Activity
From 06/03/2015 to 07/02/2015
07/02/2015
-
11:39 PM Bug #4811: keyid identifiers not working
- The likely cause for this is the mishandling of the identity type prefixes, as reported on bug "4792":https://redmine...
- 08:12 PM Revision 49683954: sync up vpn.inc with master. Mostly white space and style changes
- 07:46 PM Revision 255075c9: sync up ipsec.inc with master. Mostly whitespace and style changes.
-
11:44 AM pfSense Packages Bug #4812 (Duplicate): Layer7 Filter
- duplicate of #4309
-
11:43 AM pfSense Packages Bug #4812 (Duplicate): Layer7 Filter
- internet stops working after creating layer 7 filter then adding it into firewall rule.
i followed this link - (http... -
- my internet stops working after creating layer 7 filter then adding it into firewall rule.
i followed this link - (h... -
08:19 AM Todo #4672: Update igmpproxy to latest version
- Yes, I have used this steps from forum (credit Andrew)
But I did pkg stuff on another pfsense and extracted only bin... -
06:53 AM Bug #4746: captive portal allowed hostnames not loaded into table at boot time
- Yes, the 2.2.3 New Features and Changes page says that this is fixed in 2.2.3, but here in Redmine it says target 2.3...
-
03:15 AM Bug #4746: captive portal allowed hostnames not loaded into table at boot time
- As stated in version 2.2.3 changelog, this bug has to be resolved but now, it doesn't work also if you add FQDN in th...
-
05:50 AM Bug #4794: Handling of ASN1.DN values for RSA IPsec during upgrades from previous versions
- As I've recently explained on an "Ubuntu bug report related to pfSense":https://bugs.launchpad.net/ubuntu/+source/str...
-
02:31 AM Bug #4596: NAT 1:1 vs VIP, limiters works on LAN, but on WAN breaks NAT
- Tested now.
I confirm the problem on 2.2.3, limiters works well on LAN, but if I enable on WAN breaks 1:1 NAT. - 12:23 AM Revision e9b65f25: fix part of keyid problem. Ticket #4811
07/01/2015
- 09:03 PM Revision 4af5c0c8: Remove unnecessary deletion of rc.conf. Add an empty rc.conf with a note
- so people don't think they should be using it.
-
08:10 PM Revision bc5c2e54: Improve handling of port ranges in relayd, fixes #4810
-
- 08:03 PM Revision 71ffb7bb: Merge branch 'RELENG_2_2' of git.pfmechanics.com:pfsense/pfsense into RELENG_2_2
- 08:01 PM Revision 9924ebd4: Remove the unnecessary deletion of rc.conf. Add an empty rc.conf with a
- note so people don't think they should be using it.
-
- keyid identifiers in IPsec stopped working from 2.2.2 -> 2.2.3.
-
05:33 PM Revision 45521d7c: Remove $array_keys references and use $pkg_info. Spotted-by: phil-davis
-
-
-
-
-
-
-
- Applied in changeset commit:bc5c2e542c7a89ae59f079540ee6fc8f4183b9aa.
-
- Applied in changeset commit:9195a8378002ed41b459eb8c53a208f5fc6f8d4c.
-
- relayd supports port ranges in the listen directive but the forward directive should only have the first port. Also, ...
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- This does not appear to be specific to NanoBSD or even sync on the filesystem.
I can replicate this by causing a p... -
02:15 PM Bug #4809 (Resolved): Dashboard - Hardware crypto (aesni) display cut off with Netgate ADI Board
- If aesni is available and enabled, the Dashboard displays a cut off Hardware crypto line
Hardware crypto <AES-CBC
... -
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- Tomas: what are you changing the binary to, just the one from stock FreeBSD ports?
-
- I support this idea, because it is not difficult to implement and solves many problem.
Currently Im changing binary... - 08:30 AM Revision e2451989: Only process Traffic Graph object if it is open
- Reduces useless CPU use on the pfSense box when the dashboard is
displayed with the Traffic Graphs widget. -
06:09 AM Bug #4808 (Closed): Unbound segfaults
- On one of my pfSense boxes I've seen Unbound segfault a couple of times. Since pfSense doesn't seem to monitor Unboun...
-
- I just hit this issue as well, disabling AES-NI did the trick. It's a bit unfortunate that the release notes/blog pos...
-
04:22 AM Bug #4806: Mobile IPSec Broken on iOS devices after 2.2.3 Upgrade from 2.2.2
- Chris Buechler wrote:
> this diff will fix iOS.
>
> [... @@ -613,7 +613,7 @@ EOD; ...]
>
I saw this issue bef... -
- this diff will fix iOS. ...
-
- Yeah, sorry this is typo, correct one is:
IP_Alias_10 IP_Alias_5, IP_Alias_2, IP_Alias_1, IP_Alias_3, IP_Alias_4 -
01:15 AM Bug #4804: PPPoE Restart won't update IPv6 routing table with gif
- Chris Buechler wrote:
> what type of v6 connectivity do you have? Looks like a HE.net or similar tunnel?
Connectit... -
- adding ticket for tracking, already-fixed issue here:
https://github.com/pfsense/pfsense/commit/342f509028bc675c811...
06/30/2015
-
10:22 PM Bug #4463: Fix the NTPD Access Restrictions / and other NTPD related issues, including GPS
- Anything I can do to help move this along? Do I need to clarify anything?
-
- this ticket is specific to vpnc and only vpnc. iOS PSK issues in 2.2.3 is #4806
-
04:11 AM Bug #4784: IPsec mobile fails with VPNC and "Network List" after 2.2.x upgrade
- Hi,
Attached are the screenshots of the VPN configuration for this, along with a log file of the connection attemp... -
- Hi,
I can confirm that this issue is still affecting me - with the disable AES-NI workaround enabled. My iOS clien... -
- fixing some mobile IPsec scenarios broke iOS PSKs, I'm already looking into it.
-
- Since others are posting to [[https://redmine.pfsense.org/issues/4784]]. I figured it's worth opening a new ticket in...
-
- @Tomas - your description of IP_Alias_10 includes IP_Alias_6
But IP_Alias_6 is not mentioned anywhere else.
Is ther... -
- And IP_Alias_10 contains only IP address from IP_Alias_5
-
- For better replication this is what happening:
IP_Alias_10 IP_Alias_6, IP_Alias_2, IP_Alias_1, IP_Alias_3, IP_Alias... -
- Hi, despite of fact that this issue was resolved (https://redmine.pfsense.org/issues/4296), I have problem, that in A...
-
-
03:26 PM Bug #4790: Established IPSec Tunnel refused transporting further traffic out of sudden.. it than refuses any rule based traffic to anywhere!
- Hi Chris,
I know, that's why I did - before I opened this bug - at least tried it for two days without Snort... in... -
- That definitely sounds like you have a Snort signature set enabled that's too touchy, and it blocked the remote endpo...
-
- Thank you for your Update and Feedback, I found meanwhile that https://forum.pfsense.org/index.php?topic=78151.15 did...
-
- what type of v6 connectivity do you have? Looks like a HE.net or similar tunnel?
Did this work at any previous po... -
- Hello,
after rebooting pfSense 2.2.3 ... -
- given some period of time, it also goes nuts and starts logging like mad, to the extent its logging generates over 6 ...
-
- Opening this back up. Though pfflowd does not complain about the pfsync version, it does not produce any data.
-
-
04:43 AM pfSense Packages Bug #4799: Emulex OCE11102-NT & PFSENSE 2.2.2 & VLAN TAG
- Thank you for your quick answer.
I tested this morning opnsense (the fork from pfsense and based on FreeBSD 10.1)... -
02:33 AM Bug #4803: config.xml is empty if power loss or panic happens shortly after config write
- dem co wrote:
> 3 minutes+ waiting time when running conf_mount_ro() on CF card).
That's due to removal of this p... -
01:48 AM Bug #4803 (Resolved): config.xml is empty if power loss or panic happens shortly after config write
- When running ver 2.2.3 nanobsd with filesystem kept permanently read-write enabled (due to 3 minutes+ waiting time wh...
06/29/2015
-
- I apologize, my issue was not actually with IPsec logging. Syslog was not working at all, even across reboots, on two...
-
- where is it not working, what's blank? It works fine in general.
- 05:30 PM Revision bdfce2a4: Merge branch 'RELENG_2_2' of git.pfmechanics.com:pfsense/pfsense into RELENG_2_2
-
02:54 PM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic
- Ermal Luçi wrote:
> This seems affecting only NAT with limiters.
> It should be handled properly now in 2.2.3 i wil... -
02:19 PM Bug #3096: Limiters problem using Multi WAN
- Any news about when this bug will be dealt with ? I don't see it in the roadmap.
-
- duplicate #4661
-
01:52 PM Bug #4802 (Duplicate): OpenVPN Client wont start after reboot, when set to a Gateway Group specifing a VIP
- An OpenVPN Client won't start after reboot of the primary node, when set to a Gateway Group specifing a VIP.
-
-
- Spoke too soon, I went back and tried it on the original hardware that was used to replicate the problem and it still...
-
- Apparently so. Moving the sleep down below the other line allows it to function. Occasionally drops an error on the c...
-
- guessing this is probably all 2.2.x versions.
Does the workaround in #4740 also work around this? -
- I'm guessing the IPsec service is one you've restarted in the process? There should be nothing rebooting does that re...
