Activity
From 07/10/2015 to 08/08/2015
08/08/2015
-
11:01 PM Bug #4924: Package manager - the version comparison code not comparing versions properly
- Note that this is also a problem for a pfSense version upgrade from 2.2.9 to 2.2.10 and the like, due to a bug in the...
-
- I am looking at that. Yes, it needs smarter comparison and might be able to reuse code that does similar stuff for co...
-
01:59 AM Bug #4924 (Resolved): Package manager - the version comparison code not comparing versions properly
- Noted this with the recent packages cleanup spree... 10 > 9, the trailing 0 is not insignificant... :)
!http://i.i... -
- Pull request https://github.com/pfsense/pfsense/pull/1810
-
- version_compare_numeric correctly compares 2.2.8 to 2.2.9 and thinks 2.2.9 is an upgrade - good.
But comparing 2.2.9... - 11:13 AM Revision eb76c6b7: Merge pull request #337 from sbeaver-netgate/firewall_schedule_edit.php
- Converted firewall_schedule_edit
-
11:10 AM Bug #4854: OpenVPN bound to gateway group using CARP IP doesn't start with CARP master status
- Hi Chris,
think there is still a problem.
When CARP goes to backup on let say pfsense#1, it stops openvpn and i... - 11:07 AM Revision a4b3dbce: Merge pull request #332 from sbeaver-netgate/firewall_nat_edit
- Converted firewall_nat_edit
-
- Merged and working again.
-
- Can this be done for 2.2.5 please? There is a whole galore of people complaining about this... https://forum.pfsense....
-
01:01 AM pfSense Packages Bug #3434 (Resolved): widentd
- thanks
08/07/2015
- 08:21 PM Revision 4b94f9ec: Partially converted
- Requires revised save logic using an array rather than multiple POST
fields
Also like to look at possibility of chan... - 07:18 PM Revision 55d43903: Merge branch 'logos' into bootstrap
-
- Merged -> fixed.
- 05:56 PM Revision f4beb885: Updated logos
-
- thanks
- 03:02 PM Revision eda83714: Merge branch 'firewall_rules' into bootstrap
- 03:01 PM Revision 42a6bcbd: Change savings display class.
- 02:53 PM Revision 50e12e3e: Merge branch 'firewall_nat_out' into bootstrap
- 02:52 PM Revision 1ce2bbbc: Merge branch 'firewall_nat_1to1' into bootstrap
- 02:52 PM Revision f2776958: Merge branch 'firewall_nat' into bootstrap
- 02:52 PM Revision d9a57fcd: Merge branch 'firewall_rules' into bootstrap
- 02:51 PM Revision c821a6cd: Added panel etc
- Added panel for consistency
moved “store changes” button to <nav>
Changed icon legend to <dd> for consistency - 02:29 PM Revision 1c0d1b28: Change icon display
- Change icon display to<i>
Remove row shading
Remove unneeded checkbox - 02:22 PM Revision 91d452c7: Removed row shading
- 02:19 PM Revision 0032fa52: updated icons etc
- Changed icon display
Removed row shading
Removed unneeded checkboxes - 02:08 PM Revision 7abddc12: icon and checkbox changes
- display icon with <i>
eliminate unneeded checkbox -
12:46 PM Bug #4874: pf crash related to source tracking: pf_hashsrc: unknown address family 0
- Same system crashed identically on 2.2.4:...
-
12:24 PM Feature #4923 (Resolved): Add LDAP support for RFC2307 style group membership
- Turnkey Linux OpenLDAP (which runs the phpLDAPadmin web UI) seems to define group membership differently than pfSense...
-
11:09 AM Feature #4044: Add UEFI support
- Will this be looked at eventually? I think GEN2 Hyper-V support would be a great thing, particularly for dynamic mem...
- 01:51 AM Revision db141f98: Added alias pop-ups
- 01:23 AM Revision dbbd22f9: Added alias pop-up
- 12:36 AM Revision 90741c50: Merge branch 'firewall_nat_npt' into bootstrap
- 12:36 AM Revision b4c47a85: Merge branch 'firewall_nat_1to1' into bootstrap
- 12:36 AM Revision 5e07cad0: Merge branch 'firewall_nat_out' into bootstrap
- 12:36 AM Revision 3e051f35: Merge branch 'firewall_nat' into bootstrap
- 12:35 AM Revision 8bbab8a3: Added store changes button and containing panel
- 12:29 AM Revision 598dc5ed: Added store changes
- 12:25 AM Revision 56fca890: Save re-ordered list
- 12:02 AM Revision 797f7b50: Save changed rule order
08/06/2015
- 11:41 PM Revision 74ccc915: Merge branch 'firewall_nat_1to1' into bootstrap
- 11:41 PM Revision b27b4e4b: Updated to use jquery drag/move
- 11:34 PM Revision eff6aa06: Merge branch 'firewall_nat_out' into bootstrap
- 11:34 PM Revision 753dd9fc: Updated to use jQuery drag/move
- 11:26 PM Revision 2d708e43: Merge branch 'firewall_nat' into bootstrap
- 11:26 PM Revision 4cf530c4: Updated to use jQuery row drag/move
- 10:53 PM Revision eb19b66d: Merge branch 'firewall_aliases_edit.php' into bootstrap
- 10:53 PM Revision 6fceee6b: Fixed issue when address array contained blank entries
- Todo: Probably a better way to fix this, but this fix at least allows
the page to function. - 03:47 PM Revision ac23816a: Merge branch 'firewall_nat_out' into bootstrap
- 03:46 PM Revision 1d449e7c: firewall_nat_out Conversion complete
- Ready for review
-
- This is fixed by https://github.com/pfsense/pfsense-packages/pull/952
-
- If you really want this displayed somewhere in dashboard, you can assign the underlying physical interface (and use t...
-
08:25 AM Bug #4058: WAN interface configured as PPPoE not displaying properly in Interfaces box of Dashboard
- Thank you both for looking into this. Apparently something changed (gasp!) since the previous release. I looked at ...
08/05/2015
-
- https://github.com/pfsense/pfsense-packages/pull/939
-
09:01 PM pfSense Packages Bug #4922 (Resolved): Nut Settings Page - PHP Config nut.inc - Field Validation Fails
- Original issue:
PfSense 2.2.3 and 2.2.4, install Nut 2.0.5.
Go to configure as 'Remote NUT Ups', fill in fields u... - 10:15 PM Revision 37ad2e00: Highlight all cells in the row
-
05:24 PM Revision c0d5c143: Merge pull request #1806 from nagyrobi/patch-24
-
11:01 AM Bug #4921 (Resolved): Disabling a gateway does not remove static routes for DNS servers set to use it
- After disabling a gateway in System > Routing, Gateways if you have DNS servers defined in System > General Setup tha...
-
- LAGG interfaces do not support ALTQ directly, so they don't appear in the shaper wizard or other ALTQ areas unless th...
-
05:38 AM Bug #4920 (Not a Bug): Traffic Shaping Wizard don't show "LAN" Interface
- I have an little issue with the Traffic Shaping Wizard on my pfSense. I have the following interfaces:
-WAN 1 (VLA... -
01:16 AM pfSense Packages Bug #4919 (Not a Bug): squid transparent proxy interface problem
- Hello!
I don't know where to report this =)
I found a problem in squid3 package. In web configuration script (/usr/...
08/04/2015
-
09:19 PM Revision 44551f82: Fix missing DH group 22-24
-
-
- working
-
- Pull request has been merged
-
- NWM, looking at filer_sync.xml instead.
https://github.com/pfsense/pfsense-packages/pull/933 -
- I frankly cannot see there's it referenced in the filer.xml.
- 06:37 PM Revision 69d42601: Merge branch 'loadbalancer_monitor' into bootstrap
- 06:36 PM Revision ac800670: load_balancer_monitir Conversion complete
- Ready for review
-
- thanks
-
- Confirmed working by multiple forum users, safe to close. ;)
- 04:35 PM Revision 95056f94: Merge branch 'firewall_nat_1to1' into bootstrap
- 04:34 PM Revision fe4dec8f: Add containing panel
- 04:28 PM Revision b7e553b1: firewall_nat_1to1 COnversion complete
- Ready for review
-
- The configuration generated when DH groups 22-24 is incorrect (the _ike_ and _esp_ attributes are incomplete.)
Pul... - 03:23 PM Revision 66df2190: Initial conversion
-
12:20 PM Bug #4806: Mobile IPSec Broken on iOS devices after 2.2.3 Upgrade from 2.2.2
- We are running version 2.2.4 but we still appear to have this issue.
We followed the guide at:
https://doc.pfsens... -
10:48 AM Revision 30ccf550: put back the missing newline
- Since 2.2 the console is missing the separating line between the interfaces list and the menu, which makes it harder ...
-
- As I said I am aware of that, but having a 8GB image (which means approx 4GB per slice) would be a benefit for packag...
-
05:24 AM Bug #4766: "URL Table (IPs)" and "URL (IPs)" do not work when text file is hosted on a fresh install of pfSense
- Yes, the one I attached is sufficient to replicate this issue. I just tested 2.2.3 and 2.2.4 and they both still have...
- 04:13 AM Revision 24850bca: only read file if it exists, and only foreach if an array.
- 04:10 AM Revision 0057e62d: only read file if it exists, and only foreach if an array.
-
03:23 AM Bug #2762: PF drops IPv6 packets with fragment header followed by a last fragment only
- I modified _/usr/local/www/firewall_rules_edit.php_ with enclosed patch (pfSense 2.2.4)
After that, protocol "IPV6... - 01:31 AM Revision d098d2ce: Merge https://github.com/SjonHortensius/pfsense into bootstrap
08/03/2015
-
- Forum: https://forum.pfsense.org/index.php?topic=97540.0
In the recent commits "function filer_install()" was remove... - 07:53 PM Revision 31d613d2: Merge pull request #335 from sbeaver-netgate/XSS
- XSS/Security updates from upstream
- 06:08 PM Revision 2a52350e: Merge branch 'firewall_nat_edit' into bootstrap
- 06:08 PM Revision 7bd45a1d: Merge branch 'firewall_nat' into bootstrap
- 06:03 PM Revision 96798027: Merge branch 'XSS' into bootstrap
- 05:11 PM Revision 603aa20f: XSS/Security updates from upstream
- The pfSense maintainers have provided a list of 30 or so security
changes related to the web GUI that have been made ... -
- Fixed with the above commit.
-
- it's fine (and better in ways) to use a larger card than the image size. this has been discussed at length in other t...
-
- Looks like around where I live the 4GB CF cards start to disappear from the market. Today all I can find are Kingston...
- 01:18 PM Revision 2ab10468: Allow to create empty bogons on nanoBSD
- If for some reason the bogons file/s do not exist then this code creates
empty ones before making any use of them in ... -
-
- Just a note here: 1/ only happens as a result of 2/ (and of subsequent restarting of the reinstall).
-
- Dave B wrote:
> Nevermind, restarted and it worked
That's #4880 (see point 2 there). Good luck figuring it out. -
10:38 AM pfSense Packages Bug #4886: ntopng error at boot after reinstall post-upgrade
- Nevermind, restarted and it worked
-
- the new ntopng package is "broken"
froze at Executing custom_php_global_functions()...
and stay there forever -
- Pull request has been merged, thanks!
-
- Pull request has been merged
-
04:30 AM Feature #4915 (Resolved): Move logout link
- The logout link is currently hidden in the middle of the System menu which makes it a bit awkward to find, it would b...
