Activity

30 days up to

User

Subprojects

Activity

From 02/11/2015 to 03/12/2015

03/09/2015

10:56 PM Revision ee678e75: Comment missing function for now.: Refs. #22 Sander van Leeuwen
10:46 PM Revision c39f7276: Bind collapsable behaviour to options: Refs. #21 Sander van Leeuwen
07:21 PM Bug #4436: dhcp6c requests prefix delegation when no tracking interfaces are configured: Michael, in your example you are requesting prefix-delegation from DHCP6 server, but it does not get used anywhere, b... Paul K
10:47 AM Bug #4436: dhcp6c requests prefix delegation when no tracking interfaces are configured: Comments for understanding: I do not have "track" interfaces. Michael Sh.
04:55 AM Bug #4436: dhcp6c requests prefix delegation when no tracking interfaces are configured: IPv6 type DHCP6. I hope to get
@interface em0 {
send ia-na 1;
send ia-pd 1;
request dom... Michael Sh.
01:09 AM Bug #4436: dhcp6c requests prefix delegation when no tracking interfaces are configured: I tested this again today and it is working fine for me.
Michael, can you be a bit more specific about your setup... Paul K
06:01 PM Revision 6127c541: Revert "Fixes #4446 Correct ipalias removal on top of carp during configuration sync.": master works differently and get_real_interface() resolves vips as well.
This reverts commit 8896fe1cebdc97dcbeb5924... Ermal Luçi
05:52 PM Revision 8896fe1c: Fixes #4446 Correct ipalias removal on top of carp during configuration sync.: Ermal Luçi
05:52 PM Revision 457d9c32: Fixes #4446 Correct ipalias removal on top of carp during configuration sync.: Ermal Luçi
05:10 PM Revision e185c584: Pencil symbols: These are places in the GUI where the cursor sits not in the far left
side of the input box and there is odd-looking ... Phil Davis
05:06 PM Revision 79262830: Code style etc inc vwx3: rebased version with conflicts resolved due to a bunch of recent changes
in vpn.inc Phil Davis
02:36 PM Revision 261f7271: Allow reassignment from PPP types to DHCP. From testing, it appears to work OK, this input validation appears to be outdated.: If there is some edge case that this catches, perhaps it needs to be a more specific test. Jim Pingle
02:35 PM Revision 36dbc14a: Allow reassignment from PPP types to DHCP. From testing, it appears to work OK, this input validation appears to be outdated.: If there is some edge case that this catches, perhaps it needs to be a more specific test. Jim Pingle
02:22 PM Revision bf4ea211: Add missing 'break' statement that broke switching from a PPP type to 'none'.: Jim Pingle
02:22 PM Revision 5bd0ba3e: Add missing 'break' statement that broke switching from a PPP type to 'none'.: Jim Pingle
01:00 PM Bug #4446: IP Alias with CARP VIP parent is not removed from OS on secondary node when deleted: Applied in changeset commit:8896fe1cebdc97dcbeb59249f3bb2abd1601b979. Ermal Luçi
01:00 PM Bug #4446 (Feedback): IP Alias with CARP VIP parent is not removed from OS on secondary node when deleted: Applied in changeset commit:457d9c3275ff2b7ad691a38bdcb72e7177ff159a. Ermal Luçi
12:41 PM pfSense Packages Bug #4491: Incorrect module location in start up script for Open-VM-Tools: Found the following line:
<depends_on_package_pbi>open-vm-tools-1280544_9-##ARCH##.pbi</depends_on_package_pbi>... Anonymous
12:28 PM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot: The filesystem in /etc was likely corrupted as a result of the repeated panics. Reinstalling is the safest recovery m... Jim Pingle
12:22 PM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot: Jim P wrote:
> To work around it, you can rename the bsnmpd binary or otherwise disable it. For example:
>
> <pre... Stefan Nunninger
07:17 AM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot: To work around it, you can rename the bsnmpd binary or otherwise disable it. For example:... Jim Pingle
07:12 AM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot: I am experiencing this same bug.
I attach a log of the console output.
I am running pfsense 2.2 on an Alix APU boa... Stefan Nunninger
11:35 AM Revision fc4e8df8: Code style etc inc vwx3: rebased version with conflicts resolved due to a bunch of recent changes
in vpn.inc Phil Davis
10:01 AM Revision aab23249: DNS Forwarder Host Override Edit make the pencil symbols appear: In most places in the GUI a little pencil symbol appears before text input fields. For example it already appears for... Phil Davis
10:00 AM Revision 2385106e: Merge pull request #1544 from phil-davis/patch-4: Renato Botelho
10:00 AM Revision 39dff8e2: Fix password box in diag_authentication: In 2.2 when I go to Diagnostics->Authentication the password field shows the little lock icon, but the text input are... Phil Davis
09:59 AM Revision ad42e4d8: Merge pull request #1542 from phil-davis/patch-2: Renato Botelho
09:59 AM Revision 7ac524dd: Merge pull request #1541 from phil-davis/Code-Style-etc-inc-z: Renato Botelho
09:55 AM Revision 478188c2: Add missing opening bracket: k-paulius
09:53 AM Revision aeaf63f1: Merge pull request #1545 from k-paulius/fix-syntax: Renato Botelho
07:56 AM Bug #4502: Default gateway not switching when interface stuck in pending state: all the WANs are pppoe connections and this box is live on the internet with complete remote access using all WANs if... Bipin Chandra
07:44 AM Bug #4502 (Resolved): Default gateway not switching when interface stuck in pending state: i have a full install box with 4 WANs and 1 LAN, the first 3 WANs and LAN work using VLANs and the last one using a d... Bipin Chandra
05:23 AM Bug #4276: Layer 7 not working / ipfw-classifyd high load: Hy, Also concerned Florent THOMAS
04:39 AM Feature #4501 (New): Allow email report to send multiple destination: Hy,
Is it possible to setup this : http://ehealth-aussie.blogspot.fr/2013/07/pfsense-e-mail-alerts-sent-to-multipl... Florent THOMAS
02:11 AM pfSense Packages Bug #4426: NUT fails to start or restart until NUT's settings are (re)saved: FYI, same/converted config, etc. and this does not seem to be an issue with pfSense v2.2 (64-bit, instead of 32-bit) ... B. Derman
01:01 AM Bug #4464: Config restore forces serial console to be enabled: Working fine now. Thanks Chris. Paul K
12:52 AM Bug #4483: SLAAC and stateful DHCP6 IPs are configured on interface when using DHCP6 config type: Proposed fix: https://github.com/pfsense/pfsense/pull/1546 Paul K

03/08/2015

11:44 PM Bug #4483: SLAAC and stateful DHCP6 IPs are configured on interface when using DHCP6 config type: Did a little bit more research on this issue.
First, in order for the SLAAC address to be auto-configured, RA mess... Paul K
11:17 PM Revision ef1dfb88: Add missing opening bracket: k-paulius
11:15 PM Revision 10192c30: Remove extra closing brackets: k-paulius
11:07 PM Revision 29257358: $ldescr variable is not assigned a value and all 'Outgoing Network Interfaces' show Localhost as a name on UI: k-paulius
11:04 PM Revision ec07dcfe: Missing $: k-paulius
09:30 PM Revision a707f00b: Merge branch 'bootstrap' of github.com:SjonHortensius/pfsense into bootstrap: Sjon Hortensius
06:42 PM Bug #4500 (Resolved): UPnP/NAT-PMP status page does not display all port mappings: It seems that some miniupnp entries are not parsed correctly and therefore not displayed in the Status page.... Denis Dzyubenko
06:11 PM Revision f353ebeb: converted usermanager_settings and setting_test: refs #18 Sjon Hortensius
06:10 PM Revision df7bc7cb: Convert to bootstrap: Refs. #22 Sander van Leeuwen
06:09 PM Revision 59e0b480: Revert "Convert to bootstrap": This reverts commit 89544eb50215903d24f56c4f668c81962670817a. Sander van Leeuwen
06:06 PM Revision 89544eb5: Convert to bootstrap: Sander van Leeuwen
06:06 PM Revision a41cf2da: Form - add setAction for adding custom _GET parameters: Sjon Hortensius
12:40 PM Revision 9d45f8b8: Multiple buttons in form need spacing: fixes #19 Sjon Hortensius
12:33 PM Revision 8343fb3b: Button - renamed parameter, put $title into value attribute: refs #11 Sjon Hortensius
06:58 AM Feature #4499 (New): pfSense LAGG interfaces; unable to set speed and duplex for member interfaces.: When a LAGG is configured; let's say for argument sake it's lacp; and member interfaces are assigned. e.g. em1 and ... Richard Graeme
06:44 AM Revision f973985c: Update help to current config structure, touch up text while here. Fixes #4492: Chris Buechler
06:43 AM Revision 51b24a30: Update help to current config structure, touch up text while here. Fixes #4492: Chris Buechler
01:50 AM pfSense Packages Bug #4498 (Closed): SSHDCond - dropdown font unreadable: Sorry, cannot figure out which CSS does this come from, but it's just insane and unreadable by default. FF and Chrome... Kill Bill
12:42 AM Bug #4492 (Resolved): pfSsh.php help appears to reference an older config structure.: thanks for the report, fixed. Chris Buechler
12:34 AM Bug #4459: Tzdata is too old (needs to be updated for Russia): I confirm: Incorrect time offset (+1h) everywhere except for dashboard; Dmitriy K

03/07/2015

08:18 PM Revision ede74d31: Check for console="comconsole* rather than just *comconsole* in loader.conf, so it doesn't match just having comconsole_speed in loader.conf. Ticket #4464: Chris Buechler
08:16 PM Revision 08af94cb: Check for console="comconsole* rather than just *comconsole* in loader.conf, so it doesn't match just having comconsole_speed in loader.conf. Ticket #4464: Chris Buechler
05:05 PM Revision da3d5bc7: clarify Button, centralize A vs INPUT logic: refs b125fab2ba Sjon Hortensius
05:00 PM Revision b125fab2: Introduce Form_Button, which can morph into <a class=btn>: fixes #11 Sjon Hortensius
05:00 PM Bug #4436: dhcp6c requests prefix delegation when no tracking interfaces are configured: But it broke the work of native DHCPv6. Unable to query ia-pd without using the advanced configuration. In the advanc... Michael Sh.
04:36 PM Revision a08e2dcb: Merge pull request #13 from psophis/interface-interface-groups: migrated Interface > interface groups SjonHortensius
04:28 PM Revision 19013d43: Initial commit for Interface > Interface Groups bootstrap convert: Thane Gill
04:25 PM Revision ab9028d8: correct a typo; addGlobal is a Form method, so don't do Section::: refs a97531c5e5e2f1f41 Sjon Hortensius
04:17 PM Revision 18479e41: firewall_rules_edit - now properly converted: this file now contains all original names for inputs, fixes #16 Sjon Hortensius
04:05 PM Revision 0fa9f86d: Merge branch 'bootstrap' into HEAD: * bootstrap:
After instantiation return object. Return object after setWidth.
Updated even more pages to new Form... Thane Gill
03:48 PM Revision c3dafdb2: updated Form_Input instructions & upload script: refs #16 Sjon Hortensius
03:38 PM Revision 54b808d4: After instantiation return object. Return object after setWidth.: Thane Gill
03:31 PM Revision f537d085: Updated even more pages to new Form setup (include names): refs #16 Sjon Hortensius
02:17 PM Bug #4464: Config restore forces serial console to be enabled: thanks Paul, I fixed that to match more specifically so it doesn't catch comconsole_speed. Chris Buechler
12:26 PM Revision a97531c5: Major change: require caller to specify name of inputs: no longer do we automatically determine an input-name; it meant a lot of
backend-changes (or forceName calls). This c... Sjon Hortensius
11:46 AM Revision a542a625: removed custom setSubmit, using new addGlobal for hidden input: refs #9 Sjon Hortensius
11:38 AM Revision ee027864: moved setSubmit to addGlobal, to be used for hidden inputs: fixes #10, #11 Sjon Hortensius
11:37 AM Revision 8a2d92b5: Merge branch 'bootstrap' of github.com:SjonHortensius/pfsense into bootstrap: Sjon Hortensius
11:36 AM Revision 8af76ee4: Replaced addSubmit by addGlobal, which will be used for hidden inputs: Group - add support for additional classes by using Element::getHtmlClass
Input - if we have no columnClasses or help... Sjon Hortensius
11:34 AM Revision 844b9bf3: fix typos, pending actual layout: Sjon Hortensius
11:32 AM Revision 3c7f137e: Merge pull request #15 from SanderVanLeeuwen/bootstrap: Pass checkbox value to parent constructor SjonHortensius
11:29 AM Revision ae3402fa: Pass checkbox value to parent constructor: Sander van Leeuwen
10:58 AM Revision 247c417f: Globally correct a few typos: * $x; > $x = null;
* removed duplicated cases
* fixed useless statement: (int)$x = $y
* removed poetic: if (!$x && $x... Sjon Hortensius
10:54 AM Revision 3d613183: clean - replace 1990 not-if syntax <> with !=: Sjon Hortensius
10:13 AM Revision f94aa45b: Merge pull request #12 from psophis/bootstrap: Return object after setWidth & forceName, for chaining SjonHortensius
08:48 AM pfSense Packages Bug #4497 (Resolved): Using a specific password within FreeRADIUS user management causes pfSense to restore a backup!: I have noticed some really strange behaviour when using a specific password for a freeradius user account. Somehow I ... Matthias Güntert
02:25 AM Bug #4490 (Resolved): slight error in builder_scripts/scripts/buildports.sh: Chris Buechler
02:24 AM Bug #4471 (Resolved): stf tunnel interface is not destroyed when 6rd or 6to4 tunnel is disabled: Thanks Paul!
Also seems fine here. Chris Buechler
01:42 AM Feature #4496: IPv6 outbound NAT support: Kill Bill wrote:
> Sigh. Seems like you missed the point of IPv6 altogether.
Yes. You do NOT NAT IPv6 in the mann... Chris Buechler
01:27 AM Feature #4496: IPv6 outbound NAT support: Sigh. Seems like you missed the point of IPv6 altogether. Kill Bill
12:19 AM Feature #4496 (Closed): IPv6 outbound NAT support: I have an IPv4 address from my ISP and I'm using Hurricane electric tunnel for IPv6 addresses. I want to NAT my IPv6 ... Adam Esslinger
01:37 AM Bug #4494: axge bug - AX88179 chipset (network interface reseting): Chris, thanks for explaining how it works.
I'm not sure it was corrected at all. The only reference that I have it i... Armando Lima Amaral
12:11 AM Feature #4495 (Duplicate): IPv6 support for DynDNS client: I have an IPv4 address from my ISP and I'm using Hurricane electric tunnel for IPv6 addresses. Im also using DynDNS b... Adam Esslinger

