52 AM Revision c2d97111: Unbreak install_cron_job function so it is actually usable when config['cron'] has no entry. This should remove all those package hand rolled copy/paste functions
Ermal LUÇI
11:49 AM Revision 928d4416: Sprinkle some unsets and s/fopen,fwrite,fclose/file_put_contents/ where it makes sense
Ermal LUÇI
11:38 AM Revision a49784a2: Fix location of banner file for ipsec and also sprinkle some unset to avoid php keeping data in memory
Ermal LUÇI
11:26 AM Revision 14d079b3: Unset config var
Ermal LUÇI
11:24 AM Revision 04f357bc: Remoev spurious \r used here
Ermal LUÇI
11:12 AM Revision f459427f: Ringback is a feature only for listening on incoming calls which is not supported for now.
Ermal LUÇI
09:45 AM Revision 10c7d642: Unbreak the openvpn reading of configs. A dir needs to be executable to be searchable and readble inside. Reported-by: http://forum.pfsense.org/index.php/topic,55934.0/topicseen.html
Ermal LUÇI
08:00 AM Revision ef363bc4: Up the char count to include a port number
Warren Baker
07:55 AM Revision 55e55147: If destination is larger than 15 then truncate it, otherwise blocks like VRRP advertisements push the values out
Warren Baker
07:20 AM Revision 9f9df4ec: remove non-applicable text
Chris Buechler
07:19 AM Revision 8c8a5598: remove non-applicable text
Chris Buechler
07:18 AM Revision 46f10475: Merge pull request #260 from PiBa-NL/outbound_nonat
show difference between outbound NAT and outbound NONAT. Chris Buechler
05:35 AM Revision 2fb54866: Fix special build_commit tag that was broken from previous change to how it read the file with the commit ID.
Backport of c578fb0fc6e768739013df8d7aa19f2616272f18 Erik Fonnesbeck

11/20/2012

09:15 PM Revision 2909d891: add " address" behind the interface nat name
Pi Ba
06:57 PM Feature #2691 (Closed): Truncate description on service status widget
The service status widget becomes unwieldy when the description of a service is long.
I propose to truncate the de... Steve Allison
04:56 PM Feature #2690 (Resolved): Prevent installation of incompatible packages during upgrade
There have been quite a few users who ran into problems when updating from 2.0 to 2.1 with the Widescreen package ins... Cyrill B
04:42 PM Revision 7d3be92f: Honor /var/run path specified in globals.inc. Probably this needs a bit better handling
Ermal LUÇI
04:34 PM Revision 775130e7: Remove openvpn setups since they do not belong here. Also check before removing newsyslog.conf
Ermal LUÇI
04:34 PM Revision 938fc5b0: Create necessary dir and unset conf string after writing to file
Ermal LUÇI
04:26 PM Revision 4b1497d0: Remove sasyncd related code from rc
Ermal LUÇI
04:26 PM Revision 12aeb58f: Remove newsyslog.conf seems its responsible for overrideing ppp.log and gives warnings on bootup
Ermal LUÇI
04:22 PM Revision 9e9bc51c: Remove all previous configurations stored on /var/etc during a bootup to avoid confusion
Ermal LUÇI
04:10 PM Revision 344016a8: Cleanup a bit the syslog generation
Ermal LUÇI
03:55 PM Revision 6a45171d: Its useless to write the debug file always. Put it under g['debug'] belt
Ermal LUÇI
03:50 PM Feature #2588 (Resolved): Import latest Intel Ethernet card drivers for FreeBSD 8-STABLE
Chris Buechler
10:46 AM Feature #2588: Import latest Intel Ethernet card drivers for FreeBSD 8-STABLE
Thank you, I'll test it for a month uptime :)
 Vladimir Suhhanov
07:54 AM Feature #2588: Import latest Intel Ethernet card drivers for FreeBSD 8-STABLE
The suggested fixes have been integrated with
http://redmine.pfsense.org/projects/pfsense-tools/repository/revision... Mathieu Simon
03:15 PM Revision 05e825e7: Correct path even for generated certs for ipsec
Ermal LUÇI
02:57 PM Revision e90950e1: This is not needed here
Ermal LUÇI
02:48 PM Revision 9c61a345: Fix numbering
Jim Pingle
02:45 PM Revision bff167fd: Remove other potential places where someone could select a kernel we no longer ship. Try to improve kernel detection a little more.
Jim Pingle
02:42 PM Revision f16a6220: Fixup kernel detection during upgrade process to ensure someone can't end up with a kernel that doesn't exist any more.
Jim Pingle
02:23 PM Revision c0f613e2: Add these file so they get added during regeneration
Ermal LUÇI
02:13 PM Revision 16dcdff1: Remove exec_raw.php since its gone and add browser.php to the list of matches for Edit File Page
Ermal LUÇI
02:06 PM Revision b71f0cbb: Resolves #2294. Base64 encode the file when sending to the browser same way it is encoded when sent to us. This prevents csrf from mangling things
Ermal LUÇI
02:05 PM Revision 6acfbc6f: Resolves #2294. Base64 encode the file when sending to the browser same way it is encoded when sent to us. This prevents csrf from mangling things
Ermal LUÇI
01:31 PM Revision a6f64d30: Only apply this port check for TCP and UDP.
Jim Pingle
01:31 PM Revision 64307806: While I'm here, allow an ICMP rdr.
Jim Pingle
01:31 PM Revision 6e557fac: Only apply this port check for TCP and UDP.
Jim Pingle
01:05 PM Revision e6a2acc1: No need to do this here - we have a System > Advanced option that already controls this. Revert "Do not allow autocomplete of the password field to avoid security issues:"
This reverts commit 6a68440b8a4fec4b6a5689553e27519e540f2643. Jim Pingle
01:04 PM Revision 14ad84bc: No need to do this here - we have a System > Advanced option that already controls this. Revert "Do not allow autocomplete of the password field to avoid security issues:"
This reverts commit 3dc69d374dcfa39094b0332e2516d3ae68467cfa. Jim Pingle
10:33 AM Revision 96325dba: Up post and upload max sizes for php.ini
Warren Baker
09:19 AM Revision 36f50957: Allow only post action and not get to avoid security problems
Ermal LUÇI
09:19 AM Revision 55344e2c: Allow only post action and not get to avoid security problems
Ermal LUÇI
09:09 AM Revision 3f5f5a2a: Remoev exec_raw.php since its a dangerous page
Ermal LUÇI
09:08 AM Revision 1e5eedbb: Remoev exec_raw.php since its a dangerous page
Ermal LUÇI
08:47 AM Revision d8e73863: Do not process ip options by default this is 2012
Ermal LUÇI
08:46 AM Revision d680caf2: Do not process ip options by default this is 2012
Ermal LUÇI
08:22 AM Revision 3dc69d37: Do not allow autocomplete of the password field to avoid security issues:
Ermal LUÇI
08:20 AM Revision 6a68440b: Do not allow autocomplete of the password field to avoid security issues:
Ermal LUÇI

