Project

General

Profile

Activity

From 02/03/2014 to 03/04/2014

03/04/2014

11:47 PM pfSense Packages Bug #3502 (Closed): unbound package updated but not available???
I had unbound 1.4.21_1-i386 installed earlier today and noticed that a new version is out (1.4.21_3). I attempted to... Cyber Jock
11:30 PM Bug #3501 (Resolved): sanity check for PBI installations before uninstalling old pbi package.
I'm using pfsense 2.1-RELEASE-i386. I tried to update Unbound, but the PBI file isn't available for download. The l... Cyber Jock
11:25 PM Bug #3493: mute-replay-warnings doesn't appear to work
Thanks. The captcha image was only showing as a broken image when I tried, now it loads fine. Chris Buechler
07:37 AM Bug #3493: mute-replay-warnings doesn't appear to work
Re: ... please update your email address...
---
Done.
Re: ... the contact page on your website isn't usable as t... B. Derman
11:14 PM Revision f08d2ae7: Merge pull request #994 from N0YB/RELENG_2_1
XHTML Compliance Renato Botelho
09:09 PM Revision 56b490ba: syntax errors corrected
ayvis
08:07 PM Revision 94046ff1: XHTML Compliance
VPN - OpenVPN - Client N0YB
04:42 PM Bug #3500 (Resolved): DHCP Leases List Not Showing Hostname in Some Cases
The DHCP leases list shows a blank in the hostname field for some leases, even though the log shows that a hostname w... David Justl
01:03 PM Revision ebe2b407: Merge pull request #984 from phil-davis/master
Return GWG IP protocol (version) when no gateway IP Renato Botelho
12:52 PM Revision faddd381: Merge pull request #992 from Doncuppjr/master
Add UEFI support to Network Boot options. Renato Botelho
12:47 PM Revision 6c91204d: Merge pull request #993 from N0YB/RELENG_2_1
XHTML Compliance Renato Botelho
11:40 AM Revision bb30d32c: Remove alert confirmation to delete a package, today user need to confirm twice
Renato Botelho
11:40 AM Revision b6096065: Remove alert confirmation to delete a package, today user need to confirm twice
Renato Botelho
11:40 AM Bug #3460 (Resolved): CSRF Protection - Package manager
Renato Botelho
06:50 AM Feature #3490 (Feedback): Update DHCP options for network booting with UEFI
Pull request 992 was merged Renato Botelho
01:38 AM Bug #3250: problems with ixgbe driver in pfsense 2.1 release
that's something to be revisited in 10.x-based releases, as the situation will be different there. Chris Buechler

03/03/2014

09:17 PM Revision cacc258f: XHTML Compliance
VPN - OpenVPN - Server N0YB
09:00 PM Revision ff9c579f: Fix syntax
Renato Botelho
07:21 PM Revision 218a4ffa: s/unlink/unlink_if_exists/
Renato Botelho
07:21 PM Revision 48047e3f: s/unlink/unlink_if_exists/
Renato Botelho
07:20 PM Revision fdb116a9: Put added option in dhcp config instead of dhcpv6 config.
Use empty function instead of <> "" for null test in dhcp network booting config section.
modified: etc/inc... Donald Cupp
06:16 PM Revision de9ac478: Validate if src OR dst have IP address set when protocol is IPv4+v6. Fixes #3499
Renato Botelho
06:15 PM Revision 6bb99c3f: Validate if src OR dst have IP address set when protocol is IPv4+v6. Fixes #3499
Renato Botelho
04:31 PM Revision 2ccaa575: Remove broken 'dynamic6' gateway, we already have ipprotocol to tell us the IP version, leave it more simple using only 'dynamic'. It helps #3484
Renato Botelho
04:31 PM Revision 246950c3: Fix typo on var name
Renato Botelho
04:31 PM Revision d07bc322: Remove broken 'dynamic6' gateway, we already have ipprotocol to tell us the IP version, leave it more simple using only 'dynamic'. It helps #3484
Renato Botelho
04:26 PM Revision bf36dafa: Fix typo on var name
Renato Botelho
01:54 PM Revision d557438a: Merge pull request #990 from N0YB/RELENG_2_1
XHTML Compliance Renato Botelho
01:13 PM Bug #3216 (Resolved): PFSense 2.1 - Captive Portal Zone - is not avaible in user effective privileges
Renato Botelho
01:13 PM Bug #3250: problems with ixgbe driver in pfsense 2.1 release
revert back to 2.1-REL driver don't fix problem with MBUF in 2.1-REL driver. please reopen Zeev Zalessky
12:50 PM Bug #3279 (Resolved): Usermanager: No way to assign permissions to DHCPv6 pages
Renato Botelho
12:49 PM Bug #3350: Disabling and enabling VLAN leaves VLAN interface missing
I reverted it, will leave it as feedback waiting a confirmation from Chris Renato Botelho
12:20 PM Bug #3499: Missing data validation for IPv4+IPv6 rule with IPv4 literal address
Applied in changeset commit:de9ac478b3a846cc4068d21c0cb5cf8f8097e22b. Renato Botelho
12:20 PM Bug #3499 (Feedback): Missing data validation for IPv4+IPv6 rule with IPv4 literal address
Applied in changeset commit:6bb99c3fe0e5510c8c1962f082ef30bf0ab84a81. Renato Botelho
10:43 AM Bug #3499: Missing data validation for IPv4+IPv6 rule with IPv4 literal address
Note: this is with pfsense 2.1 Brian Candler
10:38 AM Bug #3499 (Resolved): Missing data validation for IPv4+IPv6 rule with IPv4 literal address
If you add a rule selected as "IPv4+IPv6", but the source or destination is an IPv4 literal, then it is accepted but ... Brian Candler
10:38 AM Bug #3484: IPv6 - the gateway address does not lie within one of the chosen interface's subnets
I pushed more fixes today, please try tomorrow's snapshot or gitsync it to latest RELENG_2_1 and let me know the resu... Renato Botelho
07:14 AM Revision c10d55ba: Add missing option code for uefi booting
modified: etc/inc/services.inc Donald Cupp
05:59 AM Revision c636d517: Merge branch 'master' of https://github.com/Doncuppjr/pfsense
Donald Cupp
05:47 AM Revision 7023c602: Added support for UEFI booting to Network Booting configuration.
modified: conf.default/config.xml
modified: etc/inc/services.inc
modified: usr/local/www/servic... Charlie Root
01:26 AM Bug #3394 (Resolved): radvd wrongly binds to *:546 in some circumstances
Chris Buechler
01:24 AM Bug #3384 (Resolved): NTPd should deny service if the packet spacing violates the lower limits specified in the discard command (CVE-2013-5211)
limited is not enabled by default (the commits associated with this ticket have been backed out). Everything here is ... Chris Buechler
01:18 AM Bug #3277 (Resolved): GRE Tunnel CIDR drop-down is not limiting choices for IPv4
Chris Buechler
01:17 AM Bug #3225 (Resolved): Captive Portal concurrent users graph is not functional
Chris Buechler
01:17 AM Bug #3331 (Resolved): Rules to pass out traffic for Proxy ARP VIP entries have an incorrect destination
Chris Buechler
01:16 AM Bug #2286 (Resolved): Multiple PPPoE Server do not work
Chris Buechler

03/02/2014

11:42 PM Bug #3200: IPv6 bugs
I can confirm that at least the 2nd bullet point is still valid with the latest snapshot of 2.1.1.... Anonymous
11:25 PM Bug #3200 (Closed): IPv6 bugs
no feedback, I've confirmed elsewhere what I believe to be the root cause of the described problem to be fixed in 2.1... Chris Buechler
11:24 PM Bug #3250 (Closed): problems with ixgbe driver in pfsense 2.1 release
reverted back to 2.1-REL driver which will suffice for 2.1.1. Chris Buechler
11:12 PM Bug #3268 (Resolved): Load balancer needs input validation to prohibit reserved table names
Chris Buechler
11:11 PM Bug #3333 (Closed): usbusX devices show up as NICs.
unable to replicate, no response. Chris Buechler
11:10 PM Bug #3486 (Resolved): crash reporter fails to delete crash report
Chris Buechler
06:09 PM Bug #3498 (Resolved): Wake on Lan Widget no auth needed
Wake on Lan Widget doesn't include "guiconfig.inc", so no auth is required when accessing it remotely, this could lea... Fernando Munoz
04:26 PM pfSense Packages Feature #3497: Zabbix-2 Proxy needs a custom field box.
Wrote up a quick patch to add the feature.
https://github.com/rmiddle/pfsense-packages/commit/2799c464e83a4039e61b... Robert Middleswarth
09:50 AM pfSense Packages Feature #3497 (Resolved): Zabbix-2 Proxy needs a custom field box.
My Discoverers Processes have been 75% busy for the last 6 hours. I need to increase the number of poller processes ... Robert Middleswarth
09:15 AM Bug #3496 (Rejected): NTP monlist Command Enabled
Duplicate of #3384, already fixed. Jim Pingle
08:06 AM Bug #3496 (Rejected): NTP monlist Command Enabled
*Description*
The version of ntpd on the remote host has the 'monlist' command enabled. This command returns a list ... Gerrit Helm

03/01/2014

11:54 PM pfSense Packages Bug #3495: Zabbix2-Agent and Zabbix2-proxy upgrade.
Workaround.
If you can't upgrade Zabbix Agent remove /usr/local/pkg/zabbix2-agent.xml and then you can reinstall... Robert Middleswarth
10:09 PM pfSense Packages Bug #3495 (Resolved): Zabbix2-Agent and Zabbix2-proxy upgrade.
I have several systems 2.0 and 2.1 and running into upgrade issues when I try to move from Zabbix 2.0.4 to 2.2.1 if I... Robert Middleswarth
10:55 PM Revision 3d8e954b: sync up ALTQ-capable interfaces list
Chris Buechler
10:54 PM Revision 263f1c9c: sync up ALTQ-capable interfaces list
Chris Buechler
06:56 PM Revision 0a173e6b: XHTML Compliance
Firewall - Traffic Shaper N0YB
06:38 PM Bug #3481 (Needs Patch): Run-Away processing with hme NICs
ah thanks, I didn't check the link. Driver issues are outside our control. It might be fixed in FreeBSD 10.0, though ... Chris Buechler
06:35 PM Bug #3493 (Feedback): mute-replay-warnings doesn't appear to work
mute-replay-warnings should work fine in general, if it doesn't, it's an issue in OpenVPN itself. I'm not aware of an... Chris Buechler
06:31 PM Bug #3493: mute-replay-warnings doesn't appear to work
B. Derman - could you please update your email address to something that doesn't bounce? I get a slew of bounces from... Chris Buechler
06:07 PM Revision 68169a55: Wrap this in an is_array() test, or else if you have no manually configured DNS servers, saving the DHCP settings produces a PHP error.
Jim Pingle
06:06 PM Revision 3ffc016b: Wrap this in an is_array() test, or else if you have no manually configured DNS servers, saving the DHCP settings produces a PHP error.
Jim Pingle
09:35 AM Revision f8c5358d: Merge pull request #989 from N0YB/RELENG_2_1
XHTML Compliance Renato Botelho
03:56 AM Revision e1002cd2: XHTML Compliance
Firewall - Schedules - Edit N0YB
03:33 AM Bug #2945: Installation stucks at 36%: /usr/local/bin/cpdup -vvv -I -o /usr /mnt/usr
I faced same issue and resolved by disabling multi core processing in the BIOS and enabling virtualization. Inder P. MEEL

02/28/2014

09:01 PM Revision d7f3520f: Merge pull request #988 from N0YB/RELENG_2_1
XHTML Compliance Renato Botelho
08:57 PM Revision 76b1d814: XHTML Compliance
Firewall - Aliases - Edit N0YB
08:52 PM Revision 1aad59d8: Merge pull request #987 from N0YB/RELENG_2_1
XHTML Compliance Renato Botelho
08:25 PM Revision 7d50bd3e: XHTML Compliance
Firewall - NAT - Npt - Edit N0YB
08:25 PM Revision 6d0f5a63: Add an option to verify peers_identifier when it's ASN.1 distinguished name. It should fix #2904
Renato Botelho
06:46 PM Revision dadb4846: Merge pull request #986 from andrespetralli/master
Re-enabling static lease updates Renato Botelho
04:59 PM Revision 3cdef187: Re-enabling static lease updates
Andres Petralli
04:37 PM Revision c468ffb5: Add a file flag to trigger the forced serial or else we may miss it during a firmware update and still end up with an accidentally disabled port.
Jim Pingle
04:36 PM Revision 9904df17: Add a file flag to trigger the forced serial or else we may miss it during a firmware update and still end up with an accidentally disabled port.
Jim Pingle
02:57 PM Feature #2904 (Resolved): Add checkbox or default option for "verify_identifier on;" on IPsec RSA VPNs
Renato Botelho
02:55 PM Feature #2904: Add checkbox or default option for "verify_identifier on;" on IPsec RSA VPNs
Yay! Excellent, works just fine. Doktor Notor
02:30 PM Feature #2904 (Feedback): Add checkbox or default option for "verify_identifier on;" on IPsec RSA VPNs
Applied in changeset commit:6d0f5a635aed336e5d2b6208a07a564b79f8863d. Renato Botelho
02:14 PM Revision b31247af: Small correction for clear code
Ermal LUÇI
02:13 PM Revision 9cca1a4f: Ticket #3484 Correct the case for GRE tunnels as well since they behave the same. GRE seems to need the prefixlen 128 specified all the time so do it explicitly to be on safe side
Ermal LUÇI
02:11 PM Revision cdeaf91e: Ticket #3484 Correct the case for GRE tunnels as well since they behave the same. GRE seems to need the prefixlen 128 specified all the time so do it explicitly to be on safe side
Ermal LUÇI
02:00 PM Revision 088a4eed: Tidy up GWG dropdown selection tests
Tested this making a new rule, and editing existing IPv4, IPv6 and IPv4+Ipv6 rules, and switching the IP version on a... Phil Davis
01:57 PM Revision cd962bb9: Tidy up GWG dropdown selection tests
Tested this making a new rule, and editing existing IPv4, IPv6 and IPv4+Ipv6 rules, and switching the IP version on a... Phil Davis
01:52 PM Revision d2c59808: Ticket #3484 Note that for now prefixlen is useless in ipv6 tunnels. IPv4 accepts them
Ermal LUÇI
01:49 PM Revision c32a6b82: Fixes #3484. Provide a dynamic gateway for gif v6 tunnels so it can be used on firewall rules etc. The guide for setting up this tunnels on docs need to change to leave the gif interface as none type. People upgrading need to fix this themselves with a not on release notes. This can be fixed if the kernel condition is relaxed to allow setting the prefixlen on the tunnel as ipv4
Ermal LUÇI
01:38 PM Revision ddb30ebf: Fixes #3484. Provide a dynamic gateway for gif v6 tunnels so it can be used on firewall rules etc. The guide for setting up this tunnels on docs need to change to leave the gif interface as none type. People upgrading need to fix this themselves with a not on release notes. This can be fixed if the kernel condition is relaxed to allow setting the prefixlen on the tunnel as ipv4
Ermal LUÇI
01:12 PM Revision 95281343: Merge pull request #983 from N0YB/RELENG_2_1
XHTML Compliance Renato Botelho
12:13 PM Revision 1de88429: Ticket #3484 Note that for now prefixlen is useless in ipv6 tunnels. IPv4 accepts them
Ermal LUÇI
11:40 AM Bug #3484: IPv6 - the gateway address does not lie within one of the chosen interface's subnets
OK, back to static IPv6, manually created GW, everything working again. So, assigned GIF interface set to None defini... Doktor Notor
11:23 AM Bug #3484: IPv6 - the gateway address does not lie within one of the chosen interface's subnets
This totally messed up my IPv6 connectivity. Cannot even ping an IPv6 from the firewall due to some nonsense about bu... Doktor Notor
10:20 AM Bug #3484: IPv6 - the gateway address does not lie within one of the chosen interface's subnets
Ah just gitsync to latest code and set the assigned GIF interface to none on the Interfaces configuration screen and ... Ermal Luçi
09:20 AM Bug #3484: IPv6 - the gateway address does not lie within one of the chosen interface's subnets
OK, thanks for investigating. Please, let me know what should be done to test the fixes, kinda confused by the commen... Doktor Notor
07:50 AM Bug #3484: IPv6 - the gateway address does not lie within one of the chosen interface's subnets
Applied in changeset commit:c32a6b82a708149a66c1e477ddc0ba1c54d70440. Ermal Luçi
07:40 AM Bug #3484 (Feedback): IPv6 - the gateway address does not lie within one of the chosen interface's subnets
Applied in changeset commit:ddb30ebfc686165e00f0155e00df16edc17c31c5. Ermal Luçi
06:06 AM Bug #3484: IPv6 - the gateway address does not lie within one of the chosen interface's subnets
After investigation this seems to be an problem of INET6 implementation of FreeBSD.
It does not allow on gifv6 tunne... Ermal Luçi
11:29 AM Revision 0344d76e: Tidy "gateway name - IP" in dropdown list
for 2.1 branch Phil Davis
11:28 AM Revision fa94f1e1: Tidy "gateway name - IP" in dropdown list
While I notice this also, for a plain gateway, the current IP address is also listed in the dropdown list text, like ... Phil Davis
08:10 AM Revision b612c49f: Use return_gateway_groups_array() to build correct GWG list
Version for 2.1 branch Phil Davis
07:48 AM Revision d47e25c7: Use return_gateway_groups_array() to build correct GWG list
Now return_gateway_groups_array() always returns at least the IP version 'ipprotocol' of each GWG, even if all its me... Phil Davis
03:04 AM Revision c6708833: Return GWG IP protocol (version) when no gateway IP - 2.1 branch
Phil Davis
02:54 AM Revision f60003fa: Return GWG IP protocol (version) when no gateway IP
This is a resubmit of an older pull request I had closed. It came up again in the forum, with a user setting up a VM ... Phil Davis
01:51 AM Revision 1541e25f: XHTML Compliance
Firewall - NAT - Outbound - Edit N0YB