-
03:50 AM Bug #3749: Upgrade from 2.1.4 to 2.2 does not automatically reboot
- Also had same problem refusing to reboot in 2.2.2. I was able to get to console but reboot failed there too. But on s...
-
02:04 AM Feature #4914 (New): Packet Capture Settings
- It would be nice if the Packet Capture utility, once started, could keep in memory the settings it started with and s...
08/02/2015
- 08:44 AM Revision 42d24d00: Merge pull request #331 from sbeaver-netgate/firewall_nat_out_edit.php
- Converted firewall_nat_out_edit
- 08:43 AM Revision f9b2aaa5: Merge pull request #329 from sbeaver-netgate/system_crlmanager.php
- Convert system_crlmanager
- 08:42 AM Revision 4a098495: fix a few syntax problems #327
- 08:41 AM Revision b70992c6: Merge pull request #327 from sbeaver-netgate/diag_ipsec.php
- Converted diag_ipsec
- 08:25 AM Revision c3e5fd5b: Merge pull request #326 from sbeaver-netgate/diag_gmirror.php
- Converted diag_gmirror
- 08:20 AM Revision 5db21898: Merge pull request #325 from sbeaver-netgate/services_captiveportal.php
- Converted services_captiveportal
- 08:08 AM Revision 60558695: Merge pull request #330 from sbeaver-netgate/firewall_shaper
- converted firewall_shaper
-
04:58 AM Bug #4913 (Duplicate): XMLRPC sync craches PHP-fpm
- Hi!
Having a problem that XMLRPC gets "Code 5: Didn't receive 200 OK from remote server. (HTTP/1.0 500 Internal Se... -
04:58 AM Bug #4286: State killing on gateway change
- Here is a new test case in the latest 2.2.4 release:
- I start a "ping 8.8.8.8"
- Link ADSL is up, link 3G is up,... -
- Looked a bit at the source code:
There is 3gstats.php which is retrieving datas from the Huawei monitoring device:...
08/01/2015
-
- It's definitely less than ideal, especially given it doesn't reliably work. dmidecode is not an alternative though, a...
07/31/2015
- 07:58 PM Revision 2807e479: Fixed error in use of array_merge()
- array_merge() re-numbers the keys :(
-
- 07:32 PM Revision 0e6ac11d: firewall_nat.php Conversion complete
- Ready for review
-
-
-
-
-
-
05:51 PM pfSense Packages Bug #4895: System Patches - multiple regressions with the new code
- Given this information, I think it's possible to meet both sets of uses neatly.
I'll have a go at a second versio... -
-
-
-
-
-
-
- Can someone please bump the PBI to 0.86? With 0.85, the only thing you get is...
-
- 2015/07/31 03:05:08 kid1| /var/run/squid/squid.pid: (1) Operation not permitted
2015/07/31 03:05:08 kid1| WARNING: C... -
- Guys, this "method" is really pathetic. Not having things like /proc/cpuinfo does not help here, but what's exactly w...
07/30/2015
-
-
-
- 09:21 PM Revision 223af28c: firewall_nat_edit.php COnversion complete
- Ready for review
-
08:32 PM Bug #4911 (Resolved): AES-NI hardware crypto not always displayed in information widget
- The /var/log/dmesg.boot snapshot file appears to be created too early in the boot process resulting in hardware crypt...
- 08:28 PM Revision ee4b22ea: firewall_nat_edit Partial conversion
- Some JS left to complete
- 08:07 PM Revision 9d454891: fix whitespace
- 08:02 PM Revision aa14a0f4: Add NUT package help location
- 07:23 PM Revision f791f28d: remove the destination server's interface(s) from dhcrelay. Ticket #4908
-
04:49 PM
pfSense Packages
Bug #4857: Cannot install squid3 on pfsense 2.2.3
- I confirm squid3 dies or doesnt work on pfsense 2.2.3
After a few days qwhere everything was running fine, squid s... -
-
-
-
-
04:13 PM Bug #4418: IPsec mobile clients - bogus "p" appended to search domain
- Running pfSense 2.2.4 and attempting to connect with iOS 8.4. This problem still apparently exists in some form or an...
-
- Two completely different animals there.
Host and network aliases are parsed in pfSense and passed into filterdns f... -
- According to [[https://doc.pfsense.org/index.php/Aliases#Aliases_and_Hostnames]] hostnames are updated as often as co...
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- needs fixed upstream
-
- 1/ This is an upstream issue.
2/ Has no influence here on functionality. Dunno what time interval you have selected.... -
11:59 AM Bug #4896: Gateway group failover
- I've tried back and forth to trigger the fault again, but it is a no show, which is both good and bad. :)
However ... -
- First of all i turned off Grown notifications (thought they were off). And the warnings disappeared. Thanks!
I tri... -
- Scratch that, a proper one here: https://github.com/pfsense/pfsense-packages/pull/917
-
- https://github.com/pfsense/pfsense-packages/pull/916
- 10:58 AM Revision ede37031: Allow to create empty bogons on nanoBSD
- If for some reason the bogons file/s do not exist then this code creates
empty ones before making any use of them in ... -
10:15 AM Bug #4329: OpenVPN Server returns an error message while validating selfsigned certificate with a deep of 2
- I've disabled the certificate check and went with the default "Do not check".
-
- Applied in changeset commit:79e46ebda9eb3b92fc911fd82ef3b701ef3a64da.
-
- Applied in changeset commit:2ae65d99d228f8de891bd93d359ad9fca95c3adf.
-
- Though I saw this happen on a production unit when performing an upgrade, I can't seem to reproduce it locally.
On... - 06:27 AM Revision 97613114: remove the destination server's interface(s) from dhcrelay. Ticket #4908
- 05:49 AM Revision fc3e3bdb: remove more old, unused platform stuff
- 05:49 AM Revision f688185c: remove more old, unused platform stuff
- 05:38 AM Revision c7ea65c2: Fix killing of individual states for IPv6. Ticket #4906
- 05:37 AM Revision fcf8ac0a: Fix killing of individual states for IPv6. Ticket #4906
- 05:28 AM Revision ffb3d9d5: fix whitespace
- 05:28 AM Revision 324ce0b9: fix whitespace
- 05:17 AM Revision c5dbb02f: Use the appropriate source and dest IPs for all state types. Ticket #4907
- 05:16 AM Revision 38e7c093: Use the appropriate source and dest IPs for all state types. Ticket #4907
- 04:10 AM Revision d3712bdf: remove old unused nopccard_platforms
- 04:08 AM Revision 58ec9af1: remove old unused nopccard_platforms
- Conflicts:
etc/inc/globals.inc - 04:02 AM Revision edd4c038: sync rc.firmware_auto with master
- 04:01 AM Revision ac565fab: remove wrap and net4501 platforms, they haven't existed for years.
-
- pushed to RELENG_2_2 for verification, need to cherry-pick to master once confirmed.
-
- At some point ages ago, if you specified an interface list with dhcrelay, you had to also include the interface(s) wh...
-
- looks to be fixed with what I just pushed.
-
- looks to be correct with what I just pushed, leaving for further confirmation.
-
- diag_dump_states.php's individual state killing assumes the left IP in the state is the source IP, which isn't true f...
07/29/2015
-
- diag_dump_states.php doesn't kill individual IPv6 states. It finds the source and dest as the first group of the addr...
-
- Warning: dns_get_record(): DNS Query failed in /etc/inc/notices.inc on line 390
That comes from trying to look up th... -
- This might be a DNS related issue dues to the warning messages I get. So FYI I am using the DNS Resolver with these s...
-
- First of all when I run /etc/rc.filter_configure_sync it outputs 16 of these:
Warning: dns_get_record(): DNS Query ... -
- what if you run:...
-
-
- 06:53 PM Revision 30e18055: firewall_nat_out_edit.php Conversion complete
- Ready for review
-
-
-
06:32 PM Feature #4905 (Needs Patch): Expose Curve25519 DH group to UI
- StrongSwan has additional key exchange groups that are not currently offered:
https://wiki.strongswan.org/projects... -
-
-
- Applied in changeset commit:4379f31869e48e98f73600a166854ab417c3f645.
-
- Applied in changeset commit:33697d18572e8f3f320b0627101e663710fa3dba.
-
- Looks like we only test for "$parsed_response['config_version'] < $config['version']" and not greater than.
https:... -
- With an HA setup with XMLRPC sync there is supposed to be a version check to prevent different versions of pfSense fr...
-
-
- Applied in changeset commit:6538d22fcb8068b276585b6cc2b4f7b9b0c58829.
-
- Applied in changeset commit:7fbe16f7989890122e429bbf5048324a263d13b8.
-
There is similar code in filter.inc and captiveportal.inc for these rules. The code in filter.inc generates rules f...-
- With Captive Portal on an interface with a CARP VIP, 2.1.x properly included the CARP VIP in the ipfw rules:...
-
- Early shell commands are not run early enough. Running at boot "ifconfig emX name ethX" for all interfaces in order t...
-
- Upgrading from pfSense 2.1.x to 2.2, the captive portal databases are in the older sqlite 2.x format and cannot be re...
-
- Not a bug. Seek help on the forum/mailing list, this is not a support forum.
-
08:01 AM pfSense Packages Bug #4901: How to block https Sites in pfsense
- Kill bill is right, this really seems to be an issue with your configuration. I think the best way to go about it is ...
-
- Ravi Kumar wrote:
> That is a major bug in pfsense.
You can only filter HTTPS requests when DNS lookups are chann... -
05:37 AM pfSense Packages Bug #4901: How to block https Sites in pfsense
- That is a major bug in pfsense.
-
- This is not the place for support questions. https://www.pfsense.org/get-support/
-
- Ravi Kumar wrote:
> Proxy filter SquidGuard: Target categories >> creating a New target apply to denying some sites... -
- Proxy filter SquidGuard: Target categories >> creating a New target apply to denying some sites.(eg.-https://www.fac...
-
07:27 AM Feature #4899: Additional BOOTP/DHCP Options should allow a force option
- This is a RELENG_2_2 patch for /etc/inc/services.inc with a safe workaround for PXElinux.
It would be better to just... -
- One use case is for pxelinux with options 208,209,210.
The client will not request these options so it must be force... -
- The "without context" parts are part of it, also if there are only additions and no deletions, with the right context...
-
- I'm not sure about some of the comments above - I'll look into the points raised. This patch should only have change...
-
- Completely nonsensical code with tons of garbage and hundreds of wheels reinvented. Will submit a pull req when done.
07/28/2015
-
11:36 PM Feature #4898: Allow packages to request syslogd socket to be created inside chroot
- Pull request: https://github.com/pfsense/pfsense/pull/1802
-
- Currently there is no way to run a package inside chroot if it requires logging socket to be located inside chroot. L...
-
- The gateway group with re0 and ppp0 still says " route-to { ( re0 x.x.x.x ) } "
-
- check the output of: ...
-
- My setup for the WAN looks like this:
ISP - switch - Pfsense
If I pull the cable between the ISP and the switch... -
- It shows:
Name: WAN
Gateway: Changes from GW IP to "Dynamic"
Monitor: GW IP
RTT: 0.5ms
Loss: Changes from 0% t... -
- this works, nothing here to indicate a bug. Best to use one of our support resources for assistance first in the futu...
-
- Two WAN connections (re0 and ppp0).
The two gateways are in a gateway group (re0 as tier 1 and ppp0 as tier 2).