11/19/2012

09:28 PM Revision 2d314598: Merge pull request #244 from bcyrill/ovpn-alias
Fix: Use specified IP if available Chris Buechler
08:45 PM Bug #2689 (Rejected): Client Export does not work when having multiple OpenVPN enabled
After setting up a second OpenVPN server, I find myself unable to export client configuration for it. Exports still w... Mikkel Høgh
07:23 PM Revision 2004def5: Put these logs under debug since that's their purpose
Ermal LUÇI
07:21 PM Revision 3ac8324f: Put these logs under debug since that's their purpose
Ermal LUÇI
04:54 PM Revision a9157b6b: Correct checking for privileges.
Ermal LUÇI
03:49 PM Bug #2685 (Needs Patch): Unnecessary fields in firewall aliases edit page
the fields that aren't relevant are disabled. No actual bugs here. if you want to submit a merge request to improve t... Chris Buechler
03:47 PM Bug #2674: MTU setting hardcoded 1280 for gif interfaces and in RADVD config
Normally I'd say the local interface MTU, but since there's no MSS clamping on v6 for the time being, probably the WA... Chris Buechler
04:28 AM Bug #2674: MTU setting hardcoded 1280 for gif interfaces and in RADVD config
Indeed I did. Do we want to always advertise the local interface MTU or the WAN MTU? Seth Mos
03:26 PM Bug #2686 (Feedback): OpenVPN listens on interface address instead of VIP
merged Chris Buechler
02:26 PM Revision 589e9633: Fixup gettext/printf call.
Jim Pingle
10:42 AM Revision 0c5c73e5: Add missing $
Ermal LUÇI
10:38 AM Revision d2b9afa5: Correct check to required function
Ermal LUÇI
09:59 AM Revision c9891afe: Commit a revised version of https://github.com/bsdperimeter/pfsense/pull/264.diff
Ermal LUÇI
09:48 AM Revision faea7e10: Merge pull request #259 from PiBa-NL/ipsecNAT
ipsec binat rule not possible if using a subnet together with a single ip so use nat Ermal LUÇI
09:46 AM Revision e0ba24f7: Switch to is_array() check and add curly
Seth Mos
09:45 AM Revision 576b9513: Merge pull request #263 from bcyrill/alias_url_table
Fix: Repopulate address field Ermal LUÇI
09:00 AM Revision 081507eb: Add correct rules for IPv6 tunnel endpoints which differ from the default route.
Seth Mos
08:40 AM Revision 6fb26a17: Add IPv6 support to this function so that IPv6 carp vips can be found
Seth Mos
08:38 AM Revision af661ba8: Do not return here, else we end without any IPsec endoint rules if just one fails.
Seth Mos
04:25 AM Bug #2688 (Resolved): Dynamic DNS IPsec endpoints not allowed through firewall rules
Previously in 2.1 there were rules in rules.debug for allowing IPsec traffic from dyndns hostname IPsec endpoints.
... Seth Mos