02/27/2014

11:38 PM Bug #3494 (Rejected): default deny/block bogons blocks some ipv6 multicast traffic
that's working as it should, you can disable logging for the bogon blocking if you want to silence the logs. There is... Chris Buechler
10:48 PM Bug #3494 (Rejected): default deny/block bogons blocks some ipv6 multicast traffic
With IPv6 enabled, my ISP's default gateway (Comcast) sends an ICMP6 packet (Multicast Listener Report) destined for ... qubit nano
09:03 PM Revision 78c74f9b: Fix #3492, make sure filesystem is read-write
Renato Botelho
09:03 PM Revision 920dbb26: Fix #3492, make sure filesystem is read-write
Renato Botelho
08:50 PM Revision 2658000b: Merge pull request #981 from N0YB/RELENG_2_1
XHTML Compliance Renato Botelho
08:41 PM Revision 813016d2: XHTML Compliance
Firewall - NAT - Port Forward - 1 to 1 - Edit N0YB
04:39 PM Revision c7fbdd6c: Make the IPSec status page work with strongswan
Ermal LUÇI
04:38 PM Bug #3492 (Resolved): nanobsd - group update: Read-only file system
Renato Botelho
03:48 PM Bug #3492: nanobsd - group update: Read-only file system
Thanks, that worked. Doktor Notor
03:10 PM Bug #3492: nanobsd - group update: Read-only file system
Applied in changeset commit:78c74f9b2188e029e0dd331a4cbfc1a9492ffc38. Renato Botelho
03:10 PM Bug #3492 (Feedback): nanobsd - group update: Read-only file system
Applied in changeset commit:920dbb26b19773ae1ef96992ee26ae31293d029e. Renato Botelho
11:52 AM Bug #3492 (Resolved): nanobsd - group update: Read-only file system
... Doktor Notor
03:38 PM Revision 6e8bb592: Merge pull request #979 from phil-davis/RELENG_2_1
Errors in graph calculations Renato Botelho
03:37 PM Revision df992bc1: Merge pull request #980 from N0YB/RELENG_2_1
XHTML Compliance Renato Botelho
03:08 PM Bug #3493 (Closed): mute-replay-warnings doesn't appear to work
Have the lines
mute-replay-warnings;
verb 1;
as entries in the OpenVPN Advanced Configuration box, but am stil... B. Derman
02:51 PM Bug #3491: Improper input validation on firewall rules when using a numerical alias name
Alias name validation do not accept only numbers anymore on 2.2 since https://github.com/pfsense/pfsense/pull/960 was... Renato Botelho
10:26 AM Bug #3491 (Resolved): Improper input validation on firewall rules when using a numerical alias name
If you have a host alias using a numerical name such as "2222", then using port "2222" (literal) in firewall rules is... Jim Pingle
01:01 PM Feature #2904: Add checkbox or default option for "verify_identifier on;" on IPsec RSA VPNs
Guys, this is NOT a feature request, this is a major security issue! Can someone finally fix this?
https://forum.p... Doktor Notor
10:55 AM Bug #3489 (Rejected): Update DHCP options for network booting with UEFI
Duplicate of #3490 Renato Botelho
10:51 AM Revision 90435b20: Fix #3486, delete /var/crash content when click 'No'
Renato Botelho
10:51 AM Revision d7d6e57a: Fix #3486, delete /var/crash content when click 'No'
Renato Botelho
10:46 AM Bug #3212 (Resolved): PHP Warning: Division by zero in /etc/inc/captiveportal.inc on line 729
Renato Botelho
10:46 AM Bug #2952 (Resolved): Unvalidated input during system_firmware_check.php
It was replaced by htmlspecialchars() Renato Botelho
08:20 AM Bug #3486: crash reporter fails to delete crash report
Applied in changeset commit:90435b203e6a4adc35e582511ddf122a4fe699fa. Renato Botelho
08:20 AM Bug #3486 (Feedback): crash reporter fails to delete crash report
Applied in changeset commit:d7d6e57a228de0d855b12b3bb7eb0f2a50aef108. Renato Botelho
02:20 AM Revision e082672d: XHTML Compliance
Firewall - NAT - Port Forward - Edit N0YB
02:13 AM Revision edaa41be: Errors in in graph calculations
This is the version for 2.1 branch corresponding to https://github.com/pfsense/pfsense/commit/f9983a874d6acf5fcf08a08... Phil Davis

02/26/2014

09:36 PM Revision 7f43c116: Merge pull request #978 from N0YB/RELENG_2_1
XHTML Compliance Renato Botelho
08:39 PM Revision cd83111a: XHTML Compliance
Firewall - Rules - Edit N0YB
06:24 PM Revision a73ba11b: Fix variable used to create description when deleting a route, put the network in the description as intended.
Jim Pingle
04:26 PM Revision 2124fad4: Oops forgot the query message
Ermal LUÇI
04:24 PM Revision df0878b0: Add a function to read the status of connections/SAs/SPDs from smp plugin of StrongSWAN. No need to go through the setkey dumps
Ermal LUÇI
02:25 PM Revision ddfe5e43: Make xmlreader parse any document and properly consider listtags specified and attributes. Probably should be made the default due to its speed.
Ermal LUÇI
01:56 PM Bug #3489: Update DHCP options for network booting with UEFI
Re-Filed as a Feature Request. Donald Cupp
01:50 PM Bug #3489 (Rejected): Update DHCP options for network booting with UEFI
All new computers have the ability to boot UEFI afaik. There are few little changes that need to be made to pfsense t... Donald Cupp
01:55 PM Feature #3490 (Resolved): Update DHCP options for network booting with UEFI
All new computers have the ability to boot UEFI afaik. There are few little changes that need to be made to pfsense t... Donald Cupp
12:13 PM Revision 9f66bc5e: Merge pull request #977 from N0YB/RELENG_2_1
XHTML Compliance Renato Botelho
11:55 AM Revision 8ffb5ccd: Parse even attributes when present
Ermal LUÇI
10:55 AM Revision 082c9d96: XHTML Compliance
Firewall - Rules N0YB
10:18 AM Revision a02b89b0: Merge pull request #976 from N0YB/RELENG_2_1
XHTML Compliance Renato Botelho
09:10 AM Revision a5921773: XHTML Compliance
Firewall - NAT - Port Forward N0YB
03:51 AM Revision d11f5bff: XHTML Compliance
Firewall - NAT - Port Forward N0YB
03:41 AM Revision 334ca9d7: XHTML Compliance
Firewall - NAT - Port Forward N0YB
01:02 AM Bug #3250: problems with ixgbe driver in pfsense 2.1 release
Hi,
i received following link that can fix IXGBE driver problem. http://christopher-technicalmusings.blogspot.com.... Zeev Zalessky

02/25/2014

09:41 PM Revision 0c78acf8: Merge pull request #975 from stilez/patch-1
Port dropdowns: Put port no. after descrip Renato Botelho
07:48 PM Revision f7e481dd: Port dropdowns: Put port no. after descrip
At the moment, even if a port number is entered, it's re-displayed only as a port name when editing. Users who don't ... Stilez y
06:47 PM Bug #3488 (Resolved): Deleting an interface doesn't delete associated shaper queues
I'd defined a PRIQ shaper setup (via the wizard) on a 2 LAN, 1 WAN (with 4 CARP VIPs, no fail-over/syncing) then chan... B. Derman
05:30 PM Bug #3376 (Resolved): Alias Edit does not display correctly
Renato Botelho
05:28 PM Bug #3444 (Resolved): IPv6 network alias input validation lacking
Renato Botelho
05:25 PM Bug #3433 (Resolved): Case-sensitive detection of link local addresses
Renato Botelho
05:25 PM Bug #3432 (Resolved): PPPoE (WAN) reconnected, WAN does not updated
Renato Botelho
05:18 PM Bug #3283 (Resolved): Removing an alias entry and then adding a new one results in an entry box with broken formatting
Renato Botelho
05:18 PM Bug #3293 (Resolved): Using timezone Europe/Oslo causes firewall/system logs to be displayed in UTC
Renato Botelho
04:56 PM Bug #3294 (Resolved): Creating users/groups silently fails on read only filesystem
It was fixed by commit:8a0ae97fa0e249aa13538103e662aa6191ebde65 and commit:90caf54ebf46763f4856d446ab0aa77259282119 Renato Botelho
02:37 PM Bug #3487 (Closed): Punctuation removed when replicating rule descriptions from primary to secondary
I like to diff my primary and secondary configs to check they are fully in sync. However, there are some false alarms... Brian Candler
01:51 PM Bug #3291 (Resolved): Add new gateway allow name duplication
Renato Botelho
01:50 PM Bug #3282 (Resolved): Gateway error "You can not use a IPv4 Gateway Address on a IPv6 only interface." is not accurate
Renato Botelho
01:49 PM Bug #3226 (Resolved): Captive Portal Radius Error
Renato Botelho
01:47 PM Bug #3259 (Resolved): firewall_shaper_vinterface.php does NOT save Packet loss rate and Queue size
Renato Botelho
01:46 PM Bug #3247 (Resolved): ipsec mobile clients login banner cannot contain certain chars
Renato Botelho
01:46 PM Bug #3230 (Resolved): Creating Gateway in Interface page forces default gateway to be set even if unchecked.
Renato Botelho
01:44 PM Bug #3218 (Resolved): Activating DHCP6 server does not reload firewall rules
Renato Botelho
01:42 PM Bug #3208 (Resolved): interface name over 17 characters long results in pf errors
Renato Botelho
01:42 PM Bug #3206 (Resolved): Certificate Manager: wrong digest algorithm used when generating a certificate
Renato Botelho
12:41 PM Bug #3486 (Resolved): crash reporter fails to delete crash report
On clicking No on the crash report, nothing gets deleted, get the same notice at dashboard again and again, until del... Doktor Notor
10:28 AM Bug #2495: pfsense doesn't seem to know what its WAN IP is
I just tried it again with the current 2.1.1 Snapshot (2.1.1-PRERELEASE (amd64) built on Mon Feb 24 16:48:44 EST 2014... Thomas Rieschl
10:10 AM Revision c6efc8fd: Push log changes for IPSec and fix generation of strongswan.conf and ipsec.secrets to be properly considered
Ermal LUÇI
10:10 AM Revision 7335fa53: * Correct logging to syslog and proper file for ipsec from strongswan
* Use proper commands to reload strongswan rather than just the daemon Ermal LUÇI
07:46 AM Revision a63f8ba8: Merge pull request #971 from phil-davis/RELENG_2_1
Fix #3483 only use IPv4 DNS servers in DHCP v4 conf Ermal Luçi
07:46 AM Revision 042436e8: Merge pull request #970 from phil-davis/master
Fix #3483 only use IPv4 DNS servers in DHCP v4 conf Ermal Luçi
03:47 AM Revision 6a201696: Fix #3483 only use IPv4 DNS servers in DHCP v4 conf
Version for 2.1 branch Phil Davis
03:40 AM Revision 3ad6b569: Fix #3483 only use IPv4 DNS servers in DHCP v4 conf
Phil Davis
01:50 AM Bug #3483: DHCP server - lack of implicit values validation
Applied in changeset commit:a63f8ba8f37edf07c9d40c9134f98c74e36a83d7. Ermal Luçi
01:50 AM Bug #3483: DHCP server - lack of implicit values validation
Applied in changeset commit:042436e8f2e1ffee2411894fbb61ad961d13bf4f. Ermal Luçi
01:50 AM Bug #3483: DHCP server - lack of implicit values validation
Applied in changeset commit:6a2016960b433f579b73f539ac5f64f5e956369e. Phillip Davis
01:50 AM Bug #3483 (Feedback): DHCP server - lack of implicit values validation
Applied in changeset commit:3ad6b569d64043a75bbb63453658ed005e89ef2c. Phillip Davis
12:14 AM Bug #3483: DHCP server - lack of implicit values validation
Phillip Davis wrote:
> /etc/inc/vpn.inc
> function vpn_pppoe_configure(&$pppoecfg)
> function vpn_l2tp_configure()... Bryan Paradis
12:13 AM Bug #3483: DHCP server - lack of implicit values validation
Phillip Davis wrote:
> /etc/inc/vpn.inc
> function vpn_pppoe_configure(&$pppoecfg)
> function vpn_l2tp_configure()... Bryan Paradis

