Activity

30 days up to

From 10/28/2014 to 11/26/2014

08:49 PM Revision e0dd1fdd: Merge pull request #1346 from SunStroke74/patch-2: Renato Botelho
07:35 PM Revision cfbe7e09: Removing extra closing bracket: SunStroke74
07:00 PM Feature #4038 (Resolved): Button to clear the arp cache: After swapping IP from two embedded devices (WizNet RS485 Gateways) the gateways weren't reachable from an other subn... Grischa Zengel
04:05 PM Bug #3684: Openvpn not routing incomming traffic correct when using tap device: There is no other rules for the openvpn and no flowing rules,
I have tried to update to beta 2.2 and I have the sa... Lars Jensen

11:08 PM Bug #3989 (Resolved): DNS Resolver interface drop downs need enlarged: fixed Chris Buechler
07:07 PM Todo #3396: Replace dnsmasq with Unbound: I fixed some of what you noted, some has other tickets. What this ticket covers is resolved. Please post any issues y... Chris Buechler
05:33 AM Todo #3396: Replace dnsmasq with Unbound: 2.2-BETA (amd64) - built on Sat Nov 15 01:14:19 CST 2014
Host Overrides dose't work properly. Only the top one seems... Raul Ramos
05:23 AM Todo #3396: Replace dnsmasq with Unbound: 2.2-BETA (amd64) - built on Sat Nov 15 01:14:19 CST 2014
Pfsense is not the default DNS service. Do not use the DNS ... Raul Ramos
02:21 PM Revision a0f9f9f7: Changes in the test page of user manager: Silvio Aparecido Silva
11:51 AM Bug #3913: if_bridge missing ALTQ support: Will do so once i can isolate better the problem.
Thanks. Orsiris de Jong
07:36 AM Bug #4013 (Resolved): DHCP6 static bindings not included in /var/unbound/host_entries.conf: /var/unbound/host_entries.conf contains only IPv4, no IPv6 entries.
On the latest snapshot unbound restart shows t... pierre gleich
07:27 AM Revision 0c50e94b: fix missing strpos parameter: Chris Buechler
01:07 AM Bug #2882: 6RD not working in latest snapshots: Got a good deal of info gathered from OP's system, both from 2.2, and from a 2012 2.1 snapshot where 6rd works fine. ... Chris Buechler

11:12 PM Revision 63d129cc: 6RD Rapid Deployment is akin to ATM Machine, PIN Number, ... read: it's redundant. let's just call it 6RD Configuration.: Chris Buechler
11:07 PM Todo #3396 (Resolved): Replace dnsmasq with Unbound: this particular todo is complete. There are some outstanding Unbound bugs, covered in other tickets. Chris Buechler
01:42 AM Todo #3396 (Feedback): Replace dnsmasq with Unbound: default config updated. Needs more testing and feedback. Chris Buechler
10:45 PM pfSense Packages Bug #3977: Squid-dev 3.3.11_1 pkg installs but does not start on 2-2-BETA: Also, this bug affects my x64 box, so it is not just i386/x86 affected. Aaron Outhier
09:21 PM Bug #2882 (Confirmed): 6RD not working in latest snapshots: the kernel portion of this seems to be working fine in 2.2. There is an issue with the delegated prefix handling that... Chris Buechler
07:28 PM Bug #4012 (Resolved): dnsmasq doesn't listen on chosen CARP IPs: When configuring dnsmasq with specific bind IPs and choosing CARP IPs in the list, it doesn't actually bind to the CA... Chris Buechler
02:10 PM Bug #3955: IPsec dashboard widget needs adapting for 2.2: there is something here that makes the status inconsistent from time to time. Seeing it on multiple systems. Status>I... Chris Buechler
11:51 AM Revision 4dbcf2fb: Make sure dhcpleases use correct pid file for dnsmasq or unbound. Fixes #4008: Renato Botelho
11:41 AM Bug #4007: "Last activity" in CP status blank: Looks like it's a problem on ipfw patch:... Renato Botelho
10:31 AM Bug #4007 (Confirmed): "Last activity" in CP status blank: Yeah, that was with the most recent gitsynced code as of last night. The rest of those fixes were fine, this one didn... Chris Buechler
03:50 AM Bug #4007 (Feedback): "Last activity" in CP status blank: Did you try latest snapshots? I pushed a fix for this yesterday, commit commit:27c2e32e Renato Botelho
10:06 AM Bug #4009: Selecting "Embedded" during install does not activate the serial console in a persistent way on amd64: It's a regression. In previous versions with the embedded kernel you could not stop the serial console from working s... Jim Pingle
09:53 AM Bug #4009: Selecting "Embedded" during install does not activate the serial console in a persistent way on amd64: Why is this the fault of pfSense? Ermal Luçi
08:07 AM Bug #4009 (Resolved): Selecting "Embedded" during install does not activate the serial console in a persistent way on amd64: Selecting "Embedded" during install does not activate the serial console in a persistent way on amd64 now that there ... Jim Pingle
10:00 AM Bug #4011 (Resolved): Integration between unbound and dhcp is not working: dhcpleases write leases information to /etc/hosts, but unbound never uses data from it. Renato Botelho
09:51 AM Revision 9612943e: Obsolete a lot of files forgotten during all last pfSense versions. It fixes #3970: Renato Botelho
09:46 AM Revision e09797b0: Deal correct with filenames with spaces: Renato Botelho
09:46 AM Revision cc814aef: Make it possible to remove a directory on obsoletedfiles: Renato Botelho
09:46 AM Revision e0141b7a: sort obsoletedfiles: Renato Botelho
08:11 AM Bug #3966: OpenVPN crashes with AES-NI + AES-CBC: Also submitted to FreeBSD ports tree, if accepted, pfPort can be removed - https://bugs.freebsd.org/bugzilla/show_bug... Renato Botelho
07:27 AM Bug #3966: OpenVPN crashes with AES-NI + AES-CBC: Patch integrated on pfPorts and can be tested on next coming snapshots.
Also reported on https://community.openvpn... Ermal Luçi
05:40 AM Bug #3966 (Feedback): OpenVPN crashes with AES-NI + AES-CBC: The issue seems to be that openvpn setups the crypto before forking.
This makes crypto device unhappy in general and... Ermal Luçi
08:07 AM Feature #4010 (New): OpenVPN always loads engines available on openssl: OpenVPN uses EVP API and always loads all available engines and tries to use them.
In the case of aesni for AES* the... Ermal Luçi
08:07 AM Bug #3982: Installer generates errors when selecting "Embedded" but still appears to work: The error is fixed but the console problem I mentioned above is still an issue. I moved it to #4009 Jim Pingle
12:33 AM Bug #3982 (Resolved): Installer generates errors when selecting "Embedded" but still appears to work: fixed Chris Buechler
07:43 AM Revision e2accfac: Update default config.xml for 2.2. Disable dnsmasq, enable Unbound. Remove: outdated comments that used to sort of document the config file, but had
been neglected for quite some time and aren'... Chris Buechler
06:00 AM Bug #4008 (Feedback): dhcpleases doesn't restart when change from/to dnsmasq and unbound: Applied in changeset commit:4dbcf2fbcea9cfe2166c958d3872e3a7353e3c5c. Renato Botelho
05:28 AM Bug #4008 (Resolved): dhcpleases doesn't restart when change from/to dnsmasq and unbound: Steps to reproduce:
1. Configure DNS Forwarder
2. Configure DHCP server
dhcpleases is going to use '-p /var/ru... Renato Botelho
04:00 AM Bug #3970 (Feedback): some files not removed on upgrade to 2.2: Applied in changeset commit:9612943eaa3c6ef427ea4414f7c32dc2b326dd55. Renato Botelho
01:25 AM Bug #3970: some files not removed on upgrade to 2.2: also remember to add the obsolete openntpd files JimP mentioned. Chris Buechler
02:04 AM Bug #3939 (Resolved): Cannot create Host or Network type alias with an IP address/range: fixed Chris Buechler
01:22 AM Bug #4003 (Resolved): SSH host keys regenerated post-2.2 upgrade: fixed Chris Buechler

