Project

General

Profile

Activity

From 02/02/2015 to 03/03/2015

03/03/2015

11:42 PM Bug #4384 (Resolved): missing input validation in captive portal
fixed Chris Buechler
11:39 PM Bug #4455 (Resolved): Router Advertisment Daemon does not add UnicastOnly for OpenVPN interfaces
thanks for the report. Fixed. I matched it on ovpn* rather than only a server interface. Chris Buechler
11:32 PM Bug #4275 (Resolved): ASN.1 DN needs double quotes in config file
fixed Chris Buechler
11:31 PM Feature #4359 (Resolved): IPsec controlling uniqueid value
works Chris Buechler
10:36 PM Revision 6690eb14: Merge branch 'master' into feature/easyrule-unblock
Conflicts:
etc/inc/easyrule.inc Oliver Welter
10:10 PM Feature #4360 (Resolved): IPsec allow making a connection repsonder only
works Chris Buechler
09:51 PM Bug #4239 (Resolved): athstats, cryptostats, cryptotest missing from 2.2 builds
fixed Chris Buechler
09:34 PM Bug #4177: Bug in OpenVPN user/pass auth
The extra base64 encoding is not needed. The problem is that base64 can produce three non-alphanum characters: =, +... Dave Crane
07:19 PM Revision 1dbe220c: Tweak the carp demotion factors slightly to avoid CARP transitions that are most likely unnecessary.
Jim Pingle
07:18 PM Revision 0b3cf7da: Tweak the carp demotion factors slightly to avoid CARP transitions that are most likely unnecessary.
Jim Pingle
06:52 PM Bug #4454 (Confirmed): scrub random-id + PPPoE + IPsec + communication to LAN IP = kernel panic on 32 bit
subject updated to what appears to be the specific issue here. this is a very unusual circumstance. The other issues ... Chris Buechler
04:02 PM Revision dedc40f7: Fix password box in diag_authentication
In 2.2 when I go to Diagnostics->Authentication the password field shows the little lock icon, but the text input are... Phil Davis
02:07 PM Feature #1835: uPNP IPv6 support
If you do a "sockstat" with the new binary running, you should see that it's now listening on v4 and v6 sockets, wher... Daniel Becker
02:05 PM Feature #1835: uPNP IPv6 support
Denis Dzyubenko wrote:
> Denis Dzyubenko wrote:
> > I just tried this binary and I see no changes between this and ... Denis Dzyubenko
01:56 PM Feature #1835: uPNP IPv6 support
Denis Dzyubenko wrote:
> I just tried this binary and I see no changes between this and the original miniupnpd in pf... Denis Dzyubenko
01:54 PM Feature #1835: uPNP IPv6 support
I just tried this binary and I see no changes between this and the original miniupnpd in pfsense 2.2
Actually afte... Denis Dzyubenko
01:20 PM Feature #1835: uPNP IPv6 support
Attached is an amd64 binary of miniupnpd with the patches in #4320 and #4321 applied; you can just copy it to /usr/lo... Daniel Becker
01:14 PM Feature #1835: uPNP IPv6 support
There's a patch to enable IPv6 in miniupnpd in issue #4321, but so far it doesn't look like anybody's looked at it. Daniel Becker
01:08 PM Feature #1835: uPNP IPv6 support
Is there an update on this? I am running pfsense 2.2 but it seems upnp here still doesn't support ipv6 :( Denis Dzyubenko
01:03 PM Bug #4310 (Resolved): Limiters + HA results in hangs on secondary
fixed Chris Buechler
12:06 PM Revision 6cf2c8b0: Code style etc inc z
end of code style review for the etc folder tree Phil Davis
11:09 AM Revision 6e4c199b: Make the DHCP network booting options line up
by putting the text and selection boxes into a 2-column table so that it can be rendered with the boxes lined up vert... Phil Davis
11:09 AM Revision be83cc29: Merge pull request #1539 from phil-davis/patch-7
Renato Botelho
11:08 AM Revision 6cf3278f: system_groupmanager edit cancel button looks small
It looks smaller and different to the Save button. This makes it the same. Phil Davis
11:08 AM Revision 2c5ca6ae: Merge pull request #1538 from phil-davis/patch-6
Renato Botelho
11:08 AM Revision f636bc12: system_usermanager edit cancel button looks small
It looks smaller and different to the Save button. This makes it the same. Phil Davis
11:07 AM Revision d9ac2354: Merge pull request #1537 from phil-davis/patch-5
Renato Botelho
11:07 AM Revision 1626b5ad: Make the Power Mode selection boxes line up
by putting the text and selection boxes into a 2-column table so that it can be rendered with the boxes lined up vert... Phil Davis
11:07 AM Revision db949a19: Standardise power mode selection boxes
I noticed that this looked a little odd, the boxes for AC and Battery Power Mode are 1 after the other on the same li... Phil Davis
11:06 AM Revision 3a1810a9: Merge pull request #1536 from phil-davis/patch-4
Renato Botelho
11:05 AM Revision bd5a8268: Add missing BR tags and fix display with pfsense_ng_fs theme
Fixes #4481
Similar issue to commit https://github.com/pfsense/pfsense/commit/5cfd948144741ba0d6981f89b2e40257cb9ef2b... Phil Davis
11:05 AM Revision f6aa92a1: Merge pull request #1535 from phil-davis/patch-3
Renato Botelho
11:03 AM Revision adbbd4f9: Merge pull request #1533 from phil-davis/Code-Style-etc-inc-u
Renato Botelho
11:02 AM Revision 52886a07: Merge pull request #1532 from phil-davis/Code-Style-etc-inc-r-s
Renato Botelho
11:01 AM Revision 603a97cb: Be safe use require_once in zeromq
I was testing code and just doing stuff like:
require_once("zeromq.inc");
in Diagnostics->Command Prompt, PHP Execute... Phil Davis
11:01 AM Revision cb743abb: Merge pull request #1531 from phil-davis/patch-2
Renato Botelho
10:48 AM Revision ec67423b: Make the DHCP network booting options line up
by putting the text and selection boxes into a 2-column table so that it can be rendered with the boxes lined up vert... Phil Davis
10:26 AM Bug #4481 (Resolved): DHCP server - Dynamic DNS options layout messed up
Renato Botelho
08:49 AM Bug #4481: DHCP server - Dynamic DNS options layout messed up
Fixed, thanks. ;) Kill Bill
05:20 AM Bug #4481: DHCP server - Dynamic DNS options layout messed up
Applied in changeset commit:bd5a82681d7c9206799a4b72ffa943ec648ef47f. Phillip Davis
05:20 AM Bug #4481 (Feedback): DHCP server - Dynamic DNS options layout messed up
Applied in changeset commit:6b16c91c511723b8343fe6339b8e6c16b648c186. Phillip Davis
07:12 AM Revision 47aa60f9: Make the Power Mode selection boxes line up
by putting the text and selection boxes into a 2-column table so that it can be rendered with the boxes lined up vert... Phil Davis
06:53 AM Revision 86481f75: system_groupmanager edit cancel button looks small
It looks smaller and different to the Save button. This makes it the same. Phil Davis
06:45 AM Revision 3cd4406f: system_usermanager edit cancel button looks small
It looks smaller and different to the Save button. This makes it the same. Phil Davis
06:28 AM Revision ebfb1d0b: Standardise power mode selection boxes
I noticed that this looked a little odd, the boxes for AC and Battery Power Mode are 1 after the other on the same li... Phil Davis
06:18 AM Revision 911cc213: Remove "Prefer old SA" option, and ignore it in all existing configurations. Breaks things in many cases with strongSwan. For the very rare circumstances where this is actually desirable, it's just a sysctl that can be set in tunables.
Chris Buechler
06:16 AM Revision 58c58dcf: Remove "Prefer old SA" option, and ignore it in all existing configurations. Breaks things in many cases with strongSwan. For the very rare circumstances where this is actually desirable, it's just a sysctl that can be set in tunables.
Chris Buechler
05:56 AM Revision 6b16c91c: Add missing BR tags and fix display with pfsense_ng_fs theme
Fixes #4481
Similar issue to commit https://github.com/pfsense/pfsense/commit/5cfd948144741ba0d6981f89b2e40257cb9ef2b... Phil Davis
05:55 AM Bug #1493: pf blocks all traffic following filter reload.
Chris Buechler wrote:
> nothing you're encountering today has any relation to this issue. I suspect any such issues ... andres g
04:21 AM Bug #4484: Interfaces LAGG edit pfsense_ng_fs theme bold is not rendering
Diagnostics->Edit File
Where it gives progress messages like "File successfully saved" - that comes out bold in pfse... Phillip Davis
01:38 AM Bug #4484 (Closed): Interfaces LAGG edit pfsense_ng_fs theme bold is not rendering
In pfsense_ng theme the head-words "failover" "fec" "lacp" render in bold. They are each followed by plain text descr... Phillip Davis
02:21 AM Bug #4210: Bring back a FTP proxy
Chris Buechler wrote:
> In a completely default config, passive FTP clients will work fine. The default LAN rule per... Reqlez Guy
12:53 AM Feature #4179: Driver oce is missing from 2.2 RC
Mathieu FRAPPIER wrote:
> When I load the module, using kldload, I got the following output:
>
> oce0: <Emulex CN... Mathieu FRAPPIER
12:46 AM Bug #4302 (Resolved): Several DSCP choices are non-functional and result in a broken ruleset
fixed Chris Buechler
12:36 AM Bug #4381 (Resolved): Bring back the automatic captive portal pass rule to allow users to reach lighttpd on the proper captive portal port
works Chris Buechler
12:25 AM Bug #4274 (Resolved): Marking a packet with only a number results in a broken rule
fixed Chris Buechler
12:24 AM Bug #4434 (Resolved): Enabling NTP graphs does not take effect right away
fixed, thanks Paul. Chris Buechler
12:23 AM Bug #4245 (Resolved): after disabling ipsec, "# VPN Rules" are still loaded
fixed Chris Buechler
12:21 AM Bug #4432 (Resolved): Net_IPv6::compress() does not properly handle all-zeroes address
fixed Chris Buechler
12:05 AM Bug #4393 (Resolved): syslogd stops and fails to restart during boot in some cases
confirmed fixed multiple times. Chris Buechler

03/02/2015

11:56 PM Bug #4481: DHCP server - Dynamic DNS options layout messed up
I made a pull request to fix that: https://github.com/pfsense/pfsense/pull/1535 Phillip Davis
08:27 PM Bug #4481: DHCP server - Dynamic DNS options layout messed up
Now I tries with psense_ng_fs theme and can see the problem. That is the different factor. The full screen width is m... Phillip Davis
11:51 AM Bug #4481: DHCP server - Dynamic DNS options layout messed up
https://github.com/pfsense/pfsense/commit/5cfd948144741ba0d6981f89b2e40257cb9ef2b1 <= this is missing with services_d... Kill Bill
11:47 AM Bug #4481: DHCP server - Dynamic DNS options layout messed up
Exact same messed up layout on multiple 2.2 nanobsd boxes. Dunno guys, but I can see obviously missing BR tags on lin... Kill Bill
06:54 AM Bug #4481: DHCP server - Dynamic DNS options layout messed up
That made me update my home system to 2.2.1-DEVELOPMENT - time to be checking/testing with that anyway. From Firefox ... Phillip Davis
02:36 AM Bug #4481: DHCP server - Dynamic DNS options layout messed up
Apparently I was not specific enough. This is in the "DHCP Static Mappings for this interface." -- i.e., when you add... Kill Bill
10:24 PM Bug #4483 (Resolved): SLAAC and stateful DHCP6 IPs are configured on interface when using DHCP6 config type
If I set my WAN IPv6 configuration type to DHCP6 and leave 'Request only a IPv6 prefix' unchecked I end up with two p... Paul K
06:54 PM Revision 751533a2: Code style etc inc u
Phil Davis
06:26 PM Revision 61e047a5: Code style etc in r s
Phil Davis
05:05 PM Bug #4482 (Resolved): IPsec on gateway group with VIPs not working
IPsec connections that are bound to a gateway group using VIPs end up omitted from ipsec.conf, and are missing their ... Chris Buechler
05:03 PM Revision 86084233: Be safe use require_once in zeromq
I was testing code and just doing stuff like:
require_once("zeromq.inc");
in Diagnostics->Command Prompt, PHP Execute... Phil Davis
03:49 PM Bug #4468 (Confirmed): radvd multiple prefix not working
that's never worked from the looks of it. Chris Buechler
03:34 PM Bug #4081: Apinger reporting incorrect latency
I had this problem on a clean plain install of 2.2 using a cable modem DHCP WAN with no explicitly set or override of... Stuart Wyatt
01:59 PM Bug #1493: pf blocks all traffic following filter reload.
nothing you're encountering today has any relation to this issue. I suspect any such issues on 2.2 have the same root... Chris Buechler
10:19 AM Bug #1493: pf blocks all traffic following filter reload.
I can confirm that I am experiencing the same with 2.2-Release (AMD64) version.
Any updates on this? andres g
01:25 PM Bug #4177: Bug in OpenVPN user/pass auth
Sorry for the mess.
The diff below should have looked like this:... Maciej Blachnio
01:23 PM Bug #4177: Bug in OpenVPN user/pass auth
Hi,
I've stumbled upon a special case where my client invented a super complicated password and got what he had comi... Maciej Blachnio
12:10 PM Revision 8f5f40c9: Merge pull request #1529 from phil-davis/Code-Style-pkg-utils
Renato Botelho
12:08 PM Revision 0f6a1db1: Merge pull request #1528 from phil-davis/Code-Style-putil
Renato Botelho
11:55 AM Revision 76de1b3f: Merge pull request #1526 from phil-davis/Code-Style-openvpn
Renato Botelho
11:51 AM Revision 969a5793: Merge pull request #1525 from phil-davis/Code-Style-etc-inc-i-to-p
Renato Botelho
10:39 AM Revision c8703520: Ancient bug on upgrade_014_to_015
This code looked silly the way it was, with the construct:
$var = $var;
unset($var);
Seems it was accidentally chang... Phil Davis
10:39 AM Revision a469662b: Merge pull request #1530 from phil-davis/patch-2
Renato Botelho

03/01/2015

08:16 PM Bug #4481: DHCP server - Dynamic DNS options layout messed up
services_dhcp.php has not changed since 1 Jan 2015 so should be the same in 2.2
I do not see this problem in 2.2
Wh... Phillip Davis
01:23 PM Bug #4481 (Resolved): DHCP server - Dynamic DNS options layout messed up
!http://i.imgur.com/V155ffo.png! Kill Bill
03:46 PM Revision 839966e3: Ancient bug on upgrade_014_to_015
This code looked silly the way it was, with the construct:
$var = $var;
unset($var);
Seems it was accidentally chang... Phil Davis
01:02 PM Bug #4155: ntpd crashes on 32 bit with dynamic WAN reconnections and OpenVPN client configured
Why not just remove system_ntp_configure and ntp_sync_once.sh from rc.newwanip and rc.newwanipv6 (https://forum.pfsen... Charlie m
09:11 AM Bug #4401: remove xen netfront driver until it can handle altq
You make a really good job and if XN+ALTQ is working in 2.2.2 we'll never spoke about that.
It's never xen which c... Grischa Zengel

02/28/2015

08:40 PM Bug #4401: remove xen netfront driver until it can handle altq
Removing this would not result in 100% upgrade success, it'd result in 100% of already upgraded and fixed systems bre... Chris Buechler
01:02 PM Bug #4401: remove xen netfront driver until it can handle altq
If it's come with 2.2.2 I can wait.
But if not I think 100% update success is better than 80% faster running systems... Grischa Zengel
03:57 AM Bug #4401 (Rejected): remove xen netfront driver until it can handle altq
We will get ALTQ support into xn for 2.2.2. We'll track that on the original ticket for that problem, #4345
We're ... Chris Buechler
05:24 PM Revision 49aec489: Code style for pkg-utils
Phil Davis
02:40 PM Revision 23a193da: Code style for pfsense-utils
Phil Davis
02:27 PM Revision bb235b27: Merge pull request #1527 from phil-davis/patch-2
Renato Botelho
12:56 PM Revision 472da675: Semi-colon went AWOL in dyndns.class
after putting it back the code runs much better :) Phil Davis
09:19 AM Bug #4480: DHCP self-reported hostnames not synced properly
Thanks, I'd tried searching for existing bugs on this one but there were so many items mentioning DHCP that I couldn'... Eduard Rozenberg
02:38 AM Bug #4480 (Rejected): DHCP self-reported hostnames not synced properly
duplicate of #4061 Chris Buechler
09:01 AM Revision ef00af3c: Code style openvpn.inc
Phil Davis
08:40 AM Revision b37a2e8c: Code style for etc inc i to p
Phil Davis
04:58 AM Bug #4178: IPsec leftsubnet changed to 0.0.0.0 with Cisco unity plugin active
I renamed `libstrongswan-unity.so` to `libstrongswan-unity.so.orig` three days ago, and the tunnel has stayed up all... Brian Candler
03:48 AM Bug #4345 (Confirmed): Traffic Shaping doesn't work with Xen netfront driver
updated subject to specific issue at hand here. Chris Buechler
03:46 AM Bug #4365 (Feedback): ALTQ Traffic Shaping is not working in pfSense 2.2 when run on Hyper-V 2012 R2
that message means there are no queues in the running ruleset. I suspect this is actually a duplicate of a different ... Chris Buechler

