Activity
From 01/05/2014 to 02/03/2014
02/03/2014
-
10:44 PM Bug #3432 (Resolved): PPPoE (WAN) reconnected, WAN does not updated
- I am connected to ISP via PPPoE with dynamic IP. WAN is configured as PPPoE and this configuration was working about ...
-
08:50 PM Bug #3384: NTPd should deny service if the packet spacing violates the lower limits specified in the discard command (CVE-2013-5211)
- The default values with the "limited" parameter specified only allow a client to NTP sync once every 5 seconds OR twi...
-
08:28 AM Bug #3384 (New): NTPd should deny service if the packet spacing violates the lower limits specified in the discard command (CVE-2013-5211)
- Using limited as-is denies access to NTP clients, so this change is not viable. If you try to sync time against ntpd ...
-
08:09 PM Bug #3431 (Closed): IPSec PSK Characters Error
- My first report, hope everything is o.k. with it...
Using german Umlaute in the PSK like ö, ä, ü or ß leads on 2.1... -
02:35 PM Revision 2b8dfa4e: Using "limited" for ntp in this way denies client access. Issue #3384
-
02:34 PM Revision ca79de53: Using "limited" for ntp in this way denies client access. Issue #3384
- 11:17 AM Revision cf3189ff: Merge pull request #897 from N0YB/RELENG_2_1
- XHTML Compliance - Status: System logs: Firewall
-
09:23 AM Feature #1477: IGMPPROXY spamming the main systemlog
- If you make a pull request in GitHub it makes it really easy for the devs to take a look and commit the fix.
-
01:31 AM Bug #3429: Modify anti-lockout pf rule to use "no state"
- May I ask why? I have been running those filter rules (for SSH) for several years on an OpenBSD gateway without any p...
02/02/2014
-
12:10 PM Feature #1477: IGMPPROXY spamming the main systemlog
- Sorry, I forgot to mention. I am using pfSense 2.1-RELEASE (i386) built on Wed Sep 11 18:16:44 EDT 2013 FreeBSD 8.3-R...
-
12:08 PM Feature #1477: IGMPPROXY spamming the main systemlog
- The patch from https://github.com/pfsense/pfsense-tools/blob/master/pfPorts/igmpproxy/files/patch-verbosity-logs does...
-
09:00 AM Bug #3425 (Rejected): Enabling PowerD fails with repeating "kernel: acpi_perf0: Px transition to 774 failed" and "kernel: acpi_perf0: set freq failed, err 6"
- FreeBSD issue outside our control. Likely to work better on 2.2/FreeBSD 10.
https://doc.pfsense.org/index.php/Polic... -
08:59 AM Feature #3427 (Rejected): Shorten 83 second reboot time on NanoBSD class 10 USB device on i3 (2013) PC hardware
- There isn't anything we can do with this. No clue if this is because your ISP is slow to respond on a dynamic WAN, or...
-
08:55 AM Bug #3429 (Rejected): Modify anti-lockout pf rule to use "no state"
- not a good idea.
-
04:04 AM Bug #3429: Modify anti-lockout pf rule to use "no state"
- +1
-
01:13 AM Bug #3429 (Rejected): Modify anti-lockout pf rule to use "no state"
- When flushing states one gets kicked out of pfSense management (HTTP/SSH).
I would suggest to modify the anti-lockou... -
08:54 AM Feature #3430 (Rejected): Service Forwarding: SMTP Forwarding host for each WAN link
- this is easily done with firewall rules, doesn't justify its own config section.
-
04:50 AM Feature #3430 (Rejected): Service Forwarding: SMTP Forwarding host for each WAN link
- Most dutch consumer ISP's don't allow access to TCP port 25 other then on their own network. When having multiple WAN...
-
07:51 AM pfSense Packages Bug #3285: spamd.log corrupt/truncated
- For a 'quick fix' you can apply this patch with patches package:
https://github.com/PiBa-NL/pfsense/commit/9eac9814a...
02/01/2014
-
09:08 PM Bug #3428 (Rejected): Vulnerability: Directory Traversal
- Already reported and fixed several days ago.
-
07:42 PM Bug #3428 (Rejected): Vulnerability: Directory Traversal
- Reference to bug:
http://www.exploit-db.com/exploits/31263/
-
05:43 PM Feature #3427 (Rejected): Shorten 83 second reboot time on NanoBSD class 10 USB device on i3 (2013) PC hardware
- Having current hardware (a 2013 Intel Nuc) running i3-3217U processor, and running pfSense of a class 10 microSDHC de...
-
04:54 PM Feature #3426 (Resolved): NanoBSD shorter F1 boot prompt display
- The boot process of pfSense-2.1.1-PRERELEASE-4g-amd64-nanobsd_vga-20140131-1030.img is approximately delayed by 12 se...
-
01:55 PM Bug #3425 (Rejected): Enabling PowerD fails with repeating "kernel: acpi_perf0: Px transition to 774 failed" and "kernel: acpi_perf0: set freq failed, err 6"
- Running pfSense-2.1.1-PRERELEASE-4g-amd64-nanobsd_vga-20140131-1030.img
on
Intel(R) Core(TM) i3-3217U CPU @ 1.80G...
01/31/2014
-
05:13 PM pfSense Packages Feature #3424 (New): SCEP server
- pfSense provides a variety of functions such as a Firewall, DHCP server, various types of VPN server, and can also ac...
- 04:23 PM Revision be9f7794: Add link to Unbound under the menu item name of 'DNS Resolver'
-
04:15 PM Bug #3423 (Closed): Kernel Panic with Atheros AR9280 chipset
- Hello, I'm using the Compex WLE200NX MiniPCIe card that uses the Atheros AR9280 chipset on pfSense 2.1-RELEASE 64-BIT...
