Project

General

Profile

Activity

From 10/07/2015 to 11/05/2015

11/05/2015

10:33 PM pfSense Packages Feature #4394 (Resolved): HAproxy and use ACLs from UI to perform a "block"/"http-request deny"
Chris Buechler
09:03 PM pfSense Packages Feature #4394: HAproxy and use ACLs from UI to perform a "block"/"http-request deny"
I just tested it out. Wow, this is awesome.
It works as intended and expected, it's just one just has to be carefu... Stéphane Lapie
02:18 PM pfSense Packages Feature #4394: HAproxy and use ACLs from UI to perform a "block"/"http-request deny"
Checkout new haproxy-devel package v0.33, it is now be possible to create more elaborate acl/action items.
If you fi... Pi Ba
05:47 PM pfSense Packages Feature #4897 (Resolved): Use errorfiles with frontend(s) via UI
Thanks PiBa Chris Buechler
02:11 PM pfSense Packages Feature #4897: Use errorfiles with frontend(s) via UI
Checkout new haproxy-devel package v0.33, it is now be possible. Pi Ba
02:23 PM Bootstrap Bug #5375 (Resolved): diag_logs_filter.php Search functionality broken
Anonymous
11:21 AM Bootstrap Bug #5375: diag_logs_filter.php Search functionality broken
https://github.com/pfsense/pfsense/pull/2033 jeroen van breedam
10:06 AM Bootstrap Bug #5375 (Resolved): diag_logs_filter.php Search functionality broken
Installed 2.3-Alpha on my fpsense SG-2440... Used to sort firewall logs with "Block" checkmark to see whats blocked o... Anonymous
02:17 PM Bug #5377: Scheduled Rules
As shown in the screenshots, my rules are set in pairs, the allow rule with the schedule, then a block all for the sa... Anonymous
02:03 PM Bug #5377: Scheduled Rules
I don't think this has ever worked properly when you schedule block rules. What works is blocking by default and sche... Kill Bill
12:58 PM Bug #5377: Scheduled Rules
Do you have a forum thread that you started to discuss the issue? Did others confirm the issue there? If you have a t... Jim Pingle
12:53 PM Bug #5377: Scheduled Rules
I have been reading the forums for days to try and fix this issue that has seemingly gone on for years. This images s... Anonymous
12:47 PM Bug #5377 (Rejected): Scheduled Rules
System > Advanced, Misc tab, uncheck Schedule States, if that doesn't work, discuss on the forum for confirmation bef... Jim Pingle
12:33 PM Bug #5377 (Rejected): Scheduled Rules
Scheduled rules are only effective at blocking new connections, they do not terminate any active states. Anonymous
10:13 AM Bug #5376 (Rejected): Traffic Shaper Wizard not functioning in 2.2.4
Please post on the forum for assistance or use another support method. There is no bug here, but perhaps something ch... Jim Pingle
10:10 AM Bug #5376 (Rejected): Traffic Shaper Wizard not functioning in 2.2.4
The Traffic Shaper Wizard is not functioning in 2.2.4
Testing environment
1 - WAN connection
1 - LAN connection
... Nick Smith
07:28 AM Feature #5373: Advanced option to add separator or group firewall rules in web gui
Please move this request to the main pfSense category.
It was created under the Packages category by mistake.
 TCI User
07:19 AM Bug #5372: Two rules created if double click the Save button (by mistake)
I will move it later today (after you have had time to read this :) ) Anonymous
07:18 AM Bug #5372: Two rules created if double click the Save button (by mistake)
Kill Bill wrote:
> This got misfiled under packages bugs.
Sorry about that. This was my first report and I did no... TCI User
04:45 AM Bug #5372: Two rules created if double click the Save button (by mistake)
This got misfiled under packages bugs. Kill Bill
04:30 AM pfSense Packages Bug #5374 (Closed): postfix package is patching /etc/inc/system.inc (syslog configuration)
Sigh... filing for tracking purposes.
https://github.com/pfsense/pfsense-packages/blob/master/config/postfix/post... Kill Bill

11/04/2015

08:29 PM Feature #5373: Advanced option to add separator or group firewall rules in web gui
Would also be very helpful to be able to add a label to the rule, beyond the description.
I've written some automati... Andrew Webster
09:22 AM Feature #5373 (Resolved): Advanced option to add separator or group firewall rules in web gui
Will be very helpful if we can add *separator* (and probably add a name) or *group* firewall rules in web GUI.
This ... TCI User
04:52 PM Bug #2762: PF drops IPv6 packets with fragment header followed by a last fragment only
PS: for those who want to test with a website that sends fragments try www.cbs.nl. It has an RFC 6145 SIIT box in fro... Sander Steffann
12:08 PM Bug #4345: Traffic Shaping doesn't work with Xen netfront driver
If I read #3670 I will this twice. I'm still on 2.1.5 and ipv6 didn't work with my ISP. Grischa Zengel
11:22 AM Bug #4345: Traffic Shaping doesn't work with Xen netfront driver
Please, put this to 2.2.5:
https://svnweb.freebsd.org/base?view=revision&revision=286999 Grischa Zengel
10:17 AM Bug #5372: Two rules created if double click the Save button (by mistake)
I can replicate this by slowly clicking Save twice. If I purposely do a "double-click"speed double-click it does not ... Phillip Davis
09:00 AM Bug #5372 (Resolved): Two rules created if double click the Save button (by mistake)
My browser is Chrome v.46.0.2490.80
When creating a +*new rule*+ and double click the *Save* button (by mistake) the... TCI User
06:42 AM Bug #5371 (Duplicate): Kernel Panic - Sleeping thread owns a non-sleepable lock on ALIX Firewall after 2.0.1-RELEASE config import
Please try a 2.2.5 snapshot (or 2.2.5 release which should be coming out soon) -- that's a known panic that has been ... Jim Pingle
06:16 AM Bug #5371: Kernel Panic - Sleeping thread owns a non-sleepable lock on ALIX Firewall after 2.0.1-RELEASE config import
Happy to send my running config to any of the pfsense team although I think Chris still has it ;) MF Mark
06:14 AM Bug #5371 (Duplicate): Kernel Panic - Sleeping thread owns a non-sleepable lock on ALIX Firewall after 2.0.1-RELEASE config import
After flashing the following image pfSense-2.2.4-RELEASE-2g-i386-nanobsd to a PCEngines Alix Firewall and importing o... MF Mark
05:23 AM Bug #5044: PHP-FPM Segmentation fault after Configuration Import of 2.0.1-RELEASE config
Chris Buechler wrote:
> Thanks for sending your config. It isn't replicable restoring to a 64 bit VM. It's from an A... MF Mark

11/03/2015

05:56 PM pfSense Packages Bug #3495: Zabbix2-Agent and Zabbix2-proxy upgrade.
Ultimately the issue is the fact that the 2.0.4 version used a shared utility file. If you uninstall one you can't u... Robert Middleswarth
04:28 PM pfSense Packages Bug #3495: Zabbix2-Agent and Zabbix2-proxy upgrade.
These versions don't even exist any more, cannot be fixed. Plus, the obvious solution is to simply uninstall both pac... Kill Bill
04:18 PM pfSense Packages Bug #2809: Reverse Proxy for ActiveSync / Real-Time Monitor
Not really sure what's the bug here? Yeah, so add it to custom config if you need it. Adding a gazillion of corner-ca... Kill Bill
03:58 PM Bug #4227 (Feedback): Too much logging for IPSec DPD
Matthew Smith
02:45 PM Bug #4227: Too much logging for IPSec DPD
The logging is done by strongswan. There are several ways to control the frequency of DPD-related messages. One is to... Matthew Smith
03:49 PM pfSense Packages Bug #5366: Binding transparent proxy with squid3 to openvpn interface disables proxy while service stays running
X-Forwarded-For and Via headers are configurable in the package GUI, plus - this is not a good way to debug things at... Kill Bill
02:14 PM pfSense Packages Bug #5366 (Not a Bug): Binding transparent proxy with squid3 to openvpn interface disables proxy while service stays running
thanks for the follow up. The package is exactly the same regardless of base version so something in your config. Chris Buechler
09:13 AM pfSense Packages Bug #5366: Binding transparent proxy with squid3 to openvpn interface disables proxy while service stays running
I just tried it using the daily snapshot from 2th November 2015 and it is now working. I did not follow the exact sam... steve wozniak
03:03 PM Bug #3317: ntpd sets stratum 16 (unsynced) when selected to listen on multiple interfaces
I have the same problem on one of my pfsense boxes today (virtual machine) ... Jesper Grann Laursen
02:15 PM pfSense Packages Bug #4525 (Resolved): ACLs: Allowed subnets. There is no way to input "all".
Chris Buechler
06:26 AM pfSense Packages Bug #4525: ACLs: Allowed subnets. There is no way to input "all".
Fixed in 0.4.2 Kill Bill
12:10 PM Todo #5370 (Resolved): Review usage of IPsec-related sysctl OIDs in GUI and backend code
2.3 will have less sysctl OIDs with the various changes made to FreeBSD along the way. We need to review the sysctls ... Jim Pingle
11:20 AM Todo #5219 (Feedback): EAP-RADIUS selection for IKEv2 Mobile IPsec should warn if the selected authentication backend is not a RADIUS server.
Applied in changeset commit:6684d5944eacf4dbd717edba9d82c30001b5bc3b. Matthew Smith
11:06 AM Bootstrap Bug #5369 (Resolved): Thermal sensor widget no longer functions
Widget re-written to use correct 2.3 widget structure.
Now uses Bootstrap stacked progress bars that change color to ... Anonymous
11:04 AM Bootstrap Bug #5369 (Resolved): Thermal sensor widget no longer functions
Widget was converted to Bootstrap at some point, but it is no longer functional since the graphing library it uses ha... Anonymous
05:44 AM Todo #5368 (Resolved): Review /etc/ttys for serial console
FreeBSD current and stable/10 /etc/ttys now defaults to 3wire on serial tty setup, this means we don't need to force ... Renato Botelho

