Activity

30 days up to

User

Subprojects

Activity

From 01/13/2015 to 02/11/2015

02/11/2015

11:00 PM Revision 377b1faa: DHCPv6 client rules MUST come before bogons. Add a comment that hopefully: sticks out so this stops getting broken. Ticket #3395 Chris Buechler
10:59 PM Revision 274a531a: DHCPv6 client rules MUST come before bogons. Add a comment that hopefully: sticks out so this stops getting broken. Ticket #3395 Chris Buechler
09:20 PM pfSense Packages Bug #4410: pfBlockerNG adding commented IPs: @Ryan. Thanks for the Bug report. I haven't seen a Comment line with an IP in it before. The fix for this bug is in m... BBcan177 .
12:08 PM pfSense Packages Bug #4410 (Resolved): pfBlockerNG adding commented IPs: We have a list provider that requires our IP be passed as a variable in the query (e.g. http://example.com/list.php?i... Ryan .
08:18 PM Revision eaa89cc6: Ticket #4390 Return only the subnet bits not the full network in cidr format.: Ermal Luçi
08:17 PM Revision 810b36ac: Fixes #4390 Properly return the vip subnet now that the CARP might not match its parent interface subnet.: Ermal Luçi
07:34 PM Revision 1c4c5ed2: Remove dead code and unset vars so next time the code works properly avoiding cache issues.: Ermal Luçi
07:34 PM Revision 657932fd: Remove dead code and unset vars so next time the code works properly avoiding cache issues.: Ermal Luçi
07:29 PM Revision b65de558: Fixes #4389 The VIP interfaces cannot be assigned since they are just an identification of the VIP for tracking. Consider that when configuring gif/gre. Also on bridges you cannot set a vip interface as its member.: Ermal Luçi
07:26 PM Revision 2de650f6: Fixes #4389 The VIP interfaces cannot be assigned since they are just an identification of the VIP for tracking. Consider that when configuring gif/gre. Also on bridges you cannot set a vip interface as its member.: Ermal Luçi
07:20 PM Bug #4379: Remove CGN (RFC6598) address space from "private networks": it's only unusable where you need to allow traffic into WAN that's sourced from CGN space. Which in nearly all cases ... Chris Buechler
07:00 PM pfSense Packages Bug #4412 (Not a Bug): squid reverse proxy: when I try to activate the squid reverse proxy reports an error and when I modify sysctl returns or null or invalid s... alberto alcala pinto
05:00 PM Bug #3395 (Feedback): DHCPv6 client pass rules need to come before bogons: Indeed. Fixed again, and added a comment that will hopefully prevent this from ever getting broken again. Chris Buechler
04:21 PM Bug #4398: Userlist - No sorting anymore: note the sort is there if you have 1 user only, disappears with > 1. I'm sure Phil's right on that. Moving to 2.2.2 s... Chris Buechler
04:20 PM Bug #4398 (Confirmed): Userlist - No sorting anymore: Chris Buechler
04:12 PM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot: Chris Buechler wrote:
> Andreas: could you do some experimentation with your combination of hardware? See if it's th... Andreas Walther
03:56 PM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot: the only scenario we've been able to replicate is with no SD card installed. It's easily replicable by just removing ... Chris Buechler
03:46 PM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot: I don't have an SD card in, but I do have a Mini-PCIe wireless card. Jim Pingle
03:41 PM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot: Well the first crash after update from 2.1 to 2.2 was with a sd card as the disk and a mini pcie 3g modem installed.
... Andreas Walther
02:57 PM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot: ... Jim Pingle
02:49 PM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot: does sysctl hw.bus return a result? Ermal Luçi
12:41 PM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot: I can reproduce it on my APU now as well. Fresh install on mSATA, no SD card inserted, using the factory image.
Seem... Jim Pingle
04:04 PM Bug #4404 (Rejected): Fatal error when enabling IPSec: not a bug.
source is available here:
https://github.com/pfsense/pfsense Chris Buechler
06:24 AM Bug #4404: Fatal error when enabling IPSec: Do you have a link to a stock util.inc, so I can compare ?
The file i patched, I need to have several subnets in D... Lars Juul
01:19 AM Bug #4404 (Feedback): Fatal error when enabling IPSec: you're missing, or have a broken, /etc/inc/util.inc file. The installer can't forget files (and if anything as critic... Chris Buechler
04:01 PM Bug #4407 (Rejected): unbound advanced settings broken: nothing is broken, just have to put things in correctly. added #4411 to add input validation at some point to prevent... Chris Buechler
06:03 AM Bug #4407: unbound advanced settings broken: Kill Bill wrote:
>
> The server: clause is not the place for different kind of things, like the stub zone and forw... Andreas Pflug
06:03 AM Bug #4407: unbound advanced settings broken: Can we please append a link to unbound.conf(5) manpage (https://www.unbound.net/documentation/unbound.conf.html) with... Kill Bill
05:52 AM Bug #4407: unbound advanced settings broken: Andreas Pflug wrote:
> Moving the custom option generation as suggested would make any option appear under the serve... Kill Bill
05:12 AM Bug #4407: unbound advanced settings broken: Kill Bill wrote:
> What advanced settings? This is just not true in general. Prefix the custom options with server: ... Andreas Pflug
05:01 AM Bug #4407: unbound advanced settings broken: In my case, I need *do-not-query-localhost: no* set.
Andreas Pflug
04:51 AM Bug #4407: unbound advanced settings broken: What advanced settings? This is just not true in general. Prefix the custom options with server: as noted on the bug ... Kill Bill
03:25 AM Bug #4407: unbound advanced settings broken: If you have a patch change that works, it will be very easy for the devs if you make the edit at https://github.com/p... Phillip Davis
03:02 AM Bug #4407 (Rejected): unbound advanced settings broken: Same symptom as https://redmine.pfsense.org/issues/4090, but a different reason:
When domain overrides are set, an... Andreas Pflug
04:00 PM Feature #4411 (Resolved): add validation of Unbound advanced configuration: Something similar to dnsmasq's advanced config validation would be helpful for Unbound, to prevent users from creatin... Chris Buechler
02:51 PM Bug #4178: IPsec leftsubnet changed to 0.0.0.0 with Cisco unity plugin active: Probably that was because the strongswan setting was not being propagated to the plugin.
Now that strongswan was upd... Ermal Luçi
02:35 PM Bug #4389: gif0 tunnel for ipv6 using a carp-ip to the outside world stops working upon reboots and some config changes: Copied interfaces.inc and system.inc to my 2.2 box and seems to work alright now..
Without daily snapshots online,... Pi Ba
01:30 PM Bug #4389: gif0 tunnel for ipv6 using a carp-ip to the outside world stops working upon reboots and some config changes: Applied in changeset commit:b65de5585bb7bffe06750c712b399cd4da10052c. Ermal Luçi
01:30 PM Bug #4389: gif0 tunnel for ipv6 using a carp-ip to the outside world stops working upon reboots and some config changes: Applied in changeset commit:2de650f6117f4b80c3db4f9b46ad83d75d5b9130. Ermal Luçi
01:28 PM Bug #4389 (Feedback): gif0 tunnel for ipv6 using a carp-ip to the outside world stops working upon reboots and some config changes: Ok should be fixed by the commit i pushed.
Can you please confirm as well?
This seems to be a bug since 2.1++ Ermal Luçi
02:30 PM Bug #4390: Cannot create an IP alias on a CARP interface where the actual Interface address is in a different network: Applied in changeset commit:810b36ac0c363c21ea2f1b963f2c1be142fc59a2. Ermal Luçi
02:17 PM Bug #4390 (Feedback): Cannot create an IP alias on a CARP interface where the actual Interface address is in a different network: It behaves correctly with the applied patch. Ermal Luçi
09:46 AM pfSense Packages Bug #4409 (Resolved): Tincd not starting on pfSense 2.2: Hello,
i had troubles getting tinc daemon to work in 2.2, after some investigation I had to do:
ln -s /usr/loc... Raimund Sacherer
09:12 AM Revision 01c155f2: Random text typos: and I "corrected" function names that had "_choosen_" in them.
That is not technically an error - function names do n... Phil Davis
09:04 AM Revision 302cb96e: Check if notification is disabled: in send_smtp_message()
Other packages like arpwatch sm.php and cron job output as reported in forum https://forum.pfs... Phil Davis
09:04 AM Revision 33649526: Merge pull request #1480 from phil-davis/patch-1: Renato Botelho
09:02 AM Revision 1444c08e: Random text typos: that I noticed. Phil Davis
09:01 AM Revision c70002be: Merge pull request #1482 from phil-davis/CP-text-typos: Renato Botelho
09:00 AM Revision 4ab7f8f4: Fix typo in class in bridge edit: Fixing this makes nice little pencil icons appear in front of the text
entry fields. Phil Davis
09:00 AM Revision ef8182ca: Merge pull request #1483 from phil-davis/formfld-unknown: Renato Botelho
08:59 AM Revision 079b0e20: Remove unset variable, spotted by phil-davis: Renato Botelho
08:59 AM Revision 5132312f: Remove unset variable, spotted by phil-davis: Renato Botelho
08:34 AM Bug #4408: Changes to DHCP-services crashes GUI and DHCP daemon when many leases are in use: If I disable DHCP failover everything works perfectly. Lars Jorgensen
08:22 AM Bug #4408 (Closed): Changes to DHCP-services crashes GUI and DHCP daemon when many leases are in use: I have the DHCP service running on five interfaces and a good amount of leases (I would guess around 1,000 or more at... Lars Jorgensen
07:45 AM Revision b3aacd59: rrset-cache-size should == 2 * msg-cache-size. Ticket #4367: Chris Buechler
07:44 AM pfSense Packages Bug #4198: lightsquid doesn't work, perl is missing: I saw that yesterday, thank you! Cino .
07:42 AM pfSense Packages Bug #4198 (Feedback): lightsquid doesn't work, perl is missing: I pushed a fix for this yesterday. Perl is there but the package couldn't find it. Works for me now in testing. Jim Pingle
07:43 AM Revision 2597415b: rrset-cache-size should == 2 * msg-cache-size. Ticket #4367: Chris Buechler
07:28 AM Revision 0c6db320: Fix typo in class in bridge edit: Fixing this makes nice little pencil icons appear in front of the text
entry fields. Phil Davis
07:14 AM Revision 24cbfd5a: Check if Unbound is enabled and using the same port before allowing dnsmasq to be enabled. part of Ticket #4332: Chris Buechler
07:13 AM Revision 06e847a7: Check if Unbound is enabled and using the same port before allowing dnsmasq to be enabled. part of Ticket #4332: Chris Buechler
07:07 AM Revision f416763b: Random text typos: that I noticed. Phil Davis
03:42 AM Bug #4401: remove xen netfront driver until it can handle altq: Is there a way to disable xen detection while booting?
I had to remove traffic shaping from my local pfsense and now... Grischa Zengel
03:21 AM Bug #4401: remove xen netfront driver until it can handle altq: xn0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=3<RXCSUM,TXCSUM>
ether be:f5:19... Chris Linstruth
02:12 AM Bug #4402 (Confirmed): Unbound: enable harden-glue by default and/or apply patch: Part of this was fixed in the default config yesterday (harden-glue is now enabled by default). We'll also add config... Chris Buechler
02:10 AM Bug #4406 (Confirmed): ALTQ problems with wireless cloned interfaces: ath(4) does have ALTQ support, but its cloned interfaces end up unable to use it. ... Chris Buechler
01:57 AM Bug #4237: Error "macro IPsec not defined" once after firmware upgrade: still no other reports of this. will leave for feedback for now. Chris Buechler
01:55 AM Bug #4268 (Confirmed): changes in strongswan config don't apply to SAD or SPD: It causes a wide range of problems for people. We've already seen several people report IPsec changes not applying be... Chris Buechler
01:46 AM Bug #4367 (Feedback): Incorrect rrset-cache-size in unbound.conf: that was apparently an oversight, thanks for catching. It should be fixed with what I just committed, which sets rrse... Chris Buechler
01:29 AM Bug #4329: OpenVPN Server returns an error message while validating selfsigned certificate with a deep of 2: ... Armin Tueting
01:27 AM pfSense Packages Bug #4222: Update to 2.2 RC breaks domU: Douglas Haber wrote:
> Maybe a hook should be added then in the web UI to say, "hey, Xen detected, please make sure ... Chris Buechler
12:14 AM Bug #4397 (Confirmed): MTU must be set in same ifconfig command as IP: setting the MTU before setting the IP doesn't behave any differently. The MTU must be appended to the ifconfig comman... Chris Buechler
12:05 AM Bug #4375 (Rejected): Kernel Crash: this is a hardware-specific issue of some sort, not an issue in our code. Judging by Ermal's analysis, ACPI seems lik... Chris Buechler

02/10/2015

11:57 PM Bug #4403 (Confirmed): Enabling SNMP causes kernel panic with APU with empty SD card slot: enough people have reported this that it's clearly an issue in some circumstance. I'm not sure what that circumstance... Chris Buechler
04:10 PM Bug #4403 (Resolved): Enabling SNMP causes kernel panic with APU with empty SD card slot: Hi Together,
i am not sure if this is a hardware problem, but basically i am using a PC Engines APU.1C(2GB) board ... Andreas Walther
11:04 PM Bug #4343 (Resolved): Firewall Log does not display logs for IGMP: fixed Chris Buechler
11:01 PM Bug #4318 (Resolved): gen_subnet_max returns incorrect result for 32 bit: fixed Chris Buechler
11:00 PM Bug #4308 (Closed): LAGG LACP defaults to strict mode in FreeBSD >= 10: It's best to leave as is, the upgrade and release notes describe how to work around pre-upgrade if necessary, and we'... Chris Buechler
02:34 PM Bug #4308: LAGG LACP defaults to strict mode in FreeBSD >= 10: The problem i think is that on FreeBSD 10 you have no tunnable to revert to 8.x behaviour.
That is only on HEAD. Ermal Luçi
09:07 PM Feature #4405 (In Progress): Traffic shaping doesn't work when applied to a bridge interface: Having two or more interfaces within a bridge, the traffic shaper doesn't work when applied to it. Traffic is seen on... Jorge Albarenque
08:14 PM Revision 1ee360aa: Fixes #4370 Use the curlies to not confuse php: Ermal Luçi
08:08 PM Revision 51e76899: Fixes #4370 Use the curlies to not confuse php: Ermal Luçi
07:50 PM Revision 8fa0a534: Actually fix even the openvpn auth user script with proper checks. I thought this was fixes already!: Ermal Luçi
07:50 PM Revision e85f3d1a: Actually fix even the openvpn auth user script with proper checks. I thought this was fixes already!: Ermal Luçi
07:47 PM Revision 22bca296: Fixes #4329, Fix even tls.auth script by using proper isset() test as the fixes for other authentication scripts.: Ermal Luçi
07:47 PM Revision ed56ce5a: Fixes #4329, Fix even tls.auth script by using proper isset() test as the fixes for other authentication scripts.: Ermal Luçi
07:41 PM Revision afb38815: Fixes #4397 Make mtu configuration before the ip address assignment. This fixes the issues of link routes having the wrong mtu configured on them.: Ermal Luçi
07:40 PM Revision 1ac5261f: Fixes #4397 Make mtu configuration before the ip address assignment. This fixes the issues of link routes having the wrong mtu configured on them.: Ermal Luçi
05:50 PM Revision 02376f6f: Check if notification is disabled: in send_smtp_message()
Other packages like arpwatch sm.php and cron job output as reported in forum https://forum.pfs... Phil Davis
05:20 PM Bug #4404 (Rejected): Fatal error when enabling IPSec: I have 3 boxes with pfSense 2.2 installed, and on one of them I get a fatal error when enable the checkmark "Enable I... Lars Juul
05:17 PM Bug #4389: gif0 tunnel for ipv6 using a carp-ip to the outside world stops working upon reboots and some config changes: Ok, reverted a test vm to factory defaults, then configured a simplified setup again it shows the same problem.
Sa... Pi Ba
02:21 PM Bug #4389: gif0 tunnel for ipv6 using a carp-ip to the outside world stops working upon reboots and some config changes: Can you provide your config.xml to have a way to reproduce this normally it should work as expected! Ermal Luçi
02:32 PM Bug #4401: remove xen netfront driver until it can handle altq: XN driver does not support ALTQ at all though it should not be hard to implement it.
Ermal Luçi
06:21 AM Bug #4401 (Rejected): remove xen netfront driver until it can handle altq: Since 2.2 (freeBSD 10.1) pfsense always detect xen on booting and uses pv(hvm) drivers (xn#).
xn0 is unusable withou... Grischa Zengel
02:20 PM Bug #4370: ntpd does nothing with selected carp interfaces.: Applied in changeset commit:1ee360aaa9176d3287a7099abd47f95c4464ac23. Ermal Luçi
02:20 PM Bug #4370 (Feedback): ntpd does nothing with selected carp interfaces.: Applied in changeset commit:51e76899e66360dc9d8e35f68282c54ccd9a4759. Ermal Luçi
02:00 PM Bug #4329: OpenVPN Server returns an error message while validating selfsigned certificate with a deep of 2: Applied in changeset commit:22bca296dc3777bb872c7be460f09c3ff1177994. Ermal Luçi
02:00 PM Bug #4329: OpenVPN Server returns an error message while validating selfsigned certificate with a deep of 2: Applied in changeset commit:ed56ce5a1d12b5a065e2c375a182adc1b2d8f91d. Ermal Luçi
01:46 PM Bug #4329 (Feedback): OpenVPN Server returns an error message while validating selfsigned certificate with a deep of 2: Ok i pushed the proper fix for this.
Can you confirm it works for you as well? Ermal Luçi
01:58 PM Bug #4363 (Feedback): gpioapu causes kernel panic at boot on some hardware: gpioapu corrected to avoid comparison with NULL in strncmp. Ermal Luçi
01:50 PM Bug #4397: MTU must be set in same ifconfig command as IP: Applied in changeset commit:afb388159bc5a55d784404411ef1a7c7d22625a5. Ermal Luçi
01:50 PM Bug #4397: MTU must be set in same ifconfig command as IP: Applied in changeset commit:1ac5261fb0c96764526beb4d9928b9300094ac3e. Ermal Luçi
01:40 PM Bug #4397 (Feedback): MTU must be set in same ifconfig command as IP: I pushed a fix which make it work for me.
Can you please confirm?
Normally it is not necessary to have the mtu on... Ermal Luçi
01:41 PM Bug #4268 (Feedback): changes in strongswan config don't apply to SAD or SPD: For me this should be closed.
Setting in feedback for now. Ermal Luçi
01:02 PM Feature #3387: process_alias_urltable Frequency: rc.update_urltables accepts the parameter argv[1], and looks for the option now.
I've put in my crontab... Dave Minogue
11:39 AM Bug #2800: OpenVPN doesn't work properly with intermediate/chained CAs: Same broken behaviour in 2.2.
Adding the Root CA certificate to the Intermediate CA's certificate in System: Certi... Bernd Zeimetz
10:50 AM pfSense Packages Bug #4281 (Feedback): E-Mail Reports (mailreports package) Error With Multiple Graphs: Applied in changeset commit:b852b5cd883b3d059bc3744fc7b130531a5f20ed. Bryce Chidester
10:38 AM Bug #4393 (Feedback): syslogd stops and fails to restart during boot in some cases: I set the log file size low and ran some tests and still couldn't make it crash.
If someone else finds syslogd cra... Jim Pingle
08:13 AM Bug #4393: syslogd stops and fails to restart during boot in some cases: It looks like this fixed my issue. I had the log size set to 8192 thinking that it was in KB and realized that the f... Adam Esslinger
09:28 AM Bug #4402 (Resolved): Unbound: enable harden-glue by default and/or apply patch: DNS poisoning seems to be possible under 2.2 according to https://forum.pfsense.org/index.php?topic=87491.0.
Fix: ... Olivier Müller
09:09 AM Feature #4400: allow aliases to enter *.domain.com to block all subdomains: well one way possible would be to set domain overrides in dns resolver but the problem there is the override applies ... Bipin Chandra
08:52 AM Feature #4400 (Rejected): allow aliases to enter *.domain.com to block all subdomains: That is not possible. Entries must be resolved accurately to have their addresses placed into a table. There is no wa... Jim Pingle
05:56 AM Feature #4400 (Rejected): allow aliases to enter *.domain.com to block all subdomains: it would be better if aliases allowed to enter a * before domain in order to block all different subdomain ips for a ... Bipin Chandra
08:32 AM Bug #4392: OpenVPN daemon crashing with ath(4) card installed: the same instance is not always affected...its 2 of the 3 that have the issue. So I would log into the GUI and notic... Adam Esslinger
07:57 AM Todo #4353: Review IPsec reloading when strongswan.conf is changed: Yeah i have done this for mobile settings and some reports from the forum where the settings were not updated.
I w... Ermal Luçi
05:34 AM Bug #4371 (Feedback): Re-enable suhosin: It was re-enabled in 2012 in commit:c25197ba, is there anything else still missing? Renato Botelho
04:34 AM Revision 5ece44f7: touch up Unbound text: Chris Buechler
04:34 AM Revision 74ab379d: touch up Unbound text: Chris Buechler
04:33 AM Revision ccdaaec6: Update Unbound defaults: Chris Buechler
04:31 AM Feature #4399 (Closed): Expose more of the DNSSEC-related hardening options in the GUI: harden-referral-path - hardcoded to no in unbound.inc ATM; any very good reason for this? (Yeah, I did read the manpa... Kill Bill
04:28 AM Revision ef120e87: Update Unbound defaults: Chris Buechler
03:13 AM Bug #4398: Userlist - No sorting anymore: And what is this checkbox for in the first column?
You can select multiple users and then delete them with 1 click (... Phillip Davis
02:18 AM Bug #4398 (Resolved): Userlist - No sorting anymore: The Userlist in pfSense was changed in Version 2.2. Now there is no option sorting the user by name. Before a doublec... Stefan Flügger
12:36 AM Revision fb64f3aa: also add v6 IPs to hosts in the same manner v4 IPs are added. Ticket #4395: Chris Buechler
12:10 AM Revision f7dddc86: also add v6 IPs to hosts in the same manner v4 IPs are added. Ticket #4395: Chris Buechler

02/09/2015

11:52 PM Bug #4397 (Resolved): MTU must be set in same ifconfig command as IP: Where MTU on an interface is user-defined, the ifconfig command that assigns the IP and IPv6 addresses must include t... Chris Buechler
11:22 PM Feature #3199 (Resolved): Option to accumulate or not IP addresses in Alias table of FQDNs: this was done in 2.2-RELEASE (can't set that as target since it's closed). Chris Buechler
09:08 PM Todo #4353 (Confirmed): Review IPsec reloading when strongswan.conf is changed: this is excessive in at least some circumstances. The restart flushes the SAD so it will cause at least a brief outag... Chris Buechler
08:22 PM Revision 3d5e8dce: Use appropriate interface field description when working with floating rules, it was confusing and potentially incorrect for floating rule purposes.: Chris Buechler
08:20 PM Revision 758b51a0: Use appropriate interface field description when working with floating rules, it was confusing and potentially incorrect for floating rule purposes.: Chris Buechler
06:36 PM Bug #4395 (Feedback): /etc/hosts doesn't contain any local IPv6 addresses: it's always just put v4 in there, I added v6 in the same manner if it exists. Chris Buechler
09:19 AM Bug #4395 (Resolved): /etc/hosts doesn't contain any local IPv6 addresses: ... Armin Tueting
05:48 PM pfSense Packages Bug #3344: Disable IPV6 Squid3 not run: the likely reason for this is your squid3 config requiring communication with localhost, and it picking v6 to try to ... Chris Buechler
02:50 PM pfSense Packages Bug #4391: Status | Services | nrpe2 | restart does not restart nrpe: Applied in changeset pfsense-packages:commit:909f0dfd8a1efc99c8392423123fdc0b3d88ffea. Renato Botelho
12:30 PM pfSense Packages Bug #4391 (Feedback): Status | Services | nrpe2 | restart does not restart nrpe: Applied in changeset pfsense-packages:commit:11375fe3e8826e02f7a5bec1f6a2d743060dbd76. Renato Botelho
01:22 PM pfSense Packages Bug #4386 (Closed): softflowd not generating flow data on pfsense 2.2: This doesn't seem to be anything specific to our package, but softflowd on FreeBSD 10.x (and likely 9.x) in general. ... Jim Pingle
12:26 PM Bug #4396: Lengthy unbound outage during restart when adding static DHCP leases: Update:
Affected version: 2.2 Release Elliott Quarles
12:22 PM Bug #4396 (Duplicate): Lengthy unbound outage during restart when adding static DHCP leases: When updating static DHCP leases the call to services_unbound_configure on the services_dhcp page causes a full rebui... Elliott Quarles
12:21 PM pfSense Packages Feature #4394: HAproxy and use ACLs from UI to perform a "block"/"http-request deny": In the new >=0.17 package acl's are written before the user custom config, so acl's should be usable.
As for adding ... Pi Ba
12:10 PM pfSense Packages Bug #4324: HAproxy and SSL client certificate validation: There is no public 'development' repository to install developing packages from, however the official package reposit... Pi Ba
11:22 AM Revision 2b704ea9: Merge pull request #1469 from makkbe/master: Renato Botelho
11:21 AM Bug #4307 (Feedback): bacula-fd configuration is mangled: I just pushed a fix, there were some path issues in the config and startup script and such.
Seems to work OK here ... Jim Pingle
09:50 AM Revision 936bfd84: make computation of start of DHCPv6 range consistent with actual check: When computing the start IP for the 'available range' field,
services_dhcpv6.php attempts to increment a colon-format... Daniel Becker
09:49 AM Revision 09c7e42c: fix Net_IPv6::compress() to properly handle all-zeros address: The existing implementation of Net_IPv6::compress produces an empty
string when compressing the all-zeros ("::") addr... Daniel Becker
09:48 AM Revision 8fd42722: add dhcp6.name-servers option with DHCPD-PD regardless of PD length: The existing code only includes a v6 name server IP in the
automatically generated dhcpdv6 configuration for tracking... Daniel Becker