-
12:40 PM Bug #4801: IPSec multiple Phase 2 single-phase 1
- Chris Buechler wrote:
> no indications of a bug here. If IKEv2, and a Cisco ASA on the other side, that's #4704 (whi... -
- no indications of a bug here. If IKEv2, and a Cisco ASA on the other side, that's #4704 (which is a Cisco problem ult...
-
- I can not connect multiple Phase 2 single-phase 1.
I have an IPSec VPN with a business partner, but I need to have... -
-
- I don't see this being something we integrate into the user manager, given those with these requirements often have o...
-
-
-
- Thanks Phil. I'll confirm when time permits
-
-
- Superseded by #4801 that has description in english.
-
- Não consigo conectar múltiplas fase 2 com uma fase 1.
Possuo uma vpn IPSec com uma empresa parceira, porém necessi... -
- Customers are still reporting panics on 2.2.3 with all of the fixes thus far applied. Crash dump looks virtually iden...
-
- We can't call this a bug since that isn't a driver we include or have any capability to test. It appears you copied t...
-
- Hello,
I bought a 10Gbe Emulex OCE11102-NT. The network card works fine on FreeBSD 10.1. I tried to configured som... -
- The code was already there with 2.1.x and the unbound *package*. https://github.com/pfsense/pfsense-packages/blob/mas...
06/28/2015
-
- There have been a few times on the forum when people need to be told to put in their Host or Domain Overrides again w...
-
- Fixed by commit to master:
https://github.com/pfsense/pfsense/commit/90ad3a76edae543bcc63252b14660ac4baee291e -
- When the services_dhcp page is shown the contents of advanced settings are not shown to the user - the user has to cl...
-
- The commit to 2.2 branch was:
https://github.com/pfsense/pfsense/commit/dc6695c3f41f65dd3232e311e589bad217bb4c10
Th... -
- Done by commits:
https://github.com/pfsense/pfsense/commit/a7a064f4e523cc94d8570075e8b3b9a9220da3a3
https://github.... -
- Done by commits:
https://github.com/pfsense/pfsense/commit/3d0391f1d843a04ae1072440c8e38bbf392cb4c6
https://github.... -
12:30 AM Feature #4796 (New): Support Multiple FIBs in pfSense
- The current default pfSense kernel is not built with multiple FIB support. Multiple FIB support has been in FreeBSD ...
06/27/2015
-
- The IPsec logs stay blank even when setting all options to "highest".
I believe this is an issue on how the syslog... -
- The certificate CNs are interpreted differently by raccoon and strongSwan, for example:
+raccoon:+
C=US, ST=Whate... -
- I stumbled upon this today.
If you omit the identity prefix altogether, strongSwan will guess and convert the data... -
- Cullen Trey wrote:
> Or just throw away the asn1dn identifier...?
Sounds like a plan. Completely craptastic desig... -
- Okay, understood why it is not possible to specify:
leftid = asn1dn:C=CH/ST=Aargau/L=Baden/O=TechFreak/emailAddres... -
- This is a bug #4275 reintroduced in 2.2.3:
Upon upgrade of 2.2.2 to 2.2.3 strongswan did not start and quit with ... - 01:45 PM Revision 08d1762e: Implement ->toggle(selector, 'disable') + handle adv. globally
- handle advanced globally; when an input has .advanced class, it will
automatically be hidden and a button to show all... - 01:09 PM Revision 9801e938: head - specify utf-8 charset
- 10:55 AM Revision ea5665c7: firewall_rules; implement sortable for ordering rules
- also; remove 'delete selected' and ID column until we know if its
useful; allows buttons and most rules on single li... -
06:45 AM pfSense Packages Bug #4793: squidguard crashes squid when enabled
- Shared object "libldap-2.4.so.2" not found, required by "squidGuard"
2015/06/27 11:42:01 kid1| Starting Squid Cache ... -
- Jun 27 11:36:36 php-fpm[55499]: /pkg_edit.php: The command '/usr/pbi/squid-i386/sbin/squid -k reconfigure -f /usr/pb...
-
- on 2.2.3 squid3 works fine but as soon as u enable squidguard then squid constantly crashes with messages as redirect...
-
05:57 AM Bug #807: Cannot set the keymap to anything other then the default
- Hi,
I observed the same thing on the 2.2.3 fresh install -
- In the installer, it was possible to choose something else instead default. In the 2.2.3 no more keymap are availabl...
-
- Hello,
even worse, if a OpenVPN client in 2.2.3 is set to a GWGroup specifying VIPs, first it is working. Meening ...
06/26/2015
-
05:47 PM Bug #4791: AES-NI on 2.2.3-RELEASE broken with non AES-GCM modes
- Not sure if it's needed but I can confirm that Disabling AESNI works.
-
- Patch that broke it (ipsec_aescbc_aesni.diff) was reverted. Should be fine on 2.2.4 snapshots
-
- Looks like it's related to the AESNI module now attempting to process all AES rather than only AES-GCM. It works fine...
-
- Hi,
Numerous reports are coming in of IPSec not working correctly with the 2.2.3-RELEASE. Multiple failures on sit... -
02:55 PM Bug #4784: IPsec mobile fails with VPNC and "Network List" after 2.2.x upgrade
- Jim P wrote:
> Your issue is likely #4791 and not related to this ticket.
Thanks Jim,
That was my first though... -
- Edward Roper wrote:
> I'm also having this issue. Please let me know if there is any specific information I can prov... -
- I'm also having this issue. Please let me know if there is any specific information I can provide to assist. Everythi...
-
-
-
- Additionnaly I tried to follow this : https://forum.pfsense.org/index.php?topic=52145.msg279761#msg279761
No keymaps... -
- Hi,
I've just installed the 2.2.3 an it still not working -
- https://wiki.strongswan.org/issues/993
- 10:55 AM Revision f3ec49e1: Only process Traffic Graph object if it is open
- The Traffic Graphs widget puts a graph object for every interface into
the HTML of the widget. Underneath the graph o... -
- *Scenario*
* *In General*
* Everything is IPv4 by now
* *Local office* network which is running PFSense in Hyp... -
- This may be a non-issue in 2.3, the whole GUI is getting a Bootstrap facelift (https://blog.pfsense.org/?p=1773)
-
01:27 AM Feature #4789 (Resolved): user interface / text fields are too short to display long alias names
- We use a lot of aliases, which are sometimes very long and we face the problem that in the standard template "pfsense...
-
- The builder has code to make 8 and 16GB images, but we don't generate them ourselves. We do not recommend using NanoB...
-
03:22 AM Bug #3330: Load Balancer showing wrong Status when using aliases for the port
- Just to bump, this is still the case in 2.2.3. If Daniel Onisoru's ports alias issue above hasn't been made into an i...
06/25/2015
-
09:24 PM Feature #4788 (Rejected): Can 8g or larger nanobsd images be made?
- I am loading a number of ISO images and files onto \tftpboot for use with the TFTP package and pxelinux but find the ...
-
06:33 PM Feature #4787: Time restrictions on Users, for Captive Portal auth
- Confirmed this works as expected. Radius server is relatively complex to set up, I will do a tutorial on it.
-
-
-
-
- 11:32 AM Revision 763afdaf: Add semicolon
- Fix delete Java Script to match valid HTML ID
- 11:31 AM Revision 0f383d78: XHTML Compliance
- html id's not permitted to begin with a number.
html id's not permitted to contain '/'
add prefix (entry_) and replac... -
-
06/24/2015
-
07:05 PM Feature #3933: Limiter burst doesn't have any effect
- Target version is 2.3
https://redmine.pfsense.org/versions/16
http://snapshots.pfsense.org/
Shows 2.2.3 as l... -
06:54 PM Feature #3933: Limiter burst doesn't have any effect
- Hi folks,
Any progress on this one? Is there any alpha version that might have this working for me to test .. Thanks! - 05:03 PM Revision fc04a23e: Merge branch 'RELENG_2_2' of git.pfmechanics.com:pfsense/pfsense into RELENG_2_2
- 05:00 PM Revision 90ad3a76: Display any advanced DHCP server settings
- when the page is first displayed.
This has annoyed me a few times and it annoyed me again just now. I had some settin...
06/23/2015
-
10:24 PM Bug #3858: DynDNS errno 47: Address family not supported by protocol family
- I put together a quick test on Linux (using pycurl) that basically does:...
-
- Chris Buechler wrote:
> that's what happens when you're dual stack, the URL has an AAAA, and it's updating a v4 IP.
... - 09:29 PM Revision 9cbb7fe4: It's time for 2.2.3-RELEASE
- 09:25 PM Revision 5b1844a6: Bump to 2.2.3-RELEASE
-
07:32 PM Revision 47b09af7: Add D1540-XG.
-
- 06:36 PM Revision ba8c6e37: Introduce Netgate RCC-DFF to the list of known platforms
- 06:35 PM Revision 91bbf120: Introduce Netgate RCC-DFF to the list of known platforms
- 05:31 PM Revision 96072f52: rereadall is not enough here, restore reload call to make sure everything works. Ticket #4785
- 05:31 PM Revision 2f898d6a: rereadall is not enough here, restore reload call to make sure everything works. Ticket #4785
- 05:15 PM Revision 8961801d: Replace ipsec rereadsecrets + reload by single rereadall, that will re-read also cert changes. Ticket #4785
- 05:15 PM Revision 9edeadc5: Replace ipsec rereadsecrets + reload by single rereadall, that will re-read also cert changes. Ticket #4785
- 05:12 PM Revision a241d6b5: Instead of sending USR1, just call ipsec reload. And before it, call ipsec rereadsecrets to make sure new secretes are updated. It should fix #4785
- 05:12 PM Revision bc7748f7: Partially revert 019ee2bc8c, this workaround is not necessary. Real fix will be committed after this
- 05:12 PM Revision dbd43cc2: Instead of sending USR1, just call ipsec reload. And before it, call ipsec rereadsecrets to make sure new secretes are updated. It should fix #4785
- 05:11 PM Revision d30038e0: Partially revert 019ee2bc8c, this workaround is not necessary. Real fix will be committed after this
-
- confirmed good.