11/02/2015

09:04 PM Bootstrap Bug #5365: diag_logs_filter_dynamic.php not so dynamic
https://github.com/pfsense/pfsense/pull/2019
should help with the cross/tick button and getting the syntax correct f... Phillip Davis
12:51 PM Bootstrap Bug #5365 (Feedback): diag_logs_filter_dynamic.php not so dynamic
Dynamism has been restored.
etc/inc/filter_log.inc has been updated to use fa icon, but still needs work similar t... Anonymous
11:50 AM Bootstrap Bug #5365 (Resolved): diag_logs_filter_dynamic.php not so dynamic
There is no "dynamic" to Firewall Log Dynamic view.
diag_logs_filter_dynamic.php refers to /javascript/filter_log.js... Anonymous
05:43 PM Bug #4590 (Duplicate): Nat Reflection bug when using limiters
duplicate of #4326 Chris Buechler
02:46 PM Bug #5367 (New): Safari repeatedly tries to reload dashboard

When logging in as a user that does not have privileges configured to access one of the pages associated with a wid... Matthew Smith
11:59 AM pfSense Packages Bug #5366 (Not a Bug): Binding transparent proxy with squid3 to openvpn interface disables proxy while service stays running
Hello,
I was using Squid3 with C-ICAP and clamav, everyhting was working file.
I used squid3 as transparent proxy... steve wozniak
11:51 AM Bug #5149 (Resolved): memory leak(s) in strongswan
Switching to with-printf-hooks=vstr resolved the most significant memory leaks. Chris Buechler
11:32 AM Bug #4642: OpenVPN process status stopped... but its running
Hi again guys...
I can confirm that fact... I didn't put attention on that...
I use multiwan... and I'm also usin... Alejandro Olivan
11:30 AM Todo #5222: Default dashboard has lots of widgets displayed in closed state
Applied in changeset pfsense:commit:79da790bf34762693749e096d61517dc20a3d0f1. Anonymous
11:26 AM Todo #5222 (Feedback): Default dashboard has lots of widgets displayed in closed state
2.2.x draws all of the widgets all of the time, but hides the ones you don't want to see via Javascript. 2.3 only dis... Anonymous
11:26 AM pfSense Packages Bug #3442 (Closed): Stunnel package $config issue?
Stilez: if there is some way to replicate this on 2.3, please follow up with details Chris Buechler
11:24 AM Bug #5364 (Resolved): IPsec status pages show all time units as seconds
The vici plugin outputs all status times in seconds, where SMP status output hours for times > 1 hour, minutes for ti... Chris Buechler
10:58 AM Bug #5363: Reject rules show as blocked on firewall log normal and dynamic views
Yes, sure.
Note that I have submitted a pull request https://github.com/pfsense/pfsense/pull/2014 to fix just the pr... Phillip Davis
10:51 AM Bug #5363 (Confirmed): Reject rules show as blocked on firewall log normal and dynamic views
There are performance concerns here (discussed on above pull request), that's how it's always worked, and we're proba... Chris Buechler
12:10 AM Bug #5363: Reject rules show as blocked on firewall log normal and dynamic views
See pull request https://github.com/pfsense/pfsense/pull/2012 for RELENG_2_2.
If this is acceptable, then the nece... Phillip Davis
12:08 AM Bug #5363 (Needs Patch): Reject rules show as blocked on firewall log normal and dynamic views
The icon shown for a firewall log entry that is for a "reject" rule is the red cross symbol.
It should display the y... Phillip Davis

11/01/2015

04:13 PM pfSense Packages Bug #4288: inetd is missed by check_mk
This is completely broken on pfSense 2.2.x. Please, test with files from here: https://github.com/doktornotor/pfsense... Kill Bill
09:35 AM Bug #4642: OpenVPN process status stopped... but its running
Perhaps we can apply the same flock in the file for switching the tier1-Wan tier2-Wan connection. Then, only one inst... Cullen Trey
07:00 AM Bug #4642: OpenVPN process status stopped... but its running
The CARP stuff is one source of this problem. But it also happens on systems without any CARP. I have it happen occas... Phillip Davis
04:39 AM Bug #4642: OpenVPN process status stopped... but its running
Hi,
I could fix all my problems with the attached changes in rc.carpmaster and rc.carpbackup.
1. Added more det... Cullen Trey
04:41 AM pfSense Packages Bug #3442: Stunnel package $config issue?
This bug simply doesn't exist anywhere on any sane pfSense version. End of story. Kill Bill
03:39 AM pfSense Packages Bug #4167: Lightsquid package does not remove crontab entries
Fixed. Kill Bill

10/31/2015

06:03 PM Bug #5361: PFSense Control Panel hangs
Correct. Rebooting fixed the DNS issue. Julian Zhou
06:00 PM Bug #5361: PFSense Control Panel hangs
OK thanks. So just to confirm rebooting solved your DNS issue, but the dashboard still hangs?
I will attempt to re... Anonymous
05:57 PM Bug #5361: PFSense Control Panel hangs
No, but a reboot fixed it.
It still hangs, the widgets I have loaded are System Information and Interfaces expand... Julian Zhou
05:25 PM Bug #5361: PFSense Control Panel hangs
So are you able to resolve the issue by changing that DNS name?
FYI I just pushed an updated version of the ipsec ... Anonymous
05:19 PM Bug #5361: PFSense Control Panel hangs
Although, it would appear that originally, the DNS name I gave it (something.tcn) would resolve. It no longer resolve... Julian Zhou
05:17 PM Bug #5361: PFSense Control Panel hangs
Still hangs here. Not fixed :| Julian Zhou
04:36 PM Bug #5361: PFSense Control Panel hangs
Updating as Renato suggested corrected the issue for me.
Julian - Would you do the same and report back please?
... Anonymous
04:27 PM Bug #5361 (Feedback): PFSense Control Panel hangs
Please update the system using console, option 13. This function os part of php56-pfSense-module version0.7 Renato Botelho
04:25 PM Bug #5361: PFSense Control Panel hangs
OK thanks. Fixing the IPSec widget fixed the issue for me, so once that change makes its way out I'll ask you to test... Anonymous
03:20 PM Bug #5361: PFSense Control Panel hangs
I trashed the IPSec widget, it still hangs. :| Julian Zhou
02:03 PM Bug #5361: PFSense Control Panel hangs
Recent change to ipsec widget breaks the dashboard when that widget is in use.
https://github.com/pfsense/pfsense/co... Anonymous
01:35 PM Bug #5361 (Resolved): PFSense Control Panel hangs
It would appear that the main page upon login to the control panel hangs and prevent other pages from loading. All th... Julian Zhou
05:23 PM Bug #5362 (Resolved): IPSec widget tab functionalit broken
<div>s were updated, tables reformatted and Javascript replaced. Tabs now work the same as 2.2.x Anonymous
04:55 PM Bug #5362 (Resolved): IPSec widget tab functionalit broken
The three tabs at the top of the ipsec widget do not function. Anonymous
12:46 PM Bug #5273: UMTS / 3G Connection reports wrong Gateway information (10.64.64.0) and no data is going through that connection.
Hello Chris, hello PFSense-Team,
I was not able to get it to work as it should. I decided to move to an old LTE-Rout... Thomas Burger
11:57 AM Todo #4847: NanoBSD Image Flash Block Misalignment
About time. Upstream:
Support for detecting and implementing aligning partitions on 1Mb boundaries has been added ... ky41083 -
09:35 AM Bootstrap Bug #5357 (Resolved): Simplify vpn_ipsec.php
Anonymous
04:36 AM pfSense Packages Bug #3439: TFTP - cannot start or restart from Status -> Services
Not doable from the package and not a package bug - tftpd used inetd. The only thing doable in the package is removin... Kill Bill
04:25 AM Feature #5360 (New): Add possibility to configure independent "UPnP & NAT-PMP" instances
I have the following setup:
1. WAN1 (GW1) + VLAN1 (main ethernet network)
2. WAN2 (GW2) + VLAN7 (wifi network)
B... Dmitriy K