03/06/2015

11:03 PM Revision ef86984c: After instantiation return object. Return object after setWidth.: Thane Gill
10:35 PM Bug #4471: stf tunnel interface is not destroyed when 6rd or 6to4 tunnel is disabled: Tested a bunch of different scenarios on 2.2 branch. Enabling/disabling 6rd and 6to4, switching between 6rd<->6to4, e... Paul K
12:00 AM Bug #4471: stf tunnel interface is not destroyed when 6rd or 6to4 tunnel is disabled: Applied in changeset commit:c0e5ab96e7bf77f1146f4df786a048e05a2eb5a2. Chris Buechler
12:00 AM Bug #4471: stf tunnel interface is not destroyed when 6rd or 6to4 tunnel is disabled: Applied in changeset commit:df966626606fe7c60c3d7301f3843280b746a7a6. Chris Buechler
09:50 PM Bug #4464: Config restore forces serial console to be enabled: I cloned my firewall from v2.1.5 snapshot and performed an update to v2.2 again to try and reproduce this issue, but ... Paul K
08:00 PM Revision 7ba5aeeb: Expand CARP demotion error, add button to reset demotion status.: Jim Pingle
08:00 PM Revision 0a4fbd99: Expand CARP demotion error, add button to reset demotion status.: Jim Pingle
06:48 PM Bug #4246 (Resolved): Fix "netstat -gW" behavior broken in r259638.: fixed, thanks Renato, and doktornotor for finding the fixed revision. Chris Buechler
07:04 AM Bug #4246 (Feedback): Fix "netstat -gW" behavior broken in r259638.: Patch applied Renato Botelho
06:45 PM Bug #4494: axge bug - AX88179 chipset (network interface reseting): I don't see any obvious commits in -STABLE that are specific to that issue. If you can point us to a specific change ... Chris Buechler
03:28 PM Bug #4494 (Needs Patch): axge bug - AX88179 chipset (network interface reseting): When a USB3 network adapter is needed, there isn't many options for Gigabit connection.
The most used chipset is the... Armando Lima Amaral
06:17 PM Revision 201932c5: After instantiation return object. Return object after setWidth.: Thane Gill
05:19 PM Revision 23a7fd6a: Merge pull request #9 from psophis/bootstrap: migrated system_advanced_sysctl.php SjonHortensius
05:14 PM Revision 3412275d: Initial bootstrap rewrite for system_advanced_sysctl.php: TODO:
- Hide id label on re-edit
- Add cancel button to edit Thane Gill
02:45 PM Revision 588d3cf6: Check if it's an array before call foreach(). Ticket: Renato Botelho
02:45 PM Revision c17478a6: Check if it's an array before call foreach(). Ticket: Renato Botelho
02:31 PM Revision b47f7d65: Stop trying to fix dns_split during strongswan config generation, we have an upgrade code in place for that, it should fix #4418: Renato Botelho
02:30 PM Revision edf370e7: dns_split was a comma separated list and moved to use space as separator, provide upgrade code to make sure old configs are converted. Since there was a config upgrade version 11.7 only on master, I pushed it to 11.8 and used dns_split one as 11.7 to be able to backport it to RELENG_2_2. Ticket #4418: Renato Botelho
02:29 PM Revision 99572c53: Remove multiple spaces from dns_split as a seatbelt, also fix the message since field is expected to be space separated and not comma. Ticket #4418: Renato Botelho
02:29 PM Revision b93bc1fd: Stop trying to fix dns_split during strongswan config generation, we have an upgrade code in place for that, it should fix #4418: Renato Botelho
02:28 PM Revision 877740ee: dns_split was a comma separated list and moved to use space as separator, provide upgrade code to make sure old configs are converted. Since there was a config upgrade version 11.7 only on master, I pushed it to 11.8 and used dns_split one as 11.7 to be able to backport it to RELENG_2_2. Ticket #4418: Renato Botelho
02:26 PM Revision 27781065: Remove multiple spaces from dns_split as a seatbelt, also fix the message since field is expected to be space separated and not comma. Ticket #4418: Renato Botelho
02:25 PM Bug #4177: Bug in OpenVPN user/pass auth: Nice shortening of the sed string!
I believe the str_replace in openvpn.auth-user.php isn't needed either.
I'm ... Dave Crane
11:24 AM Bug #4493 (Closed): Convert ipsec_transport_filterfix.diff to stable/10: Patches were updated from releng/10.1 to stable/10, this one was missed Renato Botelho
10:58 AM Revision 4ad7848c: DNS Forwarder Host Override Edit make the pencil symbols appear: In most places in the GUI a little pencil symbol appears before text input fields. For example it already appears for... Phil Davis
09:46 AM Bug #4492 (Resolved): pfSsh.php help appears to reference an older config structure.: The example give to enable a static internface
/* to enable an interface and set a static ip address */
$config... Robert Middleswarth
09:36 AM Revision 8cb4f5b1: touch up text: Chris Buechler
09:35 AM Revision 9b23ce90: touch up text: Chris Buechler
09:00 AM Bug #4418: IPsec mobile clients - bogus "p" appended to search domain: Applied in changeset commit:b47f7d65d376e3c401cbda05c4d0ad60abb87d41. Renato Botelho
09:00 AM Bug #4418 (Feedback): IPsec mobile clients - bogus "p" appended to search domain: Applied in changeset commit:b93bc1fd4995e731a51d461c8c4b08610ddbf7c1. Renato Botelho
06:49 AM Bug #4418: IPsec mobile clients - bogus "p" appended to search domain: Running todays snapshot (Thu Mar 05 23:16:42 CST 2015 ) upon entering split dns domains it won't allow me to enter mo... Steve Wheeler
06:57 AM Revision 9c370fe6: Use get_failover_interface here to find appropriate interface. Ticket #4482: Conflicts:
etc/inc/ipsec.inc Chris Buechler
06:55 AM Revision a115e2e1: Use get_failover_interface here to find appropriate interface. Ticket #4482: Chris Buechler
06:46 AM Revision d8e4918f: same change as previous commit, for IPv6. Ticket #4482: Chris Buechler
06:45 AM Revision c406924f: same change as previous commit, for IPv6. Ticket #4482: Chris Buechler
06:40 AM Revision aeaa6143: Use the parent interface, not the _vip for interfaces_use. Part of Ticket #4482: Chris Buechler
06:39 AM Revision 29de629e: Use the parent interface, not the _vip for interfaces_use. Part of Ticket #4482: Chris Buechler
06:03 AM Bug #4117 (Resolved): Using run(4) USB WLAN in hostap mode crashes in FreeBSD 10.x: confirmed resolved Chris Buechler
05:51 AM Revision c0e5ab96: Destroy stf interface when 6rd or 6to4 tunnel is disabled. Fixes #4471: Conflicts:
etc/inc/interfaces.inc Chris Buechler
05:49 AM Revision df966626: Destroy stf interface when 6rd or 6to4 tunnel is disabled. Fixes #4471: Chris Buechler
05:42 AM Bug #4475 (Resolved): 6rd prefix validation message is not displaying correct range: Thanks Chris Buechler
05:41 AM Bug #4238 (Resolved): Firewall rule: source port display issue: fixed Chris Buechler
05:41 AM Bug #4312 (Confirmed): Bridge advanced settings not always applied after interface is added to bridge: it works in general. seems specific to tap interfaces, probably at least partially because they come up/are changed l... Chris Buechler
04:58 AM Revision 93a72cb8: Be nicer when checking if alias is numeric: Because an ordinary port can be numeric here.
Forum https://forum.pfsense.org/index.php?topic=89906.0
Conflicts:
... Phil Davis
04:53 AM Revision 6021c6f9: Merge pull request #1543 from phil-davis/patch-3: Chris Buechler
04:46 AM Bug #4490 (Feedback): slight error in builder_scripts/scripts/buildports.sh: Fixed Renato Botelho
04:27 AM Revision a97a77a2: Be nicer when checking if alias is numeric: Because an ordinary port can be numeric here.
Forum https://forum.pfsense.org/index.php?topic=89906.0 Phil Davis
04:12 AM Revision 95f1227e: fix up text: Chris Buechler
04:12 AM Revision f54229df: fix up text: Chris Buechler
03:43 AM Revision 879d59d8: Don't save config if input validation fails. Add input validation preventing "Harden DNSSEC Data" from being enabled if DNSSEC support isn't enabled.: Chris Buechler
03:40 AM Revision 1bfb95f3: Don't save config if input validation fails. Add input validation preventing "Harden DNSSEC Data" from being enabled if DNSSEC support isn't enabled.: Chris Buechler
03:10 AM pfSense Packages Bug #4491 (Resolved): Incorrect module location in start up script for Open-VM-Tools: After upgrade from 2.1.5 to 2.2 and reinstall open-vm-tools package I realize that open-vm-tools kernel modules were ... Anonymous
02:59 AM Bug #4482 (Feedback): IPsec on gateway group with VIPs not working: seems to be fixed, Ermal will review. Chris Buechler
12:55 AM Bug #4482 (Confirmed): IPsec on gateway group with VIPs not working: seems fixed now, to Ermal for review. Chris Buechler
02:11 AM Bug #4266: Rekeying issues with IKEv1 and multiple P2s under some circumstances: Thanks for that, Christian. I believe this issue pre-dates that timing, though I see one specific change in that time... Chris Buechler
01:10 AM Bug #4266: Rekeying issues with IKEv1 and multiple P2s under some circumstances: We have several systems with that issue, none of them has "prefer older ipsec sa" enabled (switching that option does... tb o
01:56 AM Bug #1420: Changing a WAN's type from PPPoE to other breaks it: I ran into this bug on a pfSense 2.2 box. Procedure to recreate was to do the following:
1. Setup PPPoE Interface... Rob Turner
01:37 AM Bug #4333 (Resolved): Shaper wizard retains and uses incorrect info when supplying a different count of interfaces on future runs: fixed Chris Buechler
01:35 AM Revision 73cdd9f0: Remove the harden-glue option entirely and hard code it to yes. Ticket #4402: Chris Buechler
01:35 AM Revision 5c7c369f: Remove the harden-glue option entirely and hard code it to yes. Ticket #4402: Chris Buechler
01:34 AM Bug #4389 (Resolved): gif0 tunnel for ipv6 using a carp-ip to the outside world stops working upon reboots and some config changes: fixed Chris Buechler
01:05 AM Bug #4378 (Feedback): editing one of multiple pppoe connections with dial on demand enabled changes port assignment: I can't replicate as described. I thought it was something to do with VLANs, but it works fine there in the exact con... Chris Buechler

03/05/2015

11:50 PM Bug #4471 (Feedback): stf tunnel interface is not destroyed when 6rd or 6to4 tunnel is disabled: Thanks Paul. I merged that, though had to do so manually because of whitespace changes in the mean time. leaving for ... Chris Buechler
11:30 PM Bug #4469 (Confirmed): Using string 'local' on auth server 'Descriptive Name' make it fails: Chris Buechler
11:24 PM Bug #4435 (Resolved): Invalid increment in DHCP6 server address range check: fixed. Thanks Daniel for the contributions! Chris Buechler
11:23 PM Bug #4246 (Confirmed): Fix "netstat -gW" behavior broken in r259638.: MROUTING is there, the bug is in netstat. subject updated to cause.
patch in 265096 doesn't seem to apply cleanly... Chris Buechler
11:20 PM Bug #4433 (Resolved): DHCP6 only pushes name server info to tracked interfaces if delegation prefix length is less than /64: fixed Chris Buechler
10:26 PM Bug #4117 (Feedback): Using run(4) USB WLAN in hostap mode crashes in FreeBSD 10.x: There is a fix for this upstream, so we've imported it.
this is the bug: https://bugs.freebsd.org/bugzilla/show_b... Chris Buechler
08:58 PM Bug #4485 (Resolved): last commit broke globals.inc: fixed Chris Buechler
08:53 PM Bug #4485: last commit broke globals.inc: Confirmed resolved after gitsync. Thanks. Gavin J
07:47 PM Bug #4402 (Resolved): Unbound: enable harden-glue by default and/or apply patch: 2.2.1 has Unbound 1.5.2, has hard coded harden-glue yes, and removed that option from the GUI entirely to discourage ... Chris Buechler
03:09 PM Revision 6d1db7ec: Encode and check values for filtering variables in diag_logs_filter.php: Jim Pingle
03:08 PM Revision 5ec3f37f: Encode and check values for filtering variables in diag_logs_filter.php: Jim Pingle
03:01 PM Revision 32787389: Do not render the services_unbound_acls page with an invalid ID.: Jim Pingle
03:00 PM Revision 033663df: Do not render the services_unbound_acls page with an invalid ID.: Jim Pingle
02:56 PM Revision e52c3c88: Stricter validation and encoding for traffic shaper queues.: Jim Pingle
02:55 PM Revision 108be9a5: Stricter validation and encoding for traffic shaper queues.: Jim Pingle
02:41 PM Revision c678ca65: Jettison unused dragtable code from firewall_rules.php, it was broken and inactive and only causing trouble.: Jim Pingle
02:40 PM Revision c49db631: Jettison unused dragtable code from firewall_rules.php, it was broken and inactive and only causing trouble.: Jim Pingle
02:32 PM Revision 44a06d7d: Improve validation and encoding of the zone for Captive Portal Status: Jim Pingle
02:32 PM Revision d9295c2e: Improve validation and encoding of the zone for Captive Portal Status: Jim Pingle
02:01 PM Revision eae1fb1d: Be more strict about the file to restore or delete when working with full backups.: Jim Pingle
02:00 PM Revision 707ed023: Be more strict about the file to restore or delete when working with full backups.: Jim Pingle
11:33 AM Bug #4477 (Rejected): php-fpm linked against obsolete libpcre version: It's not obsolete, a change was made on pcre on FreeBSD port and a hack was removed, because of that the version has ... Renato Botelho
10:17 AM Bug #4408: Changes to DHCP-services crashes GUI and DHCP daemon when many leases are in use: I have similar problems since I updated from version 2.0 to 2.1, when I change something in the DHCPd settings I see ... Patrick S
09:28 AM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic: Just to add some further information. This bug is hit if you use Limiters on LAN and are also running Squid in transp... Steve Wheeler
07:57 AM Bug #4210: Bring back a FTP proxy: Thanks man! I'll test it. On forum a lot of people criticized the use of FTP, but as a legacy measure, we must keep i... Daniel Cabral
03:23 AM Bug #4490 (Resolved): slight error in builder_scripts/scripts/buildports.sh: In the routine "is_port_installed" in lines 95/101 the "if..fi" structure is broken.
Thomas Hilse
02:36 AM pfSense Packages Feature #4489: Add Varnish 4 Plugin: I made a mistake in my wording..
"We might want to add the X-Forwarded-Proto header to the vcl_hash for -non-text- t... Joshua Ruehlig
02:30 AM pfSense Packages Feature #4489 (Needs Patch): Add Varnish 4 Plugin: I request we add an plugin for www/varnish4 (added to the ports tree 3/3/2015).
VCL changes from varnish3 to varni... Joshua Ruehlig

03/04/2015

11:49 PM Bug #4475: 6rd prefix validation message is not displaying correct range: Fix looks good on 2.2 branch. Thanks Renato. Paul K
10:16 PM Revision 8106d446: allow enabling Unbound when dnsmasq is enabled, if they're using diff: ports. Ticket #4332 Chris Buechler
10:16 PM Revision 0fe628a6: allow enabling Unbound when dnsmasq is enabled, if they're using diff: ports. Ticket #4332 Chris Buechler
09:51 PM Revision 7df02c1e: Skip any numeric-only aliases in the ruleset to prevent errors from those: who configured them on previous versions where that was allowed. Ticket Chris Buechler
09:46 PM Revision 9bfb45ab: Skip any numeric-only aliases in the ruleset to prevent errors from those: who configured them on previous versions where that was allowed. Ticket Chris Buechler
08:25 PM Bug #4390 (Resolved): Cannot create an IP alias on a CARP interface where the actual Interface address is in a different network: fixed Chris Buechler
04:15 PM Bug #4332 (Resolved): Unable to run DNS Forwarder (dnsmasq) and DNS Resolver (unbound) simultaneously on different ports: fixed Chris Buechler
03:54 PM Bug #3669 (Resolved): WAN IPs not being cached causing unnecessary "rc.start_packages: Restarting/Starting all packages": last part fixed in 2.2.1, remainder fixed quite some time ago. Chris Buechler
03:50 PM Bug #4289 (Resolved): Invalid alias using a numerical name causes a filter reload error: fixed, a notice is filed and the alias skipped if its name is only numeric. Chris Buechler
03:05 PM Bug #4210: Bring back a FTP proxy: As a stop gap measure for the time being, I created a basic FTP Client Proxy package using ftp-proxy(8) from FreeBSD ... Jim Pingle
03:02 PM Bug #4444 (Resolved): Reverse lookup domain overrides and "Do not forward private reverse lookups": fixed Chris Buechler
02:59 PM Feature #4176 (Resolved): Add support for SMTP authentication mechanisms: works Chris Buechler
02:19 PM Bug #4177: Bug in OpenVPN user/pass auth: Maybe to shorten it:
/usr/local/sbin/ovpn_auth_verify might read:... Maciej Blachnio
12:55 PM Bug #4177: Bug in OpenVPN user/pass auth: True. Why did I not think of that :)
Anyway, I believe this should be commited somewhere in a new release.
Regards
... Maciej Blachnio
12:26 PM pfSense Packages Bug #4410: pfBlockerNG adding commented IPs: This is now working and the ticket can be closed. Thanks BBcan177 for the fix. Sorry it took so long to get back with... Ryan .
12:23 PM Revision 24ad8e26: Add missing comma. Fixes #4485: Jim Pingle
12:22 PM Revision a832806c: Add missing comma. Fixes #4485: Jim Pingle
06:30 AM Bug #4485: last commit broke globals.inc: Applied in changeset commit:24ad8e26a6437e32afe3330b79d2565c052c993e. Jim Pingle
06:30 AM Bug #4485 (Feedback): last commit broke globals.inc: Applied in changeset commit:a832806cba853262bac7a189954102e0a67a5511. Jim Pingle
06:19 AM Bug #4485 (Resolved): last commit broke globals.inc: Hi Jim,
The last commit you made to globals.inc (http://freshbsd.org/commit/pfsense/1dbe220c9b201550bf9f10c45ab14b8d... Gavin J
05:40 AM Revision 227e2146: Enable UnicastOnly in radvd for ovpn* interfaces. Ticket #4455: Chris Buechler
05:40 AM Revision e03b6bbc: Enable UnicastOnly in radvd for ovpn* interfaces. Ticket #4455: Chris Buechler
04:17 AM pfSense Packages Bug #4084: Check_mk agent doesn't work: wrong bash path: Fix would be the following: https://github.com/pfsense/pfsense-packages/pull/829 Peter Baumann
03:35 AM pfSense Packages Bug #4084: Check_mk agent doesn't work: wrong bash path: I found a solution to the problem.
Since the check_mk pfSense Package is downloading the latest check_mk_agent.freeb... Peter Baumann
12:57 AM Bug #2526 (Resolved): Limiter appears to break IPv6 connectivity: confirmed, limiters work correctly on v6 now. Chris Buechler

