Activity
From 12/07/2014 to 01/05/2015
01/05/2015
-
08:07 PM Bug #4174: multi-WAN IPsec uses wrong interface at times
- I'm testing on a production system where I've been looking into a separate IPsec issue as well. Now setting up a test...
-
07:41 PM Bug #4180: OpenVPN Backend for authentication field does not process in other languages
- Proposed fix: https://github.com/pfsense/pfsense/pull/1422
-
- Forum: https://forum.pfsense.org/index.php?topic=86326.0
The code is using the text of the translated name to try an... - 06:57 PM Revision 055bd1ee: Allow IPv6 on loopback needs quick
- The following block uses "quick" which causes that block to come into effect before the "pass in" here. The pass rule...
- 06:57 PM Revision 386788e2: Merge pull request #1419 from phil-davis/patch-2
- 06:56 PM Revision 91a84a26: Limit unbound so-rcvbuf: 8m
- Issue reported here: https://forum.pfsense.org/index.php?topic=78356.msg472781#msg472781
Most unbound doc places ment... - 06:56 PM Revision 6d8dadb5: Merge pull request #1420 from phil-davis/patch-3
- 05:44 PM Revision cfb5073f: Fix #4090:
- - Unbound advanced options may contain double quotes and it breaks the
syntax when a backup is restored because newli... - 05:41 PM Revision 0a23cddc: Fix #4090:
- - Unbound advanced options may contain double quotes and it breaks the
syntax when a backup is restored because newli... - 02:58 PM Revision 24149c31: It's supposed to remove windows EOL here, not ;
- 02:58 PM Revision 7f5c2669: Make it possible to backup/restore 'DNS Resolver' section individually
- 02:57 PM Revision fbf3d06e: It's supposed to remove windows EOL here, not ;
- 02:57 PM Revision fb130335: Make it possible to backup/restore 'DNS Resolver' section individually
-
02:15 PM Feature #4179 (Closed): Driver oce is missing from 2.2 RC
- The driver oce (oce.ko) to support Emulex 10 GE NICs is missing from pfSense 2.2 RC but available and working in Free...
-
- Under some circumstance we haven't exactly narrowed down yet, having the Cisco unity plugin enabled in strongswan cau...
- 01:17 PM Revision 62403377: Do not monitor a gateway that has not got DHCP yet
- When an interface is waiting to get DHCP, but the cable is physically-electrically connected to the upstream device, ...
- 01:16 PM Revision fd9b1512: Merge pull request #1414 from phil-davis/patch-1
-
11:50 AM Bug #4090: unbound advanced settings cause broken unbound.conf file
- Applied in changeset commit:cfb5073f83fa80e5b40476b12ea91ff5114c60fc.
-
- Applied in changeset commit:0a23cddced057d929c53f3ad1e5d6898a3fada50.
-
- Confirmed. Steps to reproduce on 2.2:
* Configure DNS Resolver Advanced Options with the following content... -
08:06 AM Bug #4090: unbound advanced settings cause broken unbound.conf file
- Jim P wrote:
> Any chance we could get the exact config.xml section that exhibited the problem?
Attached is the f... -
- please replicate on stock FreeBSD 10.1 and report upstream
-
- Confirmed that pull request 1421 code is working for the user in forum: https://forum.pfsense.org/index.php?topic=862...
-
08:36 AM
Bug #4177: Bug in OpenVPN user/pass auth
- For instance if the password ends with a +
-
- I think Ermal was fixing some of that. Give an example of final char/s that still do not work on latest snapshots - t...
-
07:18 AM
Bug #4177 (Resolved): Bug in OpenVPN user/pass auth
- As stated in https://forum.pfsense.org/index.php?topic=85311
OpenVPN user/pass auth fails if passwords end on spec... -
- After the fix is pushed, revert commit:eea2ad5d
-
- The bug described in this ticket is resolved. The maintenance mode issue will be fixed when #3910 fix is pushed and c...
-
- Pull request merged
-
02:37 AM pfSense Packages Feature #3685: haproxy listener ip from alias
- Hi,
I had added before this feature to the my own haproxy.
Thanks for the feature.
01/04/2015
-
- works, thanks
-
- the original issue here is fixed, and this looks to work fine in general.
Richard: if you can re-test with 2.2 an... -
06:36 PM Bug #4174: multi-WAN IPsec uses wrong interface at times
- Do you have a test case setup?
When you do, let's assign this to Ermal. -
- I'm not sure how to test this. (I don't want an Office365 Mail account.)
-
- Proposed implementation of this: https://github.com/pfsense/pfsense/pull/1421
It works for me on a mail server that ... -
07:24 AM Feature #4176 (Resolved): Add support for SMTP authentication mechanisms
- This may apply to more than Office365 mail, but it does impact this mail system for sure. Details (and the fix) are a...
- 04:37 PM Revision 305856e8: Support for Office365 Mail
- https://redmine.pfsense.org/issues/4176
Allow the user to choose SMTP authentication mechanism PLAIN or LOGIN.
For ex... - 04:33 PM Revision c4249322: Support choice of SMTP Authentication Mechanisms
- https://redmine.pfsense.org/issues/4176
I have left some documentation here of other mechanisms that someone might ca... - 03:19 PM Revision 4708c6f0: Limit unbound so-rcvbuf: 8m
- Issue reported here: https://forum.pfsense.org/index.php?topic=78356.msg472781#msg472781
Most unbound doc places ment... - 02:32 PM Revision c876b212: Allow IPv6 on loopback needs quick
- The following block uses "quick" which causes that block to come into effect before the "pass in" here. The pass rule...
- 01:59 PM Revision f79f9497: completed confbak and backup/restore
-
12:27 PM pfSense Packages Feature #3685: haproxy listener ip from alias
- I've included some ability to use aliases, and add multiple ip's in 1 frontend. Does this satisfy your needs?
-
- Using the 'shared frontends' its possible to define acl's for different backends, this should allow for 'most' common...
- 11:57 AM Revision 7d5b007c: initial drag/drop WIP, working on backup/restore page
-
- Well noted Andy, the pass was not having effect. It needs "quick" on that pass rule.
Pull request: https://github.co... -
- And some updates for apcupsd (hope this info helps!).
Thanks!
-
- Hi,
Hopefully this is helpful info, but here is another package that still need a minor / slight correction (detai...
01/03/2015
-
10:37 PM Bug #4175 (Rejected): kernel panic when loading run driver for RT3070
- I get a kernel panic whenever trying to load the run wireless driver on the 2.2-RC i386 snapshots:
<118>Configurin... -
10:28 PM Bug #4074: Status NTP does not display any result if IPv6 Allow is off
- I'm still seeing IPv6 lo traffic blocked in the Fri Jan 02 14:50:21 CST 2015 2.2-RC build. Screenshot attached and ex...
-
05:33 AM Feature #4133: Add GUI setting for VLANs PCP
- I just realized that the blob in the git diff regarding configuration compatibility has a few missing brackets. I gue...
01/02/2015
-
- Still quantifying exactly what's happening here, it's hit and miss. Some ISAKMP and/or ESP traffic ends up following ...
-
03:20 PM Todo #4173 (Resolved): Web site cleanup - deprecated 512 MB images
- In the pfsense IRC channel last night, someone was having problems with the 512 MB images in
http://updates.pfsens... - 03:07 PM Revision 5a158a29: Fix track6 prefix id range check, reported by jimp
- 03:07 PM Revision eef5aeeb: Fix track6 prefix id range check, reported by jimp
- 11:25 AM Revision 8c46314c: Allow blank source port in diag_testport
- Reported by forum https://forum.pfsense.org/index.php?topic=86146.0
Also, if there are input validation errors, save ... - 11:24 AM Revision 9fd02f60: Merge pull request #1418 from phil-davis/patch-2
- 10:49 AM Revision a3c9510c: Allow blank source port in diag_testport
- Reported by forum https://forum.pfsense.org/index.php?topic=86146.0
Also, if there are input validation errors, save ... -
- Should be fixed by commit:5a158a29698405a1d3ee759dcbf9a95f9150e12e
-
08:52 AM Bug #3790 (Confirmed): Input validation is too strict for IPv6 Prefix ID for Track Interface
- Seems to break when WAN is set to a /64 delegation. Saving LAN with an ID of 0 is rejected, though it is valid.
-
- Applied in changeset commit:22c884d104498547356e6144b6a0c22300085b22.
-
08:06 AM
pfSense Packages
Bug #3729: Bacula-client Services not running
- Can confirm this still exists in 2.1.5.
-
- Merged
-
- Proposed fix https://github.com/pfsense/pfsense/pull/1418
-
- Leaving the source port blank results in a warning that the source port should either be valid or left blank.
Report... -
- [2.2-RC][root@pfs22amd64.home]/root: ldd /usr/local/bin/nsupdate
/usr/local/bin/nsupdate:
libreadline.so.6 => /usr... -
-
01:53 AM Bug #3886: (TurkishLanguage) After the firewall rule for example (lan rule) does not come "Apply Button"
- https://forum.pfsense.org/index.php?topic=78795.0
-
12:21 AM Bug #4095: Unbound config not regenrated on WAN-style interface acquiring IP address
- fixed
01/01/2015
-
09:15 PM pfSense Packages Bug #4078: NUT fails to start with USB
- This issue can be closed. It is addressed by 4118.
-
- should be accurate on 2.2, I don't recall for sure on 2.1.5.
-
05:06 AM Bug #1974: Captive Portal RADIUS accounting bytes wrong
- This problem seems to still exist on 2.1.5-RELEASE (amd64). The radius accounting logs say the amount of data used ov...
-
- fixed
-
- that's how things have to work. Traffic from clients in those circumstances should be hitting rules specifying gatewa...
-
- discussed here
https://forum.pfsense.org/index.php?topic=85059.0 -
- when u set a gateway monitoring IP, it results in all traffic going out of that gateway only, it would be better if o...
-
03:19 PM Feature #4171 (Resolved): Allow for one rule to apply to both ipv6 and ipv4 to allow all protocols.
- Spawned from a question posted to twitter by me:...
- 12:13 PM Revision 6317d31d: Fix lineup of copyright lines
- and module names and other bits of formatting and typos in header
comment sections. - 12:13 PM Revision d4b2cd35: Remove duplicate copyright
- Noticed these had the copyright twice
- 12:12 PM Revision 0e25a6b9: Merge pull request #1416 from phil-davis/Copyright-format
- 12:12 PM Revision 183c08d1: Merge pull request #1415 from phil-davis/copyright-dup
- 09:26 AM Revision ce77a9c4: Fix lineup of copyright lines
- and module names and other bits of formatting and typos in header
comment sections. -
- FYI, i did send a new pull request https://github.com/pfsense/pfsense/pull/1403 as the other one was closed.
