Activity

30 days up to

User

Subprojects

Activity

From 09/07/2014 to 10/06/2014

10/06/2014

10:24 PM Bug #3915: DHCP server static mapped clients do not receive custom DNS servers: And here is the dhcpd.conf I forgot to attach. Phillip Davis
10:11 PM Bug #3915 (Resolved): DHCP server static mapped clients do not receive custom DNS servers: When I add a static mapped DHCP client, then put 2 custom DNS servers for that client (e.g. 8.8.8.8 and 8.8.4.4 to ov... Phillip Davis
10:01 PM Bug #3822: 2.2 boot hangs at "Synchronizing user settings": If I halt the system then they will hang at "Synch user settings" ?? But if I pull the plug they seem to finish the... Chris Palmer
09:59 PM Bug #3822: 2.2 boot hangs at "Synchronizing user settings": I have two machines on the latest 2.2 that hang every first boot but come alive after a re-boot. I can provide config... Chris Palmer
07:06 PM Bug #3822: 2.2 boot hangs at "Synchronizing user settings": I updated the above mentioned redmine-3822.xml config file. I can reliably reproduce this hang by just restoring this... Chris Buechler
04:05 PM Revision a3cc8dcc: Add an option to restart php-fpm from console: Ermal LUÇI
03:47 PM Bug #3894: OpenVPN client started multiple times when connecting to FQDN where connectivity to server is delayed: Here is a video http://rghost.net/private/58388261/44e5fb12a48d08550c2bb5cd6c676bd3
Bug is 100% reproducible. My g... Dmitriy K
05:29 AM Bug #3894: OpenVPN client started multiple times when connecting to FQDN where connectivity to server is delayed: Normally openvpn instances are restarted on interface up event!
Can you back this claim with proper information as... Ermal Luçi
02:29 PM Bug #3846 (Resolved): Adding interface for new VLAN selects active WAN VIP address breaking connectivity: fixed Chris Buechler
12:54 PM Feature #3914: Support up to 4 DNS Servers in DHCP: That's reasonable Phil, feel free to submit that as a merge request to master. Chris Buechler
11:01 AM Feature #3914: Support up to 4 DNS Servers in DHCP: and OpenVPN server GUI has boxes to provide up to 4 DNS servers to clients, so it seems reasonable/consistent to have... Phillip Davis
10:55 AM Feature #3914 (Resolved): Support up to 4 DNS Servers in DHCP: System->General Setup already supports 4 DNS servers, which get passed to DHCP clients if DNS Forwarder is not enable... Phillip Davis
11:08 AM Bug #3911: VHID 3 is already in use on interface WAN. Pick a unique number on this interface.: Our recommendation for that is to use ip aliases.
Since you have already configured a VIP(carp) why you want to ad... Ermal Luçi
07:15 AM Bug #3911: VHID 3 is already in use on interface WAN. Pick a unique number on this interface.: maybe my formulation is wrong, but shouldn't it be possible to add multiple IP addresses/aliases to same VHID? ifconf... Tony den Haan
10:31 AM Revision 9c296826: Fixes #3909 Properly report and detect carp_status: Ermal LUÇI
08:22 AM Revision 2d5fd3c2: Remove function that is not implemented properly. Nothing seems to use it.: Ermal LUÇI
08:21 AM Revision 4aa7f542: Merge pull request #1303 from PiBa-NL/carp_without_matching_subnet: Ermal LUÇI
08:16 AM Revision 042f0d12: Merge pull request #1304 from sselph/powerd_normal_mode: Ermal LUÇI
08:15 AM Revision 78aadc14: Merge pull request #1305 from phil-davis/patch-2: Ermal LUÇI
05:50 AM Bug #3909 (Feedback): carp_status.php shows disabled after initial config when it really isn't: Applied in changeset commit:9c2968266996b21bb4e3754ae7ae4d6100970563. Ermal Luçi
04:48 AM Revision fb0a4e7a: Fix not rules for OPTn network case: Reported in forum https://forum.pfsense.org/index.php?topic=82319.0
The "if (is_subnet($src)) ... filter_address_add_... Phil Davis

10/05/2014

10:35 PM Revision 3d77cc35: Add powerd normal mode flag (-n): Steven Selph
04:05 PM Bug #3913 (Resolved): if_bridge missing ALTQ support: Hello,
I just upgraded my pfSense 2.1.5 install to the latest 2.2 beta release.
Once the update completed, i coul... Orsiris de Jong
02:33 AM Bug #3737: Incoming VLAN traffic fails to reach VLAN interface if PCP not 0: I encounter the same issue, with the patch PCP is working fine.
Can you push this patch so it can be included in the... Damien Flament

10/04/2014

12:48 AM Feature #3328 (Resolved): Allow reordering of IPsec Phase 1 and Phase 2 entries: works Chris Buechler
12:31 AM Bug #1107 (Resolved): mpd on AMD64 generates invalid checksums with NAT: fixed Chris Buechler
12:24 AM Bug #3807 (Resolved): Unable to edit existing Virtual IPs: fixed Chris Buechler
12:22 AM Bug #3760 (New): reply-to with TCP and IPv6 generates broken checksums: still doesn't work on: ... Chris Buechler
12:13 AM Bug #3661 (Resolved): xauth user is not displayed in IPsec status: works Chris Buechler
12:00 AM Bug #3826 (Resolved): 2.2 diag_ipsec.php issues: these issues are fixed. The page as a whole needs some design work so "Overview" isn't a huge wall of text, will cove... Chris Buechler

10/03/2014

11:30 PM Bug #3823 (Resolved): diag_ipsec.php fails with PSK+Xauth mobile client connected: fixed Chris Buechler
10:34 PM Bug #3912 (Resolved): Dynamic DNS disallows valid character in username: OpenDNS allows a username (email) in the format of example+email@gmail.com, however the + sign trips up the services_... Brian Rozmierski
10:21 PM Bug #3822 (New): 2.2 boot hangs at "Synchronizing user settings": still an issue in some particular edge case I haven't quantified yet. Chris Buechler
04:21 PM Bug #3911 (Rejected): VHID 3 is already in use on interface WAN. Pick a unique number on this interface.: That forum thread has no relation. The scenario as described doesn't exist in 2.1.5 or 2.2. The input error "VHID ...... Chris Buechler
07:25 AM Bug #3911 (Rejected): VHID 3 is already in use on interface WAN. Pick a unique number on this interface.: This happens when trying to add more IPs to a VHID, as discussed in https://forum.pfsense.org/index.php?topic=54885.0... Tony den Haan
03:15 PM Revision 4665dbdd: Make proper check if IP address is configured on another interfaces and ignore current one. It fixes #3807: Renato Botelho
10:20 AM Bug #3807 (Feedback): Unable to edit existing Virtual IPs: Applied in changeset commit:4665dbdd51ea845a4b84d5068b4ecf31cd9dce4b. Renato Botelho
07:06 AM Feature #3228: Please add an "Interface Down" Trigger Level for Gateway Group members: Chris Buechler wrote:
> Interface link down will trigger "interface down" from monitoring, so I fail to see a point.... Malte Stretz
05:53 AM Bug #3831: VPN PPTP, RADIUS issued IPs and secondary RADIUS server: Found that problem in MPD (and libradius library). (http://sourceforge.net/p/mpd/discussion/44693/thread/e738def4) Vyachelav B
03:21 AM Bug #2366: Error in User Manager - Privileges are not being enforced: You should follow setup procedures for AD.
Search the net and you will find them. Ermal Luçi

