Activity

30 days up to

From 12/12/2013 to 01/10/2014

04:41 PM Revision 706ba0e4: Use "disable monitor" in NTP config to mitigate CVE-2013-5211.: Jim Pingle
04:41 PM Revision 3e146089: Use "disable monitor" in NTP config to mitigate CVE-2013-5211.: Jim Pingle
07:40 AM Revision c349f263: Merge pull request #884 from dotike/master: Phase 1 ja_JA.UTF8 Translation Chris Buechler
03:08 AM Feature #3393: AS filtering support in aliases: An example of retrieving facebook ips from their AS number
[code]
whois -h whois.radb.net -- '-i origin AS32934' | ... Ermal Luçi
03:06 AM Feature #3393 (Resolved): AS filtering support in aliases: It would be nice to have an option to define a type of AS number in the aliasesand retrieve all the ips from the whoi... Ermal Luçi
01:38 AM Feature #3377: OAuth2 authentication in captive portal: there will be publicly-available 2.2 snapshots in the not too distant future. At this point, I think you might be ok ... Chris Buechler

09:18 AM Feature #972: Allow adding gateways outside of interface subnet: Hi Dan,
I felt in the same trouble, and I the idea I have found to survive reboot is using the ShellCmd package : ... Dédé D
07:41 AM pfSense Packages Bug #3391 (Rejected): Quagga OSPF doesn't install properly: It works fine in a test VM here that never had Quagga, and also in a separate VM that had it previously and reinstall... Jim Pingle
02:46 AM pfSense Packages Bug #3391 (Rejected): Quagga OSPF doesn't install properly: Hello,
I have several pfSense firewalls, all having Quagga OSPF and running without issues.
They where installed ... Johan Braeken
05:28 AM Bug #2800: OpenVPN doesn't work properly with intermediate/chained CAs: You mean you essentially created a cert chain yourself in the Certificate Authority Manager and then it worked? Malte Stretz

07:20 PM Feature #3388: Add checkbox and logic to disable forwarding of HTTPS requests to captive portal: that's reasonable, submit that as a pull request in github and we'll get it merged. Chris Buechler
04:15 PM Feature #3388: Add checkbox and logic to disable forwarding of HTTPS requests to captive portal: You're still misunderstanding. If the initial connection by the user prior to CP authentication is to, say, https://... Chris Linstruth
02:19 PM Feature #3388: Add checkbox and logic to disable forwarding of HTTPS requests to captive portal: Use a signed certificate on your CP!!! Ermal Luçi
10:37 AM Feature #3388: Add checkbox and logic to disable forwarding of HTTPS requests to captive portal: I believe you are missing the point.
This enables administrators to utilize HTTPS CP authentication, which might b... Chris Linstruth
05:05 AM Feature #3388 (Rejected): Add checkbox and logic to disable forwarding of HTTPS requests to captive portal: Just do not configure https authentication! Ermal Luçi
04:39 PM Feature #3387: process_alias_urltable Frequency: Ah never mind. I forgot about the ability to change the type on the fly... Shawn Bruce
04:12 PM Feature #3387: process_alias_urltable Frequency: Shawn Bruce wrote:
> I have created a diff for firewall_aliases_edit.php against the latest git version. Would this ... Shawn Bruce
04:11 PM Feature #3387: process_alias_urltable Frequency: I have created a diff for firewall_aliases_edit.php against the latest git version. Would this be acceptable?
I am... Shawn Bruce
04:12 AM Feature #3387: process_alias_urltable Frequency: A code to upgrade current config to new format will be necessary too Renato Botelho
03:59 PM Revision 33e72874: Merge pull request #880 from phil-davis/master: Check for vertical bars in alias detail descriptions Ermal Luçi
03:05 PM Revision 7d14b000: Check for vertical bar at start or end of description: Phil Davis
02:59 PM Revision 24445691: Check for vertical bars in alias detail descriptions: The descriptions of each entry in an alias are stored in config.xml as a list delimited by "||". So you cannot have "... Phil Davis
10:58 AM Revision 51922cb7: Add 'limited' to ntpd restrict list to workaround CVE-2013-5211. It fixes #3384: Renato Botelho
10:58 AM Revision 6b660731: Add 'limited' to ntpd restrict list to workaround CVE-2013-5211. It fixes #3384: Renato Botelho
09:41 AM Revision 7c2ea0cc: Update reserved_keywords checks to match firewall_aliases_edit: firewall_aliases_import should have the same checks for reserved names as firewall_aliases_edit
This code should real... Phil Davis
09:39 AM Revision fe56417f: Merge pull request #879 from phil-davis/master: Update reserved_keywords checks to match firewall_aliases_edit Renato Botelho
07:39 AM Bug #3383: Web GUI becomes slow or unusable if the LDAP server used for GUI auth is unreachable: It seems like maybe the authentication fallback that allows a person to login using local auth when their LDAP server... Jim Pingle
04:59 AM Bug #3383: Web GUI becomes slow or unusable if the LDAP server used for GUI auth is unreachable: On pfSense 2.2 you will be able to revert GUI auth backend to Local Database on the same option you use to restore GU... Renato Botelho
06:51 AM Bug #3389 (Resolved): GUI allows to configure ICMPv4 types for ICMPv6 firewall rules: When I try to create a firewall rule that handles only certain types of IPv6 ICMP traffic, the interface lets me sele... Andreas Peetz
05:00 AM Bug #3384: NTPd should deny service if the packet spacing violates the lower limits specified in the discard command (CVE-2013-5211): Applied in changeset commit:51922cb793b83bf7d22fdaa47205fd59b4d70e87. Renato Botelho
05:00 AM Bug #3384 (Feedback): NTPd should deny service if the packet spacing violates the lower limits specified in the discard command (CVE-2013-5211): Applied in changeset commit:6b6607316481aacaa055f8e4bce2ce1e520d3b1b. Renato Botelho