Rul... - 06:09 PM Revision 3b6dedf3: firewall_shaper* Conversion complete
- Ready for review
- 04:35 PM Revision d2466d40: Revised javascript on firewall_shaper_vinterface
-
- Fixed by https://redmine.pfsense.org/projects/pfsense-packages/repository/revisions/838a67e8432d882b7f8c3d4a75564ed89...
-
03:44 PM pfSense Packages Feature #4897 (Resolved): Use errorfiles with frontend(s) via UI
- HAProxy currently allows you to define errorfiles for use with backend server pools.
It would be great to be able ... -
03:10 PM Bug #4329: OpenVPN Server returns an error message while validating selfsigned certificate with a deep of 2
- Has this one stalled? It is affecting me too.
Is there a safe workaround?
-
02:27 PM pfSense Packages Bug #4612: syslog-ng creates logrotate cron job, but logrotate doesn't exist
- My mistake, exists for me. Ok, looks like this bug will be squashed as soon as v1.0.7 is out!
-
- It's /usr/pbi/syslog-ng-amd64/local/sbin/logrotate
-
- I have v1.0.6 of the packageinstalled and /usr/pbi/syslog-ng-amd64/sbin/logrotate doesn't exist for me. Will this be ...
-
- Joshua Ruehlig wrote:
> But, logrotate doesn't exist on the system.
logrotate actually does exist. Just elsewhere... -
- Some notes on Kill Bill's observations and the assumptions made by the commit:
* Apply and Revert status cannot be... -
- I reverted the broken commit. Leaving this as resolved for now (though "Needs patch" may be better).
-
- 1/ When you click Test, then click Apply *without* clicking Close on the red banner, it applies the patch, but does n...
-
- Since upgrade to V2.2.4 from v2.2.3 not all dyndns entries are updated correctly.
After a few reboots I've noticed t... -
- https://github.com/pfsense/pfsense-packages/pull/909
Die, PBI, die!!! #$%^@!!! :-X -
- That's still a switch configuration problem. Unless you have a bridge on pfSense involved, you should have "portfast"...
-
- Upon further testing, this issue seems to cause further problems described below when using certain switches that tak...
-
- As mentioned in a previous comment on this ticket, it was rejected because it was a duplicate of #3328.
-
07:27 AM Bug #3794: Re-orderable IPsec
- Issue was fixed in 2.2 why marked as rejected?
Thanks
Robert -
- Well I think I have found something (basically, kernel limits issue), but the hints there are not useful since kern.m...
-
- Alex . wrote:
> I think the problem has accumulated during the work of this system (2.0.x -> ... -> 2.2.4).
2.0.x... -
01:32 AM pfSense Packages Bug #4887: nonexistent lib file - (lightsquid not work)
- OK
Today checked the update from version 2.1.5 to 2.2.4 on a clean system (vmware), everything works. I think the pr... - 02:29 AM Revision 8141416f: Revert "Replace space to tab indentations"
- This reverts commit ff01ab1a7460a6061f2df3f8cf50b744ba5dc912.
-
- Note this is in RELENG_2_2 2.2.4-RELEASE also:
https://github.com/pfsense/pfsense/commit/dea04167b4678353d99b58279fe... -
- The simstate and service fields in your output are the field offsets used by the code, so that is a good start. But t...
07/27/2015
-
- Bump this to make it appear later than the 200 entries Chris just mass-changed. I think this one can be closed as dup...
-
- this is a bug in racoon on Android. Described here. https://wiki.strongswan.org/issues/255 also #4891
not a bug i... -
-
- haven't gotten info to replicate, and no one else has reported same.
Eric: if you can provide specifics to replic... -
- thanks Phil. Agree on getting rid of all the complications here. I went through and tested it all myself too after yo...
-
- For master: https://github.com/pfsense/pfsense/commit/8e24ffdd7a0cea3580f15317275128c6abe924d2
For RELENG_2_2 and 2.... -
- Oops, I put url_port instead of url_ports in that first pull request.
A hopefully better attempt is https://github.c... -
- Forum: https://forum.pfsense.org/index.php?topic=97101.0
It seems I did not consider the url_port alias type when "f... -
- From Diagnostics->DNS Lookup it was reporting stuff from the upstream public DNS for me, as well as 127.0.0.1 so I us...
-
01:16 PM Feature #4883: DNS Fowarder domain overrides
- Today I tried switching from forwarder to resolver and was unable to get resolver to resolve against multiple entries...
-
- yes, true, I misread that as Resolver.
If dnsmasq implements same support, we can definitely implement there as w... -
- 07:42 PM Revision ade65176: Fixed "Save" action
- 07:18 PM Revision 46bb6ced: firewall_shaper_layer7 done
-
- As a temporary measure, I have backed out commit 4d7568404c276ea8fd10583e8d769f5ba82587aa by hand for testing. This, ...
-
- Thank you Chris. Is there anything I could put in via system patches rather than hand editing files?
-
- given the issues with it, I assumed no one could have been successfully using it. Sorry that was a wrong assumption i...
-
- Forgive me for being direct...
The existing solution may not have been proper, but it did work and was very useful... - 05:54 PM Revision 6b7ae4af: Strip any \r when parsing URL table ports file
- If the URL table ports file at the URL specified has lines separated by "\r\n" rather than just "\n", then the code h...
-
-
-
- 05:51 PM Revision 2b869fa1: Strip any \r when parsing URL table ports file
- If the URL table ports file at the URL specified has lines separated by "\r\n" rather than just "\n", then the code h...
-
- 05:47 PM Revision 8e24ffdd: Consider url_port alias type when checking port-type aliases V2
- This time I have typed url_ports correctly.
-
-
04:31 PM Bug #4345: Traffic Shaping doesn't work with Xen netfront driver
- > 2.2.4-RELEASE Now Available
When can we use this?
There are security fixes, which we must have. - 02:41 PM Revision d7b67981: Consider url_port alias type when checking port-type aliases V2
- This time I have typed url_ports correctly.
-
- During boot any urltable_ports type aliases will be loaded from the specified URLs into files in /var/db/aliastables/...
-
- Using LDAP with OUs and 2012 R2 in multiple places. Definitely not a generic issue.
-
- I do not have anonymous binds enabled. I have a domain user & password specified. The tests shows that connect and ...
-
- This should be on the forum first for discussion until/unless a bug is confirmed.
That said, I hit something recen... -
- I have an existing Active Directory domain and I recently added another AD Server in my existing domain. Existing se...
-
- Err... not XML, but tinydns.inc; the point obviously stands, though. (I suspect that beyond /usr/local/bin/svscan, al...
-
- @Michael: These issues won't go away until the PBI shit dies in 2.3. Meanwhile, I looked at the code and the only fix...
-
01:18 PM pfSense Packages Bug #4555: Tiny DNS: Service does not start
- (This is an issue in 2.2.3 as well as 2.2.1)
-
- I started working through the issues, beginning at tinydns.sh
Unfortunately it was taking more time than I have avai... -
- Forum reference for tracking:
https://forum.pfsense.org/index.php?topic=96927.0
https://forum.pfsense.org/index.p... -
- You're on a version that's no longer supported, and there isn't anything here that describes an actual bug (lighttpd ...
-
05:30 AM pfSense Packages Bug #4889 (Not a Bug): pfSense 2.1.5 amd64 with haproxy-devel 1.5.3: (connections.c.277) SSL: -1 5 32 Broken pipe
- Hi,
we have several pfSenses as firewalls with loadbalancing. We're using haproxy-devel for our service, because t... -
- That's a bug in the Android client with strongSwan -- appeal to one or the other to fix it: https://wiki.strongswan.o...
-
11:02 AM Bug #4891: android 5 can't login pfsense 2.2.4 ipsec
- I was upgrade from 2.2.3,it's version also can't connect ipsec by android 5.
I never connect ipsec by android 5.I ca... -
- What version were you on before the upgrade, when it was working?
-
- I use pfsense 2.2.4.The client use Android 5.
I screenshot some pic.You can see some config. -
- Not enough detail here. Should be discussed in a forum thread first to narrow down a specific issue before opening a ...
-
- Hello,
I have upgrade to pfsense 2.2.4.But it's always can't connect it by android 5.
It's have log.
Jul 27 10:4... -
- As already noted on another bug - please, remove the unmaintained, horribly broken and dead Squid2 package. Noone sho...
-
08:17 AM pfSense Packages Bug #4887: nonexistent lib file - (lightsquid not work)
- im using lightsquid with squid3 and works fine on 2.2.4
-
- #squid2
ln -s /usr/lib/libssl.so.7 /usr/lib/libssl.so.6
ln -s /lib/libcrypt.so.5 /usr/lib/libcrypto.so.6
-
- lightsquid not work - nonexistent lib
#perl not work
ln -s /lib/libutil.so.9 /lib/libutil.so.8
#GD not work
l... -
- im having same issue, setting to 0666 works fine
-
- no relation to base version
-
- when squid3 start
warning: chmod() expects parameter 2 to be long, string given in /usr/local/pkg/squid.inc on line ... -
- Files under /var/etc are not meant to be touched by human hands. For persistent files, place them in a location that ...
-
07:53 AM Bug #4890 (Rejected): OpenVPN - File created with ifconfig-pool-persist is destroyed upon system reboot
- +Issue:+ File created with the ifconfig-pool-persist Advanced Configuration option is destroyed upon system reboot.
... - 07:00 AM Revision 645f2fa8: Pkg install error handling and connect timeout RELENG_2_2
- Fixes Redmine #4884
1) Line 778-780 - If the fetch of any of the package additional files
fails then bail out. This p... - 06:57 AM Revision 2da055f0: add a check to avoid foreach on non-array
- 06:57 AM Revision 56fd056b: add a check to avoid foreach on non-array
-
- Note: This seems to have broken url_port alias processing.
See new bug https://redmine.pfsense.org/issues/4888 - 02:29 AM Revision dd03760e: Check if the actual $fieldname element is present in the $a_pkg[$id] array before trying to assign its value. Do same with default_value. Fixes issue where default value was not being populated for newly added fields.
-
- Pull request for RELENG_2_2 https://github.com/pfsense/pfsense/pull/1790
I managed to get an example with it faili... -
-
- has no relation to base version
-
- when ntopng start
warning: Invalid argument supplied for foreach() in /etc/inc/pkg-utils.inc(423): eval()'d code o...
07/26/2015
-
- there were a variety of problems with that implementation. we'll properly implement it in the future.
-
- While I haven't reviewed the strongSwan code, I can attest that operationally auto is not a synonym for IKEv2. I've b...
-
- it being a synonym for IKEv2 was only true of pre-5.x strongswan versions (see my above comment). But still it wasn't...
-
- It would be useful if it was actually auto. It's not. It's a synonym for IKEv2 in strongSwan. Needs fixed upstream.
-
- Hate to disagree, but auto is indeed useful. Removal breaks the ability to mix IKEv1 and IKEv2 mobile clients.
-
- The code that gets "additional files" during package install does not pass failure codes back up to the overall packa...
-
- That certainly works with DNS Resolver (unbound).
https://redmine.pfsense.org/issues/4350
https://github.com/pfsens... -
- you can, add the same domain multiple times.
-
- Within the DNS forwarder under the domain and host overrides it would be a good feature to allow a list of DNS serer ...
-
- You really have pfSense 2.3?
Duplicate of Bug #4555 -
- https://github.com/pfsense/pfsense-packages/blob/master/config/tinydns/tinydns.inc#L77
- 08:20 AM Revision a34e9807: Bring back the ability to specify file and URL as command line arguments. Clean it up a bit.