10/30/2015

04:06 PM Bug #4642: OpenVPN process status stopped... but its running
Hi all,
I can only confirm this issue with CARP IPs and OpenVPN. The PIDs for nanobsd or full install without CARP... Cullen Trey
02:06 PM Bootstrap Bug #5359 (Resolved): Update UI pages to use copyright-master
Anonymous
09:06 AM Bootstrap Feature #5358 (Resolved): Setup wizard PPPoE password field should be type password, not text
Anonymous
09:03 AM Bootstrap Feature #5358 (Resolved): Setup wizard PPPoE password field should be type password, not text
Need to protect from prying eyes.
Also requires "Show password" button to allow checking for typos. Anonymous

10/29/2015

08:25 PM Bug #5353 (Resolved): Add leftsendcert=always to ipsec.conf for mobile profiles using IKEv2 and EAP to better accommodate iOS 9/OS X 10.11
Jim Pingle
05:54 PM Bug #5346: 2.2.4 WLAN on WAN causes Kernel Crash
This bug can be closed. The resolution is indeed found in #4740 Ramon Buckland
05:53 PM Bug #4740: Intel wireless kernel panic in infrastructure mode with WPA
Yes, moving the sleep(1) line from above to below the wpa_supplicant loading line resolved the issue.
I now have p... Ramon Buckland
03:00 PM Bootstrap Bug #5228 (Feedback): Empty space before (drop-down) field display value
A combination of the suggested methods seems to produce the best display. Select padding has been reduced from 12 to ... Anonymous
01:48 PM Bootstrap Bug #5357 (Resolved): Simplify vpn_ipsec.php
This page is a mess of buttons, icons and sortable rows. It really needs to be completely re-written using a jQuery l... Anonymous
10:25 AM Bug #5354 (Not a Bug): IPSec VPN tunnel with Cisco ASA - Able to only establish 1 SA
thanks for the follow up Chris Buechler
09:15 AM Bootstrap Todo #5356 (Feedback): Refactor row toggle code in pages that use drag/drop sorting
Refactor completed and tested. Anonymous
09:10 AM Bootstrap Todo #5356 (Resolved): Refactor row toggle code in pages that use drag/drop sorting
Move row toggle code to jquery/pfSenseHelpers.js to make hte pages consistent and reduce code size.
usr/local/www/... Anonymous
03:42 AM Bug #5355: on Dynamic WAN IP (DHCP Client) it takes 10 minutes before Phase1 reconnects
add config file with cleared pw Vitali Kari
03:37 AM Bug #5355 (New): on Dynamic WAN IP (DHCP Client) it takes 10 minutes before Phase1 reconnects
2.2.4-RELEASE (i386)
built on Sat Jul 25 19:56:41 CDT 2015
FreeBSD 10.1-RELEASE-p15
It seems that charon do not ... Vitali Kari

10/28/2015

04:38 PM Bug #5354: IPSec VPN tunnel with Cisco ASA - Able to only establish 1 SA
Resolved.
Changed Configure Unique IDs as: to KEEP
 Eddie Gossett
04:02 PM Bug #5354 (Not a Bug): IPSec VPN tunnel with Cisco ASA - Able to only establish 1 SA
I recently upgraded to 2.2.4. After the upgrade, One of the VPN tunnels is acting very strange. The VPN tunnel will n... Eddie Gossett
03:28 PM Bootstrap Bug #5228: Empty space before (drop-down) field display value
to clarify myself: google found a way to fix.....
i'm just idiot with some spare time ;) jeroen van breedam
03:25 PM Bootstrap Bug #5228: Empty space before (drop-down) field display value
found a way to fix it without having to manually add classes to the option fields
https://github.com/pfsense/pfsen... jeroen van breedam
03:07 PM Bootstrap Bug #5228: Empty space before (drop-down) field display value
Thanks. If we really need to do this, I think your second scheme "create a new entry in pfsense.css ".form-select-opt... Anonymous
02:49 PM Bootstrap Bug #5228: Empty space before (drop-down) field display value
<select class=form-control> form-control has padding enabled
the class is not applied to it's <option>'s
so... jeroen van breedam
12:50 PM Bug #5353: Add leftsendcert=always to ipsec.conf for mobile profiles using IKEv2 and EAP to better accommodate iOS 9/OS X 10.11
Applied in changeset commit:76827b9cedc8a816023aa2b882844b883a7fa8c8. Jim Pingle
12:50 PM Bug #5353 (Feedback): Add leftsendcert=always to ipsec.conf for mobile profiles using IKEv2 and EAP to better accommodate iOS 9/OS X 10.11
Applied in changeset commit:50de9fa88581b487918faddefd286caccc14b28c. Jim Pingle
12:42 PM Bug #5353 (Resolved): Add leftsendcert=always to ipsec.conf for mobile profiles using IKEv2 and EAP to better accommodate iOS 9/OS X 10.11
The IKEv2 client on iOS 9 and OS X wants strongSwan to use leftsendcert=always when using a manual configuration. A V... Jim Pingle
12:48 PM Bug #3883: Changing SNMP Bind Interface does not change actual bind interface of SNMP service.
I am guessing that the OP has (had) the old "snmp" "bindlan" set in config.xml
With the code in 2.2.4 or before, tha... Phillip Davis
12:32 PM Bug #3883: Changing SNMP Bind Interface does not change actual bind interface of SNMP service.
This should fix it:
https://github.com/pfsense/pfsense/pull/2000 Phillip Davis
10:44 AM Bug #3883: Changing SNMP Bind Interface does not change actual bind interface of SNMP service.
There is a report of a problem with 2.2.4 at https://forum.pfsense.org/index.php?topic=101538 David Wood
11:40 AM Bootstrap Bug #5352 (Resolved): interfaces_vlan_edit.php produces errors related to the "interfaces" selector.
Anonymous
10:20 AM Bootstrap Bug #5352: interfaces_vlan_edit.php produces errors related to the "interfaces" selector.
Applied in changeset pfsense:commit:ed7f3bbcda1767494e90d779fa92a4d8fcac2524. Anonymous
10:17 AM Bootstrap Bug #5352 (Feedback): interfaces_vlan_edit.php produces errors related to the "interfaces" selector.
Replaced complex and unsafe options generation code with a safer function. Anonymous
10:15 AM Bootstrap Bug #5352 (Resolved): interfaces_vlan_edit.php produces errors related to the "interfaces" selector.
https://forum.pfsense.org/index.php?topic=101537.0 Anonymous
09:21 AM Bug #5351 (Resolved): Sanitze user input, even if restricted by html
The following XSS can be eleminated, by checking if the input is a number, but I think there are more attacks possibl... Marcel Hellwig
04:59 AM Bug #5149: memory leak(s) in strongswan
2.2.5-DEVELOPMENT (amd64) built on Tue Oct 27 10:31:57 CDT 2015
Not completely definitive yet but the graph I post... Jon Gerdes
03:48 AM Bug #5327 (Resolved): generation of split tunnel attribute in strongswan charon.plugins.attr breaks iOS IKEv2 clients
this is specified correctly now.
The inclusion of split-include in strongswan.conf with iOS clients with IKEv1 PS... Chris Buechler
12:44 AM Bug #5259: firewall_aliases_edit.php: Switch to a URL Table type when you already have multiple rows
Hide the "Delete" button when less than two rows exist - that is working nicely, thanks.
I think everything here i... Phillip Davis