-
- Applied in changeset commit:a241d6b53ac8d1aefe854d673ed5f41693ce9388.
-
- Applied in changeset commit:dbd43cc24d6c18f6bf279c4e52a7a01d2bdfb8c5.
- 01:22 PM Revision 019ee2bc: Add a workaround for ticket #4785:
- There was a regression on strongswan between 5.3.0 and 5.3.2 as reported
at [1]. To workaround this issue, add an ext... - 12:59 PM Revision 29c9e140: Add a workaround for ticket #4785:
- There was a regression on strongswan between 5.3.0 and 5.3.2 as reported
at [1]. To workaround this issue, add an ext... -
10:53 AM Bug #4642: OpenVPN process status stopped... but its running
- Updating:
Ok, 21 days passed, and there it goes... today I have discovered on the monitored nanobsd installs final... - 07:28 AM Revision 9a3ec939: Standardize widget iform and submit names
- The log and picture widgets were both using "iforma" and "submita".
Actually it did not break anything because it was... - 06:48 AM Revision c598160a: Fix var name typo in shaper.inc
- 06:45 AM Revision cfc6fd8d: Merge pull request #1728 from devnullity/patch-1
- 05:53 AM Revision 6538d33a: GW widget input form name-id needs to be unique
- among all widget forms.
Traffic Graphs widget already uses the vanilla name "iform". Reusing that name causes Traffic... -
- Well, this does not work for the console menu either. Plus, I don't think it's limited to static IPv6. It's broken fo...
-
- 02:31 AM Revision 9a8a5e6a: Don't delete /var/tmp/, that was originally done to clear session data at boot, but no longer applicable as session data is no longer in /var/tmp/. Credit to 'aa' on opnsense forum.
- 02:27 AM Revision 5e1ff564: Don't delete /var/tmp/, that was originally done to clear session data at boot, but no longer applicable as session data is no longer in /var/tmp/. Credit to 'aa' on opnsense forum.
-
- you can use firewall rules with schedules to accomplish that in some cases. Otherwise you're best off using RADIUS au...
-
- I'd like to let my kids use the net between certain hours, but deny them after bedtime.
Could the pfSense user man... - 12:43 AM Revision d812e83e: Use $myid in ipsec.secrets. Ticket #4785
- Conflicts:
etc/inc/vpn.inc - 12:42 AM Revision fe96d725: Use $myid in ipsec.secrets. Ticket #4785
06/22/2015
-
- all good.
-
- It was happening when wrong kernel was selected during installation. I've changed kernel order for ADI and Embedded i...
-
- there is something wrong here, though it's not clear what. The issue is replicable with Jody's config, and a slightly...
-
01:20 PM Bug #4784 (Closed): IPsec mobile fails with VPNC and "Network List" after 2.2.x upgrade
- We usually use a wrapper client (Shimo) for vpnc that helps us with some route automation, but for purposes of simpli...
-
09:49 PM Bug #4345: Traffic Shaping doesn't work with Xen netfront driver
- I think same as Grischa Zengel said!
We need an option to disable xn implementation -
12:56 PM Bug #4345: Traffic Shaping doesn't work with Xen netfront driver
- I'm installing the next server and need 8+ networks. Because xen can't handle so much NICs I have to use tagging.
... -
- duplicate of #3858. that didn't change on upgrade, guessing maybe this is the first you've had IPv6. Changing your pr...
-
- I just updated from 2.2.1 to 2.2.2. I have Dynamic DNS enabled for my domain hosted at Google Domains, and DynDNS is...
-
- that's what happens when you're dual stack, the URL has an AAAA, and it's updating a v4 IP.
-
- the semicolon separators are required, as it says in the notes field there. Some additional input validation there wo...
-
- should be fixed, need to double check every type of config to verify all still work.
-
- Where using IKEv2 with PSK on a site to site VPN, where the identifiers are IPs, and the remote is a FQDN, you end up...
- 06:34 PM Revision b7316893: This is incomplete. Leaving for 2.3. Revert "Ticket #4683 merge in brainpool for DH parameters"
- This reverts commit 7dc35024af3af1d644c25b002ca9f40f1d61c05b.
-
- no change from last comment. filterdns is running with the correct instance ID for -y, logs that it's adding entries ...
-
- Thanks for the heads up, Lars. We're short on time for 2.2.3, plus don't generally put features into maintenance rele...
-
08:21 AM Feature #4683: Support for elliptic curve for IPsec on webconfigurator
- Can see that you have only merged parts of the 1649 pull request. Things like IPsec phase 1 is missing AES GCM suppor...
-
- The "can't assign requested address" means something is already listening on port 10000. You have something else boun...
-
- for aliases that big you're best off using URL Table aliases instead
- 07:20 AM Revision be253f60: Add DNS host override descriptions
- since we can sometimes provide a useful description from that config
data also.
Fill the $iplookup array with host or... -
- not seeing any scenario where this still happens.
-
- The traffic graph can already display a choice of IP address, Hostname or FQDN in the table of top bandwidth hogs.
S... -
- splitting con entries will suffice here. this should be straight forward, quick, and low risk, but if there are compl...
-
- The RTT and Loss figures on the Gateways widget are for ping responses to the gateway monitor IP, which often is diff...
-
- fixed
-
- Ermal suggested replicating with very low bpf buffers and high ARP traffic. I've had an arp-scan across one /16 and o...
06/21/2015
-
11:49 PM Revision 5a147eaf: Fix var name typo in shaper.inc
- Fix typo so get_bandwidthtype_scale can do more than default to "1".
-
- works from what I can tell. Markus, if you can see any remaining issues here in 2.2.3, please follow up.
-
- this is still replicable as described, but only with ASAs, and only as initiator when triggered by traffic. Manually ...
-
- something's changed in the OS X client since last trying this. I'll revisit for further testing.
- 09:01 PM Revision 62102a8b: Specify $myid rather than %any here, otherwise user manager and mobile PSKs won't match. Ticket #4781
- Conflicts:
etc/inc/vpn.inc - 09:00 PM Revision 887093c3: Specify $myid rather than %any here, otherwise user manager and mobile PSKs won't match. Ticket #4781
-
- no known way to replicate this. Likely fixed with the patch that's been merged but will leave for feedback.
-
- confirmed working on one system
-
- PSKs defined in the user manager and vpn_ipsec_keys.php result in: ...
-
01:19 PM Bug #4780: max_input_vars limit reached with aliases having >1000 members
- pfSense version 2.2.2
-
- The limit has been reach for long alias lists used in firewall configuration.
firewall_aliases_edit.php
Warning... -
10:33 AM Bug #4779 (Not a Bug): OPENVPN - Exiting due to fatal error
- Since I'm using pfSense 2.2.2 I get the following error, every time the switch is turned off - the device is disconne...
06/20/2015
-
- this is fixed, opened #4778 for aforementioned remaining issue.
-
- The serial console on the ADI memstick image isn't setup correctly post-install.
-
- Was just wondering if it's specific to your file, or any similar file. If the one you attached suffices to replicate,...
-
- fixed
-
- this isn't easily replicable, so not sure whether it's still an issue. Will leave for feedback
-
- Tried after changing both hosts to use unicast pfsync, which had no impact. It seems to alternate between hanging the...
06/19/2015
-
- that triggers a kernel panic in FreeBSD 10.1. Same wifi card in an 11-CURRENT (as of a couple days ago) box, tcpdump ...
-
09:37 PM Bug #4777: tcpdump causes kernel panic when deleting underlying interface
- pfSense just prompted me, then automatically uploaded a crashreport (approx 2015-Jun-19 21:40 CDT [GMT-5]). Of cours...
-
- Cloned ath0 interface.
Ran tcpdump on console against ath0_wlan1.
Deleted ath0_wlan1 from GUI (Interfaces->Wireless... -
09:34 PM Bug #4766: "URL Table (IPs)" and "URL (IPs)" do not work when text file is hosted on a fresh install of pfSense
- I can't share the IP addresses because they are Tor bridges, which must be kept secret in order to be useful. Does th...
-
- the upgrade issue you noted is fixed for 2.2.3, release coming next week. Upgrading to the latest snapshot from snaps...
-
- I tested an auto-upgrade again before doing the test you suggested. The auto-upgrade sort of failed somehow because t...
- 06:33 PM Revision 10a1c51d: Obsolete pt_BR.ISO-88591 in favor of UTF-8
- 06:31 PM Revision a3918e59: Move pt_BR translation from ISO to UTF-8
- 06:29 PM Revision 6b42b02c: Move pt_BR directory, it's moving from ISO to UTF-8
- 06:15 PM Revision 3d0391f1: Display monitor IP on Gateways widget
- This change adds a setting for the Gateways dashboard widget so the user
can choose to display the Gateway IP, Monito... -
-
-
- that's due to a configuration mismatch of some sort. Please post to the forum or mailing list for help troubleshooting
-
- replied back on your forum thread. this works in general, we can troubleshoot further on forum.
