Project

General

Profile

Activity

From 06/10/2015 to 07/09/2015

07/09/2015

08:23 PM pfSense Packages Bug #4293: Squid 2.7.9 pkg v.4.3.6 i386 won't start
Thank you Tahar for the ln commands, that got it running again for me after I upgraded to 2.2.3-RELEASE. James Snell
07:24 PM Revision 6e332f7f: Debug removed
Ready for review Stephen Beaver
06:38 PM Bug #4310: Limiters + HA results in hangs on secondary
This is also happening to me. I though the issue with the limiters was fixed in 2.2.2 and 2.2.3, so I posted a duplic... Bernardo Pádua
06:28 PM Revision 3795cc0a: diag_ipsec.php
Conversion complete
DEBUG still in place sbeaver
04:42 PM Bug #4823 (Duplicate): Kernel Panic on the backup server on a master/backup CARP setup with pfSync enabled
Duplicate of #4310 Jim Pingle
04:40 PM Bug #4823 (Duplicate): Kernel Panic on the backup server on a master/backup CARP setup with pfSync enabled
I'd been running two pfsense firewalls on a master/backup setup with CARP. It was running fine on the 2.1.x branch. N... Bernardo Pádua
03:19 PM Revision 9a044a7e: diag_gmirror.php
Conversion complete sbeaver
11:34 AM Bug #4822: nanobsd corruption issues after unclean shut down when rw mounted and SU
Here's one from my Alix at home that happened a while ago, but I thought it might have had a flakey CF card and I did... Phillip Davis
07:35 AM Bug #4822: nanobsd corruption issues after unclean shut down when rw mounted and SU
http://lists.freebsd.org/pipermail/freebsd-fs/2014-April/019253.html
Can we get rid of the journal "improvement" A... Kill Bill
07:16 AM Bug #4822 (Resolved): nanobsd corruption issues after unclean shut down when rw mounted and SU
https://forum.pfsense.org/index.php?topic=96326.0... Kill Bill
08:01 AM Bug #4808: Unbound segfaults
Unfortunately not, it seems to crash rather randomly. I'd love to be able to capture a stacktrace or other useful inf... Mark Janssen
06:58 AM Bug #4804: PPPoE Restart won't update IPv6 routing table with gif
> How are you restarting the connection that triggers this?
I've written a script...... Armin Tueting
12:55 AM Bug #4804: PPPoE Restart won't update IPv6 routing table with gif
Updated subject to I think a closer description. But I can't replicate it that much even. Whether via gif, or DHCP6, ... Chris Buechler
06:43 AM Bug #4723: Can't forward UDP fragmented packets with scrubbing enabled.
Maybe my situation is also related to this in some way. We do not get big ping (or I guess other big packets) from br... Phillip Davis
03:14 AM Bug #4814: read-only to read-write mount very slow on nanobsd with slow flash media
Alignment discussed at great length here https://forum.pfsense.org/index.php?topic=95938.0
doktornotor's input can... ky41083 -
02:50 AM Revision 863094c5: Merge pull request #1739 from yakar/patch-6
Chris Buechler

07/08/2015

11:58 PM Bug #4803: config.xml is empty if power loss or panic happens shortly after config write
this looks to be fixed. Up to 15 cycles with no issues in a circumstance that would fail at least 50% of the time bef... Chris Buechler
11:40 PM Bug #4607: Bridge+CARP crashes/freezes pfSense
Thanks 2.2.3 is working smoothly now . Manoj Semwal (RootMd5)
11:38 PM Feature #809: Config sync username change
Thanks,
Added to : https://github.com/pfsense/pfsense/pull/1735 Brett Merrick
01:58 AM Feature #809: Config sync username change
yeah that's fine to remove the username field, no point in having it right now. Pull request welcome. Thanks!
Chris Buechler
01:44 AM Feature #809: Config sync username change
Related:
* Bug #1971 (Rejected): carp sync username not honored
* Bug #1736 (Closed): Allow other users to be used ... Brett Merrick
05:58 PM Bug #4808 (Feedback): Unbound segfaults
is there any means of replicating? Chris Buechler
05:33 PM Revision a2a5983a: Restore section commented out for testing
sbeaver
01:30 PM Feature #4821 (Closed): PPPoE WANs do not take full advantage of NIC driver queues for receiving traffic
On PPPoE WANs packets are only received on one NIC driver queue (queue0) while packets are transmitted from all queue... Jim Pingle
01:01 PM Feature #4796: Support Multiple FIBs in pfSense
I already put in a feature request for this- https://redmine.pfsense.org/issues/4598 Jon Klinck
12:14 PM Revision cffc7ec1: services_captiveportal.php Conversion complete
Conversion complete sbeaver
10:17 AM Bug #4723: Can't forward UDP fragmented packets with scrubbing enabled.
I can somewhat confirm this with the following scenario:
* *Central Office*
** OVPN Server (TCP, AES-256-CBC, LZO... JD -
08:46 AM Bug #4820: DHCP Scope at setup
I set LAN and WAN IP info via the console, then completed setup via the webGUI using the wizard. The initial DHCP sco... Andrew Houlne

07/07/2015

08:17 PM Bug #4820 (Feedback): DHCP Scope at setup
ditto Phil's question. The setup wizard in the web interface definitely doesn't do that, and I don't recall the conso... Chris Buechler
11:34 AM Bug #4820: DHCP Scope at setup
How did you do the initial setup - using the webGUI initial wizard, from console menu selections, or?
And how did yo... Phillip Davis
09:15 AM Bug #4820 (Resolved): DHCP Scope at setup
At initial setup, 192.168.100.1 was used for the LAN IP and a DHCP scope of 192.168.100.0/24 appeared in the interfac... Andrew Houlne
10:57 AM pfSense Packages Bug #4819 (Not a Bug): pfSense IPsec rekey not functional
you have to delete the already-established SAs after making such changes. #4268 Chris Buechler
09:06 AM pfSense Packages Bug #4819: pfSense IPsec rekey not functional
Florian Ganée wrote:
> Solved by deleting and creating VPN entirely again
 Florian Ganée
09:06 AM pfSense Packages Bug #4819: pfSense IPsec rekey not functional
Solved by deleting et creating VPN entirely again Florian Ganée
07:11 AM pfSense Packages Bug #4819: pfSense IPsec rekey not functional
Forgot to mention : running 2.2.3-RELEASE (amd64) Florian Ganée
07:08 AM pfSense Packages Bug #4819 (Not a Bug): pfSense IPsec rekey not functional
IPsec rekey is shown as Enabled in VPN phase 1 and in config files, but in Status > IPsec when Phases 1 & 2 are up "R... Florian Ganée
10:42 AM Revision 1a1d9a8c: Update index.php
Aydin Yakar
10:39 AM Revision c4b85119: Update index.php
Aydin Yakar
09:38 AM Bug #4818: IPSec makes worse in some cases - since 2.2.3 Update
Thanks for your quick response Chris!
I tried the last "nighty build" -> pfSense-Full-Update-2.2.4-DEVELOPMENT-amd64... Marvin Kamm

07/06/2015

10:05 PM Revision f2265d88: Fix dashboard hardware crypto display where AES-NI is enabled. Ticket
Chris Buechler
10:03 PM Revision c9e7807a: Fix dashboard hardware crypto display where AES-NI is enabled. Ticket
Chris Buechler
08:41 PM Revision 10c65c48: Don't check whether the QinQ interface exists when deleting. Unnecessarily
makes QinQ un-deletable where the parent interface no longer exists
(removed, config restored from diff hardware, etc.). Chris Buechler
08:40 PM Revision ee3b5c15: Don't check whether the QinQ interface exists when deleting. Unnecessarily
makes QinQ un-deletable where the parent interface no longer exists
(removed, config restored from diff hardware, etc.). Chris Buechler
05:02 PM Bug #4809 (Resolved): Dashboard - Hardware crypto (aesni) display cut off with Netgate ADI Board
fixed, thanks Chris Buechler
04:56 PM Revision 7c771d19: Make sure config.xml is safe on disk when restoring a backup, ticket #4803
Renato Botelho
04:55 PM Revision 38b35612: Make sure config.xml is safe on disk when restoring a backup, ticket #4803
Renato Botelho
04:51 PM Revision a83602e8: Make sure temporary config file is safe on disk before rename, ticket #4803
Renato Botelho
04:51 PM Revision b318432e: Make sure temporary config file is safe on disk before rename, ticket #4803
Renato Botelho
04:49 PM Revision 817d1407: Remove reference to vfs.forcesync
Renato Botelho
04:48 PM Revision bee2f247: Remove reference to vfs.forcesync
Renato Botelho
04:31 PM Bug #4596 (Duplicate): NAT 1:1 vs VIP, limiters works on LAN, but on WAN breaks NAT
duplicate of #4326 Chris Buechler
04:31 PM Bug #4326 (Confirmed): Limiters on firewall rules where NAT applies drop all traffic
updated subject to root problem, closing out #4596 as duplicate of this. Chris Buechler
06:32 AM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic
Like Ryan, I'm still seeing the issue after upgrading to 2.2.3. Adam Hirsch
04:23 PM Bug #4818 (Feedback): IPSec makes worse in some cases - since 2.2.3 Update
this likely overlaps with the changes made as part of fixing #4811, which some have confirmed fixed things for them t... Chris Buechler
10:19 AM Bug #4818 (Resolved): IPSec makes worse in some cases - since 2.2.3 Update
Since updateing pfsense from V2.1.5 to V2.2.3, I´ve some issues with the IPsec VPN.
I´ve configured about 20 IPsec v... Marvin Kamm
04:01 PM Bug #4817 (Feedback): rc.start_packages: Restarting/Starting all packages on config sync
what packages do you have installed?
That says fw1, but the logs indicate something is config syncing to that sys... Chris Buechler
05:14 AM Bug #4817 (Closed): rc.start_packages: Restarting/Starting all packages on config sync
Applying configuration of pfsense cause openvpn server restart
When you press apply configuration on DNS TAB or on T... Tsvyatko Kriviradev
03:43 PM Revision d0577bd2: Use right function pfSense_fsync to make sure config file is safe on disk, ticket #4803
Renato Botelho
03:42 PM Revision de7ae0bb: Use right function pfSense_fsync to make sure config file is safe on disk, ticket #4803
Renato Botelho
11:50 AM Bug #4803 (Feedback): config.xml is empty if power loss or panic happens shortly after config write
Please try next round of snapshots, a pfSense_fsync was implemented and is being used to make config.xml save operati... Renato Botelho
02:46 AM Bug #4803: config.xml is empty if power loss or panic happens shortly after config write
Jim Thompson wrote:
> This needs similar work (and a PHP extension, because fsync() isn't possible via PHP) to what ... Kill Bill
09:00 AM Bug #4805: Using FQDN and IP in alias causes static entries to be lost
Another observation, after some time (30min-60min) its recover from badly filled tables and are filled with proper IP... Tomas Ulicky
08:50 AM Bug #4805: Using FQDN and IP in alias causes static entries to be lost
In the log there is correctly: filterdns: adding entry 1.1.1.1 to table IP_Alias_1 on host fqdn1.server.com
But in ... Tomas Ulicky
08:37 AM Bug #4805: Using FQDN and IP in alias causes static entries to be lost
Update, it is not working even with filterdns.fixed, after some time, if I reload some firewall rules tables are mism... Tomas Ulicky
02:00 AM Revision 8cbb22c6: fix includes so shellsession restartipsec works.
Chris Buechler
02:00 AM Revision d04b109b: fix includes so shellsession restartipsec works.
Chris Buechler

07/05/2015

09:36 PM Bug #4523: master.passwd/group file corruption may occur after kernel panic or unclean shut down
The sync option was not an *optimal* fix, but it was a proper fix, as it does fix the corruption issue, and was what ... Jim Thompson
11:47 AM Bug #4523: master.passwd/group file corruption may occur after kernel panic or unclean shut down
Thomas X wrote:
> I was just wondering why this could happen although sync was added in 2.2.3.
Probably because t... Kill Bill
09:16 AM Bug #4523: master.passwd/group file corruption may occur after kernel panic or unclean shut down
One addition: Filesystem has been in standard NanoBSD mode (ReadOnly) when the loss of power appeared. Thomas X
09:10 AM Bug #4523: master.passwd/group file corruption may occur after kernel panic or unclean shut down
Today I had a power loss with pfSense 2.2.3 AMD64 NanoBSD, which seems to have corrupted the installation. The system... Thomas X
09:34 PM Bug #4803: config.xml is empty if power loss or panic happens shortly after config write
This needs similar work (and a PHP extension, because fsync() isn't possible via PHP) to what fixed the corruption of... Jim Thompson
09:32 PM Bug #4814: read-only to read-write mount very slow on nanobsd with slow flash media
that patch isn't going into pfSense.
We'll investigate 'why' the transition is slow, then attempt to develop a sol... Jim Thompson
05:48 PM Bug #4816 (Resolved): Do not overwrite custom /etc/dh-parameters.* on upgrade
When people go through the hassle of generating their own set of DH parameters, it'd be nice to not overwrite those a... Kill Bill
05:33 PM Revision 028ff8f8: Fix #4813 validation of enable/disable of gateways and static routes
1) A disabled gateway can always be enabled - no extra validation
needed.
2) When disabling an enabled gateway, check... Phil Davis
05:21 PM Bug #4237: Error "macro IPsec not defined" once after firmware upgrade
Having the same issue here:
[ There were error(s) loading the rules: /tmp/rules.debug:108: macro IPsec not define... Johannes Ullrich
12:39 PM Bug #4813: It's not possible to disable a static route that is set to use a gateway that is disabled using the edit dialogue.
Validation of enable/disable of gateways and static routes
Pull request: https://github.com/pfsense/pfsense/pull/173... Phillip Davis

07/04/2015

10:56 AM Bug #4815: NTP status widget shows truncated IPv6 address
Well, apparently there's the same issue with Status - NTP. This can be solved by using -w option (https://bugs.ntp.or... Kill Bill
10:24 AM Bug #4815 (Resolved): NTP status widget shows truncated IPv6 address
See screenshot. In fact, the IP is 2001:718:801:230::8c as confirmed by ntpq -p.
!http://i62.tinypic.com/2vvmm4p.png! Kill Bill
06:47 AM Revision 5af64602: remove debug.pfftpproxy, it no longer exists.
Chris Buechler
06:47 AM Revision f39cb6af: remove debug.pfftpproxy, it no longer exists.
Chris Buechler
05:07 AM Bug #4811 (Resolved): keyid identifiers not working
fixed Chris Buechler
04:28 AM Bug #4806 (Feedback): Mobile IPSec Broken on iOS devices after 2.2.3 Upgrade from 2.2.2
looks to be fixed in 2.2.4 after gitsync, next snapshot will include those changes. Chris Buechler
04:11 AM Revision aaf07882: de-activate sync on upgrade where it's enabled now that the root passwd/group problem is fixed. Ticket #4523
Chris Buechler
04:11 AM Revision 2300307e: de-activate sync on upgrade where it's enabled now that the root passwd/group problem is fixed. Ticket #4523
Chris Buechler
04:09 AM Bug #4791 (Resolved): AES-NI on 2.2.3-RELEASE broken with non AES-GCM modes
fixed Chris Buechler
01:06 AM Revision d44e7dc0: Fix keyid identifers, and go back to using %any in ipsec.secrets as in previous versions, fixing a variety of other ID issues. Latter will break some mobile IPsec circumstances, fix for that to come after more testing. Ticket #4811
Chris Buechler
01:03 AM Revision f5aec3e1: Fix keyid identifers, and go back to using %any in ipsec.secrets as in previous versions, fixing a variety of other ID issues. Latter will break some mobile IPsec circumstances, fix for that to come after more testing. Ticket #4811
Chris Buechler

