Project

General

Profile

Activity

From 03/25/2015 to 04/23/2015

04/23/2015

06:17 PM Revision edda5d0b: This was meant to remove duplicates here, even though charon will do by itself but better do it since it was meant to.
Ermal Luçi
06:16 PM Revision 2334aff9: This was meant to remove duplicates here, even though charon will do by itself but better do it since it was meant to.
Ermal Luçi
03:24 PM Bug #4383: Firewall log contains IGMP for rules that do not have logging on
I too have ran into this. Very irritating. :)
 Bill Crowder
03:22 PM Revision 42328d90: Removed double newlines.
Removed onclick event. Peter Peter
02:56 PM Revision 49878b9e: Add static mapping interface not set when IP in a pool
If the DHCP IP address is in a pool (not in the main DHCP range for the interface) then the interface that correspond... Phil Davis
02:55 PM Revision 45b99bb6: Remove unneeded gettext in setHelp() call
sbeaver
02:37 PM Revision 3a652703: Removed unneeded table elements and HTML input elements
Ready for review sbeaver
02:25 PM Revision 48ac0aa0: Do not process dhcpd implementation if input errors
If I go to Service->DHCP Server, make some edits that are invalid (e.g. change range start or end to some invalid str... Phil Davis
12:27 PM Revision a6ff5ea1: Removed unneeded class and fixed tabs/spaces
sbeaver
11:58 AM Revision c9be8d9f: #126
Link_interface_to_bridge check also applied to wol_edit.
Inverted link_interface_to_bridge check to be more clear. Peter Peter
10:00 AM Bug #4649: Add static mapping for this mac address button links to wrong page
So I don't know what your bug is - that is really weird if the link has "if=" with no interface, but then the interfa... Phillip Davis
09:40 AM Bug #4649: Add static mapping for this mac address button links to wrong page
Yes, they are all fine. If I hover over the plus button for more than a few MSEC, the URL fills out completely and t... David Gessel
08:29 AM Bug #4649: Add static mapping for this mac address button links to wrong page
Have you defined DHCP pools?
Do the effected entries have DHCP addresses issued from the pool(s)?
I can see that th... Phillip Davis
06:59 AM Bug #4649: Add static mapping for this mac address button links to wrong page
A little testing - I can get it to happen pretty reliably in both Chrome and Firefox. What I noticed was that the de... David Gessel
08:05 AM Revision 2c20e3e9: Re-enstate copyright that got lost in pull request
Refs. #99 Sander van Leeuwen
07:37 AM Bug #4651 (Resolved): Policy route negation rules receive the same tracker ID as the rule they are based upon, which confuses the log parser
If the policy route negation rules are active, the automatic negation rule receives the same tracker ID as the rule i... Jim Pingle
04:56 AM Bug #4639: NAT fails to correctly translate udp port numbers embedded in certain ICMP error packets
I found the pf-rule that causes the problem:
pass out route-to ( pppoe0 2.2.2.2 ) from 1.1.1.1 to !1.1.1.1/32 tra... Daniel Haid
04:03 AM pfSense Packages Feature #4503: GNUGateKeeper H.323 Proxy Package
I installed this package openh323-1.19.0.1_8 . PFsense 2.1.5 i386.
pkg_add -r ftp://ftp-archive.freebsd.org/pub/Fre... Aleksei Aksenov
03:24 AM Bug #3749: Upgrade from 2.1.4 to 2.2 does not automatically reboot
i had the exact same issue when i upgraded one box from 2.1.5 to 2.2.2, it didnt reboot, ssh was lost, only web gui w... Bipin Chandra
01:56 AM Bug #3749: Upgrade from 2.1.4 to 2.2 does not automatically reboot
Braden McGrath wrote:
> This also happens on 2.1.5, and just occurred for me on a 2.1.5 -> 2.2.2 upgrade (x64/AMD64)... Braden McGrath
01:44 AM Bug #3749: Upgrade from 2.1.4 to 2.2 does not automatically reboot
This also happens on 2.1.5, and just occurred for me on a 2.1.5 -> 2.2.2 upgrade (x64/AMD64).
I have remote web ac... Braden McGrath

04/22/2015

10:16 PM Bug #4649 (Not a Bug): Add static mapping for this mac address button links to wrong page
services_dhcp.php doesn't exist in that file at all. Don't see how that would be possible.
Definitely report back... Chris Buechler
09:08 PM Bug #4649: Add static mapping for this mac address button links to wrong page
well that is very weird. I opened chrome and tested, it worked correctly. I switched to a firefox tab, selected DHC... David Gessel
08:14 PM Bug #4649: Add static mapping for this mac address button links to wrong page
It works fine on my 2.2.2 systems. I have attached a screen shot of Status->DHCP Leases while hovering over the butto... Phillip Davis
01:59 PM Bug #4649 (Not a Bug): Add static mapping for this mac address button links to wrong page
The add static mapping for this mac address button used to take one to the static mapping entry page at /services_dhc... David Gessel
10:08 PM Revision 0c9eb13b: #126
Added required classes to table. Peter Bouwdewijn
10:03 PM Revision f0b20c3f: #126
Wrapped table in table responsive div. Peter Bouwdewijn
09:50 PM Revision ba8749ed: #126
Removed gettext calls when creation form parts; this is done by the form class
Removed obsolete submit button on edit... Peter Bouwdewijn
09:15 PM Revision ea96b189: - Fix broken source address input & replace one-time method with array_merge
- Removed redundant htmlspecialchar and gettext methods; the form class itself takes care of this
- Slightly modified... Sander van Leeuwen
08:52 PM Revision 7aac3413: Merge pull request #99 from sbeaver-netgate/diag_testport
Diag testport Sander van Leeuwen
08:15 PM Revision d6f74188: Trying to submit a symlink as part of crash reports will cause a failed
submission. Remove symlinks first. Also properly set user agent while
here, consistent with others. Fix some style an... Chris Buechler
08:14 PM Revision bc28e0e4: Trying to submit a symlink as part of crash reports will cause a failed
submission. Remove symlinks first. Also properly set user agent while
here, consistent with others. Fix some style an... Chris Buechler
08:11 PM Revision 8c10899b: Replace +- with explanatory buttons
Refs. #45 Sander van Leeuwen
07:19 PM Revision 50715ba1: diag_logs_settings.php conversion complete
sbeaver
03:13 PM Bug #4650 (Feedback): some crash reports containing symlinks fail to submit
Chris Buechler
03:11 PM Bug #4650 (Resolved): some crash reports containing symlinks fail to submit
Some crash reports that have symlinks in /var/crash will fail to submit. Fix coming momentarily Chris Buechler
12:53 PM pfSense Packages Bug #4491 (Resolved): Incorrect module location in start up script for Open-VM-Tools
fixed (by removing the modules entirely for now at least, they mostly aren't necessary, and cause stability issues) Chris Buechler
12:18 PM pfSense Packages Bug #4160 (Resolved): First shutdown attempt of guest fails with open-vm-tools
fixed Chris Buechler
12:17 PM pfSense Packages Bug #4638 (Resolved): not able to install or update open-vmware-tools package
fixed Chris Buechler
11:54 AM Revision 301eb34f: Tidy up "status_upnp.php" XHTML
Remove double line from table Colin Fleming
11:51 AM Revision 57e15e41: Tidy up "services_unbound.php" XHTML
Add missing closing TD tag Colin Fleming
10:12 AM Todo #1940: Integrate rSyslogd
I need to send my syslog through internet and for security reason I need TLS/SSL to do that.
Please switch syslogd t... Florian Cristina
09:50 AM Feature #4366: Namecheap Dynamic DNS updates fail on subdomain formatted domains
The main problem isn't if the domain is 2 or 3 part. It's that hard coding the number of parts breaks it for anythin... Trel S
09:40 AM Feature #4366: Namecheap Dynamic DNS updates fail on subdomain formatted domains
well then the current logic uses 3 parts when on domain.co.uk whereas namecheap has other domains with 3 parts like x... Bipin Chandra
09:29 AM Feature #4366: Namecheap Dynamic DNS updates fail on subdomain formatted domains
>There are cases when the domain has more than two parts, specifically the case in the test with .uk, so the domain i... Trel S
09:19 AM Feature #4366: Namecheap Dynamic DNS updates fail on subdomain formatted domains
Trel S wrote:
> "parta.partb" is a valid A record. Using the logic you said, there would be no possibility of updat... Jim Pingle
09:07 AM Feature #4366: Namecheap Dynamic DNS updates fail on subdomain formatted domains
The safest solution would be the two input boxes to allow the user to define how much is the host name, and how much ... Trel S
09:04 AM Feature #4366: Namecheap Dynamic DNS updates fail on subdomain formatted domains
But that would then break in scenarios such as
parta.partb.domain.tld
"parta.partb" is a valid A record. Using... Trel S
09:04 AM Feature #4366: Namecheap Dynamic DNS updates fail on subdomain formatted domains
Modifying that test would break other domains that function correctly now. That may be an "easy fix" for this specifi... Jim Pingle
09:01 AM Feature #4366: Namecheap Dynamic DNS updates fail on subdomain formatted domains
easy fix would be to edit the /etc/inc/dyndns.class file on line 537
replace
$domain_part_count = ($dparts[count(... Bipin Chandra
08:52 AM Feature #4366: Namecheap Dynamic DNS updates fail on subdomain formatted domains
rather than having to modify gui and the xml values separately, its better to modify the logic such that u consider o... Bipin Chandra
09:20 AM pfSense Packages Bug #4277: squidGuard-squid3 installation Failed after pfSense Update to 2.2
squid3 fails to install on a fresh 2.2 install too, here is the error:
Beginning package installation for squid3 .... Ricardo Klein
07:39 AM Bug #4648 (Resolved): ifconfig syncpeer fails with IPv6 address
When running CARP in an IPv6 only environment I get this error during bootup:
Apr 22 14:11:32 fw002-ac php: rc.boo... Pim Pish
02:40 AM Bug #4592: FreeBSD 10.1-RELEASE-p6 signal handling problems with squid (FreeBSD bug 195802)
I just wanted to bump this bug report: I tested with 2.2.2, and it still dumps core (as Chris mentioned above).
I'... Christopher Taylor
02:02 AM pfSense Packages Bug #4561: siproxd listening port redirect rule pulling wrong tag from <siproxdsettings> (config.xml)
Good day! Tell me, is it possible to expand the functions of the package ,siproxd, so that he could translate the pro... Aleksei Aksenov

04/21/2015

11:01 PM Bug #3022: OpenVPN does not failover to the 2nd configured LDAP auth.server
two years has passed.. any chances to have that fixed in near future? Alex Kolesnik
10:00 PM Revision bc3fa9f1: #126
Ran clear.sh.
Replaced forms with Form builder.
Introduced an extra panel for the WOL devices. Peter Bouwdewijn
06:06 PM Revision 201c0361: Added btn-sm class to buttons.
sbeaver
05:59 PM Feature #4647 (Resolved): Services: DHCP server should default to LAN, not WAN
When you click on Services-DHCP Server the first tab to open is the WAN tab, where you're very unlikely to be serving... David Gessel
05:54 PM Revision 33d52df1: daig_logs.php conversion complete
This conversion relies on a change to guiconfig.inc.
A new function was added: dump_clog_no_table() which performs t... sbeaver
05:43 PM Revision 26b94b87: Merge manually pull request #1626 to this branch
Ermal Luçi
05:42 PM Revision 1f5ac937: Merge pull request #1626 from gogglespisano/apinger
Ermal Luçi
05:40 PM Revision e1bcb659: s/;/:/
Ermal Luçi
05:39 PM Revision 7b9d7eac: Revert "Revert "Move to specifically specifying the ID type apart when an ip address to have strongswan do proper behaviour. Also for DynDNS names use the dns type id so strongswan does the resolving by its own.""
This reverts commit 4e8eacfd7c0f1909c15d85b4cae2302b0ba3f0fc.
Conflicts:
etc/inc/ipsec.inc Ermal Luçi
01:09 PM pfSense Packages Feature #4581: Add dshield-sensor port to pfPorts
Is there something more I need to do to get this processed? Robert Nelson
12:20 PM Bug #4639: NAT fails to correctly translate udp port numbers embedded in certain ICMP error packets
I have now tried to reproduce this on a pure FreeBSD 10.1 installation, but everything seems to be working correctly ... Daniel Haid
11:15 AM Revision 2e101d89: Toggle classes should be attached to group, not input (so that help toggles with group)
Refs. #18 Sander van Leeuwen
09:35 AM Revision 748cbea6: Update display_top_tabs to use pills as default
Refs. #107 Sander van Leeuwen
06:53 AM Revision fe65bb3a: Fall back to getting local user pages and groups
if the groups could not be found from LDAP and there is a local user. Phil Davis

04/20/2015

11:25 PM pfSense Packages Bug #4160: First shutdown attempt of guest fails with open-vm-tools
there was still some work in progress there. The _12 version is available now. Chris Buechler
06:53 PM pfSense Packages Bug #4160: First shutdown attempt of guest fails with open-vm-tools
I note that you recently made some changes. Were these released in the _11 release of VMWare_Tools. However, after ... Greg Siemon
10:43 PM pfSense Packages Bug #4567: ntopNG Geo files missing
Still receiving the following GeoIP related errors...
On startup:
ntopng: [Geolocation.cpp:59] WARNING: Unable to... Denny Page
09:51 PM Bug #4645 (Duplicate): Very,very, slow boot and halt (not first time) - nanobsd
duplicate of #4617
The nano images weren't updated as they're generally not affected (most enable the serial cons... Chris Buechler
04:17 PM Bug #4645: Very,very, slow boot and halt (not first time) - nanobsd
Disable the serial port. Kill Bill
03:48 PM Bug #4645 (Duplicate): Very,very, slow boot and halt (not first time) - nanobsd
I'm trying pfsense 2.2.2 in this hardware:
http://linitx.com/product/fabiatech-fx5625-intel-atom-18ghz-8-nic-firew... JAume Ponsa
09:26 PM Revision 3be781e7: Add new bios product id string
Jeremy Porter
08:37 PM Revision be2191af: Add new bios product id string
Jeremy Porter
07:46 PM Feature #4646 (New): Recover valuable vertical screen real estate in dashboard
Vertical screen real estate tends to be quite valuable.
The dashboard page uses about 1/2" at the top of the page ... B. Derman
07:04 PM Revision 9cf1dbff: Remove duplicate 'ppp' case in switch statement
Stuart Wyatt
06:54 PM Revision a75d1a5f: Allow to configure new modes for phase1 according to RFC 5903 by manually merging pull request #1501 partially. While here preserve style.
Ermal Luçi
06:53 PM Revision 7a747654: Allow to configure new modes for phase1 according to RFC 5903 by manually merging pull request #1501 partially. While here preserve style.
Ermal Luçi
06:40 PM Revision 868a62be: Fix #4640 IPsec Auto-exclude LAN address toggles every time save is pressed.
Actually the GUI is displaying the opposite setting to what is in the config. When the user pressed save that opposit... Ermal Luçi
06:38 PM Revision 162d7d23: Merge pull request #1624 from phil-davis/patch-1
Ermal Luçi
06:37 PM Revision 905e1156: Fixes #4625, manual merge of pull request #1617 for RELENG_2_2 branch on fixing voucher disconnection.
Ermal Luçi
06:34 PM Revision 0fa9acb7: Merge pull request #1617 from Gertjanpfsense/master
Ermal Luçi
05:47 PM Revision ad9e2a90: dig_tables.php revised to use Form.classe
Would you please review these changes and let me have your comments.
I will remove the “echo” statements once I have... sbeaver
04:04 PM Revision 41b1ff89: More www code style oddments
Phil Davis
04:01 PM Bug #4640: "Disable Cisco Extensions" change toggles "Auto-exclude LAN address" setting
Errr... let me repeat this once again: this does the exact opposite of what's described in the GUI! When you enable t... Kill Bill
01:40 PM Bug #4640: "Disable Cisco Extensions" change toggles "Auto-exclude LAN address" setting
Applied in changeset commit:868a62be4c27860aef9f3fd939beee5a6f26090a. Ermal Luçi
01:40 PM Bug #4640: "Disable Cisco Extensions" change toggles "Auto-exclude LAN address" setting
Applied in changeset commit:75d072be3a10949ead88a82ecec51ae0e5490fbe. Phillip Davis
01:38 PM Bug #4640 (Feedback): "Disable Cisco Extensions" change toggles "Auto-exclude LAN address" setting
Merged pull request. Ermal Luçi
01:40 AM Bug #4640: "Disable Cisco Extensions" change toggles "Auto-exclude LAN address" setting
Indeed confirmed. The GUI description is totally inverted to the actual behaviour. Stuff like noshuntlaninterfaces, n... Kill Bill
01:29 AM Bug #4640: "Disable Cisco Extensions" change toggles "Auto-exclude LAN address" setting
I am totally confused. So I applied this, checked the checkbox and the bypasslan connection got deleted.... Kill Bill
02:11 PM Feature #4644 (Resolved): Dyndns Loopia Wildcard
Add wildcard support for Loopia dynamic dns.
My changes in /etc/inc/dyndns.class
case 'loopia':
$needsIP = TRU... Andreas Tunberg
01:40 PM Bug #4625: Expiring a voucher doesn't disconnect a user who is using that voucher
Applied in changeset commit:905e1156680129b3c49fe380b4e821f9eb02362a. Ermal Luçi
01:35 PM Bug #4625: Expiring a voucher doesn't disconnect a user who is using that voucher
Pull request merged. Ermal Luçi
11:19 AM Bug #4571: scheduled firewall reboot crashes
i have ordered another serial adapter so once i get that ill test that and report as well as i have few other alix bo... Bipin Chandra
10:59 AM Bug #4571 (Not a Bug): scheduled firewall reboot crashes
this is something specific to probably your serial console setup, maybe in combination with something to do with the ... Chris Buechler
05:29 AM pfSense Packages Feature #4643 (Needs Patch): munin-node package?
Hi again!
I extensively use munin-node to centrally monitor a bunch of pfsense devices, overall it runs fantastic!... Alejandro Olivan
05:17 AM Bug #4642 (Resolved): OpenVPN process status stopped... but its running
Hi again...
This is something i suffer consistently on my nanobsd installs since... don't remember, maybe from the... Alejandro Olivan
04:15 AM Revision 75d072be: Fix #4640 IPsec Auto-exclude LAN address toggles
every time save is pressed.
Actually the GUI is displaying the opposite setting to what is in the config. When the us... Phil Davis
02:49 AM Bug #4641 (Duplicate): Restored config loses IPv6 Link-Local DNS Forwarder Settings
Restoring a config that contains selected "Services -> DNS Forwarder -> Interfaces" which are "IPv6 Link-Local" doesn... B. Derman

