Activity

30 days up to

User

Subprojects

Activity

From 10/11/2014 to 11/09/2014

11/09/2014

09:26 PM Bug #3998: Duplicated limiter numbers: On 2.2 I tried adding a few limiters and children and then deleting ones in the middle of the list... It seems that c... Phillip Davis
02:43 PM Bug #3998 (Resolved): Duplicated limiter numbers: I’ve 19 limiters (number 1 to 20, expect 13)
If I add a new one, he gets an already occupied number, 15. After that ... Reto Strub
03:08 PM Bug #1943: PPPoE won't reconnect after link loss when using vr(4) NICs on certain ISPs only: The bug is still here. Fresh log attached. Dmitriy K
02:20 PM Feature #2129: TCP mss clamping for IPv6: Ok, so people understand better that the input value is not taken as input value but subtracted by some (incorrect) n... Doktor Notor
11:17 AM Bug #3970: some files not removed on upgrade to 2.2: I noticed that list takes only files currently, some of those would be easier to just rm -rf a directory instead of a... Chris Buechler
07:40 AM Bug #3970 (Assigned): some files not removed on upgrade to 2.2: I was working on a similar list but only for a 2.1.5 fresh install against 2.2. Your test is better and I'll check th... Renato Botelho
07:47 AM Bug #3982: Installer generates errors when selecting "Embedded" but still appears to work: ttys_wrap file was removed on 2.2, but is still necessary o 2.1. Would be better if installer guess pfSense version b... Renato Botelho

11/08/2014

10:09 PM Bug #3970 (Confirmed): some files not removed on upgrade to 2.2: I did a clean install of 1.0.1-REL, then upgraded that to 1.2, 1.2.1, 1.2.2, 1.2.3, 2.0, 2.0.1, 2.0.2, 2.0.3, 2.1, 2.... Chris Buechler
03:04 PM Feature #2129 (Resolved): TCP mss clamping for IPv6: MTU in RA and properly-functioning PMTUD do indeed make it questionable as to whether it's necessary. But MSS clampin... Chris Buechler
07:38 AM Feature #2129: TCP mss clamping for IPv6: Chris Buechler wrote:
> questionable whether this is necessary. Definitely not a priority for 2.2
If you question... Doktor Notor
09:30 AM Bug #3982 (Feedback): Installer generates errors when selecting "Embedded" but still appears to work: Solution put in place for having this working on 2.2 and 64bit installer. Ermal Luçi
06:06 AM Bug #3939 (Feedback): Cannot create Host or Network type alias with an IP address/range: New snapshots will contain last filterdns code Renato Botelho

11/07/2014

11:17 PM Bug #3760 (Resolved): reply-to with TCP and IPv6 generates broken checksums: confirmed working, looks good Chris Buechler
01:48 PM Bug #3760 (Feedback): reply-to with TCP and IPv6 generates broken checksums: Reput back with proper building on snapshots. Ermal Luçi
11:14 PM Bug #3957 (Closed): 2.2 tap missing ALTQ: tun was the potentially problematic one. tap has never had ALTQ and probably isn't sensible to use in the shaper anyway. Chris Buechler
11:08 PM Bug #3913 (Resolved): if_bridge missing ALTQ support: fixed Chris Buechler
01:38 PM Bug #3913 (Feedback): if_bridge missing ALTQ support: It works for me but there were some patches accidentally removed from builds which have been put back. Ermal Luçi
11:02 PM Bug #3995 (Resolved): Site-to-site VPN not working on IKEv2: fixed Chris Buechler
12:30 PM Bug #3995: Site-to-site VPN not working on IKEv2: Applied in changeset commit:80be089f050f0f27398a2f35ff5d48f43c7cfa3f. Ermal Luçi
12:23 PM Bug #3995 (Feedback): Site-to-site VPN not working on IKEv2: Rightsourceip was being set on site-to-site/peer-to-peer configs which is wrong. Ermal Luçi
01:09 AM Bug #3995: Site-to-site VPN not working on IKEv2: I don't know the cause, but it seems most likely to be when we bumped to strongswan 5.2.1 last week. There was a patc... Chris Buechler
01:01 AM Bug #3995 (Resolved): Site-to-site VPN not working on IKEv2: Sometime in the recent past, AES-GCM has stopped working. To replicate, just setup a site to site IPsec VPN using AES... Chris Buechler
10:38 PM Bug #3979: 2.2 IPsec NAT-T / MOBIKE IKEv2 control: really needs some javascript to remove NAT-T option where IKEv2 is selected and replace with MOBIKE control. No longe... Chris Buechler
11:06 AM Bug #3979: 2.2 IPsec NAT-T / MOBIKE IKEv2 control: I'll finish this. Chris Buechler
10:32 PM Bug #2495 (Closed): pfsense doesn't seem to know what its WAN IP is: root issue is #3997, closing this in favor of that. Chris Buechler
10:31 PM Bug #3811 (Closed): IP aliases on CARP w/IPsec getting mixed up on addition of a new VLAN.: root issue is #3997, closing this in favor of that. Chris Buechler
10:31 PM Bug #3997 (Resolved): get_interface_ip() returns first IP on interface, not necessarily primary IP: In some circumstances, IPs can be added/removed from an interface in such ways that an interface's primary IP is no l... Chris Buechler
10:10 PM Bug #3996 (Needs Patch): Solarflare NIC panic with LACP: Up to and including 2.2 are affected by the bug described here.
https://bugs.freenas.org/issues/4803
There is a ... Chris Buechler
06:28 PM Revision 80be089f: Fixes #3995. Do not set rightsourceip on site-to-site VPNs but only on mobile users ones otherwise nothing works.: Ermal LUÇI
04:04 PM Bug #3970: some files not removed on upgrade to 2.2: confirmed that works now. Need to do more testing to ensure the obsoletedfiles list is complete. Chris Buechler
02:25 PM Bug #3981: strongswan "gets crazy" after a few reloads, wipes SAD and doesn't remove old SPD: One way to replicate is changing the P2 local and/or remote subnet on a functional site to site VPN. Check SAD and SP... Chris Buechler
12:37 PM Bug #3981 (Feedback): strongswan "gets crazy" after a few reloads, wipes SAD and doesn't remove old SPD: I cannot reproduce it on my side but for sure it was reloading secrets/crl/ca/cert's but was not realoding the config... Ermal Luçi
01:41 PM Bug #3939 (Assigned): Cannot create Host or Network type alias with an IP address/range: Ermal pointed that the function I disabled is needed in some specific cases. I'm reviewing Renato Botelho
01:37 PM Revision 20a95904: Make ipsec_starter log go to ipsec.log rather than system one: Ermal LUÇI
01:34 PM Bug #3987 (Confirmed): not possible to have both IKEv1 and IKEv2 mobile P1s: some limitations in strongswan that might make this difficult, as well as GUI design issues. Probably postpone the fu... Chris Buechler
01:14 PM Revision e82a1d11: Reload also the configuration not only the secrets before trying to apply existing configuration. Ticket #3981: Ermal LUÇI
12:38 PM Bug #3982: Installer generates errors when selecting "Embedded" but still appears to work: Isn;t memstick just a loader.conf option kernel rather than else on amd64? Ermal Luçi
07:01 AM Bug #3982: Installer generates errors when selecting "Embedded" but still appears to work: Even with only one kernel a choice must still be made about the console, so changing this screen into a console selec... Jim Pingle
03:45 AM Bug #3982: Installer generates errors when selecting "Embedded" but still appears to work: The issue here is that the amd64 builds do not have anymore the wrap kernels.
Only i386 has this type of kernel.
... Ermal Luçi
12:10 PM pfSense Packages Bug #3994: sudo package not working on 2.2: I added my workaround mentioned above for now. The other issue needs verified to ensure there isn't a larger problem ... Jim Pingle
12:05 PM pfSense Packages Bug #3994: sudo package not working on 2.2: The latest sudo 0.2.3 works for me, both on a production 2.1.5 system and a test 2.2 system. Phillip Davis
08:24 AM pfSense Packages Bug #3994: sudo package not working on 2.2: The binary is looking for its files in /usr/local/ when they live in the PBI dir /usr/pbi/sudo-<arch>/local/
I can... Jim Pingle
05:59 AM pfSense Packages Bug #3994: sudo package not working on 2.2: Indeed, same for me. I should really have been using some security on test systems rather than just the root/admin ac... Phillip Davis
12:37 AM pfSense Packages Bug #3994 (Resolved): sudo package not working on 2.2: With a completely default config, when trying to use sudo, you just get: ... Chris Buechler
11:37 AM pfSense Packages Bug #2992: Boot problem after upgrade: Hello,
New 2.1.4 install here, then upgraded to 2.1.5.
I then installed bandwidthd and just had the no boot iss... System IT
05:19 AM Revision bcb83c9e: Reintroduce graphcounter var to traffic_graphs.widget.php: This counter got lost in commit https://github.com/pfsense/pfsense/commit/ee965a5c7bf37b852795e1201688e3b20bf3d8d1
Bu... Phil Davis
04:11 AM Revision a8380480: fix text: Chris Buechler
04:09 AM Revision 6859f881: show interface name, not identifier: Chris Buechler
04:03 AM Revision d3d23754: fix text, PPPoE Server, not VPN: Chris Buechler
03:53 AM Bug #3941: adding a DHCP client interface results in missing default gateway on 2.2: I'll take it. Renato Botelho
03:11 AM Bug #3960 (Closed): deleting or changing phase 2 doesn't remove former P2: Ticket #3981 is the root cause Renato Botelho
02:19 AM Revision 7bd413eb: add a route debug option to log info about route commands executed (where those aren't already logged) to help with troubleshooting various routing scenarios.: Chris Buechler

11/06/2014

11:16 PM Revision 708af634: remove unnecessary is_array check, thanks Renato: Chris Buechler
10:36 PM Revision 6c3be365: Don't allow P2 local+remote network combinations that overlap with: interface+remote-gateway of the P1. Fixes #3812 Chris Buechler
07:24 PM Bug #3980 (Resolved): wrong static routes added for remote P2 subnets: fixed Chris Buechler
12:44 PM Bug #3980 (Feedback): wrong static routes added for remote P2 subnets: looks to be fixed, leaving for further confirmation Chris Buechler
12:00 PM Bug #3980 (Confirmed): wrong static routes added for remote P2 subnets: actually it's strongswan itself doing this, looking at where/why. Chris Buechler
07:23 PM Bug #3812 (Resolved): IPSec validation should prevent phase2 policies(subnets) to include remote peer on it: this is good Chris Buechler
04:50 PM Bug #3812: IPSec validation should prevent phase2 policies(subnets) to include remote peer on it: Applied in changeset commit:6c3be3650008801aaa1579dca67b0588c04b8e18. Chris Buechler
04:33 PM Bug #3812 (Feedback): IPSec validation should prevent phase2 policies(subnets) to include remote peer on it: fix pushed and tested, leaving for further testing and confirmation. The check only prevents P2s where the local+remo... Chris Buechler
06:49 PM Revision dbb95f38: set install_routes=no for charon to avoid the issues noted in ticket: Chris Buechler
06:38 PM Revision 27c2e32e: Pass zone id to pfSense_ipfw_getTablestats(), should fix #3990: Renato Botelho
01:54 PM Revision 118218cb: Make sure target has scope when it's a link-local. Fixes #3969: Renato Botelho
01:40 PM Revision 049c74ec: Check if array is set: Renato Botelho
01:07 PM Revision 10435fa9: Merge pull request #1330 from phil-davis/patch-1: Jim Pingle
12:56 PM Bug #3990 (Resolved): pfSense_ipfw_getTablestats issue: confirmed fixed, though last activity is blank, that's a separate issue I'll check into further and open its own tick... Chris Buechler
12:50 PM Bug #3990 (Feedback): pfSense_ipfw_getTablestats issue: Applied in changeset commit:27c2e32e28f871adf036b666e8e3ae1bf54ea7a2. Renato Botelho
12:49 PM Bug #3981 (Confirmed): strongswan "gets crazy" after a few reloads, wipes SAD and doesn't remove old SPD: Actually this is hit and miss, but it's the same root issue as #3960 it appears. Changed subject to the best descript... Chris Buechler
10:54 AM Bug #3981 (Resolved): strongswan "gets crazy" after a few reloads, wipes SAD and doesn't remove old SPD: something was fixed that resolved this Chris Buechler
12:42 PM Bug #3993: 2.2 memstick installer kernel selection is broken: Matt, you're welcome to pick up #3982, no one's working on that yet. Just assign it to yourself and set to assigned s... Chris Buechler
11:27 AM Bug #3993 (Rejected): 2.2 memstick installer kernel selection is broken: Duplicate of #3982 Jim Pingle
10:12 AM Bug #3993 (Rejected): 2.2 memstick installer kernel selection is broken: In the serial memstick image for 2.2, if you select 'Easy Install' and allow the system to install, you are prompted ... Matthew Smith
11:33 AM Bug #3982: Installer generates errors when selecting "Embedded" but still appears to work: An additional note after talking to Renato earlier and doing some research:
The serial console worked for me becau... Jim Pingle
11:30 AM Bug #3982 (Confirmed): Installer generates errors when selecting "Embedded" but still appears to work: Chris Buechler
11:32 AM Bug #3939 (Resolved): Cannot create Host or Network type alias with an IP address/range: works Chris Buechler
11:11 AM Bug #3960: deleting or changing phase 2 doesn't remove former P2: it's not consistent every time it appears, but it is replicable after discussing and trying further with Renato. Chris Buechler
04:00 AM Bug #3960: deleting or changing phase 2 doesn't remove former P2: Chris Buechler wrote:
> I confirmed it again on the most recent snapshot. In addition to changing it not removing, d... Renato Botelho
10:30 AM Revision 3f6525c1: Make sure srcip has scope when it's link-local. Should fix #3969: Renato Botelho
09:57 AM Revision e7752fc4: Remove extra ; and space: Renato Botelho
09:57 AM Revision e7a00514: Process obsolete files in shell script instead of php: Renato Botelho
09:57 AM Revision 48f77cef: Simplify post_upgrade_command logic and obsolete /usr/local/sbin/cvs_sync.sh instead of removing it on post_upgrade_command: Renato Botelho
09:40 AM Bug #3992 (Resolved): The password confirmation field is not properly formatted at VPN: L2TP: User: Add/Edit: At VPN: L2TP: User: Add/Edit the password confirmation field is longer than the password field.
Also the small "lo... Benedikt N.
09:29 AM Revision a68c6785: Fix to SMART disk matching: preg_match returns 0 when the string does not match the regex.
0 does not "===" FALSE
So this check is not always wor... Phil Davis
08:57 AM Bug #3991: /etc MFS on 2.2 Netgate build memstick image runs out of space: modified pfsense-tools/builder_scripts/scripts/rc.d/etcmfs to set default size to 20m
Matthew Smith
08:32 AM Bug #3991 (Resolved): /etc MFS on 2.2 Netgate build memstick image runs out of space: The /etc MFS on a 2.2 memstick image of the Netgate build is allocated with 10 MB of space. The files that get copied... Matthew Smith
08:31 AM Bug #3969 (Resolved): apinger configuration for DHCPv6 gateway is missing interface scope on source IP and target: Looks good now, gateway shows online at boot time and still shows online across several reboots. Thanks! Jim Pingle
08:00 AM Bug #3969 (Feedback): apinger configuration for DHCPv6 gateway is missing interface scope on source IP and target: Applied in changeset commit:118218cb69b1a8cea2f5915e4c81537b51462c34. Renato Botelho
07:40 AM Bug #3969 (Confirmed): apinger configuration for DHCPv6 gateway is missing interface scope on source IP and target: Source IP is scoped now but it still is not showing "online" - In my testing from earlier it looks like the target ne... Jim Pingle
04:30 AM Bug #3969 (Feedback): apinger configuration for DHCPv6 gateway is missing interface scope on source IP and target: Applied in changeset commit:3f6525c1ab0fd3f704ab8e23f935c475c3cbd16c. Renato Botelho
07:37 AM Bug #3970 (Feedback): some files not removed on upgrade to 2.2: Please try new snapshots, after move part of the logic to shell script it passed on all my tests Renato Botelho
04:58 AM Revision a012464e: fix captive portal status page display: Chris Buechler
04:45 AM Revision bb18cfcb: fix up text: Chris Buechler
02:45 AM Revision e8fa9843: Pass friendlyifname to handle_argument_group, not realifname. Fixes #3984. clean up some text while here.: Chris Buechler
01:47 AM Revision e55e4b74: isset($_GET) seems to always evaluate to true, use something more specific. Fixes use of rc.linkup when run from CLI. Others likely fix similar circumstances, though maybe not ones that are used anywhere.: Chris Buechler
01:33 AM Revision c75e8aed: Disable delete_old_states in dhclient-script. rc.newwanip handles this correctly in 2.2, and this killed states in multiple circumstances where that isn't necessary nor desirable.: Chris Buechler