02/24/2014

11:38 PM pfSense Packages Feature #3485 (Closed): Log rotation for mod_security
As it stands, mod_security+apache does not rotate any logs generated by Apache, which can cause problems down the roa... Stéphane Lapie
11:15 PM Bug #3483: DHCP server - lack of implicit values validation
/etc/inc/vpn.inc
function vpn_pppoe_configure(&$pppoecfg)
function vpn_l2tp_configure()
search for 'dnsserver'
bo... Phillip Davis
10:44 PM Bug #3483: DHCP server - lack of implicit values validation
Phillip Davis wrote:
> And also, if you have DNS Forwarder disabled, no DNS servers specified on the DHCPv4 page, an... Bryan Paradis
09:56 PM Bug #3483: DHCP server - lack of implicit values validation
And also, if you have DNS Forwarder disabled, no DNS servers specified on the DHCPv4 page, and no IPv4 DHCP servers o... Phillip Davis
09:45 PM Bug #3483: DHCP server - lack of implicit values validation
Should be fixed by:
https://github.com/pfsense/pfsense/pull/970 - master branch
https://github.com/pfsense/pfsense/... Phillip Davis
09:52 AM Bug #3483: DHCP server - lack of implicit values validation
There was a fix implemented for the same sort of thing happening with Dns zones here that seems to strip off any bad ... Bryan Paradis
09:31 AM Bug #3483 (Resolved): DHCP server - lack of implicit values validation
1/ Put some IPv6 IPs as DNS servers into System - General Setup
2/ Disable DNS forwarder
3/ Configure some DHCPv4 p... Doktor Notor
07:05 PM Revision f13a1d6a: Make is_linklocal case-insensitive and fix #3433
Renato Botelho
07:03 PM Revision 04f5393f: Make is_linklocal case-insensitive and fix #3433
Renato Botelho
04:16 PM Bug #3484: IPv6 - the gateway address does not lie within one of the chosen interface's subnets
Afraid it's trying to compare the subnet to the "gif remote address" which is obviously IPv4. No wonder it fails. As ... Doktor Notor
04:06 PM Bug #3484 (Resolved): IPv6 - the gateway address does not lie within one of the chosen interface's subnets
... Doktor Notor
03:25 PM Revision b5388f03: Fix #2302, save custom uploaded l7 pattern files on config.xml and replicate it to slave
Renato Botelho
03:25 PM Revision 732b160d: Set variable after make sure it's defined and has elements
Renato Botelho
03:25 PM Revision 420b4538: Fix whitespace and indent
Renato Botelho
03:25 PM Revision 1b90e2d5: Fix whitespaces and indent
Renato Botelho
02:58 PM Revision 2c02c4d0: Properly detect when there are issues with communicating with syncip and to use the local DB for this. Otherwise detect if the remote says the voucher is not valid say its not valid.
Ermal LUÇI
02:57 PM Revision 62f96568: Properly detect when there are issues with communicating with syncip and to use the local DB for this. Otherwise detect if the remote says the voucher is not valid say its not valid.
Ermal LUÇI
02:39 PM Revision ac420abd: Properly compile the query to insert the values. Pointy-hat: myself. While here respect the redirurl when passed to portal_allow and use proper function to do redirection.
Ermal LUÇI
02:38 PM Revision 846bedf9: Properly compile the query to insert the values. Pointy-hat: myself. While here respect the redirurl when passed to portal_allow and use proper function to do redirection.
Ermal LUÇI
01:10 PM Bug #3433: Case-sensitive detection of link local addresses
Applied in changeset commit:f13a1d6a8a57df7c5c6466bb34ebdf26e77a2846. Renato Botelho
01:10 PM Bug #3433 (Feedback): Case-sensitive detection of link local addresses
Applied in changeset commit:04f5393f49be48989cb6e073a51bd35b33f177a1. Renato Botelho
12:47 PM Feature #3477 (Resolved): PIM protocol in firewall rules configuration
Pull request merged - https://github.com/pfsense/pfsense/pull/964 Renato Botelho
10:57 AM Revision 037e7a62: Merge pull request #959 from stilez/patch-3
Tighten is_subnet() functions Renato Botelho
09:30 AM Feature #2302 (Feedback): Uploaded Layer 7 patterns not saved in config, backed up, or synced
Applied in changeset commit:b5388f033c51ba1102ec00d8c1d604c6ea39827d. Renato Botelho
03:04 AM Bug #3464: No RRD Graphing When Using "Enable Pass-through MAC automatic additions"
Thanks. Makes sense.
Perhaps adding the following to the text under the "Enable Pass-through MAC automatic additi... B. Derman
02:56 AM Bug #3481: Run-Away processing with hme NICs
Chris:
Per the 3rd bullet on the indicated web page "... in all cases, simply switching the interface to a vr, de,... B. Derman
01:22 AM Revision 8cee3e44: Merge pull request #969 from N0YB/RELENG_2_1
XHTML Compliance Renato Botelho
12:59 AM Revision b48958df: XHTML Compliance
Interfaces N0YB

02/23/2014

08:45 PM Revision 5462854c: Merge pull request #968 from N0YB/RELENG_2_1
XHTML Compliance Renato Botelho
07:02 PM Revision 3698711f: XHTML Compliance
Interfaces - PPPs Edit N0YB
06:34 PM Revision d06c4448: Merge branch 'RELENG_2_1' of git://github.com/pfsense/pfsense into RELENG_2_1
N0YB
02:49 PM Bug #3482 (Resolved): Initial Setup disables WAN
I created a Xen-VM with
2 cores
2 nics, e1000
8 GB Disc
1 GB Ram
installed pfsense 2.1, no errors.
... Stefan Schindler
12:21 PM pfSense Packages Bug #3203: vnstat2 not working after pfsense 2.1 upgrade
I have updated the package again and moved away from the previous package + archive. Should work fine now. Bryan Paradis
12:16 PM Bug #2627: Old delegated prefixes are not removed from the LAN interface
Tested this on:
2.1.1-PRERELEASE (amd64)
built on Sat Feb 22 05:12:28 EST 2014
FreeBSD 8.3-RELEASE-p14
1. Fre... Anonymous
11:42 AM Revision aa563d40: Merge pull request #967 from N0YB/RELENG_2_1
XHTML Compliance Ermal Luçi
10:58 AM Revision 37b6250b: Merge branch 'RELENG_2_1' of git://github.com/pfsense/pfsense into RELENG_2_1
N0YB
10:01 AM Revision 813288dc: XHTML Compliance
Interfaces - Wireless Edit N0YB
09:51 AM Revision 5dbd81a6: Merge pull request #966 from N0YB/RELENG_2_1
XHTML Compliance Ermal Luçi
09:48 AM Revision b527a954: Merge pull request #965 from N0YB/Advanced_DHCP_Client_Options
XHTML Compliance Ermal Luçi
07:09 AM Revision cfd3676d: This one too.
N0YB
06:55 AM Revision 6c156433: XHTML Compliance
Interfaces N0YB
05:04 AM Revision 4a2c47fe: Element id's are to be unique. 'provider' used is elsewhere.
N0YB
04:50 AM Revision ca4467bc: Better done globally here in the function.
N0YB
03:58 AM Bug #3480: Firewalländerungen OpenVPN-Client erst nach Tunnelneustart wirksam
because that's not true. Chris Buechler
03:54 AM Bug #3481 (Feedback): Run-Away processing with hme NICs
seems likely to be driver-specific, can you test with a different type of NIC to confirm or deny that? Chris Buechler
03:49 AM Bug #3481 (Needs Patch): Run-Away processing with hme NICs
Subsequent to posting an issue to the mailing list (issue documented at http://www.derman.com/pfSense-Run-Away-Issue)... B. Derman
02:30 AM Revision 6e31ca39: XHTML Compliance
Interfaces N0YB

02/22/2014

09:16 PM Bug #3357: IPv6 on PPPoE default gateway assignment incorrect
Craig Falconer wrote:
> My next plan is ... temporarily try a USB ethernet card, and see if stripping the VLAN tags ... Criggie .
02:11 PM Bug #3357: IPv6 on PPPoE default gateway assignment incorrect
Ermal Luçi wrote:
> That is a different issue.
> Probably plain simple routing issue.
Definitely not simple rout... Criggie .
06:18 AM Bug #3357: IPv6 on PPPoE default gateway assignment incorrect
That is a different issue.
Probably plain simple routing issue.
Since your LAN as a PD which is smaller than the ... Ermal Luçi
04:14 AM Bug #3357: IPv6 on PPPoE default gateway assignment incorrect
Ermal Luçi wrote:
> Can you test with latest snapshot of 2.1.1 and see if ti behaves better?
FANTASTIC! I have ... Criggie .
04:32 PM Bug #3480: Firewalländerungen OpenVPN-Client erst nach Tunnelneustart wirksam
Könnte ich vielleicht noch gesagt bekommen, warum ich kommentarlos rejected werde? Christian Scholz
03:06 PM Bug #3480 (Rejected): Firewalländerungen OpenVPN-Client erst nach Tunnelneustart wirksam
Renato Botelho
02:56 PM Bug #3480 (Rejected): Firewalländerungen OpenVPN-Client erst nach Tunnelneustart wirksam
Hallo zusammen,
ich habe grade festgestellt, dass Firewalländerungen erst wirksam werden, wenn ich den Tunnel neu au... Christian Scholz
12:26 PM Revision f5db657d: Merge pull request #964 from wildstray/patch-1
Update firewall_rules_edit.php Ermal Luçi
10:26 AM Bug #1943 (Feedback): PPPoE won't reconnect after link loss when using vr(4) NICs on certain ISPs only
Ermal Luçi
06:54 AM Bug #1943: PPPoE won't reconnect after link loss when using vr(4) NICs on certain ISPs only
this seems to be solved in the latest 2.1.1-PRERELEASE Bipin Chandra
12:44 AM Bug #3479 (Closed): Rosewill RC-404 NIC not operating properly
Warren Baker

02/21/2014

11:55 PM Revision c95b52d5: Update firewall_rules_edit.php
PIM protocol for firewall rules. Andrea Tuccia
08:46 PM Revision bc50c8d7: Update tzdata to 2013i
Renato Botelho
08:30 PM Bug #3479: Rosewill RC-404 NIC not operating properly
Nevermind, come to find out it's some sort of hardware conflict.
My apologies. X X
05:21 PM Bug #3479 (Closed): Rosewill RC-404 NIC not operating properly
So for some reason I can not get an IP on my Rosewill RC-404 NIC (http://www.newegg.com/Product/Product.aspx?Item=N82... X X
03:51 PM Revision 796587a9: These are remenants of old 1.2 remove them from the wizard
Ermal LUÇI
03:07 PM Bug #3449 (Resolved): IE 8 does not respect disabled CIDR field when editing host alias, leading to filter ruleset syntax errors
The input validation does not allow the problem case any longer. Looks good enough to me. Jim Pingle
03:01 PM Bug #3449 (Feedback): IE 8 does not respect disabled CIDR field when editing host alias, leading to filter ruleset syntax errors
Move it to feedback since it should be enough for 2.1.1 Renato Botelho
01:45 PM Revision 11aa4666: Ticket #2627. Just pass the array over no need to traverse it
Ermal LUÇI
01:45 PM Revision 34340c56: Ticket #2627. Just pass the array over no need to traverse it
Ermal LUÇI
01:38 PM Revision e45a0b69: Trigger rc.newwaipv6 as well from pppoe when it gets an inet6 config
Ermal LUÇI
01:37 PM Revision 761dc91c: Trigger rc.newwaipv6 as well from pppoe when it gets an inet6 config
Ermal LUÇI
01:28 PM Revision 080fd00b: Fixes #2627. When an interface goes down try to shut the RAs and dhcpd6 service on that interface
Ermal LUÇI
01:23 PM Revision 92977616: Fixes #2627. When an interface goes down try to shut the RAs and dhcpd6 service on that interface
Ermal LUÇI
11:58 AM Revision d6101e23: Avoid recursion of convert_real_interface_to_friendly_interface_name with get_parent and on linkup of parent interface properly configure especially useful on ppp type links
Ermal LUÇI
11:55 AM Revision 9510780f: Avoid recursion of convert_real_interface_to_friendly_interface_name with get_parent and on linkup of parent interface properly configure especially useful on ppp type links
Ermal LUÇI
11:01 AM Revision ad43847b: Merge pull request #960 from stilez/patch-4
Tighten is_validaliasname() Renato Botelho
10:03 AM Revision ef60dfa5: Be friendly to memory
Ermal LUÇI
10:03 AM Revision 4d327744: Fix problem with the voucher synching that was introduced during conversion to zones
Ermal LUÇI
10:03 AM Revision 57cd35cf: Be friendly to memory
Ermal LUÇI
10:00 AM Revision be1e9342: Fix problem with the voucher synching that was introduced during conversion to zones
Ermal LUÇI
08:58 AM pfSense Packages Feature #3478 (Resolved): OpenVPN Client Export Utility - save preferred settings
It would be handy to be able to save:
a) The default Remote Access Server to be displayed when when the Client Expor... Phillip Davis
07:30 AM Bug #2627: Old delegated prefixes are not removed from the LAN interface
Applied in changeset commit:080fd00bac29b736a5e1e8e91b9efbb3c3ea8305. Ermal Luçi
07:30 AM Bug #2627 (Feedback): Old delegated prefixes are not removed from the LAN interface
Applied in changeset commit:929776169f0f36b99ef62f7bfe633f8d02db2c43. Ermal Luçi
07:24 AM Bug #2627: Old delegated prefixes are not removed from the LAN interface
I put a fix which should handle properly all cases to this.
Can you try tomorrows snapshots of 2.1.1? Ermal Luçi
02:49 AM Revision 4ad9a1e7: Tighten is_validaliasname()
is_validaliasname() treats "empty string" as a valid alias name, it probably shouldn't.
I suspect it also should not... Stilez y
02:47 AM Bug #3045: NTPD crash / doesn't come up
Upgraded one of my clusters to 2.1.1-PRERELEASE (amd64) built on Wed Feb 19 19:46:29 EST 2014.
Can confirm NTPD is... Markus Brungs
02:21 AM Feature #3473: Allow configuration of OpenVPN keepalive
Oh, ping-restart should also be added to the list. B. Derman
02:19 AM Revision a5e2a35f: Tighten is_subnet() functions
The is_subnet(), is_subnetv4() and is_subnetv6() functions have significant issues in their coding logic.
Issues:
1... Stilez y