10/27/2015

08:26 PM Bug #5345 (Resolved): IPv6 captive portal allowed hostnames added as /32s
fixed, thanks! Chris Buechler
11:08 AM Bug #5345 (Feedback): IPv6 captive portal allowed hostnames added as /32s
Fixed in latest port revision (filterdns-1.0_6) for 2.2.x and 2.3.
 Luiz Souza
06:56 PM Bug #5340 (Resolved): IPsec logging - silent can't be configured, issues with defaults
fixed Chris Buechler
06:55 PM Bug #5350 (Resolved): 2.3 IPsec logging - silent can't be configured, issues with defaults
Need to apply fixes from #5340 to 2.3. Closed #5340 with target 2.2.5 for tracking purposes.
A complication here ... Chris Buechler
06:07 PM Bug #5323 (Resolved): My Certificate Authority is displayed/saved for authentication methods where it is not needed
all good Chris Buechler
10:47 AM Bootstrap Bug #5349 (Resolved): wake_on_line.widget.php - Layout needs to be improved
Widget table Bootstrap formatted.
Icons changed to more suitable font-awesome icons.
Tool-tips added. Anonymous
10:09 AM Bootstrap Bug #5349 (Resolved): wake_on_line.widget.php - Layout needs to be improved
Current layout is unattractive and uninformative. Anonymous
10:01 AM Bootstrap Bug #5348 (Resolved): Viewing on mobile device
Anonymous
09:55 AM Bootstrap Bug #5348: Viewing on mobile device
I have just tried it and works fine now thanks Jake Rote
09:35 AM Bootstrap Bug #5348: Viewing on mobile device
You can git-sync now to get it. It will also be in the next image, but I'm not sure what time today that will be gene... Anonymous
08:48 AM Bootstrap Bug #5348: Viewing on mobile device
Ok cool what build will this be in? Jake Rote
07:32 AM Bootstrap Bug #5348: Viewing on mobile device
Great. Thank you. I will start testing in that way too.
I have added the metadata tag Anonymous
07:22 AM Bootstrap Bug #5348: Viewing on mobile device
This happens on my note 4 it's due to the PPI but the viewport header fixes this. I managed to replicate in chrome de... Jake Rote
07:08 AM Bootstrap Bug #5348 (Feedback): Viewing on mobile device
Thanks Jake.
I have been testing device compatibility using Safari in "Responsive design mode" like this, and have n... Anonymous
06:36 AM Bootstrap Bug #5348 (Resolved): Viewing on mobile device
Bootstrap is not displaying correctly on mobile as the following metadata is missing from the top of the <head> secti... Jake Rote
09:02 AM Bug #5259: firewall_aliases_edit.php: Switch to a URL Table type when you already have multiple rows
jquery/pfSenseHelpers.js has been further amended to hide the "Delete" button when less than two rows exist.
The n... Anonymous
04:50 AM Bug #5259: firewall_aliases_edit.php: Switch to a URL Table type when you already have multiple rows
2.3-ALPHA (amd64)
built on Mon Oct 26 19:32:58 CDT 2015
FreeBSD 10.2-STABLE
I played with various ways to try ... Phillip Davis
07:14 AM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic
I just want to update that this bug is still present. Any developments? I have tested with 2.2.2. Bryan Bercero
07:00 AM Bootstrap Bug #5347: firewall_nat_out_edit.php issues
Applied in changeset pfsense:commit:9fc6233a19532421c5ff8f88745d6345cb978fc5. Anonymous
06:52 AM Bootstrap Bug #5347 (Feedback): firewall_nat_out_edit.php issues
The two missing elements had been provided, but were hidden unless the protocol was set to TCP, UDP or TCP/UDP.
I ... Anonymous
12:37 AM Bootstrap Bug #5347: firewall_nat_out_edit.php issues
thanks Phil, merged that. Chris Buechler
04:38 AM Bug #5291: Difficult to be sure that a package install has ended
General install, remove, reinstall and reinstall all seems good now. I just tried all the combinations on:
2.3-ALPHA... Phillip Davis
01:51 AM Bug #5207 (Resolved): Hybrid RSA + xauth doesn't appear to configure strongswan correctly for hybrid auth
fixed Chris Buechler
01:14 AM Bootstrap Bug #5288: After Execute PHP Commands with bad code, menus do not work
I can understand that! I am happy to see the results of the crud code that I typed, and press "No" to not submit the ... Phillip Davis
12:46 AM Bootstrap Bug #5288: After Execute PHP Commands with bad code, menus do not work
Phillip Davis wrote:
>
> It still gives the "crash report" stuff, which is good
This part, I'm not sure that's ... Chris Buechler
12:35 AM Bootstrap Bug #5288 (Resolved): After Execute PHP Commands with bad code, menus do not work
thanks Phil.
The general issue Steve discussed earlier today as part of this, where PHP getting stuck making the ... Chris Buechler
01:01 AM Bug #5313 (Resolved): Intermediate internal CA's are created without a reference to the signing internal CA
works Chris Buechler
12:47 AM Bug #5343 (Resolved): Cannot upload or download from exec.php when in non-English language
fixed Chris Buechler
12:40 AM Bug #5343: Cannot upload or download from exec.php when in non-English language
2.2.5-DEVELOPMENT (i386)
built on Mon Oct 26 18:12:44 CDT 2015
FreeBSD 10.1-RELEASE-p23
Works Phillip Davis
12:46 AM Bug #5342 (Resolved): Cannot change outbound NAT modes when using non-English translation
also confirmed on 2.2.5. thanks Phil! Chris Buechler
12:39 AM Bug #5342: Cannot change outbound NAT modes when using non-English translation
2.2.5-DEVELOPMENT (i386)
built on Mon Oct 26 18:12:44 CDT 2015
FreeBSD 10.1-RELEASE-p23
Works Phillip Davis

10/26/2015

11:28 PM Bug #5343: Cannot upload or download from exec.php when in non-English language
2.3-ALPHA (amd64)
built on Mon Oct 26 19:32:58 CDT 2015
FreeBSD 10.2-STABLE
Works Phillip Davis
09:10 AM Bug #5343: Cannot upload or download from exec.php when in non-English language
Applied in changeset commit:bd8eeef99c49ac278d9c21e0304911715f7b1e35. Anonymous
09:02 AM Bug #5343 (Feedback): Cannot upload or download from exec.php when in non-English language
Updated as suggested above.
Also added Javascript to scroll the page to the PHP section when a PHP command is executed. Anonymous
11:26 PM Bug #5342: Cannot change outbound NAT modes when using non-English translation
2.3-ALPHA (amd64)
built on Mon Oct 26 19:32:58 CDT 2015
FreeBSD 10.2-STABLE
Works Phillip Davis
08:30 AM Bug #5342: Cannot change outbound NAT modes when using non-English translation
Applied in changeset commit:11a6f29cde1331c5e31204d3794c6f4f9a32aa57. Anonymous
08:25 AM Bug #5342 (Feedback): Cannot change outbound NAT modes when using non-English translation
I see no need to test the value of the $_POST['save'] parameter so have removed the test.
There were a couple of o... Anonymous
11:23 PM Bootstrap Bug #5288: After Execute PHP Commands with bad code, menus do not work
2.3-ALPHA (amd64)
built on Mon Oct 26 19:32:58 CDT 2015
FreeBSD 10.2-STABLE
That works nicely now. It still gi... Phillip Davis
03:10 PM Bootstrap Bug #5288: After Execute PHP Commands with bad code, menus do not work
Applied in changeset pfsense:commit:3e115dbf716a9bdb6b972a367c0f0a44f183f6ab. Anonymous
03:09 PM Bootstrap Bug #5288 (Feedback): After Execute PHP Commands with bad code, menus do not work
Changed the code to write the user's PHP to a file and execute it with a new instance of PHP.
Seems to fix the pro... Anonymous
02:34 PM Bootstrap Bug #5288: After Execute PHP Commands with bad code, menus do not work
My testing has not uncovered an answer to this yet. Basically fatal PHP errors (as opposed to syntax errors) cause th... Anonymous
11:15 PM Bootstrap Bug #5347: firewall_nat_out_edit.php issues
Part (1) should be fixed by https://github.com/pfsense/pfsense/pull/1989
I will leave parts (2) and (3) for Mr Bea... Phillip Davis
10:14 PM Bootstrap Bug #5347 (Resolved): firewall_nat_out_edit.php issues
1) The source field loses its value upon editing an existing rule.
2) the static port checkbox has gone missing
3... Chris Buechler
10:56 PM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic
I just wanted to re-add to what zuber ahmed, and that NAT reflection gets broken while having limiters on the LAN
... Albert Yang
09:59 PM Bug #5346 (Duplicate): 2.2.4 WLAN on WAN causes Kernel Crash
duplicate of #4740. The sleep there might work around the issue, if you could try that and report back on #4740 it'd ... Chris Buechler
07:52 PM Bug #5346 (Duplicate): 2.2.4 WLAN on WAN causes Kernel Crash
Setup:
- 4G WiFi modem / 802.11g/n Channel 2 / WPA2 Personal / AES Encryption
pfsense: 2.2.4