-
- the 119 to 120 is regarding upnp, i had modified it such that now the user can add multiple user specified permission...
-
- There is a 119_to_120 config upgrade in master, which needs to be double checked, and if fine, bump the config versio...
-
- The root problem is that unbound reload functions (-HUP, unbound-control reload) actually stop, then start unbound. W...
- 12:51 AM Revision 8691632c: Upgrade config to 11.9. Changes IPsec peer ID for EAP types to "any", to retain previous behavior.
- Conflicts:
etc/inc/upgrade_config.inc - 12:45 AM Revision 905205a2: Change the log for CRLs with no data (exists but no certs revoked) to a warning since it's not technically an error.
- 12:41 AM Revision 5e11c6a1: Upgrade config to 11.9. Changes IPsec peer ID for EAP types to "any", to retain previous behavior.
- 12:34 AM Revision c6354005: Change the log for CRLs with no data (exists but no certs revoked) to a warning since it's not technically an error.
- 12:21 AM Revision 29fc0334: Initialize variables
07/25/2015
- 10:00 PM Revision b0994811: Add 'any' option for peer ID, for mobile IPsec scenarios where you can't or don't want to check peer ID.
- Conflicts:
usr/local/www/vpn_ipsec_phase1.php - 09:58 PM Revision 9a2bec12: Add 'any' option for peer ID, for mobile IPsec scenarios where you can't or don't want to check peer ID.
-
10:27 AM Feature #1831: Captive portal IPv6 support
- Hi,
I just stumbled over this ticket after trying to find the reason for IPv6 not working in my guest WiFi. Since ... -
09:50 AM Feature #4881 (Resolved): Allow NPt to use dynamic IPv6 networks
- It would be very helpful to allow NTp to be used with dynamic IPv6 connections.
-
- thanks
-
- Fixed with the above pull req. Thanks.
-
- 1/ All settings lost on reinstall/upgrade. After reinstall, I'm left with this in config.xml...
-
- thanks doktor
-
- This should be fixed now.
-
02:44 AM Todo #4672: Update igmpproxy to latest version
- p.s. just in case it wasn't obvious, you still need to update igmpproxy to version 0.1 - the above just relates to en...
-
- I've updated the post. There's a better way. Rather than creating igmpstart.sh, you can just edit the line in the s...
- 02:05 AM Revision ff01ab1a: Replace space to tab indentations
- 01:29 AM Revision b11eea17: Remove unused variables
- 01:15 AM Revision 10da4aea: Remove unused variables
-
- https://github.com/pfsense/pfsense/pull/1784
Dunno why this needs to be logged or what kind of debugging is this s...
07/24/2015
-
- yeah, done. Thanks
-
- Plus it's already done.
-
07:30 AM Feature #4171: Allow for one rule to apply to both ipv6 and ipv4 to allow all protocols.
- I think this was already requested in #3367
-
- this was done in an earlier 2.2.x release
-
- 06:12 PM Revision 7903dd5e: Tree javascript lib added to repo
-
- Yes, you are right. There is a bit of duck-and-weave in the changes there to save the previous strings, get the $POST...
-
- thought I'd submitted this yesterday but was still sitting here.
Thanks Phil. Assuming testing checks out fine, we'... -
12:18 PM Bug #4817: rc.start_packages: Restarting/Starting all packages on config sync
- Well to correct my own typo and partly answer my own question therein:
'_Is_ this just down to using OpenVPN, becaus... -
- https://github.com/pfsense/pfsense/pull/1782
This is one possible quick-and-dirty pragmatic way to fix this. Increme... -
- file_notice() keys its entries by the Unix time() stamp that is only to the second. If the system wants to notify the...
-
- https://github.com/pfsense/pfsense/pull/1783
has a suggested solution. -
- For example:
LAN 192.168.1.1/24 with DHCP pool 192.168.1.100-192.168.1.199 working fine.
OPT1 192.168.2.1/24 with D... -
- Kill Bill wrote:
> That /usr/pbi/ntopng-amd64/bin/ntopng-geoipupdate.sh is definitely not a shell script, plus it do... -
- ...
-
08:17 AM Bug #4298: Excessive errors from snmpd
- We are also experiencing the same issue. When doing snmp walk's against the pfsense firewall we get timeout's at diff...
-
04:19 AM Bug #4850: RRDGraphs suddenly stop recording
- http://clickmy.website pfsense config-router.thedesignspace.org-20150724095531.zip
Dear Chris and others,
Many th... - 04:09 AM Revision f674922e: Lower LoginGraceTime to 30s, should be plenty long for users, and mitigates the password login attempt bypass bug in OpenSSH. Ticket #4875
- 04:07 AM Revision 29f5f85e: Lower LoginGraceTime to 30s, should be plenty long for users, and mitigates the password login attempt bypass bug in OpenSSH. Ticket #4875
- 03:58 AM Revision 26ab9c1a: Display monitor IP on Gateways widget
- This version is for system patches to 2.2.4 systems
-
- Perhaps also this (copied from pfBNG update log) - really cannot see how I'm hitting the 10M limit here....
-
- Reference: https://forum.pfsense.org/index.php?topic=95989.0...
- 12:56 AM Revision 8e3c8f53: Bump to 2.2.4-RELEASE
07/23/2015
-
- fixed
-
- strongswan 5.x versions do have a concept of 'auto' in that they'll accept either v1 or v2 as responder, use v2 only ...
-
- removed, and upgrade code added to convert. Should be good now.
-
- With "Key Exchange version" set to Auto in IPsec Phase 1, the Mode setting is set to Main in the GUI even if Aggressi...
-
- if/when it gets fixed upstream we'll patch it. You have the same option that everything else does - disable password ...
-
- Have you actually tested this? Because, mind you, you'll get banned from the firewall: https://doc.pfsense.org/index....
-
08:36 PM Bug #4875: Security issue with OpenSSH "ChallengeResponseAuthentication yes" (implies KbdInteractiveAuthentication yes)
- Current workarounds are:
1) Do not allow password authentication for ssh. The default setting for sshd in public k... -
- http://www.infoworld.com/article/2951100/security/bug-exposes-openssh-servers-to-bruteforce-password-guessing-attacks...
- 11:17 PM Revision 021a97b5: Only omit rightid for PSK mobile types. Flip the logic here as the 2_1 !
- logic gets ugly.
- 11:15 PM Revision 6d86e659: Only omit rightid for PSK mobile types. Flip the logic here as the 2_1 !
- logic gets ugly.
- 08:03 PM Revision bdd9efb3: change iketype auto to ikev2 on upgrade. Ticket #4873
- 08:02 PM Revision e7f4a964: change iketype auto to ikev2 on upgrade. Ticket #4873
- 07:47 PM Revision 4d756840: Remove "auto", it's just a synonym for IKEv2. Ticket #4873
- Conflicts:
usr/local/www/vpn_ipsec_phase1.php -
- thanks Paul
-
- Duplicate of #4062
-
- This also broke functionality in diag_ping and diag_testport pages.
- 07:43 PM Revision 47f80269: Remove "auto", it's just a synonym for IKEv2. Ticket #4873
- 07:34 PM Revision c03512f5: include vpn.inc so IPsec CRL reload works. require_once filter.inc in
- vpn.inc for callers there that haven't already included it.
- 07:31 PM Revision 0dea741f: include vpn.inc so IPsec CRL reload works. require_once filter.inc in
- vpn.inc for callers there that haven't already included it.
- 06:38 PM Revision d17c4ee9: Fix spaces
- 06:38 PM Revision b28e1512: firewall_shaper_queues completed
-
- The RSA cases are no longer skipped, and work correctly now. Commits (didn't tag this ticket since it's private):
h... -
-
06:04 PM
pfSense Packages
Bug #4857: Cannot install squid3 on pfsense 2.2.3
- Reinstalled pfsense from scratch using the config.xml backup I had previously created, and ended up in the same situa...
-
- the issue will be addressed at some point. The complication is you can't just not restart in that circumstance, as th...
-
- Here is the output:
[2.2.3-RELEASE][root@home3-fw.localdomain]/tmp: usbconfig
ugen0.1: <OHCI root HUB 0x8086> ... -
- What is in /tmp/3gstats.* ?
and what is the output of:
usbconfig
?
Those things are used by function get_interf... - 03:38 PM Revision 806942d0: Final changes on firewall_shaper ??
- 03:19 PM Revision 9ddd492c: Javascript changed to jQuery
-
- Seems to be fairly rare, but there is a potential crash in pf that has been hit at least once:...
-
- fixed
-
- looks good, works with IPsec now, and still works with OpenVPN. want to get additional feedback and testing before cl...
- 01:37 PM Revision aef9d8fe: Partial converson
-
-
-
- this should be fine. I'm going to make sure my LTE card works (in a few hours, it's at home), then this should be goo...
-
- Thanks for the follow up. Should only run 64 bit on 64 bit hardware. Whatever issue there is something in FreeBSD rat...
-
11:29 AM Bug #4871: Boot loop on older hardware when installing latest Version.
- Just tested the 64Bit LiveCD Installer Version and this works fine (2.2.3)
-
- When I install pfSense on my Dell Optiplex 320 (Pentium 4), the installation runs fine till the reboot question at th...
-
10:18 AM Bug #4872 (Duplicate): GRE tunnels on CARP endpoint doesn't get started at boot
- GRE tunnels doesn't get started at boot.they dont have the running flag. If i login to the console and do a ifconfig ...
-
- Well, there's no media info on pppoeX, not sure what you want to display there. Just run ifconfig and see for yourself.
-
- This might be related to commas coming back in the status information. So maybe it is fixed with:
https://github.com... -
- i managed to trigger it again on the same box and got the config file, can u give me ur mail id so i can send the con...
-
- actually few months back when i opened this ticket, i had sent the config file and Chris and way to replicate, cant s...
-
- @Bipin - I just fixed a different issue https://redmine.pfsense.org/issues/4568 where some things the interfaces.php ...
- 05:34 AM Revision d55f6326: Most of the flowtable bits were removed some time ago, take out the last of them too.
-
- https://github.com/pfsense/pfsense-packages/pull/904
- 05:32 AM Revision b0deba23: Most of the flowtable bits were removed some time ago, take out the last of them too.
- 05:21 AM Revision 6141f51a: When a CRL is updated, refresh strongswan's CRLs.
- 05:20 AM Revision fa944e1d: When a CRL is updated, refresh strongswan's CRLs.
- 02:59 AM Revision 85cf3f4f: Merge pull request #1775 from phil-davis/Interfaces-Widget-2-2
- 02:57 AM Revision 241c48ef: Add isset check for strictcrlpolicy
- To be consistent with the checks in the rest of this code.
- 02:57 AM Revision 1d3c9c9f: Merge pull request #1778 from phil-davis/patch-1
-
- Actually I looked at the code more and option (d) was easy to do and seemed reasonable. Pull request https://github.c...
- 12:54 AM Revision a95acf12: Add isset check for strictcrlpolicy
- To be consistent with the checks in the rest of this code.
-
- Pull request submitted:
https://github.com/pfsense/pfsense/pull/1779
07/22/2015
-
- Please post to the forum for assistance. This doesn't meet criteria for a bug report. https://doc.pfsense.org/index.p...
-
- Bandwidth Limiter is not Working Properly.
-
- Note: both Local IP, subnet and Gateway fields are lost for all but the first of multiple interfaces selected for MLP...
-
- The problem is at line 929 in the configs above. The alias did not get renamed in the outbound rule. That has been fi...