-
03:35 PM Revision 3378289a: Ticket #4746 Correctly set global variables to be used by hostnames cod epaths
-
-
- this issue is fixed. there is a different problem in that it doesn't enable the serial console properly after clean i...
-
- Ok that's a different circumstance from the other I mentioned (which is the same as what Bipin noted). That's never a...
-
04:06 AM Bug #4760: PPPoE loses connection to modem, clicking connect does not reconnect but rebooting pfSense does
- It's a virtual machine on ESX, using E1000 nics, the NIC isn't locked however as the web interface on the ADSL modem ...
-
- for me alix via chipset and 2 full install machines with realtek chipset have this issue
-
- I moved it to UTF-8, it's working now.
For reference commit:6b42b02cc0 commit:a3918e5999 and commit:10a1c51d87 -
- Thanks Robert, we'll get that reviewed, tested and merged soon for 2.3.
-
- The DHCP/DHCPv6 stuff was meanwhile fixed, apparently. System - General Setup and the Captive Portal still remain.
-
- closing in favor of #4683
- 11:51 AM Revision 320ed23c: Merge pull request #1724 from phil-davis/patch-3
-
- Hi,
as I was creating a WLAN for our company based on pfsense APs, I run into the problem, that pfsense has no opt... -
-
- Merged.
-
- I thought this was due that now unity plugin is not anymore loaded by default.
-
- this doesn't appear to be an issue anymore with 2.2.3, though I haven't narrowed down exactly where that changed yet....
-
- works
06/18/2015
-
- works
-
-
- By default pf uses a frag limit of 5000. Several customers and users have reported hitting that limit on 2.2+ resulti...
-
- fixed
-
- this should be fixed already. adding this to remember to test on new snapshot.
/etc/rc.d/hostid was missing +x, w... -
-
- the REKEYED entries no longer exist since that separate bug was fixed, which leaves this fine.
-
- Turkish works now, though selecting PT-br still leaves you with English.
-
- can't replicate that here either, and that code hasn't changed in quite some time. will leave for feedback for now.
-
- The current code does unset and the code to unset has been in place for ages (3+ years). See source:"usr/local/www/di...
-
- Hmmm - I guess on restoring from a backup that has RRD data, the system should remove existing RRD data files, build ...
-
- Well, the problem apparently is this:...
-
- 2.2.3-DEVELOPMENT (amd64)
built on Sun Jun 14 19:59:54 CDT 2015
FreeBSD 10.1-RELEASE-p12
With the "do not backup... -
- This is a full install. With the box, I get ~4 MB with huge <rrddata>; without the box, it's ~8 MB with two <rrddata>...
-
- Guessing it's because we enable certificate validation by default in 2.2.x there, and the default self-signed cert wi...
-
- Perhaps you could post the results of this:...
-
- Let me point out that the "URL Table (IPs)" version of this test does not produce any error messages. Therefore, if i...
-
- It's a list of IP addresses, one IP on each line. I just tested it in a new install of 2.1.5, and it works fine there...
-
- this is correct now in every circumstance I could previously replicate problems.
-
-
-
- not the modem, what hardware are you running pfSense on, specifically what NICs but other details might help.
-
- The actual hardware is a BT Voyager 190 Ethernet ADSL modem with the unlocked firmware on it.
I assume that the is... -
- https://forum.pfsense.org/index.php?topic=41061.0
long thread but to me it seems the nic drivers is the culprit, t... -
- fixed
-
10:56 AM Bug #4364: cannot change or set keymap during and after install
- Hello.
Just installed 2.2.2 x64 and the problema is still here.
Best regards. - 05:26 AM Revision 41e9efe6: chmod +x hostid
- 05:26 AM Revision f6a4fe06: chmod +x hostid
-
- fixed, thanks!
06/17/2015
-
- Tobias: if you have a 2.2.2 (or newer) config that'll replicate, I'd definitely like to check it out. Email to cmb at...
-
- what hardware?
the only issue along those lines I can recall in any version was some modems combined with some ol... -
- what's in some_file.txt? I'm guessing nothing, you're trying to fetch a file that doesn't exist, given it happens aft...
-
- On nanoBSD 32-bit running snap from Wed Jun 17 18:54:23 I can't replicate this. With the box checked I get an ordinar...
-
- This worked just fine before the latest batch of commits (i.e., a week ago, or even less).
- I have the "Do not ba... -
- no change here. Logs show during boot: ...
-
- this change could also be what completely broke CP (see #4751)
-
-
-
- it works fine. keep the discussion of support issues on the forum please. I replied back there again.
-
01:43 PM Bug #4765: NAT Reflection (Pure NAT) rules not setup for traffic originating from same subnet as final destination
- I don't understand the meaning of "looking for something that won't exist" considering that the rest of your comment ...
-
- replied back in your forum thread, you're looking for something that won't exist, but where the "Enable automatic out...
-
- Just what algorithms and what version of ipsec you are using.
Preferably send me /var/etc/ipsec/ipsec.conf and /tm... -
03:30 PM Bug #4770: Packet Filter Reject IPSEC packets
- How much detail do you want? I'd rather not leak all our info onto the net.
-
- Can you also describe your tunnel configuration here?
-
- ...
-
- what's the rule that's blocking it? click the red X.
doubt this is a bug, probably something like Snort enabled w... -
- Periodically the firewall starts firewalling traffic coming through one or more IPSEC tunnels. Doing "Filter Reload" ...
-
- Applied in changeset commit:e932c35017d0c5e35957e01c90dab57a0519f588.
-
- Applied in changeset commit:2e0397e05b6168dfcfbd04c9f3629a988744a8b2.
-
- If the L2TP subnet overlaps a subnet that contains a port forward target, and automatic outbound NAT for reflection i...
-
- no change, as long as you have some traffic passing through a limiter, the secondary hangs within ~1-4 hours.
-
- I'll see if I can reproduce this, but the diag_tables showed all IP addresses (I should add that I have applied the p...
-
- diag_tables shows what is in the table (""in memory" alias") at the time the page is loaded. filterdns keeps that upd...
-
- Yes, sorry, diag_tables.php.
This showed all entries as being correct, however, when looking at the resolver logs ... -
- When the DHCP server issues an IP to a host that provides a name, that name cannot immediately be resolved by the DNS...
-
- the created rules largely aren't IPv4/IPv6-specific, and will work for both.
-
09:30 AM Feature #4769 (Resolved): IPv6 support in the Traffic Shaper Wizard
- It would be really nice if Traffic Shaping Wizard could be set to also create IPv6 rules.
-
-
- Yep this commit broke it by showing that there might have been other issues that now are handled properly.
Next sn... -
- This patch (or something else in about the same timeframe) completely broke CP in 2.2.3. No contexts are created.
... -
- EDIT:
15 days passed by since I installed watchdog and set it to keep ntp up (ntp crashed all the time).
Since th... -
- no change, but we'll leave as-is for 2.2.3. Limiters in general are better in 2.2.3 than earlier 2.2.*.
-
- confirmed upgrades on 1.2.3, 2.0.3, 2.1.5, 2.2.2, including both 32 and 64 bit for all 2.x. All fine.
-
- fixed
-
- fixed. We'll again verify as part of the release test matrix on each install type.
06/16/2015
-
-
- there isn't a way to backup/restore only limiters at this time.
-
02:33 PM Feature #4763: Restore from backup that contains only area Traffic Shaper doesn't restore Limiters
- Chris Buechler wrote:
> by traffic shaper in that context it means ALTQ, so this does work as designed.
So how co... -
- Title should be 'Restore from backup that contains only area Traffic Shaper doesn't restores Limiters'.
-
- by traffic shaper in that context it means ALTQ, so this does work as designed.
-
- Dear admins,
please delete Bug #4763, I have the error in the title. I've posted it again in Bug #4764. -
- When I try to Backup only area Traffic Shaper the shaper-config*.xml doesn't contains Limiters. All the data from pag...
-
- which page are you referring to? diag_tables.php?
-
- Not sure whether this is a bug in the existing functionality or really a request for additional functionality.
Wou... -
- this is a symptom of #4653, because the system didn't reboot post-upgrade in that case. Just power cycle the system a...
-
08:03 PM Bug #4768 (Duplicate): Operation not supported by device
- pfsense update from 2.1.5 to 2.2.2
php: rc.filter_configure_sync: New alert found: There were error(s) loading th... -
- works here too, looks good all around.
- 05:44 PM Revision bc8adf7e: Say what is happening when reinstalling package GUI XML
- At the confirmation dialog after pressing the "Reinstall XML" button, the text does not distinguish between having pr...
- 05:42 PM Revision a7c28e99: Say what is happening when reinstalling package GUI XML
- At the confirmation dialog after pressing the "Reinstall XML" button, the text does not distinguish between having pr...
-
-
- 05:40 PM Revision 4fabdca7: Why is break missing for reinstallxml
- I thought that "reinstallxml" should do less than "reinstallpkg" but actually it was getting stuff here, then falling...
- 05:40 PM Revision c28a785a: Merge pull request #1723 from phil-davis/patch-2
-
- already fixed, duplicate of #4701
-
05:26 PM Bug #4767 (Duplicate): When renaming an IP alias at "Firewall: Aliases" the rules created at "Firewall: NAT: Outbound" are not updated accordingly
- Hello,
I ran into a problem after renaming an IP Alias. The Alias was used in an outbound NAT rule as well as in a... - 05:06 PM Revision b9455916: Say what is happening when reinstalling package GUI XML
- At the confirmation dialog after pressing the "Reinstall XML" button, the text does not distinguish between having pr...