02/20/2014

11:36 PM Revision 4cdd20bc: Rather than having issues with not started radvd try to start radvd to discover by itself the prefix on the interface by using the special directive :: on the prefix declaration. Related to many tickets and forum posts
Ermal LUÇI
11:36 PM Revision 75aec77a: Rather than having issues with not started radvd try to start radvd to discover by itself the prefix on the interface by using the special directive :: on the prefix declaration. Related to many tickets and forum posts
Ermal LUÇI
09:00 PM Feature #3477: PIM protocol in firewall rules configuration
It is very easy for the devs if you submit a pull request on GitHub - https://github.com/pfsense Phillip Davis
03:02 PM Feature #3477 (Resolved): PIM protocol in firewall rules configuration
PIM protocol is missing, so I added it in firewall_rules_edit.php. It would be nice to release in the official versio... Andrea Tuccia
08:43 PM Revision 3e0b2df2: Update tzdata to 2013i
Renato Botelho
08:32 PM Revision 6a193210: Update list of mobile service providers
Renato Botelho
08:32 PM Revision 9d40745b: Update list of mobile service providers
Renato Botelho
08:19 PM Revision 8b731067: Correct obvious bug in IPv6.inc
Ermal LUÇI
08:06 PM Revision 77148acc: s/PEAR.php/PEAR.inc/
Ermal LUÇI
08:05 PM Revision bf416e49: Actually take latest one from github. It has some more checks and more execution time penalities but catches more errors
Ermal LUÇI
08:00 PM Revision 03ab9b30: Update IPV6.inc to latest 1.2.1 version
Ermal LUÇI
07:32 PM Revision 7519cc29: If set use the default bandwidth setting on the CP even for mac passthrough. Reported-by: https://forum.pfsense.org/index.php/topic,72761.0.html
Ermal LUÇI
07:30 PM Revision 2e080989: Use the default bw specification if configured even for allowed ip and hostname.
Ermal LUÇI
07:30 PM Revision a23ff107: Use the default bw specification if configured even for allowed ip and hostname.
Ermal LUÇI
06:37 PM Revision 3f7f26ae: Add the missing global $g
N0YB
05:28 PM Revision ea188e45: If set use the default bandwidth setting on the CP even for mac passthrough. Reported-by: https://forum.pfsense.org/index.php/topic,72761.0.html
Ermal LUÇI
05:23 PM Bug #3446 (Closed): NTP server doesn't bind to assigned interfaces on automatic service restart after queriing his assigned master time server
duplicate of #3317 Chris Buechler
07:12 AM Bug #3446: NTP server doesn't bind to assigned interfaces on automatic service restart after queriing his assigned master time server
I just saw that my report is most likely a duplicate of: https://redmine.pfsense.org/issues/3317 Michael Noack
05:03 PM Bug #3286: Radvd will not function with IPv6 Prefix delegation other than 64 on WAN
What would be needed is you system log or at least o confirmation from ifconfig that dhcp6c is retrieving something f... Ermal Luçi
03:35 PM pfSense Packages Feature #3456: ladvd (lldp/cdp/edp/ndp daemon)
Send a pull request on github. Ermal Luçi
03:20 PM pfSense Packages Feature #3456: ladvd (lldp/cdp/edp/ndp daemon)
Excuse me for the additional update, but I added a <hideinterfaceregex> to hide loopback interfaces from the LADVD co... Andrea Tuccia
11:26 AM Revision 070dad6c: Use env var provided by openvpn to determine if it's tun or tap, it should fix #3475
Renato Botelho
11:21 AM Revision 08185f4a: Use env var provided by openvpn to determine if it's tun or tap, it should fix #3475
Renato Botelho
10:30 AM pfSense Packages Bug #3168: siproxd
A tested and the code will show as many records as available on registration file. Are you sure there were more recor... Renato Botelho
09:45 AM pfSense Packages Bug #3168: siproxd

cleaned ip-adresses and sip-user-ids
at this moment: Currently Registered Phones (1)
 Need Less
09:28 AM pfSense Packages Bug #3168: siproxd
Could you please share the content of /var/siproxd/siproxd_registrations? Renato Botelho
09:18 AM Revision 26ea40b7: Do some more error checking and put secondary radius attributes only if configured. Probably radius configuration should be merged with central server for logins!
Ermal LUÇI
09:18 AM Revision 315bdf65: Do some more error checking and put secondary radius attributes only if configured. Probably radius configuration should be merged with central server for logins!
Ermal LUÇI
09:02 AM Revision e570f0eb: silence any errors
Ermal LUÇI
09:02 AM Revision 49a8ee7f: Do not show errors on bootup and test before trying to make a directory if it exists
Ermal LUÇI
08:59 AM Revision 9c8f0a3a: Fix the issue with crash reporter even here as per pull #954
Ermal LUÇI
08:33 AM Revision 0b8a6bcb: Merge pull request #951 from stilez/patch-1
Tighten is_numeric() Ermal Luçi
08:32 AM Revision feb79ce5: Merge pull request #954 from phil-davis/master
Make a good copy of PHP_errors.log for crash reporter Ermal Luçi
07:56 AM Revision 38cb3c39: Make a good copy of PHP_errors.log for crash reporter
Forum report https://forum.pfsense.org/index.php/topic,72877.0.html Phil Davis
07:09 AM Feature #3365: Implement package signing
Only missing signing key and definition about how it will happen Renato Botelho
07:06 AM Bug #2125 (Feedback): Update Package XML for FreeBSD 10.x
Done Renato Botelho
07:06 AM Bug #2126 (Feedback): Build package binaries for FreeBSD 10.x
Done Renato Botelho
05:30 AM Bug #3475: get_interface_gateway returns a subnet mask for tap interfaces
Applied in changeset commit:070dad6c8d4f4e02ad9f6f87169b7adc1ebeee34. Renato Botelho
05:20 AM Bug #3475 (Feedback): get_interface_gateway returns a subnet mask for tap interfaces
Applied in changeset commit:08185f4aa2282077e2e1f15baad5593352123d68. Renato Botelho
03:35 AM Feature #3476 (Duplicate): Null rule entry for logical segmentation of sets of rules
Hello,
We have a rather complicated rule set, with IPSec links to other offices and customers, DMZ LAN and also Pr... Simon Barrett
02:18 AM Bug #3464 (Rejected): No RRD Graphing When Using "Enable Pass-through MAC automatic additions"
that's by design - the MAC pass-through entries aren't captive portal users, they're MACs that are always allowed thr... Chris Buechler
02:18 AM Revision d55cba63: Fix gateway quality RRD to have the correct granularity and be consistent with the pfSense graphs set.
Create gateway quality RRD with settings suitable for pfSense graph set, since apinger uses default step (300) and o... N0YB
01:53 AM Revision 4caa9574: Tighten is_numeric()
Improvements:
1) avoids 'expensive' preg_match() and is a more exact test
2) fixes logic whereby an empty string or ... Stilez y

02/19/2014

09:42 PM Revision 5b699be7: Merge pull request #950 from N0YB/RELENG_2_1
XHTML Compliance Renato Botelho
09:17 PM Revision de76f366: XHTML Compliance
UPnP & NAT-PMP N0YB
08:51 PM Revision c51c2b4c: Merge pull request #949 from N0YB/RELENG_2_1
XHTML Compliance Ermal Luçi
08:38 PM Revision 55e41a98: XHTML Compliance
Traffic Graph Status N0YB
04:00 PM Revision d3515e02: Merge pull request #938 from nagyrobi/patch-12
Create ntp_status.widget.php Ermal Luçi
04:00 PM Revision dcbf41b0: Merge pull request #937 from nagyrobi/patch-11
Create ntp_status.inc Ermal Luçi
03:59 PM Revision cfce004f: Merge pull request #936 from nagyrobi/patch-10
Update status_rrd_graph_settings.php Ermal Luçi
03:59 PM Revision 0a3adf06: Merge pull request #935 from nagyrobi/patch-9
Update status_rrd_graph_img.php Ermal Luçi
03:59 PM Revision a386971b: Merge pull request #934 from nagyrobi/patch-8
Update status_rrd_graph.php Ermal Luçi
03:58 PM Revision cc734323: Merge pull request #933 from nagyrobi/patch-7
Update status_ntpd.php Ermal Luçi
03:58 PM Revision b3974c79: Make this usable
Ermal LUÇI
03:44 PM Revision 8988ab95: Merge pull request #932 from nagyrobi/patch-6
Create services_ntpd_pps.php Ermal Luçi
03:43 PM Revision ec7bc948: More code fixes for ntpd
Ermal LUÇI
03:37 PM Revision 59c37391: Merge pull request #929 from nagyrobi/patch-3
Update system.inc Ermal Luçi
03:36 PM Revision a3498099: Correct some issues on status
Ermal LUÇI
03:32 PM Bug #3475 (Resolved): get_interface_gateway returns a subnet mask for tap interfaces
Where tap interfaces have an IP assigned, function get_interface_gateway returns the subnet mask as the gateway IP (f... Chris Buechler
03:29 PM Revision 6216c1b5: Merge pull request #931 from nagyrobi/patch-5
Create services_ntpd_gps.php Ermal Luçi
03:28 PM Revision 482c93e5: Another fix even for XHTML compliance and proper selection
Ermal LUÇI
03:27 PM Revision 08005d0a: Fix some obvious problems in the code
Ermal LUÇI
03:21 PM Revision aa1183ef: Merge pull request #930 from nagyrobi/patch-4
Update services_ntpd.php Ermal Luçi
03:20 PM Revision a5240b7a: Merge pull request #928 from nagyrobi/patch-2
Update rrd.inc Ermal Luçi
02:27 PM Revision 6b2df902: Merge pull request #947 from stilez/patch-2
Filter log - ensure IPv6 AJAX resolve works too Ermal Luçi
02:09 PM Revision 30a84036: Filter log - ensure IPv6 AJAX resolve works too
Using str_replace(array('.', ':') as asked Stilez y
02:00 PM Revision ecdf264f: Merge pull request #946 from phil-davis/master
Remove old webguiport code Ermal Luçi
01:07 PM Revision 8fc2a648: Filter log - ensure IPv6 works too
Stilez y
12:53 PM Revision 0c8cc915: Remove old webguiport code
webguiport is managed in system_advanced_admin.php these days, not here in system.php. This validation is never execu... Phil Davis
12:26 PM Revision e09da6c2: Fix #3469
Before downloading file to process urltable, there is a random wait
time between 5 and 60 seconds. Because of this, t... Renato Botelho
12:22 PM Revision 47f7842f: Fix #3469
Before downloading file to process urltable, there is a random wait
time between 5 and 60 seconds. Because of this, t... Renato Botelho
11:48 AM Revision 869dfb66: Fix #3468, wording fix
Renato Botelho
11:48 AM Revision d06ad5eb: Fix #3468, wording fix
Renato Botelho
11:47 AM Bug #3045: NTPD crash / doesn't come up
Please test on 2.1.1 and report back. https://forum.pfsense.org/index.php/topic,71546.0.html Jim Pingle
11:31 AM Bug #3045: NTPD crash / doesn't come up
I have several clusters running on 2.1 amd64 using LAGG (on igb based quad port cards) + VLAN + CARP + OpenVPN client... Markus Brungs
11:23 AM Revision 96fc5388: Merge pull request #945 from phildd/master
Enhance interface gateway data entry descriptions Renato Botelho
11:23 AM Revision 69498c01: Merge pull request #944 from N0YB/RELENG_2_1
XHTML Compliance Renato Botelho
10:41 AM Revision e2a6a6fb: Enhance interface gateway data entry descriptions
Phillip Davis
10:33 AM Revision 6e2eabe5: XHTML Compliance
CARP Status N0YB
08:50 AM Revision db8450cb: Merge pull request #939 from phil-davis/master
Dodgy-looking stuff in graph calculations Ermal Luçi
08:50 AM pfSense Packages Feature #3456 (Feedback): ladvd (lldp/cdp/edp/ndp daemon)
Applied in changeset commit:80f804d0d7b4053b0366470d5ad1bc34e89b03b1. Anonymous
05:33 AM pfSense Packages Feature #3456: ladvd (lldp/cdp/edp/ndp daemon)
PBIs available at:
http://files.pfsense.org/packages/8/All/ladvd-1.0.4-i386.pbi
http://files.pfsense.org/packages... Renato Botelho
07:57 AM Revision b1455571: Merge pull request #659 from mss/extended-query-example-work
Improve LDAP DN examples Ermal Luçi
07:54 AM Revision 63fd5773: Merge pull request #903 from phildd/RELENG_2_1
Releng 2 1 Enhance interface gateway data entry descriptions Ermal Luçi
07:53 AM Revision 45c9de4e: Merge pull request #943 from stilez/patch-1
AJAX-ify DNS lookups in standard firewall/filter Ermal Luçi
07:51 AM Revision 18e5723b: The msgbox is no longer needed since there will be a validation process per se
Ermal LUÇI
07:50 AM Revision 3e38084b: The msgbox is no longer needed since there will be a validation process per se
Ermal LUÇI
07:48 AM Revision 25ba63fb: Take single and double quotes into consideration
Renato Botelho
07:47 AM Revision a257e8e5: Merge pull request #942 from N0YB/RELENG_2_1
XHTML Compliance Ermal Luçi
06:30 AM Bug #3469: rc.update_urltables can skip doing a required update
Applied in changeset commit:e09da6c2668f041851316bcb334263814a3daffe. Renato Botelho
06:30 AM Bug #3469 (Feedback): rc.update_urltables can skip doing a required update
Applied in changeset commit:47f7842f80ec52081bce27e9230203763adb0064. Renato Botelho
02:33 AM Bug #3469 (Resolved): rc.update_urltables can skip doing a required update
/etc/rc.update_urltables often skips doing a required update ...
* /etc/rc.update_urltables runs at 12:30 PM each ... B. Derman
06:26 AM Feature #3474 (Duplicate): Openvpn client-specific-overrides ip conflicts
Hi,
Would it be possible to replace the --server option in the openvpn server conf with the explicit declarations ... Simon Barrett
05:50 AM Bug #3468: Wording fix
Applied in changeset commit:869dfb664a1af87f07384f6bcaba4515a0da8a5c. Renato Botelho
05:50 AM Bug #3468 (Feedback): Wording fix
Applied in changeset commit:d06ad5eb05b26eb811b67bbb94f2bd01884c43de. Renato Botelho
02:13 AM Bug #3468 (Resolved): Wording fix
In /etc/rc.update_urltables change line 43
from
log_error("{$argv[0]}: {$t['name']} does not need updated.");
t... B. Derman
03:18 AM pfSense Packages Bug #3323 (Feedback): BIND, Reverse Zones and Register DHCP static mappings.
Merged pull request #584 to fix this. Ermal Luçi
03:17 AM Feature #3473 (Resolved): Allow configuration of OpenVPN keepalive
The keepalive option is always added to an OpenVPN server configuration.
There are many scenarios where this is no... B. Derman
03:02 AM Bug #3472 (Resolved): "Diagnostics -> Table -> [large table]" won't show table contents
Attempting view, via "Diagnostics -> Table -> [applicable large table]", the contents of a large URL table (alias) ge... B. Derman
02:55 AM Bug #3471 (Resolved): Attempting to load an empty URL table (alias) causes an error
Attempting to load an empty URL table (alias) causes an error.
If a table download fails and/or results in an empt... B. Derman
02:53 AM Revision f15c1f3d: AJAX-ify DNS lookups in standard firewall/filter
The standard firewall log has lookup ability but these open in a new tab/window, they don't show in the log, other pl... Stilez y
02:44 AM Bug #3470 (Resolved): IPSec VPN not recognizing alternative IP name
Using a self-created/signed CA (created via pfSense's nice Certificate Manager), I created a server and user certific... B. Derman
02:39 AM Revision 94bf59b1: XHTML Compliance
Settings Logs Status N0YB
02:36 AM Revision d5d192a1: XHTML Compliance
NTP Logs Status N0YB
02:35 AM Revision 3d1a290b: XHTML Compliance
Open VPN Logs Status N0YB
02:34 AM Revision 6b0d7871: XHTML Compliance
Load Balancer Logs Status N0YB
02:33 AM Revision 7e23690a: XHTML Compliance
VPN Logs Status N0YB
02:32 AM Revision ec56ae9d: XHTML Compliance
PPP Logs Status N0YB
02:31 AM Revision 5e736c8a: XHTML Compliance
Portal Auth Logs Status N0YB
02:29 AM Revision 1fe3c758: XHTML Compliance
DHCP Logs Status N0YB
02:11 AM Bug #3467 (Resolved): pfTop [Queue] doesn't show P/S or B/S
"Diagnostics -> pfTop [Queue]" doesn't show P/S or B/S (running command-line pftop followed by left-arrow does show P... B. Derman
02:03 AM Bug #3466 (Rejected): Restarting OpenVPN Server restarts other services
Visit "Status -> OpenVPN" and press the "Restart openvpn Service" button for a running server.
When the OpenVPN se... B. Derman
01:53 AM Bug #3465 (New): Editing Traffic Shaper queues causes status_queues.php error
Editing traffic shaper queues (Firewall -> Traffic Shaper -> By Interface) can cause "php: /status_queues.php: XML er... B. Derman
01:42 AM Bug #3464 (Rejected): No RRD Graphing When Using "Enable Pass-through MAC automatic additions"
After enabling "Enable Pass-through MAC automatic additions" the "Captive Portal" RRD graphs no longer show any graph... B. Derman