02/27/2015

09:14 PM Bug #4480 (Rejected): DHCP self-reported hostnames not synced properly
Hello,
I noticed that if a few of my servers are set up to self-report hostnames to DHCP (active lease type), the ... Eduard Rozenberg
03:25 PM Bug #4479 (New): Firewall rules won't match GRE interface after applying IPSEC transport encryption on GRE tunnel
I have an issue with IPSEC where my GRE tunnels work fine until I turn on transport encryption with IPSEC. After IPSE... Jonathan Black
03:09 PM Bug #4465 (Rejected): Traffic utilization error egress on vlan interface
yeah, duplicate of #3314 Chris Buechler
03:06 PM Bug #4478 (Rejected): radvd running though disabled in CARP setup
radvd stops/starts with CARP status where it's bound to a CARP IPv6 IP. If you bind it to a specific interface, that'... Chris Buechler
04:44 AM Bug #4478 (Rejected): radvd running though disabled in CARP setup
I'm running a CARP setup with two routers IPv6 only.
I don't know what the exact behaviour *should* be but when both... Pim Pish
02:35 PM Revision 139deffb: Merge pull request #1524 from phil-davis/Code-Style-Guide-Interfaces-inc
Renato Botelho
01:57 PM Revision e59410d5: Merge pull request #1523 from phil-davis/patch-2
Renato Botelho
01:36 PM Revision fd74eeea: Merge pull request #1522 from phil-davis/Code-Style-Guide-etc-inc-f-to-g
Renato Botelho
01:26 PM Bug #4402: Unbound: enable harden-glue by default and/or apply patch
Olivier Müller wrote:
> Thanks for the fixes !
>
> On this topic, Unbound 1.5.2rc1 has just been released, and f... Renato Botelho
12:29 PM Bug #4363 (Resolved): gpioapu causes kernel panic at boot on some hardware
confirmed fixed Chris Buechler
08:24 AM Bug #4364: cannot change or set keymap during and after install
Hi,
I can confirm that. Just downloaded a 2.2 full iso, installed it : no video or keymap choices at install time, a... Frank Soyer
05:28 AM Revision cf73302f: Code style guide interfaces.inc
This is another big file that has many diffs so Github refuses to
display them. I thought it best to keep doing indiv... Phil Davis
04:35 AM pfSense Packages Bug #4453: Squid-in-the-middle SSL Bump downgrades client SSL/TLS connections
such a terrible idea to use this. But, legit issue if that is a problem Chris Buechler
04:32 AM Todo #4338 (Resolved): Upgrade PHP to 5.5.22
confirmed Chris Buechler
04:31 AM Bug #3979 (Resolved): 2.2 IPsec NAT-T / MOBIKE IKEv2 control
fixed Chris Buechler
04:30 AM Bug #4464 (Feedback): Config restore forces serial console to be enabled
the C2758s we sell display VGA fine regardless of primaryconsole configuration. A good chunk of the boot process, fro... Chris Buechler
04:19 AM Bug #4445 (Resolved): Applying NAT changes in Hyper-V can break running NAT config
fixed Chris Buechler
04:17 AM Bug #4436 (Resolved): dhcp6c requests prefix delegation when no tracking interfaces are configured
thanks for the confirmation, Paul. I confirmed as well, fixed. Chris Buechler
04:16 AM Bug #4317 (Resolved): firewall_edit_nat.php - memory exhaustion on 32 bit with VIP range
Chris Buechler
03:42 AM pfSense Packages Bug #4084: Check_mk agent doesn't work: wrong bash path
The Problem is that with 2.2-RELEASE bash is not there anymore so check_mk_agent will not work.
After installing bas... Peter Baumann

02/26/2015

07:53 PM Bug #4352 (Closed): 2.2 syslogd exiting sig 15 when boot finishes
it's fixed in 2.2.1. this is actually a duplicate of #4393 which has the specific cause and commits that fixed. Chris Buechler
06:10 AM Bug #4352: 2.2 syslogd exiting sig 15 when boot finishes
Did you ever find a resolution to this? We're seeing the exact same behavior. James S
04:39 PM Revision 918bdf0d: More style guide changes
In gwlb.inc at line 676 and 779 I added an extra set of brackets. In the
"if" clause as a whole there were a mix of &... Phil Davis
03:59 PM Revision e6cbfb65: Code style guide changes for filter.inc 2nd version
This is the changes to filter.inc as per the commits in https://github.com/pfsense/pfsense/pull/1521 but done in just... Phil Davis
03:56 PM Bug #4477 (Rejected): php-fpm linked against obsolete libpcre version
This regressed somewhere after 2.2 release and been going for ever since the 2.2.1 snapshots have been made available... Kill Bill
03:48 PM Bug #4328: Some symlinks not updated by full update
Still broken. Really, I feel somehow the point gets missed here - is there actually some upgrade script to clean up t... Kill Bill
01:34 PM Revision 59f64414: Fix track6 prefix id range in error message, reported on Pull Request #1517
Renato Botelho
01:34 PM Revision aa2370d8: Fix track6 prefix id range in error message, reported on Pull Request #1517
Renato Botelho
01:26 PM Revision 5b06d6ad: Fix type (trime->trim)
Jim Pingle
01:26 PM Revision a41d910c: Fix type (trime->trim)
Jim Pingle
01:20 PM pfSense Packages Bug #4217 (Feedback): siproxd on pfSense 2.2-RELEASE i386 fails to start
Applied in changeset commit:e7aca8a470e3ea13e018c99f7db4351c4119f082. Renato Botelho
01:12 PM Revision ae52d165: Fix indent and remove some unecessary ()
Renato Botelho
12:38 PM Revision ae3b187a: Merge pull request #1520 from phil-davis/Code-Style-Guide-etc-inc-a-to-e
Renato Botelho
12:37 PM Revision 9c8e788c: Merge pull request #1519 from phil-davis/Code-style-etc-misc
Renato Botelho
12:31 PM Revision e607009a: Check if variables are set before trying to pass them to function substr_count to avoid generating PHP alerts.
k-paulius
12:31 PM Revision 9e52dca6: Merge pull request #1518 from k-paulius/fix-ntpd-unset-vars
Renato Botelho
12:28 PM Revision 2798bb68: interface_netgraph_needed can miss setting found equals true
This routine seems to go looking to see if the passed-in interface is PPP-style. At the end, if it is not PPP-style t... Phil Davis
12:28 PM Revision ded7e5bf: Merge pull request #1516 from phil-davis/patch-2
Renato Botelho
12:25 PM Revision 7136682e: Merge pull request #1515 from phil-davis/Style-updates
Renato Botelho
11:15 AM Bug #4392: OpenVPN daemon crashing with ath(4) card installed
This error also occurs almost every minute on my pfSense firewall since the update to 2.2. Is there a any solution to... David Masshardt
08:25 AM Revision 9ba87997: Code Style Guide etc inc f to g
Phil Davis
07:36 AM Revision 777291a2: remove unused legacy code
Chris Buechler
07:35 AM Revision 8cf108b2: remove unused legacy code
Chris Buechler
07:33 AM Bug #4475 (Feedback): 6rd prefix validation message is not displaying correct range
Pushed a fix commit:aa2370d8341b9ece91c30a500aac4c19a4e78795 and commit:59f64414ab456ea56751c0381b625205a28e064a Renato Botelho
07:32 AM Revision 71a690bb: Log ifconfig commands used to setup wireless interfaces
Chris Buechler
07:32 AM Revision 95d2d24b: Log ifconfig commands used to setup wireless interfaces
Chris Buechler
05:42 AM Revision 1e0b1727: Code style guide etc in a to e
Phil Davis
05:14 AM Bug #4476 (Closed): pfSense blocks all new traffic after applying port forwarding changes
Version: 2.2-RELEASE (i386)
built on Thu Jan 22 14:04:25 CST 2015
FreeBSD 10.1-RELEASE-p4
I am using pfSense o... Daniel Milazar
03:50 AM Revision 1bfcf6f1: Code style guide changes for miscellaneous files
under etc Phil Davis
02:44 AM Revision 10221050: Check if variables are set before trying to pass them to function substr_count to avoid generating PHP alerts.
k-paulius
01:34 AM Bug #4383: Firewall log contains IGMP for rules that do not have logging on
Target for 2.2.2 looks good. This does not effect actual firewall functions from a security point of view - packet pa... Phillip Davis
12:12 AM Bug #4383 (Confirmed): Firewall log contains IGMP for rules that do not have logging on
I suspect the root issue here is logging of passed traffic with IP options regardless of whether logging is enabled o... Chris Buechler
12:39 AM Feature #4366 (Confirmed): Namecheap Dynamic DNS updates fail on subdomain formatted domains
Chris Buechler
12:13 AM Bug #4178 (Confirmed): IPsec leftsubnet changed to 0.0.0.0 with Cisco unity plugin active
this indeed is inadequate to fix the issue, we'll need that option to omit that plugin entirely. Chris Buechler

02/25/2015

08:46 PM Bug #4474: IP address change triggers reload of all packages
There are some packages that might like to know about interface state changes, including changes where the interface ... Phillip Davis
02:43 PM Bug #4474 (Confirmed): IP address change triggers reload of all packages
Hey!
When OpenVPN restarts and the clients or servers are assigned to interfaces, the packages are reloaded. They ... Cullen Trey
08:27 PM Revision 59eb0ce7: Put the bits to use the new reset utility
Ermal Luçi
08:26 PM Revision 3d163004: Put the bits to use the new reset utility
Ermal Luçi
07:53 PM Bug #4475: 6rd prefix validation message is not displaying correct range
Pull request: https://github.com/pfsense/pfsense/pull/1517 Paul K
07:50 PM Bug #4475 (Resolved): 6rd prefix validation message is not displaying correct range
If you enter incorrect IPv6 prefix on the interface that is set to 'Track Interface', validation message that is disp... Paul K
07:15 PM Bug #4436: dhcp6c requests prefix delegation when no tracking interfaces are configured
Tested on v2.2 branch. Config file is generated correctly now. Paul K
06:23 PM Bug #4434: Enabling NTP graphs does not take effect right away
Tested on 2.2 branch and it is working fine now.
Thanks for your feedback Renato. Paul K
06:08 PM Bug #4081: Apinger reporting incorrect latency
could this issue be aggravated by using google dns as monitor addresses as they are anycast?
 Michael Kellogg
06:03 PM Bug #4081: Apinger reporting incorrect latency
with this about 20% of the time causes a mail storm makes the box inaccessible from webgui a reset of web configurato... Michael Kellogg
05:21 PM Revision 7af43cb0: interface_netgraph_needed can miss setting found equals true
This routine seems to go looking to see if the passed-in interface is PPP-style. At the end, if it is not PPP-style t... Phil Davis
04:48 PM Bug #4471 (Confirmed): stf tunnel interface is not destroyed when 6rd or 6to4 tunnel is disabled
Chris Buechler
03:22 PM Revision 883096d8: Ticket #4418 Actually make each entry a clear token to strongswan parser for dns_split
Ermal Luçi
03:22 PM Revision 4c9b272d: Ticket #4418 Actually make each entry a clear token to strongswan parser for dns_split
Ermal Luçi
03:19 PM Revision ca5f5db1: Ticket #4418 make sure the dns_split is separated with spaces rather than space or comma to comply with strongswan requirements.
Ermal Luçi
03:19 PM Revision 1f3d4db0: Ticket #4418 make sure the dns_split is separated with spaces rather than space or comma to comply with strongswan requirements.
Ermal Luçi
03:16 PM Revision e1c4a5ff: Ticket #4418 Make the DNS names attr 28675 space separated as identified by Jeffrey Dvornek
Ermal Luçi
03:16 PM Revision 82e6fde2: Ticket #4418 Make the DNS names attr 28675 space separated as identified by Jeffrey Dvornek
Ermal Luçi
02:16 PM Todo #4225: Lets improve the webGUI
Raul Ramos wrote:
> I doubt that web developers from pfSense have the taste and the ability to do that, is only my o... Chris Buechler
01:15 PM Todo #4225: Lets improve the webGUI
Raul Ramos wrote:
> Kerio Control web gui? i pass. Bootstrap, foundation, own css/js whatever they choose is fine.
... Jared Dillard
08:55 AM Todo #4225: Lets improve the webGUI
Kerio Control web gui? i pass. Bootstrap, foundation, own css/js whatever they choose is fine.
See what Ubiquiti i... Raul Ramos
12:37 PM Feature #4472: Cryptographically sign every (sub-)release
Updates are signed and validated. The downloads page has a link to the md5 and sha256 hash files for your selected do... Chris Buechler
07:33 AM Feature #4472: Cryptographically sign every (sub-)release
Yeah, hence my saying "not quite so simple for the average user to verify". :-)
We keep our own copy of gzsig in o... Jim Pingle
07:25 AM Feature #4472: Cryptographically sign every (sub-)release
Uhh - what a rare animal! I wasn't aware of gzsig so far.
Let's hope the attack on monkey.org, hosting also gzsig,... Patrick Hieber
07:05 AM Feature #4472: Cryptographically sign every (sub-)release
Yes, all of the files including the ISO and IMG files are gzipped and signed with gzsig which adds signature metadata... Jim Pingle
06:58 AM Feature #4472: Cryptographically sign every (sub-)release
I cannot find signatures when opening a mirror directory (e.g. http://files.nl.pfsense.org/mirror/downloads/). I mean... Patrick Hieber
06:41 AM Feature #4472: Cryptographically sign every (sub-)release
They are all currently signed with gzsig. Update files have their signature checked before being applied. So do packa... Jim Pingle
04:47 AM Feature #4472 (New): Cryptographically sign every (sub-)release
As it is quite easy for an active adversary to inject arbitrary data, every release should be signed, not only hashed. Patrick Hieber
10:40 AM pfSense Packages Bug #4473: Still can't run EGP and IGP on the same system
We're looking at adding BIRD as a package, which would allow BGP and OSPF to run. Jeremy Porter
10:16 AM pfSense Packages Bug #4473 (Closed): Still can't run EGP and IGP on the same system
A client just ran into the same problem I've noted a few times previously - you still can't install an EGP daemon (Op... Adam Thompson
09:40 AM Bug #1974: Captive Portal RADIUS accounting bytes wrong
It seems there is a regression, at least in 2.2 for 32bit.
Radius is reporting 1320 MB while according to Bandwidt... Fran Secs
09:21 AM Bug #4418: IPsec mobile clients - bogus "p" appended to search domain
Thank you for finding the separator issue.
I pushed fixes for separating dns names with spaces.
The characters at... Ermal Luçi
08:16 AM Bug #3568: DynDNS: Hostname '@' not accepted for Namecheap
As you can see there:
https://www.namecheap.com/support/knowledgebase/article.aspx/597/10/how-can-i-set-up-a-catchal... Robert Qbik
06:26 AM Revision e2d700da: remove old, unused code
Chris Buechler
06:25 AM Revision e082eca9: remove old, unused code
Chris Buechler
03:47 AM Bug #4178: IPsec leftsubnet changed to 0.0.0.0 with Cisco unity plugin active
I also found that disabling the plugin is inadequate to fix the issue (even after a strongswan restart). I'm now tryi... Brian Candler

02/24/2015

10:19 PM Bug #4418: IPsec mobile clients - bogus "p" appended to search domain
Hi all,
Not sure if this helps, but some findings:
First, it appears that the strongswan config is generated us... Jeffrey Dvornek
07:52 PM Bug #4418: IPsec mobile clients - bogus "p" appended to search domain
Hi.
Also tried Revision fc06d8ea with no effect on clients from Mountain Lion through Yosemite. Andreas Weik
07:58 PM Revision a8efbde4: Minor spacing edits to etc files
Phil Davis
07:23 PM Revision e173dd74: Code style for etc files
Phil Davis
07:08 PM Revision aa314146: When RADIUS auth is selected, radius protocol and server ip/host are mandatory. Fixes #4384
Renato Botelho
07:08 PM Revision 10b92c57: When RADIUS auth is selected, radius protocol and server ip/host are mandatory. Fixes #4384
Renato Botelho
06:45 PM Revision 6c452c3e: Initialize var and move unset outside the loop
Renato Botelho
06:45 PM Revision 83fa2c73: Do not request prefix delegation if no tracking interfaces are setup to
use it. Ticket #4436 k-paulius
06:45 PM Revision 8104c3df: Initialize var and move unset outside the loop
Renato Botelho
06:43 PM Revision 9212eb92: Merge pull request #1495 from k-paulius/fix-dhcp6c-4436
Renato Botelho
06:40 PM Revision 3adf6f27: isset is a better check here
Renato Botelho
06:40 PM Revision 2e50e5b1: Fixing issues with NTP RRD graph state changes
- only call enable_rrd_graphing() after $config['ntpd']['statsgraph']
is set
- fix if condition; empty and isset ... k-paulius
06:40 PM Revision 5a27b146: isset is a better check here
Renato Botelho
06:39 PM Revision 88a5ad7e: Merge pull request #1494 from k-paulius/ntp-rrd-fix
Renato Botelho
02:34 PM Bug #4397: MTU must be set in same ifconfig command as IP
This should work as is on 2.2 in FreeBSD head it has been fixed with:... Ermal Luçi
01:20 PM Bug #4384: missing input validation in captive portal
Applied in changeset commit:aa314146cac3382cc1c7fc28c93296f70e7c9682. Renato Botelho
01:20 PM Bug #4384 (Feedback): missing input validation in captive portal
Applied in changeset commit:10b92c5756c5d9aa4e183fa08fe8fe0ad2c12bd0. Renato Botelho
01:14 PM Bug #4471: stf tunnel interface is not destroyed when 6rd or 6to4 tunnel is disabled
Pull request https://github.com/pfsense/pfsense/pull/1514 Paul K
12:04 PM Bug #4471 (Resolved): stf tunnel interface is not destroyed when 6rd or 6to4 tunnel is disabled
When you configure IPv6 to use 6rd or 6to4 tunnel a new interface ('wan_stf' for example) is created.
If IPv6 config... Paul K
01:10 PM Bug #4433 (Feedback): DHCP6 only pushes name server info to tracked interfaces if delegation prefix length is less than /64
Merged Renato Botelho
12:43 PM Bug #4436 (Feedback): dhcp6c requests prefix delegation when no tracking interfaces are configured
Merged Renato Botelho
12:39 PM Bug #4434 (Feedback): Enabling NTP graphs does not take effect right away
Merged Renato Botelho
12:35 PM Bug #4444 (Feedback): Reverse lookup domain overrides and "Do not forward private reverse lookups"
Merged Renato Botelho
12:33 PM Bug #4371 (Resolved): Re-enable suhosin
Renato Botelho
12:32 PM Bug #4371: Re-enable suhosin
Warnings gone with the latest snapshot. ;) Kill Bill
07:37 AM Bug #4371 (Feedback): Re-enable suhosin
I submitted a fix for the FreeBSD ports tree and rebuild it. Should be ok now. Renato Botelho
12:31 PM Bug #4435 (Feedback): Invalid increment in DHCP6 server address range check
Merged Renato Botelho
11:55 AM Revision b8b3784f: Merge pull request #1479 from surrural/master
Renato Botelho
11:40 AM Revision b5ecfe0f: carp, don't show status icon from previous carp ip in case the ip is not present on the interface (test with ifconfig em0 1.2.3.4 delete)
Pi Ba
11:40 AM Revision 0b9d204a: Merge pull request #1492 from PiBa-NL/carp-statusicon
Renato Botelho
11:24 AM Revision 42fcce27: Handle reverse lookup domain overrides
that match exactly a whole block of private address space.
e.g. if the user has checked "Do not forward private rever... Phil Davis
11:24 AM Revision 069bb759: Merge pull request #1498 from phil-davis/patch-3
Renato Botelho
11:08 AM Revision f31436cc: Fix PTR records for aliases in host overrides
Lorenz Schori
10:10 AM Revision e91f03b4: Merge pull request #1513 from znerol/bug/master/unbound-host-alias-ptr-followup
Renato Botelho
09:31 AM Revision f29610b0: Fix PTR records for aliases in host overrides
Lorenz Schori
07:52 AM Feature #4470: RA page in GUI
....and updated to 1.9.7 version (I don`t know what is the latest version for FreeBSD, on linux there is 2.9, latest ... Greg M
07:49 AM Feature #4470 (New): RA page in GUI
RA page in gui needs some advanced settings like:
- change lifetimes
- change RA packets min and max send value
- ... Greg M
07:39 AM Todo #4338 (Feedback): Upgrade PHP to 5.5.22
Done Renato Botelho
07:36 AM Bug #4447 (Resolved): Unbound adds PTR records for host override aliases
Renato Botelho
06:53 AM Bug #4447: Unbound adds PTR records for host override aliases
Thanks for merging the followup, and sorry for the noise. It works now as expected with the newest snapshot. @PTR@ qu... znerol znerol
03:37 AM Bug #4447: Unbound adds PTR records for host override aliases
Oops, that completely broke revers DNS lookups. Regrettably I confused the config keys, the code looks for @ip@ inste... znerol znerol
07:24 AM Bug #144: Syslog messages violate RFC 3164
How can I determine which pfsense in my env is sending the syslog messages if no hostname/ip is specified? This would... Patrick Hieber
05:50 AM Bug #4469 (Resolved): Using string 'local' on auth server 'Descriptive Name' make it fails
If Descriptive Name of an auth server contains string 'local', it is going to be considered as 'Local Database', for ... Renato Botelho
03:23 AM Bug #4468 (Resolved): radvd multiple prefix not working
Per discussion here:https://forum.pfsense.org/index.php?topic=78035.0
radvd.conf not showing extra prefixes, only ... Adam Rogers
02:50 AM Feature #2743: Add external interface selector to UPnP Settings
i can try and add multi wan selection but can some1 show me a sample upnp config file with multiple wans so i know ho... Bipin Chandra
01:27 AM Bug #4465: Traffic utilization error egress on vlan interface
Yes it looks like it, did not see it as I thought it was spesific to the 2.2 release. Rasmus Fauske

