Activity
From 03/25/2015 to 04/23/2015
04/23/2015
-
03:24 PM Bug #4383: Firewall log contains IGMP for rules that do not have logging on
- I too have ran into this. Very irritating. :)
-
10:00 AM Bug #4649: Add static mapping for this mac address button links to wrong page
- So I don't know what your bug is - that is really weird if the link has "if=" with no interface, but then the interfa...
-
09:40 AM Bug #4649: Add static mapping for this mac address button links to wrong page
- Yes, they are all fine. If I hover over the plus button for more than a few MSEC, the URL fills out completely and t...
-
- Have you defined DHCP pools?
Do the effected entries have DHCP addresses issued from the pool(s)?
I can see that th... -
- A little testing - I can get it to happen pretty reliably in both Chrome and Firefox. What I noticed was that the de...
-
07:37 AM Bug #4651 (Resolved): Policy route negation rules receive the same tracker ID as the rule they are based upon, which confuses the log parser
- If the policy route negation rules are active, the automatic negation rule receives the same tracker ID as the rule i...
-
04:56 AM Bug #4639: NAT fails to correctly translate udp port numbers embedded in certain ICMP error packets
- I found the pf-rule that causes the problem:
pass out route-to ( pppoe0 2.2.2.2 ) from 1.1.1.1 to !1.1.1.1/32 tra... -
04:03 AM pfSense Packages Feature #4503: GNUGateKeeper H.323 Proxy Package
- I installed this package openh323-1.19.0.1_8 . PFsense 2.1.5 i386.
pkg_add -r ftp://ftp-archive.freebsd.org/pub/Fre... -
03:24 AM Bug #3749: Upgrade from 2.1.4 to 2.2 does not automatically reboot
- i had the exact same issue when i upgraded one box from 2.1.5 to 2.2.2, it didnt reboot, ssh was lost, only web gui w...
-
01:56 AM Bug #3749: Upgrade from 2.1.4 to 2.2 does not automatically reboot
- Braden McGrath wrote:
> This also happens on 2.1.5, and just occurred for me on a 2.1.5 -> 2.2.2 upgrade (x64/AMD64)... -
- This also happens on 2.1.5, and just occurred for me on a 2.1.5 -> 2.2.2 upgrade (x64/AMD64).
I have remote web ac...
04/22/2015
-
10:16 PM Bug #4649 (Not a Bug): Add static mapping for this mac address button links to wrong page
- services_dhcp.php doesn't exist in that file at all. Don't see how that would be possible.
Definitely report back... -
- well that is very weird. I opened chrome and tested, it worked correctly. I switched to a firefox tab, selected DHC...
-
- It works fine on my 2.2.2 systems. I have attached a screen shot of Status->DHCP Leases while hovering over the butto...
-
- The add static mapping for this mac address button used to take one to the static mapping entry page at /services_dhc...
-
-
- Some crash reports that have symlinks in /var/crash will fail to submit. Fix coming momentarily
-
- fixed (by removing the modules entirely for now at least, they mostly aren't necessary, and cause stability issues)
-
- fixed
-
- fixed
-
10:12 AM Todo #1940: Integrate rSyslogd
- I need to send my syslog through internet and for security reason I need TLS/SSL to do that.
Please switch syslogd t... -
09:50 AM Feature #4366: Namecheap Dynamic DNS updates fail on subdomain formatted domains
- The main problem isn't if the domain is 2 or 3 part. It's that hard coding the number of parts breaks it for anythin...
-
- well then the current logic uses 3 parts when on domain.co.uk whereas namecheap has other domains with 3 parts like x...
-
- >There are cases when the domain has more than two parts, specifically the case in the test with .uk, so the domain i...
-
- Trel S wrote:
> "parta.partb" is a valid A record. Using the logic you said, there would be no possibility of updat... -
- The safest solution would be the two input boxes to allow the user to define how much is the host name, and how much ...
-
- But that would then break in scenarios such as
parta.partb.domain.tld
"parta.partb" is a valid A record. Using... -
- Modifying that test would break other domains that function correctly now. That may be an "easy fix" for this specifi...
-
- easy fix would be to edit the /etc/inc/dyndns.class file on line 537
replace
$domain_part_count = ($dparts[count(... -
- rather than having to modify gui and the xml values separately, its better to modify the logic such that u consider o...
-
09:20 AM pfSense Packages Bug #4277: squidGuard-squid3 installation Failed after pfSense Update to 2.2
- squid3 fails to install on a fresh 2.2 install too, here is the error:
Beginning package installation for squid3 .... -
07:39 AM Bug #4648 (Resolved): ifconfig syncpeer fails with IPv6 address
- When running CARP in an IPv6 only environment I get this error during bootup:
Apr 22 14:11:32 fw002-ac php: rc.boo... -
02:40 AM Bug #4592: FreeBSD 10.1-RELEASE-p6 signal handling problems with squid (FreeBSD bug 195802)
- I just wanted to bump this bug report: I tested with 2.2.2, and it still dumps core (as Chris mentioned above).
I'... -
- Good day! Tell me, is it possible to expand the functions of the package ,siproxd, so that he could translate the pro...
04/21/2015
-
11:01 PM Bug #3022: OpenVPN does not failover to the 2nd configured LDAP auth.server
- two years has passed.. any chances to have that fixed in near future?
-
- When you click on Services-DHCP Server the first tab to open is the WAN tab, where you're very unlikely to be serving...
-
01:09 PM pfSense Packages Feature #4581: Add dshield-sensor port to pfPorts
- Is there something more I need to do to get this processed?
-
- I have now tried to reproduce this on a pure FreeBSD 10.1 installation, but everything seems to be working correctly ...
04/20/2015
-
- there was still some work in progress there. The _12 version is available now.
-
06:53 PM pfSense Packages Bug #4160: First shutdown attempt of guest fails with open-vm-tools
- I note that you recently made some changes. Were these released in the _11 release of VMWare_Tools. However, after ...
-
10:43 PM pfSense Packages Bug #4567: ntopNG Geo files missing
- Still receiving the following GeoIP related errors...