10/02/2014

09:52 PM Bug #3822 (Resolved): 2.2 boot hangs at "Synchronizing user settings": Edit: scratch that, still an issue in some particular edge case I haven't quantified yet. Chris Buechler
09:19 PM Revision 3c4fc30b: get back to our standard RFC-defined capitalization of IPsec: Chris Buechler
08:56 PM Revision 80a261a2: CARP, allow carp ip to be outside interface and alias subnets (FreeBSD10 feature): Pi Ba
08:09 PM Revision 3258d442: Merge pull request #1300 from jean-m-cyr/master: Renato Botelho
08:09 PM Revision 90a430c7: Merge pull request #1298 from PiBa-NL/vips_sort: Renato Botelho
08:01 PM Revision 8d3c338e: firewall_virtual_ip make the table sortable remove double tfoot, but use 2 tr inside.: Pi Ba
07:18 PM Bug #3383: Web GUI becomes slow or unusable if the LDAP server used for GUI auth is unreachable: Another option would be to add an authentication realm drop down to the login page, like you would get on a windows m... Adam Esslinger
06:51 PM Bug #3383: Web GUI becomes slow or unusable if the LDAP server used for GUI auth is unreachable: It would also be nice if it supported multiple LDAP servers. In an AD environment there are multiple directory serve... Adam Esslinger
06:28 PM Bug #2366: Error in User Manager - Privileges are not being enforced: I have also experienced this bug. When pfsense is set to use LDAP as the authentication server (specifically Active ... Adam Esslinger
06:04 PM Bug #2889 (Closed): ACK Traffic Put in Normal Queues. Normal Traffic Put in ACK Queues: haven't seen that elsewhere, and can't replicate on current versions Chris Buechler
06:03 PM Bug #2173 (Closed): pfsync errors: Chris Buechler
06:01 PM Bug #1721 (Closed): uPnP issue with STATIC ip addresses: Chris Buechler
06:00 PM Bug #1304 (Resolved): Quick option ignored for "Queue" action rules on floating tab: Chris Buechler
05:59 PM Bug #731 (Resolved): Shaper: p2p catch all bandwidth allows various selections but only % usable: Chris Buechler
05:56 PM Feature #2847 (Resolved): Add a checkbox to flag a gateway as "down": Chris Buechler
05:55 PM Feature #2295 (Resolved): Allow multiple OpenVPN compression settings (disable, yes, no, adaptive): Chris Buechler
05:54 PM Todo #3632 (Resolved): Move to sqlite3 php module: Chris Buechler
05:53 PM Feature #73 (Resolved): Log failed PPTP vpn logins to PPTP log: fixed ages ago Chris Buechler
05:52 PM Feature #262 (Resolved): Add NAT-PMP support to miniupnpd: Chris Buechler
05:52 PM Feature #403 (Resolved): tinydns/dnscache drop in replacement for dnsmasq in pfSense: Chris Buechler
05:51 PM Bug #1333 (Resolved): Rate causes high CPU usage: fixed quite some time ago. Chris Buechler
05:51 PM Feature #1807 (Resolved): Button needed for '-add a new one-' on the static IP configuration: Chris Buechler
05:49 PM Bug #1909 (Resolved): dhcp dies after reboot: Chris Buechler
05:46 PM Feature #2281 (Closed): NAT reflection of UDP using "socat": reflection of UDP works fine in pure NAT mode. Chris Buechler
05:46 PM Feature #2637 (Closed): Add ability to define dnsmasq cache size: dnsmasq no longer used Chris Buechler
05:45 PM Feature #2715 (Resolved): Don't reactivate CARP until I manually do it: feature exists in 2.2 Chris Buechler
05:44 PM Feature #2986 (Resolved): Turkish Language Import For Next Snapshots: Chris Buechler
05:43 PM Bug #2860 (Closed): packages don't get restored: as described is not a general issue, and good chance any edge case has been fixed in the years since. Chris Buechler
05:41 PM Feature #2834 (Needs Patch): carp+pfsync: add ability to prefer one node as master: Chris Buechler
05:40 PM Bug #2819 (Resolved): Unconstrained memory growth of tcpdump: this hasn't happened in 2.1x and newer versions Chris Buechler
05:39 PM Bug #3207 (Resolved): bug/feature expansion: ufslabels.sh doesn't account for gmirror systems.: Chris Buechler
05:37 PM Bug #3910: Cannot set advskew back to 0: This seems to me to be a FreeBSD bug, setting advskew to 0 never works.. Setting it to 1 is possible though. Perhaps ... Pi Ba
05:30 PM Bug #3910 (Resolved): Cannot set advskew back to 0: When leaving persistent CARP maintenance mode, the advskew is left at 254 on the running system, so it retains backup... Chris Buechler
05:33 PM Bug #3595 (Resolved): OpenVPN TAP/TUN <--> interface bridge not working after reeboot: Chris Buechler
05:32 PM Bug #3066 (Rejected): Proxy ARP failing with kernel error: issue as described doesn't exist. Chris Buechler
05:30 PM Feature #3522 (Resolved): Option to set CARP interfaces to 'maintenance mode', persisting through a reboot so the primary machines stays as backup/inactive: feature is implemented. There is still an outstanding problem with it not dropping back to the configured advskew, th... Chris Buechler
05:24 PM Bug #1983 (Resolved): Cancel Button generates a Confirm Form Resubmission message: fixed Chris Buechler
05:23 PM Bug #3635 (Rejected): Apinger does't start after upgrade to 2.1.3-RELEASE: there is no general bug here. Upgrades don't delete any groups, and of tens of thousands of systems that have upgrade... Chris Buechler
05:20 PM Bug #3604 (Rejected): Traffic shaper wizard rules can't be deleted: no outstanding bugs here, the wizard history has no functional impact and is retained for convenience. The lacking in... Chris Buechler
04:56 PM Feature #3228 (Rejected): Please add an "Interface Down" Trigger Level for Gateway Group members: Interface link down will trigger "interface down" from monitoring, so I fail to see a point. Chris Buechler
04:53 PM Feature #3186 (Resolved): Firewall: NAT: 1:1: Edit: I added a note to the documentation re: destination, which is the only legit issue here. Chris Buechler
04:44 PM Todo #3893 (Resolved): Alias -> IP: Chris Buechler
04:43 PM Bug #3876: pfsync is not synchronizing states on 2.2: Confirmed as described, whether multicast or unicast, no pfsync traffic is ever seen on the wire. Chris Buechler
04:03 PM Bug #3807 (New): Unable to edit existing Virtual IPs: original issue still exists Chris Buechler
04:02 PM Bug #3825 (Resolved): Rejected traffic shown as blocked in firewall log: fixed Chris Buechler
03:59 PM Bug #3909 (Resolved): carp_status.php shows disabled after initial config when it really isn't: To replicate:
Take a clean default config, and add a CARP IP. Apply changes. Go to Status>CARP. It shows disabled... Chris Buechler
07:51 AM Bug #3450: DHCPv6 Lease Status shows no Leases: @pfSense used in notes #4 was i386/32bit.@ Vinícius Zavam
07:46 AM Feature #3908 (Rejected): Set gateway outside the range of wan address: Duplicate of #972 Jim Pingle
07:38 AM Feature #3908 (Rejected): Set gateway outside the range of wan address: For example:
An ISP give you an IP: 5.30.2.24/32 and give you a gateway with an address in an other range : 217.13... Pierre-Antoine Zeebroeck

10/01/2014

05:06 PM Revision d4f4ebc7: Remove stray 'i'.: Reported-by: https://forum.pfsense.org/index.php?topic=82393.0 Jim Pingle
04:18 PM Bug #3450: DHCPv6 Lease Status shows no Leases: *Manual Action is Needed!*
* pfSense's "DHCPv6 Leases" page can show the hosts after that.... Vinícius Zavam
03:58 AM Bug #3771: Webinterface and dhcpdcrashes with 500+ static leases: It's easy to reproduce, setup an HA setup with dhcpd failover and create about 500 leases.
If I deactivate the dhc... Niels Gassen
12:37 AM Feature #3907 (Resolved): OpenVPN widget connected client count display: Hello,
It would be nice to know how much openvpn clients are connected.
The Dashboard widget's title is "Server TC... Todor K

09/30/2014

06:14 PM Bug #3906 (Rejected): Menu bar wraps, System menu hard to access: Duplicate of #3842 Jim Pingle
05:55 PM Bug #3906: Menu bar wraps, System menu hard to access: I've just realised this is a duplicate of https://redmine.pfsense.org/issues/3842
Sorry. Criggie .
05:48 PM Bug #3906 (Rejected): Menu bar wraps, System menu hard to access: From a debian and a fedora linux client, I have problems accessing the System menu in the webgui. The HELP menu is ... Criggie .
09:48 AM pfSense Packages Bug #3905 (Closed): Upgrade from 2.1.3 to 2.1.5 broken Net/SNMP.pm path: This results in issues with some plugins of Nagios. e.g.
/usr/pbi/nrpe-amd64/libexec/nagios/check_ifoperstatus
... Rens Autempspourmoi
07:31 AM Bug #3904 (Resolved): Firewall Log widget generates a load of HTML code when Reverse DNS resolution is clicked: As per this forum report by chpalmer:
https://forum.pfsense.org/index.php?topic=82254.0
The version from 2.1 bran... Phillip Davis
07:07 AM Todo #3903: Disable NTPD server: In addition to being a duplicate ticket, that's not a valid reason for wanting to disable ntpd.
Free tip: Bind Ope... Jim Pingle
06:47 AM Todo #3903 (Rejected): Disable NTPD server: Duplicate of #3567 Renato Botelho
05:09 AM Todo #3903 (Rejected): Disable NTPD server: I've my Openvpn servers runs on port 123 UDP, when the firewall rebooting NTPD or OpenVPN service is down... ( same p... Oscar Francia
06:49 AM Todo #3893 (Feedback): Alias -> IP: Pull request has been merged Renato Botelho