07/03/2015

11:11 PM Bug #4523 (Feedback): master.passwd/group file corruption may occur after kernel panic or unclean shut down
this is adequately worked around in 2.2.3 with the usage of sync. Now that we have a proper fix for pw in 2.2.4, and ... Chris Buechler
06:47 PM Revision a61daab9: Fix put static route destination in config change description
When enabling or disabling a route by using the enable/disable button on the Routes page, the destination network was... Phil Davis
06:47 PM Revision 96f98071: Merge pull request #1736 from phil-davis/patch-1
Renato Botelho
06:35 PM Revision 6135a11f: Fix put static route destination in config change description
When enabling or disabling a route by using the enable/disable button on the Routes page, the destination network was... Phil Davis
05:27 PM Bug #4803: config.xml is empty if power loss or panic happens shortly after config write
#4814 opened re: the regression of #2401 for the slow ro->rw mount issue discussed here. Chris Buechler
05:27 PM Bug #4814: read-only to read-write mount very slow on nanobsd with slow flash media
this patch fixes the issue, though apparently isn't good.
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=176169
... Chris Buechler
05:25 PM Bug #4814 (Closed): read-only to read-write mount very slow on nanobsd with slow flash media
Opening a new issue to track the regression of old bug #2401. The ro->rw mount is so slow on some hardware that it ma... Chris Buechler
01:42 PM Bug #4813: It's not possible to disable a static route that is set to use a gateway that is disabled using the edit dialogue.
I just made a pull request for the first tiny error I noticed:
https://github.com/pfsense/pfsense/pull/1736
I am ... Phillip Davis
10:58 AM Bug #4813 (Resolved): It's not possible to disable a static route that is set to use a gateway that is disabled using the edit dialogue.
If you attempt to edit a static route to disable it and the gateway set is already disabled you will receive the foll... Steve Wheeler

07/02/2015

11:39 PM Bug #4811: keyid identifiers not working
The likely cause for this is the mishandling of the identity type prefixes, as reported on bug "4792":https://redmine... Jorge Albarenque
08:12 PM Revision 49683954: sync up vpn.inc with master. Mostly white space and style changes
Chris Buechler
07:46 PM Revision 255075c9: sync up ipsec.inc with master. Mostly whitespace and style changes.
Chris Buechler
11:44 AM pfSense Packages Bug #4812 (Duplicate): Layer7 Filter
duplicate of #4309 Chris Buechler
11:43 AM pfSense Packages Bug #4812 (Duplicate): Layer7 Filter
internet stops working after creating layer 7 filter then adding it into firewall rule.
i followed this link - (http... Aamir Hussain
11:40 AM pfSense Packages Bug #4309: layer7 do not work properly
my internet stops working after creating layer 7 filter then adding it into firewall rule.
i followed this link - (h... Aamir Hussain
08:19 AM Todo #4672: Update igmpproxy to latest version
Yes, I have used this steps from forum (credit Andrew)
But I did pkg stuff on another pfsense and extracted only bin... Tomas Ulicky
06:53 AM Bug #4746: captive portal allowed hostnames not loaded into table at boot time
Yes, the 2.2.3 New Features and Changes page says that this is fixed in 2.2.3, but here in Redmine it says target 2.3... Phillip Davis
03:15 AM Bug #4746: captive portal allowed hostnames not loaded into table at boot time
As stated in version 2.2.3 changelog, this bug has to be resolved but now, it doesn't work also if you add FQDN in th... Davide Cottignoli
05:50 AM Bug #4794: Handling of ASN1.DN values for RSA IPsec during upgrades from previous versions
As I've recently explained on an "Ubuntu bug report related to pfSense":https://bugs.launchpad.net/ubuntu/+source/str... Tobias Brunner
02:31 AM Bug #4596: NAT 1:1 vs VIP, limiters works on LAN, but on WAN breaks NAT
Tested now.
I confirm the problem on 2.2.3, limiters works well on LAN, but if I enable on WAN breaks 1:1 NAT. Luca De Andreis
12:23 AM Revision e9b65f25: fix part of keyid problem. Ticket #4811
Chris Buechler

07/01/2015

09:03 PM Revision 4af5c0c8: Remove unnecessary deletion of rc.conf. Add an empty rc.conf with a note
so people don't think they should be using it. Chris Buechler
08:10 PM Revision bc5c2e54: Improve handling of port ranges in relayd, fixes #4810
Jim Pingle
08:10 PM Revision 9195a837: Improve handling of port ranges in relayd, fixes #4810
Jim Pingle
08:03 PM Revision 71ffb7bb: Merge branch 'RELENG_2_2' of git.pfmechanics.com:pfsense/pfsense into RELENG_2_2
Chris Buechler
08:01 PM Revision 9924ebd4: Remove the unnecessary deletion of rc.conf. Add an empty rc.conf with a
note so people don't think they should be using it. Chris Buechler
07:18 PM Bug #4811 (Resolved): keyid identifiers not working
keyid identifiers in IPsec stopped working from 2.2.2 -> 2.2.3. Chris Buechler
05:33 PM Revision 45521d7c: Remove $array_keys references and use $pkg_info. Spotted-by: phil-davis
Renato Botelho
03:36 PM Revision b75cdd94: Encode ca/cert descr in system_certmanager.php
Jim Pingle
03:32 PM Revision 362ddda1: Encode ca descr in system_camanager.php
Jim Pingle
03:32 PM Revision b741d2ef: Encode ca/cert descr in system_certmanager.php
Jim Pingle
03:28 PM Revision 97fdd83d: Encode ca/cert descr in system_certmanager.php
Jim Pingle
03:27 PM Revision 234cde4b: Encode ca/cert/crl descr in system_crlmanager.php
Jim Pingle
03:20 PM Revision f08e24a3: Encode ca/cert/crl descr in system_crlmanager.php
Jim Pingle
03:20 PM Bug #4810: Load Balancing GUI does not properly handle port ranges in relayd.conf
Applied in changeset commit:bc5c2e542c7a89ae59f079540ee6fc8f4183b9aa. Jim Pingle
03:20 PM Bug #4810 (Feedback): Load Balancing GUI does not properly handle port ranges in relayd.conf
Applied in changeset commit:9195a8378002ed41b459eb8c53a208f5fc6f8d4c. Jim Pingle
03:05 PM Bug #4810 (Resolved): Load Balancing GUI does not properly handle port ranges in relayd.conf
relayd supports port ranges in the listen directive but the forward directive should only have the first port. Also, ... Jim Pingle
03:19 PM Revision 28bb8178: Encode ca/cert descr in vpn_openvpn_server.php
Jim Pingle
03:18 PM Revision 009bd5fe: Encode ca/cert descr in vpn_openvpn_server.php
Jim Pingle
03:17 PM Revision 8bcc385b: Encode ca/cert descr in vpn_openvpn_client.php
Jim Pingle
03:16 PM Revision f7ca9674: Encode ca/cert descr in vpn_openvpn_client.php
Jim Pingle
03:15 PM Revision d6a94eda: Encode ca/cert descr in vpn_ipsec_phase1.php
Jim Pingle
03:15 PM Revision f9e80e5d: Encode ca/cert descr in vpn_ipsec_phase1.php
Jim Pingle
03:14 PM Revision a1457143: Encode ca/cert descr in system_authservers.php
Jim Pingle
03:13 PM Revision 2ce606e1: Encode ca/cert descr in system_authservers.php
Jim Pingle
03:12 PM Revision 11df0320: Encode ca/cert descr in system_usermanager.php
Jim Pingle
03:11 PM Revision 76e3f194: Encode ca/cert descr in system_usermanager.php
Jim Pingle
03:11 PM Revision 0d458903: Encode cert/ca descr in system_advanced_admin.php
Jim Pingle
03:10 PM Revision d2d45b5f: Encode cert/ca descr in system_advanced_admin.php
Jim Pingle
03:10 PM Revision e67c70a3: Encode cert/ca descr in services_captiveportal.php
Jim Pingle
03:08 PM Revision 0d6b017b: Encode cert/ca descr in services_captiveportal.php
Jim Pingle
03:07 PM Revision 636dfa95: Encode ca/cert info in openvpn_wizard.inc
Jim Pingle
03:06 PM Revision ae142a10: Encode ca/cert info in openvpn_wizard.inc
Jim Pingle
02:29 PM Revision 3d3e30b3: Modify pkg_mgr.php to deal with pkg
Renato Botelho
02:16 PM Bug #4803 (Confirmed): config.xml is empty if power loss or panic happens shortly after config write
This does not appear to be specific to NanoBSD or even sync on the filesystem.
I can replicate this by causing a p... Jim Pingle
02:15 PM Bug #4809 (Resolved): Dashboard - Hardware crypto (aesni) display cut off with Netgate ADI Board
If aesni is available and enabled, the Dashboard displays a cut off Hardware crypto line
Hardware crypto <AES-CBC
... Guido Glaus
01:58 PM Revision 29d84dd4: Fix install_package calls and check for failures
Renato Botelho
01:58 PM Revision 5e51b5b9: Simplify logic and use correct calls for install_package
Renato Botelho
01:57 PM Revision fad3ad59: Fix install_package() return for failure
Renato Botelho
01:22 PM Revision 6a3380dd: Remove old and unnecessary code
Renato Botelho
01:20 PM Revision b27ac786: Stop using undefined variable and create a single package debug file
Renato Botelho
01:19 PM Revision 9b1aa8d9: Improve debug messages
Renato Botelho
01:18 PM Revision 666c49ce: Fix call to undefined function read_pkg_config
Renato Botelho
01:18 PM Revision 0d579b59: Only try to remove pkg if it's installed, otherwise just cleanup xml part
Renato Botelho
01:17 PM Revision 65c94077: Implement get_pkg_info()
Renato Botelho
01:17 PM Revision e1382589: Make pkg_delete() more verbose
Renato Botelho
01:16 PM Revision e7553e1b: Remove packages from cache after install, also add debug messages
Renato Botelho
01:15 PM Revision 26994952: Mute call to 'pkg info -e' used to check if pkg is installed
Renato Botelho
01:14 PM Revision 6fd37d04: Re-implement pkg_call() using proc_open() and stream_select() and also implement pkg_exec()
Renato Botelho
01:09 PM Revision 1e8644ca: pfsense-utils.inc is being required, there is no chance of update_status() and update_output_window() don't exist
Renato Botelho
11:54 AM Todo #4672: Update igmpproxy to latest version
Tomas: what are you changing the binary to, just the one from stock FreeBSD ports? Chris Buechler
04:35 AM Todo #4672: Update igmpproxy to latest version
I support this idea, because it is not difficult to implement and solves many problem.
Currently Im changing binary... Tomas Ulicky
08:30 AM Revision e2451989: Only process Traffic Graph object if it is open
Reduces useless CPU use on the pfSense box when the dashboard is
displayed with the Traffic Graphs widget. Phil Davis
06:09 AM Bug #4808 (Closed): Unbound segfaults
On one of my pfSense boxes I've seen Unbound segfault a couple of times. Since pfSense doesn't seem to monitor Unboun... Mark Janssen
05:59 AM Bug #4791: AES-NI on 2.2.3-RELEASE broken with non AES-GCM modes
I just hit this issue as well, disabling AES-NI did the trick. It's a bit unfortunate that the release notes/blog pos... Mark Janssen
04:22 AM Bug #4806: Mobile IPSec Broken on iOS devices after 2.2.3 Upgrade from 2.2.2
Chris Buechler wrote:
> this diff will fix iOS.
>
> [... @@ -613,7 +613,7 @@ EOD; ...]
>
I saw this issue bef... Arno Tilroe
12:35 AM Bug #4806: Mobile IPSec Broken on iOS devices after 2.2.3 Upgrade from 2.2.2
this diff will fix iOS. ... Chris Buechler
04:04 AM Bug #4805: Using FQDN and IP in alias causes static entries to be lost
Yeah, sorry this is typo, correct one is:
IP_Alias_10 IP_Alias_5, IP_Alias_2, IP_Alias_1, IP_Alias_3, IP_Alias_4 Tomas Ulicky
01:15 AM Bug #4804: PPPoE Restart won't update IPv6 routing table with gif
Chris Buechler wrote:
> what type of v6 connectivity do you have? Looks like a HE.net or similar tunnel?
Connectit... Armin Tueting
12:40 AM Bug #4807 (Resolved): Unbound interface-automatic not added where interfaces list is empty
adding ticket for tracking, already-fixed issue here:
https://github.com/pfsense/pfsense/commit/342f509028bc675c811... Chris Buechler

06/30/2015

10:22 PM Bug #4463: Fix the NTPD Access Restrictions / and other NTPD related issues, including GPS
Anything I can do to help move this along? Do I need to clarify anything? Andrew Stuart
10:19 PM Bug #4784: IPsec mobile fails with VPNC and "Network List" after 2.2.x upgrade
this ticket is specific to vpnc and only vpnc. iOS PSK issues in 2.2.3 is #4806 Chris Buechler
04:11 AM Bug #4784: IPsec mobile fails with VPNC and "Network List" after 2.2.x upgrade
Hi,
Attached are the screenshots of the VPN configuration for this, along with a log file of the connection attemp... David Harrigan
03:41 AM Bug #4784: IPsec mobile fails with VPNC and "Network List" after 2.2.x upgrade
Hi,
I can confirm that this issue is still affecting me - with the disable AES-NI workaround enabled. My iOS clien... David Harrigan
10:18 PM Bug #4806 (Confirmed): Mobile IPSec Broken on iOS devices after 2.2.3 Upgrade from 2.2.2
fixing some mobile IPsec scenarios broke iOS PSKs, I'm already looking into it. Chris Buechler
10:11 PM Bug #4806 (Resolved): Mobile IPSec Broken on iOS devices after 2.2.3 Upgrade from 2.2.2
Since others are posting to [[https://redmine.pfsense.org/issues/4784]]. I figured it's worth opening a new ticket in... Andrew Stuart
08:10 PM Bug #4805: Using FQDN and IP in alias causes static entries to be lost
@Tomas - your description of IP_Alias_10 includes IP_Alias_6
But IP_Alias_6 is not mentioned anywhere else.
Is ther... Phillip Davis
04:51 PM Bug #4805: Using FQDN and IP in alias causes static entries to be lost
And IP_Alias_10 contains only IP address from IP_Alias_5 Tomas Ulicky
04:48 PM Bug #4805: Using FQDN and IP in alias causes static entries to be lost
For better replication this is what happening:
IP_Alias_10 IP_Alias_6, IP_Alias_2, IP_Alias_1, IP_Alias_3, IP_Alias... Tomas Ulicky
04:41 PM Bug #4805 (Resolved): Using FQDN and IP in alias causes static entries to be lost
Hi, despite of fact that this issue was resolved (https://redmine.pfsense.org/issues/4296), I have problem, that in A... Tomas Ulicky
03:40 PM Revision 0e715186: Make rc.packages deal with fcgicli call
Renato Botelho
03:26 PM Bug #4790: Established IPSec Tunnel refused transporting further traffic out of sudden.. it than refuses any rule based traffic to anywhere!
Hi Chris,
I know, that's why I did - before I opened this bug - at least tried it for two days without Snort... in... Ingo-Stefan Schilling
11:29 AM Bug #4790 (Not a Bug): Established IPSec Tunnel refused transporting further traffic out of sudden.. it than refuses any rule based traffic to anywhere!
That definitely sounds like you have a Snort signature set enabled that's too touchy, and it blocked the remote endpo... Chris Buechler
05:56 AM Bug #4790: Established IPSec Tunnel refused transporting further traffic out of sudden.. it than refuses any rule based traffic to anywhere!
Thank you for your Update and Feedback, I found meanwhile that https://forum.pfsense.org/index.php?topic=78151.15 did... Ingo-Stefan Schilling
11:50 AM Bug #4804 (Feedback): PPPoE Restart won't update IPv6 routing table with gif
what type of v6 connectivity do you have? Looks like a HE.net or similar tunnel?
Did this work at any previous po... Chris Buechler
08:15 AM Bug #4804 (Closed): PPPoE Restart won't update IPv6 routing table with gif
Hello,
after rebooting pfSense 2.2.3 ... Armin Tueting
11:43 AM pfSense Packages Bug #4304: pfflowd non-functional on 2.2.x versions
given some period of time, it also goes nuts and starts logging like mad, to the extent its logging generates over 6 ... Chris Buechler
07:03 AM pfSense Packages Bug #4304 (Confirmed): pfflowd non-functional on 2.2.x versions
Opening this back up. Though pfflowd does not complain about the pfsync version, it does not produce any data. Jim Pingle
11:06 AM Bug #4795 (Not a Bug): IPsec logging is not working
Chris Buechler
04:43 AM pfSense Packages Bug #4799: Emulex OCE11102-NT & PFSENSE 2.2.2 & VLAN TAG
Thank you for your quick answer.
I tested this morning opnsense (the fork from pfsense and based on FreeBSD 10.1)... Romain Amar
02:33 AM Bug #4803: config.xml is empty if power loss or panic happens shortly after config write
dem co wrote:
> 3 minutes+ waiting time when running conf_mount_ro() on CF card).
That's due to removal of this p... Kill Bill
01:48 AM Bug #4803 (Resolved): config.xml is empty if power loss or panic happens shortly after config write
When running ver 2.2.3 nanobsd with filesystem kept permanently read-write enabled (due to 3 minutes+ waiting time wh... dem co