Dell Lattitu... Ramon Buckland
08:39 PM Bug #5149 (Feedback): memory leak(s) in strongswan
the next snapshot build run should have strongswan compiled with --with-printf-hooks=vstr, which is the best option w... Chris Buechler
02:58 PM Bug #5149: memory leak(s) in strongswan
If this seems to be working i can test on my box, Just need to know how i can edit the strongswan.conf without it bei... Adam Piasecki
05:39 PM Bug #5340 (Feedback): IPsec logging - silent can't be configured, issues with defaults
Thanks Matt, got both those too.
This seems to be ok now. Chris Buechler
03:32 PM Bug #5340: IPsec logging - silent can't be configured, issues with defaults
If you are shifting the scale to the range 1..6, the statement where you set the default value to 2 is incorrect. Whe... Matthew Smith
02:55 PM Bug #5340 (Confirmed): IPsec logging - silent can't be configured, issues with defaults
better, couple remaining things I'm fixing now Chris Buechler
12:19 AM Bug #5340 (Feedback): IPsec logging - silent can't be configured, issues with defaults
should work in 2.2.5 now. Needs review, and merging to 2.3. Chris Buechler
05:23 PM Bug #4746 (Resolved): captive portal allowed hostnames not loaded into table at boot time
Kill Bill: be nice, please.
Jonatan: use the newest available 2.2.5 snapshot and this will work.
Confirmed fi... Chris Buechler
07:25 AM Bug #4746: captive portal allowed hostnames not loaded into table at boot time
You need a snapshot that had a chance of including the patch; i.e., the one built AFTER the patch was committed. I th... Kill Bill
05:05 AM Bug #4746: captive portal allowed hostnames not loaded into table at boot time
Updated to 2.2.2-DEVELOPMENT (20151019-1916), it is still not working. Only a few of the Allowed Hostnames are workin... Jonatan Hazell
05:22 PM Bug #5345 (Resolved): IPv6 captive portal allowed hostnames added as /32s
Now that adding of table entries in ipfw works (#4746), this problem is apparent. Add a hostname with an AAAA (like p... Chris Buechler
04:07 PM Bug #4825 (Resolved): Mobile client IPsec config omits peer identifier
this is fine as is in 2.2.4 and newer. Chris Buechler
02:06 PM Bug #4825 (Feedback): Mobile client IPsec config omits peer identifier
This works in 2.2.4 and 2.2.5 for non-PSK authentication types.
 Matthew Smith
02:44 PM Bug #5245 (Resolved): iOS IPsec PSK mismatches
That's true of main mode only, as aggressive sends the ID in the clear, but agree that this is fine now. The group do... Chris Buechler
02:17 PM Bug #5245 (Feedback): iOS IPsec PSK mismatches

This is fine. According to this document https://wiki.strongswan.org/projects/strongswan/wiki/IpsecSecrets you cann... Matthew Smith
12:21 AM Bug #5245: iOS IPsec PSK mismatches
Thread where issue is discussed for reference:
https://forum.pfsense.org/index.php?topic=97530.0
Matthew Smith w... Chris Buechler
01:41 PM Bug #5241 (Resolved): rightca should be specified in ipsec.conf
it's set correctly now, and things still work Chris Buechler
07:29 AM Bug #5241: rightca should be specified in ipsec.conf
rightca is set correctly on an EAP-TLS connection using pfSense-Full-Update-2.2.5-DEVELOPMENT-amd64-20151025-1504.tgz... David Wood
01:37 PM Bug #5344 (Duplicate): OpenVPN Peer to Peer - wrong status after reconnection
duplicate of #4642 Chris Buechler
03:32 AM Bug #5344: OpenVPN Peer to Peer - wrong status after reconnection
This sounds a lot like https://redmine.pfsense.org/issues/4642
The OpenVPN tunnel is actually running fine, passing ... Phillip Davis
02:18 AM Bug #5344 (Duplicate): OpenVPN Peer to Peer - wrong status after reconnection
I have created VPN tunnel. It is SiteToSite OpenVPN.
Both side have CARP Cluster with 2 ISP each.
ServerA1 (FW-A... Grzegorz Sliwa
01:14 PM Bug #5297 (Resolved): ppp-linkdown and ppp-linkup do not handle SLAAC, DHCP6 and DHCP-PD correctly
Thanks David. Works fine in all my tests too. Chris Buechler
07:19 AM Bug #5297: ppp-linkdown and ppp-linkup do not handle SLAAC, DHCP6 and DHCP-PD correctly
Tested and confirmed working correctly in pfSense-Full-Update-2.2.5-DEVELOPMENT-amd64-20151025-1504.tgz David Wood
12:56 PM Bug #5341: dnsmasq 2.75 exits with signal 11
There was nothing remarkable in the resolver log. The line
kernel: pid 28880 (dnsmasq), uid 65534: exited on signa... Nei Ka
12:47 PM pfSense Packages Bug #5250: ACB backup time should display local time
So the missing information here is that you are talking about a package. I didn't realize that until I asked another ... Anonymous
12:17 PM pfSense Packages Bug #5250: ACB backup time should display local time
These are the exact same backup; the Backup History shows correct local time, the ACB list shows unknown TZ junk. (Ev... Kill Bill
12:05 PM pfSense Packages Bug #5250: ACB backup time should display local time
Just to avoid more confusion: CET=GMT+1. (And CEST=GMT+2 -- that's the daylight saving TZ which was used until last S... Kill Bill
11:58 AM pfSense Packages Bug #5250: ACB backup time should display local time
It really is easy. If you find yourself outside of the unknown backup server timezone, the diplayed backup times are ... Kill Bill
11:32 AM pfSense Packages Bug #5250 (Feedback): ACB backup time should display local time
I must be misunderstanding the issue.
Would you clarify with step by step instructions to reproduce please? Anonymous
11:29 AM pfSense Packages Bug #5250 (Assigned): ACB backup time should display local time
Anonymous
10:59 AM pfSense Packages Bug #5250: ACB backup time should display local time
Not sure where's this fixed? Cannot see any update to the package, and just to be sure I made a backup and the time d... Kill Bill
09:08 AM pfSense Packages Bug #5250 (Feedback): ACB backup time should display local time
Fixed Anonymous
09:10 AM pfSense Packages Bug #5239 (Closed): Quagga webgui on 2.3-alpha errors on addInput()
Anonymous
06:10 AM Bug #4642: OpenVPN process status stopped... but its running
hi. I report bug as https://redmine.pfsense.org/issues/5344#change-21849 ,but it looks like this same.
Today i in... Grzegorz Sliwa
03:50 AM Feature #4320 (Feedback): Enable port-in-use checking in miniupnpd
Applied in changeset commit:7d790fc310e3273122659b3d96186f16ac300972. Renato Botelho
03:50 AM Feature #4321 (Feedback): Enable IPv6 for miniupnpd
Applied in changeset commit:679c4ac73f8d5c5fe71a9edb3ccdb1f955d616cd. Renato Botelho

10/25/2015

11:21 PM Bug #5341 (Feedback): dnsmasq 2.75 exits with signal 11
What does it log in the resolver log?
Anything relevant in the system log?
Did it just happen once, or is recurri... Chris Buechler
07:41 PM Bug #5340: IPsec logging - silent can't be configured, issues with defaults
let's see if we can't find a work-around, or just push this to 2.3.
PHP is fucking stupid. Jim Thompson
10:02 AM Bug #5343: Cannot upload or download from exec.php when in non-English language
Thanks Phil. I will address this later today. I agree that passing language dependent terms in a POST request is bad.... Anonymous
12:34 AM Bug #5343: Cannot upload or download from exec.php when in non-English language
Pull request for master: https://github.com/pfsense/pfsense/pull/1987
The fix is actually needed in master as well... Phillip Davis
12:21 AM Bug #5343: Cannot upload or download from exec.php when in non-English language
Pull request for RELENG_2_2: https://github.com/pfsense/pfsense/pull/1986 Phillip Davis
12:18 AM Bug #5343 (Resolved): Cannot upload or download from exec.php when in non-English language
e.g. set language to Turkish (which has "Download" and "Upload" translations).
Diagnostics->Command Prompt
Try to d... Phillip Davis
08:29 AM Bug #5328: Unable to Edit Interface due to DHCPV6 Bug
Chris,
That fixed it after I got my dhcp v6 scopes working again.
Thanks Wesley Kirkland