03/03/2015

11:42 PM Bug #4384 (Resolved): missing input validation in captive portal: fixed Chris Buechler
11:39 PM Bug #4455 (Resolved): Router Advertisment Daemon does not add UnicastOnly for OpenVPN interfaces: thanks for the report. Fixed. I matched it on ovpn* rather than only a server interface. Chris Buechler
11:32 PM Bug #4275 (Resolved): ASN.1 DN needs double quotes in config file: fixed Chris Buechler
11:31 PM Feature #4359 (Resolved): IPsec controlling uniqueid value: works Chris Buechler
10:36 PM Revision 6690eb14: Merge branch 'master' into feature/easyrule-unblock: Conflicts:
etc/inc/easyrule.inc Oliver Welter
10:10 PM Feature #4360 (Resolved): IPsec allow making a connection repsonder only: works Chris Buechler
09:51 PM Bug #4239 (Resolved): athstats, cryptostats, cryptotest missing from 2.2 builds: fixed Chris Buechler
09:34 PM Bug #4177: Bug in OpenVPN user/pass auth: The extra base64 encoding is not needed. The problem is that base64 can produce three non-alphanum characters: =, +... Dave Crane
07:19 PM Revision 1dbe220c: Tweak the carp demotion factors slightly to avoid CARP transitions that are most likely unnecessary.: Jim Pingle
07:18 PM Revision 0b3cf7da: Tweak the carp demotion factors slightly to avoid CARP transitions that are most likely unnecessary.: Jim Pingle
06:52 PM Bug #4454 (Confirmed): scrub random-id + PPPoE + IPsec + communication to LAN IP = kernel panic on 32 bit: subject updated to what appears to be the specific issue here. this is a very unusual circumstance. The other issues ... Chris Buechler
04:02 PM Revision dedc40f7: Fix password box in diag_authentication: In 2.2 when I go to Diagnostics->Authentication the password field shows the little lock icon, but the text input are... Phil Davis
02:07 PM Feature #1835: uPNP IPv6 support: If you do a "sockstat" with the new binary running, you should see that it's now listening on v4 and v6 sockets, wher... Daniel Becker
02:05 PM Feature #1835: uPNP IPv6 support: Denis Dzyubenko wrote:
> Denis Dzyubenko wrote:
> > I just tried this binary and I see no changes between this and ... Denis Dzyubenko
01:56 PM Feature #1835: uPNP IPv6 support: Denis Dzyubenko wrote:
> I just tried this binary and I see no changes between this and the original miniupnpd in pf... Denis Dzyubenko
01:54 PM Feature #1835: uPNP IPv6 support: I just tried this binary and I see no changes between this and the original miniupnpd in pfsense 2.2
Actually afte... Denis Dzyubenko
01:20 PM Feature #1835: uPNP IPv6 support: Attached is an amd64 binary of miniupnpd with the patches in #4320 and #4321 applied; you can just copy it to /usr/lo... Daniel Becker
01:14 PM Feature #1835: uPNP IPv6 support: There's a patch to enable IPv6 in miniupnpd in issue #4321, but so far it doesn't look like anybody's looked at it. Daniel Becker
01:08 PM Feature #1835: uPNP IPv6 support: Is there an update on this? I am running pfsense 2.2 but it seems upnp here still doesn't support ipv6 :( Denis Dzyubenko
01:03 PM Bug #4310 (Resolved): Limiters + HA results in hangs on secondary: fixed Chris Buechler
12:06 PM Revision 6cf2c8b0: Code style etc inc z: end of code style review for the etc folder tree Phil Davis
11:09 AM Revision 6e4c199b: Make the DHCP network booting options line up: by putting the text and selection boxes into a 2-column table so that it can be rendered with the boxes lined up vert... Phil Davis
11:09 AM Revision be83cc29: Merge pull request #1539 from phil-davis/patch-7: Renato Botelho
11:08 AM Revision 6cf3278f: system_groupmanager edit cancel button looks small: It looks smaller and different to the Save button. This makes it the same. Phil Davis
11:08 AM Revision 2c5ca6ae: Merge pull request #1538 from phil-davis/patch-6: Renato Botelho
11:08 AM Revision f636bc12: system_usermanager edit cancel button looks small: It looks smaller and different to the Save button. This makes it the same. Phil Davis
11:07 AM Revision d9ac2354: Merge pull request #1537 from phil-davis/patch-5: Renato Botelho
11:07 AM Revision 1626b5ad: Make the Power Mode selection boxes line up: by putting the text and selection boxes into a 2-column table so that it can be rendered with the boxes lined up vert... Phil Davis
11:07 AM Revision db949a19: Standardise power mode selection boxes: I noticed that this looked a little odd, the boxes for AC and Battery Power Mode are 1 after the other on the same li... Phil Davis
11:06 AM Revision 3a1810a9: Merge pull request #1536 from phil-davis/patch-4: Renato Botelho
11:05 AM Revision bd5a8268: Add missing BR tags and fix display with pfsense_ng_fs theme: Fixes #4481
Similar issue to commit https://github.com/pfsense/pfsense/commit/5cfd948144741ba0d6981f89b2e40257cb9ef2b... Phil Davis
11:05 AM Revision f6aa92a1: Merge pull request #1535 from phil-davis/patch-3: Renato Botelho
11:03 AM Revision adbbd4f9: Merge pull request #1533 from phil-davis/Code-Style-etc-inc-u: Renato Botelho
11:02 AM Revision 52886a07: Merge pull request #1532 from phil-davis/Code-Style-etc-inc-r-s: Renato Botelho
11:01 AM Revision 603a97cb: Be safe use require_once in zeromq: I was testing code and just doing stuff like:
require_once("zeromq.inc");
in Diagnostics->Command Prompt, PHP Execute... Phil Davis
11:01 AM Revision cb743abb: Merge pull request #1531 from phil-davis/patch-2: Renato Botelho
10:48 AM Revision ec67423b: Make the DHCP network booting options line up: by putting the text and selection boxes into a 2-column table so that it can be rendered with the boxes lined up vert... Phil Davis
10:26 AM Bug #4481 (Resolved): DHCP server - Dynamic DNS options layout messed up: Renato Botelho
08:49 AM Bug #4481: DHCP server - Dynamic DNS options layout messed up: Fixed, thanks. ;) Kill Bill
05:20 AM Bug #4481: DHCP server - Dynamic DNS options layout messed up: Applied in changeset commit:bd5a82681d7c9206799a4b72ffa943ec648ef47f. Phillip Davis
05:20 AM Bug #4481 (Feedback): DHCP server - Dynamic DNS options layout messed up: Applied in changeset commit:6b16c91c511723b8343fe6339b8e6c16b648c186. Phillip Davis
07:12 AM Revision 47aa60f9: Make the Power Mode selection boxes line up: by putting the text and selection boxes into a 2-column table so that it can be rendered with the boxes lined up vert... Phil Davis
06:53 AM Revision 86481f75: system_groupmanager edit cancel button looks small: It looks smaller and different to the Save button. This makes it the same. Phil Davis
06:45 AM Revision 3cd4406f: system_usermanager edit cancel button looks small: It looks smaller and different to the Save button. This makes it the same. Phil Davis
06:28 AM Revision ebfb1d0b: Standardise power mode selection boxes: I noticed that this looked a little odd, the boxes for AC and Battery Power Mode are 1 after the other on the same li... Phil Davis
06:18 AM Revision 911cc213: Remove "Prefer old SA" option, and ignore it in all existing configurations. Breaks things in many cases with strongSwan. For the very rare circumstances where this is actually desirable, it's just a sysctl that can be set in tunables.: Chris Buechler
06:16 AM Revision 58c58dcf: Remove "Prefer old SA" option, and ignore it in all existing configurations. Breaks things in many cases with strongSwan. For the very rare circumstances where this is actually desirable, it's just a sysctl that can be set in tunables.: Chris Buechler
05:56 AM Revision 6b16c91c: Add missing BR tags and fix display with pfsense_ng_fs theme: Fixes #4481
Similar issue to commit https://github.com/pfsense/pfsense/commit/5cfd948144741ba0d6981f89b2e40257cb9ef2b... Phil Davis
05:55 AM Bug #1493: pf blocks all traffic following filter reload.: Chris Buechler wrote:
> nothing you're encountering today has any relation to this issue. I suspect any such issues ... andres g
04:21 AM Bug #4484: Interfaces LAGG edit pfsense_ng_fs theme bold is not rendering: Diagnostics->Edit File
Where it gives progress messages like "File successfully saved" - that comes out bold in pfse... Phillip Davis
01:38 AM Bug #4484 (Closed): Interfaces LAGG edit pfsense_ng_fs theme bold is not rendering: In pfsense_ng theme the head-words "failover" "fec" "lacp" render in bold. They are each followed by plain text descr... Phillip Davis
02:21 AM Bug #4210: Bring back a FTP proxy: Chris Buechler wrote:
> In a completely default config, passive FTP clients will work fine. The default LAN rule per... Reqlez Guy
12:53 AM Feature #4179: Driver oce is missing from 2.2 RC: Mathieu FRAPPIER wrote:
> When I load the module, using kldload, I got the following output:
>
> oce0: <Emulex CN... Mathieu FRAPPIER
12:46 AM Bug #4302 (Resolved): Several DSCP choices are non-functional and result in a broken ruleset: fixed Chris Buechler
12:36 AM Bug #4381 (Resolved): Bring back the automatic captive portal pass rule to allow users to reach lighttpd on the proper captive portal port: works Chris Buechler
12:25 AM Bug #4274 (Resolved): Marking a packet with only a number results in a broken rule: fixed Chris Buechler
12:24 AM Bug #4434 (Resolved): Enabling NTP graphs does not take effect right away: fixed, thanks Paul. Chris Buechler
12:23 AM Bug #4245 (Resolved): after disabling ipsec, "# VPN Rules" are still loaded: fixed Chris Buechler
12:21 AM Bug #4432 (Resolved): Net_IPv6::compress() does not properly handle all-zeroes address: fixed Chris Buechler
12:05 AM Bug #4393 (Resolved): syslogd stops and fails to restart during boot in some cases: confirmed fixed multiple times. Chris Buechler

03/02/2015

11:56 PM Bug #4481: DHCP server - Dynamic DNS options layout messed up: I made a pull request to fix that: https://github.com/pfsense/pfsense/pull/1535 Phillip Davis
08:27 PM Bug #4481: DHCP server - Dynamic DNS options layout messed up: Now I tries with psense_ng_fs theme and can see the problem. That is the different factor. The full screen width is m... Phillip Davis
11:51 AM Bug #4481: DHCP server - Dynamic DNS options layout messed up: https://github.com/pfsense/pfsense/commit/5cfd948144741ba0d6981f89b2e40257cb9ef2b1 <= this is missing with services_d... Kill Bill
11:47 AM Bug #4481: DHCP server - Dynamic DNS options layout messed up: Exact same messed up layout on multiple 2.2 nanobsd boxes. Dunno guys, but I can see obviously missing BR tags on lin... Kill Bill
06:54 AM Bug #4481: DHCP server - Dynamic DNS options layout messed up: That made me update my home system to 2.2.1-DEVELOPMENT - time to be checking/testing with that anyway. From Firefox ... Phillip Davis
02:36 AM Bug #4481: DHCP server - Dynamic DNS options layout messed up: Apparently I was not specific enough. This is in the "DHCP Static Mappings for this interface." -- i.e., when you add... Kill Bill
10:24 PM Bug #4483 (Resolved): SLAAC and stateful DHCP6 IPs are configured on interface when using DHCP6 config type: If I set my WAN IPv6 configuration type to DHCP6 and leave 'Request only a IPv6 prefix' unchecked I end up with two p... Paul K
06:54 PM Revision 751533a2: Code style etc inc u: Phil Davis
06:26 PM Revision 61e047a5: Code style etc in r s: Phil Davis
05:05 PM Bug #4482 (Resolved): IPsec on gateway group with VIPs not working: IPsec connections that are bound to a gateway group using VIPs end up omitted from ipsec.conf, and are missing their ... Chris Buechler
05:03 PM Revision 86084233: Be safe use require_once in zeromq: I was testing code and just doing stuff like:
require_once("zeromq.inc");
in Diagnostics->Command Prompt, PHP Execute... Phil Davis
03:49 PM Bug #4468 (Confirmed): radvd multiple prefix not working: that's never worked from the looks of it. Chris Buechler
03:34 PM Bug #4081: Apinger reporting incorrect latency: I had this problem on a clean plain install of 2.2 using a cable modem DHCP WAN with no explicitly set or override of... Stuart Wyatt
01:59 PM Bug #1493: pf blocks all traffic following filter reload.: nothing you're encountering today has any relation to this issue. I suspect any such issues on 2.2 have the same root... Chris Buechler
10:19 AM Bug #1493: pf blocks all traffic following filter reload.: I can confirm that I am experiencing the same with 2.2-Release (AMD64) version.
Any updates on this? andres g
01:25 PM Bug #4177: Bug in OpenVPN user/pass auth: Sorry for the mess.
The diff below should have looked like this:... Maciej Blachnio
01:23 PM Bug #4177: Bug in OpenVPN user/pass auth: Hi,
I've stumbled upon a special case where my client invented a super complicated password and got what he had comi... Maciej Blachnio
12:10 PM Revision 8f5f40c9: Merge pull request #1529 from phil-davis/Code-Style-pkg-utils: Renato Botelho
12:08 PM Revision 0f6a1db1: Merge pull request #1528 from phil-davis/Code-Style-putil: Renato Botelho
11:55 AM Revision 76de1b3f: Merge pull request #1526 from phil-davis/Code-Style-openvpn: Renato Botelho
11:51 AM Revision 969a5793: Merge pull request #1525 from phil-davis/Code-Style-etc-inc-i-to-p: Renato Botelho
10:39 AM Revision c8703520: Ancient bug on upgrade_014_to_015: This code looked silly the way it was, with the construct:
$var = $var;
unset($var);
Seems it was accidentally chang... Phil Davis
10:39 AM Revision a469662b: Merge pull request #1530 from phil-davis/patch-2: Renato Botelho

03/01/2015

08:16 PM Bug #4481: DHCP server - Dynamic DNS options layout messed up: services_dhcp.php has not changed since 1 Jan 2015 so should be the same in 2.2
I do not see this problem in 2.2
Wh... Phillip Davis
01:23 PM Bug #4481 (Resolved): DHCP server - Dynamic DNS options layout messed up: !http://i.imgur.com/V155ffo.png! Kill Bill
03:46 PM Revision 839966e3: Ancient bug on upgrade_014_to_015: This code looked silly the way it was, with the construct:
$var = $var;
unset($var);
Seems it was accidentally chang... Phil Davis
01:02 PM Bug #4155: ntpd crashes on 32 bit with dynamic WAN reconnections and OpenVPN client configured: Why not just remove system_ntp_configure and ntp_sync_once.sh from rc.newwanip and rc.newwanipv6 (https://forum.pfsen... Charlie m
09:11 AM Bug #4401: remove xen netfront driver until it can handle altq: You make a really good job and if XN+ALTQ is working in 2.2.2 we'll never spoke about that.
It's never xen which c... Grischa Zengel

02/28/2015

08:40 PM Bug #4401: remove xen netfront driver until it can handle altq: Removing this would not result in 100% upgrade success, it'd result in 100% of already upgraded and fixed systems bre... Chris Buechler
01:02 PM Bug #4401: remove xen netfront driver until it can handle altq: If it's come with 2.2.2 I can wait.
But if not I think 100% update success is better than 80% faster running systems... Grischa Zengel
03:57 AM Bug #4401 (Rejected): remove xen netfront driver until it can handle altq: We will get ALTQ support into xn for 2.2.2. We'll track that on the original ticket for that problem, #4345
We're ... Chris Buechler
05:24 PM Revision 49aec489: Code style for pkg-utils: Phil Davis
02:40 PM Revision 23a193da: Code style for pfsense-utils: Phil Davis
02:27 PM Revision bb235b27: Merge pull request #1527 from phil-davis/patch-2: Renato Botelho
12:56 PM Revision 472da675: Semi-colon went AWOL in dyndns.class: after putting it back the code runs much better :) Phil Davis
09:19 AM Bug #4480: DHCP self-reported hostnames not synced properly: Thanks, I'd tried searching for existing bugs on this one but there were so many items mentioning DHCP that I couldn'... Eduard Rozenberg
02:38 AM Bug #4480 (Rejected): DHCP self-reported hostnames not synced properly: duplicate of #4061 Chris Buechler
09:01 AM Revision ef00af3c: Code style openvpn.inc: Phil Davis
08:40 AM Revision b37a2e8c: Code style for etc inc i to p: Phil Davis
04:58 AM Bug #4178: IPsec leftsubnet changed to 0.0.0.0 with Cisco unity plugin active: I renamed `libstrongswan-unity.so` to `libstrongswan-unity.so.orig` three days ago, and the tunnel has stayed up all... Brian Candler
03:48 AM Bug #4345 (Confirmed): Traffic Shaping doesn't work with Xen netfront driver: updated subject to specific issue at hand here. Chris Buechler
03:46 AM Bug #4365 (Feedback): ALTQ Traffic Shaping is not working in pfSense 2.2 when run on Hyper-V 2012 R2: that message means there are no queues in the running ruleset. I suspect this is actually a duplicate of a different ... Chris Buechler

02/27/2015

09:14 PM Bug #4480 (Rejected): DHCP self-reported hostnames not synced properly: Hello,
I noticed that if a few of my servers are set up to self-report hostnames to DHCP (active lease type), the ... Eduard Rozenberg
03:25 PM Bug #4479 (New): Firewall rules won't match GRE interface after applying IPSEC transport encryption on GRE tunnel: I have an issue with IPSEC where my GRE tunnels work fine until I turn on transport encryption with IPSEC. After IPSE... Jonathan Black
03:09 PM Bug #4465 (Rejected): Traffic utilization error egress on vlan interface: yeah, duplicate of #3314 Chris Buechler
03:06 PM Bug #4478 (Rejected): radvd running though disabled in CARP setup: radvd stops/starts with CARP status where it's bound to a CARP IPv6 IP. If you bind it to a specific interface, that'... Chris Buechler
04:44 AM Bug #4478 (Rejected): radvd running though disabled in CARP setup: I'm running a CARP setup with two routers IPv6 only.
I don't know what the exact behaviour *should* be but when both... Pim Pish
02:35 PM Revision 139deffb: Merge pull request #1524 from phil-davis/Code-Style-Guide-Interfaces-inc: Renato Botelho
01:57 PM Revision e59410d5: Merge pull request #1523 from phil-davis/patch-2: Renato Botelho
01:36 PM Revision fd74eeea: Merge pull request #1522 from phil-davis/Code-Style-Guide-etc-inc-f-to-g: Renato Botelho
01:26 PM Bug #4402: Unbound: enable harden-glue by default and/or apply patch: Olivier Müller wrote:
> Thanks for the fixes !
>
> On this topic, Unbound 1.5.2rc1 has just been released, and f... Renato Botelho
12:29 PM Bug #4363 (Resolved): gpioapu causes kernel panic at boot on some hardware: confirmed fixed Chris Buechler
08:24 AM Bug #4364: cannot change or set keymap during and after install: Hi,
I can confirm that. Just downloaded a 2.2 full iso, installed it : no video or keymap choices at install time, a... Frank Soyer
05:28 AM Revision cf73302f: Code style guide interfaces.inc: This is another big file that has many diffs so Github refuses to
display them. I thought it best to keep doing indiv... Phil Davis
04:35 AM pfSense Packages Bug #4453: Squid-in-the-middle SSL Bump downgrades client SSL/TLS connections: such a terrible idea to use this. But, legit issue if that is a problem Chris Buechler
04:32 AM Todo #4338 (Resolved): Upgrade PHP to 5.5.22: confirmed Chris Buechler
04:31 AM Bug #3979 (Resolved): 2.2 IPsec NAT-T / MOBIKE IKEv2 control: fixed Chris Buechler
04:30 AM Bug #4464 (Feedback): Config restore forces serial console to be enabled: the C2758s we sell display VGA fine regardless of primaryconsole configuration. A good chunk of the boot process, fro... Chris Buechler
04:19 AM Bug #4445 (Resolved): Applying NAT changes in Hyper-V can break running NAT config: fixed Chris Buechler
04:17 AM Bug #4436 (Resolved): dhcp6c requests prefix delegation when no tracking interfaces are configured: thanks for the confirmation, Paul. I confirmed as well, fixed. Chris Buechler
04:16 AM Bug #4317 (Resolved): firewall_edit_nat.php - memory exhaustion on 32 bit with VIP range: Chris Buechler
03:42 AM pfSense Packages Bug #4084: Check_mk agent doesn't work: wrong bash path: The Problem is that with 2.2-RELEASE bash is not there anymore so check_mk_agent will not work.
After installing bas... Peter Baumann