02/18/2014

11:31 PM Revision 56e3ea85: Only add dhcpv6 client allow rules if ipv6allow is set
Renato Botelho
11:31 PM Revision 5a47e9b1: Only add dhcpv6 client allow rules if ipv6allow is set
Renato Botelho
09:19 PM Revision b74bf685: Merge pull request #941 from N0YB/RELENG_2_1
XHTML Compliance Ermal Luçi
09:07 PM Revision 8749f693: XHTML Compliance
Queues Status N0YB
08:58 PM Revision eba8aa8c: Merge pull request #940 from N0YB/RELENG_2_1
XHTML Compliance Ermal Luçi
08:45 PM Revision 0c8a8127: XHTML Compliance
Package Logs Status N0YB
07:51 PM Revision e9567122: Sprinkle ob_flush to avoid some warnings on 2.1
Ermal LUÇI
07:38 PM Revision d291634a: Take single and double quotes into consideration
Renato Botelho
07:16 PM Revision 738fab3d: Fix issue with CSR generation. Ticket #2820
Jim Pingle
07:16 PM Revision 26e58bb2: Fix issue with CSR generation. Ticket #2820
Jim Pingle
07:00 PM Revision 8a4d1dbd: Move 'allow dhcpv6 client' rules above block bogonsv6 ones, it should fix #3395
Renato Botelho
07:00 PM Revision a60c6356: Move 'allow dhcpv6 client' rules above block bogonsv6 ones, it should fix #3395
Renato Botelho
05:23 PM Revision 540c012b: Update status_ntpd.php
fixed tail path robi robi
05:22 PM Revision fe5ad8af: Update ntp_status.widget.php
fixed tail path robi robi
04:41 PM Revision 69a0c735: Fixes #3460. Ask for validation when real operation will be done and ask for the operation with POST to get protection from CRSF.
Ermal LUÇI
04:39 PM Revision 133f8b33: Fixes #3460. Ask for validation when real operation will be done and ask for the operation with POST to get protection from CRSF.
Ermal LUÇI
04:39 PM Revision 0635519b: Remove code that is commented
Ermal LUÇI
04:12 PM Revision f9983a87: Dodgy-looking stuff in graph calculations
I noticed that the graphs in this post - https://forum.pfsense.org/index.php/topic,72794.0.html - had numbers for in-... Phil Davis
03:07 PM Revision 617f9edf: Update rrd.inc
corrected path robi robi
03:06 PM Revision 0fd64e94: Update system.inc
Corrections made as requested robi robi
03:01 PM Revision de3ba995: Update ntp_status.widget.php
Updated errorneous paths. Sorry. robi robi
02:32 PM Revision d950f929: Create ntp_status.widget.php
Dedicated widget which has a javascript clock showing the server time accurately, and based on NTP's running state di... robi robi
02:30 PM Revision b2c559da: Create ntp_status.inc
NTP widget helper robi robi
02:29 PM Revision c53834f9: Update status_rrd_graph_settings.php
Add NTP graph to settings robi robi
02:26 PM Revision a592ec6a: Update status_rrd_graph_img.php
Add NTP graph drawing robi robi
02:24 PM Revision 2cdb75f8: Update status_rrd_graph.php
Add NTP graphing robi robi
02:24 PM Bug #3166 (Feedback): status_services.php:starts services 2-3 times;
Normally i have fixed this for 2.1 and up.
Setting this to feedback to see if someone finds problems with the fixes. Ermal Luçi
02:20 PM pfSense Packages Bug #3221 (Resolved): dansguardian 2.12.0.3 pkg v.0.1.8 has carriage returns in dansguardian.sh
This seems to have been solved. Ermal Luçi
02:19 PM Revision c56d07dc: Update status_ntpd.php
A bit more informative NTP status page... robi robi
02:16 PM Revision 2ebeabac: Create services_ntpd_pps.php
Separate page for other PPS sources config robi robi
02:16 PM Revision b8ab37b8: Merge pull request #927 from nagyrobi/patch-1
Update priv.defs.inc - add new NTP pages Ermal Luçi
02:15 PM Revision aa2aebfd: Create services_ntpd_gps.php
Separate page to set GPS receiver pps sync robi robi
02:14 PM Revision c1e68244: Update services_ntpd.php
Extended options for NTPd robi robi
02:12 PM Revision 142f7393: Update system.inc
Add new NTPd functions robi robi
02:07 PM pfSense Packages Bug #2747 (Resolved): Snort ignores memcap settings
Ermal Luçi
02:06 PM Revision 1f3eff9b: Update rrd.inc
Add NTP graphing to RRD robi robi
02:03 PM pfSense Packages Bug #2060 (Closed): after update a remove is done before download of pkg`
Incomplete. Ermal Luçi
02:02 PM Bug #1987 (Resolved): GRE tunnel - Route search type
Ermal Luçi
02:01 PM pfSense Packages Bug #1752 (Closed): Error handling in snort
This is better nowdays. Ermal Luçi
02:01 PM Revision 43c4687b: Update priv.defs.inc
robi robi
02:00 PM pfSense Packages Bug #1961 (Closed): Spoink and IP banning
Nowdays this is not anymore relevant. Ermal Luçi
01:59 PM Revision 1ac5a652: Take single and double quotes into consideration
Renato Botelho
01:58 PM pfSense Packages Feature #3424: SCEP server
The new IPSec implementation in 2.2 does support it though supporting it in the GUI is not forseen yet. Ermal Luçi
01:33 PM Bug #2820 (Feedback): Unable to generate CSR in 2.1BETA1
Please check if last commit fix the issue for you Renato Botelho
01:18 PM Revision 6766e477: Fixes #3461. Remove any special char that can lead to shell/XSS compromises from submitted input.
Ermal LUÇI
01:00 PM Bug #3395: DHCPv6 client pass rules need to come before bogons
Applied in changeset commit:8a4d1dbd2a4d536201363a0f8d8a42fb6e057b33. Renato Botelho
01:00 PM Bug #3395 (Feedback): DHCPv6 client pass rules need to come before bogons
Applied in changeset commit:a60c6356ee22b081bdfe6b8a8dfd83865e6f2681. Renato Botelho
11:55 AM Revision 82921e73: Fixes #3461. Remove any special char that can lead to shell/XSS compromises from submitted input.
Ermal LUÇI
11:35 AM Revision 9e875e0c: Revert "Replaced gethostbyname() with gethostbynamel() to get a list of all IPs associated with the dns name and add them to the allowed list"
This change is not needed, filterdns will handle it.
This reverts commit d460371416d4e2cfef976d5a7616f63f6faa203f. Renato Botelho
11:33 AM Revision 6d43e1f2: Check if the package is installed before deleting opteration is started
Ermal LUÇI
11:28 AM Revision 248b0124: Ticket #3461. Protect output to browser by using htmlspecialchars.
Ermal LUÇI
11:25 AM Revision b6584d17: Do not do any operations on system libraries. Nowdays pbis are used and those do not break things by definition
Ermal LUÇI
11:25 AM Revision 8c147077: Do not do any operations on system libraries. Nowdays pbis are used and those do not break things by definition
Ermal LUÇI
10:48 AM Revision 33d1b241: captive portal, don't generate rules for disabled portal
Pi Ba
10:40 AM Bug #3460: CSRF Protection - Package manager
Applied in changeset commit:69a0c7351bed26b4fb0259ce893442bd99d9d89d. Ermal Luçi
10:40 AM Bug #3460: CSRF Protection - Package manager
Applied in changeset commit:133f8b33472b9bca9e8f788820233cafbd674fcb. Ermal Luçi
10:39 AM Bug #3460 (Feedback): CSRF Protection - Package manager
Ermal Luçi
10:38 AM Revision 8f821cbc: Merge pull request #891 from PiBa-NL/captive_disable
captive portal, don't generate rules for a disabled portal Renato Botelho
10:31 AM Revision aecb7a79: Merge pull request #890 from N0YB/Gateway_Monitor
Gateway Monitor Advanced Settings Renato Botelho
10:15 AM Revision 9305e219: Merge pull request #904 from dv-user1/master
Replaced gethostbyname() with gethostbynamel() to get a list of all IPs ... Renato Botelho
09:26 AM Revision 4b7b190b: Revert "Pass the family to the get_real_interface function to retrieve the correct real interface. Might help Ticket #3357"
This reverts commit 7c77641060bc5662f75519556af5e4566078dfc6. Ermal LUÇI
09:26 AM Revision 70b49cba: Really need the interface where v6 is running toa dd the gateway/route rather than the one used for the configuration. This Fixes #3357
Ermal LUÇI
09:26 AM Revision adf1c3fa: Revert "Pass the family to the get_real_interface function to retrieve the correct real interface. Might help Ticket #3357"
This reverts commit cb431dbf47c53b72119bd8feca0217e1c25d998b. Ermal LUÇI
09:25 AM Revision c79f717a: Really need the interface where v6 is running toa dd the gateway/route rather than the one used for the configuration. This Fixes #3357
Ermal LUÇI
09:23 AM Revision 7f921690: Do not call rc.newwanip when pppoe gets a v6 ip.
Ermal LUÇI
09:22 AM Revision d671c1d0: Do not call rc.newwanip when pppoe gets a v6 ip.
Ermal LUÇI
09:00 AM Revision 7c776410: Pass the family to the get_real_interface function to retrieve the correct real interface. Might help Ticket #3357
Ermal LUÇI
08:59 AM Revision cb431dbf: Pass the family to the get_real_interface function to retrieve the correct real interface. Might help Ticket #3357
Ermal LUÇI
08:03 AM Revision faf92d53: Merge pull request #926 from N0YB/RELENG_2_1
XHTML Compliance Ermal Luçi
07:45 AM Revision 1370befa: XHTML Compliance
Open VPN Status N0YB
07:20 AM Bug #3461: XSS - package system
Applied in changeset commit:6766e4771ef6582212044ab8938f4757776618a4. Ermal Luçi
06:00 AM Bug #3461 (Feedback): XSS - package system
Applied in changeset commit:82921e738bb9d1a784733152822a9e976767ce3a. Ermal Luçi
06:30 AM pfSense Packages Bug #3459 (Feedback): XSS - snort package
Applied in changeset commit:048bb82a0e2c814da90816657ecedf59fedf8dbd. Renato Botelho
06:03 AM Todo #3196 (Resolved): Improve IPv4 address validation on interface setup (GUI and console) and setup wizard
Renato Botelho
05:56 AM Bug #3255 (Resolved): OpenVPN client or server on GWG does not failover
Renato Botelho
05:49 AM Bug #3364 (Resolved): DHCPv6 "Deny unknown clients" does not work
Renato Botelho
05:44 AM Bug #3235 (Resolved): Could not open shared memory for read 1000
Renato Botelho
05:01 AM Bug #3463 (Closed): MultiWAN test in system.php does not work
/etc/inc.system.php defines a boolean $multiwan and uses that to decide whether to display the dropdown selection box... Phillip Davis
03:44 AM Bug #3191: Quality RRD inaccuracies and failure to update status in some circumstances
I am not sure this is something to be fixed for 2.1.1 so putting to 2.2. Ermal Luçi
03:30 AM Bug #3357: IPv6 on PPPoE default gateway assignment incorrect
Applied in changeset commit:70b49cba96706753a7c1bc4a1166f9744a080352. Ermal Luçi
03:30 AM Bug #3357: IPv6 on PPPoE default gateway assignment incorrect
Applied in changeset commit:c79f717a5893443a895b7d09eb8218b5058d1f08. Ermal Luçi
03:21 AM Bug #3357 (Feedback): IPv6 on PPPoE default gateway assignment incorrect
Can you test with latest snapshot of 2.1.1 and see if ti behaves better? Ermal Luçi
02:40 AM Bug #3412 (Feedback): serial console output mess on fetch bogons failure
Can you confirm that it at least timeouts for now.
I made it understand that waiting indefinitely until a TCP connec... Ermal Luçi