09:26 PM Bug #3998: Duplicated limiter numbers: On 2.2 I tried adding a few limiters and children and then deleting ones in the middle of the list... It seems that c... Phillip Davis
02:43 PM Bug #3998 (Resolved): Duplicated limiter numbers: I’ve 19 limiters (number 1 to 20, expect 13)
If I add a new one, he gets an already occupied number, 15. After that ... Reto Strub
03:08 PM Bug #1943: PPPoE won't reconnect after link loss when using vr(4) NICs on certain ISPs only: The bug is still here. Fresh log attached. Dmitriy K
02:20 PM Feature #2129: TCP mss clamping for IPv6: Ok, so people understand better that the input value is not taken as input value but subtracted by some (incorrect) n... Doktor Notor
11:17 AM Bug #3970: some files not removed on upgrade to 2.2: I noticed that list takes only files currently, some of those would be easier to just rm -rf a directory instead of a... Chris Buechler
07:40 AM Bug #3970 (Assigned): some files not removed on upgrade to 2.2: I was working on a similar list but only for a 2.1.5 fresh install against 2.2. Your test is better and I'll check th... Renato Botelho
07:47 AM Bug #3982: Installer generates errors when selecting "Embedded" but still appears to work: ttys_wrap file was removed on 2.2, but is still necessary o 2.1. Would be better if installer guess pfSense version b... Renato Botelho

10:09 PM Bug #3970 (Confirmed): some files not removed on upgrade to 2.2: I did a clean install of 1.0.1-REL, then upgraded that to 1.2, 1.2.1, 1.2.2, 1.2.3, 2.0, 2.0.1, 2.0.2, 2.0.3, 2.1, 2.... Chris Buechler
03:04 PM Feature #2129 (Resolved): TCP mss clamping for IPv6: MTU in RA and properly-functioning PMTUD do indeed make it questionable as to whether it's necessary. But MSS clampin... Chris Buechler
07:38 AM Feature #2129: TCP mss clamping for IPv6: Chris Buechler wrote:
> questionable whether this is necessary. Definitely not a priority for 2.2
If you question... Doktor Notor
09:30 AM Bug #3982 (Feedback): Installer generates errors when selecting "Embedded" but still appears to work: Solution put in place for having this working on 2.2 and 64bit installer. Ermal Luçi
06:06 AM Bug #3939 (Feedback): Cannot create Host or Network type alias with an IP address/range: New snapshots will contain last filterdns code Renato Botelho