02/26/2015

07:53 PM Bug #4352 (Closed): 2.2 syslogd exiting sig 15 when boot finishes: it's fixed in 2.2.1. this is actually a duplicate of #4393 which has the specific cause and commits that fixed. Chris Buechler
06:10 AM Bug #4352: 2.2 syslogd exiting sig 15 when boot finishes: Did you ever find a resolution to this? We're seeing the exact same behavior. James S
04:39 PM Revision 918bdf0d: More style guide changes: In gwlb.inc at line 676 and 779 I added an extra set of brackets. In the
"if" clause as a whole there were a mix of &... Phil Davis
03:59 PM Revision e6cbfb65: Code style guide changes for filter.inc 2nd version: This is the changes to filter.inc as per the commits in https://github.com/pfsense/pfsense/pull/1521 but done in just... Phil Davis
03:56 PM Bug #4477 (Rejected): php-fpm linked against obsolete libpcre version: This regressed somewhere after 2.2 release and been going for ever since the 2.2.1 snapshots have been made available... Kill Bill
03:48 PM Bug #4328: Some symlinks not updated by full update: Still broken. Really, I feel somehow the point gets missed here - is there actually some upgrade script to clean up t... Kill Bill
01:34 PM Revision 59f64414: Fix track6 prefix id range in error message, reported on Pull Request #1517: Renato Botelho
01:34 PM Revision aa2370d8: Fix track6 prefix id range in error message, reported on Pull Request #1517: Renato Botelho
01:26 PM Revision 5b06d6ad: Fix type (trime->trim): Jim Pingle
01:26 PM Revision a41d910c: Fix type (trime->trim): Jim Pingle
01:20 PM pfSense Packages Bug #4217 (Feedback): siproxd on pfSense 2.2-RELEASE i386 fails to start: Applied in changeset commit:e7aca8a470e3ea13e018c99f7db4351c4119f082. Renato Botelho
01:12 PM Revision ae52d165: Fix indent and remove some unecessary (): Renato Botelho
12:38 PM Revision ae3b187a: Merge pull request #1520 from phil-davis/Code-Style-Guide-etc-inc-a-to-e: Renato Botelho
12:37 PM Revision 9c8e788c: Merge pull request #1519 from phil-davis/Code-style-etc-misc: Renato Botelho
12:31 PM Revision e607009a: Check if variables are set before trying to pass them to function substr_count to avoid generating PHP alerts.: k-paulius
12:31 PM Revision 9e52dca6: Merge pull request #1518 from k-paulius/fix-ntpd-unset-vars: Renato Botelho
12:28 PM Revision 2798bb68: interface_netgraph_needed can miss setting found equals true: This routine seems to go looking to see if the passed-in interface is PPP-style. At the end, if it is not PPP-style t... Phil Davis
12:28 PM Revision ded7e5bf: Merge pull request #1516 from phil-davis/patch-2: Renato Botelho
12:25 PM Revision 7136682e: Merge pull request #1515 from phil-davis/Style-updates: Renato Botelho
11:15 AM Bug #4392: OpenVPN daemon crashing with ath(4) card installed: This error also occurs almost every minute on my pfSense firewall since the update to 2.2. Is there a any solution to... David Masshardt
08:25 AM Revision 9ba87997: Code Style Guide etc inc f to g: Phil Davis
07:36 AM Revision 777291a2: remove unused legacy code: Chris Buechler
07:35 AM Revision 8cf108b2: remove unused legacy code: Chris Buechler
07:33 AM Bug #4475 (Feedback): 6rd prefix validation message is not displaying correct range: Pushed a fix commit:aa2370d8341b9ece91c30a500aac4c19a4e78795 and commit:59f64414ab456ea56751c0381b625205a28e064a Renato Botelho
07:32 AM Revision 71a690bb: Log ifconfig commands used to setup wireless interfaces: Chris Buechler
07:32 AM Revision 95d2d24b: Log ifconfig commands used to setup wireless interfaces: Chris Buechler
05:42 AM Revision 1e0b1727: Code style guide etc in a to e: Phil Davis
05:14 AM Bug #4476 (Closed): pfSense blocks all new traffic after applying port forwarding changes: Version: 2.2-RELEASE (i386)
built on Thu Jan 22 14:04:25 CST 2015
FreeBSD 10.1-RELEASE-p4
I am using pfSense o... Daniel Milazar
03:50 AM Revision 1bfcf6f1: Code style guide changes for miscellaneous files: under etc Phil Davis
02:44 AM Revision 10221050: Check if variables are set before trying to pass them to function substr_count to avoid generating PHP alerts.: k-paulius
01:34 AM Bug #4383: Firewall log contains IGMP for rules that do not have logging on: Target for 2.2.2 looks good. This does not effect actual firewall functions from a security point of view - packet pa... Phillip Davis
12:12 AM Bug #4383 (Confirmed): Firewall log contains IGMP for rules that do not have logging on: I suspect the root issue here is logging of passed traffic with IP options regardless of whether logging is enabled o... Chris Buechler
12:39 AM Feature #4366 (Confirmed): Namecheap Dynamic DNS updates fail on subdomain formatted domains: Chris Buechler
12:13 AM Bug #4178 (Confirmed): IPsec leftsubnet changed to 0.0.0.0 with Cisco unity plugin active: this indeed is inadequate to fix the issue, we'll need that option to omit that plugin entirely. Chris Buechler

02/25/2015

08:46 PM Bug #4474: IP address change triggers reload of all packages: There are some packages that might like to know about interface state changes, including changes where the interface ... Phillip Davis
02:43 PM Bug #4474 (Confirmed): IP address change triggers reload of all packages: Hey!
When OpenVPN restarts and the clients or servers are assigned to interfaces, the packages are reloaded. They ... Cullen Trey
08:27 PM Revision 59eb0ce7: Put the bits to use the new reset utility: Ermal Luçi
08:26 PM Revision 3d163004: Put the bits to use the new reset utility: Ermal Luçi
07:53 PM Bug #4475: 6rd prefix validation message is not displaying correct range: Pull request: https://github.com/pfsense/pfsense/pull/1517 Paul K
07:50 PM Bug #4475 (Resolved): 6rd prefix validation message is not displaying correct range: If you enter incorrect IPv6 prefix on the interface that is set to 'Track Interface', validation message that is disp... Paul K
07:15 PM Bug #4436: dhcp6c requests prefix delegation when no tracking interfaces are configured: Tested on v2.2 branch. Config file is generated correctly now. Paul K
06:23 PM Bug #4434: Enabling NTP graphs does not take effect right away: Tested on 2.2 branch and it is working fine now.
Thanks for your feedback Renato. Paul K
06:08 PM Bug #4081: Apinger reporting incorrect latency: could this issue be aggravated by using google dns as monitor addresses as they are anycast?
Michael Kellogg
06:03 PM Bug #4081: Apinger reporting incorrect latency: with this about 20% of the time causes a mail storm makes the box inaccessible from webgui a reset of web configurato... Michael Kellogg
05:21 PM Revision 7af43cb0: interface_netgraph_needed can miss setting found equals true: This routine seems to go looking to see if the passed-in interface is PPP-style. At the end, if it is not PPP-style t... Phil Davis
04:48 PM Bug #4471 (Confirmed): stf tunnel interface is not destroyed when 6rd or 6to4 tunnel is disabled: Chris Buechler
03:22 PM Revision 883096d8: Ticket #4418 Actually make each entry a clear token to strongswan parser for dns_split: Ermal Luçi
03:22 PM Revision 4c9b272d: Ticket #4418 Actually make each entry a clear token to strongswan parser for dns_split: Ermal Luçi
03:19 PM Revision ca5f5db1: Ticket #4418 make sure the dns_split is separated with spaces rather than space or comma to comply with strongswan requirements.: Ermal Luçi
03:19 PM Revision 1f3d4db0: Ticket #4418 make sure the dns_split is separated with spaces rather than space or comma to comply with strongswan requirements.: Ermal Luçi
03:16 PM Revision e1c4a5ff: Ticket #4418 Make the DNS names attr 28675 space separated as identified by Jeffrey Dvornek: Ermal Luçi
03:16 PM Revision 82e6fde2: Ticket #4418 Make the DNS names attr 28675 space separated as identified by Jeffrey Dvornek: Ermal Luçi
02:16 PM Todo #4225: Lets improve the webGUI: Raul Ramos wrote:
> I doubt that web developers from pfSense have the taste and the ability to do that, is only my o... Chris Buechler
01:15 PM Todo #4225: Lets improve the webGUI: Raul Ramos wrote:
> Kerio Control web gui? i pass. Bootstrap, foundation, own css/js whatever they choose is fine.
... Jared Dillard
08:55 AM Todo #4225: Lets improve the webGUI: Kerio Control web gui? i pass. Bootstrap, foundation, own css/js whatever they choose is fine.
See what Ubiquiti i... Raul Ramos
12:37 PM Feature #4472: Cryptographically sign every (sub-)release: Updates are signed and validated. The downloads page has a link to the md5 and sha256 hash files for your selected do... Chris Buechler
07:33 AM Feature #4472: Cryptographically sign every (sub-)release: Yeah, hence my saying "not quite so simple for the average user to verify". :-)
We keep our own copy of gzsig in o... Jim Pingle
07:25 AM Feature #4472: Cryptographically sign every (sub-)release: Uhh - what a rare animal! I wasn't aware of gzsig so far.
Let's hope the attack on monkey.org, hosting also gzsig,... Patrick Hieber
07:05 AM Feature #4472: Cryptographically sign every (sub-)release: Yes, all of the files including the ISO and IMG files are gzipped and signed with gzsig which adds signature metadata... Jim Pingle
06:58 AM Feature #4472: Cryptographically sign every (sub-)release: I cannot find signatures when opening a mirror directory (e.g. http://files.nl.pfsense.org/mirror/downloads/). I mean... Patrick Hieber
06:41 AM Feature #4472: Cryptographically sign every (sub-)release: They are all currently signed with gzsig. Update files have their signature checked before being applied. So do packa... Jim Pingle
04:47 AM Feature #4472 (New): Cryptographically sign every (sub-)release: As it is quite easy for an active adversary to inject arbitrary data, every release should be signed, not only hashed. Patrick Hieber
10:40 AM pfSense Packages Bug #4473: Still can't run EGP and IGP on the same system: We're looking at adding BIRD as a package, which would allow BGP and OSPF to run. Jeremy Porter
10:16 AM pfSense Packages Bug #4473 (Closed): Still can't run EGP and IGP on the same system: A client just ran into the same problem I've noted a few times previously - you still can't install an EGP daemon (Op... Adam Thompson
09:40 AM Bug #1974: Captive Portal RADIUS accounting bytes wrong: It seems there is a regression, at least in 2.2 for 32bit.
Radius is reporting 1320 MB while according to Bandwidt... Fran Secs
09:21 AM Bug #4418: IPsec mobile clients - bogus "p" appended to search domain: Thank you for finding the separator issue.
I pushed fixes for separating dns names with spaces.
The characters at... Ermal Luçi
08:16 AM Bug #3568: DynDNS: Hostname '@' not accepted for Namecheap: As you can see there:
https://www.namecheap.com/support/knowledgebase/article.aspx/597/10/how-can-i-set-up-a-catchal... Robert Qbik
06:26 AM Revision e2d700da: remove old, unused code: Chris Buechler
06:25 AM Revision e082eca9: remove old, unused code: Chris Buechler
03:47 AM Bug #4178: IPsec leftsubnet changed to 0.0.0.0 with Cisco unity plugin active: I also found that disabling the plugin is inadequate to fix the issue (even after a strongswan restart). I'm now tryi... Brian Candler

02/24/2015

10:19 PM Bug #4418: IPsec mobile clients - bogus "p" appended to search domain: Hi all,
Not sure if this helps, but some findings:
First, it appears that the strongswan config is generated us... Jeffrey Dvornek
07:52 PM Bug #4418: IPsec mobile clients - bogus "p" appended to search domain: Hi.
Also tried Revision fc06d8ea with no effect on clients from Mountain Lion through Yosemite. Andreas Weik
07:58 PM Revision a8efbde4: Minor spacing edits to etc files: Phil Davis
07:23 PM Revision e173dd74: Code style for etc files: Phil Davis
07:08 PM Revision aa314146: When RADIUS auth is selected, radius protocol and server ip/host are mandatory. Fixes #4384: Renato Botelho
07:08 PM Revision 10b92c57: When RADIUS auth is selected, radius protocol and server ip/host are mandatory. Fixes #4384: Renato Botelho
06:45 PM Revision 6c452c3e: Initialize var and move unset outside the loop: Renato Botelho
06:45 PM Revision 83fa2c73: Do not request prefix delegation if no tracking interfaces are setup to: use it. Ticket #4436 k-paulius
06:45 PM Revision 8104c3df: Initialize var and move unset outside the loop: Renato Botelho
06:43 PM Revision 9212eb92: Merge pull request #1495 from k-paulius/fix-dhcp6c-4436: Renato Botelho
06:40 PM Revision 3adf6f27: isset is a better check here: Renato Botelho
06:40 PM Revision 2e50e5b1: Fixing issues with NTP RRD graph state changes: - only call enable_rrd_graphing() after $config['ntpd']['statsgraph']
is set
- fix if condition; empty and isset ... k-paulius
06:40 PM Revision 5a27b146: isset is a better check here: Renato Botelho
06:39 PM Revision 88a5ad7e: Merge pull request #1494 from k-paulius/ntp-rrd-fix: Renato Botelho
02:34 PM Bug #4397: MTU must be set in same ifconfig command as IP: This should work as is on 2.2 in FreeBSD head it has been fixed with:... Ermal Luçi
01:20 PM Bug #4384: missing input validation in captive portal: Applied in changeset commit:aa314146cac3382cc1c7fc28c93296f70e7c9682. Renato Botelho
01:20 PM Bug #4384 (Feedback): missing input validation in captive portal: Applied in changeset commit:10b92c5756c5d9aa4e183fa08fe8fe0ad2c12bd0. Renato Botelho
01:14 PM Bug #4471: stf tunnel interface is not destroyed when 6rd or 6to4 tunnel is disabled: Pull request https://github.com/pfsense/pfsense/pull/1514 Paul K
12:04 PM Bug #4471 (Resolved): stf tunnel interface is not destroyed when 6rd or 6to4 tunnel is disabled: When you configure IPv6 to use 6rd or 6to4 tunnel a new interface ('wan_stf' for example) is created.
If IPv6 config... Paul K
01:10 PM Bug #4433 (Feedback): DHCP6 only pushes name server info to tracked interfaces if delegation prefix length is less than /64: Merged Renato Botelho
12:43 PM Bug #4436 (Feedback): dhcp6c requests prefix delegation when no tracking interfaces are configured: Merged Renato Botelho
12:39 PM Bug #4434 (Feedback): Enabling NTP graphs does not take effect right away: Merged Renato Botelho
12:35 PM Bug #4444 (Feedback): Reverse lookup domain overrides and "Do not forward private reverse lookups": Merged Renato Botelho
12:33 PM Bug #4371 (Resolved): Re-enable suhosin: Renato Botelho
12:32 PM Bug #4371: Re-enable suhosin: Warnings gone with the latest snapshot. ;) Kill Bill
07:37 AM Bug #4371 (Feedback): Re-enable suhosin: I submitted a fix for the FreeBSD ports tree and rebuild it. Should be ok now. Renato Botelho
12:31 PM Bug #4435 (Feedback): Invalid increment in DHCP6 server address range check: Merged Renato Botelho
11:55 AM Revision b8b3784f: Merge pull request #1479 from surrural/master: Renato Botelho
11:40 AM Revision b5ecfe0f: carp, don't show status icon from previous carp ip in case the ip is not present on the interface (test with ifconfig em0 1.2.3.4 delete): Pi Ba
11:40 AM Revision 0b9d204a: Merge pull request #1492 from PiBa-NL/carp-statusicon: Renato Botelho
11:24 AM Revision 42fcce27: Handle reverse lookup domain overrides: that match exactly a whole block of private address space.
e.g. if the user has checked "Do not forward private rever... Phil Davis
11:24 AM Revision 069bb759: Merge pull request #1498 from phil-davis/patch-3: Renato Botelho
11:08 AM Revision f31436cc: Fix PTR records for aliases in host overrides: Lorenz Schori
10:10 AM Revision e91f03b4: Merge pull request #1513 from znerol/bug/master/unbound-host-alias-ptr-followup: Renato Botelho
09:31 AM Revision f29610b0: Fix PTR records for aliases in host overrides: Lorenz Schori
07:52 AM Feature #4470: RA page in GUI: ....and updated to 1.9.7 version (I don`t know what is the latest version for FreeBSD, on linux there is 2.9, latest ... Greg M
07:49 AM Feature #4470 (New): RA page in GUI: RA page in gui needs some advanced settings like:
- change lifetimes
- change RA packets min and max send value
- ... Greg M
07:39 AM Todo #4338 (Feedback): Upgrade PHP to 5.5.22: Done Renato Botelho
07:36 AM Bug #4447 (Resolved): Unbound adds PTR records for host override aliases: Renato Botelho
06:53 AM Bug #4447: Unbound adds PTR records for host override aliases: Thanks for merging the followup, and sorry for the noise. It works now as expected with the newest snapshot. @PTR@ qu... znerol znerol
03:37 AM Bug #4447: Unbound adds PTR records for host override aliases: Oops, that completely broke revers DNS lookups. Regrettably I confused the config keys, the code looks for @ip@ inste... znerol znerol
07:24 AM Bug #144: Syslog messages violate RFC 3164: How can I determine which pfsense in my env is sending the syslog messages if no hostname/ip is specified? This would... Patrick Hieber
05:50 AM Bug #4469 (Resolved): Using string 'local' on auth server 'Descriptive Name' make it fails: If Descriptive Name of an auth server contains string 'local', it is going to be considered as 'Local Database', for ... Renato Botelho
03:23 AM Bug #4468 (Resolved): radvd multiple prefix not working: Per discussion here:https://forum.pfsense.org/index.php?topic=78035.0
radvd.conf not showing extra prefixes, only ... Adam Rogers
02:50 AM Feature #2743: Add external interface selector to UPnP Settings: i can try and add multi wan selection but can some1 show me a sample upnp config file with multiple wans so i know ho... Bipin Chandra
01:27 AM Bug #4465: Traffic utilization error egress on vlan interface: Yes it looks like it, did not see it as I thought it was spesific to the 2.2 release. Rasmus Fauske