11/18/2012

10:47 PM Bug #2684: OpenVPN interfaces cannot be set as usable gateways
I am aware of that. The issue is when pfSense interface IP is set to "none", the gateway doesn't pop up in the firewa... Anonymous
08:35 PM Revision 126f3edd: Merge pull request #261 from PiBa-NL/gateway
gateway monitoring, notifications generated tell affected gateway/group Ermal LUÇI
08:32 PM Revision 3d999ea7: Merge pull request #257 from PiBa-NL/auth
authentication, don't log 'errors' on normal procedure Ermal LUÇI
02:24 PM Revision 578c81b6: Fix: Repopulate field
Cyrill B
01:22 PM Revision a269fed6: ipsec binat rule not possible if using a subnet together with a single ip so use nat
Pi Ba
01:21 PM Revision 9250baaf: show difference between outbound NAT and outbound NONAT.
Pi Ba
01:20 PM Revision 50006cca: gateway monitoring, make the notifications generated clear to tell which gateway/group they are about
Pi Ba
01:18 PM Revision 669332bd: code cleanup, and extra newline for message and rule generation
Pi Ba
01:10 PM Revision 1198abf9: code comment typo ('log_error' should have been 'log_auth')
Pi Ba
01:10 PM Revision 9a98a89e: authentication, don't log 'errors' on normal procedure
Pi Ba
09:20 AM Feature #2687 (Resolved): Allow GIF interfaces to work with IP aliases
The web configuration currently does not support the creation of GIF interfaces that use a virtual IP address.
There... Cyrill B
09:13 AM Bug #2686 (Resolved): OpenVPN listens on interface address instead of VIP
The OpenVPN server listens on the interface address instead of the specific ip address (VIP).
In commit:c1449c9484... Cyrill B
08:54 AM Bug #2685 (Needs Patch): Unnecessary fields in firewall aliases edit page
On the "Firewall: Aliases: Edit" page additional input fields are shown / enabled although they are unused / misleadi... Cyrill B

11/17/2012

10:10 PM Bug #2684 (Rejected): OpenVPN interfaces cannot be set as usable gateways
assigned OpenVPN interfaces, when correctly set as type "none", are automatically filled in correctly on every versio... Chris Buechler
03:20 PM Bug #2684 (Rejected): OpenVPN interfaces cannot be set as usable gateways
I am trying to set a pfSense OpenVPN client instance as a gateway that LAN clients can use. I created an pfsense inte... Anonymous
04:54 PM Revision 969ac0e9: updated pfSense.pot
Vinícius Coque
04:52 PM Revision 52971880: Removing unnecessary gettext function calls
Vinícius Coque
09:48 AM Revision 67179472: Enable io_fast on dummynet to avoid uncessesary loop arounds of packets
Ermal LUÇI
09:48 AM Revision c2947275: Aiming at IPv6 compatibility, do the same tricks on the pfil reorder as for v4. This helps CP work on v6.
Ermal LUÇI
08:53 AM Revision 5ed6d70d: Correct path to certificates as well
Ermal LUÇI
08:51 AM Revision 6590675c: Merge pull request #253 from caseyr232/patch-1
Corrected racoon path to psk.txt. Ermal LUÇI
01:39 AM Revision 5debd85f: Corrected racoon path to psk.txt.
"path pre_shared_key \"{$g['varetc_path']}/psk.txt\";\n\n"; is incorrected, ammended to "path pre_shared_key \"{$g['v... caseyr232

11/16/2012

09:29 PM Revision 66f445c3: To allow limiters to work correctly on mutliwan for now enforce selecting a gateway on outgoing
Ermal LUÇI
09:28 PM Revision fbc75dd5: To allow limiters to work correctly on mutliwan for now enforce selecting a gateway on outgoing
Ermal LUÇI
04:09 PM Revision b3f1ef16: Merge pull request #252 from ogunacik/RELENG_2_0
Control whether text and node variables are not null. Ermal LUÇI
03:32 PM Revision 772ba790: it was giving error at firebug
ogun acik
02:25 PM pfSense Packages Bug #2683 (Rejected): Instalação SquidGuard
that file is there and downloadable, something wrong with your Internet connectivity from that system Chris Buechler
02:16 PM pfSense Packages Bug #2683 (Rejected): Instalação SquidGuard
Beginning package installation for squidGuard...
Downloading package configuration file... done.
Saving updated pac... Daniel Anes
01:03 PM Bug #2682 (Closed): User Manager server settings appear/disappear randomly, although they still appear to work in 2.1
After creating an LDAP server under the User Manager and configuring it, the settings appear to visually revert to an... Quinten Steenhuis
10:26 AM Revision b4227df6: Only openvpn networks need to stay on negate table
Ermal LUÇI
09:27 AM Revision c7a7a4ee: Update usr/local/www/vpn_ipsec_phase1.php
Correct missing $ Ermal LUÇI