-
- Commits for master to finally get the all-singing all-dancing version of the glob:
https://github.com/pfsense/pfsens... -
- Thanks, I understand what you're saying now.
There's a reason things are the way they are - iOS and similar Cisco... -
11:40 AM Bug #4825: Mobile client IPsec config omits peer identifier
Don't have the 2.1 config around anymore, sorry. But I do not think it is necessary.
In
https://github.com/pf...-
- merged that one as well, thanks Phil!
-
- Pull request https://github.com/pfsense/pfsense/pull/1775 for RELENG_2_2
-
-
- Commit for master: https://github.com/pfsense/pfsense/commit/a607968ab4fbfc5fa3baf6ce6282065e22b81847
Commit for REL... -
- Also if you select some debug level settings when saving the very first time, then those are not actually saved.
T... -
- On a system that does not have IPsec enabled, go to VPN->IPsec, Advanced Settings tab and press Save (leave all the d...
-
- the only use for $output is as a temp variable to hold the imploded array, which is used in the following sprint and ...
-
- style changes per @rbgarga
- 08:10 PM Revision bfc1c4b0: make the IPsec bypass LAN from LAN subnet to LAN subnet rather than from
- LAN subnet to LAN IP. Same end result except it'll work for VIPs on same
interface now. - 08:08 PM Revision 699e2074: make the IPsec bypass LAN from LAN subnet to LAN subnet rather than from
- LAN subnet to LAN IP. Same end result except it'll work for VIPs on same
interface now. - 08:03 PM Revision df4de32d: Add IPsec advanced option for strict CRL checking
- 08:03 PM Revision 7361628b: Add IPsec advanced option for strict CRL checking
- 06:32 PM Revision cc31dc7a: fix typo
- 06:31 PM Revision 0be67fe5: fix typo
- 06:24 PM Revision b3bcc729: Handle IPsec Advanced Settings save before IPsec is enabled
- If the Advanced Settings are saved before any other IPsec is set up then $config['ipsec'] can be just the empty strin...
- 06:22 PM Revision 3453cbfc: Merge pull request #1777 from phil-davis/patch-1
- 06:06 PM Revision 14ec7c4b: write out built-in CRLs for strongswan
- 06:05 PM Revision 5bded426: write out built-in CRLs for strongswan
-
04:39 PM pfSense Packages Bug #4868: excessive Quagga package restart when IP change
- Fantastic! Works fine. Thanks.
This patch will it be implemented in a future release? -
- http://files.pfsense.org/jimp/patches/skip_restart_for_routing_packages-2.2.2.patch
-
- Already mentioned on this thread one year ago :
https://forum.pfsense.org/index.php?topic=80262.0
Quagga/OSPF ser... -
04:39 PM pfSense Packages Bug #4869 (Duplicate): TinyDNS services fail to start in pfsense 2.3
- I have been trying to install abd run TinyDNS into pfsense 2.3 but it does not seem to setup correctly.
From the l... -
- Codel patch is being reviewed
-
05:31 AM Bug #4692: CODELQ scheduler defaults to incorrect "target" and "interval" values.
- Good to hear.
There are two different methods of employing codel.
1. Where codel is the one and only scheduling... -
05:14 AM Bug #4692: CODELQ scheduler defaults to incorrect "target" and "interval" values.
- Kieran Cawthray wrote:
> As far as I can see, the interval is correctly set to 100 on both the 20150721 and 20150719... -
- As far as I can see, the interval is correctly set to 100 on both the 20150721 and 20150719 nightly builds, the targe...
-
- fixed
-
- 31ae45d2535e73f58b307f18227ba29a9061d2af looks good to me.
keyid might deserve some quotes, too, but that's propa... -
- Fixed, please try next snaps
-
- Checking
- 01:51 PM Revision a607968a: Handle IPsec Advanced Settings save before IPsec is enabled
- If the Advanced Settings are saved before any other IPsec is set up then $config['ipsec'] can be just the empty strin...
-
- There is no /conf so loading the config fails when booting the ISO, as do several other install-related tasks.
It'... -
- the values that were originally under System>Advanced (of which MSS clamping is the only remaining) are within system...
-
07:39 AM Bug #4864: IPsec MSS clamping not backed up in IPsec partial backup
- My pfSense installation is running the current 2.2.4 development and the problem is that the Maximum MSS is being bac...
-
- There are some fixes to the way the "Enable bypass for LAN interface IP" check-box is handled that are coming in 2.2....
-
- Maximum MSS (probably all in the Advanced settings in the VPN IPsec) is not being backup in the XML file.
-
08:55 AM Feature #4863 (Assigned): Add support for Sierra MC7355
- Try to get patch into 2.2.4,, but don't hold up release.
-
02:10 AM Feature #4863 (Resolved): Add support for Sierra MC7355
- Support was added to pfSense version 2.2.3 for Sierra MC7354 hardware modem. Request to add MC7355 Product ID due to ...
-
08:39 AM Bug #4866 (Resolved): L2TP server are restarted after adding/modifying L2TP users (mpd.secret)
- Full daemon restart is useless since mpd reads mpd.secret on the fly (as I can uderstand from mpd4's code). One probl...
-
- Emailed you my findings.
- 05:08 AM Revision d97992c7: Interfaces widget use more obscure separator RELENG_2_2
- Redmine #4859 fix for RELENG_2_2
- 04:54 AM Revision fcb477c0: Merge pull request #1774 from phil-davis/interfaces-widget
- 03:51 AM Revision 9cbdb6e3: Interfaces widget use more obscure separator
- when acquiring the interface data. In particular the media information
can have commas in it already as reported in R... - 12:25 AM Revision 8c378f3f: Unset old CA and Cert in left system config
- Unset any old CA and Cert in the system section that might still be there from when upgrade_066_to_067 did not unset ...
- 12:25 AM Revision 909d9ec1: Merge pull request #1770 from phil-davis/patch-1
07/21/2015
-
- thanks Phil. Merged to master, doesn't cherry-pick clean to RELENG_2_2 because of style diffs. Not difficult to fix, ...
-
- Yes, it was an easy fix. Comma was being used to separate the various interface data items and that data also had a c...
-
04:09 PM Bug #4859 (Resolved): Cosmetic dashboard issue with bce/bge interfaces
- When running bce/bge interfaces directly connected (e.g. a sync interface between cluster members) one of the ports n...
-
- thanks Armin. Emailed you back for feedback.
-
- fixed
-
- I probably fixed this by coincidence (didn't recall this ticket existed until now) earlier today. I think what Adam's...
-
- thanks for the config. I deleted it from here since there are potentially sensitive things in it and added it to a pr...
-
- duplicate of #4508
-
- The MailScanner is release Stable v4.85.2-3
-
- Hello,
The package MailScanner can't start on pfsense 2.2.3,Could fix in next release? -
08:47 PM pfSense Packages Bug #4862 (Needs Patch): HAVP won't start
- I'm unable to get HAVP to even start. I have attached screen shots. Below are system logs filtered on HAVP. Also, I h...
-
- CRLs generated by the built-in certificate manager should include authorityKeyIdentifier. This was changed in openssl...
-
- Renato Botelho wrote:
> Ben Cook wrote:
> > I think there is already a (newer) patch merged, but according to a few... -
- Ben Cook wrote:
> I think there is already a (newer) patch merged, but according to a few sources, the patch is not ... -
- I think there is already a (newer) patch merged, but according to a few sources, the patch is not working.
http... -
- Pull request has been merged. Thanks!
- 06:05 PM Revision 564f1356: Unset old CA and Cert in left system config
- Unset any old CA and Cert in the system section that might still be there from when upgrade_066_to_067 did not unset ...
- 04:51 PM Revision ebd900f9: Allocate dnpipe and dnqueue numbers even if no filter rules
- It would be quite unusual to have no filter rules array, but if that is indeed the case then the first part of this c...
-
- 04:41 PM Revision 2abf33ed: Captive Portal zoneid upgrade fix var name typo
- With the typo, this empty() test would always have been true. So maybe on upgrade some existing captive portal zoneid...
-
- 04:27 PM Revision 55fae310: Captive Portal zoneid upgrade fix var name typo
- With the typo, this empty() test would always have been true. So maybe on upgrade some existing captive portal zoneid...
- 04:02 PM Revision 34823356: Allocate dnpipe and dnqueue numbers even if no filter rules
- It would be quite unusual to have no filter rules array, but if that is indeed the case then the first part of this c...
- 03:33 PM Revision 661de3e7: Unset old CA and Cert in system config
- This looked odd. Why would we leave behind the old "ca" and "cert" section in $config["system"]?
I guess it would do ... -
-
-
-
-
08:25 AM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic
- I'm still seeing the issue after upgrading to 2.2.3. NAT with limiters means no traffic. Once the rule is saved with ...
- 05:34 AM Revision 34cd5348: Reverting this for master, needs review in context of uniqid changes. Opening redmine ticket. Revert "sync up rc.carpmaster with RELENG_2_2. Ticket #4854, plus removal of unnecessary loop that'll amplify notifications unnecessarily."
- This reverts commit 401adacfefbc6006bc2270ccc1640e1b15f767c1.
- 05:33 AM Revision f3dadbb4: Going back to prior to earlier commit. Revert "fix indent my editor broke in an earlier commit."
- This reverts commit 948bbc9baf77b47e636c904faf677a698c13a293.
- 05:22 AM Revision f5b37588: fix indent my editor broke in my earlier commit
- 05:22 AM Revision 948bbc9b: fix indent my editor broke in an earlier commit.
- 04:50 AM Revision 66ed8787: Add IPsec IKE Intermediate EKU to server certificates. The serverAuth EKU already added suffices for Windows clients, though strongswan docs suggest setting this as well.
- 04:46 AM Revision 68ebb884: Add IPsec IKE Intermediate EKU to server certificates. The serverAuth EKU already added suffices for Windows clients, though strongswan docs suggest setting this as well.
- 01:21 AM Revision ed226521: Specify keyUsage and extendedKeyUsage in openssl.cnf, use crl_ext.
- 01:20 AM Revision b27567ca: Specify keyUsage and extendedKeyUsage in openssl.cnf, use crl_ext.
-
- works
-
- works
-
- Now I'm confused that I was looking at something different from what you were referring to. Could you share your 2.1....
-
- The changes made in 89f171b052fbe72aed654d2a1c3d5a24e9bf9902 need review and completion. Need to verify OpenVPN bound...
07/20/2015
-
07:44 PM
pfSense Packages
Bug #4857: Cannot install squid3 on pfsense 2.2.3
- Other than the multiple errors I dont really understand, I have worked on the two file permission errors:
# Cannot... -
07:36 PM
pfSense Packages
Bug #4857 (Not a Bug): Cannot install squid3 on pfsense 2.2.3
- I have tried migrating from squid2 to squid3 because I was having issues with squid2 and package repos, and trying to...
-
12:05 PM Bug #4856: Traffic Shaper blocks traffic when the config is otherwise changed
- I can give a config if required (see attached file), but the problem is that the issue appears often enough for me to...
-
- Going to need more to go on here, the case as described isn't replicable. Like a specific set of steps, start with th...
-
- When changing a firewall or NAT rule, or converting a NAT rule to loadbalancer (or potentially other firewall-related...
07/19/2015
-
04:21 PM Bug #4418: IPsec mobile clients - bogus "p" appended to search domain
- Just happened to have the same problem. DNS in OS X client and Apple IOS client does not work.
Running pfSense 2.2.3... -
- Just happened to have the same problem. DNS in OS X client and Apple IOS client does not work.