-
11:15 AM Revision 511a51b3: Merge pull request #899 from N0YB/patch-12
- Update shortcuts.inc
-
09:52 AM Bug #1629: invalid state table entries after WAN IP change
- It seems that in recent weeks there have been several related commits in 10-STABLE, e.g.
http://lists.freebsd.org/... - 06:16 AM Revision 472e484c: Update shortcuts.inc
- XHTML Compliance
Shortcuts edit link - r/&id/&id - 02:29 AM Revision 30a58cf8: Couple style vertical-align corrections
01/30/2014
-
11:19 PM Bug #3404: DHCP Server Fails to Start on Interfaces that are Slow to Come Online During Boot
- I performed more testing with different configurations and locations for the wait loop today. My plan was to find wh...
- 05:46 PM Revision f747c08c: Sync pbi_create with pcbsd, add required functions.sh
- 05:46 PM Revision 03734bf7: Remove arch from fall back url since it's a single dir now
- 10:06 AM Revision e2ffc9d3: Dig is no longer available, drill is now the tool
- 10:03 AM Revision 327a4fc6: Make sure unbound starts
- 07:10 AM Revision 8e552911: Some grammer fixes spotted by Phil Davis
-
05:10 AM Bug #3422 (Resolved): Diagnostics > DNS lookup gives spurious results
- In the DNS lookup diagnostics page
Enter "psg.com" and you get:
147.28.0.62/32, nlns.globnix.net./32, rip.psg.com...
01/29/2014
-
09:49 PM Bug #3421: dhcpv6 server Netboot/next-server causes dhcpv6 not to start, and reports an error message.
- working dhcpv6.conf:...
-
09:43 PM Bug #3421: dhcpv6 server Netboot/next-server causes dhcpv6 not to start, and reports an error message.
- I've been fiddling around with this more. Having used ps auxw I found dhcpv6 running as:
"/usr/local/sbin/dhcpd -6 -... -
07:58 PM Bug #3421 (Resolved): dhcpv6 server Netboot/next-server causes dhcpv6 not to start, and reports an error message.
- Attempting to get uEFI boots working across ipv6.
I'm attempting to do this with a private ipv6 range (no native con... - 07:51 PM Revision 8fccab67: Make sure ACLs are saved correctly
- 07:08 PM Revision 519597bc: Reference right service reconfig function
- 07:08 PM Revision 1319d0f3: Add new xml array
- 06:49 PM Revision 9961044a: More html formatting
- 06:42 PM Revision 06b17388: Formatting
- 06:41 PM Revision 13ecf949: Table summary fix
- 06:23 PM Revision 7d8c57cd: Rename ACL file
-
03:28 PM Bug #3420 (Rejected): Phase 1 doesn't start if phase 2 local network doesn't include a locally accessible IP
- There is nothing we can do for that currently. It has to be able to source a ping from the firewall to bring up the t...
-
03:19 PM Bug #3420 (Rejected): Phase 1 doesn't start if phase 2 local network doesn't include a locally accessible IP
- My example to better understand :
- I have an IPsec VPN with the right phase 1 and phase 2 parameters
- In phase 2,... -
03:10 PM Bug #1629: invalid state table entries after WAN IP change
- Still a significant issue - causing random VoIP outages. Would be great to get this fixed.
- 03:07 PM Revision 56a87b19: Add additional functionality for stats and preconfigure variables
- 03:06 PM Revision 3b95d9ec: Add EDNS support for to resolv.conf
- 03:06 PM Revision 7ed0e844: Add GUI components for Unbound
-
03:02 PM Bug #3418 (Rejected): WAN address not updating in NAT
- Duplicate of #1629
-
02:28 PM Bug #3418 (Rejected): WAN address not updating in NAT
- My Asterisk PBX periodically loses contact with my VoIP provider until I reboot pfSense. The symptoms are that the PB...
-
02:38 PM Bug #3419 (Closed): Traffic shaper wizard doesn't properly populate download speed
- I have a 25Mbps down/10 Mbps up VDSL connection.
If I run the traffic shaper wizard and specify:
Connection Upl... - 11:29 AM Revision 923e49b1: Start and configure Unbound on boot
- 11:29 AM Revision 175dc861: Add Unbound service configuration
- 11:27 AM Revision 6671b7cd: Add chroot for Unbound
- 11:27 AM Revision f20afeb6: Add Unbound code
- 11:26 AM Revision 33232486: Add Unbound to the services list
- 09:29 AM Revision 6d9a572d: Add Unbound to the system password and group files
-
09:08 AM Bug #3311: After enabling save password permission racoon die with (core dumped)
- Looks like this might be the same as #3417
-
09:06 AM Bug #3417 (Resolved): racoon crashes after mobile xauth login with fourth DNS server configured
- If Mobile IPsec is configured to push DNS servers to clients, and you have four DNS servers configured, racoon will c...
-
07:07 AM Bug #3415 (Rejected): vnstat2 not working after pfsense 2.1 upgrade
- Duplicate of #3203
-
12:34 AM Bug #3415 (Rejected): vnstat2 not working after pfsense 2.1 upgrade
- Hi,
I upgraded to Pfsense 2.1 from Pfsense 2.0.3 and now vnstat2 is no longer working
My issue is similar to th... -
05:45 AM Bug #3416 (Resolved): [PATCH] PPP/PPPoE link settings not shown
- There is a bug in the Javascript which prevents the per-interface settings for bandwidth/MTU/MRU/MRRU from being show...
- 12:50 AM Revision d2848453: Include these check boxes.
-
12:31 AM Bug #3250: problems with ixgbe driver in pfsense 2.1 release
- kernel panic again even without load:
Tracing pid 12 tid 100075 td 0xffffff000b502460
m_copy_nbufs() at m_copy_nbuf...
01/28/2014
- 07:01 PM Revision 82482a69: Fix typo on variable name, it fixes #3414
- 07:01 PM Revision f4a4bcbc: Fix typo on variable name, it fixes #3414
-
01:00 PM Bug #3414: system.inc variable wrong
- Applied in changeset commit:82482a6937d5c75795aa6df3a0c416e3e6a9a3af.
-
01:00 PM Bug #3414 (Feedback): system.inc variable wrong
- Applied in changeset commit:f4a4bcbc4c45943bbd4734251a145f297a0502d9.