-
- Note: This was i386 hardware, but I'm not sure if that matters or not.
-
- I ran into this problem on a fresh DVD install of pfSense. An automated upgrade did not experience this problem. On t...
- 04:55 PM Revision 84a2e915: Why is break missing for reinstallxml
- I thought that "reinstallxml" should do less than "reinstallpkg" but actually it was getting stuff here, then falling...
-
- On "System: Advanced: Firewall and NAT", in the "Network Address Translation" section, the checkbox labeled "Automati...
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- thanks
-
- Some whacky Chrome bug, fixed itself in v41.something. Can be safely closed.
-
-
-
-
-
-
-
- duplicate of #4763
-
- When I try to Backup only area Traffic Shaper the shaper-config*.xml doesn't contains Limiters. All the data from pag...
-
-
-
- Works.
-
-
-
-
-
-
- 12:34 PM Revision 9fced93c: Keep a copy of old mtree binary during upgrade and use it to avoid crashing. Fixes #4563
- 12:34 PM Revision 8f102b09: Check also for old FreeBSD release versions
- 12:34 PM Revision 0e40454d: Keep a copy of old mtree binary during upgrade and use it to avoid crashing. Fixes #4563
- 12:34 PM Revision 0ab90dd0: Check also for old FreeBSD release versions
-
- I've just checked and the TTL is 1 hour, we rebooted the server the other day and it took about 10 minutes to reboot,...
-
- It'll hang onto it as long as the TTL is valid. Doing anything other than that would be broken behavior. If your DNS ...
-
- It would be useful to be able to tick on a per entry basis in aliases whether an entry should remain if the DNS serve...
-
- On a number of occasions I have seen the PPPoE connection between pfSense and our ADSL modem go down, the modem still...
-
- Fixed by commit:9fced93c25 and commit:0e40454d52 with a wrong ticket number on commit log.
-
- Renato's proposed patch looks to work fine here in circumstances where problems were previously replicable. That shou...
-
- Ermal Luçi wrote:
> It is already in 2.2.3 since the merge.
> I merged it manually.
I'm still not convinced that...
06/15/2015
-
- fixed
- 07:25 PM Revision 7d8dd0b7: Add semicolon
- Fix delete Java Script to match valid HTML ID
-
- Well I think it looks good now.
Tested with bunch of speedtest stuff like http://ipv6-test.com/speedtest/, http:/... -
-
-
03:28 PM Bug #1629: invalid state table entries after WAN IP change
- Hi Kevin,
when the cable modem does weird or reboots i have also seen this behaviour with the 0.0.0.0 address.
... -
08:50 AM Bug #1629: invalid state table entries after WAN IP change
- I have been hitting this issue for over a year. Finally getting tired of manually killing the stale UDP states. I am ...
-
-
- 02:46 PM Revision b8ceb344: Fixing PD size selection for HughesNet
-
-
- 02:36 PM Revision d20f28db: Merge pull request #1721 from phil-davis/style
- 02:34 PM Revision 6622518b: status_queues missing semi-colon
- This really looks like it should have a semi-colon. Somehow the PHP interpreter is not being fussy about it in this c...
- 02:32 PM Revision 98e7d680: Merge pull request #1718 from phil-davis/patch-2
-
- This seems affecting only NAT with limiters.
It should be handled properly now in 2.2.3 i will re-test this again as... -
- It is already in 2.2.3 since the merge.
I merged it manually. -
- Chris Buechler wrote:
> confirmed. Thanks!
Can see that you have set the target version to 2.2.3. Will you cherry... - 08:34 AM Revision 6c07db48: Code spacing
- and other random stuff I noticed.
I think this finishes messing with code style. The codebase should match
the develo... -
07:53 AM Bug #4757: Failing to boot Asrock Q1900M with LiveCD 2.2.2 and Dev 2.2.3 2015 -04 -13
- Kill Bill assessment is accurate it doesnt work with UEFI. Sorry for using your time guys.
-
- Please post in the forum or on the mailing list for assistance before opening a bug report. It is much more likely th...
-
06:37 AM pfSense Packages Bug #4759 (Rejected): DHCP return wrong GW
- hi
in fact I setup DHCP server but some clients gets wrong GW from it and some client get right GW. the config is he... -
- Not really sure what support you need, it works.
!http://i60.tinypic.com/syv8rr.png!... -
04:58 AM Feature #4758 (Closed): DNS Resolver - Add GUI to configure reverse zone overrides
- It would be nice to have GUI option to configure overrides for reverse DNS zones in DNS resolver/Unbound. Currently c...
- 05:39 AM Revision bf2dba75: XHTML Compliance
- html id's not permitted to begin with a number.
html id's not permitted to contain '/'
add prefix (entry_) and replac... - 05:22 AM Revision 6bb817b4: status_queues missing semi-colon
- This really looks like it should have a semi-colon. Somehow the PHP interpreter is not being fussy about it in this c...
-
05:10 AM Bug #4607: Bridge+CARP crashes/freezes pfSense
- Sorry, didn't have the opportunity to test the fix yet (encountered the problem on a production installation), but am...
-
01:40 AM Feature #4542: Support for PPPoE with MTU/MRU > 1492 (i.e. 1500)
- a
-
- Bug...
-
-
06/14/2015
-
- Ermal merge pull 1715, and as far as I can see that resolves the remaining issue.
-
- You cannot use UEFI boot. You need to turn on the legacy boot and disable Secure Boot (if relevant).
-
- Failing to boot an Asrock Q1900M, bios v1.5 dated 31/10/2104.
Affects released version 2.2.2 amd64 and Development... - 07:19 AM Revision 26b8101b: add input validation for proxy URL, port, user.
- Conflicts:
usr/local/www/system_advanced_misc.php -
- this is good.
- 05:48 AM Revision fd90a77f: add input validation for proxy URL, port, user.
-
- works
-
- confirmed
06/13/2015
-
11:45 PM pfSense Packages Bug #4426: NUT fails to start or restart until NUT's settings are (re)saved
- I have been unable to start NUT on my 2.2.2-RELEASE (amd64) install since creating an openvpn client and therefore re...
- 09:32 PM Revision 71dbcc11: services_dyndns - use tr.disabled instead of font-color
-
02:35 PM Bug #4685: Crash/panic "Sleeping thread owns a non-sleepable lock"
- Jim P wrote:
> Without seeing the full crash report it's impossible to say if it's related. If you haven't already, ... -
- Patch put on the tree.
Those who want to test need to update to snapshot coming out next. - 12:57 PM Revision c72237ee: correct 2 syntax errors
- 12:44 PM Revision a326e955: updated progress
- 12:39 PM Revision d8e0d425: remove useless form+wrapper #211
- 12:38 PM Revision cfc607f3: Merge pull request #211 from sbeaver-netgate/services_captiveportal_ip
- Convert services_captiveportal_ip
- 12:37 PM Revision f107fd31: status_filter_reload.php Conversion complete
- Ready for review
- 12:36 PM Revision 311c0f32: Merge pull request #312 from ExolonDX/patch-4
- Move the break & endforeach statements so the DL and DIV tags are properly closed
-
-
- 12:34 PM Revision cd225cb5: vpn_ipsec_phase2.php Conversion complete
- Ready for review
- 12:33 PM Revision 75fd7984: vpn_ipsec_phase1.php Conversion complete
- Ready for review
- 12:31 PM Revision c284c8a2: system_firmware_check.php Conversion complete
- Table converted to panel with heading color indicating status.
jQuery functions provided for formatted writes to pan... - 12:30 PM Revision 727047a6: system_firmware_auto.php Conversion complete
- Page has been changed to use a panel heading for status and a panel
body for output.