04/19/2015

11:16 PM Bug #4640: "Disable Cisco Extensions" change toggles "Auto-exclude LAN address" setting
Actually the "Auto-exclude LAN address" setting is being displayed opposite to what is in the config. Every time you ... Phillip Davis
08:30 PM Bug #4640 (Resolved): "Disable Cisco Extensions" change toggles "Auto-exclude LAN address" setting
After updating from 2.2.1 to 2.2.2, in VPN -> IPsec -> Advanced Settings, the check-box setting for "Disable Cisco Ex... B. Derman
06:26 PM Revision 6e69ebef: Merge branch 'bootstrap' into halt
Conflicts:
usr/local/www/halt.php sbeaver
06:22 PM Revision 40d263e7: Merge branch 'bootstrap' of https://github.com/SjonHortensius/pfsense into bootstrap
Sander van Leeuwen
06:22 PM Revision 94596324: Add title to separate form and table
Refs. #22 Sander van Leeuwen
03:18 PM Revision b21e49ed: fix last line
refs #95 Sjon Hortensius
03:17 PM Revision efcc4fd4: Merge pull request #95 from sbeaver-netgate/reboot
Converted reboot.php SjonHortensius
03:16 PM Revision 6073137f: Updated for consistency with reboot.php
Updated for consistency with reboot.php sbeaver
03:09 PM Revision c9f0fd77: Fixed bad copy/paste :(
sbeaver
02:44 PM Revision a2a10102: appended some missing fixes in system_camanager.php
Sjon Hortensius
02:41 PM Revision 5d2edeca: Converted system_camanager
Sjon Hortensius
02:36 PM Revision 50ea0588: bindCollapseToOptions - support multiple options targeting single section
fix #96 Sjon Hortensius
02:24 PM Revision 6ea2ea99: Supdated per SH
Good suggestions. Thank you. sbeaver
01:32 PM Revision 17219182: Remove alternative version
sbeaver
01:27 PM Revision 0ba2494e: IpAddress - set correct validationpattern, toggle mask based on family
Sjon Hortensius
12:59 PM Revision 709754ab: Skip inline gw creation; it should be a Modal that inlines /gw_edit
Sjon Hortensius
12:56 PM Revision 3c128b8c: IpAddress - move from max mask=32 to 128, removed method-default @ fw_edit
Sjon Hortensius
12:55 PM Revision f3bb71cf: Converted system_routes*, pending implementation of direct gw addition
Sjon Hortensius
12:15 PM Revision 5f601060: Code style usr-local-www diag
Phil Davis
11:21 AM Revision 0b456cf7: pfSense.js - add confirm to .btn-danger elements; removed onclicks
Sjon Hortensius
10:47 AM Revision 67c3b90b: Merge branch 'bootstrap' of ssh://github.com/SjonHortensius/pfsense into bootstrap
Sjon Hortensius
10:42 AM Revision 249fc764: use foot.inc instead of custom footer on login screen
Sjon Hortensius
06:39 AM Revision 962f215d: Code style xmlrpc
Phil Davis
06:38 AM Revision 45b4ffc6: Code style usr-local-www back-end
files that do stuff in mostly in the background. Phil Davis
06:15 AM Bug #4571: scheduled firewall reboot crashes
well u use a usb to serial adapter or the above setup, the result is the same, not to mention not many new PC have a ... Bipin Chandra
04:16 AM Bug #4571: scheduled firewall reboot crashes
Bipin Chandra wrote:
> actually i use like this as my PC doesnt have a serial port
> USB to TTL adapter -> TTL to R... Kill Bill
04:03 AM Bug #4571: scheduled firewall reboot crashes
plus during pfsense boot it gives option to enter slice to boot from, that time using tera term not able to type 1 or... Bipin Chandra
03:59 AM Bug #4571: scheduled firewall reboot crashes
actually i use like this as my PC doesnt have a serial port
USB to TTL adapter -> TTL to RS232 (serial) adapter ->... Bipin Chandra
02:12 AM Bug #4571: scheduled firewall reboot crashes
Huh? Powered? Never seen a externally powered null modem cable. Kill Bill
01:37 AM Bug #4571: scheduled firewall reboot crashes
i mean the serial cable needs to be removed then if i unplug power and replug or the schedule runs then it reboots fine Bipin Chandra
12:50 AM Bug #4571: scheduled firewall reboot crashes
still having issues in reboot, when serial console is attached and conencted then it reboots fine, when serial consol... Bipin Chandra

04/18/2015

03:57 PM Revision 68b6d88c: Update PROGRESS.md
SjonHortensius
03:49 PM Revision 68a25036: Focus first input globally
Sjon Hortensius
03:48 PM Revision b5c278be: Complete conversion; add <form>, remove dead sntxhgh, use events
refs #94 Sjon Hortensius
03:21 PM Revision cbc967d4: Merge pull request #94 from sbeaver-netgate/edit_file
Convert edit.php SjonHortensius
03:18 PM Revision 19d32085: correct nesting & whitespace, then run away from this page fast
also no need for popen, you can simply use system() instead
refs #92 Sjon Hortensius
03:00 PM Revision d7f7cfdd: Merge pull request #92 from sbeaver-netgate/exec
Convert exec.php SjonHortensius
02:58 PM Revision 23601b9a: Completed diag_routes, add panels, fix generated tables
refs #91 Sjon Hortensius
02:52 PM Bug #4639 (Resolved): NAT fails to correctly translate udp port numbers embedded in certain ICMP error packets
I think I found a bug in the NAT of the packet filter, but I am not sure. My
setup is as follows.
client (linux)
... Daniel Haid
02:36 PM pfSense Packages Bug #4638 (Resolved): not able to install or update open-vmware-tools package
VMware Version 5.5 Update 2
VM Version 10
VMX Net3 nic's
Pfsense version 2.2.2 x64
When I click on update vm-... Tsvyatko Kriviradev
02:32 PM Revision 40b416b9: Merge branch 'sbeaver-netgate-diag_routes' into bootstrap
Sjon Hortensius
02:31 PM Revision 65d93621: Merge branch 'diag_routes' of https://github.com/sbeaver-netgate/pfsense into sbeaver-netgate-diag_routes
refs #91 Sjon Hortensius
02:23 PM Revision f3a51a3a: Completed diag_ndp, made consistent with status_dhcp_leases
refs #85 Sjon Hortensius
02:18 PM Revision 765d5ea0: Merge pull request #85 from sbeaver-netgate/diag_ndp
Convert diag_ndp.php SjonHortensius
02:16 PM Revision 1b939e01: Completed diag_limiter_info.php; made consistent with other pages
refs #83 Sjon Hortensius
02:13 PM Revision 0ba2b32f: Merge pull request #83 from sbeaver-netgate/diag_limiter_info
Convert diag_limiter_info.php SjonHortensius
02:10 PM Revision e44c520f: Reorder elements, use events, remove table
refs #79 Sjon Hortensius
02:06 PM Revision bd59922c: Merge pull request #79 from sbeaver-netgate/diag_system_activity
Converted diag_system_activity SjonHortensius
02:03 PM Revision 4e748801: Completed conversion of diag_pf_info - introduce Form
Sjon Hortensius
02:00 PM Bug #4637 (Closed): system unreachable after deleting VLAN
Scenario:
pfSense x86_64 2.2.2-RELEASE
Two-interface system: igb0, igb1.
One LACP LAGG, includes both interf... Adam Thompson
01:55 PM Bug #4636 (Closed): System - Firmware - Updater Settings - Firmware Branch behaviour is still completely braindead
When I select something from the "Default Auto Update URLs" dropdown, the "Use an *unofficial* server for firmware up... Kill Bill
01:47 PM Revision 4526063b: Merge pull request #77 from sbeaver-netgate/diag_pf_info
Converted diag_pf_info.php SjonHortensius
01:43 PM Revision c722847e: complete conversion of diag_system_pftop.php
refs #70 Sjon Hortensius
01:42 PM Revision abcc2dc5: make construct less strict to allow hiding submit button
Sjon Hortensius
01:27 PM pfSense Packages Feature #4635 (Rejected): openbgpd options applied at group level
In the OpenBGPd configuration, it would be very helpful if options could be declared at the group level as well as th... Adam Thompson
01:22 PM pfSense Packages Bug #4634 (Resolved): Still broken openbgpd config generation logic in 2.2
See #3227. Still broken when neighbours aren't part of a group. Adam Thompson
01:21 PM pfSense Packages Bug #3772: Broken openbgpd config generation logic in 2.2
Yup. Works correctly if the neighbour is part of a group, otherwise the same breakage occurs. Adam Thompson
01:20 PM pfSense Packages Bug #3772: Broken openbgpd config generation logic in 2.2
I'm guessing a similar fix needs to be applied around line 168. I'll try putting them all into groups and see what h... Adam Thompson
01:17 PM pfSense Packages Bug #3772: Broken openbgpd config generation logic in 2.2
I don't know if I'm doing something wrong, but when I apply the fixed version of openbgpd.inc to a 2.2.2-RELEASE syst... Adam Thompson
01:21 PM Bug #4617: boot_serial="YES" in loader.conf causes very slow boot on some hardware where serial console not enabled
Still an issue with recent pfSense-2.2.2-RELEASE-4g-amd64-nanobsd-vga.img.gz, just downloaded and installed a few hou... Andreas Bochem
01:12 PM Bug #4633 (Resolved): CARP not enabled upon creation of first CARP IP
On a new system, after creating a new CARP VIP, the CARP Status gadget for the dashboard shows "Disabled".
Turns out... Adam Thompson
01:02 PM Revision 6979041d: Merge pull request #70 from sbeaver-netgate/diag_system_pftop
Converted diag_system_pftop SjonHortensius
11:46 AM Bug #4003: SSH host keys regenerated post-2.2 upgrade
Frank Heydlauf wrote:
> this still seems to be open (at least for me) ... in all 3 cases the keys were not generated... Kill Bill
11:40 AM Bug #4003: SSH host keys regenerated post-2.2 upgrade
Hi folx,
this still seems to be open (at least for me)
Upgraded from 2.1.5-RELEASE to 2.2-rel to 2.2-rel to 2.2.1... Frank Heydlauf
11:36 AM Feature #336: Option to create lagg under assign interfaces
2.1, 2.2, 2.2.1, 2.2.2 also affected.
Currently going through this major PITA process on a pair of firewalls that ar... Adam Thompson
08:35 AM Revision 1d839e6d: Implement make bofre break feature avaliable on strongswan 5.3.0 useful for IKEv2. Fixes #4626
Ermal Luçi
08:34 AM Revision 0608bd3c: Implement make bofre break feature avaliable on strongswan 5.3.0 useful for IKEv2. Fixes #4626
Ermal Luçi
08:17 AM Feature #4632 (New): Support for Multipath TCP (MPTCP)
Hi,
i have read a lot of articles about MPTCP recently. So I wondered why the best router OS pfsense is not suppor... Cullen Trey
06:48 AM Bug #4238: Firewall rule: source port display issue
seems fine for me, clear ur browser cache and retry Bipin Chandra
04:06 AM Bug #4238: Firewall rule: source port display issue
Chris Buechler wrote:
> fixed
with the latest version i noted the issue is back and also is present in the destio... Giuanin Piemunteis
06:43 AM Bug #4571: scheduled firewall reboot crashes
ok, i reimaged the CF and now 115200 seems to work fine during slice selection, next thing to now test is the reboot ... Bipin Chandra
03:41 AM Bug #4571: scheduled firewall reboot crashes
115200 works just fine here on many Alix boxes. Looks like you should just re-image the broken box. Kill Bill
03:40 AM Feature #4626: Ability to set charon.make_before_break in strongswan.conf
Applied in changeset commit:1d839e6da61e7ce8eca949111ab41e59744d5e1e. Ermal Luçi
03:40 AM Feature #4626 (Feedback): Ability to set charon.make_before_break in strongswan.conf
Applied in changeset commit:0608bd3c354ea76eb6df9ed9322e2ef8686f15e7. Ermal Luçi
01:50 AM Bug #1629: invalid state table entries after WAN IP change
Just got hit by this issue again, in v2.2 on alix.
Are you able to confirm what release will finally kill this bug?
... Andy Lawson

04/17/2015

11:41 PM Bug #4571: scheduled firewall reboot crashes
still crashing on reboot and when i login to check its actually stuck on reboot at the slice selection place.
rega... Bipin Chandra
09:44 PM Revision 63f37d5f: Revised per SvL comments
Thank you. sbeaver
09:37 PM Revision ff4bb928: - Remove htmlspecialchars; Form_Element->__toString() already encodes attribute values
- Use password input type for password
Refs. #81 Sander van Leeuwen
09:34 PM Revision 7d302dbf: Merge pull request #81 from sbeaver-netgate/diag_authentication
Conversion of diag_authentication completed Sander van Leeuwen
09:00 PM Revision 2983fb9c: Some more rigorous rewrite of diag_states_summary
- Replace table in table with table cells spanning two or more rows
- Removed redundant panel
- Removed column width ... Sander van Leeuwen
08:27 PM Revision beb657c7: Merge pull request #78 from sbeaver-netgate/diag_states_summary
Diag states summary Sander van Leeuwen
08:14 PM Revision ad25eae6: Tweak converted halt.php
- Replace 'submit' with 'save', which is more in line with the Form.class
- Add h2 panel title
- Just match string in... Sander van Leeuwen
08:12 PM Revision cde85ce5: Table replaced with panel
Thank you for your suggestion. I will revisit other pages that use
tables and make the same change. sbeaver
08:04 PM Revision 7557a480: Merge pull request #75 from sbeaver-netgate/halt
Merge updated halt.php Sander van Leeuwen
07:12 PM Bug #4617 (Resolved): boot_serial="YES" in loader.conf causes very slow boot on some hardware where serial console not enabled
this is fixed completely for 2.2.3, and fixed in the full update files for 2.2.2. Chris Buechler
07:08 PM Revision ae5549ab: edit.php - Fixed tester class
sbeaver
06:12 PM Revision 15567921: edit.php - Form field class corrected
sbeaver
05:58 PM Revision 85e84623: edit.php conversion complete
This was a tricky conversion because of the included JS libraries and
the in-line JS functions.
Syntax highlighting h... sbeaver
02:46 PM Revision a0f190a2: Do not try to add package tabs info to config
Remove broken code that was supposed to add packages tabs entries to
config.xml. Since tag['name'] doesn't exist, it ... Renato Botelho
02:37 PM Revision f2b714fb: Merge pull request #1621 from phil-davis/patch-1
Ermal Luçi
02:36 PM Revision 6b394e1c: Merge pull request #1620 from ibauersachs/newipsecdns-eap-radius
Ermal Luçi
02:35 PM Revision e6130125: Merge pull request #1619 from ibauersachs/newipsecdns-eap-radius_2-2
Ermal Luçi
12:25 PM Revision e115bd22: Fix php module names since check is case sensitive
Renato Botelho
09:55 AM Revision 04a2364b: Make diag_smart back button look like other buttons
The back button here was just a piece of text with no nice formatting.
This change codes it as a button in the same w... Phil Davis
08:16 AM Revision 0b884dd2: Make auth_get_authserver_list available to vpn.inc
This is a follow-up to PR #1613 and avoids a crash in this script at random times. Ingo Bauersachs
08:08 AM Revision 1d75a92f: Make auth_get_authserver_list available to vpn.inc
This is a follow-up to PR #1612 and avoids a crash in this script at random times. Ingo Bauersachs
07:17 AM Revision 7c490370: Widgets code style
Phil Davis
06:50 AM Revision ea6cbc39: Update voucher.inc
As https://redmine.pfsense.org/issues/4625 Gertjan KROEB
06:26 AM Bug #4622: /var/dhcpd/var/db/dhcpd6.leases grows to enormous size, cpu usage high
I've got your point.
Turns out it was a rogue HP printer. I disabled IPv6 for it and voíla, /var/dhcpd/var/db/dhcpd6... Ivars Strazdins
01:56 AM Bug #4625: Expiring a voucher doesn't disconnect a user who is using that voucher
Created a pull request https://github.com/pfsense/pfsense/pull/1617 Gertjan KROEB
01:05 AM Bug #4030: AR9227 cards cause kernic panic when switched to n-mode
I have the same wireless chipset in my system, too. My pfsense was upgraded to the latest version 2.2.2 and the stabi... Zsolt SZASZ