-
12:53 PM Bug #3414 (Resolved): system.inc variable wrong
- /etc/inc/system.inc
@function get_searchdomains() {
global $config, $g;
$master_list = array();
// Rea... -
09:49 AM Feature #3413: CARP interface names in WebGUI
- Looks okay to me.
But I wonder, is there a reason to have "opt1_vip6" visible at all in the WebGUI, when you have ... -
03:16 AM Feature #3413: CARP interface names in WebGUI
- This is a simple change. I think the best way to address this is under the CARP Interface column, have something like...
- 09:37 AM Revision f70adc82: Really fix #3376
- Thanks to Grischa Zengel for spotting the semi-colon at the end of the "if" line that was the real cause. Please als...
- 09:36 AM Revision f71b440b: Merge pull request #896 from phil-davis/master
- Really fix #3376 Alias Edit does not display correctly
-
07:01 AM Bug #742: apinger doesn't recover opt wan when connection returns.
- I can confirm this problem. This bug should be reopened.
System:
2.1-RELEASE (i386)
built on Wed Sep 11 18:16:44... - 06:49 AM Revision 93dcedc1: XHTML Compliance - Status: System logs: Firewall
- An attribute value specification must be an attribute value literal unless SHORTTAG YES is specified
Quote (or escape... -
03:40 AM Bug #3376: Alias Edit does not display correctly
- Applied in changeset commit:f70adc82457c038159b4f8edd775bcf1cc498d03.
-
03:40 AM Bug #3376: Alias Edit does not display correctly
- Applied in changeset commit:f71b440bf16ec3cd8164325f287d8c93b5dfd476.
-
03:40 AM Bug #3376: Alias Edit does not display correctly
- Applied in changeset commit:4dd00d25d5fc3d5a0b73930cf86685d4c1430a2e.
-
03:24 AM Bug #3250: problems with ixgbe driver in pfsense 2.1 release
- looks like kernel panic caused by concurrency in ixgbe driver. i found some patches in freebsd list: http://article.g...
- 03:04 AM Revision 4dd00d25: Really fix #3376
- Thanks to Grischa Zengel for spotting the semi-colon at the end of the "if" line that was the real cause. Please als...
01/27/2014
-
09:03 PM Bug #3376: Alias Edit does not display correctly
- Thanks for spotting that semi-colon - I spent a while trying to work out what going on, and obviously didn't stare ha...
-
05:14 PM Bug #3376: Alias Edit does not display correctly
- The error is the semicolon after
if (set_value == true);
-
05:03 PM Bug #3376: Alias Edit does not display correctly
- With this patch the subnet field won't be disabled like before.
The form uses <select name="address_subnet0" class="... -
07:03 PM Revision 886926e0: Merge pull request #895 from N0YB/RELENG_2_1
- Also make the dialog_output query string option XHTML compliant.
- 06:59 PM Revision 4efc1c8d: Also make the dialog_output query string option XHTML compliant.
-
06:58 PM Revision a43bdc39: Merge pull request #894 from N0YB/RELENG_2_1
- Make select option XHTML compliant for "Number of lines to display".
- 06:45 PM Revision df5501dc: Make select option XHTML compliant for "Number of lines to display".
- http://validator.w3.org/check
"SELECTED" is not a member of a group specified for any attribute
<option value="7" SEL... -
05:15 PM Bug #3250: problems with ixgbe driver in pfsense 2.1 release
- hi,
i test now firewall on my production load.
MBUFs raze detected on heavy arp load, i have more then 3000 serv... -
04:51 PM Bug #3250: problems with ixgbe driver in pfsense 2.1 release
- Hi guys,
If there is anything I can test to help, please let me know.
I can confirm that use case (1) is no lon... -
03:18 PM Feature #3413 (Resolved): CARP interface names in WebGUI
- As mentioned on the forum: https://forum.pfsense.org/index.php/topic,71587.0.html
When you have a lot of CARP inte... - 10:10 AM Revision 2704796a: Merge pull request #893 from N0YB/RELENG_2_1
- The service status icon is not always in a table.
-
08:24 AM pfSense Packages Bug #3400: apcupsd service config does not allow DEVICE to be set
- Unfortunately not for all types you need UPSTYPE and DEVICE.
For example with pcnet, all config needs to be on UPSTY... - 06:53 AM Revision 30469c9b: Missing a couple table element end tags.
- 05:58 AM Revision cd6173f4: The service status icon (get_service_status_icon) is not always in a table.
- So the caller should apply table td element, rather than the function.
Document type does not allow element "td" her...
01/26/2014
-
07:00 PM Feature #3410: Patch: Add Apple Open Directory memberUid support in group lookup
- Pull request added: https://github.com/pfsense/pfsense/pull/892
01/25/2014
- 08:49 PM Revision ec5c28cd: Gateway Monitor Advanced Settings
- Recommended changes made to calculated value input behavior.
Restrict interval to integer of 1 or greater. -
08:06 PM Revision 452eb31e: captive portal, don't generate rules for disabled portal
- 06:26 PM Revision fbdd0466: Obsolete openssl from ports files and also base nsupdate
- 04:56 PM Revision 22cc6582: Fix nsupdate path
-
12:15 PM Todo #3399 (Feedback): Implement a replacement for base nsupdate command for RFC2136 Dynamic DNS
- Added bind99 nsupdate to the builds
- 06:28 AM Revision 3c6787ed: Gateway Monitor Advanced Settings
- Exposes 3 additional apinger configuration options in the gateway monitor advanced section which can either be set ma...
- 01:33 AM Revision c241a3e8: Merge pull request #888 from PiBa-NL/pkg-utils-append-log
- pkg-utils do not clear first part of installation log.
01/24/2014
-
11:14 PM Revision 206c15cc: pkg-utils do not clear first part of installation log.
- 10:33 AM Revision 2ec95f1f: Fix openssl path
-
08:27 AM Bug #3412 (Resolved): serial console output mess on fetch bogons failure
- Tried to upgrade from a previous 2.1.1 snapshot to Thu Jan 23 17:15:05 EST 2014 snapshot on nanobsd x86. All went wel...