02/08/2015

09:33 PM Bug #4392 (Feedback): OpenVPN daemon crashing with ath(4) card installed: to get that log it has to be 2.2-something, I presume this is 2.2-RELEASE. Chris Buechler
09:33 PM Bug #4392: OpenVPN daemon crashing with ath(4) card installed: is it the same instance that's affected every time?
The log "OpenVPN ID server1 PID 22206 still running, killing"... Chris Buechler
07:41 PM Bug #4392 (Closed): OpenVPN daemon crashing with ath(4) card installed: I have OpenVPN with tunnels between 3 locations. Almost every day Ill look at the dashboard and it will show one on ... Adam Esslinger
09:03 PM pfSense Packages Bug #4324: HAproxy and SSL client certificate validation: Quick question, what is the proper way to install a development package?
The interface only allows me to install up ... Stéphane Lapie
09:02 PM pfSense Packages Feature #4394 (Resolved): HAproxy and use ACLs from UI to perform a "block"/"http-request deny": HAproxy currently allows to define ACLs to redirect to specific backends, and to define several frontend -> backend r... Stéphane Lapie
08:12 PM Bug #4393: syslogd stops and fails to restart during boot in some cases: This typically happens when you have a corrupted log file. The first attempted write to said log file will crash sysl... Jim Pingle
08:00 PM Bug #4393 (Resolved): syslogd stops and fails to restart during boot in some cases: Sometimes after rebooting syslogd shows that it has crashed. Rebooting usually fixes the issue. Here is what I see i... Adam Esslinger
06:31 PM pfSense Packages Bug #4391: Status | Services | nrpe2 | restart does not restart nrpe: I have since done a kill -TERM and then reloaded: /status_services.php?mode=restartservice&service=nrpe2
This star... Dan Langille
06:28 PM pfSense Packages Bug #4391: Status | Services | nrpe2 | restart does not restart nrpe: What's in /var/run/nrpe2.pid ? Is the the current PID? If you killall -9 nrpe2; rm /var/run/nrpe2.pid, and then star... Jim Pingle
06:17 PM pfSense Packages Bug #4391 (Resolved): Status | Services | nrpe2 | restart does not restart nrpe: On pfSense 2.2, I am unable to restart nrpe2
I click through: Status | Services | nrpe2 | restart service.
The ... Dan Langille
02:00 PM Bug #4390 (Resolved): Cannot create an IP alias on a CARP interface where the actual Interface address is in a different network: I have configured the WAN IP addresses to be private addresses (i.e. in the 10.0.254.0/30 network) so that I can pres... Xuridisa Support
10:58 AM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic: Nope! Stays at 0 throughout.... Adam Hirsch
02:38 AM Bug #3395: DHCPv6 client pass rules need to come before bogons: Yes, this yet again got broken. Kill Bill

02/07/2015

10:26 PM Bug #3395: DHCPv6 client pass rules need to come before bogons: I am experiencing this issue with v2.2. Rules look like this:... Paul K
06:07 PM Bug #4389 (Resolved): gif0 tunnel for ipv6 using a carp-ip to the outside world stops working upon reboots and some config changes: gif0 tunnel for ipv6 using a carp-ip to the outside world stops working upon reboots and some config changes
I fou... Pi Ba
06:04 PM pfSense Packages Bug #4388 (Duplicate): Squid exits when listening on port 800: Squid 3.4.10_2 pkg 0.2.6 running on 2.2 Release AMD64
After changing the port that the proxy listens on from 3128 to... Vincent Bentley
06:02 PM pfSense Packages Bug #4324: HAproxy and SSL client certificate validation: Could you checkout 0.17 package?(or perhaps 0.18) I've changed the 'none' CA to a separate checkbox which probably ma... Pi Ba
05:03 PM Bug #4387 (Resolved): Installer does not offer choices for keymap, screenmap or video font: The 2.2 Release AMD64 CD Installer does not provide any choices for keymap, screenmap or video font. Only '(default)'... Vincent Bentley
01:08 PM pfSense Packages Bug #4386 (Closed): softflowd not generating flow data on pfsense 2.2: I used to run pfsense 2.1 on several machines, all of which sent NetFlow data to a PRTG collector without any problem... Max Frames
12:57 PM Bug #4385 (Rejected): hostname dots: that is by design because of how it's used for registration of static mappings in the DNS Resolver/Forwarder. Allowin... Chris Buechler
07:07 AM Bug #4385: hostname dots: Uh. No.
http://tools.ietf.org/html/rfc952
http://tools.ietf.org/html/rfc1123#page-13
etc. etc. etc. Kill Bill
05:56 AM Bug #4385 (Rejected): hostname dots: 2.2-RELEASE (amd64), built on Thu Jan 22 14:03:54 CST 2015, FreeBSD 10.1-RELEASE-p4
This might seem like a feature... Wouter Snels
04:28 AM Revision 6d5d9658: fix up text: Chris Buechler
04:28 AM Revision 5cb2a425: fix up text: Chris Buechler

02/06/2015

10:32 PM Bug #4384 (Resolved): missing input validation in captive portal: services_captiveportal.php is missing input validation that allows creating invalid configurations, including ones th... Chris Buechler
05:12 PM pfSense Packages Bug #3344: Disable IPV6 Squid3 not run: Gilmar Cabral You are right man, your post helped me today means after one year you posted it...
i have been in thi... Malik Mazhar
04:07 AM Bug #4383 (Resolved): Firewall log contains IGMP for rules that do not have logging on: Example: https://forum.pfsense.org/index.php?topic=88029.msg486945#msg486945
Phillip Davis

02/05/2015

09:09 PM Revision e4610d66: remove CGN from "Block private networks" as it was in 2.0x and earlier: releases since it specifically notes RFC 1918 and CGN is more bogon.
Ticket #4379 Chris Buechler
07:47 PM Revision 2dfe7846: remove CGN from "Block private networks" as it was in 2.0x and earlier: releases since it specifically notes RFC 1918 and CGN is more bogon.
Ticket #4379 Chris Buechler
07:41 PM Revision bb8a30c2: Fixes #4381 this was a leftover of the change of zoneids to start from 2.: Ermal Luçi
07:41 PM Revision 8b4c7ed1: Fixes #4381 this was a leftover of the change of zoneids to start from 2.: Ermal Luçi
05:16 PM Bug #4379: Remove CGN (RFC6598) address space from "private networks": Yes, of course. I think we don't understand each other. I can trivially create a RFC1918 alias and place that rule wh... Kill Bill
05:09 PM Bug #4379: Remove CGN (RFC6598) address space from "private networks": Bogons and block private only applies to traffic sourced on the WAN in question. Where you're on CGN, you pretty much... Chris Buechler
05:01 PM Bug #4379: Remove CGN (RFC6598) address space from "private networks": I'm not using either of these, so I pretty much don't care either way, but... fixing the description and nuking this ... Kill Bill
03:08 PM Bug #4379 (Resolved): Remove CGN (RFC6598) address space from "private networks": since block private specifically says RFC 1918, it's more valid as bogon than private, I removed it from private. Chris Buechler
12:34 PM Bug #4379 (Resolved): Remove CGN (RFC6598) address space from "private networks": No need to filter this in both places, this is really the same thing like RFC1918 ranges.
Forum thread: https://fo... Kill Bill
02:52 PM Revision 20078775: Merge pull request #1458 from xbipin/patch-4: Renato Botelho
02:19 PM Feature #4382 (Resolved): Add syslogd as a service under Status > Services: As requested at Bug #4380 - currently there's no way to track the status of syslogd service and/or start/stop/restart... Kill Bill
01:55 PM pfSense Packages Bug #4380: syslogd missing from Service Watchdog: Not a bug per se but a feature request. You can submit a feature request to add syslogd as a service under Status > S... Jim Pingle
01:52 PM pfSense Packages Bug #4380: syslogd missing from Service Watchdog: Yes, so it's not a problem with the package, but with the base system. Should I file the bug about the same thing und... Kill Bill
01:40 PM pfSense Packages Bug #4380: syslogd missing from Service Watchdog: It was rejected because it's not the purpose of this package to track the services itself. The services are defined b... Jim Pingle
01:31 PM pfSense Packages Bug #4380: syslogd missing from Service Watchdog: Kinda don't get why is this rejected. (Oh, and please, don't get me started with "delete the logs", not interested in... Kill Bill
01:27 PM pfSense Packages Bug #4380 (Rejected): syslogd missing from Service Watchdog: It uses the service list provided by the firewall. Same as Status > Services. Adding a service just to the package wo... Jim Pingle
01:20 PM pfSense Packages Bug #4380 (Rejected): syslogd missing from Service Watchdog: No idea why it's not there. Certainly would be nice to have it when things go wrong, such as Bug #4352 or https://for... Kill Bill
01:50 PM Bug #4381: Bring back the automatic captive portal pass rule to allow users to reach lighttpd on the proper captive portal port: Applied in changeset commit:bb8a30c23b04d8332e8d4fccf15ed91d950cda2b. Ermal Luçi
01:50 PM Bug #4381 (Feedback): Bring back the automatic captive portal pass rule to allow users to reach lighttpd on the proper captive portal port: Applied in changeset commit:8b4c7ed15cdde2e49cfce5f96990ba1dbb2a9fd0. Ermal Luçi
01:37 PM Bug #4381: Bring back the automatic captive portal pass rule to allow users to reach lighttpd on the proper captive portal port: Update:
The rule is there but broken, pointing to the wrong port numbers, for example:
/tmp/rules.debug has:
<... Jim Pingle
01:31 PM Bug #4381 (Resolved): Bring back the automatic captive portal pass rule to allow users to reach lighttpd on the proper captive portal port: pfSense 2.1.x had an automatic captive portal pass rule to allow users to reach the portal daemon, this automatic rul... Jim Pingle
01:14 PM Bug #4341: strongSwan fails to re-attach dynamic IPs where interfaces_use specified: Same issue using a DHCP wan with Kabeldeutschland Cable ISP using a dynamic IP and the other node using a PPP wan wit... Jan-Hendrik Wittke
01:09 PM Bug #4341: strongSwan fails to re-attach dynamic IPs where interfaces_use specified: Same issue one Box using a PPP wan with O2/Alice ISP using a dynamic IP and other Box using DHCP with Kabeldeutschlan... Jan-Hendrik Wittke
10:10 AM Revision ec1d66cc: Use web-gui setting for pap or chap instead of having it hard-coded to chap.: Sebastian Öhman
10:10 AM Revision 42c57d69: Merge pull request #1472 from bassebaba/master: Renato Botelho
09:48 AM Revision 8f637a0c: Merge pull request #1455 from xbipin/patch-2: Renato Botelho
09:41 AM Revision d06f9ebe: Use web-gui setting for pap or chap instead of having it hard-coded to chap.: Sebastian Öhman
09:11 AM Revision ee874f47: remove empty values: remove empty values Bipin Chandra
08:59 AM Bug #3997: get_interface_ip() returns first IP on interface, not necessarily primary IP: Oh, and bridges and gateway config: https://gist.github.com/MikeN123/22d50fa3d37834b9659a Mike Noordermeer
08:56 AM Bug #3997: get_interface_ip() returns first IP on interface, not necessarily primary IP: Interfaces config, slightly censored: https://gist.github.com/MikeN123/009bc5fb76347663e448
Virtual IP config, sli... Mike Noordermeer
07:39 AM Bug #3997: get_interface_ip() returns first IP on interface, not necessarily primary IP: Can you share your interfaces config or all of it so i can replicate that? Ermal Luçi
04:33 AM Bug #3997: get_interface_ip() returns first IP on interface, not necessarily primary IP: 2.1.5 and 2.2.0. After reboot the VIP becomes the primary IP, and all outbound traffic and firewall rules referencing... Mike Noordermeer
04:31 AM Bug #3997: get_interface_ip() returns first IP on interface, not necessarily primary IP: On which scenario and which version this happens? Ermal Luçi
03:57 AM Bug #3997: get_interface_ip() returns first IP on interface, not necessarily primary IP: Just FYI, I have a bridge interface with x.x.x.106 as primary IP, and an IP alias x.x.x.105. This fails consistently,... Mike Noordermeer
07:57 AM Bug #4378 (Resolved): editing one of multiple pppoe connections with dial on demand enabled changes port assignment: Where you have dial on demand enabled on PPPoE, and have multiple PPPoE connections, saving on interfaces.php after m... Bipin Chandra
07:51 AM Bug #4377 (Rejected): pfSense boot freezes after restart in QEMU/KVM: pfSense virtual machine freezes after reboot at
@usbus0: 12Mbps Full Speed USB v1.0@
qemu proc contains :
@-... Stanislav Yanchev
06:29 AM pfSense Packages Bug #4376 (Closed): Squid3 Squidguard3 Stability Problems: Hi
Pfsense.2.2 also squid3 3 the stability and squidGuard3 squidGuard3 is experiencing problems, especially after 3... Landforces turkuaz
05:41 AM Revision b997da8b: upgrade config: upgrade config code so old entries not lost during upgrade Bipin Chandra
04:47 AM Revision e5e3216e: Add RTMP to the Traffic Shaper: Talyrius Bekhesh
03:53 AM Bug #4375: Kernel Crash: So solution is disable acpi in bios ? or what we can do. N.Selim GUNER
02:26 AM Bug #4375: Kernel Crash: I think this is because of acpi being enabled by default now. Ermal Luçi
01:19 AM Bug #4375: Kernel Crash: Jetway Mini ITX NF9D 2550 Board N.Selim GUNER
01:16 AM Bug #4375 (Rejected): Kernel Crash: Upgrading 2.1.5 or new install same crash. N.Selim GUNER
03:38 AM Bug #4266: Rekeying issues with IKEv1 and multiple P2s under some circumstances: Also this issue on redmine https://wiki.strongswan.org/issues/431 recommends reauth = no for IKEv2 for IKEv1 not sure... Ermal Luçi
03:34 AM Bug #4266: Rekeying issues with IKEv1 and multiple P2s under some circumstances: Also looking at this thread http://comments.gmane.org/gmane.network.vpn.strongswan.user/2055
It can be a solution to... Ermal Luçi
02:53 AM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic: Does net.inet.ip.dummynet.io_pkt_drop increase during this time? Ermal Luçi
12:43 AM Feature #4374 (New): Add timestamps to notification e-mails: It would sometimes be useful to have timestamps in the body of the e-mail itself. E-Mail transmission is not always r... Michel Zehnder
12:42 AM pfSense Packages Bug #4373: pfBlockerNG: IPv4 aliases are not preserved when upgrading package: Ah, my bad. I got used to original pfBlocker and it's behavior ... didn't expected it to change. Thanks for clarifica... Dmitriy K

02/04/2015

06:23 PM Revision cdcf197b: Fixed not being able to save custom and custom-v6 dyndns: entries due to "host" being posted empty, and thus failing
is_domain() check. Tuyan Ozipek
06:23 PM Revision 68f7662b: Merge pull request #1466 from tuyan/master: Renato Botelho
06:22 PM Revision a912dd7d: Firmware upgrade script text changes: while I am looking at this, might as well correct these.
No function problems or impact. Phil Davis
06:22 PM Revision 13685ab5: Merge pull request #1470 from phil-davis/patch-1: Renato Botelho
06:07 PM Bug #4149: Register DHCP leases in DNS forwarder broken: Now on 2.2, the bug is still present:
Feb 4 20:40:44 dhcpd: Unable to add forward map from linehead.ozone.caligrafi... Anonymous
05:38 PM Revision 62657a7f: Fix restartipsec command line script.: Jim Pingle
05:36 PM Revision 01f3438e: Fix restartipsec command line script.: Jim Pingle
02:46 PM Revision 68716545: Fixes #3669 Handle properly recording of the ipv6 interface new ip and do not issues commands that cannot succeed.: Ermal Luçi
02:46 PM Revision 322cc018: Fixes #3669 Handle properly recording of the ipv6 interface new ip and do not issues commands that cannot succeed.: Ermal Luçi
12:46 PM pfSense Packages Bug #4373: pfBlockerNG: IPv4 aliases are not preserved when upgrading package: This is not a bug.
The text beside the pfBlockerNG Enable Checkbox in the General Tab, is as follows
*"Note - w... BBcan177 .
03:12 AM pfSense Packages Bug #4373 (Resolved): pfBlockerNG: IPv4 aliases are not preserved when upgrading package: After upgrading 1.01 to 1.02 I've lost all IPv4 tab aliases. Dmitriy K
10:27 AM Bug #4344: package (re)installation loop after upgrading from 2.1.5-RELEASE to 2.2-RELEASE: *FYI*
there's another package that was reported as unable to be 100% reinstalled after the upgrade procedure from 2.... Vinícius Zavam
10:20 AM Bug #4344: package (re)installation loop after upgrading from 2.1.5-RELEASE to 2.2-RELEASE: Vinícius Zavam wrote:
> *Piba-NL*'s (##pfsense@freenode) pointed out that would be nice to try this procedures:
> *... Vinícius Zavam
10:14 AM Revision 1f97f379: In last case, use dmesg.boot do detect ALIX boards when hw.model is not enough: Renato Botelho
10:14 AM Revision 6d043a1d: In last case, use dmesg.boot do detect ALIX boards when hw.model is not enough: Renato Botelho
09:52 AM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic: I can verify that turning off reply-to doesn't seem to make a difference, here:
The rule:... Adam Hirsch
09:43 AM Revision 0fcf26e4: Silent kenv when smbios.system.product is not present. While here, add VirtualBox to the list of virtualenvs: Renato Botelho
09:43 AM Revision 7e36f71c: Silent kenv when smbios.system.product is not present. While here, add VirtualBox to the list of virtualenvs: Renato Botelho
09:00 AM Bug #3669: WAN IPs not being cached causing unnecessary "rc.start_packages: Restarting/Starting all packages": Applied in changeset commit:68716545c5fde880d7a22cd9b13b901d01ccb561. Ermal Luçi
09:00 AM Bug #3669: WAN IPs not being cached causing unnecessary "rc.start_packages: Restarting/Starting all packages": Applied in changeset commit:322cc0188107e8b8ca912511915e71334fe4089b. Ermal Luçi
08:45 AM Bug #3669 (Feedback): WAN IPs not being cached causing unnecessary "rc.start_packages: Restarting/Starting all packages": Thank you for the persistence.
Merged a better/modified version of the fix suggested here. Ermal Luçi
02:18 AM Revision 695b6d08: Firmware upgrade script text changes: while I am looking at this, might as well correct these.
No function problems or impact. Phil Davis

02/03/2015

11:21 PM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic: I haven't had a chance to get back to testing this scenario yet, but will soon. Seems like it may not be specific to ... Chris Buechler
10:39 PM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic: Have we confirmed if having reply-to enabled or disabled affects if the limiter works correctly? As well, what about... Travis Kreikemeier
09:48 PM pfSense Packages Bug #4282 (Resolved): Vnstat2 1.11 Does Configuration Parser Error: thanks for the confirmation Paul, and Jim and Bryce for fixing. Others have confirmed fixed as well. Chris Buechler
07:57 PM pfSense Packages Bug #4282: Vnstat2 1.11 Does Configuration Parser Error: Tested on v2.2 amd64 full install.
Removed existing version, made sure nothing but settings are left behind and in... Paul K
02:24 PM pfSense Packages Bug #4282 (Feedback): Vnstat2 1.11 Does Configuration Parser Error: Update the package and try again, I pushed some fixes earlier today. It works for me in testing here. Jim Pingle
08:10 PM Feature #4372 (Closed): dnscrypt support: It'd be nice to have dnscrypt support built-in so people don't need hacks like
https://docs.google.com/document/d/1B... Chris Buechler
08:07 PM Bug #4371 (Resolved): Re-enable suhosin: We had to drop suhosin when moving to PHP 5.4 as it wasn't compatible at the time and its development had stalled. Th... Chris Buechler
07:25 PM Revision f8b5f41d: Merge remote-tracking branch 'upstream/master': McB
07:21 PM Revision 68fde79c: Fixed alignment issue.: McB
07:17 PM Revision 197cf433: Added DynDNS support for GleSYS API (www.glesys.com).: McB
06:54 PM Revision 98b3de78: fix responder-only IPsec text: Chris Buechler
06:54 PM Revision d7f4c1a4: fix responder-only IPsec text: Chris Buechler
04:44 PM Bug #4310 (Feedback): Limiters + HA results in hangs on secondary: Patch committed. Ermal Luçi
04:31 PM Bug #4370 (Resolved): ntpd does nothing with selected carp interfaces.: ntpd does nothing with selected carp interfaces.
When only carp ip's are selected for ntpd to listen on the config '... Pi Ba
10:44 AM Bug #4344: package (re)installation loop after upgrading from 2.1.5-RELEASE to 2.2-RELEASE: *Piba-NL*'s (##pfsense@freenode) pointed out that would be nice to try this procedures:
* clear installation's lock;... Vinícius Zavam
08:14 AM pfSense Packages Bug #4369 (Resolved): patch fetching doesn't work if pfsense is behind proxy: Hello,
while i was testing a patch (Bug #4238) i noted that the fetch doesn't work.
Issuing a packet caputure while... Anonymous
07:25 AM Feature #809: Config sync username change: The bug is still here in version 2.2 64bit.
The "Remote System Username" field into Firewall->Virtual IP->CARP Set... Antoine Rodriguez
03:32 AM Revision adf17d4f: fix text: Chris Buechler
03:32 AM Revision e829fcbb: fix text: Chris Buechler
02:51 AM pfSense Packages Feature #4368 (Closed): [Unbound] Allow customized root.hints: ... Armin Tueting
12:02 AM pfSense Packages Bug #4324: HAproxy and SSL client certificate validation: Just reporting another little very minor thing, I am testing the latest version for which you added ACL negation and ... Stéphane Lapie