11:17 PM Bug #3760 (Resolved): reply-to with TCP and IPv6 generates broken checksums: confirmed working, looks good Chris Buechler
01:48 PM Bug #3760 (Feedback): reply-to with TCP and IPv6 generates broken checksums: Reput back with proper building on snapshots. Ermal Luçi
11:14 PM Bug #3957 (Closed): 2.2 tap missing ALTQ: tun was the potentially problematic one. tap has never had ALTQ and probably isn't sensible to use in the shaper anyway. Chris Buechler
11:08 PM Bug #3913 (Resolved): if_bridge missing ALTQ support: fixed Chris Buechler
01:38 PM Bug #3913 (Feedback): if_bridge missing ALTQ support: It works for me but there were some patches accidentally removed from builds which have been put back. Ermal Luçi
11:02 PM Bug #3995 (Resolved): Site-to-site VPN not working on IKEv2: fixed Chris Buechler
12:30 PM Bug #3995: Site-to-site VPN not working on IKEv2: Applied in changeset commit:80be089f050f0f27398a2f35ff5d48f43c7cfa3f. Ermal Luçi
12:23 PM Bug #3995 (Feedback): Site-to-site VPN not working on IKEv2: Rightsourceip was being set on site-to-site/peer-to-peer configs which is wrong. Ermal Luçi
01:09 AM Bug #3995: Site-to-site VPN not working on IKEv2: I don't know the cause, but it seems most likely to be when we bumped to strongswan 5.2.1 last week. There was a patc... Chris Buechler
01:01 AM Bug #3995 (Resolved): Site-to-site VPN not working on IKEv2: Sometime in the recent past, AES-GCM has stopped working. To replicate, just setup a site to site IPsec VPN using AES... Chris Buechler
10:38 PM Bug #3979: 2.2 IPsec NAT-T / MOBIKE IKEv2 control: really needs some javascript to remove NAT-T option where IKEv2 is selected and replace with MOBIKE control. No longe... Chris Buechler
11:06 AM Bug #3979: 2.2 IPsec NAT-T / MOBIKE IKEv2 control: I'll finish this. Chris Buechler
10:32 PM Bug #2495 (Closed): pfsense doesn't seem to know what its WAN IP is: root issue is #3997, closing this in favor of that. Chris Buechler
10:31 PM Bug #3811 (Closed): IP aliases on CARP w/IPsec getting mixed up on addition of a new VLAN.: root issue is #3997, closing this in favor of that. Chris Buechler
10:31 PM Bug #3997 (Resolved): get_interface_ip() returns first IP on interface, not necessarily primary IP: In some circumstances, IPs can be added/removed from an interface in such ways that an interface's primary IP is no l... Chris Buechler
10:10 PM Bug #3996 (Needs Patch): Solarflare NIC panic with LACP: Up to and including 2.2 are affected by the bug described here.
https://bugs.freenas.org/issues/4803
There is a ... Chris Buechler
06:28 PM Revision 80be089f: Fixes #3995. Do not set rightsourceip on site-to-site VPNs but only on mobile users ones otherwise nothing works.: Ermal LUÇI
04:04 PM Bug #3970: some files not removed on upgrade to 2.2: confirmed that works now. Need to do more testing to ensure the obsoletedfiles list is complete. Chris Buechler
02:25 PM Bug #3981: strongswan "gets crazy" after a few reloads, wipes SAD and doesn't remove old SPD: One way to replicate is changing the P2 local and/or remote subnet on a functional site to site VPN. Check SAD and SP... Chris Buechler
12:37 PM Bug #3981 (Feedback): strongswan "gets crazy" after a few reloads, wipes SAD and doesn't remove old SPD: I cannot reproduce it on my side but for sure it was reloading secrets/crl/ca/cert's but was not realoding the config... Ermal Luçi
01:41 PM Bug #3939 (Assigned): Cannot create Host or Network type alias with an IP address/range: Ermal pointed that the function I disabled is needed in some specific cases. I'm reviewing Renato Botelho
01:37 PM Revision 20a95904: Make ipsec_starter log go to ipsec.log rather than system one: Ermal LUÇI
01:34 PM Bug #3987 (Confirmed): not possible to have both IKEv1 and IKEv2 mobile P1s: some limitations in strongswan that might make this difficult, as well as GUI design issues. Probably postpone the fu... Chris Buechler
01:14 PM Revision e82a1d11: Reload also the configuration not only the secrets before trying to apply existing configuration. Ticket #3981: Ermal LUÇI
12:38 PM Bug #3982: Installer generates errors when selecting "Embedded" but still appears to work: Isn;t memstick just a loader.conf option kernel rather than else on amd64? Ermal Luçi
07:01 AM Bug #3982: Installer generates errors when selecting "Embedded" but still appears to work: Even with only one kernel a choice must still be made about the console, so changing this screen into a console selec... Jim Pingle
03:45 AM Bug #3982: Installer generates errors when selecting "Embedded" but still appears to work: The issue here is that the amd64 builds do not have anymore the wrap kernels.
Only i386 has this type of kernel.
... Ermal Luçi
12:10 PM pfSense Packages Bug #3994: sudo package not working on 2.2: I added my workaround mentioned above for now. The other issue needs verified to ensure there isn't a larger problem ... Jim Pingle
12:05 PM pfSense Packages Bug #3994: sudo package not working on 2.2: The latest sudo 0.2.3 works for me, both on a production 2.1.5 system and a test 2.2 system. Phillip Davis
08:24 AM pfSense Packages Bug #3994: sudo package not working on 2.2: The binary is looking for its files in /usr/local/ when they live in the PBI dir /usr/pbi/sudo-<arch>/local/
I can... Jim Pingle
05:59 AM pfSense Packages Bug #3994: sudo package not working on 2.2: Indeed, same for me. I should really have been using some security on test systems rather than just the root/admin ac... Phillip Davis
12:37 AM pfSense Packages Bug #3994 (Resolved): sudo package not working on 2.2: With a completely default config, when trying to use sudo, you just get: ... Chris Buechler
11:37 AM pfSense Packages Bug #2992: Boot problem after upgrade: Hello,
New 2.1.4 install here, then upgraded to 2.1.5.
I then installed bandwidthd and just had the no boot iss... System IT
05:19 AM Revision bcb83c9e: Reintroduce graphcounter var to traffic_graphs.widget.php: This counter got lost in commit https://github.com/pfsense/pfsense/commit/ee965a5c7bf37b852795e1201688e3b20bf3d8d1
Bu... Phil Davis
04:11 AM Revision a8380480: fix text: Chris Buechler
04:09 AM Revision 6859f881: show interface name, not identifier: Chris Buechler
04:03 AM Revision d3d23754: fix text, PPPoE Server, not VPN: Chris Buechler
03:53 AM Bug #3941: adding a DHCP client interface results in missing default gateway on 2.2: I'll take it. Renato Botelho
03:11 AM Bug #3960 (Closed): deleting or changing phase 2 doesn't remove former P2: Ticket #3981 is the root cause Renato Botelho
02:19 AM Revision 7bd413eb: add a route debug option to log info about route commands executed (where those aren't already logged) to help with troubleshooting various routing scenarios.: Chris Buechler

