Activity

30 days up to

User

Subprojects

Activity

From 08/01/2014 to 08/30/2014

08/30/2014

04:38 PM Revision 990162e3: Remove some redundancy and simplify changes made on last commit: Renato Botelho
04:38 PM Revision a03fb095: Remove some redundancy and simplify changes made on last commit: Renato Botelho
02:38 PM Bug #3841: WebGUI 'help' menu displays beneath 'System', blocking system menu choices. regression in 2.1.5: We did test it quite a lot, but we don't have a copy of every Linux distro out there to test against. It worked fine ... Jim Pingle
12:00 PM Bug #3841: WebGUI 'help' menu displays beneath 'System', blocking system menu choices. regression in 2.1.5: Tahoma missing is NOT a Linux issue. You must be kidding. The Tahoma font is not freely licensed in the first place. ... Doktor Notor
12:45 PM Bug #3330: Load Balancer showing wrong Status when using aliases for the port: I confirm that this is the case in the latest version (2.1.5).
Also there seems to be something wrong with monitor... Daniel Onisoru
05:33 AM pfSense Packages Bug #3838 (Rejected): Suricata loses all settings after pfsense upgrade: Renato Botelho
12:30 AM pfSense Packages Bug #3838: Suricata loses all settings after pfsense upgrade: Thanks, I was unaware that this package re-installation behavior happens on upgrades. That setting was indeed off. (I... Cool Fire

08/29/2014

09:01 PM Revision ce3ef2e7: Replace GET by POST, it fixes #3833: Renato Botelho
09:00 PM Revision 7c9710fc: Replace GET by POST, it fixes #3833: Renato Botelho
08:52 PM Revision 2412990a: Fix comment in css: Renato Botelho
08:26 PM Revision 2b56c7da: Hide FreeBSD version from sshd banner. It fixes #3840: Renato Botelho
08:13 PM Revision 729ca302: Hide FreeBSD version from sshd banner. It fixes #3840: Renato Botelho
06:34 PM pfSense Packages Bug #3838: Suricata loses all settings after pfsense upgrade: Should not have happened. Did you verify that you had "_Keep Settings on Deinstall_" checked on the GLOBAL SETTINGS ... Bill Meeks
01:31 PM pfSense Packages Bug #3838 (Rejected): Suricata loses all settings after pfsense upgrade: Updating from 2.1.4-RELEASE (i386) to 2.1.5-RELEASE (i386) caused all suricata configuration to be lost. It's unknown... Cool Fire
06:28 PM pfSense Packages Bug #3839: Suricata resolve host pop up broken after upgarde: This is due to an improvement in security around the DNS Diagnostics page in pfSense. An updated Suricata package is... Bill Meeks
01:37 PM pfSense Packages Bug #3839 (Resolved): Suricata resolve host pop up broken after upgarde: Updating from 2.1.4-RELEASE (i386) to 2.1.5-RELEASE (i386) broke the 'Resolve host via reverse DNS quick pop-up. Cool Fire
05:41 PM Revision 7486c1f6: Do not reconfigure dhcpd twice on secondary after config sync. Fixes #3797: Renato Botelho
05:30 PM Revision 85b3c597: Do not reconfigure dhcpd twice on secondary after config sync. Fixes #3797: Renato Botelho
04:20 PM Bug #3833: DHCP "release" action can be triggered via GET, should only be via POST: Applied in changeset commit:ce3ef2e7c97c1781ed87567a563127d52869b59e. Renato Botelho
04:20 PM Bug #3833 (Feedback): DHCP "release" action can be triggered via GET, should only be via POST: Applied in changeset commit:7c9710fca5508e7fde82e56a9980173eae958c15. Renato Botelho
08:49 AM Bug #3833 (Resolved): DHCP "release" action can be triggered via GET, should only be via POST: Actions on Status > Interfaces such as DHCP release/renew and PPP disconnect/connect happen via GET links that appear... Jim Pingle
03:52 PM Bug #3841: WebGUI 'help' menu displays beneath 'System', blocking system menu choices. regression in 2.1.5: Same thing happens in Google's Chromium browser as Mozilla's Firefox on Xubuntu Long Term Support v 14.04 'Trusty'. ... Harry Coin
02:59 PM Bug #3841 (Rejected): WebGUI 'help' menu displays beneath 'System', blocking system menu choices. regression in 2.1.5: Please see the other existing (closed) tickets and forum threads. It's almost always a browser cache issue but occasi... Jim Pingle
02:48 PM Bug #3841 (Rejected): WebGUI 'help' menu displays beneath 'System', blocking system menu choices. regression in 2.1.5: Note the attached screenshot. With the addition of the 'Gold' menu item, the 'Help' menu item is displayed beneath t... Harry Coin
03:30 PM Bug #3840: Disable (or give the option to disable) the OS addition to the SSH daemon banner: Applied in changeset commit:2b56c7da667daaba0e34720138e105de7f7bf7e5. Renato Botelho
03:20 PM Bug #3840 (Feedback): Disable (or give the option to disable) the OS addition to the SSH daemon banner: Applied in changeset commit:729ca302e389f63e0bc3432f57424123312f3e63. Renato Botelho
02:33 PM Bug #3840 (Resolved): Disable (or give the option to disable) the OS addition to the SSH daemon banner: By default ssh on FreeBSD adds a VersionAddendum of the FreeBSD version in use. It would be best to hide that to avoi... Jim Pingle
01:31 PM Bug #3837 (Rejected): Menu item 'Help' dropped under 'System' because of 'Gold' option.: Answered multiple times on the forum, other tickets, and the mailing list. Clear your cache. Jim Pingle
01:28 PM Bug #3837 (Rejected): Menu item 'Help' dropped under 'System' because of 'Gold' option.: The Help menu item is pushed down onto the next line because there's not enough space on the menu row since the Gold ... Cool Fire
01:13 PM Bug #3836 (Resolved): field redirect target port must be quit in a specific way to keep conntent: When in
* @Firewall: NAT: Port Forward: Edit@
and trying to add/edit a rule, the value in the @Redirect target p... Stefan Beckers
01:09 PM Revision 985ed11c: Merge pull request #1258 from yarick123/master: Renato Botelho
12:50 PM Bug #3797: DHCP server restarted multiple times on secondary after config sync: Applied in changeset commit:7486c1f6c1951435b98d30b0533496065c826f9b. Renato Botelho
12:50 PM Bug #3797 (Feedback): DHCP server restarted multiple times on secondary after config sync: Applied in changeset commit:85b3c597865c13cc7c6253332936ac266c74f164. Renato Botelho
12:47 PM Bug #3835: System Menu Item in the Web Interface is inaccessible using Firefox after "Gold" Menu Item has been added: Many Thanks Jim P - Apologies for not figuring this out for myself. Can dles
12:38 PM Bug #3835 (Rejected): System Menu Item in the Web Interface is inaccessible using Firefox after "Gold" Menu Item has been added: There was a change to the pfSense GUI CSS files and menu during the update to pfSense 2.1.5, and your browser has lik... Jim Pingle
12:35 PM Bug #3835 (Rejected): System Menu Item in the Web Interface is inaccessible using Firefox after "Gold" Menu Item has been added: It appears in the administration GUI starts a new line after the addition of a *> Gold* menu item, but this only appe... Can dles
10:57 AM Bug #3834 (Rejected): dnsmasq isnt working anymore since upgrade to 2.1.5: Hi,
i cant lookup www.google.com or other external DNS since i upgrade my System to 2.1.5.... Florian Asche
10:36 AM pfSense Packages Bug #3816: Bump FreeRADIUS to fix libssl version mismatch error: Same problem with a freshly updated 2.1.5 AMD64 install:... Anonymous
08:00 AM Bug #3830 (Rejected): My friend scanned my network for open ports and even though I don't have a rule for ports 525,853, 48976-49127 but activity on my network was picked up...: You can start a thread on the forum to discuss, but there likely isn't a bug here. Those ports could have been opened... Jim Pingle
03:58 AM Bug #3830: My friend scanned my network for open ports and even though I don't have a rule for ports 525,853, 48976-49127 but activity on my network was picked up...: I scanned 99.250.154.21 using Nmap.
result: All ports are filtered, none are open (thus OK) jeroen van breedam
05:50 AM Feature #3832 (New): change default update URL to https: Renato Botelho
05:43 AM Feature #3832: change default update URL to https: could it be the http-link in
https://updates.pfsense.org/manifest J. Haupt.
05:39 AM Feature #3832: change default update URL to https: i've got the same setting in globals.inc, still it shows a http-link at the update-settings and a tcpdump while downl... J. Haupt.
05:22 AM Feature #3832 (Rejected): change default update URL to https: Default update URL points to https as you can see at:
https://github.com/pfsense/pfsense/blob/RELENG_2_1/etc/inc/g... Renato Botelho
05:09 AM Feature #3832 (Resolved): change default update URL to https: the default update URL used in my pfsense 2.1.4-RELEASE (i386) is
http://updates.pfsense.org/_updaters
why not ... J. Haupt.
04:58 AM Bug #2585 (Resolved): FreeDNS.afraid.org DDNS client sends in clear text: Renato Botelho
04:11 AM Bug #2585: FreeDNS.afraid.org DDNS client sends in clear text: With the fix "Use HTTPS for dyndns providers that support it " included in the 2.1.5 release, this bug can be conside... Anonymous
12:57 AM Bug #3831: VPN PPTP, RADIUS issued IPs and secondary RADIUS server: Forgot to mention. Checked this behaviour on 2.1.4-release and 2.2-ALPHA (20 Aug 2014). Vyachelav B
12:55 AM Bug #3831 (Closed): VPN PPTP, RADIUS issued IPs and secondary RADIUS server: I have two AD DC with NAP role installed (RADIUS) and two pfSense gateways (CARP configuration). We use VPN PPTP conn... Vyachelav B