11/05/2014

11:37 PM Bug #3941: adding a DHCP client interface results in missing default gateway on 2.2: the fix earlier in rc.linkup didn't have any effect here. Dug through this more tonight. Best I can definitively say ... Chris Buechler
11:18 PM Revision 9aec47b7: don't duplicate $message in CP log entries: Chris Buechler
10:45 PM Bug #3990 (Resolved): pfSense_ipfw_getTablestats issue: When clicking "Show last activity" on status_captiveportal.php (for instance, probably a problem elsewhere as well), ... Chris Buechler
10:01 PM Bug #3989 (Resolved): DNS Resolver interface drop downs need enlarged: The "Network Interfaces" and "Outgoing Network Interfaces" selection boxes need to be enlarged or made variable to th... Bill Crowder
08:40 PM Bug #3984 (Resolved): system booted with DHCP client NIC unplugged never kicks off dhclient: fixed Chris Buechler
06:56 PM Bug #3984: system booted with DHCP client NIC unplugged never kicks off dhclient: looks like check_reload_status is doing the right thing, rc.linkup seems to be where the issue is. Chris Buechler
05:31 PM Revision d9b05eb4: When an alias contain hosts, add IPs and networks to filterdns too, otherwise you end up with a pre-defined and non-persistent table. Fixes #3939: Renato Botelho
05:27 PM Bug #3760 (Confirmed): reply-to with TCP and IPv6 generates broken checksums: that change made kernel builds fail and was reverted. Chris Buechler
05:26 PM Bug #3938 (Resolved): Captive Portal PHP Error at bootup on current snapshots: fixed Chris Buechler
05:25 PM Bug #3970: some files not removed on upgrade to 2.2: Renato found solution today, implementing tomorrow morning. Chris Buechler
11:54 AM Bug #3939: Cannot create Host or Network type alias with an IP address/range: to me for testing Chris Buechler
11:50 AM Bug #3939: Cannot create Host or Network type alias with an IP address/range: Applied in changeset commit:d9b05eb490ab4d31a132c3e993bd560933eadd8c. Renato Botelho
11:06 AM Bug #3939 (Feedback): Cannot create Host or Network type alias with an IP address/range: Please try next snapshots Renato Botelho
10:23 AM Bug #3842: Verdana font from the Linux package ttf-mscorefonts-installer causes rendering issues with pfSense WebGUI: Hello!
I don't have Verdana or Tahoma fonts installed. I also don't have ttf-mscorefonts-installer package install... Ivo B
09:12 AM Revision fcfa23da: Merge pull request #1319 from phil-davis/patch-1: Renato Botelho
09:07 AM Revision 87d4456c: Merge pull request #1323 from derelict-pf/master: Renato Botelho
09:06 AM Revision 5940e655: Merge pull request #1326 from phil-davis/patch-5: Renato Botelho
09:06 AM Revision 798d8644: Fix obviously broken test in rc.initial.setlanip: IMO might as well back-port any obviously wrong code to 2.1 branch, just in case anybody on 2.1.n cares for it or the... Phil Davis
09:05 AM Revision f81011ea: Merge pull request #1320 from phil-davis/patch-2: Renato Botelho
08:31 AM Bug #3988 (Rejected): menu text shifted to the left after upgrade: Duplicate of #3842 Jim Pingle
07:58 AM Bug #3988: menu text shifted to the left after upgrade: Ivo Babarovic wrote:
> After I upgraded from to 2.1.5 from 2.1.2.
> Text labels in web menus are shifted to the rig... Ivo B
07:56 AM Bug #3988 (Rejected): menu text shifted to the left after upgrade: After I upgraded from to 2.1.5 from 2.1.2.
Text labels in web menus are shifted to the right and longer texts get ou... Ivo B
05:31 AM Revision e39c963a: fix up text: Chris Buechler
05:19 AM Revision 75756ab9: use a bit stronger of defaults in OpenVPN wizard: Chris Buechler
05:08 AM Revision 1c1fe666: Fix WINS description. It's not 1999, and it wasn't a good description for back then either. If you're running WINS at this point on your AD DCs...get rid of the Win 9x boxes, or realize you don't actually need or want WINS on anything Windows 2000 and newer.: Chris Buechler
05:05 AM Revision 7a22ab9b: fix up text: Chris Buechler
04:01 AM Revision cbc6a13f: Fix updating of hosts file on host override updates by bringing back the same behavior from previous releases.: Chris Buechler
03:22 AM Revision b7419cfc: skip disabled phase 1 entries in status output: Chris Buechler
01:57 AM Revision 261f2efe: fix NAT-T status. The 'nat' in the status array just tells how the connection is configured, not what it's actually using. Port seems to be the best way to determine what it's using. Fix up some other text while here: Chris Buechler
01:09 AM Revision 531686c1: use tabs rather than spaces, as most of this already did.: Chris Buechler
01:02 AM Revision d3c414e3: strongswan only has two options for NAT-T, force or auto.: Chris Buechler
12:44 AM Revision a43ddd1a: setting nmbclusters to 0 just results in an error, remove unnecessary line: Chris Buechler
12:34 AM Revision 41367b9c: remove old DISABLE_PHP_LINT_CHECKING, which dates way back to the CVS days and hasn't been relevant in years.: Chris Buechler
12:24 AM Revision 276efd64: touch up text: Chris Buechler
12:18 AM Revision 32171e59: fix invalid ipsec.conf: Chris Buechler
12:02 AM Revision f643a1f1: clean up text: Chris Buechler

11/04/2014

10:51 PM Bug #3987 (Resolved): not possible to have both IKEv1 and IKEv2 mobile P1s: There can only be one mobile P1 currently, which restricts you unnecessarily to only either IKEv1 or IKEv2 for mobile... Chris Buechler
09:31 PM Bug #3979: 2.2 IPsec NAT-T / MOBIKE IKEv2 control: this is correct for IKEv1 after my commits earlier. Seems to be working as it should. It'll continue to work on upgra... Chris Buechler
01:58 PM Bug #3979 (Confirmed): 2.2 IPsec NAT-T / MOBIKE IKEv2 control: after further review and discussion with Ermal, the code is there to set forceencaps, it just isn't setting it correc... Chris Buechler
05:56 AM Bug #3979 (Feedback): 2.2 IPsec NAT-T / MOBIKE IKEv2 control: I have pushed them recently to be enforced.
The only remaining task is to remove Force from the options list because... Ermal Luçi
08:49 PM Revision ea20169a: Use a better method of finding disks for SMART.: Old code was inaccurate and also listed entries that were symlinks to other disks Jim Pingle
08:39 PM pfSense Packages Bug #3986: BandwidthD can break php-fpm in unknown rare edge case: In addition to the 2.2 issue of it somehow taking over php-fpm and thus breaking webGUI and...
I will note here that... Phillip Davis
05:53 PM pfSense Packages Bug #3986 (Closed): BandwidthD can break php-fpm in unknown rare edge case: Hi,
Having a lot of struggles with BandwidthD in v2.2 More info here,
https://forum.pfsense.org/index.php?topic=7... Russell Morris
08:21 PM Revision 0810a719: Restore 3 values back on NAT-T settings Just Enable now its Auto as per strongswan default. and off disabled mobike. Ticket #3979: Ermal LUÇI
08:08 PM Revision 1db2634e: Rename the options to actually make sense with strongswan: Ermal LUÇI
08:07 PM Revision 86ef7a0a: Remove Force options since it has not meaning for now.: Ermal LUÇI
07:31 PM Revision 756d867a: fix comment: Chris Buechler
06:49 PM Bug #3960: deleting or changing phase 2 doesn't remove former P2: similarly, disabling a P1 doesn't remove it from the SPD nor SAD. It does remove it from the config file. Chris Buechler
12:02 AM Bug #3960 (Confirmed): deleting or changing phase 2 doesn't remove former P2: I confirmed it again on the most recent snapshot. In addition to changing it not removing, deleting a P2 doesn't remo... Chris Buechler
05:50 PM pfSense Packages Bug #3985: apcupsd / nut not working in v2.2: Sorry, meant to add this for help, missed it,
https://forum.pfsense.org/index.php?topic=80248.msg437658#msg437658
Russell Morris
05:50 PM pfSense Packages Bug #3985 (Closed): apcupsd / nut not working in v2.2: Hi,
I can't seem to get apcupsd or nut working in v2.2 - looks like a USB / driver issue, but I definitely could b... Russell Morris
05:44 PM Revision 5711c446: Catch some more sensitive info when sanitizing.: Jim Pingle
05:43 PM Revision 8a2229e3: Catch some more sensitive info when sanitizing.: Jim Pingle
05:22 PM Bug #3984 (Confirmed): system booted with DHCP client NIC unplugged never kicks off dhclient: Chris Buechler
01:48 PM Bug #3984 (Resolved): system booted with DHCP client NIC unplugged never kicks off dhclient: Take a simple LAN/WAN setup, WAN set as a DHCP client. Boot the system with WAN's NIC unplugged. Then plug the NIC in... Chris Buechler
03:26 PM Bug #3760 (Feedback): reply-to with TCP and IPv6 generates broken checksums: I pushed a fix that should treat this, test with new snapshots. Ermal Luçi
02:28 PM Todo #3958: test 2.2 upgrade scenarios: aside from things that have bugs open, and things that can't be tested because of other open bugs, this seems fine. S... Chris Buechler
11:09 AM pfSense Packages Todo #3983 (Needs Patch): Option for Cron Package: Jim Pingle
10:25 AM pfSense Packages Todo #3983 (Needs Patch): Option for Cron Package: Hello,
It's possible to add a custom button or other for disable or/and enable a cron task.
In the lastest versio... Julien Bénic
08:42 AM Bug #3361: DHCP6 WAN is not obtaining a default gateway: Watch out for this one. It works on some boots and not others, or depending on the timing. There's a race condition s... Jim Pingle
07:55 AM Bug #3982 (Resolved): Installer generates errors when selecting "Embedded" but still appears to work: When running the installer and choosing "Embedded" two errors are given by the GUI but if "skip" is chosen the instal... Jim Pingle
05:57 AM Bug #3957: 2.2 tap missing ALTQ: As i said before TAP should behave the same on 2.1 as well Ermal Luçi