10:51 PM Bug #3987 (Resolved): not possible to have both IKEv1 and IKEv2 mobile P1s: There can only be one mobile P1 currently, which restricts you unnecessarily to only either IKEv1 or IKEv2 for mobile... Chris Buechler
09:31 PM Bug #3979: 2.2 IPsec NAT-T / MOBIKE IKEv2 control: this is correct for IKEv1 after my commits earlier. Seems to be working as it should. It'll continue to work on upgra... Chris Buechler
01:58 PM Bug #3979 (Confirmed): 2.2 IPsec NAT-T / MOBIKE IKEv2 control: after further review and discussion with Ermal, the code is there to set forceencaps, it just isn't setting it correc... Chris Buechler
05:56 AM Bug #3979 (Feedback): 2.2 IPsec NAT-T / MOBIKE IKEv2 control: I have pushed them recently to be enforced.
The only remaining task is to remove Force from the options list because... Ermal Luçi
08:49 PM Revision ea20169a: Use a better method of finding disks for SMART.: Old code was inaccurate and also listed entries that were symlinks to other disks Jim Pingle
08:39 PM pfSense Packages Bug #3986: BandwidthD can break php-fpm in unknown rare edge case: In addition to the 2.2 issue of it somehow taking over php-fpm and thus breaking webGUI and...
I will note here that... Phillip Davis
05:53 PM pfSense Packages Bug #3986 (Closed): BandwidthD can break php-fpm in unknown rare edge case: Hi,
Having a lot of struggles with BandwidthD in v2.2 More info here,
https://forum.pfsense.org/index.php?topic=7... Russell Morris
08:21 PM Revision 0810a719: Restore 3 values back on NAT-T settings Just Enable now its Auto as per strongswan default. and off disabled mobike. Ticket #3979: Ermal LUÇI
08:08 PM Revision 1db2634e: Rename the options to actually make sense with strongswan: Ermal LUÇI
08:07 PM Revision 86ef7a0a: Remove Force options since it has not meaning for now.: Ermal LUÇI
07:31 PM Revision 756d867a: fix comment: Chris Buechler
06:49 PM Bug #3960: deleting or changing phase 2 doesn't remove former P2: similarly, disabling a P1 doesn't remove it from the SPD nor SAD. It does remove it from the config file. Chris Buechler
12:02 AM Bug #3960 (Confirmed): deleting or changing phase 2 doesn't remove former P2: I confirmed it again on the most recent snapshot. In addition to changing it not removing, deleting a P2 doesn't remo... Chris Buechler
05:50 PM pfSense Packages Bug #3985: apcupsd / nut not working in v2.2: Sorry, meant to add this for help, missed it,
https://forum.pfsense.org/index.php?topic=80248.msg437658#msg437658
Russell Morris
05:50 PM pfSense Packages Bug #3985 (Closed): apcupsd / nut not working in v2.2: Hi,
I can't seem to get apcupsd or nut working in v2.2 - looks like a USB / driver issue, but I definitely could b... Russell Morris
05:44 PM Revision 5711c446: Catch some more sensitive info when sanitizing.: Jim Pingle
05:43 PM Revision 8a2229e3: Catch some more sensitive info when sanitizing.: Jim Pingle
05:22 PM Bug #3984 (Confirmed): system booted with DHCP client NIC unplugged never kicks off dhclient: Chris Buechler
01:48 PM Bug #3984 (Resolved): system booted with DHCP client NIC unplugged never kicks off dhclient: Take a simple LAN/WAN setup, WAN set as a DHCP client. Boot the system with WAN's NIC unplugged. Then plug the NIC in... Chris Buechler
03:26 PM Bug #3760 (Feedback): reply-to with TCP and IPv6 generates broken checksums: I pushed a fix that should treat this, test with new snapshots. Ermal Luçi
02:28 PM Todo #3958: test 2.2 upgrade scenarios: aside from things that have bugs open, and things that can't be tested because of other open bugs, this seems fine. S... Chris Buechler
11:09 AM pfSense Packages Todo #3983 (Needs Patch): Option for Cron Package: Jim Pingle
10:25 AM pfSense Packages Todo #3983 (Needs Patch): Option for Cron Package: Hello,
It's possible to add a custom button or other for disable or/and enable a cron task.
In the lastest versio... Julien Bénic
08:42 AM Bug #3361: DHCP6 WAN is not obtaining a default gateway: Watch out for this one. It works on some boots and not others, or depending on the timing. There's a race condition s... Jim Pingle
07:55 AM Bug #3982 (Resolved): Installer generates errors when selecting "Embedded" but still appears to work: When running the installer and choosing "Embedded" two errors are given by the GUI but if "skip" is chosen the instal... Jim Pingle
05:57 AM Bug #3957: 2.2 tap missing ALTQ: As i said before TAP should behave the same on 2.1 as well Ermal Luçi