04/16/2015

08:34 PM Bug #4625: Expiring a voucher doesn't disconnect a user who is using that voucher
or if it's trivially simple, just throw < pre > tags around it. It picked those up and used them as its indication of... Chris Buechler
08:28 PM Bug #4625: Expiring a voucher doesn't disconnect a user who is using that voucher
It will be easy if you make the changes in the online GitHub and submit a pull request, then it is clear exactly what... Phillip Davis
04:59 PM Bug #4625: Expiring a voucher doesn't disconnect a user who is using that voucher
Humm. posting html destroys my post.
I meant to write
echo "< pre>"; print_r($cpentry); echo "< /pre>";
/* remov... Gertjan KROEB
04:55 PM Bug #4625: Expiring a voucher doesn't disconnect a user who is using that voucher
The main issue still stands.
The result from
captiveportal_read_db("WHERE username = '{$voucher}'");
h2. is *an ar... Gertjan KROEB
01:30 PM Bug #4625: Expiring a voucher doesn't disconnect a user who is using that voucher
Applied in changeset commit:41ee55145341f5aa4be1ca16878285c551fa3d19. Ermal Luçi
01:30 PM Bug #4625 (Feedback): Expiring a voucher doesn't disconnect a user who is using that voucher
Applied in changeset commit:abaa7feb680dc6f6f9bc79577075c45b3786a061. Ermal Luçi
04:59 AM Bug #4625 (Resolved): Expiring a voucher doesn't disconnect a user who is using that voucher
https://forum.pfsense.org/index.php?topic=91435.0
According to https://github.com/pfsense/pfsense/blob/master/etc/... Gertjan KROEB
08:22 PM Bug #4544 (Feedback): PD not requested if no interfaces set to track6
there is a workaround for this, but I'll revisit the subject as a whole. Chris Buechler
08:06 PM Revision 71e7884b: Add Interfaces column to Floating Rules
Robert Nelson
07:36 PM Bug #4631 (Resolved): some IPsec changes may not trigger required filter reload
filter_configure wasn't always called upon IPsec changes that required a filter reload. Ticket for tracking, associat... Chris Buechler
07:10 PM Bug #4622: /var/dhcpd/var/db/dhcpd6.leases grows to enormous size, cpu usage high
the upgrade didn't change anything in that regard, in that circumstance it just grows over time. What's the device th... Chris Buechler
12:51 PM Bug #4622: /var/dhcpd/var/db/dhcpd6.leases grows to enormous size, cpu usage high
Looks like it has got worse after upgrade to 2.2.2. leases file is now 43Mb. Ivars Strazdins
06:17 PM Revision 41ee5514: Fixes #4625 correct disconnection of users especially when called from xmlrpc code.
Ermal Luçi
06:17 PM Revision abaa7feb: Fixes #4625 correct disconnection of users especially when called from xmlrpc code.
Ermal Luçi
05:42 PM Revision 2bc08de4: Merge pull request #1612 from ibauersachs/ipsec-mobile-eap-radius
Ermal Luçi
05:42 PM Revision 99d263f5: Merge pull request #1613 from ibauersachs/ipsec-mobile-eap-radius_2-2
Ermal Luçi
05:37 PM Revision 0545a75e: Always do a filter reload in vpn_ipsec_configure to ensure the ruleset is
updated where necessary in every IPsec change scenario. Chris Buechler
05:34 PM Revision ff3c14a5: Always do a filter reload in vpn_ipsec_configure to ensure the ruleset is
updated where necessary in every IPsec change scenario. Chris Buechler
03:56 PM Bug #4630: OpenVPN Client Limiting Download Speeds
Also, If I disable the VPN and do a speed test through the ISP, it maxes out at 110 Mbps on pfSense 2.2 so it is look... Arch E
03:53 PM Bug #4630 (Not a Bug): OpenVPN Client Limiting Download Speeds
Since upgrading from pfSense 2.1.5 all pfSense 2.2 versions have limited my clients VPN download speed to around 40 M... Arch E
03:15 PM Revision cc1f655f: Remove boot_serial='yes' from loader.conf when serial is disabled, error introduced by me on commit 986e77a2eab
Renato Botelho
03:13 PM Revision eee053fe: Remove boot_serial='yes' from loader.conf when serial is disabled, error introduced by me on commit 986e77a2eab
Renato Botelho
03:12 PM Feature #4629 (Resolved): Rules Floating tab doesn't display interfaces
The floating rules can apply to multiple interfaces unlike the other tabs. Since the interface isn't shown you have ... Robert Nelson
01:34 PM Bug #4276: Layer 7 not working / ipfw-classifyd high load
This is missed patch from 8.3 diverttag.diff Ermal Luçi
01:17 PM Bug #4397 (Feedback): MTU must be set in same ifconfig command as IP
This should work as expected on newer versions. Ermal Luçi
01:17 PM pfSense Packages Todo #4627 (Rejected): Forward H323
duplicate of #4503. this is not a priority for us in the foreseeable future, no need to keep bumping it. Chris Buechler
10:44 AM pfSense Packages Todo #4627 (Rejected): Forward H323
Hello dear, developers and managers of this very necessary and important project! You are doing great! I would like t... Aleksei Aksenov
01:00 PM Feature #4628 (New): Add GUI to manage loader tunables (e.g. loader.conf.local)
The System Tunables page for managing sysctl values is good, but we need a similar GUI to handle loader tunables that... Jim Pingle
12:40 PM Feature #4614 (Feedback): EAP-Radius support for accounting on strongswan
Merged pull requests. Ermal Luçi
10:32 AM Revision 98615a31: Fix unbound warning when dnsallowoverride off and forwarding on
Reported in forum: https://forum.pfsense.org/index.php?topic=92437.0
The $ns array was being used further down, but ... Phil Davis
10:32 AM Revision 656b7f0a: Merge pull request #1615 from phil-davis/patch-2
Renato Botelho
10:18 AM Bug #4596: NAT 1:1 vs VIP, limiters works on LAN, but on WAN breaks NAT

.. still persist in 2.2.2 Luca De Andreis
07:32 AM Feature #4626 (Resolved): Ability to set charon.make_before_break in strongswan.conf
There is a new feature "make before break" in strongswan 5.3.0.
Its purpose is to prevent connectivity gaps from hap... Michel Zehnder
06:44 AM Revision 9b837c5d: Fix unbound warning when dnsallowoverride off and forwarding on
Reported in forum: https://forum.pfsense.org/index.php?topic=92437.0
The $ns array was being used further down, but ... Phil Davis

04/15/2015

11:52 PM Bug #4617: boot_serial="YES" in loader.conf causes very slow boot on some hardware where serial console not enabled
Thanks Testerr for the config. Pretty sure we know the cause of this, awaiting feedback on the forum thread. Chris Buechler
06:18 PM Bug #4617: boot_serial="YES" in loader.conf causes very slow boot on some hardware where serial console not enabled
anyone who's seeing this, could you get me a config backup? Copy/paste via status.php is fine, which trims out certs,... Chris Buechler
06:01 PM Bug #4617: boot_serial="YES" in loader.conf causes very slow boot on some hardware where serial console not enabled
not sure the cause of this, trying to track down more info.
https://forum.pfsense.org/index.php?topic=92415.0
 Chris Buechler
05:59 PM Bug #4617: boot_serial="YES" in loader.conf causes very slow boot on some hardware where serial console not enabled
After automatic upgrade from 2.2.1 to 2.2.2 I have the same problem. Bartłomiej Bujak
10:08 AM Bug #4617: boot_serial="YES" in loader.conf causes very slow boot on some hardware where serial console not enabled
I have made additional tests for explanation.
It's mine phone video of this incident.
http://dfiles.ru/files/pxrf... Testerrr Testerrr
09:24 PM Revision 5945ba99: exec.php conversion complete
Tables eliminated, panels added, panels re-ordered to place output near
the control that generated it. Messages conve... sbeaver
09:21 PM Revision 924757e2: Reverted change - Wrong branch :(
sbeaver
09:18 PM Revision a07b9b5e: diag_exec.php conversion complete
Page re-factored to display output in panels and to put the
warnings/messages alongside the control that generated them. sbeaver
06:13 PM Bug #4611 (Duplicate): Limiter blocks port 80 traffic, passes other traffic
same root cause as one or more of #4596, #4590 and similar Chris Buechler
05:55 PM Revision 4aa0d136: diag_sockets
Updated per SvL suggestions. - Thank you! sbeaver
05:08 PM Revision 51d31df3: dig_routes Update complete
Javascript required update for bootstrap compatibility.
Form.class.php updated so that form button is not drawn if th... sbeaver
04:46 PM Bug #4624 (Needs Patch): VPN PPTP via Virtual IPs
probably just need to add firewall rules manually since the auto rules don't allow traffic to VIPs. PPTP is deprecate... Chris Buechler
03:48 PM Bug #4624 (Closed): VPN PPTP via Virtual IPs
Hi,
I do not know if that is a bug or not.
But if you try to use a PPTP VPN through a Virtual IPs the PPTP VPN not ... Claudio Berselli
04:22 PM Revision 696b20dd: Bump version to 2.2.3-DEVELOPMENT
Renato Botelho
01:07 PM Revision a0990a91: Define var_path global key since it is being used in interfaces.inc, but it was not being declared anywhere
Renato Botelho
01:06 PM Revision 563771b1: Define var_path global key since it is being used in interfaces.inc, but it was not being declared anywhere
Renato Botelho
12:28 PM Revision d09155b6: Add support for EAP-RADIUS to IKEv2 Mobile Clients (Rel. 2.2)
Ingo Bauersachs
12:28 PM Revision cb377516: Add support for EAP-RADIUS to IKEv2 Mobile Clients
Ingo Bauersachs
12:24 PM Revision fc70ad87: Merge pull request #1601 from phil-davis/check-overlapping-subnets
Renato Botelho
12:18 PM Bug #4623 (Resolved): Carp not working under bhyve
It seems the carp implementation differs from the freebsd standard one, which cannot be used under bhyve.
On a fre... Matthias Breddin
12:03 PM Revision 0fbf338d: 2 minor typos
Sjon Hortensius
11:58 AM Revision 17be9d34: use proper variable to detect state
refs #69 Sjon Hortensius
11:55 AM Revision a02e2774: Properly convert select > radios
refs #69 Sjon Hortensius
11:48 AM Revision fc2c3e34: correct several typos, remove whitespace from pre
refs #69 Sjon Hortensius
11:44 AM Revision 2195baef: Merge pull request #1611 from jlduran/one-cache-control-header
Renato Botelho
11:41 AM Revision 4994409f: Fix panel structure.
- Contents should be placed in a `.panel-body`, which adds proper padding.
- Title is wrapped in a H2, which is usual... Sander van Leeuwen
10:01 AM Revision 5a0bad72: Merge pull request #69 from sbeaver-netgate/diag_ping
Convert diag_ping.php SjonHortensius
08:49 AM pfSense Packages Bug #3986: BandwidthD can break php-fpm in unknown rare edge case
I confirm that I have bandwithd installed, but it *isn't* enabled!
My syslog is filled with these:... Gabor Tjong A Hung
07:58 AM pfSense Packages Bug #4420: warning: bad command startup -- throttling
I installed pcre package and the problem was solved! :)
'pkg install pcre'
I hope this helps! Oscar Betancur
07:29 AM Bug #4596: NAT 1:1 vs VIP, limiters works on LAN, but on WAN breaks NAT
Already reported a couple of times. Kill Bill
03:34 AM Bug #4596: NAT 1:1 vs VIP, limiters works on LAN, but on WAN breaks NAT
Confirm !
I've just installed a new, clean PFSense 2.2.1.
- Add a single VIP (IP Alias)
- Define limiters up a... Luca De Andreis
05:08 AM Bug #4622 (Not a Bug): /var/dhcpd/var/db/dhcpd6.leases grows to enormous size, cpu usage high
This pfsense installation is configured with IPv6 tunnel (hurricane electric) and DHCP for ipv6.
The issue is that f... Ivars Strazdins
04:02 AM Bug #4621: OpenVPN server does not bind to IPv6 CARP interface when configured from webgui.
This has been committed to master and RELENG_2_2 so it will come out in some 2.2.n release. Not sure that it quite ma... Phillip Davis
03:48 AM Bug #4621 (Resolved): OpenVPN server does not bind to IPv6 CARP interface when configured from webgui.
The generated OpenVPN server config is invalid when configured with using an IPv6 CARP interface.
See more informa... Captain Haddock
03:51 AM Revision 457e7e34: Re-enable verification for selfhost since their chain issue is resolved. Ticket #4545
Chris Buechler
03:50 AM Revision 4847615c: Re-enable verification for selfhost since their chain issue is resolved. Ticket #4545
Chris Buechler
02:55 AM Revision 5d5fff67: set forcesync to 1 by default for now, testing potential impact for Ticket #4523.
Chris Buechler
02:52 AM Revision decb0b11: set forcesync to 1 by default for now, testing potential impact for Ticket #4523.
Chris Buechler
02:52 AM Revision 53bc8504: Revert "Make forcesync default to the same behavior as freebsd rather than as intended for cf cards. People with issues on CF can enable the tunable"
This reverts commit 34dced26198480d7b02e80578df40336fef89043. Chris Buechler
02:52 AM Revision 828f37aa: Revert "Make forcesync default to the same behavior as freebsd rather than as intended for cf cards. People with issues on CF can enable the tunable"
This reverts commit 32e53d709f1d63e48ea13bd1eb53c2c30f719ee4. Chris Buechler