08/28/2014

10:29 PM Bug #3830 (Rejected): My friend scanned my network for open ports and even though I don't have a rule for ports 525,853, 48976-49127 but activity on my network was picked up...: ugh this might be a severe problem so I'll do my best to explain and the problem can be replicated on v2.1.4 only.
... James Morgan
04:59 PM Bug #3778 (Resolved): Destination port range not displayed when it's an associated NAT rule and "other" ports: Renato Botelho
04:45 PM Bug #3778: Destination port range not displayed when it's an associated NAT rule and "other" ports: Found the problem. I renamed the old file to firewall_rules_edit.js.bak but didn't realize that both script files wou... Patrik Lundquist
03:42 PM Bug #3829 (Resolved): Widget Firewall: Reverse Resolve with DNS Issues: The widget Firewall has issues with Reverse Resolve with DNS. When you click on an ip under the Destination column, t... M Skenderian
02:49 PM Bug #3828 (Rejected): 2.1.5 update blocks system tab on webconfig w/ Firefox 31: Be sure to clear your browser cache after any firmware update, or reload the page using Ctrl-F5 or Shift-click Reload. Jim Pingle
02:46 PM Bug #3828: 2.1.5 update blocks system tab on webconfig w/ Firefox 31: Close bug. Restart webconfig fixed. Eric S
02:43 PM Bug #3828 (Rejected): 2.1.5 update blocks system tab on webconfig w/ Firefox 31: The system tab on webconfiguration is blocked. The 2.1.5 update put the help tab directly under it. Which makes the s... Eric S
11:48 AM Revision b0473447: Merge pull request #1261 from CharlieMarshall/improveInter: Renato Botelho
11:38 AM Revision dd574822: Remove blank line if only an ipv6 address is in use: CharlieMarshall
11:32 AM Revision 56d23722: Fix match for help pages privileges, it fixes #3777: Renato Botelho
10:40 AM Revision 552e8f5c: Merge pull request #1268 from CharlieMarshall/gatewayWidget: Renato Botelho
09:41 AM Revision bd9c9cb1: improve/tidy up interfaces widget: CharlieMarshall
06:50 AM Bug #3777 (Feedback): User with "WebCfg - Help pages " permission listed first gets a bogus redirect: Applied in changeset commit:56d237224ffcc565115814b8e25e70e1031684a1. Renato Botelho

08/27/2014

10:42 PM Revision 2b7fb769: Do not use regex to check filetype to avoid being wrong since . is a regex metachar. It fixes #3817: Renato Botelho
05:50 PM Bug #3817 (Feedback): Missing call to preg_quote at pkg-utils.inc:295: Applied in changeset commit:2b7fb76995905f0c91b39d95e49831da67d86cb0. Renato Botelho
01:43 PM Bug #3192 (Resolved): Multiple periodic resets scheduled for WAN interface: Renato Botelho
01:41 PM Bug #3153 (Resolved): Captive Portal Status Select List Inop with Vouchers: Renato Botelho
01:41 PM Bug #2893 (Resolved): Add extTable to SNMPd or change sysDescr.: Renato Botelho
01:40 PM Bug #2813 (Resolved): Diagnostics: S.M.A.R.T. Monitor Tools: Renato Botelho
01:39 PM Bug #2729 (Resolved): UserManager has no indication that an account has an authorized_keys key defined: Renato Botelho
01:35 PM Bug #1085 (Resolved): Status: Load Balancer: Virtual Server fails to display a correct status for «some» "virtual server" names: Renato Botelho
01:34 PM Bug #808 (Resolved): PHP Shell - $config doesn't work but $GLOBALS["config"] does.: Renato Botelho
01:31 PM Bug #3569 (Resolved): pkg_edit.php jquery 'add' and 'delete' action scrolls page to top.: Renato Botelho
01:31 PM Bug #3166 (Resolved): status_services.php:starts services 2-3 times;: Renato Botelho
01:30 PM Bug #2970 (Resolved): Codel algorithm for ALTQ/Dummynet?: Renato Botelho
01:30 PM Bug #2679 (Resolved): PHP warnings in diag_states_summary.php: Renato Botelho
01:25 PM Bug #3646 (Resolved): Selected firewall rules nolonger highlighted: Renato Botelho
01:24 PM Bug #3778: Destination port range not displayed when it's an associated NAT rule and "other" ports: Patrik Lundquist wrote:
> I copied the updated firewall_rules_edit.js to /usr/local/www/javascript/firewall_rules_ed... Renato Botelho
01:23 PM Bug #3820 (Resolved): Interface mismatch dialog terminology prompts to click "Save" when the button says "Apply changes": Renato Botelho
01:19 PM Bug #3821 (Resolved): Include L2TP Sequence Fix: Renato Botelho
08:38 AM Bug #3692: apinger loss % gets stuck: Sorry. This was happening in 2.1.3 and after an upgrade to 2.1.4 it is still happening. Sam E
08:37 AM Bug #3692: apinger loss % gets stuck: I have one location that consistently has this problem if you need us to help you test something. Since the packet l... Sam E

08/26/2014

11:41 PM Revision d47fac4a: fix typo: Chris Buechler
08:42 PM Revision ae14317d: Merge pull request #1255 from leleobhz/master: Renato Botelho
10:34 AM Revision 81ca5f88: Fix indent whitespaces: Renato Botelho
05:31 AM pfSense Packages Bug #3816 (New): Bump FreeRADIUS to fix libssl version mismatch error: Renato Botelho
02:54 AM pfSense Packages Bug #3816: Bump FreeRADIUS to fix libssl version mismatch error: Does not seem to be fixed for 2.2 AMD64 though, please see here:
https://forum.pfsense.org/index.php?topic=79436.msg... Anonymous
05:25 AM Bug #3827 (Rejected): Missing maxlength parameter in firewall_aliases_edit.php: Restore function only copy config.xml file to the correct place and reboot the system. Your xml is broken, maybe manu... Renato Botelho
02:31 AM Bug #3827: Missing maxlength parameter in firewall_aliases_edit.php: Sorry I didn't have the full info, the aliases were actually created via an XML import and are named like this : clie... Julien Le Goff