-
08:07 AM Bug #3404: DHCP Server Fails to Start on Interfaces that are Slow to Come Online During Boot
- Thanks for the help Ermal. When I try to bounce dhcpd in the rc.newwanip script, I run into a problem where it appea...
-
06:36 AM Bug #3401: Openvpn Server IPV4 generating attribute TUN-IPV6 this right?
- Parameter ends up being weird because openvpn is running with IPV4 and IPV6 not. I think this parameter tun-ipv6 can ...
-
06:29 AM Bug #3402: Bug Interface Virtual Openvpn Route
- Utilization of this type of setting and implementing the shapper trafic in openvpn tunnel individually
-
06:26 AM Bug #3402: Bug Interface Virtual Openvpn Route
- Gilmar Cabral wrote:
> Related bug when and ovpns created virtual interface gateway ipv4 ipv4 and ipv6 route creates... -
02:09 AM Bug #3411 (New): Interfaces and statistics dashboard widgets very slow with large numbers of interfaces
- The interfaces and statistics dashboard widgets cause the dashboard to take minutes to load where a system has a larg...
01/23/2014
-
11:33 PM Bug #3401: Openvpn Server IPV4 generating attribute TUN-IPV6 this right?
- it doesn't hurt anything, but yeah that should likely only be there if the VPN is using IPv6.
-
11:31 PM Bug #3402 (Rejected): Bug Interface Virtual Openvpn Route
- no idea what you're referring to, routes that OpenVPN creates are those you tell it to, and that all works as it shou...
-
11:28 PM Bug #3405 (Rejected): Cross-Site Scripting Vulnerability in system_firmware_check.php
- duplicate of #2952, we'll keep it on that one.
-
11:23 PM Feature #3410: Patch: Add Apple Open Directory memberUid support in group lookup
- could you please submit a pull request on github to master?
-
09:29 PM Feature #3410 (Resolved): Patch: Add Apple Open Directory memberUid support in group lookup
- This is a patch that adds compatibility to do memberUid style lookups used in Apple's Open Directory. Specifically, w...
-
05:43 PM Bug #3408: IPV6 DHCP not disabling on initial setup
- This is what was entered in the config on a fresh install of 2.1 not 2.1.1.
It seems to automatically enter the rang... -
04:15 AM Bug #3408: IPV6 DHCP not disabling on initial setup
- I could not reproduce it on a recent 2.1.1 snapshot. I'm wondering how could it put a range on dhcpv6 if you don't ch...
- 12:05 PM Revision 8467c588: Do not list the same CARP ip as an option for Interface
-
10:19 AM Bug #3407: Changing CARP IP to IP Alias doesn't work until failover is trigered
- That's not something I can duplicate under 2.1 or 2.1.1 built on "Wed Jan 22 04:46:20 EST 2014".
If I change a CAR... -
05:49 AM Bug #3407 (Feedback): Changing CARP IP to IP Alias doesn't work until failover is trigered
- As you mentioned, when moved from CARP (WAN) to an IP alias (using other CARP IP as interface), the IP stops answerin...
-
04:34 AM Bug #3407: Changing CARP IP to IP Alias doesn't work until failover is trigered
- I reproduced it here, will work on a fix.
-
02:52 AM Bug #3409 (Closed): IPv6 gif tunnel not working after reboot on PPPoE
- I have an Alix box with with WAN connected via VDSL PPPoE link and HE IPv6 tunnel configured here. With 2.1.1 pre-rel...
-
02:15 AM Bug #3205: Partial system freeze when disconnecting USB 3G stick
- getting stuck on reboot with active 3g dongle is getting a serious issue for me, i have tried 3 different 3g dongles ...
-
01:02 AM pfSense Packages Bug #3203: vnstat2 not working after pfsense 2.1 upgrade
- Hi,
This is still broken in 2.1.1 Pre-Release
Beginning package installation for vnstat2 .
Downloading package...
01/22/2014
-
07:40 PM Bug #3408 (Closed): IPV6 DHCP not disabling on initial setup
- Installing fresh copy of v2.1 with 1 WAN and 1 LAN adapter. Install to hard drive and after rebooting during initial ...
-
06:31 PM Bug #2952: Unvalidated input during system_firmware_check.php
- While I'm a big fan of the updates going over HTTPS for transport security, I would say that this is a different issu...
-
04:29 PM Bug #2952: Unvalidated input during system_firmware_check.php
- Netgate Pfsense images 2.1p1 and higher upgrade over HTTPS, making this attack more difficult.
-
02:06 PM Bug #2952: Unvalidated input during system_firmware_check.php
- Verified to still be present and exploitable in 2.1p1-RELEASE/nanobsd 4g (Netgate image), by replacing the reported ...
-
01:26 PM Bug #2952: Unvalidated input during system_firmware_check.php
- Hi,
I'd like to bring this issue up again, and increase it's priority to critical or high, as I have verified the ... -
05:12 PM Bug #3407: Changing CARP IP to IP Alias doesn't work until failover is trigered
- The config in the UI looks correct on both the master and the backup (listed as IP Alias in Virtual IPs screen, disap...
-
04:22 PM Bug #3407: Changing CARP IP to IP Alias doesn't work until failover is trigered
- you mean on the secondary, the primary, or both? What does ifconfig look like on both systems afterwards?
-
03:11 PM Bug #3407 (Resolved): Changing CARP IP to IP Alias doesn't work until failover is trigered
- If you change an existing CARP IP Address to an IP Alias it does not work, even after hitting apply. Instead, you ne...
-
03:07 PM Feature #3406 (Needs Patch): Change Virtual IP & CARP Status screens to a tree view
- For those of us that have dozens or more Virtual IPs, it would be helpful to see an alternative view that shows how a...
-
02:30 PM Bug #3404: DHCP Server Fails to Start on Interfaces that are Slow to Come Online During Boot
- Please read my comment on the proper solution.
This is a workaround/hack for your local installation. -
12:43 PM Bug #3404: DHCP Server Fails to Start on Interfaces that are Slow to Come Online During Boot
- I have attached a patch file for /etc/inc/services.inc
This will have the services_dhcpd_configure() function chec... -
10:46 AM Bug #3404: DHCP Server Fails to Start on Interfaces that are Slow to Come Online During Boot
- The proper solution for this is to bounce the dhcpd when the openvpn link comes up.