11:18 AM Revision b760fd31: Merge pull request #877 from phil-davis/master: Allow individual line descriptions on alias bulk import Ermal Luçi
09:35 AM Revision 8c470066: Allow individual line descriptions on alias bulk import: This enhancement allows the user to make a text file of IP addresses, IP subnets and/or IP ranges, like they have alw... Phil Davis
08:54 AM Bug #3386: apinger not picking up 2nd OpenVPN tunnel: I did another reboot and now it worked. You can close this issue (did not find button to close it myself). Schlomo Schapiro
08:48 AM Bug #3386 (Closed): apinger not picking up 2nd OpenVPN tunnel: When adding a 2nd OpenVPN tunnel (client side, shared key static setup) and the corresponding Interface and Gateway i... Schlomo Schapiro

10:32 PM Bug #2800: OpenVPN doesn't work properly with intermediate/chained CAs: After I posted the above, I have a new idea.
I just copied the Root CA certificate to the Intermediate CA's certif... Tim Lau
10:18 PM Bug #2800: OpenVPN doesn't work properly with intermediate/chained CAs: I am hit with the same bug.
Also, if you set the Peer Certificate Authority to the Root CA, 2 things happen:
1.... Tim Lau
02:49 PM Feature #3385: Accommodate static routes for PPTP connections: correction :
When the VPN reconnects, the static route is not reinstated and must be re-instated to bring the rou... James Mills
02:47 PM Feature #3385 (Closed): Accommodate static routes for PPTP connections: Creating a static route on the pfSense box allows routing from the 10.20.2.0 network back across the (pptp) vpn to th... James Mills
07:00 AM Bug #3384 (Resolved): NTPd should deny service if the packet spacing violates the lower limits specified in the discard command (CVE-2013-5211): ntp.conf(5):
limited
Deny service if the packet spacing violates the lower limits specified
in ... Jeroen Roovers
04:29 AM Bug #3383 (Resolved): Web GUI becomes slow or unusable if the LDAP server used for GUI auth is unreachable: Hy,
This one have been difficult to find.
I set up a ldap server in user manager through the web gui. Everything ... Florent THOMAS

11:54 PM Revision 9dc3f2bb: Happy New Year 2014!: Optimal: Just updating the copyright years;
I wish to all of you all of health, happiness and good luck of earth to ... Valentin Georgiev

04:05 PM Revision 54e81df0: Validate IP address ranges correctly on Alias Bulk Import: The code was there to attempt to validate and implement IP address range lines in Alias Bulk Import e.g.
10.20.0.0-10... phildd
02:12 PM Revision 1b9ab14a: Fix display of CIDR/Update Freq in Alias Edit: Fixes #3376. I have no idea what the "^" characters were meant to do, but removing them makes the CIDR/Update Freq va... Phil Davis
08:13 AM Bug #3376: Alias Edit does not display correctly: I have no idea what I am doing with the jQuery stuff, but I pulled out some "^" marks in pull request https://github.... Phillip Davis
07:54 AM Bug #3376 (Resolved): Alias Edit does not display correctly: I had a 2.1-RELEASE system and GitSync'd to the 2.1 release branch. I was using Alias Bulk Import, but then also real... Phillip Davis

02:39 PM Feature #972: Allow adding gateways outside of interface subnet: Three years and counting... How is this still not implemented / patched?
Oliver K.
01:37 PM Revision e20a0af7: Avoid dashboard divide by zero errors: phildd
01:35 PM Revision 0b5d55b7: Merge pull request #865 from phildd/master: Avoid dashboard divide by zero errors Chris Buechler
12:20 PM Feature #3199: Option to accumulate or not IP addresses in Alias table of FQDNs: Normally this will be fixed when filterdns supports reloading with TTL of the DNS record.
This will come soon. Ermal Luçi
11:49 AM Revision 15183bcb: Avoid dashboard divide by zero errors: phildd
01:28 AM Bug #3373: Sun Quad fast Ethernet ports constantly resetting: I'm guessing it may be fixed already in FreeBSD 10, in which case there isn't anything that needs to be done for 2.2.... Chris Buechler