02/23/2015

10:22 PM Bug #4465: Traffic utilization error egress on vlan interface: This is a duplicate of #3314 ? Phillip Davis
10:10 AM Bug #4465 (Rejected): Traffic utilization error egress on vlan interface: I have configured two vlan interfaces on one port and is running traffic from one to the other, then the traffic graf... Rasmus Fauske
10:18 PM Bug #4317: firewall_edit_nat.php - memory exhaustion on 32 bit with VIP range: Yes, agree with Ermal.
My comments were just to document/mention the negative numbers behavior on 32-bit systems. I ... Phillip Davis
03:47 PM Bug #4317 (Feedback): firewall_edit_nat.php - memory exhaustion on 32 bit with VIP range: This seems to work now! Ermal Luçi
10:13 PM pfSense Packages Feature #4466: Config history and diffs: Diagnostics->Backup/Restore, Config History tab, has a list of locally stored old configs. You can configure the numb... Phillip Davis
04:59 PM pfSense Packages Feature #4466: Config history and diffs: Sorry, I am referring to the AutoConfigBackup package page under Diagnostics menu. I am curious what you're talking a... Michael Newton
01:26 PM pfSense Packages Feature #4466 (Rejected): Config history and diffs: The config history already has this. There are radio selectors and a 'diff' button to show changes. Jim Pingle
01:18 PM pfSense Packages Feature #4466 (Rejected): Config history and diffs: Something similar to Wikipedia, where you can select two configs and see the changes between them. Also nice would be... Michael Newton
08:20 PM Revision d5b1a279: Ticket #4445 do not write config and remove its cache when applying settings its just behaviour from dinosaur era and should have been cleanded long time ago.: Ermal Luçi
08:20 PM Revision 361027c7: Ticket #4445 do not write config and remove its cache when applying settings its just behaviour from dinosaur era and should have been cleanded long time ago.: Ermal Luçi
08:00 PM Revision e0a4147b: Add support for DNSimple (dnsimple.com): surrural
08:00 PM Revision c19250a5: Update dyndns.class: surrural
08:00 PM Revision a39b78b5: Add support for DNSimple (dnsimple.com): surrural
08:00 PM Revision e29543d6: Add support for DNSimple (dnsimple.com): surrural
08:00 PM Revision 916d683e: Add support for DNSimple (dnsimple.com): surrural
07:28 PM Revision 623e6d09: Preserve "add routers" value across loop for each interface: Forum: https://forum.pfsense.org/index.php?topic=89302.0
If the user put "none" in the 'gateway' field for the DHCP ... Phil Davis
07:28 PM Revision 8252ccfa: Merge pull request #1511 from phil-davis/patch-4: Renato Botelho
07:18 PM Revision 4f5967b9: diag_arp allow underscore in resolved host names: is_hostname() and is_domain() allow underscore in the names. So it is possible to have underscore in host names, for ... Phil Davis
07:17 PM Revision b2507ae6: Merge pull request #1497 from phil-davis/patch-2: Renato Botelho
07:05 PM Revision ce0e5d38: fix Net_IPv6::compress() to properly handle all-zeros address: The existing implementation of Net_IPv6::compress produces an empty
string when compressing the all-zeros ("::") addr... Daniel Becker
07:05 PM Revision e6daaa3b: Merge pull request #1477 from razzfazz/fix_net_ipv6_compress_all_zeroes_master: Renato Botelho
06:33 PM Revision 3f141c9d: Preserve "add routers" value across loop for each interface: Forum: https://forum.pfsense.org/index.php?topic=89302.0
If the user put "none" in the 'gateway' field for the DHCP ... Phil Davis
06:31 PM Bug #4464: Config restore forces serial console to be enabled: I had this issue as well, but I don't think this is an issue with 2.2. This was most likely an issue with previous re... Paul K
03:13 AM Bug #4464 (Resolved): Config restore forces serial console to be enabled: during the upgrade to 2.2 " Enables the first serial port with 115200/8/N/1 by default, or another speed selectable b... Andrew Stuart
06:14 PM Revision 92a33a83: Merge pull request #1496 from stilez/patch-2: Renato Botelho
06:02 PM Revision 07efe7c0: add dhcp6.name-servers option with DHCPD-PD regardless of PD length: The existing code only includes a v6 name server IP in the
automatically generated dhcpdv6 configuration for tracking... Daniel Becker
06:01 PM Revision 545e25fa: Merge pull request #1476 from razzfazz/fix_dns6ip_assignment_for_track6_master: Renato Botelho
05:38 PM Revision 76feb407: make computation of start of DHCPv6 range consistent with actual check: When computing the start IP for the 'available range' field,
services_dhcpv6.php attempts to increment a colon-format... Daniel Becker
05:38 PM Revision d596baab: Merge pull request #1478 from razzfazz/fix_dhcpv6_avail_range_dump_master: Renato Botelho
05:31 PM Bug #4467 (New): Traffic Graphs shows wrong throughput when traffic shaping enabled: When I enable traffic shaping with the wizard the traffic graph is incorrect. It is showing much lower throughput tha... Joe Laffey
05:31 PM Revision a0e4410f: Do not add PTR records for aliases in host overrides: Lorenz Schori
05:30 PM Revision beb6a984: Merge pull request #1509 from znerol/bug/master/unbound-host-alias-ptr: Renato Botelho
05:18 PM Revision ff7990df: Fix display style typo: I could not see any difference in rendering of the page after fixing this, but it looks it it should be fixed. Phil Davis
05:18 PM Revision 41de7158: Fix display style typo: I could not see any difference in rendering of the page after fixing this, but it looks it it should be fixed. Phil Davis
05:18 PM Revision ba7d3bd3: OpenVPN server improve handling of authmode: Currently if the user is clicking around while they are setting up an OpenVPN server, they can do stuff like this:
a)... Phil Davis
05:17 PM Revision 683eb992: vpn_openvpn_server.php white space: Phil Davis
05:17 PM Revision 359d0123: Merge pull request #1510 from phil-davis/patch-6: Renato Botelho
04:46 PM Revision 5fd42bbb: Fix display style typo: I could not see any difference in rendering of the page after fixing this, but it looks it it should be fixed. Phil Davis
04:44 PM Revision cbd49c77: Fix display style typo: I could not see any difference in rendering of the page after fixing this, but it looks it it should be fixed. Phil Davis
04:31 PM Revision a087e197: OpenVPN server improve handling of authmode: Currently if the user is clicking around while they are setting up an OpenVPN server, they can do stuff like this:
a)... Phil Davis
04:13 PM Revision 3e41ad59: vpn_openvpn_server.php white space: Phil Davis
03:56 PM Bug #4432: Net_IPv6::compress() does not properly handle all-zeroes address: Accepted upstream as well. Daniel Becker
03:48 PM Bug #4432 (Feedback): Net_IPv6::compress() does not properly handle all-zeroes address: Merged was put in. Ermal Luçi
12:20 PM Bug #4432: Net_IPv6::compress() does not properly handle all-zeroes address: Submitted "pull request":https://github.com/pfsense/pfsense/pull/pear/Net_IPv6#10 to Net_IPv6 upstream repo. Daniel Becker
02:45 PM Bug #4406: ALTQ problems with wireless cloned interfaces: This will be solved by bringing in the _start routine from FreeBSD 8 as has been done for other drivers in the tree.
... Ermal Luçi
02:41 PM Bug #4445 (Feedback): Applying NAT changes in Hyper-V can break running NAT config: that fix appears to work fine Chris Buechler
02:30 PM Revision 06266c34: Do not add PTR records for aliases in host overrides: Lorenz Schori
12:30 PM Revision d2ffc02f: Mention interface name on DHCP edit GUI: IMHO it can be confusing on the DHCP edit page for static mapped entries to know which interface the entry is being e... Phil Davis
12:30 PM Revision 7ccc1c32: Merge pull request #1505 from phil-davis/patch-7: Renato Botelho
12:29 PM Revision aeb5bf8e: Status_dhcp_leases fix edit button for static entries with no IP address: The edit button for static entries always has an index id=0 and thus pressing the edit button goes to (mostly) edit t... Phil Davis
12:29 PM Revision 1a1df767: Merge pull request #1504 from phil-davis/patch-6: Renato Botelho
12:23 PM Revision 8261c0b6: Fix broken links to dhcp6c.conf man page.: manpath FreeBSD+Ports no longer exits and needs to be replaced with FreeBSD+10.1-RELEASE+and+Ports k-paulius
12:23 PM Revision a8b8033f: Merge pull request #1506 from k-paulius/fix-links: Renato Botelho
12:18 PM Revision c0fde4e4: Success typo: might as well fix it while I notice it Phil Davis
12:18 PM Revision 1426b89f: Merge pull request #1507 from phil-davis/patch-8: Renato Botelho
12:17 PM Revision 7b6d4e6c: Modified DynDns -> Eurodns url: johnbyronent
12:17 PM Revision 890136d4: Merge pull request #1508 from johnbyronent/master: Renato Botelho
11:29 AM Bug #4447 (Feedback): Unbound adds PTR records for host override aliases: Pull Request has been merged and commit cherry-picked to RELENG_2_2 Renato Botelho
08:36 AM Bug #4447: Unbound adds PTR records for host override aliases: Opened PR "1509":https://github.com/pfsense/pfsense/pull/1509 (proper @master@). znerol znerol
07:23 AM Revision 900e9df6: Success typo: might as well fix it while I notice it Phil Davis
05:36 AM Bug #4175: kernel panic when loading run driver for RT3070: I'm seeing this too on an older device that worked fine in 2.1.X. I'll try to run up a FreeBSD 10.1 install and test.... Steve Wheeler
03:47 AM Revision d82b2a6f: Fix broken links to dhcp6c.conf man page.: manpath FreeBSD+Ports no longer exits and needs to be replaced with FreeBSD+10.1-RELEASE+and+Ports k-paulius
03:03 AM Bug #4463 (Resolved): Fix the NTPD Access Restrictions / and other NTPD related issues, including GPS: Access Restrictions once open says "these options control access to NTP from the WAN."
This is incorrect.
It sets... Andrew Stuart

02/22/2015

09:42 PM Feature #4458: pfSsense's own outbound requests should use other gateways not just default: Thanks, I wasn't aware of that option!
I searched around and managed to find it in its hiding place (System: Advan... Eduard Rozenberg
05:12 PM Feature #4458 (Rejected): pfSsense's own outbound requests should use other gateways not just default: enable the default gateway switching option if you need this behavior. Chris Buechler
10:46 AM Feature #4458: pfSsense's own outbound requests should use other gateways not just default: It appears pfSense email alerts may also be going out over the Default WAN only
(so if Default is down no email aler... Eduard Rozenberg
10:40 AM Feature #4458 (Rejected): pfSsense's own outbound requests should use other gateways not just default: Hello,
I have multi-wan set up with gateways WAN1 (Default) and WAN2.
If I temporarily take down the WAN1 gatew... Eduard Rozenberg
07:07 PM pfSense Packages Bug #4462 (Resolved): Custom ACLS (After_Auth) not written to squid.conf: Services->Proxy server->General, the input field "Custom ACLS (After_Auth)" is not written to squid.conf.
Tested s... Volker Kuhlmann
07:06 PM pfSense Packages Feature #4461 (Rejected): Squid options too late in squid.conf: The UI on Services->Proxy server->ACL has a good list list of ACL types to add.
Unfortunately most of these are not ... Volker Kuhlmann
05:18 PM Feature #4457 (Rejected): NAT rules with "any" as ip protocol: duplicate of #4259 Chris Buechler
09:07 AM Feature #4457 (Rejected): NAT rules with "any" as ip protocol: hello,
i started to use pfsense in my company and with other products we often do nat rules without to specify ip p... Giuanin Piemunteis
05:10 PM Bug #4448 (Rejected): IP alias had to be "resaved" in order for Wan rule that uses it to work properly again: Thanks for the feedback. definitely a duplicate of #4296 Chris Buechler
10:47 AM Bug #4448: IP alias had to be "resaved" in order for Wan rule that uses it to work properly again: I have not seen the issue again in the 2-3 days since I removed the FQDN from that alias. So far so good. Eduard Rozenberg
05:06 PM Todo #4338 (New): Upgrade PHP to 5.5.22: back to new to update to .22 Chris Buechler
02:41 PM pfSense Packages Bug #4460 (Closed): Upgrade to HAVP v1.05 forever displays "Antivirus Server ( ) Stopped": Upgrading HAVP 0.91_1 pkg v1.04 to version v1.05 causes the Antivirus: General page to display "Antivirus Server ( ) ... lynn wilborn
01:47 PM Bug #4459: Tzdata is too old (needs to be updated for Russia): More info:
I have correct time on the dashboard:
Sun Feb 22 22:45:03 MSK 2015
In console i have incorrect timezone... Taras Savchuk
01:37 PM Bug #4459 (Resolved): Tzdata is too old (needs to be updated for Russia): Time difference is 1h for Russia. Taras Savchuk
06:02 AM Revision 18620400: Mention interface name on DHCP edit GUI: IMHO it can be confusing on the DHCP edit page for static mapped entries to know which interface the entry is being e... Phil Davis
05:36 AM Revision f5bea142: Status_dhcp_leases fix edit button for static entries with no IP address: The edit button for static entries always has an index id=0 and thus pressing the edit button goes to (mostly) edit t... Phil Davis
05:09 AM Feature #4456 (New): Packet capture additional filtering options: Hello,
it would be useful to have the packet capture with more filter options. For example i need often to filter ne... Giuanin Piemunteis
02:52 AM Bug #4175: kernel panic when loading run driver for RT3070: Got the same issue today while upgrading to 2.2 on fit-pc2i. It got RT2870 card and the same double fault while loadi... Dmitry Gromov

02/21/2015

11:51 PM pfSense Packages Bug #4336: syslog-ng package missing libraries: I believe this is because these libraries are in the subfolder /usr/pbi/syslog-ng-amd64/lib/syslog-ng.
Normally /u... Joshua Ruehlig
09:51 PM Bug #4455: Router Advertisment Daemon does not add UnicastOnly for OpenVPN interfaces: Note. The bugtracker did add formatting to my code making it pretty unreadable. Updated code that shouldn't get chang... sebastian nielsen
09:47 PM Bug #4455 (Resolved): Router Advertisment Daemon does not add UnicastOnly for OpenVPN interfaces: Found out when enabling RADVD on ovpns1 (a tun virtual interface), that the configuration page does not add UnicastOn... sebastian nielsen
07:56 PM Bug #4435: Invalid increment in DHCP6 server address range check: Are there any issues with my "pull request":https://github.com/pfsense/pfsense/pull/1478 that would prevent it from b... Daniel Becker
07:56 PM Bug #4433: DHCP6 only pushes name server info to tracked interfaces if delegation prefix length is less than /64: Are there any issues with my "pull request":https://github.com/pfsense/pfsense/pull/1476 that would prevent it from b... Daniel Becker
07:56 PM Bug #4432: Net_IPv6::compress() does not properly handle all-zeroes address: Are there any issues with my "pull request":https://github.com/pfsense/pfsense/pull/1477 that would prevent it from b... Daniel Becker
05:11 PM Revision 7a3848b6: correct 2 typos: Form_Input - forceName should actually use parameter
firewall_rules_edit - add Inputs to Section, not form Sjon Hortensius
02:13 PM Revision 48868a05: Initial version of converted firewall_rules_edit: Sjon Hortensius
09:59 AM Bug #1493: pf blocks all traffic following filter reload.: I have that same bug in the following pfSense version: 2.2-RELEASE (i386)
built on Thu Jan 22 14:04:25 CST 2015
F... Daniel Milazar