Check rc.newwanip[v6] script on ... -
10:12 AM Bug #3404 (New): DHCP Server Fails to Start on Interfaces that are Slow to Come Online During Boot
- When the services_dhcpd_configure() function is called during boot, it will skip interfaces that are not fully online...
-
02:22 PM Bug #3405 (Rejected): Cross-Site Scripting Vulnerability in system_firmware_check.php
- Filing this as a new bug so it doesn't fall under the cracks - the unvalidated input bug in #2952 has been verified t...
-
12:32 PM pfSense Packages Bug #3248 (Resolved): NUT package fails to write config to upsd.users
- Thanks
-
12:17 PM pfSense Packages Bug #3248: NUT package fails to write config to upsd.users
- I've been running this patch for over 3 months without issue. For what it's worth, I've also tested against current 2...
-
09:23 AM Feature #1557: Add the Interface descriptions to the OS interface descriptions
- Hi Developers of pfSense.
Is there any status update of this Feature?
2 Years ago the Target version was deleted.
...
01/21/2014
- 06:49 PM Revision 54597012: Replace regex by explode as suggested by Ermal
- 06:40 PM Revision 505d5c7a: Fix typo on variable name
- 06:38 PM Revision 613a94b3: Fix typo on variable name
-
02:58 PM Bug #3147: Adding new interface can cause issues
- https://forum.pfsense.org/index.php/topic,64704.0.html
As far as I'm concerned, it's a bug. Because I have not hi... - 12:38 PM Revision 43045948: Revert "Fix #3350. Do not destroy an interface when it's being disabled"
- Ermal reported issues when changes are made on VLAN parent interface
with this patch. He did other changes and interf... - 12:36 PM Revision d9797fd6: Revert "Fix #3350. Do not destroy an interface when it's being disabled"
- Ermal reported issues when changes are made on VLAN parent interface
with this patch. He did other changes and interf... -
10:13 AM Bug #3242 (Resolved): editing alias url table doesnt show full link
-
10:12 AM Bug #3242: editing alias url table doesnt show full link
- plz mark this as resolved
-
09:43 AM Bug #3345: Openvpn create route ipv6 default Pfsense 2.1
- Chris Buechler wrote:
> OpenVPN creates whatever routes it's configured to create (or that it pulls if pulling is en... -
09:26 AM Bug #3402 (Rejected): Bug Interface Virtual Openvpn Route
- Related bug when and ovpns created virtual interface gateway ipv4 ipv4 and ipv6 route creates automaticament. This bu...
-
09:24 AM Bug #3401 (Resolved): Openvpn Server IPV4 generating attribute TUN-IPV6 this right?
- I think using ipv4 in the openvpn conf should not generate the attribute tun-ipv6 attribute and not load the ipv6 mod...
-
03:31 AM Bug #3350: Disabling and enabling VLAN leaves VLAN interface missing
- It would be better to revert this commit now that interface_cofnigure does the right job at detecting if an interface...
-
12:13 AM pfSense Packages Bug #3400 (Resolved): apcupsd service config does not allow DEVICE to be set
- When configuring the apcupsd service using pfsense, only the UPSTYPE setting can be changed using the gui but not the...
01/20/2014
-
07:42 PM pfSense Packages Bug #2992: Boot problem after upgrade
- This happened to me today. It happened on a fresh install with only bandwidthd and openvpn installed, after I changed...
-
06:59 PM Revision b4d772dc: Correct this i thought i already did. Thanks-to: Phil Davis for spotting
-
03:09 PM Revision d760445e: Do not need to go in the internet world to start a package
-
03:00 PM Revision 44b19298: * Do not call stop service in the start command.
- * Add some more checks into the functions to avoid errors
* Also silence some output that can cause issues - 12:53 PM Revision 770a7759: Fix FreeBSD version detection for 10.x
- 11:36 AM Revision aefc6bc2: Obsolete old ntp binaries
- 11:35 AM Revision c42d721b: Obsolete old ntp binaries
-
07:25 AM Todo #3399 (Resolved): Implement a replacement for base nsupdate command for RFC2136 Dynamic DNS
- Due to FreeBSD 10.x changes, nsupdate is no longer available for inclusion from base. We will need to use a replaceme...
-
03:36 AM Bug #3250: problems with ixgbe driver in pfsense 2.1 release
- Firewall is updated to 2.1.1-PRERELEASE (amd64) built on Sun Jan 19 03:33:57 EST 2014. After boot MBUF status is 32% ...
01/19/2014
-
01:13 AM Bug #3321 (Resolved): IPSEC failure on modem reset, automatic reconnection is broken, must manually restart racoon service
- thanks for the confirmation
-
12:36 AM Bug #3321: IPSEC failure on modem reset, automatic reconnection is broken, must manually restart racoon service
- This problem has been fixed in 2.1.1-PRERELEASE! :)
01/17/2014
-
04:46 AM Feature #3398 (Needs Patch): Notifications - information about errors
- I test the pfsense on HP DL360 G5
CPU: Intel(R) Xeon(R) E5410
Ram: 8GB
Disk controller: P400i (RAID5 4x hdd)
Wh... -
02:50 AM Bug #3205: Partial system freeze when disconnecting USB 3G stick
- i got the same situation as well as with the 3g stick connected if i reboot pfsense then it would just get stuck when...
01/16/2014
-
02:13 PM Revision 93a79543: Bump version
-
01:30 PM Revision 254df317: Merge pull request #887 from brunostein/tracker_firewall_rule
- added input hidden with tracker value
-
12:31 PM Revision 72b774aa: added input hidden with tracker value
-
02:28 AM Bug #3397 (Needs Patch): Cannot load builtin or external firmware for mwl driver
- Hello,
I've tried to get a marvell wireless card to work a long time before posting this.
Here's the output of pf...