06/29/2015

09:07 PM Bug #4795: IPsec logging is not working
I apologize, my issue was not actually with IPsec logging. Syslog was not working at all, even across reboots, on two... Jorge Albarenque
11:03 AM Bug #4795 (Feedback): IPsec logging is not working
where is it not working, what's blank? It works fine in general. Chris Buechler
05:30 PM Revision bdfce2a4: Merge branch 'RELENG_2_2' of git.pfmechanics.com:pfsense/pfsense into RELENG_2_2
Chris Buechler
02:54 PM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic
Ermal Luçi wrote:
> This seems affecting only NAT with limiters.
> It should be handled properly now in 2.2.3 i wil... Ryan Clough
02:19 PM Bug #3096: Limiters problem using Multi WAN
Any news about when this bug will be dealt with ? I don't see it in the roadmap. Jonathan Gibert
01:55 PM Bug #4802 (Duplicate): OpenVPN Client wont start after reboot, when set to a Gateway Group specifing a VIP
duplicate #4661 Chris Buechler
01:52 PM Bug #4802 (Duplicate): OpenVPN Client wont start after reboot, when set to a Gateway Group specifing a VIP
An OpenVPN Client won't start after reboot of the primary node, when set to a Gateway Group specifing a VIP. Cullen Trey
01:55 PM Bug #4661 (Confirmed): OpenVPN client can't assign to GWGroup specifying VIPs
Chris Buechler
01:29 PM Bug #4722: Ralink USB driver yields a double fault panic on pfSense, works on FreeBSD with equivalent config
Spoke too soon, I went back and tried it on the original hardware that was used to replicate the problem and it still... Jim Pingle
12:24 PM Bug #4722: Ralink USB driver yields a double fault panic on pfSense, works on FreeBSD with equivalent config
Apparently so. Moving the sleep down below the other line allows it to function. Occasionally drops an error on the c... Jim Pingle
11:46 AM Bug #4722 (Confirmed): Ralink USB driver yields a double fault panic on pfSense, works on FreeBSD with equivalent config
guessing this is probably all 2.2.x versions.
Does the workaround in #4740 also work around this? Chris Buechler
01:05 PM Bug #4790 (Feedback): Established IPSec Tunnel refused transporting further traffic out of sudden.. it than refuses any rule based traffic to anywhere!
I'm guessing the IPsec service is one you've restarted in the process? There should be nothing rebooting does that re... Chris Buechler
12:40 PM Bug #4801: IPSec multiple Phase 2 single-phase 1
Chris Buechler wrote:
> no indications of a bug here. If IKEv2, and a Cisco ASA on the other side, that's #4704 (whi... jose wagner alves da cruz
12:09 PM Bug #4801 (Not a Bug): IPSec multiple Phase 2 single-phase 1
no indications of a bug here. If IKEv2, and a Cisco ASA on the other side, that's #4704 (which is a Cisco problem ult... Chris Buechler
10:18 AM Bug #4801 (Not a Bug): IPSec multiple Phase 2 single-phase 1
I can not connect multiple Phase 2 single-phase 1.
I have an IPSec VPN with a business partner, but I need to have... jose wagner alves da cruz
11:43 AM Bug #3330 (Confirmed): Load Balancer showing wrong Status when using aliases for the port
Chris Buechler
11:43 AM Feature #4787 (Needs Patch): Time restrictions on Users, for Captive Portal auth
I don't see this being something we integrate into the user manager, given those with these requirements often have o... Chris Buechler
11:39 AM Bug #4738 (Resolved): Setup Wizard can result in invalid LAN DHCP pool calculation
Chris Buechler
11:38 AM Feature #4782 (Feedback): Display monitor IP on Gateways widget
Chris Buechler
11:37 AM Bug #4797 (Feedback): Display any advanced DHCP server settings when opening Services DHCP webGUI page
Thanks Phil. I'll confirm when time permits Chris Buechler
10:31 AM Revision f4f884bc: Merge pull request #1732 from phil-davis/traffic-graphs-widget
Renato Botelho
10:20 AM Bug #4800 (Rejected): IPSec múltiplas fase 2 com uma fase 1
Superseded by #4801 that has description in english. Renato Botelho
09:17 AM Bug #4800 (Rejected): IPSec múltiplas fase 2 com uma fase 1
Não consigo conectar múltiplas fase 2 com uma fase 1.
Possuo uma vpn IPSec com uma empresa parceira, porém necessi... jose wagner alves da cruz
10:03 AM Bug #4685 (New): Crash/panic "Sleeping thread owns a non-sleepable lock"
Customers are still reporting panics on 2.2.3 with all of the fixes thus far applied. Crash dump looks virtually iden... Jim Pingle
09:36 AM pfSense Packages Bug #4799 (Rejected): Emulex OCE11102-NT & PFSENSE 2.2.2 & VLAN TAG
We can't call this a bug since that isn't a driver we include or have any capability to test. It appears you copied t... Jim Pingle
08:38 AM pfSense Packages Bug #4799 (Rejected): Emulex OCE11102-NT & PFSENSE 2.2.2 & VLAN TAG
Hello,
I bought a 10Gbe Emulex OCE11102-NT. The network card works fine on FreeBSD 10.1. I tried to configured som... Romain Amar
02:14 AM Feature #4798: Make host and domain overrides available to both DNS Resolver and DNS Forwarder
The code was already there with 2.1.x and the unbound *package*. https://github.com/pfsense/pfsense-packages/blob/mas... Kill Bill

06/28/2015

04:51 AM Feature #4798 (New): Make host and domain overrides available to both DNS Resolver and DNS Forwarder
There have been a few times on the forum when people need to be told to put in their Host or Domain Overrides again w... Phillip Davis
04:11 AM Bug #4797: Display any advanced DHCP server settings when opening Services DHCP webGUI page
Fixed by commit to master:
https://github.com/pfsense/pfsense/commit/90ad3a76edae543bcc63252b14660ac4baee291e Phillip Davis
04:11 AM Bug #4797 (Resolved): Display any advanced DHCP server settings when opening Services DHCP webGUI page
When the services_dhcp page is shown the contents of advanced settings are not shown to the user - the user has to cl... Phillip Davis
04:05 AM Bug #4738: Setup Wizard can result in invalid LAN DHCP pool calculation
The commit to 2.2 branch was:
https://github.com/pfsense/pfsense/commit/dc6695c3f41f65dd3232e311e589bad217bb4c10
Th... Phillip Davis
03:58 AM Feature #4783: Add description as a display option on Traffic Graph
Done by commits:
https://github.com/pfsense/pfsense/commit/a7a064f4e523cc94d8570075e8b3b9a9220da3a3
https://github.... Phillip Davis
03:54 AM Feature #4782: Display monitor IP on Gateways widget
Done by commits:
https://github.com/pfsense/pfsense/commit/3d0391f1d843a04ae1072440c8e38bbf392cb4c6
https://github.... Phillip Davis
12:30 AM Feature #4796 (New): Support Multiple FIBs in pfSense
The current default pfSense kernel is not built with multiple FIB support. Multiple FIB support has been in FreeBSD ... Jeremy Porter

06/27/2015

10:23 PM Bug #4795 (Not a Bug): IPsec logging is not working
The IPsec logs stay blank even when setting all options to "highest".
I believe this is an issue on how the syslog... Jorge Albarenque
10:17 PM Bug #4794 (Resolved): Handling of ASN1.DN values for RSA IPsec during upgrades from previous versions
The certificate CNs are interpreted differently by raccoon and strongSwan, for example:
+raccoon:+
C=US, ST=Whate... Jorge Albarenque
10:14 PM Bug #4792: IPSec ASN.1 DN needs double quotes in config file
I stumbled upon this today.
If you omit the identity prefix altogether, strongSwan will guess and convert the data... Jorge Albarenque
12:04 PM Bug #4792: IPSec ASN.1 DN needs double quotes in config file
Cullen Trey wrote:
> Or just throw away the asn1dn identifier...?
Sounds like a plan. Completely craptastic desig... Kill Bill
05:33 AM Bug #4792: IPSec ASN.1 DN needs double quotes in config file
Okay, understood why it is not possible to specify:
leftid = asn1dn:C=CH/ST=Aargau/L=Baden/O=TechFreak/emailAddres... Cullen Trey
03:03 AM Bug #4792 (Resolved): IPSec ASN.1 DN needs double quotes in config file
This is a bug #4275 reintroduced in 2.2.3:
Upon upgrade of 2.2.2 to 2.2.3 strongswan did not start and quit with ... Cullen Trey
01:45 PM Revision 08d1762e: Implement ->toggle(selector, 'disable') + handle adv. globally
handle advanced globally; when an input has .advanced class, it will
automatically be hidden and a button to show all... Sjon Hortensius
01:09 PM Revision 9801e938: head - specify utf-8 charset
Sjon Hortensius
10:55 AM Revision ea5665c7: firewall_rules; implement sortable for ordering rules
also; remove 'delete selected' and ID column until we know if its
useful; allows buttons and most rules on single li... Sjon Hortensius
06:45 AM pfSense Packages Bug #4793: squidguard crashes squid when enabled
Shared object "libldap-2.4.so.2" not found, required by "squidGuard"
2015/06/27 11:42:01 kid1| Starting Squid Cache ... Bipin Chandra
06:34 AM pfSense Packages Bug #4793: squidguard crashes squid when enabled
Jun 27 11:36:36 php-fpm[55499]: /pkg_edit.php: The command '/usr/pbi/squid-i386/sbin/squid -k reconfigure -f /usr/pb... Bipin Chandra
04:32 AM pfSense Packages Bug #4793 (Closed): squidguard crashes squid when enabled
on 2.2.3 squid3 works fine but as soon as u enable squidguard then squid constantly crashes with messages as redirect... Bipin Chandra
05:57 AM Bug #807: Cannot set the keymap to anything other then the default
Hi,
I observed the same thing on the 2.2.3 fresh install Florent THOMAS
05:56 AM Bug #4387: Installer does not offer choices for keymap, screenmap or video font
In the installer, it was possible to choose something else instead default. In the 2.2.3 no more keymap are availabl... Florent THOMAS
03:15 AM Bug #4661: OpenVPN client can't assign to GWGroup specifying VIPs
Hello,
even worse, if a OpenVPN client in 2.2.3 is set to a GWGroup specifying VIPs, first it is working. Meening ... Cullen Trey

06/26/2015

05:47 PM Bug #4791: AES-NI on 2.2.3-RELEASE broken with non AES-GCM modes
Not sure if it's needed but I can confirm that Disabling AESNI works. Chris Sutcliff
02:02 PM Bug #4791 (Feedback): AES-NI on 2.2.3-RELEASE broken with non AES-GCM modes
Patch that broke it (ipsec_aescbc_aesni.diff) was reverted. Should be fine on 2.2.4 snapshots Renato Botelho
11:41 AM Bug #4791: AES-NI on 2.2.3-RELEASE broken with non AES-GCM modes
Looks like it's related to the AESNI module now attempting to process all AES rather than only AES-GCM. It works fine... Jim Pingle
11:35 AM Bug #4791 (Resolved): AES-NI on 2.2.3-RELEASE broken with non AES-GCM modes
Hi,
Numerous reports are coming in of IPSec not working correctly with the 2.2.3-RELEASE. Multiple failures on sit... David Harrigan
02:55 PM Bug #4784: IPsec mobile fails with VPNC and "Network List" after 2.2.x upgrade
Jim P wrote:
> Your issue is likely #4791 and not related to this ticket.
Thanks Jim,
That was my first though... Edward Roper
02:51 PM Bug #4784: IPsec mobile fails with VPNC and "Network List" after 2.2.x upgrade
Edward Roper wrote:
> I'm also having this issue. Please let me know if there is any specific information I can prov... Jim Pingle
02:49 PM Bug #4784: IPsec mobile fails with VPNC and "Network List" after 2.2.x upgrade
I'm also having this issue. Please let me know if there is any specific information I can provide to assist. Everythi... Edward Roper
01:45 PM Revision 342f5090: Use interface-automatic for Unbound when the interfaces list is empty (same as All) otherwise it breaks with a default CARP config.
Jim Pingle
01:45 PM Revision a2cbbb74: Use interface-automatic for Unbound when the interfaces list is empty (same as All) otherwise it breaks with a default CARP config.
Jim Pingle
11:31 AM Bug #4364: cannot change or set keymap during and after install
Additionnaly I tried to follow this : https://forum.pfsense.org/index.php?topic=52145.msg279761#msg279761
No keymaps... Florent THOMAS
11:12 AM Bug #4364: cannot change or set keymap during and after install
Hi,
I've just installed the 2.2.3 an it still not working Florent THOMAS
11:26 AM Bug #4147: IPsec - IPv4 Phase 1 using FQDN resolves to IPv6 IP
https://wiki.strongswan.org/issues/993
 Kill Bill
10:55 AM Revision f3ec49e1: Only process Traffic Graph object if it is open
The Traffic Graphs widget puts a graph object for every interface into
the HTML of the widget. Underneath the graph o... Phil Davis
10:34 AM Bug #4790 (Not a Bug): Established IPSec Tunnel refused transporting further traffic out of sudden.. it than refuses any rule based traffic to anywhere!
*Scenario*
* *In General*
* Everything is IPv4 by now
* *Local office* network which is running PFSense in Hyp... Ingo-Stefan Schilling
07:07 AM Feature #4789: user interface / text fields are too short to display long alias names
This may be a non-issue in 2.3, the whole GUI is getting a Bootstrap facelift (https://blog.pfsense.org/?p=1773) Jim Pingle
01:27 AM Feature #4789 (Resolved): user interface / text fields are too short to display long alias names
We use a lot of aliases, which are sometimes very long and we face the problem that in the standard template "pfsense... Steven Dale
07:06 AM Feature #4788 (Rejected): Can 8g or larger nanobsd images be made?
The builder has code to make 8 and 16GB images, but we don't generate them ourselves. We do not recommend using NanoB... Jim Pingle
03:22 AM Bug #3330: Load Balancer showing wrong Status when using aliases for the port
Just to bump, this is still the case in 2.2.3. If Daniel Onisoru's ports alias issue above hasn't been made into an i... Murray Crane

06/25/2015

09:24 PM Feature #4788 (Rejected): Can 8g or larger nanobsd images be made?
I am loading a number of ISO images and files onto \tftpboot for use with the TFTP package and pxelinux but find the ... Justin Yendrowich
06:33 PM Feature #4787: Time restrictions on Users, for Captive Portal auth
Confirmed this works as expected. Radius server is relatively complex to set up, I will do a tutorial on it. Criggie .
01:22 PM Revision 608f6828: Merge pull request #1717 from phil-davis/traffic-graph-description
Renato Botelho
12:39 PM Revision 72e2a428: Merge pull request #1725 from phil-davis/gateways-widget
Renato Botelho
11:48 AM Revision 03e4bd0c: Merge pull request #1730 from phil-davis/patch-2
Renato Botelho
11:47 AM Revision 7d6b8b9b: Merge pull request #1729 from phil-davis/widget-iform
Renato Botelho
11:32 AM Revision 763afdaf: Add semicolon
Fix delete Java Script to match valid HTML ID N0YB
11:31 AM Revision 0f383d78: XHTML Compliance
html id's not permitted to begin with a number.
html id's not permitted to contain '/'
add prefix (entry_) and replac... N0YB
11:29 AM Revision aa676b75: Merge pull request #1719 from N0YB/XHTML_Compliance_Diagnostics_Tables
Renato Botelho
11:10 AM Revision 0828f970: Bump version to 2.2.4-DEVELOPMENT
Renato Botelho