09/29/2014

06:49 PM Bug #3634 (Rejected): Default gateway not restored after it comes back online: duplicate of #1837 and/or #1705 Chris Buechler
06:46 PM Bug #3875 (Feedback): interface reporting dscrepancy: Hey Ike,
Sounds like some general known issues in 8.x base with certain NICs in certain circumstances, the underl... Chris Buechler
06:32 PM Bug #3865 (Rejected): With explicit block-everything rule in firewall it incorrectly blocks LAN to LAN DHCP broadcast 0.0.0.0 and 255.255.255.255: no bug here. Chris Buechler
05:20 PM Feature #3633 (Resolved): OpenVPN client's "Client Certificate" should be optional: works Chris Buechler
05:01 PM Bug #3849 (Rejected): Compex WLE200NX wireless card stops responding: driver issue that's outside our control, and is almost certainly fixed in 2.2's base OS. Chris Buechler
04:59 PM Bug #3877 (Rejected): OpenVPN Client Connection routing Internettraffic: config issue, not a bug. Please use one of our support resources for assistance. https://pfsense.org/support
Chris Buechler
04:58 PM Feature #3897 (Rejected): recurring schedules: this has been possible for years Chris Buechler
04:58 PM Bug #3867 (Rejected): Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 71 bytes) on diag_states_summary.php version 2.1.5: duplicate of #3796 Chris Buechler
03:35 AM Revision c7fa58ac: Fix up NTP status page formatting: Number of columns is not the same for all table rows Jean Cyr

09/28/2014

11:00 PM Feature #3453: Management GUI (lighttpd) interface binding control: Well, just had to do another pfSense update, and then had to go through the ritual of patching files to make it work.... Ted Lum
08:56 PM Revision 547d7641: firewall_virtual_ip make the table sortable: Pi Ba
07:28 PM Bug #3902 (Resolved): dhcp6c can't handle Server Unicast Option: Hi
My ISPs DHCP6 server uses the Unicast Option (http://tools.ietf.org/html/rfc3315#section-22.12) which seemingly... Philippe Schnyder
05:36 PM Bug #3901 (Rejected): DynDNS is not forcefully updated after powerup: Hi
I was playing around with two instances of pfSense (with the same config).
pfSense1 had IP a.b.c.x (via DHCP) ... Philippe Schnyder
03:23 PM Revision 762a7b89: Spelling: Phil Davis
03:16 PM Bug #3900: DynamicDNS should allow "@" at hostname: BTW, where these configs are stored? Could I change them directly via Diagnostics / Edit File? It would be a good wor... F. D.Castel
03:11 PM Bug #3900 (Resolved): DynamicDNS should allow "@" at hostname: No-ip has the ability to update one of several IP addresses of a round-robin DNS A record. This is done adding a "@<l... F. D.Castel

09/27/2014

07:17 PM Revision e7b03bc1: Merge pull request #1295 from phil-davis/patch-21: Renato Botelho
05:19 PM Revision 6b18c66b: Clarify bracketing: to minimize risk of a problem when adding code here in the future. Phil Davis
05:10 PM Revision 055a43d2: Allow extended alias inputs #3890: Currently if you enter a space-separated list of subnets in the IP address box when entering an alias, the code repor... Phil Davis
04:40 PM Feature #3899 (New): Add feature to allow reordering of <package> items in config.xml: Would it be possible to add a new page that would allow an admin/user to change the order in which packages are order... Cino .
12:36 PM Bug #3890: Aliases multiple CIDR ranges show error message: The version for 2.2 was not so difficult to integrate:
https://github.com/pfsense/pfsense/pull/1297 Phillip Davis
11:26 AM Bug #3890: Aliases multiple CIDR ranges show error message: It was kind-of a feature:) It fills out all the rows when you press Save the first time but tells you that the data i... Phillip Davis
12:08 PM Revision da7f6588: Spelling: Phil Davis
12:04 PM Revision ff5fa759: Spelling: Phil Davis
12:02 PM Revision 3c4cddc7: Spelling: Phil Davis
11:59 AM Revision 0a97a7bb: Spelling: Phil Davis
11:51 AM Revision 51dc66c9: Spelling: Phil Davis
11:49 AM Revision ec074a86: Spelling: Phil Davis
11:47 AM Revision f64b0b8e: Spelling: Phil Davis
11:45 AM Revision 15c58806: Spelling: Phil Davis
11:38 AM Revision abe63176: Spelling: Phil Davis
11:37 AM Revision fb3b7640: Spelling: Phil Davis
11:35 AM Revision 4304dd97: Spelling: Phil Davis
11:34 AM Revision 8913533d: Spelling: Phil Davis
11:26 AM Revision 47e1f0d4: Spelling: Phil Davis
04:14 AM Bug #3896: ipv6 pppoe ISP with static adress: I am trying with 2.2-BETA (i386) built on Fri Sep 26 14:06:31 CDT 2014
Pareil mais pas mieux. similar but not better xavier Lemaire

09/26/2014

06:17 PM Bug #3898: Traffic Graph webpage freezes up after some time: my pfsense is:
2.1.5-RELEASE (i386)
built on Mon Aug 25 07:44:26 EDT 2014
FreeBSD 8.3-RELEASE-p16
You are on ... carl paulino
06:17 PM Bug #3898 (Closed): Traffic Graph webpage freezes up after some time: Anytime I leave the page up 'Status-->Traffic Graph' on my Mac 10.9.5 Safari 7.1 browser, eventually the whole page w... carl paulino
04:56 PM Revision adab585d: Merge pull request #1294 from phil-davis/patch-19: Renato Botelho
04:56 PM Revision 45cd176a: Merge pull request #1293 from phil-davis/patch-20: Renato Botelho
04:18 PM Revision bbd1f783: firewall_aliases_edit UI text changes: If type URL Table then the heading "Description" on the 3rd column gets suppressed (I am not really sure why that is,... Phil Davis
04:01 PM Revision c5cfa06b: Minor fixes to firewall_aliases_edit: for 2.1 branch Phil Davis
03:41 PM pfSense Packages Feature #3685: haproxy listener ip from alias: Hi Atıf are you using the haproxy-devel 1.5.x package?
If so could you share the <haproxy> part of a configfile yo... Pi Ba
03:11 PM pfSense Packages Bug #3892: Critical bash vulnerability CVE-2014-6271: Security Announcement posted:
https://www.pfsense.org/security/advisories/pfSense-SA-14_18.packages.asc Jim Pingle
07:36 AM pfSense Packages Bug #3892 (Feedback): Critical bash vulnerability CVE-2014-6271: Affected packages have been either updated or removed.
* FreeRADIUS2: Package updated with a patched version of ba... Jim Pingle
11:31 AM Feature #3897: recurring schedules: You can already make these, IMHO. e.g. I have one called OfficeTime that looks like:
OfficeTime
Mon - Thur 14:0... Phillip Davis
08:49 AM Feature #3897 (Rejected): recurring schedules: it would be great to have the possibility to create recurring schedules such as "working hours", ... Anonymous
11:22 AM Todo #3893: Alias -> IP: See https://github.com/pfsense/pfsense/pull/1293 for my suggested change, which also fixes up a little issue with the... Phillip Davis
03:17 AM Todo #3893 (Resolved): Alias -> IP: Hi !
In the Web-GUI under Alias - IP - Hosts only IP is shown when addng a new entry.
Perhaps there should also be ... Anonymous
10:13 AM Revision ace5483e: Merge pull request #1292 from phil-davis/patch-18: Renato Botelho
07:20 AM pfSense Packages Bug #3816 (Feedback): Bump FreeRADIUS to fix libssl version mismatch error: Please try latest version. Renato Botelho
06:21 AM Bug #3877: OpenVPN Client Connection routing Internettraffic: 1. There is no need to set *IPv4 Configuration Type* to "DHCP" at all. Ovpn client interfaces are autoconfigurable. S... Dmitriy K
06:12 AM Bug #3896 (Resolved): ipv6 pppoe ISP with static adress: Hi all,
Funny case In France Nerim provider doesn't affect IPV6 address in adsl PPPOE.
It is dual IPV4 / IPV6 acc... xavier Lemaire
06:11 AM Feature #3895 (New): Timeout for "Apply change": It would be nice to have a timeout when you applied changes to make it possible to revert changes back if no cofirmat... Dmitriy K
05:48 AM Bug #3894 (Resolved): OpenVPN client started multiple times when connecting to FQDN where connectivity to server is delayed: Requirements:
1. WAN connection should not be Static/DHCP!
Steps to reproduce:
1. Create an ovpn client instance... Dmitriy K
03:51 AM Bug #3205: Partial system freeze when disconnecting USB 3G stick: any fix for this as its still troubling me Bipin Chandra
02:40 AM Revision 62218b4d: Remove useless check for alias description matching an interface description: While looking at other checks in the code I noticed this check. It was not effective anyway, because the first line i... Phil Davis
02:18 AM Bug #3312: Gateway on IPsec rules is not functional in pf: hello,
I installed 2.1.5 and when I put a getaway on ipsec rules, traffic goes to the default.
Is it a bug?
Frédéric Pougnault