08/25/2014

09:51 PM Revision 6f3f4683: Fix phase2 removal, p2index points to unique ide and not to array index: Renato Botelho
05:33 PM Revision ab6558b6: Alias name cannot have more than 31 chars, add maxlength here just as an extra check. Ticket #3827: Renato Botelho
05:33 PM Revision eab05c00: Alias name cannot have more than 31 chars, add maxlength here just as an extra check. Ticket #3827: Renato Botelho
05:21 PM Revision 3877b513: improve look of gateways widget: CharlieMarshall
03:31 PM Revision d5971693: Fix #3807:: * When changing a pre existing VIP, use previous configured interface
for checking, this fixes the issue that happe... Renato Botelho
02:08 PM Revision cbeeb6d4: Merge pull request #1267 from CharlieMarshall/fixTrafficGraph: Renato Botelho
01:27 PM Revision 35774aec: fix display of traffic graph: CharlieMarshall
12:36 PM Revision 96a53ec7: Remove 'reject' action from filter logs since reject and block are the same on logs, it should fix #3825: Renato Botelho
12:29 PM Bug #3827: Missing maxlength parameter in firewall_aliases_edit.php: Could you share the name you tried to add? I couldn't reproduce it. Renato Botelho
12:13 PM Bug #3827 (Rejected): Missing maxlength parameter in firewall_aliases_edit.php: Seen on 2.1.4, when creating an alias with a name longer than 31 chars, the following notice appears :
[ There we... Julien Le Goff
10:50 AM Bug #3807 (Feedback): Unable to edit existing Virtual IPs: Applied in changeset commit:d59716931f6d6b0387a39de3df2422c0410d99eb. Renato Botelho
10:22 AM Revision 4219c7b2: Merge pull request #1265 from CharlieMarshall/switch: Renato Botelho
10:14 AM Revision 6d631b8e: move if/else to switch for readability: CharlieMarshall
07:50 AM Bug #3825 (Feedback): Rejected traffic shown as blocked in firewall log: Applied in changeset commit:96a53ec7a9694e93dfab9304db0c89af8c091265. Renato Botelho

08/24/2014

12:43 PM Bug #3801: Captive Portal on 2.2 does not pass through logged-in users: To have furtherly tested, IPFW rules containing tables are never matched. Same rules with IP address are matched.
... Gregory Poudrel

08/23/2014

07:29 PM Bug #3791: Alias->URL Table (IPs): [[https://forums.freebsd.org/viewtopic.php?t=45879]]
Seems this is corrected but after looking at this, and seeing... Bill Crowder
02:43 AM Bug #3814: Multiple devices with same MAC, each assigned DHCP-IP-add & a limiter queue: Thanks Chris for the clarification,
initially i thought so as well for this to a problem in the wireless bridge(TL-W... Ashfaq Ali
01:48 AM Bug #3713 (Resolved): Gateways missing for OpenVPN server (shared key or /30s): Chris Buechler

08/22/2014

11:53 PM Revision 8430c546: fix typo: Chris Buechler
11:39 PM Feature #2302 (Resolved): Uploaded Layer 7 patterns not saved in config, backed up, or synced: Chris Buechler
11:38 PM Bug #2514 (Resolved): static routes for monitor IPs should be removed: Chris Buechler
11:33 PM Bug #3629 (Resolved): URL alias update process hangs waiting for lock: Chris Buechler
11:31 PM Feature #3362 (Resolved): Add a means to reset CP HTML/Error Page/Logout Page to default: Chris Buechler
11:31 PM Bug #3401 (Resolved): Openvpn Server IPV4 generating attribute TUN-IPV6 this right?: Chris Buechler
11:29 PM Bug #3611 (Resolved): DHCP relay to a server behind the gateway does not work: Chris Buechler
11:29 PM Feature #3341 (Resolved): Add a means for reverting GUI auth backend to Local Database from the console: Chris Buechler
11:27 PM Bug #3619 (Resolved): ipfw/dummynet not always loaded when required in 2.2: Chris Buechler
11:26 PM Bug #3700 (Resolved): pfctl: illegal option -- G: Chris Buechler
11:26 PM Bug #3644 (Resolved): rc.expireaccounts expires every expired account every time it runs: Chris Buechler
09:50 PM Bug #3826 (Resolved): 2.2 diag_ipsec.php issues: Couple issues with diag_ipsec.php.
1) always shows NAT-T - shows NAT-T for seemingly all IPsec connections. A bas... Chris Buechler
07:06 PM Bug #2706 (Resolved): Padlock may need some adjustments for FreeBSD 10.x: Chris Buechler
06:42 PM Bug #3665 (New): IPsec tunnel description not displayed on status output: This apparently regressed since then, the description is currently shown as "(730)" where 'ipsec status' output shows... Chris Buechler
06:35 PM Bug #3417 (Resolved): racoon crashes after mobile xauth login with fourth DNS server configured: Chris Buechler
06:34 PM Bug #2125 (Resolved): Update Package XML for FreeBSD 10.x: Chris Buechler
06:34 PM Bug #3654 (Resolved): Outbound IPsec rules do not exclude WAN subnet: confirmed working (rules don't exclude, patch works) Chris Buechler
06:21 PM Feature #2501 (Resolved): Add no-sync option for firewall rules: Chris Buechler
06:18 PM Bug #3663 (Resolved): Filter parser does not display ICMP log messages: Chris Buechler
06:17 PM Bug #3664 (New): "IPsec" not displayed in firewall log interface column: Updating to current status. Firewall logs now show a blank interface for IPsec. Chris Buechler
06:12 PM Bug #3785 (Resolved): strongswan config being generated with ike SA lifetime set to value of ipsec SA lifetime: Chris Buechler
06:07 PM Bug #3781 (Resolved): strongswan dpdtimeout value not generated correctly: Chris Buechler
03:52 PM Bug #3825 (Resolved): Rejected traffic shown as blocked in firewall log: The firewall log only detects blocked or passed traffic, and IIRC always has. In 2.1x versions, the filtering options... Chris Buechler
03:12 PM Revision 2cff71c4: Take virtual IPs into consideration for automatic outbound NAT rules, it should now fix #983: Renato Botelho
02:17 PM pfSense Packages Bug #3804 (Rejected): Captive Portal Hard Timeout Pfsense 2.1.4: not true. Please post to the forum or list for assistance. Chris Buechler
02:15 PM Bug #3814 (Rejected): Multiple devices with same MAC, each assigned DHCP-IP-add & a limiter queue: There isn't a bug here, your wireless bridge is doing MAC translation, so you have to disable MAC filtering. Everythi... Chris Buechler
01:53 PM Revision a94b9bef: pgrep parameters are out of order and it also needs -a to find sshd. While I'm here, simplify sh syntax and prevent noise to be printed if pid file doesn't exist: Renato Botelho
01:53 PM Revision 8c366060: pgrep parameters are out of order and it also needs -a to find sshd. While I'm here, simplify sh syntax and prevent noise to be printed if pid file doesn't exist: Renato Botelho
01:20 PM Bug #3824: Limiters on bridge break traffic outside locally-configured IP subnets: Thanks, I was thinking there was something similar out there but couldn't find anything. Looks like it, yeah. Though ... Chris Buechler
11:18 AM Bug #3824: Limiters on bridge break traffic outside locally-configured IP subnets: This might be the same root cause as #1634 Jim Pingle
10:53 AM Bug #3824 (Confirmed): Limiters on bridge break traffic outside locally-configured IP subnets: Take the scenario:
LAN (IP: none) bridged to WAN (management IP on 192.168.1.10/24, gateway 1.1), where the syste... Chris Buechler
12:28 PM Revision b075c1e2: delete the dhcpd.pid file before starting dhcpd. Fixes bug where on rare occasions a stale PID file could prevent dhcpd from starting until it's manually deleted.: Chris Buechler
12:26 PM Revision a762649b: delete the dhcpd.pid file before starting dhcpd. Fixes bug where on rare occasions a stale PID file could prevent dhcpd from starting until it's manually deleted.: Chris Buechler
11:28 AM Revision 61b2ed1c: use pgrep here instead, previous way could wrongly show SSH as enabled where it isn't.: Chris Buechler
11:27 AM Revision b6a7a5a9: use pgrep here instead, previous way could wrongly show SSH as enabled where it isn't.: Chris Buechler
10:44 AM Bug #3655 (Resolved): 127.0.0.1 shouldn't be used in resolv.conf if dnsmasq not binding there: Chris Buechler
10:43 AM Bug #3689 (Resolved): Filter logs Input Validation Failure: Chris Buechler
10:42 AM Todo #3338 (Resolved): Update racoon.conf "remote" syntax: Chris Buechler
10:42 AM Bug #3712 (Resolved): missing protocols in NAT edit page: can't or don't want to NAT or rdr the ones that aren't listed. Chris Buechler
10:41 AM Bug #3648 (Resolved): Filter logs broken on amd64, working on i386: Chris Buechler
10:40 AM Bug #3757 (Resolved): Minicron process inexplicaly terminated: Chris Buechler
10:39 AM Bug #3773 (Resolved): Can't add an IP alias on lo0 through the web GUI in 2.2: works Chris Buechler
10:32 AM Bug #3807: Unable to edit existing Virtual IPs: In addition to the problem as described here, it's also impossible to change the interface on a VIP on 2.2 because of... Chris Buechler
10:20 AM Feature #983: Improve/Enhance IP Alias VIP handling in GUI: Applied in changeset commit:2cff71c43a646075dea76bf269c3e4a1eabcbbf5. Renato Botelho
12:08 AM Bug #3823: diag_ipsec.php fails with PSK+Xauth mobile client connected: I'm not sure exactly when this started happening, but it was sometime within the past ~10 days roughly. The page load... Chris Buechler