06/24/2015

07:05 PM Feature #3933: Limiter burst doesn't have any effect
Target version is 2.3
https://redmine.pfsense.org/versions/16
http://snapshots.pfsense.org/
Shows 2.2.3 as l... Web Dawg
06:54 PM Feature #3933: Limiter burst doesn't have any effect
Hi folks,
Any progress on this one? Is there any alpha version that might have this working for me to test .. Thanks! Ahmed Kamal
05:03 PM Revision fc04a23e: Merge branch 'RELENG_2_2' of git.pfmechanics.com:pfsense/pfsense into RELENG_2_2
Chris Buechler
05:00 PM Revision 90ad3a76: Display any advanced DHCP server settings
when the page is first displayed.
This has annoyed me a few times and it annoyed me again just now. I had some settin... Phil Davis

06/23/2015

10:24 PM Bug #3858: DynDNS errno 47: Address family not supported by protocol family
I put together a quick test on Linux (using pycurl) that basically does:... Jonathon Reinhart
09:54 PM Bug #3858: DynDNS errno 47: Address family not supported by protocol family
Chris Buechler wrote:
> that's what happens when you're dual stack, the URL has an AAAA, and it's updating a v4 IP.
... Jonathon Reinhart
09:29 PM Revision 9cbb7fe4: It's time for 2.2.3-RELEASE
Renato Botelho
09:25 PM Revision 5b1844a6: Bump to 2.2.3-RELEASE
Chris Buechler
07:32 PM Revision 47b09af7: Add D1540-XG.
Matthew Smith
07:28 PM Revision 821c6ff7: Add D1540-XG.
Matthew Smith
06:36 PM Revision ba8c6e37: Introduce Netgate RCC-DFF to the list of known platforms
Renato Botelho
06:35 PM Revision 91bbf120: Introduce Netgate RCC-DFF to the list of known platforms
Renato Botelho
05:31 PM Revision 96072f52: rereadall is not enough here, restore reload call to make sure everything works. Ticket #4785
Renato Botelho
05:31 PM Revision 2f898d6a: rereadall is not enough here, restore reload call to make sure everything works. Ticket #4785
Renato Botelho
05:15 PM Revision 8961801d: Replace ipsec rereadsecrets + reload by single rereadall, that will re-read also cert changes. Ticket #4785
Renato Botelho
05:15 PM Revision 9edeadc5: Replace ipsec rereadsecrets + reload by single rereadall, that will re-read also cert changes. Ticket #4785
Renato Botelho
05:12 PM Revision a241d6b5: Instead of sending USR1, just call ipsec reload. And before it, call ipsec rereadsecrets to make sure new secretes are updated. It should fix #4785
Renato Botelho
05:12 PM Revision bc7748f7: Partially revert 019ee2bc8c, this workaround is not necessary. Real fix will be committed after this
Renato Botelho
05:12 PM Revision dbd43cc2: Instead of sending USR1, just call ipsec reload. And before it, call ipsec rereadsecrets to make sure new secretes are updated. It should fix #4785
Renato Botelho
05:11 PM Revision d30038e0: Partially revert 019ee2bc8c, this workaround is not necessary. Real fix will be committed after this
Renato Botelho
03:54 PM Bug #4785 (Resolved): IKEv2 w/PSK not matching where remote is FQDN
confirmed good. Chris Buechler
12:20 PM Bug #4785: IKEv2 w/PSK not matching where remote is FQDN
Applied in changeset commit:a241d6b53ac8d1aefe854d673ed5f41693ce9388. Renato Botelho
12:20 PM Bug #4785: IKEv2 w/PSK not matching where remote is FQDN
Applied in changeset commit:dbd43cc24d6c18f6bf279c4e52a7a01d2bdfb8c5. Renato Botelho
01:22 PM Revision 019ee2bc: Add a workaround for ticket #4785:
There was a regression on strongswan between 5.3.0 and 5.3.2 as reported
at [1]. To workaround this issue, add an ext... Renato Botelho
12:59 PM Revision 29c9e140: Add a workaround for ticket #4785:
There was a regression on strongswan between 5.3.0 and 5.3.2 as reported
at [1]. To workaround this issue, add an ext... Renato Botelho
10:53 AM Bug #4642: OpenVPN process status stopped... but its running
Updating:
Ok, 21 days passed, and there it goes... today I have discovered on the monitored nanobsd installs final... Alejandro Olivan
07:28 AM Revision 9a3ec939: Standardize widget iform and submit names
The log and picture widgets were both using "iforma" and "submita".
Actually it did not break anything because it was... Phil Davis
06:48 AM Revision c598160a: Fix var name typo in shaper.inc
Chris Buechler
06:45 AM Revision cfc6fd8d: Merge pull request #1728 from devnullity/patch-1
Chris Buechler
05:53 AM Revision 6538d33a: GW widget input form name-id needs to be unique
among all widget forms.
Traffic Graphs widget already uses the vanilla name "iform". Reusing that name causes Traffic... Phil Davis
03:56 AM Bug #3736: No static IPv6 address for WAN interface in Dashboard for PPPoE+static IPv6
Well, this does not work for the console menu either. Plus, I don't think it's limited to static IPv6. It's broken fo... Kill Bill
02:22 AM Bug #3736 (New): No static IPv6 address for WAN interface in Dashboard for PPPoE+static IPv6
Chris Buechler
02:31 AM Revision 9a8a5e6a: Don't delete /var/tmp/, that was originally done to clear session data at boot, but no longer applicable as session data is no longer in /var/tmp/. Credit to 'aa' on opnsense forum.
Chris Buechler
02:27 AM Revision 5e1ff564: Don't delete /var/tmp/, that was originally done to clear session data at boot, but no longer applicable as session data is no longer in /var/tmp/. Credit to 'aa' on opnsense forum.
Chris Buechler
01:25 AM Feature #4787: Time restrictions on Users, for Captive Portal auth
you can use firewall rules with schedules to accomplish that in some cases. Otherwise you're best off using RADIUS au... Chris Buechler
12:39 AM Feature #4787 (Needs Patch): Time restrictions on Users, for Captive Portal auth
I'd like to let my kids use the net between certain hours, but deny them after bedtime.
Could the pfSense user man... Criggie .
12:43 AM Revision d812e83e: Use $myid in ipsec.secrets. Ticket #4785
Conflicts:
etc/inc/vpn.inc Chris Buechler
12:42 AM Revision fe96d725: Use $myid in ipsec.secrets. Ticket #4785
Chris Buechler

06/22/2015

11:03 PM Bug #4778 (Resolved): ADI memstick doesn't setup serial console correctly post-install
all good. Chris Buechler
05:33 PM Bug #4778 (Feedback): ADI memstick doesn't setup serial console correctly post-install
It was happening when wrong kernel was selected during installation. I've changed kernel order for ADI and Embedded i... Renato Botelho
09:49 PM Bug #4784 (Confirmed): IPsec mobile fails with VPNC and "Network List" after 2.2.x upgrade
there is something wrong here, though it's not clear what. The issue is replicable with Jody's config, and a slightly... Chris Buechler
01:20 PM Bug #4784 (Closed): IPsec mobile fails with VPNC and "Network List" after 2.2.x upgrade
We usually use a wrapper client (Shimo) for vpnc that helps us with some route automation, but for purposes of simpli... Jody Rudolph
09:49 PM Bug #4345: Traffic Shaping doesn't work with Xen netfront driver
I think same as Grischa Zengel said!
We need an option to disable xn implementation Giancarlos Cataldo
12:56 PM Bug #4345: Traffic Shaping doesn't work with Xen netfront driver
I'm installing the next server and need 8+ networks. Because xen can't handle so much NICs I have to use tagging.
... Grischa Zengel
09:38 PM Bug #4786 (Duplicate): custom dyndns fails with errno 47: Address family not supported by protocol family
duplicate of #3858. that didn't change on upgrade, guessing maybe this is the first you've had IPv6. Changing your pr... Chris Buechler
08:16 PM Bug #4786 (Duplicate): custom dyndns fails with errno 47: Address family not supported by protocol family
I just updated from 2.2.1 to 2.2.2. I have Dynamic DNS enabled for my domain hosted at Google Domains, and DynDNS is... Jonathon Reinhart
09:36 PM Bug #3858 (Confirmed): DynDNS errno 47: Address family not supported by protocol family
that's what happens when you're dual stack, the URL has an AAAA, and it's updating a v4 IP. Chris Buechler
07:48 PM Bug #4729 (Not a Bug): OpenVPN Advanced config fails on double save
the semicolon separators are required, as it says in the notes field there. Some additional input validation there wo... Chris Buechler
07:41 PM Bug #4785 (Feedback): IKEv2 w/PSK not matching where remote is FQDN
should be fixed, need to double check every type of config to verify all still work. Chris Buechler
05:21 PM Bug #4785 (Resolved): IKEv2 w/PSK not matching where remote is FQDN
Where using IKEv2 with PSK on a site to site VPN, where the identifiers are IPs, and the remote is a FQDN, you end up... Chris Buechler
06:34 PM Revision b7316893: This is incomplete. Leaving for 2.3. Revert "Ticket #4683 merge in brainpool for DH parameters"
This reverts commit 7dc35024af3af1d644c25b002ca9f40f1d61c05b. Chris Buechler
04:56 PM Bug #4746: captive portal allowed hostnames not loaded into table at boot time
no change from last comment. filterdns is running with the correct instance ID for -y, logs that it's adding entries ... Chris Buechler
01:32 PM Feature #4683: Support for elliptic curve for IPsec on webconfigurator
Thanks for the heads up, Lars. We're short on time for 2.2.3, plus don't generally put features into maintenance rele... Chris Buechler
08:21 AM Feature #4683: Support for elliptic curve for IPsec on webconfigurator
Can see that you have only merged parts of the 1649 pull request. Things like IPsec phase 1 is missing AES GCM suppor... Lars Pedersen
01:23 PM Bug #4779 (Feedback): OPENVPN - Exiting due to fatal error
The "can't assign requested address" means something is already listening on port 10000. You have something else boun... Chris Buechler
01:18 PM Bug #4780 (Confirmed): max_input_vars limit reached with aliases having >1000 members
for aliases that big you're best off using URL Table aliases instead Chris Buechler
07:20 AM Revision be253f60: Add DNS host override descriptions
since we can sometimes provide a useful description from that config
data also.
Fill the $iplookup array with host or... Phil Davis
12:49 AM Bug #3314 (Resolved): Traffic graph shows 2X the actual traffic on VLAN interfaces.
not seeing any scenario where this still happens. Chris Buechler
12:43 AM Feature #4783 (Resolved): Add description as a display option on Traffic Graph
The traffic graph can already display a choice of IP address, Hostname or FQDN in the table of top bandwidth hogs.
S... Phillip Davis
12:39 AM Bug #4704 (Confirmed): IKEv2 to Cisco ASA won't bring up multiple P2 networks
splitting con entries will suffice here. this should be straight forward, quick, and low risk, but if there are compl... Chris Buechler
12:35 AM Feature #4782 (Resolved): Display monitor IP on Gateways widget
The RTT and Loss figures on the Gateways widget are for ping responses to the gateway monitor IP, which often is diff... Phillip Davis
12:29 AM Bug #4781 (Resolved): IPsec PSKs from user manager and vpn_ipsec_keys.php incorrect
fixed Chris Buechler
12:25 AM Bug #4685: Crash/panic "Sleeping thread owns a non-sleepable lock"
Ermal suggested replicating with very low bpf buffers and high ARP traffic. I've had an arp-scan across one /16 and o... Chris Buechler

06/21/2015

11:49 PM Revision 5a147eaf: Fix var name typo in shaper.inc
Fix typo so get_bandwidthtype_scale can do more than default to "1". Ben Cook
10:13 PM Bug #4652 (Resolved): Captive Portal Idle-Timeout causes 2147483647 for acctsessiontime when no data transferred
works from what I can tell. Markus, if you can see any remaining issues here in 2.2.3, please follow up. Chris Buechler
10:10 PM Bug #4719: IKEv2 to Cisco ASA results in TS mismatch when initiation triggered by traffic
this is still replicable as described, but only with ASAs, and only as initiator when triggered by traffic. Manually ... Chris Buechler
09:37 PM Bug #4418: IPsec mobile clients - bogus "p" appended to search domain
something's changed in the OS X client since last trying this. I'll revisit for further testing. Chris Buechler
09:01 PM Revision 62102a8b: Specify $myid rather than %any here, otherwise user manager and mobile PSKs won't match. Ticket #4781
Conflicts:
etc/inc/vpn.inc Chris Buechler
09:00 PM Revision 887093c3: Specify $myid rather than %any here, otherwise user manager and mobile PSKs won't match. Ticket #4781
Chris Buechler
04:06 PM Bug #4689: Panic/Crash "sbflush_internal: cc 4294967166 || mb 0 || mbcnt 0"
no known way to replicate this. Likely fixed with the patch that's been merged but will leave for feedback. Chris Buechler
04:00 PM Bug #4781 (Feedback): IPsec PSKs from user manager and vpn_ipsec_keys.php incorrect
confirmed working on one system Chris Buechler
03:56 PM Bug #4781 (Resolved): IPsec PSKs from user manager and vpn_ipsec_keys.php incorrect
PSKs defined in the user manager and vpn_ipsec_keys.php result in: ... Chris Buechler
01:19 PM Bug #4780: max_input_vars limit reached with aliases having >1000 members
pfSense version 2.2.2 Ravine Pick
01:18 PM Bug #4780 (Resolved): max_input_vars limit reached with aliases having >1000 members
The limit has been reach for long alias lists used in firewall configuration.
firewall_aliases_edit.php
Warning... Ravine Pick
10:33 AM Bug #4779 (Not a Bug): OPENVPN - Exiting due to fatal error
Since I'm using pfSense 2.2.2 I get the following error, every time the switch is turned off - the device is disconne... Jan-Hendrik Meyer

06/20/2015

08:35 PM Bug #4720 (Resolved): pfSense ADI-2.2.2-RELEASE issues with backup/restore config /boot/config.local changed
this is fixed, opened #4778 for aforementioned remaining issue. Chris Buechler
08:35 PM Bug #4778 (Resolved): ADI memstick doesn't setup serial console correctly post-install
The serial console on the ADI memstick image isn't setup correctly post-install. Chris Buechler
08:22 PM Bug #4766: "URL Table (IPs)" and "URL (IPs)" do not work when text file is hosted on a fresh install of pfSense
Was just wondering if it's specific to your file, or any similar file. If the one you attached suffices to replicate,... Chris Buechler
08:04 PM Bug #4705 (Resolved): Language selection is not functional
fixed Chris Buechler
07:40 PM Bug #4702: kernel panic with AES-NI
this isn't easily replicable, so not sure whether it's still an issue. Will leave for feedback Chris Buechler
07:38 PM Bug #4310: Limiters + HA results in hangs on secondary
Tried after changing both hosts to use unicast pfsync, which had no impact. It seems to alternate between hanging the... Chris Buechler