On startup:
ntopng: [Geolocation.cpp:59] WARNING: Unable to... -
- duplicate of #4617
The nano images weren't updated as they're generally not affected (most enable the serial cons... -
04:17 PM Bug #4645: Very,very, slow boot and halt (not first time) - nanobsd
- Disable the serial port.
-
03:48 PM Bug #4645 (Duplicate): Very,very, slow boot and halt (not first time) - nanobsd
- I'm trying pfsense 2.2.2 in this hardware:
http://linitx.com/product/fabiatech-fx5625-intel-atom-18ghz-8-nic-firew... -
07:46 PM Feature #4646 (New): Recover valuable vertical screen real estate in dashboard
- Vertical screen real estate tends to be quite valuable.
The dashboard page uses about 1/2" at the top of the page ... -
- Errr... let me repeat this once again: this does the exact opposite of what's described in the GUI! When you enable t...
-
01:40 PM Bug #4640: "Disable Cisco Extensions" change toggles "Auto-exclude LAN address" setting
- Applied in changeset commit:868a62be4c27860aef9f3fd939beee5a6f26090a.
-
- Applied in changeset commit:75d072be3a10949ead88a82ecec51ae0e5490fbe.
-
- Merged pull request.
-
- Indeed confirmed. The GUI description is totally inverted to the actual behaviour. Stuff like noshuntlaninterfaces, n...
-
- I am totally confused. So I applied this, checked the checkbox and the bypasslan connection got deleted....
-
02:11 PM Feature #4644 (Resolved): Dyndns Loopia Wildcard
- Add wildcard support for Loopia dynamic dns.
My changes in /etc/inc/dyndns.class
case 'loopia':
$needsIP = TRU... -
- Applied in changeset commit:905e1156680129b3c49fe380b4e821f9eb02362a.
-
- Pull request merged.
-
- i have ordered another serial adapter so once i get that ill test that and report as well as i have few other alix bo...
-
- this is something specific to probably your serial console setup, maybe in combination with something to do with the ...
-
05:29 AM pfSense Packages Feature #4643 (Needs Patch): munin-node package?
- Hi again!
I extensively use munin-node to centrally monitor a bunch of pfsense devices, overall it runs fantastic!... -
- Hi again...
This is something i suffer consistently on my nanobsd installs since... don't remember, maybe from the... -
- Restoring a config that contains selected "Services -> DNS Forwarder -> Interfaces" which are "IPv6 Link-Local" doesn...
04/19/2015
-
- Actually the "Auto-exclude LAN address" setting is being displayed opposite to what is in the config. Every time you ...
-
- After updating from 2.2.1 to 2.2.2, in VPN -> IPsec -> Advanced Settings, the check-box setting for "Disable Cisco Ex...
-
- well u use a usb to serial adapter or the above setup, the result is the same, not to mention not many new PC have a ...
-
- Bipin Chandra wrote:
> actually i use like this as my PC doesnt have a serial port
> USB to TTL adapter -> TTL to R... -
- plus during pfsense boot it gives option to enter slice to boot from, that time using tera term not able to type 1 or...
-
- actually i use like this as my PC doesnt have a serial port
USB to TTL adapter -> TTL to RS232 (serial) adapter ->... -
- Huh? Powered? Never seen a externally powered null modem cable.
-
- i mean the serial cable needs to be removed then if i unplug power and replug or the schedule runs then it reboots fine
-
- still having issues in reboot, when serial console is attached and conencted then it reboots fine, when serial consol...
04/18/2015
-
- I think I found a bug in the NAT of the packet filter, but I am not sure. My
setup is as follows.
client (linux)
... -
02:36 PM pfSense Packages Bug #4638 (Resolved): not able to install or update open-vmware-tools package
- VMware Version 5.5 Update 2
VM Version 10
VMX Net3 nic's
Pfsense version 2.2.2 x64
When I click on update vm-... -
02:00 PM Bug #4637 (Closed): system unreachable after deleting VLAN
- Scenario:
pfSense x86_64 2.2.2-RELEASE
Two-interface system: igb0, igb1.
One LACP LAGG, includes both interf... -
- When I select something from the "Default Auto Update URLs" dropdown, the "Use an *unofficial* server for firmware up...
-
- In the OpenBGPd configuration, it would be very helpful if options could be declared at the group level as well as th...
-
- See #3227. Still broken when neighbours aren't part of a group.
-
- Yup. Works correctly if the neighbour is part of a group, otherwise the same breakage occurs.
-
- I'm guessing a similar fix needs to be applied around line 168. I'll try putting them all into groups and see what h...
-
- I don't know if I'm doing something wrong, but when I apply the fixed version of openbgpd.inc to a 2.2.2-RELEASE syst...
-
01:21 PM Bug #4617: boot_serial="YES" in loader.conf causes very slow boot on some hardware where serial console not enabled
- Still an issue with recent pfSense-2.2.2-RELEASE-4g-amd64-nanobsd-vga.img.gz, just downloaded and installed a few hou...
-
- On a new system, after creating a new CARP VIP, the CARP Status gadget for the dashboard shows "Disabled".
Turns out... -
- Frank Heydlauf wrote:
> this still seems to be open (at least for me) ... in all 3 cases the keys were not generated... -
11:40 AM Bug #4003: SSH host keys regenerated post-2.2 upgrade
- Hi folx,
this still seems to be open (at least for me)
Upgraded from 2.1.5-RELEASE to 2.2-rel to 2.2-rel to 2.2.1... -
- 2.1, 2.2, 2.2.1, 2.2.2 also affected.
Currently going through this major PITA process on a pair of firewalls that ar... -
08:17 AM Feature #4632 (New): Support for Multipath TCP (MPTCP)
- Hi,
i have read a lot of articles about MPTCP recently. So I wondered why the best router OS pfsense is not suppor... -
- seems fine for me, clear ur browser cache and retry
-
04:06 AM Bug #4238: Firewall rule: source port display issue
- Chris Buechler wrote:
> fixed
with the latest version i noted the issue is back and also is present in the destio... -
- ok, i reimaged the CF and now 115200 seems to work fine during slice selection, next thing to now test is the reboot ...
-
- 115200 works just fine here on many Alix boxes. Looks like you should just re-image the broken box.
-
- Applied in changeset commit:1d839e6da61e7ce8eca949111ab41e59744d5e1e.