02/17/2014

10:16 PM Revision cb061c7f: Merge pull request #925 from N0YB/RELENG_2_1
XHTML Compliance Renato Botelho
09:37 PM Revision b9a494f0: XHTML Compliance
NTP Status N0YB
08:19 PM Revision cce4efbd: Merge pull request #924 from N0YB/RELENG_2_1
XHMTL Compliance Ermal Luçi
08:13 PM Revision 5a2e0c3b: XHMTL Compliance
Load Balancer Status N0YB
08:00 PM Revision ecd9fd53: Move this global declaration to the proper file rather than backend code
Ermal LUÇI
08:00 PM Revision 64a093d6: Put a timeout of 30 seconds to aid with Ticket #3412
Ermal LUÇI
08:00 PM Revision 2076dc46: Put a timeout of 30 seconds to aid with Ticket #3412
Ermal LUÇI
08:00 PM Revision ee9783e9: Move this global declaration to the proper file rather than backend code
Ermal LUÇI
07:30 PM Revision 548564f2: Merge pull request #923 from N0YB/RELENG_2_1
XHMTL Compliance Ermal Luçi
07:18 PM Revision 3ac9b8ae: XHMTL Compliance
IPsec Status Tabs
Mostly element closings and minimizations (nowrap), empty table row. N0YB
06:45 PM Revision 18b4e253: Help ticket #3449:
Improve data validation to avoid save a host/subnet or a IPv4 with
invalid mask. The reported error is on javascript ... Renato Botelho
06:43 PM Revision c00e6bd4: Help ticket #3449:
Improve data validation to avoid save a host/subnet or a IPv4 with
invalid mask. The reported error is on javascript ... Renato Botelho
06:02 PM Revision d78a548c: Merge pull request #922 from N0YB/RELENG_2_1
XHTML Compliance Ermal Luçi
05:52 PM Revision fe672816: XHTML Compliance
RRD Graphs Update
Use CDATA section instead of clunky decode hex value for ampersand in script. N0YB
04:38 PM Bug #2820 (New): Unable to generate CSR in 2.1BETA1
Are you using the latest available snapshot? Could you give more details about how to reproduce it? I tried but could... Renato Botelho
04:30 PM Bug #2820: Unable to generate CSR in 2.1BETA1
Seeing this again on RELENG_2_1 Richard Connon
04:30 PM Bug #3458 (Rejected): Regression of #2820 on latest RELENG_2_1
If you are seeing the same issue of #2820, please add a comment there and we can re-open it, this is good to keep tra... Renato Botelho
01:32 PM Bug #3458 (Rejected): Regression of #2820 on latest RELENG_2_1
Seeing the behaviour in issue #2820 on current RELENG_2_1 code. Can't submit to create a CSR, given error "Please sel... Richard Connon
03:20 PM Revision 838e1f63: Use correct parameter (bootfile-url) to configure netboot on DHCPdv6, it fixes #3421
Renato Botelho
03:20 PM Revision b67ec10c: Fix typo on variable name and really add custom options for dhcpdv6
Renato Botelho
03:20 PM Revision bd942860: Use correct parameter (bootfile-url) to configure netboot on DHCPdv6, it fixes #3421
Renato Botelho
03:20 PM Revision 547f1e65: Fix typo on variable name and really add custom options for dhcpdv6
Renato Botelho
03:10 PM Bug #3462 (Feedback): RCE - ARPING
Applied in changeset pfsense-packages:commit:ad6e7cb89edbb0849eda4516cb0976fb877bc397. Jim Pingle
02:52 PM Bug #3462 (Resolved): RCE - ARPING
Reviewing http://seclists.org/fulldisclosure/2014/Jan/187 I can see that it's still possible to execute remote comman... Fernando Munoz
02:55 PM Bug #3314: Traffic graph shows 2X the actual traffic on VLAN interfaces.
we'll re-evaluate for 2.2 Chris Buechler
08:33 AM Bug #3314: Traffic graph shows 2X the actual traffic on VLAN interfaces.
Well it is not something to be fixed for 2.1.1 since its an OS issue rather than pfSense collection one. Ermal Luçi
02:36 PM Bug #3461 (Resolved): XSS - package system
pkg parameter isn't encoded properly, it's possible to inject javascript code:
https://ip/pkg_mgr_install.php?mode... Fernando Munoz
02:31 PM Bug #3460 (Resolved): CSRF Protection - Package manager
The CSRF protection doesn't work on the package manager as it takes the parameters to install/uninstall/reinstall pac... Fernando Munoz
02:22 PM pfSense Packages Bug #3459 (Resolved): XSS - snort package
There is no output encoding for the logfile variable, which leads to two reflected XSS point in the file snort_log_vi... Fernando Munoz
02:18 PM Revision 2b2d0d54: Normally when an ip is set the interface comes up on BSD stacks. Though push this commit which Fixes #3281
Ermal LUÇI
02:18 PM Revision 11ad160e: Normally when an ip is set the interface comes up on BSD stacks. Though push this commit which Fixes #3281
Ermal LUÇI
02:18 PM Revision db9199d7: Whitespace fix
Ermal LUÇI
02:11 PM Revision acbab51a: Use htmlspecialchars(), a better solution for #2952
Renato Botelho
02:11 PM Revision a8495e50: Grab exec result just to be careful
Renato Botelho
02:11 PM Revision f458b2cb: Use htmlspecialchars(), a better solution for #2952
Renato Botelho
02:11 PM Revision e4a4ec89: Grab exec result just to be careful
Renato Botelho
02:06 PM Revision fb92e332: Put a kludge for now which Fixes #3280. It should be improved later on to have proper handling and overloading of configuration functions
Ermal LUÇI
02:03 PM Revision 6191b321: Put a kludge for now which Fixes #3280. It should be improved later on to have proper handling and overloading of configuration functions
Ermal LUÇI
01:41 PM Bug #3457 (Rejected): Regression of
Renato Botelho
01:30 PM Bug #3457 (Rejected): Regression of
Richard Connon
01:40 PM Bug #3250 (Feedback): problems with ixgbe driver in pfsense 2.1 release
Next build will be with previous drivers which are more stable. Ermal Luçi
01:22 PM Revision 8f642577: Merge pull request #921 from phil-davis/RELENG_2_1
Enhanced validation of general DNS servers and gateways Ermal Luçi
12:00 PM Revision cd5d6241: Enhanced validation of general DNS servers and gateways
Phil Davis
10:37 AM Revision e8b05b83: Consider setting of noconcurrent login for passthrough expiry of users. Fixes #3340
Ermal LUÇI
10:36 AM Revision bae729da: Consider setting of noconcurrent login for passthrough expiry of users. Fixes #3340
Ermal LUÇI
10:22 AM Revision 89c7a9c8: Some tweaking to handle when switching off dhcpv6.
Ermal LUÇI
09:59 AM Revision eae91304: Merge 10 -> 10.1 and 10.1 -> 10.2 function upgrade since the recent changes done on 2.1.1 for Ticket #3441
Ermal LUÇI
09:56 AM Revision ec96f17d: Provide upgrade code after changes done for Ticket #3441
Ermal LUÇI
09:48 AM Revision 378296af: Use descr as the field name for voucher description so it gets CDATA protection. Fixes #3441
Ermal LUÇI
09:48 AM Revision bd369bcf: Use descr as the field name for voucher description so it gets CDATA protection. Fixes #3441
Ermal LUÇI
09:34 AM Revision 2b76f145: Use the 11th column for the radius context rather than overriding the interim interval field with it. Fixes #3447
Ermal LUÇI
09:34 AM Revision 74a40221: Use the 11th column for the radius context rather than overriding the interim interval field with it. Fixes #3447
Ermal LUÇI
09:20 AM Bug #3421: dhcpv6 server Netboot/next-server causes dhcpv6 not to start, and reports an error message.
Applied in changeset commit:838e1f6342b42c52e21d11942e35561c25194c1d. Renato Botelho
09:20 AM Bug #3421 (Feedback): dhcpv6 server Netboot/next-server causes dhcpv6 not to start, and reports an error message.
Applied in changeset commit:bd942860594ecf3383ac39eb203ce3c73d4c59d2. Renato Botelho
08:20 AM Bug #3281: In certain cases, GRE interfaces are missing the "RUNNING" flag at bootup and will not function
Applied in changeset commit:2b2d0d545d01a9b21d4350908e73c6ce5b3e1d22. Ermal Luçi
08:20 AM Bug #3281: In certain cases, GRE interfaces are missing the "RUNNING" flag at bootup and will not function
Applied in changeset commit:11ad160eae8e9d4e17df6462a1975a36faa1abd8. Ermal Luçi
08:13 AM Bug #3281 (Feedback): In certain cases, GRE interfaces are missing the "RUNNING" flag at bootup and will not function
Ermal Luçi
08:10 AM Bug #3234 (Feedback): Captive Portal previously declared getNasIP()
Put this to feedback since the changes will be made when CP functions get merged as system functionality. Ermal Luçi
08:10 AM Bug #3280: Assigning GRE interface and configuring an IP address removes the IP from the underlying gre interface in the OS
Applied in changeset commit:fb92e33201d5572530c8cdaa75635b750a13a4db. Ermal Luçi
08:10 AM Bug #3280: Assigning GRE interface and configuring an IP address removes the IP from the underlying gre interface in the OS
Applied in changeset commit:6191b3215c4e10bfe98e196291c864fb1db3d233. Ermal Luçi
08:07 AM Bug #3280 (Feedback): Assigning GRE interface and configuring an IP address removes the IP from the underlying gre interface in the OS
Ermal Luçi
07:39 AM Revision 7a3f5120: Merge pull request #917 from phil-davis/master
Enhanced validation of general DNS servers and gateways Ermal Luçi
07:36 AM Revision e505af1b: Merge pull request #920 from N0YB/RELENG_2_1
XHTML Compliance Ermal Luçi
07:22 AM Revision 4c0c5365: XHTML Compliance
Filter Reload Status
Mark script as CDATA section to avoid expansion of the begin tag entity (&lt;). N0YB
04:56 AM pfSense Packages Feature #3456: ladvd (lldp/cdp/edp/ndp daemon)
A sample package xml (a bit different from my version: I had to prepare a local repository)... Andrea Tuccia
04:51 AM pfSense Packages Feature #3456 (Resolved): ladvd (lldp/cdp/edp/ndp daemon)
I wrote a simple webconfigurator script from scrath for ladvd (that I prefer over openlldp because it supports also c... Andrea Tuccia
04:40 AM Bug #3340: Captive Portal deletes concurrent sessions even if noconcurrentlogins is not set
Applied in changeset commit:e8b05b83ed12ae7f65021c14686826b5aac96e00. Ermal Luçi
04:40 AM Bug #3340 (Feedback): Captive Portal deletes concurrent sessions even if noconcurrentlogins is not set
Applied in changeset commit:bae729da39079601b262e805a34d3818c3b994dc. Ermal Luçi
04:34 AM Bug #2627: Old delegated prefixes are not removed from the LAN interface
Can you please confirm this happens with latest 2.1.1?
If yes can you post your config.xml? Ermal Luçi
04:23 AM Bug #829 (Feedback): WAN stays assigned to pppoe0 interface after switching type from PPPoE to Static
I cannot reproduce this.
And there is already code taking care of this since:... Ermal Luçi
03:59 AM Bug #3409 (Closed): IPv6 gif tunnel not working after reboot on PPPoE
This was related with issues of pfSctl which have been fixed since. Ermal Luçi
03:50 AM Bug #3441: Non-alphanumeric characters cause issues with Captive Portal
Applied in changeset commit:378296af776e28c47652fd1268708be73f5f19ad. Ermal Luçi
03:50 AM Bug #3441 (Feedback): Non-alphanumeric characters cause issues with Captive Portal
Applied in changeset commit:bd369bcfb4499cc91f7de090dbe67daefc635f64. Ermal Luçi
03:30 AM Bug #3447: pfSense 2.1 Captive Portal RADIUS Accouting records not sent to RADIUS Server
Applied in changeset commit:2b76f145e40e47d06c7441ae8a419aeae9cc811b. Ermal Luçi
03:30 AM Bug #3447 (Feedback): pfSense 2.1 Captive Portal RADIUS Accouting records not sent to RADIUS Server
Applied in changeset commit:74a40221d6ad7611bc6182aa506c5d6f5cee8edf. Ermal Luçi

02/16/2014

10:03 AM Bug #3455 (Closed): Selecting interfaces for DNS forwarder breaks auto-update
An interesting intersection of two features...
If the local DNS forwarder is the first DNS server pfSense queries (p... Adam Thompson
06:40 AM Bug #3447: pfSense 2.1 Captive Portal RADIUS Accouting records not sent to RADIUS Server
Changing to code in captiveportal_disconnect_client() to use column 9 was a bit of a fluke as that column just happen... Richard Gate

02/15/2014

11:12 PM Bug #3454 (Resolved): Acknowledge all notices is presented to users who do not have privilege
I have local users that are just for OpenVPN authentication. They just have access to the System: User Password page,... Phillip Davis
09:24 PM Revision 6aa8b0de: XHTML Compliance
Filter Reload Status N0YB
04:04 PM Revision df4471e2: Improve processing of DNS server changes
What a pain this was. The user can blank out a DNS server from a position in the middle of the list. e.g. they had al... Phil Davis
09:30 AM Revision 349fdb3c: Merge pull request #919 from N0YB/RELENG_2_1
XHTML Compliance Ermal Luçi
09:12 AM Feature #3453 (Duplicate): Management GUI (lighttpd) interface binding control
Add configuration option to allow/prevent lighttpd from binding to certain interfaces.
In a highly secure environm... Ted Lum
07:14 AM Revision 00537a6b: XHTML Compliance
System Logs Wireless Tab N0YB
07:11 AM Revision 37227fbc: XHTML Compliance
System Logs Routing Tab N0YB

02/14/2014

11:49 PM Bug #3384: NTPd should deny service if the packet spacing violates the lower limits specified in the discard command (CVE-2013-5211)
Having limited enabled by default is not appropriate, and it shouldn't be the case.
Having the option to turn it o... ky41083 -
06:02 PM Revision 0681f6df: Merge pull request #918 from N0YB/RELENG_2_1
XHTML Compliance Ermal Luçi
05:50 PM Revision fd889d72: XHTML Compliance
Status DHCPv6 Leases N0YB
05:04 PM Bug #3451: Pfsense 2.1 Captive Portal Proxy Transparent
That? Using authenticated proxy?
I think that and a failure of CP when transparent proxy Gilmar Cabral
11:52 AM Bug #3451 (Rejected): Pfsense 2.1 Captive Portal Proxy Transparent
there are options to work around that Chris Buechler
04:59 AM Bug #3451 (Rejected): Pfsense 2.1 Captive Portal Proxy Transparent
In pfsense 2.1 using captive portal voutcher with transparent proxy to set proxy desktop browser captive portal login... Gilmar Cabral
04:03 PM Revision bf4e62ac: Add a knob to let the user select which console (video or serial) is preferred in cases where there are multiple consoles present. Also provide a way to force this preference.
Jim Pingle
04:02 PM Bug #3421: dhcpv6 server Netboot/next-server causes dhcpv6 not to start, and reports an error message.
Agreed, I think the following was also required to make it work, as seen in the above dhcpv6.conf... Andrew Stuart
04:02 PM Revision 01c15762: Add a knob to let the user select which console (video or serial) is preferred in cases where there are multiple consoles present. Also provide a way to force this preference.
Jim Pingle
02:58 PM Revision 407fbf45: Add a mechanism by which the serial port can be forced on always regardless of the config setting. (useful for nano+vga setups)
Jim Pingle
02:58 PM Revision 9525f7a6: Add a mechanism by which the serial port can be forced on always regardless of the config setting. (useful for nano+vga setups)
Jim Pingle
01:19 PM Revision fe640345: Abort installation when pbi_add fails
Renato Botelho
12:40 PM Bug #2952: Unvalidated input during system_firmware_check.php
I'd advocate a more appropriate fix than addslashes() for this - slash-escaping is not sufficient to protect against ... Ian Gallagher
06:20 AM Bug #2952: Unvalidated input during system_firmware_check.php
Applied in changeset commit:d210dddff39462019bc9b349cb3322a92d88feca. Renato Botelho
06:20 AM Bug #2952 (Feedback): Unvalidated input during system_firmware_check.php
Applied in changeset commit:dbfa041c1024edf6836058147714cca89267f8f0. Renato Botelho
12:24 PM Revision d210dddf: Fix #2952, escape necessary chars to avoid xss injection
Renato Botelho
12:24 PM Revision 429f454d: Respect g['tmp_path']
Renato Botelho
12:24 PM Revision 5d56f235: Use https to get updates, it helps #2952
Renato Botelho
12:23 PM Revision dbfa041c: Fix #2952, escape necessary chars to avoid xss injection
Renato Botelho
12:23 PM Revision 5f1c154d: Respect g['tmp_path']
Renato Botelho
12:04 PM Revision 52acb1ff: Enhanced validation of general DNS servers and gateways
Phil Davis
10:19 AM Revision aea33635: Add https to update URLs and replace RELENG_8_3 by RELENG_10_0
Renato Botelho
09:33 AM Revision 7d437401: Merge pull request #916 from N0YB/RELENG_2_1
XHTML Compliance Renato Botelho
09:11 AM Revision d6e58836: XHTML Compliance
Status DHCP Leases N0YB
07:40 AM Revision bbec4947: Merge pull request #915 from N0YB/RELENG_2_1
XHTML Compliance Ermal Luçi
05:41 AM Revision 909a3e55: XHTML Compliance
Create an empty row in tbody if there are no log entries displayed. N0YB
05:19 AM Revision c5523ea6: XHTML Compliance
Create an empty row in tbody when there are no firewall log entries displayed. N0YB