06/19/2015

10:31 PM Bug #4777 (Closed): tcpdump causes kernel panic when deleting underlying interface
that triggers a kernel panic in FreeBSD 10.1. Same wifi card in an 11-CURRENT (as of a couple days ago) box, tcpdump ... Chris Buechler
09:37 PM Bug #4777: tcpdump causes kernel panic when deleting underlying interface
pfSense just prompted me, then automatically uploaded a crashreport (approx 2015-Jun-19 21:40 CDT [GMT-5]). Of cours... Adam Thompson
09:28 PM Bug #4777 (Closed): tcpdump causes kernel panic when deleting underlying interface
Cloned ath0 interface.
Ran tcpdump on console against ath0_wlan1.
Deleted ath0_wlan1 from GUI (Interfaces->Wireless... Adam Thompson
09:34 PM Bug #4766: "URL Table (IPs)" and "URL (IPs)" do not work when text file is hosted on a fresh install of pfSense
I can't share the IP addresses because they are Tor bridges, which must be kept secret in order to be useful. Does th... badon _
08:29 PM Bug #4766: "URL Table (IPs)" and "URL (IPs)" do not work when text file is hosted on a fresh install of pfSense
the upgrade issue you noted is fixed for 2.2.3, release coming next week. Upgrading to the latest snapshot from snaps... Chris Buechler
06:04 PM Bug #4766: "URL Table (IPs)" and "URL (IPs)" do not work when text file is hosted on a fresh install of pfSense
I tested an auto-upgrade again before doing the test you suggested. The auto-upgrade sort of failed somehow because t... badon _
06:33 PM Revision 10a1c51d: Obsolete pt_BR.ISO-88591 in favor of UTF-8
Renato Botelho
06:31 PM Revision a3918e59: Move pt_BR translation from ISO to UTF-8
Renato Botelho
06:29 PM Revision 6b42b02c: Move pt_BR directory, it's moving from ISO to UTF-8
Renato Botelho
06:15 PM Revision 3d0391f1: Display monitor IP on Gateways widget
This change adds a setting for the Gateways dashboard widget so the user
can choose to display the Gateway IP, Monito... Phil Davis
04:28 PM Feature #4599 (Closed): Traffic shaping - what is in each queue?
Chris Buechler
04:26 PM Bug #4621 (Resolved): OpenVPN server does not bind to IPv6 CARP interface when configured from webgui.
Chris Buechler
04:19 PM Bug #4656 (Not a Bug): cannot connect IPsec VPN via dialup
that's due to a configuration mismatch of some sort. Please post to the forum or mailing list for help troubleshooting Chris Buechler
04:16 PM Bug #4695 (Not a Bug): TAP (OpenVPN) Traffic Blocked
replied back on your forum thread. this works in general, we can troubleshoot further on forum. Chris Buechler
03:35 PM Revision 3378289a: Ticket #4746 Correctly set global variables to be used by hostnames cod epaths
Ermal Luçi
03:33 PM Revision fabb4b03: Ticket #4746 Correctly set global variables to be used by hostnames cod epaths
Ermal Luçi
02:38 PM Bug #4720: pfSense ADI-2.2.2-RELEASE issues with backup/restore config /boot/config.local changed
this issue is fixed. there is a different problem in that it doesn't enable the serial console properly after clean i... Chris Buechler
02:08 PM Bug #4760: PPPoE loses connection to modem, clicking connect does not reconnect but rebooting pfSense does
Ok that's a different circumstance from the other I mentioned (which is the same as what Bipin noted). That's never a... Chris Buechler
04:06 AM Bug #4760: PPPoE loses connection to modem, clicking connect does not reconnect but rebooting pfSense does
It's a virtual machine on ESX, using E1000 nics, the NIC isn't locked however as the web interface on the ADSL modem ... Technical Support Brendata (UK) Ltd
04:02 AM Bug #4760: PPPoE loses connection to modem, clicking connect does not reconnect but rebooting pfSense does
for me alix via chipset and 2 full install machines with realtek chipset have this issue Bipin Chandra
01:39 PM Bug #4705 (Feedback): Language selection is not functional
I moved it to UTF-8, it's working now.
For reference commit:6b42b02cc0 commit:a3918e5999 and commit:10a1c51d87 Renato Botelho
01:19 PM Bug #4675 (Confirmed): DHCPv6 DDNS doesn't work properly
Thanks Robert, we'll get that reviewed, tested and merged soon for 2.3. Chris Buechler
12:53 PM Bug #4551: DNS forwarder/resolver - some consistency needed in the WebGUI
The DHCP/DHCPv6 stuff was meanwhile fixed, apparently. System - General Setup and the Captive Portal still remain. Kill Bill
12:37 PM Feature #4260 (Closed): Add ECP DH key groups support
closing in favor of #4683 Chris Buechler
11:51 AM Revision 320ed23c: Merge pull request #1724 from phil-davis/patch-3
Renato Botelho
11:08 AM Feature #4776 (New): Add 802.1x dynamic vlan support
Hi,
as I was creating a WLAN for our company based on pfsense APs, I run into the problem, that pfsense has no opt... Cullen Trey
10:47 AM Revision 7dc35024: Ticket #4683 merge in brainpool for DH parameters
Ermal Luçi
05:44 AM Feature #4683: Support for elliptic curve for IPsec on webconfigurator
Merged. Ermal Luçi
05:36 AM Bug #4418: IPsec mobile clients - bogus "p" appended to search domain
I thought this was due that now unity plugin is not anymore loaded by default. Ermal Luçi
12:08 AM Bug #4418 (Feedback): IPsec mobile clients - bogus "p" appended to search domain
this doesn't appear to be an issue anymore with 2.2.3, though I haven't narrowed down exactly where that changed yet.... Chris Buechler
12:09 AM Bug #4772 (Resolved): L2TP + "Enable automatic outbound NAT for Reflection" + L2TP subnet overlapping + Port forwards can lead to a broken ruleset
works Chris Buechler

06/18/2015

08:50 PM Bug #4775 (Resolved): Add frag limit control to the GUI
works Chris Buechler
09:33 AM Bug #4775 (Feedback): Add frag limit control to the GUI
Jim Pingle
08:26 AM Bug #4775 (Resolved): Add frag limit control to the GUI
By default pf uses a frag limit of 5000. Several customers and users have reported hitting that limit on 2.2+ resulti... Jim Pingle
06:28 PM Bug #4774 (Resolved): hostid missing +x
fixed Chris Buechler
12:26 AM Bug #4774 (Resolved): hostid missing +x
this should be fixed already. adding this to remember to test on new snapshot.
/etc/rc.d/hostid was missing +x, w... Chris Buechler
06:25 PM Feature #4614 (Resolved): EAP-Radius support for accounting on strongswan
Chris Buechler
05:43 PM Bug #4679 (Resolved): IPsec dashboard widget wrongly shows "REKEYED" SAs as "down"
the REKEYED entries no longer exist since that separate bug was fixed, which leaves this fine. Chris Buechler
05:38 PM Bug #4705 (Confirmed): Language selection is not functional
Turkish works now, though selecting PT-br still leaves you with English. Chris Buechler
04:15 PM Bug #4773: Configuration backup - "Do not backup RRD data" is broken
can't replicate that here either, and that code hasn't changed in quite some time. will leave for feedback for now. Chris Buechler
07:29 AM Bug #4773 (Feedback): Configuration backup - "Do not backup RRD data" is broken
The current code does unset and the code to unset has been in place for ages (3+ years). See source:"usr/local/www/di... Jim Pingle
05:49 AM Bug #4773: Configuration backup - "Do not backup RRD data" is broken
Hmmm - I guess on restoring from a backup that has RRD data, the system should remove existing RRD data files, build ... Phillip Davis
03:04 AM Bug #4773: Configuration backup - "Do not backup RRD data" is broken
Well, the problem apparently is this:... Kill Bill
02:48 AM Bug #4773: Configuration backup - "Do not backup RRD data" is broken
2.2.3-DEVELOPMENT (amd64)
built on Sun Jun 14 19:59:54 CDT 2015
FreeBSD 10.1-RELEASE-p12
With the "do not backup... Lars Pedersen
02:24 AM Bug #4773: Configuration backup - "Do not backup RRD data" is broken
This is a full install. With the box, I get ~4 MB with huge <rrddata>; without the box, it's ~8 MB with two <rrddata>... Kill Bill
04:01 PM Bug #4766: "URL Table (IPs)" and "URL (IPs)" do not work when text file is hosted on a fresh install of pfSense
Guessing it's because we enable certificate validation by default in 2.2.x there, and the default self-signed cert wi... Chris Buechler
02:29 AM Bug #4766: "URL Table (IPs)" and "URL (IPs)" do not work when text file is hosted on a fresh install of pfSense
Perhaps you could post the results of this:... Kill Bill
01:54 AM Bug #4766: "URL Table (IPs)" and "URL (IPs)" do not work when text file is hosted on a fresh install of pfSense
Let me point out that the "URL Table (IPs)" version of this test does not produce any error messages. Therefore, if i... badon _
01:40 AM Bug #4766: "URL Table (IPs)" and "URL (IPs)" do not work when text file is hosted on a fresh install of pfSense
It's a list of IP addresses, one IP on each line. I just tested it in a new install of 2.1.5, and it works fine there... badon _
02:29 PM Bug #4686 (Resolved): Rekeyed SAs are not properly removed
this is correct now in every circumstance I could previously replicate problems. Chris Buechler
01:33 PM Revision 55a1435e: Add a GUI field to increase the pf frag entries limit. Fixes ticket #4775
Jim Pingle
01:30 PM Revision 9e8ce1e2: Add a GUI field to increase the pf frag entries limit. Fixes ticket #4775
Jim Pingle
12:34 PM Bug #4760: PPPoE loses connection to modem, clicking connect does not reconnect but rebooting pfSense does
not the modem, what hardware are you running pfSense on, specifically what NICs but other details might help. Chris Buechler
06:54 AM Bug #4760: PPPoE loses connection to modem, clicking connect does not reconnect but rebooting pfSense does
The actual hardware is a BT Voyager 190 Ethernet ADSL modem with the unlocked firmware on it.
I assume that the is... Technical Support Brendata (UK) Ltd
01:39 AM Bug #4760: PPPoE loses connection to modem, clicking connect does not reconnect but rebooting pfSense does
https://forum.pfsense.org/index.php?topic=41061.0
long thread but to me it seems the nic drivers is the culprit, t... Bipin Chandra
12:06 PM Bug #4751 (Resolved): kernel panic after disabling captive portal when idle timeout is in use
fixed Chris Buechler
10:56 AM Bug #4364: cannot change or set keymap during and after install
Hello.
Just installed 2.2.2 x64 and the problema is still here.
Best regards. Manuel Borges
05:26 AM Revision 41e9efe6: chmod +x hostid
Chris Buechler
05:26 AM Revision f6a4fe06: chmod +x hostid
Chris Buechler
12:33 AM Bug #4730 (Resolved): Firewall Log Dynamic View missing Block/Allowed Reason
fixed, thanks! Chris Buechler

06/17/2015

11:31 PM Bug #3815: Gateway monitoring broken
Tobias: if you have a 2.2.2 (or newer) config that'll replicate, I'd definitely like to check it out. Email to cmb at... Chris Buechler
10:26 PM Bug #4760 (Feedback): PPPoE loses connection to modem, clicking connect does not reconnect but rebooting pfSense does
what hardware?
the only issue along those lines I can recall in any version was some modems combined with some ol... Chris Buechler
10:24 PM Bug #4766 (Feedback): "URL Table (IPs)" and "URL (IPs)" do not work when text file is hosted on a fresh install of pfSense
what's in some_file.txt? I'm guessing nothing, you're trying to fetch a file that doesn't exist, given it happens aft... Chris Buechler
10:11 PM Bug #4773: Configuration backup - "Do not backup RRD data" is broken
On nanoBSD 32-bit running snap from Wed Jun 17 18:54:23 I can't replicate this. With the box checked I get an ordinar... Phillip Davis
02:32 PM Bug #4773 (Closed): Configuration backup - "Do not backup RRD data" is broken
This worked just fine before the latest batch of commits (i.e., a week ago, or even less).
- I have the "Do not ba... Kill Bill
09:21 PM Bug #4746 (Confirmed): captive portal allowed hostnames not loaded into table at boot time
no change here. Logs show during boot: ... Chris Buechler
01:30 AM Bug #4746: captive portal allowed hostnames not loaded into table at boot time
this change could also be what completely broke CP (see #4751) Chris Buechler
07:33 PM Revision e932c350: Blacklist invalid "from" sources since they can be picked up accidentally and cause rule errors. Fixes #4772
Jim Pingle
07:32 PM Revision 2e0397e0: Blacklist invalid "from" sources since they can be picked up accidentally and cause rule errors. Fixes #4772
Jim Pingle
04:32 PM Bug #4765: NAT Reflection (Pure NAT) rules not setup for traffic originating from same subnet as final destination
it works fine. keep the discussion of support issues on the forum please. I replied back there again. Chris Buechler
01:43 PM Bug #4765: NAT Reflection (Pure NAT) rules not setup for traffic originating from same subnet as final destination
I don't understand the meaning of "looking for something that won't exist" considering that the rest of your comment ... Granger Godbold
12:52 PM Bug #4765 (Not a Bug): NAT Reflection (Pure NAT) rules not setup for traffic originating from same subnet as final destination
replied back in your forum thread, you're looking for something that won't exist, but where the "Enable automatic out... Chris Buechler
03:35 PM Bug #4770: Packet Filter Reject IPSEC packets
Just what algorithms and what version of ipsec you are using.
Preferably send me /var/etc/ipsec/ipsec.conf and /tm... Ermal Luçi
03:30 PM Bug #4770: Packet Filter Reject IPSEC packets
How much detail do you want? I'd rather not leak all our info onto the net. Nei Ka
03:24 PM Bug #4770: Packet Filter Reject IPSEC packets
Can you also describe your tunnel configuration here? Ermal Luçi
11:59 AM Bug #4770: Packet Filter Reject IPSEC packets
... Nei Ka
11:55 AM Bug #4770 (Feedback): Packet Filter Reject IPSEC packets
what's the rule that's blocking it? click the red X.
doubt this is a bug, probably something like Snort enabled w... Chris Buechler
11:32 AM Bug #4770 (Resolved): Packet Filter Reject IPSEC packets
Periodically the firewall starts firewalling traffic coming through one or more IPSEC tunnels. Doing "Filter Reload" ... Nei Ka
02:40 PM Bug #4772: L2TP + "Enable automatic outbound NAT for Reflection" + L2TP subnet overlapping + Port forwards can lead to a broken ruleset
Applied in changeset commit:e932c35017d0c5e35957e01c90dab57a0519f588. Jim Pingle
02:40 PM Bug #4772 (Feedback): L2TP + "Enable automatic outbound NAT for Reflection" + L2TP subnet overlapping + Port forwards can lead to a broken ruleset
Applied in changeset commit:2e0397e05b6168dfcfbd04c9f3629a988744a8b2. Jim Pingle
02:28 PM Bug #4772 (Resolved): L2TP + "Enable automatic outbound NAT for Reflection" + L2TP subnet overlapping + Port forwards can lead to a broken ruleset
If the L2TP subnet overlaps a subnet that contains a port forward target, and automatic outbound NAT for reflection i... Jim Pingle
01:37 PM Bug #4310 (Confirmed): Limiters + HA results in hangs on secondary
no change, as long as you have some traffic passing through a limiter, the secondary hangs within ~1-4 hours. Chris Buechler
01:05 PM Bug #4762: Check status of items on this page for aliases shows the immediate resolution not the values held in the cache
I'll see if I can reproduce this, but the diag_tables showed all IP addresses (I should add that I have applied the p... Technical Support Brendata (UK) Ltd
11:53 AM Bug #4762 (Not a Bug): Check status of items on this page for aliases shows the immediate resolution not the values held in the cache
diag_tables shows what is in the table (""in memory" alias") at the time the page is loaded. filterdns keeps that upd... Chris Buechler
02:33 AM Bug #4762: Check status of items on this page for aliases shows the immediate resolution not the values held in the cache
Yes, sorry, diag_tables.php.
This showed all entries as being correct, however, when looking at the resolver logs ... Technical Support Brendata (UK) Ltd
11:41 AM Bug #4771 (Duplicate): DHCP Server does not update DNS Forwarder
When the DHCP server issues an IP to a host that provides a name, that name cannot immediately be resolved by the DNS... Nei Ka
10:47 AM Feature #4769: IPv6 support in the Traffic Shaper Wizard
the created rules largely aren't IPv4/IPv6-specific, and will work for both. Chris Buechler
09:30 AM Feature #4769 (Resolved): IPv6 support in the Traffic Shaper Wizard
It would be really nice if Traffic Shaping Wizard could be set to also create IPv6 rules. Ian Grody
08:10 AM Bug #4751 (Feedback): kernel panic after disabling captive portal when idle timeout is in use
Ermal Luçi
08:10 AM Bug #4751: kernel panic after disabling captive portal when idle timeout is in use
Yep this commit broke it by showing that there might have been other issues that now are handled properly.
Next sn... Ermal Luçi
01:20 AM Bug #4751 (Confirmed): kernel panic after disabling captive portal when idle timeout is in use
This patch (or something else in about the same timeframe) completely broke CP in 2.2.3. No contexts are created.
... Chris Buechler
03:23 AM Bug #4642: OpenVPN process status stopped... but its running
EDIT:
15 days passed by since I installed watchdog and set it to keep ntp up (ntp crashed all the time).
Since th... Alejandro Olivan
01:42 AM Bug #4596 (Confirmed): NAT 1:1 vs VIP, limiters works on LAN, but on WAN breaks NAT
no change, but we'll leave as-is for 2.2.3. Limiters in general are better in 2.2.3 than earlier 2.2.*. Chris Buechler
01:26 AM Bug #4653 (Resolved): mtree dies in post_upgrade_command during upgrade from 8.x and earlier
confirmed upgrades on 1.2.3, 2.0.3, 2.1.5, 2.2.2, including both 32 and 64 bit for all 2.x. All fine. Chris Buechler
12:23 AM Bug #4107 (Resolved): Firmware backup restoration via WebUI does not reboot firewall at the end, no logs, no messages
fixed Chris Buechler
12:21 AM Bug #4523 (Resolved): master.passwd/group file corruption may occur after kernel panic or unclean shut down
fixed. We'll again verify as part of the release test matrix on each install type. Chris Buechler