- 03:10 AM Revision 7f696ba0: Remove duplicate copyright
- Noticed these had the copyright twice
12/31/2014
- 10:18 PM Revision 1d709219: Use binat, not nat, where IPsec NAT is configured with an address for local and NAT. Ticket #4169
- 10:17 PM Revision d6726bcb: Use binat, not nat, where IPsec NAT is configured with an address for local and NAT. Ticket #4169
- 06:22 PM Revision d961e7e3: Welcome 2015
- 06:22 PM Revision ed2d1343: Welcome 2015
- 05:24 PM Revision 2d793d01: Do not monitor a gateway that has not got DHCP yet
- When an interface is waiting to get DHCP, but the cable is physically-electrically connected to the upstream device, ...
-
- looks to be fixed, leaving for further testing
-
- Where the NAT on a P2 is from an address to an address, the NAT rule is wrongly added as "nat" rather than "binat".
... -
- thanks Phil. Yeah v6 goes through the same thing, it worked fine as well.
-
- Note: I have only tested with IPv4. But I presume the same problem, test case and resolution should work for IPv6 in ...
-
- Tested by:
Test system with WAN connected to a local LAN through a switch, switch uplinked to a production pfSense t... - 02:54 PM Revision 16a0f334: Add config upgrade code to make sure iketype is set, bump config version to 11.4. It fixes #4163
- 02:54 PM Revision 368d4910: Add config upgrade code to make sure iketype is set, bump config version to 11.4. It fixes #4163
- 02:27 PM Revision c95bb533: libreadline.so.6 is not supposed to be obsoleted, fixes #4159
- 02:26 PM Revision 7cb2ebe7: libreadline.so.6 is not supposed to be obsoleted, fixes #4159
-
- Target version set back to 2.2.
The issue is that it's slow.
I made an assignment yesterday. I'm restoring it ... -
- 2.2 doesn't run out of memory doing this, so the problem as it existed in earlier versions is gone (probably with the...
-
- Got annoyed about my DynDNS status attached to a gateway group showing the IP address in red, and realised it was a d...
-
09:09 AM pfSense Packages Bug #4168: bandwithd result pages are public accessible
- Well, in that case you should at least put a big fat warning on the docs. I am new to pfSense and when I add a module...
-
- That is a known issue with all add-on packages which include their own web interfaces. Unless they have their own pro...
-
- The result pages produced by bandwithd can be accessed without a login when knowing the url (which does not contain a...
-
- Applied in changeset commit:16a0f33446b3fffc6783803fad56f3b71eceb78c.
-
- Applied in changeset commit:368d491073eecbb3ff89e016c4308ca5bad86860.
-
- Applied in changeset commit:c95bb5333cc5dfdc23fc1999ba9ac4935190eea5.
-
- Applied in changeset commit:7cb2ebe7550ca328661ec12f380d4dc43b71dd30.
- 08:02 AM Revision 3cf56fb0: Allow IPv6 on loopback even where IPv6 is otherwise disabled. The intent of that feature is to prevent IPv6 from communicating on the network. Blocking it on localhost can result in issues and is unnecessary. Ticket #4074
- 08:00 AM Revision 4270d983: Allow IPv6 on loopback even where IPv6 is otherwise disabled. The intent of that feature is to prevent IPv6 from communicating on the network. Blocking it on localhost can result in issues and is unnecessary. Ticket #4074
- 05:14 AM Revision 36dbc3ae: Reload Unbound after IP changes, to fix issues noted in Ticket #4095. Do so before Dynamic DNS updates occur to ensure the host has functioning DNS.
- 05:10 AM Revision 1c84a5f1: Reload Unbound after IP changes, to fix issues noted in Ticket #4095. Do so before Dynamic DNS updates occur to ensure the host has functioning DNS.
-
03:53 AM Bug #2882: 6RD not working in latest snapshots
- I've been trying to get this working for a week now with no success. I have the latest (as of tonight) snapshot inst...
-
03:29 AM pfSense Packages Bug #4167 (Resolved): Lightsquid package does not remove crontab entries
- When removing the Lightsquid package, it did not remove the crontab entries, removing the package should not do this?...
- 02:43 AM Revision 1142d9a0: IPsec Widget allow for old settings that have no iketype
- as mentioned in https://forum.pfsense.org/index.php?topic=84527.msg471919#msg471919
This change makes it work like si... - 02:42 AM Revision 7b43825e: Merge pull request #1412 from phil-davis/patch-2
-
- there is a test case for this on 22vpntest. The tap interfaces are missing "UP" in flags. ...
- 02:40 AM Revision 6e26b9c5: Allow for old settings that have no iketype
- This bit of code looks like it could do with the same test as https://github.com/pfsense/pfsense/pull/1412
This is ex... - 02:40 AM Revision 55dec416: Merge pull request #1413 from phil-davis/patch-3
-
- to me for review
- 02:12 AM Revision c8c4520a: Only set route-to and reply-to on ESP and ISAKMP rules if the remote endpoint is not within the parent interface's subnet. Ticket #4157
- 02:11 AM Revision a7f2eea8: Only set route-to and reply-to on ESP and ISAKMP rules if the remote endpoint is not within the parent interface's subnet. Ticket #4157
-
- not something we'll be able to get fixed in 2.2. needs testing and reporting upstream, not something I can make a pri...
-
- As a general fix for the issue of blocking v6 to loopback, I went ahead and committed a change to pass v6 on loopback...
-
- This seems to be limited impact. 32 bit is minority, and it's an unusual circumstance. I can't seem to replicate it e...
-
- SSLv3 was disabled already in 2.2, I disabled the RC4 options a bit later in 2.2.
-
- confirmed on a handful more systems with a variety of configs, a good mix of ones that need the route-to/reply-to and...
-
- When you have FQDNs in aliases, and the system clock jumps significantly (talking years), it creates a flood of DNS r...
-
12:24 AM Feature #4165 (Rejected): Allow for security zones when defining interfaces and firewall rules.
- I have experience using CheckPoint and PaloAlto appliances with "zone" features. This allows you to group networks\in...
12/30/2014
-
11:22 PM Revision 430f8380: Check for fqdn peerid/myids and prepend @ so strongswan does not try to be smart. Also use %any for myid instead of risking of putting the wrong value in the secrets file for traffic selector
-
11:21 PM Revision f3106b3f: Check for fqdn peerid/myids and prepend @ so strongswan does not try to be smart. Also use %any for myid instead of risking of putting the wrong value in the secrets file for traffic selector
-
-
- 11:14 PM Revision 68f0da59: ipsec_smp_dump_status get out of loop if error
- when reading response from socket.
Otherwise it would be in a loop and end up like: https://forum.pfsense.org/index.p... -
-
- I just committed what should be a solution for this. Phil and Bipin if you could please verify on 31st snapshot (or g...
-
-
-
-
-
- 09:12 PM Revision 3b2c83b8: initial commit of new firewall_rules
- css - add styling for tr.disabled
firewall_rules - migrated to bootstrap
guiconfig - changed alias-popup to be displa... -
- yeah seeing that now, the proper v4 IP is put into the config for ID, but the "right" ipsec.conf entry has the hostna...
-
02:38 AM Bug #4147: IPsec - IPv4 Phase 1 using FQDN resolves to IPv6 IP
- Did not even look at the configs... Go to Phase 1 - put a dual-stack FQDN there. Go to Status - IPsec, select the ent...
-
- where? Not seeing that. I have the same circumstance setup and everything in /var/etc/ipsec/ has the v4 IP, everythin...
-
- should be fixed, leaving for further verification
-
- stilez has an ICLA on file now so we can merge that. It looks fine to me, to Ermal for review.
-
- this works. the only issue introduced by this that I've found is the status widget issue in #4164
-
- fixed
-
- Applied in changeset commit:7f69cbe7d442650671fe29a2d4804fbd77bc9855.
-
- Applied in changeset commit:c86c2b8b7d7e3eedbc68d3ed67ed5a7e88052086.
-
- "ipsec statusall" reports connections with multiple P2s as being a single connection, which breaks the active/inactiv...
-
- Upgraded configs don't have <iketype> added, which leaves some things non-functional until editing and saving the P1s...
- 05:39 PM Revision 43531ed7: Allow for old settings that have no iketype
- This bit of code looks like it could do with the same test as https://github.com/pfsense/pfsense/pull/1412
This is ex... - 05:34 PM Revision d2cc92ec: Merge branch 'master' into bootstrap
- 04:35 PM Revision 86b429b3: IPsec Widget allow for old settings that have no iketype
- as mentioned in https://forum.pfsense.org/index.php?topic=84527.msg471919#msg471919
This change makes it work like si... - 03:58 PM Revision d50b4c30: implemented tabs
- interfaces.widget - no need to display associated state, the second icon
does that already
gui.css - no longe... -
- thanks, fixed
-
- Merged
-
- Fixed that spelling and other inconsistencies I noticed in the priv list test.
https://github.com/pfsense/pfsense/pu... -
02:38 AM Bug #4161 (Resolved): Misspelling in privilege "WebCfg - Services - Captiveprotal Zones page"
- Hello,
I am running pfSense 2.1.5-RELEASE (i386) .
ISSUE:
- The privilege "WebCfg - Services - Captiveprotal Z... - 12:55 PM Revision 6617b9bf: ipsec_smp_dump_status get out of loop if error
- when reading response from socket.
Otherwise it would be in a loop and end up like: https://forum.pfsense.org/index.p... - 11:47 AM Revision 13c6375b: Captive portal spelling
- 11:47 AM Revision ef0d25b3: Standardise text in priv list
- 11:47 AM Revision 565dcf3c: Merge pull request #1410 from phil-davis/patch-1
- 11:35 AM Revision e0273f44: Captive portal spelling
- 11:32 AM Revision 9006a538: Standardise text in priv list
-
08:45 AM Bug #4150: Captive Portal doesn't work with > 120 VLAN interfaces
- ICLA submitted. Thanks guys! Making me love pfsense more and more each day
-
- thanks, let's not break anything worse than it already is there, will push to 2.2.1
-
- Updated the pull request, though its not correct as implemented even as a workaround.
-
- Thanks!