Functions have been provided to... - 12:30 PM Revision bea9e9d6: vpn_openvpn_client.php Conversioncomplete
- Ready for review
- 12:28 PM Revision 01ab50fd: vpn_openvpn_server.php Conversion complete
- Ready for review
- 12:27 PM Revision 155d9450: diag_smart.php Conversion complete
- Ready for review
- 12:23 PM Revision 9ee2cac1: interfaces_ppps_edit.php Conversion complete
- Ready for review
This was a very challenging conversion due to the external javascript
libraries (no longer availabl... - 12:21 PM Revision ee3af113: firewall_virtual_ip_edit.php Conversion complete
- Ready for review
- 12:21 PM Revision 781b2b7f: firewall_virtual_ip_edit.php
- Form complete. Need to add Javascript actions
- 12:20 PM Revision e4f5ae71: firewall_virtual_ip.php Conversion couplete
- Ready for review
- 12:19 PM Revision d7770192: firewall_shaper_wizards.php Conversion complete
- Ready for review
- 12:18 PM Revision 416b6a09: Removed unneeded form
- 12:18 PM Revision 416cbf3c: firewall_schedule.php Conversion complete
- Ready for review
- 12:16 PM Revision 8d9f7a80: IpAddress.class.php
- Updated to allow the addMask() method to accept a maximum value so that
it can be used for IPv4 and IPv6 addresses. e... - 12:16 PM Revision cf51b119: firewall_nat_npt_edit.php Converion complete
- Ready for review
- 12:14 PM Revision 3cc272c0: remove useless form+wrapper #301
- 12:12 PM Revision 5e4b485f: firewall_nat_npt.php Conversion complete
- Ready for review
- 12:11 PM Revision 325cdc5d: diag_packet_capture.php Conversion complete
- Ready for review
- 12:09 PM Revision 9d11418f: system_gateway_groups_edit.php Conversion complete
- Ready for review
- 12:08 PM Revision b83e61e4: vpn_openvpn_csc.php COnversion complete
- Ready for review
- 12:07 PM Revision 16eef6f9: vpn_pppoe_edit.php Conversion complete
- Ready for review
- 12:06 PM Revision 7778a458: system_usermanager_passwordmg.php COnversion complete
- Ready for review
- 12:02 PM Revision 66bbb1b5: remove useless form+wrapper #296
- 12:00 PM Revision 4c8c4fc2: vpn_pppoe Conversion complete
- Ready for review
- 11:59 AM Revision aa3c6f56: system_usermanager_addprovs.php Conversion complete
- Ready for review
- 11:56 AM Revision a742c95a: removed useless form+panel wrapper #293
- 11:54 AM Revision b9b44f94: system_gateway_groups.php Conversion complete
- Ready for review
- 11:53 AM Revision 454f52f9: status_wireless.php Conversion complete
- Ready for review
- 11:52 AM Revision 18e020bd: status_upnp.php Conversion complete
- Ready for review
- 11:51 AM Revision 517d3109: status_services.php Conversion complete
- Ready for review
- 11:50 AM Revision b33c73ff: no need for reference #289
- 11:25 AM Revision af66ad8d: status_lb_pool.php Conversion complete
- Ready for review
- 11:24 AM Revision ca583944: status_graph_cpu Conversion complete
- Ready for review
- 11:23 AM Revision 3c7787df: status_captiveportal_vocher_rolls.php Conversion complete
- Ready for review
- 11:22 AM Revision e3a24020: status_captiveportal_vouchers.php Conversion complete
- Ready for review
- 11:21 AM Revision f200e233: status_captiveportal_test.php Conversion complete
- Ready for review
- 11:20 AM Revision aeb33e05: status_captiveportal_expire.php Conversion complete
- Ready for review
- 11:19 AM Revision 12debece: status_captiveportal.php Conversion complete
- Ready for review
- 11:19 AM Revision 454cec57: status.php Conversion coplete
- Ready for review
- 11:18 AM Revision a777cf18: services_unbound_host_edit Conversion complete
- Ready for review
- 11:17 AM Revision c3e03a35: services_unbound_domainoverride_edit.php Conversion complete
- Ready for review
- 11:16 AM Revision 0a98e31b: services_unbound_advanved.php Conversion complete
- Ready for review
- 11:15 AM Revision 6e3bd9d2: servies_unbound_acls.php Conversion complete
- Ready for review
- 11:11 AM Revision 51c224bc: services_unbound Conversion complete
- Ready for review
- 11:10 AM Revision 9f35c891: Merge pull request #236 from sbeaver-netgate/services_rfc2136_edit
- Convert services_rfc2136_edit
- 11:08 AM Revision fcded4cf: Merge pull request #235 from sbeaver-netgate/services_rfc2136
- Convert services_rfc2136
- 11:08 AM Revision 63f127aa: Merge pull request #233 from sbeaver-netgate/services_ntpd_pps
- Convert services_ntpd_pps
- 11:07 AM Revision ffe0ae40: Merge pull request #232 from sbeaver-netgate/serviecs_ntpd_gps
- Convert services_ntpd_gps
- 11:05 AM Revision 135200fa: Merge pull request #231 from sbeaver-netgate/services_ntpd
- Convert services_ntpd
- 11:05 AM Revision 49475b89: Merge pull request #230 from sbeaver-netgate/services_igmpproxy_edit
- Convert services_igmpproxy_edit
- 11:02 AM Revision c4952ad6: Merge pull request #228 from sbeaver-netgate/services_igmpproxy
- Convert services_igmpproxy
- 11:01 AM Revision 9fe3ffb2: fix load of syntax errors, give 'Disable' a proper label #227
- 10:54 AM Revision 348ee54d: Merge pull request #227 from sbeaver-netgate/services_dyndns_edit.php
- Convert services_dyndns_edit
- 10:50 AM Revision 565098a7: Merge pull request #226 from sbeaver-netgate/services_dyndns
- Convert services_dyndns (contains syntax-errors I'll fix)
- 10:48 AM Revision c39d178c: Remove help-text from hidden input #225
- 10:47 AM Revision 52863715: Merge pull request #225 from sbeaver-netgate/services_dnsmasq_edit
- Convert services_dnsmasq_edit
- 10:46 AM Revision 07b5a68e: Merge pull request #224 from sbeaver-netgate/services_dnsmasq_domainoverride_edit
- Convert services_dnsmasq_domainoverride_edit
- 10:44 AM Revision 626e821e: Merge pull request #223 from sbeaver-netgate/services_dnsmasq
- Convert services_dnsmasq
- 10:43 AM Revision 72e4aa0e: Merge pull request #222 from sbeaver-netgate/services_dhcpv6_edit
- Convert services_dhcpv6_edit
- 10:43 AM Revision 28ab6a92: Merge pull request #221 from sbeaver-netgate/services_dhcpv6
- Converted services_dhcpv6
-
09:35 AM pfSense Packages Bug #4567: ntopNG Geo files missing
- Issue is still there is 2.2.2 package version 1.2.1 v0.5
/usr/pbi/ntopng-amd64/bin/ntopng-geoipupdate.sh doesn't cor... -
08:06 AM Bug #4607: Bridge+CARP crashes/freezes pfSense
- My setup was affected by this since I tried 2.2-RC (https://forum.pfsense.org/index.php?topic=85285.0)
I tried again... -
- Chris Buechler wrote:
> I'm kidding...point being, why would you want additional lines in the default config that ar... -
- Phil, thanks for the additional pull request. Putting this back to Feedback to review later. It's BSDCan and 2 AM whi...
-
- Top secret reasons, sorry. The NSA won't let us tell.
I'm kidding...point being, why would you want additional li... -
- I still would love to hear why exactly do we desperately need to spare one line in default config.xml and why the set...
-
- Yes you have to import the chain in that case. It's stupid to use "real" certificates with OpenVPN, it's actually *le...
06/12/2015
-
- The fish-slapping drama continues here https://github.com/pfsense/pfsense/pull/1715
That pull request is closed, but... -
- https://www.youtube.com/watch?v=kWmbXMXns28
-
- Thanks Phil!
We were heading out to dinner shortly after Ermal's commit yesterday, and came up with the idea on t... -
- It works now... (The time wasted here would be enough of a hint to not ever do things like this again. There's a foru...
-
- Kill Bill wrote:
> And let me say, it was just fine until this evil commit that twisted the logic into this stupidit... -
- Phillip Davis wrote:
> https://github.com/pfsense/pfsense/pull/1715
Applied your pull request on top of the whole... -
- I just figured out that if I import every cert in the chain individually into the "CA" tab, it finally works.
That's... -
- Still having what appears to be the same problem as issue #1538, but in 2.2.2-RELEASE i386.
Generate a CSR from pf... -
- Still having what *appears* to be the same issue.
Generate a CSR from pfSense, get a signed cert (from StartSSL) for... -
-
-
-
- Ermal Luçi wrote:
> https://github.com/ocochard/BSDRP/blob/master/EINE/patches/freebsd.bsnmpd.hostres
>
> Seems t... -
03:30 PM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot
- Chris Buechler wrote:
> Matt: haven't heard of it on ALIX but same could impact it also. does disabling the host res... -
- https://github.com/ocochard/BSDRP/blob/master/EINE/patches/freebsd.bsnmpd.hostres
Seems to have a patch for this i... -
-
-
-
- 10:52 AM Revision a7a064f4: Add description as a display option on Traffic Graph
- This is handy at sites where lots of the LAN clients have static-mapped
DHCP IP addresses. Depending on the site host... -
- Done.
-
- I found the announcement, nvm.
-
- I couldn't find this release, according with PHP website 5.5.25 is the latest one - http://php.net/releases/
- 09:15 AM Revision a75aa2ca: Remove track6-interface and track6-prefix-id from interfaces->lan in default config.xml
- 1. <track6-interface>wan</track6-interface> and <track6-prefix-id>0</track6-prefix-id> of interfaces->lan from /conf....
-
- Still seeing a steady stream of crashes on certain systems, I've added more crash reports to the repo. Two of them ha...
-
- Luke Hamburg wrote:
> I have experienced a lot of crashes (hard crash that triggers the box to reboot) on 2 differen... -
- No more undefined macros and errors when loading the rules on boot with latest snapshot. I'm with Chris here, looks l...
06/11/2015
-
-
-
- https://github.com/pfsense/pfsense/pull/1715
Ermal's change/fix seems good (although the whole thing screws with peo... -
- And let me say, it was just fine until this evil commit that twisted the logic into this stupidity.
https://github... -
- This does NOT work. Keep clicking Save and watch the checkbox and ipsec.conf flip. Not really sure what to say here. ...
-
- Fixed to be natural to the checkbox and comment.
- 07:21 PM Revision c66a327b: Merge pull request #1710 from stilez/patch-4
-
07:18 PM Revision be37ac8f: fix checking for overlaps of NAT destination port
- 07:17 PM Revision 52bdb9b0: Merge pull request #1714 from brunostein/fix_checking_nat_destination_port
-
-
- fixed, original problem case is no longer replicable, things otherwise seem fine on a system that's been running in a...
-
- 2.2.3 needs PHP upgraded to 5.5.26.