06/16/2015

10:33 PM Bug #4757 (Not a Bug): Failing to boot Asrock Q1900M with LiveCD 2.2.2 and Dev 2.2.3 2015 -04 -13
Chris Buechler
10:32 PM Feature #4763: Restore from backup that contains only area Traffic Shaper doesn't restore Limiters
there isn't a way to backup/restore only limiters at this time. Chris Buechler
02:33 PM Feature #4763: Restore from backup that contains only area Traffic Shaper doesn't restore Limiters
Chris Buechler wrote:
> by traffic shaper in that context it means ALTQ, so this does work as designed.
So how co... Srdjan Jovanovich
02:31 PM Feature #4763: Restore from backup that contains only area Traffic Shaper doesn't restore Limiters
Title should be 'Restore from backup that contains only area Traffic Shaper doesn't restores Limiters'. Srdjan Jovanovich
02:30 PM Feature #4763: Restore from backup that contains only area Traffic Shaper doesn't restore Limiters
by traffic shaper in that context it means ALTQ, so this does work as designed. Chris Buechler
02:29 PM Feature #4763: Restore from backup that contains only area Traffic Shaper doesn't restore Limiters
Dear admins,
please delete Bug #4763, I have the error in the title. I've posted it again in Bug #4764. Srdjan Jovanovich
02:25 PM Feature #4763 (Resolved): Restore from backup that contains only area Traffic Shaper doesn't restore Limiters
When I try to Backup only area Traffic Shaper the shaper-config*.xml doesn't contains Limiters. All the data from pag... Srdjan Jovanovich
10:31 PM Bug #4762: Check status of items on this page for aliases shows the immediate resolution not the values held in the cache
which page are you referring to? diag_tables.php? Chris Buechler
09:00 AM Bug #4762 (Not a Bug): Check status of items on this page for aliases shows the immediate resolution not the values held in the cache
Not sure whether this is a bug in the existing functionality or really a request for additional functionality.
Wou... Technical Support Brendata (UK) Ltd
08:09 PM Bug #4768 (Duplicate): Operation not supported by device
this is a symptom of #4653, because the system didn't reboot post-upgrade in that case. Just power cycle the system a... Chris Buechler
08:03 PM Bug #4768 (Duplicate): Operation not supported by device
pfsense update from 2.1.5 to 2.2.2
php: rc.filter_configure_sync: New alert found: There were error(s) loading th... tianyi939 meng
08:08 PM Bug #2526 (Resolved): Limiter appears to break IPv6 connectivity
works here too, looks good all around. Chris Buechler
05:44 PM Revision bc8adf7e: Say what is happening when reinstalling package GUI XML
At the confirmation dialog after pressing the "Reinstall XML" button, the text does not distinguish between having pr... Phil Davis
05:42 PM Revision a7c28e99: Say what is happening when reinstalling package GUI XML
At the confirmation dialog after pressing the "Reinstall XML" button, the text does not distinguish between having pr... Phil Davis
05:41 PM Revision f128ee22: Remove load_balancer_relay_* -- They are not used, not linked, not functional, not maintained, and have potential security issues.
Jim Pingle
05:41 PM Revision c28ab88c: Add load_balancer_relay_* to obsolete files. They were removed from the master branch already.
Jim Pingle
05:40 PM Revision 4fabdca7: Why is break missing for reinstallxml
I thought that "reinstallxml" should do less than "reinstallpkg" but actually it was getting stuff here, then falling... Phil Davis
05:40 PM Revision c28a785a: Merge pull request #1723 from phil-davis/patch-2
Renato Botelho
05:28 PM Bug #4767 (Duplicate): When renaming an IP alias at "Firewall: Aliases" the rules created at "Firewall: NAT: Outbound" are not updated accordingly
already fixed, duplicate of #4701 Chris Buechler
05:26 PM Bug #4767 (Duplicate): When renaming an IP alias at "Firewall: Aliases" the rules created at "Firewall: NAT: Outbound" are not updated accordingly
Hello,
I ran into a problem after renaming an IP Alias. The Alias was used in an outbound NAT rule as well as in a... Maurits van de Lande
05:06 PM Revision b9455916: Say what is happening when reinstalling package GUI XML
At the confirmation dialog after pressing the "Reinstall XML" button, the text does not distinguish between having pr... Phil Davis
04:57 PM Bug #4766: "URL Table (IPs)" and "URL (IPs)" do not work when text file is hosted on a fresh install of pfSense
Note: This was i386 hardware, but I'm not sure if that matters or not. badon _
04:55 PM Bug #4766 (Resolved): "URL Table (IPs)" and "URL (IPs)" do not work when text file is hosted on a fresh install of pfSense
I ran into this problem on a fresh DVD install of pfSense. An automated upgrade did not experience this problem. On t... badon _
04:55 PM Revision 84a2e915: Why is break missing for reinstallxml
I thought that "reinstallxml" should do less than "reinstallpkg" but actually it was getting stuff here, then falling... Phil Davis
04:35 PM Bug #4765 (Not a Bug): NAT Reflection (Pure NAT) rules not setup for traffic originating from same subnet as final destination
On "System: Advanced: Firewall and NAT", in the "Network Address Translation" section, the checkbox labeled "Automati... Granger Godbold
04:11 PM Revision ab2fd59d: Encoding in services_unbound_advanced.php
Jim Pingle
04:11 PM Revision e9885763: Encoding in services_unbound_advanced.php
Jim Pingle
04:02 PM Revision a5e950ae: Encoding in system_advanced_sysctl.php
Jim Pingle
04:00 PM Revision de5f0b61: Encoding in system_advanced_sysctl.php
Jim Pingle
03:54 PM Revision df6a9c6d: Encoding in interfaces.php
Jim Pingle
03:54 PM Revision 0ec282d4: Encoding in interfaces.php
Jim Pingle
03:45 PM Revision e0829812: Encoding in services_unbound.php
Jim Pingle
03:45 PM Revision d674c38d: Encoding in services_unbound.php
Jim Pingle
03:42 PM Revision 55f6b38b: Encoding in pkg_mgr_settings.php
Jim Pingle
03:41 PM Revision 3642b348: Encoding in pkg_mgr_settings.php
Jim Pingle
03:38 PM Revision b29a65a4: Encoding in system_advanced_admin.php
Jim Pingle
03:37 PM Revision 1d92e91f: Encoding in system_advanced_admin.php
Jim Pingle
03:36 PM Revision f727f257: Encoding in interfaces_ppps_edit.php
Jim Pingle
03:34 PM Revision faa91642: Encoding in interfaces_ppps_edit.php
Jim Pingle
03:31 PM Revision 05dea4b7: Encoding in diag_packet_capture.php
Jim Pingle
03:30 PM Revision f4bbd64d: Encoding in diag_packet_capture.php
Jim Pingle
03:27 PM Revision f68e2f9f: Encoding in interfaces_qinq_edit.php
Jim Pingle
03:27 PM Revision 9162143f: Encoding in interfaces_qinq_edit.php
Jim Pingle
03:22 PM Revision dd5ec20f: Encoding in services_dnsmasq.php
Jim Pingle
03:18 PM Revision e959a567: Encoding in services_dnsmasq.php
Jim Pingle
03:17 PM Bug #4541 (Not a Bug): Manual FW upgrade bug with perform full backup before upgrade checkbox
thanks Chris Buechler
01:41 PM Bug #4541: Manual FW upgrade bug with perform full backup before upgrade checkbox
Some whacky Chrome bug, fixed itself in v41.something. Can be safely closed. Kill Bill
03:11 PM Revision 5b8c4101: Encoding in vpn_ipsec_settings.php
Jim Pingle
03:10 PM Revision 7a29e654: Encoding in vpn_ipsec_settings.php
Jim Pingle
03:10 PM Revision b18d2108: More encoding
Jim Pingle
03:05 PM Revision 5ef9708e: More encoding
Jim Pingle
02:57 PM Revision 2debaf5c: Fix some low-hanging potential security issues.
Jim Pingle
02:53 PM Revision d213c485: Fix some low-hanging potential security issues.
Jim Pingle
02:29 PM Bug #4764 (Duplicate): Restore from backup that contains only area Traffic Shaper doesn't restores Limiters
duplicate of #4763 Chris Buechler
02:27 PM Bug #4764 (Duplicate): Restore from backup that contains only area Traffic Shaper doesn't restores Limiters
When I try to Backup only area Traffic Shaper the shaper-config*.xml doesn't contains Limiters. All the data from pag... Srdjan Jovanovich
02:13 PM Revision 621baeb6: Be more careful with encoding on pages that use single quotes around HTML attributes
Jim Pingle
02:10 PM Revision 3aef3ad0: Be more careful with encoding on pages that use single quotes around HTML attributes
Jim Pingle
01:29 PM Bug #4107: Firmware backup restoration via WebUI does not reboot firewall at the end, no logs, no messages
Works. Kill Bill
01:24 PM Revision 1cdfcaf4: Additional encoding for system_advanced_misc.php
Jim Pingle
01:24 PM Revision 6dbe58e1: Additional encoding for system_advanced_misc.php
Jim Pingle
01:12 PM Revision ee3de7b1: Protect single quotes as well to prevent JS injection, due to the way this page uses single quotes for attributes.
Jim Pingle
01:11 PM Revision 1a44770d: Protect single quotes as well to prevent JS injection, due to the way this page uses single quotes for attributes.
Jim Pingle
12:57 PM Revision 034620d6: Encode parameters in system_advanced_firewall.php before displaying back to the user.
Jim Pingle
12:56 PM Revision 2a1b44c9: Encode parameters in system_advanced_firewall.php before displaying back to the user.
Jim Pingle
12:34 PM Revision 9fced93c: Keep a copy of old mtree binary during upgrade and use it to avoid crashing. Fixes #4563
Renato Botelho
12:34 PM Revision 8f102b09: Check also for old FreeBSD release versions
Renato Botelho
12:34 PM Revision 0e40454d: Keep a copy of old mtree binary during upgrade and use it to avoid crashing. Fixes #4563
Renato Botelho
12:34 PM Revision 0ab90dd0: Check also for old FreeBSD release versions
Renato Botelho
11:56 AM Feature #4761: Add an option per alias entry to keep if the DNS server goes away
I've just checked and the TTL is 1 hour, we rebooted the server the other day and it took about 10 minutes to reboot,... Technical Support Brendata (UK) Ltd
11:42 AM Feature #4761 (Rejected): Add an option per alias entry to keep if the DNS server goes away
It'll hang onto it as long as the TTL is valid. Doing anything other than that would be broken behavior. If your DNS ... Chris Buechler
08:51 AM Feature #4761 (Rejected): Add an option per alias entry to keep if the DNS server goes away
It would be useful to be able to tick on a per entry basis in aliases whether an entry should remain if the DNS serve... Technical Support Brendata (UK) Ltd
08:48 AM Bug #4760 (Closed): PPPoE loses connection to modem, clicking connect does not reconnect but rebooting pfSense does
On a number of occasions I have seen the PPPoE connection between pfSense and our ADSL modem go down, the modem still... Technical Support Brendata (UK) Ltd
08:01 AM Bug #4653 (Feedback): mtree dies in post_upgrade_command during upgrade from 8.x and earlier
Fixed by commit:9fced93c25 and commit:0e40454d52 with a wrong ticket number on commit log. Renato Botelho
12:00 AM Bug #4653: mtree dies in post_upgrade_command during upgrade from 8.x and earlier
Renato's proposed patch looks to work fine here in circumstances where problems were previously replicable. That shou... Chris Buechler
01:39 AM Feature #4683: Support for elliptic curve for IPsec on webconfigurator
Ermal Luçi wrote:
> It is already in 2.2.3 since the merge.
> I merged it manually.
I'm still not convinced that... Lars Pedersen