02/20/2015

11:56 PM Feature #4411: add validation of Unbound advanced configuration: One thing you might consider is adding 'server:' as the last keyword in all configuration files that are included in ... Paul K
08:40 PM Bug #4317 (Confirmed): firewall_edit_nat.php - memory exhaustion on 32 bit with VIP range: Chris Buechler
06:48 PM Bug #4175: kernel panic when loading run driver for RT3070: there has to be something different, as the run driver we ship is 100% identical to FreeBSD 10.1's. If someone wants ... Chris Buechler
06:42 PM Revision e5a67d33: Clean up some old, possibly stale, files when restarting php-fpm: Jim Pingle
06:42 PM Revision ec9bd3fa: Clean up some old, possibly stale, files when restarting php-fpm: Jim Pingle
03:35 PM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot: I am running on a SD card (and without any other card) and I am encountering the problem. Guillaume Leroy
01:51 PM Bug #4370: ntpd does nothing with selected carp interfaces.: Problem still exists. Only selecting the interface adds: "interface listen em1" , while only selecting the carp-ip, d... Pi Ba
01:51 PM Feature #3914 (Resolved): Support up to 4 DNS Servers in DHCP: thanks Phil Chris Buechler
10:13 AM Bug #4454 (Duplicate): scrub random-id + PPPoE + IPsec + communication to LAN IP = kernel panic on 32 bit: Started almost here https://forum.pfsense.org/index.php?board=16.0
But I am not sure is it all have the same reason ... Vladimir Suhhanov
08:45 AM Bug #4446 (Confirmed): IP Alias with CARP VIP parent is not removed from OS on secondary node when deleted: Updated the description to be more accurate. The actual problem appears to be that deleting an IP Alias VIP with a CA... Jim Pingle
02:58 AM Bug #4446: IP Alias with CARP VIP parent is not removed from OS on secondary node when deleted: Ok, I know how to reproduce this.
On the master, I have this config:... Andreas Pflug
02:34 AM Bug #4446: IP Alias with CARP VIP parent is not removed from OS on secondary node when deleted: what does the output of ifconfig show on the secondary? Chris Buechler
01:04 AM Bug #4446: IP Alias with CARP VIP parent is not removed from OS on secondary node when deleted: Chris Buechler wrote:
> this definitely works in general. when you end up in dual master is if it doesn't sync the a... Andreas Pflug
04:43 AM pfSense Packages Bug #4453: Squid-in-the-middle SSL Bump downgrades client SSL/TLS connections: I am aware of that, but since the CA is internal, I don't see the point why this should lead to RC4 and 40-bit keys b... René Pfeiffer
04:37 AM pfSense Packages Bug #4453: Squid-in-the-middle SSL Bump downgrades client SSL/TLS connections: René Pfeiffer wrote:
> This is a critical bug and may render strong encryption useless once SSL Bump is deployed.
... Kill Bill
04:28 AM pfSense Packages Bug #4453 (Resolved): Squid-in-the-middle SSL Bump downgrades client SSL/TLS connections: When enabling the Squid-in-the-middle SSL Bump option on pfSense 2.2/2.2.1 the SSL/TLS connections between server <->... René Pfeiffer
04:05 AM pfSense Packages Bug #4452 (Resolved): squid3 XMLRPC Sync: The settings made in the tab "Antivirus" are not synchronized. On the sync-slave all settings made in this tab are cl... Beat Guggisberg

02/19/2015

10:34 PM Bug #4451: Status DHCP Leases shows double entries for static entries without IP address: Forum post is actually: https://forum.pfsense.org/index.php?topic=89072.0
and I do not see any buttons that allow me... Phillip Davis
10:33 PM Bug #4451 (New): Status DHCP Leases shows double entries for static entries without IP address: Forum: https://forum.pfsense.org/index.php?topic=89043.0
Add a "Static Mapped" DHCP entry for some MAC address but d... Phillip Davis
06:54 PM Bug #4442: Boot sits at "Configuring firewall" for long time with hostnames, URL Tables, where DNS non-functional: Could this help:
$destination = $fqdn;
$output = shell_exec("host -W 1 $destination");
if (preg_match_all('#\b(c... Rob Turner
04:43 PM Bug #4446 (Feedback): IP Alias with CARP VIP parent is not removed from OS on secondary node when deleted: this definitely works in general. when you end up in dual master is if it doesn't sync the alias across for some reas... Chris Buechler
02:03 AM Bug #4446 (Resolved): IP Alias with CARP VIP parent is not removed from OS on secondary node when deleted: I used to have a CARP VIP for any IP address my pf cluster has to handle since that used to be the only way (changed ... Andreas Pflug
11:38 AM Bug #4449 (Rejected): crash with limiter active: duplicate of #4310 Chris Buechler
10:06 AM Bug #4449 (Rejected): crash with limiter active: I had a dedicated rule for a test machine in a DMZ with a limiter active (800kBit each direction) after an upgrade fr... Andreas Pflug
11:37 AM Bug #4448: IP alias had to be "resaved" in order for Wan rule that uses it to work properly again: It sounds like that could be the issue. I'll take out the fqdn for now and if the problem does not come back that wou... Eduard Rozenberg
11:32 AM Bug #4448 (Feedback): IP alias had to be "resaved" in order for Wan rule that uses it to work properly again: That sounds the same as #4296. Eduard, does the description there seem to match up with what you're seeing? Chris Buechler
10:18 AM Bug #4448: IP alias had to be "resaved" in order for Wan rule that uses it to work properly again: Is this the same or similar issue to https://redmine.pfsense.org/issues/4296 ? Phillip Davis
09:46 AM Bug #4448 (Rejected): IP alias had to be "resaved" in order for Wan rule that uses it to work properly again: Hello,
I have a WAN1 rule that allows traffic from Source defined by an IP alias.
The IP alias contains various I... Eduard Rozenberg
10:59 AM Bug #4450 (Resolved): GRE Tunnel does not work if one of the endpoints is an IP Alias: See https://forum.pfsense.org/index.php?topic=88947.0 for more details.
I've reproduced this issue on two sets of ... Jonathan Black
07:27 AM Bug #4447: Unbound adds PTR records for host override aliases: This is not my first patch, CLA is already done.
1500 was bogus, because it was against an old master, ... znerol znerol
06:26 AM Bug #4447: Unbound adds PTR records for host override aliases: I expect the devs will want you to make just a pull request against master. Then the devs will sort out committing to... Phillip Davis
03:55 AM Bug #4447: Unbound adds PTR records for host override aliases: Github Pull requests:
* "1499":https://github.com/pfsense/pfsense/pull/1499 (RELENG_2_2)
* "1500":https://github.co... znerol znerol
03:51 AM Bug #4447 (Resolved): Unbound adds PTR records for host override aliases: It is not recommended to add more than one ... znerol znerol
07:17 AM Bug #4392: OpenVPN daemon crashing with ath(4) card installed: to answer your previous question yes this is running 2.2-RELEASE (amd64) Adam Esslinger
07:14 AM Bug #4393: syslogd stops and fails to restart during boot in some cases: I have applied the patch. Ill let you know if I see any more syslog crashes. Thanks! Adam Esslinger
06:22 AM Bug #4175: kernel panic when loading run driver for RT3070: Hi. I am not sure if I am supposed to create a new issue or update this one...
I am experiencing the exact same be... Petros Androutsos
01:53 AM Revision a9386b8f: add a couple unnecessary bsdinstaller files to obsoletedfiles: Chris Buechler
01:52 AM Revision e0c1bfd7: add a couple unnecessary bsdinstaller files to obsoletedfiles: Chris Buechler
01:44 AM Revision 07dee7aa: remove unused dfuife files.: Chris Buechler
01:41 AM Revision 0778191e: remove unused dfuife files.: Chris Buechler

02/18/2015

11:55 PM Bug #4445: Applying NAT changes in Hyper-V can break running NAT config: it's somehow a hardware/hypervisor-specific issue, but I don't think it's indicative of a problem with Hyper-V itself... Chris Buechler
11:52 PM Bug #4445 (Resolved): Applying NAT changes in Hyper-V can break running NAT config: On some Hyper-V systems, applying changes to NAT in the web interface results in a rules.debug omitting all config-de... Chris Buechler
10:30 PM pfSense Packages Bug #4373: pfBlockerNG: IPv4 aliases are not preserved when upgrading package: Here is the commit to default "Keep settings" to "on":
https://github.com/BBcan177/pfsense-packages/commit/f802459... BBcan177 .
08:05 PM pfSense Packages Bug #4373: pfBlockerNG: IPv4 aliases are not preserved when upgrading package: there are a lot of people who are going to be surprised by that default, I suggest switching to defaulting to enablin... Chris Buechler
09:59 PM Bug #4444 (Resolved): Reverse lookup domain overrides and "Do not forward private reverse lookups": If you enable "Do not forward private reverse lookups" and then have domain override(s) that cover whole chunk(s) of ... Phillip Davis
09:46 PM Feature #3914: Support up to 4 DNS Servers in DHCP: This was implemented for 2.2-RELEASE by commit: https://github.com/pfsense/pfsense/commit/3b5707db5bd1ea4d886b41f86bc... Phillip Davis
09:42 PM Bug #4077: Gateways Status Widget status column does not update: I think it was this commit that fixed the status background color updating: https://github.com/pfsense/pfsense/commit... Phillip Davis
09:31 PM Bug #4443 (Resolved): diag_arp does not display reverse resolved hostnames containing underscore: is_hostname() and is_domain() allow underscore in the names. So it is possible to have underscore in host names, for ... Phillip Davis
09:30 PM Bug #4393: syslogd stops and fails to restart during boot in some cases: anyone who's having issues with syslogd not running, install the System Patches package, then browse to System>Patche... Chris Buechler
07:59 AM Bug #4393: syslogd stops and fails to restart during boot in some cases: No need for that patch I posted now, Chris found the actual fix after that. The fix is in the commits shown in the "A... Jim Pingle
07:56 AM Bug #4393: syslogd stops and fails to restart during boot in some cases: I applied the patch and it created the lighttpd-breakage.log but its 0bytes. After applying the patch and restarting... Adam Esslinger
07:19 PM Bug #4389: gif0 tunnel for ipv6 using a carp-ip to the outside world stops working upon reboots and some config changes: best to gitsync to get to 2.2.1 right now. Option 12 at console, run "playback gitsync RELENG_2_2" Chris Buechler
07:17 PM pfSense Packages Bug #4324 (Resolved): HAproxy and SSL client certificate validation: Chris Buechler
06:48 PM Bug #4442 (Resolved): Boot sits at "Configuring firewall" for long time with hostnames, URL Tables, where DNS non-functional: Where you have FQDNs in aliases, and no reachable DNS servers, the boot gets excessively delayed sitting at "Configur... Chris Buechler
03:30 PM Bug #4438 (Confirmed): Unable to delete IP Alias outside an interface's subnet where a gateway exists in the same subnet: the specific issue is if you have an IP alias VIP that's not within any of your interfaces' subnets, and you have a g... Chris Buechler
06:47 AM Bug #4438 (Resolved): Unable to delete IP Alias outside an interface's subnet where a gateway exists in the same subnet: I have a working 2 FW CARP setup with pfSense 2.2 and a /28 subnet of available ip addresses.
If I add one of my a... Glen Arason
02:02 PM Bug #4441 (Confirmed): duplicating a relayd load balancer monitor in reality just overwrites the existing one and renames it.: Chris Buechler
01:00 PM Bug #4441 (Resolved): duplicating a relayd load balancer monitor in reality just overwrites the existing one and renames it.: Create a load balancing monitor called "Xhttps" and configure it to monitor https. Further configure it to use a host... Vick Khera
11:50 AM Bug #4425 (Closed): IPSEC /Strongswan Fails to Detect IP address Change: duplicate of #4341 Chris Buechler
11:44 AM Bug #4341: strongSwan fails to re-attach dynamic IPs where interfaces_use specified: Chris, will you merge BUG #4425 with this one. I had filed that bug report to outline the same problem that you have ... Sam Bernard
10:57 AM Revision 153613e3: Handle reverse lookup domain overrides: that match exactly a whole block of private address space.
e.g. if the user has checked "Do not forward private rever... Phil Davis
09:58 AM Feature #3933: Limiter burst doesn't have any effect: Would a bounty help with this? Web Dawg
08:48 AM Revision 6777fc3b: diag_arp allow underscore in resolved host names: is_hostname() and is_domain() allow underscore in the names. So it is possible to have underscore in host names, for ... Phil Davis
07:58 AM Revision 90d1d8cf: Don't hard code harden-referral-path. It defaults to no, so no behavior change, and that setting is unlikely to ever become a default. This allows users to configure an override to enable this option if desired. part of Ticket #4399: Chris Buechler
07:57 AM Revision 559c8d3d: Don't hard code harden-referral-path. It defaults to no, so no behavior change, and that setting is unlikely to ever become a default. This allows users to configure an override to enable this option if desired. part of Ticket #4399: Chris Buechler
07:26 AM Bug #4440 (Rejected): CARP does not Sync IP Alais to Backup firewall: Duplicate of #4439 Jim Pingle
07:04 AM Bug #4440 (Rejected): CARP does not Sync IP Alais to Backup firewall: I have a working 2 FW CARP setup with pfSense 2.2 and a /28 subnet of available ip addresses.
The Virtual IP Alias... Glen Arason
07:25 AM Bug #4439 (Rejected): CARP does not Sync IP Alais to Backup firewall: The VIP types that are supposed to sync work properly: CARP VIPs, IP Aliases *using a CARP VIP as their parent interf... Jim Pingle
07:02 AM Bug #4439 (Rejected): CARP does not Sync IP Alais to Backup firewall: I have a working 2 FW CARP setup with pfSense 2.2 and a /28 subnet of available ip addresses.
The Virtual IP Alias... Glen Arason
06:40 AM pfSense Packages Bug #4198 (Resolved): lightsquid doesn't work, perl is missing: Jim Pingle
05:29 AM pfSense Packages Bug #4198: lightsquid doesn't work, perl is missing: thanks Jim! I think we can close this ticket.. I didn't report this, but the only issue now with the package is with ... Cino .
06:39 AM Revision 7b404fde: Add GUI control for MOBIKE. Hide it when IKEv1 selected. Enable toggling of NAT-T field display so it's on for IKEv1, off for IKEv2. Do same for reauth while here. Ticket #3979: Chris Buechler
06:38 AM Revision 065e78b3: Add GUI control for MOBIKE. Hide it when IKEv1 selected. Enable toggling of NAT-T field display so it's on for IKEv1, off for IKEv2. Do same for reauth while here. Ticket #3979: Chris Buechler
06:37 AM Bug #4437 (Closed): FreeBSD Kernel RNG Broken: The broken code never made it into any -RELEASE. pfSense is based on 10.1-RELEASE, so no it's not affected. Jim Pingle
02:20 AM Bug #4437: FreeBSD Kernel RNG Broken: No. https://lists.freebsd.org/pipermail/freebsd-current/2015-February/054581.html Kill Bill
01:02 AM Bug #4437 (Closed): FreeBSD Kernel RNG Broken: Is pfsense of this serious vulnerability affected?
https://lists.freebsd.org/pipermail/freebsd-current/2015-February... Andreas Walther
04:32 AM Revision cfda8861: Wait a bit after sending a TERM to syslogd as in some instances it can take too long to stop, and it fails to restart because it's still running at that point. Add a KILL in case it's still running after that. Ticket #4393: Chris Buechler
04:30 AM Revision 209ba3aa: Wait a bit after sending a TERM to syslogd as in some instances it can take too long to stop, and it fails to restart because it's still running at that point. Add a KILL in case it's still running after that. Ticket #4393: Chris Buechler
01:59 AM Feature #4399: Expose more of the DNSSEC-related hardening options in the GUI: I removed harden-referral-path from the default config, so you can enable it as an advanced option if wanted. Chris Buechler
01:53 AM Bug #4429 (Closed): Problem with radvd(8) SLAAC packets autoconfiguring client IPv6 routes: Thanks for the follow up. SLAAC requires a /64, which is why. The RAs are correct. Not a bug.
though we could imp... Chris Buechler
01:02 AM Feature #4205 (Resolved): unbound config option missing: works Chris Buechler
12:39 AM Bug #3979 (Feedback): 2.2 IPsec NAT-T / MOBIKE IKEv2 control: this should all be addressed now, needs review and further testing. Chris Buechler