11/03/2014

09:56 PM Bug #3981 (Resolved): strongswan "gets crazy" after a few reloads, wipes SAD and doesn't remove old SPD: This is a recent regression in 2.2. diag_ipsec_spd.php shows "No IPsec security associations" when there are active, ... Chris Buechler
09:47 PM Bug #3980 (Resolved): wrong static routes added for remote P2 subnets: A static route for the remote network of every P2 is added in 2.2, pointing to WAN's gateway IP. I'm guessing the int... Chris Buechler
09:32 PM Bug #3961 (Resolved): only first of multiple P2s works in 2.2: the issue described here is resolved. The two Ermal noted we'll discuss Chris Buechler
09:33 AM Bug #3961: only first of multiple P2s works in 2.2: I have done testing on this.
It works even today as is.
List of issues i am after:
- Racoon does not like agress... Ermal Luçi
08:53 PM Bug #3979 (Resolved): 2.2 IPsec NAT-T / MOBIKE IKEv2 control: The enable/disable/force NAT-T settings from earlier versions don't do anything in 2.2. It appears in newer strongswa... Chris Buechler
07:38 PM Bug #3913 (Confirmed): if_bridge missing ALTQ support: no change Chris Buechler
07:37 PM Bug #3957 (Confirmed): 2.2 tap missing ALTQ: tun is fine, tap not. Chris Buechler
07:35 PM Bug #3974 (Resolved): DNS Resolver: Advanced - Error in description: looks good, thanks Warren Chris Buechler
07:00 AM Bug #3974 (Feedback): DNS Resolver: Advanced - Error in description: Applied in changeset commit:d5566d43f4ace5036b5e5476d975bb8d13ce3b6f. Warren Baker
05:23 AM Bug #3974: DNS Resolver: Advanced - Error in description: Yeah i have the changes done. Just haven't submitted a pull request just yet. There are a few more which Im still goi... Warren Baker
05:10 AM Bug #3974: DNS Resolver: Advanced - Error in description: I have a bit of code to make that all consistent. I also see that Wagonza just made some updates to the related files... Phillip Davis
01:38 AM Bug #3974: DNS Resolver: Advanced - Error in description: Just noticed that the same issue exists for a few other items on the same page:
Outgoing TCP Buffers 0 vs 10
In... Dustin Dembeck
01:28 AM Bug #3974 (Resolved): DNS Resolver: Advanced - Error in description: Go to Services -> DNS Resolver -> Advanced -> Outgoing TCP Buffers and Incoming TCP Buffers (/services_unbound_advan... Dustin Dembeck
07:18 PM Bug #2650: FTP helper breaks TCP sequence numbers on 2nd WAN: assigning to me for further testing. Unchanged in 2.2 from prior releases, not a common enough issue to hold up and p... Chris Buechler
07:01 PM Bug #1928 (Resolved): Can't sync voucher database when carp peer is also active: fixed. Voucher sync is separate from CP's config sync, it does work. Chris Buechler
06:55 PM Bug #3361 (Confirmed): DHCP6 WAN is not obtaining a default gateway: no change Chris Buechler
05:54 PM Feature #3978 (Needs Patch): Backup and Restore configuration: Chris Buechler
04:58 PM Feature #3978 (Needs Patch): Backup and Restore configuration: Hi,
It's possible to add a custom area to select only backup or restore
-One for Limiter
-One for Layer7
Than... Julien Bénic
05:35 PM pfSense Packages Bug #3977: Squid-dev 3.3.11_1 pkg installs but does not start on 2-2-BETA: Nev Secular wrote:
> 2.2-BETA (i386) built on Thu Oct 30 13:58:57 CDT 2014 FreeBSD 10.1-RC3
> After installing squi... Nev Secular
04:42 PM pfSense Packages Bug #3977 (Resolved): Squid-dev 3.3.11_1 pkg installs but does not start on 2-2-BETA: 2.2-BETA (i386) built on Thu Oct 30 13:58:57 CDT 2014 FreeBSD 10.1-RC3
After installing squid-dev 3.3.11_1 pkg squid... Nev Secular
05:27 PM Revision f384d8a5: Merge pull request #1329 from phil-davis/patch-3: Renato Botelho
04:43 PM Revision a3fad592: Fixup dhcpd interface enabled check: Phil Davis
03:31 PM Bug #3951 (Resolved): Processes like filterdns and ipfw-classifyd accumulate many open file handles: Ermal Luçi
03:04 PM Revision ba667cc6: Fix console set interface IP address: Problem as per forum https://forum.pfsense.org/index.php?topic=83651.0
The problem comes whenever services_dhcpd_conf... Phil Davis
02:30 PM Bug #3941 (Confirmed): adding a DHCP client interface results in missing default gateway on 2.2: that didn't fix the issue described here Chris Buechler
01:32 PM Bug #3970 (Confirmed): some files not removed on upgrade to 2.2: /tmp/post_upgrade_command.php is executed after new files are in place and before reboot, probably the root cause is ... Renato Botelho
12:56 PM Revision ec290464: Merge pull request #1328 from wagonza/master: Renato Botelho
12:54 PM Revision fe9d4894: Fix indent: Renato Botelho
12:52 PM Revision 2783e408: Revert "Indent better": This reverts commit a431bfc9e698c753d9a54218af9076184deb6251. Renato Botelho
12:45 PM Revision d5566d43: Make sure defaults values are actually used. Fixes #3974: Warren Baker
11:48 AM pfSense Packages Bug #3975 (Rejected): Gateway Monitoring Offline: not true, please post more info to the forum or list for assistance. Chris Buechler
05:27 AM pfSense Packages Bug #3975 (Rejected): Gateway Monitoring Offline: PfSense 2.2 shows gateways as always offline Russell Wilson
11:45 AM Bug #3976 (Resolved): VLAN Interfaces on LAGG get orphaned on LAGG change: that is replicable on 2.1.x but not 2.2, already fixed there. Chris Buechler
11:04 AM Bug #3976 (Resolved): VLAN Interfaces on LAGG get orphaned on LAGG change: Reproduce:
1. Create LAGG with e.g. em3 + em4, LACP and a nice description
2. Create a few vlans and assign them ... Jens Weibler
10:48 AM Revision 7bb24e18: Merge pull request #1327 from wagonza/pfSense-master: Renato Botelho
10:30 AM Bug #1629: invalid state table entries after WAN IP change: It's not the gateway that needs states killed, it's the old WAN IP. Chris Buechler
06:36 AM Bug #1629: invalid state table entries after WAN IP change: I'm on ... Anonymous
10:08 AM Revision 46a989ce: Indent here as well: Warren Baker
10:08 AM Revision a431bfc9: Indent better: Warren Baker
10:04 AM Revision 1b436de1: Be consistent with the other pages: Warren Baker
10:03 AM Revision be11b6f1: Add braces: Warren Baker
08:27 AM Revision 4c3abd34: Fix obviously broken test in rc.initial.setlanip: IMO might as well back-port any obviously wrong code to 2.1 branch, just in case anybody on 2.1.n cares for it or the... Phil Davis
07:54 AM Revision 0a89d059: Merge pull request #1324 from phil-davis/patch-3: Renato Botelho
06:04 AM Revision 8727b3c8: Set interface address from consol tidy output: While trying to see why this is not working for me (forum https://forum.pfsense.org/index.php?topic=83651.0 ) I have ... Phil Davis
03:12 AM Bug #3940 (Resolved): check_reload_status uses deprecated libevent-1.4: Renato Botelho
02:35 AM Bug #3940: check_reload_status uses deprecated libevent-1.4: It also looks good on my custom build - no high CPU load. Thomas Hilse

11/02/2014

05:48 PM Bug #3973 (Resolved): Route 53 dynamic DNS provider fails to update record: Existing records are not updating with the Route 53 dynamic DNS provider.
Records that do not exist are created p... Grant Horning
08:58 AM Bug #3951: Processes like filterdns and ipfw-classifyd accumulate many open file handles: Updated to:
2.2-BETA (amd64)
built on Sat Nov 01 21:36:28 CDT 2014
FreeBSD 10.1-RC4
Now filterdns has just 8 th... Phillip Davis
05:46 AM Bug #3951: Processes like filterdns and ipfw-classifyd accumulate many open file handles: My main 2.1.5 production system is the big offender with this - it has over 4000 in filterdns fstat. But I can't upgr... Phillip Davis

11/01/2014

11:20 PM Revision ce21dfca: Correct dispaly of checkboxes for ipsec: Ermal LUÇI
10:41 PM Revision 8cb7d3e3: Properly configure NAT Tranversal setting.: Ermal LUÇI
07:54 PM Revision 6af85718: Remove debugging code: Ermal LUÇI
05:56 PM Revision f3dd7e8c: Properly test if FCGI is calling or are being triggered from shell. Normally Fixes #3361: Ermal LUÇI
05:55 PM Revision 9fdc167f: Properly test if FCGI is calling or are being triggered from shell. Normally Fixes #3361: Ermal LUÇI
05:49 PM Revision d338018f: Fixes #3938. Do more error checking.: Ermal LUÇI
05:44 PM Revision 935fcedb: Fixes #3941. When optimizations of the loops were made this brought the problems of overriding default gateway by dynamic interfaces. Try to stick to the first found for now!: Ermal LUÇI
05:43 PM Revision d35dfaae: Fixes #3941. When optimizations of the loops were made this brought the problems of overriding default gateway by dynamic interfaces. Try to stick to the first found for now!: Ermal LUÇI
03:54 PM pfSense Packages Bug #3972: Avahi daemon doesn't start due to missing folder for requisite dbus-daemon.: Working AVAHI on 2.2
mkdir /var/run/dbus
chown messagebus:messagebus /var/run/dbus
dbus-daemon --system
Aaron... Bill Crowder
01:04 PM pfSense Packages Bug #3972: Avahi daemon doesn't start due to missing folder for requisite dbus-daemon.: A general note Jim Pingle
12:58 PM pfSense Packages Bug #3972: Avahi daemon doesn't start due to missing folder for requisite dbus-daemon.: Jim P wrote:
> While this is being fixed, it may also warrant adding a <service> tag for dbus.
Was that a general... Aaron Outhier
12:47 PM pfSense Packages Bug #3972: Avahi daemon doesn't start due to missing folder for requisite dbus-daemon.: While this is being fixed, it may also warrant adding a <service> tag for dbus. Jim Pingle
12:36 PM pfSense Packages Bug #3972: Avahi daemon doesn't start due to missing folder for requisite dbus-daemon.: Oops! I confused the terms "Assignee" and "Assigner". I put myself as the assignee, thinking that I was supposed to d... Aaron Outhier
12:33 PM pfSense Packages Bug #3972 (Resolved): Avahi daemon doesn't start due to missing folder for requisite dbus-daemon.: Avahi package version 0.6.31 pkg v1.06 has a bug which prevents it from working. This bug should be easy to fix. I ha... Aaron Outhier
03:16 PM Bug #3913: if_bridge missing ALTQ support: Well sorry to bring bad news, but i still got the same error message (i have removed the shaper rules and recreated t... Orsiris de Jong
01:36 PM Bug #3967 (Confirmed): Need to restore IP aliases on CARP IPs in 2.2: that does work, but there are issues with that approach. One, you have to remember what VHID you're using on that, an... Chris Buechler
01:12 PM Bug #3967 (Feedback): Need to restore IP aliases on CARP IPs in 2.2: Getting back to this.
Apparently i just made conversion code to convert any such aliases to carp on same vhid.
So... Ermal Luçi
01:00 PM Bug #3361: DHCP6 WAN is not obtaining a default gateway: Applied in changeset commit:f3dd7e8cdb11077486421364ea3a11c411ba807b. Ermal Luçi
01:00 PM Bug #3361: DHCP6 WAN is not obtaining a default gateway: Applied in changeset commit:9fdc167f4ef1c8fd1b76ba9ca6e56c8085dbe672. Ermal Luçi
12:51 PM Bug #3361 (Feedback): DHCP6 WAN is not obtaining a default gateway: Ermal Luçi
01:00 PM Bug #3938: Captive Portal PHP Error at bootup on current snapshots: Applied in changeset commit:d338018f4798ea41975589f8c5b111568747e572. Ermal Luçi
12:44 PM Bug #3938 (Feedback): Captive Portal PHP Error at bootup on current snapshots: Ermal Luçi
12:50 PM Bug #3941: adding a DHCP client interface results in missing default gateway on 2.2: Applied in changeset commit:935fcedbca2dbe8c3d9eb41bc5739b511a9ec19a. Ermal Luçi
12:50 PM Bug #3941: adding a DHCP client interface results in missing default gateway on 2.2: Applied in changeset commit:d35dfaaecb5eabedade43738ba4f76967a7425a3. Ermal Luçi
12:39 PM Bug #3941 (Feedback): adding a DHCP client interface results in missing default gateway on 2.2: Ermal Luçi
01:52 AM Bug #3941: adding a DHCP client interface results in missing default gateway on 2.2: most I've found thus far is it still happens after removing all the "route delete default" commands from dhclient-scr... Chris Buechler
12:45 PM Bug #3692: apinger loss % gets stuck: People have confirmed that the behaviour is improved.
Only the graph part needs improvement. Ermal Luçi
12:23 PM Bug #3951 (Feedback): Processes like filterdns and ipfw-classifyd accumulate many open file handles: Ermal Luçi
12:05 PM Bug #3951: Processes like filterdns and ipfw-classifyd accumulate many open file handles: I think i found the cause.
Please test with new snapshots. Ermal Luçi
09:07 AM Feature #3971 (Resolved): IPv6 - Preserve the DUID used for WAN DHCP-PD in the configuration file: +Feature Request+
Preserve the DUID used to obtain the DHCP-PD addressing on the WAN in config.xml
Secondary ... David Williams
06:42 AM Revision 038f6e96: clarify logs generated by newwanip(v6) when restarting packages, it's not only IP changes that end up here (by design).: Chris Buechler
01:05 AM Bug #3963: PPPoE client interface status wrong while attempting to connect: not the issue it initially appeared to be, assigned to me for review in the future. behavior is no diff than previous... Chris Buechler