11/15/2012

09:54 PM Revision 31fcd0bd: Add extra safety belts here.
Jim Pingle
06:38 PM Revision 0450342b: This gets called in filter_configure_sync() already
Warren Baker
06:29 PM Revision 993f97dc: Remove none per Jim since it is confusing
Ermal LUÇI
02:32 PM Revision 73ebd062: Remove preload.php which warmed the caches. IT hurts on embedded and really does not help that much
Ermal LUÇI
02:30 PM Revision 991fc85d: While here check if the function needed exists to avoid a require_once call. (Microoptimization)
Ermal LUÇI
02:27 PM Revision db44954c: For destination tolerate a 0.0.0.0/0 and convert it to any
Ermal LUÇI
02:15 PM Revision 86672d44: Correct the destination for the binat to the real destination
Ermal LUÇI
02:12 PM Revision 44bf5c01: Tune the binat a bit so it does not affect all traffic on enc but just for the configured ph2
Ermal LUÇI
12:26 PM pfSense Packages Bug #2681: Squid 3 in pfsense 2.1 Beta
Please use the forum to report issues with packages. Package maintainers do not always monitor this system, but they ... Jim Pingle
12:19 PM pfSense Packages Bug #2681 (Closed): Squid 3 in pfsense 2.1 Beta
Squid doesn't honor custom proxy options Rodrigue Alahassa
10:41 AM Revision eff0526e: Not sure why this has been hidden so deep but putting that in the right place should help with error displayed related to HEADER already sent in PHP errors.log
Ermal LUÇI
04:20 AM Revision 9f40c982: Merge pull request #250 from phil-davis/master
Enhance reporting and changing read-write setting on nanoBSD Jim Pingle
04:00 AM Revision 41cc7a54: Enhance reporting read-write setting
If the user has already selected Current Read/Write Status to be Read-Write, then they also choose Permanent Read/Wri... Phil Davis
03:50 AM Revision 96cecadb: Add refcount_read to util.inc
Add refcount_read so other code can easily find out how many things have the file system mounted. Phil Davis
01:37 AM Revision dbbc7307: Fix typo
Jim Pingle
01:31 AM Revision 1213f83c: Re-add WOL to the services menu, it apparently disappeared in an earlier commit.
Jim Pingle

11/14/2012

09:15 PM Revision bfd4a79e: Allow not setting group authentication
Ermal LUÇI
09:14 PM Revision 35feefd6: Remove accidental copy/pasto
Ermal LUÇI
09:01 PM Bug #1310: Check pakcage .inc files before including to avoid potential breakage
Possible solution, though I may be naive about thee details and exact implementation of future package managers. Howe... Stilez y
08:46 PM Revision 936fc874: For local users check the necessary priviledge is granted
Ermal LUÇI
07:59 PM Revision 0aee7a76: Correct Select button when no ca_ref is defined
Ermal LUÇI
07:46 PM Bug #2231: Dashboard: Traffic Graph: Unable to save settings
it's only fixed and only will be fixed in 2.1.
Chris Buechler
06:41 PM Bug #2231: Dashboard: Traffic Graph: Unable to save settings
Still there in 2.0.2 Release.
Cannot update settings in dashboard. Brian Jensen
07:34 PM Revision 842d372c: Add ipsec/* anchor for radius dynamic rules
Ermal LUÇI
07:32 PM Revision 3260b82f: Make it more clear what is the username during syslog
Ermal LUÇI
07:31 PM Revision 52c9f9fa: Allow other system authentication types to be used with ipsec. LDAP/RADIUS/local acc
Ermal LUÇI
10:32 AM Revision 9a6d6728: Remove unused/unuseful tags anymore
Ermal LUÇI
10:27 AM Revision 522f1cc7: Implement a pruning for auto added mac passthrough and vouchers. This allows to prune the added entries logged-in through vouchers
Ermal LUÇI