Running pfSense 2.2.3... -
- Duplicate of #1835
-
11:09 AM Revision 99f89b04: Fix caps
-
- Clarify that this applies to DNS Resolver as well. Update the translations template.
-
- Clarify that this applies to DNS Resolver as well.
-
- Clarify that this applies to DNS Resolver as well.
-
-
- Some quick mockup here: https://github.com/pfsense/pfsense/pull/1767
-
-
- Pull request has been merged. Thanks!
-
-
- This has been fixed by https://github.com/pfsense/pfsense/commit/eb0287e96f01ea0880d3ccce762d6880b2b44792
-
- I don't understand what you mean. The problem is that even though you configure a remote identifier, which e.g. might...
-
12:56 AM Bug #4855 (Resolved): GroupManager stops working with LDAP after (something?), /usr/sbin/pw exiting w/error
- I'm not sure I can reproduce this issue, but the system is still up.
I'd renamed / created/ removed / created some...
07/18/2015
-
-
- Clarify that this applies to DNS Resolver as well. Update the translations template.
-
- Clarify that this applies to DNS Resolver as well.
-
- Clarify that this applies to DNS Resolver as well.
-
- 05:17 PM Revision 205178aa: Switch logic of $disabled tests system_gateways
-
-
-
- Jim P wrote:
> It does act as a responder now rather than an initiator, but it would be nice to have a selector on P... -
- 03:58 PM Revision 49fc1967: Really avoid error loading rules for numeric host name in alias
- Create a host-type alias. Put just a number in "IP or FQDN" - e.g. I made alias name "Zqw" and a single host "23". Th...
-
-
-
-
- Kill Bill wrote:
> The DHCP/DHCPv6 stuff was meanwhile fixed, apparently. System - General Setup and the Captive Por... - 01:37 PM Revision 561cc25d: Modal - refactored using new attributes
- refs #30
- 01:37 PM Revision 566885d5: Merge branch 'psophis-modal' into bootstrap #30
- 01:36 PM Revision 2d05ff20: Merge branch 'modal' of git://github.com/psophis/pfsense into psophis-modal
-
- Applied in changeset commit:028ff8f8a3d7c09ee5604d6f3eadcdaaef1610c7.
-
- Pull request has been merged. Thanks!
-
-
- Pull request has been merged
-
- Pull request has been merged
-
- ... so that people can get useful descriptions in the System Logs - Firewall GUI, instead of useless tracker numbers....
-
- ... so that people can get useful descriptions in the System Logs - Firewall GUI, instead of useless tracker numbers.
- 09:40 AM Revision 401adacf: sync up rc.carpmaster with RELENG_2_2. Ticket #4854, plus removal of unnecessary loop that'll amplify notifications unnecessarily.
- 09:24 AM Revision 6eb52093: Handle OpenVPN bound to gateway groups using CARP IPs in rc.carpmaster/backup. Ticket #4854
-
- looks to be fixed with what I just pushed
-
- OpenVPN bound to a gateway group specifying CARP VIPs stops when CARP goes to backup status, but doesn't start when r...
-
- Fixed by https://github.com/pfsense/pfsense-packages/commit/2dd0d10d8eb7e9208cd0a02fa6ee02d47a554a8f
-
- thanks, yeah that was fixed in 2.2.0
-
- Works.
-
- The original issue here was fixed in 2.2.3.
The issue Grzegorz and Cullen noted is separate. Opened #4854 for tha... -
- Going to need more details, not a general issue anywhere along those lines. Anything RRD-related in the system log? I...
07/17/2015
-
- fixed
-
- works
-
- Applied in changeset commit:faaab0885d68e6422885e1c3d56985992e909474.
-
- Applied in changeset commit:e4b7410b9bc3622cee6797588a7d5a685d4d759e.
-
- Should be fine to s/\/emailAddress/, E/ on asn1dn when doing config upgrade from 2.1.5
-
- there are a variety of problems along these lines with slow flash that aren't safely fixable. Leaving permanently rw ...
-
- fixed
-
- fixed
-
- fix pushed
-
- When binding outgoing-interface in Unbound to a CARP IP, you end up with an invalid config with a line like: ...
-
- The GUI should show descriptions according to what's selected from the dropdown, but currently does not for URL Table...
-
- The GUI should show descriptions according to what's selected from the dropdown, but currently does not for URL Table...
- 07:29 PM Revision 0958dde1: firewall_schedule_edit.php Conversion complete
- Ready for review
-
- Thanks Chris! We'll get this integrated for 2.3.
-
- - Do not add leftid to confir when value is empty
- When asn1dn param is in binary form, explicit type
- Always add d... -
- - Do not add leftid to confir when value is empty
- When asn1dn param is in binary form, explicit type
- Always add d... - 06:01 PM Revision c37ffea8: only add outgoing-interface if it's an IP. Ticket #4852
- 06:00 PM Revision 4df4c7d6: Only add outgoing-interface if IP. Ticket #4852
- 05:20 PM Revision dd07956c: Really avoid error loading rules for numeric host name in alias
- Create a host-type alias. Put just a number in "IP or FQDN" - e.g. I made alias name "Zqw" and a single host "23". Th...
-
- See screenshot. Note that what's selected from the dropdown does not match what's shown below, unlike for the rest of...
-
- Please try next round of snapshots
-
- The issue doesn't affect left side because leftid is overwritten by strongSwan when leftcert is defined.
I'm worki... -
08:41 AM Bug #4792: IPSec ASN.1 DN needs double quotes in config file
- Hold on... The real issue here (as explained in the first comment) is the mishandling of the peer id type for the new...
-
- this looks to be fixed.
-
- - Add a upgrade code to fix asn1dn string format to match strongSwan needs
- Bump config version to 11.8 -
- - Add a upgrade code to fix asn1dn string format to match strongSwan needs
- Bump config version to 11.8 -
-
- Duplicate of Bug #4369
-
04:47 AM Bug #4851 (Duplicate): proxy settings not honored / cannot work with proxy
- Hi,
when I configure an http proxy under System / Advanced / Miscellaneous, some functions do not use the proxy:
... -
-
- I found the dumb error in my previous attempt. This pull request works for me on a system with a mix of nested host/n...
-
- Been using the same setup for 2 years and no configuration changes but the update to 2.2.3-RELEASE (i386) however sus...
-
02:59 AM Bug #4848: The remote gateway "ip-adres is already used by phase1 "name of phase 1"
- "If interface and remote are the same as an enabled connection, it triggers that validation." <- This is what I did. ...
-
- Chris Buechler wrote:
> Armin: could you get me a copy of your config? Can email to cmb at pfsense dot org with refe... -
- Still not replicable doing same. Doesn't seem to be anything wrong here. Maybe an edge case of some sort I'm not repl...
-
- Looks like left/rightcertpolicy is the only option here. Generally a non-issue because people generate a CA just for ...
-
- As I replied back on your forum thread last month, that's not true. Source IP selection is handled automatically, and...
07/16/2015
-
11:38 PM Bug #4849 (Not a Bug): ipsec: keepalive not working; wrong source ip used
- While debugging ipsec tunnels between two pfsenses I noticed that using ping on the command line does not work out of...
-
- The issue as described isn't replicable. You get the same error in that described circumstance. The check there is fo...
-
- If you clone (copy phase 1 entry) a "phase 1" IPsec connection and only change the "P1 Description" and hit the save ...
-
- The issue's been around since the inception of CARP in 2003, so yeah not likely this is going to change in the near f...
-
- That other ticket ended up not being related to this, it was a different issue. In that case the "link" was lost from...
-
- If that's the case, you are right. The only way I can see this working is sending both sending their 'status' via the...
-
- We noticed this at one point back in 2012 or so and I swear we already had a ticket open but couldn't find it. It's r...
- 10:24 PM Revision a296286b: Revert "myid_data and peerid_data fields are not relevant with asn1dn."
- This reverts commit 0e19c4bba659a5f4d28f9c8b20c80717a90964b9.
- 10:22 PM Revision d6908784: Contrary to some reports this is actually usable in some cases, just not
- mandatory. Revert "myid_data and peerid_data fields are not relevant with asn1dn."
This reverts commit b8754cc85db7e... - 10:17 PM Revision 0e19c4bb: myid_data and peerid_data fields are not relevant with asn1dn.
- Conflicts:
usr/local/www/vpn_ipsec_phase1.php - 10:16 PM Revision b8754cc8: myid_data and peerid_data fields are not relevant with asn1dn.
-
07:50 PM Todo #4847: NanoBSD Image Flash Block Misalignment
- Want to add while I'm here, in case some don't read the linked thread. Per the very first reference listed, the begin...
-
- I completely agree.
I would also love to hear about any examples of systems that can currently run pfSense 2.2, bu... -
- Keith Hough wrote:
> Are there any systems you know of that can boot from NanoBSD slice 1, but fail to boot from sli... -
- The boot code and MBR partition tables would remain where they are, in sector 0 / 1. If a system was going to have is...
-
12:36 AM Todo #4847: NanoBSD Image Flash Block Misalignment
- only problem here (assuming it works, and is useful) is that setting to sector 2048 probably renders a lot of old har...
-
- Keith Hough wrote:
> start that partition on sector 64, rather than sector 63 (default) as it is now.
Got ahead o... -
- The upgrade scenario for NanoBSD...
In the research I've done, as far as moving the entire MBR partition down by o... - 07:03 PM Revision 693c13cb: Restrict serial ports glob to cua followed by alpha
- Improve this a little more to match only alpha after /dev/cua (/dev/cuau for example)
- 07:03 PM Revision 3eed76d7: Make serial ports glob cope with many more possibilities
- It originally coped with things like cuau1 cuau1.1
Then I made it cope with things like cuau1 cuau11 but it stopped w... -
-
- 04:45 PM Revision 348c7c87: Remove old, unused NetUtils.js
- 04:44 PM Revision 088af065: Remove old, unused NetUtils.js
- 03:50 PM Revision 8235e730: Restrict serial ports glob to cua followed by alpha
- Improve this a little more to match only alpha after /dev/cua (/dev/cuau for example)
-
08:30 AM
pfSense Packages
Bug #4295: stunnel not working in Release 2.2
- Applied in changeset commit:06a66c936672073525ea2626b85ccc42db104f16.
-
- Updated to 5.20 and fixed for 2.2.x
-
07:38 AM pfSense Packages Feature #1973: Update siproxd to v0.8.1
- now in ports, please update? https://www.freshports.org/net/siproxd/
-
- Fixes are on ports tree - https://svnweb.freebsd.org/ports?view=revision&revision=392293
- 05:07 AM Revision 72b28115: Make serial ports glob cope with many more possibilities
- It originally coped with things like cuau1 cuau1.1
Then I made it cope with things like cuau1 cuau11 but it stopped w...
07/15/2015
-
- The change for NanoBSD would be implemented in the build system. The fdisk command that creates the initial MBR parti...
-
- pfSense NanoBSD images are not flash block aligned. This causes significant slowdown during extended write disk activ...
-
- Done: https://redmine.pfsense.org/issues/4847
Thanks Chris. -
- all my comments were re: rw->ro mount time.
Keith, Phil's suggestion to open a todo including those references is... -
- I am happy with the way it is now for 2.2.4. At least it is reliable, even if the speed varies on different cards of ...
-
- Chris, I'm not sure if you are referring to the alignment issue or the remount issue only effecting 1 of the CF / SD ...
-
- Updated subject to reflect the root of the issue. Of a whole stack of various CF and SD cards I have here, there is o...