04/14/2015

11:23 PM Bug #4620 (Resolved): Cleanup code path when adding a new user
There wasn't a ticket created for this, it's worth adding one. This fixed here: https://github.com/pfsense/pfsense/co... Chris Buechler
11:07 PM Revision 2ebbb0bc: Remove pre-check and post-check from Cache-Control
If both `post-check` and `pre-check` are specified and set to `0`, both
are entirely ignored:
http://blogs.msdn.com/... Jose Luis Duran
10:49 PM Bug #4545: dynDNS service 'selfhost' fails certificate validation
Thanks, it's been re-enabled (though this came through after 2.2.2-RELEASE was already completed and in testing, so n... Chris Buechler
10:18 PM Revision 2c5fda82: Combine Cache-Control header in one line
Sorted by RFC 2616:
Section 14.9.1 `no-cache`
Section 14.9.2 `no-store`
Section 14.9.4 `must-revalidate`
Combined i... Jose Luis Duran
09:53 PM Bug #4619 (Resolved): etc/inc/globals.inc typo - vfs.forcesync, not vfs.forceync
fixed Chris Buechler
05:04 PM Bug #4619 (Confirmed): etc/inc/globals.inc typo - vfs.forcesync, not vfs.forceync
that's a post-2.2.2-RELEASE commit.
Ermal, the tunable is already there to begin with as well. Chris Buechler
04:53 PM Bug #4619 (Resolved): etc/inc/globals.inc typo - vfs.forcesync, not vfs.forceync
The previous two commits (34dced26 and 34dced26) have a typo that makes the tunable useless. Kill Bill
09:21 PM Revision 32e53d70: Make forcesync default to the same behavior as freebsd rather than as intended for cf cards. People with issues on CF can enable the tunable
Ermal Luçi
09:20 PM Revision 34dced26: Make forcesync default to the same behavior as freebsd rather than as intended for cf cards. People with issues on CF can enable the tunable
Ermal Luçi
08:34 PM Revision f1dab9ec: Conversion completed
sbeaver
07:55 PM Bug #4557 (Duplicate): WebGui Error - Menu Help is displaced to below the menu System
Chris Buechler
07:40 PM Bug #4613: Interface not found
before you upgrade is fine, and probably preferable so it's there on the first boot post-upgrade Chris Buechler
03:41 AM Bug #4613: Interface not found
I have add a new Intel w1392 between 2 test !
Thanks for help, I will try to modify loader.conf.local this week end.... rej erg
03:27 AM Bug #4613: Interface not found
Try setting 'hint.agp.0.disabled=1' in loader.conf.local.
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=196501
 Jim Thompson
03:26 AM Bug #4613 (Feedback): Interface not found
I suspect that's the same as described here:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=196501
if you add... Chris Buechler
03:18 AM Bug #4613: Interface not found
pciconf shows 5 interfaces. Which one is successfully probed and attached?
bge0@pci0:3:1:0: class=0x020000 card=... Jim Thompson
03:05 AM Bug #4613 (Needs Patch): Interface not found
Firewall with 4 interfaces works in 2.1.5.
After update to 2.2, only 1 interface found but not not the 3 intel w1392... rej erg
06:56 PM Revision 1189757e: Remove redundant/unused call to kldstat
Renato Botelho
06:56 PM Revision 8228109b: Fix operator
Renato Botelho
06:56 PM Revision 3a644b61: Fix typo in variable name
Renato Botelho
06:50 PM Revision cd5084d5: Remove redundant/unused call to kldstat
Renato Botelho
06:48 PM Revision f74636b6: Fix operator
Renato Botelho
06:48 PM Revision 5d6e9640: Fix typo in variable name
Renato Botelho
06:12 PM Bug #4617 (Feedback): boot_serial="YES" in loader.conf causes very slow boot on some hardware where serial console not enabled
having just gone through all the testing for 2.2.2-RELEASE, this most definitely is not a general problem.
need m... Chris Buechler
11:22 AM Bug #4617: boot_serial="YES" in loader.conf causes very slow boot on some hardware where serial console not enabled
Works just fine here. Please, use the forums before you have some specific confirmed issue. Total lack of information... Kill Bill
08:20 AM Bug #4617 (Resolved): boot_serial="YES" in loader.conf causes very slow boot on some hardware where serial console not enabled
Manual update of working configuration (in GUI-menu System:Firmware, Invoke pfSense Manual Upgrade) from version 2.2.... Testerrr Testerrr
06:04 PM Revision 53bcf6b9: Updated per SH
Mostly :) sbeaver
05:55 PM Revision c054d8bc: Conversion completed
sbeaver
04:06 PM Bug #4442: Boot sits at "Configuring firewall" for long time with hostnames, URL Tables, where DNS non-functional
This is not limited to FQDNs. When you have URL aliases that rely on local files that do not exist (such as restoring... Kill Bill
03:57 PM Revision f4bda8a5: Update completed
sbeaver
03:35 PM Revision 5d5cf2b8: Completed
Ready for review sbeaver
03:16 PM Revision ed3f295a: Conversion completed
sbeaver
02:19 PM Revision d9cb9f8e: Changes checkbox layout
sbeaver
02:07 PM Revision 9ab4aaca: Added braces for clarity around if(run)
sbeaver
01:58 PM Revision 88dbf583: Converted
Added some Ajax to allow the user to freeze the page (otherwise it is
not possible to view it before it refreshes) sbeaver
01:18 PM Revision d84b001e: Merge pull request #1609 from phil-davis/www-bits
Renato Botelho
01:17 PM Revision 4b46e9b1: Fix OpenVPN server listening on associated IPv6 address
As reported in forum https://forum.pfsense.org/index.php?topic=92174.0
If the ordinary interface is selected for an O... Phil Davis
01:17 PM Revision 67335f40: Merge pull request #1603 from phil-davis/patch-1
Renato Botelho
01:11 PM Revision 1d421723: When deleting a VIP check it is not used by OpenVPN
I noticed this when cleaning up VIPs and OpenVPN server when testing for this forum post https://forum.pfsense.org/in... Phil Davis
01:11 PM Revision b3f96620: Merge pull request #1608 from phil-davis/patch-2
Renato Botelho
12:21 PM Revision 377e3872: Eliminate white space in Submit value
sbeaver
12:19 PM Revision 68951763: Updated
sbeaver
11:34 AM Revision f7c1bce7: Updated to bootstrap
Use of Ajax in this file precluded the use of Form.classes
Table was replaced with bootstrap panel/row and input com... sbeaver
11:30 AM Revision c72470f9: Updated to bootstrap
sbeaver
11:26 AM Bug #4616 (Not a Bug): Disable webConfigurator redirect rule bypass NAT rules
NAT always overrides that where it matches. Browsers have a bad habit of caching the redirect, which is probably the ... Chris Buechler
06:43 AM Bug #4616 (Not a Bug): Disable webConfigurator redirect rule bypass NAT rules
System >Advanced > Admin Access > Disable webConfigurator redirect rule
When that param is unchecked, the NAT rul... Nicolas Liaudat
11:07 AM pfSense Packages Bug #4615: /var/logs/c-icap/server.log & access.log growing without being rotated
Sry, do not set AccessLog for squidclamav.conf.default Nicolas Liaudat
06:18 AM pfSense Packages Bug #4615 (Resolved): /var/logs/c-icap/server.log & access.log growing without being rotated
/var/logs/c-icap/server.log and access.log aren't rotated and don't contain useful information.
It can be very lar... Nicolas Liaudat
08:55 AM Bug #4618 (Duplicate): IPv6 "rule expands to no valid combination" when target is IPv4 address
There were error(s) loading the rules: /tmp/rules.debug:186: rule expands to no valid combination - The line in quest... Adam Thompson
08:25 AM Revision f3ec0487: Code style for small things in usr-local-www
Phil Davis
06:43 AM Bug #4611: Limiter blocks port 80 traffic, passes other traffic
Yes - and uninstalling squid resolves the problem as well. However, both "fast" and "slow" traffic were being proxie... David Gessel
05:18 AM Feature #4614 (Resolved): EAP-Radius support for accounting on strongswan
An implementation of this feature is present at https://forum.pfsense.org/index.php?topic=90753.msg510914#msg510914
... Ermal Luçi
04:08 AM Revision 52856a80: When deleting a VIP check it is not used by OpenVPN
I noticed this when cleaning up VIPs and OpenVPN server when testing for this forum post https://forum.pfsense.org/in... Phil Davis
01:22 AM pfSense Packages Bug #4612: syslog-ng creates logrotate cron job, but logrotate doesn't exist
Here's what I ended up with after further investigation.
* this package expects logrotate to be installed, but it ... Joshua Ruehlig
12:26 AM pfSense Packages Bug #4612 (Resolved): syslog-ng creates logrotate cron job, but logrotate doesn't exist
I noticed my log files weren't rotating.
The syslog-ng package creates a cronjob "/usr/bin/nice -n20 /usr/local/sb... Joshua Ruehlig
12:53 AM Revision 460610b2: Don't remove all of /usr/local/libdata as obsolete files. User-installed
package contents may live there, factory default configs live there. Chris Buechler
12:51 AM Revision 31a810ba: Don't remove all of /usr/local/libdata as obsolete files. User-installed
package contents may live there, factory default configs live there. Chris Buechler

04/13/2015

10:13 PM Bug #4537: Crash and reboot when accessing the web UI from the IPsec mobile client or over the tunnel on 32 bit
crash provided in duplicate #4610 attached. Chris Buechler
10:12 PM Bug #4537 (Confirmed): Crash and reboot when accessing the web UI from the IPsec mobile client or over the tunnel on 32 bit
Appears setting sysctl net.inet.ipsec.directdispatch to 0 (can be done under System>Advanced, System Tunables) fixes ... Chris Buechler
10:12 PM Bug #4610 (Duplicate): IPsec crash on i386 when accessing system's IPs across VPN
duplicate of #4537 Chris Buechler
03:07 PM Bug #4610 (Duplicate): IPsec crash on i386 when accessing system's IPs across VPN
Hello There,
I was installed pfSense 2.2.1-RELEASE (i386) last weekend.
I have setup ipsec site-to-site vpn betwe... ozan ucar
10:04 PM Bug #4611: Limiter blocks port 80 traffic, passes other traffic
you have transparent proxy enabled with squid? Chris Buechler
09:10 PM Bug #4611 (Duplicate): Limiter blocks port 80 traffic, passes other traffic
Details and screen shots are at https://forum.pfsense.org/index.php?topic=92214.0
Bug: Limiter blocks port 80 traf... David Gessel
02:14 PM pfSense Packages Bug #4609 (Duplicate): squidGuard & pfsense RAM disk compatible
If enabled System: Advanced: Miscellaneous : RAM Disk, the squidGuard lost self blacklist DB from /var subfolder
I t... Serg Dvoriancev
02:13 PM pfSense Packages Bug #4608 (Resolved): squidGuard & pfsense RAM disk compatible
If enabled System: Advanced: Miscellaneous : RAM Disk, the squidGuard lost self blacklist DB from /var subfolder
I t... Serg Dvoriancev
02:07 PM Revision 222e6390: Domain override with multiple authoritative DNS servers
Tell users that this is possible in DNS Resolver and how to achieve it. The code in unbound.inc already supports it a... Phil Davis
02:07 PM Revision 7db22354: Merge pull request #1606 from phil-davis/patch-2
Renato Botelho
02:01 PM Revision 750695f5: Only initialize package's log if it doesn't exist
Robert Nelson
02:01 PM Revision eb4a5192: Remove obsolete logging code which is duplicated in system_syslogd_start()
Robert Nelson
01:58 PM Revision 561b76b5: Merge pull request #1605 from Robert-Nelson/issue-4603
Renato Botelho
01:57 PM Revision 52f67967: Merge pull request #1600 from Robert-Nelson/remove-obsolete-logging
Renato Botelho
12:54 PM Bug #4592: FreeBSD 10.1-RELEASE-p6 signal handling problems with squid (FreeBSD bug 195802)
Chris Buechler wrote:
> I don't see where that got committed to RELENG_10_1 Renato, you sure that's in there?
You... Renato Botelho
01:24 AM Bug #4592: FreeBSD 10.1-RELEASE-p6 signal handling problems with squid (FreeBSD bug 195802)
Yeah, we'll update this ticket then. If you could help confirm the issue fixed at that point, that'd be appreciated. Chris Buechler
01:07 AM Bug #4592: FreeBSD 10.1-RELEASE-p6 signal handling problems with squid (FreeBSD bug 195802)
Okay, great! Will you be referencing this bug in the changelog so I'll know when it goes into the 2.2.3 snapshots? Christopher Taylor
12:59 AM Bug #4592: FreeBSD 10.1-RELEASE-p6 signal handling problems with squid (FreeBSD bug 195802)
yes, 2.2.2-RELEASE is already built. we can get that patch into 2.2.3 snapshots at some point after 2.2.2, probably w... Chris Buechler
11:25 AM Bug #4607 (Resolved): Bridge+CARP crashes/freezes pfSense
When using the following configuration:
* 1 physical ethernet port with VLANs;
* CARP with virtual address on one o... Vasco Freire
11:06 AM Bug #4296 (Confirmed): Using the same FQDN in multiple aliases causes static entries to be lost
Reopening this since it's still broken even on 2.2.2. Renato had a lead on a fix, which I confirmed worked, but Ermal... Jim Pingle
11:00 AM Revision fc2e17f3: Domain override with multiple authoritative DNS servers
Tell users that this is possible in DNS Resolver and how to achieve it. The code in unbound.inc already supports it a... Phil Davis
10:48 AM Feature #4606 (Duplicate): PKI : CA signing external CSR
I like the internal CA included with pfsense.
I would like to use it to also sign certificates for my servers.
I wo... Matthieu Bouthors
09:25 AM Bug #4605 (Resolved): OpenVPN user/pass fails if usernames and/or passwords contain special characters (reopen bugs 4177 and 4340)
The fix for bug 4177 (OpenVPN user/pass auth fails if passwords end on special characters.) doesn't completely resolv... Dave Crane
09:11 AM Feature #4350 (Resolved): Allow entry of multiple IP addreses in DNS Resolver Domain Overrides
Renato Botelho
06:00 AM Feature #4350: Allow entry of multiple IP addreses in DNS Resolver Domain Overrides
I added pull request https://github.com/pfsense/pfsense/pull/1606
That just adds words to the GUI so users can know ... Phillip Davis
05:36 AM Feature #4350: Allow entry of multiple IP addreses in DNS Resolver Domain Overrides
I discovered this is already possible - just enter the domain to override multiple times in the DNS Resolver GUI with... Phillip Davis
08:57 AM Bug #4603 (Feedback): Log files used by packages are reinitialized on every boot
Pull request has been merged Renato Botelho
07:37 AM Bug #4545: dynDNS service 'selfhost' fails certificate validation
Hi Chris,
in short term: *They fixed it*!
Long term explanation:
The provider Selfhost has used a "cross-roo... Willy Tenner
06:38 AM pfSense Packages Feature #4503: GNUGateKeeper H.323 Proxy Package
Aleksei Aksenov wrote:
> There is a need to add support for NAT forwarding protocol H323.
> Ready to sponsor this d... Aleksei Aksenov
02:43 AM Bug #4604 (New): NTP time server entries may or may not work, depending upon interfaces selected when configuring NTP service
The attached PDF (NTP.pdf) shows the following:
- 2 time-server entries: time.apple.com and another pfSense box (i... B. Derman

04/12/2015

09:52 PM Revision 9c6de8b8: bump to 2.2.2-RELEASE
Chris Buechler
09:22 PM Bug #4592: FreeBSD 10.1-RELEASE-p6 signal handling problems with squid (FreeBSD bug 195802)
So, no chance for a patch until 2.2.3? I'd like to contribute on the squid package for pfSense, but we can't rely on... Christopher Taylor
04:18 PM Revision 6587e2af: Only initialize package's log if it doesn't exist
Robert Nelson
04:06 PM Bug #4529 (Resolved): Traffic Shaping Wizard - CBQ and PRIQ
fixed Chris Buechler
11:19 AM Bug #4603: Log files used by packages are reinitialized on every boot
I submitted a fix as PR # 1605. Robert Nelson
10:55 AM Bug #4603 (Resolved): Log files used by packages are reinitialized on every boot
Package log files are reinitialized on each boot causing their contents to be lost. Robert Nelson
04:04 AM Bug #4602 (Not a Bug): Captive Portal pfSense 2.2 not working as before when used with CARP
I feel that there might be a bug in captive portal from pfSense 2.2 when used with CARP.
With pfSense 2.1.5, I had... Michael Schefczyk

04/11/2015

07:14 PM Bug #3481: Run-Away processing with hme NICs
Seems to work find in 2.2 & 2.2.1.
 B. Derman
06:04 PM pfSense Packages Bug #4601 (Closed): syslog-ng only binding to a single IP address
No matter what combination of interface(s) I have selected, syslog-ng is only binding to the last one on the list tha... Joshua Ruehlig
02:56 PM pfSense Packages Bug #4336: syslog-ng package missing libraries
It uninstalled and reinstalled this package and it is working now.
I believe it was fixed here https://redmine.pfsen... Joshua Ruehlig
01:16 PM pfSense Packages Feature #4581: Add dshield-sensor port to pfPorts
Removed the addition to builder_scripts/conf/pfPorts/buildports.RELENG_2_2 since I believe that is only required for ... Robert Nelson
10:42 AM pfSense Packages Feature #4581: Add dshield-sensor port to pfPorts
Since it still hasn't been processed I went ahead and made one cleanup change and moved the generated config file to ... Robert Nelson
12:43 PM Revision e27bc6cf: Fix OpenVPN server listening on associated IPv6 address
As reported in forum https://forum.pfsense.org/index.php?topic=92174.0
If the ordinary interface is selected for an O... Phil Davis
11:31 AM Bug #4529: Traffic Shaping Wizard - CBQ and PRIQ
I can confirm that both CBQ and PRIQ are now working for me. Thanks for fixing. Marco Novielli
01:10 AM Feature #228: Multi-WAN support with same gateway on multiple WANs
i have had this issue since long and the way i go around this is use a separate nic for every additional wan connecti... Bipin Chandra

04/10/2015

11:06 PM Bug #4310: Limiters + HA results in hangs on secondary
this is better, though still the issue where the secondary may hit 100% CPU and hang in some circumstance. We'll revi... Chris Buechler
09:53 PM Feature #4599: Traffic shaping - what is in each queue?
Please use the forum to ask questions:
https://forum.pfsense.org/index.php Phillip Davis
02:30 PM Feature #4599 (Closed): Traffic shaping - what is in each queue?
Sorry, I am a newbie in traffic shaping.
Everything is configured, and is working fine.
Still, I have a lot of ... Jean Honlet
07:27 PM Revision 398f5ef3: Fixed tabs
sbeaver
07:27 PM Revision c782b586: Setup ADI boards to boot only using serial to avoid duplicated output when VGA redirection is enabled
Renato Botelho
07:21 PM Revision 986e77a2: Setup ADI boards to boot only using serial to avoid duplicated output when VGA redirection is enabled
Renato Botelho
07:21 PM Revision 38af78d8: Converted
Mostly by adding BS-3 classes to the existing tables, but also by
adding a nested table to display the states. sbeaver
05:43 PM pfSense Packages Feature #4581: Add dshield-sensor port to pfPorts
I fixed a minor bug in the dependency declaration discovered using poudriere. Robert Nelson
12:48 PM Feature #4598 (Closed): Multiple fibs/routing tables
It seems straightforward to add options ROUTETABLES=16 to the kernel, but re-writing code to call setfibx for various... Jon Klinck
12:35 PM Feature #4597 (Duplicate): Allow gateway monitoring via VIP
I've been playing with the new CARP implementation in 2.2.x The ability to float a single public CARP VIP on two node... Jon Klinck
12:23 PM Feature #228: Multi-WAN support with same gateway on multiple WANs
Jonathan Gibert wrote:
> Is there any way to make multiple wan use the same IPv4 upstream gateway ?
No, beyond ha... Kill Bill
10:00 AM Feature #228: Multi-WAN support with same gateway on multiple WANs
I know I'm reviving an old ticket here, but I'm facing the same issue.
Is there any way to make multiple wan use t... Jonathan Gibert
12:14 PM Revision 3490b8dd: Check for overlapping subnets when saving interface addresses
This checks if a static IP address entered for an interface has a subnet
that overlaps with any other configured subn... Phil Davis
06:53 AM Bug #4589: ue0 Interface Not Available During Console Interface Configuration
Same results after changing the mode using the guide above.
The Pantech UML295 works fine when added through the ... Andrew Westfall
04:10 AM Bug #4596 (Duplicate): NAT 1:1 vs VIP, limiters works on LAN, but on WAN breaks NAT
I use this configuration on PfSense 2.1.5 and works very well, on PfSense 2.2.1 limiters on WAN breaks NAT 1:1.
- ... Luca De Andreis