Ethan: we'll need an ICLA from you to accept that.
To Ermal for review of pull request. -
- spent a lot of time confirming a variety of scenarios here. this as a whole is definitely working fine, in a wide ran...
-
- that's legitimately wrong syntax Bipin, not related to this, see forum.
-
- as soon as i enter the below line in advanced config box and hit save and apply, dns resolver stops working and wont ...
-
- fixed
-
- doesn't seem to be every WAN reconnection, I can't replicate it at will. I only see one instance of it happening in m...
-
- this doesn't seem to be as bad as it used to be, will revisit.
-
- still not seeing any way that sleep can hold up anything. Do you have specific steps to replicate?
-
- fixed
-
- fixed
-
- confirmed, fixed
-
- The first attempt to send a guest shutdown results in: ...
12/29/2014
-
- ...
-
- I just upgraded a test nanoBSD system with "Password protect the console menu" set. The setting was correctly impleme...
- 07:14 PM Revision 1180e4f0: started migration to bootstrap
- * migrated /index and most widgets on it
* migrated /system.php using new form-layout
* removed /themes and /javascri... -
- Since the switch to strongswan, any PSKs containing " do not work, it seems strongswan terminates the PSK right befor...
-
- Where your IPsec remote endpoint is on the same subnet as the local IP where it's bound, the "pass out" rules for ISA...
-
- Addressed here: https://github.com/pfsense/pfsense/pull/1409
-
- Ok, I did a little digging and I found out what's happening. IPFW isn't inserting all of the necessary CP rules becau...
-
- Thanks guys. So it looks like the exact number is 117 VLANS, but when I add any more, the captive portal starts letti...
-
- Any chance we could get the exact config.xml section that exhibited the problem?
-
- This was a 2.1.3 install into a VM, upgrade to 2.1.5, then upgraded to 2.2-RC (and again to the 12/24 snapshot). Ther...
- 02:48 PM Revision 55f910a3: Simplify cron array comparison
- This works fine - I had not thought about how arrays are compared. Using "==" checks that the key/value pairs match i...
- 02:48 PM Revision 71bd5ec1: Minimise config updates when checking cron jobs
- 02:47 PM Revision 16d2c13a: Merge pull request #1407 from phil-davis/patch-1
- 02:31 PM Revision aff83787: Simplify cron array comparison
- This works fine - I had not thought about how arrays are compared. Using "==" checks that the key/value pairs match i...
- 01:40 PM Revision 91145658: Backout pull request #1391
- https://forum.pfsense.org/index.php?topic=85944.0
Backout pull request #13191 - 01:40 PM Revision d9feefb1: Merge pull request #1408 from ExolonDX/master
-
- OpenNTPD had its own share of crashes and other bad behavior (See #2423 for one major example). The only thing it han...
-
- Chris Buechler wrote:
> Why people think it's better I don't know
Probably because it does not try to bind to unw... -
- openntpd is a buggy mess, we've been there, done that, and got rid of it for many reasons. Why people think it's bett...
- 11:51 AM Revision 40930f75: Backout pull request #1391
- https://forum.pfsense.org/index.php?topic=85944.0
Backout pull request #13191 -
- Pull request has been merged
-
- Pull request has been merged
- 06:53 AM Revision 994a0644: Minimise config updates when checking cron jobs
-
- That is likely a hardware-related lockup for which the OS can do nothing better. A true RAID adapter may handle that ...
-
- What pfSense version? 2.1.5? 2.2-RC?
-
12:52 AM Bug #4156 (Rejected): Raid Gmirror not failing graceully
- 1 Hard drive fails
System locks up (console unable to input on keyboard, no network traffic can't ping access web ...
12/28/2014
- 06:45 PM Revision 8f6875de: Fix unbound shortcut links
- Fixes redmine #4151
1) Make the naming in shortcuts.inc more clear - forwarder=dnsmasq
resolver=unbound
2) Make the v... -
- 10:51 AM Revision db88a3a2: Fix unbound shortcut links
- Fixes redmine #4151
1) Make the naming in shortcuts.inc more clear - forwarder=dnsmasq
resolver=unbound
2) Make the v... -
- Phillip Davis wrote:
> It happens after some WAN event that has potential IP change, and the OpenVPN clients are res... -
- It happens after some WAN event that has potential IP change, and the OpenVPN clients are restarted. About 20 seconds...
-
- i have a stable internet connection on the alix and i just noticed the same behaviour
-
- Phillip Davis wrote:
> The 2 APUs I have do not have any ntpd exited messages. That could be because the 64-bit ntpd... -
- My Alix boxes do it also. Here is an example:
@$ clog /var/log/system.log | grep signal
Dec 24 13:16:36 skt-rt-01 k... -
- Seeing this on tons of Alix boxes. (Frankly had to install Service Watchdog package to keep ntpd running, it crashes ...
-
- Same changes now in https://github.com/pfsense/pfsense/pull/1405
That pull request is a single commit - easier to ma... -
- Same changes now in https://github.com/pfsense/pfsense/pull/1405
That pull request is a single commit - easier to ma... -
01:44 AM Bug #4146: OpenVPN tap interfaces are down after boot
- Same issue for openvpn tap clients! everything is UP and RUNNING but iface is DOWN.
12/27/2014
-
-
- And more things I noticed - the Unbound Advanced and ACLs tabs do not display the shortcuts at all. The Resolver logs...
-
-
- Same set of fixes for this one also
https://github.com/pfsense/pfsense/pull/1404 -
- will need more details, likely this isn't 2.2-specific if there is any actual problem here.
-
- There really is nothing to prevent this from working.
Though i am sure you would get better solution for this if you... -
- duplicate of #1957
-
- Browser: IE11;
Removing shaper:
1. Configure shaper via "Dedicated Links" wizard;
2. Go to "By interface" tab an... -
- FYI- This was the same on pfSense 2.1. It doesn't send out IPv6 RADIUS requests either. So at least it's not a regres...
-
- Ermal Luçi wrote:
> Hence the issue, i think this should be pushed post 2.2 to really be fixed.
Well, whatever is... -
- libradius is v4 only for now.
Hence the issue, i think this should be pushed post 2.2 to really be fixed. -
- Yep, it just seems to vanish somewhere. :) I deleted the client on the Windows server, and nothing logged. normally, ...
-
- Just tried this and I'm seeing the same thing against FreeRADIUS2. The IPv6 RADIUS request never leaves the client ho...
-
- Following https://doc.pfsense.org/index.php/OpenVPN_with_RADIUS_via_Active_Directory - this does not work if the RADI...
-
-
- Works, thanks.
-
- This will really be fixed when the carp interface link is made a strong one rather than the weak one that is today.
... -
- Chris has put a little different - Vick's example does not have the double-quotes on the last 2 lines.
In any case, ... -
08:14 AM
Bug #4149: Register DHCP leases in DNS forwarder broken
- Well, I'm sure it's an issue in 2.1.5, as I am observing it. I haven't tested 2.2 (as far as I can tell 2.1.5 is the ...
-
- All instances are tap.
12/26/2014
- 10:50 PM Revision e63734ff: clarify message here after customer feedback, it wasn't meant to imply "only a reboot will re-enable" but that's how some people have read it.
- 10:49 PM Revision cccee755: clarify message here after customer feedback, it wasn't meant to imply "only a reboot will re-enable" but that's how some people have read it.
-
06:51 PM Bug #4152 (Resolved): Main page for this section link in services_unbound_domainoverride_edit.php is linked to services_dnsmasq.php
- Services: DNS Resolver: Edit Domain Override (services_unbound_domainoverride_edit.php)
Main page for this section... -
- Services: DNS Resolver: Edit host (services_unbound_host_edit.php)
Main page for this section [+] link at the top ... -
- Captive portal is not authenticating users (just letting everyone on) when a zone is attached to more than 120 VLAN i...
-
- thanks for the feedback. I'm not 100% confident yet, will leave this open til early next week while I'm doing further...
-
- All good here, finally ;)
-
- It seems all the problem circumstances here are fine now. A spot check of a handful of test systems where several iss...
-
- Phillip Davis wrote:
> The description went missing in https://github.com/pfsense/pfsense/commit/bd0bb466f073c50a443... -
- The description went missing in https://github.com/pfsense/pfsense/commit/bd0bb466f073c50a443c09096e89acf0abf8fdaa
I... -
- not sure if that's an issue in 2.1.5 (maybe in some edge case, but there would be much more of an uproar than 2 peopl...
-
04:57 PM
Bug #4149 (Rejected): Register DHCP leases in DNS forwarder broken
- On 2.1.5, the DHCP registration option in DNS Forwarding is broken. When a new machine is granted a DHCP lease, the f...
-
- It appears it's more than just after boot, tap interfaces seem to always end up missing "UP". Will attempt to further...
-
- corrected specific issue
-
- updated subject to actual issue
-
- fixed
-
- fixed
-
- confirmed current status as Jim described. Temporary is fine. Maintenance mode gets stuck at advskew 254 only on inte...
-
- Thanks for diagnosis PiBa. #4148 has root cause
-
- There is a pull request to fix this:
https://github.com/pfsense/pfsense/pull/958
#4141 shows one instance where ... -
- fixed
-
- I can paste in exactly what you have above: ...
-
- it's crashing in run and we include 100% stock run(4) and don't patch anything related to wifi, there is more of a di...
-
- doing something to ensure browsers don't excessively cache js and css is something we've discussed internally, but ha...
-
- To fix various widget behavior, I keep making minor changes to the way some of the backround update data is passed ar...
-
- 03:13 PM Revision 02e4ee54: Update /etc/ttys from new partition when upgrading nanobsd, and in this case do not call reload_ttys(). It should fix #4140
- 03:13 PM Revision e68b7be0: Remove unused variable
- 03:00 PM Revision c07cd2ce: Update /etc/ttys from new partition when upgrading nanobsd, and in this case do not call reload_ttys(). It should fix #4140
- 02:57 PM Revision da4f9b60: Remove unused variable
-
- fixed
-
- Applied in changeset commit:4469379c20d22b6c80bb7c47219e2fa2895c89a1.
-
- Applied in changeset commit:f29fd4d08d910d6a10e294c555c052ae6a69c2b4.