10/31/2014

10:05 PM Revision a94a16cd: s/a/an/ and speling.: derelict-pf
09:55 PM Revision 162a7b4e: s/then/than/: derelict-pf
09:13 PM Bug #3666: PMTUD is broken for NATed traffic: Ermal - no change with the kernel you built. I have a test setup up now that you can reach. /msg me for info. Chris Buechler
05:11 PM Bug #3970 (Resolved): some files not removed on upgrade to 2.2: There is at least one file from earlier versions that has to be removed in the process of upgrading to 2.2, with setk... Chris Buechler
02:46 PM Bug #3961: only first of multiple P2s works in 2.2: this is for site to site VPNs with > 1 P2. One easy way to replicate, setup a site to site IPsec between 2.1.5 and 2.... Chris Buechler
02:39 PM Bug #3961 (Feedback): only first of multiple P2s works in 2.2: It works for me for mobile clients which this issue is about!
The unity plugin sends split-include sections now. Ermal Luçi
02:26 PM Revision 4045cf1e: Fix two more instances of rrd.tgz renaming.: Jim Pingle
02:26 PM Revision 8560c756: Fix two more instances of rrd.tgz renaming.: Jim Pingle
02:24 PM Bug #3913 (Feedback): if_bridge missing ALTQ support: Should work correctly on new snapshots. Ermal Luçi
02:15 PM Bug #3957 (Feedback): 2.2 tap missing ALTQ: Ermal Luçi
02:12 PM Bug #3957: 2.2 tap missing ALTQ: Ok reproduced only for TAP, tun is ok.
Also i think tap behaved the same before. Ermal Luçi
02:04 PM Bug #3957: 2.2 tap missing ALTQ: I cannot replicate this on tun/tap?!!!
I do not even see changes in code to not support it! Ermal Luçi
01:30 PM Bug #3941: adding a DHCP client interface results in missing default gateway on 2.2: I'll take this one Chris Buechler
12:44 PM Bug #3870 (Closed): re(4) NICs on APU are unable to hardcode speed/duplex properly: PC Engines not aware of the issue, but not surprised by it given Realtek's horrible documentation.
We've confirme... Chris Buechler
12:39 PM Bug #3876 (Resolved): pfsync is not synchronizing states on 2.2: looks to be fine, works in both directions from testing. Chris Buechler
08:08 AM Bug #3960 (Feedback): deleting or changing phase 2 doesn't remove former P2: I couldn't reproduce it, I changed local or remote subnet and it worked as expected. Can you confirm it is still happ... Renato Botelho
07:27 AM Bug #3969 (Resolved): apinger configuration for DHCPv6 gateway is missing interface scope on source IP and target: When using a DHCPv6 WAN, apinger sets the srcip to be the interface link-local address but it does not set the scope ... Jim Pingle
06:45 AM Bug #3940: check_reload_status uses deprecated libevent-1.4: New snapshots are available, using libevent 2.0 and check_reload_status with fixes. Renato Botelho
04:06 AM Bug #3940: check_reload_status uses deprecated libevent-1.4: pfsense-tools repo already have the final patch applied, please try it or wait new snapshots today yet. Renato Botelho
03:00 AM Bug #3940: check_reload_status uses deprecated libevent-1.4: After applying your patch there are still 3 statements with "socket_close_command(fd, ev);" left:
root@pfsense-bui... Thomas Hilse
02:24 AM Revision c656bc75: Fix getext to gettext typo: Phil Davis
02:23 AM Revision 41aa5cd4: Fix getext to gettext typo: Phil Davis
02:23 AM Revision 29af6265: Fix getext to gettext typo: Phil Davis
02:22 AM Revision 24516832: Fix getext to gettext typo: Phil Davis
02:21 AM Revision b3f0b2e1: Fix getext to gettext typo: Phil Davis
02:10 AM Revision 687712ee: More gettext typos: Phil Davis
02:10 AM Revision 95169728: More gettext typos: Phil Davis
02:09 AM Revision c69f62b8: More gettext typos: Phil Davis
02:07 AM Revision 91ee10c0: More gettext typos: Phil Davis
01:30 AM Revision e4982b90: fix typoed gettext: Chris Buechler

10/30/2014

09:37 PM Revision 1ae41bfe: Kill states associated with the old WAN IP when WAN IP has changed. Retain: hidden config option to wipe all states on IP change, as there seemed to
be circumstances where the 'pfctl -k $oldip'... Chris Buechler
08:35 PM Revision 737b18f2: Allow accept_unencrypted_mainmode_messages to be enabled if needed: Ermal LUÇI
06:15 PM Revision 461eac09: only kill all states if the IP changed. ticket #1629: Chris Buechler
05:03 PM Bug #1629 (Resolved): invalid state table entries after WAN IP change: this is fixed. The states of the former WAN IP are now killed post-IP change, which should resolve nearly all cases w... Chris Buechler
04:59 PM Bug #3921 (Resolved): max-packets option missing from pfctl: issue here is resolved Chris Buechler
04:23 PM Bug #3921 (Feedback): max-packets option missing from pfctl: Its expected and resolving this is not in plan for 2.2.
Also that is not what this ticket is about. Ermal Luçi
04:02 PM Bug #1928: Can't sync voucher database when carp peer is also active: I am unsure if this should be allowed!
Normally switching to master it should have the latest voucher status synched... Ermal Luçi
03:04 PM Bug #3876 (Feedback): pfsync is not synchronizing states on 2.2: Seems to be working for me now. Ermal Luçi
02:06 PM Bug #3760 (Confirmed): reply-to with TCP and IPv6 generates broken checksums: the most common scenario here is fixed, IPv4 is fine, but IPv6 has regressed from 2.1.x. reply-to with v6 works in pr... Chris Buechler
01:54 PM Bug #3947 (Resolved): "ipsec_starter: Bad file descriptor" spams system log: This seems to be resolved with confirmation from https://forum.pfsense.org/index.php?topic=81440.msg457606#msg457606 Ermal Luçi
01:43 PM Bug #3949 (Confirmed): Dynamic DNS public IP check always uses default gateway: Chris Buechler
01:42 PM Bug #3967 (Confirmed): Need to restore IP aliases on CARP IPs in 2.2: Chris Buechler
01:42 PM Bug #3968 (Confirmed): Incorrect gateway is assumed when using tun + topology subnet: I re-opened it after confirming that atypical circumstance. Your pull request is wrong though, it fixes a rare edge c... Chris Buechler
01:31 PM Bug #3968: Incorrect gateway is assumed when using tun + topology subnet: Well, I won't argue. If you see no bug then there is no bug.
Dmitriy K
01:28 PM Bug #3968 (New): Incorrect gateway is assumed when using tun + topology subnet: Chris Buechler
01:13 PM Bug #3968: Incorrect gateway is assumed when using tun + topology subnet: this is valid with topology subnet in newer versions Chris Buechler
01:10 PM Bug #3968: Incorrect gateway is assumed when using tun + topology subnet: I know that pfsense team wants to release 2.2 asap but its quality will suffer if fast decisions were taken place.
... Dmitriy K
12:55 PM Bug #3968 (Rejected): Incorrect gateway is assumed when using tun + topology subnet: scratch that, can happen with topology subnet Chris Buechler
07:23 AM Bug #3968 (Resolved): Incorrect gateway is assumed when using tun + topology subnet: The script */usr/local/sbin/ovpn-linkup* has en error where network mask is returned as a gateway when no gateway pro... Dmitriy K
12:29 PM Bug #3870: re(4) NICs on APU are unable to hardcode speed/duplex properly: I contacted Pascal @ PC Engines to see if that's an issue they're aware of and if they have any further info on it.
... Chris Buechler
10:44 AM Bug #3870: re(4) NICs on APU are unable to hardcode speed/duplex properly: Boy I sure hope this is somehow fixable in software - we have a fair handful of APUs deployed already and continue to... → luckman212
12:41 AM Bug #3870: re(4) NICs on APU are unable to hardcode speed/duplex properly: Linux much happier on SD card in the APU, couldn't get anything to boot from USB flash.
TLDR version: either the... Chris Buechler
12:12 AM Bug #3870: re(4) NICs on APU are unable to hardcode speed/duplex properly: Either OpenBSD has the same problem, or this is a hardware issue. ... Chris Buechler
10:21 AM Bug #2406: No IP alias within the subnet of a CARP IP can be deleted: Chris Buechler wrote:
> This is fixed. You can't remove the last IP alias on the subnet of a CARP IP because it'll b... Nei Ka
07:47 AM Bug #3940: check_reload_status uses deprecated libevent-1.4: That previous patch is not correct, consider this one. Renato Botelho

10/29/2014

10:49 PM Bug #3964 (Resolved): Web interface fails to load on first boot: fixed Chris Buechler
10:43 PM Bug #3894: OpenVPN client started multiple times when connecting to FQDN where connectivity to server is delayed: The specific issue here is OpenVPN client is launched multiple times when connecting to FQDN with "resolv-retry infin... Chris Buechler
08:39 PM Revision 5274102e: Hide burst for limiters, since it doesn't do anything. more details in: ticket #3933 Chris Buechler
06:52 PM Bug #3940 (Feedback): check_reload_status uses deprecated libevent-1.4: Thomas, could you try attached patch, built with libevent 2.0 and let me know the result? Renato Botelho
09:01 AM Bug #3940 (Confirmed): check_reload_status uses deprecated libevent-1.4: I built a custom image and confirmed it. We are not seeing it on our snapshots because builder was not updated and st... Renato Botelho
06:35 PM Bug #3937 (Resolved): Interfaces Dashboard Widget - Font to big and scaling wrong: fixed. Chris Buechler
05:33 PM Bug #3967 (Resolved): Need to restore IP aliases on CARP IPs in 2.2: Ticket for what Ermal and I discussed earlier re: IP aliases on CARP. That functionality is effectively gone from 2.2... Chris Buechler
05:28 PM Bug #3760 (Feedback): reply-to with TCP and IPv6 generates broken checksums: with a kernel Ermal built with his changes as committed earlier, v4 reply-to looks to be fine in all scenarios. Will ... Chris Buechler
02:45 PM Bug #3760: reply-to with TCP and IPv6 generates broken checksums: Current status is broken checksums on IPv6, source NAT doesn't apply to translate the IP back on IPv4 (though return ... Chris Buechler
05:26 PM Bug #3870: re(4) NICs on APU are unable to hardcode speed/duplex properly: I'll try this on Linux to see how that behaves, should help narrow down whether it's hardware or driver. Chris Buechler
05:25 PM Bug #1634: Limiter and bridge needs special handling: to me to review in combination with the other limiter tickets.
non-regression and uncommon issue, removing 2.2 ta... Chris Buechler
03:36 PM Bug #3913 (Confirmed): if_bridge missing ALTQ support: hm, not sure what I was trying at the time, apparently I missed assigning the bridge or something. thanks for the fol... Chris Buechler
02:41 AM Bug #3913: if_bridge missing ALTQ support: Hello,
Sorry for the late testing.
I tried to reenable traffic shaping via the wizard but get this one:
[[There... Orsiris de Jong
03:34 PM Feature #3933 (Confirmed): Limiter burst doesn't have any effect: dummynet burst on stock FreeBSD 10.1 does indeed work how I'd expect it to work. Ours doesn't have any impact whatsoe... Chris Buechler
01:02 PM Revision a4372874: Fix a typo on array index, related to ticket #3963: Renato Botelho
11:16 AM Bug #3963: PPPoE client interface status wrong while attempting to connect: Yeah it really should say "Connecting", how difficult would it be to make that happen? I don't think this is a regres... Chris Buechler
07:56 AM Bug #3963 (Feedback): PPPoE client interface status wrong while attempting to connect: After doing somo analysis, my understanding is 'Status' is supposed to be up, since interface exists on operating sys... Renato Botelho
11:10 AM Feature #3365 (Resolved): Implement package signing: After discussion with Jeremy, we're satisfied this is good for 2.2. Chris Buechler
10:47 AM Feature #3365: Implement package signing: We'll create a secured key repository, and signing keys will be imported into it for access. Renato will create the ... Jeremy Porter
06:08 AM Revision 002d286c: fix up text: Chris Buechler
12:53 AM Bug #1943: PPPoE won't reconnect after link loss when using vr(4) NICs on certain ISPs only: this may or may not still be an issue with 2.2, much has changed, and this is something we've never been able to repl... Chris Buechler
12:50 AM Bug #3961 (Confirmed): only first of multiple P2s works in 2.2: Chris Buechler
12:48 AM Bug #3890 (Resolved): Aliases multiple CIDR ranges show error message: Chris Buechler
12:39 AM Bug #3966 (Confirmed): OpenVPN crashes with AES-NI + AES-CBC: Chris Buechler
12:39 AM Bug #3966 (Resolved): OpenVPN crashes with AES-NI + AES-CBC: On systems with AES-NI enabled, OpenVPN using AES-128-CBC, AES-192-CBC, and AES-256-CBC crashes on start. ... Chris Buechler