08/21/2014

11:57 PM Bug #3823 (Resolved): diag_ipsec.php fails with PSK+Xauth mobile client connected: When loading diag_ipsec.php with a PSK+Xauth mobile client connected, the page only shows: ... Chris Buechler
10:46 PM Bug #3822: 2.2 boot hangs at "Synchronizing user settings": should be easy to replicate with that config file. Appears to happen at every boot. I end up having to ctrl-c out of ... Chris Buechler
10:35 PM Bug #3822: 2.2 boot hangs at "Synchronizing user settings": config file is redmine-3822.xml under projects/ticket-configs/ Chris Buechler
10:34 PM Bug #3822 (Resolved): 2.2 boot hangs at "Synchronizing user settings": I mentioned this issue on IRC roughly 2 weeks ago and someone said it was a known issue being worked on (don't recall... Chris Buechler
08:02 PM Bug #3819: Firewall Rule Basics documentation dangerously misleading: For your convenience, here's the diff:
https://doc.pfsense.org/index.php?title=Firewall_Rule_Basics&diff=5937&oldi... badon _
08:02 PM Bug #3819: Firewall Rule Basics documentation dangerously misleading: The phrase you changed it to is this one:
"Where no user-configured firewall rules match, traffic is denied."
T... badon _
05:05 AM Bug #3819 (Resolved): Firewall Rule Basics documentation dangerously misleading: You were reading it wrong, it didn't claim no traffic would be passed, it stated traffic not matching any firewall ru... Chris Buechler
06:39 PM Bug #3813 (Resolved): DNS Server override with PPPoE doesn't work in 2.2: Chris Buechler
03:29 PM Bug #3821: Include L2TP Sequence Fix: I pushed the patch to 2.1 repo, it's going to be fixed on 2.1.5 Renato Botelho
02:47 PM Bug #3821: Include L2TP Sequence Fix: Seems to be fixed in 2.2-SNAPSHOT
Thanks! Bianco Veigel
01:18 PM Bug #3821 (Feedback): Include L2TP Sequence Fix: Please re-test with a 2.2 snapshot, which may already include that fix.
This would not be added to a 2.1.x release... Jim Pingle
01:11 PM Bug #3821 (Resolved): Include L2TP Sequence Fix: I've hit the following Kernel BUG with my multiwan L2TP Tunnel:
http://svnweb.freebsd.org/base?view=revision&revis... Bianco Veigel
02:16 PM Feature #983: Improve/Enhance IP Alias VIP handling in GUI: The test vm I used for this test was reset to factory defaults some time after, but I have tried to reproduse it usin... Trond Vindenes
09:49 AM Feature #983: Improve/Enhance IP Alias VIP handling in GUI: Trond Vindenes wrote:
> I might have misunderstood the whole pass-by-reference-thing, but as I said, if I understood... Renato Botelho
10:32 AM Revision 7f00d47e: Fix text description for interface mismatch, fixes #3820: Renato Botelho
10:31 AM Revision 0b252f7a: Fix text description for interface mismatch, fixes #3820: Renato Botelho
09:23 AM Bug #3182 (Feedback): VMware vmxnet interfaces are not detected as VLAN capable: It looks correct on 2.2 snapshots Renato Botelho
05:50 AM Bug #3820: Interface mismatch dialog terminology prompts to click "Save" when the button says "Apply changes": Applied in changeset commit:7f00d47e3d386fdc9485e559b5ca1f813041a010. Renato Botelho
05:50 AM Bug #3820 (Feedback): Interface mismatch dialog terminology prompts to click "Save" when the button says "Apply changes": Applied in changeset commit:0b252f7a3aa31037789a7a03b8c5bbafbeb653ad. Renato Botelho
12:02 AM Bug #3820: Interface mismatch dialog terminology prompts to click "Save" when the button says "Apply changes": Note that this type of problem has a greater negative effect if someone is using machine translation on the page (alt... badon _
03:52 AM Bug #3745 (Resolved): VLANs are not ALTQ capable on 2.2 (missing patches?): Renato Botelho

08/20/2014

11:59 PM Bug #3745: VLANs are not ALTQ capable on 2.2 (missing patches?): Yep, that did it. Updated to amd64-20140820-1305 and I can now have VLANs and traffic shaping working at the same ti... Kirk Lane
08:04 AM Bug #3745 (Feedback): VLANs are not ALTQ capable on 2.2 (missing patches?): Yup sorry the patch was not being included in the builds.
Try next coming snapshots.
Ermal Luçi
11:58 PM Bug #3820 (Resolved): Interface mismatch dialog terminology prompts to click "Save" when the button says "Apply changes": When restoring a configuration backup to a machine with slightly different interfaces, a dialog prompts the user to a... badon _
11:41 PM Revision 2a07df85: Merge branch 'RELENG_2_1' of git.pfmechanics.com:pfsense/pfsense into RELENG_2_1: Jared Dillard
11:39 PM Revision 41312f7f: fix top nav to fit gold in non-default themes: Jared Dillard
11:23 PM Bug #3819 (Resolved): Firewall Rule Basics documentation dangerously misleading: On this page:
https://doc.pfsense.org/index.php/Firewall_Rule_Basics
It says:
"The default on all interfaces... badon _
06:40 PM Revision fab1cd2f: Revert "improve/tidy up interfaces widget": I pushed it accidentally, will wait a fixed version of the patch
This reverts commit b75192e3bc851e80d6bfd33c12849db... Renato Botelho
06:26 PM Revision 821c82c4: Merge pull request #1259 from CharlieMarshall/improveInter: Renato Botelho
06:18 PM Revision b75192e3: improve/tidy up interfaces widget: CharlieMarshall
05:18 PM Revision f950a062: Add missing s to solve the issue reported on https://forum.pfsense.org/index.php?topic=80722.new#new: Ermal LUÇI
12:50 PM Revision c38764dc: fix #3515: Dmitriy K.
11:40 AM Revision 847fe304: Remove extra noise from rc.shutdown: Renato Botelho
11:14 AM Revision db63c043: Simplify a bit ppp-linkup syntax: Renato Botelho
11:00 AM Revision fe85513f: Fix awk syntax, it fixes #3813: Renato Botelho
08:37 AM Bug #3813: DNS Server override with PPPoE doesn't work in 2.2: Installed latest snapshot, works fine now. Thanks! Dirk Best
06:20 AM Bug #3813 (Feedback): DNS Server override with PPPoE doesn't work in 2.2: Applied in changeset commit:fe85513ffa0d4bd018bf5a725fc66a016c3cf5c7. Renato Botelho
08:07 AM Bug #2984: IPSec adds route but isn't needed any more: The fix for this will not be applied in 2.2 due to high impact on how things are done.
Strongswan can add the rout... Ermal Luçi
08:06 AM Bug #3297 (Closed): IPsec log parsing code does not skip disabled Phase 1 entries: I do not think this is an issue anymore!
Since the connection name is in the logs. Ermal Luçi
08:03 AM Bug #3770 (Feedback): Some drivers not being built with altq support: Patch has been committed that fixes the following cards:
- em
- igb
- ixgbe
- ixv
- oce
- sfxge
- virtio/vtnet... Ermal Luçi
04:31 AM Bug #3818 (Resolved): Gateway status terminology is inconsistent when it is "pending" or "unknown": On the dashboard Gateways widget a status of "unknown" will be shown, typically when a gateway is disconnected.
On... badon _