- 02:21 PM Revision ef6f553d: Move this check before full sync to disable dnsmasq/unbound in the first time it's sync'd
- 02:21 PM Revision 4469379c: Add dnsmasq and unbound config sections to full sync, it fixes #4076 that is caused because boolean config fields are not disabled on secondary
- 02:21 PM Revision d0bf02bd: Move this check before full sync to disable dnsmasq/unbound in the first time it's sync'd
- 02:20 PM Revision f29fd4d0: Add dnsmasq and unbound config sections to full sync, it fixes #4076 that is caused because boolean config fields are not disabled on secondary
-
- all seems fine here
-
- there have always been some circumstances with some packages where that happens. additional comment on the pull reque...
-
- fixed
-
- fixed
-
- Not having this install_package called from the new updated file could cause some packages to 'break', because of bei...
-
-
- Applied in changeset commit:05a05c59ca10b62bdba34178e25e28fa55be12fc.
-
- Duplicate of #3358
- 10:21 AM Revision ddfe3e05: Display tunnel description on IPsec widget
- There was not even code to attempt to display the description.
Also, when I first created a phase1 and there were no ... - 10:19 AM Revision 46df4e88: Merge pull request #1402 from phil-davis/patch-1
-
- When you define an IPv4 tunnel using FQDN as Remote gateway, this resolves to AAAA record (if any) and subsequently o...
-
- Applied in changeset commit:02e4ee541ba8af0992c6cd3acd468d731369b287.
-
- Applied in changeset commit:c07cd2ce79f56c96c886db818cb36651b5a334be.
- 08:03 AM Revision 5525974b: Display tunnel description on IPsec widget
- There was not even code to attempt to display the description.
Also, when I first created a phase1 and there were no ...
12/25/2014
-
- Tested, works ok for my tunnels. Thanks.
-
- Sorry, this is not a widget issue. Another browser caching problem in action. Guys, would it be possible to produce a...
-
- After the latest batch of patches, as soon as CPU usage bar stops refreshing, the interface details (speed, duplex, m...
-
- Setup:
1. Latest snapshot
2. 2 ovpn servers on parent WAN (PPPoE);
3. 1 ovpn server on LAN;
After reboot:
1. A... -
- Still missing the description here...
!http://i57.tinypic.com/1q60oz.png!
-
- Even GUI says "use CTRL+click to select/unselect." you cant do that because a combobox is used instead of listbox so ...
12/24/2014
-
- After firmware upgrade it keeps saying "Packages are currently being reinstalled in the background." for no apparent ...
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- certificatemanager, certificates that are in use can be deleted
When a certificate is in use by a OpenVPN server i... -
- When gen_subnet is fixed (for example by pulling [https://github.com/pfsense/pfsense/pull/958] ), ip_in_subnet(11.22...
-
- Ok found the cause of the issue.
I have a ipv6 carp-ip "abcd::1234/64" defined on my wan interface. (its a test box.... -
- Seems then that interface is wrongly added to the ipfw context....
-
- Can you show me an ipfw zone list when this happens?
-
-
- Fix confirmed. Many thanks!
-
- Thanks, works now. Merry Christmas! :-)
-
- Applied in changeset commit:63881e2114fc597d2f940d630d902c4801b6b9e0.
-
- Keepalive Xmas ping. ;) This is incredibly annoying on snapshot upgrades, causing *very* slow boot. https://forum.pfs...
-
- Applied in changeset commit:b9276845369b186dd1226a20b7402b2e61b31faf.
-
- Applied in changeset commit:553803f445185da2ac08baa7c034fada8032c3bd.
-
-
- Applied in changeset commit:046d253a34d74c794d7ed44b241c79a01fe86b20.
-
- Applied in changeset commit:35d17581b1bd21dfc325c2a59174bd3beb416a27.
-
- Fixed.
-
- Normally an ipsec stroke leases creates an empty file with only main leases tag inside!
-
- Fixed on latest code.
-
- Widgets works properly now for all states.
- 11:19 AM Revision fad42a3d: Remove option that has now been merged into infra-host-ttl.
- 11:19 AM Revision 43067abc: Merge pull request #1395 from wagonza/RELENG_2_2
-
- I'm using the 20141224-0520 upgrade image.
-
- No, this did not fix the problem.
I did some experimentation and discovered that if I enter the above configuratio... -
09:03 AM Bug #4117: Using run(4) USB WLAN in hostap mode crashes in FreeBSD 10.x
- I am not able to reproduce this crash on FreeBSD 10.1.
Using the FreeBSD kernel on the pfSense installation works ...
12/23/2014
-
- captive-portal on opt1 interface affects traffic going through other interfaces.
ive got a pfSense box with 3 inte... -
-
-
- please replicate on stock FreeBSD 10.1 and report upstream, that's a driver issue outside of our control.
-
- setup_serial_port() is called by /tmp/post_upgrade_command.php and should reconfigure serial port before reboot the n...
-
- pull request merged. seems fine, leaving for now for further testing.
- 12:49 PM Revision 283dd1d7: Reboot not required for password protect console menu
- On my systems I can toggle and save "Password protect the console menu" back and forth and the console switches back ...
- 12:49 PM Revision 242e6ba2: Merge pull request #1401 from phil-davis/patch-1
-
- + description missing on the tunnels tab
- 11:09 AM Revision 0bc7947e: Handle firewall log widget display formats
- the same way for the initial display and for updated rows done by Java Script. Now we receive the source IP and port,...
- 11:09 AM Revision 7d182021: Interfaces widget remove blank line if no IPv4 address
- If the interface had an IPv6 address but no IPv4 address, there was a blank line where the IPv4 address would have be...
- 11:09 AM Revision d4b3c264: Interfaces widget create all div
- All div for the various things need to be created here, so that later AJAX can switch the necessary things on/off and...
- 11:08 AM Revision 490810ed: Remove "link", "vlink" and "alink" from BODY tag
- This is a positional change to remove "link", "vlink" and "alink" from
the BODY tag, the following themes do not have... - 11:07 AM Revision 89914d8c: Put line break only if IPv4 address exists
- This makes a line for the IPv4 address if it is there. If the IPv4 address goes away, the whole line will disappear, ...
- 11:07 AM Revision 085d6889: Set Interfaces widget IPv6 address
- Now that get_interfacestatus() is returning us the IPv6 address, and interfaces.widget.php has a div to put it in, ac...
- 11:07 AM Revision 42647435: Lastsawtime has moved further along
- srcport, dstport and version are now explicitly passed as fields here, so lastsawtime is 3 fields further out.
- 11:06 AM Revision 5b370150: Display better message when booting and awaiting package reinstall
- 11:06 AM Revision 25d3c68f: Display better message when booting and awaiting package reinstall
- 11:04 AM Revision b79c23ae: Send IPv4 and IPv6 address in get_interfacestatus
- And make them strong (bold), which is how they are displayed originally by interfaces.widget.php
This allows the AJAX... - 11:04 AM Revision dad58d7f: Display better message when booting and awaiting package reinstall
- 11:03 AM Revision 4e220eea: Standardise dynamic firewall log view
- to be like Firewall Log widget:
1) Display IPv6 address and port in [a:b::c]:123 format
2) Fix same issue with rows g... - 11:03 AM Revision 8b3d14bc: Allow dot at end of FQDN for a host
- Redmine #4124 has discussion of this.
- 11:02 AM Revision 71ddc9ef: Pass src dst IP port through to firewall log
- and IP version. So that the receiving code can easily have each pat of the IP addresses and ports, and display them a...
-
- Ermal confirmed this looks fine.
- 03:56 AM Revision f244dca8: Reboot not required for password protect console menu
- On my systems I can toggle and save "Password protect the console menu" back and forth and the console switches back ...
12/22/2014
- 11:49 PM Revision 6422c6f1: Merge pull request #1394 from phil-davis/patch-13
- 11:45 PM Revision dc83dd4c: Merge pull request #1393 from phil-davis/patch-12
- 11:41 PM Revision f2087b77: Merge pull request #1397 from phil-davis/patch-15
- 11:39 PM Revision b5d827f6: Merge pull request #1400 from phil-davis/patch-17
- 11:36 PM Revision 0000cdf7: Prevent resolvconf(8) from stomping all over our newly generated
- resolv.conf and subsequent updates.
- 11:32 PM Revision 07499022: Merge pull request #1398 from wagonza/patch-2
-
- setup_serial_port() does a bunch of other things related to loader.conf stuff also, so there might be other side-effe...
-
- 1) Select "Password protect the console menu" from System->Advanced, Admin and press Save. The console now prompts fo...
-
- Yeah, confirmed it seems to happen that way on all IKEv1.
Both v1 and v2 have the description disappear when it's... -
- Yes, IKEv1. Tried IKEv2 and the description is flaky as well as you describe.
-
- also here: https://forum.pfsense.org/index.php?topic=85752.0
-
- are those IKEv1 connections? Seems to be limited to IKEv1 for the problem as described.
With IKEv2 there is a simil... -
- This is broken even with commit 17ad9cb8 applied.
-
- Warren's pull request from earlier should fix this, to me for testing.
-
- multiple issues there, covered in #4139
-
- As per subject. This is on a fully gitsynced box with Dec 22 10:10:37 CST 2014 snapshot.
-
-
- Multiple issues since changes earlier today.
1) "Warning: Invalid argument supplied for foreach() in /usr/local/w... - 05:07 PM Revision 792dbafd: Add config upgrade code to validate changes made on c2fe67eb and d269747b. It fixes #4134
- 05:06 PM Revision ccf30846: Add config upgrade code to validate changes made on c2fe67eb and d269747b. It fixes #4134
- 04:54 PM Revision 1df8a7b2: Add missing $ as spotted by Kill Bill, ticket #4132
- 04:54 PM Revision cfec8558: Add missing $ as spotted by Kill Bill, ticket #4132
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- This is a change that needs to be done globally, replace this ticket to a more general description to keep track of i...
-
- We tried using OpenNTPD. It was buggy and lacked features we needed. Not likely to switch back and regress.
There ... -
12:34 PM Feature #4136 (Rejected): Change the default ntp client/server to OpenNTPD
- During the last years, a lot of security bugs have been found in the NTP code. My proposal is to change the default N...
- 12:12 PM Revision 22a7fef8: Fix string, we want to print variable name here and not its value. Fixes #4132
- 12:12 PM Revision 7fd7c5a5: Fix string, we want to print variable name here and not its value. Fixes #4132
-
- Cool. Thanks!!
-
- All good now :)
-
- Good catch, thanks!
-
- Thanks, though this is still incosistent - $PORTAL_ACTION/$PORTAL_REDIRURL vs. $PORTAL_ACTION$/$PORTAL_REDIRURL$ (not...