09/25/2014

07:39 PM pfSense Packages Bug #3892: Critical bash vulnerability CVE-2014-6271: Checking further: git, avahi, and ntopng use bash during the build but do not include it in the PBI for installation.... Jim Pingle
07:29 PM pfSense Packages Bug #3892: Critical bash vulnerability CVE-2014-6271: Update again:
More affected packages, full list is now:
git, avahi, freeradius2, ntopng, mailscanner Jim Pingle
05:49 PM pfSense Packages Bug #3892: Critical bash vulnerability CVE-2014-6271: Also: The mailscanner package appears to be affected along with FreeRADIUS2 Jim Pingle
05:37 PM pfSense Packages Bug #3892: Critical bash vulnerability CVE-2014-6271: [2.2-ALPHA][admin@apu.localdomain]/root(1): which bash
bash: Command not found.
[2.2-ALPHA][admin@apu.localdomain]/... Jim Pingle
05:36 PM pfSense Packages Bug #3892: Critical bash vulnerability CVE-2014-6271: 2.2 does not include bash. No base install includes bash. If you added it manually, it came from FreeBSD, or perhaps ... Jim Pingle
05:31 PM pfSense Packages Bug #3892 (Resolved): Critical bash vulnerability CVE-2014-6271: 2.2-beta appears vulnerable:... Steve Thomas
03:37 PM Bug #3891 (Resolved): ipfw, on pfSense 2.2 kernel dump caused by: ipfw zone 4096 create: ipfw is used by captive portal, and uses a cpzoneid to create a zone in ipfw using mwexec("/sbin/ipfw zone {$cpzonei... Pi Ba
01:04 PM Bug #3890 (Resolved): Aliases multiple CIDR ranges show error message: Hi
If you create a new IP alias for network white-listing with any CIDR ranges separated by a space, pfsense WILL ... Gio M
12:55 PM Revision 7ea27b0d: Be more strict on removing groups checking group id and group name, it avoids issues like happened to users on ticket #3856. While I'm here, replace GET by POST: Renato Botelho
12:29 PM Revision fbe0d698: Be more strict on user removal checking array id and also username to avoid removing wrong users when browser back button is used. It should fix #3856: Renato Botelho
11:18 AM Revision e45e3bf4: Merge pull request #1290 from jean-m-cyr/master: Renato Botelho
11:13 AM Revision b4db2d0e: Remove also old unbound startup script: Renato Botelho
07:41 AM Bug #3849: Compex WLE200NX wireless card stops responding: I had the same issue, with nearly the same setup (APU 1D4 engine).
What really helped me, was to set the Wireless ... Mischa De Pol
07:30 AM Bug #3856 (Feedback): Delete a user, edit another one and going back... delete the edited user: Applied in changeset commit:fbe0d6986aef1ce933f91ad34ba9393344693180. Renato Botelho
01:26 AM Revision 31377265: Support IPV6 in unbound.conf: IPv6 addresses are not included in unbound config and access list Jean Cyr

09/21/2014

07:50 PM Bug #3879 (Resolved): Unable to move widgets in GUI: As of 2.2 Beta snapshots, widgets within the GUI are unable to be moved around. This applies to all Themes. Forum s... Angel Torres
07:43 PM Todo #3874: Make miniupnpd config syntax compatible with new versions: UPnP is working again for my gaming consoles with Open NAT thanks to this fix. Angel Torres
08:35 AM Bug #3801: Captive Portal on 2.2 does not pass through logged-in users: It works ! :)
I can now login through captive portal. Rule is added into ipfw and I can navigate correctly. Gregory Poudrel
08:23 AM Bug #3878 (Rejected): OpenVPN Site to Site Connection HMAC Error: Please post in the forum for assistance until a bug has been confirmed.
OpenVPN defaults to a digest of SHA1, as d... Jim Pingle
08:18 AM Bug #3878 (Rejected): OpenVPN Site to Site Connection HMAC Error: on the 2.1 i have a site-to-site vpn to an other 2.1 machine. The other one is the Server.
Authentication is shared ... Christian Merges
08:12 AM Bug #3863: Supermicro IPMI Boot virtual CD-ROM: Since the last beta booting from iso functioning very well. Christian Merges
08:11 AM Bug #3877 (Rejected): OpenVPN Client Connection routing Internettraffic: In 2.1 i have configured a VPN-Provider as a OpenVPN Client Connectionl:
importing certificates, add openvpn clientc... Christian Merges

09/20/2014

02:55 PM Revision b446562b: Simplify logic: Renato Botelho
02:41 PM Revision ad970c21: Add missing <form> and require filter.inc for filter_configure(): Renato Botelho
06:22 AM Bug #3640: Sierra Wireless 3G Modem support driver: The Direct IP mode is Sierra Wireless only and provide and Ethernet virtual interface trough USB.
This mode is suppo... Nicolas Scheffer

09/19/2014

07:58 PM Revision 130a84c5: Do the proper action if Apply button is pressed even on the preshared keys page: Ermal LUÇI
07:53 PM Revision 8718669c: Recent versions of miniupnpd does not accept IPv4 address anymore, use interface name always. It fixes #3874: Renato Botelho
05:16 PM Revision 9ec8e1f2: Allow hostname to start with '@.' for namecheap. It fixes #3568: Renato Botelho
05:15 PM Revision de29dadc: Allow hostname to start with '@.' for namecheap. It fixes #3568: Renato Botelho
03:02 PM Bug #3191: Quality RRD inaccuracies and failure to update status in some circumstances: For the record, properly recover from disconnected sockets patch put in. Ermal Luçi
03:00 PM Todo #3874 (Feedback): Make miniupnpd config syntax compatible with new versions: Applied in changeset commit:8718669cafdb241a7b801489ba0d6dd20f8d1e7e. Renato Botelho
10:55 AM Todo #3874 (Resolved): Make miniupnpd config syntax compatible with new versions: After version 20140523, miniupnpd moved from warning to error the use of IP address for interface on config file, it ... Renato Botelho
02:22 PM Bug #3876 (Resolved): pfsync is not synchronizing states on 2.2: On 2.2, with a valid pfsync configuration, no state information is passed between the HA nodes.
From ifconfig on t... Jim Pingle
01:47 PM Bug #3853: DHCP Server failover_peerip is not synchronized on 2.2 with CARP: I upgraded my test VM and tried it again, it still works. If I remove the failover IP, it becomes blank on the second... Jim Pingle
12:53 PM Bug #3853: DHCP Server failover_peerip is not synchronized on 2.2 with CARP: Doesn't seem to have been fixed yet: https://forum.pfsense.org/index.php?topic=81948.0 Trond Vindenes
12:30 PM Bug #3568: DynDNS: Hostname '@' not accepted for Namecheap: Applied in changeset commit:9ec8e1f280c35667dcdacfd0ee09f4b3f7d5f5f3. Renato Botelho
12:20 PM Bug #3568 (Feedback): DynDNS: Hostname '@' not accepted for Namecheap: Applied in changeset commit:de29dadc20688daa579937fbd8b4dfdcae3587e6. Renato Botelho
11:59 AM Bug #3873 (Rejected): pfSense dyndns for Namecheap - unable to use '@.domain.com' as hostname: Duplicate of #3568 Renato Botelho
09:15 AM Bug #3873 (Rejected): pfSense dyndns for Namecheap - unable to use '@.domain.com' as hostname: As shown in the documentation to update an "@" record you have to use use "@.domain.com" as hostname. Without... T W
11:58 AM Bug #3875 (Resolved): interface reporting dscrepancy: Hi All,
2.1.4-RELEASE, we're experiencing an issue where pfSense reports interface statistics incorrectly.
Initia... Isaac (.ike) Levy
11:52 AM Bug #3634: Default gateway not restored after it comes back online: Hey guys, are there any plans to fix this for 2.2? Thanks! Oz Solomon
11:16 AM Revision 93ee78b7: Check if there are leases to show, it fixes warning when $mobile['pool'] is empty or not array: Renato Botelho
09:57 AM Revision beae652c: Correct evaluation for "Acct-Interim-Interval" from RADIUS: Setting "Acct-Interim-Interval :=600" in FreeRadius2 evaluates to 'random' values with PfSense 2.1.
Possibly a bug re... dariomas
09:56 AM Revision 880f44c1: Merge pull request ##1285 from dariomas/patch-1: Ermal LUÇI
09:43 AM Revision d2fdc707: Correct evaluation for "Acct-Interim-Interval" from RADIUS: Setting "Acct-Interim-Interval :=600" in FreeRadius2 evaluates to 'random' values with PfSense 2.1.
Possibly a bug re... dariomas
09:07 AM Bug #3872: Enabling a disabled VLAN subinterface with multiple CARP VIPs configured causes system crash: Sorry, just to reiterate this only happens when two or more CARP VIPs are configured on the VLAN interfaces.
Stuart Ridsdale
08:16 AM Bug #3872: Enabling a disabled VLAN subinterface with multiple CARP VIPs configured causes system crash: Hi,
No, I have not tried this in 2.2.
Yes, the VIPs are on the VLAN interfaces. I then disable the VLAN interf... Stuart Ridsdale
08:13 AM Bug #3872: Enabling a disabled VLAN subinterface with multiple CARP VIPs configured causes system crash: So to understand even more.
You say the vips are on the VLAN interfaces and you disable the vlan interface, right?
... Ermal Luçi
08:12 AM Bug #3872: Enabling a disabled VLAN subinterface with multiple CARP VIPs configured causes system crash: You have tried if you recieve this problem on 2.2? Ermal Luçi
07:25 AM Bug #3872 (Resolved): Enabling a disabled VLAN subinterface with multiple CARP VIPs configured causes system crash: When tagged VLAN interfaces have multiple CARP VIPs configured, disabling the interface via the GUI and then enabling... Stuart Ridsdale
08:31 AM Bug #3642 (Resolved): Can't reset to factory defaults: It was fixed on 2.1.4 Renato Botelho
07:30 AM pfSense Packages Bug #3839 (Resolved): Suricata resolve host pop up broken after upgarde: Renato Botelho
06:57 AM Bug #3834 (Rejected): dnsmasq isnt working anymore since upgrade to 2.1.5: dnsmasq is working as expected on 2.1.5, it's probably a local issue. You can use forums and mailing lists to discuss... Renato Botelho