02/02/2015

08:55 PM Bug #4367: Incorrect rrset-cache-size in unbound.conf: unbound.conf is generated by back-end code in /etc/inc/unbound.inc
Search for rrset_cache_size and rrset-cache-siz... Phillip Davis
04:43 PM Bug #4367 (Resolved): Incorrect rrset-cache-size in unbound.conf: In /usr/local/www/services_unbound_advanced.php is missing code responsible for setting correct value for rrset-cache... Juraj Binka
07:36 PM Revision bfcb1e4a: Allow IPseec clients to properly connect and not stomp over each other. Reported-by https://forum.pfsense.org/index.php?topic=87980.0: Ermal Luçi
07:36 PM Revision 034a23f0: Allow IPseec clients to properly connect and not stomp over each other. Reported-by https://forum.pfsense.org/index.php?topic=87980.0: Ermal Luçi
07:28 PM pfSense Packages Bug #4324: HAproxy and SSL client certificate validation: No, I haven't. In my production settings, I am only using "ssl_c_used" since I can guarantee for sure we are in a TLS... Stéphane Lapie
06:02 PM pfSense Packages Bug #4324: HAproxy and SSL client certificate validation: Thanks for reporting this, my suspicion is that 'ssl_c_used ssl_c_verify 0' would be enough for all cases.
Have yo... Pi Ba
05:28 PM Revision 4520b2d2: Fix aliases popup width when fields are hidden when page is loaded. It should fix #4238: Renato Botelho
05:28 PM Revision 6672609b: Fix aliases popup width when fields are hidden when page is loaded. It should fix #4238: Renato Botelho
04:46 PM Revision cd214f4b: Properly calculate the 6rd default gateway honoring netmasks other than /32: Ermal Luçi
04:46 PM Revision 5e964cfd: Properly calculate the 6rd default gateway honoring netmasks other than /32: Ermal Luçi
03:51 PM Feature #4366: Namecheap Dynamic DNS updates fail on subdomain formatted domains: Formatting removed the {@} symbol
{@}.sub.domain.com Trel S
03:48 PM Feature #4366 (Resolved): Namecheap Dynamic DNS updates fail on subdomain formatted domains: The domain in question is in the format
sub.domain.com
I need to update the @ record for this domain.
So, it's b... Trel S
03:46 PM Revision f2b769d0: Fixed not being able to save custom and custom-v6 dyndns: entries due to "host" being posted empty, and thus failing
is_domain() check. Tuyan Ozipek
01:19 PM Revision 315d866c: Merge remote-tracking branch 'origin/master': Sjon Hortensius
11:37 AM Bug #4365 (Resolved): ALTQ Traffic Shaping is not working in pfSense 2.2 when run on Hyper-V 2012 R2: Using pfSense 2.2 release on Hyper-V 2.2 with regular network adapters (not legacy adapters), HFSC queues can be set ... Aaron Smith
11:30 AM Bug #4238: Firewall rule: source port display issue: Applied in changeset commit:4520b2d2b70caa48813f73f89ef5b9c942ea5b25. Renato Botelho
11:30 AM Bug #4238 (Feedback): Firewall rule: source port display issue: Applied in changeset commit:6672609b90a8e60a13ca471a3ad3e054eca542bd. Renato Botelho
11:28 AM Revision c6c71b36: fix indent: fix indent Bipin Chandra
10:08 AM Bug #3669 (New): WAN IPs not being cached causing unnecessary "rc.start_packages: Restarting/Starting all packages": Let me double check this issue again. Ermal Luçi
05:11 AM Bug #3669: WAN IPs not being cached causing unnecessary "rc.start_packages: Restarting/Starting all packages": Whilst this ticket has been marked resolved, the second part of the fix relating to /etc/rc.newwanipv6 has never been... David Burns
09:01 AM Revision 1c4540dc: Ticket #4353 fix typo on unset var spotted-by: Phil Davis: Ermal Luçi
09:01 AM Revision 42275e69: Ticket #4353 fix typo on unset var spotted-by: Phil Davis: Ermal Luçi
07:56 AM Revision b82159a6: Unbound domain override IP:port validation: The domain override is IP:port is invalid if either the IP address OR port is invalid.
Previously you could put an in... Phil Davis
07:56 AM Revision e67c5bee: Merge pull request #1457 from phil-davis/patch-2: Renato Botelho
07:55 AM Revision 2cf35754: speedup 'function is_port($port)' speed by skipping calls to getservbyname when possible: Pi Ba
07:55 AM Revision 2b8353ba: Merge pull request #1459 from PiBa-NL/speedup_is_port: Renato Botelho
07:54 AM Revision 87549136: Remove latin-1 encoding of RSS feed: Many thanks to Gertjan in forum https://forum.pfsense.org/index.php?topic=87504.msg484017#msg484017
Specifically sett... Phil Davis
07:54 AM Revision b2b1822b: Merge pull request #1465 from phil-davis/patch-1: Renato Botelho
07:00 AM Bug #4364 (Duplicate): cannot change or set keymap during and after install: No keymap file is present on pfsense 2.2 64bit so, when installing : no keymap selection is available.
After havin... Antoine Rodriguez
06:41 AM Bug #4362 (Resolved): RSS widget - broken character encoding due to forcing latin-1: Renato Botelho
06:00 AM Bug #4362: RSS widget - broken character encoding due to forcing latin-1: This is fixed with rev. 87549136 / rev. 8820a3aa close please. Kill Bill
03:55 AM Bug #4274: Marking a packet with only a number results in a broken rule: Just wanted to say I've verified this works. Thanks so much for the quick response. Jonathan Dieter
02:40 AM Revision 8820a3aa: Remove latin-1 encoding of RSS feed: Many thanks to Gertjan in forum https://forum.pfsense.org/index.php?topic=87504.msg484017#msg484017
Specifically sett... Phil Davis

02/01/2015

08:12 PM Bug #4363 (Resolved): gpioapu causes kernel panic at boot on some hardware: At least two people have reported issues with 2.2-RELEASE not booting on their hardware, stopping with a kernel panic... Chris Buechler
03:28 PM Bug #4297: Squid unable to listen on port inferior to 1024: Chris,
This is a bug and you can see in the forums that other users are having the same problem.
Yes, I do need t... Rody Lopez
11:55 AM Revision 0453eb6e: Converted Misc & Notifications: Sjon Hortensius
11:22 AM pfSense Packages Bug #4282: Vnstat2 1.11 Does Configuration Parser Error: It's just waiting on one of use to have enough time to test it to make sure it works and also doesn't break 2.1.x. Jim Pingle
01:08 AM pfSense Packages Bug #4282: Vnstat2 1.11 Does Configuration Parser Error: me too agree its completely broken and the patch provided by bryce needs to be merged Bipin Chandra
10:44 AM Revision f9a9fb78: Converted system_advanced_network: Sjon Hortensius
10:29 AM Revision 9aa48e62: Select - update name to name[] when multiple=true: Sjon Hortensius
10:28 AM Revision 4b6f8c8d: updated last incorrect _POST references: Sjon Hortensius
09:45 AM Feature #4354: Allow dpinger to ping more than one destination for a gateway.: I've got 2 poor internet connections and use apinger to switch as need be and as of 2.2rc this is no longer a reliabl... Michael Kellogg
05:08 AM Feature #4354: Allow dpinger to ping more than one destination for a gateway.: we're probably going to re-write apinger for 2.3 Jim Thompson
04:59 AM Feature #4354: Allow dpinger to ping more than one destination for a gateway.: See feature request https://redmine.pfsense.org/issues/1189
Various people have discussed this over the years - nobo... Phillip Davis
07:33 AM Revision 63072a7f: need $g here so product_name is set in user agent: Chris Buechler
07:33 AM Revision b051f148: need $g here so product_name is set in user agent: Chris Buechler
06:19 AM Bug #4238: Firewall rule: source port display issue: Bipin Chandra wrote:
> i checked and doesnt seem any issue in port forwarding ports, try clearing your browser cache... Anonymous
05:57 AM Bug #4362 (Resolved): RSS widget - broken character encoding due to forcing latin-1: See https://forum.pfsense.org/index.php?topic=87504.msg484017#msg484017 for cause and fix. Kill Bill

01/31/2015

11:12 PM pfSense Packages Bug #4282: Vnstat2 1.11 Does Configuration Parser Error: Here is a quick fix that you can apply to get it working until patch is merged.
64-bit run: ln -sf /usr/local/etc/... Paul K
01:19 PM pfSense Packages Bug #4282: Vnstat2 1.11 Does Configuration Parser Error: Is there a status update to when the pull request will be accepted, as it stands right now VNSTAT2 package is complet... Disk1of5 NA
10:30 PM Revision 76a9ad94: Add input validation to prevent the use of AES > 128 where glxsb is enabled. Ticket #4361: Chris Buechler
10:30 PM Revision 69aeef21: Add input validation to prevent the use of AES > 128 where glxsb is enabled. Ticket #4361: Chris Buechler
06:49 PM Revision 87808568: Fixes #4360 allow marking a connection as responder only, the same behviour as mobile connections: Ermal Luçi
06:49 PM Revision fdc9ac09: Fixes #4360 allow marking a connection as responder only, the same behviour as mobile connections: Ermal Luçi
06:36 PM Revision 86e1846f: Fixes #4359 Allow controlling uniqueids: Ermal Luçi
06:36 PM Revision 908edbd3: Fixes #4359 Allow controlling uniqueids: Ermal Luçi
05:13 PM Revision 3a8c6408: Merge branch 'master' of github.com:SjonHortensius/pfsense: Sjon Hortensius
05:10 PM Revision 5d00f1d4: fix another typo in cleaner: Sjon Hortensius
05:08 PM Revision f6546b41: WIP: Converted advanced_firewall: Sjon Hortensius
05:08 PM Revision 2cc784b3: Form_Select - handle selected values: Sjon Hortensius
05:06 PM Revision ae479a27: Add placeholder showing default value: Sjon Hortensius
04:29 PM Feature #4361 (Resolved): add input validation to prevent use of AES > 128 w/glxsb: Chris Buechler
04:28 PM Feature #4361 (Resolved): add input validation to prevent use of AES > 128 w/glxsb: The glxsb crypto accelerator breaks AES > 128 bit and people don't seem to be aware of that. Adding input validation ... Chris Buechler
02:14 PM Revision a41b03d0: Support data-toggle=disable: Checkbox - moved call to better location
Select - use parent:: for attributes
Input - add support for attributes with... Sjon Hortensius
01:25 PM Revision 75106235: speedup 'function is_port($port)' speed by skipping calls to getservbyname when possible: Pi Ba
01:19 PM Bug #2526: Limiter appears to break IPv6 connectivity: This issue is still not resolved
https://forum.pfsense.org/index.php?topic=77506.new;topicseen#new
Can this tic... Cino .
01:09 PM Revision 1a86b8fe: Don't treat >name special, just put it in attr; fixes Select.id: Select - name is no longer special, use $attr and get a free ID
Checkbox - make displayAsRadio return itself for chai... Sjon Hortensius
01:00 PM Feature #4360: IPsec allow making a connection repsonder only: Applied in changeset commit:87808568a70404e04c306723cdd65f52e59003f9. Ermal Luçi
01:00 PM Feature #4360 (Feedback): IPsec allow making a connection repsonder only: Applied in changeset commit:fdc9ac09ef07752da6153cd3c28f734c61985372. Ermal Luçi
12:46 PM Feature #4360 (Resolved): IPsec allow making a connection repsonder only: Currently only Mobile connection is repsonder only.
There are situations where this behaviour is required hence the ... Ermal Luçi
12:50 PM Feature #4359: IPsec controlling uniqueid value: Applied in changeset commit:86e1846f47bda6a1e2560c249994b47716fac4ad. Ermal Luçi
12:50 PM Feature #4359 (Feedback): IPsec controlling uniqueid value: Applied in changeset commit:908edbd3d17a6fac747b6583322be9e547026f7f. Ermal Luçi
12:32 PM Feature #4359 (Resolved): IPsec controlling uniqueid value: Strongswan allows ID behaviour to be controllable especially useful for multiple devices connecting with same ID. Ermal Luçi
12:22 PM Revision 81dfcea5: Converted system_advanced_admin: Sjon Hortensius
12:21 PM Revision 276c29d4: Add support for sprintf to setHelp: clean - fix typo in php-end-tag cleaner
Input - support sprintf parameter
Select - put option-names through gettext Sjon Hortensius
12:20 PM Bug #4246: Fix "netstat -gW" behavior broken in r259638.: http://svnweb.freebsd.org/base?view=revision&revision=265096 Kill Bill
11:56 AM Bug #4246: Fix "netstat -gW" behavior broken in r259638.: Problem still there in 2.2 RELEASE.
I run pfSense on an Alix board, which is 32 bits.
Is the kerbel config the ... Jocelyn Le Sage
03:28 AM Bug #4246 (Feedback): Fix "netstat -gW" behavior broken in r259638.: The kernel option is there in our kernels and should be on 2.2 kernels as well.... Ermal Luçi
03:23 AM Bug #4246: Fix "netstat -gW" behavior broken in r259638.: The kernel option is there in our kernels and should be on 2.2 kernels as well.... Ermal Luçi
12:16 PM Bug #4266: Rekeying issues with IKEv1 and multiple P2s under some circumstances: More testing should be done related to rekey, uniqueids and DPD closeaction statement which might impact this. Ermal Luçi
12:02 PM Bug #4358: w3.org: put nested table in td: The first code block is wrong.
It should be:
#1:... Grischa Zengel
11:54 AM Bug #4358 (Closed): w3.org: put nested table in td: In openvpn.widget.php:
> document type does not allow element "table" here; missing one of "th", "td" start-tag
... Grischa Zengel
11:40 AM Bug #4357 (Closed): w3.org: value of attribute id must start with a letter, not a number: My interfaces starts with the number of the port written on the case.
> It is possible that you violated the namin... Grischa Zengel
11:23 AM Bug #4356 (Closed): w3.org: <tfoot> used without thead and tbody: In openvpn.widget.php:
> The <tfoot> element is used in conjunction with the <thead> and <tbody> elements to spec... Grischa Zengel
11:15 AM Bug #4355 (Closed): w3.org: there is no attribute "sortableMultirow": In openvpn.widget.php:
<table style="padding-top:0px; padding-bottom:0px; padding-left:0px; padding-right:0px" cla... Grischa Zengel
10:08 AM Revision b8150520: Traffic Shaper Wizard Upstream SIP Server: Not being remembered and actioned.
Bug #4314 Phil Davis
10:08 AM Revision 0b31300e: Merge pull request #1453 from phil-davis/Upstream-SIP-server: Ermal Luçi
10:06 AM Revision 41da54ce: Fixes #4353 Identify when strongswan.conf needs a reload and restart ipsec service.: Ermal Luçi
10:06 AM Revision 420fce04: Fixes #4353 Identify when strongswan.conf needs a reload and restart ipsec service.: Ermal Luçi
09:45 AM Revision 430379ac: Fixes #4333 Unset previous defined values before using the new ones: Ermal Luçi
09:45 AM Revision ee65c642: Fixes #4333 Unset previous defined values before using the new ones: Ermal Luçi
09:17 AM Revision 7790dacc: Firewall Log does not display logged IGMP packets: If IGMP packets are logged (either pass or block) then parse_filter_line did not set their src and dst IP.
Later in t... Phil Davis
09:16 AM Revision 955746b0: Merge pull request #1456 from phil-davis/patch-1: Ermal Luçi
09:14 AM Revision fdf6fcb3: Fixes #4340 encode username same as with password to avoid issues with special chars.: Ermal Luçi
09:13 AM Revision 95c93bc3: Fixes #4340 encode username same as with password to avoid issues with special chars.: Ermal Luçi
08:21 AM Bug #4352: 2.2 syslogd exiting sig 15 when boot finishes: received email. will reply with access info... Mike Oxlong
08:20 AM Bug #4341: strongSwan fails to re-attach dynamic IPs where interfaces_use specified: Same issue using a PPP wan with Orange France ISP using a dynamic IP. Everything was working fine before pfsense 2.2/... Bob Gray
08:01 AM Bug #3692: apinger loss % gets stuck: this is back for me and I dont't know why this suddenly showed up and why restarting apinger no longer fixes this. al... Michael Kellogg
07:20 AM pfSense Packages Bug #4293: Squid 2.7.9 pkg v.4.3.6 i386 won't start: Some missing link lib.
you can add this symbolic links in a ssh session,
and restart the squid service.
ln... Tahar GUEBLI
06:38 AM Revision f55ef2e7: Update pkg_edit.php: Bipin Chandra
06:35 AM Revision c67b75d1: add schedule selection to pkg_edit.php: this allows schedule selection to pkg_edit.php, this can then be
utilized by packages to set schedules in many other ... Bipin Chandra
04:20 AM Feature #4354 (Closed): Allow dpinger to ping more than one destination for a gateway.: Hello,
I would like to be able to put more than one IP as a monitoring IP in the GUI. I would like the system to u... Raimund Sacherer
04:20 AM Todo #4353: Review IPsec reloading when strongswan.conf is changed: Applied in changeset commit:41da54ce14d2d43a5ce9738bd80b73355fa26180. Ermal Luçi
04:20 AM Todo #4353: Review IPsec reloading when strongswan.conf is changed: Applied in changeset commit:420fce0458f4f1b49faa167a1b6ccc7800d2b8a3. Ermal Luçi
04:05 AM Todo #4353 (Feedback): Review IPsec reloading when strongswan.conf is changed: Ermal Luçi
04:07 AM Bug #4314 (Feedback): Traffic Shaper Wizard not accepting an alias in the "Upstream SIP Server" text box: Merged pull 1453 Ermal Luçi
04:00 AM Bug #4333: Shaper wizard retains and uses incorrect info when supplying a different count of interfaces on future runs: Applied in changeset commit:430379acf9e4bfcda2625954700a6184265c8f73. Ermal Luçi
04:00 AM Bug #4333: Shaper wizard retains and uses incorrect info when supplying a different count of interfaces on future runs: Applied in changeset commit:ee65c642df6466ed59c332d448a4804690ce55c1. Ermal Luçi
03:45 AM Bug #4333 (Feedback): Shaper wizard retains and uses incorrect info when supplying a different count of interfaces on future runs: Ermal Luçi
03:20 AM Bug #4340: OpenVPN connect fails if login contains special characters (e.g. &): Applied in changeset commit:fdf6fcb3b1405016146088f547085c5d08ff0398. Ermal Luçi
03:20 AM Bug #4340: OpenVPN connect fails if login contains special characters (e.g. &): Applied in changeset commit:95c93bc3f6a281bd525d72925ea54dfa6ec2709b. Ermal Luçi
03:17 AM Bug #4340 (Feedback): OpenVPN connect fails if login contains special characters (e.g. &): Fixed the same way as poasswords Ermal Luçi
03:16 AM Bug #4343 (Feedback): Firewall Log does not display logs for IGMP: The pull request has been merged. Ermal Luçi
02:24 AM Bug #4238: Firewall rule: source port display issue: i checked and doesnt seem any issue in port forwarding ports, try clearing your browser cache and check again and if ... Bipin Chandra

01/30/2015

08:20 PM Bug #4352: 2.2 syslogd exiting sig 15 when boot finishes: I emailed you to see if we can setup a time that I can check out your system in general Chris Buechler
04:22 PM Bug #4352: 2.2 syslogd exiting sig 15 when boot finishes: Yes, it does it at every boot or reboot and started exactly after performing an in place upgrade from 2.1.5 release.
... Mike Oxlong
03:37 PM Bug #4352 (Feedback): 2.2 syslogd exiting sig 15 when boot finishes: does it do that at every boot? could you share your config? Chris Buechler
01:16 PM Bug #4352 (Closed): 2.2 syslogd exiting sig 15 when boot finishes: upgraded box from 2.1.5. syslogd now exits at boot/reboot and does not restart again. prevents ALL logs on the entire... Mike Oxlong
07:59 PM Revision fa776555: Do not reuse reqid on copy of phase2 Fixes #4349: Ermal Luçi
07:59 PM Revision 7c449a56: Do not reuse reqid on copy of phase2 Fixes #4349: Ermal Luçi
05:00 PM Revision 07b37952: Unbound domain override IP:port validation: The domain override is IP:port is invalid if either the IP address OR port is invalid.
Previously you could put an in... Phil Davis
04:43 PM Bug #4345: Traffic Shaping doesn't work with Xen netfront driver: Yes, that NIC's changed to xm but still working on 2.1.5 and not on 2.2. Helio Candido
03:39 PM Bug #4345 (Feedback): Traffic Shaping doesn't work with Xen netfront driver: that should be something that changed to xn NICs after upgrade so they're no longer Realtek, is that the case? Chris Buechler
04:35 AM Bug #4345: Traffic Shaping doesn't work with Xen netfront driver: I'm using 2 NIC's Realtek RTL8111/8168 PCI Express Gigabit Ethernet. Both are working on PFSense 2.1.5 with traffic s... Helio Candido
04:30 PM Bug #4286: State killing on gateway change: As I thought, it seems to be a miss-configuration on our part. However, further testing is necessary. Would you mind ... Marc 05
03:34 PM Bug #4349: Generating IPsec entries with the option similar to this one causes bad ipsec configuration: probably would be good to have upgrade code to clean this up, should help fix some people's issues. Chris Buechler
02:00 PM Bug #4349: Generating IPsec entries with the option similar to this one causes bad ipsec configuration: Applied in changeset commit:fa77655557586453a0279566a84d01cd25645978. Ermal Luçi
02:00 PM Bug #4349 (Feedback): Generating IPsec entries with the option similar to this one causes bad ipsec configuration: Applied in changeset commit:7c449a56f208cb7a02c739610a8abfe11ee498be. Ermal Luçi
01:58 PM Bug #4349: Generating IPsec entries with the option similar to this one causes bad ipsec configuration: Should there be upgrade code to fix this issue or not? Ermal Luçi
04:22 AM Bug #4349: Generating IPsec entries with the option similar to this one causes bad ipsec configuration: Also for a discussion https://forum.pfsense.org/index.php?topic=87786.new#new Ermal Luçi
04:21 AM Bug #4349 (Resolved): Generating IPsec entries with the option similar to this one causes bad ipsec configuration: On 2.2 of pfSense reqid is part of the configuration stored.
When from the GUI a phase2/phase1 is generated with the... Ermal Luçi
02:12 PM Todo #4353 (Resolved): Review IPsec reloading when strongswan.conf is changed: If things on strongswan.conf are changed ipsec service needs to be restarted since reloading does not work for them Ermal Luçi
12:52 PM Bug #3692: apinger loss % gets stuck: I hate to say it but in a new pfsense 2.2 installation (with two wan load balancing and high availability) I have now... Mario Giammarco
11:32 AM Feature #4351 (Resolved): Allow to disable BOOTP in DHCP server: As suggested in forum: https://forum.pfsense.org/index.php?topic=80264.0
To prevent the possibility that a malicio... Phillip Davis
11:22 AM Bug #4307: bacula-fd configuration is mangled: I deleted the package and tried to use pkg as described at https://doc.pfsense.org/index.php/Installing_FreeBSD_Packa... Dan Langille
11:09 AM Bug #4307: bacula-fd configuration is mangled: Known issue: https://forum.pfsense.org/index.php?topic=85265.0 Dan Langille
11:06 AM Bug #4307: bacula-fd configuration is mangled: I do not know how to fix the mangled FailDaemon name, but I see the cause.... Dan Langille
11:18 AM Feature #4350 (Resolved): Allow entry of multiple IP addreses in DNS Resolver Domain Overrides: Unbound seems to allow multiple stub-addr in a stub-zone.
This would be handy when using DNS Resolver on pfSense wit... Phillip Davis
08:02 AM Bug #4344: package (re)installation loop after upgrading from 2.1.5-RELEASE to 2.2-RELEASE: *http://pastebin.com/8ni6F2Tb* was scheduled to expire in 2 weeks, so... here's its content:... Vinícius Zavam
06:36 AM Revision 5d60171d: unnecessary but lets just add this for safety: unnecessary but lets just add this for safety Bipin Chandra
04:29 AM pfSense Packages Bug #4331: Issue with VPN interface within Squid 3.4 for Transparent Proxy: Nev Secular wrote:
> I'm running pfSense 2.2 with squid 3.4.10_2
>
> Want to include my VPN interface in transpar... Nev Secular
03:55 AM pfSense Packages Bug #4348 (Closed): SquidGuard is not starting: Applying "Enable" results in
System log:
php: squidGuard_blacklist_update.sh: The command '/usr/pbi/squid-amd64... Holger Hampel
03:43 AM pfSense Packages Feature #4347 (Closed): Recent Version of Asterisk: Version 1.8 is very old. Please update Asterisk to something recent. Frederic Steinfels
12:27 AM pfSense Packages Bug #4337: Multiple radiusd instances are launched upon WAN interface change: I have modified radiusd.sh to prevent it from being executed in parallel and to wait a bit for the process to start b... Paul K
12:22 AM pfSense Packages Bug #4337: Multiple radiusd instances are launched upon WAN interface change: I dug a little deeper and here is what I discovered.
By the time "radiusd.sh start" is invoked second time, first ... Paul K
12:06 AM Bug #4346 (Resolved): radiusd process is left running after package uninstall: During FreeRADIUS package uninstall, package is removed, but process fails to stop. Log:... Paul K