02/17/2015

11:43 PM Bug #4300 (Resolved): Can not enter outbound NAT destination port range: fixed Chris Buechler
11:40 PM Bug #4210: Bring back a FTP proxy: In a completely default config, passive FTP clients will work fine. The default LAN rule permits what's necessary.
... Chris Buechler
11:37 PM Bug #4210: Bring back a FTP proxy: Chris Buechler wrote:
> check out the info here:
> https://doc.pfsense.org/index.php/FTP_without_a_Proxy
>
> it... Reqlez Guy
11:35 PM Bug #4210: Bring back a FTP proxy: Chris Buechler wrote:
> check out the info here:
> https://doc.pfsense.org/index.php/FTP_without_a_Proxy
>
> it... Reqlez Guy
11:31 PM Bug #4210 (Confirmed): Bring back a FTP proxy: check out the info here:
https://doc.pfsense.org/index.php/FTP_without_a_Proxy
it's always possible to support p... Chris Buechler
11:27 PM Bug #4210: Bring back a FTP proxy: Interesting because i'm getting reports from vendors who refuse to change away from FTP that PASV mode is not working... Reqlez Guy
11:35 PM Bug #4349 (Resolved): Generating IPsec entries with the option similar to this one causes bad ipsec configuration: fixed Chris Buechler
11:24 PM Bug #3395 (Resolved): DHCPv6 client pass rules need to come before bogons: thanks for confirming. Chris Buechler
10:30 PM Bug #4393 (Feedback): syslogd stops and fails to restart during boot in some cases: every circumstance I could replicate is fixed by what I just pushed. Chris Buechler
02:45 PM Bug #4393: syslogd stops and fails to restart during boot in some cases: I still can't seem to reproduce it here even with a "bad" set of logs and similar settings. There must be some other ... Jim Pingle
05:20 PM Revision 31495068: Three minor improvements to IP functions: 1) Most is_ip***() functions can return 4 or 6 to indicate type of IP, for benefit of calling code (both evaluate to ... Stilez y
01:38 PM Feature #4366: Namecheap Dynamic DNS updates fail on subdomain formatted domains: A few more pieces of information
In this scenario, the subdomain is being pointed at namecheap's dynamic DNS not t... Trel S
10:19 AM Bug #4429: Problem with radvd(8) SLAAC packets autoconfiguring client IPv6 routes: In fact, the SLAAC logic in pfSense 2.2 *seems to be okay.* If an interface is configured with flawed Ipv6 notation l... Mich MSvB
12:34 AM Bug #4429: Problem with radvd(8) SLAAC packets autoconfiguring client IPv6 routes: can you send me a pcap containing one of the RAs? Email to me cmb at pfsense.org referencing this ticket # if you don... Chris Buechler
04:13 AM Bug #4310: Limiters + HA results in hangs on secondary: Ermal Luçi wrote:
> Patch committed.
Can you post a link to the patch Vitaliy Isarev
04:13 AM Revision 71383901: Do not request prefix delegation if no tracking interfaces are setup to: use it. Ticket #4436 k-paulius
01:01 AM Bug #4428: Setting media option on em(4) leads to infinite link cycling: It is not. No special functionality (vlan, lagg/lacp, or bridging) is enabled on any interfaces in the system. Nash Kaminski
12:55 AM Bug #4428: Setting media option on em(4) leads to infinite link cycling: Is that interface part of a bridge, or lagg or anything? Chris Buechler
12:58 AM Bug #4371 (Confirmed): Re-enable suhosin: Chris Buechler
12:40 AM Bug #4436 (Confirmed): dhcp6c requests prefix delegation when no tracking interfaces are configured: this can be worse than it might seem at a glance, as if you don't get a PD assignment, it'll keep retrying over and o... Chris Buechler

02/16/2015

10:23 PM Bug #4436: dhcp6c requests prefix delegation when no tracking interfaces are configured: Submitted pull request: https://github.com/pfsense/pfsense/pull/1495 Paul K
10:05 PM Bug #4436 (Resolved): dhcp6c requests prefix delegation when no tracking interfaces are configured: When interface with DHCPv6 has 'DHCPv6 Prefix Delegation size' set and no interfaces are setup to track it, pfSense g... Paul K
09:17 PM Bug #4341: strongSwan fails to re-attach dynamic IPs where interfaces_use specified: Updated subject should be accurate of specific issue. Removing interfaces_use from strongswan.conf makes the problem ... Chris Buechler
08:50 PM Bug #4341 (Confirmed): strongSwan fails to re-attach dynamic IPs where interfaces_use specified: Found a scenario where this is replicable with PPPoE.
1) setup IPsec bound to a PPPoE WAN, with no keepalive defi... Chris Buechler
03:46 PM Bug #3395: DHCPv6 client pass rules need to come before bogons: Tested the patch on v2.2. Rules are now appearing in the correct order and DHCPv6 messages are not getting blocked.
... Paul K
02:10 PM Feature #4179: Driver oce is missing from 2.2 RC: When I load the module, using kldload, I got the following output:
oce0: <Emulex CNA NIC function:///10.0.664.0///... Mathieu FRAPPIER
05:31 AM Revision e2caaee8: Fixing issues with NTP RRD graph state changes: - only call enable_rrd_graphing() after $config['ntpd']['statsgraph']
is set
- fix if condition; empty and isset ... k-paulius
04:49 AM Bug #4371: Re-enable suhosin: I don't think this is done exactly right...... Kill Bill
12:25 AM Bug #4435: Invalid increment in DHCP6 server address range check: Pull request for fix here: https://github.com/pfsense/pfsense/pull/1478 Daniel Becker
12:25 AM Bug #4435: Invalid increment in DHCP6 server address range check: Note that this is actually matches the behavior of the range checks that services_dhcpv6.php performs: The actual che... Daniel Becker
12:24 AM Bug #4435 (Resolved): Invalid increment in DHCP6 server address range check: When computing the start IP for the 'available range' field, services_dhcpv6.php attempts to increment a colon-format... Daniel Becker
12:12 AM Bug #4434: Enabling NTP graphs does not take effect right away: Pull request https://github.com/pfsense/pfsense/pull/1494 Paul K
12:00 AM Bug #4434 (Resolved): Enabling NTP graphs does not take effect right away: When enabling NTP RRD graphs nothing happens first time NTP page is submitted.
Graphs are enabled if page is submi... Paul K

02/15/2015

11:12 PM Bug #4175: kernel panic when loading run driver for RT3070: Had time to load stock FreeBSD 10.1 and the wireless interface worked. Also updated to 2.2-RELEASE and still experien... William Eshagh
09:54 PM Bug #4433: DHCP6 only pushes name server info to tracked interfaces if delegation prefix length is less than /64: Pull request for fix: https://github.com/pfsense/pfsense/pull/1476 Daniel Becker
09:54 PM Bug #4433 (Resolved): DHCP6 only pushes name server info to tracked interfaces if delegation prefix length is less than /64: The auto-generated DHCP6 configuration for tracking interfaces only includes a v6 name server if there are additional... Daniel Becker
09:49 PM Bug #4432: Net_IPv6::compress() does not properly handle all-zeroes address: Pull request for fix: https://github.com/pfsense/pfsense/pull/1477 Daniel Becker
09:48 PM Bug #4432 (Resolved): Net_IPv6::compress() does not properly handle all-zeroes address: Net_IPv6::compress produces an empty string when compressing the all-zeros address, rather than the expected output o... Daniel Becker
04:32 PM Bug #4429: Problem with radvd(8) SLAAC packets autoconfiguring client IPv6 routes: Yes, I'm getting a *single* RA from pfSense to ip6-allnodes which results in a correct IPv6 route in the Ubuntu clien... Mich MSvB
12:49 PM Bug #4429 (Feedback): Problem with radvd(8) SLAAC packets autoconfiguring client IPv6 routes: This works in general. You're getting RAs, which seem fine at a basic level at least though contents of the RA not sh... Chris Buechler
08:40 AM Bug #4429: Problem with radvd(8) SLAAC packets autoconfiguring client IPv6 routes: h1. Additional info
h2. Bogons
My *Interfaces: LAN* 'Private networks' section contains _Block private networks... Mich MSvB
07:13 AM Bug #4429 (Closed): Problem with radvd(8) SLAAC packets autoconfiguring client IPv6 routes: In the last release 2.1.5, stateless address autoconfiguration (SLAAC) was working correctly. After updating to 2.2 m... Mich MSvB
03:29 PM Revision 8f5352df: carp, don't show status icon from previous carp ip in case the ip is not present on the interface (test with ifconfig em0 1.2.3.4 delete): Pi Ba
02:12 PM Bug #4431 (Duplicate): Bandwidth not reported correctly in "Status: Traffic shaper: Queues": I'm running pfSense version 2.2 on an Alix 2d2 board. The reported bandwidth under the queues status page is incorre... Jocelyn Le Sage
01:23 PM Bug #4395 (Resolved): /etc/hosts doesn't contain any local IPv6 addresses: fixed Chris Buechler
11:02 AM Bug #4392: OpenVPN daemon crashing with ath(4) card installed: I just had this happen again. I have noticed that this appeared again in the logs.
Feb 15 11:57:57 kernel: sonewc... Adam Esslinger
08:03 AM Bug #4430 (Closed): pppoe configuration can not be removed from WAN interface.: When WAN interface is set as pppoe it can not be changed to DHCP or NONE.
First time, the web interface tells to a... Martin Labbe

02/14/2015

09:27 PM Bug #4428 (Confirmed): Setting media option on em(4) leads to infinite link cycling: If the media or mediaopt config option is set, an infinite link cycling loop results since the link cycles when ifcon... Nash Kaminski
06:39 PM Bug #4427 (Resolved): Traffic Shaper Wizard still having issues: I just upgraded to the latest 2.2 snapshot from Feb 13 in hopes of getting past the already documented traffic shapin... Marco Novielli
06:26 PM Bug #4307 (Closed): bacula-fd configuration is mangled: Thanks for the feedback, I'll close this out.
If you have any ideas on how to simplify the GUI for this to make it... Jim Pingle
06:03 PM Bug #4307: bacula-fd configuration is mangled: This is fixed for me. Thank you. Dan Langille
04:20 PM Bug #4367 (Resolved): Incorrect rrset-cache-size in unbound.conf: fixed Chris Buechler
04:05 PM Bug #4418 (Confirmed): IPsec mobile clients - bogus "p" appended to search domain: It changes the weird character OS X shows at the end in its system.log, but otherwise unchanged and still wrong. Now ... Chris Buechler
03:56 PM Bug #4393 (Confirmed): syslogd stops and fails to restart during boot in some cases: I added a tgz of /var/log from a system exhibiting the problem to projects/ticket-files/
Chris Buechler
07:38 AM Bug #4393: syslogd stops and fails to restart during boot in some cases: I received it, but it may be Tuesday before I have a chance to look at the logs. Jim Pingle
07:26 AM Bug #4393: syslogd stops and fails to restart during boot in some cases: I sent you an email yesterday with the logs (9MB). Did you get the email? Adam Esslinger
11:37 AM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot: I misunderstood JimP's earlier comment, running 'sysctl -a' won't panic it in the way enabling SNMP will. Chris Buechler
08:20 AM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot: Same for me during the upgrade from 2.1.5 (amd64) to 2.2 (amd64) on a APU.1C4 (4 GB).
Retried it successfully with a... Marcel Janicki
04:03 AM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot: I just started to test what combinations of hardware let this crash happen, but the command "systcl -a" is not crashi... Andreas Walther
06:38 AM pfSense Packages Bug #4415: wrong start script in nrpe2 within 64bit installation: Since 2.12_4 v2.2_4 this bug is also in i386. Manfred Bongard
01:06 AM Feature #4179: Driver oce is missing from 2.2 RC: @Matthieu: We copied it over from FreeBSD 10.1 release and added oce_load="YES" to /boot/loader.conf, worked as expec... Christoph Erdle

02/13/2015

11:02 PM Todo #4353: Review IPsec reloading when strongswan.conf is changed: I reported a bug 4425 which I'm thinking might be related to this. Let me know if you need any logs from me.
Sam Sam Bernard
11:01 PM Bug #4425: IPSEC /Strongswan Fails to Detect IP address Change: Just wondering if this could be related to Bug 4353. Sam Bernard
08:13 PM Bug #4425 (Closed): IPSEC /Strongswan Fails to Detect IP address Change: Whats we saw was that 2.2 had no issue bringing up the tunnel but once the tunnels were up they were unstable and if ... Sam Bernard
10:33 PM Feature #4354: Allow dpinger to ping more than one destination for a gateway.: This would be an amazing enhancement! My only comment would be if you're going to enhance the engine to support multi... → luckman212
10:08 PM Feature #4179: Driver oce is missing from 2.2 RC: @Christoph: Can you explain where od you get the file and how exactly do you load it ? Mathieu FRAPPIER
09:26 PM pfSense Packages Bug #4426 (Resolved): NUT fails to start or restart until NUT's settings are (re)saved: Since updating NUT to 2.6.5_1 pkg/2.0.4, I'm finding that NUT won't start on a pfSense reboot. Pressing a "restart s... B. Derman
08:28 PM Revision cc94ea50: Unobsolete libpcre.so.1: Renato Botelho
08:28 PM Revision 3b7f8f83: Unobsolete libpcre.so.1: Renato Botelho
06:27 PM Revision d72e936f: Merge pull request #1484 from phil-davis/more-text-typos: Renato Botelho
06:24 PM Revision 3ddc5d1a: Update fbegin.inc - Missing '/' in path: Found this issue in conjunction with user Digdug3 BBcan177 .
06:24 PM Revision 49fa70a2: Merge pull request #1485 from BBcan177/patch-1: Renato Botelho
04:45 PM Bug #4310: Limiters + HA results in hangs on secondary: Hi, I have the same issue. I tried to update to the latest maintance version, but receive error after upgrade: "shar... Vitaliy Isarev
04:04 PM Bug #4328: Some symlinks not updated by full update: Well, all I can say is that this is definitely not fixed. Tested with 2.2.1-DEVELOPMENT-i386-20150213-1429 snapshot.
... Kill Bill
03:06 PM Bug #4393: syslogd stops and fails to restart during boot in some cases: If you have made an archive of the logs you can post them on a site like Google Drive or Dropbox and PM me the URL on... Jim Pingle
11:11 AM Bug #4393: syslogd stops and fails to restart during boot in some cases: I just had this happen again after rebooting my box from Bug #4392. How can I email you the logs? Adam Esslinger
12:53 PM pfSense Packages Bug #4410: pfBlockerNG adding commented IPs: Hi Ryan, my PR for pfBNG *v1.04* was merged. Please let me know if that fixes your issue.
There is a "pfBlockerNG" t... BBcan177 .
11:32 AM Revision fc06d8ea: Surrond the some mobile clients attributes with " ( quote ) to help the strongswan parser identify properly the values. Ticket #4418: Ermal Luçi
11:31 AM Revision d17ad7f5: Surrond the some mobile clients attributes with " ( quote ) to help the strongswan parser identify properly the values. Ticket #4418: Ermal Luçi
11:21 AM Bug #4424 (Closed): Adding and removing shaper repeatedly causing interface crash: Since at least one other user confirmed that, filing the bug here - relevant forum thread: https://forum.pfsense.org/... Kill Bill
10:17 AM Bug #4392: OpenVPN daemon crashing with ath(4) card installed: I just had this happen again..Here is what I'm seeing. The Service status dashboard shows the Daemon is running, but... Adam Esslinger
06:19 AM Revision e2d0aee8: force minimum 100000 byte log file size. Some have been confused thinking this is KB, in some cases causing problems. This should help, and there shouldn't be a need for logs smaller than that.: Chris Buechler
06:17 AM Revision 47d3f94a: force minimum 100000 byte log file size. Some have been confused thinking this is KB, in some cases causing problems. This should help, and there shouldn't be a need for logs smaller than that.: Chris Buechler
05:49 AM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic: Ok thank you i think i know where the issue is now.
I will update here when the issue is fixed but will need a ker... Ermal Luçi
05:30 AM Bug #4418 (Feedback): IPsec mobile clients - bogus "p" appended to search domain: I pushed a commit since this seems relevant only during parsing time of the options.
Can anyone re-producing this ... Ermal Luçi
12:34 AM Bug #4418: IPsec mobile clients - bogus "p" appended to search domain: the symbol at the end that OS X's logs show doesn't copy/paste, attached screenshot. Chris Buechler
05:20 AM Bug #4422: /etc/rc.initial doesn't handle -c parameters: If you go to GitHub at https://github.com/pfsense/pfsense and make the edit online there, then submit a pull request,... Phillip Davis
04:46 AM Bug #4422 (Resolved): /etc/rc.initial doesn't handle -c parameters: /etc/rc.initial fails to handle parameters passed to it using -c. As a result, SFTP against the internal SSH server f... David Wood
05:11 AM Bug #4423 (Resolved): NTP RRD graphing fails to recognise that offset can be negative: The definition of the offset date source in /etc/inc/rrd.inc fails to recognise that offset can be negative, meaning ... David Wood
03:07 AM pfSense Packages Bug #4419: fatal: open /etc/aliases: No such file or directory: Update: My Postfix Forwarder version: 2.11.3_2 pkg v.2.4.1. NewTo You
02:43 AM pfSense Packages Bug #4419 (Resolved): fatal: open /etc/aliases: No such file or directory: I get this error in maillog:... NewTo You
03:06 AM pfSense Packages Bug #4420: warning: bad command startup -- throttling: Update: My Postfix Forwarder version: 2.11.3_2 pkg v.2.4.1. NewTo You
02:49 AM pfSense Packages Bug #4420 (Resolved): warning: bad command startup -- throttling: I get this error in maillog:... NewTo You
03:02 AM pfSense Packages Bug #4421 (Duplicate): Apache reserve proxy, location must specify Site Path, Backend Path or get http 503 error: Just want to report that I must specify Site Path, Backend Path to '/' instead of leaving blank to use '/' as suggest... NewTo You
02:47 AM Bug #4414: pfsense on amd64 Thinclient Futro S550 // 2.1.5 // 2.2: Hello Chris,
thanks for your reply
i added a dmesg dump of 2.1.5
I hope you find the bug.
thanks Tom
www_l... tom stern