09/18/2014

06:57 PM Revision e5b3335a: Do not call write_config() when click on Apply Changes because it was already done and it causes dhcpd to restart one more time on secondary nodes. It fixes #3797: Renato Botelho
05:31 PM Revision 0b42518d: fix syntax: Jim Pingle
05:08 PM Revision 565488c9: Do now call write_config() when click on Apply Changes because it was already done and it causes dhcpd to restart one more time on secondary nodes. It fixes #3797: Renato Botelho
04:27 PM Feature #3806: Strongswan and CARP, initiator options: It will be investigated on the future.
Ermal Luçi
04:25 PM Bug #3801 (Feedback): Captive Portal on 2.2 does not pass through logged-in users: It should be properluy fixed with tomorrows snapshots. Ermal Luçi
04:07 PM Todo #3871 (Resolved): Please document that Interface Groups not to be used with multi-wan: Hello,
I spent the better part of a day trying to figure out why some firewall rules I added to a WANS interface ... Eduard Rozenberg
03:59 PM Bug #3868: Problem with DNSmasq resolution when using multiple DNS suffixes: Thanks for the tips, had a brain freeze and didn't think to see where that mystery IP went :). I configured that Dyn ... Eduard Rozenberg
02:00 PM Bug #3797: DHCP server restarted multiple times on secondary after config sync: Applied in changeset commit:e5b3335ad921e072f20f052fd0e02a43aada700d. Renato Botelho
12:20 PM Bug #3797 (Feedback): DHCP server restarted multiple times on secondary after config sync: Applied in changeset commit:565488c9cf34c60eccf0f364acc8a0372af31569. Renato Botelho
01:50 PM Revision 24395438: Update jquery to 1.11.1: * Update jquery to latest version
* Use production version instead of development
* Rename file to have version on it... Renato Botelho
07:26 AM Bug #3870 (Closed): re(4) NICs on APU are unable to hardcode speed/duplex properly: The APU uses re(4) network interfaces. If one of these is configured to a specific speed/duplex such as 100BaseTX <fu... Jim Pingle
07:06 AM Bug #3869 (Rejected): Erro on captiveportal with custom login page.: It's not a Captive portal issue, but a problem on your custom pages. They have an input hidden called zone with value... Renato Botelho

09/17/2014

07:58 PM Bug #3868 (Rejected): Problem with DNSmasq resolution when using multiple DNS suffixes: This is a local config and upstream DNS issue, not a bug. Jim Pingle
07:43 PM Bug #3868: Problem with DNSmasq resolution when using multiple DNS suffixes: Go to 198.105.254.68 in your browser, it comes up with http://searchassist.dyndns.com
Somewhere you are using DynDNS... Phillip Davis
12:50 PM Bug #3868 (Rejected): Problem with DNSmasq resolution when using multiple DNS suffixes: Hello,
My pfSense DHCP server is configured to give out the following "Domain search list"
(names changed):
la... Eduard Rozenberg
05:32 PM Revision 1fd3903e: Fix typos: Jim Pingle
05:26 PM Revision c4372d3c: Restore id for cancel button to fix js error: Renato Botelho
04:29 PM Revision c07e853b: Add a basic command line password reset script.: Jim Pingle
02:10 PM Revision ac5934df: While I'm touching this file, replace GET by POST: Renato Botelho
01:34 PM Revision cc265e2e: Deduplicate <form>, fixes #3864: Renato Botelho
01:32 PM Revision 729b9f01: Deduplicate <form>, fixes #3864: Renato Botelho
12:59 PM Bug #3869 (Rejected): Erro on captiveportal with custom login page.: I have 2 instances of Captive Portal, each one on a different subnet.
In both of captive portals I have a custom lo... Jonis Maurin Ceara
10:27 AM Revision 75cf353b: It's time to move to 2.2-BETA: Renato Botelho
09:20 AM Bug #3864: /diag_dump_states.php has duplicate <form> element: Applied in changeset commit:cc265e2e59e0f2ce874d5446e1fa49cdaaae1cfb. Renato Botelho
09:20 AM Bug #3864 (Feedback): /diag_dump_states.php has duplicate <form> element: Applied in changeset commit:729b9f018d28d3823c8d653aab8d18114ce55437. Renato Botelho
08:07 AM Bug #3867 (Rejected): Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 71 bytes) on diag_states_summary.php version 2.1.5: When visiting Diagnostics -> States Summary we get:
Fatal error: Allowed memory size of 134217728 bytes exhausted (t... Mike C.

09/16/2014

05:12 PM Revision 022fe5b0: Merge pull request #1284 from phil-davis/patch-17: Renato Botelho
05:12 PM Revision e5d2c660: Merge pull request #1283 from phil-davis/patch-16: Renato Botelho
04:13 PM Revision 0b857543: Fix #3866 Firewall Log Filtering: on master Phil Davis
04:11 PM Revision 9036e766: Fix #3866 Firewall Log Filtering: on 2.1 branch Phil Davis
02:20 PM pfSense Packages Bug #3711 (Feedback): bind package not starting after update: Applied in changeset commit:c77104440623b60b8fb2a1d2f09c8c554e3cba68. Renato Botelho
01:33 PM Revision 76266acd: Correct speeling as reported by: Phil Davis via github: Ermal LUÇI
12:41 PM Revision 8f097bdd: Merge pull request #1282 from ExolonDX/branch_master_06: Renato Botelho
12:40 PM Revision cc98be5a: Merge pull request #1281 from ExolonDX/branch_master_05: Renato Botelho
12:40 PM Revision 05bf20a3: Merge pull request #1280 from ExolonDX/branch_master_04: Renato Botelho
12:40 PM Revision 17b86608: Merge pull request #1279 from ExolonDX/branch_master_03: Renato Botelho
12:39 PM Revision 9ab5042e: Merge pull request #1278 from ExolonDX/branch_master_02: Renato Botelho
12:39 PM Revision a77b360c: Merge pull request #1277 from ExolonDX/branch_master_01: Renato Botelho
12:20 PM Bug #3866: firewall log filtering: Applied in changeset commit:0b85754309f89d867d60a6d81a707235418f9bac. Phillip Davis
12:20 PM Bug #3866 (Feedback): firewall log filtering: Applied in changeset commit:9036e7661e3e97944f8d329cc6fb24b8206a7326. Phillip Davis
11:10 AM Bug #3866: firewall log filtering: That was easy thing to fix - there was a double dollar sign starting a variable name:
https://github.com/pfsense/pfs... Phillip Davis
04:08 AM Bug #3684: Openvpn not routing incomming traffic correct when using tap device: I confirm this bug is present since 2.2.
Tested on 2 setups.
very first setup and results:
1. I have bridged t... Dmitriy K