02/13/2014

05:59 PM Bug #3450 (Rejected): DHCPv6 Lease Status shows no Leases
Viewing DHCPv6 Leases under the Status menu shows no active or configured leases, despite multiple devices on LAN hav... Rob Gormley
02:48 PM Feature #3448: add additional dyndns providers dyndns.fr, dyndnspro.com, dynamicdomain.net
Another one :)
duckdns.org:
https://www.duckdns.org/update?domains=exampledomain&token=<token>
More info: https:... Doktor Notor
10:38 AM Feature #3448: add additional dyndns providers dyndns.fr, dyndnspro.com, dynamicdomain.net
and there is also a forum request to add zonomi.com
https://forum.pfsense.org/index.php/topic,72326.0.html
so perha... Phillip Davis
09:13 AM Feature #3448 (Needs Patch): add additional dyndns providers dyndns.fr, dyndnspro.com, dynamicdomain.net
Please add dyndns.fr , dynamicdomain.net and dyndnspro.com in the dynamic dns (dyndns) dns
system.
Urls are :
... nabilion chan
11:49 AM Bug #3449 (Resolved): IE 8 does not respect disabled CIDR field when editing host alias, leading to filter ruleset syntax errors
IE8 on XP (pause for laughter) does not respect the JavaScript that disables the CIDR field when editing a host alias... Jim Pingle
11:32 AM Revision 6635f5b9: Abort installation when pbi_add fails
Renato Botelho
09:10 AM Bug #3287: RRD. No IPv6 data.
because that's the inside of the tunnel, your WAN graph is the outside. Chris Buechler
03:34 AM Bug #3287: RRD. No IPv6 data.
Chris Buechler wrote:
> not a bug, in that circumstance there is no v6 traffic on your WAN. It's all encapsulated in... Dmitriy K
07:42 AM Revision 8f38bc57: Merge pull request #913 from Aeyoun/string-max-connections-per-host-per-second
Change string to "Maximum new connections per host / per second(s)" Ermal Luçi
06:51 AM Bug #3447 (Resolved): pfSense 2.1 Captive Portal RADIUS Accouting records not sent to RADIUS Server
Code in /etc/inc/cativeportal.inc is referring to the wrong columns in the array returned by captiveportal_read_db().... Richard Gate
05:32 AM Bug #3446 (Closed): NTP server doesn't bind to assigned interfaces on automatic service restart after queriing his assigned master time server
Every morning my pfsense synchronizes with a master timeserver on the internet. The ntpd is taken down while synchron... Michael Noack

02/12/2014

11:10 PM Revision d5bdbe0c: Change string to "Maximum new connections per host / per second(s)"
Clarifying the setting's meaning.
As suggested by forum member "Senser" on
https://forum.pfsense.org/index.php/topic... Daniel Aleksandersen
02:08 PM Revision 25333e5a: Obsolete old ipsec tools files
Renato Botelho
02:05 PM Revision ff3d516f: Be specific on the authentication method to use since xauth-eap will be active as well
Ermal LUÇI
09:42 AM Revision ede14b23: Correct script path
Ermal LUÇI
09:41 AM Revision 6c576b27: Remove references to racoon and correct some handling of ipsec configuration
Ermal LUÇI
09:36 AM Revision ecc37958: Remove copy paste leftover
Ermal LUÇI
09:35 AM Revision 91287d1f: If specified add authentication script configuration to strongswan.conf
Ermal LUÇI
09:28 AM Revision fe63645d: Remove not used anymore parameters
Ermal LUÇI
09:13 AM Revision 2a3e3057: Teach script to read authentication servers from environment
Ermal LUÇI
04:53 AM Bug #3176: Hosts file corrupted when using "Register DHCP leases in DNS forwarder"
I'm seeing this too (on 2.0). While the corruption is happening, there are two /usr/local/sbin/dhcpleases processes r... Daniel Sheridan
02:20 AM Bug #3223: pfr_unroute_kentry: delete failed and freeze
Sorry i forget this story. But yes I have very very big tables in my setup where i have this trouble.
But i had some... xavier Lemaire

02/11/2014

11:43 PM Bug #3263: status_graph.php IP list is limited to interface subnet
I realized how to make the Filter: All and Remote options actually work again in 2.1.1. That code was committed a cou... Phillip Davis
06:48 PM Bug #3421: dhcpv6 server Netboot/next-server causes dhcpv6 not to start, and reports an error message.
FYI if you use ... Chris Buechler
05:47 PM Bug #3315 (Rejected): SNMP MIB-2 Strange TCP Stats
It works as it's supposed to. That's connections established by, or from, the firewall itself, not traffic through it... Chris Buechler
05:30 PM Bug #3432 (Feedback): PPPoE (WAN) reconnected, WAN does not updated
Chris Buechler
05:25 PM Bug #3333 (Feedback): usbusX devices show up as NICs.
this was confirmed fixed pre-2.1 release. Does your /boot/loader.conf file contain the following line? ... Chris Buechler
05:20 PM Bug #3384 (Feedback): NTPd should deny service if the packet spacing violates the lower limits specified in the discard command (CVE-2013-5211)
I believe we have adequate solutions in place here, and having discard enabled by default doesn't seem to be appropri... Chris Buechler
05:07 PM Bug #3312: Gateway on IPsec rules is not functional in pf
has this ever worked? Offhand I can't recall seeing anyone doing that. Chris Buechler
05:02 PM Bug #3200 (Feedback): IPv6 bugs
the third bullet point is the same cause as #3394. The fix for that might fix everything else you've noted here. Can ... Chris Buechler
04:59 PM Bug #3394 (Feedback): radvd wrongly binds to *:546 in some circumstances
Ermal committed a fix for this in dhcp6c that was causing radvd to inherit its socket. Chris Buechler
04:57 PM Bug #3287 (Rejected): RRD. No IPv6 data.
not a bug, in that circumstance there is no v6 traffic on your WAN. It's all encapsulated in v4 at that point. Chris Buechler
02:31 PM Revision 5833def1: Fix symlink calls adding full link name, it fixes issue reported at https://forum.pfsense.org/index.php/topic,72405.0.html
Renato Botelho
02:30 PM Revision 80d708de: Fix symlink calls adding full link name, it fixes issue reported at https://forum.pfsense.org/index.php/topic,72405.0.html
Renato Botelho
01:28 PM Bug #3444: IPv6 network alias input validation lacking
Yes, this works, thank you:... Brian Candler
02:54 AM Bug #3444 (Feedback): IPv6 network alias input validation lacking
Ermal Luçi
02:53 AM Bug #3444: IPv6 network alias input validation lacking
Fixed for 2.1 as part of commit:f188be51ae242a6de7f99b0c6206ec24d5296af4 Ermal Luçi
02:53 AM Bug #3444: IPv6 network alias input validation lacking
Fixed as part of ee41ab022d92cf7d0a1b75e1d85aca7162648292 Ermal Luçi
02:18 AM Bug #3444 (Resolved): IPv6 network alias input validation lacking
via Brian Candler on mailing list.
When creating a network alias which contains an IPv6 address, some additional ... Chris Buechler
01:13 PM Bug #3128: Active voucher status not restored from backup
To sum this up, I posted about the mess at the forum: https://forum.pfsense.org/index.php/topic,72418.0.html
Addit... Doktor Notor
12:11 PM Bug #3416 (Resolved): [PATCH] PPP/PPPoE link settings not shown
thanks Chris Buechler
12:08 PM Bug #3416: [PATCH] PPP/PPPoE link settings not shown
Fix was merged in 56e75b0. Thank you! Brian Candler
10:59 AM Revision 443ba8c9: Properly set the configuration here based on https://forum.pfsense.org/index.php/topic,68531.0.html
Ermal LUÇI
10:59 AM Revision 3442e353: Properly set the configuration here based on https://forum.pfsense.org/index.php/topic,68531.0.html
Ermal LUÇI
09:37 AM Revision f188be51: Catch a validation issue reported on the mailing list thread: IPv6 address data validation from: Brian Candler. It prevents putting a subnet in the address field since it then breaks the whole filter generation process
Ermal LUÇI
09:37 AM Revision ee41ab02: Catch a validation issue reported on the mailing list thread: IPv6 address data validation from: Brian Candler. It prevents putting a subnet in the address field since it then breaks the whole filter generation process
Ermal LUÇI
09:30 AM Revision 8c466abb: Make improvement to the check
Ermal LUÇI
09:28 AM Revision 6ce0e31c: When adding ip aliases on top of carp not in the subnet of the carp configured address but an ip alias of the real interface do not error out but accept this as a valid configuration.
Ermal LUÇI
08:53 AM Bug #3445 (Resolved): Proxy URL behaviour for package list - trailing slash
In the System -> Advanced -> Miscellaneous settings, where you enter the proxy URL, if you have a trailing slash then... Adrian James
08:21 AM Revision d53d17ee: Merge pull request #912 from phil-davis/master
Check for tmp captiveportal dir before making it Ermal Luçi
04:54 AM Bug #3443: run -- Ralink Technology USB
I am wrong, i tested it with the tow options "Yes"
and the driver loaded and worked fine untill i connect my self t... Muhammed Ismail
03:42 AM Bug #3443: run -- Ralink Technology USB
Mr.Chris as it is said in the FreeBSD Kernel Interfaces Manual
[[http://www.freebsd.org/cgi/man.cgi?query=run&apropo... Muhammed Ismail
02:16 AM Bug #3443 (Rejected): run -- Ralink Technology USB
The run driver is included. It appears it doesn't work with your card. Probably no solution to that until our 2.2 rel... Chris Buechler
01:09 AM Bug #3443 (Rejected): run -- Ralink Technology USB
*NAME*
run -- Ralink Technology USB IEEE 802.11a/g/n wireless network device
*SYNOPSIS*
To compile thi... Muhammed Ismail
03:05 AM Revision 6240ba7b: Check for tmp captiveportal dir before making it
In forum: https://forum.pfsense.org/index.php/topic,72483.0.html
Warning: mkdir(): File exists in /etc/inc/system.inc... Phil Davis

02/10/2014

08:16 PM pfSense Packages Bug #3442: Stunnel package $config issue?
If stunnel is technically designed as two sub=packages (stunnel and stunnel_certs) then the issue may be that on inst... Stilez y
08:10 PM pfSense Packages Bug #3442 (Closed): Stunnel package $config issue?
Pfsense 2.1.1beta, installed Stunnel, but any attempt to add either a first tunnel or a first cert consistently cause... Stilez y
06:55 PM Revision 83491ba5: Declare $config global so we can test the pkg_nochecksig option
Jim Pingle
06:32 PM Revision 51623673: Fixup pkg_nochecksig option
Jim Pingle
04:23 PM Revision 56e75b0b: Merge pull request #911 from candlerb/candlerb/3416
Fix for #3416 Ermal Luçi
04:03 PM Revision e0fc15d1: Fix for #3416
Correct javascript error which prevents PPP/PPPoE per-link settings from
being displayed (bandwidth, MTU, MRU, MRRU). Brian Candler
02:02 PM Bug #3353: Changing IPv6 from None to DHCP6 or vice-versa causes a panic+reboot
FYI: Still happens on a current build.
FreeBSD pfs22.local 10.0-RELEASE FreeBSD 10.0-RELEASE #0 d44ce30(releng/10.... Jim Pingle
11:16 AM Revision 5ba0cdf6: Merge pull request #910 from phil-davis/RELENG_2_1
Releng 2 1 Standardize LAN net display Ermal Luçi
11:06 AM Revision ad9f79d3: Standardise LAN net display
Phil Davis
11:02 AM Revision 2e769d69: Standardise LAN net display
Phil Davis
11:00 AM Revision 50e10c80: Standardise LAN net display
for 2.1.1 Phil Davis
10:54 AM Revision 6901d6af: Merge pull request #909 from phil-davis/RELENG_2_1
Releng 2 1 Return all stats when all or remote is selected on Traffic Graph Renato Botelho
10:45 AM Revision 54995d41: Reorder Traffic Graph filter options so Local is default
Phil Davis
10:43 AM Revision 188a4d55: Return all stats when all or remote is selected on Traffic Graph
and make the default query return "Local" traffic. Phil Davis
10:31 AM Revision 086191ba: Merge pull request #906 from phil-davis/master
Return and filter appropriately when all or remote is selected on Traffic Graph Renato Botelho
10:26 AM Revision 4b5554a8: Merge pull request #908 from N0YB/XHTML_Compliance_RRD_Graphs
XHTML Compliance - RRD Graphs Renato Botelho
03:21 AM Revision 18ed5f7d: XHTML Compliance - RRD Graphs
Close input tag N0YB

02/09/2014

06:23 PM Revision 5f242576: openvpn, allow for entering client user credentials in the WebGUI
Pi Ba
05:24 AM Revision fa6af314: Make Local the default filter for Traffic Graph
to preserve the previous standard behavior that shows "Local" when Traffic Graph starts. Phil Davis
05:21 AM Revision 737aef33: Make Local the default filter for Traffic Graph
to preserve the old behavior, that it shows "Local" traffic when first started. Phil Davis

02/08/2014

03:41 PM Revision 5177b583: Return all when all or remote is selected on Traffic Graph
Phil Davis
01:00 PM Revision 80f51429: Merge pull request #905 from N0YB/XHTML_Compliance_RRD_Graphs
XHTML Compliance - RRD Graphs Ermal Luçi
07:05 AM Revision c7a1d428: XHTML Compliance - RRD Graphs
N0YB
05:51 AM Feature #3426: NanoBSD shorter F1 boot prompt display
In pfsense-tools / builder_scripts / builder_common.sh, line #2202
@boot0cfg -B -b ${CLONEDIR}/${NANO_BOOTLOADER} ... Max Mustermann
02:01 AM Bug #3441: Non-alphanumeric characters cause issues with Captive Portal
Forgot the forum thread; see https://forum.pfsense.org/index.php?topic=51489.0 Doktor Notor
02:00 AM Bug #3441 (Resolved): Non-alphanumeric characters cause issues with Captive Portal
On trying to enter a message with diacritics (e.g. ěščřžýáíéúů) on a CP Zone - Vouchers - Invalid Voucher Message/Exp... Doktor Notor