08/19/2014

07:00 PM pfSense Packages Bug #3816 (Feedback): Bump FreeRADIUS to fix libssl version mismatch error: Applied in changeset commit:1e946032ba3ce12b0ee676fbd339a5311a889cb7. Renato Botelho
10:11 AM pfSense Packages Bug #3816 (Resolved): Bump FreeRADIUS to fix libssl version mismatch error: When running radiusd -xX:... Steve Thomas
06:33 PM Revision fa8be5de: non-css parts of gold menu: Matthew Smith
06:32 PM Revision bfe9c9e7: Move the fetching of a package's config file and additional files to separate functions, and then have the "xml" package button perform these so that it is not only a redundant copy of the "pkg" reinstall button. This can help ensure a package files are in a known-good state before other actions are performed, in case the deinstall would fail or behave erratically due to other files being missing.: Jim Pingle
05:59 PM Revision bdde98fc: fix spacing in pfsense_ng topnav: Jared Dillard
05:35 PM Revision e0f10116: fix gold alignment and redirect: Jared Dillard
05:31 PM Bug #3817 (Resolved): Missing call to preg_quote at pkg-utils.inc:295: Hello,
While diagnosing an obscure error with haproxy-devel package, I've found that if a package contains a file ... Pablo Ruiz
04:12 PM Revision 1cca6b6a: Revert "make gold link more visable": This reverts commit a03943d203441a87ea9c01f383d451dfc921bdd2. Jared Dillard
02:32 PM Bug #3810 (Rejected): Checking "Mitigate the BEAST SSL Attack" box actually disables mitigation: I tested 2.1.4, 2.1.5 (pending), and 2.2. All reported BEAST vulnerable with the box unchecked, and all reported as N... Jim Pingle
01:38 PM Bug #2625 (Rejected): Inconsistent behavior with Alias info popup: Not a bug, it's how dom_tt velcro tooltips work Renato Botelho
12:29 PM Bug #1107: mpd on AMD64 generates invalid checksums with NAT: I'm also affected by this Issue.
I'm using a multilink L2TP Tunnel to bond my two V-DSL Lines, so I guess it's a b... Bianco Veigel
12:15 PM Bug #3597: Package reinstall on system upgrades needs some fallback handling: Jim Thompson wrote:
> need status if this is going to make 2.2 (if it's not in BETA, it's not going in)
This requ... Renato Botelho
12:12 PM Bug #3597: Package reinstall on system upgrades needs some fallback handling: Chris Buechler wrote:
> Definitely some improvements to be made here.
>
> One that'd go a long way is before doi... Renato Botelho
09:09 AM Bug #3815: Gateway monitoring broken: That is, 2.1.4-release, to be exact. Tobias Wolter
09:08 AM Bug #3815: Gateway monitoring broken: + Affected version is head. Tobias Wolter
08:17 AM Bug #3815 (Resolved): Gateway monitoring broken: Cheers,
Gateway monitoring seems utterly broken ATM. We get barrages of log messages along these lines:... Tobias Wolter
06:43 AM Bug #3814 (Rejected): Multiple devices with same MAC, each assigned DHCP-IP-add & a limiter queue: Hi,
recently while trying to create a hotsopt i end up with the following problem. a related thread in forums is at... Ashfaq Ali
05:28 AM Todo #3795 (Feedback): Update hostapd to support 802.11n: IEEE80211N option is disabled by default, I pushed a patch to enable it, next round of snapshots will have the new bi... Renato Botelho
04:10 AM Bug #3813: DNS Server override with PPPoE doesn't work in 2.2: I can confirm this. Have 2 Wans one PPPoE and other PPP happens in the two. Raul Ramos
02:54 AM Bug #3813 (Resolved): DNS Server override with PPPoE doesn't work in 2.2: I'm using a DSL modem connected using PPPoE and the DNS servers aren't getting updated even though the option "Allow ... Dirk Best
02:02 AM Bug #3808: Disabled OpenVPN tunnel cause network port disappear after reboot: Well if you are running out of physical interface you can't re-assign. The only solution is to enable the tunnel (or ... Damien Flament
12:13 AM Revision a03943d2: make gold link more visable: Jared Dillard

08/18/2014

10:58 PM Bug #3800: Disable source port rewriting - Auto created rule LAN to WAN missing?: Once done with attachment, please delete it. It has my IP. Johnny Good
10:56 PM Bug #3800: Disable source port rewriting - Auto created rule LAN to WAN missing?: I'm still not seeing "LAN to WAN"
Please see attached. Johnny Good
09:15 PM Revision 9694d32c: Do this check now that hash algos can be empty: Ermal LUÇI
08:33 PM Revision 17402c63: Correct the ipsec status pages to show proper information as needed.: Ermal LUÇI
08:13 PM Revision 5bce82b4: Correct processing and assignment on ikeid variable so it does the right thing: Ermal LUÇI
07:53 PM Revision 30c591d6: Use proper path to setkey now that ipsec-tools are not used anymore: Ermal LUÇI
07:51 PM Revision fe12d7ea: Correct the functions for returning tunnel status to use strongswan status reports: Ermal LUÇI
07:18 PM Revision c650b2f7: Allow HASH algorithms to be empty for phase2 in case the encryption one is AES-GCM: Ermal LUÇI
06:17 PM Bug #3808: Disabled OpenVPN tunnel cause network port disappear after reboot: not sure this can really be considered a bug, it's more like "I yanked a NIC out of my system and now my interface as... Chris Buechler
02:34 PM Revision c28da0a7: Add filter.so to list of extensions loaded for 2.2: Matthew Smith
10:25 AM Revision ae170e96: Do not allow duplicate subnet entries on left|rightsubnet specification since it will blackhole all traffic to that subnet when connection is setup as route: Ermal LUÇI
10:18 AM Revision 5d37d515: Do not accept proposal out of that configured even for IKEv2 even though there is no possibility in the GUI to set more than one proposal for Phase1 so far.: Ermal LUÇI
07:25 AM Bug #3597: Package reinstall on system upgrades needs some fallback handling: need status if this is going to make 2.2 (if it's not in BETA, it's not going in)
Jim Thompson
07:24 AM Feature #3410: Patch: Add Apple Open Directory memberUid support in group lookup: I'm going to push this to 2.3 unless something happens in the next week on this request. Jim Thompson
07:13 AM Bug #3747: Route uses wrong interface (lo0) when tun local and remote are the same: Greg B wrote:
> Sorry to ask a novice question in an issue/ticket, but is there a link to the code checkin that rela... Renato Botelho
06:09 AM Bug #3747: Route uses wrong interface (lo0) when tun local and remote are the same: Greg B wrote:
> Sorry to ask a novice question in an issue/ticket, but is there a link to the code checkin that rela... Renato Botelho
06:52 AM Revision 3b68ec45: Restore behaviour as with racoon to trigger tunnel startup from traffic that needs to go into the tunnel. Even related to Ticket #3806.: Ermal LUÇI
05:48 AM Bug #3812 (Resolved): IPSec validation should prevent phase2 policies(subnets) to include remote peer on it: It would be nice to have validation of phase2 subnets to not include the remote peer of ipsec phase1 to avoid loops a... Ermal Luçi
04:38 AM Bug #3811 (Closed): IP aliases on CARP w/IPsec getting mixed up on addition of a new VLAN.: Hi there,
I've got a pair of boxes running pfSense 2.1.3-RELEASE in a CARP cluster.
The boxes are identical, wi... Mike Jones
03:17 AM Bug #3810 (Rejected): Checking "Mitigate the BEAST SSL Attack" box actually disables mitigation: In the System: Advanced: Admin Access tab, checking the box for "Mitigate the BEAST SSL Attack" actually makes the in... The Matt
02:04 AM Bug #3809: IPsec Save Xauth Password no longer work: I will put this here so it can be tracked.
https://lists.strongswan.org/pipermail/users/2013-February/004305.html Ermal Luçi
01:51 AM Bug #3769 (Feedback): Only the first phase 2 entry is used when multiple entries are present for an IPsec tunnel in 2.2: This has been resolved since at least 12 days or more.
Can yo uplease try again with latest snapshot? Ermal Luçi
01:50 AM Feature #3806 (Feedback): Strongswan and CARP, initiator options: Can you update to latest snapshots and test! Ermal Luçi
01:50 AM Bug #3785 (Feedback): strongswan config being generated with ike SA lifetime set to value of ipsec SA lifetime: Ermal Luçi

08/17/2014

04:24 AM Bug #3737: Incoming VLAN traffic fails to reach VLAN interface if PCP not 0: So can this be pushed in the 802.1Q patch?
I confirm that it solves the problem. Clement Barnier