02/23/2015

10:22 PM Bug #4465: Traffic utilization error egress on vlan interface
This is a duplicate of #3314 ? Phillip Davis
10:10 AM Bug #4465 (Rejected): Traffic utilization error egress on vlan interface
I have configured two vlan interfaces on one port and is running traffic from one to the other, then the traffic graf... Rasmus Fauske
10:18 PM Bug #4317: firewall_edit_nat.php - memory exhaustion on 32 bit with VIP range
Yes, agree with Ermal.
My comments were just to document/mention the negative numbers behavior on 32-bit systems. I ... Phillip Davis
03:47 PM Bug #4317 (Feedback): firewall_edit_nat.php - memory exhaustion on 32 bit with VIP range
This seems to work now! Ermal Luçi
10:13 PM pfSense Packages Feature #4466: Config history and diffs
Diagnostics->Backup/Restore, Config History tab, has a list of locally stored old configs. You can configure the numb... Phillip Davis
04:59 PM pfSense Packages Feature #4466: Config history and diffs
Sorry, I am referring to the AutoConfigBackup package page under Diagnostics menu. I am curious what you're talking a... Michael Newton
01:26 PM pfSense Packages Feature #4466 (Rejected): Config history and diffs
The config history already has this. There are radio selectors and a 'diff' button to show changes. Jim Pingle
01:18 PM pfSense Packages Feature #4466 (Rejected): Config history and diffs
Something similar to Wikipedia, where you can select two configs and see the changes between them. Also nice would be... Michael Newton
08:20 PM Revision d5b1a279: Ticket #4445 do not write config and remove its cache when applying settings its just behaviour from dinosaur era and should have been cleanded long time ago.
Ermal Luçi
08:20 PM Revision 361027c7: Ticket #4445 do not write config and remove its cache when applying settings its just behaviour from dinosaur era and should have been cleanded long time ago.
Ermal Luçi
08:00 PM Revision e0a4147b: Add support for DNSimple (dnsimple.com)
surrural
08:00 PM Revision c19250a5: Update dyndns.class
surrural
08:00 PM Revision a39b78b5: Add support for DNSimple (dnsimple.com)
surrural
08:00 PM Revision e29543d6: Add support for DNSimple (dnsimple.com)
surrural
08:00 PM Revision 916d683e: Add support for DNSimple (dnsimple.com)
surrural
07:28 PM Revision 623e6d09: Preserve "add routers" value across loop for each interface
Forum: https://forum.pfsense.org/index.php?topic=89302.0
If the user put "none" in the 'gateway' field for the DHCP ... Phil Davis
07:28 PM Revision 8252ccfa: Merge pull request #1511 from phil-davis/patch-4
Renato Botelho
07:18 PM Revision 4f5967b9: diag_arp allow underscore in resolved host names
is_hostname() and is_domain() allow underscore in the names. So it is possible to have underscore in host names, for ... Phil Davis
07:17 PM Revision b2507ae6: Merge pull request #1497 from phil-davis/patch-2
Renato Botelho
07:05 PM Revision ce0e5d38: fix Net_IPv6::compress() to properly handle all-zeros address
The existing implementation of Net_IPv6::compress produces an empty
string when compressing the all-zeros ("::") addr... Daniel Becker
07:05 PM Revision e6daaa3b: Merge pull request #1477 from razzfazz/fix_net_ipv6_compress_all_zeroes_master
Renato Botelho
06:33 PM Revision 3f141c9d: Preserve "add routers" value across loop for each interface
Forum: https://forum.pfsense.org/index.php?topic=89302.0
If the user put "none" in the 'gateway' field for the DHCP ... Phil Davis
06:31 PM Bug #4464: Config restore forces serial console to be enabled
I had this issue as well, but I don't think this is an issue with 2.2. This was most likely an issue with previous re... Paul K
03:13 AM Bug #4464 (Resolved): Config restore forces serial console to be enabled
during the upgrade to 2.2 " Enables the first serial port with 115200/8/N/1 by default, or another speed selectable b... Andrew Stuart
06:14 PM Revision 92a33a83: Merge pull request #1496 from stilez/patch-2
Renato Botelho
06:02 PM Revision 07efe7c0: add dhcp6.name-servers option with DHCPD-PD regardless of PD length
The existing code only includes a v6 name server IP in the
automatically generated dhcpdv6 configuration for tracking... Daniel Becker
06:01 PM Revision 545e25fa: Merge pull request #1476 from razzfazz/fix_dns6ip_assignment_for_track6_master
Renato Botelho
05:38 PM Revision 76feb407: make computation of start of DHCPv6 range consistent with actual check
When computing the start IP for the 'available range' field,
services_dhcpv6.php attempts to increment a colon-format... Daniel Becker
05:38 PM Revision d596baab: Merge pull request #1478 from razzfazz/fix_dhcpv6_avail_range_dump_master
Renato Botelho
05:31 PM Bug #4467 (New): Traffic Graphs shows wrong throughput when traffic shaping enabled
When I enable traffic shaping with the wizard the traffic graph is incorrect. It is showing much lower throughput tha... Joe Laffey
05:31 PM Revision a0e4410f: Do not add PTR records for aliases in host overrides
Lorenz Schori
05:30 PM Revision beb6a984: Merge pull request #1509 from znerol/bug/master/unbound-host-alias-ptr
Renato Botelho
05:18 PM Revision ff7990df: Fix display style typo
I could not see any difference in rendering of the page after fixing this, but it looks it it should be fixed. Phil Davis
05:18 PM Revision 41de7158: Fix display style typo
I could not see any difference in rendering of the page after fixing this, but it looks it it should be fixed. Phil Davis
05:18 PM Revision ba7d3bd3: OpenVPN server improve handling of authmode
Currently if the user is clicking around while they are setting up an OpenVPN server, they can do stuff like this:
a)... Phil Davis
05:17 PM Revision 683eb992: vpn_openvpn_server.php white space
Phil Davis
05:17 PM Revision 359d0123: Merge pull request #1510 from phil-davis/patch-6
Renato Botelho
04:46 PM Revision 5fd42bbb: Fix display style typo
I could not see any difference in rendering of the page after fixing this, but it looks it it should be fixed. Phil Davis
04:44 PM Revision cbd49c77: Fix display style typo
I could not see any difference in rendering of the page after fixing this, but it looks it it should be fixed. Phil Davis
04:31 PM Revision a087e197: OpenVPN server improve handling of authmode
Currently if the user is clicking around while they are setting up an OpenVPN server, they can do stuff like this:
a)... Phil Davis
04:13 PM Revision 3e41ad59: vpn_openvpn_server.php white space
Phil Davis
03:56 PM Bug #4432: Net_IPv6::compress() does not properly handle all-zeroes address
Accepted upstream as well. Daniel Becker
03:48 PM Bug #4432 (Feedback): Net_IPv6::compress() does not properly handle all-zeroes address
Merged was put in. Ermal Luçi
12:20 PM Bug #4432: Net_IPv6::compress() does not properly handle all-zeroes address
Submitted "pull request":https://github.com/pfsense/pfsense/pull/pear/Net_IPv6#10 to Net_IPv6 upstream repo. Daniel Becker
02:45 PM Bug #4406: ALTQ problems with wireless cloned interfaces
This will be solved by bringing in the _start routine from FreeBSD 8 as has been done for other drivers in the tree.
... Ermal Luçi
02:41 PM Bug #4445 (Feedback): Applying NAT changes in Hyper-V can break running NAT config
that fix appears to work fine Chris Buechler
02:30 PM Revision 06266c34: Do not add PTR records for aliases in host overrides
Lorenz Schori
12:30 PM Revision d2ffc02f: Mention interface name on DHCP edit GUI
IMHO it can be confusing on the DHCP edit page for static mapped entries to know which interface the entry is being e... Phil Davis
12:30 PM Revision 7ccc1c32: Merge pull request #1505 from phil-davis/patch-7
Renato Botelho
12:29 PM Revision aeb5bf8e: Status_dhcp_leases fix edit button for static entries with no IP address
The edit button for static entries always has an index id=0 and thus pressing the edit button goes to (mostly) edit t... Phil Davis
12:29 PM Revision 1a1df767: Merge pull request #1504 from phil-davis/patch-6
Renato Botelho
12:23 PM Revision 8261c0b6: Fix broken links to dhcp6c.conf man page.
manpath FreeBSD+Ports no longer exits and needs to be replaced with FreeBSD+10.1-RELEASE+and+Ports k-paulius
12:23 PM Revision a8b8033f: Merge pull request #1506 from k-paulius/fix-links
Renato Botelho
12:18 PM Revision c0fde4e4: Success typo
might as well fix it while I notice it Phil Davis
12:18 PM Revision 1426b89f: Merge pull request #1507 from phil-davis/patch-8
Renato Botelho
12:17 PM Revision 7b6d4e6c: Modified DynDns -> Eurodns url
johnbyronent
12:17 PM Revision 890136d4: Merge pull request #1508 from johnbyronent/master
Renato Botelho
11:29 AM Bug #4447 (Feedback): Unbound adds PTR records for host override aliases
Pull Request has been merged and commit cherry-picked to RELENG_2_2 Renato Botelho
08:36 AM Bug #4447: Unbound adds PTR records for host override aliases
Opened PR "1509":https://github.com/pfsense/pfsense/pull/1509 (proper @master@). znerol znerol
07:23 AM Revision 900e9df6: Success typo
might as well fix it while I notice it Phil Davis
05:36 AM Bug #4175: kernel panic when loading run driver for RT3070
I'm seeing this too on an older device that worked fine in 2.1.X. I'll try to run up a FreeBSD 10.1 install and test.... Steve Wheeler
03:47 AM Revision d82b2a6f: Fix broken links to dhcp6c.conf man page.
manpath FreeBSD+Ports no longer exits and needs to be replaced with FreeBSD+10.1-RELEASE+and+Ports k-paulius
03:03 AM Bug #4463 (Resolved): Fix the NTPD Access Restrictions / and other NTPD related issues, including GPS
Access Restrictions once open says "these options control access to NTP from the WAN."
This is incorrect.
It sets... Andrew Stuart

02/22/2015

09:42 PM Feature #4458: pfSsense's own outbound requests should use other gateways not just default
Thanks, I wasn't aware of that option!
I searched around and managed to find it in its hiding place (System: Advan... Eduard Rozenberg
05:12 PM Feature #4458 (Rejected): pfSsense's own outbound requests should use other gateways not just default
enable the default gateway switching option if you need this behavior. Chris Buechler
10:46 AM Feature #4458: pfSsense's own outbound requests should use other gateways not just default
It appears pfSense email alerts may also be going out over the Default WAN only
(so if Default is down no email aler... Eduard Rozenberg
10:40 AM Feature #4458 (Rejected): pfSsense's own outbound requests should use other gateways not just default
Hello,
I have multi-wan set up with gateways WAN1 (Default) and WAN2.
If I temporarily take down the WAN1 gatew... Eduard Rozenberg
07:07 PM pfSense Packages Bug #4462 (Resolved): Custom ACLS (After_Auth) not written to squid.conf
Services->Proxy server->General, the input field "Custom ACLS (After_Auth)" is not written to squid.conf.
Tested s... Volker Kuhlmann
07:06 PM pfSense Packages Feature #4461 (Rejected): Squid options too late in squid.conf
The UI on Services->Proxy server->ACL has a good list list of ACL types to add.
Unfortunately most of these are not ... Volker Kuhlmann
05:18 PM Feature #4457 (Rejected): NAT rules with "any" as ip protocol
duplicate of #4259 Chris Buechler
09:07 AM Feature #4457 (Rejected): NAT rules with "any" as ip protocol
hello,
i started to use pfsense in my company and with other products we often do nat rules without to specify ip p... Giuanin Piemunteis
05:10 PM Bug #4448 (Rejected): IP alias had to be "resaved" in order for Wan rule that uses it to work properly again
Thanks for the feedback. definitely a duplicate of #4296 Chris Buechler
10:47 AM Bug #4448: IP alias had to be "resaved" in order for Wan rule that uses it to work properly again
I have not seen the issue again in the 2-3 days since I removed the FQDN from that alias. So far so good. Eduard Rozenberg
05:06 PM Todo #4338 (New): Upgrade PHP to 5.5.22
back to new to update to .22 Chris Buechler
02:41 PM pfSense Packages Bug #4460 (Closed): Upgrade to HAVP v1.05 forever displays "Antivirus Server ( ) Stopped"
Upgrading HAVP 0.91_1 pkg v1.04 to version v1.05 causes the Antivirus: General page to display "Antivirus Server ( ) ... lynn wilborn
01:47 PM Bug #4459: Tzdata is too old (needs to be updated for Russia)
More info:
I have correct time on the dashboard:
Sun Feb 22 22:45:03 MSK 2015
In console i have incorrect timezone... Taras Savchuk
01:37 PM Bug #4459 (Resolved): Tzdata is too old (needs to be updated for Russia)
Time difference is 1h for Russia. Taras Savchuk
06:02 AM Revision 18620400: Mention interface name on DHCP edit GUI
IMHO it can be confusing on the DHCP edit page for static mapped entries to know which interface the entry is being e... Phil Davis
05:36 AM Revision f5bea142: Status_dhcp_leases fix edit button for static entries with no IP address
The edit button for static entries always has an index id=0 and thus pressing the edit button goes to (mostly) edit t... Phil Davis
05:09 AM Feature #4456 (New): Packet capture additional filtering options
Hello,
it would be useful to have the packet capture with more filter options. For example i need often to filter ne... Giuanin Piemunteis
02:52 AM Bug #4175: kernel panic when loading run driver for RT3070
Got the same issue today while upgrading to 2.2 on fit-pc2i. It got RT2870 card and the same double fault while loadi... Dmitry Gromov

02/21/2015

11:51 PM pfSense Packages Bug #4336: syslog-ng package missing libraries
I believe this is because these libraries are in the subfolder /usr/pbi/syslog-ng-amd64/lib/syslog-ng.
Normally /u... Joshua Ruehlig
09:51 PM Bug #4455: Router Advertisment Daemon does not add UnicastOnly for OpenVPN interfaces
Note. The bugtracker did add formatting to my code making it pretty unreadable. Updated code that shouldn't get chang... sebastian nielsen
09:47 PM Bug #4455 (Resolved): Router Advertisment Daemon does not add UnicastOnly for OpenVPN interfaces
Found out when enabling RADVD on ovpns1 (a tun virtual interface), that the configuration page does not add UnicastOn... sebastian nielsen
07:56 PM Bug #4435: Invalid increment in DHCP6 server address range check
Are there any issues with my "pull request":https://github.com/pfsense/pfsense/pull/1478 that would prevent it from b... Daniel Becker
07:56 PM Bug #4433: DHCP6 only pushes name server info to tracked interfaces if delegation prefix length is less than /64
Are there any issues with my "pull request":https://github.com/pfsense/pfsense/pull/1476 that would prevent it from b... Daniel Becker
07:56 PM Bug #4432: Net_IPv6::compress() does not properly handle all-zeroes address
Are there any issues with my "pull request":https://github.com/pfsense/pfsense/pull/1477 that would prevent it from b... Daniel Becker
05:11 PM Revision 7a3848b6: correct 2 typos
Form_Input - forceName should actually use parameter
firewall_rules_edit - add Inputs to Section, not form Sjon Hortensius
02:13 PM Revision 48868a05: Initial version of converted firewall_rules_edit
Sjon Hortensius
09:59 AM Bug #1493: pf blocks all traffic following filter reload.
I have that same bug in the following pfSense version: 2.2-RELEASE (i386)
built on Thu Jan 22 14:04:25 CST 2015
F... Daniel Milazar