09:56 PM Bug #3981 (Resolved): strongswan "gets crazy" after a few reloads, wipes SAD and doesn't remove old SPD: This is a recent regression in 2.2. diag_ipsec_spd.php shows "No IPsec security associations" when there are active, ... Chris Buechler
09:47 PM Bug #3980 (Resolved): wrong static routes added for remote P2 subnets: A static route for the remote network of every P2 is added in 2.2, pointing to WAN's gateway IP. I'm guessing the int... Chris Buechler
09:32 PM Bug #3961 (Resolved): only first of multiple P2s works in 2.2: the issue described here is resolved. The two Ermal noted we'll discuss Chris Buechler
09:33 AM Bug #3961: only first of multiple P2s works in 2.2: I have done testing on this.
It works even today as is.
List of issues i am after:
- Racoon does not like agress... Ermal Luçi
08:53 PM Bug #3979 (Resolved): 2.2 IPsec NAT-T / MOBIKE IKEv2 control: The enable/disable/force NAT-T settings from earlier versions don't do anything in 2.2. It appears in newer strongswa... Chris Buechler
07:38 PM Bug #3913 (Confirmed): if_bridge missing ALTQ support: no change Chris Buechler
07:37 PM Bug #3957 (Confirmed): 2.2 tap missing ALTQ: tun is fine, tap not. Chris Buechler
07:35 PM Bug #3974 (Resolved): DNS Resolver: Advanced - Error in description: looks good, thanks Warren Chris Buechler
07:00 AM Bug #3974 (Feedback): DNS Resolver: Advanced - Error in description: Applied in changeset commit:d5566d43f4ace5036b5e5476d975bb8d13ce3b6f. Warren Baker
05:23 AM Bug #3974: DNS Resolver: Advanced - Error in description: Yeah i have the changes done. Just haven't submitted a pull request just yet. There are a few more which Im still goi... Warren Baker
05:10 AM Bug #3974: DNS Resolver: Advanced - Error in description: I have a bit of code to make that all consistent. I also see that Wagonza just made some updates to the related files... Phillip Davis
01:38 AM Bug #3974: DNS Resolver: Advanced - Error in description: Just noticed that the same issue exists for a few other items on the same page:
Outgoing TCP Buffers 0 vs 10
In... Dustin Dembeck
01:28 AM Bug #3974 (Resolved): DNS Resolver: Advanced - Error in description: Go to Services -> DNS Resolver -> Advanced -> Outgoing TCP Buffers and Incoming TCP Buffers (/services_unbound_advan... Dustin Dembeck
07:18 PM Bug #2650: FTP helper breaks TCP sequence numbers on 2nd WAN: assigning to me for further testing. Unchanged in 2.2 from prior releases, not a common enough issue to hold up and p... Chris Buechler
07:01 PM Bug #1928 (Resolved): Can't sync voucher database when carp peer is also active: fixed. Voucher sync is separate from CP's config sync, it does work. Chris Buechler
06:55 PM Bug #3361 (Confirmed): DHCP6 WAN is not obtaining a default gateway: no change Chris Buechler
05:54 PM Feature #3978 (Needs Patch): Backup and Restore configuration: Chris Buechler
04:58 PM Feature #3978 (Needs Patch): Backup and Restore configuration: Hi,
It's possible to add a custom area to select only backup or restore
-One for Limiter
-One for Layer7
Than... Julien Bénic
05:35 PM pfSense Packages Bug #3977: Squid-dev 3.3.11_1 pkg installs but does not start on 2-2-BETA: Nev Secular wrote:
> 2.2-BETA (i386) built on Thu Oct 30 13:58:57 CDT 2014 FreeBSD 10.1-RC3
> After installing squi... Nev Secular
04:42 PM pfSense Packages Bug #3977 (Resolved): Squid-dev 3.3.11_1 pkg installs but does not start on 2-2-BETA: 2.2-BETA (i386) built on Thu Oct 30 13:58:57 CDT 2014 FreeBSD 10.1-RC3
After installing squid-dev 3.3.11_1 pkg squid... Nev Secular
05:27 PM Revision f384d8a5: Merge pull request #1329 from phil-davis/patch-3: Renato Botelho
04:43 PM Revision a3fad592: Fixup dhcpd interface enabled check: Phil Davis
03:31 PM Bug #3951 (Resolved): Processes like filterdns and ipfw-classifyd accumulate many open file handles: Ermal Luçi
03:04 PM Revision ba667cc6: Fix console set interface IP address: Problem as per forum https://forum.pfsense.org/index.php?topic=83651.0
The problem comes whenever services_dhcpd_conf... Phil Davis
02:30 PM Bug #3941 (Confirmed): adding a DHCP client interface results in missing default gateway on 2.2: that didn't fix the issue described here Chris Buechler
01:32 PM Bug #3970 (Confirmed): some files not removed on upgrade to 2.2: /tmp/post_upgrade_command.php is executed after new files are in place and before reboot, probably the root cause is ... Renato Botelho
12:56 PM Revision ec290464: Merge pull request #1328 from wagonza/master: Renato Botelho
12:54 PM Revision fe9d4894: Fix indent: Renato Botelho
12:52 PM Revision 2783e408: Revert "Indent better": This reverts commit a431bfc9e698c753d9a54218af9076184deb6251. Renato Botelho
12:45 PM Revision d5566d43: Make sure defaults values are actually used. Fixes #3974: Warren Baker
11:48 AM pfSense Packages Bug #3975 (Rejected): Gateway Monitoring Offline: not true, please post more info to the forum or list for assistance. Chris Buechler
05:27 AM pfSense Packages Bug #3975 (Rejected): Gateway Monitoring Offline: PfSense 2.2 shows gateways as always offline Russell Wilson
11:45 AM Bug #3976 (Resolved): VLAN Interfaces on LAGG get orphaned on LAGG change: that is replicable on 2.1.x but not 2.2, already fixed there. Chris Buechler
11:04 AM Bug #3976 (Resolved): VLAN Interfaces on LAGG get orphaned on LAGG change: Reproduce:
1. Create LAGG with e.g. em3 + em4, LACP and a nice description
2. Create a few vlans and assign them ... Jens Weibler
10:48 AM Revision 7bb24e18: Merge pull request #1327 from wagonza/pfSense-master: Renato Botelho
10:30 AM Bug #1629: invalid state table entries after WAN IP change: It's not the gateway that needs states killed, it's the old WAN IP. Chris Buechler
06:36 AM Bug #1629: invalid state table entries after WAN IP change: I'm on ... Anonymous
10:08 AM Revision 46a989ce: Indent here as well: Warren Baker
10:08 AM Revision a431bfc9: Indent better: Warren Baker
10:04 AM Revision 1b436de1: Be consistent with the other pages: Warren Baker
10:03 AM Revision be11b6f1: Add braces: Warren Baker
08:27 AM Revision 4c3abd34: Fix obviously broken test in rc.initial.setlanip: IMO might as well back-port any obviously wrong code to 2.1 branch, just in case anybody on 2.1.n cares for it or the... Phil Davis
07:54 AM Revision 0a89d059: Merge pull request #1324 from phil-davis/patch-3: Renato Botelho
06:04 AM Revision 8727b3c8: Set interface address from consol tidy output: While trying to see why this is not working for me (forum https://forum.pfsense.org/index.php?topic=83651.0 ) I have ... Phil Davis
03:12 AM Bug #3940 (Resolved): check_reload_status uses deprecated libevent-1.4: Renato Botelho
02:35 AM Bug #3940: check_reload_status uses deprecated libevent-1.4: It also looks good on my custom build - no high CPU load. Thomas Hilse