10/24/2014

11:55 PM Bug #3898 (Closed): Traffic Graph webpage freezes up after some time: I never could replicate that. The described behavior is the browser not responding, and nothing we do should make the... Chris Buechler
11:46 PM Bug #3666 (Confirmed): PMTUD is broken for NATed traffic: no change. Ermal, msg me and we can both take a look at my test setup. Chris Buechler
11:39 PM Todo #3958 (Resolved): test 2.2 upgrade scenarios: I need to go through and verify a variety of upgrade scenarios.
Only issue I've seen recently is where you have t... Chris Buechler
11:24 PM Bug #1629 (Feedback): invalid state table entries after WAN IP change: Chris Buechler
11:20 PM Bug #3957: 2.2 tap missing ALTQ: this will break enough existing systems it's worthy of RC blocking Chris Buechler
11:07 PM Bug #3957 (Closed): 2.2 tap missing ALTQ: ALTQ support in tun and tap is missing in 2.2. A number of existing configurations on 2.1x will fail to load the rule... Chris Buechler
11:19 PM Bug #3941: adding a DHCP client interface results in missing default gateway on 2.2: the subject doesn't quite cover all the breakage this causes, there are various times that the default gateway is rem... Chris Buechler
11:02 PM Bug #3917 (Resolved): Mobile IPsec status page issues: fixed Chris Buechler
11:00 PM Bug #3950 (Resolved): Entering a backwards IP range in an Alias results in an Internal Server Error: Chris Buechler
09:47 PM Bug #3842 (Resolved): Verdana font from the Linux package ttf-mscorefonts-installer causes rendering issues with pfSense WebGUI: this is good in 2.2, if we do another 2.1.x release we probably want to back port that. Chris Buechler
05:18 PM Revision 23ed5b78: Enable unity plugin as per request from https://forum.pfsense.org/index.php?topic=79737.msg452808#msg452808: Ermal LUÇI
05:05 PM Bug #3678: Kernel panic: "Bogus interrupt trigger mode" on Intel J1900: Chris Buechler wrote:
> this was since fixed in 9 and 10 stable FreeBSD, current 2.2 should work here
I can confi... Ken Masterson
02:38 PM Revision 577b776e: Warn if attempting to import IPv6 range: There is currently no code to convert an IPv6 range to a set of corresponding IPv6 subnets, so warn the user if they ... Phil Davis
02:32 PM Revision bb67ac32: Support converting an IP range to an array of addresses: so that it can be used for expanding ranges in host alias input. Phil Davis
02:25 PM Revision feb1953e: Expand range or subnet for host alias: When entering a host alias, if the user put an IP range (like 192.168.0.10-192.168.0.20) or a subnet (like 192.168.1.... Phil Davis
06:58 AM Bug #3956 (Resolved): Check for invalid CA on generating new certificate: ... or check for valid values on generating dynamic function internalca_change() in system_certmanager.php
I had a... Grischa Zengel

10/23/2014

07:25 PM Feature #3385 (Needs Patch): Accommodate static routes for PPTP connections: PPTP is dead, and shouldn't be used in this context anyway Chris Buechler
07:23 PM Bug #3955 (Resolved): IPsec dashboard widget needs adapting for 2.2: The IPsec dashboard widget needs updating to understand strongswan's status. Chris Buechler
05:00 PM Bug #3901: DynDNS is not forcefully updated after powerup: that's a scenario that no client accounts for. Excessive updating can get you banned from some of the providers, whic... Chris Buechler
04:03 PM Bug #3901: DynDNS is not forcefully updated after powerup: From my point of view the current behaviour is not perfect.
As I described above it might be the case that the data ... Philippe Schnyder
02:25 PM Revision e112f9ee: Merge pull request #1312 from phil-davis/patch-8: Renato Botelho
02:24 PM Revision 095707fe: Merge pull request #1313 from phil-davis/patch-9: Renato Botelho
10:12 AM Bug #3954 (Rejected): Port forwarding rule changes do NOT take affect: Jim Pingle
10:06 AM Bug #3954: Port forwarding rule changes do NOT take affect: Nevermind, I found that vpn->pptp->redirect to x.x.x.x was configured. please close bug. carl paulino
09:21 AM Bug #3954 (Rejected): Port forwarding rule changes do NOT take affect: my pfsense is:
2.1.5-RELEASE (i386)
built on Mon Aug 25 07:44:26 EDT 2014
FreeBSD 8.3-RELEASE-p16
I have a po... carl paulino
09:16 AM Bug #3898: Traffic Graph webpage freezes up after some time: After upgrading my Mac to Yosemite 10.10 and Safari to 8.0, I don't have this problem anymore. I do see the page free... carl paulino
06:46 AM Bug #3944 (Feedback): git fatal errors are not shown to user when building pfSense iso from source.: Pushed Renato Botelho
04:12 AM Bug #2882: 6RD not working in latest snapshots: I'm using the latest snapshot (amd64 built on Tue Oct 21 22:27:38 CDT 2014) and it seems like 6rd still isn't working... Hondo Eriksson

10/22/2014

03:27 PM Bug #3369: Captive vouchers expire too quickly: Chris Buechler wrote:
> mine for further testing when time permits
good luck :) maz nos
12:12 PM Bug #3369: Captive vouchers expire too quickly: mine for further testing when time permits Chris Buechler
12:07 PM Bug #3369: Captive vouchers expire too quickly: Thanks maz, got it. One follow-up question sent via email. Chris Buechler
03:55 AM Bug #3369: Captive vouchers expire too quickly: I have sent you the link through your email Chris cmb(at)pfsense
please do not share the image publicly as its key... maz nos
11:42 AM Bug #1957 (Confirmed): Remove button-inside-hyperlink usage from web forms: this is still the case, though only IE seems to care, it's still an issue in IE 11. Chris Buechler

10/21/2014

06:43 PM Revision a376c57d: Teach the certificate generation code how to make a self-signed certificate, and: change the GUI cert generation code to use it. Also, move the GUI cert
generation code to its own function so we can ... Jim Pingle
06:25 PM Revision c25d1fd7: Encode values before displaying them back to the user in notification settings: Jim Pingle
06:25 PM Revision 5b473705: Encode values before displaying them back to the user in notification settings.: Jim Pingle
05:52 PM Bug #3946 (Confirmed): Disabling RAM Disk doesn't remove schedule from /etc/crontab if schedules aren't disabled: Chris Buechler
05:46 PM Revision 687d0a6d: remove the command number shown in the shell prompt, it's a pointless: waste of screen space Chris Buechler
05:43 PM Bug #2724 (Resolved): CARP IPs in INIT on both firewalls leads to dual master: it doesn't appear to be possible to get a system into this state in FreeBSD 10.x, it's been fixed since 8.x. Chris Buechler
05:42 PM Bug #2166 (Resolved): Dynamic DNS not updating: this definitely works on 2.1x and 2.2. Chris Buechler
05:41 PM Bug #3924 (Confirmed): Renaming limiters removes them from firewall rules: Chris Buechler
04:59 PM Bug #3576 (Resolved): Console upgrade automatically skips hash check if no hash file found: works Chris Buechler
04:53 PM Bug #3797 (Resolved): DHCP server restarted multiple times on secondary after config sync: this looks to be fine, scenarios that previously triggered multiple restarts on the secondary now only have it restar... Chris Buechler
04:48 PM Bug #3876: pfsync is not synchronizing states on 2.2: Additional info, secondary spits this out: ... Chris Buechler
03:18 PM Bug #3951: Processes like filterdns and ipfw-classifyd accumulate many open file handles: Here it is! Petr Klus
03:13 PM Bug #3951: Processes like filterdns and ipfw-classifyd accumulate many open file handles: could anyone attach the full output of fstat from an affected system? Spot checked some using filterdns and they seem... Chris Buechler
07:00 AM Bug #3951: Processes like filterdns and ipfw-classifyd accumulate many open file handles: My case: pfSense 2.1.5 running on i386 embedded version. Clean install, only modification apart from UI is password f... Petr Klus
05:20 AM Bug #3951 (Resolved): Processes like filterdns and ipfw-classifyd accumulate many open file handles: Forum: https://forum.pfsense.org/index.php?topic=63357.msg453040#msg453040
and surrounding discussion and results in... Phillip Davis
03:08 PM Bug #3789: rc.update_bogons.sh and login shell ignore http proxy settings: why do it there in update_bogons? Set it as an env variable in general and nothing else needs to be touched. Chris Buechler
01:43 PM Bug #3950 (Feedback): Entering a backwards IP range in an Alias results in an Internal Server Error: pull requests merged, will leave this to feedback for verification Chris Buechler
03:49 AM Bug #3950 (Resolved): Entering a backwards IP range in an Alias results in an Internal Server Error: Firewall->Aliases, add an alias, type Networks.
Put a range like 192.168.1.10-192.168.1.0
Save
It tries for a wh... Phillip Davis
12:50 PM Bug #3900: DynamicDNS should allow "@" at hostname: Sent a pull request to fix this annoyance. ( https://github.com/pfsense/pfsense/pull/1315 )
Forum discussion at: h... F. D.Castel
09:32 AM Revision 99ba943a: Prevent Internal Server Error if range is backwards: Fixes redmine #3950 - ip_range_to_subnet_array can easily swap the input parameters if the caller has passed/entered ... Phil Davis
09:18 AM Revision 29b3bb05: Prevent Internal Server Error if range is backwards: Fixes redmine #3950 - ip_range_to_subnet_array can easily swap the input parameters if the caller has passed/entered ... Phil Davis
09:07 AM Feature #809: Config sync username change: Still a problem. Version 2.1.5 Paul Rensing
09:07 AM Bug #3953 (Rejected): Web pages extremely slow if LDAP down: Duplicate of #3383
Please search a bit before opening tickets. Jim Pingle
09:05 AM Bug #3953 (Rejected): Web pages extremely slow if LDAP down: I have 2.1.5 with a local user (admin) plus an LDAP server (Active Directory). The LDAP server is set as the primary ... Paul Rensing
09:02 AM Bug #3332 (Rejected): Impossible to change the user for XMLRPC Sync: Duplicate of #809 Jim Pingle
09:02 AM Bug #3952 (Rejected): Username not used in config sync: Duplicate of #809 Jim Pingle
08:59 AM Bug #3952 (Rejected): Username not used in config sync: The HA configuration sync page takes a username and password. However, if you change the username to something other ... Paul Rensing
06:54 AM Revision 9b86d3fe: + is a valid character in some dynamic DNS providers' usernames. Fixes #3912: Chris Buechler
05:40 AM Revision 2fb66948: hostnames can end with a . (and actually always do, it's just usually implied), so allow that here. Fixes wrong input validation in parts of nsupdate GUI, among other things.: Chris Buechler
03:52 AM Bug #3369: Captive vouchers expire too quickly: Chris Buechler wrote:
> maz: if you can upload that image somewhere, I'll check it out.
I will upload it ASAP as ... maz nos
03:07 AM Bug #3904: Firewall Log widget generates a load of HTML code when Reverse DNS resolution is clicked: Also, this is the same as #3829, which is resolved, so good.
Now clicking the IP address takes the user to the full ... Phillip Davis
02:06 AM Bug #3904 (Resolved): Firewall Log widget generates a load of HTML code when Reverse DNS resolution is clicked: Jim worked around this one. Phil, if you see anything that was missed, feedback appreciated but I think this is funct... Chris Buechler
02:35 AM Bug #3811: IP aliases on CARP w/IPsec getting mixed up on addition of a new VLAN.: needs re-testing on 2.2 Chris Buechler
02:20 AM Bug #3198 (New): IPSEC, when nating to a different size subnet a invalid natting rule is made.: this is still an issue. That pull request was not the answer though.
It should suffice (for 2.2) to add input val... Chris Buechler
01:56 AM Bug #3898 (Feedback): Traffic Graph webpage freezes up after some time: I've left multiple browsers up on traffic graph for several hours up to days, with no ill effects. I just pulled up t... Chris Buechler
01:49 AM Bug #3912 (Resolved): Dynamic DNS disallows valid character in username: fixed, thanks Chris Buechler
01:44 AM Bug #3901 (Rejected): DynDNS is not forcefully updated after powerup: You'll see in the system log how it works. If your IP hasn't changed, and it's been less than 25 days since the last ... Chris Buechler
01:44 AM Bug #3915: DHCP server static mapped clients do not receive custom DNS servers: Had a look at dhcp.c ISC source code and submitted a bug report. Then after more research I found this:
Extend the... Phillip Davis
01:17 AM Bug #3928 (Confirmed): lagg and its VLANs must have same MAC address: Chris Buechler
01:11 AM Bug #3949: Dynamic DNS public IP check always uses default gateway: Updated subject to reflect full extent of issue - it's all dynamic DNS services, not just RFC 2136. Chris Buechler
01:07 AM Bug #3949 (Resolved): Dynamic DNS public IP check always uses default gateway: When using the "Use Public IP" option of RFC 2136 dynamic DNS updates, you'll always end up with the public IP of the... Chris Buechler