02/20/2015

11:56 PM Feature #4411: add validation of Unbound advanced configuration
One thing you might consider is adding 'server:' as the last keyword in all configuration files that are included in ... Paul K
08:40 PM Bug #4317 (Confirmed): firewall_edit_nat.php - memory exhaustion on 32 bit with VIP range
Chris Buechler
06:48 PM Bug #4175: kernel panic when loading run driver for RT3070
there has to be something different, as the run driver we ship is 100% identical to FreeBSD 10.1's. If someone wants ... Chris Buechler
06:42 PM Revision e5a67d33: Clean up some old, possibly stale, files when restarting php-fpm
Jim Pingle
06:42 PM Revision ec9bd3fa: Clean up some old, possibly stale, files when restarting php-fpm
Jim Pingle
03:35 PM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot
I am running on a SD card (and without any other card) and I am encountering the problem. Guillaume Leroy
01:51 PM Bug #4370: ntpd does nothing with selected carp interfaces.
Problem still exists. Only selecting the interface adds: "interface listen em1" , while only selecting the carp-ip, d... Pi Ba
01:51 PM Feature #3914 (Resolved): Support up to 4 DNS Servers in DHCP
thanks Phil Chris Buechler
10:13 AM Bug #4454 (Duplicate): scrub random-id + PPPoE + IPsec + communication to LAN IP = kernel panic on 32 bit
Started almost here https://forum.pfsense.org/index.php?board=16.0
But I am not sure is it all have the same reason ... Vladimir Suhhanov
08:45 AM Bug #4446 (Confirmed): IP Alias with CARP VIP parent is not removed from OS on secondary node when deleted
Updated the description to be more accurate. The actual problem appears to be that deleting an IP Alias VIP with a CA... Jim Pingle
02:58 AM Bug #4446: IP Alias with CARP VIP parent is not removed from OS on secondary node when deleted
Ok, I know how to reproduce this.
On the master, I have this config:... Andreas Pflug
02:34 AM Bug #4446: IP Alias with CARP VIP parent is not removed from OS on secondary node when deleted
what does the output of ifconfig show on the secondary? Chris Buechler
01:04 AM Bug #4446: IP Alias with CARP VIP parent is not removed from OS on secondary node when deleted
Chris Buechler wrote:
> this definitely works in general. when you end up in dual master is if it doesn't sync the a... Andreas Pflug
04:43 AM pfSense Packages Bug #4453: Squid-in-the-middle SSL Bump downgrades client SSL/TLS connections
I am aware of that, but since the CA is internal, I don't see the point why this should lead to RC4 and 40-bit keys b... René Pfeiffer
04:37 AM pfSense Packages Bug #4453: Squid-in-the-middle SSL Bump downgrades client SSL/TLS connections
René Pfeiffer wrote:
> This is a critical bug and may render strong encryption useless once SSL Bump is deployed.
... Kill Bill
04:28 AM pfSense Packages Bug #4453 (Resolved): Squid-in-the-middle SSL Bump downgrades client SSL/TLS connections
When enabling the Squid-in-the-middle SSL Bump option on pfSense 2.2/2.2.1 the SSL/TLS connections between server <->... René Pfeiffer
04:05 AM pfSense Packages Bug #4452 (Resolved): squid3 XMLRPC Sync
The settings made in the tab "Antivirus" are not synchronized. On the sync-slave all settings made in this tab are cl... Beat Guggisberg

02/19/2015

10:34 PM Bug #4451: Status DHCP Leases shows double entries for static entries without IP address
Forum post is actually: https://forum.pfsense.org/index.php?topic=89072.0
and I do not see any buttons that allow me... Phillip Davis
10:33 PM Bug #4451 (New): Status DHCP Leases shows double entries for static entries without IP address
Forum: https://forum.pfsense.org/index.php?topic=89043.0
Add a "Static Mapped" DHCP entry for some MAC address but d... Phillip Davis
06:54 PM Bug #4442: Boot sits at "Configuring firewall" for long time with hostnames, URL Tables, where DNS non-functional
Could this help:
$destination = $fqdn;
$output = shell_exec("host -W 1 $destination");
if (preg_match_all('#\b(c... Rob Turner
04:43 PM Bug #4446 (Feedback): IP Alias with CARP VIP parent is not removed from OS on secondary node when deleted
this definitely works in general. when you end up in dual master is if it doesn't sync the alias across for some reas... Chris Buechler
02:03 AM Bug #4446 (Resolved): IP Alias with CARP VIP parent is not removed from OS on secondary node when deleted
I used to have a CARP VIP for any IP address my pf cluster has to handle since that used to be the only way (changed ... Andreas Pflug
11:38 AM Bug #4449 (Rejected): crash with limiter active
duplicate of #4310 Chris Buechler
10:06 AM Bug #4449 (Rejected): crash with limiter active
I had a dedicated rule for a test machine in a DMZ with a limiter active (800kBit each direction) after an upgrade fr... Andreas Pflug
11:37 AM Bug #4448: IP alias had to be "resaved" in order for Wan rule that uses it to work properly again
It sounds like that could be the issue. I'll take out the fqdn for now and if the problem does not come back that wou... Eduard Rozenberg
11:32 AM Bug #4448 (Feedback): IP alias had to be "resaved" in order for Wan rule that uses it to work properly again
That sounds the same as #4296. Eduard, does the description there seem to match up with what you're seeing? Chris Buechler
10:18 AM Bug #4448: IP alias had to be "resaved" in order for Wan rule that uses it to work properly again
Is this the same or similar issue to https://redmine.pfsense.org/issues/4296 ? Phillip Davis
09:46 AM Bug #4448 (Rejected): IP alias had to be "resaved" in order for Wan rule that uses it to work properly again
Hello,
I have a WAN1 rule that allows traffic from Source defined by an IP alias.
The IP alias contains various I... Eduard Rozenberg
10:59 AM Bug #4450 (Resolved): GRE Tunnel does not work if one of the endpoints is an IP Alias
See https://forum.pfsense.org/index.php?topic=88947.0 for more details.
I've reproduced this issue on two sets of ... Jonathan Black
07:27 AM Bug #4447: Unbound adds PTR records for host override aliases
This is not my first patch, CLA is already done.
1500 was bogus, because it was against an old master, ... znerol znerol
06:26 AM Bug #4447: Unbound adds PTR records for host override aliases
I expect the devs will want you to make just a pull request against master. Then the devs will sort out committing to... Phillip Davis
03:55 AM Bug #4447: Unbound adds PTR records for host override aliases
Github Pull requests:
* "1499":https://github.com/pfsense/pfsense/pull/1499 (RELENG_2_2)
* "1500":https://github.co... znerol znerol
03:51 AM Bug #4447 (Resolved): Unbound adds PTR records for host override aliases
It is not recommended to add more than one ... znerol znerol
07:17 AM Bug #4392: OpenVPN daemon crashing with ath(4) card installed
to answer your previous question yes this is running 2.2-RELEASE (amd64) Adam Esslinger
07:14 AM Bug #4393: syslogd stops and fails to restart during boot in some cases
I have applied the patch. Ill let you know if I see any more syslog crashes. Thanks! Adam Esslinger
06:22 AM Bug #4175: kernel panic when loading run driver for RT3070
Hi. I am not sure if I am supposed to create a new issue or update this one...
I am experiencing the exact same be... Petros Androutsos
01:53 AM Revision a9386b8f: add a couple unnecessary bsdinstaller files to obsoletedfiles
Chris Buechler
01:52 AM Revision e0c1bfd7: add a couple unnecessary bsdinstaller files to obsoletedfiles
Chris Buechler
01:44 AM Revision 07dee7aa: remove unused dfuife files.
Chris Buechler
01:41 AM Revision 0778191e: remove unused dfuife files.
Chris Buechler

02/18/2015

11:55 PM Bug #4445: Applying NAT changes in Hyper-V can break running NAT config
it's somehow a hardware/hypervisor-specific issue, but I don't think it's indicative of a problem with Hyper-V itself... Chris Buechler
11:52 PM Bug #4445 (Resolved): Applying NAT changes in Hyper-V can break running NAT config
On some Hyper-V systems, applying changes to NAT in the web interface results in a rules.debug omitting all config-de... Chris Buechler
10:30 PM pfSense Packages Bug #4373: pfBlockerNG: IPv4 aliases are not preserved when upgrading package
Here is the commit to default "Keep settings" to "on":
https://github.com/BBcan177/pfsense-packages/commit/f802459... BBcan177 .
08:05 PM pfSense Packages Bug #4373: pfBlockerNG: IPv4 aliases are not preserved when upgrading package
there are a lot of people who are going to be surprised by that default, I suggest switching to defaulting to enablin... Chris Buechler
09:59 PM Bug #4444 (Resolved): Reverse lookup domain overrides and "Do not forward private reverse lookups"
If you enable "Do not forward private reverse lookups" and then have domain override(s) that cover whole chunk(s) of ... Phillip Davis
09:46 PM Feature #3914: Support up to 4 DNS Servers in DHCP
This was implemented for 2.2-RELEASE by commit: https://github.com/pfsense/pfsense/commit/3b5707db5bd1ea4d886b41f86bc... Phillip Davis
09:42 PM Bug #4077: Gateways Status Widget status column does not update
I think it was this commit that fixed the status background color updating: https://github.com/pfsense/pfsense/commit... Phillip Davis
09:31 PM Bug #4443 (Resolved): diag_arp does not display reverse resolved hostnames containing underscore
is_hostname() and is_domain() allow underscore in the names. So it is possible to have underscore in host names, for ... Phillip Davis
09:30 PM Bug #4393: syslogd stops and fails to restart during boot in some cases
anyone who's having issues with syslogd not running, install the System Patches package, then browse to System>Patche... Chris Buechler
07:59 AM Bug #4393: syslogd stops and fails to restart during boot in some cases
No need for that patch I posted now, Chris found the actual fix after that. The fix is in the commits shown in the "A... Jim Pingle
07:56 AM Bug #4393: syslogd stops and fails to restart during boot in some cases
I applied the patch and it created the lighttpd-breakage.log but its 0bytes. After applying the patch and restarting... Adam Esslinger
07:19 PM Bug #4389: gif0 tunnel for ipv6 using a carp-ip to the outside world stops working upon reboots and some config changes
best to gitsync to get to 2.2.1 right now. Option 12 at console, run "playback gitsync RELENG_2_2" Chris Buechler
07:17 PM pfSense Packages Bug #4324 (Resolved): HAproxy and SSL client certificate validation
Chris Buechler
06:48 PM Bug #4442 (Resolved): Boot sits at "Configuring firewall" for long time with hostnames, URL Tables, where DNS non-functional
Where you have FQDNs in aliases, and no reachable DNS servers, the boot gets excessively delayed sitting at "Configur... Chris Buechler
03:30 PM Bug #4438 (Confirmed): Unable to delete IP Alias outside an interface's subnet where a gateway exists in the same subnet
the specific issue is if you have an IP alias VIP that's not within any of your interfaces' subnets, and you have a g... Chris Buechler
06:47 AM Bug #4438 (Resolved): Unable to delete IP Alias outside an interface's subnet where a gateway exists in the same subnet
I have a working 2 FW CARP setup with pfSense 2.2 and a /28 subnet of available ip addresses.
If I add one of my a... Glen Arason
02:02 PM Bug #4441 (Confirmed): duplicating a relayd load balancer monitor in reality just overwrites the existing one and renames it.
Chris Buechler
01:00 PM Bug #4441 (Resolved): duplicating a relayd load balancer monitor in reality just overwrites the existing one and renames it.
Create a load balancing monitor called "Xhttps" and configure it to monitor https. Further configure it to use a host... Vick Khera
11:50 AM Bug #4425 (Closed): IPSEC /Strongswan Fails to Detect IP address Change
duplicate of #4341 Chris Buechler
11:44 AM Bug #4341: strongSwan fails to re-attach dynamic IPs where interfaces_use specified
Chris, will you merge BUG #4425 with this one. I had filed that bug report to outline the same problem that you have ... Sam Bernard
10:57 AM Revision 153613e3: Handle reverse lookup domain overrides
that match exactly a whole block of private address space.
e.g. if the user has checked "Do not forward private rever... Phil Davis
09:58 AM Feature #3933: Limiter burst doesn't have any effect
Would a bounty help with this? Web Dawg
08:48 AM Revision 6777fc3b: diag_arp allow underscore in resolved host names
is_hostname() and is_domain() allow underscore in the names. So it is possible to have underscore in host names, for ... Phil Davis
07:58 AM Revision 90d1d8cf: Don't hard code harden-referral-path. It defaults to no, so no behavior change, and that setting is unlikely to ever become a default. This allows users to configure an override to enable this option if desired. part of Ticket #4399
Chris Buechler
07:57 AM Revision 559c8d3d: Don't hard code harden-referral-path. It defaults to no, so no behavior change, and that setting is unlikely to ever become a default. This allows users to configure an override to enable this option if desired. part of Ticket #4399
Chris Buechler
07:26 AM Bug #4440 (Rejected): CARP does not Sync IP Alais to Backup firewall
Duplicate of #4439 Jim Pingle
07:04 AM Bug #4440 (Rejected): CARP does not Sync IP Alais to Backup firewall
I have a working 2 FW CARP setup with pfSense 2.2 and a /28 subnet of available ip addresses.
The Virtual IP Alias... Glen Arason
07:25 AM Bug #4439 (Rejected): CARP does not Sync IP Alais to Backup firewall
The VIP types that are supposed to sync work properly: CARP VIPs, IP Aliases *using a CARP VIP as their parent interf... Jim Pingle
07:02 AM Bug #4439 (Rejected): CARP does not Sync IP Alais to Backup firewall
I have a working 2 FW CARP setup with pfSense 2.2 and a /28 subnet of available ip addresses.
The Virtual IP Alias... Glen Arason
06:40 AM pfSense Packages Bug #4198 (Resolved): lightsquid doesn't work, perl is missing
Jim Pingle
05:29 AM pfSense Packages Bug #4198: lightsquid doesn't work, perl is missing
thanks Jim! I think we can close this ticket.. I didn't report this, but the only issue now with the package is with ... Cino .
06:39 AM Revision 7b404fde: Add GUI control for MOBIKE. Hide it when IKEv1 selected. Enable toggling of NAT-T field display so it's on for IKEv1, off for IKEv2. Do same for reauth while here. Ticket #3979
Chris Buechler
06:38 AM Revision 065e78b3: Add GUI control for MOBIKE. Hide it when IKEv1 selected. Enable toggling of NAT-T field display so it's on for IKEv1, off for IKEv2. Do same for reauth while here. Ticket #3979
Chris Buechler
06:37 AM Bug #4437 (Closed): FreeBSD Kernel RNG Broken
The broken code never made it into any -RELEASE. pfSense is based on 10.1-RELEASE, so no it's not affected. Jim Pingle
02:20 AM Bug #4437: FreeBSD Kernel RNG Broken
No. https://lists.freebsd.org/pipermail/freebsd-current/2015-February/054581.html Kill Bill
01:02 AM Bug #4437 (Closed): FreeBSD Kernel RNG Broken
Is pfsense of this serious vulnerability affected?
https://lists.freebsd.org/pipermail/freebsd-current/2015-February... Andreas Walther
04:32 AM Revision cfda8861: Wait a bit after sending a TERM to syslogd as in some instances it can take too long to stop, and it fails to restart because it's still running at that point. Add a KILL in case it's still running after that. Ticket #4393
Chris Buechler
04:30 AM Revision 209ba3aa: Wait a bit after sending a TERM to syslogd as in some instances it can take too long to stop, and it fails to restart because it's still running at that point. Add a KILL in case it's still running after that. Ticket #4393
Chris Buechler
01:59 AM Feature #4399: Expose more of the DNSSEC-related hardening options in the GUI
I removed harden-referral-path from the default config, so you can enable it as an advanced option if wanted. Chris Buechler
01:53 AM Bug #4429 (Closed): Problem with radvd(8) SLAAC packets autoconfiguring client IPv6 routes
Thanks for the follow up. SLAAC requires a /64, which is why. The RAs are correct. Not a bug.
though we could imp... Chris Buechler
01:02 AM Feature #4205 (Resolved): unbound config option missing
works Chris Buechler
12:39 AM Bug #3979 (Feedback): 2.2 IPsec NAT-T / MOBIKE IKEv2 control
this should all be addressed now, needs review and further testing. Chris Buechler

02/17/2015

11:43 PM Bug #4300 (Resolved): Can not enter outbound NAT destination port range
fixed Chris Buechler
11:40 PM Bug #4210: Bring back a FTP proxy
In a completely default config, passive FTP clients will work fine. The default LAN rule permits what's necessary.
... Chris Buechler
11:37 PM Bug #4210: Bring back a FTP proxy
Chris Buechler wrote:
> check out the info here:
> https://doc.pfsense.org/index.php/FTP_without_a_Proxy
>
> it... Reqlez Guy
11:35 PM Bug #4210: Bring back a FTP proxy
Chris Buechler wrote:
> check out the info here:
> https://doc.pfsense.org/index.php/FTP_without_a_Proxy
>
> it... Reqlez Guy
11:31 PM Bug #4210 (Confirmed): Bring back a FTP proxy
check out the info here:
https://doc.pfsense.org/index.php/FTP_without_a_Proxy
it's always possible to support p... Chris Buechler
11:27 PM Bug #4210: Bring back a FTP proxy
Interesting because i'm getting reports from vendors who refuse to change away from FTP that PASV mode is not working... Reqlez Guy
11:35 PM Bug #4349 (Resolved): Generating IPsec entries with the option similar to this one causes bad ipsec configuration
fixed Chris Buechler
11:24 PM Bug #3395 (Resolved): DHCPv6 client pass rules need to come before bogons
thanks for confirming. Chris Buechler
10:30 PM Bug #4393 (Feedback): syslogd stops and fails to restart during boot in some cases
every circumstance I could replicate is fixed by what I just pushed. Chris Buechler
02:45 PM Bug #4393: syslogd stops and fails to restart during boot in some cases
I still can't seem to reproduce it here even with a "bad" set of logs and similar settings. There must be some other ... Jim Pingle
05:20 PM Revision 31495068: Three minor improvements to IP functions
1) Most is_ip***() functions can return 4 or 6 to indicate type of IP, for benefit of calling code (both evaluate to ... Stilez y
01:38 PM Feature #4366: Namecheap Dynamic DNS updates fail on subdomain formatted domains
A few more pieces of information
In this scenario, the subdomain is being pointed at namecheap's dynamic DNS not t... Trel S
10:19 AM Bug #4429: Problem with radvd(8) SLAAC packets autoconfiguring client IPv6 routes
In fact, the SLAAC logic in pfSense 2.2 *seems to be okay.* If an interface is configured with flawed Ipv6 notation l... Mich MSvB
12:34 AM Bug #4429: Problem with radvd(8) SLAAC packets autoconfiguring client IPv6 routes
can you send me a pcap containing one of the RAs? Email to me cmb at pfsense.org referencing this ticket # if you don... Chris Buechler
04:13 AM Bug #4310: Limiters + HA results in hangs on secondary
Ermal Luçi wrote:
> Patch committed.
Can you post a link to the patch Vitaliy Isarev
04:13 AM Revision 71383901: Do not request prefix delegation if no tracking interfaces are setup to
use it. Ticket #4436 k-paulius
01:01 AM Bug #4428: Setting media option on em(4) leads to infinite link cycling
It is not. No special functionality (vlan, lagg/lacp, or bridging) is enabled on any interfaces in the system. Nash Kaminski
12:55 AM Bug #4428: Setting media option on em(4) leads to infinite link cycling
Is that interface part of a bridge, or lagg or anything? Chris Buechler
12:58 AM Bug #4371 (Confirmed): Re-enable suhosin
Chris Buechler
12:40 AM Bug #4436 (Confirmed): dhcp6c requests prefix delegation when no tracking interfaces are configured
this can be worse than it might seem at a glance, as if you don't get a PD assignment, it'll keep retrying over and o... Chris Buechler