01/29/2015

06:45 PM pfSense Packages Bug #4342: carp switch problem: please use one of our available support resources. https://pfsense.org/support Chris Buechler
01:42 PM pfSense Packages Bug #4342: carp switch problem: It was configured using : https://doc.pfsense.org/index.php/Configuring_pfSense_Hardware_Redundancy_%28CARP%29
Pleas... Bartłomiej Bujak
12:00 PM pfSense Packages Bug #4342 (Rejected): carp switch problem: this is almost certainly indicative of a connectivity problem between the two systems Chris Buechler
06:55 AM pfSense Packages Bug #4342: carp switch problem: Wrong files.
Please remove pfsense_problem.JPG
Bartłomiej Bujak
06:53 AM pfSense Packages Bug #4342 (Rejected): carp switch problem: I have 2 pfsense cluster installations in two different locations.
One of them 2.2 version 64-bit, second 32 and 64 ... Bartłomiej Bujak
05:38 PM Bug #4345: Traffic Shaping doesn't work with Xen netfront driver: which driver is it saying doesn't support altq? Chris Buechler
01:58 PM Bug #4345 (Confirmed): Traffic Shaping doesn't work with Xen netfront driver: On the version 2.1.5 I got the traffic shaping work without problem but after upgraded to 2.2 it's just doesn't worki... Helio Candido
05:10 PM Revision 091195f0: Firewall Log does not display logged IGMP packets: If IGMP packets are logged (either pass or block) then parse_filter_line did not set their src and dst IP.
Later in t... Phil Davis
04:38 PM Bug #4310: Limiters + HA results in hangs on secondary: I think this happens because CARP packets are being sent to dummynet.
Before the kernel patch prevented this from ha... Ermal Luçi
02:02 PM Revision f5b23288: Set update_url and update_manifest automatically based on version being or not a RELEASE: Renato Botelho
02:02 PM Revision 15ff0dc5: Set update_url and update_manifest automatically based on version being or not a RELEASE: Renato Botelho
11:55 AM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic: I this affected us at PAX South. We had limiters in place and had certain downloads dropping to 0 bytes/sec until we... Travis Kreikemeier
07:50 AM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic: I suppose that's possible, although manually checking the box to disable the generated reply-to doesn't seem to chang... Adam Hirsch
02:47 AM Bug #4326 (Confirmed): Limiters on firewall rules where NAT applies drop all traffic: I believe it only happens where the matching rule with limiter includes reply-to. Chris Buechler
11:54 AM Bug #4344 (Closed): package (re)installation loop after upgrading from 2.1.5-RELEASE to 2.2-RELEASE: this issue was originally reported by "WolfSec-Support" <support at wolfsec.ch> on the pfSense's mailing list.
* htt... Vinícius Zavam
11:53 AM Feature #2834: carp+pfsync: add ability to prefer one node as master: https://github.com/pfsense/pfsense/pull/1449
My patch was rejected. Looking to see what will be accepted. Robert Middleswarth
11:43 AM pfSense Packages Feature #4335: NUT send notifications via built in smtp notification feature: The following seems to work pretty good.
Add to upsmon.conf... Josh Stompro
08:37 AM pfSense Packages Feature #4335: NUT send notifications via built in smtp notification feature: I think I found the info needed to make this work. A command line tool for sending email via the notification system... Josh Stompro
11:24 AM Bug #4343: Firewall Log does not display logs for IGMP: Related forum thread that got me started looking at this: https://forum.pfsense.org/index.php?topic=87723.0 Phillip Davis
11:15 AM Bug #4343: Firewall Log does not display logs for IGMP: Note: In filter_log.inc parse_filter_line() there is also code that tries to handle protocol 112 CARP (around line 24... Phillip Davis
11:12 AM Bug #4343: Firewall Log does not display logs for IGMP: Proposed fix: https://github.com/pfsense/pfsense/pull/1456 Phillip Davis
11:11 AM Bug #4343 (Resolved): Firewall Log does not display logs for IGMP: I have a rule that that deals with multicast packets (to 224.0.0.0/4).
There are lines in /var/log/filter.log for pa... Phillip Davis
10:14 AM Revision a95867a2: multiple allow/deny entries for UPnP (rowhelper): remove old permission box fields Bipin Chandra
09:51 AM Revision d9f9836a: Merge pull request #7 from SanderVanLeeuwen/bootstrap: Documentation updates + layout tweaks SjonHortensius
09:47 AM Revision 10322913: Keep original PHP form example: Sander van Leeuwen
09:39 AM Revision 2900b876: Fix footer position: Sander van Leeuwen
09:38 AM Todo #4338 (Feedback): Upgrade PHP to 5.5.22: Done on both builders Renato Botelho
09:06 AM Revision 76d450e2: fix input validation, = is OK here: Chris Buechler
09:05 AM Revision 427831ac: fix input validation, = is OK here: Chris Buechler
07:33 AM Bug #4238: Firewall rule: source port display issue: i noted also that the issue is present also for nat rules (port forwarding) Anonymous
04:15 AM Bug #4238: Firewall rule: source port display issue: after its merged, this can be closed Bipin Chandra
02:05 AM Bug #4238: Firewall rule: source port display issue: ben kenobi wrote:
> Thanks,
> after removing style="display:none" the cosmetic issue is not present anymore.
Anonymous
02:05 AM Bug #4238: Firewall rule: source port display issue: Thanks,
after removing style="display:none" id="sprtable" the cosmetic issue is not present anymore.
Anonymous
06:12 AM Bug #4341 (Resolved): strongSwan fails to re-attach dynamic IPs where interfaces_use specified: I have a single WAN setup with PPPOE
IPsec (problem applies to both: IKE1 and IKE2)
Every 24 hours the WAN gets rec... Sebastian Chrostek
03:20 AM Bug #4340 (Resolved): OpenVPN connect fails if login contains special characters (e.g. &): Hello,
after upgrade pfSense to 2.2, OpenVPN fails connect for login S&V (authorization by AD).
@
openvpn: user 'S... Yuriy K.
03:05 AM Bug #4339 (Resolved): RAM Disk Setting minimum ram error: fixed, thanks
Chris Buechler
03:03 AM Bug #4339 (Confirmed): RAM Disk Setting minimum ram error: though you're right on the math part, shouldn't have = there. about to push a fix. Chris Buechler
03:00 AM Bug #4339 (Rejected): RAM Disk Setting minimum ram error: You must be looking at the wrong description for the box. One is 40 MB, one is 60 MB. ... Chris Buechler
02:56 AM Bug #4339: RAM Disk Setting minimum ram error: Also, 60MB isn't accepted either. the actual minimum is 61. Alexandre Paradis
02:53 AM Bug #4339 (Resolved): RAM Disk Setting minimum ram error: Version : 2.2-RELEASE (amd64)
when saying "Set the size, in MB, for the /tmp RAM disk. Leave blank for 40MB. Do n... Alexandre Paradis
03:01 AM Bug #4308: LAGG LACP defaults to strict mode in FreeBSD >= 10: After reconsideration, I agree we should keep the existing default. I'm not sure that's the right answer for upgraded... Chris Buechler
02:54 AM Bug #4028: Wireless Obytes counter always 0: That FreeBSD PR got bumped recently, no patch available at this time. Chris Buechler
02:50 AM Bug #4329: OpenVPN Server returns an error message while validating selfsigned certificate with a deep of 2: Ermal Luçi wrote:
> [...]
>
> Can you try this patch and let me know if it works for you?
The patch creates an e... Armin Tueting
12:05 AM Revision 079becf2: Add form styling conventions with an HTML example: Sander van Leeuwen

01/28/2015

11:10 PM Todo #4338 (Resolved): Upgrade PHP to 5.5.22: Need to upgrade PHP to 5.5.21 for 2.2.1. Chris Buechler
10:01 PM Revision 1fbae628: Fixes #4274 same fix as #4302 enclose in double quotes to tell yacc this is a string to be parsed.: Ermal Luçi
10:01 PM Revision 6a2f0ad7: Fixes #4274 same fix as #4302 enclose in double quotes to tell yacc this is a string to be parsed.: Ermal Luçi
09:55 PM Revision 1abdf80b: Apparently yacc became more strict in FreeBSD 10. Fixes #4302: Ermal Luçi
09:53 PM Revision 17b3a068: Apparently yacc became more strict in FreeBSD 10. Fixes #4302: Ermal Luçi
09:39 PM Revision 422a715c: Add id attribute to input elements: Sander van Leeuwen
09:08 PM pfSense Packages Bug #4337: Multiple radiusd instances are launched upon WAN interface change: This also happens on system boot. Paul K
08:36 PM pfSense Packages Bug #4337 (Resolved): Multiple radiusd instances are launched upon WAN interface change: I noticed that whenever I change WAN interface settings and apply them multiple radiusd instances are launched. Syste... Paul K
08:26 PM Revision b50baf79: Fixes #4275 use double quotes on asn1dn specification so strongswan properly interprets it: Ermal Luçi
08:24 PM Revision 99df898e: Fixes #4275 use double quotes on asn1dn specification so strongswan properly interprets it: Ermal Luçi
06:46 PM Revision 340e8bc5: Accept port range on Outbound NAT. Fixes #4300: Renato Botelho
06:45 PM Revision b601f897: Accept port range on Outbound NAT. Fixes #4300: Renato Botelho
06:45 PM Bug #4334 (Rejected): Haning installation: you're using a serial console, it's not hung, it has no keyboard. Please follow up on your forum thread for additiona... Chris Buechler
02:08 PM Bug #4334 (Rejected): Haning installation: I have been trying to install pfsense sevarel times.
but every time the installation hangs at the same point (See at... daniel guldberg aaes
05:54 PM pfSense Packages Bug #4336 (Resolved): syslog-ng package missing libraries: The following error is logged when attempting to enable the syslog-ng service:
Syslog-ng syntax test failed: [2015-0... Jeremy Porter
04:28 PM Revision 42322ae0: Fix name attr for Select, implement Checkbox::displayAsRadio: Sjon Hortensius
04:20 PM Bug #4274: Marking a packet with only a number results in a broken rule: Applied in changeset commit:1fbae628c24e8259dc2ddb3f610c78b4dad45a34. Ermal Luçi
04:20 PM Bug #4274: Marking a packet with only a number results in a broken rule: Applied in changeset commit:6a2f0ad75063b9a0068b0a1983fb61fe3b408920. Ermal Luçi
04:00 PM Bug #4274 (Feedback): Marking a packet with only a number results in a broken rule: Ermal Luçi
07:29 AM Bug #4274 (Confirmed): Marking a packet with only a number results in a broken rule: Confirmed. If you place a purely numerical value in the "You can mark a packet matching this rule and use this mark t... Jim Pingle
04:00 PM Bug #4302: Several DSCP choices are non-functional and result in a broken ruleset: Applied in changeset commit:1abdf80b2d4abaf7fb0238ae21d554603149619e. Ermal Luçi
04:00 PM Bug #4302: Several DSCP choices are non-functional and result in a broken ruleset: Applied in changeset commit:17b3a06878f3664abb7f745a08ab19fc2c58bbba. Ermal Luçi
03:54 PM Bug #4302 (Feedback): Several DSCP choices are non-functional and result in a broken ruleset: Ermal Luçi
02:43 PM Bug #4302: Several DSCP choices are non-functional and result in a broken ruleset: The same rule does not break pf on a pfSense 2.1 install, so it's definitely an issue with 2.2 Jim Pingle
02:40 PM Bug #4302: Several DSCP choices are non-functional and result in a broken ruleset: This is related to #2998 and i do not see anything different in 2.2 in comparison to 2.1?
Probably even 2.1 it did... Ermal Luçi
03:56 PM Bug #4268: changes in strongswan config don't apply to SAD or SPD: I do not expect there to be issues from this.
The SAD is there but the policies(SPD) are not so there is nothing tha... Ermal Luçi
03:43 PM Revision fee13fc0: Reload filter when IPsec is disabled, fixes #4245: Renato Botelho
03:42 PM Revision 1959e3d1: Reload filter when IPsec is disabled, fixes #4245: Renato Botelho
03:33 PM Revision a27f0c10: Add support for 0x20 DNS random bit support. Fixes #4205: Warren Baker
03:33 PM Revision 52d946d8: Merge pull request #1440 from wagonza/patch-6: Renato Botelho
03:23 PM Revision 7c7c2ba2: Support for Office365 Mail: https://redmine.pfsense.org/issues/4176
Allow the user to choose SMTP authentication mechanism PLAIN or LOGIN.
For ex... Phil Davis
03:23 PM Revision 27c25d29: Support choice of SMTP Authentication Mechanisms: https://redmine.pfsense.org/issues/4176
I have left some documentation here of other mechanisms that someone might ca... Phil Davis
03:23 PM Revision e336d9ef: Merge pull request #1421 from phil-davis/patch-4: Renato Botelho
03:15 PM pfSense Packages Feature #4335 (Resolved): NUT send notifications via built in smtp notification feature: This is a wishlist feature request.
The NUT package should have a checkbox that allows it to use the built in noti... Josh Stompro
02:53 PM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic: I'm seeing this when the limiter is applied to a filter on the WAN interface, but not the LAN interface. Odd. Adam Hirsch
02:30 PM Bug #4275: ASN.1 DN needs double quotes in config file: Applied in changeset commit:b50baf79f18b21454dad25819d3a6656caf2abcc. Ermal Luçi
02:30 PM Bug #4275: ASN.1 DN needs double quotes in config file: Applied in changeset commit:99df898e0c5fd8533d234bbb7846b89d9097a424. Ermal Luçi
02:26 PM Bug #4275 (Feedback): ASN.1 DN needs double quotes in config file: Ermal Luçi
01:48 PM Bug #4328: Some symlinks not updated by full update: Likely, (or build from source) but 2.2.1 likely not that far away, either. Jim Thompson
12:55 PM Bug #4328: Some symlinks not updated by full update: Thanks. I assume the only way to test this is to wait for 2.2.1 :) Doktor Notor
08:03 AM Bug #4328 (Feedback): Some symlinks not updated by full update: I pushed a fix for this on tools Renato Botelho
02:40 AM Bug #4328 (Resolved): Some symlinks not updated by full update: Forum thread: https://forum.pfsense.org/index.php?topic=87336.msg481876#msg481876
On upgrade, there are loads of /... Doktor Notor
01:44 PM Bug #4308: LAGG LACP defaults to strict mode in FreeBSD >= 10: Can we talk about *not* disabling strict mode? FreeBSD 10 runs LAGG LACP in 'strict' mode for a reason.
https://bug... Jim Thompson
01:40 PM Bug #4329: OpenVPN Server returns an error message while validating selfsigned certificate with a deep of 2: ... Ermal Luçi
10:56 AM Bug #4329: OpenVPN Server returns an error message while validating selfsigned certificate with a deep of 2: Phillip Davis wrote:
> "Two" should be good. I just checked a road warrior server of mine. I changed Certificate Dep... Armin Tueting
05:27 AM Bug #4329: OpenVPN Server returns an error message while validating selfsigned certificate with a deep of 2: "Two" should be good. I just checked a road warrior server of mine. I changed Certificate Depth to "Two" and it chang... Phillip Davis
04:40 AM Bug #4329: OpenVPN Server returns an error message while validating selfsigned certificate with a deep of 2: Phillip Davis wrote:
> Is that related to the "Certificate Depth" setting on the OpenVPN Server GUI page?
I didn't ... Armin Tueting
04:04 AM Bug #4329: OpenVPN Server returns an error message while validating selfsigned certificate with a deep of 2: Is that related to the "Certificate Depth" setting on the OpenVPN Server GUI page?
Do you have that already set to "... Phillip Davis
03:25 AM Bug #4329 (Not a Bug): OpenVPN Server returns an error message while validating selfsigned certificate with a deep of 2: Hello,
I've recently upgraded from 2.1.5 to 2.2 and getting an error message:-
>Jan 28 09:39:23 pfsense openvpn[4... Armin Tueting
01:38 PM Revision 7094c303: Fix #4318 - gen_subnetv4_max() not working on 32bit: Renato Botelho
01:38 PM Revision e69a0cf3: Fix #4318 - gen_subnetv4_max() not working on 32bit: Renato Botelho
01:00 PM Bug #4300: Can not enter outbound NAT destination port range: Applied in changeset commit:340e8bc5cf67a2e826df28d1ac3a1eb70ed2c5c5. Renato Botelho
01:00 PM Bug #4300 (Feedback): Can not enter outbound NAT destination port range: Applied in changeset commit:b601f897a5f6acfb4abc8beeedf0bb0d5cfa3193. Renato Botelho
12:56 PM Revision 01a84fcf: updated forms description HTML > PHP: Sjon Hortensius
12:38 PM Bug #4311: aPinger service gets higher ping. Resolves for short period after restart aPinger service: I am also getting this same issue, and I can confirm a restart restores the pings to their normal value for a short t... Seb Hopley
02:09 AM Bug #4311: aPinger service gets higher ping. Resolves for short period after restart aPinger service: Forgot to mention that this is based on a fresh 2.2 install with a restore of a backup of 2.0 version Dirk Jan de Vries
12:26 PM Bug #4330 (Rejected): Pfsense 2.2 breaks certain Realtek cards: drivers are outside our control, we only follow up with ones relevant to things we sell @ store.pfsense.org. Please r... Chris Buechler
03:32 AM Bug #4330: Pfsense 2.2 breaks certain Realtek cards: Should mention I tried adding if_re.ko and if_rl.ko from FreeBSD 10.1 to /boot/modules with no success. Ross Williamson
03:31 AM Bug #4330 (Rejected): Pfsense 2.2 breaks certain Realtek cards: Hi there
Pfsense 2.2 upgrade has gone very smoothly on all but one of my machines. Unfortunately one happened to b... Ross Williamson
10:08 AM Feature #4322: Add Google Domains DDNS: I'm aware, but it took a while to figure it out on my own. It would be much simpler to have a menu item of it's own. ... Landon Wubbels
09:50 AM Bug #4245: after disabling ipsec, "# VPN Rules" are still loaded: Applied in changeset commit:fee13fc057f3c1e96a3db2535ab7734953de5924. Renato Botelho
09:50 AM Bug #4245 (Feedback): after disabling ipsec, "# VPN Rules" are still loaded: Applied in changeset commit:1959e3d1d08747799229bacea10fbb906367c84f. Renato Botelho
09:50 AM Feature #4205: unbound config option missing: Applied in changeset commit:a27f0c10a90e696d9b987bdc38727eb738163c48. Warren Baker
09:50 AM Feature #4205 (Feedback): unbound config option missing: Applied in changeset commit:a771a6aee364f60ab436f26d061b373118462c43. Warren Baker
09:31 AM Bug #4333 (Resolved): Shaper wizard retains and uses incorrect info when supplying a different count of interfaces on future runs: If you run through the shaper wizard with, for example, two WANs, then some sections like VoIP get a set of <conn0upl... Jim Pingle
09:26 AM Revision 04a893de: multiple allow/deny entries for UPnP (rowhelper): with this additional change we can allow infinite number of entries
rather than just 500 due to the for loop set to a... Bipin Chandra
09:22 AM Feature #4176 (Feedback): Add support for SMTP authentication mechanisms: Pull request has been merged Renato Botelho
09:01 AM Bug #4238: Firewall rule: source port display issue: the above link is the patch file but u can simply edit the page (/usr/local/www/firewall_rules_edit.php) by going to ... Bipin Chandra
06:56 AM Bug #4238: Firewall rule: source port display issue: https://github.com/pfsense/pfsense/pull/1452.patch Bipin Chandra
04:57 AM Bug #4238: Firewall rule: source port display issue: the fetch fails
i suppose that a / is missing on the patch
usr/local/www/firewall_rules_edit.php
Regards Anonymous
08:57 AM Revision 0f062592: Dynamic DNS wildcard typo: Self-explanatory, just a dumb typo bug Phil Davis
08:57 AM Revision c19bdcf4: Merge pull request #1450 from phil-davis/patch-1: Renato Botelho
08:55 AM Revision 4c40e2a7: Unimportant typos in user and group manager: that do not effect anything. Phil Davis
08:55 AM Revision adaf6ca9: Merge pull request #1445 from phil-davis/priv-typos: Renato Botelho
08:46 AM Revision 085136fe: multiple allow/deny entries for UPnP (rowhelper): This patch will allow the web GUI for UPnP to enter more user specified
entries rather than just 4, I replaced the 4 ... Bipin Chandra
08:37 AM Bug #4314: Traffic Shaper Wizard not accepting an alias in the "Upstream SIP Server" text box: I applied the patch and it works ok now. The wizard remembers the text box content and the floating rules are automat... Muchacha Grande
08:36 AM Bug #4317: firewall_edit_nat.php - memory exhaustion on 32 bit with VIP range: Note:
$x2 = ip2long32("127.255.255.255");
var_dump($x2);
$y2 = ip2long32("128.0.0.0");
var_dump($y2);
$z2 = $y2 ... Phillip Davis
08:28 AM Bug #4317: firewall_edit_nat.php - memory exhaustion on 32 bit with VIP range: Sorry - the last subtraction in my code above should have been "$z2 = $y2 - $x2" - so ignore the rubbish "float(-198.... Phillip Davis
08:17 AM Bug #4317: firewall_edit_nat.php - memory exhaustion on 32 bit with VIP range: Yes - I had been checking the code on a 64-bit system accidentally. Now I am at home with my Alix it all goes wrong:
... Phillip Davis
08:10 AM Bug #4317: firewall_edit_nat.php - memory exhaustion on 32 bit with VIP range: yes, correct, everything i386 on our side... Alejandro Olivan
08:09 AM Bug #4317: firewall_edit_nat.php - memory exhaustion on 32 bit with VIP range: A fix was just posted for #4318, apply that fix and try this again, I suspect it will work fine. If so, we can close ... Jim Pingle
08:06 AM Bug #4317: firewall_edit_nat.php - memory exhaustion on 32 bit with VIP range: Yep, on i386 Kernel.
Dont see a way to change architecture doing an auto upgrade and several machines are remote.
... Mogamat Abrahams
07:07 AM Bug #4317: firewall_edit_nat.php - memory exhaustion on 32 bit with VIP range: Are you all on i386?
I could see that loop going out of control due to #4318, source:usr/local/www/firewall_nat_ed... Jim Pingle
04:20 AM Bug #4317: firewall_edit_nat.php - memory exhaustion on 32 bit with VIP range: Here i paste relevant part of one upgraded router setup.
This particular one has a mixture of virtualIPs, may this h... Alejandro Olivan
03:57 AM Bug #4317: firewall_edit_nat.php - memory exhaustion on 32 bit with VIP range: Numbers like that work fine for me - e.g. subnet 197.1.2.131 subnet_bits 29
It build a correct list of 8 addresses.
... Phillip Davis
03:22 AM Bug #4317: firewall_edit_nat.php - memory exhaustion on 32 bit with VIP range: I got exactly the same situation, so may I at least help consistently confirming the issue existence:
I have stopp... Alejandro Olivan
03:03 AM Bug #4317: firewall_edit_nat.php - memory exhaustion on 32 bit with VIP range: You are right, must have missed it due to fatigue, although I do remember removing this before upgrading to 2.2.
<... Mogamat Abrahams
08:24 AM Bug #4332 (Resolved): Unable to run DNS Forwarder (dnsmasq) and DNS Resolver (unbound) simultaneously on different ports: It should be possible to run both services for different purposes so long as they are on different port numbers.
C... Jim Pingle
07:50 AM Bug #4318: gen_subnet_max returns incorrect result for 32 bit: Applied in changeset commit:7094c303b7d46c9f7b24c3f1bd4432187832e85c. Renato Botelho
07:50 AM Bug #4318 (Feedback): gen_subnet_max returns incorrect result for 32 bit: Applied in changeset commit:e69a0cf3a216c8647a6def4eee41ab01319ce90f. Renato Botelho
04:38 AM pfSense Packages Bug #4331 (Resolved): Issue with VPN interface within Squid 3.4 for Transparent Proxy: I'm running pfSense 2.2 with squid 3.4.10_2
Want to include my VPN interface in transparent proxy within squid.
s... Nev Secular
03:44 AM Feature #4265: UPNP allow use of alias and schedule: i added the rowhelper control as well as it will allow infinite number of entries and tried it and works well
http... Bipin Chandra
12:24 AM Bug #4327 (Closed): Package Manager issue behind proxy: Hello,
the pfsense that i have installed inside my company uses proxy connections to get updates from pfsense sites.... Anonymous