-
- Works here too. added #4846 todo to remove from pfports when fixed upstream.
-
- This is all fixed now. Current snap is OK. DHCPd is running and a client behind obtains a delegation.
Do we want t... -
- This check was also removed, please try next round of snapshots
-
- It's better but still fails in a related way. There is an additional check that needs to be patched out:...
-
- Patch applied to dhcpd-server
-
- As soon as ISC puts out a release with the prefix6 issue from #4829 fixed, we need to remove our copy from pfports.
-
- there is an issue here, but not as described. opened #4845 for the root issue.
-
- Hi,
I followed the guides on the pfsense portal and also the pfsense Gold book.
Using 2.2.3, at the testing sta... -
- Take a basic WAN and LAN setup, one CARP IP on each interface. If WAN's NIC loses link, the secondary system takes ov...
-
- This reverts commit 81a73bcba3b3a79bb3a7add2e14a46e6af748f50.
-
- This reverts commit 6605035f9d2a04d1d4b724f6e993bc3f5c6d173d.
-
- Looks good now.
-
- I reverted that commit.
-
- Port aliases are non-functional on 2.2.4 snapshots, they appear in rules.debug as empty lists and then the rules fail...
-
- Create a host-type alias. Put just a number in "IP or FQDN" - e.g. I made alias name "Zqw" and a single host "23". Th...
-
07:58 PM Bug #4843 (Not a Bug): Traffic Shapper Wizard
- The traffic_shaper_wizard_multi_all.xml appears to be creating a qLink queue in the incorrect hierarchy for the Lan q...
-
07:40 PM Feature #4133: Add GUI setting for VLANs PCP
- I tested this patch using 2.2.3-Release:
* https://github.com/pfsense/pfsense-tools/compare/pfsense:RELENG_2_2_3..... -
- I just discovered the same 'problem', but with a more usual set-up. Sync is from primary to secondary, but secondary ...
-
- 04:40 PM Revision dea04167: Display any advanced DHCP server settings RELENG_2_2
- Cherry pick of https://github.com/pfsense/pfsense/commit/90ad3a76edae543bcc63252b14660ac4baee291e
-
- 03:56 PM Revision 3e415478: Cancel button after input error for RELENG_2_2
-
-
- Thanks! Tested the change and things look good.
-
- Pull request has been merged
- 03:05 PM Revision f8bcdede: Fix issue_ip_type var name spelling
- Actually there was no real problem, but having a mis-spelling like this means that English speakers will waste time (...
-
- 03:04 PM Revision 4433cf85: Firewall Aliases Import display error message for invalid alias name
- If you open firewall_aliases_import and enter just an invalid Alias Name (e.g. a$b) and press save or press save with...
-
- 03:01 PM Revision 043e61ee: Firewall Aliases Edit ensure input_addresses array exists
- If you click "+" to add an alias, then press Save without entering anything, you get:
Warning: Invalid argument suppl... -
-
- thanks
-
- Yeah, this is available in pfBlockerNG (Advanced Inbound Firewall Rule Settings). This can be closed.
-
- Hmmm, would seem to me that the "Raw Config" feature lets you enable just about anything?
https://github.com/pfsen... -
- yeah this was done at some point
-
- Well, the PBI is 0.6.6.2_1 which is latest available port, can be closed.
- 01:44 PM Revision 6605035f: Avoid error loading rules for numeric host name in alias
- Create a host-type alias. Put just a number in "IP or FQDN" - e.g. I made alias name "Zqw" and a single host "23". Th...
-
- 01:38 PM Revision 6b30491f: Interfaces GIF Edit fix do_input_validation
- Make the required fields be correct and match thier text names, which should each have their own gettext() cal so as ...
-
- 01:30 PM Revision e3a5f487: Interfaces GRE Edit fix required fields text
- The reqdfields had only 4 entries but reqdfieldsn has 5 entries and the field names to text descriptions did not matc...
-
- 01:19 PM Revision 0d9fe84b: Interfaces PPPs edit avoid foreach() warning
- If you go to Interfaces, assign, PPPs, press "+" to add an entry, then press Save without entering anything then you ...
-
-
-
- Need to update AES-GCM and AES-NI from FreeBSD -HEAD.
-
-
12:16 PM pfSense Packages Bug #4561: siproxd listening port redirect rule pulling wrong tag from <siproxdsettings> (config.xml)
Thank You!
Saw this and reported on the forum back in 2011.
https://forum.pfsense.org/index.php?topic=43213.m...-
- Pull request has been merged
-
- Pull request has been merged
-
- Pull request has been merged
-
-
- 1.9.14 is pfSense package version, not the upstream release version.
-
06:39 AM pfSense Packages Bug #4839 (Not a Bug): Version of squidGuard on pfSense 2.2
- The squidGuard version information in pfSense 2.2 is as 1.9.14, but the correct version is 1.4.7.
-
09:20 AM Bug #4818: IPSec makes worse in some cases - since 2.2.3 Update
- Since upgrading to pfSense-Full-Update-2.2.4-DEVELOPMENT-amd64-20150712-1215
I´m able to use all vpn tunnels again! ...
07/14/2015
- 11:25 PM Revision 36f90078: Fix glob for serial device names
- Removing the "." that was in {,.[0-9]} allows it to match /dev/cuau10 and onward.
I added lots of comments on the glo... - 11:25 PM Revision ccf504fc: Merge pull request #1752 from phil-davis/patch-9
- 10:55 PM Revision e65ebe32: Fix adding of VoIP rules from traffic shaper wizard where IP/alias is not
- specified.
- 10:54 PM Revision 57945fcc: Fix adding of VoIP rules from traffic shaper wizard where IP/alias is not
- specified.
-
- The match floating rule for VoIP was being skipped when no IP or alias was specified in the VoIP screen in the shaper...
- 09:52 PM Revision 1cc4c9e3: Fix GratisDNS support, manual merge of commit 3e31a7f82589d3350f111bd7d81cc83a0ab253e2
- 09:49 PM Revision 8795064c: Merge pull request #1753 from mortencombat/patch-1
- 09:43 PM Revision 3e31a7f8: Fix GratisDNS support
- The current implementation is not working for me, maybe the interface was changed by GratisDNS? I tested the update U...
-
- Since 2.2.3, enabling SSH at the console on nanobsd goes through the process, but keys aren't generated.
-
-
- Should be fixed by:
https://github.com/pfsense/pfsense/commit/cc4d13683e50595abc14efc43c91a087f123a979
Awaiting fee... -
- Reported on forum:
https://forum.pfsense.org/index.php?topic=96466.0
The glob that matches the serial device name... -
- works
-
-
- this change in dhcpd seems to be wrong. Posted to their list for feedback with additional details.
https://lists.is... -
- fixed
-
03:11 PM pfSense Packages Bug #3363: TinyDNS does not respond to IPv6 subnet
- I am currently not in charge of the router.
However shortly after reporting this issue concerning TinyDNS I changed ... -
- Do you still have this issue with current pfSense version and current tinydns version? Looks like duplicate of Bug #4...
-
- sync no longer added to new installs, and confirmed the upgrade code removes it where it's set and doesn't change any...
-
- I'm confident in this, snapshots including all relevant changes have been through the config_write loop torture test,...
- 01:24 PM Revision cc4d1368: Fix glob for serial device names
- Removing the "." that was in {,.[0-9]} allows it to match /dev/cuau10 and onward.
I added lots of comments on the glo... -
12:17 PM Bug #4817: rc.start_packages: Restarting/Starting all packages on config sync
- I had issues with my bgp and carp configurations also some bugs from version 2.2.1 and 2.2.0.
So for couple of weeks... -
- this is just how things work currently. That normally doesn't matter because only the system with backup status has t...
-
- Hello,
I am sorry for my late response.. It's suck a same...
But I have released I have sync between fw1 and fw... -
- that's been merged, thanks!
-
-
- The patches from https://forum.pfsense.org/index.php?topic=44413.msg236701#msg236701 have been merged, looking at the...
-
-
- Fixed by https://github.com/pfsense/pfsense-packages/commit/27ea3affa00297e713a8cf7c18bb81ec96ba500b
-
- > But I think there are enough nanoBSD systems out there that can potentially benefit that it is worth doing some res...
-
- this is probably much better with latest 2.2.4 @ https://snapshots.pfsense.org, would appreciate your feedback if you...
-
-
- Duplicate of #4814
-
10:28 AM Bug #4835 (Duplicate): Configuration changes are slow to save after upgrade
- I have a HA setup (two physical machines with direct crossover connection for the SYNC interface) previously running ...
-
- And while at it, https://github.com/pfsense/pfsense-packages/pull/894 (the c009c57 commit) is required to be able to ...
-
- This thing is incredibly outdated. Upstream is at 5.20. Please update the PBI.
-
- Slight cleanup with two effects:
1) a bit easier to follow
2) background execution returns PID of started process, wh... -
- Virtually no information here. If you have issues with current pfSense version and current tinydns package version, t...
-
03:33 AM pfSense Packages Bug #2720: TinyDNS does not read nameserver_*
- Thanks Kill Bill and Chris Buechler!
-
- fixed, thanks
- 01:26 AM Revision 98de735f: manual merge of Phil Davis pull request, commit b45537f75b24bc323987094e459db7b2f75aa405
- 01:22 AM Revision 82921c72: Merge pull request #1748 from phil-davis/patch-9
07/13/2015
-
- Pull request https://github.com/pfsense/pfsense-packages/pull/901
-
- Every time system is upgraded or vnstat2 package is reinstall, PHP front-end becomes inaccessible. It can be accessed...
-
- Merged and fixed ;)
-
- https://github.com/pfsense/pfsense-packages/pull/899 - perhaps someone's finally gonna pick it up when added as pull ...
-
- confirmed in latest snapshot
-
- next snapshot run, building now, should have it.
-
- port updated, package build running now.
-
- https://redmine.pfsense.org/issues/4830
https://forum.pfsense.org/index.php?topic=95908.0 -
- ALIX and APU both made it through 1000 power cycles while rw mounted on the slowest SD/CF I could find with no proble...
-
- Today another remote site is reporting similar symptoms. I am in the process of turning around the old Jumla one, put...
-
- I got the Alix back from Jumla. The replacement came up first time - thank goodness for AutoConfigBackup and being ab...
-
-
-
-
-
-
-
-
-
-
-
-
- #4608
-
- duplicate of #4806, already fixed in 2.2.4 snapshots @ https://snapshots.pfsense.org
-
- My pfsense is 2.2.3
-
- Hello,
I have set ipsec for mobile client.But it's always show connecting.And I have fot some message for ipsec.
... -
-
-
- JayD - wrote:
> Erm ... clearly a layer 7 issue on my end. FIXED! ;)
// Layer 8
I'll shut up now ... -
- Erm ... clearly a layer 7 issue on my end. FIXED! ;)
-
- Erm. See the pull request above...
-
- Running on 2.2.3 the port still has to be defined manually (see screenshot).
-
- Thanks Phillip!
Done. -
- It will be easy for the devs to review if you go to https://github.com/pfsense/pfsense and make the edit yourself and...
-
- Can it be included into 2.2.4?
-
- Fixed by https://github.com/pfsense/pfsense-packages/commit/266662ff8334da5210ad64f08b050b1167386268
-
06:11 AM Bug #1629: invalid state table entries after WAN IP change
- I forgot to post that i am using 2.2.3 and using multiple GW's to internet.