05:48 PM Bug #3973 (Resolved): Route 53 dynamic DNS provider fails to update record: Existing records are not updating with the Route 53 dynamic DNS provider.
Records that do not exist are created p... Grant Horning
08:58 AM Bug #3951: Processes like filterdns and ipfw-classifyd accumulate many open file handles: Updated to:
2.2-BETA (amd64)
built on Sat Nov 01 21:36:28 CDT 2014
FreeBSD 10.1-RC4
Now filterdns has just 8 th... Phillip Davis
05:46 AM Bug #3951: Processes like filterdns and ipfw-classifyd accumulate many open file handles: My main 2.1.5 production system is the big offender with this - it has over 4000 in filterdns fstat. But I can't upgr... Phillip Davis

10:05 PM Revision a94a16cd: s/a/an/ and speling.: derelict-pf
09:55 PM Revision 162a7b4e: s/then/than/: derelict-pf
09:13 PM Bug #3666: PMTUD is broken for NATed traffic: Ermal - no change with the kernel you built. I have a test setup up now that you can reach. /msg me for info. Chris Buechler
05:11 PM Bug #3970 (Resolved): some files not removed on upgrade to 2.2: There is at least one file from earlier versions that has to be removed in the process of upgrading to 2.2, with setk... Chris Buechler
02:46 PM Bug #3961: only first of multiple P2s works in 2.2: this is for site to site VPNs with > 1 P2. One easy way to replicate, setup a site to site IPsec between 2.1.5 and 2.... Chris Buechler
02:39 PM Bug #3961 (Feedback): only first of multiple P2s works in 2.2: It works for me for mobile clients which this issue is about!
The unity plugin sends split-include sections now. Ermal Luçi
02:26 PM Revision 4045cf1e: Fix two more instances of rrd.tgz renaming.: Jim Pingle
02:26 PM Revision 8560c756: Fix two more instances of rrd.tgz renaming.: Jim Pingle
02:24 PM Bug #3913 (Feedback): if_bridge missing ALTQ support: Should work correctly on new snapshots. Ermal Luçi
02:15 PM Bug #3957 (Feedback): 2.2 tap missing ALTQ: Ermal Luçi
02:12 PM Bug #3957: 2.2 tap missing ALTQ: Ok reproduced only for TAP, tun is ok.
Also i think tap behaved the same before. Ermal Luçi
02:04 PM Bug #3957: 2.2 tap missing ALTQ: I cannot replicate this on tun/tap?!!!
I do not even see changes in code to not support it! Ermal Luçi
01:30 PM Bug #3941: adding a DHCP client interface results in missing default gateway on 2.2: I'll take this one Chris Buechler
12:44 PM Bug #3870 (Closed): re(4) NICs on APU are unable to hardcode speed/duplex properly: PC Engines not aware of the issue, but not surprised by it given Realtek's horrible documentation.
We've confirme... Chris Buechler
12:39 PM Bug #3876 (Resolved): pfsync is not synchronizing states on 2.2: looks to be fine, works in both directions from testing. Chris Buechler
08:08 AM Bug #3960 (Feedback): deleting or changing phase 2 doesn't remove former P2: I couldn't reproduce it, I changed local or remote subnet and it worked as expected. Can you confirm it is still happ... Renato Botelho
07:27 AM Bug #3969 (Resolved): apinger configuration for DHCPv6 gateway is missing interface scope on source IP and target: When using a DHCPv6 WAN, apinger sets the srcip to be the interface link-local address but it does not set the scope ... Jim Pingle
06:45 AM Bug #3940: check_reload_status uses deprecated libevent-1.4: New snapshots are available, using libevent 2.0 and check_reload_status with fixes. Renato Botelho
04:06 AM Bug #3940: check_reload_status uses deprecated libevent-1.4: pfsense-tools repo already have the final patch applied, please try it or wait new snapshots today yet. Renato Botelho
03:00 AM Bug #3940: check_reload_status uses deprecated libevent-1.4: After applying your patch there are still 3 statements with "socket_close_command(fd, ev);" left:
root@pfsense-bui... Thomas Hilse
02:24 AM Revision c656bc75: Fix getext to gettext typo: Phil Davis
02:23 AM Revision 41aa5cd4: Fix getext to gettext typo: Phil Davis
02:23 AM Revision 29af6265: Fix getext to gettext typo: Phil Davis
02:22 AM Revision 24516832: Fix getext to gettext typo: Phil Davis
02:21 AM Revision b3f0b2e1: Fix getext to gettext typo: Phil Davis
02:10 AM Revision 687712ee: More gettext typos: Phil Davis
02:10 AM Revision 95169728: More gettext typos: Phil Davis
02:09 AM Revision c69f62b8: More gettext typos: Phil Davis
02:07 AM Revision 91ee10c0: More gettext typos: Phil Davis
01:30 AM Revision e4982b90: fix typoed gettext: Chris Buechler