-
- Applied in changeset commit:22a7fef8b7ff2fc4f9c13b6a248912c1cf8e345b.
-
- Applied in changeset commit:7fd7c5a5454b8b59467016b62333818e585f9187.
-
- Applied in changeset commit:792dbafd7b83e40e5bb9383294e2abb2b2ad083c.
-
- Applied in changeset commit:ccf30846e7b7651da65ab0b5f44e77c70ba8c0d9.
-
-
-
-
- Changes have been committed to generate single connections for each phase2 and confirmed by https://forum.pfsense.org...
-
- package update code does not run new update code from +packagename+.inc file when upgrading a package.
For example... -
- Target to 2.2.1 for future review, 2.2 is now in RC state
-
- Applied in changeset commit:b57ea0b75a722f86ba01f72393950ac49610b9b2.
-
- Applied in changeset commit:1eff6ee0a2b98b4e571e7cb4dd6fc285605f6307.
-
- Applied in changeset commit:ce90c89a308f6d3ceaf9193a570eb10911903f87.
12/21/2014
- 04:05 PM Revision acfef9f5: Standardise dynamic firewall log view
- to be like Firewall Log widget:
1) Display IPv6 address and port in [a:b::c]:123 format
2) Fix same issue with rows g... - 12:03 PM Revision c120bd8d: Handle firewall log widget display formats
- the same way for the initial display and for updated rows done by Java Script. Now we receive the source IP and port,...
- 11:49 AM Revision 319e126e: Lastsawtime has moved further along
- srcport, dstport and version are now explicitly passed as fields here, so lastsawtime is 3 fields further out.
- 11:45 AM Revision 1a9b610a: Pass src dst IP port through to firewall log
- and IP version. So that the receiving code can easily have each pat of the IP addresses and ports, and display them a...
12/20/2014
- 08:13 PM Revision 30501526: Prevent resolvconf(8) from stomping all over our newly generated
- resolv.conf and subsequent updates.
- 06:12 PM Revision fe416714: Put line break only if IPv4 address exists
- This makes a line for the IPv4 address if it is there. If the IPv4 address goes away, the whole line will disappear, ...
- 06:05 PM Revision 7a0c88f8: Interfaces widget remove blank line if no IPv4 address
- If the interface had an IPv6 address but no IPv4 address, there was a blank line where the IPv4 address would have be...
-
- In my test above i created complete separate conn sections in the config file, it seems possible to not repeat all in...
-
- I've been checking this a bit more, and did see that with the current way it does work properly for a tunnel that use...
- 05:16 PM Revision 6e795218: Set Interfaces widget IPv6 address
- Now that get_interfacestatus() is returning us the IPv6 address, and interfaces.widget.php has a div to put it in, ac...
- 05:12 PM Revision d7884992: Send IPv4 and IPv6 address in get_interfacestatus
- And make them strong (bold), which is how they are displayed originally by interfaces.widget.php
This allows the AJAX... - 05:08 PM Revision 2795f40b: Interfaces widget create all div
- All div for the various things need to be created here, so that later AJAX can switch the necessary things on/off and...
-
- 2.1.x config snippet:...
-
- Add support for optionally setting VLANs priority (PCP) through the GUI, saved as part of the xml configuration.
S... - 01:57 AM Revision 5b4ed0e1: Use correct port for viewing portal page contents. Ticket #4125
- 01:56 AM Revision 5a098344: Use correct port for viewing portal page contents. Ticket #4125
12/19/2014
-
- Make sure to include a form (POST to "") with a submit button (name="accept") and a hidden field with name="redirurl"...
-
-
-
- Thanks for the feedback. I confirmed on another system as well.
-
- Works for me ;)
-
- should be fixed, leaving for further testing.
-
-
-
-
-
-
- Captive portal RADIUS accounting sends only 0 for Acct-Input and Output Packets, Octets, and Gigawords.
- 06:43 PM Revision 83aaa431: Remove option that has now been merged into infra-host-ttl.
-
-
-
-
- To add a little info/reference here from report: #4112, with StrongSwan i was able to make it work in my situation by...
-
- probably the best next step, after discussion with Jim T earlier, is to try ipsec-tools on 2.2 and see if the issue p...
-
- Where you have multiple P2s on a P1, only the first is actually used. The SPD and SAD are correct in setkey's output,...
-
- fixed
-
-
- Ah ok, please try to update to a more recent snapshot, it should be fixed now. Seems to be same issue of #4104
-
- works
-
- source of issue is #4129
-
- though if you enable unbound, then dnsmasq is unset on the secondary. Doesn't happen just by disabling dnsmasq, that ...
-
- confirmed as described
-
- fixed
-
- worked around this issue for the time being.
-
- fixed
-
- only thing I'm aware of that was broken by this was unbound, and that was worked around within unbound, so yeah pushi...
-
- there is no bug here, that's why.
-
02:00 PM pfSense Packages Bug #4087: Rule reload doesn't update FQDN entries in pf tables
- If you say so. Usually finding a workaround to a bug while the bug is being fixed is part of dealing with the bug.
-
- this isn't a place for such discussions, please post to the forum or list.
-
- Confirmed it here. Adding the IPsec widget it starts logging it in the main system log. It may only happen when there...
-
- Yes, removing that widget works. (Was kinda planning on removing that for now anyway, seems in quite a messy state wi...
-
- If you turn off the IPsec widget, does the error stop?
Do you have mobile IPsec enabled?
It's the only thing I ca... -
- ...
-
- And which dashboard widgets are enabled?
-
- Phillip Davis wrote:
> Sounds like a problem in your /cf/conf/config.xml
> That should start with:
> <?xml version... -
- I do not see that on my 2.2 boxes.
Sounds like a problem in your /cf/conf/config.xml
That should start with:
<?x... -
- Whenever I go to the index.php page, it produces the a system log entry like this:...
-
- Diff works. ;)
-
- Here's the diff if anyone wants it:...
-
-
-
- 12:22 AM Revision 19ddaa31: include $myid in these PSK lines. Ticket #4126
- 12:19 AM Revision 42a10991: include $myid in these PSK lines. Ticket #4126
12/18/2014
-
11:29 PM Feature #4128 (New): Email notification webgui configuration
- Please consider implementing in the webgui a tab to configure what type of email we want to be send by services.
A... -
- If you have values entered for CP's per-user bandwidth restriction in 2.2, but don't have the box checked to enable i...
-
- what I committed makes it work the same as it does on 2.1.5. To Ermal for review, to verify that's correct.
-
- PSKs from the user manager and vpn_ipsec_keys.php are written to ipsec.secrets without a leading $myid, which makes t...
- 06:13 PM Revision bd1a6267: Simplify logic using a proper function as spotted by Ermal
- 06:13 PM Revision 019c7b2d: Simplify logic using a proper function as spotted by Ermal
-
- With a short test this seems to be fixed now, thanks.
-
- Applied in changeset commit:02f65ece135c962b34548f2ec8ed9ed38ba22211.
-
- Applied in changeset commit:da4f91a9207cc5b958adbca75415266700b4b8c6.
-
- Fixed. (Same issue like the more generic Bug #4090 I guess.)
-
- It links to http://fqdn:<zoneid>, e.g. http://pfsense.example.com:2
- 03:52 PM Revision 0fcab48b: Replace ; by newlines when upgrading custom_options from unbound packages, it's related to ticket #4090
- 03:51 PM Revision c23f4d8f: Replace ; by newlines when upgrading custom_options from unbound packages, it's related to ticket #4090
-
- I guess I was unclear. It was a vanilla 2.1.5 system I upgraded to 2.2-RC for testing.
-
- Vick Khera wrote:
> No, it was a vanilla 2.1.5 system in a vm. I use it for testing things, then revert the image to... -
- No, it was a vanilla 2.1.5 system in a vm. I use it for testing things, then revert the image to the base system with...
-
- Did you upgrade this system from 2.1.x with unbound package installed? The upgrade code had an issue, it was using ; ...
-
- Here it is. I also notice there is no config download option for unbound, just the dns forwarder. In any case, I cut ...
-
- I couldn't reproduce it, unbound.conf ended with lines exactly the same I added to textarea. Could you please share t...
-
-
- 11:54 AM Revision 1a2ea2cc: Display better message when booting and awaiting package reinstall
- 11:21 AM Revision 906ae455: Merge pull request #1391 from ExolonDX/master
- 10:03 AM Revision 02f65ece: Add openvpn interfaces to group when they are created, it should fix #4110
- 10:03 AM Revision afe81d69: Check if interface exist before try to add it to group
- 10:03 AM Revision da4f91a9: Add openvpn interfaces to group when they are created, it should fix #4110
- 10:02 AM Revision 67de15fc: Check if interface exist before try to add it to group
-
09:14 AM Feature #3633: OpenVPN client's "Client Certificate" should be optional
- RE: no cert vs no CA.
The cryptostorm.is service does supply a CA certificate which I imported to the pfSense cert ... -
- I tested the patch.
It does indeed work for the username only AND password only use case.
I pasted my key into th... - 07:17 AM Revision 5454fd1b: Allow dot at end of FQDN for a host
- Redmine #4124 has discussion of this.
-
- I made pull request https://github.com/pfsense/pfsense/pull/1394
That solution enables the validation of things like... -
- Yes, that is annoying for people who want/like/need to put the correct whole FQDN, including the root domain ".".
e.... - 04:24 AM Revision 2ccdd739: Display better message when booting and awaiting package reinstall
- 04:22 AM Revision 8aec06e0: Display better message when booting and awaiting package reinstall
-
-
- Works - I locked myself out from 1 IP address (after about 15 dodgy password entries). After the following hour bound...
-
- The other really useful feature would be to be able to disable entries in the alias list without having to remove the...
-
- +1
12/17/2014
-
- confirmed as described
-
- not true. I re-tested typical multi-WAN scenarios, then tested the less typical case described here where an OpenVPN ...
-
04:32 AM Bug #4121 (Rejected): Failover don´t switch back to Tier 1
- I Have two Gateway´s in a Group (Failover)
Tier1 = HideVPN Gateway OpenVPN with Monitoring IP
Tier2 = Normal WAN ... - 06:48 PM Revision 55092b0e: Bump latest_config version that I forgot on previous commit. Spotted by Jim Pingle
- 06:47 PM Revision a03551c2: Bump latest_config version that I forgot on previous commit. Spotted by Jim Pingle
-
- If not ideal since it only completely fixes the circumstance where you're binding to *:53, this is the best we can do...