10/24/2015

11:05 PM Bug #5342: Cannot change outbound NAT modes when using non-English translation
Note: PR for master currently breaks the behavior in master, because there are other issues with the (non) translatio... Phillip Davis
09:27 PM Bug #5342: Cannot change outbound NAT modes when using non-English translation
Pull request for RELENG_2_2: https://github.com/pfsense/pfsense/pull/1984
Pull request for master: https://github.co... Phillip Davis
09:05 PM Bug #5342 (Resolved): Cannot change outbound NAT modes when using non-English translation
Forum: https://forum.pfsense.org/index.php?topic=101276.0
"Save" is not being translated when checking the $_POST ... Phillip Davis
07:24 AM Todo #5333 (Feedback): Remove/replace all references to "theme"
Removed.
Thanks Anonymous
03:52 AM Todo #5333 (Assigned): Remove/replace all references to "theme"
Almost there, still missing src/usr/local/www/widgets/widgets/carp_status.widget.php Renato Botelho
06:48 AM Bug #5341 (Resolved): dnsmasq 2.75 exits with signal 11
Several users have seen frequent dnsmasq crashes since upgrading to versions with dnsmasq 2.75. dnsmasq 2.76test bina... Nei Ka
04:24 AM pfSense Packages Bug #3779 (Resolved): Zabbix Agent 1.x - ZABBIX_AGENT_BASE not defined
thanks Chris Buechler
04:23 AM pfSense Packages Bug #3779: Zabbix Agent 1.x - ZABBIX_AGENT_BASE not defined
No such issue with current packages. Kill Bill
04:17 AM Bug #5328: Unable to Edit Interface due to DHCPV6 Bug
need to remove the config. Disable it as I described earlier after temporarily setting a static v6 IP, manually edit ... Chris Buechler
04:04 AM Bug #5340 (Resolved): IPsec logging - silent can't be configured, issues with defaults
Silent logging can't actually be configured on vpn_ipsec_settings.php, because 0 isn't stored in the config (PHP cons... Chris Buechler
03:56 AM Bug #4874 (Resolved): pf crash related to source tracking: pf_hashsrc: unknown address family 0
fix from FreeBSD applied Chris Buechler

10/23/2015

09:43 PM Bug #5149: memory leak(s) in strongswan
disabling all logging, with the following in strongswan.conf: ... Chris Buechler
06:36 PM Todo #5333 (Resolved): Remove/replace all references to "theme"
Thanks Renato. Don't know how I missed those. Now fixed. Anonymous
04:48 PM Bug #5039 (Not a Bug): Multiple PPPoE WANs no longer connect simultaneously after upgrade to 2.2.4
thanks for the feedback Michael, glad it's resolved Chris Buechler
04:32 PM pfSense Packages Bug #3936 (Resolved): Proxy state tab of lightsquid
thanks Chris Buechler
04:32 PM pfSense Packages Bug #2903 (Not a Bug): Lightsquid realtime stat 403 error
Chris Buechler
04:31 PM Feature #5244 (Closed): Allow configuring both leftca and rightca
Agree, this is unnecessary since it's implied. Chris Buechler
02:36 PM Todo #5219 (New): EAP-RADIUS selection for IKEv2 Mobile IPsec should warn if the selected authentication backend is not a RADIUS server.
The warning is given when the user saves on the Mobile IPsec Phase 1, but it is still possible to break by selecting ... Jim Pingle
12:20 PM Todo #5338 (Feedback): Add -4 and -6 support to pfSense-upgrade script
Applied in changeset commit:54d0cd74ea3690a8e589dfde15602a9a0ce492a9. Renato Botelho
08:43 AM Todo #5338 (Resolved): Add -4 and -6 support to pfSense-upgrade script
It's useful to be able to nudge things over IPv4 or IPv6 if connectivity of one type or the other is having trouble. ... Jim Pingle
11:20 AM Bug #5339: IPSec with 2 phases 2
some sort of mismatch with the other end. Can't help with that here, please use the forum or other support resources. Chris Buechler
11:17 AM Bug #5339: IPSec with 2 phases 2
This is the correct configuration on my pfsense.
Please, could you provide me where is the configuration error.
<... Marco Messina
11:12 AM Bug #5339 (Not a Bug): IPSec with 2 phases 2
That's a config problem, please use one of our available support resources for assistance. https://pfsense.org/suppor... Chris Buechler
11:08 AM Bug #5339 (Not a Bug): IPSec with 2 phases 2
Good morning,
I tried to create an IPSec tunnel with 2 Phase 2, but I received the following error: ... Marco Messina
09:16 AM Bootstrap Bug #5336 (Resolved): Page must be refreshed after pkg install to show new menu items
Works Jim Pingle
09:14 AM Feature #5324 (Resolved): Add search capability to Available Packages list to filter packages by keywords
Works great as far as I can tell. I tried various combinations of keywords and regex for the name, description, and b... Jim Pingle
04:21 AM Feature #5324 (Feedback): Add search capability to Available Packages list to filter packages by keywords
Done Renato Botelho
07:15 AM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic
Hi
Traffic limiter still not working with squid3 (transparent mode) + squidgaurd on version 2.2.4.
Is there any t... zuber ahmed
07:02 AM Bug #5337 (Duplicate): Traffic limiter not working with squid3 (transparent mode) + squidgaurd.
Duplicate of #4326 Jim Pingle
06:16 AM Bug #5337 (Duplicate): Traffic limiter not working with squid3 (transparent mode) + squidgaurd.
Hi
Traffic limiter not working with squid3 (transparent mode) + squidgaurd. It blocks all traffic on http.
this... zuber ahmed

10/22/2015

10:15 PM Bug #5334 (Resolved): unbound root.key file corruption can prevent unbound from starting
fixed
Unbound fixed the missing fsync for a future release Chris Buechler
09:51 PM Bug #4931 (Resolved): dhcpleases misses some DHCP lease changes
works now, across many changes of the leases file and subsequent updates. Chris Buechler
09:49 PM Bug #5242 (Resolved): IPsec debug log settings not applied after stop/start or restart
fixed Chris Buechler
03:50 PM Bootstrap Bug #5311 (Feedback): vpn_openvpn_*.php: export tabs not installed after installing openvpn client export package
Applied in changeset pfsense:commit:a2b0d90982e6d0e2b6e36cf3cf2b258628244ca3. Renato Botelho
03:26 PM Todo #5333 (Assigned): Remove/replace all references to "theme"
It's not complete yet, following files still references to theme:
src/usr/local/www/guiconfig.inc
src/usr/local/w... Renato Botelho
07:52 AM Todo #5333 (Resolved): Remove/replace all references to "theme"
The "themes" system is dead and gone for ever. May it rest in peace. Anonymous
02:20 PM pfSense Packages Bug #4634 (Feedback): Still broken openbgpd config generation logic in 2.2
Applied in changeset commit:901d4b81be5f518f4481e487f5568901ef60ac51. Matthew Smith
01:45 PM pfSense Packages Bug #4634: Still broken openbgpd config generation logic in 2.2
I tested this on 2.2.4 and confirmed that it it's broken for neighbors that aren't part of a group.
I will apply t... Matthew Smith
01:26 PM pfSense Packages Bug #4634: Still broken openbgpd config generation logic in 2.2
Adam Thompson wrote:
> See #3227. Still broken when neighbours aren't part of a group.
That should be #3772. Matthew Smith
01:20 PM Todo #5123 (Feedback): Remove WEP
Applied in changeset commit:b061a3c61ced43cf746a4439b2370a03efccab0d. Matthew Smith
11:30 AM Bootstrap Bug #5336: Page must be refreshed after pkg install to show new menu items
Applied in changeset pfsense:commit:db1cc32f5ad36be20896e5688a810065efd7e6bc. Anonymous
11:21 AM Bootstrap Bug #5336 (Feedback): Page must be refreshed after pkg install to show new menu items
Page performs a sneaky refresh after a successful install/remove. Menu changes now take effect immediately. Anonymous
11:18 AM Bootstrap Bug #5336 (Resolved): Page must be refreshed after pkg install to show new menu items
After a new package is installed new menu items may be installed. You can't see them, however, until you refresh the ... Anonymous
10:20 AM Feature #5330 (Feedback): Kernel debug symbols
Applied in changeset commit:a9ae8dac693b33f166530276638df1501c5ab4cd. Renato Botelho