01/15/2014
-
05:35 PM Revision fdfa8f43: ports ntp moved to sbin, follow
-
05:28 PM Revision 3d54553b: ports ntp moved to sbin, follow
01/14/2014
- 11:34 PM Revision 096f73b4: Merge pull request #886 from dotike/master
- locale path name clarification
-
09:15 PM Todo #3396 (Resolved): Replace dnsmasq with Unbound
- The replacement of dnsmasq with unbound needs to be completed for 2.2.
-
08:40 PM Bug #3214 (Rejected): bogons/bogonsv6 include stupid things
- #3395 addresses the only problem here. none of that impacts DHCP4 clients.
-
08:39 PM Bug #3395 (Resolved): DHCPv6 client pass rules need to come before bogons
- 8000::/1 is included in Cymru's v6 bogons list. That's sane, since it shouldn't be in the Internet routing table, but...
-
08:17 PM Bug #3394: radvd wrongly binds to *:546 in some circumstances
- I'll provide further details privately to the person working on the issue, it's on a customer system and not somethin...
-
08:16 PM Bug #3394 (Resolved): radvd wrongly binds to *:546 in some circumstances
- I can't seem to determine why, as different systems with seemingly identical radvd.conf files don't consistently disp...
-
07:34 AM Bug #3045: NTPD crash / doesn't come up
- simply one line contining:
-0.056
(or other numbers) -
04:03 AM Bug #3045: NTPD crash / doesn't come up
- Fabio Giudici wrote:
> Good morning
> Just one more question: is it ntpd running in jail/chroot?
>
> Just to ... -
01:01 AM Bug #3045: NTPD crash / doesn't come up
- Good morning
Just one more question: is it ntpd running in jail/chroot?
Just to restrict the issue...but it se... -
07:10 AM Todo #765: Patch: Add custom DHCP configuration
- Hello,
I am aware that this Feature Request is 3 years old but I feel that the last comment by Jonathan Diete is t... -
05:40 AM Bug #2706 (Feedback): Padlock may need some adjustments for FreeBSD 10.x
- Applied in changeset pfsense-tools:commit:3b8d3adb58956d7415f52bcc81cfb1eca84e80b0.
-
03:05 AM Revision 7219bde6: include gettext locales in line encoding list
- portable object (.po) and portable object translation (.pot) files
Signed-off-by: Isaac (.ike) Levy <ike@blackskyres... -
03:05 AM Revision 2459a956: Cleanup- most languages simply need the ascii abreviation.
- Ful country code and encoding was necessary for pt_BR.ISO8859-1, (Brazilian Portuguese), and since it was the first t...
01/13/2014
-
11:14 AM Bug #3045: NTPD crash / doesn't come up
- I see a problem on my 2.1 64-bit system with NTPD that may be related to the issues reported here. Anytime the WAN i...
-
09:50 AM Bug #3045: NTPD crash / doesn't come up
- Fabio Giudici wrote:
> I did just a series of test, and the core dump of ntpd seems strictly related to the presence... - 08:56 AM Revision d2dd5794: updates to license.php
- 08:54 AM Revision c80f2b44: updates to license.php
01/12/2014
-
08:21 AM Bug #2762: PF drops IPv6 packets with fragment header followed by a last fragment only
- And another one on the broken scrub: http://www.freebsd.org/cgi/query-pr.cgi?pr=172648
-
08:16 AM Bug #2762: PF drops IPv6 packets with fragment header followed by a last fragment only
- Erm, guys, what's up with this?! Upstream apparently does NOT intend to fix this in any way, cf. http://www.freebsd.o...
01/11/2014
-
01:26 PM Feature #2358: NAT64 support
- UPVOTE. I really like to be able to run my network with IPv6 only and make legacy IPv4 site available through NAT64.
-
03:38 AM Bug #3045: NTPD crash / doesn't come up
- I did just a series of test, and the core dump of ntpd seems strictly related to the presence of the file /var/db/ntp...
01/10/2014
-
04:41 PM Revision 706ba0e4: Use "disable monitor" in NTP config to mitigate CVE-2013-5211.
-
04:41 PM Revision 3e146089: Use "disable monitor" in NTP config to mitigate CVE-2013-5211.
- 07:40 AM Revision c349f263: Merge pull request #884 from dotike/master
- Phase 1 ja_JA.UTF8 Translation
-
03:08 AM Feature #3393: AS filtering support in aliases
- An example of retrieving facebook ips from their AS number
[code]
whois -h whois.radb.net -- '-i origin AS32934' | ... -
03:06 AM Feature #3393 (Resolved): AS filtering support in aliases
- It would be nice to have an option to define a type of AS number in the aliasesand retrieve all the ips from the whoi...
-
01:38 AM Feature #3377: OAuth2 authentication in captive portal
- there will be publicly-available 2.2 snapshots in the not too distant future. At this point, I think you might be ok ...
01/09/2014
- 08:23 AM Revision 43656206: Should to go master, not RELENG_2_1. Revert "Merge pull request #882 from derelict-pf/cp-nohttpsforwards"
- This reverts commit f8d1587b6e2cd8441fa16733a02af25257fc7708, reversing
changes made to 51922cb793b83bf7d22fdaa47205f... - 08:18 AM Revision f8d1587b: Merge pull request #882 from derelict-pf/cp-nohttpsforwards
- Add checkbox and logic to disable forwarding HTTPS/SSL (Port 443)
-
04:42 AM Feature #3377: OAuth2 authentication in captive portal
- Here is a proof of concept, for a OAuth2 captive portal authentication with Google accounts :
https://github.com/... -
03:05 AM Revision fadfef2b: removing my fork README
- Signed-off-by: Isaac (.ike) Levy <ike@blackskyresearch.net>
-
03:05 AM Revision e424ca74: bug address
- Signed-off-by: Isaac (.ike) Levy <ike@blackskyresearch.net>
-
03:05 AM Revision 93847971: Machine Translation (Phase 1) Complete.
- Next steps:
- generate the .mo files and try loading it up
- Japanese Native Speaker(s) sanity pass through
(roughl... -
03:05 AM Revision 04571fb6: Machine generation used Google Translate API, translate.google.com, and Mort Yao's goog le-translate-cli
- Wrapped some parsing around the following utility by Mort Yao,
https://github.com/soimort/google-translate-cli
Sig... -
03:05 AM Revision fe8747ed: first full machine run
- Signed-off-by: Isaac (.ike) Levy <ike@blackskyresearch.net>
-
03:05 AM Revision a2e31d7d: workspot: great, but this process requires tedious re-running the program.