-
- Applied in changeset commit:0608bd3c354ea76eb6df9ed9322e2ef8686f15e7.
-
01:50 AM Bug #1629: invalid state table entries after WAN IP change
- Just got hit by this issue again, in v2.2 on alix.
Are you able to confirm what release will finally kill this bug?
...
04/17/2015
-
- still crashing on reboot and when i login to check its actually stuck on reboot at the slice selection place.
rega... -
- this is fixed completely for 2.2.3, and fixed in the full update files for 2.2.2.
-
06:26 AM Bug #4622: /var/dhcpd/var/db/dhcpd6.leases grows to enormous size, cpu usage high
- I've got your point.
Turns out it was a rogue HP printer. I disabled IPv6 for it and voíla, /var/dhcpd/var/db/dhcpd6... -
01:56 AM Bug #4625: Expiring a voucher doesn't disconnect a user who is using that voucher
- Created a pull request https://github.com/pfsense/pfsense/pull/1617
-
01:05 AM Bug #4030: AR9227 cards cause kernic panic when switched to n-mode
- I have the same wireless chipset in my system, too. My pfsense was upgraded to the latest version 2.2.2 and the stabi...
04/16/2015
-
- or if it's trivially simple, just throw < pre > tags around it. It picked those up and used them as its indication of...
-
- It will be easy if you make the changes in the online GitHub and submit a pull request, then it is clear exactly what...
-
- Humm. posting html destroys my post.
I meant to write
echo "< pre>"; print_r($cpentry); echo "< /pre>";
/* remov... -
- The main issue still stands.
The result from
captiveportal_read_db("WHERE username = '{$voucher}'");
h2. is *an ar... -
- Applied in changeset commit:41ee55145341f5aa4be1ca16878285c551fa3d19.
-
- Applied in changeset commit:abaa7feb680dc6f6f9bc79577075c45b3786a061.
-
- https://forum.pfsense.org/index.php?topic=91435.0
According to https://github.com/pfsense/pfsense/blob/master/etc/... -
- there is a workaround for this, but I'll revisit the subject as a whole.
-
- filter_configure wasn't always called upon IPsec changes that required a filter reload. Ticket for tracking, associat...
-
- the upgrade didn't change anything in that regard, in that circumstance it just grows over time. What's the device th...
-
- Looks like it has got worse after upgrade to 2.2.2. leases file is now 43Mb.
-
03:56 PM Bug #4630: OpenVPN Client Limiting Download Speeds
- Also, If I disable the VPN and do a speed test through the ISP, it maxes out at 110 Mbps on pfSense 2.2 so it is look...
-
- Since upgrading from pfSense 2.1.5 all pfSense 2.2 versions have limited my clients VPN download speed to around 40 M...
-
- The floating rules can apply to multiple interfaces unlike the other tabs. Since the interface isn't shown you have ...
-
- This is missed patch from 8.3 diverttag.diff
-
- This should work as expected on newer versions.
-
- duplicate of #4503. this is not a priority for us in the foreseeable future, no need to keep bumping it.
-
- Hello dear, developers and managers of this very necessary and important project! You are doing great! I would like t...
-
- The System Tunables page for managing sysctl values is good, but we need a similar GUI to handle loader tunables that...
-
- Merged pull requests.
-
10:18 AM Bug #4596: NAT 1:1 vs VIP, limiters works on LAN, but on WAN breaks NAT
.. still persist in 2.2.2-
07:32 AM Feature #4626 (Resolved): Ability to set charon.make_before_break in strongswan.conf
- There is a new feature "make before break" in strongswan 5.3.0.
Its purpose is to prevent connectivity gaps from hap...
04/15/2015
-
- Thanks Testerr for the config. Pretty sure we know the cause of this, awaiting feedback on the forum thread.
-
- anyone who's seeing this, could you get me a config backup? Copy/paste via status.php is fine, which trims out certs,...
-
- not sure the cause of this, trying to track down more info.
https://forum.pfsense.org/index.php?topic=92415.0
-
05:59 PM Bug #4617: boot_serial="YES" in loader.conf causes very slow boot on some hardware where serial console not enabled
- After automatic upgrade from 2.2.1 to 2.2.2 I have the same problem.
-
10:08 AM Bug #4617: boot_serial="YES" in loader.conf causes very slow boot on some hardware where serial console not enabled
- I have made additional tests for explanation.
It's mine phone video of this incident.
http://dfiles.ru/files/pxrf... -
- same root cause as one or more of #4596, #4590 and similar
-
- probably just need to add firewall rules manually since the auto rules don't allow traffic to VIPs. PPTP is deprecate...
-
03:48 PM Bug #4624 (Closed): VPN PPTP via Virtual IPs
- Hi,
I do not know if that is a bug or not.
But if you try to use a PPTP VPN through a Virtual IPs the PPTP VPN not ... -
12:18 PM Bug #4623 (Resolved): Carp not working under bhyve
- It seems the carp implementation differs from the freebsd standard one, which cannot be used under bhyve.
On a fre... -
08:49 AM pfSense Packages Bug #3986: BandwidthD can break php-fpm in unknown rare edge case
- I confirm that I have bandwithd installed, but it *isn't* enabled!
My syslog is filled with these:... -
07:58 AM pfSense Packages Bug #4420: warning: bad command startup -- throttling
- I installed pcre package and the problem was solved! :)
'pkg install pcre'
I hope this helps! -
- Already reported a couple of times.
-
- Confirm !
I've just installed a new, clean PFSense 2.2.1.
- Add a single VIP (IP Alias)
- Define limiters up a... -
- This pfsense installation is configured with IPv6 tunnel (hurricane electric) and DHCP for ipv6.
The issue is that f... -
- This has been committed to master and RELENG_2_2 so it will come out in some 2.2.n release. Not sure that it quite ma...
-
03:48 AM Bug #4621 (Resolved): OpenVPN server does not bind to IPv6 CARP interface when configured from webgui.
- The generated OpenVPN server config is invalid when configured with using an IPv6 CARP interface.
See more informa...
04/14/2015
-
- There wasn't a ticket created for this, it's worth adding one. This fixed here: https://github.com/pfsense/pfsense/co...