04/09/2015

08:48 PM Revision 5d655e26: Remove obsolete logging code which is duplicated in system_syslogd_start()
Robert Nelson
05:38 PM Bug #4310: Limiters + HA results in hangs on secondary
A bit more info. See this thread:
https://forum.pfsense.org/index.php?topic=92128.0
Turning off the limiters m... Chris Linstruth
02:02 PM Bug #4589: ue0 Interface Not Available During Console Interface Configuration
should just need the mode switch for that to work.
http://pcdn2-download.vzw.com/win/UML295/UML295_IPPT_UserGuide-v... Chris Buechler
12:21 PM Revision 5fba3e95: Merge pull request #1467 from PiBa-NL/php_errorlog
Renato Botelho
08:55 AM Bug #4595 (Resolved): Input validation for bridge creation does not prevent adding the same interface to multiple bridges
When creating a bridge, it is possible to create multiple bridges which contain the same interface(s), which is inval... Jim Pingle
08:27 AM pfSense Packages Bug #4560 (Feedback): apcupsd is missing support for SMTP TLS email and uses old check for SSL setting
Pull request has been merged Renato Botelho
06:57 AM pfSense Packages Bug #4084 (Feedback): Check_mk agent doesn't work: wrong bash path
Pull request has been merged Renato Botelho
05:34 AM Revision eae4f953: Skip reflection rdrs where the interface doesn't have an IP. Ticket #4564
Chris Buechler
05:30 AM Revision 5274ecf0: Skip reflection rdrs where the interface doesn't have an IP. Ticket #4564
Chris Buechler
04:43 AM Revision 3a292360: Allow single interface bridges. Useful with span port option, and when shuffling configuration around.
Chris Buechler
04:42 AM Revision b0c8f6de: Allow single interface bridges. Useful with span port option, and when shuffling configuration around.
Chris Buechler
02:43 AM Revision b48f6580: Allow disabling the APIPA block via hidden config option. Very rarely necessary or desirable, but Amazon VPC VPNs use that as their tunnel subnet with BGP setups.
Chris Buechler
02:42 AM Revision e636f373: Allow disabling the APIPA block via hidden config option. Very rarely necessary or desirable, but Amazon VPC VPNs use that as their tunnel subnet with BGP setups.
Chris Buechler
01:17 AM Bug #2526 (Confirmed): Limiter appears to break IPv6 connectivity
this is still an issue in some circumstances. To me to better quantify the circumstances where it's an issue. Chris Buechler
12:33 AM Bug #4564 (Resolved): DHCP WAN without an IP address can create an invalid ruleset with NAT reflection and destination any
It's not very easily replicable if you just let dhclient sit there, but if you 'ifconfig em0 inet 0.0.0.0 netmask 255... Chris Buechler

04/08/2015

11:47 PM Revision 7c0c6355: Only restore rrd.tgz where platform is appropriate, or RAM disk being
used, otherwise you're restoring a probably old backup file. Ticket #4531 Chris Buechler
11:45 PM Revision 05b7eef9: Only restore rrd.tgz where platform is appropriate, or RAM disk being
used, otherwise you're restoring a probably old backup file. Ticket #4531 Chris Buechler
08:10 PM Bug #4592: FreeBSD 10.1-RELEASE-p6 signal handling problems with squid (FreeBSD bug 195802)
I don't see where that got committed to RELENG_10_1 Renato, you sure that's in there? Chris Buechler
07:10 AM Bug #4592 (Feedback): FreeBSD 10.1-RELEASE-p6 signal handling problems with squid (FreeBSD bug 195802)
2.2.2 is going to p9, what will have the fix Renato Botelho
03:50 AM Bug #4592 (Resolved): FreeBSD 10.1-RELEASE-p6 signal handling problems with squid (FreeBSD bug 195802)
I've posted a short comment on the support forums, but here's the FreeBSD Bug Report: https://bugs.freebsd.org/bugzil... Christopher Taylor
07:41 PM Bug #4566: Gateway marked as down not skipped when individually chosen with "Skip rules when gateway down" selected
patch merged that helps here, pushing forward for additional review of this circumstance in general Chris Buechler
02:43 AM Bug #4566: Gateway marked as down not skipped when individually chosen with "Skip rules when gateway down" selected
bytheway that state killing gateway failure is unticked Bipin Chandra
02:41 AM Bug #4566: Gateway marked as down not skipped when individually chosen with "Skip rules when gateway down" selected
yes but sip registration states still get created after i manually removed the existing states and even shutdown my s... Bipin Chandra
02:11 AM Bug #4566: Gateway marked as down not skipped when individually chosen with "Skip rules when gateway down" selected
When you force a gateway down, there might still be states that are functioning across that gateway - in this case th... Phillip Davis
01:53 AM Bug #4566: Gateway marked as down not skipped when individually chosen with "Skip rules when gateway down" selected
i tried the patch, it works partially, first i have the rule to pass traffic to sip server through tunnel and next ru... Bipin Chandra
07:24 PM Bug #4594 (Confirmed): Interface names can be too long for netstat to display in full
Chris Buechler
06:18 PM Bug #4594 (Resolved): Interface names can be too long for netstat to display in full
Interface names can get too long for <notextile>netstat -rW</notextile> or for Diagnostics->Routes (in the GUI) to di... Guido Schmitz
06:45 PM Bug #4531 (Resolved): RRD data restored in edge case where it shouldn't be, causing gap in graph
fixed, that restore is skipped now in this specific circumstance since it's unnecessary. Chris Buechler
06:20 PM Bug #4531 (Confirmed): RRD data restored in edge case where it shouldn't be, causing gap in graph
Chris Buechler
06:20 PM Bug #4531: RRD data restored in edge case where it shouldn't be, causing gap in graph
Beat Siegenthaler wrote:
> mount
> /dev/ad4s1a on / (ufs, local)
> devfs on /dev (devfs, local)
> /dev/md0 on /va... Chris Buechler
03:37 PM Revision ad0bbc8b: Options for review
A simple HTML version as well as a Form.class version (currently
commented out) are included in this version. Would a... sbeaver
12:37 PM Revision be18e4f3: Use get text on strings
Use get text on strings
Compare strings with stristr() rather than ‘==‘ so we don’t need to
worry about padding paces. sbeaver
10:36 AM Bug #4589: ue0 Interface Not Available During Console Interface Configuration
The USB device is a Verizon UML295, which is listed in the list of Known Working 4G Modems: https://doc.pfsense.org/i... Andrew Westfall
07:42 AM Bug #4593 (Rejected): No ARP-Entry for windows networkloadbalanced IPs
Not a bug, see #4284 Jim Pingle
07:38 AM Bug #4593 (Rejected): No ARP-Entry for windows networkloadbalanced IPs
We have two windows webservers in networkloadbalance in multicast-mode. Those two NICs have a same virtual MAC for th... Beat Guggisberg
06:58 AM Bug #4571: scheduled firewall reboot crashes
i figured out the reason for the F1/F2 prompts not showing, pfsense was set to serial baud rate of 115200 and alix bi... Bipin Chandra
01:56 AM Bug #4571: scheduled firewall reboot crashes
its an alix with nanobsd, serial console works fine and has always worked fine so far for me, actually im using a usb... Bipin Chandra
01:42 AM Bug #4571: scheduled firewall reboot crashes
what hardware is it? Can't think of ever hearing of a system that wouldn't boot without a serial console connected. a... Chris Buechler
01:04 AM Bug #4571: scheduled firewall reboot crashes
when im logged into serial console and at that time the cronjob runs then it reboots fine but when serial console is ... Bipin Chandra
03:09 AM pfSense Packages Bug #4567: ntopNG Geo files missing
Still some problems. See this topic were I made some remarks:
https://forum.pfsense.org/index.php?topic=91909.0
M... Jos van de Ven
01:50 AM Bug #4310: Limiters + HA results in hangs on secondary
I haven't seen anything else but please understand that this is on a test bench not in production and I am not stress... Chris Linstruth
12:41 AM Bug #4325 (Confirmed): GUI for limiter rules turns Gb/s into b/s
Chris Buechler
12:07 AM Bug #4590: Nat Reflection bug when using limiters
this is probably the same root cause as one or more of #1575, #1848, #3096 (pretty sure there's at least some overlap... Chris Buechler

04/07/2015

11:53 PM Feature #4591 (New): IPSec Failover Support for IP Addresses instead of Dynamic DNS / Failover Group
Allow for IPSec failover IP instead of using a dynamic dns name. Most routers allow for this and it is an easier setu... Eric Hullibarger
11:44 PM Bug #4590 (Duplicate): Nat Reflection bug when using limiters
In 2.2.1 Nat Reflection (Proxy or Pure) do not work if limiters are setup on the default lan -> any rule. As soon as ... Eric Hullibarger
11:00 PM Bug #4310: Limiters + HA results in hangs on secondary
Chris: that still working fine for you?
After running for a few hours, the secondary still hangs in one of our te... Chris Buechler
09:00 PM Revision dfd6f179: Committed the wrong file :(
sbeaver
08:51 PM Revision 13867929: Converted to bootstrap
nectar functionality moved to the $POST handler so that errors can be
reported before the form is drawn. sbeaver
07:39 PM Bug #4558 (Confirmed): DHCP traffic getting blocked with DHCP Relay enabled
Chris Buechler
06:13 PM Bug #4589 (Needs Patch): ue0 Interface Not Available During Console Interface Configuration
general issue with something to do with that card, it doesn't get picked up as a NIC after a reboot.
https://forums... Chris Buechler
05:36 PM Bug #4589: ue0 Interface Not Available During Console Interface Configuration
Note: The ue0 interface was successfully setup through the webGUI and was passing traffic, after a system reboot the ... Andrew Westfall
05:28 PM Bug #4589 (Needs Patch): ue0 Interface Not Available During Console Interface Configuration
USB LTE Modems prompt the Console Interface Configuration wizard to run at the next system boot. During the configura... Andrew Westfall
04:08 PM Revision 160ce959: Merge https://github.com/SjonHortensius/pfsense into diag_system_activity
sbeaver
02:34 PM Revision 4251f6ea: Remove nested tables
sbeaver
02:23 PM Revision 47b051eb: Converted to Bootstrap
Converted
Added DEBUG define to allow testing without actually rebooting
Cleaned up spaces/tabs etc sbeaver
01:11 PM Revision cfbc8a26: final changes
sbeaver
01:02 PM Revision 989d0ba9: Updated to bootstrap
Changes are mostly to table specifications and replacing spaces in
original file with tabs. sbeaver
12:35 PM Bug #4105: rc.update_bogons.sh fetch failure should never sleep on FW upgrade
Kill Bill wrote:
>
> No idea how it got there?!
Guessing you put it there? Base code never touches shellcmd tag... Chris Buechler
12:29 PM Bug #4587: apinger doesnt come up when wan monitoring is disabled and vpn monitoring is on on boot
sounds like that might be enough to replicate, will give it a shot. The NTP issue is almost certainly #4155. Chris Buechler
03:27 AM Bug #4587: apinger doesnt come up when wan monitoring is disabled and vpn monitoring is on on boot
the other thing is when booted ntp deamon is up and running but when i restarted openvpn, apinger starts but ntp daem... Bipin Chandra
03:24 AM Bug #4587: apinger doesnt come up when wan monitoring is disabled and vpn monitoring is on on boot
by the time its completely booted vpn is up and apinger dead even after 5mins but if i goto services and restart open... Bipin Chandra
03:12 AM Bug #4587: apinger doesnt come up when wan monitoring is disabled and vpn monitoring is on on boot
i didnt see any newwanip log messages but ill try that once more and let u know exactly.
once wan goes up, by the ti... Bipin Chandra
03:06 AM Bug #4587: apinger doesnt come up when wan monitoring is disabled and vpn monitoring is on on boot
did it log for newwanip when the VPN connected? How long was it until it connected? Mostly curious if it had finished... Chris Buechler
02:29 AM Bug #4587: apinger doesnt come up when wan monitoring is disabled and vpn monitoring is on on boot
vpn was working fine in those 8hrs after which i manually started monitoring Bipin Chandra
02:29 AM Bug #4587: apinger doesnt come up when wan monitoring is disabled and vpn monitoring is on on boot
well i rebooted the alix and waited like 8hrs but still monitoring didnt start.
no it isnt assigned as static, just ... Bipin Chandra
02:06 AM Bug #4587: apinger doesnt come up when wan monitoring is disabled and vpn monitoring is on on boot
When the VPN does connect, it'll kick off rc.newwanip, which will setup gateway monitoring. If the ovpnc interface is... Chris Buechler
12:23 AM Bug #4587 (Resolved): apinger doesnt come up when wan monitoring is disabled and vpn monitoring is on on boot
on the nanobsd alix, i have one wan and one vpn connection, my wan is stable so i have disabled monitoring on it but ... Bipin Chandra
07:56 AM Revision c7c1f746: Merge pull request #60 from psophis/progress.md
Updated Progress.md for files converted by psophis SjonHortensius
03:07 AM Todo #4582 (Resolved): Update 80211 and ath bits from -CURRENT
done Chris Buechler
02:26 AM Bug #4586: miniupnpd gives out lot of log/errors while reboot
according to this https://dev.openwrt.org/ticket/17058
"The error messages are caused by the missing IPv6 kernel mo... Bipin Chandra
01:57 AM Bug #4586 (Needs Patch): miniupnpd gives out lot of log/errors while reboot
that's an issue in miniupnpd, should be reported to them. If you search on that log, it happens on Linux to a number ... Chris Buechler
12:07 AM Bug #4586 (Needs Patch): miniupnpd gives out lot of log/errors while reboot
on the alix nanobsd using miniupnpd, when its rebooted a whole bunch of errors or just log gets outputted on the seri... Bipin Chandra

04/06/2015

11:16 PM Feature #4359 (Resolved): IPsec controlling uniqueid value
works Chris Buechler
03:37 AM Feature #4359: IPsec controlling uniqueid value
Hi,
Oops, just noticed that this has hopefully fixed with this PR: https://github.com/pfsense/pfsense/pull/1593.
... David Harrigan
03:34 AM Feature #4359: IPsec controlling uniqueid value
Hi,
There appears to be a bug with pfSense 2.2.1. Following on from the initial topic:
https://forum.pfsense.or... David Harrigan
10:57 PM Bug #4504 (Resolved): Bring back local network SPD exclusions for IPsec
the behavior is back to where it was in 2.1.5 and previous versions, excluding source LAN subnet, destination LAN IP. Chris Buechler
06:23 PM Revision bc09b90a: Add Super Micro C2758 to the list of known platforms
Renato Botelho
06:21 PM Revision fe29fe04: Add Super Micro C2758 to the list of known platforms
Renato Botelho
06:17 PM Revision c9ff4dff: Assign interfaces.php to psophis
Thane Gill
06:16 PM Revision 8f66b13f: Added Completed files by psophis
Remove trailing whitespace Thane Gill
04:44 PM Todo #4582 (Feedback): Update 80211 and ath bits from -CURRENT
Merged. Ermal Luçi
04:08 PM Bug #4310: Limiters + HA results in hangs on secondary
Looks good here. Not stressing it but enabling/disabling limiters on the cluster works, the limiters are doing what ... Chris Linstruth
12:44 PM Revision 946877fa: small correction of relative paths to icons
Dennis Neuhaeuser
12:43 PM Revision 9f6d592f: Merge pull request #1595 from dneuhaeuser/patch-1
Renato Botelho
12:41 PM Revision ed005b20: Few minor text typos
Note that advertise is spelt with an "s" in other places in the GUI, so
making it consistent in services_ntpd - but m... Phil Davis
12:41 PM Revision 05391c58: Merge pull request #1597 from phil-davis/Common-typos
Renato Botelho
12:40 PM Revision 4f118b9a: Merge pull request #1598 from phil-davis/patch-1
Renato Botelho
12:38 PM Revision 5d7a0701: diag_sockets show sockets listening on localhost
this helps pick a free port for services using sockets bound to localhost, and helps determine if the service has at ... Pi Ba
12:37 PM Revision 0c0bb4f4: Merge pull request #1599 from PiBa-NL/diag_sockets_show_localsockets
Renato Botelho
12:36 PM Feature #1189: Gateway: Multiple monitor ips
Given the current state of apinger, it is certainly not worth it to try to enhance the existing apinger compiled code... Phillip Davis
11:21 AM Bug #4105: rc.update_bogons.sh fetch failure should never sleep on FW upgrade
Hmm... so I discovered this in config.xml:... Kill Bill
11:16 AM Bug #4105: rc.update_bogons.sh fetch failure should never sleep on FW upgrade
Chris Buechler wrote:
> still not seeing any way that sleep can hold up anything. Do you have specific steps to repl... Kill Bill