09/15/2014

10:57 PM Bug #3866 (Resolved): firewall log filtering: in diag_logs_filter.php filtering of the firewall log does not work as expected any more.
in 2.1.4 when preceding an... Johannes Spanier
05:50 PM Bug #3865 (Rejected): With explicit block-everything rule in firewall it incorrectly blocks LAN to LAN DHCP broadcast 0.0.0.0 and 255.255.255.255: With no rules, the pfSense firewall blocks everything by default (default config includes pass-everything rules). Tho... badon _
10:02 AM Bug #3864 (Resolved): /diag_dump_states.php has duplicate <form> element: I believe line 74 of /usr/local/www/diag_dump_states.php should be removed:... Trevor Peacock
09:19 AM Bug #3450: DHCPv6 Lease Status shows no Leases: *Quick Update:* I am using RFC3849 (2001:db8::/32) address space here, but all IPv6 addresses I own to configure the ... Vinícius Zavam

09/14/2014

06:11 PM Bug #3863 (Resolved): Supermicro IPMI Boot virtual CD-ROM: Booting from the ISO is not possible with virtual CD-ROM. Typing Text with Keyboard is possible. Pluging in and out t... Christian Merges
01:19 PM Feature #3862 (New): Allow configuration of IGMP proxy's 'quickleave' parameter from the web interface: I have multiple set top boxes through my IPTV provider and it seems IGMP proxy's 'quickleave' parameter causes proble... Aaron Bauer
12:17 PM Revision d02491e6: Tidy up "status_rrd_graph.php" XHTML: "id" attributes cannot start with a numeric character, so change "8hour"
to "eighthour" and "4year" to "fouryear". Colin Fleming
12:06 PM Revision 8de8ff0f: Tidy up "diag_dns.php" XHTML: Tidy up the "=" sign properly!
Remove "=" sign from INPUT tag
Change alignment to the "middle" of the TD tag
Add miss... Colin Fleming
11:57 AM Revision 24e183cd: Tidy up "gateways.widget.php" XHTML: Remove invalid "summary" attribute from TD tag Colin Fleming
11:54 AM Revision 607e15db: Tidy up "interfaces.widget.php" XHTML: Remove duplicate closing TR tag
DIV tag cannot be enclosed in a B (bold) tag
Change class and style Colin Fleming
11:49 AM Revision e3e1f748: Tidy up "pkg_mgr_install.php" XHTML: While using the widescreen theme, when you update the firmware or add a
new package the TEXTAREAs are side-by-side wh... Colin Fleming
11:43 AM Revision c5709378: Tidy up "fbegin.inc" XHTML: "id" must be a unique attribute. Colin Fleming

09/13/2014

11:06 AM Bug #3807: Unable to edit existing Virtual IPs: Using "2.2-ALPHA (amd64) built on Sat Sep 13 00:05:21 CDT 2014" nanobsd, and I'm still not able to edit existing virt... Trond Vindenes
04:52 AM Bug #3861 (Rejected): PPPOE non-NAT config cannot ping attached hosts as packets go upstream: I have a system configured as a plain router for a /29 subnet (no NAT) with an upstream PPPoE link. This means that b... Nei Ka

09/12/2014

07:37 PM Revision 62424bdb: Remove almost all calls to history.back() and make Cancel button back to HTTP_REFERER, there are a couple of places I didn't touch on this commit because it requires more work: Renato Botelho
07:17 PM Revision 7e7f07ae: This really does not need the =: Ermal LUÇI
07:17 PM Revision e9a9e1a7: Remove wrongly used type: Ermal LUÇI
05:49 PM Revision 3d77ec5d: Ooops restore this: Ermal LUÇI
05:40 PM Revision 3b9ef0ef: Inverse the sense of the toggles to avoid configuration upgrades: Ermal LUÇI
05:34 PM Revision 16c02722: Actually use the new toggles: Ermal LUÇI
05:31 PM Revision 0e7aad67: Provide Advanced Options for controlling rekey and reauth, might be usable with iOS devices: Ermal LUÇI
05:23 PM Revision ac19d32a: Only for movile users: Ermal LUÇI
05:22 PM Revision fa4e059e: Provide a first implementation of EAP-TLS authentication with IKEv2. It is a start and might not work on all cases: Ermal LUÇI
04:33 PM Feature #3859: Make it possible to set the source IP address for gateway monitoring: Normally this should be fixed on gateways page to show the ip aliases as source interface rather than apinger itself. Ermal Luçi
04:28 PM Bug #3450: DHCPv6 Lease Status shows no Leases: *2.1.5-RELEASE (amd64)*
* DHCPv6 Server seems to be not in a good shape
** it works only if RA is enable, but RA... Vinícius Zavam
03:36 PM Bug #3692: apinger loss % gets stuck: Please update latest version of 2.2 of rebuilt apinger manually and retry. Ermal Luçi
03:34 PM Bug #3191 (Feedback): Quality RRD inaccuracies and failure to update status in some circumstances: Patched apinger, need some feedback if the issue is solved now. Ermal Luçi
03:22 PM Bug #2993 (Resolved): IPsec in transport mode, tunneled traffic does not flow through enc0: Seems to work properly now, thanks! Jim Pingle
03:16 PM Bug #3855 (Resolved): Deleting an IP Alias using a CARP VIP as its interface does not fully get remove the IP from the secondary node: I tested this with the fixes applied and confirmed that it did correct the issue. Jim Pingle
03:13 PM Revision e373e4cd: Make this work properly and not throw out errors.: Ermal LUÇI
03:09 PM Bug #3801: Captive Portal on 2.2 does not pass through logged-in users: I updated to 12th September snapshot.
As soon as the user logs into the captive portal, kernel crashes (probably a... Gregory Poudrel
08:51 AM Bug #3860 (Resolved): Selection of Enable STARTTLS disapears after clicking TEST SMTP on system_advanced_notifications.php: On page System: Advanced : Notifications (system_advanced_notifications.php) the check box STARTTLS is cleared after ... Janosch Jaegers