- Next step: wrap the translation step in a timeout, and print some simple hook in the output so you can find it for th...
-
03:05 AM Revision 5e269b45: workspot: cleanup and continued translation
- Signed-off-by: Isaac (.ike) Levy <ike@blackskyresearch.net>
-
03:05 AM Revision 20c5f316: X-Generator: vim(1), awk(1), sed(1) - for real.
- Signed-off-by: Isaac (.ike) Levy <ike@blackskyresearch.net>
-
03:05 AM Revision 7a716fa2: workspot: trying to speed up machine translation
- Signed-off-by: Isaac (.ike) Levy <ike@blackskyresearch.net>
-
03:05 AM Revision 21e23bc2: workspot: pass through to correct minor syntax
- Signed-off-by: Isaac (.ike) Levy <ike@blackskyresearch.net>
Signed-off-by: Kiyo Takami <foof@blackskyresearch.net> -
03:05 AM Revision 0cd6ed3b: workspot: mechincal first pass
- Signed-off-by: Isaac (.ike) Levy <ike@blackskyresearch.net>
-
03:05 AM Revision f8c3f30d: workspot: continuing with machine translation, several heavily repeated phrases scrutinized
- Signed-off-by: Isaac (.ike) Levy <ike@blackskyresearch.net>
-
03:05 AM Revision 60644dad: workspot: plowing ahead with machine translation
- Signed-off-by: Isaac (.ike) Levy <ike@blackskyresearch.net>
-
03:05 AM Revision 5f01b774: workspot: continuing machine translation first pass
- Signed-off-by: Isaac (.ike) Levy <ike@blackskyresearch.net>
-
03:05 AM Revision c7056c99: workspot: carp and interface bits, continued first pass machine translation
- Signed-off-by: Isaac (.ike) Levy <ike@blackskyresearch.net>
-
03:05 AM Revision 5d2b2df0: workspot: firewall, interfaces, still plowing through machine translation
- Signed-off-by: Isaac (.ike) Levy <ike@blackskyresearch.net>
-
03:05 AM Revision fbf5a7d8: workspot: RADIUS and Captive Portal messages, machine translations
- Signed-off-by: Isaac (.ike) Levy <ike@blackskyresearch.net>
-
03:05 AM Revision cd134df7: Temporary README for GitHub fork
- Signed-off-by: Isaac (.ike) Levy <ike@blackskyresearch.net>
-
03:05 AM Revision 2129ac6a: workspot: country names
- Signed-off-by: Isaac (.ike) Levy <ike@blackskyresearch.net>
-
03:05 AM Revision 826cfb5c: jp syntax change
- Signed-off-by: Isaac (.ike) Levy <ike@blackskyresearch.net>
-
03:05 AM Revision 8908eeed: workspot, continuing to run through with rough human-augmented machine translation
- Signed-off-by: Isaac (.ike) Levy <ike@blackskyresearch.net>
-
03:05 AM Revision 086689be: workspot, continuing to run through with rough human-augmented machine translation
- Signed-off-by: Isaac (.ike) Levy <ike@blackskyresearch.net>
-
03:05 AM Revision 25ae07d0: workspot- plowing through with rough human-augmented machine translation
- Signed-off-by: Isaac (.ike) Levy <ike@blackskyresearch.net>
-
03:05 AM Revision 002722b7: start by copying pt_BR locale
- Signed-off-by: Isaac (.ike) Levy <ike@blackskyresearch.net>
-
03:05 AM Revision 1023edb2: encoding change, and wrapping up LDAP sections rough pass
- Signed-off-by: Isaac (.ike) Levy <ike@blackskyresearch.net>
-
03:05 AM Revision 70d8b7b0: continued cumulative machine translations
- Signed-off-by: Isaac (.ike) Levy <ike@blackskyresearch.net>
-
02:52 AM Bug #3392 (Rejected): Allow to configure different mac addresses for multiple VLANs on same physical interface
- duplicate of #2859.
this isn't the place to ask questions, please take those to the forum or mailing list. -
02:50 AM Bug #3392: Allow to configure different mac addresses for multiple VLANs on same physical interface
- Feature #2859
how to do that coz i have just one nic and 4 VLANS configured on it, 2 WAN and 2 LAN -
02:48 AM Bug #3392 (Rejected): Allow to configure different mac addresses for multiple VLANs on same physical interface
- I had to beg to change the MAC of the provider.
Very important! I can make a few NIC VMware on, but I can not create...
01/08/2014
-
09:18 AM Feature #972: Allow adding gateways outside of interface subnet
- Hi Dan,
I felt in the same trouble, and I the idea I have found to survive reboot is using the ShellCmd package : ... -
07:41 AM pfSense Packages Bug #3391 (Rejected): Quagga OSPF doesn't install properly
- It works fine in a test VM here that never had Quagga, and also in a separate VM that had it previously and reinstall...
-
02:46 AM pfSense Packages Bug #3391 (Rejected): Quagga OSPF doesn't install properly
- Hello,
I have several pfSense firewalls, all having Quagga OSPF and running without issues.
They where installed ... -
05:28 AM Bug #2800: OpenVPN doesn't work properly with intermediate/chained CAs
- You mean you essentially created a cert chain yourself in the Certificate Authority Manager and then it worked?
01/07/2014
-
07:20 PM Feature #3388: Add checkbox and logic to disable forwarding of HTTPS requests to captive portal
- that's reasonable, submit that as a pull request in github and we'll get it merged.
-
04:15 PM Feature #3388: Add checkbox and logic to disable forwarding of HTTPS requests to captive portal
- You're still misunderstanding. If the initial connection by the user prior to CP authentication is to, say, https://...
-
02:19 PM Feature #3388: Add checkbox and logic to disable forwarding of HTTPS requests to captive portal
- Use a signed certificate on your CP!!!