10/21/2015

10:17 PM Bootstrap Bug #5315 (Resolved): System->advanced->Settings cannot save alternate URL
this is fine now. The functionality in general needs work as the alternate URL is no longer applicable, but that's se... Chris Buechler
10:17 PM Todo #5335 (Resolved): system_firmware_settings.php needs updates for pkg
The update URL on system_firmware_settings.php is no longer applicable with pkg. Need to adapt that accordingly, prob... Chris Buechler
08:45 PM Bug #5334: unbound root.key file corruption can prevent unbound from starting
reported upstream here:
https://www.nlnetlabs.nl/bugs-script/show_bug.cgi?id=712 Chris Buechler
07:52 PM Bug #5334 (Feedback): unbound root.key file corruption can prevent unbound from starting
should be fixed by the fsync alone, and the sanity check will fix any other occurrence of invalid file contents that ... Chris Buechler
07:21 PM Bug #5334 (Resolved): unbound root.key file corruption can prevent unbound from starting
Unbound's root.key can end up containing parts of another file in /var/ such as the circumstances in this thread:
h... Chris Buechler
03:45 PM Todo #5333 (Resolved): Remove/replace all references to "theme"
These files still refer to "theme" in some way. Might just be comments though.
src/etc/inc/authgui.inc
src/etc/in... Anonymous
12:07 PM Todo #4841 (Feedback): update AES-GCM/AES-NI bits from FreeBSD -HEAD
The -head IPSEC code was merged into 2.3 repo. Please let me know of any regressions. Luiz Souza
11:32 AM Bug #3614: dhcpd: send_packet: No buffer space available
Same happens on my Soekris net6501-70:
* Release "2.2.5-DEVELOPMENT (i386) built on Tue Oct 20 09:14:46 CDT 2015".
... Anonymous
10:53 AM Bootstrap Bug #5332 (Resolved): Firewall Log Widget - IPv6 log entries spill out and break formatting
Very nice! Jim Pingle
10:51 AM Bootstrap Bug #5332: Firewall Log Widget - IPv6 log entries spill out and break formatting
!pfSense_localdomain_-_Status__Dashboard.jpg! Anonymous
10:48 AM Bootstrap Bug #5332 (Feedback): Firewall Log Widget - IPv6 log entries spill out and break formatting
<wbr> (word break opportunity) tags have been inserted into the displayed address string at every ':' to allow the wo... Anonymous
09:44 AM Bootstrap Bug #5332 (Resolved): Firewall Log Widget - IPv6 log entries spill out and break formatting
When firewall log entries are present with IPv6 addresses, the log entries spill out and break formatting.
Example... Jim Pingle
09:07 AM Bug #5328: Unable to Edit Interface due to DHCPV6 Bug
Chris,
I am just trying to enable the interface and it will not let me enable it due to the error above. I tried m... Wesley Kirkland
09:06 AM Feature #5331 (New): IPSec table for tuning strongswan.conf
Tried to add retransmission strategy in a pull request https://github.com/pfsense/pfsense/pull/1860 and is now consid... Lars Pedersen
09:04 AM Feature #5330 (Resolved): Kernel debug symbols
Please add the kernel debug symbols to all builds (except the nano builds).
This makes easier for us to debug kern... Luiz Souza
09:02 AM Bug #5329 (Resolved): XMLRPC HA sync is not working with https
To reproduce setup 2 pfSense boxes using https and then set HA XMLRPC sync and Notices like this will popup:
A com... Renato Botelho
08:30 AM Bug #5327: generation of split tunnel attribute in strongswan charon.plugins.attr breaks iOS IKEv2 clients
Applied in changeset commit:f3ee8205e6332d4895e93f4f2831cc65ab98d0c0. Matthew Smith
08:30 AM Bug #5327 (Feedback): generation of split tunnel attribute in strongswan charon.plugins.attr breaks iOS IKEv2 clients
Applied in changeset commit:41f7b662932422f176151532a97858e683f50abd. Matthew Smith

10/20/2015

11:52 PM Bug #5129 (Resolved): OpenVPN - incorrect netmask sent to client with static IP set in RADIUS
fixed Chris Buechler
10:27 PM Bug #5243 (Resolved): only CAs specified in a P1 should be written out to cacerts
fixed Chris Buechler
09:58 PM Bug #5328 (Not a Bug): Unable to Edit Interface due to DHCPV6 Bug
you had that interface assigned at some point and enabled DHCPv6 server on it. It's not relevant to #2065. You can pu... Chris Buechler
09:26 PM Bug #5328 (Not a Bug): Unable to Edit Interface due to DHCPV6 Bug
I am trying to build a openvpn tunnel and I keep getting the following error when enabling the interface
"The follow... Wesley Kirkland
07:54 PM Bug #5294 (Resolved): System users and groups not fully protected from deletion
fixed Chris Buechler
07:44 PM Bug #5242 (Feedback): IPsec debug log settings not applied after stop/start or restart
log duplication fixed Chris Buechler
03:28 PM Bug #5320 (Resolved): IPSec NAT rules are not removed when a tunnel is disabled
fixed Chris Buechler
12:54 PM Bug #5320 (Feedback): IPSec NAT rules are not removed when a tunnel is disabled
should be good Chris Buechler
03:24 PM Bug #4558 (Resolved): DHCP traffic getting blocked with DHCP Relay enabled
fixed Chris Buechler
03:15 PM Bug #5327 (Resolved): generation of split tunnel attribute in strongswan charon.plugins.attr breaks iOS IKEv2 clients
When there is an IPv4 address pool configured for mobile IPSec clients, strongswan.conf is generated with the setting... Matthew Smith
01:20 PM Bug #4924 (Feedback): Package manager - the version comparison code not comparing versions properly
Applied in changeset commit:effd9be7626f1b23debb9282d97cdb71eaaa902e. Renato Botelho
12:34 PM Bootstrap Feature #5326 (Resolved): Add "Top of page" links at bottom of every page
Anonymous
12:34 PM Bootstrap Feature #5326 (Resolved): Add "Top of page" links at bottom of every page
Anonymous
12:23 PM Bug #5323: My Certificate Authority is displayed/saved for authentication methods where it is not needed
To paraphrase an offline discussion between JimP and me about this ticket...
In 2.2.4, the caref attribute that wa... Matthew Smith
12:10 PM Bug #5323: My Certificate Authority is displayed/saved for authentication methods where it is not needed
Applied in changeset commit:ca35be37bf73efc5fd98a473bdc3a8b4fc6b90ca. Matthew Smith
12:10 PM Bug #5323 (Feedback): My Certificate Authority is displayed/saved for authentication methods where it is not needed
Applied in changeset commit:3f0b8a959dd6109b29379f9fb93d392bcd57e15b. Matthew Smith
10:09 AM Bug #5323: My Certificate Authority is displayed/saved for authentication methods where it is not needed
EAP-MSCHAPv2 and EAP-RADIUS do still use the Certificate Authority/Server Certificate, it fails if the CA is not pres... Jim Pingle
09:59 AM Bug #5323 (Resolved): My Certificate Authority is displayed/saved for authentication methods where it is not needed
On the IPSec phase 1 settings page (vpn_ipsec_phase1.php), the field "My Certificate Authority" is displayed for all... Matthew Smith
12:05 PM Bug #5322 (Not a Bug): ARP problem detected
you have an IP conflict. Chris Buechler
09:20 AM Bug #5322 (Not a Bug): ARP problem detected
Hi Team,
Since this morining, I don't know if it is a real conflict address but I see this log in my pfSense:
-02... Jean Yves RANDRIANIAINA
12:03 PM Bug #5321 (Confirmed): rxcsum6, txcsum6 not considered by "Disable hardware checksum offload"
Chris Buechler
05:30 AM Bug #5321 (Resolved): rxcsum6, txcsum6 not considered by "Disable hardware checksum offload"
On pfsense 2.2.4 installed on ESXi 6.0 with vmxnet NICs, I noticed that disabling hardware checksum offloading via We... tok red
12:01 PM pfSense Packages Bug #5318 (Confirmed): Upgrade FreeRadius to 2.2.9
Chris Buechler
11:59 AM pfSense Packages Bug #5318: Upgrade FreeRadius to 2.2.9
Renato said it had a problem building due to OpenSSL errors. He wanted it assigned to him since it'll take some resea... Jim Pingle
11:50 AM Bug #5045: advanced fields not expanded automatically where such options are configured
Applied in changeset pfsense:commit:df6cb8fe852baa5788f68918b0b742a40b6cf874. Anonymous
11:45 AM Bug #5045 (Feedback): advanced fields not expanded automatically where such options are configured
Anonymous
09:04 AM Bug #5045: advanced fields not expanded automatically where such options are configured
Not all of the pages that sport "Advanced" buttons require this behavior. Looking through the 2.2.x codebase it looks... Anonymous
11:39 AM Bug #5325 (Closed): Traffic shaping wizard creates an unloadable rule-set if using HFSC on a LAN interface that is not up when the rules are loaded.
If you choose HFSC in the wizard (multiwan/multilan) on a LAN interface that is not connected when the wizard complet... Steve Wheeler
10:00 AM Feature #5324 (Resolved): Add search capability to Available Packages list to filter packages by keywords
It would be a great help to have a search box on the Available Packages tab to filter the packages as you type. The p... Jim Pingle
05:30 AM Todo #5221 (Feedback): Cleanup PBI before upgrade
Applied in changeset commit:9ace8a736a7bcb833ae829c6748d5a3c47d1de01. Renato Botelho