- 06:25 PM Revision 264d17a5: syslogd can't just be HUPed to pick up its new config, as many of those
- are command line arguments. Go back to 2.1x and prior behavior of TERM and
restart. Fixes source IP use with syslog a... - 06:21 PM Revision f1905a3e: syslogd can't just be HUPed to pick up its new config, as many of those
- are command line arguments. Go back to 2.1x and prior behavior of TERM and
restart. Fixes source IP use with syslog a... - 06:17 PM Revision b0885c5a: Add a cron item to expire items from webConfiguratorlockout, also add config upgrade code. This fixes #4122
- 06:17 PM Revision 56c8376a: Add a cron item to expire items from webConfiguratorlockout, also add config upgrade code. This fixes #4122
- 05:27 PM Revision aafa7657: Check if interface is disabled when configuring DHCP server. It fixes #4119
- 05:27 PM Revision b2379012: Disable dhcp server when interface is disabled. Ticket #4119
- 05:27 PM Revision a030a437: Do not check disabled interfaces, ticket #4119
- 05:26 PM Revision 57006646: Check if interface is disabled when configuring DHCP server. It fixes #4119
- 05:25 PM Revision f4c40620: Disable dhcp server when interface is disabled. Ticket #4119
- 05:25 PM Revision e94692c0: Do not check disabled interfaces, ticket #4119
-
- Is there a way to sun a command that does an update immediately?
filterdns is run as
/usr/local/sbin/filterdns -p... -
- I would really like this feature too. When having aliases with 15 or 20 hosts etc. it is easier to maintain if they c...
-
- On page
https://pfsense/firewall_aliases_edit.php?id=xx
for alias type network(s) entering an FQDN with trailing pe... -
-
- Improve expiretable to support multiple tables and remove multiple calls from crontab
-
- Applied in changeset commit:b0885c5a7aa20801d78df77f5124eca766f34723.
-
- Applied in changeset commit:56c8376a9eabdc59e8f71535c0f3cd871cd776f1.
-
- The sshlockout_pf process adds IP addresses that fail too many GUI login attempts to the webConfiguratorlockout table...
-
-
- Applied in changeset commit:aafa7657399edf835a28c106c37ac71cc9b24335.
-
- Applied in changeset commit:570066460e88a63d186e8892930927e6e9825fc4.
-
- Original issue is also present
-
- The real issue here is DHCP server still starts after interface is disabled, even if you reboot the system service is...
-
- Guys, can you tell me how to stop logging this junk at least? This renders the system log absolutely useless with fir...
-
- I would push this on 2.2.1 since i am not yet able to evaluate if this is fixed what all is impacted.
-
- A couple of things to be done to improve pfSense passwd:
- Change hash from MD5 to SHA512 or blowfish
- Start to ...
12/16/2014
-
-
-
-
-
-
-
-
-
09:03 PM pfSense Packages Bug #4118: NUT fails to start in pfSense 2.2
- Thanks Denny: Confirmed to fix my copy.
[code]
#!/bin/sh
# This file was automatically generated
# by the pfSe... -
-
-
-
- 07:49 PM Revision c2e6e8e2: Remove "link", "vlink" and "alink" from BODY tag
- This is a positional change to remove "link", "vlink" and "alink" from
the BODY tag, the following themes do not have... -
-
- 07:13 PM Revision 24a87e44: Use provided function to change user's password
- 07:10 PM Revision c445a9f5: Use provided function to change user's password
-
-
-
- See also: ATM Machine, ISP Provider, DMZ Zone, LCD Display, GMT Time...
-
- See also: ATM Machine, ISP Provider, DMZ Zone, LCD Display, GMT Time...
-
- the subject here isn't what the problem really is, but there is some kind of interoperability issue with multiple P2s...
-
-
-
-
-
-
-
- The "temporary" button seems to behave OK in my test setup now but maintenance mode still does not appear to work pro...
-
- Applied in changeset commit:936e554bab69b0f6b1eb53cae807e3f2fafa3e73.
-
- Applied in changeset commit:dd0cb9fcf4428d8fdc0e6cd380ea2a5dff4e9114.
- 01:34 PM Revision 9d26addd: Make logic more visible as suggested by Ermal
- 01:33 PM Revision 136217fd: Make logic more visible as suggested by Ermal
- 01:28 PM Revision d4ea38c5: Tidy up "widgets" XHTML
- Add CDATA sections to scripts
Add ALT to image tags and close image tags
DIV tag cannot be inside a STRONG tag, so sw... - 01:28 PM Revision 04e722a6: Merge pull request #1388 from ExolonDX/master
- 12:22 PM Revision 936e554b: Cleanup aliases when temporarily disable CARP, fixes #4116
- 12:22 PM Revision 43157c8f: Teach interface_vip_bring_down() to deal with IP Alias over CARP
- 12:19 PM Revision dd0cb9fc: Cleanup aliases when temporarily disable CARP, fixes #4116
- 12:18 PM Revision 28268a4a: Teach interface_vip_bring_down() to deal with IP Alias over CARP
-
- DHCP Relay will print the usual error about DHCP being enabled even when DHCP is not active, if there is a disabled o...
-
- The question in the end is an enhancement, this ticket can be safely closed.
-
- Received this text in email today from dhcp-bugs@isc.org :
--------
Yes 4.3 added this functionality. There was a b...
12/15/2014
-
- So far, all that has been committed is a change to the ntpq command that gets the ntpd status, forcing it to use IPv4...
-
- I'm still seeing NTP IPv6 requests blocked on lo0 using the Sat Dec 13 13:26:22 amd64 build. Should this fix be prese...
-
-
-
- And in the end the committed pull request was: https://github.com/pfsense/pfsense/pull/1385
I will do a change to ad... -
- Merged, thanks!
-
-
-
- I've determined that the USB problem was due to leftover files from the NUT install under pfSense 2.1.5. After having...
-
- The start up script for NUT, /usr/local/etc/rc.d/nut.sh, needs to change the path used to invoke upsdrvctl.
In Fre... - 07:18 PM Revision 73041230: Add DNS Resolver to the list of services to be sync'd on HA, make sure it and DNS Forwarder are not enabled simultaneously. It fixes #4067
- 07:18 PM Revision d691465c: Fix password field name
- 07:18 PM Revision 03226d75: Use newline to separate unbound custom options during config upgrade, it should fix #4104
- 07:18 PM Revision 8f3b2775: Add a shortcut for unbound and enable it
- 07:18 PM Revision f6179f4c: Fix password field name to apply correct style
- 07:16 PM Revision c25caf5b: Add DNS Resolver to the list of services to be sync'd on HA, make sure it and DNS Forwarder are not enabled simultaneously. It fixes #4067
- 06:43 PM Revision fa2122b0: Fix password field name
- 06:42 PM Revision 387ab31a: Use newline to separate unbound custom options during config upgrade, it should fix #4104
- 06:18 PM Revision 6bb9db05: Add a shortcut for unbound and enable it
- 04:47 PM Revision 99441482: Fix password field name to apply correct style
-
- I was using a "Hama Wireless LAN USB 2.0 Stick 300 Mbps" for some time as an access point with the 2.2 alpha and beta...
-
- Applied in changeset commit:73041230a79f7b0f2cbae60cf51596a1232d5029.
-
- Applied in changeset commit:c25caf5b01269961d0129f8f83dc8dc1a078c3a8.
-
- I'll take it
-
- Applied in changeset commit:03226d75ba52c78d33c5afaaa81379baf0d3856f.
-
- Applied in changeset commit:387ab31a976fbacfc0d8e2fde7efb7cb1c4b6b6b.
-
- It's these checkboxes breaking the upgrade:
!http://i.imgur.com/od1nv1s.png!
-
- Can you share your unbound config from 2.1.x?
- 12:46 PM Revision 5cfd9481: Add missing BR tags and fix display with pfsense_ng_fs theme. It fixes #4115
- 12:44 PM Revision e51d6e1b: Add missing BR tags and fix display with pfsense_ng_fs theme. It fixes #4115
-
-
- Fixed after gitsync, thanks. ;)
-
- Applied in changeset commit:5cfd948144741ba0d6981f89b2e40257cb9ef2b1.
-
- Applied in changeset commit:e51d6e1b7f195cbc8300c473a14610b84cc191b0.
-
- *DHCP server:*
!http://i.imgur.com/yiRg3HA.png!
*DHCPv6 server:*
!http://i.imgur.com/qfFo5Cz.png!
(FWIW, this... -
- @G Brinton - can you try the code in https://github.com/pfsense/pfsense/pull/1389
I discovered that OpenVPN does n... -
- Actually, at the moment, the code does allow a password to be entered without username - it gets through the front-en...
-
- Can we relax the input validation to require password only?
I've tested it with a service provider that only requir... -
- There still seems to be an issue here. On a current snapshot when I try to leave maintenance mode the skew is stuck a...
-
- When using "Temporarily Disable CARP", IP alias VIPs using a CARP VIP "interface" are still present and the interface...
12/14/2014
- 10:03 PM Revision 6678fdd1: Tidy up "widgets" XHTML
- Add CDATA sections to scripts
Add ALT to image tags and close image tags
DIV tag cannot be inside a STRONG tag, so sw... -
08:09 PM pfSense Packages Bug #4114 (Resolved): Squid 3.4.9 transparent proxy broken.
- The latest Squid packages all had issues, but none of them as serious as transparent proxy not working.
Squid has to... -
05:58 PM Bug #4113 (Resolved): multiple instances of /var/db/rrd/updaterrd.sh
- On my pfsenses I see multiple instances of updaterrd.sh
Because all instances uses only one pid file with only one... -
- ipsec, strongswan (sometimes) needs a 'conn' section with a unique reqid for each phase2
I've been trying to repla... -
- On Interfaces/VLAN is written:...
-
12:52 AM Feature #4108: USB printers support required
- Including ulpt driver module into freebsd/pfsense compilation does not make a print server from it, not even close to...
12/13/2014
-
- It's a firewall, not a print server. Don't do that. Anyone who *really* wants to can copy over a ulpt.ko from stock F...