-
- Thanks, it's been re-enabled (though this came through after 2.2.2-RELEASE was already completed and in testing, so n...
-
- fixed
-
- that's a post-2.2.2-RELEASE commit.
Ermal, the tunable is already there to begin with as well. -
- The previous two commits (34dced26 and 34dced26) have a typo that makes the tunable useless.
-
-
- before you upgrade is fine, and probably preferable so it's there on the first boot post-upgrade
-
03:41 AM Bug #4613: Interface not found
- I have add a new Intel w1392 between 2 test !
Thanks for help, I will try to modify loader.conf.local this week end.... -
03:27 AM Bug #4613: Interface not found
- Try setting 'hint.agp.0.disabled=1' in loader.conf.local.
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=196501
-
- I suspect that's the same as described here:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=196501
if you add... -
- pciconf shows 5 interfaces. Which one is successfully probed and attached?
bge0@pci0:3:1:0: class=0x020000 card=... -
- Firewall with 4 interfaces works in 2.1.5.
After update to 2.2, only 1 interface found but not not the 3 intel w1392... -
- having just gone through all the testing for 2.2.2-RELEASE, this most definitely is not a general problem.
need m... -
- Works just fine here. Please, use the forums before you have some specific confirmed issue. Total lack of information...
-
- Manual update of working configuration (in GUI-menu System:Firmware, Invoke pfSense Manual Upgrade) from version 2.2....
-
- This is not limited to FQDNs. When you have URL aliases that rely on local files that do not exist (such as restoring...
-
- NAT always overrides that where it matches. Browsers have a bad habit of caching the redirect, which is probably the ...
-
06:43 AM Bug #4616 (Not a Bug): Disable webConfigurator redirect rule bypass NAT rules
- System >Advanced > Admin Access > Disable webConfigurator redirect rule
When that param is unchecked, the NAT rul... -
- Sry, do not set AccessLog for squidclamav.conf.default
-
- /var/logs/c-icap/server.log and access.log aren't rotated and don't contain useful information.
It can be very lar... -
- There were error(s) loading the rules: /tmp/rules.debug:186: rule expands to no valid combination - The line in quest...
-
- Yes - and uninstalling squid resolves the problem as well. However, both "fast" and "slow" traffic were being proxie...
-
- An implementation of this feature is present at https://forum.pfsense.org/index.php?topic=90753.msg510914#msg510914
... -
01:22 AM pfSense Packages Bug #4612: syslog-ng creates logrotate cron job, but logrotate doesn't exist
- Here's what I ended up with after further investigation.
* this package expects logrotate to be installed, but it ... -
- I noticed my log files weren't rotating.
The syslog-ng package creates a cronjob "/usr/bin/nice -n20 /usr/local/sb...
04/13/2015
-
- crash provided in duplicate #4610 attached.
-
- Appears setting sysctl net.inet.ipsec.directdispatch to 0 (can be done under System>Advanced, System Tunables) fixes ...
-
- duplicate of #4537
-
03:07 PM Bug #4610 (Duplicate): IPsec crash on i386 when accessing system's IPs across VPN
- Hello There,
I was installed pfSense 2.2.1-RELEASE (i386) last weekend.
I have setup ipsec site-to-site vpn betwe... -
- you have transparent proxy enabled with squid?
-
- Details and screen shots are at https://forum.pfsense.org/index.php?topic=92214.0
Bug: Limiter blocks port 80 traf... -
02:14 PM pfSense Packages Bug #4609 (Duplicate): squidGuard & pfsense RAM disk compatible
- If enabled System: Advanced: Miscellaneous : RAM Disk, the squidGuard lost self blacklist DB from /var subfolder
I t... -
- If enabled System: Advanced: Miscellaneous : RAM Disk, the squidGuard lost self blacklist DB from /var subfolder
I t... -
12:54 PM Bug #4592: FreeBSD 10.1-RELEASE-p6 signal handling problems with squid (FreeBSD bug 195802)
- Chris Buechler wrote:
> I don't see where that got committed to RELENG_10_1 Renato, you sure that's in there?
You... -
- Yeah, we'll update this ticket then. If you could help confirm the issue fixed at that point, that'd be appreciated.
-
- Okay, great! Will you be referencing this bug in the changelog so I'll know when it goes into the 2.2.3 snapshots?
-
- yes, 2.2.2-RELEASE is already built. we can get that patch into 2.2.3 snapshots at some point after 2.2.2, probably w...
-
11:25 AM Bug #4607 (Resolved): Bridge+CARP crashes/freezes pfSense
- When using the following configuration:
* 1 physical ethernet port with VLANs;
* CARP with virtual address on one o... -
- Reopening this since it's still broken even on 2.2.2. Renato had a lead on a fix, which I confirmed worked, but Ermal...
-
10:48 AM Feature #4606 (Duplicate): PKI : CA signing external CSR
- I like the internal CA included with pfsense.
I would like to use it to also sign certificates for my servers.
I wo... -
09:25 AM Bug #4605 (Resolved): OpenVPN user/pass fails if usernames and/or passwords contain special characters (reopen bugs 4177 and 4340)
- The fix for bug 4177 (OpenVPN user/pass auth fails if passwords end on special characters.) doesn't completely resolv...
-
-
- I added pull request https://github.com/pfsense/pfsense/pull/1606
That just adds words to the GUI so users can know ... -
- I discovered this is already possible - just enter the domain to override multiple times in the DNS Resolver GUI with...
-
- Pull request has been merged
-
07:37 AM Bug #4545: dynDNS service 'selfhost' fails certificate validation
- Hi Chris,
in short term: *They fixed it*!
Long term explanation:
The provider Selfhost has used a "cross-roo... -
- Aleksei Aksenov wrote:
> There is a need to add support for NAT forwarding protocol H323.
> Ready to sponsor this d... -
- The attached PDF (NTP.pdf) shows the following:
- 2 time-server entries: time.apple.com and another pfSense box (i...
04/12/2015
-
- So, no chance for a patch until 2.2.3? I'd like to contribute on the squid package for pfSense, but we can't rely on...
-
- fixed
-
- I submitted a fix as PR # 1605.
-
- Package log files are reinitialized on each boot causing their contents to be lost.