-
- confirmed. Thanks!
-
- that works around the issue. For tracking purposes we'll mark this resolved. I opened #4754 to investigate the root c...
-
- Starting this for the root problem in #4537. We have a workaround for the issue and hence closed that ticket, but the...
-
- fixed
-
- They will not go away from what i recall until the SA expires.
But the new SPD will be used for new packets. -
- no change. SPD and SAD both remain in place. For example, bring up an IPsec connection of any type. Verify its SAD an...
-
-
- works
-
12:39 PM pfSense Packages Feature #4581: Add dshield-sensor port to pfPorts
- This can be closed, I submitted a pull request now that I have access to the repository.
-
10:05 AM Bug #3733: Certificate manager doesn't allow wildcards in Subject Alternative Names
- I've created the pull request @ https://github.com/pfsense/pfsense/pull/1713
-
- It will be easy if you submit a pull request at https://github.com/pfsense/pfsense
Then the devs can easily review, ... -
- I made a silly mistake which is now fixed. Here is an updated patch.
-
- I've just optimized the patch a bit to revert back to the original functions which now have an additional $allow_wild...
-
- I've created a patch which now wraps this whole behaviour in a seperate function call.
In /usr/local/www/system_ce... -
- That change is unlikely to make it in unless it's in a separate function or a separate option to the function to acti...
-
- You can achive this behaviour by modifying the file /etc/inc/util.inc
The problem lies within the is_domain() meth... -
- fixed
-
- Hooray! I finally can see something useful in firewall logs on the previously affected site once again! Sanity restor...
-
- fixed
-
- done
-
-
-
- Ermal Luçi wrote:
> You DNS is busted what do you get blocked that was not blocked before?
No. That'd make packag... - 12:14 AM Revision 894d01b6: Revert "Ticket #4442 Do not process URL aliases during bootup but trigger it just after finished booting. This completely solves the bootup delays without lowering the timeout as before. Probably need to increase a bit the timeouts now to be friendly to other connections"
- This reverts commit 0d44aca64623da5a3eeef0619704a10b3cfda7a5.
- 12:14 AM Revision bab606ee: Revert "Ticket #4442 Do not process URL aliases during bootup but trigger it just after finished booting. This completely solves the bootup delays without lowering the timeout as before. Probably need to increase a bit the timeouts now to be friendly to other connections"
- This reverts commit ec9eb7891780e5f142838c03203ad8ce267ed89e.
06/10/2015
-
- 2.2.3-DEVELOPMENT (i386)
built on Wed Jun 10 19:49:59 CDT 2015
FreeBSD 10.1-RELEASE-p11
No more flood of unasked... -
- Patched.
-
- here as well
-
- WFM as well.
-
- Fixed for me on Alix with WiFi card with pfSense-2.2.3-DEVELOPMENT-2g-i386-nanobsd-upgrade-20150610-1048.img.gz
Now ... -
- It's definitely worse to skip it during boot in a variety of cases, and I don't see any circumstances where that help...
-
- You DNS is busted what do you get blocked that was not blocked before?
If your boot takes 1-2 minutes than this is... -
- Hmmmm. Not exactly convinced this is better. This seems to be blocking all traffic from LANs until the boot is comple...
-
- Installer has been updated for new snaps and upgrade code been put in place.
-
-
-
-
-
-
-
-
-
- Applied in changeset commit:8b8a4630542156b160e22cf3921f0be5a4563179.
-
- Applied in changeset commit:0559161320438f942e48c50263043d975be6fc21.
-
- Done for non amd64.
-
- Patch has been updated to solve this issue.
-
07:17 AM Bug #4753: Can't access to the Internet on Pfsense 2.0 with VLAN+CARP
- Ok thank you
-
- "WAN Net" means the subnet of the WAN interface, not the Internet in general.
Please post on the forum for assista... -
- When I set a rule like this :
Proto:IPv4 | source: VlanX Net | p_source: * | Dest : WAN Net | p_dest : (Alias) 80,... -
06:43 AM pfSense Packages Feature #4581: Add dshield-sensor port to pfPorts
- Don't give up, I want this feature for one, but adding to FreeBSD will help everyone
maybe post here https://forum... -
02:44 AM pfSense Packages Feature #4752 (Resolved): SQUID. Exception for speed limits
- Good day to all people!I am submitting for your consideration the idea (the request).
It would be good if in the sec... -
02:29 AM Bug #4661: OpenVPN client can't assign to GWGroup specifying VIPs
- Hello Chris.
I tested this twice,and it's not working properly.
I used version 2.2.3-DEVELOPMENT (amd64) built ...
06/09/2015
-
- Moving this back to Confirmed since the upgrade code is still missing for existing installations, and it appears as t...
-
- Edin Sarajlic wrote:
> Testing:
> Username (provided in OP): *00>00?0*
I think you should read the fine POSIX. S... -
08:03 AM Bug #4605: OpenVPN user/pass fails if usernames and/or passwords contain special characters (reopen bugs 4177 and 4340)
- Sorry, my original pull request (#1711) referenced the wrong bug number.
Please see this Github Pull Request: http... -
- Github Pull Request: https://github.com/pfsense/pfsense/pull/1711
-
- I can confirm that the issue still exists in pfSense 2.2.2.
I can also confirm that Dave Crane's solution works.
... -
01:01 AM Bug #4218: Bridge does not have AUTO_LINKLOCAL flag
- I too can confirm this behaviour.
As a workaround, I have added the following to /etc/inc/interfaces.inc (As per p... -
-
-
-
-
-
-
-
06/08/2015
-
-
-
- If you have a CP config with an idle timeout, have a user logged in, and disable CP, when the idle timeout is reached...
-
- this makes the firewall logs basically completely useless in some networks. Sounds like it shouldn't be too difficult...
-
- same is true of dnsmasq. It's not as simple as just checking for user-defined DNS servers, as those with dynamic WANs...
-
- For 2.2.3, let's set net.inet.ipsec.directdispatch=0 where IPsec is enabled and running on 32 bit.
-
- Updated on tools, will be available on next snapshots
-
01:51 PM Todo #4750: Upgrade to strongswan 5.3.2 for pfsense 2.2.3
- I think they fixed some edge cases with manual reqid as you had in 2.2.1/2: https://wiki.strongswan.org/issues/976
-
- Florian: what reqid fix are you referring to? I don't see anything in the change log for 5.3.1 or 5.3.2 that's relate...
-
-
- Strongswan 5.3.2 fixes a CVE and the reqid assignment, so an upgrade would be nice for 2.2.3.
-
- I'm pretty sure it doesn't happen anymore, still have the test setup running to make sure. Given another ~48 hours, i...
-
- Chris need to confirm this happens still or not.
-
- I corrected the patch to the one in FreeBSD.
Should be on newer snapshots. -
- After reading it more carefully it looks as if:...
-
- Mhm, to be honest, the diff looks quite different from what upstream has, not sure if there was an error during copyi...
- 02:11 PM Revision 0dabc434: Corrected as suggested
- Thanks
- 02:08 PM Revision 30a40ca8: Revised as suggested
- That’s a much better solution. Thanks!
-
- Reported-By: https://twitter.com/fitchitis/status/607850849172373504
-
- Reported-By: https://twitter.com/fitchitis/status/607850849172373504
- 12:15 PM Revision 6c7384b7: Removed debug
-
- Any progress so far
Will it go into GA 2.2.3 -
- Looks good. All of my former problem test cases check out, all of the entries are present at boot time, after filter ...
-
- There's something badly broken on nanobsd with this...
https://forum.pfsense.org/index.php?topic=94900.0 -
12:49 AM Bug #4749: DHCPv6 server not disabling after initial setup
- No, both LAN and WAN interfaces use static IPv6 and IPv4 addresses. IPv6 routing is done for a public /64 network (an...
06/07/2015
-
-
-
-
- This needs a patching on pf(4) that forces logging on packets with ip options dropped if not allowed and does not che...
-
- Its not something to be fixed for now.
-
-
-
-
- A conditional branch did not have the proper test.
- 06:40 PM Revision 7a923e09: Re-generate broken .mo files, it fixes #4705
- 06:39 PM Revision 422fabbc: Remove duplicate message
- 06:38 PM Revision 5f61deb3: Re-generate broken .mo files, it fixes #4705
- 06:37 PM Revision 313e8ab0: Obsolete old pt_BR ISO8859 directory and not current one
-
- To be retested with a new snapshot there might have been issue with operator precedence in previous patch.
-
- Can you specify the scenario to check it?
Normally the only thing i see might be missing some parameter passing to d... -
- when an interface mismatch exists, it prompts with the normal interface reassignment which includes all interfaces. T...
-
- do you have an interface set to track for PD?
-
- Also, ENabling and DISabling the service again in the WebGUI does not change the behaviour: The DHCPv6 server is stil...
-
- Fresh install of pfSense 2.2.2 with 1x LAN and 1x WAN interface.
Used the console menu to (#1) assign interfaces and... -
- Also one this to consider here probably as another issue is that update of urlaliases should not be done inline durin...
-
- I pushed a fix that do not processes URL aliases until bootup is finished.
This should fix properly the issue.
Ma... -
- Actually filterdns was not updated with changes done to ipfw patches for 10.1.
Now it should properly do its task. -
- Applied in changeset commit:cba32cb1d87b813792a0f8caaf68a22f66af76e3.
-
- Applied in changeset commit:8c9216d5f2be3dda86032b24b187aba3328db0a8.