11/12/2012

10:12 PM Feature #2026: [Patch] Multiple SMTP notice recipients
So as to change mail_reports.inc to send report to multiple addresses
--- /etc/inc/mail_reports.inc
+++ /etc/in... Vladimir Poludintsev
08:41 PM Revision 7b229013: Add button to switch between read/write and read-only on Diag > NanoBSD; Add setting to keep the media read/write at all times; Add indication of ro/rw status on Dashboard.
Jim Pingle
02:05 PM Revision 75de894f: Merge pull request #249 from thomasnoel/RELENG_2_0
cherry-pick last commits to RELENG_2_0 Jim Pingle
02:00 PM Revision 95a3099e: fix last commit (#2679)
Thomas NOEL
02:00 PM Revision 69fec196: Resolves #2679. Correct behaviour when port is null to avoid warnings on error log
Ermal LUÇI
02:00 PM Revision a3882612: Resolves #2678. Merge patch suggedted to stop warnings on PHP_errors.log
Ermal LUÇI
01:54 PM Revision 1bceebd0: Fix variable reference, ticket #2679
Jim Pingle
11:44 AM Revision 3f00208a: Resolves #2679. Correct behaviour when port is null to avoid warnings on error log
Ermal LUÇI
11:12 AM Revision 9c59f962: Resolves #2678. Merge patch suggedted to stop warnings on PHP_errors.log
Ermal LUÇI
09:53 AM Revision a3da8f50: Send just line return rather than newline
Ermal LUÇI
08:10 AM Bug #2679: PHP warnings in diag_states_summary.php
Applied in changeset commit:69fec196d4f2a56c3390769c98e56ce4da292069. Ermal Luçi
07:47 AM Bug #2679: PHP warnings in diag_states_summary.php
I think there is an error in the commited patch : "if (!portarr)" instead of "if (!$portarr)"
(and yes, I start us... Thomas NOEL
05:50 AM Bug #2679 (Feedback): PHP warnings in diag_states_summary.php
Applied in changeset commit:3f00208a0851ab37626a1ca39a644846964f6c18. Ermal Luçi
05:41 AM Bug #2679: PHP warnings in diag_states_summary.php
I would suggest you to use github for such fixes.
It makes it a lot easier to commit and review patches.
Redmine ... Ermal Luçi
05:38 AM Bug #2679 (Resolved): PHP warnings in diag_states_summary.php
When there is a lot of clients, there is a lot of these warnings in /tmp/PHP_erros.log :... Thomas NOEL
05:46 AM Bug #2678: disk full because of big /tmp/PHP_errors.log
Thanks ! Can you "cherry-pick" the patch on RELENG_2_0 ? Thomas NOEL
05:14 AM Bug #2678 (Resolved): disk full because of big /tmp/PHP_errors.log
Merged, thx for the report. Ermal Luçi
05:03 AM Bug #2678 (Resolved): disk full because of big /tmp/PHP_errors.log
I have a big /tmp/PHP_errors.log on my pfSense 2.0 machine, with line like :... Thomas NOEL
05:43 AM Bug #2680 (Rejected): PHP Fatal error in /tmp/PHP_errors.log
I have this error in /tmp/PHP_errors.log... but I don't know where it comes from, and when it occurs... sorry :-/
... Thomas NOEL

11/10/2012

03:03 PM Bug #2677 (Resolved): Dyndns debug file written with ascii string \n instead of line-feed
The string written to the dyndns debug file encloses the \n in single quotes which means the backslash is not interpr... Lakin Lowrey

11/09/2012

01:11 PM Revision ca7a78d8: Fix interface variable to check against
Jim Pingle
09:42 AM Revision 02593e37: Correctly mark found configuration.
Fixes http://forum.pfsense.org/index.php/topic,54595.0.html Ermal LUÇI
02:36 AM Feature #2676: Reply-to option in firewall rule
It should be more clear from the attached picture.
The network 1.1.1.0/26 should be reachable from the Internet an... Miroslav Novotný
01:44 AM Feature #2676: Reply-to option in firewall rule
Can you describe this more since its a bit of strange unless you have not the same subnet on multiple cards. Ermal Luçi
01:41 AM Feature #2676 (New): Reply-to option in firewall rule
Hello,
I am trying to configure network scenario with multiple path to LAN network (with public IP addresses). I n... Miroslav Novotný

11/08/2012

09:39 PM Revision 0b3a76ca: More fixes to the schedules rules
Ermal LUÇI
06:53 PM Bug #2412: inbound 6to4 traffic does not work in pf
I have a problem which may be related. First, I (now) have no problems initiating traffic inbound to any of my 6to4 a... Lakin Lowrey
01:24 PM Revision 819e9c31: Remove carp nat rule auto generated since those are only applied on LAN(interfaces without a gateway) and its not probably a good thing to do.
Ermal LUÇI
11:40 AM Revision 7466cd71: Do not generate carp NAT rules when in BACKUP/INIT mode
Ermal LUÇI
07:00 AM Bug #2675 (Resolved): /tmp/.rc.prunecaptiveportal.running can be present on boot
This morning after a crash, a /tmp/.rc.prunecaptiveportal.running is present has not been deleted (I think the crash ... Thomas NOEL