-
10:37 AM Feature #3388: Add checkbox and logic to disable forwarding of HTTPS requests to captive portal
- I believe you are missing the point.
This enables administrators to utilize HTTPS CP authentication, which might b... -
05:05 AM Feature #3388 (Rejected): Add checkbox and logic to disable forwarding of HTTPS requests to captive portal
- Just do not configure https authentication!
-
04:39 PM Feature #3387: process_alias_urltable Frequency
- Ah never mind. I forgot about the ability to change the type on the fly...
-
04:12 PM Feature #3387: process_alias_urltable Frequency
- Shawn Bruce wrote:
> I have created a diff for firewall_aliases_edit.php against the latest git version. Would this ... -
04:11 PM Feature #3387: process_alias_urltable Frequency
- I have created a diff for firewall_aliases_edit.php against the latest git version. Would this be acceptable?
I am... -
04:12 AM Feature #3387: process_alias_urltable Frequency
- A code to upgrade current config to new format will be necessary too
-
03:59 PM Revision 33e72874: Merge pull request #880 from phil-davis/master
- Check for vertical bars in alias detail descriptions
- 03:05 PM Revision 7d14b000: Check for vertical bar at start or end of description
- 02:59 PM Revision 24445691: Check for vertical bars in alias detail descriptions
- The descriptions of each entry in an alias are stored in config.xml as a list delimited by "||". So you cannot have "...
- 10:58 AM Revision 51922cb7: Add 'limited' to ntpd restrict list to workaround CVE-2013-5211. It fixes #3384
- 10:58 AM Revision 6b660731: Add 'limited' to ntpd restrict list to workaround CVE-2013-5211. It fixes #3384
- 09:41 AM Revision 7c2ea0cc: Update reserved_keywords checks to match firewall_aliases_edit
- firewall_aliases_import should have the same checks for reserved names as firewall_aliases_edit
This code should real... - 09:39 AM Revision fe56417f: Merge pull request #879 from phil-davis/master
- Update reserved_keywords checks to match firewall_aliases_edit
-
07:39 AM Bug #3383: Web GUI becomes slow or unusable if the LDAP server used for GUI auth is unreachable
- It seems like maybe the authentication fallback that allows a person to login using local auth when their LDAP server...
-
04:59 AM Bug #3383: Web GUI becomes slow or unusable if the LDAP server used for GUI auth is unreachable
- On pfSense 2.2 you will be able to revert GUI auth backend to Local Database on the same option you use to restore GU...
-
06:51 AM Bug #3389 (Resolved): GUI allows to configure ICMPv4 types for ICMPv6 firewall rules
- When I try to create a firewall rule that handles only certain types of IPv6 ICMP traffic, the interface lets me sele...
-
05:00 AM Bug #3384: NTPd should deny service if the packet spacing violates the lower limits specified in the discard command (CVE-2013-5211)
- Applied in changeset commit:51922cb793b83bf7d22fdaa47205fd59b4d70e87.
-
05:00 AM Bug #3384 (Feedback): NTPd should deny service if the packet spacing violates the lower limits specified in the discard command (CVE-2013-5211)
- Applied in changeset commit:6b6607316481aacaa055f8e4bce2ce1e520d3b1b.
01/06/2014
-
05:09 PM Revision 4410f699: This might also say "icmpv6" here and lead to a bad rule.
-
05:08 PM Revision 0959b4d3: This might also say "icmpv6" here and lead to a bad rule.
-
04:48 PM Feature #3388 (Rejected): Add checkbox and logic to disable forwarding of HTTPS requests to captive portal
- Candidate patch here:
https://github.com/derelict-pf/pfsense/commit/e98daec5960b7ecdd18bc461003df3a18d2adbe7 -
04:45 PM Bug #3340: Captive Portal deletes concurrent sessions even if noconcurrentlogins is not set
- Candidate patch here:
https://github.com/derelict-pf/pfsense/commit/ae6c69833f34d8f14b1c6a9508126905328340bc -
04:42 PM Bug #3124: portal_reply_page called twice in specific circumstance
- Candidate patch here:
https://github.com/derelict-pf/pfsense/commit/4fd56afe541a0a350dfe52b20521a551edd9f276 - 04:11 PM Revision 81f19476: Add an option to force a gateway to be down, it fixes #2847
- 03:02 PM Revision de3987e5: Update reserved_keywords checks to match firewall_aliases_edit
- firewall_aliases_import should have the same checks for reserved names as firewall_aliases_edit
This code should real... -
02:35 PM Revision 30e2adbc: Merge pull request #871 from phildd/master
- Dynamic DNS: List GWGs in Interface to send update from
-
11:35 AM Feature #3387 (New): process_alias_urltable Frequency
- Currently the urltable design only allows for updates on a daily interval and is processed via crontab every 12 hours...
-
10:10 AM Feature #2847 (Feedback): Add a checkbox to flag a gateway as "down"
- Applied in changeset commit:81f1947666ebbe19f1f6579a1e5293c42c6d1c04.
-
09:13 AM Bug #3386 (Closed): apinger not picking up 2nd OpenVPN tunnel
-
07:31 AM Revision 7ad4b9b7: Merge pull request #878 from phil-davis/master
- Bulk Import: fix copy-paste var name error
- 02:43 AM Revision 3b4e6952: Bulk Import: fix copy-paste var name error
01/05/2014
-
11:18 AM Revision b760fd31: Merge pull request #877 from phil-davis/master
- Allow individual line descriptions on alias bulk import
- 09:35 AM Revision 8c470066: Allow individual line descriptions on alias bulk import
- This enhancement allows the user to make a text file of IP addresses, IP subnets and/or IP ranges, like they have alw...
-
08:54 AM Bug #3386: apinger not picking up 2nd OpenVPN tunnel
- I did another reboot and now it worked. You can close this issue (did not find button to close it myself).
-
08:48 AM Bug #3386 (Closed): apinger not picking up 2nd OpenVPN tunnel
- When adding a 2nd OpenVPN tunnel (client side, shared key static setup) and the corresponding Interface and Gateway i...
Also available in: Atom