01/27/2015

10:23 PM Bug #4325: GUI for limiter rules turns Gb/s into b/s: When I do that, /tmp/rules.limiter has the expected stuff like:
pipe 1 config bw 4Gb
But as you say, Diagnostics... Phillip Davis
09:33 PM Bug #4325 (Resolved): GUI for limiter rules turns Gb/s into b/s: Steps to reproduce:
# Firewall -> Traffic Shaper -> Limiter
# Create new limiter with a memorable bandwidth. (In ... Adam Hirsch
10:06 PM Bug #4326 (Resolved): Limiters on firewall rules where NAT applies drop all traffic: A PASS filter rule with In / Out limiters set will pass traffic until bandwidth in a limited direction hits the limit... Adam Hirsch
09:30 PM pfSense Packages Bug #4324 (Resolved): HAproxy and SSL client certificate validation: I just stumbled upon something with HAproxy that is probably not the expected/intended behavior when building an ACL ... Stéphane Lapie
08:33 PM Revision 69f9ff40: final touches on Forms: system - removed trailing unused form-html
Form - set proper width for submit-button column
Element - support returni... Sjon Hortensius
07:51 PM Revision dc58b7b3: moved some js from separate files to contextual .php: pfSense.js - to prevent a blob of scripts; move index-widget handling to
actual index, introduce events instead
*.j... Sjon Hortensius
06:17 PM Revision 7efe99b5: Traffic Shaper Wizard Upstream SIP Server: Not being remembered and actioned.
Bug #4314 Phil Davis
04:53 PM Feature #4322: Add Google Domains DDNS: it can be manually configured using the "custom" type currently Chris Buechler
03:57 PM Feature #4322 (Resolved): Add Google Domains DDNS: Google domains (domains.google.com) has added DDNS services outlined here: https://support.google.com/domains/answer/... Landon Wubbels
04:53 PM Bug #4323 (Rejected): Layer 7 / ipfw-classifyd 100% cpu in 2.2: duplicate of #4276 Chris Buechler
04:13 PM Bug #4323 (Rejected): Layer 7 / ipfw-classifyd 100% cpu in 2.2: Any Layer 7 traffic shaper configuration causes ipfw-classifyd to use 100% of cpu and essentially blocks all outbound... Curtis Edge
02:51 PM Bug #4286: State killing on gateway change: The VPN on Site A has the "Stake killing on gateway change" feature enabled (box unchecked), and it did not restore o... Marc 05
11:11 AM Bug #4286: State killing on gateway change: We're currently testing the same kind of set up with IPsec and it seems we have the same issue (on 2.1.4). This funct... Marc 05
09:31 AM Bug #4286: State killing on gateway change: The problem was already here in the previous stable version. Jo S
08:52 AM Bug #4286: State killing on gateway change: Did you have this multiwan setup working previously with 2.1.5? Or has the issue existed since then? Marc 05
02:33 PM pfSense Packages Bug #4301: arpwatch not sending email reports on 2.2: not sure if this helps
01-27-2015 15:33:50 Daemon.Debug pfsense Jan 27 15:33:50 arpwatch: reaper: pid 93610, exit ... Cino .
02:22 PM Revision ca127ab7: Simplify use of other serial ports setting all of them as onifconsole when serial is enabled: Renato Botelho
02:22 PM Revision 04c8360c: Teach ufslabels.sh to deal with DESTDIR, useful on installation: Renato Botelho
02:22 PM Revision 8c392069: Improve a bit sh syntax and fix it for multiple swap devices: Renato Botelho
02:20 PM Revision 12fe841f: Change version to 2.2.1-DEVELOPMENT: Renato Botelho
02:18 PM Bug #4317 (Feedback): firewall_edit_nat.php - memory exhaustion on 32 bit with VIP range: not a replicable circumstance.
In order for the situation as described to occur, you have to have some kind of co... Chris Buechler
01:28 PM Bug #4317 (Resolved): firewall_edit_nat.php - memory exhaustion on 32 bit with VIP range: Hi,
After upgrade to 2.2, experience memory limit errors even after increasing php memory_limit :
_Crash report... Mogamat Abrahams
02:13 PM Feature #4320: Enable port-in-use checking in miniupnpd: The effect that I see most often is Macs on the LAN adding a mapping for external port 4500 (for BTMM) and breaking I... Daniel Becker
02:12 PM Feature #4320: Enable port-in-use checking in miniupnpd: This might actually be considered a bug rather than a feature, as without this change, miniupnpd will happily let LAN... Daniel Becker
02:07 PM Feature #4320 (Resolved): Enable port-in-use checking in miniupnpd: The miniupnpd port has a build-time option that forces it to check if the requested external port is already in use l... Daniel Becker
02:10 PM Feature #4321 (Resolved): Enable IPv6 for miniupnpd: Miniupnpd supports IPv6; this can be enabled by adding the "IPV6" and "UPNP_IGDV2" make options to the port. See atta... Daniel Becker
02:07 PM pfSense Packages Bug #4256: Squid3 using 100% CPU after install/reboot: I re-did tests with 3.4.10_2 pkg 0.2.6 on clean VM and real router and looks like everything is ok. I wonder what was... Dmitriy K
01:57 PM Revision 4f009171: Simplify use of other serial ports setting all of them as onifconsole when serial is enabled: Renato Botelho
01:50 PM Revision 873cab16: Teach ufslabels.sh to deal with DESTDIR, useful on installation: Renato Botelho
01:49 PM Bug #4319 (Rejected): Release 2.2 - Wake on Lan different behaviour on alix and apu: #4318 is the root cause of this Chris Buechler
01:42 PM Bug #4319 (Rejected): Release 2.2 - Wake on Lan different behaviour on alix and apu: Upgrade worked fine on multiple hardware installations (all on
alix / apu). The only thing I've realised is, that WO... Chris Suter
01:31 PM Bug #4318 (Resolved): gen_subnet_max returns incorrect result for 32 bit: gen_subnet_max returns incorrectly on 32 bit 2.2. One example, WoL will always throw in 255.255.255.255 as the broadc... Chris Buechler
12:59 PM Revision db4b4576: Improve a bit sh syntax and fix it for multiple swap devices: Renato Botelho
12:39 PM Revision a005a836: finalized Form classes, allowed add/removeClass on all elements: + add overloadable submit button Sjon Hortensius
12:39 PM Revision f76cbd6f: Fix sed syntax, -i requires a space before the parameter. Also fix regex to find swap device: Renato Botelho
12:38 PM Revision 802956d6: Fix sed syntax, -i requires a space before the parameter. Also fix regex to find swap device: Renato Botelho
12:19 PM Bug #4314: Traffic Shaper Wizard not accepting an alias in the "Upstream SIP Server" text box: I think this should fix it:
https://github.com/pfsense/pfsense/pull/1453
The field name for that had been changed i... Phillip Davis
10:39 AM Bug #4314 (Resolved): Traffic Shaper Wizard not accepting an alias in the "Upstream SIP Server" text box: When using the traffic shaper wizard "Multiple LAN/WAN" I choose to prioritize voice over IP traffic and use a generi... Muchacha Grande
11:46 AM Bug #4315 (Resolved): unable to auto-update i386 from 2.2-BETA to 2.2-RELEASE: you're pointing to the snapshot server not the stable release update location, so that's the expected end result.
... Chris Buechler
11:40 AM Bug #4315 (Resolved): unable to auto-update i386 from 2.2-BETA to 2.2-RELEASE: Currently running "2.2-BETA (i386) built on Sat Nov 22 20:52:45 CST 2014 FreeBSD 10.1-RELEASE".
Dashboard shows upda... Adam Thompson
11:19 AM Bug #4313 (Rejected): DHCP server does not send configured DNS (with DNS forwarder/resolver disabled): not true, that works correctly Chris Buechler
09:58 AM Bug #4313: DHCP server does not send configured DNS (with DNS forwarder/resolver disabled): Sorry, I had something misconfigured... Eric Hoffman
09:50 AM Bug #4313 (Rejected): DHCP server does not send configured DNS (with DNS forwarder/resolver disabled): I have DHCP server enabled on LAN, with the DNS fields configured.
I also disabled DNS forwarder/resolver.
On the... Eric Hoffman
09:12 AM Revision a32c0623: whitespace changes; renamed classes to Form_ prefix: Sjon Hortensius
08:55 AM Feature #4272 (Rejected): Depreciate Full install. Replace with Embedded, include gui to allow adding a mount / path to install packages to (and additional Full install features as packages): Not likely to happen. If anything we may go the other way, deprecating NanoBSD and using full installs exclusively. L... Jim Pingle
08:14 AM Bug #4238: Firewall rule: source port display issue: https://github.com/pfsense/pfsense/pull/1452
patch to fix this Bipin Chandra
07:25 AM Bug #4312 (Resolved): Bridge advanced settings not always applied after interface is added to bridge: on 2.2 release
after reboot, the option PRIVATE PORTS (ovpns6 and ovpnc4 for my example) of BRIDGE not work (brigde ... dominique dupont
07:15 AM Bug #4276: Layer 7 not working / ipfw-classifyd high load: in logs:... winmasta winmasta
06:26 AM Revision 6a32a3e4: use example.com for examples: Chris Buechler
06:26 AM Revision a8b61be6: use example.com for examples: Chris Buechler
06:21 AM Revision 5e3affe2: these descriptions were flipped. Ticket #4273: Chris Buechler
06:21 AM Revision 580f5eee: these descriptions were flipped. Ticket #4273: Chris Buechler
06:15 AM Feature #2668: Support aliases in OpenVPN local/remote/tunnel network fields: Bump Dmitriy K
03:15 AM Bug #4275 (Confirmed): ASN.1 DN needs double quotes in config file: Chris Buechler
03:06 AM Bug #4300 (Confirmed): Can not enter outbound NAT destination port range: Chris Buechler
03:03 AM pfSense Packages Bug #4309 (Rejected): layer7 do not work properly: duplicate of #4276 Chris Buechler
01:32 AM pfSense Packages Bug #4309 (Rejected): layer7 do not work properly: Have "ipfw-classifyd: packet dropped: output queue full" in system log, cant load any web page winmasta winmasta
02:59 AM Feature #4265: UPNP allow use of alias and schedule: im trying to code the schedule feature to upnp but seems im totally lost in all the php and inc file code, can any1 g... Bipin Chandra
02:52 AM Bug #4311 (Resolved): aPinger service gets higher ping. Resolves for short period after restart aPinger service: Our RRD graphs in the section Quality gain a higher ping than I can measure. After restarting the aPinger service the... Dirk Jan de Vries
02:13 AM Bug #4310 (Resolved): Limiters + HA results in hangs on secondary: Configuring limiters on a firewall rule in 2.2 on a system using HA results in a kernel panic reboot loop. To replica... Chris Buechler
01:34 AM Bug #4280 (Rejected): LAN with quad NIC configured with LAGG-LACP and VLANs: the root issue here is #4308 Chris Buechler
01:26 AM Bug #4308 (Closed): LAGG LACP defaults to strict mode in FreeBSD >= 10: In FreeBSD 10.0 and newer, LAGG with LACP defaults to strict mode. If it's not getting LACPDUs on the ports, it doesn... Chris Buechler
12:42 AM Bug #4297: Squid unable to listen on port inferior to 1024: Chris Buechler wrote:
> that sysctl has no relation to what you're trying to do. net.inet.ip.portrange.reservedhigh ... Stanislas Khider
12:20 AM Bug #4273 (Resolved): OpenVPN options route-nopull and route-noexec swapped: Thanks. Yeah the descriptions were backwards, fixed. Chris Buechler
12:00 AM Bug #4178: IPsec leftsubnet changed to 0.0.0.0 with Cisco unity plugin active: reported here that just setting cisco_unity=no is inadequate to fix this issue.
https://forum.pfsense.org/index.php... Chris Buechler

01/26/2015

11:28 PM Bug #4297 (Rejected): Squid unable to listen on port inferior to 1024: that sysctl has no relation to what you're trying to do. net.inet.ip.portrange.reservedhigh is what you're looking fo... Chris Buechler
03:30 AM Bug #4297 (Rejected): Squid unable to listen on port inferior to 1024: Squid 3.4.10_2 pkg 0.2.6
pFsense 2.2
Impossible to listen on port <1024
The field 'reverse HTTP port' must con... Stanislas Khider
07:21 PM Bug #4307: bacula-fd configuration is mangled: The UI also has a typo: Diector Dan Langille
07:19 PM Bug #4307: bacula-fd configuration is mangled: Oh, now that I notice it: "director = -dir" would normally be "director = bacula-dir", that it is, it would match t... Dan Langille
07:16 PM Bug #4307 (Closed): bacula-fd configuration is mangled: This is what pfSense 2.2 shows me for my bacula-fd configuration:... Dan Langille
07:12 PM pfSense Packages Bug #4306 (Resolved): bacula-fd configuration file location is incorrect: Bacula is running with:... Dan Langille
06:19 PM Bug #4299 (Rejected): Gateway Monitor producing bogus RTT variables (ping times): duplicate of #4081 Chris Buechler
06:15 AM Bug #4299: Gateway Monitor producing bogus RTT variables (ping times): To add: minimum possible WAN GATEWAY ping return value is 7ms (100% impossible for it to go under that number, a cabl... Mike Oxlong
06:10 AM Bug #4299: Gateway Monitor producing bogus RTT variables (ping times): Impossibly high, or impossibly low?
Yes, I have seen occasions when the ping time is impossibly low for a while. I t... Phillip Davis
05:59 AM Bug #4299 (Rejected): Gateway Monitor producing bogus RTT variables (ping times): Performed upgrade from 2.1.5 to 2.2-RELEASE. Now Gateway Monitor produces arbitrary and completely bogus (impossible)... Mike Oxlong
06:17 PM Feature #4305 (Rejected): Add Advanced / local-data option to Host Overrides for DNS Resolver / Unbound: already there, just have to configure it correctly Chris Buechler
06:15 PM Feature #4305: Add Advanced / local-data option to Host Overrides for DNS Resolver / Unbound: You are (obviously) right.
I read that article, but must have assumed it was part of the TXT Comment Support.
T... Andrew Stuart
04:59 PM Feature #4305: Add Advanced / local-data option to Host Overrides for DNS Resolver / Unbound: You're just doing it wrong.... Kill Bill
02:43 PM Feature #4305 (Rejected): Add Advanced / local-data option to Host Overrides for DNS Resolver / Unbound: The Advanced button doesn't allow the inclusion of local-data: entries. Actually it allows it, but it breaks unbound
... Andrew Stuart
05:39 PM Bug #4218 (Confirmed): Bridge does not have AUTO_LINKLOCAL flag: this is part of what's noted in if_bridge(4): ... Chris Buechler
04:40 PM Revision 3ad5d4ce: Merge branch 'bootstrap' of github.com:SjonHortensius/pfsense into bootstrap: Sjon Hortensius
04:38 PM Revision b40bcb23: New POC for generating forms through PHP classes: reduce the amount of html c/ping by keeping the amount of
meta-data limited Sjon Hortensius
04:32 PM Bug #4284 (Rejected): PFSense 2.2. won't automatically add arp entries from multicast mac addresses into its arp table: that'll be required to add as a tunable where you need that to work. The fact it worked before was technically the bu... Chris Buechler
10:19 AM Bug #4284: PFSense 2.2. won't automatically add arp entries from multicast mac addresses into its arp table: This can be permanently fixed on each PFSense Firewall by:
System->Advanced->System Tunables
Then add an entry ... Jonathan Black
04:04 PM Todo #4224: PBIs are old skool. pkg-ng is the new shiny. We need to convert pfSense to use pkg-ng.: Even if you don't go to the extreme I'm suggesting in [[https://redmine.pfsense.org/issues/4272]], I would suggest ke... Andrew Stuart
04:01 PM Todo #4225: Lets improve the webGUI: In addition to this, I'd say the forced change to "pfsense" is rather annoying, in that it's really simple to fat fin... Andrew Stuart
03:21 PM Bug #4280: LAN with quad NIC configured with LAGG-LACP and VLANs: Ok so I created a VM with a fresh install of 2.2 and did the following,
System > Advanced > Networking
Checked "D... Gabriel Zellmer
03:10 PM Bug #4303: When using a public carp-ip on a wan interface that has a private ip apinger 'srcip' is set to the local ip.: Ok for some reason there was a nat state that was already passing traffic. Deleting that state made the apinger pings... Pi Ba
02:40 PM Bug #4303 (Rejected): When using a public carp-ip on a wan interface that has a private ip apinger 'srcip' is set to the local ip.: that's how things work by design, the interface IP of the interface in question is the appropriate source. You can NA... Chris Buechler
01:48 PM Bug #4303 (Rejected): When using a public carp-ip on a wan interface that has a private ip apinger 'srcip' is set to the local ip.: When using a public carp-ip on a wan interface that has a private ip apinger 'srcip' is set to the local ip.
Even wh... Pi Ba
02:16 PM pfSense Packages Bug #4304: pfflowd non-functional on 2.2.x versions: The Packages page reports version as:
0.8 pkg v1.0.2 Jeroen Roovers
02:09 PM pfSense Packages Bug #4304 (Closed): pfflowd non-functional on 2.2.x versions: Jan 26 20:56:32 pfflowd[40995]: pfflowd listening on pfsync0
Jan 26 20:56:32 kernel: pfsync0: promiscuous mode enabl... Jeroen Roovers
01:37 PM Bug #4283 (Rejected): Constant cas# device timeout errors and crashes with Sun 501-6738-10: not something we're going to fix, you can replicate on stock FreeBSD and report upstream to see if that gets any resu... Chris Buechler
01:36 PM pfSense Packages Bug #4271 (Rejected): vnstat2 conf file not pointing to proper path: duplicate of #4282 Chris Buechler
01:25 PM Bug #4302 (Confirmed): Several DSCP choices are non-functional and result in a broken ruleset: Jim Pingle
01:22 PM Bug #4302 (Resolved): Several DSCP choices are non-functional and result in a broken ruleset: Several DSCP choices are non-functional in pfSense 2.2 rules and when chosen, they result in a broken ruleset that wi... Jim Pingle
12:45 PM pfSense Packages Bug #4301 (Closed): arpwatch not sending email reports on 2.2: Not much info I can provide for this one but arpwatch isn't sending email reports anymore after upgrading to 2.2 amd6... Cino .
10:03 AM Revision 5f8673d1: Merge pull request #6 from SanderVanLeeuwen/bootstrap: pfSense in Virtualbox installation instructions SjonHortensius
09:54 AM Revision 6c6ff9ad: Add Virtualbox installation instructions: Sander van Leeuwen
09:51 AM Revision 88d0577b: Add Virtualbox installation instructions: Sander van Leeuwen
09:38 AM Bug #4300: Can not enter outbound NAT destination port range: In the meantime, that field may also be left blank so that it affects all ports, not only that specific range. Jim Pingle
09:36 AM Bug #4300: Can not enter outbound NAT destination port range: One note, it is to be noted that this does NOT seem to break update, nor backup/restore. I.e. on upgrade, from 2.1.5... Eric Hoffman
09:10 AM Bug #4300: Can not enter outbound NAT destination port range: Thanks for the head-up. It seem to be to fix bug #3857. I concur that the edit box is a single port entry, and shou... Eric Hoffman
08:44 AM Bug #4300: Can not enter outbound NAT destination port range: That behavior was changed by https://github.com/pfsense/pfsense/commit/9060f420a9444c68fc8db926787d0bb37d77ed72
Not ... Phillip Davis
07:34 AM Bug #4300 (Resolved): Can not enter outbound NAT destination port range: In pfSense 2.1.5, I could enter an outbound NAT rule with destination port range, and in pfSense 2.2, I get error tha... Eric Hoffman
08:44 AM pfSense Packages Bug #4217 (Confirmed): siproxd on pfSense 2.2-RELEASE i386 fails to start: siproxd works fine on amd64 but fails on i386.
Crashes with signal 4. Jim Pingle
04:50 AM Bug #4298: Excessive errors from snmpd: In the monitoring system there is a strange entry for IP:
Address Interface Netmask
0.0.0.0/ vtnet0 (... Holger Hampel
04:32 AM Bug #4298 (Assigned): Excessive errors from snmpd: When accessing snmp from a montitoring system I get many, many errors (logged in the central syslog):
snmpd[95772]... Holger Hampel

01/25/2015

07:22 PM Bug #4296 (Resolved): Using the same FQDN in multiple aliases causes static entries to be lost: If aliases exist that have both FQDN entries and IP address or network entries, and the same FQDN entries are in mult... Jim Pingle
05:59 PM Feature #2989: Changing language english to turkish not effect: Is the pull request merged? what it's id? Marcello Silva Coutinho
04:42 PM pfSense Packages Bug #4295 (Resolved): stunnel not working in Release 2.2: Installed Package stunnel on pfsense 2.2 but is doesn't work.
(Please see attached file)
I was able to resolve th... Stefan Berger
04:42 PM Feature #4294: Add additonal option to RADIUS Called-Station-Id value: Also, if this ne option is set, the Called-Station-Id should also be the same WAN MAC in RADIUS accounting packets to... James Wood
04:36 PM Feature #4294 (Resolved): Add additonal option to RADIUS Called-Station-Id value: We are a hotspot provider and have many potential customers who are looking to use our service and love their pfSense... James Wood
04:27 PM Bug #4218: Bridge does not have AUTO_LINKLOCAL flag: Can anyone reproduce this? Can this be assigned to 2.2.1? Martin Schmidauer
04:26 PM pfSense Packages Bug #4293: Squid 2.7.9 pkg v.4.3.6 i386 won't start: understand from irc the 64bit package works ok - i386 seems to have issues Walt McDonald
04:22 PM pfSense Packages Bug #4293 (Closed): Squid 2.7.9 pkg v.4.3.6 i386 won't start: squid not starting following upgrade to 2.2
32 bit
squid-2.7.9_4-i386
php-fpm[259]: /rc.start_packages: The co... Walt McDonald
03:47 PM Revision 3aa55bbe: Dynamic DNS wildcard typo: Self-explanatory, just a dumb typo bug Phil Davis
02:24 PM Feature #4292 (New): Show 95th Percentile for IPv6 Traffic in RRD Graphs: The RRD graphs correctly show the 95th percentile for IPv4 traffic but it is neither computed nor displayed for IPv6 ... C0re M
11:13 AM Bug #4286: State killing on gateway change: Ahh - well that is different to what I was thinking. Yes the failback of the OpenVPN traffic in that case will depend... Phillip Davis
10:15 AM Bug #4286: State killing on gateway change: Thank you for your answer, however I forgot to mention that I'm not using OpenVPN server on Pfsense, but on a remote ... Jo S
10:09 AM Bug #4286: State killing on gateway change: This seems more an OpenVPN failover issue. I just tested mine at home on 2.2-RELEASE - failed my main link, my OpenVP... Phillip Davis
04:58 AM Bug #4286 (Not a Bug): State killing on gateway change: Hello,
I have a problem in a multi-wan configuration:
Link 1 (main) in tier1
Link 2 (backup) in tier2
The m... Jo S
11:06 AM Bug #4289: Invalid alias using a numerical name causes a filter reload error: What config look older alias? Dmitry Gnoevoy
11:04 AM Bug #4289: Invalid alias using a numerical name causes a filter reload error: It may be an older notice that hasn't cleared, make sure the alias is gone and then force a filter reload from Status... Jim Pingle
11:02 AM Bug #4289: Invalid alias using a numerical name causes a filter reload error: I Remove it and rename it. But after filter reload error the same # User Aliases
1 = "{ 21 }" Dmitry Gnoevoy
10:45 AM Bug #4289 (Confirmed): Invalid alias using a numerical name causes a filter reload error: You have an invalid alias named "1". Remove it or rename it.
"The alias name must be less than 32 characters long,... Jim Pingle
10:30 AM Bug #4289: Invalid alias using a numerical name causes a filter reload error: Done! Dmitry Gnoevoy
10:20 AM Bug #4289: Invalid alias using a numerical name causes a filter reload error: Please attach a copy of your config.xml and /tmp/rules.debug. A sanitized version of config.xml can be copied from op... Jim Pingle
09:09 AM Bug #4289 (Resolved): Invalid alias using a numerical name causes a filter reload error: Jan 25 16:09:02 php-fpm[55157]: /rc.filter_configure_sync: New alert found: There were error(s) loading the rules: /t... Dmitry Gnoevoy
10:21 AM pfSense Packages Bug #4282: Vnstat2 1.11 Does Configuration Parser Error: Don't forget to also check that the package continues to work on 2.1.x with the fix applied. If it does not, then mor... Jim Pingle
01:53 AM pfSense Packages Bug #4282: Vnstat2 1.11 Does Configuration Parser Error: i tested this and it seems to solve the issue Bipin Chandra
12:55 AM pfSense Packages Bug #4282: Vnstat2 1.11 Does Configuration Parser Error: After digging into this further, this is a "feature" of the PBI architecture, and a bug in the package. The PBI middl... Bryce Chidester
10:18 AM Feature #4291: combined dynamic/static ARP: I'm not sure if it is a bug or this is the normal behavior...
As a work around I do attach another NIC to pfSense... Michael F
09:51 AM Feature #4291 (Rejected): combined dynamic/static ARP: while creating DHCP server there is option called "Enable Static ARP entries"...
When NOT ticked... each lease will ... Michael F
08:11 AM pfSense Packages Bug #4288: inetd is missed by check_mk: inetd is running - but the standard start script is missing.
Also the check_mk config goes to /etc/inetd.conf - th... Holger Hampel
07:48 AM pfSense Packages Bug #4288 (Resolved): inetd is missed by check_mk: When installing or configuring the package I get in the system log:
php-fpm[74859]: /rc.start_packages: The comman... Holger Hampel
05:46 AM Feature #4265: UPNP allow use of alias and schedule: https://github.com/pfsense/pfsense/pull/1438
this patch will allow the web GUI for UPnP to enter more user specifi... Bipin Chandra
05:07 AM Bug #4287 (Resolved): Wrong display for ppp in Interfaces page: Hello,
I have a ppp link configured with a 3G usb modem Huwaei E372 which is working great.
However there is a bu... Jo S
04:59 AM pfSense Packages Bug #4277: squidGuard-squid3 installation Failed after pfSense Update to 2.2: Having the same problem here, see https://forum.pfsense.org/index.php?topic=87325.0
There is no sha256sum for squi... q v
01:37 AM pfSense Packages Bug #4285: lcdproc package is PBI-ignorant, writing configuration outside of the PBI root: Pullreq/patch https://github.com/pfsense/pfsense-packages/pull/795 Bryce Chidester
01:34 AM pfSense Packages Bug #4285 (Resolved): lcdproc package is PBI-ignorant, writing configuration outside of the PBI root: The lcdproc package in the 2.2/FreeBSD-10 release is a PBI and therefore its file access calls go through the PBI pat... Bryce Chidester
12:39 AM pfSense Packages Bug #4271: vnstat2 conf file not pointing to proper path: this seems a duplicate of https://redmine.pfsense.org/issues/4282
fixing that would solve this Bipin Chandra