02/07/2014

08:11 PM Revision d4603714: Replaced gethostbyname() with gethostbynamel() to get a list of all IPs associated with the dns name and add them to the allowed list
Francois Blanchette
05:55 PM Revision c1d59c7a: Enhance interface gateway data entry descriptions
Phillip Davis
05:54 PM Revision 6002c9be: Enhance interface gateway data entry descriptions
Phillip Davis
05:51 PM Revision b36aad25: Enhance interface gateway data entry descriptions
Phillip Davis
05:50 PM Revision 974fb32c: Enhance interface gateway data entry descriptions
Phillip Davis
05:48 PM Revision 657eabdf: Enhance interface gateway data entry descriptions
Phillip Davis
04:56 PM Revision 59c6e218: Add specific permission for easyrule.
Jim Pingle
04:55 PM Revision 949735aa: Add specific permission for easyrule.
Jim Pingle
04:47 PM Revision 9143aaf4: Remove this sort. It's unnecessary and causes problems when editing and saving privileges, it can reorder users and cause edits to the wrong account.
Jim Pingle
04:47 PM Revision b7ef3d17: Remove this sort. It's unnecessary and causes problems when editing and saving privileges, it can reorder users and cause edits to the wrong account.
Jim Pingle
02:55 PM Revision eb83317a: s/http/https/ for doc.pfsense.org
Chris Buechler
02:54 PM Revision 2fede2d9: s/http/https/ for doc.pfsense.org
Chris Buechler
12:41 PM Revision e5b5e29c: Add support for signed PBI, help ticket #3365:
- Add an option to allow user to accept unsigned packages
- The only missing part is public key, that needs to be add... Renato Botelho
11:06 AM Revision db58ccd0: Merge pull request #902 from phil-davis/master
Standardise LAN net display Ermal Luçi
10:03 AM Revision 447ad2f5: Standardise LAN net display
Phil Davis
09:58 AM Revision 33b1bc17: Standardise LAN net display
Phil Davis
09:54 AM Revision 04d270fe: Standardise LAN net display
On the main firewall rules multi-rule display it shows "LAN net" "WAN net" etc. But on the edit screen it shows "LAN ... Phil Davis
03:09 AM Bug #3438 (Resolved): Cannot restore recent configuration
Renato Botelho
01:55 AM Bug #3440: Aliases, Networks and the vanishing subnets inside of Google Chrome
I think that bug was introduced since 2.1-RELEASE and perhaps it is in that 2.1p1 NetGate version. It has since been ... Phillip Davis

02/06/2014

07:02 PM Revision d292bd8d: Fix test, allows restoring last backup in the list. Fixes #3438
Jim Pingle
07:00 PM Revision 8d112d7d: Fix test, allows restoring last backup in the list. Fixes #3438
Jim Pingle
06:33 PM Bug #3440 (Resolved): Aliases, Networks and the vanishing subnets inside of Google Chrome
When creating an Alias for a network in Google Chrome on OS X Mavericks I have the option of choosing a CIDR represen... Lane Campbell
04:19 PM Bug #3438: Cannot restore recent configuration
Thanks, works now. ;-) Doktor Notor
01:00 PM Bug #3438: Cannot restore recent configuration
Applied in changeset commit:d292bd8d60b1e01702b3654e8bb3ac8fd66c88e6. Jim Pingle
01:00 PM Bug #3438 (Feedback): Cannot restore recent configuration
Applied in changeset commit:8d112d7d51fd55e73a171615b9c075cd04a739d8. Jim Pingle
12:45 PM Bug #3438 (Resolved): Cannot restore recent configuration
... Doktor Notor
02:57 PM Bug #3422: Diagnostics > DNS lookup gives spurious results
OK, this patch is irrelevant in the light of commit e2ffc9d which replaces dig with drill. AFAICS, drill doesn't have... Brian Candler
04:09 AM Bug #3422: Diagnostics > DNS lookup gives spurious results
OK, so I have narrowed this down.
* If I set System > General Setup > DNS Servers to just 8.8.8.8 or 8.8.4.4, it w... Brian Candler
03:55 AM Bug #3422: Diagnostics > DNS lookup gives spurious results
Here you go - plain dig, dig asking for A, dig asking for AAAA. Of course, what's of interest is what's in the "ANSWE... Brian Candler
03:11 AM Bug #3422 (Feedback): Diagnostics > DNS lookup gives spurious results
can't replicate. What does the output of dig show for psg.com for you?
Chris Buechler
01:39 PM pfSense Packages Bug #3439 (Closed): TFTP - cannot start or restart from Status -> Services
TFTP package installs fine, and is started upon installation.
However, it cannot be restarted or started after sto... Eduard Rozenberg
12:37 PM Revision 7b5a22ab: Remove PBI scripts since it'll be installed dynamically by tools
Renato Botelho
11:53 AM Bug #3437 (Resolved): web redirector doesn't listen on IPv6 port 80
Minor issue: when you configure management to be HTTPS, the port 80 redirector only works on the IPv4 address and not... Brian Candler
11:49 AM Revision 496acde1: First swing at converting from racoon to StrongSWAN.
It allows to use existing configurations on xml to generate StrongSWAN configurations.
So its only IKEv1
* Missing s... Ermal LUÇI
09:36 AM Feature #3199: Option to accumulate or not IP addresses in Alias table of FQDNs
I don't see any reason to accumulate addresses at all. DNS A records for an FQDN return all valid addresses at once. ... Kurian Thampy
02:44 AM Bug #3436 (Resolved): Cannot save nut settings/enable nut (regression)
Renato Botelho

02/05/2014

06:53 PM Bug #3384: NTPd should deny service if the packet spacing violates the lower limits specified in the discard command (CVE-2013-5211)
No no, I get what you're saying, and I don't disagree with it at all in the correct scenario.
But the person who o... ky41083 -
05:04 PM Bug #3384: NTPd should deny service if the packet spacing violates the lower limits specified in the discard command (CVE-2013-5211)
Keith, this iburst stuff is suggested on ntp.org site, suggested on tons of distro-specific docs, default in lots of ... Doktor Notor
06:31 PM Bug #3436: Cannot save nut settings/enable nut (regression)
Apparently got way too messed up. I reimaged the box, applied the above patch, now both unbound and nut install prope... Doktor Notor
05:38 PM Bug #3436: Cannot save nut settings/enable nut (regression)
No, that did not work... Still heavily messed up:... Doktor Notor
05:00 PM Bug #3436: Cannot save nut settings/enable nut (regression)
Or you can apply this mannually and reinstall the packages: https://github.com/pfsense/pfsense/commit/dab351f359bb451... Renato Botelho
04:57 PM Bug #3436: Cannot save nut settings/enable nut (regression)
BTW, screwed unbound as well... and probably a whole lot more. :-( Doktor Notor
04:54 PM Bug #3436: Cannot save nut settings/enable nut (regression)
Try to reinstall package with tomorrow's snapshot and let me know if it's fixed or not. Renato Botelho
04:44 PM Bug #3436 (Resolved): Cannot save nut settings/enable nut (regression)
Cannot save nut setting no matter what.... Doktor Notor
02:30 PM Revision dab351f3: escapeshellarg() is not required here
Renato Botelho
02:29 PM Revision b3e1ccb5: escapeshellarg() is not required here
Renato Botelho
01:58 PM Revision 5293c5c7: Teach php-fpm about our required environment path
Warren Baker
01:50 PM Revision 275f4b5a: Revert "Set PATH before call pbi related binaries"
This was pushed by mistake
This reverts commit 4c9bda43f5bcfd5ba9812c84199bbe4f1f158960. Renato Botelho
12:59 PM Feature #2834: carp+pfsync: add ability to prefer one node as master
I just came to request the same thing. Although I was thinking of a simple check box that said subtrack instead of a... Robert Middleswarth
06:42 AM Feature #3435 (Rejected): aliases do not allow hyphen
Jim Pingle
06:42 AM Feature #3435: aliases do not allow hyphen
Alias names are not hostnames, they are pf macro names which may not contain hyphens. Jim Pingle
05:11 AM Feature #3435 (Rejected): aliases do not allow hyphen
When trying to add hostname foo-bar1 under Firewall > Aliases
"The following input errors were detected:
The al... Brian Candler

02/04/2014

10:31 PM Bug #3432: PPPoE (WAN) reconnected, WAN does not updated
Ok, looks like it was due reported via forums apinger bug
@
Feb 5 06:30:00 apinger: alarm canceled: WAN_PPPOE(21... Vladimir Suhhanov
08:39 PM Revision bc30d9c5: Silent recently added symlink() calls
Renato Botelho
08:38 PM Revision b3cbb077: Fix some wrong escapeshellarg() calls
Conflicts:
etc/inc/filter_log.inc
etc/inc/pkg-utils.inc Renato Botelho
08:32 PM Revision 38207029: Silent recently added symlink() calls
Renato Botelho
08:14 PM Revision 7b27b18b: Fix some wrong escapeshellarg() calls
Renato Botelho
07:50 PM Bug #3384: NTPd should deny service if the packet spacing violates the lower limits specified in the discard command (CVE-2013-5211)
Hey, that works. I was saying it seems like a lot from the standpoint of a *public* NTP server. Clearly if you have n... ky41083 -
07:26 AM Bug #3384: NTPd should deny service if the packet spacing violates the lower limits specified in the discard command (CVE-2013-5211)
_every 5 seconds OR twice in a row. Seems like a lot to me_
Uhm, not really a *lot* when iburst is used. (8 pack... Doktor Notor
07:07 PM Revision af7a8373: Simplify logic calling grep less times, as done on mail_reports.inc on 2c6efc9
Renato Botelho
07:06 PM Revision 7b7ad7f6: Simplify logic calling grep less times, as done on mail_reports.inc on 2c6efc9
Renato Botelho
07:02 PM Revision 4bdb08e3: Use unlink_if_exists or @unlink to avoid PHP errors when file doesn't exist
Conflicts:
usr/local/www/firewall_aliases_edit.php Renato Botelho
07:01 PM Revision 552f5a6a: Use unlink_if_exists or @unlink to avoid PHP errors when file doesn't exist
Renato Botelho
06:08 PM Revision 4b9011f5: Merge pull request #901 from Klaws--/patch-2
Added previously missing DSCP VA (requires kernel patch patch submitted ... Ermal Luçi
06:08 PM Revision 2517148e: Merge pull request #900 from Klaws--/patch-1
Added previously missing DSCP VA (requires kernel patch patch submitted ... Ermal Luçi
03:15 PM pfSense Packages Bug #3434 (Resolved): widentd
pfSense 2.1, 64bit, widentd 1.03_1
The 'Listening interface' selections don't work the way I expect. I'm testing f... lynn wilborn
02:47 PM Revision 1eb03024: Add escapeshellarg() calls on exec parameters. While I'm here, replace some exec() calls by php functions like symlink, copy, unlink, mkdir
Conflicts:
usr/local/www/diag_logs_vpn.php
usr/local/www/firewall_aliases_edit.php
usr/local/... Renato Botelho
02:43 PM Revision 46b12609: Add escapeshellarg() calls on exec parameters. While I'm here, replace some exec() calls by php functions like symlink, copy, unlink, mkdir
Conflicts:
etc/inc/filter_log.inc
etc/inc/interfaces.inc
etc/inc/pfsense-utils.inc
et... Renato Botelho
02:36 PM Revision 44f2ef9b: Fix an obvious typo on var name
Renato Botelho
02:36 PM Revision 0ae6d916: Use php function to get hostname instead of exec()
Renato Botelho
02:36 PM Revision 93e350f5: Add path for sysctl, also use -n param instead of awk
Renato Botelho
02:36 PM Revision 4dc89803: Simplify logic
Renato Botelho
02:35 PM Revision 645018b2: Use php function to get hostname instead of exec()
Renato Botelho
02:35 PM Revision 4744c6e4: Add {} between variables inside quotes
Renato Botelho
02:35 PM Revision 7ea30d60: Use php function to get hostname instead of exec()
Renato Botelho
02:35 PM Revision eda41792: Add {} between variables inside quotes
Renato Botelho
02:34 PM Revision d31ca336: Add escapeshellarg() calls on exec parameters. While I'm here, replace some exec() calls by php functions like symlink, copy, unlink, mkdir
Renato Botelho
02:34 PM Revision 39ed87e5: Fix an obvious typo on var name
Renato Botelho
02:34 PM Revision 873c1701: Add escapeshellarg() calls on exec parameters. While I'm here, replace some exec() calls by php functions like symlink, copy, unlink, mkdir
Renato Botelho
02:34 PM Revision 4f188f54: Use php function to get hostname instead of exec()
Renato Botelho
02:34 PM Revision 1d9b51c6: Add path for sysctl, also use -n param instead of awk
Renato Botelho
02:34 PM Revision 306f8556: Simplify logic
Renato Botelho
02:34 PM Revision f1777174: Use php function to get hostname instead of exec()
Renato Botelho
02:34 PM Revision 8340d956: Add {} between variables inside quotes
Renato Botelho
02:34 PM Revision e6867c81: Use php function to get hostname instead of exec()
Renato Botelho
02:34 PM Revision 3f4bd83b: Add {} between variables inside quotes
Renato Botelho
02:34 PM Revision 4c9bda43: Set PATH before call pbi related binaries
Renato Botelho
01:31 PM Revision 7962a55f: Added previously missing DSCP VA (requires kernel patch patch submitted by me)
Klaws--
01:30 PM Revision 28c49959: Added previously missing DSCP VA (requires kernel patch patch submitted by me)
Klaws--
10:33 AM Bug #3433 (Resolved): Case-sensitive detection of link local addresses
Trying to add a gateway address FE80::5:73FF:FEA0:2 (which is a Cisco HSRP address, copy-pasted directly from output ... Brian Candler

02/03/2014

10:44 PM Bug #3432 (Resolved): PPPoE (WAN) reconnected, WAN does not updated
I am connected to ISP via PPPoE with dynamic IP. WAN is configured as PPPoE and this configuration was working about ... Vladimir Suhhanov
08:50 PM Bug #3384: NTPd should deny service if the packet spacing violates the lower limits specified in the discard command (CVE-2013-5211)
The default values with the "limited" parameter specified only allow a client to NTP sync once every 5 seconds OR twi... ky41083 -
08:28 AM Bug #3384 (New): NTPd should deny service if the packet spacing violates the lower limits specified in the discard command (CVE-2013-5211)
Using limited as-is denies access to NTP clients, so this change is not viable. If you try to sync time against ntpd ... Jim Pingle
08:09 PM Bug #3431 (Closed): IPSec PSK Characters Error
My first report, hope everything is o.k. with it...
Using german Umlaute in the PSK like ö, ä, ü or ß leads on 2.1... The Buccaneer
02:35 PM Revision 2b8dfa4e: Using "limited" for ntp in this way denies client access. Issue #3384
Jim Pingle
02:34 PM Revision ca79de53: Using "limited" for ntp in this way denies client access. Issue #3384
Jim Pingle
11:17 AM Revision cf3189ff: Merge pull request #897 from N0YB/RELENG_2_1
XHTML Compliance - Status: System logs: Firewall Renato Botelho
09:23 AM Feature #1477: IGMPPROXY spamming the main systemlog
If you make a pull request in GitHub it makes it really easy for the devs to take a look and commit the fix. Phillip Davis
01:31 AM Bug #3429: Modify anti-lockout pf rule to use "no state"
May I ask why? I have been running those filter rules (for SSH) for several years on an OpenBSD gateway without any p... Anonymous
 

Also available in: Atom