04/05/2015

07:05 PM Bug #4585 (Resolved): IPsec widget does not show logged in 'Mobile Users'
IPsec widget does not show logged in 'Mobile Users'
The number stays '0' even when users are currently connected a... Pi Ba
06:46 PM Revision c3c692a9: Converted system_gateways and system_gateways_edit
Sjon Hortensius
06:41 PM Revision 71ae7b7e: Input - for type=number, default to min=1 & step=1
Sjon Hortensius
04:47 PM Revision b3f2f476: php error logging should 're-fix' with less side effects for now.. https://redmine.pfsense.org/issues/4143
Pi Ba
03:28 PM Revision fee25d17: Group - add support for $params in setHelp
Sjon Hortensius
02:57 PM Revision 3ff70087: Group - only push placeholder if Input doesn't have it yet
Input - introduce hasAttribute method
refs #56 Sjon Hortensius
02:38 PM Revision b965f190: diag_sockets show sockets listening on localhost
this helps pick a free port for services using sockets bound to localhost, and helps determine if the service has at ... Pi Ba
01:58 PM Revision 6ee37b41: diag_dns - TIL HTML, let's not barf out incomplete nodes
Sjon Hortensius
01:23 PM Revision 9673699e: removing unused maintable.inc
Sjon Hortensius
01:22 PM Revision 6c5d41c2: Converted status_dhcpv6_leases, 2 minor tweaks in status_dhcp_leases
Sjon Hortensius
12:26 PM Revision 8a5da2cc: Converted status_dhcp_leases.php
Sjon Hortensius
11:32 AM pfSense Packages Feature #4581: Add dshield-sensor port to pfPorts
I've submitted PR #847 to add the package once these changes have been made to pfPorts. Robert Nelson
09:45 AM Revision cf3904bd: Code style
Couple of spaces for new code merged from an old repo/branch Phil Davis
08:13 AM Bug #4584 (Duplicate): Static Mapped clients on one LAN get a DHCP IP from another LAN even when Deny unknown clients is checked on the other LAN
Forum: https://forum.pfsense.org/index.php?topic=91391.msg508422#msg508422
Setup with LAN1 and LAN2 - 2 interfaces w... Phillip Davis
03:02 AM pfSense Packages Bug #4583 (Closed): Squid3 breaking /etc/inc/captiveportal.inc
It really should not patch core OS files at all, let alone in a way that breaks things.
https://forum.pfsense.org/... Kill Bill
02:48 AM Revision 75f163f0: Un-screw-up merge
Chris Buechler
01:37 AM Revision 686e53c0: Include additional subnets for RAs in radvd.conf. Ticket #4468
Conflicts:
etc/inc/services.inc Chris Buechler
01:36 AM Revision 38253ce6: Include additional subnets for RAs in radvd.conf. Ticket #4468
Chris Buechler
12:52 AM Revision c5292060: Fix up Ticket #4504 implementation. Match config style with other areas. Use a config setting to disable, rather than enable, this functionality since it's enabled by default so the tag isn't necessary in the default config. Remove now unnecessary config upgrade code.
Chris Buechler
12:50 AM Revision 0a9e6c85: Fix up Ticket #4504 implementation. Match config style with other areas. Use a config setting to disable, rather than enable, this functionality since it's enabled by default so the tag isn't necessary in the default config. Remove now unnecessary config upgrade code.
Chris Buechler
12:36 AM Revision c01f5dac: fix type. Ticket #4504
Chris Buechler
12:35 AM Revision 600b4c3b: fix type. Ticket #4504
Chris Buechler
12:30 AM Bug #4296: Using the same FQDN in multiple aliases causes static entries to be lost
i believe this issue still persists as of 2.2.1 alix nanobsd when u have aliases with both ip and fqdn in more than o... Bipin Chandra

04/04/2015

10:30 PM Bug #4392: OpenVPN daemon crashing with ath(4) card installed
Adam Esslinger wrote:
> This appears to be a bug related to the drivers for the AR9350 WiFi Card. Once I removed it ... Chris Buechler
05:47 PM Bug #4392: OpenVPN daemon crashing with ath(4) card installed
This appears to be a bug related to the drivers for the AR9350 WiFi Card. Once I removed it from my system these issu... Adam Esslinger
09:14 PM Todo #4582 (Resolved): Update 80211 and ath bits from -CURRENT
Need to sync up the net80211 and ath code with latest from -CURRENT. Chris Buechler
08:35 PM Bug #4468 (Resolved): radvd multiple prefix not working
fixed, thanks for the report. Chris Buechler
05:49 PM Feature #4495: IPv6 support for DynDNS client
More specifically Im using HE.NET for IPv6 and DynDNS for Dynamic DNS. It would be nice for the dynamic DNS client to... Adam Esslinger
05:23 PM Revision d6fa899d: Few minor text typos
Note that advertise is spelt with an "s" in other places in the GUI, so
making it consistent in services_ntpd - but m... Phil Davis
12:19 PM Revision 81402045: Merge progress update from GH
Sjon Hortensius
12:18 PM Revision e469aa76: Merge branch 'master' into bootstrap
Sjon Hortensius
12:12 PM Revision 14de6e36: Merge branch 'master' of github.com:pfsense/pfsense
Sjon Hortensius
12:04 PM Revision b4b72564: Update PROGRESS.md
Mark firewall_aliases* as completed refs #44 SjonHortensius
12:00 PM Revision 9a4f7ab0: Convert fw_alias_import, 2 minor bugfixes in other files
fixes #44 Sjon Hortensius
12:00 PM Revision 1a87ef92: Bugfix; textarea needs form-control class too
Sjon Hortensius
11:51 AM Revision 14726356: Convert firewall_aliases_* to bootstrap, pending _import
refs #44 Sjon Hortensius
11:50 AM Revision 47148a97: Inputs hidden by bindCollapseToOptions should be disabled
fixes #57 Sjon Hortensius
11:42 AM Revision b2e6dd64: Initial enableDuplication javascript implementation, pending layout
refs #45 Sjon Hortensius
11:17 AM Revision 7684a99e: Introduce Group::enableDuplication and Input::setIsRepeated
also fix label-target, was based on name but should be ID instead. Also
make ID unique to facilitate functionality
r... Sjon Hortensius
10:35 AM Revision 467ff4d6: Multiple Inputs in group = copy Title to placeholder
fixes #56 Sjon Hortensius
05:24 AM Revision 5e8e558c: add etc/inc/array_intersect_key.inc to obsoletedfiles
Chris Buechler
05:23 AM Revision bc395b18: Remove array_intersect_key here too, definitely not needed. add to obsoletedfiles
Chris Buechler
05:18 AM Revision 3ab15aaf: shouldn't need this as its own inc anymore, but only changing in master since 2_2 nearing release
Chris Buechler
05:12 AM Revision a8c07dc8: uploadbar dir no longer needed
Chris Buechler
05:11 AM Revision e4dcbe49: uploadbar dir no longer needed
Chris Buechler
05:07 AM Revision 72992b85: There is no longer any need to restrict protocols for IPv4+IPv6 rules, the appropriate ruleset is generated and problem scenarios that would otherwise break here are prevented by other input validation.
Chris Buechler
05:06 AM Revision 7dff06c4: There is no longer any need to restrict protocols for IPv4+IPv6 rules, the appropriate ruleset is generated and problem scenarios that would otherwise break here are prevented by other input validation.
Chris Buechler
04:57 AM Revision 6986b703: remove dead code, clean up excess white space a bit.
Chris Buechler
04:57 AM Revision dc17a9de: remove dead code, clean up excess white space a bit.
Chris Buechler
01:06 AM pfSense Packages Feature #4581: Add dshield-sensor port to pfPorts
I already have the package done. I'm just waiting for the port to be added before I submit the pfsense-packages PR. Robert Nelson
01:05 AM pfSense Packages Feature #4581: Add dshield-sensor port to pfPorts
With the perl dependency it'll have to be a package, but we can get it added to ports and get a package built. It'll ... Chris Buechler

04/03/2015

11:27 PM pfSense Packages Feature #4581 (Closed): Add dshield-sensor port to pfPorts
I have developed a new package that processes the filter.log and submits reports to dshield.org. It includes a pfSen... Robert Nelson
09:40 PM Bug #4538 (Resolved): PFS settings on Mobile tab are overriding all Phase 2 entries, not just mobile
fixed Chris Buechler
03:07 AM Bug #4538 (Feedback): PFS settings on Mobile tab are overriding all Phase 2 entries, not just mobile
should be fixed Chris Buechler
08:01 PM Revision 91957c42: verify certs by default here
Chris Buechler
06:32 PM Revision f6f11800: Prevent empty addresses for being put in the ruleset. Ticket #4564
Ermal Luçi
06:32 PM Revision b9115c26: Prevent empty addresses for being put in the ruleset. Ticket #4564
Ermal Luçi
06:12 PM Revision 3d48d3c5: Ticket #4504 actually make it correct
Ermal Luçi
06:11 PM Revision 8206b2d9: Ticket #4504 actually make it correct
Ermal Luçi
06:10 PM Revision 74eaabbb: Upgraded configurations should keep the default configuration of bypassing lan from ipsec. Ticket #4504
Ermal Luçi
06:10 PM Revision 5a2ebbb1: Upgraded configurations should keep the default configuration of bypassing lan from ipsec. Ticket #4504
Ermal Luçi
06:08 PM Revision 491c76c8: Fixes #4504 Provide a newline to generate proper config
Ermal Luçi
06:08 PM Revision 755b75c7: Fixes #4504 Provide a newline to generate proper config
Ermal Luçi
06:04 PM Revision b8eeddeb: Fixes #4504 use correct key index
Ermal Luçi
06:03 PM Revision 9b7ca37d: Fixes #4504 use correct key index
Ermal Luçi
05:59 PM Revision 0887e836: Fixes #4504 Allow the bypass policy for LAN to be enabled and prevent traffic sent to lan ip to go to the ipsec tunnel
Ermal Luçi
05:59 PM Revision 53475389: Fixes #4504 Allow the bypass policy for LAN to be enabled and prevent traffic sent to lan ip to go to the ipsec tunnel
Ermal Luçi
05:39 PM Revision 92c27873: small correction of relative paths to icons
Dennis Neuhaeuser
05:06 PM Bug #4579: Upgrade from 2.1.5 to 2.2.1 stuck
What a shame i didn't see the "Reinstall all packages" button in Diagnostics > Backup & Restore
Anyway, reinstalli... Orsiris de Jong
09:29 AM Bug #4579: Upgrade from 2.1.5 to 2.2.1 stuck
None of my packages got reinstalled.
So every package i try to configure ends with something like this in the UI:
F... Orsiris de Jong
04:58 AM Bug #4579: Upgrade from 2.1.5 to 2.2.1 stuck
Well, finally, after 15 hours, the pfSense rebooted and is up and ready !!! Orsiris de Jong
03:08 AM Bug #4579 (Duplicate): Upgrade from 2.1.5 to 2.2.1 stuck
Hello,
This night i launched the upgrade from my production pfSense 2.1.5 to 2.2.2 x64.
The upgrade is running si... Orsiris de Jong
03:17 PM Revision ebb9469d: Fixes #4259 Use proper variable to do calculations
Ermal Luçi
03:16 PM Revision 9bbc4821: Fixes #4259 Use proper variable to do calculations
Ermal Luçi
02:35 PM Bug #4529: Traffic Shaping Wizard - CBQ and PRIQ
associated commits for this since the ticket # was typoed:
https://redmine.pfsense.org/projects/pfsense/repository/... Chris Buechler
10:16 AM Bug #4529 (Feedback): Traffic Shaping Wizard - CBQ and PRIQ
Ermal Luçi
02:34 PM Feature #4259 (New): Port forward NAT rules with "any" protocol
Chris Buechler
11:25 AM Feature #4259: Port forward NAT rules with "any" protocol
The fix "Use proper variable to do calculations" is actually the fix for #4529 - bit confusing there with the numbers... Phillip Davis
10:30 AM Feature #4259: Port forward NAT rules with "any" protocol
Applied in changeset commit:ebb9469d4e7ccb1986a4c17f1cdb44caf6bb6ad8. Ermal Luçi
10:30 AM Feature #4259 (Feedback): Port forward NAT rules with "any" protocol
Applied in changeset commit:9bbc482102d7a0a562a4368e9034e499651ac2e6. Ermal Luçi
02:16 PM Bug #4580 (Feedback): IKEv2 certificate lacks [mumble] attribute required by Windows 7 Agile VPN client
Which specific attribute?
It does have the EKU bits listed on there. Pay attention to the requirements in our docs... Jim Pingle
02:07 PM Bug #4580 (Resolved): IKEv2 certificate lacks [mumble] attribute required by Windows 7 Agile VPN client
I ran into this problem: http://tiebing.blogspot.ca/2012/05/windows-7-ikev2-error-13806.html?m=1
Also documented her... Adam Thompson
02:05 PM Bug #4310 (Feedback): Limiters + HA results in hangs on secondary
I pushed the messages under debug misc level and also another change to fix the root cause for it. Ermal Luçi
01:48 PM Revision efa66b4e: Add hidden input in a proper way
Refs. #22 Sander van Leeuwen
01:31 PM Bug #4564 (Feedback): DHCP WAN without an IP address can create an invalid ruleset with NAT reflection and destination any
I put a fix for this though more testing is needed. Ermal Luçi
01:10 PM Bug #4504: Bring back local network SPD exclusions for IPsec
Applied in changeset commit:491c76c802097a50c26f36600325a7b2fc5607df. Ermal Luçi
01:10 PM Bug #4504: Bring back local network SPD exclusions for IPsec
Applied in changeset commit:755b75c79f399e364d8afe22f1e8fa8d12644691. Ermal Luçi
01:10 PM Bug #4504: Bring back local network SPD exclusions for IPsec
Applied in changeset commit:b8eeddeb2f51db206f15e16732e79758d140ca5b. Ermal Luçi
01:10 PM Bug #4504: Bring back local network SPD exclusions for IPsec
Applied in changeset commit:9b7ca37d12d5e15026af946643f28517f731360d. Ermal Luçi
01:10 PM Bug #4504: Bring back local network SPD exclusions for IPsec
Applied in changeset commit:0887e836c45242e5afb8840acf2de9262f65d27c. Ermal Luçi
01:10 PM Bug #4504: Bring back local network SPD exclusions for IPsec
Applied in changeset commit:534753890c74d7ce1188fe9a7b6f5f1b153f802d. Ermal Luçi
01:09 PM Bug #4504 (Feedback): Bring back local network SPD exclusions for IPsec
Ermal Luçi
01:04 PM Feature #4322: Add Google Domains DDNS
https://forum.pfsense.org/index.php?topic=86900.0 explains exactly how to do it as well.
I second that it would be... Drew Kollasch
12:40 PM pfSense Packages Bug #4567 (Feedback): ntopNG Geo files missing
Applied in changeset commit:a9d7f2034af6a28287ef85682a2fa1b6c8e0d05b. Jim Pingle
09:54 AM pfSense Packages Bug #4567: ntopNG Geo files missing
Actually there was already a script to do that but it was being called by the wrong name.
Try running /usr/pbi/nto... Jim Pingle
08:28 AM Revision d30eac53: Merge pull request #55 from sbeaver-netgate/diag_dbs_revision
“More information” and “timing” sections should display only after a lookup is attempted. SjonHortensius
08:09 AM Revision 8b760d4b: Only use mobile clients PFS config with mobile ph2ent. Ticket #4538
Conflicts:
etc/inc/vpn.inc Chris Buechler
08:07 AM Revision 490b6c4f: Only use mobile clients PFS config with mobile ph2ent. Ticket #4538
Chris Buechler
07:35 AM Revision 8841c0fd: disable SSL validation for selfhost since it fails. Ticket #4545
Chris Buechler
07:34 AM Revision 3dac50ab: disable SSL validation for selfhost since it fails. Ticket #4545
Chris Buechler
03:59 AM Revision db9e5154: enable ike_name for daemon facility as well, to add connection identifiers to logs.
Chris Buechler
03:57 AM Revision 963621f2: enable ike_name for daemon facility as well, to add connection identifiers to logs.
Chris Buechler
03:09 AM Bug #4569 (Confirmed): system_set_harddisk_standby() needs rewritten for current CAM-based ATA stack
Chris Buechler
02:55 AM Bug #4573: Unbound omits 0 from host overrides where "0" (zero) is hostname.
Fixed, thanks. Kill Bill
02:35 AM Bug #4545 (Resolved): dynDNS service 'selfhost' fails certificate validation
I disabled validation for selfhost since they still have a chain problem that openssl rejects. If/when they fix that,... Chris Buechler
02:12 AM Bug #4418: IPsec mobile clients - bogus "p" appended to search domain
still an issue with strongswan 5.3.0. I opened a bug ticket: https://wiki.strongswan.org/issues/921 Chris Buechler
01:13 AM Bug #4566: Gateway marked as down not skipped when individually chosen with "Skip rules when gateway down" selected
i think im suffering from the issue mentioned here https://redmine.pfsense.org/issues/4296#change-17784 as i have the... Bipin Chandra
12:38 AM Bug #4566: Gateway marked as down not skipped when individually chosen with "Skip rules when gateway down" selected
the last 2 patches for this would solve marked down gateway to be skipped or passed to default gateway but the other ... Bipin Chandra
12:46 AM Revision 717fc06b: Use real interface here for dhcrelay v6. Ticket #4572
Chris Buechler
12:46 AM Revision 83ccc864: Use real interface here for dhcrelay v6. Ticket #4572
Chris Buechler
12:26 AM Bug #4571: scheduled firewall reboot crashes
ill get u details shortly Bipin Chandra
12:11 AM Revision 35ff72fa: 0 could be valid for hostname aliases too. Ticket #4573
Chris Buechler
12:10 AM Revision 6d457361: Don't omit hosts specified as "0". Ticket #4573
Chris Buechler
12:07 AM Revision 052e4ee8: Don't omit hosts specified as "0". Ticket #4573
Chris Buechler