-
- I get the same behavior for my ipsec tunnels.
if my GW (cable modem giving dhcp to pfsense) "resets" itself i do not... -
- Fixed ages ago with https://github.com/pfsense/pfsense-packages/commit/7232161e99d60256c51a4ee94ef800f6d4f39764
-
05:26 AM Bug #4103: Xen xn NICs can't tag VLANs
- FYI, manually adjusting the select box HTML using an inline edit from the browser allows you to create the VLAN on th...
- 05:08 AM Revision 5eabad3d: Cancel button after input error
- If there is an input error then the edit page is redrawn showing the
input errors. The HTTP_REFERER becomes the curre... -
- Frederic Steinfels wrote:
> It seems the start script is doing more or less the same. I have no clue why the script ... -
03:53 AM pfSense Packages Bug #4717: Asterisk needs workarounds to work properly
- It seems the start script is doing more or less the same. I have no clue why the script did not get executed. However...
-
- I have watched the back-and-forth on that thread and restrained myself from commenting. Keith, I will be surprised if...
07/12/2015
-
- Can we safely assume that proper image alignment with slower flash devices that are having issues, will at least help...
-
- When it's disabled it cannot be started, since the executable bit is removed intentionally - https://github.com/pfsen...
- 07:40 PM Revision b45537f7: Fix references to Load Balancer Virtual Server redirect_mode
- When adding a Virtual Server, if you press Save with blank fields, the validation does not show. That was because the...
-
- greg Bernard wrote:
> Only workaround is to create your own certs using pfSense Cert Manager and apply that to the l... - 07:00 PM Revision ec4112dd: Interfaces PPPs edit avoid foreach() warning
- If you go to Interfaces, assign, PPPs, press "+" to add an entry, then press Save without entering anything then you ...
- 06:43 PM Revision 2f0e31b1: Interfaces GRE Edit fix required fields text
- The reqdfields had only 4 entries but reqdfieldsn has 5 entries and the field names to text descriptions did not matc...
-
- Fixed by https://github.com/pfsense/pfsense-packages/commit/65a36bbf84c3401bc79f49290493a0913fdb4936
- 06:31 PM Revision e2db25cc: Interfaces GIF Edit fix do_input_validation
- Make the required fields be correct and match thier text names, which should each have their own gettext() cal so as ...
-
- Fixed by https://github.com/pfsense/pfsense-packages/commit/d3ea61231ce09601a855da251e8067686c29646d
-
- Fixed by https://github.com/pfsense/pfsense-packages/commit/fe0163a939023f87b259f3475a89ee632824a973
-
- My humble suggestion would be to NOT use "Automatic PTR entry" in your highly weird environment that probably noone e...
-
05:22 PM pfSense Packages Bug #3530: TinyDNS creates incorrect NS records
- To better explain: in my PFsense environment, there are two nameservers:
- recursive nameserver bound to the priva... -
- Cannot see how on earth is proper FQDN "incorrect" and localhost "correct" for a NS record anywhere but for localhost...
-
- @OP: Code examples to remove the widget on uninstall:
https://github.com/pfsense/pfsense-packages/blob/master/conf... -
- SRV was added 4+ years ago: https://github.com/pfsense/pfsense-packages/commit/fceaec0ccf3e2f35959219c5e5498fdfda29a8...
- 04:18 PM Revision 81a73bcb: Avoid error loading rules for numeric host name in alias
- Create a host-type alias. Put just a number in "IP or FQDN" - e.g. I made alias name "Zqw" and a single host "23". Th...
-
- Looks like another round of PBI idiocy. Perhaps try a complete uninstall and reinstall.
-
- Can you post the contents of /usr/local/etc/rc.d/asterisk ?
-
- My car won't go. A.k.a. totally useless bug. Likely duplicate of Bug #4717.
-
- Fixed by https://github.com/pfsense/pfsense-packages/commit/7c10d4029c809d662156d5116be882ba2f8d6af9
-
- Fixed.
-
- https://github.com/pfsense/pfsense-packages/pull/897
-
- I don't know what's exactly "evidenced" by bold text, and definitely cannot see how's it required.
https://github.... -
- Considering we are on 3.0.718, this should be fixed. BTW, 3.0.719 has been released. ;)
-
- https://github.com/pfsense/pfsense-packages/pull/896
-
- Duplicate of Bug #3360
-
- https://github.com/pfsense/pfsense-packages/pull/895
- 08:53 AM Revision 0c53abc2: Firewall Aliases Edit ensure input_addresses array exists
- If you click "+" to add an alias, then press Save without entering anything, you get:
Warning: Invalid argument suppl... - 08:40 AM Revision a3669259: Firewall Aliases Import display error message for invalid alias name
- If you open firewall_aliases_import and enter just an invalid Alias Name (e.g. a$b) and press save or press save with...
-
- Perhaps test with current packages?
-
- 2.2.4 PHP needs upgraded to "5.5.27":http://php.net/archive/2015.php#id2015-07-10-2
> The PHP development team ann... -
- Someone kindly remove the dead, unmaintained and unsupported Squid2 package for 2.2+ and consider this fixed with htt...
-
- Anyterm package no longer exists. Plus really, https://doc.pfsense.org/index.php/Why_are_some_passwords_stored_in_pla...
-
- Should be fixed in Zabbix Agent LTS 0.8.5
-
- Fixed by https://github.com/pfsense/pfsense-packages/commit/8b1b7e27646806c6b283f93a62fd59ed6083f97e
-
- Are you on pfSense 2.1.x or what?
-
- Fixed.
-
- Fixed long time ago by https://github.com/pfsense/pfsense-packages/commit/8121961c39d71cbf57bd332712e044aa6ea05203
-
- PBI stupidity "fixed" as noted above, can be closed.
-
- Abandoned package, no such issue with pfBlockerNG.
-
- Fixed for quite some time.
-
- This works just fine now; obsolete bug.
-
- System - Advanced - System Tunebles: edit net.inet.ip.portrange.first
Duplicate of #4297 -
- Duplicate of # 4608
- 05:49 AM Revision 9a01d22d: Static routes merge "else" and "if" into "else if"
- As suggested by Renato.
-
- https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=200502
https://github.com/zeromq/libzmq/issues/1273
!http://i.i... - 03:04 AM Revision b03de800: Fix issue_ip_type var name spelling
- Actually there was no real problem, but having a mis-spelling like this means that English speakers will waste time (...
-
- Diff attached.
-
- Works for me.
@[2.2.2-RELEASE][admin@gw.localdomain]/etc/inc: diff vpn.inc vpn.inc.orig
1650,1654d1649
< ...
07/11/2015
-
- Denis Kozlov wrote:
> I mean, scale the MBUF according to the number of cores and network cards. Job done.
That's... -
05:51 PM Bug #1221: igb driver mbuf allocation problems on multicore machines aka Could not setup receive structures
- Once again, why can't this be addressed in pfSense?
I mean, scale the MBUF according to the number of cores and ne... -
- The original problem here from years back has nothing to do with anything current, that was a 4 year old driver probl...
-
04:44 PM Bug #1221: igb driver mbuf allocation problems on multicore machines aka Could not setup receive structures
- Still on 2.2.3 this bug is for sure not resolved. Yes there is a manual workaround that needs to be applied on every ...
-
- SU+J gone -> sanity restored. Good riddance.
-
- The interface gets saved OK in the config, but in /etc/inc.vpn.inc function vpn_l2tp_configure() there is no mention ...
-
- I have pfSense with 2 WANs (ISPs) and L2TP server on it in head office (HO). I RDR 1701/udp to LAN address of pfSense...
-
- This fix was released with v2.2.3. I tested it and it works as expected now.
-
- That /usr/pbi/ntopng-amd64/bin/ntopng-geoipupdate.sh is definitely not a shell script, plus it downloads corrupt crap...
-
- Thanks for the follow up.
-
- You are right, sorry. Tried again and it generates the proper config. Must have mixed something up.
- 01:03 AM Revision fd29caa1: fix fsync, thanks Phil Davis for noticing
- 01:03 AM Revision 63fcce23: fix fsync, thanks Phil Davis for noticing
-
- Thanks for the report, I'll review.
07/10/2015
- 11:21 PM Revision 88f2c335: fix fsync
- 11:21 PM Revision 362245b0: fix fsync
- 11:13 PM Revision 8a811010: fsync after fclose here, clean up some white space while here.
- Conflicts:
etc/inc/config.lib.inc - 11:12 PM Revision 4171affc: fsync after fclose here, clean up some white space while here.
- 10:48 PM Revision d7b97ca3: fsync conf_path here too
- 10:48 PM Revision 601ba542: fsync conf_path here too
- 09:23 PM Revision 89a8d28e: fix typo
- 09:22 PM Revision 224d9d30: fix typo
-
- I believe this happens when config.cache is corrupt or truncated because of power loss shortly after writing the file...
-
- updated subject to actual issue. SU+J was reverted in nanobsd today after verifying an APU made it through hundreds o...
-
- not sure I'm following what you mean, single address in P2s works as is. What's the circumstance you're referring to?
-
- Static phase 2 entries with a single address endpoint are generated with left/rightsourceip which means that strongsw...
- 07:44 PM Revision f9ee8994: system_crlmanager.php Conversion complete
- Ready for review
This page has a complex mixture of forms and tables. It needs to be
reviewed for functionality. -
- Thanks Clement!
-
10:43 AM Bug #3737: Incoming VLAN traffic fails to reach VLAN interface if PCP not 0
- Chris, if you're interested in using PCP in your configuration you can take a look at #4133 which is more "up-to-date...
-
- I believe this may be related to https://forum.pfsense.org/index.php?topic=87638 (of which I am experiencing the same...
-
- A previously working IPv6 configuration for prefix delegation is broken on 2.2.3.
In /var/dhcpd/etc/dhcpdv6.conf, ... - 01:18 PM Revision f17594c7: Add missing <h2> elements to panel-heading's
- refs #192
- 12:33 PM Revision 11e87d3a: Merge pull request #328 from sbeaver-netgate/Remove-Cancel
- remove all "Cancel" buttons on forms
- 12:19 PM Revision 40f73fe2: Removal of "Clear" controls
- Removal complete from all files
-
11:06 AM Feature #4828 (Duplicate): Advanced option to show hidden firewall rules in web gui
- It would be really nice to be able to see the complete ruleset (including hidden rules like the "default pass rules")...
-
- Moritz Bechler wrote:
> Actually, I think this is a bug in strongswan
Of course not! That's all by (utterly brai... -
- Actually, I think this is a bug in strongswan (just filed it: https://wiki.strongswan.org/issues/1028), as the asn1dn...
-
- Seems likely to be this:
"Unfortunately, RSS is usually capable of hashing IPv4 and IPv4 traffic (L3+L4). All other ... -
- That is expected behavior. It matches based on regex/substrings. You can use regex anchors to limit what it matches, ...
-
04:42 AM Bug #4824: Filterting firewall logs by port returns excess results
- The bold 25 above should have read asterisk25asterisk (as in wildcard).
-
- Hi,
If you filter firewall logs by e.g. port 25, the search results appear to be *25* so results include e.g. 1251... -
- Phase 1 configuration is currently restricted to specifiying a single algorithm proposal. Shouldn't be too difficult ...
-
- The strongswan connection config generated for a mobile client association does not include the configured peer ident...
-
- The config.xml portion was fine with Renato's change, but missed other parts of /cf/conf/. Jim T's earlier change get...
-
- James Snell wrote:
> Thank you Tahar for the ln commands, that got it running again for me after I upgraded to 2.2.3...
Also available in: Atom