08/16/2014

10:20 PM Bug #3745: VLANs are not ALTQ capable on 2.2 (missing patches?): Just updated a pfSense 2.1 box to 2.2 (amd64-20140816-1530 for the specific snapshot) and I'm getting this error too ... Kirk Lane
07:29 AM Bug #3809 (Resolved): IPsec Save Xauth Password no longer work: The option to allow clients to save Xauth passwords in mobile client is not working (tested with iPhone) Damien Flament
07:07 AM Bug #3808 (Resolved): Disabled OpenVPN tunnel cause network port disappear after reboot: Disabled OpenVPN tunnel cause network port disappear after reboot.
To reproduce the issue:
- Create an OpenVPN tunn... Damien Flament
06:16 AM Bug #3350 (Resolved): Disabling and enabling VLAN leaves VLAN interface missing: Renato Botelho
05:58 AM Bug #3350: Disabling and enabling VLAN leaves VLAN interface missing: I can confirm that this is resolved. I followed the procedure given in the description to replicate the issue, the vl... Trond Vindenes
06:16 AM Bug #3714 (Resolved): Session cookie inconsistent behavior when switching GUI protocols: Renato Botelho
06:04 AM Bug #3714: Session cookie inconsistent behavior when switching GUI protocols: Using "2.2-ALPHA (amd64) built on Fri Aug 15 14:31:24 CDT 2014". I can confirm that this now works as expected. After... Trond Vindenes
04:18 AM Bug #3807: Unable to edit existing Virtual IPs: When I change the actual IP address on the CARP IP, it works. Does not create a new one, it alters the existing. Trond Vindenes
04:16 AM Bug #3807 (Resolved): Unable to edit existing Virtual IPs: Using "2.2-ALPHA (amd64) built on Fri Aug 15 14:31:24 CDT 2014".
Simple "High Avail. Sync" setup with two CARP IPs... Trond Vindenes
04:10 AM Feature #3522: Option to set CARP interfaces to 'maintenance mode', persisting through a reboot so the primary machines stays as backup/inactive: Tried to change skew from 0 to 1, but I might have detected a new bug. I'm unable to change a CARP IP after it has be... Trond Vindenes
03:58 AM Feature #3522: Option to set CARP interfaces to 'maintenance mode', persisting through a reboot so the primary machines stays as backup/inactive: Ok, so to 'fix' the behavior, give master a skew of 1 , slave will sync to 101, and everything will work as it is sup... Pi Ba
02:23 AM Feature #3522: Option to set CARP interfaces to 'maintenance mode', persisting through a reboot so the primary machines stays as backup/inactive: I used the default adskew that pfSense configured the CARP interface with. Master has skew 0, slave has 100. Trond Vindenes
03:50 AM Bug #3773: Can't add an IP alias on lo0 through the web GUI in 2.2: Using "2.2-ALPHA (amd64) built on Fri Aug 15 06:03:40 CDT 2014".
Works fine adding an IP Alias on the localhost inte... Trond Vindenes
12:11 AM Bug #3747: Route uses wrong interface (lo0) when tun local and remote are the same: Sorry to ask a novice question in an issue/ticket, but is there a link to the code checkin that relates to this candi... Greg B

08/15/2014

06:53 PM Bug #2882: 6RD not working in latest snapshots: Hi guys,
I just gave the latest (built on Thu Aug 14 10:06:14) snap a try and it looks like 6RD still isn't workin... Will Wainwright
06:05 PM Bug #3747 (Resolved): Route uses wrong interface (lo0) when tun local and remote are the same: Renato Botelho
06:01 AM Bug #3747 (Feedback): Route uses wrong interface (lo0) when tun local and remote are the same: Patch put on pfSense module to not set netmask to 0 on interfaces. Ermal Luçi
04:47 PM Feature #3522: Option to set CARP interfaces to 'maintenance mode', persisting through a reboot so the primary machines stays as backup/inactive: what advskew do you use.? with 0 i noted an issue as commented in the 851 pull-request. "One strange thing is that se... Pi Ba
04:33 PM Feature #3522: Option to set CARP interfaces to 'maintenance mode', persisting through a reboot so the primary machines stays as backup/inactive: Using "2.2-ALPHA (amd64) built on Fri Aug 15 14:31:24 CDT 2014".
When the master exits persistent carp maintenance m... Trond Vindenes
02:39 PM Bug #3674 (Resolved): Subnet options do not activate on manual outbound NAT rule edit page: Renato Botelho
01:50 PM Bug #3674: Subnet options do not activate on manual outbound NAT rule edit page: Using "2.2-ALPHA (amd64) built on Fri Aug 15 06:03:40 CDT 2014". The subnet options appear when selecting "Other Subn... Trond Vindenes
01:41 PM Revision 8bb47a46: Do not show errors from trying to delete a socket or similar: Ermal LUÇI
01:17 PM Feature #3806 (Resolved): Strongswan and CARP, initiator options: Putting this in a ticket so it isn't forgotten:
Currently strongswan attempts to initiate, which may not play well... Jim Pingle
12:41 PM Revision bc0a452f: Ensure this is always an array to avoid a PHP error from foreach.: Jim Pingle
12:41 PM Bug #3750 (Resolved): Console auto login is not setup properly on upgrade from 2.1.4 to 2.2: Renato Botelho
12:31 PM Bug #3750: Console auto login is not setup properly on upgrade from 2.1.4 to 2.2: When upgrading from 2.1.4 to "2.2-ALPHA (amd64) built on Fri Aug 15 06:03:40 CDT 2014", console auto login is not a p... Trond Vindenes
12:40 PM Revision 086e76dc: Ensure this is always an array to avoid a PHP error from foreach.: Jim Pingle
12:37 PM Bug #3800 (Resolved): Disable source port rewriting - Auto created rule LAN to WAN missing?: Renato Botelho
12:14 PM Bug #3800: Disable source port rewriting - Auto created rule LAN to WAN missing?: Tested on "2.2-ALPHA (amd64) built on Fri Aug 15 06:03:40 CDT 2014". The description on the autogenerated rules for O... Trond Vindenes
07:14 AM Feature #1938 (Resolved): Filter messages broken into multiple syslog messages: This has been implemented on 2.2 for a while now with the new log daemon/format and it is working well. Jim Pingle
07:13 AM Feature #1938: Filter messages broken into multiple syslog messages: If you need assistance, please use the forum or mailing list. This system is not for support. Jim Pingle
07:10 AM Feature #1938: Filter messages broken into multiple syslog messages: How do I import/patching with this file pf-log-oneline-option.diff ?
Iam new in to pfsense have not seen any patc... Michael Jansson

08/14/2014

08:05 PM Revision 6d170e2e: Bump version to 2.1.5: Renato Botelho
06:17 PM Bug #3369: Captive vouchers expire too quickly: Every time this issue occur, I find the following in the "Portal Auth" log:... maz nos
03:28 PM Feature #983: Improve/Enhance IP Alias VIP handling in GUI: I might have misunderstood the whole pass-by-reference-thing, but as I said, if I understood the solution correctly, ... Trond Vindenes
02:53 PM Feature #983: Improve/Enhance IP Alias VIP handling in GUI: The added code uses pass-by-reference. Which could be why this doesn't work, if I understand the issue and resolution... Trond Vindenes
02:15 PM Bug #3621 (Resolved): Editing an IPsec Phase 1 creates a new Phase 1 instead: Renato Botelho
02:14 PM Bug #3621: Editing an IPsec Phase 1 creates a new Phase 1 instead: Tested on "2.2-ALPHA (amd64) built on Thu Aug 14 06:56:40 CDT 2014"
1. Created a phase1 and phase2 entry.
2. Edit... Trond Vindenes
02:15 PM Feature #3792: Group name size limit too restrictive on Active Directory Users: Well, to tell you the truth i mistakenly thought that Active Directory support was possible in the policies itself, i... Francisco Leon
02:15 PM Bug #3650 (Resolved): IP aliases are configured even when an interface is disabled: Renato Botelho
02:09 PM Bug #3650: IP aliases are configured even when an interface is disabled: Tested on "2.2-ALPHA (amd64) built on Thu Aug 14 06:56:40 CDT 2014"
1. Added some IP aliases to an OPT-interface.
... Trond Vindenes
02:02 PM Bug #3680 (Resolved): disabling an interface which is part of an interface group puts another (arbitrary) interface into the group instead: Renato Botelho
02:00 PM Bug #3680: disabling an interface which is part of an interface group puts another (arbitrary) interface into the group instead: Tested on "2.2-ALPHA (amd64) built on Thu Aug 14 06:56:40 CDT 2014".
1. Created an interface group.
2. Disabled on... Trond Vindenes
01:50 PM Todo #3715 (Resolved): Change default serial speed to 115200: Renato Botelho
01:39 PM Todo #3715: Change default serial speed to 115200: Tested with pfSense-2.2-DEVELOPMENT-4g-amd64-nanobsd-20140814-0656.img.gz, 115200 is now the default setting on a new... Trond Vindenes
01:50 PM Bug #3712: missing protocols in NAT edit page: Checked on "2.2-ALPHA (amd64) built on Thu Aug 14 06:56:40 CDT 2014". NAT port forward rules is missing the protocols... Trond Vindenes
01:50 PM Bug #3749 (Resolved): Upgrade from 2.1.4 to 2.2 does not automatically reboot: Renato Botelho
01:04 PM Bug #3749: Upgrade from 2.1.4 to 2.2 does not automatically reboot: Tested upgrade of both 32bit and 64bit full installation 2.1.4 to todays latest snapshots:
32bit: Thu Aug 14 10:06:1... Trond Vindenes
09:55 AM pfSense Packages Bug #3805 (Rejected): enable-http-violation are not compiled in Squid: Output in the latest Squid package under 2.1.4-RELEASE shows:
/usr/local/sbin/squid -v
Squid Cache: Version 2.7.S... Nikolay Stoyanov
09:30 AM pfSense Packages Bug #3804 (Rejected): Captive Portal Hard Timeout Pfsense 2.1.4: Hard timeout value does not work 660 minutes Gilmar Cabral
08:36 AM pfSense Packages Bug #3803 (Resolved): Install ntopng on pfsense 64bit have error.: Fix pushed, check again in 30 minutes or so Jim Pingle
02:50 AM pfSense Packages Bug #3803 (Resolved): Install ntopng on pfsense 64bit have error.: Hello,
When I want install ntopng.It's get error message.
could not download from there or http://files.pfsense.org... akong wu
05:14 AM Revision 154298f1: rightsourceip must be used with PSK+Xauth.: Chris Buechler
04:59 AM Revision 7f1b720f: This is required for PSK+Xauth. I'll commit that clarification in a bit.: Revert "Revert "Fix assignment of tunnel IPs to mobile clients.""
This reverts commit 23ba08fc940b711f3b44551199890d... Chris Buechler
12:18 AM Revision 3cb773da: cherry pic from 'hotfix/3347-Certificate_Authority_SAN_names_not_working':: bugfix #3347: Certificate Authority SAN names not working in 2.1
subjectAltName can be set _only_ via configuration ... Yaroslav Sokolov