06/15/2015

09:47 PM Bug #4655 (Resolved): IPsec: Enable bypass for LAN interface IP behaviour is reversed
fixed Chris Buechler
07:25 PM Revision 7d8dd0b7: Add semicolon
Fix delete Java Script to match valid HTML ID N0YB
04:34 PM Bug #2526: Limiter appears to break IPv6 connectivity
Well I think it looks good now.
Tested with bunch of speedtest stuff like http://ipv6-test.com/speedtest/, http:/... Kill Bill
04:18 PM Revision 6d85358c: Merge manullay pull/1722
Ermal Luçi
04:13 PM Revision 86bc5c1a: Merge pull request #1722 from chapmajs/fix_hughesnet_pd
Ermal Luçi
03:28 PM Bug #1629: invalid state table entries after WAN IP change
Hi Kevin,
when the cable modem does weird or reboots i have also seen this behaviour with the 0.0.0.0 address.
... Tom De Coninck
08:50 AM Bug #1629: invalid state table entries after WAN IP change
I have been hitting this issue for over a year. Finally getting tired of manually killing the stale UDP states. I am ... Kevin Trace
02:50 PM Revision 4d474c09: Remove the GUI for the pc-sysinstaller as well and add it to obsoletee files
Ermal Luçi
02:48 PM Revision 353cd816: Remove pc-sysinstall since it was never finished and probably will be not the choice. If needed can be resurrected. It already is in obsoleted files
Ermal Luçi
02:46 PM Revision b8ceb344: Fixing PD size selection for HughesNet
Jonathan
02:46 PM Revision ce817bdb: Remove the GUI for the pc-sysinstaller as well and add it to obsoletee files
Ermal Luçi
02:42 PM Revision f80e099f: Remove pc-sysinstall since it was never finished and probably will be not the choice. If needed can be resurrected
Ermal Luçi
02:36 PM Revision d20f28db: Merge pull request #1721 from phil-davis/style
Renato Botelho
02:34 PM Revision 6622518b: status_queues missing semi-colon
This really looks like it should have a semi-colon. Somehow the PHP interpreter is not being fussy about it in this c... Phil Davis
02:32 PM Revision 98e7d680: Merge pull request #1718 from phil-davis/patch-2
Renato Botelho
10:37 AM Bug #4326 (Feedback): Limiters on firewall rules where NAT applies drop all traffic
This seems affecting only NAT with limiters.
It should be handled properly now in 2.2.3 i will re-test this again as... Ermal Luçi
09:52 AM Feature #4683: Support for elliptic curve for IPsec on webconfigurator
It is already in 2.2.3 since the merge.
I merged it manually. Ermal Luçi
04:04 AM Feature #4683: Support for elliptic curve for IPsec on webconfigurator
Chris Buechler wrote:
> confirmed. Thanks!
Can see that you have set the target version to 2.2.3. Will you cherry... Lars Pedersen
08:34 AM Revision 6c07db48: Code spacing
and other random stuff I noticed.
I think this finishes messing with code style. The codebase should match
the develo... Phil Davis
07:53 AM Bug #4757: Failing to boot Asrock Q1900M with LiveCD 2.2.2 and Dev 2.2.3 2015 -04 -13
Kill Bill assessment is accurate it doesnt work with UEFI. Sorry for using your time guys.
Iain McAtear
07:04 AM pfSense Packages Bug #4759 (Rejected): DHCP return wrong GW
Please post in the forum or on the mailing list for assistance before opening a bug report. It is much more likely th... Jim Pingle
06:37 AM pfSense Packages Bug #4759 (Rejected): DHCP return wrong GW
hi
in fact I setup DHCP server but some clients gets wrong GW from it and some client get right GW. the config is he... hamed dash
05:51 AM Feature #4758: DNS Resolver - Add GUI to configure reverse zone overrides
Not really sure what support you need, it works.
!http://i60.tinypic.com/syv8rr.png!... Kill Bill
04:58 AM Feature #4758 (Closed): DNS Resolver - Add GUI to configure reverse zone overrides
It would be nice to have GUI option to configure overrides for reverse DNS zones in DNS resolver/Unbound. Currently c... Juraj Binka
05:39 AM Revision bf2dba75: XHTML Compliance
html id's not permitted to begin with a number.
html id's not permitted to contain '/'
add prefix (entry_) and replac... N0YB
05:22 AM Revision 6bb817b4: status_queues missing semi-colon
This really looks like it should have a semi-colon. Somehow the PHP interpreter is not being fussy about it in this c... Phil Davis
05:10 AM Bug #4607: Bridge+CARP crashes/freezes pfSense
Sorry, didn't have the opportunity to test the fix yet (encountered the problem on a production installation), but am... Vasco Freire
01:40 AM Feature #4542: Support for PPPoE with MTU/MRU > 1492 (i.e. 1500)
a pf 3000
01:39 AM Feature #4542: Support for PPPoE with MTU/MRU > 1492 (i.e. 1500)
Bug... pf 3000
12:58 AM Revision d26955ff: Ticket #4655 well manually merge pull/1715. Thanks: Phil
Ermal Luçi
12:58 AM Revision da6faa2b: Ticket #4655 well manually merge pull/1715. Thanks: Phil
Ermal Luçi

06/14/2015

09:35 PM Bug #4655: IPsec: Enable bypass for LAN interface IP behaviour is reversed
Ermal merge pull 1715, and as far as I can see that resolves the remaining issue. Phillip Davis
11:26 AM Bug #4757: Failing to boot Asrock Q1900M with LiveCD 2.2.2 and Dev 2.2.3 2015 -04 -13
You cannot use UEFI boot. You need to turn on the legacy boot and disable Secure Boot (if relevant). Kill Bill
10:55 AM Bug #4757 (Not a Bug): Failing to boot Asrock Q1900M with LiveCD 2.2.2 and Dev 2.2.3 2015 -04 -13
Failing to boot an Asrock Q1900M, bios v1.5 dated 31/10/2104.
Affects released version 2.2.2 amd64 and Development... Iain McAtear
07:19 AM Revision 26b8101b: add input validation for proxy URL, port, user.
Conflicts:
usr/local/www/system_advanced_misc.php Chris Buechler
06:01 AM Bug #4442 (Resolved): Boot sits at "Configuring firewall" for long time with hostnames, URL Tables, where DNS non-functional
this is good. Chris Buechler
05:48 AM Revision fd90a77f: add input validation for proxy URL, port, user.
Chris Buechler
05:16 AM Bug #4712 (Resolved): Wizard hostname validation rejects upper case letters
works Chris Buechler
04:19 AM Todo #4755 (Resolved): upgrade PHP to 5.5.26
confirmed Chris Buechler

06/13/2015

11:45 PM pfSense Packages Bug #4426: NUT fails to start or restart until NUT's settings are (re)saved
I have been unable to start NUT on my 2.2.2-RELEASE (amd64) install since creating an openvpn client and therefore re... Jason Warren
09:32 PM Revision 71dbcc11: services_dyndns - use tr.disabled instead of font-color
Sjon Hortensius
02:35 PM Bug #4685: Crash/panic "Sleeping thread owns a non-sleepable lock"
Jim P wrote:
> Without seeing the full crash report it's impossible to say if it's related. If you haven't already, ... → luckman212
02:30 PM Bug #4685 (Feedback): Crash/panic "Sleeping thread owns a non-sleepable lock"
Patch put on the tree.
Those who want to test need to update to snapshot coming out next. Ermal Luçi
12:57 PM Revision c72237ee: correct 2 syntax errors
Sjon Hortensius
12:44 PM Revision a326e955: updated progress
Sjon Hortensius
12:39 PM Revision d8e0d425: remove useless form+wrapper #211
Sjon Hortensius
12:38 PM Revision cfc607f3: Merge pull request #211 from sbeaver-netgate/services_captiveportal_ip
Convert services_captiveportal_ip SjonHortensius
12:37 PM Revision f107fd31: status_filter_reload.php Conversion complete
Ready for review sbeaver
12:36 PM Revision 311c0f32: Merge pull request #312 from ExolonDX/patch-4
Move the break & endforeach statements so the DL and DIV tags are properly closed SjonHortensius
12:35 PM Revision d6084ab0: Ok another round of this which unbreaks input error validation messages
Ermal Luçi
12:35 PM Revision 67d96856: Ok another round of this which unbreaks input error validation messages
Ermal Luçi
12:34 PM Revision cd225cb5: vpn_ipsec_phase2.php Conversion complete
Ready for review sbeaver
12:33 PM Revision 75fd7984: vpn_ipsec_phase1.php Conversion complete
Ready for review sbeaver
12:31 PM Revision c284c8a2: system_firmware_check.php Conversion complete
Table converted to panel with heading color indicating status.
jQuery functions provided for formatted writes to pan... sbeaver
12:30 PM Revision 727047a6: system_firmware_auto.php Conversion complete
Page has been changed to use a panel heading for status and a panel
body for output.
Functions have been provided to... sbeaver
12:30 PM Revision bea9e9d6: vpn_openvpn_client.php Conversioncomplete
Ready for review sbeaver
12:28 PM Revision 01ab50fd: vpn_openvpn_server.php Conversion complete
Ready for review sbeaver
12:27 PM Revision 155d9450: diag_smart.php Conversion complete
Ready for review sbeaver
12:23 PM Revision 9ee2cac1: interfaces_ppps_edit.php Conversion complete
Ready for review
This was a very challenging conversion due to the external javascript
libraries (no longer availabl... sbeaver
12:21 PM Revision ee3af113: firewall_virtual_ip_edit.php Conversion complete
Ready for review sbeaver
12:21 PM Revision 781b2b7f: firewall_virtual_ip_edit.php
Form complete. Need to add Javascript actions sbeaver
12:20 PM Revision e4f5ae71: firewall_virtual_ip.php Conversion couplete
Ready for review sbeaver
12:19 PM Revision d7770192: firewall_shaper_wizards.php Conversion complete
Ready for review sbeaver
12:18 PM Revision 416b6a09: Removed unneeded form
sbeaver
12:18 PM Revision 416cbf3c: firewall_schedule.php Conversion complete
Ready for review sbeaver
12:16 PM Revision 8d9f7a80: IpAddress.class.php
Updated to allow the addMask() method to accept a maximum value so that
it can be used for IPv4 and IPv6 addresses. e... sbeaver
12:16 PM Revision cf51b119: firewall_nat_npt_edit.php Converion complete
Ready for review sbeaver
12:14 PM Revision 3cc272c0: remove useless form+wrapper #301
Sjon Hortensius
12:12 PM Revision 5e4b485f: firewall_nat_npt.php Conversion complete
Ready for review sbeaver
12:11 PM Revision 325cdc5d: diag_packet_capture.php Conversion complete
Ready for review sbeaver
12:09 PM Revision 9d11418f: system_gateway_groups_edit.php Conversion complete
Ready for review sbeaver
12:08 PM Revision b83e61e4: vpn_openvpn_csc.php COnversion complete
Ready for review sbeaver
12:07 PM Revision 16eef6f9: vpn_pppoe_edit.php Conversion complete
Ready for review sbeaver
12:06 PM Revision 7778a458: system_usermanager_passwordmg.php COnversion complete
Ready for review sbeaver
12:02 PM Revision 66bbb1b5: remove useless form+wrapper #296
Sjon Hortensius
12:00 PM Revision 4c8c4fc2: vpn_pppoe Conversion complete
Ready for review sbeaver
11:59 AM Revision aa3c6f56: system_usermanager_addprovs.php Conversion complete
Ready for review sbeaver
11:56 AM Revision a742c95a: removed useless form+panel wrapper #293
Sjon Hortensius
11:54 AM Revision b9b44f94: system_gateway_groups.php Conversion complete
Ready for review sbeaver
11:53 AM Revision 454f52f9: status_wireless.php Conversion complete
Ready for review sbeaver
11:52 AM Revision 18e020bd: status_upnp.php Conversion complete
Ready for review sbeaver
11:51 AM Revision 517d3109: status_services.php Conversion complete
Ready for review sbeaver
11:50 AM Revision b33c73ff: no need for reference #289
Sjon Hortensius
11:25 AM Revision af66ad8d: status_lb_pool.php Conversion complete
Ready for review sbeaver
11:24 AM Revision ca583944: status_graph_cpu Conversion complete
Ready for review sbeaver
11:23 AM Revision 3c7787df: status_captiveportal_vocher_rolls.php Conversion complete
Ready for review sbeaver
11:22 AM Revision e3a24020: status_captiveportal_vouchers.php Conversion complete
Ready for review sbeaver
11:21 AM Revision f200e233: status_captiveportal_test.php Conversion complete
Ready for review sbeaver
11:20 AM Revision aeb33e05: status_captiveportal_expire.php Conversion complete
Ready for review sbeaver
11:19 AM Revision 12debece: status_captiveportal.php Conversion complete
Ready for review sbeaver
11:19 AM Revision 454cec57: status.php Conversion coplete
Ready for review sbeaver
11:18 AM Revision a777cf18: services_unbound_host_edit Conversion complete
Ready for review sbeaver
11:17 AM Revision c3e03a35: services_unbound_domainoverride_edit.php Conversion complete
Ready for review sbeaver
11:16 AM Revision 0a98e31b: services_unbound_advanved.php Conversion complete
Ready for review sbeaver
11:15 AM Revision 6e3bd9d2: servies_unbound_acls.php Conversion complete
Ready for review sbeaver
11:11 AM Revision 51c224bc: services_unbound Conversion complete
Ready for review sbeaver
11:10 AM Revision 9f35c891: Merge pull request #236 from sbeaver-netgate/services_rfc2136_edit
Convert services_rfc2136_edit SjonHortensius
11:08 AM Revision fcded4cf: Merge pull request #235 from sbeaver-netgate/services_rfc2136
Convert services_rfc2136 SjonHortensius
11:08 AM Revision 63f127aa: Merge pull request #233 from sbeaver-netgate/services_ntpd_pps
Convert services_ntpd_pps SjonHortensius
11:07 AM Revision ffe0ae40: Merge pull request #232 from sbeaver-netgate/serviecs_ntpd_gps
Convert services_ntpd_gps SjonHortensius
11:05 AM Revision 135200fa: Merge pull request #231 from sbeaver-netgate/services_ntpd
Convert services_ntpd SjonHortensius
11:05 AM Revision 49475b89: Merge pull request #230 from sbeaver-netgate/services_igmpproxy_edit
Convert services_igmpproxy_edit SjonHortensius
11:02 AM Revision c4952ad6: Merge pull request #228 from sbeaver-netgate/services_igmpproxy
Convert services_igmpproxy SjonHortensius
11:01 AM Revision 9fe3ffb2: fix load of syntax errors, give 'Disable' a proper label #227
Sjon Hortensius
10:54 AM Revision 348ee54d: Merge pull request #227 from sbeaver-netgate/services_dyndns_edit.php
Convert services_dyndns_edit SjonHortensius
10:50 AM Revision 565098a7: Merge pull request #226 from sbeaver-netgate/services_dyndns
Convert services_dyndns (contains syntax-errors I'll fix) SjonHortensius
10:48 AM Revision c39d178c: Remove help-text from hidden input #225
Sjon Hortensius
10:47 AM Revision 52863715: Merge pull request #225 from sbeaver-netgate/services_dnsmasq_edit
Convert services_dnsmasq_edit SjonHortensius
10:46 AM Revision 07b5a68e: Merge pull request #224 from sbeaver-netgate/services_dnsmasq_domainoverride_edit
Convert services_dnsmasq_domainoverride_edit SjonHortensius
10:44 AM Revision 626e821e: Merge pull request #223 from sbeaver-netgate/services_dnsmasq
Convert services_dnsmasq SjonHortensius
10:43 AM Revision 72e4aa0e: Merge pull request #222 from sbeaver-netgate/services_dhcpv6_edit
Convert services_dhcpv6_edit SjonHortensius
10:43 AM Revision 28ab6a92: Merge pull request #221 from sbeaver-netgate/services_dhcpv6
Converted services_dhcpv6 SjonHortensius
09:35 AM pfSense Packages Bug #4567: ntopNG Geo files missing
Issue is still there is 2.2.2 package version 1.2.1 v0.5
/usr/pbi/ntopng-amd64/bin/ntopng-geoipupdate.sh doesn't cor... Basile Caillens
08:06 AM Bug #4607: Bridge+CARP crashes/freezes pfSense
My setup was affected by this since I tried 2.2-RC (https://forum.pfsense.org/index.php?topic=85285.0)
I tried again... Régis Belson
02:31 AM Bug #4655: IPsec: Enable bypass for LAN interface IP behaviour is reversed
Chris Buechler wrote:
> I'm kidding...point being, why would you want additional lines in the default config that ar... Kill Bill
01:35 AM Bug #4655 (Feedback): IPsec: Enable bypass for LAN interface IP behaviour is reversed
Phil, thanks for the additional pull request. Putting this back to Feedback to review later. It's BSDCan and 2 AM whi... Chris Buechler
01:30 AM Bug #4655: IPsec: Enable bypass for LAN interface IP behaviour is reversed
Top secret reasons, sorry. The NSA won't let us tell.
I'm kidding...point being, why would you want additional li... Chris Buechler
01:26 AM Bug #4655: IPsec: Enable bypass for LAN interface IP behaviour is reversed
I still would love to hear why exactly do we desperately need to spare one line in default config.xml and why the set... Kill Bill
12:24 AM pfSense Packages Bug #4756 (Confirmed): OpenVPN Client Export fails when using "real" certificate
Yes you have to import the chain in that case. It's stupid to use "real" certificates with OpenVPN, it's actually *le... Chris Buechler