02/16/2015

10:23 PM Bug #4436: dhcp6c requests prefix delegation when no tracking interfaces are configured
Submitted pull request: https://github.com/pfsense/pfsense/pull/1495 Paul K
10:05 PM Bug #4436 (Resolved): dhcp6c requests prefix delegation when no tracking interfaces are configured
When interface with DHCPv6 has 'DHCPv6 Prefix Delegation size' set and no interfaces are setup to track it, pfSense g... Paul K
09:17 PM Bug #4341: strongSwan fails to re-attach dynamic IPs where interfaces_use specified
Updated subject should be accurate of specific issue. Removing interfaces_use from strongswan.conf makes the problem ... Chris Buechler
08:50 PM Bug #4341 (Confirmed): strongSwan fails to re-attach dynamic IPs where interfaces_use specified
Found a scenario where this is replicable with PPPoE.
1) setup IPsec bound to a PPPoE WAN, with no keepalive defi... Chris Buechler
03:46 PM Bug #3395: DHCPv6 client pass rules need to come before bogons
Tested the patch on v2.2. Rules are now appearing in the correct order and DHCPv6 messages are not getting blocked.
... Paul K
02:10 PM Feature #4179: Driver oce is missing from 2.2 RC
When I load the module, using kldload, I got the following output:
oce0: <Emulex CNA NIC function:///10.0.664.0///... Mathieu FRAPPIER
05:31 AM Revision e2caaee8: Fixing issues with NTP RRD graph state changes
- only call enable_rrd_graphing() after $config['ntpd']['statsgraph']
is set
- fix if condition; empty and isset ... k-paulius
04:49 AM Bug #4371: Re-enable suhosin
I don't think this is done exactly right...... Kill Bill
12:25 AM Bug #4435: Invalid increment in DHCP6 server address range check
Pull request for fix here: https://github.com/pfsense/pfsense/pull/1478 Daniel Becker
12:25 AM Bug #4435: Invalid increment in DHCP6 server address range check
Note that this is actually matches the behavior of the range checks that services_dhcpv6.php performs: The actual che... Daniel Becker
12:24 AM Bug #4435 (Resolved): Invalid increment in DHCP6 server address range check
When computing the start IP for the 'available range' field, services_dhcpv6.php attempts to increment a colon-format... Daniel Becker
12:12 AM Bug #4434: Enabling NTP graphs does not take effect right away
Pull request https://github.com/pfsense/pfsense/pull/1494 Paul K
12:00 AM Bug #4434 (Resolved): Enabling NTP graphs does not take effect right away
When enabling NTP RRD graphs nothing happens first time NTP page is submitted.
Graphs are enabled if page is submi... Paul K

02/15/2015

11:12 PM Bug #4175: kernel panic when loading run driver for RT3070
Had time to load stock FreeBSD 10.1 and the wireless interface worked. Also updated to 2.2-RELEASE and still experien... William Eshagh
09:54 PM Bug #4433: DHCP6 only pushes name server info to tracked interfaces if delegation prefix length is less than /64
Pull request for fix: https://github.com/pfsense/pfsense/pull/1476 Daniel Becker
09:54 PM Bug #4433 (Resolved): DHCP6 only pushes name server info to tracked interfaces if delegation prefix length is less than /64
The auto-generated DHCP6 configuration for tracking interfaces only includes a v6 name server if there are additional... Daniel Becker
09:49 PM Bug #4432: Net_IPv6::compress() does not properly handle all-zeroes address
Pull request for fix: https://github.com/pfsense/pfsense/pull/1477 Daniel Becker
09:48 PM Bug #4432 (Resolved): Net_IPv6::compress() does not properly handle all-zeroes address
Net_IPv6::compress produces an empty string when compressing the all-zeros address, rather than the expected output o... Daniel Becker
04:32 PM Bug #4429: Problem with radvd(8) SLAAC packets autoconfiguring client IPv6 routes
Yes, I'm getting a *single* RA from pfSense to ip6-allnodes which results in a correct IPv6 route in the Ubuntu clien... Mich MSvB
12:49 PM Bug #4429 (Feedback): Problem with radvd(8) SLAAC packets autoconfiguring client IPv6 routes
This works in general. You're getting RAs, which seem fine at a basic level at least though contents of the RA not sh... Chris Buechler
08:40 AM Bug #4429: Problem with radvd(8) SLAAC packets autoconfiguring client IPv6 routes
h1. Additional info
h2. Bogons
My *Interfaces: LAN* 'Private networks' section contains _Block private networks... Mich MSvB
07:13 AM Bug #4429 (Closed): Problem with radvd(8) SLAAC packets autoconfiguring client IPv6 routes
In the last release 2.1.5, stateless address autoconfiguration (SLAAC) was working correctly. After updating to 2.2 m... Mich MSvB
03:29 PM Revision 8f5352df: carp, don't show status icon from previous carp ip in case the ip is not present on the interface (test with ifconfig em0 1.2.3.4 delete)
Pi Ba
02:12 PM Bug #4431 (Duplicate): Bandwidth not reported correctly in "Status: Traffic shaper: Queues"
I'm running pfSense version 2.2 on an Alix 2d2 board. The reported bandwidth under the queues status page is incorre... Jocelyn Le Sage
01:23 PM Bug #4395 (Resolved): /etc/hosts doesn't contain any local IPv6 addresses
fixed Chris Buechler
11:02 AM Bug #4392: OpenVPN daemon crashing with ath(4) card installed
I just had this happen again. I have noticed that this appeared again in the logs.
Feb 15 11:57:57 kernel: sonewc... Adam Esslinger
08:03 AM Bug #4430 (Closed): pppoe configuration can not be removed from WAN interface.
When WAN interface is set as pppoe it can not be changed to DHCP or NONE.
First time, the web interface tells to a... Martin Labbe

02/14/2015

09:27 PM Bug #4428 (Confirmed): Setting media option on em(4) leads to infinite link cycling
If the media or mediaopt config option is set, an infinite link cycling loop results since the link cycles when ifcon... Nash Kaminski
06:39 PM Bug #4427 (Resolved): Traffic Shaper Wizard still having issues
I just upgraded to the latest 2.2 snapshot from Feb 13 in hopes of getting past the already documented traffic shapin... Marco Novielli
06:26 PM Bug #4307 (Closed): bacula-fd configuration is mangled
Thanks for the feedback, I'll close this out.
If you have any ideas on how to simplify the GUI for this to make it... Jim Pingle
06:03 PM Bug #4307: bacula-fd configuration is mangled
This is fixed for me. Thank you. Dan Langille
04:20 PM Bug #4367 (Resolved): Incorrect rrset-cache-size in unbound.conf
fixed Chris Buechler
04:05 PM Bug #4418 (Confirmed): IPsec mobile clients - bogus "p" appended to search domain
It changes the weird character OS X shows at the end in its system.log, but otherwise unchanged and still wrong. Now ... Chris Buechler
03:56 PM Bug #4393 (Confirmed): syslogd stops and fails to restart during boot in some cases
I added a tgz of /var/log from a system exhibiting the problem to projects/ticket-files/
Chris Buechler
07:38 AM Bug #4393: syslogd stops and fails to restart during boot in some cases
I received it, but it may be Tuesday before I have a chance to look at the logs. Jim Pingle
07:26 AM Bug #4393: syslogd stops and fails to restart during boot in some cases
I sent you an email yesterday with the logs (9MB). Did you get the email? Adam Esslinger
11:37 AM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot
I misunderstood JimP's earlier comment, running 'sysctl -a' won't panic it in the way enabling SNMP will. Chris Buechler
08:20 AM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot
Same for me during the upgrade from 2.1.5 (amd64) to 2.2 (amd64) on a APU.1C4 (4 GB).
Retried it successfully with a... Marcel Janicki
04:03 AM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot
I just started to test what combinations of hardware let this crash happen, but the command "systcl -a" is not crashi... Andreas Walther
06:38 AM pfSense Packages Bug #4415: wrong start script in nrpe2 within 64bit installation
Since 2.12_4 v2.2_4 this bug is also in i386. Manfred Bongard
01:06 AM Feature #4179: Driver oce is missing from 2.2 RC
@Matthieu: We copied it over from FreeBSD 10.1 release and added oce_load="YES" to /boot/loader.conf, worked as expec... Christoph Erdle

02/13/2015

11:02 PM Todo #4353: Review IPsec reloading when strongswan.conf is changed
I reported a bug 4425 which I'm thinking might be related to this. Let me know if you need any logs from me.
Sam Sam Bernard
11:01 PM Bug #4425: IPSEC /Strongswan Fails to Detect IP address Change

Just wondering if this could be related to Bug 4353. Sam Bernard
08:13 PM Bug #4425 (Closed): IPSEC /Strongswan Fails to Detect IP address Change
Whats we saw was that 2.2 had no issue bringing up the tunnel but once the tunnels were up they were unstable and if ... Sam Bernard
10:33 PM Feature #4354: Allow dpinger to ping more than one destination for a gateway.
This would be an amazing enhancement! My only comment would be if you're going to enhance the engine to support multi... → luckman212
10:08 PM Feature #4179: Driver oce is missing from 2.2 RC
@Christoph: Can you explain where od you get the file and how exactly do you load it ? Mathieu FRAPPIER
09:26 PM pfSense Packages Bug #4426 (Resolved): NUT fails to start or restart until NUT's settings are (re)saved
Since updating NUT to 2.6.5_1 pkg/2.0.4, I'm finding that NUT won't start on a pfSense reboot. Pressing a "restart s... B. Derman
08:28 PM Revision cc94ea50: Unobsolete libpcre.so.1
Renato Botelho
08:28 PM Revision 3b7f8f83: Unobsolete libpcre.so.1
Renato Botelho
06:27 PM Revision d72e936f: Merge pull request #1484 from phil-davis/more-text-typos
Renato Botelho
06:24 PM Revision 3ddc5d1a: Update fbegin.inc - Missing '/' in path
Found this issue in conjunction with user Digdug3 BBcan177 .
06:24 PM Revision 49fa70a2: Merge pull request #1485 from BBcan177/patch-1
Renato Botelho
04:45 PM Bug #4310: Limiters + HA results in hangs on secondary
Hi, I have the same issue. I tried to update to the latest maintance version, but receive error after upgrade: "shar... Vitaliy Isarev
04:04 PM Bug #4328: Some symlinks not updated by full update
Well, all I can say is that this is definitely not fixed. Tested with 2.2.1-DEVELOPMENT-i386-20150213-1429 snapshot.
... Kill Bill
03:06 PM Bug #4393: syslogd stops and fails to restart during boot in some cases
If you have made an archive of the logs you can post them on a site like Google Drive or Dropbox and PM me the URL on... Jim Pingle
11:11 AM Bug #4393: syslogd stops and fails to restart during boot in some cases
I just had this happen again after rebooting my box from Bug #4392. How can I email you the logs? Adam Esslinger
12:53 PM pfSense Packages Bug #4410: pfBlockerNG adding commented IPs
Hi Ryan, my PR for pfBNG *v1.04* was merged. Please let me know if that fixes your issue.
There is a "pfBlockerNG" t... BBcan177 .
11:32 AM Revision fc06d8ea: Surrond the some mobile clients attributes with " ( quote ) to help the strongswan parser identify properly the values. Ticket #4418
Ermal Luçi
11:31 AM Revision d17ad7f5: Surrond the some mobile clients attributes with " ( quote ) to help the strongswan parser identify properly the values. Ticket #4418
Ermal Luçi
11:21 AM Bug #4424 (Closed): Adding and removing shaper repeatedly causing interface crash
Since at least one other user confirmed that, filing the bug here - relevant forum thread: https://forum.pfsense.org/... Kill Bill
10:17 AM Bug #4392: OpenVPN daemon crashing with ath(4) card installed
I just had this happen again..Here is what I'm seeing. The Service status dashboard shows the Daemon is running, but... Adam Esslinger
06:19 AM Revision e2d0aee8: force minimum 100000 byte log file size. Some have been confused thinking this is KB, in some cases causing problems. This should help, and there shouldn't be a need for logs smaller than that.
Chris Buechler
06:17 AM Revision 47d3f94a: force minimum 100000 byte log file size. Some have been confused thinking this is KB, in some cases causing problems. This should help, and there shouldn't be a need for logs smaller than that.
Chris Buechler
05:49 AM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic
Ok thank you i think i know where the issue is now.
I will update here when the issue is fixed but will need a ker... Ermal Luçi
05:30 AM Bug #4418 (Feedback): IPsec mobile clients - bogus "p" appended to search domain
I pushed a commit since this seems relevant only during parsing time of the options.
Can anyone re-producing this ... Ermal Luçi
12:34 AM Bug #4418: IPsec mobile clients - bogus "p" appended to search domain
the symbol at the end that OS X's logs show doesn't copy/paste, attached screenshot. Chris Buechler
05:20 AM Bug #4422: /etc/rc.initial doesn't handle -c parameters
If you go to GitHub at https://github.com/pfsense/pfsense and make the edit online there, then submit a pull request,... Phillip Davis
04:46 AM Bug #4422 (Resolved): /etc/rc.initial doesn't handle -c parameters
/etc/rc.initial fails to handle parameters passed to it using -c. As a result, SFTP against the internal SSH server f... David Wood
05:11 AM Bug #4423 (Resolved): NTP RRD graphing fails to recognise that offset can be negative
The definition of the offset date source in /etc/inc/rrd.inc fails to recognise that offset can be negative, meaning ... David Wood
03:07 AM pfSense Packages Bug #4419: fatal: open /etc/aliases: No such file or directory
Update: My Postfix Forwarder version: 2.11.3_2 pkg v.2.4.1. NewTo You
02:43 AM pfSense Packages Bug #4419 (Resolved): fatal: open /etc/aliases: No such file or directory
I get this error in maillog:... NewTo You
03:06 AM pfSense Packages Bug #4420: warning: bad command startup -- throttling
Update: My Postfix Forwarder version: 2.11.3_2 pkg v.2.4.1. NewTo You
02:49 AM pfSense Packages Bug #4420 (Resolved): warning: bad command startup -- throttling
I get this error in maillog:... NewTo You
03:02 AM pfSense Packages Bug #4421 (Duplicate): Apache reserve proxy, location must specify Site Path, Backend Path or get http 503 error
Just want to report that I must specify Site Path, Backend Path to '/' instead of leaving blank to use '/' as suggest... NewTo You
02:47 AM Bug #4414: pfsense on amd64 Thinclient Futro S550 // 2.1.5 // 2.2
Hello Chris,
thanks for your reply
i added a dmesg dump of 2.1.5
I hope you find the bug.
thanks Tom
www_l... tom stern

02/12/2015

09:54 PM Revision f742c43e: Update fbegin.inc - Missing '/' in path
Found this issue in conjunction with user Digdug3 BBcan177 .
05:13 PM Bug #3290: IPV6 conectivity not restored after cablemodem reset
An update... had some maintenance last night... while my LAN prefix appears to have been restored following everythin... Anonymous
04:33 PM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic
I also increased the limiter to 700Mb, higher than throughput without limiter and it worked without issue, got the no... Travis Kreikemeier
04:27 PM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic
Finally able to get around to building a VM lab for this. Here is what I have found.
* Appears to only be an issue... Travis Kreikemeier
01:58 PM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic
Can you do another test to have full information?
Do the usual breaking test you have reported and show the output... Ermal Luçi
04:26 PM Bug #4418 (Confirmed): IPsec mobile clients - bogus "p" appended to search domain
it's more than just a p, it ends up with some weird character after the p as well. I've already dug into this a bit b... Chris Buechler
04:22 PM Bug #4418 (Resolved): IPsec mobile clients - bogus "p" appended to search domain
At least 4 reports of this on the forum:
https://forum.pfsense.org/index.php?topic=88631.0
https://forum.pfsense.or... Kill Bill
04:24 PM Revision b95a4d8a: Set srctrack separate from this test or the value won't save unless the sticky box status also changed.
Jim Pingle
04:24 PM Revision 1ac99c4e: Set srctrack separate from this test or the value won't save unless the sticky box status also changed.
Jim Pingle
04:11 PM Bug #4131: CP RADIUS accounting not working
Still having this issue on a machine updated from 2.1.5 to 2.2.
Prior to upgrading, the setup did work, although the... Mikael K
03:16 PM pfSense Packages Bug #4417 (Resolved): Ruleset link for GPLv2 Community rules on Categories tab is incorrect
If you're on the Categories tab and have enabled "GPLv2 Community Rules (VRT certified)", the hyperlink assigned to i... Ryan .
02:42 PM Bug #4276 (Confirmed): Layer 7 not working / ipfw-classifyd high load
Pretty simple to reproduce
* Add a layer 7 container, for example, to block bittorrent
* Apply the layer 7 contai... Jim Pingle
02:41 PM Bug #4416 (Closed): Layer 7 is broken and will not pass traffic on 2.2
Duplicate of #4276 Jim Pingle
02:03 PM Bug #4416 (Confirmed): Layer 7 is broken and will not pass traffic on 2.2
Jim Pingle
02:02 PM Bug #4416 (Closed): Layer 7 is broken and will not pass traffic on 2.2
Using a basic test case, Layer 7 is not functional on 2.2:
* Add a layer 7 container, for example, to block bittorre... Jim Pingle
02:38 PM pfSense Packages Bug #4410: pfBlockerNG adding commented IPs
Great! I'll try it out once it's released.
Thanks Ryan .
01:45 PM Bug #4414 (Rejected): pfsense on amd64 Thinclient Futro S550 // 2.1.5 // 2.2
hardware-specific problem, replicate on stock FreeBSD 10.1 and report upstream. Chris Buechler
01:44 PM Bug #4414: pfsense on amd64 Thinclient Futro S550 // 2.1.5 // 2.2
This is not a supported platform.
Try booting stock freebsd 10.1 off a USB stick.
Also post the full verbose kernel... Jeremy Porter
01:19 PM Bug #4414: pfsense on amd64 Thinclient Futro S550 // 2.1.5 // 2.2
dmesg.txt added tom stern
05:56 AM Bug #4414 (Rejected): pfsense on amd64 Thinclient Futro S550 // 2.1.5 // 2.2
Hello@All
on my labs firewalls (Thinclient Futro S550 /amd64/1GB/CF-Card-4G)
--2.1.5 will only boot "headless" ... tom stern
01:27 PM Bug #2526 (Feedback): Limiter appears to break IPv6 connectivity
A patch has been pushed which will fix limiters with ipv6. Ermal Luçi
11:34 AM pfSense Packages Bug #4415 (Resolved): wrong start script in nrpe2 within 64bit installation
After Update to 2.12_4 v2.2_3 service does not start any more.
Log: root: /usr/local/etc/rc.d/nrpe2.sh: WARNING: r... Manfred Bongard
10:44 AM Revision a9982b43: Unobsolete crypto tools and athstats, ticket #4239
Renato Botelho
10:44 AM Revision 0a81c3ab: Unobsolete crypto tools and athstats, ticket #4239
Renato Botelho
09:33 AM Bug #4266: Rekeying issues with IKEv1 and multiple P2s under some circumstances
Some people have reported that this happens only if prefer oldsa setting is enabled. Ermal Luçi
09:22 AM Bug #4402: Unbound: enable harden-glue by default and/or apply patch
Thanks for the fixes !
On this topic, Unbound 1.5.2rc1 has just been released, and final may then be ready before... Olivier Müller
04:44 AM Bug #4239 (Feedback): athstats, cryptostats, cryptotest missing from 2.2 builds
Build was fixed and all binaries removed from obsolete list Renato Botelho
04:29 AM Revision d4a18f13: Merge branch 'RELENG_2_2' of git.pfmechanics.com:pfsense/pfsense into RELENG_2_2
Chris Buechler
04:28 AM Revision 0f31e918: get rid of wizards/initial/ images that were never used
Chris Buechler
04:28 AM Revision 6972f14e: get rid of wizards/initial/ images that were never used
Chris Buechler
03:06 AM Feature #4413 (Duplicate): Vendor specific option spaces
It would be nice to have a possibility to specify subject. Dmitriy K
12:14 AM pfSense Packages Bug #4324: HAproxy and SSL client certificate validation
I tested the latest version (had an IPv6 connectivity problem with the packages repository), it works as intended.
... Stéphane Lapie