-
04:04 AM Bug #4602 (Not a Bug): Captive Portal pfSense 2.2 not working as before when used with CARP
- I feel that there might be a bug in captive portal from pfSense 2.2 when used with CARP.
With pfSense 2.1.5, I had...
04/11/2015
-
- Seems to work find in 2.2 & 2.2.1.
-
- No matter what combination of interface(s) I have selected, syslog-ng is only binding to the last one on the list tha...
-
- It uninstalled and reinstalled this package and it is working now.
I believe it was fixed here https://redmine.pfsen... -
- Removed the addition to builder_scripts/conf/pfPorts/buildports.RELENG_2_2 since I believe that is only required for ...
-
- Since it still hasn't been processed I went ahead and made one cleanup change and moved the generated config file to ...
-
11:31 AM Bug #4529: Traffic Shaping Wizard - CBQ and PRIQ
- I can confirm that both CBQ and PRIQ are now working for me. Thanks for fixing.
-
- i have had this issue since long and the way i go around this is use a separate nic for every additional wan connecti...
04/10/2015
-
- this is better, though still the issue where the secondary may hit 100% CPU and hang in some circumstance. We'll revi...
-
- Please use the forum to ask questions:
https://forum.pfsense.org/index.php -
02:30 PM Feature #4599 (Closed): Traffic shaping - what is in each queue?
- Sorry, I am a newbie in traffic shaping.
Everything is configured, and is working fine.
Still, I have a lot of ... -
- I fixed a minor bug in the dependency declaration discovered using poudriere.
-
12:48 PM Feature #4598 (Closed): Multiple fibs/routing tables
- It seems straightforward to add options ROUTETABLES=16 to the kernel, but re-writing code to call setfibx for various...
-
- I've been playing with the new CARP implementation in 2.2.x The ability to float a single public CARP VIP on two node...
-
- Jonathan Gibert wrote:
> Is there any way to make multiple wan use the same IPv4 upstream gateway ?
No, beyond ha... -
10:00 AM Feature #228: Multi-WAN support with same gateway on multiple WANs
- I know I'm reviving an old ticket here, but I'm facing the same issue.
Is there any way to make multiple wan use t... -
06:53 AM Bug #4589: ue0 Interface Not Available During Console Interface Configuration
- Same results after changing the mode using the guide above.
The Pantech UML295 works fine when added through the ... -
- I use this configuration on PfSense 2.1.5 and works very well, on PfSense 2.2.1 limiters on WAN breaks NAT 1:1.
- ...
04/09/2015
-
05:38 PM Bug #4310: Limiters + HA results in hangs on secondary
- A bit more info. See this thread:
https://forum.pfsense.org/index.php?topic=92128.0
Turning off the limiters m... -
- should just need the mode switch for that to work.
http://pcdn2-download.vzw.com/win/UML295/UML295_IPPT_UserGuide-v... -
- When creating a bridge, it is possible to create multiple bridges which contain the same interface(s), which is inval...
-
- Pull request has been merged
-
- Pull request has been merged
-
- this is still an issue in some circumstances. To me to better quantify the circumstances where it's an issue.
-
- It's not very easily replicable if you just let dhclient sit there, but if you 'ifconfig em0 inet 0.0.0.0 netmask 255...
04/08/2015
-
- I don't see where that got committed to RELENG_10_1 Renato, you sure that's in there?
-
- 2.2.2 is going to p9, what will have the fix
-
- I've posted a short comment on the support forums, but here's the FreeBSD Bug Report: https://bugs.freebsd.org/bugzil...
-
- patch merged that helps here, pushing forward for additional review of this circumstance in general
-
- bytheway that state killing gateway failure is unticked
-
- yes but sip registration states still get created after i manually removed the existing states and even shutdown my s...
-
- When you force a gateway down, there might still be states that are functioning across that gateway - in this case th...
-
- i tried the patch, it works partially, first i have the rule to pass traffic to sip server through tunnel and next ru...
-
-
06:18 PM Bug #4594 (Resolved): Interface names can be too long for netstat to display in full
- Interface names can get too long for <notextile>netstat -rW</notextile> or for Diagnostics->Routes (in the GUI) to di...
-
- fixed, that restore is skipped now in this specific circumstance since it's unnecessary.
-
-
- Beat Siegenthaler wrote:
> mount
> /dev/ad4s1a on / (ufs, local)
> devfs on /dev (devfs, local)
> /dev/md0 on /va... -
- The USB device is a Verizon UML295, which is listed in the list of Known Working 4G Modems: https://doc.pfsense.org/i...
-
- Not a bug, see #4284
-
07:38 AM Bug #4593 (Rejected): No ARP-Entry for windows networkloadbalanced IPs
- We have two windows webservers in networkloadbalance in multicast-mode. Those two NICs have a same virtual MAC for th...
-
- i figured out the reason for the F1/F2 prompts not showing, pfsense was set to serial baud rate of 115200 and alix bi...
-
- its an alix with nanobsd, serial console works fine and has always worked fine so far for me, actually im using a usb...
-
- what hardware is it? Can't think of ever hearing of a system that wouldn't boot without a serial console connected. a...
-
- when im logged into serial console and at that time the cronjob runs then it reboots fine but when serial console is ...
-
03:09 AM pfSense Packages Bug #4567: ntopNG Geo files missing
- Still some problems. See this topic were I made some remarks:
https://forum.pfsense.org/index.php?topic=91909.0
M... -
- I haven't seen anything else but please understand that this is on a test bench not in production and I am not stress...
-
-
- this is probably the same root cause as one or more of #1575, #1848, #3096 (pretty sure there's at least some overlap...
04/07/2015
-
11:53 PM Feature #4591 (New): IPSec Failover Support for IP Addresses instead of Dynamic DNS / Failover Group
- Allow for IPSec failover IP instead of using a dynamic dns name. Most routers allow for this and it is an easier setu...
-
- In 2.2.1 Nat Reflection (Proxy or Pure) do not work if limiters are setup on the default lan -> any rule. As soon as ...
-
- Chris: that still working fine for you?
After running for a few hours, the secondary still hangs in one of our te... -
-
- general issue with something to do with that card, it doesn't get picked up as a NIC after a reboot.
https://forums... -
- Note: The ue0 interface was successfully setup through the webGUI and was passing traffic, after a system reboot the ...