09/11/2014

09:22 PM Revision 1a6769a6: Replace GET by POST on system_usermanager.php and make necessary adjustments on necessary pages. It fixes #3856: Renato Botelho
09:22 PM Revision 7c2d0050: Back to referer instead of hard coded system_usermanager.php since this page is called from other places: Renato Botelho
09:22 PM Revision 111bea0d: Add a function to redirect to a page passing parameters through POST: Renato Botelho
09:22 PM Revision d83a4264: Add a cancel button for user and group edit page: Renato Botelho
07:57 PM Revision 415b71f1: Fixes #3666. Set the sysctl net.inet.icmp.reply_from_interface to 1 to use the incoming interface to send the icmp reply from. It uses another part of patch to pf to undo NAT if it was already performed before: Ermal LUÇI
06:31 PM Revision 77bf9d5e: Add security priviledge for new page: Ermal LUÇI
06:28 PM Revision 6ca4d471: Get rid of the /: Ermal LUÇI
06:27 PM Revision ca4e3e4c: Actually do not refer with Name but just pool: Ermal LUÇI
06:25 PM Revision bb55330a: Do not let the user mess with SAs from this page. The daemon and primary status page handles tat: Ermal LUÇI
06:24 PM Revision eb183863: Provide a page on IPSec:status t check the leases to mobile clients: Ermal LUÇI
06:01 PM Revision 6c2abb0f: Show friendly names: Ermal LUÇI
05:57 PM Revision 048dd7b9: Remove extra char: Ermal LUÇI
05:55 PM Revision 5e09285e: Correct widget displaying of status for tunnels: Ermal LUÇI
05:47 PM Revision 6f276cba: Properly display number of mobile users: Ermal LUÇI
05:28 PM Revision 7a668bd8: Fix path to xml and make sure the parser will see the custom tags: Ermal LUÇI
05:23 PM Revision 929dfb4c: Add pages missing from the Status > Traffic Graph privilege that are required for the full page to load: Jim Pingle
05:23 PM Revision 8a2f80b2: Add pages missing from the Status > Traffic Graph privilege that are required for the full page to load: Jim Pingle
04:33 PM Revision 6da9a160: Display all new information on ipsec:status and also fix displaying of some previous statistics: Ermal LUÇI
04:30 PM Bug #3856 (Feedback): Delete a user, edit another one and going back... delete the edited user: Applied in changeset commit:1a6769a630b73e20dc093df7d9b59e8bd4dfce74. Renato Botelho
07:15 AM Bug #3856: Delete a user, edit another one and going back... delete the edited user: Confirmed. Will work on a fix Renato Botelho
04:16 PM Bug #3854: pf on 2.2 should not have an upper table entry limit, but generates errors with large datasets: pfB_BTLevel1 Bill Crowder
04:08 PM Bug #3854: pf on 2.2 should not have an upper table entry limit, but generates errors with large datasets: https://www.iblocklist.com/lists.php Bill Crowder
01:30 PM Bug #3854: pf on 2.2 should not have an upper table entry limit, but generates errors with large datasets: Can you provide a link to this big list? Ermal Luçi
02:30 PM Bug #3666: PMTUD is broken for NATed traffic: Applied in changeset commit:415b71f1d41c886b06dfc83d8bc2cb906be78509. Ermal Luçi
02:19 PM Bug #3666 (Feedback): PMTUD is broken for NATed traffic: I think the sysctl that was activated should fix this. Ermal Luçi
02:17 PM Feature #3859: Make it possible to set the source IP address for gateway monitoring: You are right in saying that in most cases the correct IP can be easily deduced from the gateway IP address. However,... Patrick Bihan-Faou
11:07 AM Feature #3859: Make it possible to set the source IP address for gateway monitoring: I would think this can be automated to meet [most|all] use cases. The gateway has a gateway IP address. So the code t... Phillip Davis
09:40 AM Feature #3859 (New): Make it possible to set the source IP address for gateway monitoring: In some cases pfsense does not configure the correct source ip address for apinger checks.
One such scenario is wh... Patrick Bihan-Faou
01:10 PM Bug #3132: Gateway events for IPv6 affect IPv4 services and vice versa: This will not be possible to be fixed in 2.2
Many things need to change for this to happen. Ermal Luçi
11:38 AM Revision 4889b4c0: Merge pull request #1260 from DasTestament/master: Renato Botelho
11:26 AM Revision ee4da773: Merge pull request #1274 from phil-davis/patch-13: Renato Botelho
11:25 AM Revision b7063ed3: Merge pull request #1275 from phil-davis/patch-14: Renato Botelho
09:45 AM Bug #3801 (Resolved): Captive Portal on 2.2 does not pass through logged-in users: Looks good to me. I can now auth to the portal and then access other sites as expected. Jim Pingle
06:50 AM Feature #3515 (Feedback): Windows OpenVPN clients require register-dns to properly use a DNS server set by Pfsense: Applied in changeset commit:c38764dc0494463b06f70c7ef8e249629a922134. Anonymous
02:17 AM Revision 63673f3c: Standardise size of Duplicate Slice button: The Duplicate Slice button currently is displayed in smaller text and in a row of its own, separate from the row abov... Phil Davis
02:10 AM Revision ffda0775: Standardise size of Duplicate Slice button: The Duplicate Slice button currently is displayed in smaller text and in a row of its own, separate from the row abov... Phil Davis
01:37 AM Bug #3858 (Resolved): DynDNS errno 47: Address family not supported by protocol family: I'm on pfSense 2.1.3-RELEASE amd64 (seems to be missing from affected version). Upon configuring the custom (v4, not ... Robbie Trencheny

09/10/2014

08:39 PM Revision 45dbc75f: Try to make the ipsec widget usable again: Ermal LUÇI
08:39 PM Revision 7ab6ad70: Make use of the xml output from stroke leases command: Ermal LUÇI
08:02 PM Revision 9060f420: Change is_port() to only validate a single port, we have is_portrange() for specific cases. Make necessary adjustments after check all is_port() calls. It fixes #3857: Renato Botelho
06:39 PM Revision be32a003: Delete IP Alias on CARP VIP interface on secondary node when it's deleted on primary. It fixes #3855: Renato Botelho
06:39 PM Revision 7397f643: Fix operator: Renato Botelho
06:39 PM Revision 846dc21c: Fix operator: Renato Botelho
06:12 PM Bug #3854 (New): pf on 2.2 should not have an upper table entry limit, but generates errors with large datasets: Jim Pingle
05:00 PM Bug #3854: pf on 2.2 should not have an upper table entry limit, but generates errors with large datasets: To show that it works on 2.1.4... This is the same exact list being replaced on 2.1.4. The list has a different alias... Bill Crowder
04:25 PM Bug #3854: pf on 2.2 should not have an upper table entry limit, but generates errors with large datasets: Better more concise details with Table-entries set at 1,000,000, have also tried 10,000,000.
This list will load c... Bill Crowder
04:13 PM Bug #3854: pf on 2.2 should not have an upper table entry limit, but generates errors with large datasets: Ermal,
When I ran the tests shown in forum post I had tried from 1000000 to 20000000 in System: Advanced: Firewa... Bill Crowder
10:23 AM Bug #3854 (Closed): pf on 2.2 should not have an upper table entry limit, but generates errors with large datasets: The table entries limit is still there
maximumtableentries os system->Advanced.
What has changed is that there is... Ermal Luçi
05:34 PM Revision ed5fc757: Return something meaningful until the widget is made to work correctly: Ermal LUÇI
05:33 PM Revision 4881e5a9: Remove racoon references: Ermal LUÇI
05:33 PM Revision 537940c8: Remove all remnants of racoon from log page: Ermal LUÇI
05:32 PM Revision 5f875147: Correct status.php for new ipsec: Ermal LUÇI
05:23 PM Revision e952906e: Remove traces of older implementation still present: Ermal LUÇI
04:54 PM Bug #2993 (Feedback): IPsec in transport mode, tunneled traffic does not flow through enc0: Patch committed.
Needs to be confirmed fixed with newer snapshots. Ermal Luçi
04:38 PM Revision 3b977eff: Put some tuning on number of half open connection possible in one time.: Ermal LUÇI
04:36 PM Revision 816672f1: Provide some parallellizm on the IKESA lookups for heavy loaded boxes.: Ermal LUÇI
03:20 PM Bug #3857 (Feedback): is_port() validate a wrong port range: Applied in changeset commit:9060f420a9444c68fc8db926787d0bb37d77ed72. Renato Botelho
07:11 AM Bug #3857 (Resolved): is_port() validate a wrong port range: is_port() function should validate only a single port since there is is_portrange() available, but it actually valida... Renato Botelho
01:50 PM Bug #3855 (Feedback): Deleting an IP Alias using a CARP VIP as its interface does not fully get remove the IP from the secondary node: Applied in changeset commit:be32a003afd114098e8cfe7c18edae887810500f. Renato Botelho
08:30 AM Bug #3797 (New): DHCP server restarted multiple times on secondary after config sync: There is still a problem here, it is still getting restarted multiple times but it appears to be due to this behavior... Jim Pingle
06:55 AM Bug #3856 (Resolved): Delete a user, edit another one and going back... delete the edited user: In the user manager page, if you delete a user and then go to the edit page for another user, when you click the brow... Jerome Troussard