-
- I ask you to add ulpt driver module or compile it into the kernel. People want to use it! :)
https://www.freebsd.org... - 07:25 PM Revision 7dd5f0f7: Where binding Unbound to *:53, set "interface-automatic: yes" so replies are sourced from the correct IP. Ideally this should always work this way, but setting this causes Unbound to bind to *:53, which shouldn't happen where specific interfaces are chosen. Ticket #4111
- 07:24 PM Revision f358fe3f: Where binding Unbound to *:53, set "interface-automatic: yes" so replies are sourced from the correct IP. Ideally this should always work this way, but setting this causes Unbound to bind to *:53, which shouldn't happen where specific interfaces are chosen. Ticket #4111
-
- Fix committed and verified for the circumstance where binding all interfaces.
-
- When Unbound is bound to all interfaces, it replies back with the source IP it would use for initiating a new connect...
-
- interface-group is not set properly on the openvpn interfaces after reboot
The openvpn interfaces are part of the My... -
10:57 AM pfSense Packages Bug #4109: squid package doesn't include hostname when logging remotely
- sorry - snort not squid ;)
The remote system can detect the sender, of cause. But if you ommit the hostname, it's no... -
- Squid/snort inconsistencies in the report aside, syslog does not include that. It's up to the remote system to identi...
-
- Squid doesn't include the hostname when logging remotely (e.g.):
<33>Dec 13 13:40:18 snort[2160]: [120:3:1] (http_... -
09:03 AM Bug #3848: enabling schedule on 2.1.5 causes page fault
- 21 days and no page fault so far. I am updating to the latest build today and will continue to monitor.
-
- In XN there couldn't be tagging problems, because it didn't know anything about tagging.
They will tell me that the ... -
- If you restore full backups via console, using upgrade firmware menu - no problem it is working, the only one thing i...
12/12/2014
-
- Well, sadly this does not happen in the _background_... No idea why it does not background, as said the upgrade could...
-
- The bogon update sleep doesn't lock anything or prevent anything else from happening, it just sits in the background ...
-
- This kills the whole upgrade process, since this gets stuck on sleep "forever" (one day at least, or even a week or m...
-
- There are problems in VLAN tagging in that driver. That's outside of our control. Please replicate the problem on sto...
-
- That's in the code:...
-
- That's to lapidary.
Tagging is something which is handled by software and could be in hardware.
Without anything wr... -
- they don't show up because they report themselves as not being VLAN-capable. Those who have forced their way around t...
-
- Interface xn0 is not listed on "Interfaces: VLAN: Edit" for using as parent interface.
On XEN interface xn0 didn't... -
- it's not a config or command issue, if it were that simple I would have fixed it. It's a kernel issue with dummynet i...
-
- duplicate of #4089 which is fixed already.
-
- ipsec, using a carpip for the interface of a phase1 ipsec connection with fails to generate the ipsec.conf content.
... - 05:41 PM Revision b78111c4: Validation of y/n answers in setlanip
- At the moment the user can answer "yes" to most of the questions, but then later code only checks if the answer is "y...
- 05:40 PM Revision 00aa3b79: Merge pull request #1385 from phil-davis/patch-11
- 05:16 PM Revision e6abcccc: Validation of y/n answers in setlanip
- At the moment the user can answer "yes" to most of the questions, but then later code only checks if the answer is "y...
- 04:56 PM Revision d7b9b993: Update service providers xml to sync with upstream
- 04:55 PM Revision 38e1541b: Update service providers xml to sync with upstream
- 04:49 PM Revision a7d7cd7f: rc.initial.setlanip fix validation of CIDR within range
- Currently this allows the user to input any number for the CIDR. I happened to try 44 for an IPv4 CIDR when playing.
... - 04:49 PM Revision 3bc55eee: Merge pull request #1383 from phil-davis/patch-10
- 03:19 PM Revision 87657b95: rc.initial.setlanip fix validation of CIDR within range
- Currently this allows the user to input any number for the CIDR. I happened to try 44 for an IPv4 CIDR when playing.
... - 02:30 PM Revision 245f78d2: Regenerate Turkish mo
- 02:30 PM Revision 6220186b: Update po from last pot
- 02:30 PM Revision 4770b341: Update Turkish translation file from last version available on old translation server
- 02:29 PM Revision c45c6ccd: Regenerate Turkish mo
- 02:28 PM Revision 019645ff: Update po from last pot
- 02:27 PM Revision 66f8965d: Update Turkish translation file from last version available on old translation server
- 02:14 PM Revision 6e84f8c0: Regenerate pfSense.pot
- 02:13 PM Revision fb0495f3: Regenerate pfSense.pot
- 11:17 AM Revision 9b8f26cf: Fix password confirmation name to make style working as expected. Fixes #3992
- 11:17 AM Revision 2e65babb: Fix password confirmation name to make style working as expected. Fixes #3992
- 10:40 AM Revision 946e55bd: Base URL must be specified when alturlenable on
- I had a 2.1.5 system that I was wondering why the dashboard always said it could not check for updates. I discovered ...
- 10:40 AM Revision a516c81e: Merge pull request #1381 from phil-davis/patch-8
-
- On literally every box that had unbound installed as a package with 2.1.x, there's some statistics-related configurat...
-
- Done. We will have a new translation server available soon to make users able to translate again.
-
- in my case one of my alix boxes has a single wan conenction (pppoe) and i have set it to periodically reset at 3am so...
-
- Better solution in https://github.com/pfsense/pfsense/pull/1382
-
- Applied in changeset commit:9b8f26cfdf3a9829585c1e97b435407561e2766d.
-
- Applied in changeset commit:2e65babb16b604752afc6b5f948851cb881ce9af.
- 04:53 AM Revision a93bc299: Base URL must be specified when alturlenable on
- I had a 2.1.5 system that I was wondering why the dashboard always said it could not check for updates. I discovered ...
-
- Merged
-
-
- There is no IPv4 nor IPv6 assigned to the interface, there was a dynamic IPv6 GW created on 2.1.x, which was made def...
12/11/2014
- 09:50 PM Revision fcc96054: Split ICMP and ICMPv6 types on Firewall Rules
- - Remove redundant declaration of $icmptypes and move it to a common
place (filter.inc)
- Add missing ICMP types for ... - 09:49 PM Revision c03ed2fb: Fix indent and spaces
- 09:47 PM Revision d3bf4a41: Split ICMP and ICMPv6 types on Firewall Rules
- - Remove redundant declaration of $icmptypes and move it to a common
place (filter.inc)
- Add missing ICMP types for ... - 08:55 PM Revision 0ab1f107: Fix indent and spaces
- 06:46 PM Revision 470b14d8: Fix #4099:
- - When interface is 'lo0', strpos returns 0, that is erroneously
considered false (boolean) on the test. Be more stri... - 06:43 PM Revision 11bdc638: Fix #4099:
- - When interface is 'lo0', strpos returns 0, that is erroneously
considered false (boolean) on the test. Be more stri... - 05:05 PM Revision 79fabc8f: Fix #3790:
- - Do not let 2 interfaces to setup the same track6 prefix id
- Show correct prefix id range for each interface - 05:03 PM Revision 986fd3d9: Fix #3790:
- - Do not let 2 interfaces to setup the same track6 prefix id
- Show correct prefix id range for each interface -
- Applied in changeset commit:fcc96054a0935a2eb4aa380ccf0fc8c44987715f.
-
- Applied in changeset commit:d3bf4a4163c50146a18cbb6cebe87d8d9a453afe.
-
- That's an issue with Xen changing your devices without telling you, and coupled with FreeBSD's Xen disk driver not al...
-
03:37 PM Bug #4101 (Needs Patch): Mounting information lost upgrading from XenServer virtualized 2.1.5
- During the update, the devices get renamed and the reboot fails. You have to manually fix this during boot and edit t...
-
- Applied in changeset commit:470b14d8d676c342956c783bba4b352c91627626.
-
- Applied in changeset commit:11bdc638ef87c94d239113cbac9e5f59bc8b74da.
-
- IP aliases on localhost don't config sync to the secondary. This was broken, then fixed earlier in the 2.2 release cy...
-
- Applied in changeset commit:79fabc8fac5f8c8444f8374748572040e96bee24.
-
- Applied in changeset commit:986fd3d9a70bd92e2138372147e338e24f774730.
- 09:40 AM Revision bf310189: Change text and color delimiter to carat sign
- To match change made in functions.inc.php
- 09:40 AM Revision f2d27f93: Gateway Status Widget keep IP address bold
- Forum: https://forum.pfsense.org/index.php?topic=85187.msg467438#msg467438
The bold is specified literally in gatewa... - 09:39 AM Revision 8d5be861: Merge pull request #1378 from phil-davis/patch-10
- 09:38 AM Revision 07ab838e: Improve check if no OpenVPN defined
- Alternate version of https://github.com/pfsense/pfsense/pull/1376
This version retains the is_array() checks and then... - 09:37 AM Revision 21e71044: Merge pull request #1379 from phil-davis/patch-11
-
05:50 AM Feature #3933: Limiter burst doesn't have any effect
- Hi Chris,
This issue is a blocker for me, I would really want the bursting functionality to work. I would like to ... -
- Proposed solution https://github.com/pfsense/pfsense/pull/1372
-
- At the moment the user can answer "yes" to most of the (y/n) questions, but then later code only checks if the answer...
- 02:39 AM Revision 04c0724e: Improve check if no OpenVPN defined
- Alternate version of https://github.com/pfsense/pfsense/pull/1376
This version retains the is_array() checks and then... - 01:30 AM Revision 2cc10e2c: Change text and color delimiter to carat sign
- To match change made in functions.inc.php
- 01:28 AM Revision 6385c335: Gateway Status Widget keep IP address bold
- Forum: https://forum.pfsense.org/index.php?topic=85187.msg467438#msg467438
The bold is specified literally in gatewa... -
- Because the interface has no IP address/gateway yet, there is no way for pfSense to set a specific route to the monit...
12/10/2014
-
- actually im having the same issue
https://forum.pfsense.org/index.php?topic=78356.msg467520#msg467520 -
- assigned to cmb for eval
-
- Example: system with dual-WAN - WAN and OPT1 both DHCP.
Boot with WAN getting DHCP but OPT1 connected but not gettin... -
- I'm almost to a point of confirming what Phil describes. Broke my system earlier and killed my VPN to where the test ...
-
- assigned to CMB for now. (Evaluation).
I can think of a bunch of scenarios that are "racy" (DHCP can take a while... -
- Note: Another hardware scenario where this can happen is if you have your upstream WAN devices connected to pfSense o...
-
- If I physically unplug OPT1, then everything fails over correctly to WAN. The issue seems to be only if a DHCP WAN-ty...