08/10/2014

06:25 PM Bug #3800 (Resolved): Disable source port rewriting - Auto created rule LAN to WAN missing?: Here's my original post https://forum.pfsense.org/index.php?topic=80326.new;topicseen#new in case it does not get see... Johnny Good
08:15 AM Bug #3791: Alias->URL Table (IPs): After looking around further creating an Alias of URLS in a URL_table(IPs) then creating Floating rules based on thes... Bill Crowder

08/09/2014

08:38 AM Bug #3799 (Resolved): dhcp6 logging goes to system log instead of dhcp log: I noticed the dhcp6 service logs data to the main system log instead of the dhcp log tab. I've added dhcp6 to line 58... Cino .
02:51 AM Bug #3784: Cannot enter hostname with a dot: How is "server.sub" considered a FQDN?
It's funny how we can do exactly the same thing if we use dynamic ip, yet i... Daniel Platt

08/08/2014

10:20 PM Revision a3331d72: Fix #3798 - 'IPsec phase 2 pinghost is not used if the source IP should be a virtual IP address': Matthew Smith
10:09 PM Revision dc63467f: Fix #3798 - 'IPsec phase 2 pinghost is not used if the source IP should be a virtual IP address': Matthew Smith
05:30 PM Bug #3798: IPsec phase 2 pinghost is not used if the source IP should be a virtual IP address: Applied in changeset commit:a3331d720c120a8d34d9c44a915ea070e424191d. Matthew Smith
05:30 PM Bug #3798 (Feedback): IPsec phase 2 pinghost is not used if the source IP should be a virtual IP address: Applied in changeset commit:dc63467f3f8910f9cad7be877274ce939fb7ec4f. Matthew Smith
04:58 PM Bug #3798 (Resolved): IPsec phase 2 pinghost is not used if the source IP should be a virtual IP address: Amazon VPC provides a /30 to use as "tunnel inside addresses". They are addresses that can be configured on the VPN e... Matthew Smith
04:56 PM Bug #3784 (Rejected): Cannot enter hostname with a dot: The input validation is correct. Hostname must not be a FQDN there. Chris Buechler
04:36 PM Revision ffb8e02f: Avoid generating an invalid racoon config if the user specified a mobile pool that is too small.: Jim Pingle
04:24 PM Revision 762e8cf9: Avoid a "Cannot use string offset as an array" error if the packages section of the config is missing.: Jim Pingle
04:22 PM Revision b21ad5d5: Avoid a "Cannot use string offset as an array" error if the packages section of the config is missing.: Jim Pingle
03:33 PM Revision b6513591: Require click-through POST confirmation when restoring or deleting a configuation from the backup history page.: Jim Pingle
03:22 PM Revision 889c83d7: Require click-through POST confirmation when restoring or deleting a configuation from the backup history page.: Jim Pingle
02:36 PM Revision ed2a6e89: Do not execute DNS resolution on GET, only pre-fill Host box so the user can press the button to execute. Turn alias creation links into submit buttons for POST. While here, remove some backticks and simplify a little.: Jim Pingle
02:26 PM Revision 8108b423: Remove javascript alert DNS resolution action from the firewall log view. It was already removed from 2.2, and it's better not to allow a GET action to perform that action.: Jim Pingle
02:21 PM Revision a9d6ac9a: Do not execute on GET, only pre-fill Host box so the user can press the button to execute. Turn alias creation links into submit buttons for POST. While here, remove some backticks and simplify a little.: Jim Pingle
01:40 PM Revision bf8aab82: Correct this so the dpdaction is created properly as restart: Ermal LUÇI
01:27 PM Bug #3369: Captive vouchers expire too quickly: I might found what is the reason behind force expire the active vouchers
in my case it is started exactly after I ch... maz nos
10:45 AM Bug #3369: Captive vouchers expire too quickly: I am facing same issue today
pfsense 2.1.3-RELEASE maz nos
06:32 AM Bug #3797 (Resolved): DHCP server restarted multiple times on secondary after config sync: dhcpd is restarted twice on the secondary system after every config sync. In at least some circumstance (ticket MPG-5... Chris Buechler
05:04 AM Revision 6f4a300b: Shorten the wait at "reload" in startup wizard to 5 seconds from 60. That's more than adequate for current systems, no need to make people sit there for 1 minute. Many likely click out via the logo and miss the last screen entirely.: Chris Buechler
05:02 AM Revision 67067ea3: Shorten the wait at "reload" in startup wizard to 5 seconds from 60. That's more than adequate for current systems, no need to make people sit there for 1 minute. Many likely click out via the logo and miss the last screen entirely.: Chris Buechler
01:13 AM Bug #3796 (Confirmed): States summary fails and is very slow with large state tables: One of the scenarios where the states summary would be most useful is when you have a large number of states, in help... Chris Buechler

08/07/2014

08:53 PM Revision 9f6a5b50: Do a reload on the cofniguration which is better than update. Also let the keyingtries to 3 rather than forever to avoid problems on recovery.: Ermal LUÇI
06:53 PM Revision 0b5fc1d1: Change the logic of the vpn config generation to make connectivity more stable especially ipsec. Also for IKEv1 just generate the policies and only on traffic start them.: Ermal LUÇI
03:52 PM Revision b31a2c76: Move the rekey to yes always to avoid issues.: Ermal LUÇI
03:09 PM Todo #3795 (Resolved): Update hostapd to support 802.11n: Please update hostapd to a recent version (current = v2.2). This way it can take advantage of the wireless-n support ... Martin Schurink
08:46 AM Bug #3785: strongswan config being generated with ike SA lifetime set to value of ipsec SA lifetime: I believe it was actually this change that caused the lifetime to be set to 0. https://github.com/pfsense/pfsense/com... Matthew Smith
03:24 AM Bug #3785: strongswan config being generated with ike SA lifetime set to value of ipsec SA lifetime: I think this change _might_ have caused an issue. On August snapshots, i'm not able to negotiate IKE with another dev... King J
02:38 AM Revision 959dc96b: Per the dhcpd.conf man page and other documentation from ISC, mclt must not be defined on the secondary.: Chris Buechler
02:37 AM Revision 8b8085ce: Per the dhcpd.conf man page and other documentation from ISC, mclt must not be defined on the secondary.: Chris Buechler