04/02/2015

11:44 PM Revision bcd938ef: Emulate existing logic
“More information” and “timing” sections should display only after a
lookup is attempted.
Removed unused hidden form. sbeaver
07:44 PM Bug #4572 (Resolved): dhcrely ipv6 uses invalid network name
fixed, thanks Chris Buechler
08:13 AM Bug #4572 (Resolved): dhcrely ipv6 uses invalid network name
Hi,
i tried to setup dhcrelay für IPV6, but it didn't start.
The dhcp server in my case is outside the WAN inte... Klaus Steinberger
07:18 PM Bug #4573 (Resolved): Unbound omits 0 from host overrides where "0" (zero) is hostname.
It was omitting the 0 because that if check was wrong for values of 0. fixed, along with the same issue where alias n... Chris Buechler
08:45 AM Bug #4573 (Resolved): Unbound omits 0 from host overrides where "0" (zero) is hostname.
... Kill Bill
06:43 PM Revision 06da0d4e: Merge branch 'sbeaver-netgate-diag_dns' into bootstrap
- refactored Form_Table to plain html
- put results below form
- reverted a few unintentional changes Sjon Hortensius
06:18 PM Feature #3916 (Closed): IPsec status Overview tab no longer an overview
Chris Buechler
05:53 PM Revision 28e7026c: Merge branch 'diag_dns' of git://github.com/sbeaver-netgate/pfsense into sbeaver-netgate-diag_dns
Sjon Hortensius
04:40 PM Revision a4621273: Bug #4566 Only route-to a gateway if it is not force_down
When generating policy-routing rules there was no check if a gateway had force-down set, so gateway with force_down s... Phil Davis
04:39 PM Revision e57f0e33: Merge pull request #1594 from phil-davis/patch-1
Renato Botelho
04:26 PM Bug #4574 (Rejected): pfsense 2.2.x on Citrix XenServer
upstream issue with checksum offloading, work around discussed here:
https://forum.pfsense.org/index.php?topic=88467... Chris Buechler
09:03 AM Bug #4574 (Rejected): pfsense 2.2.x on Citrix XenServer
Greatings!
We discoverd a problem with pfsense 2.2.x.
We are using Citrix XenServer (V6.2-6.5) in our own company ... Marvin Kamm
04:16 PM Bug #4345: Traffic Shaping doesn't work with Xen netfront driver
Please, can somebody build an unofficial release (2.2.1+) without netfront. I don't have time to create a build envir... Grischa Zengel
01:02 PM Bug #4571 (Feedback): scheduled firewall reboot crashes
going to need more than this, it's certainly not as simple as a cron reboot crashes something. Chris Buechler
04:18 AM Bug #4571 (Not a Bug): scheduled firewall reboot crashes
i have cron installed on all my firewall installs with an entry "/etc/rc.reboot" and scheduled to reboot firewall eve... Bipin Chandra
10:44 AM Todo #4578 (Resolved): Create a tool to update base system
Create a tool like freebsd-update to update base system components OR use pkg for base system Renato Botelho
10:43 AM Bug #4310 (Confirmed): Limiters + HA results in hangs on secondary
This is still a problem. Some cases still work but with TONS of console/log spam about pfsync_undefer_state rendering... Jim Pingle
10:42 AM Todo #4577 (Resolved): Convert update mechanism (GUI) to pkg
Convert upgrade code to use pkg Renato Botelho
10:41 AM Todo #4576 (Resolved): Write a tool to create port reading data from xmlrpc
Our current packages details are available on xml data from pfSense-packages repo.
Write a tool to read all these ... Renato Botelho
10:39 AM Todo #4575 (Resolved): Replace xmlrpc calls in package system
xmlrpc will be dropped, replace code that list, install and update packages to use pkg.
Packages will have a prefi... Renato Botelho
09:34 AM Revision 26e9d96c: For PR
sbeaver
09:34 AM Revision d2467fe7: For PR
sbeaver
09:33 AM Revision 76f45c77: For PR
sbeaver
09:32 AM Revision 7ea87667: For PR
sbeaver
08:47 AM pfSense Packages Bug #4567 (Assigned): ntopNG Geo files missing
OK, great. I didn't have time to dig into all that yet. Looks promising. That script would need to be a bit more robu... Jim Pingle
08:40 AM Bug #4566: Gateway marked as down not skipped when individually chosen with "Skip rules when gateway down" selected
link to thread
https://forum.pfsense.org/index.php?topic=91392.0 Bipin Chandra
08:38 AM Bug #4566: Gateway marked as down not skipped when individually chosen with "Skip rules when gateway down" selected
below are the screenshots of the openvpn tunnel being up, firewall rules on lan tab to send traffic out of tunnel and... Bipin Chandra
07:35 AM Bug #4570 (Rejected): 2.2.1 Omits SPD entries for LAN traffic with Supernet IPSEC tunnel
Duplicate of #4504 Jim Pingle
03:46 AM Bug #4570 (Rejected): 2.2.1 Omits SPD entries for LAN traffic with Supernet IPSEC tunnel
Under 2.1.5 creating an IPSEC tunnel with a supernet/subnet arrangement produces SPD rules like this:
$ setkey -DP... Nei Ka

04/01/2015

08:46 PM Revision 3e377f5a: IpAddress - make range go down instead of up
Sjon Hortensius
08:35 PM Revision 1845af7f: Input - better chaining plus added setPattern, IpAddress - chaining fix
Sjon Hortensius
07:09 PM Revision 156543ee: Combo changes to support diag_dns.php
sbeaver
07:04 PM Revision 6e23e8d5: Version allows button to be suppressed
sbeaver
04:26 PM Bug #4531: RRD data restored in edge case where it shouldn't be, causing gap in graph
Did some investigation:
rc.shutdown does not match condition for my system.
PLATFORM cat /etc/platform
pfSense... Beat Siegenthaler
04:20 PM pfSense Packages Bug #4567: ntopNG Geo files missing
Perhaps they stopped distributing the files because they have introduced a new database format and don't want to doub... Denny Page
04:19 PM pfSense Packages Bug #4567: ntopNG Geo files missing
Hmmm, the "lite" data files are CC BY-SA 3.0 so there should be no problem with distributing those as long as you cre... Kill Bill
02:46 PM pfSense Packages Bug #4567 (Needs Patch): ntopNG Geo files missing
Last July the GeoIP distribution stopped including the data files, they must be manually fetched and put in place. I ... Jim Pingle
02:54 PM Revision e67a1fea: Updated conversion progress
Now based on ‘grep Form.class’ since some pages had foot.inc but had
not actually been converted. sbeaver
02:53 PM Revision 286aa3f2: Converted to bootstrap
HTML largely replaced by SH framework sbeaver
02:53 PM Revision 8bf4d182: Add a table to a section by passing it a two-dimensional array
Is there a better way to do this? Can the table position be controlled? sbeaver
02:52 PM Revision 3e7e26c6: Allow "Save" button to be suppressed
new Form(false) suppresses the “Save” button so that you can then add
your won custom button. sbeaver
12:58 PM Bug #1221: igb driver mbuf allocation problems on multicore machines aka Could not setup receive structures
Why can't this be addressed in pfSense? Denis Kozlov
12:47 PM Bug #1221: igb driver mbuf allocation problems on multicore machines aka Could not setup receive structures
if you need to reinstall something purchased from us, you need to get in touch with us to get the proper image to rei... Chris Buechler
12:31 PM Bug #1221: igb driver mbuf allocation problems on multicore machines aka Could not setup receive structures
The same problem occurs even when purchased from pfStore Store. A clean (re)install of pfSense is unreachable.
I d... Denis Kozlov
11:24 AM Bug #1221: igb driver mbuf allocation problems on multicore machines aka Could not setup receive structures
you need to follow the guidance here:
https://doc.pfsense.org/index.php/Tuning_and_Troubleshooting_Network_Cards
... Chris Buechler
06:11 AM Bug #1221: igb driver mbuf allocation problems on multicore machines aka Could not setup receive structures
This is not resolved!
A fresh install of latest pfSense 2.2.1 (FreeBSD 10.1) on hardware with 8 CPU cores, 8 GB RA... Denis Kozlov
12:52 PM Bug #4569 (Resolved): system_set_harddisk_standby() needs rewritten for current CAM-based ATA stack
The current system_set_harddisk_standby() function in source:etc/inc/system.inc#L2049 uses invalid sysctl values and ... Jim Pingle
08:34 AM Bug #4568: mlppp settings lost after save on interface page
May be the same as #4378 Bianco Veigel
08:33 AM Bug #4568 (Resolved): mlppp settings lost after save on interface page
Everytime I click save on the interface page, the second Gateway-Address for the corresponding l2tp interface are los... Bianco Veigel
04:46 AM Bug #4566: Gateway marked as down not skipped when individually chosen with "Skip rules when gateway down" selected
The code after my change 1594 effectively removes the force_down gateway from the list, just like other gateways are ... Phillip Davis
12:43 AM Bug #4566: Gateway marked as down not skipped when individually chosen with "Skip rules when gateway down" selected
ill try the other patch but i gues the skip rules isnt working as well because for voip to work i need to send it thr... Bipin Chandra
03:28 AM pfSense Packages Feature #4503: GNUGateKeeper H.323 Proxy Package
Sorry for my English! I think I need to perform a test of the software! Aleksei Aksenov
03:13 AM pfSense Packages Feature #4503: GNUGateKeeper H.323 Proxy Package
Thank you for your attention! I think you need to perform a test of the software! Maybe everything will work! How to ... Aleksei Aksenov
02:57 AM pfSense Packages Feature #4503: GNUGateKeeper H.323 Proxy Package
Not on firewall, no. Though it implements features that can be make the *H.323 apps using h323plus* more tolerant of ... Kill Bill
02:29 AM pfSense Packages Feature #4503: GNUGateKeeper H.323 Proxy Package
If I understand you correctly, the port does not add to the possibility of forwarding protocol h323 through NAT?
How... Aleksei Aksenov
02:20 AM pfSense Packages Feature #4503: GNUGateKeeper H.323 Proxy Package
Huh? Why would you install it on pfSense? These libraries will do absolutely nothing useful on your firewall. Kill Bill
02:01 AM pfSense Packages Feature #4503: GNUGateKeeper H.323 Proxy Package
Hi All! Ports found to solve this problem, it is best suited h323plus-1.26.5_2 .
http://www.freebsd.org/cgi/ports.c... Aleksei Aksenov
01:35 AM Revision 80e47bb0: call this RCC-VE rather than C2358
Chris Buechler
01:32 AM Revision d985cfa6: call this RCC-VE rather than C2358
Chris Buechler
12:33 AM pfSense Packages Bug #4553: BIND IPv6 Reverse Zone problem
Created a pull-request to commit this fix. And probably this fix will be included in next update of BIND package.
ht... Alex B

03/31/2015

10:59 PM pfSense Packages Bug #4567 (Resolved): ntopNG Geo files missing
The ntopNG package does not install the necessary GeoIP files. Form syslog:
Mar 31 20:51:26 ntopng: [Geolocation.c... Denny Page
10:29 PM Bug #4559 (Not a Bug): Sync States causes sessions to NOT be NATed with multicast mac
Thanks, that explains it.
In the base OS of 2.1.x and earlier versions, the system ignored traffic destined to mu... Chris Buechler
08:22 PM Revision 0b34a56c: Add a check for whether IPsec is enabled, so it doesn't spit out "IPsec
daemon not running or has a problem!" when IPsec isn't enabled. Chris Buechler
08:18 PM Revision 68e32206: Add a check for whether IPsec is enabled, so it doesn't spit out "IPsec
daemon not running or has a problem!" when IPsec isn't enabled. Chris Buechler
07:05 PM Revision 3bae851d: Add SCTP to protocol list for filtering.
Jim Pingle
07:05 PM Revision d6710783: Add SCTP to protocol list for filtering.
Jim Pingle
05:44 PM Revision 1d433e01: Bug #4566 Only route-to a gateway if it is not force_down
When generating policy-routing rules there was no check if a gateway had force-down set, so gateway with force_down s... Phil Davis
04:18 PM Revision 887f2517: Merge manually pull request #1593
Ermal Luçi
04:16 PM Revision 7b0304d9: Merge pull request #1593 from gitbensons/ipsec_fix_uniqueids
Ermal Luçi
02:43 PM Bug #4566 (Confirmed): Gateway marked as down not skipped when individually chosen with "Skip rules when gateway down" selected
that just omits the route-to when the gateway is disabled, the "skip rules" option skips the rule entirely. that'll n... Chris Buechler
12:50 PM Bug #4566: Gateway marked as down not skipped when individually chosen with "Skip rules when gateway down" selected
Should be fixed by https://github.com/pfsense/pfsense/pull/1594
There did not seem to be any code to handle the mark... Phillip Davis
03:38 AM Bug #4566 (Resolved): Gateway marked as down not skipped when individually chosen with "Skip rules when gateway down" selected
i have a openvpn client tunnel setup and i use it for voip as my isp blocks voip and that works fine, i was recently ... Bipin Chandra
02:03 PM Revision 0ca36ca3: Fix IPsec Advanced Settings uniqueids. It was neither set in strongswan config, nor picked up correctly in the UI.
benny benny
01:27 PM Revision cb99d991: Fix encoding issues in Configuration History list.
Jim Pingle
01:27 PM Revision ddddf255: Fix a few misc encoding issues in load balancer code.
Jim Pingle
01:26 PM Revision 08c1db2d: Fix encoding issues in Configuration History list.
Jim Pingle
01:26 PM Revision 05a46384: Fix a few misc encoding issues in load balancer code.
Jim Pingle
12:36 PM Revision 89f64f0f: - Consistent table styles (table table-striped table-hover)
- Wrap tables in table-responsive (excluding widgets)
Refs. #51 Sander van Leeuwen
12:23 PM Revision 94404d94: - Consistent table styles (table table-striped table-hover)
- Wrap tables in table-responsive
- Wrap action buttons in nav.action-buttons
- Removed unnecessary form from vpn_l2t... Sander van Leeuwen
12:11 PM Revision 765b79f9: Tweak vpn_ipsec_keys layout
- Better name for 'edit user' button
- Wrap action buttons
- Sprinkle some clears in CSS for table container and form... Sander van Leeuwen
11:16 AM Feature #4359 (Feedback): IPsec controlling uniqueid value
Merged thx. Ermal Luçi
10:03 AM Feature #4359: IPsec controlling uniqueid value
This pull request https://github.com/pfsense/pfsense/pull/1593 should fix the issue Benjamin von Mossner
04:54 AM pfSense Packages Bug #4553: BIND IPv6 Reverse Zone problem
I found a workaround.
Here is the fixed files for BIND 9.9.6P1_3 pkg v 0.3.6
Just replace the content of original... Alex B