02/12/2015

09:54 PM Revision f742c43e: Update fbegin.inc - Missing '/' in path: Found this issue in conjunction with user Digdug3 BBcan177 .
05:13 PM Bug #3290: IPV6 conectivity not restored after cablemodem reset: An update... had some maintenance last night... while my LAN prefix appears to have been restored following everythin... Anonymous
04:33 PM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic: I also increased the limiter to 700Mb, higher than throughput without limiter and it worked without issue, got the no... Travis Kreikemeier
04:27 PM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic: Finally able to get around to building a VM lab for this. Here is what I have found.
* Appears to only be an issue... Travis Kreikemeier
01:58 PM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic: Can you do another test to have full information?
Do the usual breaking test you have reported and show the output... Ermal Luçi
04:26 PM Bug #4418 (Confirmed): IPsec mobile clients - bogus "p" appended to search domain: it's more than just a p, it ends up with some weird character after the p as well. I've already dug into this a bit b... Chris Buechler
04:22 PM Bug #4418 (Resolved): IPsec mobile clients - bogus "p" appended to search domain: At least 4 reports of this on the forum:
https://forum.pfsense.org/index.php?topic=88631.0
https://forum.pfsense.or... Kill Bill
04:24 PM Revision b95a4d8a: Set srctrack separate from this test or the value won't save unless the sticky box status also changed.: Jim Pingle
04:24 PM Revision 1ac99c4e: Set srctrack separate from this test or the value won't save unless the sticky box status also changed.: Jim Pingle
04:11 PM Bug #4131: CP RADIUS accounting not working: Still having this issue on a machine updated from 2.1.5 to 2.2.
Prior to upgrading, the setup did work, although the... Mikael K
03:16 PM pfSense Packages Bug #4417 (Resolved): Ruleset link for GPLv2 Community rules on Categories tab is incorrect: If you're on the Categories tab and have enabled "GPLv2 Community Rules (VRT certified)", the hyperlink assigned to i... Ryan .
02:42 PM Bug #4276 (Confirmed): Layer 7 not working / ipfw-classifyd high load: Pretty simple to reproduce
* Add a layer 7 container, for example, to block bittorrent
* Apply the layer 7 contai... Jim Pingle
02:41 PM Bug #4416 (Closed): Layer 7 is broken and will not pass traffic on 2.2: Duplicate of #4276 Jim Pingle
02:03 PM Bug #4416 (Confirmed): Layer 7 is broken and will not pass traffic on 2.2: Jim Pingle
02:02 PM Bug #4416 (Closed): Layer 7 is broken and will not pass traffic on 2.2: Using a basic test case, Layer 7 is not functional on 2.2:
* Add a layer 7 container, for example, to block bittorre... Jim Pingle
02:38 PM pfSense Packages Bug #4410: pfBlockerNG adding commented IPs: Great! I'll try it out once it's released.
Thanks Ryan .
01:45 PM Bug #4414 (Rejected): pfsense on amd64 Thinclient Futro S550 // 2.1.5 // 2.2: hardware-specific problem, replicate on stock FreeBSD 10.1 and report upstream. Chris Buechler
01:44 PM Bug #4414: pfsense on amd64 Thinclient Futro S550 // 2.1.5 // 2.2: This is not a supported platform.
Try booting stock freebsd 10.1 off a USB stick.
Also post the full verbose kernel... Jeremy Porter
01:19 PM Bug #4414: pfsense on amd64 Thinclient Futro S550 // 2.1.5 // 2.2: dmesg.txt added tom stern
05:56 AM Bug #4414 (Rejected): pfsense on amd64 Thinclient Futro S550 // 2.1.5 // 2.2: Hello@All
on my labs firewalls (Thinclient Futro S550 /amd64/1GB/CF-Card-4G)
--2.1.5 will only boot "headless" ... tom stern
01:27 PM Bug #2526 (Feedback): Limiter appears to break IPv6 connectivity: A patch has been pushed which will fix limiters with ipv6. Ermal Luçi
11:34 AM pfSense Packages Bug #4415 (Resolved): wrong start script in nrpe2 within 64bit installation: After Update to 2.12_4 v2.2_3 service does not start any more.
Log: root: /usr/local/etc/rc.d/nrpe2.sh: WARNING: r... Manfred Bongard
10:44 AM Revision a9982b43: Unobsolete crypto tools and athstats, ticket #4239: Renato Botelho
10:44 AM Revision 0a81c3ab: Unobsolete crypto tools and athstats, ticket #4239: Renato Botelho
09:33 AM Bug #4266: Rekeying issues with IKEv1 and multiple P2s under some circumstances: Some people have reported that this happens only if prefer oldsa setting is enabled. Ermal Luçi
09:22 AM Bug #4402: Unbound: enable harden-glue by default and/or apply patch: Thanks for the fixes !
On this topic, Unbound 1.5.2rc1 has just been released, and final may then be ready before... Olivier Müller
04:44 AM Bug #4239 (Feedback): athstats, cryptostats, cryptotest missing from 2.2 builds: Build was fixed and all binaries removed from obsolete list Renato Botelho
04:29 AM Revision d4a18f13: Merge branch 'RELENG_2_2' of git.pfmechanics.com:pfsense/pfsense into RELENG_2_2: Chris Buechler
04:28 AM Revision 0f31e918: get rid of wizards/initial/ images that were never used: Chris Buechler
04:28 AM Revision 6972f14e: get rid of wizards/initial/ images that were never used: Chris Buechler
03:06 AM Feature #4413 (Duplicate): Vendor specific option spaces: It would be nice to have a possibility to specify subject. Dmitriy K
12:14 AM pfSense Packages Bug #4324: HAproxy and SSL client certificate validation: I tested the latest version (had an IPv6 connectivity problem with the packages repository), it works as intended.
... Stéphane Lapie

02/11/2015

11:00 PM Revision 377b1faa: DHCPv6 client rules MUST come before bogons. Add a comment that hopefully: sticks out so this stops getting broken. Ticket #3395 Chris Buechler
10:59 PM Revision 274a531a: DHCPv6 client rules MUST come before bogons. Add a comment that hopefully: sticks out so this stops getting broken. Ticket #3395 Chris Buechler
09:20 PM pfSense Packages Bug #4410: pfBlockerNG adding commented IPs: @Ryan. Thanks for the Bug report. I haven't seen a Comment line with an IP in it before. The fix for this bug is in m... BBcan177 .
12:08 PM pfSense Packages Bug #4410 (Resolved): pfBlockerNG adding commented IPs: We have a list provider that requires our IP be passed as a variable in the query (e.g. http://example.com/list.php?i... Ryan .
08:18 PM Revision eaa89cc6: Ticket #4390 Return only the subnet bits not the full network in cidr format.: Ermal Luçi
08:17 PM Revision 810b36ac: Fixes #4390 Properly return the vip subnet now that the CARP might not match its parent interface subnet.: Ermal Luçi
07:34 PM Revision 1c4c5ed2: Remove dead code and unset vars so next time the code works properly avoiding cache issues.: Ermal Luçi
07:34 PM Revision 657932fd: Remove dead code and unset vars so next time the code works properly avoiding cache issues.: Ermal Luçi
07:29 PM Revision b65de558: Fixes #4389 The VIP interfaces cannot be assigned since they are just an identification of the VIP for tracking. Consider that when configuring gif/gre. Also on bridges you cannot set a vip interface as its member.: Ermal Luçi
07:26 PM Revision 2de650f6: Fixes #4389 The VIP interfaces cannot be assigned since they are just an identification of the VIP for tracking. Consider that when configuring gif/gre. Also on bridges you cannot set a vip interface as its member.: Ermal Luçi
07:20 PM Bug #4379: Remove CGN (RFC6598) address space from "private networks": it's only unusable where you need to allow traffic into WAN that's sourced from CGN space. Which in nearly all cases ... Chris Buechler
07:00 PM pfSense Packages Bug #4412 (Not a Bug): squid reverse proxy: when I try to activate the squid reverse proxy reports an error and when I modify sysctl returns or null or invalid s... alberto alcala pinto
05:00 PM Bug #3395 (Feedback): DHCPv6 client pass rules need to come before bogons: Indeed. Fixed again, and added a comment that will hopefully prevent this from ever getting broken again. Chris Buechler
04:21 PM Bug #4398: Userlist - No sorting anymore: note the sort is there if you have 1 user only, disappears with > 1. I'm sure Phil's right on that. Moving to 2.2.2 s... Chris Buechler
04:20 PM Bug #4398 (Confirmed): Userlist - No sorting anymore: Chris Buechler
04:12 PM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot: Chris Buechler wrote:
> Andreas: could you do some experimentation with your combination of hardware? See if it's th... Andreas Walther
03:56 PM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot: the only scenario we've been able to replicate is with no SD card installed. It's easily replicable by just removing ... Chris Buechler
03:46 PM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot: I don't have an SD card in, but I do have a Mini-PCIe wireless card. Jim Pingle
03:41 PM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot: Well the first crash after update from 2.1 to 2.2 was with a sd card as the disk and a mini pcie 3g modem installed.
... Andreas Walther
02:57 PM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot: ... Jim Pingle
02:49 PM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot: does sysctl hw.bus return a result? Ermal Luçi
12:41 PM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot: I can reproduce it on my APU now as well. Fresh install on mSATA, no SD card inserted, using the factory image.
Seem... Jim Pingle
04:04 PM Bug #4404 (Rejected): Fatal error when enabling IPSec: not a bug.
source is available here:
https://github.com/pfsense/pfsense Chris Buechler
06:24 AM Bug #4404: Fatal error when enabling IPSec: Do you have a link to a stock util.inc, so I can compare ?
The file i patched, I need to have several subnets in D... Lars Juul
01:19 AM Bug #4404 (Feedback): Fatal error when enabling IPSec: you're missing, or have a broken, /etc/inc/util.inc file. The installer can't forget files (and if anything as critic... Chris Buechler
04:01 PM Bug #4407 (Rejected): unbound advanced settings broken: nothing is broken, just have to put things in correctly. added #4411 to add input validation at some point to prevent... Chris Buechler
06:03 AM Bug #4407: unbound advanced settings broken: Kill Bill wrote:
>
> The server: clause is not the place for different kind of things, like the stub zone and forw... Andreas Pflug
06:03 AM Bug #4407: unbound advanced settings broken: Can we please append a link to unbound.conf(5) manpage (https://www.unbound.net/documentation/unbound.conf.html) with... Kill Bill
05:52 AM Bug #4407: unbound advanced settings broken: Andreas Pflug wrote:
> Moving the custom option generation as suggested would make any option appear under the serve... Kill Bill
05:12 AM Bug #4407: unbound advanced settings broken: Kill Bill wrote:
> What advanced settings? This is just not true in general. Prefix the custom options with server: ... Andreas Pflug
05:01 AM Bug #4407: unbound advanced settings broken: In my case, I need *do-not-query-localhost: no* set.
Andreas Pflug
04:51 AM Bug #4407: unbound advanced settings broken: What advanced settings? This is just not true in general. Prefix the custom options with server: as noted on the bug ... Kill Bill
03:25 AM Bug #4407: unbound advanced settings broken: If you have a patch change that works, it will be very easy for the devs if you make the edit at https://github.com/p... Phillip Davis
03:02 AM Bug #4407 (Rejected): unbound advanced settings broken: Same symptom as https://redmine.pfsense.org/issues/4090, but a different reason:
When domain overrides are set, an... Andreas Pflug
04:00 PM Feature #4411 (Resolved): add validation of Unbound advanced configuration: Something similar to dnsmasq's advanced config validation would be helpful for Unbound, to prevent users from creatin... Chris Buechler
02:51 PM Bug #4178: IPsec leftsubnet changed to 0.0.0.0 with Cisco unity plugin active: Probably that was because the strongswan setting was not being propagated to the plugin.
Now that strongswan was upd... Ermal Luçi
02:35 PM Bug #4389: gif0 tunnel for ipv6 using a carp-ip to the outside world stops working upon reboots and some config changes: Copied interfaces.inc and system.inc to my 2.2 box and seems to work alright now..
Without daily snapshots online,... Pi Ba
01:30 PM Bug #4389: gif0 tunnel for ipv6 using a carp-ip to the outside world stops working upon reboots and some config changes: Applied in changeset commit:b65de5585bb7bffe06750c712b399cd4da10052c. Ermal Luçi
01:30 PM Bug #4389: gif0 tunnel for ipv6 using a carp-ip to the outside world stops working upon reboots and some config changes: Applied in changeset commit:2de650f6117f4b80c3db4f9b46ad83d75d5b9130. Ermal Luçi
01:28 PM Bug #4389 (Feedback): gif0 tunnel for ipv6 using a carp-ip to the outside world stops working upon reboots and some config changes: Ok should be fixed by the commit i pushed.
Can you please confirm as well?
This seems to be a bug since 2.1++ Ermal Luçi
02:30 PM Bug #4390: Cannot create an IP alias on a CARP interface where the actual Interface address is in a different network: Applied in changeset commit:810b36ac0c363c21ea2f1b963f2c1be142fc59a2. Ermal Luçi
02:17 PM Bug #4390 (Feedback): Cannot create an IP alias on a CARP interface where the actual Interface address is in a different network: It behaves correctly with the applied patch. Ermal Luçi
09:46 AM pfSense Packages Bug #4409 (Resolved): Tincd not starting on pfSense 2.2: Hello,
i had troubles getting tinc daemon to work in 2.2, after some investigation I had to do:
ln -s /usr/loc... Raimund Sacherer
09:12 AM Revision 01c155f2: Random text typos: and I "corrected" function names that had "_choosen_" in them.
That is not technically an error - function names do n... Phil Davis
09:04 AM Revision 302cb96e: Check if notification is disabled: in send_smtp_message()
Other packages like arpwatch sm.php and cron job output as reported in forum https://forum.pfs... Phil Davis
09:04 AM Revision 33649526: Merge pull request #1480 from phil-davis/patch-1: Renato Botelho
09:02 AM Revision 1444c08e: Random text typos: that I noticed. Phil Davis
09:01 AM Revision c70002be: Merge pull request #1482 from phil-davis/CP-text-typos: Renato Botelho
09:00 AM Revision 4ab7f8f4: Fix typo in class in bridge edit: Fixing this makes nice little pencil icons appear in front of the text
entry fields. Phil Davis
09:00 AM Revision ef8182ca: Merge pull request #1483 from phil-davis/formfld-unknown: Renato Botelho
08:59 AM Revision 079b0e20: Remove unset variable, spotted by phil-davis: Renato Botelho
08:59 AM Revision 5132312f: Remove unset variable, spotted by phil-davis: Renato Botelho
08:34 AM Bug #4408: Changes to DHCP-services crashes GUI and DHCP daemon when many leases are in use: If I disable DHCP failover everything works perfectly. Lars Jorgensen
08:22 AM Bug #4408 (Closed): Changes to DHCP-services crashes GUI and DHCP daemon when many leases are in use: I have the DHCP service running on five interfaces and a good amount of leases (I would guess around 1,000 or more at... Lars Jorgensen
07:45 AM Revision b3aacd59: rrset-cache-size should == 2 * msg-cache-size. Ticket #4367: Chris Buechler
07:44 AM pfSense Packages Bug #4198: lightsquid doesn't work, perl is missing: I saw that yesterday, thank you! Cino .
07:42 AM pfSense Packages Bug #4198 (Feedback): lightsquid doesn't work, perl is missing: I pushed a fix for this yesterday. Perl is there but the package couldn't find it. Works for me now in testing. Jim Pingle
07:43 AM Revision 2597415b: rrset-cache-size should == 2 * msg-cache-size. Ticket #4367: Chris Buechler
07:28 AM Revision 0c6db320: Fix typo in class in bridge edit: Fixing this makes nice little pencil icons appear in front of the text
entry fields. Phil Davis
07:14 AM Revision 24cbfd5a: Check if Unbound is enabled and using the same port before allowing dnsmasq to be enabled. part of Ticket #4332: Chris Buechler
07:13 AM Revision 06e847a7: Check if Unbound is enabled and using the same port before allowing dnsmasq to be enabled. part of Ticket #4332: Chris Buechler
07:07 AM Revision f416763b: Random text typos: that I noticed. Phil Davis
03:42 AM Bug #4401: remove xen netfront driver until it can handle altq: Is there a way to disable xen detection while booting?
I had to remove traffic shaping from my local pfsense and now... Grischa Zengel
03:21 AM Bug #4401: remove xen netfront driver until it can handle altq: xn0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=3<RXCSUM,TXCSUM>
ether be:f5:19... Chris Linstruth
02:12 AM Bug #4402 (Confirmed): Unbound: enable harden-glue by default and/or apply patch: Part of this was fixed in the default config yesterday (harden-glue is now enabled by default). We'll also add config... Chris Buechler
02:10 AM Bug #4406 (Confirmed): ALTQ problems with wireless cloned interfaces: ath(4) does have ALTQ support, but its cloned interfaces end up unable to use it. ... Chris Buechler
01:57 AM Bug #4237: Error "macro IPsec not defined" once after firmware upgrade: still no other reports of this. will leave for feedback for now. Chris Buechler
01:55 AM Bug #4268 (Confirmed): changes in strongswan config don't apply to SAD or SPD: It causes a wide range of problems for people. We've already seen several people report IPsec changes not applying be... Chris Buechler
01:46 AM Bug #4367 (Feedback): Incorrect rrset-cache-size in unbound.conf: that was apparently an oversight, thanks for catching. It should be fixed with what I just committed, which sets rrse... Chris Buechler
01:29 AM Bug #4329: OpenVPN Server returns an error message while validating selfsigned certificate with a deep of 2: ... Armin Tueting
01:27 AM pfSense Packages Bug #4222: Update to 2.2 RC breaks domU: Douglas Haber wrote:
> Maybe a hook should be added then in the web UI to say, "hey, Xen detected, please make sure ... Chris Buechler
12:14 AM Bug #4397 (Confirmed): MTU must be set in same ifconfig command as IP: setting the MTU before setting the IP doesn't behave any differently. The MTU must be appended to the ifconfig comman... Chris Buechler
12:05 AM Bug #4375 (Rejected): Kernel Crash: this is a hardware-specific issue of some sort, not an issue in our code. Judging by Ermal's analysis, ACPI seems lik... Chris Buechler

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

03/12/2015

03/11/2015

03/10/2015

03/09/2015

03/08/2015

03/07/2015

03/06/2015

03/05/2015

03/04/2015

03/03/2015

03/02/2015

03/01/2015

02/28/2015

02/27/2015

02/26/2015

02/25/2015

02/24/2015

02/23/2015

02/22/2015

02/21/2015

02/20/2015

02/19/2015

02/18/2015

02/17/2015

02/16/2015

02/15/2015

02/14/2015

02/13/2015

02/12/2015

02/11/2015