11/07/2012

05:24 PM Revision 70addcc5: Cleanup/standardize labels on L2TP config
Jim Pingle
04:34 PM Revision 10b9dfcf: Always create a pipe for any user on CP and if no limit present set it to 0(unlimited). If any limit comes from the sources of reauthentication this limit will be applied without any other consequences
Ermal LUÇI
03:19 PM Revision ec091c89: break the loop for none schedule limiters
Ermal LUÇI
12:38 PM Bug #2586: Package Repository URL not honored
Found the problem. The package repo does a lookup for www.pfsense.org and if it fails the package pull completely bai... Rob Fuller
07:45 AM Revision 34811aa7: Merge pull request #247 from mdima/master
Adds "Sort by direction" in the Traffic Graph page Ermal LUÇI
07:07 AM Revision 893fb622: Adds "Sort by direction" in the Traffic Graph page
Added the option to sort IPs by direction in the Traffic Graph page, and
improved the detection of the local network ... Michele Di Maria

11/06/2012

09:31 PM Revision 32837bb4: Use a random exponent for the RSA generation of keys. Its is questionable if its needed to be saved as a value? Ticket #2657
Ermal LUÇI
09:28 PM Revision 9539590c: Use a random exponent for the RSA generation of keys. Its is questionable if its needed to be saved as a value?
Ermal LUÇI
03:36 PM Bug #2657 (Feedback): Potential weakness of the captive portal voucher system (design issue)
For now the exponent has been converted to a random value when generating the keys.
This should mitigate the concern... Ermal Luçi
05:18 AM Bug #2657: Potential weakness of the captive portal voucher system (design issue)
This appears to largely be based, at least the "urgent recommendation" part, on a false premise - that there is a def... Chris Buechler
05:42 AM Revision a8e925c3: revert change to if-bound states since this seems to have broken all kinds of things
Chris Buechler
02:05 AM Bug #2674 (Resolved): MTU setting hardcoded 1280 for gif interfaces and in RADVD config
The MTU setting in the GUI for gif interfaces is ignored, and set to hardcoded or default value of 1280. Likewise, RA... Keenan Tims
01:27 AM Revision d153e9a3: Merge pull request #246 from PiBa-NL/master
sorting improvement 1.2.3.4:123 and *:1234 & update snapshot contents against .sha256 Jim Pingle

11/05/2012

11:54 PM Revision 426fc7d3: table javascript sorting improvement sorttable 1.2.3.4:123 and *:1234 now sort properly.
Pi Ba
10:15 PM Revision 2ab2d8fb: Check update snapshot contents against .sha256 instead of .md5
Pi Ba
01:06 PM Revision 19588eae: Merge pull request #245 from ogunacik/RELENG_2_0
fixed paths Jim Pingle
12:35 PM Revision 83272466: fixed paths
ogun acik

11/04/2012

05:48 PM Bug #2673 (Closed): Traffic to IPv6 endpoint of IPv6 GRE Tunnel over IPv4 IPSEC causes receiving end to crash
Issue:
Traffic going across an IPv6 GRE tunnel running over a tunnelled IPv4 IPsec VPN to the LAN IPv6 address of th... Graeme Bragg

11/03/2012

09:41 PM Revision d7a0c22a: Fix: Use specified IP if available
Cyrill B

11/02/2012

03:06 PM Revision 7e669778: Make a function to get the current theme and use it everywhere rather than duplicating code or missing functions. (Fixes forced themes using the wrong theme for login screen)
Conflicts:
etc/inc/util.inc
usr/local/www/head.inc Jim Pingle
02:50 PM Revision 1e1e1ec8: Make a function to get the current theme and use it everywhere rather than duplicating code or missing functions. (Fixes forced themes using the wrong theme for login screen)
Jim Pingle
04:29 AM Revision 158f0e7d: Don't resync openvpn if rc.newwanip is being run on an openvpn interface, to avoid a loop.
Jim Pingle

11/01/2012

01:16 PM Bug #2306: USB ports show up as network interfaces
I'd much rather just set that in loader.conf by default, the fewer kernel patches the better. Chris Buechler
11:19 AM Bug #2306: USB ports show up as network interfaces
Maybe just patch it to give a default value of 1 to disable it in kernel? Ermal Luçi
12:53 PM Bug #2671 (Resolved): Call to undefined function read_layer7_config
Chris Buechler
12:28 PM Bug #2671: Call to undefined function read_layer7_config
I can confirm that it's working. Peter O
11:18 AM Bug #2671 (Feedback): Call to undefined function read_layer7_config
Already fixed here https://github.com/bsdperimeter/pfsense/commit/e8f35171571cf6d5e13d821d9b6b65c8060fc790 Ermal Luçi
03:52 AM Bug #2671 (Resolved): Call to undefined function read_layer7_config
Full error is: Fatal error: Call to undefined function read_layer7_config() in /etc/inc/filter.inc on line 843
Happe... Peter O
09:21 AM Revision e8f35171: Include shaper.inc here to have all the function dependency work.
Ermal LUÇI
04:57 AM Bug #2672 (Closed): Limiters and bridge have issue
The dummynet patch for pf(4) needs tuning to work properly for bridging.
It should set PROTO_IFB | DIR_FWD Ermal Luçi