03/30/2015

10:11 PM Revision c7dc654f: Convert vpn_ipsec_keys_edit to bootstrap
Refs. #22 Sander van Leeuwen
09:59 PM Revision 5f85a1f2: Convert to bootstrap
Refs. #22 Sander van Leeuwen
09:34 PM Bug #4562 (Rejected): PPPoe Server
.0 is a valid, usable IP in that circumstance. The code there will set the address range to the network address for t... Chris Buechler
09:18 PM Revision 447efafd: Fix todo, let checkbox toggle maxmss input
Refs. #22 Sander van Leeuwen
09:07 PM Revision 18957b59: Add debug settings as separate group
Refs. #22 Sander van Leeuwen
08:53 PM Bug #4563 (Rejected): Bug when repurposing a firewall to new location
manual outbound NAT is user-configured and never updated by the system. Automatic outbound NAT would update itself. M... Chris Buechler
09:05 AM Bug #4563 (Rejected): Bug when repurposing a firewall to new location
I took a Firewall from one customer and moved it to another and when I did so some of the rules did not change for th... Sam E
02:50 PM Revision 807cdae3: Fixed minor spelling error
Philip Hansen
02:49 PM Revision adf62c63: Merge pull request #1588 from Hanse00/master
Renato Botelho
02:49 PM Revision 82ab62fe: Merge pull request #1589 from phil-davis/patch-1
Renato Botelho
12:52 PM Bug #4565: Previously working IPsec broken by upgrading to 2.2.1
Confirmed this was the cause - resolved by setting the DH group for phase2 on both ends.
Thanks! Michael Brown
12:20 PM Bug #4565 (Rejected): Previously working IPsec broken by upgrading to 2.2.1
Your end shows it has a pfs group set in Phase 2. Check the mobile clients tab, ensure pfs isn't set there as that ta... Jim Pingle
12:07 PM Bug #4565 (Rejected): Previously working IPsec broken by upgrading to 2.2.1
I previously had a site-to-site VPN up and working between two sites when one endpoint was 2.2 and the other was 2.1.... Michael Brown
11:20 AM Bug #4564 (Resolved): DHCP WAN without an IP address can create an invalid ruleset with NAT reflection and destination any
If the following events happen, invalid rules may be generated:
* DHCP WAN has link but the interface cannot obtain ... Jim Pingle

03/29/2015

07:44 PM Revision 60802fad: Return link-local address when we are only requesting IPv6 prefix only if there is no global IPv6 address. In some cases global SLAAC IPv6 address might be present when using DHCPv6. Fixes #4483
k-paulius
04:22 PM Bug #3656: "LAN network" in v6 rules doesn't work when assigning link-local address to LAN
This also affects rules with "LAN Interface" not just "LAN Subnet" as source/destination. In order for the rules with... Paul K
03:04 PM Bug #4483: SLAAC and stateful DHCP6 IPs are configured on interface when using DHCP6 config type
New pull request: https://github.com/pfsense/pfsense/pull/1590 Paul K
01:16 PM Revision 66de8653: Add panels-hint
SjonHortensius
01:11 PM Revision 84c2d088: Added bulletpoint about changing backend-code
fixes #33 SjonHortensius
12:55 PM Revision 50a93b16: Update link to Progress after move
SjonHortensius
12:54 PM Revision 89d591d8: actual changes, fixes icons
Stephen Beaver
12:53 PM Revision d9c70e41: Updated & moved PROGRESS doc, fixes icons
Stephen Beaver
12:41 PM Revision 5fd8513d: replace Input->column methods with generic Element plus fixes
Form.class - fix adding offset to submit button
Checkbox - add class to column, not input. Fix displayAsRadio return
... Sjon Hortensius

03/28/2015

11:26 PM Feature #4534: Add ability to start dhcp6c in debug mode
Attaching dhcp6 patch that enables it to log to syslog when daemonized. Upstream ticket: https://bugs.freebsd.org/bug... Paul K
10:44 PM pfSense Packages Bug #4561: siproxd listening port redirect rule pulling wrong tag from <siproxdsettings> (config.xml)
It will be easy if your go to https://github.com/pfsense/pfsense-packages
Find the file, click the pencil tool to ed... Phillip Davis
03:00 PM pfSense Packages Bug #4561: siproxd listening port redirect rule pulling wrong tag from <siproxdsettings> (config.xml)
I have confirmed that changing Line 83 to:
$port = ($siproxd_conf['port'] ? $siproxd_conf['port'] : 5060);
corr... Mark Bailey
02:52 PM pfSense Packages Bug #4561 (Resolved): siproxd listening port redirect rule pulling wrong tag from <siproxdsettings> (config.xml)
I use siproxd a little differently than most. I set its listen port to 5070 and have all my SIP devices set to UDP on... Mark Bailey
10:33 PM Bug #4562: PPPoe Server
using latest version 64bit ian Clifford
10:32 PM Bug #4562 (Rejected): PPPoe Server
setting PPPoe server config for LAN
using built in user database
when changing remote address range to 172.168.60.1... ian Clifford
02:33 PM Revision 1192840b: refactor attributes from Input to Element to make it a bit more generic
* replaced Input::setAttribute with explicit setReadonly/setDisabled
* introduced Input::toggles
fixes #37, refs #21 Sjon Hortensius
02:16 PM Revision 14a6c356: Fix brackets
that I broke - sorry, I did test on a 2.2.1 system but then had to make my changes into a master version to submit th... Phil Davis
12:45 PM Revision 6f256fe3: Merge branch 'psophis-form-element' into bootstrap
Sjon Hortensius
12:20 PM Revision df3b00ba: Merge branch 'form-element' of https://github.com/psophis/pfsense into psophis-form-element
Sjon Hortensius
12:07 PM Revision 214a9c33: Proof of concept for Form_IpAddress that shows a mask-selector too
refs #23 Sjon Hortensius
11:54 AM pfSense Packages Bug #4560 (Resolved): apcupsd is missing support for SMTP TLS email and uses old check for SSL setting
apcupsd_mail.php has the following code for the SMTP SSL setting... Stuart Wyatt
09:06 AM Revision b904c4a5: Fixed minor spelling error
Philip Hansen
05:10 AM Revision 56effb56: Remove wireless cards from ALTQ-capable interfaces, since ALTQ is broken on wlandev in FreeBSD 10.x at the moment. Ticket #4406
Chris Buechler
05:09 AM Revision 4f00900c: Remove wireless cards from ALTQ-capable interfaces, since ALTQ is broken on wlandev in FreeBSD 10.x at the moment. Ticket #4406
Chris Buechler
02:41 AM Bug #4559: Sync States causes sessions to NOT be NATed with multicast mac
Hmm, I found the cause of the problem. The multicast traffic is being flooded to the network and the secondary pfsen... Sam Bingner
02:07 AM Bug #4559: Sync States causes sessions to NOT be NATed with multicast mac
To the NLB IP:... Sam Bingner
12:38 AM Bug #4545 (Confirmed): dynDNS service 'selfhost' fails certificate validation
There's no problem with wildcard certs (if they're for the correct domain, of course).
2.2 enabled SSL certificat... Chris Buechler

03/27/2015

11:59 PM pfSense Packages Bug #4337 (Resolved): Multiple radiusd instances are launched upon WAN interface change
Chris Buechler
06:16 PM pfSense Packages Bug #4337: Multiple radiusd instances are launched upon WAN interface change
Tested, changes are working as expected.
Strangely for the change to show up package must be removed/installed rat... Paul K
02:40 PM pfSense Packages Bug #4337 (Feedback): Multiple radiusd instances are launched upon WAN interface change
Applied in changeset commit:00561b63b7171dafe5906abf17cb413e647cdecc. Anonymous
11:58 PM pfSense Packages Feature #2825: OpenBGPd: Add options prepend-neighbor and prepend-self
those who use these options are using raw config currently. It's maintained, just hasn't gotten many if any feature a... Chris Buechler
06:40 PM pfSense Packages Feature #2825: OpenBGPd: Add options prepend-neighbor and prepend-self
Two years since the ticket was open, these config options are both still missing from the GUI. Is this package no lo... allen landsidel
11:38 PM Bug #4559: Sync States causes sessions to NOT be NATed with multicast mac
you sure it's specific to multicast MACs? Not sure how that would affect it. It sounds like what's happening is the s... Chris Buechler
08:41 PM Bug #4559 (Not a Bug): Sync States causes sessions to NOT be NATed with multicast mac
I am using Microsoft NLB for OWA. It uses a multicast MAC address for the cluster, which is fine as long as sync sta... Sam Bingner
06:59 PM Revision 45c15a59: Merge pull request #1572 from jlduran/no-server-header
Renato Botelho
06:53 PM Revision 2c657294: Merge pull request #1578 from Robert-Nelson/rfc2136_ignore_ipv4_ipv6
Renato Botelho
03:35 PM Revision 3fbcaeb5: Completed Bootstrap conversion
Added error message on lookup failure Stephen Beaver
03:32 PM Revision 5c6317da: print_input_errors() is now a wrapper around print_errors().
print_errors() allows the caller to supply the error messages and the alert box heading. Stephen Beaver
09:17 AM Bug #4558: DHCP traffic getting blocked with DHCP Relay enabled
... Kill Bill
09:09 AM Bug #4558 (Resolved): DHCP traffic getting blocked with DHCP Relay enabled
Essentially the same issue as Bug #3074 but for IPv4 (blocked by default deny rule IPv4). Contrary to https://forum.p... Kill Bill

03/26/2015

11:51 PM Revision e593bac7: add missing )
Chris Buechler
09:56 PM Revision 72371a3d: Include net.key.preferred_oldsa in the sysctl list, set to 0 (disable) so
it doesn't fall through to the default (1). Chris Buechler
09:47 PM Revision 62dc93d1: Include net.key.preferred_oldsa in the sysctl list, set to 0 (disable) so
it doesn't fall through to the default (1). Chris Buechler
08:44 PM Revision 3fc58484: !! Do not merge!!
Partially converted to bootstap.
Code rearranged and commented
Indenting made consistent
Fixed issue with adding ali... Stephen Beaver
06:48 PM Revision ea08d2b2: Change to Record Type with A and AAAA as values.
Robert Nelson
05:51 PM Revision 96e8a999: Voucher messages using wrong config field name
https://forum.pfsense.org/index.php?topic=91168.msg505273#msg505273
$config['voucher'][$cpzone]['msgnoaccess']
and
$c... Gertjan KROEB
05:51 PM Revision 8f20b016: Merge pull request #1587 from Gertjanpfsense/master
Renato Botelho
04:57 PM pfSense Packages Feature #4368: [Unbound] Allow customized root.hints
According to the unbound documentation at https://www.unbound.net/documentation/unbound.conf.html... Mathew Branyon
04:28 PM Revision 8e2a5adf: RRD Graph Custom Tab display friendly description
The other tabs of Status:RRD Graphs put the friendly description of each interface into the drop-down list for select... Phil Davis
04:27 PM Revision 88f63af0: Merge pull request #1581 from phil-davis/patch-1
Renato Botelho
04:24 PM Revision 7db3d1c7: Use address types instead of addresses.
Robert Nelson
04:19 PM Revision ad20e46d: Merge branch 'master' into rfc2136_ignore_ipv4_ipv6
Robert Nelson
04:18 PM Bug #4557 (Closed): WebGui Error - Menu Help is displaced to below the menu System
This is a duplicate of this ticket: https://redmine.pfsense.org/issues/3842 Jared Dillard
03:57 PM Bug #4557 (Duplicate): WebGui Error - Menu Help is displaced to below the menu System
After updating the pfSense 2.1-RC0 to 2.1.5-Release the menu *Help* is displaced to below the menu *System*.
O.S: ... Elias Pereira
04:00 PM Revision 383dd72d: Always include general setup DNS servers in unbound.conf
when forwarding mode is on.
The General Setup setting "Allow DNS server list to be overridden by DHCP/PPP on WAN" has... Phil Davis
03:58 PM Revision 86feced0: Merge pull request #1586 from phil-davis/patch-6
Renato Botelho
03:05 PM pfSense Packages Bug #4554: BIND package: Problem generating zones
Finally got my configuration working.
Tips & gotchas...
1. You must first create a View and select that in your... Louis Zuckerman
02:23 PM Revision 11fd072b: Only list nameservers once in resolv.conf
I was on a test system and had an upstream DNS server IP specified in System-General Setup. WAN was setup with a stat... Phil Davis
02:22 PM Revision 9afdc939: Merge pull request #1584 from phil-davis/patch-2
Renato Botelho
02:20 PM Revision 33d40fb0: Merge pull request #1582 from k-paulius/fix-get_possible_traffic_source_addresses
Renato Botelho
02:13 PM Revision a5bc12f0: Merge pull request #1575 from k-paulius/misc-dhcp6c
Renato Botelho
02:08 PM Revision 6eb5191b: Status DHCP Leases handle expire never
Note: We can let the code pass "never" (or any other unexpected stuff)
to adjust_gmt()
adjust_gmt() should anyway han... Phil Davis
02:08 PM Revision 5385a5e1: Merge pull request #1559 from phil-davis/status-dhcp-leases
Renato Botelho
01:49 PM Revision 4a28ebef: Update README.md
Add link to progress doc SjonHortensius
01:46 PM Revision 295c4bc8: Merge pull request #41 from sbeaver-netgate/bootstrap
Add conversion progress table as PROGRESS.md SjonHortensius
01:42 PM Revision 231b1321: Corrected extension (.md vs .mo)
Stephen Beaver
01:38 PM Revision 8e0139dd: GitHub markdown page listing the PHP files that have been converted to bootstrap.
Stephen Beaver
09:03 AM Revision 4828d672: Voucher messages using wrong config field name
https://forum.pfsense.org/index.php?topic=91168.msg505273#msg505273
$config['voucher'][$cpzone]['msgnoaccess']
and
$c... Gertjan KROEB
08:49 AM pfSense Packages Feature #4548: syslog-ng interface doesn't allow rule ordering
After a bit more research, I would now suggest simply changing the name of the default rules (i.e. "_DEFAULT) to "zDE... William Bedard
05:11 AM pfSense Packages Bug #4420: warning: bad command startup -- throttling
This should be updated to Version 2.2.x
and the package should either be removed from the packages list are marked a... Robert Balfour
04:56 AM pfSense Packages Bug #3986: BandwidthD can break php-fpm in unknown rare edge case
I 'm having the same issues with bandwithd and would like to help to solve this.
Running release 2.2.1
# Instal... Tom Peeters
03:48 AM Bug #4545: dynDNS service 'selfhost' fails certificate validation
News:
Here is a short summary of the answers from the provider:
Host carol.selfhost.de is the update host of pr... Willy Tenner
12:51 AM Revision a110a0cb: Always include general setup DNS servers in unbound.conf
when forwarding mode is on.
The General Setup setting "Allow DNS server list to be overridden by DHCP/PPP on WAN" has... Phil Davis
12:43 AM Revision 2400f545: Disable lighttpd server header
Set the `server.tag` to an empty string to prevent lighttpd from
displaying the version number in the header. Jose Luis Duran
12:27 AM Revision 8fdeee58: Convert vpn_ipsec_settings
Refs. #22 Sander van Leeuwen

03/25/2015

11:40 PM Bug #4556 (Duplicate): pfSense_getall_interface_addresses() does not return scope identifier for link-local addresses
In v2.1.5 pfSense_getall_interface_addresses('em0') returns:... Paul K
11:30 PM Revision da228542: Execute commands one by one to be compatible with OS X's version of sed
Refs. #39 Sander van Leeuwen
11:28 PM Revision 5ddd7e7b: Convert vpn_ipsec
Refs. #22 Sander van Leeuwen
08:43 PM Revision feebcbfa: Make selector less specific to support other button types as well
Refs. #19 Sander van Leeuwen
08:37 PM Revision 9c878ec9: Add body padding on pages without menu (wizards, login page, etc.)
Refs. #34 Sander van Leeuwen
08:33 PM Revision df868fa2: Merge pull request #34 from sbeaver-netgate/bootstrap
Allow top navbar to resize without overwriting the page Sander van Leeuwen
06:14 PM Revision 4ad1ddf2: Only list nameservers once in resolv.conf
I was on a test system and had an upstream DNS server IP specified in System-General Setup. WAN was setup with a stat... Phil Davis
05:24 PM Revision d5b28fcf: Fixes an issue wherein an alias could be added only if some other alias already exists in the system.
Stephen Beaver
05:02 PM pfSense Packages Bug #4555 (Resolved): Tiny DNS: Service does not start
I'm using pfSense 2.2.1-RELEASE with the dns-server package 1.05_20-amd64.
I've tried starting the services, both ... Louis Zuckerman
04:10 PM pfSense Packages Bug #4554 (Not a Bug): BIND package: Problem generating zones
I'm using pfSense 2.2.1-RELEASE with the bind package 9.9.6P1_3-amd64.
I created a zone but there's no trace of an... Louis Zuckerman
04:06 PM Bug #4547 (Resolved): 0 is not accepted in some advanced DHCP6 config fields
thanks Chris Buechler
02:40 PM Revision 3c3a3bf9: Eliminate the "this_device" test from the resync check in rc.openvpn.
It is not necessary to check, as the only times a gateway event should trigger the VPN to restart are when the curren... Jim Pingle
02:40 PM Revision a3cecbc3: Eliminate the "this_device" test from the resync check in rc.openvpn.
It is not necessary to check, as the only times a gateway event should trigger the VPN to restart are when the curren... Jim Pingle
02:11 PM Revision f997432b: Remove another occurrence of 'Template'
Replaced with 'file' SjonHortensius
02:07 PM Revision 511b099d: Template > file
Prevent misunderstandings that we refer to existing files SjonHortensius
05:23 AM Bug #4310: Limiters + HA results in hangs on secondary
We are seeing a number of reports that this is still an issue in 2.2.1. At least one customer ticket and also: https:... Steve Wheeler
12:50 AM pfSense Packages Bug #4553 (Resolved): BIND IPv6 Reverse Zone problem
There is a problem with IPv6 Reverse zones in all bind and pfsense versions.
BIND can not reverse resolve IPv6 addre... Alex B
 

Also available in: Atom