06/12/2015

09:55 PM Bug #4655: IPsec: Enable bypass for LAN interface IP behaviour is reversed
The fish-slapping drama continues here https://github.com/pfsense/pfsense/pull/1715
That pull request is closed, but... Phillip Davis
02:35 PM Bug #4655: IPsec: Enable bypass for LAN interface IP behaviour is reversed
https://www.youtube.com/watch?v=kWmbXMXns28 Kill Bill
01:37 PM Bug #4655 (Resolved): IPsec: Enable bypass for LAN interface IP behaviour is reversed
Thanks Phil!
We were heading out to dinner shortly after Ermal's commit yesterday, and came up with the idea on t... Chris Buechler
11:03 AM Bug #4655: IPsec: Enable bypass for LAN interface IP behaviour is reversed
It works now... (The time wasted here would be enough of a hint to not ever do things like this again. There's a foru... Kill Bill
10:36 AM Bug #4655: IPsec: Enable bypass for LAN interface IP behaviour is reversed
Kill Bill wrote:
> And let me say, it was just fine until this evil commit that twisted the logic into this stupidit... Ermal Luçi
02:47 AM Bug #4655: IPsec: Enable bypass for LAN interface IP behaviour is reversed
Phillip Davis wrote:
> https://github.com/pfsense/pfsense/pull/1715
Applied your pull request on top of the whole... Kill Bill
08:46 PM pfSense Packages Bug #4756: OpenVPN Client Export fails when using "real" certificate
I just figured out that if I import every cert in the chain individually into the "CA" tab, it finally works.
That's... Adam Thompson
08:44 PM pfSense Packages Bug #4756 (Not a Bug): OpenVPN Client Export fails when using "real" certificate
Still having what appears to be the same problem as issue #1538, but in 2.2.2-RELEASE i386.
Generate a CSR from pf... Adam Thompson
08:38 PM pfSense Packages Bug #1538: openvpn-client-export.inc -- issue with ca.crt lookup
Still having what *appears* to be the same issue.
Generate a CSR from pfSense, get a signed cert (from StartSSL) for... Adam Thompson
06:35 PM Revision f7531032: Make this right finally :). Thanks-ti: Phil-davis
Ermal Luçi
06:35 PM Revision 60fc27e0: Make this right finally :). Thanks-ti: Phil-davis
Ermal Luçi
04:11 PM Revision 4b03b906: Add hostid script in the source to solve the issue with platforms that do not have proper uuid or duplicate uuid which breaks carp/pfsync and other things in HA setup.
Ermal Luçi
04:01 PM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot
Ermal Luçi wrote:
> https://github.com/ocochard/BSDRP/blob/master/EINE/patches/freebsd.bsnmpd.hostres
>
> Seems t... Renato Botelho
03:30 PM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot
Chris Buechler wrote:
> Matt: haven't heard of it on ALIX but same could impact it also. does disabling the host res... Matt Meyer
03:03 PM Bug #4403: Enabling SNMP causes kernel panic with APU with empty SD card slot
https://github.com/ocochard/BSDRP/blob/master/EINE/patches/freebsd.bsnmpd.hostres
Seems to have a patch for this i... Ermal Luçi
03:58 PM Revision e5bdc656: Add hostid script in the source to solve the issue with platforms that do not have proper uuid or duplicate uuid which breaks carp/pfsync and other things in HA setup.
Ermal Luçi
03:41 PM Revision c3a47539: Merge pull request #1716 from edwinlee11/patch-1
Ermal Luçi
03:37 PM Revision b5d102e7: Activate the redirection that for some reason got disabled
Ermal Luçi
03:36 PM Revision 7144515b: Activate the redirection that for some reason got disabled
Ermal Luçi
10:52 AM Revision a7a064f4: Add description as a display option on Traffic Graph
This is handy at sites where lots of the LAN clients have static-mapped
DHCP IP addresses. Depending on the site host... Phil Davis
09:42 AM Todo #4755 (Feedback): upgrade PHP to 5.5.26
Done. Renato Botelho
09:08 AM Todo #4755 (Assigned): upgrade PHP to 5.5.26
I found the announcement, nvm. Renato Botelho
09:06 AM Todo #4755 (Feedback): upgrade PHP to 5.5.26
I couldn't find this release, according with PHP website 5.5.25 is the latest one - http://php.net/releases/ Renato Botelho
09:15 AM Revision a75aa2ca: Remove track6-interface and track6-prefix-id from interfaces->lan in default config.xml
1. <track6-interface>wan</track6-interface> and <track6-prefix-id>0</track6-prefix-id> of interfaces->lan from /conf.... Edwin Lee
07:46 AM Bug #4685: Crash/panic "Sleeping thread owns a non-sleepable lock"
Still seeing a steady stream of crashes on certain systems, I've added more crash reports to the repo. Two of them ha... Jim Pingle
07:45 AM Bug #4685: Crash/panic "Sleeping thread owns a non-sleepable lock"
Luke Hamburg wrote:
> I have experienced a lot of crashes (hard crash that triggers the box to reboot) on 2 differen... Jim Pingle
02:57 AM Bug #4442: Boot sits at "Configuring firewall" for long time with hostnames, URL Tables, where DNS non-functional
No more undefined macros and errors when loading the rules on boot with latest snapshot. I'm with Chris here, looks l... Kill Bill

06/11/2015

09:57 PM Revision 71f29f44: Ticket #4655 Do not behave against the logic of checkbox and description.
Ermal Luçi
09:56 PM Revision 1c7fd09e: Ticket #4655 Do not behave against the logic of checkbox and description.
Ermal Luçi
09:50 PM Bug #4655: IPsec: Enable bypass for LAN interface IP behaviour is reversed
https://github.com/pfsense/pfsense/pull/1715
Ermal's change/fix seems good (although the whole thing screws with peo... Phillip Davis
05:33 PM Bug #4655: IPsec: Enable bypass for LAN interface IP behaviour is reversed
And let me say, it was just fine until this evil commit that twisted the logic into this stupidity.
https://github... Kill Bill
05:21 PM Bug #4655: IPsec: Enable bypass for LAN interface IP behaviour is reversed
This does NOT work. Keep clicking Save and watch the checkbox and ipsec.conf flip. Not really sure what to say here. ... Kill Bill
04:55 PM Bug #4655 (Feedback): IPsec: Enable bypass for LAN interface IP behaviour is reversed
Fixed to be natural to the checkbox and comment. Ermal Luçi
07:21 PM Revision c66a327b: Merge pull request #1710 from stilez/patch-4
Renato Botelho
07:18 PM Revision be37ac8f: fix checking for overlaps of NAT destination port
Bruno Ferri
07:17 PM Revision 52bdb9b0: Merge pull request #1714 from brunostein/fix_checking_nat_destination_port
Renato Botelho
06:43 PM Revision ed899400: fix checking for overlaps of NAT destination port
Bruno Ferri
05:19 PM Bug #4607 (Resolved): Bridge+CARP crashes/freezes pfSense
fixed, original problem case is no longer replicable, things otherwise seem fine on a system that's been running in a... Chris Buechler
05:12 PM Todo #4755 (Resolved): upgrade PHP to 5.5.26
2.2.3 needs PHP upgraded to 5.5.26. Chris Buechler
05:06 PM Feature #4683 (Resolved): Support for elliptic curve for IPsec on webconfigurator
confirmed. Thanks! Chris Buechler
04:42 PM Bug #4537 (Resolved): Crash and reboot when accessing the web UI from the IPsec mobile client or over the tunnel on 32 bit
that works around the issue. For tracking purposes we'll mark this resolved. I opened #4754 to investigate the root c... Chris Buechler
04:41 PM Bug #4754 (Resolved): enabling net.inet.ipsec.directdispatch on 32 bit results in kernel panics
Starting this for the root problem in #4537. We have a workaround for the issue and hence closed that ticket, but the... Chris Buechler
04:18 PM Bug #4625 (Resolved): Expiring a voucher doesn't disconnect a user who is using that voucher
fixed Chris Buechler
03:50 PM Bug #4268: changes in strongswan config don't apply to SAD or SPD
They will not go away from what i recall until the SA expires.
But the new SPD will be used for new packets. Ermal Luçi
03:32 PM Bug #4268 (Confirmed): changes in strongswan config don't apply to SAD or SPD
no change. SPD and SAD both remain in place. For example, bring up an IPsec connection of any type. Verify its SAD an... Chris Buechler
03:39 PM Todo #4353 (New): Review IPsec reloading when strongswan.conf is changed
Chris Buechler
03:37 PM Feature #4626 (Resolved): Ability to set charon.make_before_break in strongswan.conf
works Chris Buechler
12:39 PM pfSense Packages Feature #4581: Add dshield-sensor port to pfPorts
This can be closed, I submitted a pull request now that I have access to the repository. Robert Nelson
10:05 AM Bug #3733: Certificate manager doesn't allow wildcards in Subject Alternative Names
I've created the pull request @ https://github.com/pfsense/pfsense/pull/1713 Daniel Schultheis
09:39 AM Bug #3733: Certificate manager doesn't allow wildcards in Subject Alternative Names
It will be easy if you submit a pull request at https://github.com/pfsense/pfsense
Then the devs can easily review, ... Phillip Davis
09:07 AM Bug #3733: Certificate manager doesn't allow wildcards in Subject Alternative Names
I made a silly mistake which is now fixed. Here is an updated patch. Daniel Schultheis
09:00 AM Bug #3733: Certificate manager doesn't allow wildcards in Subject Alternative Names
I've just optimized the patch a bit to revert back to the original functions which now have an additional $allow_wild... Daniel Schultheis
08:54 AM Bug #3733: Certificate manager doesn't allow wildcards in Subject Alternative Names
I've created a patch which now wraps this whole behaviour in a seperate function call.
In /usr/local/www/system_ce... Daniel Schultheis
08:34 AM Bug #3733: Certificate manager doesn't allow wildcards in Subject Alternative Names
That change is unlikely to make it in unless it's in a separate function or a separate option to the function to acti... Jim Pingle
08:31 AM Bug #3733: Certificate manager doesn't allow wildcards in Subject Alternative Names
You can achive this behaviour by modifying the file /etc/inc/util.inc
The problem lies within the is_domain() meth... Daniel Schultheis
09:57 AM Bug #4383 (Resolved): Firewall log contains IGMP for rules that do not have logging on
fixed Chris Buechler
12:52 AM Bug #4383: Firewall log contains IGMP for rules that do not have logging on
Hooray! I finally can see something useful in firewall logs on the previously affected site once again! Sanity restor... Kill Bill
09:55 AM Bug #4651 (Resolved): Policy route negation rules receive the same tracker ID as the rule they are based upon, which confuses the log parser
fixed Chris Buechler
09:44 AM Todo #4750 (Resolved): Upgrade to strongswan 5.3.2 for pfsense 2.2.3
done Chris Buechler
01:46 AM Revision 2e7ea107: Make the host uuid opt-out
Ermal Luçi
01:42 AM Revision bfc15aca: Make the host uuid opt-out
Ermal Luçi
12:58 AM Bug #4442: Boot sits at "Configuring firewall" for long time with hostnames, URL Tables, where DNS non-functional
Ermal Luçi wrote:
> You DNS is busted what do you get blocked that was not blocked before?
No. That'd make packag... Kill Bill
12:14 AM Revision 894d01b6: Revert "Ticket #4442 Do not process URL aliases during bootup but trigger it just after finished booting. This completely solves the bootup delays without lowering the timeout as before. Probably need to increase a bit the timeouts now to be friendly to other connections"
This reverts commit 0d44aca64623da5a3eeef0619704a10b3cfda7a5. Chris Buechler
12:14 AM Revision bab606ee: Revert "Ticket #4442 Do not process URL aliases during bootup but trigger it just after finished booting. This completely solves the bootup delays without lowering the timeout as before. Probably need to increase a bit the timeouts now to be friendly to other connections"
This reverts commit ec9eb7891780e5f142838c03203ad8ce267ed89e. Chris Buechler

06/10/2015

10:17 PM Bug #4383: Firewall log contains IGMP for rules that do not have logging on
2.2.3-DEVELOPMENT (i386)
built on Wed Jun 10 19:49:59 CDT 2015
FreeBSD 10.1-RELEASE-p11
No more flood of unasked... Phillip Davis
12:31 PM Bug #4383 (Feedback): Firewall log contains IGMP for rules that do not have logging on
Patched. Ermal Luçi
08:11 PM Bug #4028 (Resolved): Wireless Obytes counter always 0
here as well Chris Buechler
03:56 PM Bug #4028: Wireless Obytes counter always 0
WFM as well. Kill Bill
01:15 PM Bug #4028: Wireless Obytes counter always 0
Fixed for me on Alix with WiFi card with pfSense-2.2.3-DEVELOPMENT-2g-i386-nanobsd-upgrade-20150610-1048.img.gz
Now ... Phillip Davis
07:16 PM Bug #4442: Boot sits at "Configuring firewall" for long time with hostnames, URL Tables, where DNS non-functional
It's definitely worse to skip it during boot in a variety of cases, and I don't see any circumstances where that help... Chris Buechler
06:58 PM Bug #4442: Boot sits at "Configuring firewall" for long time with hostnames, URL Tables, where DNS non-functional
You DNS is busted what do you get blocked that was not blocked before?
If your boot takes 1-2 minutes than this is... Ermal Luçi
04:23 PM Bug #4442: Boot sits at "Configuring firewall" for long time with hostnames, URL Tables, where DNS non-functional
Hmmmm. Not exactly convinced this is better. This seems to be blocking all traffic from LANs until the boot is comple... Kill Bill
07:04 PM Bug #4523 (Feedback): master.passwd/group file corruption may occur after kernel panic or unclean shut down
Installer has been updated for new snaps and upgrade code been put in place. Ermal Luçi
06:12 PM Revision 3474e299: Send the machine uuid with the headers requesting the version file
Ermal Luçi
06:11 PM Revision 9c189bee: Send the machine uuid with the headers requesting the version file
Ermal Luçi
06:10 PM Revision 7e3bdaa9: Send the machine uuid with the headers requesting the version file
Ermal Luçi
06:02 PM Revision fb36bccf: Send the host uuid with the request for package
Ermal Luçi
05:44 PM Revision 8b8a4630: Fixes #4537 On 32bit platform do not enable direct dispatch on IPsec since it crashes the system
Ermal Luçi
05:44 PM Revision 05591613: Fixes #4537 On 32bit platform do not enable direct dispatch on IPsec since it crashes the system
Ermal Luçi
04:54 PM Revision b8947f8f: Activate sync for the root slice in fstab during upgrade. Ticket #4523
Jim Pingle
04:49 PM Revision ed97bf78: Activate sync for the root slice in fstab during upgrade. Ticket #4523
Jim Pingle
12:50 PM Bug #4537: Crash and reboot when accessing the web UI from the IPsec mobile client or over the tunnel on 32 bit
Applied in changeset commit:8b8a4630542156b160e22cf3921f0be5a4563179. Ermal Luçi
12:50 PM Bug #4537: Crash and reboot when accessing the web UI from the IPsec mobile client or over the tunnel on 32 bit
Applied in changeset commit:0559161320438f942e48c50263043d975be6fc21. Ermal Luçi
12:42 PM Bug #4537 (Feedback): Crash and reboot when accessing the web UI from the IPsec mobile client or over the tunnel on 32 bit
Done for non amd64. Ermal Luçi
11:45 AM Bug #4751 (Feedback): kernel panic after disabling captive portal when idle timeout is in use
Patch has been updated to solve this issue. Ermal Luçi
07:17 AM Bug #4753: Can't access to the Internet on Pfsense 2.0 with VLAN+CARP
Ok thank you Greg CHALVIGNAC
07:15 AM Bug #4753 (Rejected): Can't access to the Internet on Pfsense 2.0 with VLAN+CARP
"WAN Net" means the subnet of the WAN interface, not the Internet in general.
Please post on the forum for assista... Jim Pingle
07:13 AM Bug #4753 (Rejected): Can't access to the Internet on Pfsense 2.0 with VLAN+CARP
When I set a rule like this :
Proto:IPv4 | source: VlanX Net | p_source: * | Dest : WAN Net | p_dest : (Alias) 80,... Greg CHALVIGNAC
06:43 AM pfSense Packages Feature #4581: Add dshield-sensor port to pfPorts
Don't give up, I want this feature for one, but adding to FreeBSD will help everyone
maybe post here https://forum... Mark M
02:44 AM pfSense Packages Feature #4752 (Resolved): SQUID. Exception for speed limits
Good day to all people!I am submitting for your consideration the idea (the request).
It would be good if in the sec... Aleksei Aksenov
02:29 AM Bug #4661: OpenVPN client can't assign to GWGroup specifying VIPs
Hello Chris.
I tested this twice,and it's not working properly.
I used version 2.2.3-DEVELOPMENT (amd64) built ... Grzegorz Sliwa
 

Also available in: Atom