10/20/2014

11:14 PM Bug #3829 (Resolved): Widget Firewall: Reverse Resolve with DNS Issues: Jim's fix works, and suffices for 2.2. Chris Buechler
10:41 PM Bug #3945 (Confirmed): BOOTP lease end status is mis-parsed: Chris Buechler
10:40 PM Bug #3889 (Confirmed): Non relevant changes in config.xml: A variety of areas do things like this, it'd be nice to eliminate any unrelated changes Chris Buechler
10:14 PM Bug #3937: Interfaces Dashboard Widget - Font to big and scaling wrong: I tried on Opera 25.0.1614.50 and somehow Opera fits it in better, but still the font size of stuff in the Interfaces... Phillip Davis
10:06 PM Bug #3937: Interfaces Dashboard Widget - Font to big and scaling wrong: I have attached a screen shot of what the Interfaces widget looks like on a 2.2 system with a long IPv6 address. Rega... Phillip Davis
10:50 AM Bug #3937: Interfaces Dashboard Widget - Font to big and scaling wrong: 2.2-BETA (amd64)
built on Sun Oct 19
Have tried it with:
Windows7 with Firefox (33.0 and prior)
Mac OSX wit... David Williams
10:25 AM Bug #3937: Interfaces Dashboard Widget - Font to big and scaling wrong: What is the operating system, browser and pfSense version you are using? I couldn't replicate the problem here. Renato Botelho
07:59 PM Bug #3684 (Rejected): Openvpn not routing incomming traffic correct when using tap device: it is broken on 2.2 at the moment, that's #3760.
It does work where route-to/reply-to function correctly though. ... Chris Buechler
07:56 PM Feature #3329: Allow creating "not" rules for IPsec Phase 2: not important for 2.2 Chris Buechler
07:55 PM Bug #3656 (Confirmed): "LAN network" in v6 rules doesn't work when assigning link-local address to LAN: still an issue on latest snapshot. the LAN rule in that scenario ends up as a comment with "at the break". Chris Buechler
07:15 PM Bug #3948 (Closed): Changing OpenVPN from tun to tap or vice-versa breaks that instance: Where you have an OpenVPN client or server instance defined on tun and switch to tap, or vice-versa, the ovpnc*/ovpns... Chris Buechler
07:10 PM Bug #3165: OpenVPN Bridge with Client Specific Override: I fixed it in commit:7d363e57a0df41604777b4019c98caeef0b8a79f before 2.1.4 but apparently never noticed this ticket t... Jim Pingle
06:53 PM Bug #3165 (Resolved): OpenVPN Bridge with Client Specific Override: this has been fixed at some point in the mean time (probably in a 2.1.x release since then, but tested and definitely... Chris Buechler
06:35 PM Bug #2584 (Closed): Import server certificate - Bad Issuer: can't replicate, inadequate detail to know what might have happened there, doesn't appear to be something anyone else... Chris Buechler
06:27 PM Bug #3545 (Rejected): OpenVPN Clients don't reconnect after dynamic WAN IPv4 changes: re-tested this scenario on 2.2 and it works fine there as well. Chris Buechler
06:16 PM Bug #3947 (Resolved): "ipsec_starter: Bad file descriptor" spams system log: Ermal and I talked about this a couple days ago, it doesn't have a ticket though so opening here. System log on 2.2 s... Chris Buechler
05:00 PM Revision a23adfba: Merge pull request #1306 from phil-davis/patch-3: Renato Botelho
03:41 PM Revision 6d951458: Let user decide if he wants to proceed to the upgrade when sha256 fails to download. Fixes #3576: Renato Botelho
01:58 PM Bug #3946 (Resolved): Disabling RAM Disk doesn't remove schedule from /etc/crontab if schedules aren't disabled: pfSense version: 2.1.5-RELEASE (amd64)
built on Mon Aug 25 07:44:45 EDT 2014
FreeBSD 8.3-RELEASE-p16
After ena... Marco Verleun
01:03 PM Feature #3933: Limiter burst doesn't have any effect: after discussion with Ermal, needs testing vs. stock FreeBSD Chris Buechler
11:53 AM Bug #3915: DHCP server static mapped clients do not receive custom DNS servers: Phil - do you not see a pencil to the right of your comment? That's how you can edit previous posts. I thought it was... Chris Buechler
06:06 AM Bug #3915: DHCP server static mapped clients do not receive custom DNS servers: Domain-Name-Server is specifically set in pfSense DHCP config to 10.49.48.*250* and that is delivered correctly to th... Phillip Davis
06:01 AM Bug #3915: DHCP server static mapped clients do not receive custom DNS servers: It is related to the client requesting DHCP "option 252", which is related to web-proxy auto-discovery - http://tools... Phillip Davis
10:50 AM Bug #3576 (Feedback): Console upgrade automatically skips hash check if no hash file found: Applied in changeset commit:6d9514581abc09a05f6d86633bbd0bb08aab2cf5. Renato Botelho
10:26 AM Bug #3921: max-packets option missing from pfctl: @ermal, Are you aware of these performance issues? Renato Botelho
12:31 AM Revision 2c296872: h-node should be 8: Chris Buechler
12:30 AM Revision 13ec619c: h-node should be 8: Chris Buechler

10/19/2014

11:38 PM Revision bc12ae8a: Underscores are valid characters in domains. Fixes #3219: Chris Buechler
07:26 PM Bug #3788 (Resolved): NetBIOS h-node should be translated 8 instead of 5: fixed, thanks Chris Buechler
07:16 PM Bug #3213 (Resolved): Error creating more than 30 limiters: that'll suffice Chris Buechler
07:12 PM Feature #1836 (Resolved): RFC 5006 support for DNS from RAs: Chris Buechler
07:03 PM Bug #2245 (Resolved): User permissions for shell access are not clear/complete: resolution Jim noted has since been implemented, which resolves the only real issue I see here. Chris Buechler
06:57 PM Bug #1637 (Needs Patch): captive portal web service port bind validation issue: lot of things it can conflict with, if you want to add the input validation, patches welcome. Chris Buechler
06:55 PM Bug #2649 (Resolved): Ipv6 Easy rule creation failing: Chris Buechler
06:55 PM Bug #3052 (Rejected): Adding a static dhcp for mac address dissapears.: as described isn't an issue Chris Buechler
06:52 PM Bug #3369: Captive vouchers expire too quickly: maz: if you can upload that image somewhere, I'll check it out. Chris Buechler
06:46 PM Bug #3408 (Closed): IPV6 DHCP not disabling on initial setup: issue as described doesn't exist in 2.2 Chris Buechler
06:37 PM Bug #3762 (Closed): web interface ajax updates do not work after upgrade: Local browser cache was the likely cause of that, though www not matching would be unexpected. Not a replicable issue. Chris Buechler
06:35 PM Bug #3501 (Resolved): sanity check for PBI installations before uninstalling old pbi package.: issue as described was fixed in 2.2 Chris Buechler
06:33 PM Bug #3219 (Resolved): Forwarded domain with underscore should be allowed to add: fixed in 2.2 Chris Buechler
06:02 PM Bug #3939 (Confirmed): Cannot create Host or Network type alias with an IP address/range: Confirmed as described. Create a new host alias containing only "example.com", save and apply changes. ... Chris Buechler
05:52 PM Bug #3861 (Rejected): PPPOE non-NAT config cannot ping attached hosts as packets go upstream: there is something fundamentally wrong with your configuration, LAN and WAN can't have the same IP, and you have a ma... Chris Buechler
05:51 PM Bug #3935 (Resolved): Unable to complete NIC assignment with only one NIC: fixed Chris Buechler
02:42 PM Bug #3945: BOOTP lease end status is mis-parsed: also after changing the display from UTC to local time, BOOTP entries show up as "1969/12/31 07:00:00PM" Chris Buechler
02:40 PM Bug #3945 (Resolved): BOOTP lease end status is mis-parsed: status_dhcp_leases.php shows the end of BOOTP leases as "tstp never", where it should just show the "never" and maybe... Chris Buechler
08:25 AM Bug #3944 (Resolved): git fatal errors are not shown to user when building pfSense iso from source.: git fatal errors are not shown to user when building pfSense iso from source.
This complicates troubleshooting when ... Pi Ba
02:49 AM Bug #3576: Console upgrade automatically skips hash check if no hash file found: Replacing line 90 in rc.initial.firmware_update, the "sleep(15)", with aborting the upgrade instead (making the sha25... Chris Buechler

10/18/2014

11:02 PM Bug #3760 (Confirmed): reply-to with TCP and IPv6 generates broken checksums: Return routing is correct now, but TCP checksums are broken (with or without hardware checksum offloading enabled). Chris Buechler
08:05 PM Bug #3891: ipfw, on pfSense 2.2 kernel dump caused by: ipfw zone 4096 create: Tester issue. Ermal Luçi
08:05 PM Bug #3891 (Resolved): ipfw, on pfSense 2.2 kernel dump caused by: ipfw zone 4096 create: Ermal Luçi

10/17/2014

11:33 PM Revision 621fed0e: Ticket #3932 For more than 100 entries create pipes in line with the rules file to speedup the process: Ermal LUÇI
06:28 PM Bug #3932: Captive portal with greater than 9000 permanent MAC addresses causes timeout in loading CP: The loading should be faster. Ermal Luçi
01:31 PM Bug #3760 (Resolved): reply-to with TCP and IPv6 generates broken checksums: Works correctly now. Ermal Luçi
11:25 AM Bug #3760: reply-to with TCP and IPv6 generates broken checksums: Next snapshot should have the fixed of allowing states to match properly. Ermal Luçi
11:27 AM Bug #3894: OpenVPN client started multiple times when connecting to FQDN where connectivity to server is delayed: I am sorry but you need to read better the source!
Ermal Luçi

10/16/2014

09:46 PM Revision 2ac79ade: Merge pull request #1310 from phil-davis/patch-6: Renato Botelho
09:44 PM Revision 308e3042: Merge pull request #1311 from phil-davis/patch-7: Renato Botelho
07:22 PM pfSense Packages Bug #3660: Captive Portal Idle timeout Pfsense 2.1.3: that's a problem inherent in what you're doing with squid and has nothing to do with CP itself. Chris Buechler
03:58 PM pfSense Packages Bug #3660: Captive Portal Idle timeout Pfsense 2.1.3: It's true. Solution to the problem on the link below
https://forum.pfsense.org/index.php?topic=69606.0 Gilmar Cabral
12:51 PM pfSense Packages Bug #3660 (Rejected): Captive Portal Idle timeout Pfsense 2.1.3: issue as described isn't true Chris Buechler
07:22 PM Revision 2f17d32e: Fix the log widget to lookup hosts by DNS using a link rather than AJAX. Quick fix for now. Ticket #3829: Jim Pingle
07:21 PM Revision 497563be: Fix the log widget to lookup hosts by DNS using a link rather than AJAX. Quick fix for now. Ticket #3829: Jim Pingle
05:40 PM Feature #3943 (New): pf - divert-reply not implemented (usefull for haproxy): Not sure if i should file this under pfsense or packages..
For haproxy it would be beneficial to have support in pf ... Pi Ba
04:10 PM Bug #3760: reply-to with TCP and IPv6 generates broken checksums: Same troubles on:
built on Thu Oct 16 09:56:37 CDT 2014 FriendlyFire isnotcool
12:17 PM Bug #3760 (Confirmed): reply-to with TCP and IPv6 generates broken checksums: no change on: ... Chris Buechler
04:05 PM Bug #3935: Unable to complete NIC assignment with only one NIC: Thanks Phil, my bad on that breakage. Will re-test this when I get a moment Chris Buechler
01:56 PM pfSense Packages Bug #3942 (Resolved): bind - allow starting named with "-4" argument: pfSense Version 2.1.15 amd64
BIND pkg Version - 9.9.5P1_5 pkg v 0.3.5
Requesting feature to start the named daemo... Braden Del More
01:10 PM Bug #3898: Traffic Graph webpage freezes up after some time: p.s. the browser in my case was Firefox 33.0 on intel windows-7 Dammon Butler
01:09 PM Bug #3898: Traffic Graph webpage freezes up after some time: Just thought I'd add:
There is also a similar issue on "Status: Traffic shaper: Queues". If left in a browser for so... Dammon Butler
12:49 PM Bug #3389 (Confirmed): GUI allows to configure ICMPv4 types for ICMPv6 firewall rules: Chris Buechler
12:48 PM Bug #3938 (Confirmed): Captive Portal PHP Error at bootup on current snapshots: Chris Buechler
12:46 PM Bug #3727 (Confirmed): PPP config loses "on-demand" setting when configured via interfaces tab: that didn't fix it. Config diff attached that shows changes made by interfaces.php just clicking "Save" on an assigne... Chris Buechler
12:35 PM Feature #3553 (Rejected): Multi Wan FTP Server: there is an invalid checksum issue at play here that has a separate ticket. Chris Buechler
12:28 PM Bug #3941 (Resolved): adding a DHCP client interface results in missing default gateway on 2.2: Take a simple WAN and LAN setup, WAN on DHCP with its dynamic gateway marked as default, LAN static. Add a third NIC ... Chris Buechler
12:23 PM Feature #3923: Rules MAC Block: Using ipguard and dhcp server to block using MAC is palliative solution as firewalls usually block via MAC rules are ... Gilmar Cabral
12:13 PM Feature #3923: Rules MAC Block: Using ipguard and dhcp server to block using MAC is palliative solution as firewalls usually block via MAC rules are ... Gilmar Cabral
11:55 AM Feature #3923 (Rejected): Rules MAC Block: duplicate. and it's pointless.
Though it is possible to MAC filter w/CP Chris Buechler
12:20 PM Bug #3891 (Confirmed): ipfw, on pfSense 2.2 kernel dump caused by: ipfw zone 4096 create: doesn't crash anymore, but it also doesn't work at all.
trying to create any zone results in: ... Chris Buechler
12:00 PM Bug #3829 (Confirmed): Widget Firewall: Reverse Resolve with DNS Issues: Chris Buechler
12:00 PM Bug #3829: Widget Firewall: Reverse Resolve with DNS Issues: affects at least 2.1.5 and 2.2, not sure about earlier. Not sure how involved fixing this is at a brief glance, it's ... Chris Buechler
11:54 AM Bug #3361 (Confirmed): DHCP6 WAN is not obtaining a default gateway: SLAAC also ends up missing a default gateway, though System>Routing shows a gateway entry with the appropriate IP and... Chris Buechler
11:52 AM Bug #1681 (Confirmed): OpenVPN tun IPs fail HTTP REFERER checks: still no CLA.
Per - could you please go through that process as Jim noted so we can accept this? Chris Buechler
11:27 AM Bug #3876 (Confirmed): pfsync is not synchronizing states on 2.2: This is a little better, but still completely non-functional. It actually sends pfsync traffic now, which is the impr... Chris Buechler
11:22 AM Bug #3884 (Resolved): Restarting Web GUI does not restart PHP-FPM: fixed Chris Buechler
10:47 AM Bug #3870 (Confirmed): re(4) NICs on APU are unable to hardcode speed/duplex properly: This has always been an issue on at least some (and I believe most, if not all) re(4), dating back to at least the Fr... Chris Buechler
06:04 AM Bug #3940: check_reload_status uses deprecated libevent-1.4: As crosscheck: I just have build check_reload_status using libevent-1.4.14b-stable. With this version the load is ok. Thomas Hilse
03:25 AM Bug #3940 (Resolved): check_reload_status uses deprecated libevent-1.4: The snapshot 2.2 builds uses deprecated libevent-1.4 library. The Makefile of "check_reload_status" was fixed with co... Thomas Hilse
04:10 AM Bug #3894: OpenVPN client started multiple times when connecting to FQDN where connectivity to server is delayed: Also, in *rc.newwanipv6* instances are started twice ... Dmitriy K
01:50 AM Bug #3894: OpenVPN client started multiple times when connecting to FQDN where connectivity to server is delayed: Look for "openvpn_restart" event in the system log to speedup things. Just forgot to mention it in the post above. Dmitriy K
01:49 AM Bug #3894: OpenVPN client started multiple times when connecting to FQDN where connectivity to server is delayed: Yeah, obviously I can't run 2 times same instance but bug in logic can. So, here is system log.
Looks like opvn i... Dmitriy K