09:37 PM Revision 1ae41bfe: Kill states associated with the old WAN IP when WAN IP has changed. Retain: hidden config option to wipe all states on IP change, as there seemed to
be circumstances where the 'pfctl -k $oldip'... Chris Buechler
08:35 PM Revision 737b18f2: Allow accept_unencrypted_mainmode_messages to be enabled if needed: Ermal LUÇI
06:15 PM Revision 461eac09: only kill all states if the IP changed. ticket #1629: Chris Buechler
05:03 PM Bug #1629 (Resolved): invalid state table entries after WAN IP change: this is fixed. The states of the former WAN IP are now killed post-IP change, which should resolve nearly all cases w... Chris Buechler
04:59 PM Bug #3921 (Resolved): max-packets option missing from pfctl: issue here is resolved Chris Buechler
04:23 PM Bug #3921 (Feedback): max-packets option missing from pfctl: Its expected and resolving this is not in plan for 2.2.
Also that is not what this ticket is about. Ermal Luçi
04:02 PM Bug #1928: Can't sync voucher database when carp peer is also active: I am unsure if this should be allowed!
Normally switching to master it should have the latest voucher status synched... Ermal Luçi
03:04 PM Bug #3876 (Feedback): pfsync is not synchronizing states on 2.2: Seems to be working for me now. Ermal Luçi
02:06 PM Bug #3760 (Confirmed): reply-to with TCP and IPv6 generates broken checksums: the most common scenario here is fixed, IPv4 is fine, but IPv6 has regressed from 2.1.x. reply-to with v6 works in pr... Chris Buechler
01:54 PM Bug #3947 (Resolved): "ipsec_starter: Bad file descriptor" spams system log: This seems to be resolved with confirmation from https://forum.pfsense.org/index.php?topic=81440.msg457606#msg457606 Ermal Luçi
01:43 PM Bug #3949 (Confirmed): Dynamic DNS public IP check always uses default gateway: Chris Buechler
01:42 PM Bug #3967 (Confirmed): Need to restore IP aliases on CARP IPs in 2.2: Chris Buechler
01:42 PM Bug #3968 (Confirmed): Incorrect gateway is assumed when using tun + topology subnet: I re-opened it after confirming that atypical circumstance. Your pull request is wrong though, it fixes a rare edge c... Chris Buechler
01:31 PM Bug #3968: Incorrect gateway is assumed when using tun + topology subnet: Well, I won't argue. If you see no bug then there is no bug.
Dmitriy K
01:28 PM Bug #3968 (New): Incorrect gateway is assumed when using tun + topology subnet: Chris Buechler
01:13 PM Bug #3968: Incorrect gateway is assumed when using tun + topology subnet: this is valid with topology subnet in newer versions Chris Buechler
01:10 PM Bug #3968: Incorrect gateway is assumed when using tun + topology subnet: I know that pfsense team wants to release 2.2 asap but its quality will suffer if fast decisions were taken place.
... Dmitriy K
12:55 PM Bug #3968 (Rejected): Incorrect gateway is assumed when using tun + topology subnet: scratch that, can happen with topology subnet Chris Buechler
07:23 AM Bug #3968 (Resolved): Incorrect gateway is assumed when using tun + topology subnet: The script */usr/local/sbin/ovpn-linkup* has en error where network mask is returned as a gateway when no gateway pro... Dmitriy K
12:29 PM Bug #3870: re(4) NICs on APU are unable to hardcode speed/duplex properly: I contacted Pascal @ PC Engines to see if that's an issue they're aware of and if they have any further info on it.
... Chris Buechler
10:44 AM Bug #3870: re(4) NICs on APU are unable to hardcode speed/duplex properly: Boy I sure hope this is somehow fixable in software - we have a fair handful of APUs deployed already and continue to... → luckman212
12:41 AM Bug #3870: re(4) NICs on APU are unable to hardcode speed/duplex properly: Linux much happier on SD card in the APU, couldn't get anything to boot from USB flash.
TLDR version: either the... Chris Buechler
12:12 AM Bug #3870: re(4) NICs on APU are unable to hardcode speed/duplex properly: Either OpenBSD has the same problem, or this is a hardware issue. ... Chris Buechler
10:21 AM Bug #2406: No IP alias within the subnet of a CARP IP can be deleted: Chris Buechler wrote:
> This is fixed. You can't remove the last IP alias on the subnet of a CARP IP because it'll b... Nei Ka
07:47 AM Bug #3940: check_reload_status uses deprecated libevent-1.4: That previous patch is not correct, consider this one. Renato Botelho