-
- USB LTE Modems prompt the Console Interface Configuration wizard to run at the next system boot. During the configura...
-
- Kill Bill wrote:
>
> No idea how it got there?!
Guessing you put it there? Base code never touches shellcmd tag... -
- sounds like that might be enough to replicate, will give it a shot. The NTP issue is almost certainly #4155.
-
- the other thing is when booted ntp deamon is up and running but when i restarted openvpn, apinger starts but ntp daem...
-
- by the time its completely booted vpn is up and apinger dead even after 5mins but if i goto services and restart open...
-
- i didnt see any newwanip log messages but ill try that once more and let u know exactly.
once wan goes up, by the ti... -
- did it log for newwanip when the VPN connected? How long was it until it connected? Mostly curious if it had finished...
-
- vpn was working fine in those 8hrs after which i manually started monitoring
-
- well i rebooted the alix and waited like 8hrs but still monitoring didnt start.
no it isnt assigned as static, just ... -
- When the VPN does connect, it'll kick off rc.newwanip, which will setup gateway monitoring. If the ovpnc interface is...
-
- on the nanobsd alix, i have one wan and one vpn connection, my wan is stable so i have disabled monitoring on it but ...
-
- done
-
- according to this https://dev.openwrt.org/ticket/17058
"The error messages are caused by the missing IPv6 kernel mo... -
- that's an issue in miniupnpd, should be reported to them. If you search on that log, it happens on Linux to a number ...
-
- on the alix nanobsd using miniupnpd, when its rebooted a whole bunch of errors or just log gets outputted on the seri...
04/06/2015
-
- works
-
03:37 AM Feature #4359: IPsec controlling uniqueid value
- Hi,
Oops, just noticed that this has hopefully fixed with this PR: https://github.com/pfsense/pfsense/pull/1593.
... -
- Hi,
There appears to be a bug with pfSense 2.2.1. Following on from the initial topic:
https://forum.pfsense.or... -
- the behavior is back to where it was in 2.1.5 and previous versions, excluding source LAN subnet, destination LAN IP.
-
- Merged.
-
- Looks good here. Not stressing it but enabling/disabling limiters on the cluster works, the limiters are doing what ...
-
- Given the current state of apinger, it is certainly not worth it to try to enhance the existing apinger compiled code...
-
- Hmm... so I discovered this in config.xml:...
-
- Chris Buechler wrote:
> still not seeing any way that sleep can hold up anything. Do you have specific steps to repl...
04/05/2015
-
07:05 PM Bug #4585 (Resolved): IPsec widget does not show logged in 'Mobile Users'
- IPsec widget does not show logged in 'Mobile Users'
The number stays '0' even when users are currently connected a... -
- I've submitted PR #847 to add the package once these changes have been made to pfPorts.
-
- Forum: https://forum.pfsense.org/index.php?topic=91391.msg508422#msg508422
Setup with LAN1 and LAN2 - 2 interfaces w... -
- It really should not patch core OS files at all, let alone in a way that breaks things.
https://forum.pfsense.org/... -
- i believe this issue still persists as of 2.2.1 alix nanobsd when u have aliases with both ip and fqdn in more than o...
04/04/2015
-
- Adam Esslinger wrote:
> This appears to be a bug related to the drivers for the AR9350 WiFi Card. Once I removed it ... -
05:47 PM Bug #4392: OpenVPN daemon crashing with ath(4) card installed
- This appears to be a bug related to the drivers for the AR9350 WiFi Card. Once I removed it from my system these issu...
-
- Need to sync up the net80211 and ath code with latest from -CURRENT.
-
- fixed, thanks for the report.
-
- More specifically Im using HE.NET for IPv6 and DynDNS for Dynamic DNS. It would be nice for the dynamic DNS client to...
-
- I already have the package done. I'm just waiting for the port to be added before I submit the pfsense-packages PR.
-
- With the perl dependency it'll have to be a package, but we can get it added to ports and get a package built. It'll ...
04/03/2015
-
- I have developed a new package that processes the filter.log and submits reports to dshield.org. It includes a pfSen...
-
- fixed
-
- should be fixed
-
05:06 PM Bug #4579: Upgrade from 2.1.5 to 2.2.1 stuck
- What a shame i didn't see the "Reinstall all packages" button in Diagnostics > Backup & Restore
Anyway, reinstalli... -
- None of my packages got reinstalled.
So every package i try to configure ends with something like this in the UI:
F... -
- Well, finally, after 15 hours, the pfSense rebooted and is up and ready !!!
-
- Hello,
This night i launched the upgrade from my production pfSense 2.1.5 to 2.2.2 x64.
The upgrade is running si... -
- associated commits for this since the ticket # was typoed:
https://redmine.pfsense.org/projects/pfsense/repository/... -
-
-
- The fix "Use proper variable to do calculations" is actually the fix for #4529 - bit confusing there with the numbers...
-
- Applied in changeset commit:ebb9469d4e7ccb1986a4c17f1cdb44caf6bb6ad8.
-
- Applied in changeset commit:9bbc482102d7a0a562a4368e9034e499651ac2e6.
-
- Which specific attribute?
It does have the EKU bits listed on there. Pay attention to the requirements in our docs... -
- I ran into this problem: http://tiebing.blogspot.ca/2012/05/windows-7-ikev2-error-13806.html?m=1
Also documented her... -
- I pushed the messages under debug misc level and also another change to fix the root cause for it.
-
- I put a fix for this though more testing is needed.
-
- Applied in changeset commit:491c76c802097a50c26f36600325a7b2fc5607df.
-
- Applied in changeset commit:755b75c79f399e364d8afe22f1e8fa8d12644691.
-
- Applied in changeset commit:b8eeddeb2f51db206f15e16732e79758d140ca5b.
-
- Applied in changeset commit:9b7ca37d12d5e15026af946643f28517f731360d.
-
- Applied in changeset commit:0887e836c45242e5afb8840acf2de9262f65d27c.
-
- Applied in changeset commit:534753890c74d7ce1188fe9a7b6f5f1b153f802d.
-
-
01:04 PM Feature #4322: Add Google Domains DDNS
- https://forum.pfsense.org/index.php?topic=86900.0 explains exactly how to do it as well.