01/24/2015

09:18 PM Bug #4284 (Rejected): PFSense 2.2. won't automatically add arp entries from multicast mac addresses into its arp table: I have a cluster created with Windows Network Load Balancing using the IGMP multicast. Anyway, the cluster IP has a m... Jonathan Black
07:59 PM Feature #2834: carp+pfsync: add ability to prefer one node as master: Attached is a simple fix based on the initial request of giving people the option to disable the syncing of the skew ... Robert Middleswarth
07:41 PM Bug #4283 (Rejected): Constant cas# device timeout errors and crashes with Sun 501-6738-10: Updated a copy of a working 2.1.5 production system to 2.2 and, during the boot, see constant cas2 and cas3 device ti... B. Derman
07:05 PM pfSense Packages Bug #4198: lightsquid doesn't work, perl is missing: also see post https://forum.pfsense.org/index.php?topic=87316.0;topicseen Cino .
06:52 PM pfSense Packages Bug #4282: Vnstat2 1.11 Does Configuration Parser Error: I can confirm, this bug as well Vnstat2 installs correctly but no logs are ever updated. after going into the shell a... Disk1of5 NA
05:25 PM pfSense Packages Bug #4282: Vnstat2 1.11 Does Configuration Parser Error: (Wow, I meant to update the title slightly... I promise, I speak better English)
Obligatory patch to pfsense-packa... Bryce Chidester
05:24 PM pfSense Packages Bug #4282 (Resolved): Vnstat2 1.11 Does Configuration Parser Error: Since upgrading to 2.2 (and reinstalling all packages), vnstat2 errors out every time.... Bryce Chidester
04:16 PM pfSense Packages Bug #4281: E-Mail Reports (mailreports package) Error With Multiple Graphs: Thanks for fixing the project - didn't realize which project I was in when I opened the issue.
I went ahead and op... Bryce Chidester
04:13 PM pfSense Packages Bug #4281: E-Mail Reports (mailreports package) Error With Multiple Graphs: I've got some other bugs to fix there already (such as updating the mail library). I plan to work on it this week if ... Jim Pingle
03:58 PM pfSense Packages Bug #4281: E-Mail Reports (mailreports package) Error With Multiple Graphs: Simple patch to rename the temporary variable that's conflicting with the global $g.... Bryce Chidester
03:47 PM pfSense Packages Bug #4281 (Resolved): E-Mail Reports (mailreports package) Error With Multiple Graphs: When a report has multiple graphs, the following errors are generated while generating graphs 2-N... Bryce Chidester
02:26 PM Bug #4280 (Rejected): LAN with quad NIC configured with LAGG-LACP and VLANs: Original Post:
https://forum.pfsense.org/index.php?topic=87311
Problem:
With a fresh install of 2.2 and a basic ... Gabriel Zellmer
11:46 AM Bug #4279 (Resolved): Package reinstall displayed when shutting down before upgrade: I have noticed this before when upgrading a slow system (like Alix 2D13). After getting the upgrade it tells you the ... Phillip Davis
11:45 AM Feature #4278 (Resolved): Mail notification change name of the interface info more readable - pfsense 2.2: In mail notification from pfsesne:... Bartłomiej Bujak
11:42 AM pfSense Packages Bug #4277 (Closed): squidGuard-squid3 installation Failed after pfSense Update to 2.2: hello
after updating pfSense to the last release 2.2 it is impossible de reinstall squidGuard-squid3 with the f... idir AIT YAHIA
11:30 AM Bug #4276: Layer 7 not working / ipfw-classifyd high load: In logs:... Bartłomiej Bujak
11:22 AM Bug #4276 (Closed): Layer 7 not working / ipfw-classifyd high load: After upgrade pfsense 2.1.5 to 2.2 i have problem with ipfw-classifyd... Bartłomiej Bujak
10:17 AM Revision 0bf1e5fe: Fixed contextual links: pfSense.css - move help-link to ul that gets positioned
head.inc - implemented fixme
shortcuts.inc - replaced icons Sjon Hortensius
09:53 AM Revision 64c0004e: Updated readme with development instructions: Sjon Hortensius
09:48 AM Bug #4275 (Resolved): ASN.1 DN needs double quotes in config file: Upon upgrade of 2.1.5 to 2.2, strongswan did not start and quit with the following message:
Jan 24 16:12:39 ips... Michel Zehnder
09:38 AM Revision b4988336: Merge branch 'master' into bootstrap: Conflicts:
usr/local/www/head.inc
usr/local/www/themes/_corporate/styles/jquery-ui-1.11.1.css Sjon Hortensius
09:35 AM Revision 4c4e082b: Merge branch 'master' of https://github.com/pfsense/pfsense: Sjon Hortensius
08:50 AM Feature #2599: Captive Portal autologin function better than MAC passthrough: Any updates or work around!?
We also need this option... We use login by MAC address...but it's waiting the client t... Michael F
07:57 AM Bug #3147: Adding new interface can cause issues: This 'bug' appears to have finally been addressed with the changes for #3846 "Adding interface for new VLAN selects a... Chris Thomas
07:41 AM Bug #3290: IPV6 conectivity not restored after cablemodem reset: I had a similar issue when my modem automatically rebooted during Comcast maintenance. Two things... First, a reboot ... Anonymous
06:39 AM Bug #4274: Marking a packet with only a number results in a broken rule: Sorry, just realized I didn't list this as applying to 2.2 and it doesn't seem that I'm able to change it now. Jonathan Dieter
06:37 AM Bug #4274 (Resolved): Marking a packet with only a number results in a broken rule: I have a lot of floating rules used to mark packets with a number that I then catch later to do traffic shaping. Thi... Jonathan Dieter
04:43 AM Bug #4273 (Resolved): OpenVPN options route-nopull and route-noexec swapped: From the pfsense GUI:
Don't pull routes - Don't add or remove routes automatically. Instead pass routes to --route-u... Andreas Winge
04:25 AM Feature #4272 (Rejected): Depreciate Full install. Replace with Embedded, include gui to allow adding a mount / path to install packages to (and additional Full install features as packages): Embedded looks like a great way to go, why continue supporting a full install?
I've had this idea for a while. It ma... Andrew Stuart
03:52 AM pfSense Packages Bug #4270: Postfix dashboard widget not working in 2.2: I think that is expected unless you have received mail, and thus have an sqlite log/database.
See attached image, of... Andrew Stuart
02:28 AM pfSense Packages Bug #4270 (Closed): Postfix dashboard widget not working in 2.2: The Postfix dashboard widget shows blank in 2.2, likely needs updates for new PHP. Chris Buechler
03:05 AM pfSense Packages Bug #4271: vnstat2 conf file not pointing to proper path: pointed out here
https://forum.pfsense.org/index.php?topic=84026.msg477208#msg477208
fix would be simply changing... Bipin Chandra
03:02 AM pfSense Packages Bug #4271 (Rejected): vnstat2 conf file not pointing to proper path: vnstat2 package conf file in /usr/pbi/vnstat-i386/etc/vnstat.conf and /usr/pbi/vnstat-amd64/etc/vnstat.conf not point... Bipin Chandra

01/23/2015

11:06 PM Bug #4269: Modifying port forwarding rule to invalid IP kill the firewall until reboot: Well, indeed, not 'dead', but traffic is stopped.
I did what you suggested and e don't see any loop. However, I s... Eric Hoffman
10:35 PM Bug #4269 (Feedback): Modifying port forwarding rule to invalid IP kill the firewall until reboot: it's certainly not possible to kill a system by putting an incorrect IP into a port forward. maybe if you managed to ... Chris Buechler
10:08 PM Bug #4269 (Not a Bug): Modifying port forwarding rule to invalid IP kill the firewall until reboot: First, this is using invalid actions, so this is not so critical, but doing so will result in denial of service.
-... Eric Hoffman
09:04 PM Bug #4267 (Closed): IPSEC Phase 1 deletion: thought we already had a ticket to change strongswan's behavior here in the future, apparently not, but we do now. #4... Chris Buechler
08:55 PM Bug #4267 (Closed): IPSEC Phase 1 deletion: Deleting an IPSEC phase 1 entry from vpn_ipsec.php for a tunnel that has not connected does not result in the entry b... Christian Borchert
09:03 PM Bug #4268 (Closed): changes in strongswan config don't apply to SAD or SPD: Doesn't appear we've opened a ticket to address this yet. strongSwan's behavior of not updating the SAD is going to g... Chris Buechler
05:39 PM Bug #4266: Rekeying issues with IKEv1 and multiple P2s under some circumstances: to me for info gathering Chris Buechler
05:39 PM Bug #4266 (Resolved): Rekeying issues with IKEv1 and multiple P2s under some circumstances: Where you have multiple P2s configured on a single P1 with IKEv1, there are some rekeying issues under some circumsta... Chris Buechler
02:52 PM Revision 4c7f7c29: Merge pull request #5 from SanderVanLeeuwen/bootstrap: Updated documentation / guidelines SjonHortensius
06:18 AM Feature #4265: UPNP allow use of alias and schedule: can any of the core developer let me know what would be the preferred method for those permission list so i can make ... Bipin Chandra
02:57 AM Feature #4265: UPNP allow use of alias and schedule: i mean separated with a "," Bipin Chandra
02:56 AM Feature #4265: UPNP allow use of alias and schedule: well, what i can do is is replace the last 4 permission boxes with a single one where some1 could type out all entrie... Bipin Chandra
06:11 AM Bug #4231: bridge or lagg of openvpn link down after reboot: And the interface LAGG is BRIGED with the LAN dominique dupont
04:12 AM Bug #4231: bridge or lagg of openvpn link down after reboot: After the patche of bug https://redmine.pfsense.org/issues/4257
the BRIDGE is OK, but not the LAGG
On 2.2RC last up... dominique dupont
12:42 AM pfSense Packages Bug #4256: Squid3 using 100% CPU after install/reboot: As shown in the log above: some squid processes. The issue is stable to reproduce. Dmitriy K
12:02 AM Revision 323317c3: Typo: Sander van Leeuwen

01/22/2015

10:41 PM Revision 6c943511: Additional documentation: - Added checkbox example
- Form field help block example
- Button and icon usage explained Sander van Leeuwen
08:38 PM Feature #4242: Two Factor or OTP Authentication for Admin Interface: Many if not most 2FA solutions support LDAP and/or RADIUS so are already supported. That said, enhancements here woul... Chris Buechler
07:56 PM Revision 145eb990: Fixes #4257 With the platform_booting() fixes a regression was done on openvpn tap interfaces or dynamic ones that are part of a bridge.: Allow during bootup rc.newwanip to continue up to a ceratin part to handle bridges or other complex interfaces. Ermal Luçi
07:56 PM Revision 30a61a89: Fixes #4257 With the platform_booting() fixes a regression was done on openvpn tap interfaces or dynamic ones that are part of a bridge.: Allow during bootup rc.newwanip to continue up to a ceratin part to handle bridges or other complex interfaces. Ermal Luçi
06:04 PM Bug #4252 (Resolved): radvd not functional with CARP IPs: fixed Chris Buechler
06:20 AM Bug #4252: radvd not functional with CARP IPs: Applied in changeset commit:9b527a7931795466ab7286f0caadd7bef082d002. Renato Botelho
06:10 AM Bug #4252 (Feedback): radvd not functional with CARP IPs: Applied in changeset commit:8e24d1dacd80fd539cc9dd6a5f0a7c8953bcffd0. Renato Botelho
12:58 AM Bug #4252 (Confirmed): radvd not functional with CARP IPs: this is mostly fixed. Where CARP goes to backup status, it seems fine. But if the CARP VIPs are completely gone, it f... Chris Buechler
05:45 PM Bug #4257 (Resolved): tap interfaces missing from bridge after boot: fixed Chris Buechler
02:10 PM Bug #4257: tap interfaces missing from bridge after boot: Applied in changeset commit:145eb9907c638f5a1cf279b480a69bb3556c3b7e. Ermal Luçi
02:10 PM Bug #4257: tap interfaces missing from bridge after boot: Applied in changeset commit:30a61a895a969cfa890a30df76b2f83b252cb231. Ermal Luçi
01:56 PM Bug #4257 (Feedback): tap interfaces missing from bridge after boot: Fixed anything else apart taps through this issue. Ermal Luçi
01:25 AM Bug #4257 (Confirmed): tap interfaces missing from bridge after boot: at the time I set it to 2.2.1, 2.2-release was already built and signed. Since we're rebuilding it for other reasons,... Chris Buechler
12:44 AM Bug #4257: tap interfaces missing from bridge after boot: To remind you: there is no traffic between sites after reboot. Both sides are UP and RUNNING and NOTHING goes between. Dmitriy K
12:37 AM Bug #4257: tap interfaces missing from bridge after boot: Huh, team is going to release 2.2 without working tap openvpn? That's interesting ... Dmitriy K
05:34 PM Bug #4248 (Resolved): AES-GCM doesn't interoperate with devices not using padding: fixed Chris Buechler
05:39 AM Bug #4248 (Feedback): AES-GCM doesn't interoperate with devices not using padding: Fixed by allowing the blocksize to not be multiple of blocksize. Ermal Luçi
01:29 AM Bug #4248 (Confirmed): AES-GCM doesn't interoperate with devices not using padding: Jim mentioned today we'll get this addressed in 2.2.
Ermal: test setup with AES-GCM to an ASA is setup. will emai... Chris Buechler
04:27 PM Revision e8477a56: Text tweak: Sander van Leeuwen
12:02 PM Revision 9b527a79: Make sure radvd is reconfigured when CARP is enabled/disabled. It should fix #4252: Renato Botelho
12:01 PM Revision 8e24d1da: Make sure radvd is reconfigured when CARP is enabled/disabled. It should fix #4252: Renato Botelho
11:41 AM Revision 91729b57: Save the tradition and point to used binaries here: Ermal Luçi
11:41 AM Revision b711bfac: Save the tradition and point to used binaries here: Ermal Luçi
11:03 AM Revision 560d1b53: When configuring radvd, check if carp is enabled. Ticket #4252: Renato Botelho
11:02 AM Revision 7b753c2b: Do not translate function return string: Renato Botelho
11:01 AM Feature #4265: UPNP allow use of alias and schedule: I don't get the design in the first place. You could as many permissions there as needed, if only there was one of th... Kill Bill
04:28 AM Feature #4265 (New): UPNP allow use of alias and schedule: it would be great if the upnp settings page allowed to type in individual client ip for which to allow or deny rather... Bipin Chandra
11:01 AM Revision ee8fb75d: Fix typo in function name: Renato Botelho
11:00 AM Revision 150d479b: When configuring radvd, check if carp is enabled. Ticket #4252: Renato Botelho
11:00 AM Revision 42cc62a2: Do not translate function return string: Renato Botelho
10:59 AM Revision 44763e58: Fix typo in function name: Renato Botelho
10:24 AM Revision 2a746a1e: Add language hint to code block: Sander van Leeuwen
10:22 AM Revision f180fe1a: Code style documentation for tables and forms: Sander van Leeuwen
09:14 AM Revision dc85e806: Merge branch 'master' of https://github.com/pfsense/pfsense: Sjon Hortensius
09:13 AM Revision cc5b2948: Merge pull request #4 from SanderVanLeeuwen/bootstrap: Firewall rules and VPN L2TP layout changes SjonHortensius
09:05 AM Bug #1333: Rate causes high CPU usage: Not here:
PID USERNAME THR PRI NICE SIZE RES STATE TIME WCPU COMMAND
70675 root 1 119 0 3... Wayne Scott
08:22 AM Bug #4240: 2.2 IPv6 radvd RDNSS Issue: attached screenshots Adam Fathauer
06:45 AM Feature #3120 (Rejected): WebConfigurator, open help page on new window: The help link used to open in a new window, it was changed to give the user the choice. The way it is now, the user c... Jim Pingle
03:25 AM Feature #4264 (Closed): Make distinction between general & security updates, while applying the latter automatically: Current pfSense setup does not make a distinction between security updates and general updates. The latter requires a... niels hof
02:48 AM Bug #4258: DNS Resolver - auto-added access controls missing IPv6 subnets where "all" interfaces selected: OK, lets call this fixed then. Thanks. :)
(Kinda inconsistent results, perhaps the VPN stuff would be worth a sepa... Kill Bill
02:43 AM Bug #4258: DNS Resolver - auto-added access controls missing IPv6 subnets where "all" interfaces selected: for v4, it uses the same source networks as it uses for outbound NAT auto rule generation, which is a diff process. Chris Buechler
02:23 AM Bug #4258: DNS Resolver - auto-added access controls missing IPv6 subnets where "all" interfaces selected: Kinda confused really what it covers now. It certainly is adding OpenVPN and IPSec IPv4 subnets to the ACL. Kill Bill
02:20 AM Bug #4258: DNS Resolver - auto-added access controls missing IPv6 subnets where "all" interfaces selected: It only covers interfaces that are assigned and enabled plus static routes for IPv6. Manual entries will be required ... Chris Buechler
02:06 AM Bug #4258: DNS Resolver - auto-added access controls missing IPv6 subnets where "all" interfaces selected: Ok, this works mostly fine, except that it misses OpenVPN's IPv6 (and probably IPsec as well, don't have IPv6 IPsec t... Kill Bill
02:45 AM Feature #4262: Alphabetical listing of interfaces, VLANs: The underlying identifier strings "wan" "lan" "opt1" ... are used all over the place in the config to hook things tog... Phillip Davis
01:55 AM Bug #4261 (Closed): Google Domains Dynamic DNS -- Works on 2.1.5 but not 2.2-RC: Chris Buechler
01:53 AM Bug #4261: Google Domains Dynamic DNS -- Works on 2.1.5 but not 2.2-RC: Works just fine. See https://forum.pfsense.org/index.php?topic=86900.msg477095#msg477095 Kill Bill
12:24 AM Bug #4261: Google Domains Dynamic DNS -- Works on 2.1.5 but not 2.2-RC: Sorry, typo in the report -- I am using HTTPS for all my attempts, not HTTP. I'll start fresh and see if I can figur... Daniel Eckert
12:12 AM Bug #4261: Google Domains Dynamic DNS -- Works on 2.1.5 but not 2.2-RC: oh one difference between what you're doing and we're trying, we're using HTTPS rather than HTTP. Might want to try t... Chris Buechler
01:19 AM pfSense Packages Bug #4263 (Needs Patch): ntopng: historical feature issue: Hello,
i can't use the historical feature. when i try to load historical data after setting interface and time inter... Anonymous
12:59 AM pfSense Packages Bug #4256 (Feedback): Squid3 using 100% CPU after install/reboot: which process is using 100% CPU? Chris Buechler
12:20 AM Feature #4038: Button to clear the arp cache: Chris Buechler wrote:
> Applying that may be dangerous, in that it leaves a file on your system with no authenticati... Josh Finlay
12:04 AM Revision 7fd2a0e3: Strict comparison not necessary here, and makes this fail to work as: intended. Fixes #4258 Chris Buechler
12:04 AM Revision 7684d66f: Strict comparison not necessary here, and makes this fail to work as: intended. Fixes #4258 Chris Buechler

01/21/2015

11:59 PM Feature #3120: WebConfigurator, open help page on new window: Damien Braillard wrote:
> Just a proposition:
> When clicking the help button from a page of the web configurator, ... Josh Finlay
11:58 PM Bug #4261 (Feedback): Google Domains Dynamic DNS -- Works on 2.1.5 but not 2.2-RC: works fine here, we just did some testing with two diff hosts on Google Domains. Both update, both display the correc... Chris Buechler
09:34 PM Bug #4261 (Closed): Google Domains Dynamic DNS -- Works on 2.1.5 but not 2.2-RC: Hi team,
I'm using the new Google Domains Dynamic DNS functionality, and I am pleased that it works so well on 2.1... Daniel Eckert
11:52 PM Feature #4038: Button to clear the arp cache: Chris Buechler wrote:
> Applying that may be dangerous, in that it leaves a file on your system with no authenticati... Josh Finlay
11:44 PM Feature #4038: Button to clear the arp cache: Applying that may be dangerous, in that it leaves a file on your system with no authentication that clears your ARP t... Chris Buechler
11:37 PM Feature #4038: Button to clear the arp cache: Grischa Zengel wrote:
> After swapping IP from two embedded devices (WizNet RS485 Gateways) the gateways weren't rea... Josh Finlay
11:37 PM Feature #4262: Alphabetical listing of interfaces, VLANs: Thanks for the quick reply, Chris! Yes, an option would be great, even if it weren't a change to the default behavio... Daniel Eckert
11:32 PM Feature #4262: Alphabetical listing of interfaces, VLANs: they're listed in the order of their identifier. wan, lan, opt1, opt2, ...
This is one of those things where if y... Chris Buechler
11:16 PM Feature #4262 (Needs Patch): Alphabetical listing of interfaces, VLANs: Hi team,
If possible, I'd love to see interfaces and VLANs ordered alphabetically instead of by order of creation ... Daniel Eckert
08:46 PM Revision f3caa5a4: Ticket #4254 do not put duplicate interface names: Ermal Luçi
08:45 PM Revision 005fd63a: Ticket #4254 do not put duplicate interface names: Ermal Luçi
08:40 PM Revision 44085a65: Ticket #4254 Actually use proper variables allover to have correct route added: Ermal Luçi
08:40 PM Revision b61930dc: Ticket #4254 Actually use proper variables allover to have correct route added: Ermal Luçi
08:34 PM Revision 52b25e81: Ticket #4254 Actually use proper interface to check if gateway exists: Ermal Luçi
08:33 PM Revision 3ad33c0e: Ticket #4254 Actually use proper interface to check if gateway exists: Ermal Luçi
08:25 PM Revision 1e453232: Ticket #4254 Use proper variable: Ermal Luçi
08:25 PM Revision cde88d5e: Ticket #4254 Use proper variable: Ermal Luçi
08:09 PM Revision c7d44786: Ticket #4254 actually use the info on the protocol of the vpn sepcification to be more sure on the family to use: Ermal Luçi
08:09 PM Revision 39e3b27b: Ticket #4254 actually use the info on the protocol of the vpn sepcification to be more sure on the family to use: Ermal Luçi
08:09 PM Bug #4254 (Resolved): Dynamic interface removal/addition breaks IKEv2: that fixes the initial described problem. Also re-verified multi-WAN bits after static routes returned, including dis... Chris Buechler
03:03 PM Bug #4254: Dynamic interface removal/addition breaks IKEv2: Static routes are put back in the configuration. Ermal Luçi
02:38 AM Bug #4254 (Feedback): Dynamic interface removal/addition breaks IKEv2: I put a workaround to not use the interfaces not present in config.
Though the real workaround here is to install ... Ermal Luçi
01:23 AM Bug #4254: Dynamic interface removal/addition breaks IKEv2: sent Ermal details on how to replicate in the test setup. Chris Buechler
08:06 PM Revision 7f9844c2: Ticket #4254 Handle even hosts specified throguh dns name: Ermal Luçi
08:06 PM Revision 95783403: Ticket #4524 Bring back static routes on ipsec to make sure charon does not send traffic through wrong iface. This handles properly ipv6: Ermal Luçi
08:04 PM Revision 4e1fd3b6: Ticket #4254 Handle even hosts specified throguh dns name: Ermal Luçi
08:00 PM Revision c7edf1f8: Ticket #4524 Bring back static routes on ipsec to make sure charon does not send traffic through wrong iface. This handles properly ipv6: Ermal Luçi
07:43 PM Revision 2525ea04: Correct this typo which would make other things break: Ermal Luçi
07:31 PM Revision 121cde47: Be compliant with gatway groups specified on ipsec. Ticket #4254: Ermal Luçi
07:31 PM Revision 312a5188: Ticket #4254 Actually fix this on 2.2 branch since vips are not handled by get_real_interface apparently!: Ermal Luçi
07:31 PM Revision 260c6a7e: Be compliant with gatway groups specified on ipsec. Ticket #4254: Ermal Luçi
06:55 PM Bug #4258 (Resolved): DNS Resolver - auto-added access controls missing IPv6 subnets where "all" interfaces selected: updated subject to specific issue. Fixed Chris Buechler
06:20 PM Bug #4258: DNS Resolver - auto-added access controls missing IPv6 subnets where "all" interfaces selected: Applied in changeset commit:7fd2a0e3a9163d8cc3f578f4bd105ed0c982737f. Chris Buechler
06:20 PM Bug #4258 (Feedback): DNS Resolver - auto-added access controls missing IPv6 subnets where "all" interfaces selected: Applied in changeset commit:7684d66fad740820ca1c945a5b67a6f813306235. Chris Buechler
06:05 AM Bug #4258 (Resolved): DNS Resolver - auto-added access controls missing IPv6 subnets where "all" interfaces selected: IPv4 subnets are automagically added to /var/unbound/access_lists.conf; however this is not done with any of the IPv6... Kill Bill
06:32 PM Revision 083ec796: Ticket #4254 Actually fix this on 2.2 branch since vips are not handled by get_real_interface apparently!: Ermal Luçi
04:38 PM Revision 52b5a223: When radvd is configured on a CARP interface, enable it when it is MASTER and disable when go to BACKUP. It should fix #4252: Renato Botelho
04:36 PM Revision caaaf9ce: Add missing require for filter.inc since vpn_ipsec_configure() calls filter_configure(). It should fix #4236: Renato Botelho
04:36 PM Revision a6934401: When radvd is configured on a CARP interface, enable it when it is MASTER and disable when go to BACKUP. It should fix #4252: Renato Botelho
03:20 PM pfSense Packages Bug #4243: Last squidguard update prevents squid from starting: The problem appears to be more complex than I first thought.
In a fresh install into virtualbox with squid 2.x and s... Volker Kuhlmann
12:27 PM Feature #4260 (Closed): Add ECP DH key groups support: strongswan has had ECP DH key groups support for quite some time, should be added to GUI.
https://wiki.strongswan.o... Chris Buechler
12:13 PM Bug #4257 (Feedback): tap interfaces missing from bridge after boot: Chris Buechler
05:30 AM Bug #4257: tap interfaces missing from bridge after boot: https://redmine.pfsense.org/issues/4146 Kill Bill
04:45 AM Bug #4257 (Resolved): tap interfaces missing from bridge after boot: *Before instance restart/after reboot:*
ovpnc1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 15... Dmitriy K
12:12 PM Bug #4255 (Rejected): Outbound NAT needs config upgrade: you're right, I was too quick on the trigger here. The config upgrade failed on one pair of systems because it was up... Chris Buechler
05:24 AM Bug #4255 (Feedback): Outbound NAT needs config upgrade: Do you have a config that was broken after upgrade? I upgraded a 2.1.x to 2.2 on both modes, automatic and advanced a... Renato Botelho
04:17 AM Bug #4255: Outbound NAT needs config upgrade: There is a code to convert it, it's upgrade_102_to_103() Renato Botelho
11:28 AM Feature #3377: OAuth2 authentication in captive portal: Thomas NOEL wrote:
> Here is a proof of concept, for a OAuth2 captive portal authentication with Google accounts :
... simon mitnick
10:50 AM Bug #4252: radvd not functional with CARP IPs: Applied in changeset commit:52b5a22363d34bbd621b9eb555cf849782318dda. Renato Botelho
10:50 AM Bug #4252 (Feedback): radvd not functional with CARP IPs: Applied in changeset commit:a693440176e8bd4a783a9ccb75d2cd57629b5699. Renato Botelho
12:50 AM Bug #4252: radvd not functional with CARP IPs: The conf file problem is fixed. Since CARP no longer has its own interface, we'll need to start/stop radvd along with... Chris Buechler
09:37 AM Feature #4259 (Resolved): Port forward NAT rules with "any" protocol: Hello,
i'm starting to use pfsense inside my company network but i see that pfsense is missing a NAT ability compare... Anonymous
08:32 AM Revision 778d2ea9: Ticket #4254 specify the list of interfaces to be used by charon. This is a workaround for now. Being investigated the fix.: Ermal Luçi
08:31 AM Revision 89ac17e3: Ticket #4254 specify the list of interfaces to be used by charon. This is a workaround for now. Being investigated the fix.: Ermal Luçi
06:36 AM Revision 94efc59d: Use the parent NIC rather than the VIP. Fixes part of Ticket #4252: Chris Buechler
06:35 AM Revision 2f74d9d8: Use the parent NIC rather than the VIP. Fixes part of Ticket #4252: Chris Buechler
04:42 AM pfSense Packages Bug #4256 (Closed): Squid3 using 100% CPU after install/reboot: 1. Install latest pfSense snapshot;
2. Install Squid3 package;
3. Observe 100% load on CPU oob and after reboot;
... Dmitriy K
01:01 AM Bug #4251: NAT Reflection not working if LAN is bridged: The only other explanation that came to my mind is that nat reflection might need a reboot to activate under some cir... Frederic Steinfels