-
- Example system: 2 WANs, both DHCP, that uplink to 2 different ISPs (WAN and OPT1) (called WAN_DHCP interface WANGENER...
-
- After updating to 2.2 RC, removing the NUT package, cleaning up 2.1.5 NUT leftovers by hand, and reinstalling the NUT...
-
- assigned to Chris for evaluation.
-
- Ermal reported it, I'm assigning it to him. :-)
-
Assigned to Renato for evaluation and possible fix, because: packages.-
- re-assigned
-
- Could we try what Jeremy asked for?
-
- This way, a router running NanoBSD won't sit at a db> prompt indefinitely if it crashes.
-
- This way, a router running NanoBSD won't sit at a db> prompt indefinitely if it crashes.
- 03:40 PM Revision e519371d: Fixup text rule should be route
- This code was obviously taken from firewall rules and reused here without changing the word "rule" to "route".
- 03:39 PM Revision b3986dd1: Merge pull request #1377 from phil-davis/patch-9
- 03:32 PM Revision f4d094b4: Fixup text rule should be route
- This code was obviously taken from firewall rules and reused here without changing the word "rule" to "route".
-
- For new users in the User Manager, it would be handy to have the ability to force them to change their password on th...
-
- Definitely not true. Something in your case legitimately is breaking DNSSEC. Post some details to the forum or list a...
-
- On the DNS Resolver main configuration page, if you enable DNSSEC, the resolver is no longer able to resolve www.goog...
- 02:14 PM Revision 59c5e4bd: Remove spurious '>', fixes #4091
- 02:14 PM Revision d7563eeb: Remove spurious '>', fixes #4091
-
02:01 PM pfSense Packages Bug #4097 (Not a Bug): Unable to restart Postfix
- Postfix seems disabled but can't enabled.
When trying to restart Postfix from the GUI nothing seems to happen. The c... -
- fixed
-
- Applied in changeset commit:c02acef2866f08662d62aa6f0ba73168e85dafc8.
-
- Applied in changeset commit:76f12171884adcbbf6ea6d66b87851b0a5fcc4b3.
-
- Configure IPsec bound to a CARP IP on P1, and see it ends up being completely omitted from ipsec.conf.
-
- you need default gateway switching enabled for that to work
-
12:35 PM Bug #4096 (Rejected): Update Checker doesnt work Under Failover setup
- I have a failover setup
WAN, WAN2
WAN being primary.
if WAN is down. pfSense can not check if iam on the latest v... -
-
- Merged, thanks!
-
- A bunch of the hover text for buttons on this page, and delete confirmation mention "rule" rather than "route".
Obvi... - 11:58 AM Revision b8dd129d: Make sure this message is only displayed on console
- 11:58 AM Revision 52e97bcc: Make sure this message is only displayed on console
- 11:56 AM Revision c02acef2: get_failover_interface() is already called inside get_interface_ip(v6), no need to call it twice. It should fix #4089
- 11:55 AM Revision 76f12171: get_failover_interface() is already called inside get_interface_ip(v6), no need to call it twice. It should fix #4089
-
- Applied in changeset commit:59c5e4bd687ec9779488e35e418380bde8a2544e.
-
- Applied in changeset commit:d7563eebc721a6eb2ca1f58136905ed4044a1a15.
-
- In service->NTP under "access restrictions" advanced button, the line for "Disable ntpq and ntpdc queries (default: d...
-
- I found that I need to specify...
-
- I need to permit private IPs for my local domains to resolve. That is, vick.int.kcilink.com resolves to 192.168.7.80....
12/09/2014
-
01:31 PM Bug #4082: Adding to Captive Portal Allowed Hostnames list gives error (exit code 71) in System Logs
- Thanks; so when I add pfsense.org , which is not already there :o), it gives the same error.
Currently, that pass th... -
- It occurred to me after turning the computer off well after midnight that you might have been referring to the "TTL" ...
-
- Oh, that's a bug with network-type aliases and FQDNs if you mix networks in with them. That's fixed in 2.2, there's a...
-
- You have missed the problem. I am not interested in new DNS lookups.
The problem is that THE ENTRIES CORRESPONDING T... -
- Nor should they be. They're updated in the background by filterdns when the TTL expires. It's pointless to do another...
-
- pf tables can be populated from FQDNs through pfsense aliases. This is a very good feature for a number of reasons. T...
-
11:46 AM Bug #3939: Cannot create Host or Network type alias with an IP address/range
- It looks like there is still an issue with this.
If I create a new alias with 2 networks and 2 FQDN's, all expected... -
- It took me a long time to find the problem because there are few symptoms that immediately break things, other than a...
-
- not true in general, though I'm sure there are unusual edge cases where that's possible. Even the described flapping ...
-
- Default configuration is to monitor the WAN gateway once per second and to take action if it doesn't respond for 10 s...
-
- The config file that is generated for squidguard 1.4_4 pkg v.1.9.6 is buggy in two ways, leading to unexpected and da...
-
- fixed
-
- fixed
-
04:18 AM pfSense Packages Bug #4085 (Resolved): Check_mk agent configuration: 'Listen Port' is required, contrary to description
- In the Check_mk agent configuration page, the description for 'Listen Port' says:
"Leave empty to use Default prot [... -
- The official Check_mk agent package doesn't work because the shebang line at the top of /usr/local/bin/check_mk_agent...
12/08/2014
-
11:51 PM pfSense Packages Feature #3485: Log rotation for mod_security
- +1
Ended up having to install a local crontab to avoid log overflowing, which is totally sub-optimal and non-repro... - 09:45 PM Revision e2a319f3: Use exit instead of return here, otherwise script's return code is always 0 and user with wrong password is authenticated
- 09:44 PM Revision 9a92e2ef: Use exit instead of return here, otherwise script's return code is always 0 and user with wrong password is authenticated
-
03:24 PM Feature #4083 (Resolved): Replace GET by POST
- These functions should be sent as a POST to pfSense software, which should then do a redirect back to the status page...
-
02:29 PM Bug #4081: Apinger reporting incorrect latency
- also affects rrd graph at same time
-
- it's not reporting latency to the gateway, its calculations become wrong under some circumstance.
-
- that's just cosmetic, when it tries to add something that's already there.
-
10:07 AM
Bug #3286: Radvd will not function with IPv6 Prefix delegation other than 64 on WAN
- Just wanted to add a comment here... it's possible that this is not a pfSense bug. DHCPv6+PD leases a prefix of the r...
12/07/2014
- 10:32 PM Revision 34d03237: Standardise css list padding
- for _corporate
- 10:32 PM Revision 63d41775: Standardise css list padding
- for code-red theme
- 10:32 PM Revision 40a27d2c: Standardise css list padding
- for metallic theme
- 10:32 PM Revision fa367078: Standardise css list padding
- for nervecenter theme
- 10:32 PM Revision ed1457e3: Standardise css list padding
- for pfsense-dropdown theme
- 10:32 PM Revision ba1ff148: Standardise css list padding
- for pfsense theme
- 10:32 PM Revision 433f5949: Standardise css list padding
- for pfsense_ng_fs theme
- 10:32 PM Revision 93365bbd: Standardise css list padding
- for the_wall theme
- 10:32 PM Revision 14bd365a: Provide success return indication from console_configure_dhcpd
- Recent commit https://github.com/pfsense/pfsense/commit/9ea554ee5cb25ea3bf5bb6bf7997c6c7379ce349 added testing of the...
- 10:31 PM Revision ae0daa80: Merge pull request #1371 from phil-davis/patch-6
- 10:30 PM Revision 47a12231: Merge pull request #1370 from phil-davis/patch-5
- 04:56 PM Revision eca5402b: Provide success return indication from console_configure_dhcpd
- Recent commit https://github.com/pfsense/pfsense/commit/9ea554ee5cb25ea3bf5bb6bf7997c6c7379ce349 added testing of the...
-
- Pull request merged
-
- Should be fixed by: https://github.com/pfsense/pfsense/pull/1371
It was broken recently by enhancements to return ... -
08:50 AM Bug #4080 (Resolved): can't edit setting after factory reset!
- After I do a "reset to factory defaults" I couldn't change any other setting from the Console menu ... I have tried t...
- 04:28 PM Revision 2ce15f63: Standardise css list padding
- for the_wall theme
- 04:26 PM Revision fe9273cf: Standardise css list padding
- for pfsense_ng_fs theme
- 04:24 PM Revision 4fb660ae: Standardise css list padding
- for pfsense theme
- 04:23 PM Revision 6e74f280: Standardise css list padding
- for pfsense-dropdown theme
- 04:21 PM Revision 09b095b0: Standardise css list padding
- for nervecenter theme
- 04:19 PM Revision af978cb9: Standardise css list padding
- for metallic theme
- 04:16 PM Revision 04d21981: Standardise css list padding
- for code-red theme
- 04:11 PM Revision 66591feb: Standardise css list padding
- for _corporate
- 03:42 PM Revision cd4d0c29: Standardise css list padding
- On Status->Services, the Services Status widget when a service status is down, the red "x" button does not line up wi...
- 03:41 PM Revision e17748e2: Typo CIDR in UPnP GUI page
- As reported by johnpoz https://forum.pfsense.org/index.php?topic=84964.0
- 03:41 PM Revision f3dac61c: Merge pull request #1368 from phil-davis/patch-3
- 03:40 PM Revision f060bd2a: Merge pull request #1369 from phil-davis/patch-4
- 01:25 PM Revision 9241d942: Typo CIDR in UPnP GUI page
- As reported by johnpoz https://forum.pfsense.org/index.php?topic=84964.0
-
- Adding a web address to the Captive Portal's Allowed Hostnames list consistently gives this error in the system logs:...
-
12:36 PM Bug #1629: invalid state table entries after WAN IP change
- So is this change going in to 2.2? Will the state killing be triggered in a gateway group failover event that is typi...
-
- I agree this would be a very nice feature to have, as would the ability to sort or re-order the "interfaces" lists wh...
-
- I have a bare metal box that I believe this or something related is happing chris has access info if any of the other...
-
- If a gateway has an explicit monitor address, apinger will stop reporting latency to the monitor address and switch t...
- 09:47 AM Revision 0f3d668f: Standardise css list padding
- On Status->Services, the Services Status widget when a service status is down, the red "x" button does not line up wi...
-
08:48 AM Feature #4079 (Closed): Specify opt-number to use on new interfaces
- When creating new interfaces, it would be nice to be able to specify the number that the opt-interface receives. A si...
Also available in: Atom