02/11/2015

11:00 PM Revision 377b1faa: DHCPv6 client rules MUST come before bogons. Add a comment that hopefully
sticks out so this stops getting broken. Ticket #3395 Chris Buechler
10:59 PM Revision 274a531a: DHCPv6 client rules MUST come before bogons. Add a comment that hopefully
sticks out so this stops getting broken. Ticket #3395 Chris Buechler
09:20 PM pfSense Packages Bug #4410: pfBlockerNG adding commented IPs
@Ryan. Thanks for the Bug report. I haven't seen a Comment line with an IP in it before. The fix for this bug is in m... BBcan177 .
12:08 PM pfSense Packages Bug #4410 (Resolved): pfBlockerNG adding commented IPs
We have a list provider that requires our IP be passed as a variable in the query (e.g. http://example.com/list.php?i... Ryan .
08:18 PM Revision eaa89cc6: Ticket #4390 Return only the subnet bits not the full network in cidr format.
Ermal Luçi
08:17 PM Revision 810b36ac: Fixes #4390 Properly return the vip subnet now that the CARP might not match its parent interface subnet.
Ermal Luçi
07:34 PM Revision 1c4c5ed2: Remove dead code and unset vars so next time the code works properly avoiding cache issues.
Ermal Luçi
07:34 PM Revision 657932fd: Remove dead code and unset vars so next time the code works properly avoiding cache issues.
Ermal Luçi
07:29 PM Revision b65de558: Fixes #4389 The VIP interfaces cannot be assigned since they are just an identification of the VIP for tracking. Consider that when configuring gif/gre. Also on bridges you cannot set a vip interface as its member.
Ermal Luçi
07:26 PM Revision 2de650f6: Fixes #4389 The VIP interfaces cannot be assigned since they are just an identification of the VIP for tracking. Consider that when configuring gif/gre. Also on bridges you cannot set a vip interface as its member.
Ermal Luçi
07:20 PM Bug #4379: Remove CGN (RFC6598) address space from "private networks"
it's only unusable where you need to allow traffic into WAN that's sourced from CGN space. Which in nearly all cases ... Chris Buechler
07:00 PM pfSense Packages Bug #4412 (Not a Bug): squid reverse proxy
when I try to activate the squid reverse proxy reports an error and when I modify sysctl returns or null or invalid s... alberto alcala pinto
05:00 PM Bug #3395 (Feedback): DHCPv6 client pass rules need to come before bogons
Indeed. Fixed again, and added a comment that will hopefully prevent this from ever getting broken again. Chris Buechler
04:21 PM Bug #4398: Userlist - No sorting anymore
note the sort is there if you have 1 user only, disappears with > 1. I'm sure Phil's right on that. Moving to 2.2.2 s... Chris Buechler
04:20 PM Bug #4398 (Confirmed): Userlist - No sorting anymore
Chris Buechler
04:12 PM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot
Chris Buechler wrote:
> Andreas: could you do some experimentation with your combination of hardware? See if it's th... Andreas Walther
03:56 PM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot
the only scenario we've been able to replicate is with no SD card installed. It's easily replicable by just removing ... Chris Buechler
03:46 PM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot
I don't have an SD card in, but I do have a Mini-PCIe wireless card. Jim Pingle
03:41 PM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot
Well the first crash after update from 2.1 to 2.2 was with a sd card as the disk and a mini pcie 3g modem installed.
... Andreas Walther
02:57 PM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot
... Jim Pingle
02:49 PM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot
does sysctl hw.bus return a result? Ermal Luçi
12:41 PM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot
I can reproduce it on my APU now as well. Fresh install on mSATA, no SD card inserted, using the factory image.
Seem... Jim Pingle
04:04 PM Bug #4404 (Rejected): Fatal error when enabling IPSec
not a bug.
source is available here:
https://github.com/pfsense/pfsense Chris Buechler
06:24 AM Bug #4404: Fatal error when enabling IPSec
Do you have a link to a stock util.inc, so I can compare ?
The file i patched, I need to have several subnets in D... Lars Juul
01:19 AM Bug #4404 (Feedback): Fatal error when enabling IPSec
you're missing, or have a broken, /etc/inc/util.inc file. The installer can't forget files (and if anything as critic... Chris Buechler
04:01 PM Bug #4407 (Rejected): unbound advanced settings broken
nothing is broken, just have to put things in correctly. added #4411 to add input validation at some point to prevent... Chris Buechler
06:03 AM Bug #4407: unbound advanced settings broken
Kill Bill wrote:
>
> The server: clause is not the place for different kind of things, like the stub zone and forw... Andreas Pflug
06:03 AM Bug #4407: unbound advanced settings broken
Can we please append a link to unbound.conf(5) manpage (https://www.unbound.net/documentation/unbound.conf.html) with... Kill Bill
05:52 AM Bug #4407: unbound advanced settings broken
Andreas Pflug wrote:
> Moving the custom option generation as suggested would make any option appear under the serve... Kill Bill
05:12 AM Bug #4407: unbound advanced settings broken
Kill Bill wrote:
> What advanced settings? This is just not true in general. Prefix the custom options with server: ... Andreas Pflug
05:01 AM Bug #4407: unbound advanced settings broken
In my case, I need *do-not-query-localhost: no* set.
 Andreas Pflug
04:51 AM Bug #4407: unbound advanced settings broken
What advanced settings? This is just not true in general. Prefix the custom options with server: as noted on the bug ... Kill Bill
03:25 AM Bug #4407: unbound advanced settings broken
If you have a patch change that works, it will be very easy for the devs if you make the edit at https://github.com/p... Phillip Davis
03:02 AM Bug #4407 (Rejected): unbound advanced settings broken
Same symptom as https://redmine.pfsense.org/issues/4090, but a different reason:
When domain overrides are set, an... Andreas Pflug
04:00 PM Feature #4411 (Resolved): add validation of Unbound advanced configuration
Something similar to dnsmasq's advanced config validation would be helpful for Unbound, to prevent users from creatin... Chris Buechler
02:51 PM Bug #4178: IPsec leftsubnet changed to 0.0.0.0 with Cisco unity plugin active
Probably that was because the strongswan setting was not being propagated to the plugin.
Now that strongswan was upd... Ermal Luçi
02:35 PM Bug #4389: gif0 tunnel for ipv6 using a carp-ip to the outside world stops working upon reboots and some config changes
Copied interfaces.inc and system.inc to my 2.2 box and seems to work alright now..
Without daily snapshots online,... Pi Ba
01:30 PM Bug #4389: gif0 tunnel for ipv6 using a carp-ip to the outside world stops working upon reboots and some config changes
Applied in changeset commit:b65de5585bb7bffe06750c712b399cd4da10052c. Ermal Luçi
01:30 PM Bug #4389: gif0 tunnel for ipv6 using a carp-ip to the outside world stops working upon reboots and some config changes
Applied in changeset commit:2de650f6117f4b80c3db4f9b46ad83d75d5b9130. Ermal Luçi
01:28 PM Bug #4389 (Feedback): gif0 tunnel for ipv6 using a carp-ip to the outside world stops working upon reboots and some config changes
Ok should be fixed by the commit i pushed.
Can you please confirm as well?
This seems to be a bug since 2.1++ Ermal Luçi
02:30 PM Bug #4390: Cannot create an IP alias on a CARP interface where the actual Interface address is in a different network
Applied in changeset commit:810b36ac0c363c21ea2f1b963f2c1be142fc59a2. Ermal Luçi
02:17 PM Bug #4390 (Feedback): Cannot create an IP alias on a CARP interface where the actual Interface address is in a different network
It behaves correctly with the applied patch. Ermal Luçi
09:46 AM pfSense Packages Bug #4409 (Resolved): Tincd not starting on pfSense 2.2
Hello,
i had troubles getting tinc daemon to work in 2.2, after some investigation I had to do:
ln -s /usr/loc... Raimund Sacherer
09:12 AM Revision 01c155f2: Random text typos
and I "corrected" function names that had "_choosen_" in them.
That is not technically an error - function names do n... Phil Davis
09:04 AM Revision 302cb96e: Check if notification is disabled
in send_smtp_message()
Other packages like arpwatch sm.php and cron job output as reported in forum https://forum.pfs... Phil Davis
09:04 AM Revision 33649526: Merge pull request #1480 from phil-davis/patch-1
Renato Botelho
09:02 AM Revision 1444c08e: Random text typos
that I noticed. Phil Davis
09:01 AM Revision c70002be: Merge pull request #1482 from phil-davis/CP-text-typos
Renato Botelho
09:00 AM Revision 4ab7f8f4: Fix typo in class in bridge edit
Fixing this makes nice little pencil icons appear in front of the text
entry fields. Phil Davis
09:00 AM Revision ef8182ca: Merge pull request #1483 from phil-davis/formfld-unknown
Renato Botelho
08:59 AM Revision 079b0e20: Remove unset variable, spotted by phil-davis
Renato Botelho
08:59 AM Revision 5132312f: Remove unset variable, spotted by phil-davis
Renato Botelho
08:34 AM Bug #4408: Changes to DHCP-services crashes GUI and DHCP daemon when many leases are in use
If I disable DHCP failover everything works perfectly. Lars Jorgensen
08:22 AM Bug #4408 (Closed): Changes to DHCP-services crashes GUI and DHCP daemon when many leases are in use
I have the DHCP service running on five interfaces and a good amount of leases (I would guess around 1,000 or more at... Lars Jorgensen
07:45 AM Revision b3aacd59: rrset-cache-size should == 2 * msg-cache-size. Ticket #4367
Chris Buechler
07:44 AM pfSense Packages Bug #4198: lightsquid doesn't work, perl is missing
I saw that yesterday, thank you! Cino .
07:42 AM pfSense Packages Bug #4198 (Feedback): lightsquid doesn't work, perl is missing
I pushed a fix for this yesterday. Perl is there but the package couldn't find it. Works for me now in testing. Jim Pingle
07:43 AM Revision 2597415b: rrset-cache-size should == 2 * msg-cache-size. Ticket #4367
Chris Buechler
07:28 AM Revision 0c6db320: Fix typo in class in bridge edit
Fixing this makes nice little pencil icons appear in front of the text
entry fields. Phil Davis
07:14 AM Revision 24cbfd5a: Check if Unbound is enabled and using the same port before allowing dnsmasq to be enabled. part of Ticket #4332
Chris Buechler
07:13 AM Revision 06e847a7: Check if Unbound is enabled and using the same port before allowing dnsmasq to be enabled. part of Ticket #4332
Chris Buechler
07:07 AM Revision f416763b: Random text typos
that I noticed. Phil Davis
03:42 AM Bug #4401: remove xen netfront driver until it can handle altq
Is there a way to disable xen detection while booting?
I had to remove traffic shaping from my local pfsense and now... Grischa Zengel
03:21 AM Bug #4401: remove xen netfront driver until it can handle altq
xn0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=3<RXCSUM,TXCSUM>
ether be:f5:19... Chris Linstruth
02:12 AM Bug #4402 (Confirmed): Unbound: enable harden-glue by default and/or apply patch
Part of this was fixed in the default config yesterday (harden-glue is now enabled by default). We'll also add config... Chris Buechler
02:10 AM Bug #4406 (Confirmed): ALTQ problems with wireless cloned interfaces
ath(4) does have ALTQ support, but its cloned interfaces end up unable to use it. ... Chris Buechler
01:57 AM Bug #4237: Error "macro IPsec not defined" once after firmware upgrade
still no other reports of this. will leave for feedback for now. Chris Buechler
01:55 AM Bug #4268 (Confirmed): changes in strongswan config don't apply to SAD or SPD
It causes a wide range of problems for people. We've already seen several people report IPsec changes not applying be... Chris Buechler
01:46 AM Bug #4367 (Feedback): Incorrect rrset-cache-size in unbound.conf
that was apparently an oversight, thanks for catching. It should be fixed with what I just committed, which sets rrse... Chris Buechler
01:29 AM Bug #4329: OpenVPN Server returns an error message while validating selfsigned certificate with a deep of 2
... Armin Tueting
01:27 AM pfSense Packages Bug #4222: Update to 2.2 RC breaks domU
Douglas Haber wrote:
> Maybe a hook should be added then in the web UI to say, "hey, Xen detected, please make sure ... Chris Buechler
12:14 AM Bug #4397 (Confirmed): MTU must be set in same ifconfig command as IP
setting the MTU before setting the IP doesn't behave any differently. The MTU must be appended to the ifconfig comman... Chris Buechler
12:05 AM Bug #4375 (Rejected): Kernel Crash
this is a hardware-specific issue of some sort, not an issue in our code. Judging by Ermal's analysis, ACPI seems lik... Chris Buechler