01/20/2015

10:58 PM Bug #4252: radvd not functional with CARP IPs: working on this Chris Buechler
03:56 PM Bug #4252 (Resolved): radvd not functional with CARP IPs: radvd.conf where a CARP IP is chosen results in an invalid config file, as it omits the interface entirely (where it ... Chris Buechler
09:54 PM Revision 81292a2f: The reset button check should happen on all platforms, not only NanoBSD: Jim Pingle
09:53 PM Revision de16863d: The reset button check should happen on all platforms, not only NanoBSD: Jim Pingle
09:47 PM Bug #4255 (Rejected): Outbound NAT needs config upgrade: Outbound NAT configs in 2.1.x and prior use a different XML structure than 2.2, and there isn't any config upgrade co... Chris Buechler
08:54 PM Bug #4253: Diagnostics > Test Port requires Source Port: So sorry to waste your valuable time. I'll do better in the future. Chris Linstruth
07:53 PM Bug #4253 (Rejected): Diagnostics > Test Port requires Source Port: upgrade, that was fixed a while ago Chris Buechler
07:52 PM Bug #4253 (Rejected): Diagnostics > Test Port requires Source Port: The dialog for Diagnostics > Test Port says this for source port, "This should typically be left blank." and the fiel... Chris Linstruth
08:35 PM Bug #4254 (Resolved): Dynamic interface removal/addition breaks IKEv2: Where you have a dynamic interface removed and re-added while running IKEv2 in strongswan, things break. Good easily ... Chris Buechler
06:57 PM Bug #4249 (Feedback): virtual ips backup/restore bug: I replied back on your forum thread, this sounds like a stale upstream ARP cache. Chris Buechler
10:52 AM Bug #4249 (Not a Bug): virtual ips backup/restore bug: the version of the software is 2.2 RC Jan 16 11:53
to take full backup; press diagnostics > backup > full backup >... on dokuz
04:44 PM Revision f0d51562: Place form save button outside form panel for clarity (saves whole form, not just the last panel): - Increase body bottom margin to create 20px margin between elements
and footer Sander van Leeuwen
02:35 PM Bug #4251: NAT Reflection not working if LAN is bridged: It was bridged with an OpenVPN PSK TAP Client. That connection has been down for about a month but was not disabled. ... Frederic Steinfels
02:20 PM Bug #4251 (Feedback): NAT Reflection not working if LAN is bridged: what was LAN bridged to? Was there an IP on the bridge itself or was it on the LAN interface? Chris Buechler
02:07 PM Bug #4251 (Closed): NAT Reflection not working if LAN is bridged: I have been trying everything to get NAT reflection working. My last effort was to remove LAN bridge (which I wasn't ... Frederic Steinfels
02:21 PM Bug #4206: Missing route creation on DHCP-PD lease where ia-na != ia-pd: Here is a follow-up with 3 attachments: The pcap file, a screenshot of the "Status: DHCPv6 leases" page and the dhcpd... Anders Lind
12:21 PM Bug #4250 (Rejected): IPv6 gateway is not used for default IPv6 route when rebooting, gateway edit page cannot be configured: The IP address and gateway settings on Interfaces > [assigned gif name] should remain at "None".
There is a dynami... Jim Pingle
12:19 PM Bug #4250 (Rejected): IPv6 gateway is not used for default IPv6 route when rebooting, gateway edit page cannot be configured: Error while saving gateway page, having the default checkbox checked:
- "The gateway address 2001:x:x:x::1 does not ... Pi Ba
10:08 AM Revision c4a7740d: Finish preliminary restyle of L2TP configuration: vpn_l2tp.php - Use pill style for navigation
vpn_l2tp_users.php - Cleaned and formatted according to bootstrap style... Sander van Leeuwen
05:21 AM Bug #4248 (Resolved): AES-GCM doesn't interoperate with devices not using padding: As reported on https://forum.pfsense.org/index.php?topic=86866.msg477744#msg477744
The linux hosts like to send unpa... Ermal Luçi
04:51 AM Bug #4246: Fix "netstat -gW" behavior broken in r259638.: This also limit the ability to debug problems with igmpproxy.
Is the fact that MROUTING kernel support is missing ... Jocelyn Le Sage
04:49 AM Bug #4246: Fix "netstat -gW" behavior broken in r259638.: Note that this was working properly in 2.1.5: Multicast forwarding table was displayed for IPv4. Jocelyn Le Sage

01/19/2015

11:21 PM pfSense Packages Bug #4247 (Resolved): Changes not saved when expression list becomes empty: On the page pfsense/pkg_edit.php?xml=squidguard_dest.xml&act=edit
for editing a target category the new expression l... Volker Kuhlmann
08:03 PM Bug #4246 (Resolved): Fix "netstat -gW" behavior broken in r259638.: Running 'netstat -g' to display multicast forwarding table display the following message:... Jocelyn Le Sage
07:34 PM pfSense Packages Bug #4228 (Resolved): 2.2 RC nano i386 on Watchguard Firebox: Chris Buechler
04:37 AM pfSense Packages Bug #4228: 2.2 RC nano i386 on Watchguard Firebox: this is already fixed in the latest release - I'm sorry !
Thomas Thomas Eckardt
05:57 PM Bug #4244 (Rejected): outbound nat applied on wrong interface.: there are no such issues, please post to the forum or list for assistance. Chris Buechler
05:53 PM Bug #4244: outbound nat applied on wrong interface.: Ignore this one, false alarm sorry. I hacked some rules in the filter.inc that did force a route-to. removing those..... Pi Ba
05:29 PM Bug #4244: outbound nat applied on wrong interface.: To add some more info to this issue, perhaps the traffic is properly natted as em0 is the default route, and that is ... Pi Ba
05:24 PM Bug #4244 (Rejected): outbound nat applied on wrong interface.: When i put a manual outbount-nat-rule on em0, it is applied at traffic leaving from interface em3
In this case i'm... Pi Ba
05:40 PM Bug #4245 (Confirmed): after disabling ipsec, "# VPN Rules" are still loaded: they are disabled after the next filter reload, the process of disabling just doesn't kick off a filter reload. Chris Buechler
05:34 PM Bug #4245 (Resolved): after disabling ipsec, "# VPN Rules" are still loaded: after disabling ipsec all the "# VPN Rules" are still loaded
A reload of rules should probably be triggered. Pi Ba
05:12 PM Revision 61144c9b: Preliminary changes for VPN L2TP configuration: - Cleaned using clean.sh
- Added bootstrap form and input wrappers & classes
- Splitted configuration into three part... Sander van Leeuwen
03:01 PM pfSense Packages Bug #4088: Buggy squidgurd config file is created: Issue 1) renders squidguard useless because it bypasses it entirely.
I can't seem to change the bug priority. I wa... Volker Kuhlmann
02:54 PM pfSense Packages Bug #4243 (Resolved): Last squidguard update prevents squid from starting: I don't believe I am seeing a package update breaking things completely...
squidguard 1.4_4 pkg v.1.9.9 introduces... Volker Kuhlmann
01:44 PM Revision 06966500: Firewall rules layout changes: - Added missing th for buttons column
- Wrap table in div.table-responsive; adds scrollbar on smaller viewports while... Sander van Leeuwen
12:37 PM Revision 2e7fd143: Merge pull request #3 from SanderVanLeeuwen/bootstrap: Fix grid setup on dashboard SjonHortensius
12:28 PM Revision a2faa388: Fix grid setup on dashboard: - Default width in .container is 100%, so col-md-12 isn't necessary there
- Add .row wrapper to 6/6 columns Sander van Leeuwen
12:17 PM Revision ec71be6b: Merge pull request #2 from SanderVanLeeuwen/bootstrap: Improved login screen styling SjonHortensius
12:11 PM Revision 0a353c81: Full width input fields @ sm breakpoint: Sander van Leeuwen
11:25 AM Revision ca276264: Add missing require for filter.inc since vpn_ipsec_configure() calls filter_configure(). It should fix #4236: Renato Botelho
11:09 AM Revision 365fc95d: Add reset button support for APU and FW7541: Renato Botelho
11:08 AM Revision 7f360152: Add reset button support for APU and FW7541: Renato Botelho
11:02 AM Revision c7d61071: Use bootstrap columns to scale and style jumbotron: pfSense.css - proper positioning for logo, remove with on jumbotron
auth.inc - add bootstrap columns to jumbotron
aut... Sander van Leeuwen
10:52 AM Bug #4237 (Feedback): Error "macro IPsec not defined" once after firmware upgrade: seems likely there is some other root cause, like the alias issue from before, given no one else appears to be seeing... Chris Buechler
10:48 AM Bug #4236 (Resolved): Call to undefined function filter_configure() in /etc/inc/vpn.inc: fixed Chris Buechler
05:40 AM Bug #4236 (Feedback): Call to undefined function filter_configure() in /etc/inc/vpn.inc: Applied in changeset commit:ca276264ee3289e308f33bfc6d87217d108f4a13. Renato Botelho
10:39 AM Bug #4235 (Confirmed): missing 'reply-to' in rules for mobile-ipsec: there have never been any accommodations for mobile IPsec in that regard Chris Buechler
10:08 AM Feature #4242 (New): Two Factor or OTP Authentication for Admin Interface: Hi developers!
In a never-ending quest to beef up security, it would be great to have the ability of using two-fac... Charlie Ross
08:46 AM Bug #4241 (Confirmed): Installer display glitch on "Install Bootblocks" screen: Jim Pingle
08:46 AM Bug #4241 (Needs Patch): Installer display glitch on "Install Bootblocks" screen: If a custom install is chosen, the "Install Bootblocks" screen has a graphical glitch that causes display problems on... Jim Pingle
07:53 AM Bug #4240 (Not a Bug): 2.2 IPv6 radvd RDNSS Issue: I'm have a 2.2 box running 10.1-RELEASE-p4 FreeBSD 10.1-RELEASE-p4 #0 36d7dec(releng/10.1)-dirty: Fri Jan 16 12:38:50... Adam Fathauer
07:42 AM Bug #4239 (Resolved): athstats, cryptostats, cryptotest missing from 2.2 builds: The athstats, cryptostats, and cryptotest utilities were present in 2.1.x but are not on 2.2 images, but they are lis... Jim Pingle
05:20 AM Feature #4234: allow for strict user <> cn validation of mobile ipsec users when using rsa+xauth: Push it to 2.2.1 Renato Botelho
04:28 AM pfSense Packages Todo #4029: Update phpsysinfo package: That are some really good news :) Thank you Patrick Schmidt
02:46 AM pfSense Packages Todo #4029: Update phpsysinfo package: Phpsysinfo upcoming version (3.2.1) now works correctly with pfSense 2.1.5 and 2.2.
Mieczysław Nalewaj
01:56 AM Bug #4238 (Resolved): Firewall rule: source port display issue: Hello,
it is a display issue and appears when i try to select saved aliases on source port range.
The red backgroun... Anonymous

01/18/2015

06:05 PM Revision e30050b6: Unimportant typos in user and group manager: that do not effect anything. Phil Davis
03:10 PM Bug #4237 (Closed): Error "macro IPsec not defined" once after firmware upgrade: Error "macro IPsec not defined"
I dont know why it currently happens, and dont have a way to trigger it easily as ... Pi Ba
02:31 PM Bug #4236 (Resolved): Call to undefined function filter_configure() in /etc/inc/vpn.inc: PHP Errors:
[18-Jan-2015 21:30:33 CET] PHP Fatal error: Call to undefined function filter_configure() in /etc/inc/v... Pi Ba
02:09 PM Revision 1eb66a84: correct a few typos that made these files unparsable: services_unbound - added missing $-sign to variable
xmlrcp - removed redundant closing brackets. Some trailing whites... Sjon Hortensius
02:04 PM Revision 50242425: Derive name from easyrule block alias from the scripts name: Allows to use different block lists by using symlinks to the
easyrule CLI script Oliver Welter
02:04 PM Revision 4dedce6d: Add showblock and unblock options to easyrule CLI tool: Block rules added with easyrule block.... can now be listed and removed using
the easyrule tool. This is handy to be ... Oliver Welter
02:04 PM Revision e4d8943c: Fix inconsistent handling of seperator in easyrule, should fix #4233: Oliver Welter
01:58 PM Revision 2e1cd9d8: log.widget - replaced js processor with simple xhr that fetches html: firewall_rules - typo, duplicate $pgtitle
log.js - simple xhr html updater, no need for duplicate logic
log.widget - ... Sjon Hortensius
01:30 PM Bug #4235 (Resolved): missing 'reply-to' in rules for mobile-ipsec: It seem 'reply-to' is missing in firewall rules generated for mobile-ipsec. Pi Ba
01:27 PM Feature #4234 (Assigned): allow for strict user <> cn validation of mobile ipsec users when using rsa+xauth: Allow for strict user <> cn validation of mobile ipsec users when using rsa+xauth
It seems the gui setting is missin... Pi Ba
10:55 AM pfSense Packages Bug #4197: squid 3.4 anti-virus feature not working: The anti-virus feature is working now after adjusting the conf files based on the syntax checks you added to the to t... Cino .
08:10 AM Bug #4233: Inconsistent handling of seperators in easyrule cli: patch provided at https://github.com/pfsense/pfsense/pull/1442 Oliver Welter
07:52 AM Bug #4233 (Resolved): Inconsistent handling of seperators in easyrule cli: When making modifications to the alias generated using easyrule CLI tool, there are two issues regarding separators:
... Oliver Welter
06:06 AM Bug #4166: filterdns generates floods of DNS requests when there are significant jumps in system time: line 405 in filter.inc is what i suspect to be the issue (maybe) because when filterdns is initially run with a time ... Bipin Chandra
12:51 AM Bug #4166: filterdns generates floods of DNS requests when there are significant jumps in system time: i guess the easy way to fix this would be to handle the $resolve_interval properly such that if the time difference i... Bipin Chandra
05:58 AM Bug #4146: OpenVPN tap interfaces are down after boot: Yes, of course. Since this bridged/TAP OpenVPN nonsense needs PROMISC on both the ovpn and other bridged interfaces -... Kill Bill
05:48 AM Bug #4146: OpenVPN tap interfaces are down after boot: same goes for bridged tap server: everything is UP and RUNNING but no traffic after reboot. Restarting server fixes t... Dmitriy K
03:26 AM Bug #4146: OpenVPN tap interfaces are down after boot: I repeat myself: bridged tap client doesn't work after reboot!
Yes, latest commit brought the UP flag to the inter... Dmitriy K
03:15 AM Bug #4231: bridge or lagg of openvpn link down after reboot: at boot, i think at the time of initialization of the BRIDGE (or LAGG), the vpn is not yet initialized, and this crea... dominique dupont
03:02 AM Bug #4231: bridge or lagg of openvpn link down after reboot: both. specifically, one that reboot.
so that it works again, it is necessary after the reboot, resave the bridge con... dominique dupont

01/17/2015

09:10 PM pfSense Packages Bug #4232: GUI: Interface Menu: Thanks! It's the same problem.
This could be marked as dupe report. Sorry about that (i searched before i posted.) David Pfsense
09:01 PM pfSense Packages Bug #4232: GUI: Interface Menu: on Linux, it might be a font problem, since fixed/avoided in 2.2. see #3841 Chris Buechler
07:37 PM pfSense Packages Bug #4232: GUI: Interface Menu: I've tried that.
I've tried two browsers with the same result.
Mozilla Firefox 34.0
Chromium Version 39.0.2171.6... David Pfsense
06:44 PM pfSense Packages Bug #4232 (Rejected): GUI: Interface Menu: clear your browser cache, it's using outdated pieces Chris Buechler
06:13 PM pfSense Packages Bug #4232 (Rejected): GUI: Interface Menu: System Menu drops down on Help Menu.
Help Menu is just below System Menu.
This happend when upgradring from;
... David Pfsense
06:50 PM Feature #4230: Prefer SSL Perfect Forward Secrecy ciphers in UI: this is something I'd noted for 2.2.1 but don't think we have a ticket on it. Chris Buechler
07:19 AM Feature #4230 (Resolved): Prefer SSL Perfect Forward Secrecy ciphers in UI: Perfect Forward Secrecy (PFS) ciphers should be preferred in the admin interface to further harden the admin web serv... Phil Koller
06:46 PM Bug #4231: bridge or lagg of openvpn link down after reboot: which side doesn't work? Chris Buechler
04:06 PM Bug #4231: bridge or lagg of openvpn link down after reboot: site 1 : 2.1.2 with BRIDGE lan, openvpn link and LAGG of 2 openvpn (multi wan: 1 vpn per wan)
site 2 : 2.2RC last u... dominique dupont
12:43 PM Bug #4231: bridge or lagg of openvpn link down after reboot: what version are you using? Chris Buechler
12:42 PM Bug #4231: bridge or lagg of openvpn link down after reboot: rectification for the BRIDGE, create an interface BRIDGE with the LAN and an openvpn links. dominique dupont
10:33 AM Bug #4231 (Resolved): bridge or lagg of openvpn link down after reboot: If you create an interface LAGG with two openvpn links or an interface BRIDGE with two openvpn links, after reboot, t... dominique dupont
04:16 PM Revision 69b397dd: updated firewall WIP, fixed widget ordering: * ipsec - replaced manual panel with simple alert Sjon Hortensius
02:54 PM Revision a42e7aa2: replaced logobig with high-quality logo-black: favicon - updated as well
authgui - form is now horizontal, logo update Sjon Hortensius
02:07 PM pfSense Packages Bug #3986: BandwidthD can break php-fpm in unknown rare edge case: Hi,
FYI, I just added some new observations to the forum post, https://forum.pfsense.org/index.php?topic=84642.0
... Russell Morris
01:50 PM Revision 80169aa8: implemented widget-config: fbegin/fend.inc - temporary added for non-migrated pages
firewall_rules - use buttons for actions
index - implement w... Sjon Hortensius
09:13 AM Todo #4225: Lets improve the webGUI: That's definitely a good news! Current webgui looks like "hello from hardcore early 90s". It would be nice to get a m... Dmitriy K
07:30 AM pfSense Packages Feature #2592: Allow squid to listen on multiple interfaces: squid3 does this now. I would close this ticket Cino .
05:18 AM Revision ef9ef75f: add detection for 7541, APU: Chris Buechler
05:15 AM Revision 5a8519bb: add detection for 7541, APU: Chris Buechler
03:36 AM Bug #1943: PPPoE won't reconnect after link loss when using vr(4) NICs on certain ISPs only: this problem persists on 2.2 RC Bipin Chandra
12:02 AM Revision 1195a12d: move jquery ui css to theme folders: Jared Dillard
12:01 AM Revision 6f1d609b: move jquery ui css to theme folders: Jared Dillard

01/16/2015

09:30 PM Revision ccda8a1d: Merge branch 'master' into bootstrap: Conflicts:
usr/local/www/carp_status.php
usr/local/www/diag_arp.php
usr/local/www/diag_authen... Sjon Hortensius
07:42 PM Revision b1fef27f: Set $arch accordingly to release: Renato Botelho
07:40 PM Revision 6aac31ef: change update URLs for release: Chris Buechler
07:36 PM Revision 6434d5be: Bump to 2.2-RELEASE: Chris Buechler
07:35 PM Revision 77fa86b0: make master 2.3-DEVELOPMENT: Chris Buechler
06:53 PM pfSense Packages Bug #4114: Squid 3.4.9 transparent proxy broken.: the issue covered by this ticket is fixed, there might be other issues but those are separate and have no relation to... Chris Buechler
03:17 PM pfSense Packages Bug #4114: Squid 3.4.9 transparent proxy broken.: Issue definitely not "fixed" if you are upgrading from a working config - maybe if you install fresh or use some work... Luke Stracey
11:44 AM pfSense Packages Bug #4114 (Resolved): Squid 3.4.9 transparent proxy broken.: issue covered here is fixed Chris Buechler
04:50 PM Revision b9a12ae0: Still missed one mistake on last commit: Renato Botelho
04:49 PM Revision b9ad208c: Fix some logic mistakes introduced in 89f171b052, spotted by phil-davis: Renato Botelho
04:30 PM Revision 0a1f1301: fix syntax and unbreak pfsense-utils.inc: Renato Botelho
04:24 PM Revision daae5e03: fix syntax and unbreak interfaces.inc: Renato Botelho
04:12 PM Revision 649cde0b: Address pull comments: head.inc - Revert indenting
.gitignore - Add IDE name in comment Sander van Leeuwen
03:14 PM Revision 2148e0bf: Ignore PhpStorm settings: Sander van Leeuwen
03:13 PM Revision d75a843c: - Wrap form parts in panels: - Improved some form-groups
- Add .checkbox helper to form-groups containing checkboxes Sander van Leeuwen
03:11 PM Revision 45eebe10: Style page header & footer: head.inc - Wrap header elements (title, breadcrumb)
guiconfig.inc - Prefix breadcrumb with title h1
pfSense.css - Sty... Sander van Leeuwen
01:50 PM Revision 0c5dd854: Validate if both IP address and subnet are valid and the same version. Fixes #4223: Renato Botelho
01:50 PM Revision 17c98255: Validate if both IP address and subnet are valid and the same version. Fixes #4223: Renato Botelho
12:39 PM Bug #4229 (Rejected): Can not create a VIP for OpenVPN instance: you can't create CARP IPs on tap or tun interfaces. you're misinterpreting the recommendation, that's the binding of ... Chris Buechler
12:36 PM Bug #4229 (Rejected): Can not create a VIP for OpenVPN instance: pfSense says:
@The following input errors were detected:
The interface chosen for the VIP has no IPv4 or IPv6 addre... Dmitriy K
11:50 AM Bug #4227: Too much logging for IPSec DPD: logging levels are configurable. Defaults could use some review later. Chris Buechler
02:53 AM Bug #4227 (Resolved): Too much logging for IPSec DPD: Is it possible to reduce the amount of logging for DPD packets. By default, these are generated every minute, and I h... Eskild Skaar
11:47 AM Bug #4223 (Resolved): ip_in_subnet('11.22.33.5','abcd::/64') returns true.. this should not be.: fixed Chris Buechler
08:10 AM Bug #4223: ip_in_subnet('11.22.33.5','abcd::/64') returns true.. this should not be.: Applied in changeset commit:0c5dd854a840007e09bd3f95949cbce9abeb7d18. Renato Botelho
08:10 AM Bug #4223 (Feedback): ip_in_subnet('11.22.33.5','abcd::/64') returns true.. this should not be.: Applied in changeset commit:17c982555a2a3ecfa5c2ce988a6d85bee5a5980d. Renato Botelho
11:44 AM Bug #4208: P1 rekeying with IKEv1 failing with no proposal chosen / invalid ID info: that did fix the issue for 2.2, pushing to 2.2.1 for getting the issue fixed in strongswan 5.2.2. Chris Buechler
04:08 AM pfSense Packages Bug #4228 (Resolved): 2.2 RC nano i386 on Watchguard Firebox: the 'Watchguard Firebox with SDEC' driver is missing in the 'LCDproc' package Thomas Eckardt
01:02 AM Feature #4179: Driver oce is missing from 2.2 RC: oce.ko from FreeBSD 8.3 copied over to PfSense 2.2.5 works fine in our environment including VLAN tags, LACP trunk, C... Christoph Erdle
12:40 AM Feature #4179: Driver oce is missing from 2.2 RC: just setting assignee for completeness Jim Thompson
12:51 AM Todo #4226 (Resolved): Time to put a knife in PPTP: PPTP comes out of pfSense in 2.3.
this bug is opened so we remember to do it. Jim Thompson
12:50 AM Todo #4225 (Resolved): Lets improve the webGUI: People seem to like the look and feel of the web GUI in a recent fork (which shall not be named).
Jared says it's ... Jim Thompson
12:47 AM Todo #4224 (Resolved): PBIs are old skool. pkg-ng is the new shiny. We need to convert pfSense to use pkg-ng.: Jim Thompson
12:45 AM Bug #2762: PF drops IPv6 packets with fragment header followed by a last fragment only: I think this is going to want more testing than what we can afford in the 2.2.1 timeframe. That said, if it gets fi... Jim Thompson