-
- Just a global correction.
-
-
- Applied in changeset commit:7a923e09da7a668b56842fb86cb2871f2131c2e5.
-
- Applied in changeset commit:5f61deb33367d428357c2d873ea22818c2813dcd.
-
- Okay I give up you can close this.
-
10:09 AM Revision c3b3e9c7: simplify is_ipaddrv4() and fix zero-padding issue
- Fixes these two issues:
1) The historical workaround of testing IPv4 for validity by (a) converting to long (b) conv... - 09:41 AM Revision 85616372: Add a note that these files don't have to be converted as they'll be removed from the next release.
- Refs. #229
- 09:30 AM Revision e5cb3cf8: - Resize form-control (inputs, selects, etc.) with CSS
- - Use default width (100%) for smaller viewports
Refs. #141 - 08:23 AM Revision a6901ee1: Merge pull request #215 from sbeaver-netgate/services_captiveportal_mac_edit
- Services captiveportal mac edit
- 08:23 AM Revision 71c259e7: Merge pull request #213 from sbeaver-netgate/services_captiveportal_mac
- Services captiveportal mac
- 08:22 AM Revision 60ef8f2b: Merge pull request #208 from sbeaver-netgate/services_captiveportal_hostname
- Services captiveportal hostname
- 08:22 AM Revision 0ee99643: Merge pull request #207 from sbeaver-netgate/services_captiveportal_filemanager
- Services captiveportal filemanager
- 08:19 AM Revision 7d876cdf: convert type=text to number with valid min, max, placeholder & step #196
- 08:01 AM Revision 79955084: Removed unneeded htmlspecialcharacters()
- 08:01 AM Revision 49c46b6a: interfaces_bridge_edit.php Conversion complete
- Ready for review
Notes:
toggles action to be reviewed once toggle JS finalized -
- it's correct, see that FreeBSD disk FAQ.
-
- https://www.freebsd.org/doc/en_US.ISO8859-1/books/faq/disks.html#idp59442000
-
02:09 AM Bug #4748 (Not a Bug): Calculation error for disk usage
- take a look at the picture please...
109% of...
06/06/2015
-
- Committed by https://github.com/pfsense/pfsense/commit/3a19fd4a84d358ff8e6c9eedcad5b11f7f570fa8
and also to 2.2 bran... -
- Fix committed https://github.com/pfsense/pfsense/commit/16628aa0631bbdceae27f3d2f7ba1fa44ce3b296
06/05/2015
-
- Conflicts:
usr/local/www/status.php -
-
-
-
-
-
- When you don't specify any DNS servers, you can still tick the "DNS Query Forwarding" and save the configuration, res...
-
-
-
- I have experienced a lot of crashes (hard crash that triggers the box to reboot) on 2 different RCC-VE 2440 units (ig...
-
09:32 AM Bug #3973: Route 53 dynamic DNS provider fails to update record
- Here is the patch I am using with the System Patches package to work around this issue in 2.1:...
-
02:43 AM Bug #4653: mtree dies in post_upgrade_command during upgrade from 8.x and earlier
- i attempted 2.1.4 to 2.2.2 48hours ago it ran into this error many times, never rebooted on its own
Jun 3 02:34:3... -
- Can we please revert the broken commit and fix the description until this is recoded properly?
06/04/2015
-
- fixed
-
- fixed
-
- this looks to work fine. Will leave for additional feedback.
If anyone else can help test, please try the latest ... - 08:33 PM Revision db794357: Update "status_interfaces.php"
- Move the "break" and the "endforeach" statements so that the DL and DIV tags are closed properly for every interface
-
- Configure CP with one or more passthrough hostnames, and filterdns runs correctly and logs that it's adding entries: ...
- 08:08 PM Revision dc6695c3: Setup Wizard can result in invalid LAN DHCP pool calculation
- 1) consider where the LAN IP is in the subnet range and then put the
DHCP pool in the biggest remaining segment, eith... - 08:07 PM Revision 3a19fd4a: Merge pull request #1706 from phil-davis/setupwizardlan
- 08:06 PM Revision b3bba7fe: Improve setup wizard host name check
- Redmine #4712
It seems good enough to make the regex strings here be "reasonable". The full checks are done after pre... - 08:06 PM Revision 16628aa0: Merge pull request #1707 from phil-davis/patch-1
- 06:48 PM Revision 1b245100: Merge pull request #310 from ExolonDX/patch-3
- Tidy up HTML5 "label" in login page
- 06:47 PM Revision 93c1b984: Merge pull request #311 from ExolonDX/bootstrap
- Update "interfaces_qinq.php"
-
- FreeBSD PR is https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=200323
- 03:04 PM Revision de4a1c84: Update "interfaces_qinq.php"
- Remove "colon" character at beginning of the file
- 02:49 PM Revision 17ef09c3: Tidy up HTML5 "label" in login page
- The "for" attribute of the "label" element must refer to a form control.
http://www.w3.org/TR/html-markup/label.html... - 02:25 PM Revision 4701e802: Merge pull request #308 from ExolonDX/bootstrap
- Remove duplicate closing bracket
- 02:23 PM Revision 7ac86a5f: Remove duplicate closing bracket
- Remove duplicate closing bracket
- 02:17 PM Revision d719fdd1: Merge pull request #307 from ExolonDX/patch-1
- Remove duplicate closing bracket
- 02:16 PM Revision bf980226: Remove duplicate closing bracket
- Remove duplicate closing bracket
-
- I was testing a 2.1.5 to 2.2.3 upgrade for something else and noticed that mtree ran OK (see the attached upgrade log...
-
- Well, I tested the pfBNG case (i.e., restore the config with tons of URL aliases on a new box). Down to under 2 minut...
06/03/2015
-
- there is a related issue in that icon_pass.gif is shown for direction "both", so configs from older versions where th...
-
- Kill Bill: mind sharing any specifics on what you've seen? How long did it take to boot before, and how long does it ...
-
- *Much* better now... ;)
-
- A big portion of the issue with URL table aliases is file_download can be attempted many times during filter reload w...
-
03:08 PM Bug #4745 (Not a Bug): Reassignment of devices after config restore
- After a configuration restore on new hardware with new physical interface names whiach doesn't mtch the old ones the ...
-
- There are multiple Ion 330 BIOS updates mentioning "improve LAN compatibility" on the ASUS website. Perhaps start th...
-
11:43 AM Bug #4742: nfe0 NIC shows no carrier after interface configuration
- Is there a way to tell what is being done to the interface when it is being configured? I can install and replicate ...
-
- looks to be a driver issue of some sort that needs to be replicated on stock FreeBSD and reported upstream.
-
- I was able to get the device working properly by manually restoring my alix config.xml to the device. On bootup I w...
-
- I am able to use the 2.2.2 memstick image to boot up an asrock ion330 based computer. I am able to install pfsense ...
-
- Pecl APC is deprecated and should be replaced by php55-opcache
-
- this is probably the Android racoon bug with NAT-D. what does the client log show?
-
08:35 AM Bug #4741 (Not a Bug): IPSEC mobile client problem
- Problem with mobile client connection.
I seted up IPSEC vpn with this instruction (https://doc.pfsense.org/index.ph... -
- Please post on the forum for assistance. Most of the time this error is from a dangerous function in the squid 3 pack...
-
09:41 AM Bug #4743 (Rejected): unexpected end of file in /etc/inc/captiveportal.inc on line 248
- Hi, I'm new to BSD family
I recently replaced my network utm to pfsese
but a message containing the bug below is sh... -
06:44 AM Bug #4740 (New): Intel wireless kernel panic in infrastructure mode with WPA
- I've got permanent kernel panic and reboot with intel wireless 4965 minipcie card in WAN infrastructure mode when wpa...
- 06:05 AM Revision a320af18: A number of things block waiting for file download timeouts, sometimes multiple times across multiple files (many URL Table aliases, for instance). The long timeout causes very long boot times (10-20+ minutes) on many configs with pfblocker if booted disconnected from the Internet. This is strictly the timeout for the HTTP/HTTPS connection attempt. Once connected, it can run past that. 5 seconds should be more than enough for any properly-functioning network. Part of Ticket #4442.
- Conflicts:
etc/inc/pfsense-utils.inc - 05:57 AM Revision eefd7773: A number of things block waiting for file download timeouts, sometimes multiple times across multiple files (many URL Table aliases, for instance). The long timeout causes very long boot times (10-20+ minutes) on many configs with pfblocker if booted disconnected from the Internet. This is strictly the timeout for the HTTP/HTTPS connection attempt. Once connected, it can run past that. 5 seconds should be more than enough for any properly-functioning network. Part of Ticket #4442.
-
04:43 AM Bug #4377: pfSense boot freezes after restart in QEMU/KVM
- I have the same pb. FreeBSD guests fail to reboot properly if they have more than one CPU (socket, core, and/or threa...
- 04:37 AM Revision 9f390fb8: device_type isn't used here
- 04:36 AM Revision 7112bcc8: device_type isn't used here
- 12:33 AM Revision b532745a: Don't call growl if the configured address isn't an IP or resolvable
- hostname. Avoids 1 minute timeout delay in fsockopen in growl.class. Cuts
that down to about a 20 second timeout. Tic... - 12:30 AM Revision dbd919ec: Don't call growl if the configured address isn't an IP or resolvable
- hostname. Avoids 1 minute timeout delay in fsockopen in growl.class. Cuts
that down to about a 20 second timeout. Tic...
Also available in: Atom