02/10/2015

11:57 PM Bug #4403 (Confirmed): Enabling SNMP causes kernel panic with APU with empty SD card slot
enough people have reported this that it's clearly an issue in some circumstance. I'm not sure what that circumstance... Chris Buechler
04:10 PM Bug #4403 (Resolved): Enabling SNMP causes kernel panic with APU with empty SD card slot
Hi Together,
i am not sure if this is a hardware problem, but basically i am using a PC Engines APU.1C(2GB) board ... Andreas Walther
11:04 PM Bug #4343 (Resolved): Firewall Log does not display logs for IGMP
fixed Chris Buechler
11:01 PM Bug #4318 (Resolved): gen_subnet_max returns incorrect result for 32 bit
fixed Chris Buechler
11:00 PM Bug #4308 (Closed): LAGG LACP defaults to strict mode in FreeBSD >= 10
It's best to leave as is, the upgrade and release notes describe how to work around pre-upgrade if necessary, and we'... Chris Buechler
02:34 PM Bug #4308: LAGG LACP defaults to strict mode in FreeBSD >= 10
The problem i think is that on FreeBSD 10 you have no tunnable to revert to 8.x behaviour.
That is only on HEAD. Ermal Luçi
09:07 PM Feature #4405 (In Progress): Traffic shaping doesn't work when applied to a bridge interface
Having two or more interfaces within a bridge, the traffic shaper doesn't work when applied to it. Traffic is seen on... Jorge Albarenque
08:14 PM Revision 1ee360aa: Fixes #4370 Use the curlies to not confuse php
Ermal Luçi
08:08 PM Revision 51e76899: Fixes #4370 Use the curlies to not confuse php
Ermal Luçi
07:50 PM Revision 8fa0a534: Actually fix even the openvpn auth user script with proper checks. I thought this was fixes already!
Ermal Luçi
07:50 PM Revision e85f3d1a: Actually fix even the openvpn auth user script with proper checks. I thought this was fixes already!
Ermal Luçi
07:47 PM Revision 22bca296: Fixes #4329, Fix even tls.auth script by using proper isset() test as the fixes for other authentication scripts.
Ermal Luçi
07:47 PM Revision ed56ce5a: Fixes #4329, Fix even tls.auth script by using proper isset() test as the fixes for other authentication scripts.
Ermal Luçi
07:41 PM Revision afb38815: Fixes #4397 Make mtu configuration before the ip address assignment. This fixes the issues of link routes having the wrong mtu configured on them.
Ermal Luçi
07:40 PM Revision 1ac5261f: Fixes #4397 Make mtu configuration before the ip address assignment. This fixes the issues of link routes having the wrong mtu configured on them.
Ermal Luçi
05:50 PM Revision 02376f6f: Check if notification is disabled
in send_smtp_message()
Other packages like arpwatch sm.php and cron job output as reported in forum https://forum.pfs... Phil Davis
05:20 PM Bug #4404 (Rejected): Fatal error when enabling IPSec
I have 3 boxes with pfSense 2.2 installed, and on one of them I get a fatal error when enable the checkmark "Enable I... Lars Juul
05:17 PM Bug #4389: gif0 tunnel for ipv6 using a carp-ip to the outside world stops working upon reboots and some config changes
Ok, reverted a test vm to factory defaults, then configured a simplified setup again it shows the same problem.
Sa... Pi Ba
02:21 PM Bug #4389: gif0 tunnel for ipv6 using a carp-ip to the outside world stops working upon reboots and some config changes
Can you provide your config.xml to have a way to reproduce this normally it should work as expected! Ermal Luçi
02:32 PM Bug #4401: remove xen netfront driver until it can handle altq
XN driver does not support ALTQ at all though it should not be hard to implement it.
 Ermal Luçi
06:21 AM Bug #4401 (Rejected): remove xen netfront driver until it can handle altq
Since 2.2 (freeBSD 10.1) pfsense always detect xen on booting and uses pv(hvm) drivers (xn#).
xn0 is unusable withou... Grischa Zengel
02:20 PM Bug #4370: ntpd does nothing with selected carp interfaces.
Applied in changeset commit:1ee360aaa9176d3287a7099abd47f95c4464ac23. Ermal Luçi
02:20 PM Bug #4370 (Feedback): ntpd does nothing with selected carp interfaces.
Applied in changeset commit:51e76899e66360dc9d8e35f68282c54ccd9a4759. Ermal Luçi
02:00 PM Bug #4329: OpenVPN Server returns an error message while validating selfsigned certificate with a deep of 2
Applied in changeset commit:22bca296dc3777bb872c7be460f09c3ff1177994. Ermal Luçi
02:00 PM Bug #4329: OpenVPN Server returns an error message while validating selfsigned certificate with a deep of 2
Applied in changeset commit:ed56ce5a1d12b5a065e2c375a182adc1b2d8f91d. Ermal Luçi
01:46 PM Bug #4329 (Feedback): OpenVPN Server returns an error message while validating selfsigned certificate with a deep of 2
Ok i pushed the proper fix for this.
Can you confirm it works for you as well? Ermal Luçi
01:58 PM Bug #4363 (Feedback): gpioapu causes kernel panic at boot on some hardware
gpioapu corrected to avoid comparison with NULL in strncmp. Ermal Luçi
01:50 PM Bug #4397: MTU must be set in same ifconfig command as IP
Applied in changeset commit:afb388159bc5a55d784404411ef1a7c7d22625a5. Ermal Luçi
01:50 PM Bug #4397: MTU must be set in same ifconfig command as IP
Applied in changeset commit:1ac5261fb0c96764526beb4d9928b9300094ac3e. Ermal Luçi
01:40 PM Bug #4397 (Feedback): MTU must be set in same ifconfig command as IP
I pushed a fix which make it work for me.
Can you please confirm?
Normally it is not necessary to have the mtu on... Ermal Luçi
01:41 PM Bug #4268 (Feedback): changes in strongswan config don't apply to SAD or SPD
For me this should be closed.
Setting in feedback for now. Ermal Luçi
01:02 PM Feature #3387: process_alias_urltable Frequency
rc.update_urltables accepts the parameter argv[1], and looks for the option now.
I've put in my crontab... Dave Minogue
11:39 AM Bug #2800: OpenVPN doesn't work properly with intermediate/chained CAs
Same broken behaviour in 2.2.
Adding the Root CA certificate to the Intermediate CA's certificate in System: Certi... Bernd Zeimetz
10:50 AM pfSense Packages Bug #4281 (Feedback): E-Mail Reports (mailreports package) Error With Multiple Graphs
Applied in changeset commit:b852b5cd883b3d059bc3744fc7b130531a5f20ed. Bryce Chidester
10:38 AM Bug #4393 (Feedback): syslogd stops and fails to restart during boot in some cases
I set the log file size low and ran some tests and still couldn't make it crash.
If someone else finds syslogd cra... Jim Pingle
08:13 AM Bug #4393: syslogd stops and fails to restart during boot in some cases
It looks like this fixed my issue. I had the log size set to 8192 thinking that it was in KB and realized that the f... Adam Esslinger
09:28 AM Bug #4402 (Resolved): Unbound: enable harden-glue by default and/or apply patch
DNS poisoning seems to be possible under 2.2 according to https://forum.pfsense.org/index.php?topic=87491.0.
Fix: ... Olivier Müller
09:09 AM Feature #4400: allow aliases to enter *.domain.com to block all subdomains
well one way possible would be to set domain overrides in dns resolver but the problem there is the override applies ... Bipin Chandra
08:52 AM Feature #4400 (Rejected): allow aliases to enter *.domain.com to block all subdomains
That is not possible. Entries must be resolved accurately to have their addresses placed into a table. There is no wa... Jim Pingle
05:56 AM Feature #4400 (Rejected): allow aliases to enter *.domain.com to block all subdomains
it would be better if aliases allowed to enter a * before domain in order to block all different subdomain ips for a ... Bipin Chandra
08:32 AM Bug #4392: OpenVPN daemon crashing with ath(4) card installed
the same instance is not always affected...its 2 of the 3 that have the issue. So I would log into the GUI and notic... Adam Esslinger
07:57 AM Todo #4353: Review IPsec reloading when strongswan.conf is changed
Yeah i have done this for mobile settings and some reports from the forum where the settings were not updated.
I w... Ermal Luçi
05:34 AM Bug #4371 (Feedback): Re-enable suhosin
It was re-enabled in 2012 in commit:c25197ba, is there anything else still missing? Renato Botelho
04:34 AM Revision 5ece44f7: touch up Unbound text
Chris Buechler
04:34 AM Revision 74ab379d: touch up Unbound text
Chris Buechler
04:33 AM Revision ccdaaec6: Update Unbound defaults
Chris Buechler
04:31 AM Feature #4399 (Closed): Expose more of the DNSSEC-related hardening options in the GUI
harden-referral-path - hardcoded to no in unbound.inc ATM; any very good reason for this? (Yeah, I did read the manpa... Kill Bill
04:28 AM Revision ef120e87: Update Unbound defaults
Chris Buechler
03:13 AM Bug #4398: Userlist - No sorting anymore
And what is this checkbox for in the first column?
You can select multiple users and then delete them with 1 click (... Phillip Davis
02:18 AM Bug #4398 (Resolved): Userlist - No sorting anymore
The Userlist in pfSense was changed in Version 2.2. Now there is no option sorting the user by name. Before a doublec... Stefan Flügger
12:36 AM Revision fb64f3aa: also add v6 IPs to hosts in the same manner v4 IPs are added. Ticket #4395
Chris Buechler
12:10 AM Revision f7dddc86: also add v6 IPs to hosts in the same manner v4 IPs are added. Ticket #4395
Chris Buechler

02/09/2015

11:52 PM Bug #4397 (Resolved): MTU must be set in same ifconfig command as IP
Where MTU on an interface is user-defined, the ifconfig command that assigns the IP and IPv6 addresses must include t... Chris Buechler
11:22 PM Feature #3199 (Resolved): Option to accumulate or not IP addresses in Alias table of FQDNs
this was done in 2.2-RELEASE (can't set that as target since it's closed). Chris Buechler
09:08 PM Todo #4353 (Confirmed): Review IPsec reloading when strongswan.conf is changed
this is excessive in at least some circumstances. The restart flushes the SAD so it will cause at least a brief outag... Chris Buechler
08:22 PM Revision 3d5e8dce: Use appropriate interface field description when working with floating rules, it was confusing and potentially incorrect for floating rule purposes.
Chris Buechler
08:20 PM Revision 758b51a0: Use appropriate interface field description when working with floating rules, it was confusing and potentially incorrect for floating rule purposes.
Chris Buechler
06:36 PM Bug #4395 (Feedback): /etc/hosts doesn't contain any local IPv6 addresses
it's always just put v4 in there, I added v6 in the same manner if it exists. Chris Buechler
09:19 AM Bug #4395 (Resolved): /etc/hosts doesn't contain any local IPv6 addresses
... Armin Tueting
05:48 PM pfSense Packages Bug #3344: Disable IPV6 Squid3 not run
the likely reason for this is your squid3 config requiring communication with localhost, and it picking v6 to try to ... Chris Buechler
02:50 PM pfSense Packages Bug #4391: Status | Services | nrpe2 | restart does not restart nrpe
Applied in changeset pfsense-packages:commit:909f0dfd8a1efc99c8392423123fdc0b3d88ffea. Renato Botelho
12:30 PM pfSense Packages Bug #4391 (Feedback): Status | Services | nrpe2 | restart does not restart nrpe
Applied in changeset pfsense-packages:commit:11375fe3e8826e02f7a5bec1f6a2d743060dbd76. Renato Botelho
01:22 PM pfSense Packages Bug #4386 (Closed): softflowd not generating flow data on pfsense 2.2
This doesn't seem to be anything specific to our package, but softflowd on FreeBSD 10.x (and likely 9.x) in general. ... Jim Pingle
12:26 PM Bug #4396: Lengthy unbound outage during restart when adding static DHCP leases
Update:
Affected version: 2.2 Release Elliott Quarles
12:22 PM Bug #4396 (Duplicate): Lengthy unbound outage during restart when adding static DHCP leases
When updating static DHCP leases the call to services_unbound_configure on the services_dhcp page causes a full rebui... Elliott Quarles
12:21 PM pfSense Packages Feature #4394: HAproxy and use ACLs from UI to perform a "block"/"http-request deny"
In the new >=0.17 package acl's are written before the user custom config, so acl's should be usable.
As for adding ... Pi Ba
12:10 PM pfSense Packages Bug #4324: HAproxy and SSL client certificate validation
There is no public 'development' repository to install developing packages from, however the official package reposit... Pi Ba
11:22 AM Revision 2b704ea9: Merge pull request #1469 from makkbe/master
Renato Botelho
11:21 AM Bug #4307 (Feedback): bacula-fd configuration is mangled
I just pushed a fix, there were some path issues in the config and startup script and such.
Seems to work OK here ... Jim Pingle
09:50 AM Revision 936bfd84: make computation of start of DHCPv6 range consistent with actual check
When computing the start IP for the 'available range' field,
services_dhcpv6.php attempts to increment a colon-format... Daniel Becker
09:49 AM Revision 09c7e42c: fix Net_IPv6::compress() to properly handle all-zeros address
The existing implementation of Net_IPv6::compress produces an empty
string when compressing the all-zeros ("::") addr... Daniel Becker
09:48 AM Revision 8fd42722: add dhcp6.name-servers option with DHCPD-PD regardless of PD length
The existing code only includes a v6 name server IP in the
automatically generated dhcpdv6 configuration for tracking... Daniel Becker

02/08/2015

09:33 PM Bug #4392 (Feedback): OpenVPN daemon crashing with ath(4) card installed
to get that log it has to be 2.2-something, I presume this is 2.2-RELEASE. Chris Buechler
09:33 PM Bug #4392: OpenVPN daemon crashing with ath(4) card installed
is it the same instance that's affected every time?
The log "OpenVPN ID server1 PID 22206 still running, killing"... Chris Buechler
07:41 PM Bug #4392 (Closed): OpenVPN daemon crashing with ath(4) card installed
I have OpenVPN with tunnels between 3 locations. Almost every day Ill look at the dashboard and it will show one on ... Adam Esslinger
09:03 PM pfSense Packages Bug #4324: HAproxy and SSL client certificate validation
Quick question, what is the proper way to install a development package?
The interface only allows me to install up ... Stéphane Lapie
09:02 PM pfSense Packages Feature #4394 (Resolved): HAproxy and use ACLs from UI to perform a "block"/"http-request deny"
HAproxy currently allows to define ACLs to redirect to specific backends, and to define several frontend -> backend r... Stéphane Lapie
08:12 PM Bug #4393: syslogd stops and fails to restart during boot in some cases
This typically happens when you have a corrupted log file. The first attempted write to said log file will crash sysl... Jim Pingle
08:00 PM Bug #4393 (Resolved): syslogd stops and fails to restart during boot in some cases
Sometimes after rebooting syslogd shows that it has crashed. Rebooting usually fixes the issue. Here is what I see i... Adam Esslinger
06:31 PM pfSense Packages Bug #4391: Status | Services | nrpe2 | restart does not restart nrpe
I have since done a kill -TERM and then reloaded: /status_services.php?mode=restartservice&service=nrpe2
This star... Dan Langille
06:28 PM pfSense Packages Bug #4391: Status | Services | nrpe2 | restart does not restart nrpe
What's in /var/run/nrpe2.pid ? Is the the current PID? If you killall -9 nrpe2; rm /var/run/nrpe2.pid, and then star... Jim Pingle
06:17 PM pfSense Packages Bug #4391 (Resolved): Status | Services | nrpe2 | restart does not restart nrpe
On pfSense 2.2, I am unable to restart nrpe2
I click through: Status | Services | nrpe2 | restart service.
The ... Dan Langille
02:00 PM Bug #4390 (Resolved): Cannot create an IP alias on a CARP interface where the actual Interface address is in a different network
I have configured the WAN IP addresses to be private addresses (i.e. in the 10.0.254.0/30 network) so that I can pres... Xuridisa Support
10:58 AM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic
Nope! Stays at 0 throughout.... Adam Hirsch
02:38 AM Bug #3395: DHCPv6 client pass rules need to come before bogons
Yes, this yet again got broken. Kill Bill

02/07/2015

10:26 PM Bug #3395: DHCPv6 client pass rules need to come before bogons
I am experiencing this issue with v2.2. Rules look like this:... Paul K
06:07 PM Bug #4389 (Resolved): gif0 tunnel for ipv6 using a carp-ip to the outside world stops working upon reboots and some config changes
gif0 tunnel for ipv6 using a carp-ip to the outside world stops working upon reboots and some config changes
I fou... Pi Ba
06:04 PM pfSense Packages Bug #4388 (Duplicate): Squid exits when listening on port 800
Squid 3.4.10_2 pkg 0.2.6 running on 2.2 Release AMD64
After changing the port that the proxy listens on from 3128 to... Vincent Bentley
06:02 PM pfSense Packages Bug #4324: HAproxy and SSL client certificate validation
Could you checkout 0.17 package?(or perhaps 0.18) I've changed the 'none' CA to a separate checkbox which probably ma... Pi Ba
05:03 PM Bug #4387 (Resolved): Installer does not offer choices for keymap, screenmap or video font
The 2.2 Release AMD64 CD Installer does not provide any choices for keymap, screenmap or video font. Only '(default)'... Vincent Bentley
01:08 PM pfSense Packages Bug #4386 (Closed): softflowd not generating flow data on pfsense 2.2
I used to run pfsense 2.1 on several machines, all of which sent NetFlow data to a PRTG collector without any problem... Max Frames
12:57 PM Bug #4385 (Rejected): hostname dots
that is by design because of how it's used for registration of static mappings in the DNS Resolver/Forwarder. Allowin... Chris Buechler
07:07 AM Bug #4385: hostname dots
Uh. No.
http://tools.ietf.org/html/rfc952
http://tools.ietf.org/html/rfc1123#page-13
etc. etc. etc. Kill Bill
05:56 AM Bug #4385 (Rejected): hostname dots
2.2-RELEASE (amd64), built on Thu Jan 22 14:03:54 CST 2015, FreeBSD 10.1-RELEASE-p4
This might seem like a feature... Wouter Snels
04:28 AM Revision 6d5d9658: fix up text
Chris Buechler
04:28 AM Revision 5cb2a425: fix up text
Chris Buechler

02/06/2015

10:32 PM Bug #4384 (Resolved): missing input validation in captive portal
services_captiveportal.php is missing input validation that allows creating invalid configurations, including ones th... Chris Buechler
05:12 PM pfSense Packages Bug #3344: Disable IPV6 Squid3 not run
Gilmar Cabral You are right man, your post helped me today means after one year you posted it...
i have been in thi... Malik Mazhar
04:07 AM Bug #4383 (Resolved): Firewall log contains IGMP for rules that do not have logging on
Example: https://forum.pfsense.org/index.php?topic=88029.msg486945#msg486945
 Phillip Davis