I second that it would be... -
- Applied in changeset commit:a9d7f2034af6a28287ef85682a2fa1b6c8e0d05b.
-
- Actually there was already a script to do that but it was being called by the wrong name.
Try running /usr/pbi/nto... -
-
- Fixed, thanks.
-
- I disabled validation for selfhost since they still have a chain problem that openssl rejects. If/when they fix that,...
-
- still an issue with strongswan 5.3.0. I opened a bug ticket: https://wiki.strongswan.org/issues/921
-
- i think im suffering from the issue mentioned here https://redmine.pfsense.org/issues/4296#change-17784 as i have the...
-
- the last 2 patches for this would solve marked down gateway to be skipped or passed to default gateway but the other ...
-
- ill get u details shortly
04/02/2015
-
- fixed, thanks
-
08:13 AM Bug #4572 (Resolved): dhcrely ipv6 uses invalid network name
- Hi,
i tried to setup dhcrelay für IPV6, but it didn't start.
The dhcp server in my case is outside the WAN inte... -
- It was omitting the 0 because that if check was wrong for values of 0. fixed, along with the same issue where alias n...
-
- ...
-
-
- upstream issue with checksum offloading, work around discussed here:
https://forum.pfsense.org/index.php?topic=88467... -
09:03 AM Bug #4574 (Rejected): pfsense 2.2.x on Citrix XenServer
- Greatings!
We discoverd a problem with pfsense 2.2.x.
We are using Citrix XenServer (V6.2-6.5) in our own company ... -
04:16 PM Bug #4345: Traffic Shaping doesn't work with Xen netfront driver
- Please, can somebody build an unofficial release (2.2.1+) without netfront. I don't have time to create a build envir...
-
- going to need more than this, it's certainly not as simple as a cron reboot crashes something.
-
- i have cron installed on all my firewall installs with an entry "/etc/rc.reboot" and scheduled to reboot firewall eve...
-
- Create a tool like freebsd-update to update base system components OR use pkg for base system
-
- This is still a problem. Some cases still work but with TONS of console/log spam about pfsync_undefer_state rendering...
-
- Convert upgrade code to use pkg
-
- Our current packages details are available on xml data from pfSense-packages repo.
Write a tool to read all these ... -
- xmlrpc will be dropped, replace code that list, install and update packages to use pkg.
Packages will have a prefi... -
- OK, great. I didn't have time to dig into all that yet. Looks promising. That script would need to be a bit more robu...
-
- link to thread
https://forum.pfsense.org/index.php?topic=91392.0 -
- below are the screenshots of the openvpn tunnel being up, firewall rules on lan tab to send traffic out of tunnel and...
-
- Duplicate of #4504
-
03:46 AM Bug #4570 (Rejected): 2.2.1 Omits SPD entries for LAN traffic with Supernet IPSEC tunnel
- Under 2.1.5 creating an IPSEC tunnel with a supernet/subnet arrangement produces SPD rules like this:
$ setkey -DP...
04/01/2015
-
04:26 PM Bug #4531: RRD data restored in edge case where it shouldn't be, causing gap in graph
- Did some investigation:
rc.shutdown does not match condition for my system.
PLATFORM cat /etc/platform
pfSense... -
- Perhaps they stopped distributing the files because they have introduced a new database format and don't want to doub...
-
- Hmmm, the "lite" data files are CC BY-SA 3.0 so there should be no problem with distributing those as long as you cre...
-
- Last July the GeoIP distribution stopped including the data files, they must be manually fetched and put in place. I ...
-
12:58 PM Bug #1221: igb driver mbuf allocation problems on multicore machines aka Could not setup receive structures
- Why can't this be addressed in pfSense?
-
- if you need to reinstall something purchased from us, you need to get in touch with us to get the proper image to rei...
-
- The same problem occurs even when purchased from pfStore Store. A clean (re)install of pfSense is unreachable.
I d... -
- you need to follow the guidance here:
https://doc.pfsense.org/index.php/Tuning_and_Troubleshooting_Network_Cards
... -
- This is not resolved!
A fresh install of latest pfSense 2.2.1 (FreeBSD 10.1) on hardware with 8 CPU cores, 8 GB RA... -
- The current system_set_harddisk_standby() function in source:etc/inc/system.inc#L2049 uses invalid sysctl values and ...
-
08:34 AM Bug #4568: mlppp settings lost after save on interface page
- May be the same as #4378
-
- Everytime I click save on the interface page, the second Gateway-Address for the corresponding l2tp interface are los...
-
- The code after my change 1594 effectively removes the force_down gateway from the list, just like other gateways are ...
-
- ill try the other patch but i gues the skip rules isnt working as well because for voip to work i need to send it thr...
-
- Sorry for my English! I think I need to perform a test of the software!
-
- Thank you for your attention! I think you need to perform a test of the software! Maybe everything will work! How to ...
-
- Not on firewall, no. Though it implements features that can be make the *H.323 apps using h323plus* more tolerant of ...
-
- If I understand you correctly, the port does not add to the possibility of forwarding protocol h323 through NAT?
How... -
- Huh? Why would you install it on pfSense? These libraries will do absolutely nothing useful on your firewall.
-
- Hi All! Ports found to solve this problem, it is best suited h323plus-1.26.5_2 .
http://www.freebsd.org/cgi/ports.c... -
12:33 AM pfSense Packages Bug #4553: BIND IPv6 Reverse Zone problem
- Created a pull-request to commit this fix. And probably this fix will be included in next update of BIND package.
ht...
03/31/2015
-
- The ntopNG package does not install the necessary GeoIP files. Form syslog:
Mar 31 20:51:26 ntopng: [Geolocation.c... -
- Thanks, that explains it.
In the base OS of 2.1.x and earlier versions, the system ignored traffic destined to mu... -
- that just omits the route-to when the gateway is disabled, the "skip rules" option skips the rule entirely. that'll n...
-
- Should be fixed by https://github.com/pfsense/pfsense/pull/1594
There did not seem to be any code to handle the mark... -
- i have a openvpn client tunnel setup and i use it for voip as my isp blocks voip and that works fine, i was recently ...
-
- Merged thx.