10/31/2012

11:40 PM Revision 8462bfdc: Fix this browser check
Erik Fonnesbeck
11:27 PM Revision cf205dca: Resolves #2670. Mark vtnet interfaces as altq capable.
Ermal LUÇI
11:16 PM Revision 50100234: Add missing line ending to fix pf syntax error.
Erik Fonnesbeck
10:30 PM Revision 073cb45d: Use if-bound states for better features
Ermal LUÇI
08:15 PM Revision e9456e45: And more encoding...
Jim Pingle
08:05 PM Revision 8ec9cba4: Still more encoding...
Jim Pingle
08:01 PM Revision 313a14f7: More encoding...
Jim Pingle
07:53 PM Revision 8db87547: Encode this before showing it.
Jim Pingle
07:51 PM Revision a138f065: Encode parameters before showing them to users.
Jim Pingle
07:44 PM Revision ac4cbc15: Encode some more parameters before showing them to users.
Jim Pingle
06:30 PM Bug #2670 (Feedback): Trafic shaping with virtio NIC
Applied in changeset commit:cf205dca239bc0f32f81c1df74d76478dc07747f. Ermal Luçi
06:07 PM Bug #2670 (Resolved): Trafic shaping with virtio NIC
I'm running 2.1 snapshot (Oct 25 2012) with virtio NIC (KVM guest). I had to modify /etc/inc/interfaces.inc to be abl... Daniel Berteaud
06:24 PM Revision 7cf76e8b: Encode the interface parameter before using it in a redirect
Jim Pingle
06:23 PM Revision bb33a337: Encode the interface parameter before using it in a redirect
Jim Pingle
06:06 PM Revision e653b6e1: Encode the if parameter before using it in redirects, too.
Conflicts:
usr/local/www/firewall_rules.php Jim Pingle
06:02 PM Revision ee898155: Encode the if parameter before using it in redirects, too.
Jim Pingle
06:02 PM Revision 52ab0384: Encode the if parameter before using it in html
Jim Pingle
06:01 PM Bug #2669 (Resolved): Captive portal: missing / in redirect URL
Running 2.1 snapshot from Oct 25 2012, the redirect URL after authentication is wrong (missing the / between host and... Daniel Berteaud
06:01 PM Revision abe430cc: Encode the if parameter before using it in html
Jim Pingle
05:39 PM Revision e26e0eac: Escape parameters better when managing tables. Fix test to allow deleting subnet entries as well as IPs.
Conflicts:
usr/local/www/diag_tables.php Jim Pingle
05:33 PM Revision 1457cce5: Escape parameters better when managing tables. Fix test to allow deleting subnet entries as well as IPs.
Jim Pingle
04:54 PM Bug #2524: SNMP only shows one processor on a dual core system
I have a second system that is doing this now too.
When I type dmesg | grep -i cpu it shows:
CPU: AMD Athlon(tm... Jonathan Black
03:52 PM Bug #2398: tftpd and tftp-proxy (inetd?) dies after WAN periodic reset
In /etc/inc/filter.inc around like 1858, try changing the place where it does a kill -HUP on inetd with two commands ... Jim Pingle
03:38 PM Revision 56143f06: Remove debug output
Jim Pingle
03:38 PM Revision 398d29a6: Remove debug output
Jim Pingle
02:49 PM Revision 56befec1: Set the CSRF Magic timeout to the same as the session timeout, so that if a user sets a lower session time, the CSRF magic tokens do not outlive the user's session.
Jim Pingle
01:49 PM Revision 23c3ccb6: Set the CSRF Magic timeout to the same as the session timeout, so that if a user sets a lower session time, the CSRF magic tokens do not outlive the user's session.
Jim Pingle
01:07 PM Bug #1112: IPsec GUI/backend missing RADIUS support
Thanks for response.
Think you that is resolved quickly?
 Jonh Nash
12:39 PM Revision b3a1733d: Update CSRF Magic
Jim Pingle
12:39 PM Revision fcf53c1e: Update CSRF Magic
Jim Pingle
10:23 AM Revision 926c3b8e: Revert "Revert "Do not put the prefix len on the src ip""
This reverts commit 16c95ab93bcfb8d59260aa7564a402a6cec3050d.
This is how it should be for now. See #2665 Ermal LUÇI
09:43 AM Revision 16c95ab9: Revert "Do not put the prefix len on the src ip"
It actually makes sense in IPv6 world
This reverts commit 3b1385a3febf783f48881b7baf61844f8e91209d. Ermal LUÇI
09:37 AM Revision 3b1385a3: Do not put the prefix len on the src ip
Ermal LUÇI
05:20 AM Bug #2665 (Feedback): 'pass out' on gif matches inbound traffic
This is not a mismatch of the rule but just how the system works.
There should be teached to pf(4) route-to for v6 t... Ermal Luçi
04:05 AM Feature #2668 (Resolved): Support aliases in OpenVPN local/remote/tunnel network fields
I put aliases in for each of the networks or related groups of networks around my intranet. These are handy to use in... Phillip Davis
03:42 AM Revision 75e703c4: Merge pull request #243 from phil-davis/master
Replace deprecated split with explode Chris Buechler
03:34 AM Revision 44b1c3e8: Replace deprecated split with explode
Phil Davis
03:32 AM Revision aa2f8cab: Replace deprecated split with explode
Phil Davis
02:59 AM Bug #2667 (Closed): IPv6 on VLANs broken
Some time between September 7 and October 29 IPv6 on VLANs, maybe only in combination with lagg, has broken. The fire... Chris Buechler