02/05/2015

09:09 PM Revision e4610d66: remove CGN from "Block private networks" as it was in 2.0x and earlier
releases since it specifically notes RFC 1918 and CGN is more bogon.
Ticket #4379 Chris Buechler
07:47 PM Revision 2dfe7846: remove CGN from "Block private networks" as it was in 2.0x and earlier
releases since it specifically notes RFC 1918 and CGN is more bogon.
Ticket #4379 Chris Buechler
07:41 PM Revision bb8a30c2: Fixes #4381 this was a leftover of the change of zoneids to start from 2.
Ermal Luçi
07:41 PM Revision 8b4c7ed1: Fixes #4381 this was a leftover of the change of zoneids to start from 2.
Ermal Luçi
05:16 PM Bug #4379: Remove CGN (RFC6598) address space from "private networks"
Yes, of course. I think we don't understand each other. I can trivially create a RFC1918 alias and place that rule wh... Kill Bill
05:09 PM Bug #4379: Remove CGN (RFC6598) address space from "private networks"
Bogons and block private only applies to traffic sourced on the WAN in question. Where you're on CGN, you pretty much... Chris Buechler
05:01 PM Bug #4379: Remove CGN (RFC6598) address space from "private networks"
I'm not using either of these, so I pretty much don't care either way, but... fixing the description and nuking this ... Kill Bill
03:08 PM Bug #4379 (Resolved): Remove CGN (RFC6598) address space from "private networks"
since block private specifically says RFC 1918, it's more valid as bogon than private, I removed it from private. Chris Buechler
12:34 PM Bug #4379 (Resolved): Remove CGN (RFC6598) address space from "private networks"
No need to filter this in both places, this is really the same thing like RFC1918 ranges.
Forum thread: https://fo... Kill Bill
02:52 PM Revision 20078775: Merge pull request #1458 from xbipin/patch-4
Renato Botelho
02:19 PM Feature #4382 (Resolved): Add syslogd as a service under Status > Services
As requested at Bug #4380 - currently there's no way to track the status of syslogd service and/or start/stop/restart... Kill Bill
01:55 PM pfSense Packages Bug #4380: syslogd missing from Service Watchdog
Not a bug per se but a feature request. You can submit a feature request to add syslogd as a service under Status > S... Jim Pingle
01:52 PM pfSense Packages Bug #4380: syslogd missing from Service Watchdog
Yes, so it's not a problem with the package, but with the base system. Should I file the bug about the same thing und... Kill Bill
01:40 PM pfSense Packages Bug #4380: syslogd missing from Service Watchdog
It was rejected because it's not the purpose of this package to track the services itself. The services are defined b... Jim Pingle
01:31 PM pfSense Packages Bug #4380: syslogd missing from Service Watchdog
Kinda don't get why is this rejected. (Oh, and please, don't get me started with "delete the logs", not interested in... Kill Bill
01:27 PM pfSense Packages Bug #4380 (Rejected): syslogd missing from Service Watchdog
It uses the service list provided by the firewall. Same as Status > Services. Adding a service just to the package wo... Jim Pingle
01:20 PM pfSense Packages Bug #4380 (Rejected): syslogd missing from Service Watchdog
No idea why it's not there. Certainly would be nice to have it when things go wrong, such as Bug #4352 or https://for... Kill Bill
01:50 PM Bug #4381: Bring back the automatic captive portal pass rule to allow users to reach lighttpd on the proper captive portal port
Applied in changeset commit:bb8a30c23b04d8332e8d4fccf15ed91d950cda2b. Ermal Luçi
01:50 PM Bug #4381 (Feedback): Bring back the automatic captive portal pass rule to allow users to reach lighttpd on the proper captive portal port
Applied in changeset commit:8b4c7ed15cdde2e49cfce5f96990ba1dbb2a9fd0. Ermal Luçi
01:37 PM Bug #4381: Bring back the automatic captive portal pass rule to allow users to reach lighttpd on the proper captive portal port
Update:
The rule is there but broken, pointing to the wrong port numbers, for example:
/tmp/rules.debug has:
<... Jim Pingle
01:31 PM Bug #4381 (Resolved): Bring back the automatic captive portal pass rule to allow users to reach lighttpd on the proper captive portal port
pfSense 2.1.x had an automatic captive portal pass rule to allow users to reach the portal daemon, this automatic rul... Jim Pingle
01:14 PM Bug #4341: strongSwan fails to re-attach dynamic IPs where interfaces_use specified
Same issue using a DHCP wan with Kabeldeutschland Cable ISP using a dynamic IP and the other node using a PPP wan wit... Jan-Hendrik Wittke
01:09 PM Bug #4341: strongSwan fails to re-attach dynamic IPs where interfaces_use specified
Same issue one Box using a PPP wan with O2/Alice ISP using a dynamic IP and other Box using DHCP with Kabeldeutschlan... Jan-Hendrik Wittke
10:10 AM Revision ec1d66cc: Use web-gui setting for pap or chap instead of having it hard-coded to chap.
Sebastian Öhman
10:10 AM Revision 42c57d69: Merge pull request #1472 from bassebaba/master
Renato Botelho
09:48 AM Revision 8f637a0c: Merge pull request #1455 from xbipin/patch-2
Renato Botelho
09:41 AM Revision d06f9ebe: Use web-gui setting for pap or chap instead of having it hard-coded to chap.
Sebastian Öhman
09:11 AM Revision ee874f47: remove empty values
remove empty values Bipin Chandra
08:59 AM Bug #3997: get_interface_ip() returns first IP on interface, not necessarily primary IP
Oh, and bridges and gateway config: https://gist.github.com/MikeN123/22d50fa3d37834b9659a Mike Noordermeer
08:56 AM Bug #3997: get_interface_ip() returns first IP on interface, not necessarily primary IP
Interfaces config, slightly censored: https://gist.github.com/MikeN123/009bc5fb76347663e448
Virtual IP config, sli... Mike Noordermeer
07:39 AM Bug #3997: get_interface_ip() returns first IP on interface, not necessarily primary IP
Can you share your interfaces config or all of it so i can replicate that? Ermal Luçi
04:33 AM Bug #3997: get_interface_ip() returns first IP on interface, not necessarily primary IP
2.1.5 and 2.2.0. After reboot the VIP becomes the primary IP, and all outbound traffic and firewall rules referencing... Mike Noordermeer
04:31 AM Bug #3997: get_interface_ip() returns first IP on interface, not necessarily primary IP
On which scenario and which version this happens? Ermal Luçi
03:57 AM Bug #3997: get_interface_ip() returns first IP on interface, not necessarily primary IP
Just FYI, I have a bridge interface with x.x.x.106 as primary IP, and an IP alias x.x.x.105. This fails consistently,... Mike Noordermeer
07:57 AM Bug #4378 (Resolved): editing one of multiple pppoe connections with dial on demand enabled changes port assignment
Where you have dial on demand enabled on PPPoE, and have multiple PPPoE connections, saving on interfaces.php after m... Bipin Chandra
07:51 AM Bug #4377 (Rejected): pfSense boot freezes after restart in QEMU/KVM
pfSense virtual machine freezes after reboot at
@usbus0: 12Mbps Full Speed USB v1.0@
qemu proc contains :
@-... Stanislav Yanchev
06:29 AM pfSense Packages Bug #4376 (Closed): Squid3 Squidguard3 Stability Problems
Hi
Pfsense.2.2 also squid3 3 the stability and squidGuard3 squidGuard3 is experiencing problems, especially after 3... Landforces turkuaz
05:41 AM Revision b997da8b: upgrade config
upgrade config code so old entries not lost during upgrade Bipin Chandra
04:47 AM Revision e5e3216e: Add RTMP to the Traffic Shaper
Talyrius Bekhesh
03:53 AM Bug #4375: Kernel Crash
So solution is disable acpi in bios ? or what we can do. N.Selim GUNER
02:26 AM Bug #4375: Kernel Crash
I think this is because of acpi being enabled by default now. Ermal Luçi
01:19 AM Bug #4375: Kernel Crash
Jetway Mini ITX NF9D 2550 Board N.Selim GUNER
01:16 AM Bug #4375 (Rejected): Kernel Crash
Upgrading 2.1.5 or new install same crash. N.Selim GUNER
03:38 AM Bug #4266: Rekeying issues with IKEv1 and multiple P2s under some circumstances
Also this issue on redmine https://wiki.strongswan.org/issues/431 recommends reauth = no for IKEv2 for IKEv1 not sure... Ermal Luçi
03:34 AM Bug #4266: Rekeying issues with IKEv1 and multiple P2s under some circumstances
Also looking at this thread http://comments.gmane.org/gmane.network.vpn.strongswan.user/2055
It can be a solution to... Ermal Luçi
02:53 AM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic
Does net.inet.ip.dummynet.io_pkt_drop increase during this time? Ermal Luçi
12:43 AM Feature #4374 (New): Add timestamps to notification e-mails
It would sometimes be useful to have timestamps in the body of the e-mail itself. E-Mail transmission is not always r... Michel Zehnder
12:42 AM pfSense Packages Bug #4373: pfBlockerNG: IPv4 aliases are not preserved when upgrading package
Ah, my bad. I got used to original pfBlocker and it's behavior ... didn't expected it to change. Thanks for clarifica... Dmitriy K

02/04/2015

06:23 PM Revision cdcf197b: Fixed not being able to save custom and custom-v6 dyndns
entries due to "host" being posted empty, and thus failing
is_domain() check. Tuyan Ozipek
06:23 PM Revision 68f7662b: Merge pull request #1466 from tuyan/master
Renato Botelho
06:22 PM Revision a912dd7d: Firmware upgrade script text changes
while I am looking at this, might as well correct these.
No function problems or impact. Phil Davis
06:22 PM Revision 13685ab5: Merge pull request #1470 from phil-davis/patch-1
Renato Botelho
06:07 PM Bug #4149: Register DHCP leases in DNS forwarder broken
Now on 2.2, the bug is still present:
Feb 4 20:40:44 dhcpd: Unable to add forward map from linehead.ozone.caligrafi... Anonymous
05:38 PM Revision 62657a7f: Fix restartipsec command line script.
Jim Pingle
05:36 PM Revision 01f3438e: Fix restartipsec command line script.
Jim Pingle
02:46 PM Revision 68716545: Fixes #3669 Handle properly recording of the ipv6 interface new ip and do not issues commands that cannot succeed.
Ermal Luçi
02:46 PM Revision 322cc018: Fixes #3669 Handle properly recording of the ipv6 interface new ip and do not issues commands that cannot succeed.
Ermal Luçi
12:46 PM pfSense Packages Bug #4373: pfBlockerNG: IPv4 aliases are not preserved when upgrading package
This is not a bug.
The text beside the pfBlockerNG Enable Checkbox in the General Tab, is as follows
*"Note - w... BBcan177 .
03:12 AM pfSense Packages Bug #4373 (Resolved): pfBlockerNG: IPv4 aliases are not preserved when upgrading package
After upgrading 1.01 to 1.02 I've lost all IPv4 tab aliases. Dmitriy K
10:27 AM Bug #4344: package (re)installation loop after upgrading from 2.1.5-RELEASE to 2.2-RELEASE
*FYI*
there's another package that was reported as unable to be 100% reinstalled after the upgrade procedure from 2.... Vinícius Zavam
10:20 AM Bug #4344: package (re)installation loop after upgrading from 2.1.5-RELEASE to 2.2-RELEASE
Vinícius Zavam wrote:
> *Piba-NL*'s (##pfsense@freenode) pointed out that would be nice to try this procedures:
> *... Vinícius Zavam
10:14 AM Revision 1f97f379: In last case, use dmesg.boot do detect ALIX boards when hw.model is not enough
Renato Botelho
10:14 AM Revision 6d043a1d: In last case, use dmesg.boot do detect ALIX boards when hw.model is not enough
Renato Botelho
09:52 AM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic
I can verify that turning off reply-to doesn't seem to make a difference, here:
The rule:... Adam Hirsch
09:43 AM Revision 0fcf26e4: Silent kenv when smbios.system.product is not present. While here, add VirtualBox to the list of virtualenvs
Renato Botelho
09:43 AM Revision 7e36f71c: Silent kenv when smbios.system.product is not present. While here, add VirtualBox to the list of virtualenvs
Renato Botelho
09:00 AM Bug #3669: WAN IPs not being cached causing unnecessary "rc.start_packages: Restarting/Starting all packages"
Applied in changeset commit:68716545c5fde880d7a22cd9b13b901d01ccb561. Ermal Luçi
09:00 AM Bug #3669: WAN IPs not being cached causing unnecessary "rc.start_packages: Restarting/Starting all packages"
Applied in changeset commit:322cc0188107e8b8ca912511915e71334fe4089b. Ermal Luçi
08:45 AM Bug #3669 (Feedback): WAN IPs not being cached causing unnecessary "rc.start_packages: Restarting/Starting all packages"
Thank you for the persistence.
Merged a better/modified version of the fix suggested here. Ermal Luçi
02:18 AM Revision 695b6d08: Firmware upgrade script text changes
while I am looking at this, might as well correct these.
No function problems or impact. Phil Davis

02/03/2015

11:21 PM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic
I haven't had a chance to get back to testing this scenario yet, but will soon. Seems like it may not be specific to ... Chris Buechler
10:39 PM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic
Have we confirmed if having reply-to enabled or disabled affects if the limiter works correctly? As well, what about... Travis Kreikemeier
09:48 PM pfSense Packages Bug #4282 (Resolved): Vnstat2 1.11 Does Configuration Parser Error
thanks for the confirmation Paul, and Jim and Bryce for fixing. Others have confirmed fixed as well. Chris Buechler
07:57 PM pfSense Packages Bug #4282: Vnstat2 1.11 Does Configuration Parser Error
Tested on v2.2 amd64 full install.
Removed existing version, made sure nothing but settings are left behind and in... Paul K
02:24 PM pfSense Packages Bug #4282 (Feedback): Vnstat2 1.11 Does Configuration Parser Error
Update the package and try again, I pushed some fixes earlier today. It works for me in testing here. Jim Pingle
08:10 PM Feature #4372 (Closed): dnscrypt support
It'd be nice to have dnscrypt support built-in so people don't need hacks like
https://docs.google.com/document/d/1B... Chris Buechler
08:07 PM Bug #4371 (Resolved): Re-enable suhosin
We had to drop suhosin when moving to PHP 5.4 as it wasn't compatible at the time and its development had stalled. Th... Chris Buechler
07:25 PM Revision f8b5f41d: Merge remote-tracking branch 'upstream/master'
McB
07:21 PM Revision 68fde79c: Fixed alignment issue.
McB
07:17 PM Revision 197cf433: Added DynDNS support for GleSYS API (www.glesys.com).
McB
06:54 PM Revision 98b3de78: fix responder-only IPsec text
Chris Buechler
06:54 PM Revision d7f4c1a4: fix responder-only IPsec text
Chris Buechler
04:44 PM Bug #4310 (Feedback): Limiters + HA results in hangs on secondary
Patch committed. Ermal Luçi
04:31 PM Bug #4370 (Resolved): ntpd does nothing with selected carp interfaces.
ntpd does nothing with selected carp interfaces.
When only carp ip's are selected for ntpd to listen on the config '... Pi Ba
10:44 AM Bug #4344: package (re)installation loop after upgrading from 2.1.5-RELEASE to 2.2-RELEASE
*Piba-NL*'s (##pfsense@freenode) pointed out that would be nice to try this procedures:
* clear installation's lock;... Vinícius Zavam
08:14 AM pfSense Packages Bug #4369 (Resolved): patch fetching doesn't work if pfsense is behind proxy
Hello,
while i was testing a patch (Bug #4238) i noted that the fetch doesn't work.
Issuing a packet caputure while... Anonymous
07:25 AM Feature #809: Config sync username change
The bug is still here in version 2.2 64bit.
The "Remote System Username" field into Firewall->Virtual IP->CARP Set... Antoine Rodriguez
03:32 AM Revision adf17d4f: fix text
Chris Buechler
03:32 AM Revision e829fcbb: fix text
Chris Buechler
02:51 AM pfSense Packages Feature #4368 (Closed): [Unbound] Allow customized root.hints
... Armin Tueting
12:02 AM pfSense Packages Bug #4324: HAproxy and SSL client certificate validation
Just reporting another little very minor thing, I am testing the latest version for which you added ACL negation and ... Stéphane Lapie

02/02/2015

08:55 PM Bug #4367: Incorrect rrset-cache-size in unbound.conf
unbound.conf is generated by back-end code in /etc/inc/unbound.inc
Search for rrset_cache_size and rrset-cache-siz... Phillip Davis
04:43 PM Bug #4367 (Resolved): Incorrect rrset-cache-size in unbound.conf
In /usr/local/www/services_unbound_advanced.php is missing code responsible for setting correct value for rrset-cache... Juraj Binka
07:36 PM Revision bfcb1e4a: Allow IPseec clients to properly connect and not stomp over each other. Reported-by https://forum.pfsense.org/index.php?topic=87980.0
Ermal Luçi
07:36 PM Revision 034a23f0: Allow IPseec clients to properly connect and not stomp over each other. Reported-by https://forum.pfsense.org/index.php?topic=87980.0
Ermal Luçi
07:28 PM pfSense Packages Bug #4324: HAproxy and SSL client certificate validation
No, I haven't. In my production settings, I am only using "ssl_c_used" since I can guarantee for sure we are in a TLS... Stéphane Lapie
06:02 PM pfSense Packages Bug #4324: HAproxy and SSL client certificate validation
Thanks for reporting this, my suspicion is that 'ssl_c_used ssl_c_verify 0' would be enough for all cases.
Have yo... Pi Ba
05:28 PM Revision 4520b2d2: Fix aliases popup width when fields are hidden when page is loaded. It should fix #4238
Renato Botelho
05:28 PM Revision 6672609b: Fix aliases popup width when fields are hidden when page is loaded. It should fix #4238
Renato Botelho
04:46 PM Revision cd214f4b: Properly calculate the 6rd default gateway honoring netmasks other than /32
Ermal Luçi
04:46 PM Revision 5e964cfd: Properly calculate the 6rd default gateway honoring netmasks other than /32
Ermal Luçi
03:51 PM Feature #4366: Namecheap Dynamic DNS updates fail on subdomain formatted domains
Formatting removed the {@} symbol
{@}.sub.domain.com Trel S
03:48 PM Feature #4366 (Resolved): Namecheap Dynamic DNS updates fail on subdomain formatted domains
The domain in question is in the format
sub.domain.com
I need to update the @ record for this domain.
So, it's b... Trel S
03:46 PM Revision f2b769d0: Fixed not being able to save custom and custom-v6 dyndns
entries due to "host" being posted empty, and thus failing
is_domain() check. Tuyan Ozipek
01:19 PM Revision 315d866c: Merge remote-tracking branch 'origin/master'
Sjon Hortensius
11:37 AM Bug #4365 (Resolved): ALTQ Traffic Shaping is not working in pfSense 2.2 when run on Hyper-V 2012 R2
Using pfSense 2.2 release on Hyper-V 2.2 with regular network adapters (not legacy adapters), HFSC queues can be set ... Aaron Smith
11:30 AM Bug #4238: Firewall rule: source port display issue
Applied in changeset commit:4520b2d2b70caa48813f73f89ef5b9c942ea5b25. Renato Botelho
11:30 AM Bug #4238 (Feedback): Firewall rule: source port display issue
Applied in changeset commit:6672609b90a8e60a13ca471a3ad3e054eca542bd. Renato Botelho
11:28 AM Revision c6c71b36: fix indent
fix indent Bipin Chandra
10:08 AM Bug #3669 (New): WAN IPs not being cached causing unnecessary "rc.start_packages: Restarting/Starting all packages"
Let me double check this issue again. Ermal Luçi
05:11 AM Bug #3669: WAN IPs not being cached causing unnecessary "rc.start_packages: Restarting/Starting all packages"
Whilst this ticket has been marked resolved, the second part of the fix relating to /etc/rc.newwanipv6 has never been... David Burns
09:01 AM Revision 1c4540dc: Ticket #4353 fix typo on unset var spotted-by: Phil Davis
Ermal Luçi
09:01 AM Revision 42275e69: Ticket #4353 fix typo on unset var spotted-by: Phil Davis
Ermal Luçi
07:56 AM Revision b82159a6: Unbound domain override IP:port validation
The domain override is IP:port is invalid if either the IP address OR port is invalid.
Previously you could put an in... Phil Davis
07:56 AM Revision e67c5bee: Merge pull request #1457 from phil-davis/patch-2
Renato Botelho
07:55 AM Revision 2cf35754: speedup 'function is_port($port)' speed by skipping calls to getservbyname when possible
Pi Ba
07:55 AM Revision 2b8353ba: Merge pull request #1459 from PiBa-NL/speedup_is_port
Renato Botelho
07:54 AM Revision 87549136: Remove latin-1 encoding of RSS feed
Many thanks to Gertjan in forum https://forum.pfsense.org/index.php?topic=87504.msg484017#msg484017
Specifically sett... Phil Davis
07:54 AM Revision b2b1822b: Merge pull request #1465 from phil-davis/patch-1
Renato Botelho
07:00 AM Bug #4364 (Duplicate): cannot change or set keymap during and after install
No keymap file is present on pfsense 2.2 64bit so, when installing : no keymap selection is available.
After havin... Antoine Rodriguez
06:41 AM Bug #4362 (Resolved): RSS widget - broken character encoding due to forcing latin-1
Renato Botelho
06:00 AM Bug #4362: RSS widget - broken character encoding due to forcing latin-1
This is fixed with rev. 87549136 / rev. 8820a3aa close please. Kill Bill
03:55 AM Bug #4274: Marking a packet with only a number results in a broken rule
Just wanted to say I've verified this works. Thanks so much for the quick response. Jonathan Dieter
02:40 AM Revision 8820a3aa: Remove latin-1 encoding of RSS feed
Many thanks to Gertjan in forum https://forum.pfsense.org/index.php?topic=87504.msg484017#msg484017
Specifically sett... Phil Davis
 

Also available in: Atom