-
10:03 AM Feature #4359: IPsec controlling uniqueid value
- This pull request https://github.com/pfsense/pfsense/pull/1593 should fix the issue
-
- I found a workaround.
Here is the fixed files for BIND 9.9.6P1_3 pkg v 0.3.6
Just replace the content of original...
03/30/2015
-
- .0 is a valid, usable IP in that circumstance. The code there will set the address range to the network address for t...
-
- manual outbound NAT is user-configured and never updated by the system. Automatic outbound NAT would update itself. M...
-
09:05 AM Bug #4563 (Rejected): Bug when repurposing a firewall to new location
- I took a Firewall from one customer and moved it to another and when I did so some of the rules did not change for th...
-
12:52 PM Bug #4565: Previously working IPsec broken by upgrading to 2.2.1
- Confirmed this was the cause - resolved by setting the DH group for phase2 on both ends.
Thanks! -
- Your end shows it has a pfs group set in Phase 2. Check the mobile clients tab, ensure pfs isn't set there as that ta...
-
- I previously had a site-to-site VPN up and working between two sites when one endpoint was 2.2 and the other was 2.1....
-
- If the following events happen, invalid rules may be generated:
* DHCP WAN has link but the interface cannot obtain ...
03/29/2015
-
04:22 PM Bug #3656: "LAN network" in v6 rules doesn't work when assigning link-local address to LAN
- This also affects rules with "LAN Interface" not just "LAN Subnet" as source/destination. In order for the rules with...
-
- New pull request: https://github.com/pfsense/pfsense/pull/1590
03/28/2015
-
- Attaching dhcp6 patch that enables it to log to syslog when daemonized. Upstream ticket: https://bugs.freebsd.org/bug...
-
- It will be easy if your go to https://github.com/pfsense/pfsense-packages
Find the file, click the pencil tool to ed... -
03:00 PM pfSense Packages Bug #4561: siproxd listening port redirect rule pulling wrong tag from <siproxdsettings> (config.xml)
- I have confirmed that changing Line 83 to:
$port = ($siproxd_conf['port'] ? $siproxd_conf['port'] : 5060);
corr... -
- I use siproxd a little differently than most. I set its listen port to 5070 and have all my SIP devices set to UDP on...
-
10:33 PM Bug #4562: PPPoe Server
- using latest version 64bit
-
- setting PPPoe server config for LAN
using built in user database
when changing remote address range to 172.168.60.1... -
11:54 AM pfSense Packages Bug #4560 (Resolved): apcupsd is missing support for SMTP TLS email and uses old check for SSL setting
- apcupsd_mail.php has the following code for the SMTP SSL setting...
-
02:41 AM Bug #4559: Sync States causes sessions to NOT be NATed with multicast mac
- Hmm, I found the cause of the problem. The multicast traffic is being flooded to the network and the secondary pfsen...
-
- To the NLB IP:...
-
- There's no problem with wildcard certs (if they're for the correct domain, of course).
2.2 enabled SSL certificat...
03/27/2015
-
-
- Tested, changes are working as expected.
Strangely for the change to show up package must be removed/installed rat... -
02:40 PM
pfSense Packages
Bug #4337 (Feedback): Multiple radiusd instances are launched upon WAN interface change
- Applied in changeset commit:00561b63b7171dafe5906abf17cb413e647cdecc.
-
- those who use these options are using raw config currently. It's maintained, just hasn't gotten many if any feature a...
-
06:40 PM pfSense Packages Feature #2825: OpenBGPd: Add options prepend-neighbor and prepend-self
- Two years since the ticket was open, these config options are both still missing from the GUI. Is this package no lo...
-
- you sure it's specific to multicast MACs? Not sure how that would affect it. It sounds like what's happening is the s...
-
- I am using Microsoft NLB for OWA. It uses a multicast MAC address for the cluster, which is fine as long as sync sta...
-
- ...
-
- Essentially the same issue as Bug #3074 but for IPv4 (blocked by default deny rule IPv4). Contrary to https://forum.p...
03/26/2015
-
04:57 PM pfSense Packages Feature #4368: [Unbound] Allow customized root.hints
- According to the unbound documentation at https://www.unbound.net/documentation/unbound.conf.html...
-
04:18 PM Bug #4557 (Closed): WebGui Error - Menu Help is displaced to below the menu System
- This is a duplicate of this ticket: https://redmine.pfsense.org/issues/3842
-
03:57 PM Bug #4557 (Duplicate): WebGui Error - Menu Help is displaced to below the menu System
- After updating the pfSense 2.1-RC0 to 2.1.5-Release the menu *Help* is displaced to below the menu *System*.
O.S: ... -
03:05 PM pfSense Packages Bug #4554: BIND package: Problem generating zones
- Finally got my configuration working.
Tips & gotchas...
1. You must first create a View and select that in your... -
08:49 AM pfSense Packages Feature #4548: syslog-ng interface doesn't allow rule ordering
- After a bit more research, I would now suggest simply changing the name of the default rules (i.e. "_DEFAULT) to "zDE...
-
05:11 AM pfSense Packages Bug #4420: warning: bad command startup -- throttling
- This should be updated to Version 2.2.x
and the package should either be removed from the packages list are marked a... -
04:56 AM pfSense Packages Bug #3986: BandwidthD can break php-fpm in unknown rare edge case
- I 'm having the same issues with bandwithd and would like to help to solve this.
Running release 2.2.1
# Instal... -
- News:
Here is a short summary of the answers from the provider:
Host carol.selfhost.de is the update host of pr...
03/25/2015
-
- In v2.1.5 pfSense_getall_interface_addresses('em0') returns:...
-
- I'm using pfSense 2.2.1-RELEASE with the dns-server package 1.05_20-amd64.
I've tried starting the services, both ... -
- I'm using pfSense 2.2.1-RELEASE with the bind package 9.9.6P1_3-amd64.
I created a zone but there's no trace of an... -
- thanks
-
05:23 AM Bug #4310: Limiters + HA results in hangs on secondary
- We are seeing a number of reports that this is still an issue in 2.2.1. At least one customer ticket and also: https:...
-
- There is a problem with IPv6 Reverse zones in all bind and pfsense versions.
BIND can not reverse resolve IPv6 addre...
Also available in: Atom