10/15/2014

07:22 PM Bug #3939 (Resolved): Cannot create Host or Network type alias with an IP address/range: Affects 2.1.5 release as well as the latest 2.2 build - pfSense-LiveCD-2.2-BETA-amd64-20141015-1437.iso
Repro step... Landon Timothy
06:28 PM Bug #3935: Unable to complete NIC assignment with only one NIC: Thanks Phillip, I can get past the interface assignment now.
I don't know if this is related or not but now webConfi... Landon Timothy
09:00 AM Bug #3935 (Feedback): Unable to complete NIC assignment with only one NIC: Applied in changeset commit:5d49ceac8b7591f4db502eb4c2c52b37cc63e7ae. Phillip Davis
06:25 PM Bug #3854 (Resolved): pf on 2.2 should not have an upper table entry limit, but generates errors with large datasets: This can be marked as resolved.
Though general issues are to be solved in FreeBSD for this.... Ermal Luçi
06:12 PM Bug #3854: pf on 2.2 should not have an upper table entry limit, but generates errors with large datasets: Tested this with several very large lists. I think it can be changed to resolved. Thanks.
Updating: pfB_IBlock
6... Bill Crowder
10:47 AM Bug #3854 (Feedback): pf on 2.2 should not have an upper table entry limit, but generates errors with large datasets: Patch has been merged in to fix the wrong ioctl handling.
Please test newer snapshots. Ermal Luçi
06:23 PM Bug #3760: reply-to with TCP and IPv6 generates broken checksums: Please use the next one. Ermal Luçi
02:56 PM Bug #3760: reply-to with TCP and IPv6 generates broken checksums: Damn, i was getting crazy with my servers until i found this report !
I tested "built on Wed Oct 15 11:40:50 CDT 2... FriendlyFire isnotcool
09:43 AM Bug #3760 (Feedback): reply-to with TCP and IPv6 generates broken checksums: Please test with later coming snapshot since it should have the final fix for this. Ermal Luçi
06:01 PM Revision b6dbbebc: Add command line script to generate and activate a new GUI certificate.: Jim Pingle
06:01 PM Revision 2cf2c62b: Fix descriptions and cn on generated GUI cert to be consistent.: Jim Pingle
05:17 PM Bug #3890: Aliases multiple CIDR ranges show error message: Just need tests. I'll take care of it. Renato Botelho
02:42 PM Feature #1836 (Feedback): RFC 5006 support for DNS from RAs: Ermal Luçi
02:41 PM Bug #3894: OpenVPN client started multiple times when connecting to FQDN where connectivity to server is delayed: From the logs seems you have already an running instance hence you cannot start a second one!
Can you post your syst... Ermal Luçi
02:33 PM Bug #3913 (Feedback): if_bridge missing ALTQ support: Please try next coming snapshots this should be fixed. Ermal Luçi
02:23 PM Revision 2f5488df: Reintroduce the vfs.forcesync systl: Ermal LUÇI
02:04 PM Bug #3870: re(4) NICs on APU are unable to hardcode speed/duplex properly: I've tried both 2.1.x and 2.2 and they are both affected. It's not possible to set the speed/duplex on either one. Jim Pingle
02:02 PM Bug #3870: re(4) NICs on APU are unable to hardcode speed/duplex properly: Do we know if this is a problem with 2.1 or 2.2, (or both)? Jim Thompson
01:49 PM Revision 29fb23d4: Merge pull request #1309 from phil-davis/patch-5: Renato Botelho
12:41 PM Revision 29be59ad: Tame the poodle. Disable SSLv3.: Jim Pingle
12:40 PM Revision 5ff7f58e: Tame the poodle. Disable SSLv3.: Jim Pingle
12:18 PM Bug #3842: Verdana font from the Linux package ttf-mscorefonts-installer causes rendering issues with pfSense WebGUI: Jared put fixes into 2.2 ( commit:6817c18afa737e83756516a7b7c14ff5e5d85814 and commit:2300ee35e94bc49dff99f64133fe98c... Jim Pingle
11:51 AM Bug #3842: Verdana font from the Linux package ttf-mscorefonts-installer causes rendering issues with pfSense WebGUI: Assigned back to JimP, because Jared is no longer with us. Jim Thompson
12:15 PM Bug #3666 (Feedback): PMTUD is broken for NATed traffic: Did you try to send an tcp/udp packet rather than icmp one? Ermal Luçi
11:11 AM Bug #3666: PMTUD is broken for NATed traffic: Actually try out a next coming snapshot i found a quick hack that will help even for icmp case. Ermal Luçi
11:51 AM Bug #3932: Captive portal with greater than 9000 permanent MAC addresses causes timeout in loading CP: Ermal suggests that if /cf/conf/use_xmlreader exists, that a faster parser will be used in 2.2.
Please re-test. E... Jim Thompson
09:43 AM Bug #3938 (Resolved): Captive Portal PHP Error at bootup on current snapshots: At boot on a current snapshot with captive portal enabled there is a PHP error displayed:
PHP Errors:
[15-Oct-201... Jim Pingle
09:15 AM Bug #3918 (Resolved): On 2.2, mounting read-only after mounting read-write can be very slow on certain media NanoBSD: Ermal Luçi
08:41 AM Revision 466aae83: Manage dhcpleaseinlocaltime consistently: dhcpleaseinlocaltime is actually a global setting, but the setting is stored per-DHCP-enabled-interface.
The display ... Phil Davis
08:03 AM Bug #3931 (Resolved): Using international characters in IPsec PSK causes invalid XML: Confirmed fixed for IPsec P1, PSK tab, and User PSK fields. Invalid characters are now properly rejected. Jim Pingle
07:48 AM Bug #3937 (Resolved): Interfaces Dashboard Widget - Font to big and scaling wrong: The changes in this commit ( https://github.com/pfsense/pfsense/commit/607e15dbdf942483154887fea278bf54c64ae6ce ) hav... David Williams
06:41 AM Revision 73a96698: Provide an edit button for static mapped entries: As suggested in forum https://forum.pfsense.org/index.php?topic=82883.msg0#new
Instead of a non-functioning red plus ... Phil Davis
05:47 AM Revision fff9ee45: Whitespace in status_dhcp_leases.php: Phil Davis
05:37 AM Bug #3784: Cannot enter hostname with a dot: Owen Gerrard wrote:
> Buster de wrote:
> > Why you can't put only "server" into the hostname and "sub.domain.com" i... Buster de
04:19 AM Revision 5d49ceac: Fix #3935 Properly allow WAN without LAN: Was broken by https://github.com/pfsense/pfsense/commit/bd0b5d2dc7a279d3473a65a11d67efb5e39392be Phil Davis

10/14/2014

11:39 PM Revision 8ff85c39: rename interfaces_carp_setup to interfaces_sync_setup and call it during bootup since it does not only relate to carp interfaces.: Ermal LUÇI
11:27 PM pfSense Packages Bug #3936 (Resolved): Proxy state tab of lightsquid: In the proxy state tab of lightsquid I get the following ... Darkhan Sarmurzanov
11:17 PM Bug #3935: Unable to complete NIC assignment with only one NIC: It was broken a week ago, I'm sure accidentally :)
This code works: https://github.com/pfsense/pfsense/pull/1309
... Phillip Davis
08:47 PM Bug #3935: Unable to complete NIC assignment with only one NIC: Also, if I add a NIC to finish startup then try to unassign from the menu, it doesn't say anything but returns to the... Landon Timothy
08:42 PM Bug #3935 (Resolved): Unable to complete NIC assignment with only one NIC: Running a VM with one NIC.
Boot to the latest snapshot ISO:
pfSense-LiveCD-2.2-BETA-amd64-20141014-1737
No VLANs... Landon Timothy
10:59 PM Revision 4703c007: Fixes #3727 Do not unset ondemand for ppp type interfaces since it is controlled here only for pppoe/l2tp: Ermal LUÇI
10:55 PM Revision 664adf38: Ticket #3789. Put a start at using the proxyurl/proxyport from system configured settings for bogons. It still does not consider the user/pass configured: Ermal LUÇI
10:36 PM Revision e02ea742: Fixes #3213. Allow up to 2900 limiters. This was set to 30 since limiters are to be controlled by mask and not created manually!: Ermal LUÇI
09:21 PM Revision febe0112: Make proper check here: Ermal LUÇI
09:10 PM Bug #3876 (Feedback): pfsync is not synchronizing states on 2.2: It is fixed for me with new snapshots. Ermal Luçi
08:14 PM Bug #3760: reply-to with TCP and IPv6 generates broken checksums: Whoops - Submitted that last update too early and couldn't figure out how to remove it.
The version I am currently... Matt Bunce
08:08 PM Bug #3760: reply-to with TCP and IPv6 generates broken checksums: Can I just check, should I be using the pre-compiled snapshot from here:
https://snapshots.pfsense.org/FreeBSD_relen... Matt Bunce
01:39 PM Bug #3760: reply-to with TCP and IPv6 generates broken checksums: More testing needed after another change have been merged. Ermal Luçi
07:30 PM Revision 7c4c77ee: Teach the certificate generation code how to make a self-signed certificate, and change the GUI cert generation code to use it. Also, move the GUI cert generation code to its own function so we can add a GUI option to regenerate it later.: Also use some more sane defaults for the contents of the default self-signed certificate's fields so it will be more ... Jim Pingle
06:44 PM Revision 1f4ad8f4: update comment to reflect breakage caused here and reference associated redmine ticket, not high priority, can be fixed later: Chris Buechler
06:21 PM Revision eb71461c: block IPv4 link-local. Per RFC 3927, hosts "MUST NOT send the packet to: any router for forwarding", and "any network device receiving such a
packet MUST NOT forward it". FreeBSD won't route... Chris Buechler
06:00 PM Bug #3727 (Feedback): PPP config loses "on-demand" setting when configured via interfaces tab: Applied in changeset commit:4703c007ef8b5cef28ab9650b28ea807cc7611f6. Ermal Luçi
05:50 PM Bug #3789 (Feedback): rc.update_bogons.sh and login shell ignore http proxy settings: A patch for proxy support without username/password configured on system->settings will be considered now. Ermal Luçi
05:50 PM Bug #3213: Error creating more than 30 limiters: Applied in changeset commit:e02ea742a546513eedcef1f4049a90e998951b78. Ermal Luçi
05:32 PM Bug #3213 (Feedback): Error creating more than 30 limiters: Ermal Luçi
05:32 PM Bug #3213: Error creating more than 30 limiters: Bumped to 2900. The only reason left to 30 was for speed ones.
Normally having 30 limiters is a bit.... unusual sinc... Ermal Luçi
05:41 PM Revision 69b79ff0: Fix PSK for non-ascii also here, ticket #3917: Renato Botelho
05:40 PM Feature #1836: RFC 5006 support for DNS from RAs: This should be working afaik! Ermal Luçi
05:36 PM Bug #729: if_bridge unpredictable filter interface selection: This should work better on pfSense 2.2 as of 1 week ago! Ermal Luçi
05:23 PM Bug #3891 (Feedback): ipfw, on pfSense 2.2 kernel dump caused by: ipfw zone 4096 create: It should not do this anymore on newer snapshots. Ermal Luçi
05:23 PM Revision 5a42d9ef: Fix initial console menu layout, it fixes #3884: Renato Botelho
05:10 PM Bug #3918 (Feedback): On 2.2, mounting read-only after mounting read-write can be very slow on certain media NanoBSD: Patch merged for 2.2 from 2.1 Ermal Luçi
04:52 PM Feature #3933: Limiter burst doesn't have any effect: It will take effect only when the queue if full as normal with other shaping implementations.
If your queue is not f... Ermal Luçi
04:50 PM Revision b907136c: Improve IPsec status page for mobile. It fixes #3917: Renato Botelho
04:46 PM Revision ca1fdcce: Add missing gettext call: Renato Botelho
04:40 PM Revision d6c9dcf9: Add missing gettext calls: Renato Botelho
04:23 PM Revision 6795e0da: Fix indent and spaces: Renato Botelho
03:50 PM Revision 123d8700: Does not accept non-ascii characters on IPsec PSK. It fiixes #3931: Renato Botelho
03:48 PM Revision a4c1fff2: Close this form early since there is another form below: Renato Botelho
01:49 PM Bug #3709 (Confirmed): Disabled static route entries trigger 'route delete' error at boot: Chris Buechler
01:20 PM Bug #2056 (Resolved): Display error in captive portal admin screen: works Chris Buechler
01:19 PM Bug #2073 (Resolved): APIPA broadcasts forwarded by route-to: fixed by implementing the appropriate behavior per RFC 3927 - block it. Chris Buechler
12:37 PM Bug #3931 (Feedback): Using international characters in IPsec PSK causes invalid XML: Renato Botelho
12:28 PM Bug #3931 (New): Using international characters in IPsec PSK causes invalid XML: Seems to still allow some characters that can break XML (like Ã )
Jim Pingle
12:09 PM Bug #3931 (Feedback): Using international characters in IPsec PSK causes invalid XML: Pushed a fix commit:123d870060 Renato Botelho
12:30 PM Bug #3884 (Feedback): Restarting Web GUI does not restart PHP-FPM: Applied in changeset commit:5a42d9ef426a05cbd64559bbe2b75a355dc0d821. Renato Botelho
12:00 PM Bug #3917 (Feedback): Mobile IPsec status page issues: Applied in changeset commit:b907136c28defe8b45da3ae4a17a5e23f07a7e4a. Renato Botelho
11:21 AM Bug #3419 (Closed): Traffic shaper wizard doesn't properly populate download speed: several wizard fixes in 2.2, and no issues like this outstanding. Though this one in particular doesn't sound legit a... Chris Buechler
11:18 AM Bug #1839 (Closed): No Quality RRD Graph w/ Non-Default Frequency Probe: I can't find any frequency that doesn't work, this has been fixed at some point in the mean time. Chris Buechler
11:16 AM Bug #3929: Port Forwarding with an association Filter: Of course. Nothing that simple is broken. Block private networks is my guess. This isn't the place to discuss, please... Chris Buechler
11:12 AM Bug #3929: Port Forwarding with an association Filter: i completly reinstalled pfsense, with default configuration.
then i configured the port forwarding.
are u sure, t... Florian Asche
11:09 AM Bug #3929: Port Forwarding with an association Filter: Because you have something misconfigured. There isn't anything wrong with port forwards or associated rules. Chris Buechler
11:07 AM Bug #3929: Port Forwarding with an association Filter: Hi,
how could this be not a bug?
I set all things by documentation.
Have a look at https://doc.pfsense.org/ind... Florian Asche
11:03 AM Bug #3929 (Rejected): Port Forwarding with an association Filter: not a bug, please use one of our available support resources for assistance. https://pfsense.org/support Chris Buechler
11:15 AM Bug #3678 (Resolved): Kernel panic: "Bogus interrupt trigger mode" on Intel J1900: this was since fixed in 9 and 10 stable FreeBSD, current 2.2 should work here Chris Buechler
11:07 AM Bug #3930 (Rejected): Browser Page Refresh After CA Creation Creates Duplicate CA: This could be summarized as "I forced my browser to create multiple CAs and it created multiple CAs." Yes, it does. Chris Buechler
11:00 AM Bug #3777 (Resolved): User with "WebCfg - Help pages " permission listed first gets a bogus redirect: fixed Chris Buechler
06:21 AM Bug #3735: No default route when using WAN static IPv6 address: This issue has already been discussed on the forum :
https://forum.pfsense.org/index.php?topic=65964.0
The way to s... Eric Boudrand
04:07 AM Revision dc4a8b9e: update input_error description after changes for ticket #3491: Chris Buechler