01/15/2015

11:59 PM Bug #4223 (Confirmed): ip_in_subnet('11.22.33.5','abcd::/64') returns true.. this should not be.: I thought this was covered by an outstanding pull request, but not seeing one at a glance specific to in_subnet. This... Chris Buechler
10:04 PM Bug #4223 (Resolved): ip_in_subnet('11.22.33.5','abcd::/64') returns true.. this should not be.: ip_in_subnet('11.22.33.5','abcd::/64') returns true.. this should not be.
still causes trouble like reported in ht... Pi Ba
11:22 PM Bug #4208 (Feedback): P1 rekeying with IKEv1 failing with no proposal chosen / invalid ID info: downgrade to strongswan 5.2.1 (with cherry-picked security fixes from 5.2.2) looks to have fixed this issue. Leaving ... Chris Buechler
11:19 PM pfSense Packages Bug #4197: squid 3.4 anti-virus feature not working: thanks Marcello, I merged it. Chris Buechler
10:05 PM pfSense Packages Bug #4197: squid 3.4 anti-virus feature not working: Typo and freshclam checks fixed on this PullRequest
https://github.com/pfsense/pfsense-packages/pull/788 Marcello Silva Coutinho
09:05 PM Revision 5b7c33fc: Firewall Rules Apply be friendly to other languages: Forum: https://forum.pfsense.org/index.php?topic=86808.0
Redmine: https://redmine.pfsense.org/issues/3886
print_info... Phil Davis
09:04 PM Revision 65f9080d: Merge pull request #1441 from phil-davis/patch-1: Renato Botelho
08:42 PM Revision 8d4e768a: Time to let these go: Ermal Luçi
08:41 PM Revision 81b7bc4b: Time to let these go: Ermal Luçi
08:20 PM Revision 19523ce2: Ticket #3997 s/_vhid/_vip/g: Ermal Luçi
07:58 PM Revision eef9a15d: Ticket #3997 Put a uniq identifier on the carp settings.: Ermal Luçi
07:31 PM Bug #3886: (TurkishLanguage) After the firewall rule for example (lan rule) does not come "Apply Button": That pull request has been merged, so this particular thing should be fixed in 2.2 Phillip Davis
12:29 PM Bug #3886: (TurkishLanguage) After the firewall rule for example (lan rule) does not come "Apply Button": It did not resolve - switch to Turkish, edit and save a firewall rule. The "Apply" step of the sequence is not displa... Phillip Davis
07:18 PM Revision 05071b65: Just do an update since it will handle itself properly.: Ermal Luçi
07:18 PM Revision dc41ccaf: Just do an update since it will handle itself properly.: Ermal Luçi
07:17 PM Revision 89f171b0: Ticket #3997, teach code to track carp through uniqids(). Missing carp GUI changes and upgrade code: Ermal Luçi
07:09 PM Feature #4128: Email notification webgui configuration: I think this is a fantastic idea! → luckman212
06:15 PM Revision fe0fa4c3: Firewall Rules Apply be friendly to other languages: Forum: https://forum.pfsense.org/index.php?topic=86808.0
Redmine: https://redmine.pfsense.org/issues/3886
print_info... Phil Davis
05:53 PM Revision 98bf4991: Fixes #4150. Move to tables to accomodate unlimited number of interfaces.: Ermal Luçi
04:31 PM pfSense Packages Bug #4114: Squid 3.4.9 transparent proxy broken.: PfSense: 2.2-RC (amd64) built on Thu Jan 15 12:12:32 CST 2015
Squid: 3.4.10_2 pkg 0.2.4
Confirmed, Package is wor... Gerald Drausinger
04:45 AM pfSense Packages Bug #4114: Squid 3.4.9 transparent proxy broken.: Please do not close.
I know the original bug was opened on amd64 but I have been following this avidly as it also ef... Luke Stracey
03:26 AM pfSense Packages Bug #4114: Squid 3.4.9 transparent proxy broken.: Confirmed working now. (phew!)
Latest package 0.2.4 transparent proxy is OK.
ICMP pinger disabled in GUI to avoid ... Arthur Undisclosed
01:34 PM Feature #4214 (Resolved): IKEv2 EAP-MSCHAPv2 support: This has been reported working. Ermal Luçi
12:10 PM Bug #4150: Captive Portal doesn't work with > 120 VLAN interfaces: Applied in changeset commit:98bf4991dc31f97fc7315a6b8aba433de9d39cea. Ermal Luçi
11:53 AM Bug #4150 (Feedback): Captive Portal doesn't work with > 120 VLAN interfaces: Ermal Luçi
11:21 AM pfSense Packages Bug #4222: Update to 2.2 RC breaks domU: Maybe a hook should be added then in the web UI to say, "hey, Xen detected, please make sure you checked (this note) ... Douglas Haber
11:18 AM pfSense Packages Bug #4222: Update to 2.2 RC breaks domU: In theory it is possible but given the wide range of disks that have been setup over the years, it is not yet a proce... Jim Pingle
11:14 AM pfSense Packages Bug #4222: Update to 2.2 RC breaks domU: Theoretically, could a hook for the referenced shell script be added into the pfSense upgrade process? Or even a sed ... Douglas Haber
11:13 AM pfSense Packages Bug #4222: Update to 2.2 RC breaks domU: To elaborate on that a little, the main problem with the disk is that the PVHVM drivers in FreeBSD apparently do not ... Jim Pingle
11:11 AM pfSense Packages Bug #4222 (Rejected): Update to 2.2 RC breaks domU: Already documented. It's a Xen/PVHVM thing we can't control.
https://doc.pfsense.org/index.php/Upgrade_Guide#Xen_U... Jim Pingle
11:09 AM pfSense Packages Bug #4222 (Rejected): Update to 2.2 RC breaks domU: By doing an upgrade to nightly RC build for 2.2 from a working 2.1.5 install, it breaks it in Citrix XenServer. 2.2 s... Douglas Haber
11:08 AM pfSense Packages Bug #4220 (Closed): IPSec dose not work any more.: Maybe just happened to not hit the issue after another reboot. This: ... Chris Buechler
10:49 AM pfSense Packages Bug #4220: IPSec dose not work any more.: *With the new built "Thu January 15 08:01:35 CST 2015
FreeBSD 10.1-RELEASE-p4 "IPsec works great.* Anonymous
06:56 AM pfSense Packages Bug #4220 (Closed): IPSec dose not work any more.: Since update to "2.2-RC (amd64) built on Wed January 14 17:46:28 CST 2015 FreeBSD 10.1-RELEASE-p4 " does not work any... Anonymous
10:08 AM Bug #4219 (Confirmed): Bump sched buckets limiter log spam: Chris Buechler
10:07 AM Bug #4219: Bump sched buckets limiter log spam: no diff than it's ever been. Chris Buechler
04:06 AM Bug #4219 (Resolved): Bump sched buckets limiter log spam: when limiter is used with source mask, it creates a lot of system log entries over time when active and applied to cl... Bipin Chandra
10:07 AM Bug #4221 (Rejected): Bridge does not have IPv6 link local address: duplicate Chris Buechler
07:22 AM Bug #4221 (Rejected): Bridge does not have IPv6 link local address: I configured a ethernet bridge with two members (re0_vlan20 and re1_vlan20) and assigned an IPv6 address to it.
It s... Martin Schmidauer
09:13 AM Revision 4e8eacfd: Revert "Move to specifically specifying the ID type apart when an ip address to have strongswan do proper behaviour. Also for DynDNS names use the dns type id so strongswan does the resolving by its own.": This reverts commit 1ada4c8c514cc33b0df6238b7f2f177078bfe2e8. Ermal Luçi
09:13 AM Revision 23de1f0d: Revert "Fix typos introduced by chaning to explicit id specification when necessary. Fixes #4202": This reverts commit 324311043385aed357ca8838bde2c3af3111e564. Ermal Luçi
08:29 AM Revision bc62f818: Add RSA keys even for eap-mschapv2: Ermal Luçi
08:29 AM Revision f579c0fb: Add EAP-MSChapv2 implementation for Windows ipsec support as reported here https://forum.pfsense.org/index.php?topic=81657.15: Ermal Luçi
07:45 AM Revision 07d0d1b2: Add RSA keys even for eap-mschapv2: Ermal Luçi
04:13 AM Bug #4212 (Resolved): unbound not starting on 12 CPU host: Renato Botelho
03:25 AM Bug #4212: unbound not starting on 12 CPU host: It works. Thanks for the quick fix. Thomas Hilse
02:41 AM Bug #4218: Bridge does not have AUTO_LINKLOCAL flag: affected version: 2.2-rc Martin Schmidauer
02:40 AM Bug #4218 (Resolved): Bridge does not have AUTO_LINKLOCAL flag: I configured a ethernet bridge with two members (re0_vlan20 and re1_vlan20) and assigned a IPv6 address to it.
It se... Martin Schmidauer

01/14/2015

10:22 PM pfSense Packages Bug #4114: Squid 3.4.9 transparent proxy broken.: Arthur Undisclosed wrote:
> I'm sorry, it seems there are still numerous issues with this package:
>
> - Transpar... Albert H
06:49 PM pfSense Packages Bug #4114: Squid 3.4.9 transparent proxy broken.: I'm sorry, it seems there are still numerous issues with this package:
- Transparent proxy still doesn't work. "TA... Arthur Undisclosed
09:43 AM pfSense Packages Bug #4114: Squid 3.4.9 transparent proxy broken.: Should be fine on 0.2.4 Renato Botelho
08:56 PM Bug #4208: P1 rekeying with IKEv1 failing with no proposal chosen / invalid ID info: strongswan has been reverted back to 5.2.1 to see if that resolves the issue, as other possibilities seem to have bee... Chris Buechler
05:42 AM Bug #4208: P1 rekeying with IKEv1 failing with no proposal chosen / invalid ID info: The first one hsa been reverted and is present on new snaps. Ermal Luçi
04:36 AM Bug #4208: P1 rekeying with IKEv1 failing with no proposal chosen / invalid ID info: If the present builds do not work.
These commits seem at fault
http://git.strongswan.org/?p=strongswan.git;a=commit... Ermal Luçi
05:20 PM pfSense Packages Bug #4217 (Resolved): siproxd on pfSense 2.2-RELEASE i386 fails to start: running on Netgate ALIX router.
siproxd won't start via GUI.
Executing
[2.2-RC][root@router.example.org]/usr/... Randall Barth
04:58 PM pfSense Packages Bug #4216: squidguard squidguard-dev issues: https://forum.pfsense.org/index.php?topic=86701.msg475980#msg475980 Cino .
04:57 PM pfSense Packages Bug #4216 (Closed): squidguard squidguard-dev issues: squidguard and squidguard-dev are missing symlinks to shared libs
ln -s /usr/pbi/squidguard-amd64/local/lib/liblda... Cino .
04:16 PM pfSense Packages Bug #4197: squid 3.4 anti-virus feature not working: thanks Marcello and Renato!!
We are almost there, Marcello found a typo that he is correcting in the squid.inc fil... Cino .
09:41 AM pfSense Packages Bug #4197 (Feedback): squid 3.4 anti-virus feature not working: Please try squid3 package version 0.2.4 Renato Botelho
04:03 PM Revision 37656b10: Oops add missing curly: Ermal Luçi
04:03 PM Revision 54ab1bdc: Also take care of ph1 mobile settings for eap-tls: Ermal Luçi
04:03 PM Revision 88a46519: Oops add missing curly: Ermal Luçi
04:03 PM Revision eb26d310: Also take care of ph1 mobile settings for eap-tls: Ermal Luçi
02:11 PM Revision 38f77f4f: Obsolete libpng15 in favour of libpng16: Renato Botelho
02:09 PM Revision 6e0a0ab3: Obsolete libpng15 in favour of libpng16: Renato Botelho
12:51 PM Bug #2984 (Resolved): IPSec adds route but isn't needed any more: this works in 2.2 Chris Buechler
09:37 AM Bug #2984 (Feedback): IPSec adds route but isn't needed any more: The routes are not present anymore since 2.2. Ermal Luçi
12:47 PM Feature #2849 (Resolved): IKEv2 support for IPsec: implemented Chris Buechler
04:53 AM Feature #2849: IKEv2 support for IPsec: I suppose this is not an issue anymore and can be resolved/closed. Dmitriy K
12:42 PM Feature #1972 (Resolved): Allow /31 networks to be configured: yeah this works Chris Buechler
09:38 AM Feature #1972 (Feedback): Allow /31 networks to be configured: This has already been committed/fixed from Chris. Ermal Luçi
11:34 AM Revision a771a6ae: Add support for 0x20 DNS random bit support. Fixes #4205: Warren Baker
11:28 AM Revision 10e2acb5: Add EAP-MSChapv2 implementation for Windows ipsec support as reported here https://forum.pfsense.org/index.php?topic=81657.15: Ermal Luçi
11:23 AM Revision 9eec3be3: Correctly handle number of cores and power of 2. Merged from the package already had this. Fixes #4212: Warren Baker
11:22 AM Revision 5526efab: Merge pull request #1439 from wagonza/patch-5: Renato Botelho
11:09 AM Revision 46762efe: Correctly handle number of cores and power of 2. Merged from the package already had this. Fixes #4212: Warren Baker
11:05 AM pfSense Packages Bug #4215 (Resolved): System Patches - no-op "Apply changes" button after test: Jim Pingle
11:01 AM pfSense Packages Bug #4215: System Patches - no-op "Apply changes" button after test: Thanks, works :) Kill Bill
08:20 AM pfSense Packages Bug #4215 (Feedback): System Patches - no-op "Apply changes" button after test: Applied in changeset commit:37f34f561e7d537f5f56469de7632097b0058c4a. Jim Pingle
06:31 AM pfSense Packages Bug #4215 (Resolved): System Patches - no-op "Apply changes" button after test: 0/ Add some patch.
1/ Click Test link
2/ You get something like:... Kill Bill
09:04 AM Feature #2593: sync NTPD, SNMP config between HA members: With the expanded config options in 2.2, this seems even more valuable now. Ansley Barnes
08:41 AM pfSense Packages Bug #4196 (Resolved): Squid 3.4 pid file can't be created: Renato Botelho
08:31 AM pfSense Packages Bug #4196: Squid 3.4 pid file can't be created: looking good. squid is able to start. I installed the package on a fresh amd64 install. After package install it aut... Cino .
05:40 AM Feature #4205 (Assigned): unbound config option missing: Pull request already sent to fix it, but it can wait for 2.2.1 - https://github.com/pfsense/pfsense/pull/1440 Renato Botelho
05:40 AM Bug #4212: unbound not starting on 12 CPU host: Applied in changeset commit:9eec3be339805c5f276500331c410fa18cc9bd5f. Warren Baker
05:40 AM Bug #4212 (Feedback): unbound not starting on 12 CPU host: Applied in changeset commit:46762efee6b66b86090bb54f0bbb3d593bf23cf3. Warren Baker
05:16 AM Bug #4212: unbound not starting on 12 CPU host: Thanks merged patch from the package would had this fixed (check https://github.com/pfsense/pfsense/pull/1439) Warren Baker
04:20 AM Bug #4212: unbound not starting on 12 CPU host: I just saw, that this was already discussed in the pfsense forum:
https://forum.pfsense.org/index.php?topic=61659.... Thomas Hilse
04:09 AM Bug #4212 (Resolved): unbound not starting on 12 CPU host: In /etc/inc/unbound.inc
the unbound parameters 'msg_cache_slabs', 'rrset_cache_slabs', 'infra_cache_slabs', 'key_cac... Thomas Hilse
05:30 AM Feature #4214 (Resolved): IKEv2 EAP-MSCHAPv2 support: Support for EAP-MSchapv2 authentication.
The integration has been done according to https://forum.pfsense.org/index.... Ermal Luçi
05:25 AM Bug #4213 (Resolved): WebGUI - improper path to icons: Didn't validate it on 2.1.x, but I checked and it's ok on 2.2 by commit:be0af33ee0137cc92272b5f5c5c1a4a70bce82f2 Renato Botelho
05:17 AM Bug #4213 (Resolved): WebGUI - improper path to icons: On the Status -> System Logs -> Firewall tab -> Summary View (/diag_logs_filter_summary.php) in the Source IP Data an... Krzysztof Ciepłucha
04:11 AM Bug #4178: IPsec leftsubnet changed to 0.0.0.0 with Cisco unity plugin active: There has been some fixes on 5.2.2 related to that but not complete one. Ermal Luçi
01:04 AM Feature #3453: Management GUI (lighttpd) interface binding control: I have personally opted for using the following patch, as a burn-in procedure, once the LAN interface has been define... Stéphane Lapie
12:33 AM Feature #3453: Management GUI (lighttpd) interface binding control: +1, also needing this here.
This makes it impossible to create any redundant cluster with userland-based services ... Stéphane Lapie

01/13/2015

11:20 PM Bug #4178: IPsec leftsubnet changed to 0.0.0.0 with Cisco unity plugin active: disabling unity is confirmed to work around this issue, and will suffice for the vast majority in this situation. I'l... Chris Buechler
11:10 PM pfSense Packages Bug #4196 (Feedback): Squid 3.4 pid file can't be created: Applied in changeset commit:078fdef02580b396cdad6c21e8e86360e53d338c. Marcello Silva Coutinho
09:45 PM pfSense Packages Bug #4196: Squid 3.4 pid file can't be created: This may fix most issues with squid package on 2.2
https://github.com/pfsense/pfsense-packages/pull/786
I've incl... Marcello Silva Coutinho
09:42 PM pfSense Packages Bug #4197: squid 3.4 anti-virus feature not working: This may fix most issues with squid package
https://github.com/pfsense/pfsense-packages/pull/786 Marcello Silva Coutinho
07:44 PM Revision a6a42b6d: Actually remove rekey/reauth from config to avoid strange issues. Ticket #4208: Ermal Luçi
07:43 PM Revision 3a56c146: Actually remove rekey/reauth from config to avoid strange issues. Ticket #4208: Ermal Luçi
07:21 PM Revision 656fd270: Add some saftey belts here to be safe: Ermal Luçi
07:21 PM Revision 1ec35c4d: Add some saftey belts here to be safe: Ermal Luçi
07:19 PM Revision 191d5392: Heh bump the config version: Ermal Luçi
07:19 PM Revision a2feea37: Heh bump the config version: Ermal Luçi
06:57 PM Revision b4013725: To avoid issues with clashing SAIDs go back to specifying the reqid in strongswan config.: To be able to manage this first upgrade the config to assign each phase2 an reqid
Second use that during config gener... Ermal Luçi
06:57 PM Revision 1fe208ec: To avoid issues with clashing SAIDs go back to specifying the reqid in strongswan config.: To be able to manage this first upgrade the config to assign each phase2 an reqid
Second use that during config gener... Ermal Luçi
06:28 PM Bug #4211 (Rejected): DNS Answer ignored even though protect against rebind is disabled: there are no issues as described. Replied back in your forum thread. Chris Buechler
06:10 PM Bug #4211 (Rejected): DNS Answer ignored even though protect against rebind is disabled: The pfsense server is 10.233.105.10/26
The interface I have to use for this dns query is 10.232.100.63/25
There... Carl Spiby
03:01 PM Revision 6db7ee23: Improving aesthetics.: Make title color more consistent with other pages.
Improving aesthetics. Bipin Chandra
03:00 PM Revision 5a5615ce: Merge pull request #1437 from xbipin/master: Renato Botelho
02:37 PM Revision f6510207: Improving aesthetics.: Make title color more consistent with other pages.
Improving aesthetics. Bipin Chandra
01:19 PM Bug #4207: IPv6 - PHP error "Warning: inet_pton(): Unrecognized address" in DHCPv6/RA (possibly due to bad format of IPv6 address?): Awesome! Thanks for checking, Phillip, great to know it's fixed in the new release. Overand IRC-Priv
11:27 AM Bug #4207: IPv6 - PHP error "Warning: inet_pton(): Unrecognized address" in DHCPv6/RA (possibly due to bad format of IPv6 address?): No problems with white space or anything for me on 2.2-RC. As Chris says, this is fixed in 2.2 and I can't find a com... Phillip Davis
11:16 AM Bug #4207: IPv6 - PHP error "Warning: inet_pton(): Unrecognized address" in DHCPv6/RA (possibly due to bad format of IPv6 address?): Aha! Looks like a leading space on the "range start" is what does it.
Leading space on this first one: @ 2001:47... Overand IRC-Priv
11:11 AM Bug #4207: IPv6 - PHP error "Warning: inet_pton(): Unrecognized address" in DHCPv6/RA (possibly due to bad format of IPv6 address?): Well, I figured I might have left something in by accident - figures!
I've attached (but not embedded) the un-mung... Overand IRC-Priv
08:40 AM Bug #4207: IPv6 - PHP error "Warning: inet_pton(): Unrecognized address" in DHCPv6/RA (possibly due to bad format of IPv6 address?): I tried your formats above and got no "Unrecognized address" text error stuff, just the proper errors reported on the... Phillip Davis
10:29 AM Bug #4210 (Feedback): Bring back a FTP proxy: not something we're looking into for 2.2 at this point Chris Buechler
10:06 AM Bug #4210 (Resolved): Bring back a FTP proxy: on 2.2-RC we noted that ftp helper is not working anymore, confirmed by another users on forum:
https://forum.pfse... Daniel Cabral
10:25 AM Bug #4202: IPsec - completely broken after last round of changes: Fixed, thanks. Kill Bill
09:56 AM Bug #3347 (Resolved): Certificate Authority SAN names not working in 2.1: Fixed at some point on 2.2. When SANs are added to a cert, they are properly reflected in the properties.
> ... Jim Pingle
09:42 AM Feature #4209 (Resolved): Releasing DHCP on WAN interface should send a release: Although sending a DHCP Release is not a requirement of the DHCP spec it would be nice if when clicking "release" on ... Caleb Carges
08:23 AM pfSense Packages Bug #3036 (Resolved): Small web interface bug: Fixed on recent versions Renato Botelho
08:15 AM pfSense Packages Bug #3850 (Resolved): Snort "add a new interface based on this" creates a bad configuration: It was fixed Renato Botelho
08:11 AM pfSense Packages Bug #3202 (Rejected): Squid3-dev library not found: It's expected since PBI libraries are contained inside PBI_DIR/lib and binary wrappers setup environment before call it. Renato Botelho
03:57 AM Bug #4164: IPsec dashboard status wrong for connections with multiple P2s: Perfect. Thanks! Eskild Skaar
03:36 AM Bug #4208: P1 rekeying with IKEv1 failing with no proposal chosen / invalid ID info: I haven't found a means of reliably replicating this with shorter lifetimes. It's either some combination of things t... Chris Buechler
02:48 AM Bug #1360 (Closed): Auto PPTP firewall rules don't work if WAN isn't the default route: PPTP is very nearly dead, this won't be fixed. Chris Buechler
02:47 AM Bug #2421 (Resolved): Filter log parser misinterprets some rare lines resulting in TCP:lo for the proto/flags: won't happen with the logging in 2.2 Chris Buechler
02:44 AM Bug #3447 (Resolved): pfSense 2.1 Captive Portal RADIUS Accouting records not sent to RADIUS Server: was fixed a while back Chris Buechler
02:42 AM Bug #3848 (Resolved): enabling schedule on 2.1.5 causes page fault: multiple people have confirmed 2.2 fixes this issue. Chris Buechler
02:41 AM Bug #3919 (Resolved): carp vhid=255: 254 is the highest available VHID in 2.2. Chris Buechler
01:50 AM Bug #4206 (Confirmed): Missing route creation on DHCP-PD lease where ia-na != ia-pd: updated subject to root cause of issue.
Anders: asked about getting a pcap of the DHCPv6 traffic in your forum th... Chris Buechler
01:25 AM Revision 156938a8: Where the P1 is disabled, show the P2s as disabled since they will be, same as in previous versions.: Chris Buechler
01:25 AM Revision 51ef7499: Where the P1 is disabled, show the P2s as disabled since they will be, same as in previous versions.: Chris Buechler
01:10 AM Bug #4204 (Resolved): CP leaking resources on reload: went back through and verified things after that change, all is well. Chris Buechler

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

02/11/2015

02/10/2015

02/09/2015

02/08/2015

02/07/2015

02/06/2015

02/05/2015

02/04/2015

02/03/2015

02/02/2015

02/01/2015

01/31/2015

01/30/2015

01/29/2015

01/28/2015

01/27/2015

01/26/2015

01/25/2015

01/24/2015

01/23/2015

01/22/2015

01/21/2015

01/20/2015

01/19/2015

01/18/2015

01/17/2015

01/16/2015

01/15/2015

01/14/2015

01/13/2015