10:49 PM Bug #3964 (Resolved): Web interface fails to load on first boot: fixed Chris Buechler
10:43 PM Bug #3894: OpenVPN client started multiple times when connecting to FQDN where connectivity to server is delayed: The specific issue here is OpenVPN client is launched multiple times when connecting to FQDN with "resolv-retry infin... Chris Buechler
08:39 PM Revision 5274102e: Hide burst for limiters, since it doesn't do anything. more details in: ticket #3933 Chris Buechler
06:52 PM Bug #3940 (Feedback): check_reload_status uses deprecated libevent-1.4: Thomas, could you try attached patch, built with libevent 2.0 and let me know the result? Renato Botelho
09:01 AM Bug #3940 (Confirmed): check_reload_status uses deprecated libevent-1.4: I built a custom image and confirmed it. We are not seeing it on our snapshots because builder was not updated and st... Renato Botelho
06:35 PM Bug #3937 (Resolved): Interfaces Dashboard Widget - Font to big and scaling wrong: fixed. Chris Buechler
05:33 PM Bug #3967 (Resolved): Need to restore IP aliases on CARP IPs in 2.2: Ticket for what Ermal and I discussed earlier re: IP aliases on CARP. That functionality is effectively gone from 2.2... Chris Buechler
05:28 PM Bug #3760 (Feedback): reply-to with TCP and IPv6 generates broken checksums: with a kernel Ermal built with his changes as committed earlier, v4 reply-to looks to be fine in all scenarios. Will ... Chris Buechler
02:45 PM Bug #3760: reply-to with TCP and IPv6 generates broken checksums: Current status is broken checksums on IPv6, source NAT doesn't apply to translate the IP back on IPv4 (though return ... Chris Buechler
05:26 PM Bug #3870: re(4) NICs on APU are unable to hardcode speed/duplex properly: I'll try this on Linux to see how that behaves, should help narrow down whether it's hardware or driver. Chris Buechler
05:25 PM Bug #1634: Limiter and bridge needs special handling: to me to review in combination with the other limiter tickets.
non-regression and uncommon issue, removing 2.2 ta... Chris Buechler
03:36 PM Bug #3913 (Confirmed): if_bridge missing ALTQ support: hm, not sure what I was trying at the time, apparently I missed assigning the bridge or something. thanks for the fol... Chris Buechler
02:41 AM Bug #3913: if_bridge missing ALTQ support: Hello,
Sorry for the late testing.
I tried to reenable traffic shaping via the wizard but get this one:
[[There... Orsiris de Jong
03:34 PM Feature #3933 (Confirmed): Limiter burst doesn't have any effect: dummynet burst on stock FreeBSD 10.1 does indeed work how I'd expect it to work. Ours doesn't have any impact whatsoe... Chris Buechler
01:02 PM Revision a4372874: Fix a typo on array index, related to ticket #3963: Renato Botelho
11:16 AM Bug #3963: PPPoE client interface status wrong while attempting to connect: Yeah it really should say "Connecting", how difficult would it be to make that happen? I don't think this is a regres... Chris Buechler
07:56 AM Bug #3963 (Feedback): PPPoE client interface status wrong while attempting to connect: After doing somo analysis, my understanding is 'Status' is supposed to be up, since interface exists on operating sys... Renato Botelho
11:10 AM Feature #3365 (Resolved): Implement package signing: After discussion with Jeremy, we're satisfied this is good for 2.2. Chris Buechler
10:47 AM Feature #3365: Implement package signing: We'll create a secured key repository, and signing keys will be imported into it for access. Renato will create the ... Jeremy Porter
06:08 AM Revision 002d286c: fix up text: Chris Buechler
12:53 AM Bug #1943: PPPoE won't reconnect after link loss when using vr(4) NICs on certain ISPs only: this may or may not still be an issue with 2.2, much has changed, and this is something we've never been able to repl... Chris Buechler
12:50 AM Bug #3961 (Confirmed): only first of multiple P2s works in 2.2: Chris Buechler
12:48 AM Bug #3890 (Resolved): Aliases multiple CIDR ranges show error message: Chris Buechler
12:39 AM Bug #3966 (Confirmed): OpenVPN crashes with AES-NI + AES-CBC: Chris Buechler
12:39 AM Bug #3966 (Resolved): OpenVPN crashes with AES-NI + AES-CBC: On systems with AES-NI enabled, OpenVPN using AES-128-CBC, AES-192-CBC, and AES-256-CBC crashes on start. ... Chris Buechler

Also available in: Atom

pfSense

Activity

Project

General

Profile

pfSense

Activity

Activity

11/26/2014

11/25/2014

11/24/2014

11/23/2014

11/22/2014

11/21/2014

11/20/2014

11/19/2014

11/18/2014

11/17/2014

11/16/2014

11/15/2014

11/14/2014

11/13/2014

11/12/2014

11/11/2014

11/10/2014

11/09/2014

11/08/2014

11/07/2014

11/06/2014

11/05/2014

11/04/2014

11/03/2014

11/02/2014

11/01/2014

10/31/2014

10/30/2014

10/29/2014

10/28/2014