08/06/2014

07:57 PM Revision 88c24958: Encode interface/VIP descriptions before displaying them on the NTP daemon settings.: Jim Pingle
07:55 PM Revision c3e77841: Encode interface/VIP descriptions before displaying them on the GRE and GIF pages also;: While here, the GRE page was missing IP aliases from its list of bind IPs, add it in. Jim Pingle
07:53 PM Revision 978c71d2: Encode interface/VIP descriptions before displaying them on the GRE and GIF pages also;: While here, the GRE page was missing IP aliases from its list of bind IPs, add it in. Jim Pingle
07:52 PM Revision bf2fb3db: Encode interface/VIP descriptions before displaying them on the NTP daemon settings.: Jim Pingle
07:36 PM Revision 92ca4bc3: Encode the detail field of an alias entry before displaying its contents back to the user.: Jim Pingle
07:34 PM Revision 2276d743: Encode the detail field of an alias entry before displaying its contents back to the user.: Jim Pingle
07:27 PM Revision 071f6059: Escape the individual dnsmasq advanced/custom options: Jim Pingle
07:26 PM Revision 52c67bc2: Escape the individual dnsmasq advanced/custom options: Jim Pingle
07:18 AM Feature #3589 (Resolved): OpenVPN client: GUI option for "route-nopull": Jim Pingle
03:03 AM Feature #3589: OpenVPN client: GUI option for "route-nopull": This feature has been implemented by https://redmine.pfsense.org/projects/pfsense/repository/revisions/b9e9903ddb2166... Dmitriy K

08/05/2014

03:43 PM Revision 12c88700: Allow to add ipalias vip to lo0, it should fix #3773: Renato Botelho
03:41 PM Feature #893 (Closed): Re-orderable IPsec: Duplicate of #3328 (It's newer but already properly assigned and targeted) Jim Pingle
03:24 PM Feature #893: Re-orderable IPsec: This is going on 4 year now. Running in the same problem again. Unlike static routes IPsec routes are done by the o... Robert Middleswarth
03:40 PM Bug #3794 (Rejected): Re-orderable IPsec: Duplicate of #3328 Jim Pingle
03:31 PM Bug #3794 (Duplicate): Re-orderable IPsec: Allow IPSec tunnel order to be changed much like Firewall Rules can be re-ordered. The purpose is to give one tunnel ... Robert Middleswarth
01:09 PM Feature #3793 (New): Enable external authentication support for rules: Well, i am sad to see that pfSense doesn't handle external authentication support for rules, which means pfSense can'... Francisco Leon
01:01 PM Revision 8e2a4091: Use GPS type presets only to pre-set values then user can change it. After user changes, save type always as Custom to avoid overwriting values when user attempt to edit. It fixes #3782: Renato Botelho
12:19 PM Revision f9f3e44c: More non-functional changes to make code more readable: Renato Botelho
12:12 PM Feature #3792 (Resolved): Group name size limit too restrictive on Active Directory Users: The name size limit was changed to 16 chars, described as an OS limitation. In my case we use Active Directory and so... Francisco Leon
12:01 PM Revision 42b5c637: Fix indent and spaces: Renato Botelho
11:59 AM Revision 46f5ced5: This if is unecessary since input_errors is unset in the line above: Renato Botelho
11:52 AM Bug #3281 (Feedback): In certain cases, GRE interfaces are missing the "RUNNING" flag at bootup and will not function: I tried redmine-3281.xml on a 2.2 system and all GRE interfaces have RUNNING flag set on reboot. Renato Botelho
11:35 AM Revision 4c291f4c: Fix indent and whitespaces: Renato Botelho
10:50 AM Bug #3773 (Feedback): Can't add an IP alias on lo0 through the web GUI in 2.2: Applied in changeset commit:12c887006320a3d01a3f761eca2dfc8f64c41fa2. Renato Botelho
10:48 AM Revision 4c4c59b9: Make sure there are not empty options on dst select to avoid creating empty user or group. This issue was introduced by b4e9a4da: Renato Botelho
10:44 AM Revision 46f6eb78: Fix select name: Renato Botelho
08:20 AM Bug #3782 (Feedback): ntp/gps serial speed doesn't set: Applied in changeset commit:8e2a409171011bfc14149c5fa533d938f49eebba. Renato Botelho

08/04/2014

07:25 PM Revision 1de3a5dd: Fix input validation logic on diag_testport.php, escape more shell arguments for good measure: Jim Pingle
07:23 PM Revision 46d3f6a6: Fix input validation logic on diag_testport.php, escape more shell arguments for good measure: Jim Pingle
06:21 PM Feature #1361 (Resolved): DNSMasq, source interface and IPSec VPNs: this was implemented for 2.1 and works fine, just didn't get moved to "resolved" status.
Chris Buechler
06:19 PM Bug #3783 (Rejected): wan interface loses IP after carrier reconnect: that's most likely a ue driver issue, maybe in combination with what you're doing with VMware. People see those have ... Chris Buechler
03:34 PM Revision aeb44799: Fix #3790. Fix IPv6 Prefix ID check using interface user choose before save: Renato Botelho
10:50 AM Bug #3790 (Feedback): Input validation is too strict for IPv6 Prefix ID for Track Interface: Applied in changeset commit:aeb44799f3693c198c48926c85b4468a6dccb9f9. Renato Botelho

08/02/2014

01:24 PM Bug #3791 (Rejected): Alias->URL Table (IPs): Upon boot pfSense 2.2 takes 7 -10 minutes to load pfSense at the [Loading Firewall] line with 8 <Aliases>_<URLs> Type... Bill Crowder

08/01/2014

10:28 PM Bug #3787: Outbound NAT to VIP AMD64 not working from OPT1 interface: There are absolutely no such issues. Please use one of our support channels for assistance. https://pfsense.org/support Chris Buechler
06:21 AM Bug #3787: Outbound NAT to VIP AMD64 not working from OPT1 interface: Chris Buechler wrote:
> you have a config problem or a general network issue with that IP (stale upstream ARP cache,... Brian Jensen
06:16 AM Bug #3787: Outbound NAT to VIP AMD64 not working from OPT1 interface: Chris Buechler wrote:
> you have a config problem or a general network issue with that IP (stale upstream ARP cache,... Brian Jensen
06:01 AM Bug #3787 (Rejected): Outbound NAT to VIP AMD64 not working from OPT1 interface: you have a config problem or a general network issue with that IP (stale upstream ARP cache, IP conflict). outbound N... Chris Buechler
05:04 AM Bug #3787: Outbound NAT to VIP AMD64 not working from OPT1 interface: Its version 2.1.4
Not 2.2.
I know that 8.3 is EOL but basic FW functions are not working here, so needs urgent ... Brian Jensen
08:52 PM Revision f088b8cd: Do not try to rekey for IKEv1.: Ermal LUÇI
08:39 PM Revision 9b915686: Use a uniqid() to track phase2 entries to avoid confustion and various mistakes when modifying and editing them.: Ermal LUÇI
12:25 PM Bug #3790 (Resolved): Input validation is too strict for IPv6 Prefix ID for Track Interface: It is impossible to set both the track interface and an ID higher than 0 in one action, even if it is valid.
For e... Jim Pingle
08:48 AM Bug #3786 (Closed): Browser hangs when wireless card enabled: If you search around the web a bit, it's a common problem affecting lots of people with the current Lastpass add-on o... Jim Pingle
06:58 AM Bug #3784: Cannot enter hostname with a dot: Buster de wrote:
> Why you can't put only "server" into the hostname and "sub.domain.com" into the domain field?
... Owen Gerrard
06:12 AM Bug #3784: Cannot enter hostname with a dot: Why you can't put only "server" into the hostname and "sub.domain.com" into the domain field? Buster de
06:03 AM Bug #3789 (Resolved): rc.update_bogons.sh and login shell ignore http proxy settings: Hi,
I need to configure a http proxy for www access.
It seems that /etc/rc.update_bogons.sh ignores proxy setting... Buster de

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

08/30/2014

08/29/2014

08/28/2014

08/27/2014

08/26/2014

08/25/2014

08/24/2014

08/23/2014

08/22/2014

08/21/2014

08/20/2014

08/19/2014

08/18/2014

08/17/2014

08/16/2014

08/15/2014

08/14/2014

08/13/2014

08/12/2014

08/11/2014

08/10/2014

08/09/2014

08/08/2014

08/07/2014

08/06/2014

08/05/2014

08/04/2014

08/02/2014

08/01/2014