10:33 PM Bug #3373: Sun Quad fast Ethernet ports constantly resetting: This driver has worked in all previous versions. There are hundreds of units in operations now with this hardware in ... Charlie Singleton
09:09 PM Bug #3373 (Rejected): Sun Quad fast Ethernet ports constantly resetting: we don't control or develop drivers.
https://doc.pfsense.org/index.php/Policy_on_FreeBSD_issues Chris Buechler
11:11 AM Bug #3373 (Rejected): Sun Quad fast Ethernet ports constantly resetting: Using the hme driver in version 2.1 with part# 501-5406-07 Sun Quad Fast Ethernet PCI card. Once configured, the por... Charlie Singleton
01:25 AM Revision e98daec5: Add checkbox and logic to disable forwarding HTTPS/SSL (Port 443): connections to the captive portal if HTTPS logins is enabled. derelict-pf

11:09 PM Revision c71b14fd: Make scripts able to react when called from FCGI with GET method: Ermal LUÇI
10:58 PM Revision a1007e19: Properly detect if an ip is already configured for VIP. Remove useless checks for carp: Ermal LUÇI
06:34 PM Revision 92603e27: Add an option to restore default logout/error/portal custom pages on Captive Portal. Fixes #3362: Renato Botelho
12:40 PM Feature #3362 (Feedback): Add a means to reset CP HTML/Error Page/Logout Page to default: Applied in changeset commit:92603e27d98bb89f63b2c0581f2fad2c39a9b09e. Renato Botelho
11:17 AM Feature #3362 (Resolved): Add a means to reset CP HTML/Error Page/Logout Page to default: While testing #3339 it hit me that we don't have any way to clear the defined pages for a captive portal instance. To... Jim Pingle
11:11 AM Feature #3339 (Resolved): Add a button to allow downloading the Captive Portal HTML text, error text, and logout page text: This works as expected, I can download the raw html/php source of the uploaded CP page. Jim Pingle
11:04 AM Bug #3195 (Resolved): CP MAC allows duplication: This appears to properly check now, adding a duplicate with different case is not allowed and produces an error in th... Jim Pingle
10:55 AM Feature #2416 (Resolved): Hybrid NAT mode that is a mix of Auto+Manual: This all appears to work as expected now. Jim Pingle
10:51 AM Bug #3361: DHCP6 WAN is not obtaining a default gateway: Additional info:
ifconfig shows ACCEPT_RTADV on for the WAN NIC.
Adding the gateawy manually does allow it to w... Jim Pingle
09:54 AM Bug #3361 (Resolved): DHCP6 WAN is not obtaining a default gateway: On a 2.2 image the firewall pulls a WAN IP and even a LAN delegation, but does not get an IPv6 default route.
An i... Jim Pingle
10:44 AM pfSense Packages Feature #3320: HAVP does not honor FW Gateway rules: My bad...
Found a nice piece of documentation for those who like experience this:
http://securite-ti.com/pfSense_We... Orsiris de Jong
10:20 AM Bug #2833 (Resolved): Add a knob to prefer IPv4 over IPv6 for rare situations that require it: This works as expected on 2.2.
With it unchecked, IPv6 is preferred. Check it and try again, it uses IPv4. Unchec... Jim Pingle
09:48 AM Bug #3122 (Resolved): CP Pass-through MAC entry must deny entering the firewall's own MAC address: This appears to work fine, it rejects any firewall MAC I attempt to add. Jim Pingle
08:49 AM Feature #3327 (Resolved): Allow reordering of 1:1 NAT entries: Looks like it all works as expected now, thanks! Jim Pingle
02:28 AM Feature #3199: Option to accumulate or not IP addresses in Alias table of FQDNs: I just double-checked this now that 2.1-RELEASE has been out an running for ages. I have a table of the IPs of all my... Phillip Davis
12:54 AM Feature #3199: Option to accumulate or not IP addresses in Alias table of FQDNs: I just ran into this problem, and I'd consider it a bug that needs to be fixed, not a feature request. I was using a... Steve Reinhardt

Also available in: Atom

pfSense

Activity

Project

General

Profile

pfSense

Activity

Activity

01/10/2014

01/09/2014

01/08/2014

01/07/2014

01/06/2014

01/05/2014

01/04/2014

01/03/2014

01/02/2014

01/01/2014

12/31/2013

12/30/2013

12/29/2013

12/27/2013

12/26/2013

12/24/2013

12/23/2013

12/22/2013

12/21/2013

12/20/2013

12/19/2013

12/18/2013

12/17/2013

12/16/2013

12/15/2013

12/14/2013

12/13/2013

12/12/2013