09/09/2014

10:43 PM Revision c966c7ec: Actually roll this back since it was a testing glitch: Ermal LUÇI
10:08 PM Revision eadda967: Also here be more strict on checking to return proper result. (some missed from previous commit): Ermal LUÇI
10:04 PM Revision fe06990e: Also here be more strict on checking to return proper result: Ermal LUÇI
09:56 PM Revision fe0430f7: Put some more statistics and the user that gets connected now that we can: Ermal LUÇI
08:55 PM Revision 76e656ba: Merge pull request #1273 from fsSnowboard/master: Renato Botelho
08:53 PM Revision 60ef0911: Make sure dhclient is not running before start it, it fixes console interface setup when interface is using dhcpv4. It should also help #3482: Renato Botelho
08:52 PM Revision d9d1bd20: Implement a function to kill dhclient process, sometimes it takes a little time to die, so use a sleep(1) there: Renato Botelho
08:50 PM Revision 397e40d5: find_dhclient_process() returns an int, not string: Renato Botelho
08:30 PM Revision 9e74f980: Be more explicit: Ermal LUÇI
08:26 PM Revision 9eb4257f: Correct log prepending value: Ermal LUÇI
08:12 PM Revision f049d544: Some device names are bigger now (eg vtnet, ixgbe, cxgbe): Renato Botelho
07:42 PM pfSense Packages Bug #3839: Suricata resolve host pop up broken after upgarde: This bug is fixed in the latest 2.0.3 v2.0.2 version of the Suricata package. This issue can be closed. Bill Meeks
07:38 PM Revision 38f5ac9b: Correct generating loglevels for startup through ipsec.conf: Ermal LUÇI
07:34 PM Revision aa352bb3: Fix minor typo to name and port range: Typo on the name of the FaceTime shape rule, and missing 1 from Google
Talk port range. Tyler Turner
05:07 PM Revision 572f6ccc: Fix guess_interface_from_ip() to account for differences in netstat output. Fixes #3853: Jim Pingle
04:53 PM Bug #3849: Compex WLE200NX wireless card stops responding: I have downgraded to 2.1.4 (i.e. reinstalled 2.1.4 from scratch and restored config). I noticed that after the first ... Michael von Glasow
04:45 PM Feature #3329: Allow creating "not" rules for IPsec Phase 2: Now these should be called specifc policies.
Since phase2 is totally managed by the ipsec daemon there can be what... Ermal Luçi
04:43 PM Bug #3661 (Feedback): xauth user is not displayed in IPsec status: Strongswan has been patched to have this information, also the diag_ipsec improved to display it. Ermal Luçi
03:57 PM Bug #3791 (Rejected): Alias->URL Table (IPs): See #3854 Renato Botelho
03:36 PM Bug #3791: Alias->URL Table (IPs): This should be closed in favor of #3854, #3854 describes the problem more clearly. Thanks, Bill. Bill Crowder
03:28 PM Revision 76fa9adb: Blah unconditionally set rightsourceip per https://forum.pfsense.org/index.php?topic=80300.0 Until pools can be supported properly.: Ermal LUÇI
02:54 PM Revision 3b0bc8c3: Import fix for http://bugs.jquery.com/ticket/9521: Renato Botelho
02:53 PM Revision ccefd603: Import fix for http://bugs.jquery.com/ticket/9521: Renato Botelho
12:48 PM Bug #3801 (Feedback): Captive Portal on 2.2 does not pass through logged-in users: Can you try on latest snapshots. Ermal Luçi
12:20 PM Bug #3853 (Feedback): DHCP Server failover_peerip is not synchronized on 2.2 with CARP: Applied in changeset commit:572f6cccd47f72fe64e84731cf4d12ccbef46da6. Jim Pingle
10:38 AM Bug #3853 (Resolved): DHCP Server failover_peerip is not synchronized on 2.2 with CARP: On 2.1.x and before, the failover_peerip is synchronized and adjusted for use by the secondary. On 2.2 the value is b... Jim Pingle
12:15 PM Bug #3855 (Resolved): Deleting an IP Alias using a CARP VIP as its interface does not fully get remove the IP from the secondary node: When you delete an IP Alias made using a CARP VIP as its interface, it does not get removed from the secondary node a... Jim Pingle
12:14 PM Revision b22ef160: As pointed out by Ermal, VIPs should go first in the list since NAT is first match. Ticket #983: Renato Botelho
11:06 AM Bug #3854 (Resolved): pf on 2.2 should not have an upper table entry limit, but generates errors with large datasets: On 2.2 (FreeBSD 10.x base), pf is not supposed to have an upper table size limit. The knob to set it has been removed... Jim Pingle
06:40 AM Bug #3852 (Resolved): IGMPPROXY still spamming the main systemlog: Renato Botelho
04:17 AM Bug #3852: IGMPPROXY still spamming the main systemlog: Thank you very much, Renato!
Case can be closed now.
Kind regards and sunny greatings from Berlin/Germany. Willy Tenner

09/08/2014

09:35 PM Revision d629f1ca: igmpproxy param -d doesn't like the space before optarg. Fixes #3852: Renato Botelho
09:35 PM Revision 354a1d3f: igmpproxy param -d doesn't like the space before optarg. Fixes #3852: Renato Botelho
09:31 PM Revision fd875a8d: Ticket #3826 correct point number 2) by showing not connected tunnels in the end of the status page: Ermal LUÇI
08:44 PM Revision a1b5f07b: Fixes #3664, actually make sense of this function to work properly: Ermal LUÇI
08:36 PM Revision 7c611a3e: Improvements on interfaces_assign.php:: - Let user select network port to add instead of pick the first
available, it fixes #3846
- While I'm here, drop GE... Renato Botelho
08:28 PM Revision fa9667d2: Fixes #3823 Properly parse auth tags as variables: Ermal LUÇI
08:24 PM Revision 1c4b1636: Convert this block into a function for later use: Renato Botelho
08:24 PM Revision e4034dcb: Fix indent: Renato Botelho
08:24 PM Revision eb2ab5eb: Remove unecessary var initialization: Renato Botelho
08:24 PM Revision 19498fbf: Replace mwexec() by unlink_if_exists() and respect global tmp_path: Renato Botelho
08:24 PM Revision 1b0e073e: Fix indent and whitespaces: Renato Botelho
08:19 PM Revision ea0efb36: Show properly a setting of any for Identifiers to use in the status page: Ermal LUÇI
06:42 PM pfSense Packages Feature #3511 (Feedback): IGMP Proxy - its own tab under system logs: Fix committed to #3852 should have fixed this one too. I don't think a new tab is necessary now that debug level has ... Renato Botelho
06:36 PM Feature #3699 (Resolved): Log pfsense version after bootup: Renato Botelho
06:17 PM Feature #3365: Implement package signing: Transfer to Jeremy who will work on necessary changes for the new key Renato Botelho
04:50 PM Bug #3852: IGMPPROXY still spamming the main systemlog: Applied in changeset commit:d629f1ca6949735dd0c766b09d122b3edd6e1169. Renato Botelho
04:50 PM Bug #3852 (Feedback): IGMPPROXY still spamming the main systemlog: Applied in changeset commit:354a1d3ffce75d1ed0c7405f50b7947251da1c54. Renato Botelho
07:36 AM Bug #3852 (Resolved): IGMPPROXY still spamming the main systemlog: This is a renewal from an old feature ticket #1477. Because the bug is still there (my current pfSense version is 2.1... Willy Tenner
04:04 PM Bug #3826 (Feedback): 2.2 diag_ipsec.php issues: Point 1) is fixed already.
Point 3) has been corrected by Renato though it does not show the local subnet in case of... Ermal Luçi
03:50 PM Bug #3846 (Feedback): Adding interface for new VLAN selects active WAN VIP address breaking connectivity: Applied in changeset commit:7c611a3ea06545427336cbd26f04e8db21dbdf07. Renato Botelho
02:38 PM Bug #3846: Adding interface for new VLAN selects active WAN VIP address breaking connectivity: it is basically an issue when adding a new interface, I do not think it is specifically related to CARP or VLANs . F... Brian Taber
02:22 PM Bug #3846: Adding interface for new VLAN selects active WAN VIP address breaking connectivity: Can you provide more information on this.
It seems rather strange that you see this since it is not related in general. Ermal Luçi
03:20 PM Bug #3664: "IPsec" not displayed in firewall log interface column: Applied in changeset commit:a1b5f07b047b3f27e6326c718eec43167e3bf6dd. Ermal Luçi
03:06 PM Bug #3664 (Feedback): "IPsec" not displayed in firewall log interface column: Ermal Luçi
03:00 PM Bug #3823 (Feedback): diag_ipsec.php fails with PSK+Xauth mobile client connected: Applied in changeset commit:fa9667d2b90c030aeffd896f5dd680c7f5ae677b. Ermal Luçi
02:56 PM Feature #3806: Strongswan and CARP, initiator options: For IKEv1 there are complication to adding this.
It will mean that if you have more than one phase2 for IKEv1 it wil... Ermal Luçi

09/07/2014

11:17 AM Bug #3851 (Rejected): General Settings - DNS server settings don't get synced: The DNS servers and related settings are not supposed to sync. Jim Pingle
10:30 AM Bug #3851 (Rejected): General Settings - DNS server settings don't get synced: In General Settings - DNS servers settings to not get synced to our second firewall.
Neither the server names nor t... Eduard Rozenberg

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

10/06/2014

10/05/2014

10/04/2014

10/03/2014

10/02/2014

10/01/2014

09/30/2014

09/29/2014

09/28/2014

09/27/2014

09/26/2014

09/25/2014

09/24/2014

09/23/2014

09/22/2014

09/21/2014

09/20/2014

09/19/2014

09/18/2014

09/17/2014

09/16/2014

09/15/2014

09/14/2014

09/13/2014

09/12/2014

09/11/2014

09/10/2014

09/09/2014

09/08/2014

09/07/2014