10/30/2012

10:35 PM Revision b0bf6bd0: Fixes #2394. If an entry of 0.0.0.0/0 is configured than use the first interface ip matching. Also do a microptimization to not retrieve the interface list every ping host entry
Ermal LUÇI
10:08 PM Revision f85da3b5: Fixes #2300. Take into consideration ip aliases on carp
Ermal LUÇI
10:06 PM Revision e08a5153: Fixes #2300. Add static route even for ip aliases selected to avoid issues.
Ermal LUÇI
05:40 PM Bug #2394 (Feedback): IPsec keepalive doesn't work with 0.0.0.0/0 local subnet
Applied in changeset commit:b0bf6bd017e27f6d8161fe8fff0ba8e6a71f96a3. Ermal Luçi
05:10 PM Bug #2300: Static routes for IPsec peers missing when attached to IP Alias VIP
Applied in changeset commit:f85da3b5828843b8c1a904b05c2f9d612eab1b56. Ermal Luçi
05:10 PM Bug #2300 (Feedback): Static routes for IPsec peers missing when attached to IP Alias VIP
Applied in changeset commit:e08a5153f9a281fdbb3a0cb66fddfea4b23a19a6. Ermal Luçi
04:36 PM Revision d8bddd2a: use the proper array here for VIPs and use some suggestions from the ticket to fix #2645
Jim Pingle
12:25 PM Bug #1112: IPsec GUI/backend missing RADIUS support
There is no script yet, which is why this ticket is still open. Jim Pingle
12:19 PM Bug #1112: IPsec GUI/backend missing RADIUS support
Good evening,
it's possible to have the script file?
I don't understand where make the change.
thanks a lot... Jonh Nash
11:40 AM Bug #2645 (Feedback): stristr() warning repeated dozens of times during boot
Applied in changeset commit:d8bddd2a44ce5776d2dfd3c4db79576e073f5aa0. Jim Pingle
06:54 AM Bug #2441: Setting up a new PPP interface (3g) hangs the webUI
Probably the same as #2433 Xavier Romain
06:36 AM Bug #2398: tftpd and tftp-proxy (inetd?) dies after WAN periodic reset
I've found a workaround long time ago but I forgot to mention here.
- installed Cron package
- added line : "/usr... Xavier Romain

10/29/2012

11:05 AM Bug #2665 (Resolved): 'pass out' on gif matches inbound traffic
traffic coming in on a gif interface wrongly matches the out direction on the gif. For instance this: ... Chris Buechler
08:22 AM Revision fa29a6f0: Mark the pipe/queue with zero(unlimited) bandwidth to allow traffic on the state to flow still or new traffic matching the rule to flow. Dummynet blocks traffic not matchign apipe/flow by default. Reported-by: http://forum.pfsense.org/index.php/topic,54595.msg294734.html#msg294734
Ermal LUÇI

10/28/2012

11:41 AM Feature #2637: Add ability to define dnsmasq cache size
it's already set to the maximum cache size, but is hard coded. Chris Buechler
02:11 AM Bug #2651: traffic RRDs broken after upgrade to 2.1
File paths updated to ease patch application. Patch contents unchanged.
 Norman Back
12:15 AM Bug #2617 (Resolved): resolv.conf missing ipv6
thanks for the follow up Chris Buechler
 

Also available in: Atom