10/13/2014

11:27 PM Feature #3933 (Closed): Limiter burst doesn't have any effect: No matter what you put in the burst field, the limiter behaves exactly the same as if it's 0 or null. Re-tested on th... Chris Buechler
11:08 PM pfSense Packages Bug #3772 (Resolved): Broken openbgpd config generation logic in 2.2: fixed Chris Buechler
11:07 PM Todo #3880 (Resolved): Write upgrade code for unbound: Chris Buechler
11:06 PM Feature #983 (Resolved): Improve/Enhance IP Alias VIP handling in GUI: works, nice improvement for ease of use. Chris Buechler
11:02 PM Bug #3491 (Resolved): Improper input validation on firewall rules when using a numerical alias name: fixed Chris Buechler
10:48 PM Bug #3542 (Resolved): cert_get_issuer() in certs.inc doesn't always return the full Distinguished Name: Chris Buechler
09:50 PM Bug #3932: Captive portal with greater than 9000 permanent MAC addresses causes timeout in loading CP: How big are the resulting configs there? I'm not running PHP out of memory after throwing 9000 randomly-generated MAC... Chris Buechler
12:09 PM Bug #3932 (Closed): Captive portal with greater than 9000 permanent MAC addresses causes timeout in loading CP: When using captive portal, with all users become permanently learned after enough users have authenticated the system... Jeremy Porter
08:32 PM Bug #3769 (Resolved): Only the first phase 2 entry is used when multiple entries are present for an IPsec tunnel in 2.2: fixed Chris Buechler
08:30 PM Todo #3795 (Resolved): Update hostapd to support 802.11n: fixed Chris Buechler
08:29 PM Bug #2665 (Resolved): 'pass out' on gif matches inbound traffic: fixed Chris Buechler
08:15 PM Bug #3922 (Resolved): jumbo frames on lagg not working: fixed Chris Buechler
12:50 PM Bug #3922 (Feedback): jumbo frames on lagg not working: Applied in changeset commit:71c26c22209e22c37d437077da6c69b0fb09627f. Renato Botelho
05:36 PM Revision 71c26c22: Properly set MTU for lagg interface, it fixes #3922: Renato Botelho
04:09 PM Revision 5c2e6873: Make sentence more accurate as pointed out by phil-davis: Renato Botelho
03:42 PM Revision 1c764a3a: GIF interfaces MTU must be something between 1280 and 8192, make the correct check. It fixes #3927: Renato Botelho
03:39 PM Bug #3191 (New): Quality RRD inaccuracies and failure to update status in some circumstances: The first issue as noted originally is still a problem as described. Throw a limiter on an upstream system that drops... Chris Buechler
12:46 PM Feature #3365: Implement package signing: After deploying hardware key storage, we need to distribute access keys to users that will be logging into builders t... Jeremy Porter
12:23 PM Bug #3790 (Resolved): Input validation is too strict for IPv6 Prefix ID for Track Interface: Chris Buechler
12:10 PM Bug #3927 (Resolved): Unable to set gif MTU: fixed Chris Buechler
10:50 AM Bug #3927 (Feedback): Unable to set gif MTU: Applied in changeset commit:1c764a3a50d4eb732e7c96eb9351e7b35c2051d4. Renato Botelho
10:20 AM Bug #3927 (New): Unable to set gif MTU: Back to new, we should provide a validation on GUI Renato Botelho
10:20 AM Bug #3927 (Rejected): Unable to set gif MTU: According src code https://github.com/freebsd/freebsd/blob/releng/10.1/sys/net/if_gif.h#L91 minimum valid MTU for gif... Renato Botelho
12:08 PM Bug #3822 (Resolved): 2.2 boot hangs at "Synchronizing user settings": Several upgrades later on systems that used to have this issue, and we're still good. Others on forum have also confi... Chris Buechler
11:54 AM Revision 07c24bf1: Merge pull request #1308 from phil-davis/patch-4: Renato Botelho
11:41 AM Feature #1965 (Resolved): Support Multiple IPsec Peers: Chris Buechler
11:39 AM Bug #3931: Using international characters in IPsec PSK causes invalid XML: #3431 and #3636 are effectively the same, closed those in favor of this. Chris Buechler
11:35 AM Bug #3931 (Resolved): Using international characters in IPsec PSK causes invalid XML: If an international character, such as Ã is added to an IPsec PSK, it will cause the configuration to contain invalid... Jim Pingle
11:39 AM Bug #3636 (Closed): IPssec Pre-Shared Key error: closing in favor of #3931 Chris Buechler
11:38 AM Bug #3431 (Closed): IPSec PSK Characters Error: closing in favor of #3931 Chris Buechler

10/12/2014

11:21 PM Bug #3620 (Resolved): Saving unbound settings twice in a row yields incorrect interface selection validation errors: Chris Buechler
11:21 PM Todo #3399 (Resolved): Implement a replacement for base nsupdate command for RFC2136 Dynamic DNS: Chris Buechler
04:46 AM Bug #3568 (Resolved): DynDNS: Hostname '@' not accepted for Namecheap: Renato Botelho

10/11/2014

11:44 PM Bug #3568: DynDNS: Hostname '@' not accepted for Namecheap: Works great now, thanks Renato! Feel free to mark this one as resolved. Anonymous
11:23 PM pfSense Packages Bug #3805: enable-http-violation are not compiled in Squid: In squid, yes, but *not* in the FreeBSD port from which we build the package. It'll come eventually once the package ... Jim Pingle
11:16 PM pfSense Packages Bug #3805: enable-http-violation are not compiled in Squid: This option is available in: 2.7 / 2.6 http://www.squid-cache.org/Doc/config/header_access/ Nikolay Stoyanov
09:29 AM pfSense Packages Bug #3805 (Rejected): enable-http-violation are not compiled in Squid: That wasn't an option in the squid 2.7.x FreeBSD port, it was hardcoded. That port is gone from FreeBSD now, eventual... Jim Pingle
06:27 PM Feature #1032 (Resolved): Add all interfaces to Packet Capture drop-down: this has been addressed since then, I can't think of any common scenario that isn't covered. Chris Buechler
03:25 PM Feature #852 (Needs Patch): Add Captive Portal default realm: Chris Buechler
03:20 PM Feature #3490 (Resolved): Update DHCP options for network booting with UEFI: Chris Buechler
03:20 PM Feature #3515 (Resolved): Windows OpenVPN clients require register-dns to properly use a DNS server set by Pfsense: Chris Buechler
11:29 AM Bug #3930 (Rejected): Browser Page Refresh After CA Creation Creates Duplicate CA: +*Issue*+: After creating an internal CA, refreshing/reloading the browser page immediately after creation causes the... David Guyton
10:12 AM Bug #3929 (Rejected): Port Forwarding with an association Filter: Hello,
using Port Forwarding with an association Filter rule isnt working.
I have a WAN (em2) and a LAN (em0). ... Florian Asche
10:10 AM Bug #3770: Some drivers not being built with altq support: But "bridge"? Michael Sh.
03:17 AM Revision 3b5b437b: fix text: Chris Buechler
02:54 AM Revision 0c4cd13f: fix up text on sys_adv_misc: Chris Buechler
02:10 AM Revision 5046435d: fix text and descriptions in GRE edit page: Chris Buechler
01:11 AM Bug #3735 (Rejected): No default route when using WAN static IPv6 address: there isn't a bug described there, post to the forum or mailing list to discuss further. Chris Buechler
01:09 AM Bug #3727: PPP config loses "on-demand" setting when configured via interfaces tab: confirmed Chris Buechler
01:01 AM Bug #3928 (Duplicate): lagg and its VLANs must have same MAC address: Take a test system with lagg0 and lagg0_vlan5 both assigned. Specify a MAC address for lagg0 on interfaces.php, and i... Chris Buechler
12:50 AM Bug #3798 (Resolved): IPsec phase 2 pinghost is not used if the source IP should be a virtual IP address: fixed Chris Buechler
12:50 AM Bug #3780 (Closed): VLAN on LAGG may loose their MAC addresses if the LAGG membership is changed.: This is true, but it doesn't matter in most circumstances. For those where you need the MAC to not change, you need t... Chris Buechler
12:24 AM Bug #3774 (Closed): MTU Interface Settings Ignored when Assigned to LAGG Ports: closing in favor of #3922 Chris Buechler
12:23 AM Bug #3890: Aliases multiple CIDR ranges show error message: Phil's pull request to fix this still pending, some reason that hasn't been accepted? Chris Buechler
12:20 AM Bug #3856 (Resolved): Delete a user, edit another one and going back... delete the edited user: This seems to be fixed, and fixed a similar but different issue I'd run into but not opened a ticket for yet. Chris Buechler
12:19 AM Feature #3832 (Resolved): change default update URL to https: fixed Chris Buechler
12:17 AM Bug #3613 (Resolved): Remote syslog server gets added to " DHCP service events" without being checked.: fixed Chris Buechler
12:16 AM Bug #3237 (Resolved): "Revoked" status is incorrect for certificates that are different but share the same descriptive name.: fixed Chris Buechler
12:14 AM Bug #3080 (Resolved): 2.1-RC0 (i386) - GRE Interface not getting correct/configured MTU at boot time: works in 2.2 (and probably newer 2.1x versions than this referenced, but didn't test those) Chris Buechler
12:09 AM Revision b22f436a: s/removing/omitting/g for gateway monitor log entires. "Removing" is not necessarily correct, there are many circumstances where this runs where it wasn't there to begin with, and is potentially misleading.: Chris Buechler

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

11/09/2014

11/08/2014

11/07/2014

11/06/2014

11/05/2014

11/04/2014

11/03/2014

11/02/2014

11/01/2014

10/31/2014

10/30/2014

10/29/2014

10/28/2014

10/27/2014

10/26/2014

10/25/2014

10/24/2014

10/23/2014

10/22/2014

10/21/2014

10/20/2014

10/19/2014

10/18/2014

10/17/2014

10/16/2014

10/15/2014

10/14/2014

10/13/2014

10/12/2014

10/11/2014