10/19/2015

04:30 PM Bug #5257: tcpdump is not working with zerocopy enabled (net.bpf.zerocopy_enable=1)
I am disabling the zero copy buffers in pfSense until all the raised issues are fixed in FreeBSD. Luiz Souza
02:07 PM Bug #4856: Traffic Shaper blocks traffic when the config is otherwise changed
@wayne - will certainly do that when I come up against the issue again, but like I said it's not that often it occurs... Michael Knowles
02:02 PM Bug #4856: Traffic Shaper blocks traffic when the config is otherwise changed
Additionally, it seems your web UI does not properly surface these errors, assuming "Reload Filters" is doing somethi... Wayne Huang
02:00 PM Bug #4856: Traffic Shaper blocks traffic when the config is otherwise changed
@Michael, I'd be curious to see the output of running "pfctl -f /tmp/rules.debug" when you experience the problem to ... Wayne Huang
01:59 PM Bug #4856: Traffic Shaper blocks traffic when the config is otherwise changed
In my case, it is exactly due to some interfaces being down. It must receive an interface bandwidth of 0 when the int... Wayne Huang
12:50 PM Bug #4856: Traffic Shaper blocks traffic when the config is otherwise changed
Just to add, as I've been watching this conversation go on today, I've never seen an interface speed change be relate... Michael Knowles
11:54 AM Bug #4856: Traffic Shaper blocks traffic when the config is otherwise changed
Is it because some of the configured interfaces do not have a link at the time of bootup? Wayne Huang
11:07 AM Bug #4856: Traffic Shaper blocks traffic when the config is otherwise changed
Does it make sense that 100 Mb becomes 104857.6 Kb? That calculation seems incorrect - if I take the latter value and... Wayne Huang
11:01 AM Bug #4856: Traffic Shaper blocks traffic when the config is otherwise changed
shaper and ezshaper sections of config.xml: https://gist.github.com/wayne530/beb4da84ecaa3b19bf2d Wayne Huang
10:51 AM Bug #4856: Traffic Shaper blocks traffic when the config is otherwise changed
I'll need to extract out the Traffic Shaper sections for config.xml, but here's the rest.
igb0: flags=8843<UP,BROA... Wayne Huang
10:48 AM Bug #4856: Traffic Shaper blocks traffic when the config is otherwise changed
Then you'll need to attach a copy of config.xml (or at least the shaper section and shaper wizard section) along with... Jim Pingle
10:29 AM Bug #4856: Traffic Shaper blocks traffic when the config is otherwise changed
Yes, I know - the issue is that the link speed has not dropped. The interface is 1Gbps and has not changed.
igb1: ... Wayne Huang
10:25 AM Bug #4856: Traffic Shaper blocks traffic when the config is otherwise changed
Wayne Huang wrote:
> In my case, it appears the traffic shaper config as written by pfSense wizard has a problem:
>... Jim Pingle
10:17 AM Bug #4856: Traffic Shaper blocks traffic when the config is otherwise changed
In my case, it appears the traffic shaper config as written by pfSense wizard has a problem:
Diagnostics > Command... Wayne Huang
12:38 PM Bootstrap Bug #5316 (Resolved): OpenVPN wizard fails on manually created CA
A line of HTML from the old version was accidentally left in place. Now removed. Anonymous
11:21 AM Bug #4746: captive portal allowed hostnames not loaded into table at boot time
Obviously it will NOT be working in a version released *months* before the fix?! Use the latest 2.2.5 snapshot. Kill Bill
11:07 AM Bug #4746: captive portal allowed hostnames not loaded into table at boot time
Actually, pfSense has loaded ONE of hostnames, but no more (we got about 10 hostnames listed).
 Jonatan Hazell
11:02 AM Bug #4746: captive portal allowed hostnames not loaded into table at boot time
Thanks.
We're running 2.2.4 and it is still not working, can't add Allowed Hostnames: they are listed in GUI but no... Jonatan Hazell
10:46 AM Bug #4746 (Feedback): captive portal allowed hostnames not loaded into table at boot time
Fixed in 2.3 and 2.2.x.
There were two bugs here:
- A few malformed rules in the initialisation rules (at syste... Luiz Souza
10:32 AM Bug #4746: captive portal allowed hostnames not loaded into table at boot time
Jonatan Hazell wrote:
> Sorry for spamming. I have not added any IPv6 addresses so it's very strange that they are a... Luiz Souza
08:17 AM Bug #4746: captive portal allowed hostnames not loaded into table at boot time
Sorry for spamming. I have not added any IPv6 addresses so it's very strange that they are added at all?
This might ... Jonatan Hazell
07:16 AM Bug #4746: captive portal allowed hostnames not loaded into table at boot time
If we try to delete Allowed hostnames, this is the result I get in the logs: (the list is empty in GUI though...)
... Jonatan Hazell
07:04 AM Bug #4746: captive portal allowed hostnames not loaded into table at boot time
We got the same issue. I can add/delete allowed hostnames but they are not loaded, not even by reloading the service.... Jonatan Hazell
11:20 AM Todo #5219: EAP-RADIUS selection for IKEv2 Mobile IPsec should warn if the selected authentication backend is not a RADIUS server.
Applied in changeset commit:fce93905bf73265546803ca961fc60135a8b95a9. Matthew Smith
11:20 AM Todo #5219 (Feedback): EAP-RADIUS selection for IKEv2 Mobile IPsec should warn if the selected authentication backend is not a RADIUS server.
Applied in changeset commit:0e8674d0db51dd7f7ae8a5e5640b7cea7ccd2c64. Matthew Smith
10:30 AM Bug #4150: Captive Portal doesn't work with > 120 VLAN interfaces
Applied in changeset commit:28c54319caab5374fd87973e304ef083aa46653e. Luiz Souza
09:57 AM Feature #5244 (Feedback): Allow configuring both leftca and rightca
I don't think that this needs to be done. There is an existing field to select a server certificate which dictates wh... Matthew Smith
09:45 AM Bug #5245: iOS IPsec PSK mismatches
Chris Buechler wrote:
> iOS PSK mismatches are happening in some cases. Going back to pre-2.2.4 behavior works, done... Matthew Smith
09:01 AM Bug #5320 (Confirmed): IPSec NAT rules are not removed when a tunnel is disabled
Jim Pingle
09:01 AM Bug #5320: IPSec NAT rules are not removed when a tunnel is disabled
It appears the code in filter.inc is not checking for a disabled P1 or P2 when creating the NAT rules:
https://red... Jim Pingle
08:13 AM Bug #5320 (Resolved): IPSec NAT rules are not removed when a tunnel is disabled
After disabling an IPSec tunnel in the GUI the NAT rules in the phase2 entries are not removed and are still applied ... Steve Wheeler
03:07 AM Bug #5319 (Closed): Error message "No config named" in charon daemon
Hello,
I migrated my pfsense last week from 2.1.5 to 2.2.4.
After the migtration all tunnels was up.
But after f... Frédéric Pougnault

10/18/2015

06:12 PM pfSense Packages Bug #4376: Squid3 Squidguard3 Stability Problems
There's no info here to debug anything here. Please, use https://forum.pfsense.org/. Kill Bill
06:09 PM pfSense Packages Bug #4331: Issue with VPN interface within Squid 3.4 for Transparent Proxy
Patches welcome. When there's no IP, there's no IP. Relevant code here:
https://github.com/pfsense/pfsense-package... Kill Bill
06:03 PM pfSense Packages Bug #4885: squid3 chmod error at boot after reinstall post-upgrade
Fixed. Kill Bill
06:02 PM pfSense Packages Bug #5154: squid3 - min/max_object_size directives out of order in config and not applied to cache_dir
Fixed. Kill Bill
04:40 PM pfSense Packages Bug #4167: Lightsquid package does not remove crontab entries
This will be fixed in 2.42 - https://github.com/pfsense/pfsense-packages/pull/1104
 Kill Bill
04:39 PM pfSense Packages Bug #2903: Lightsquid realtime stat 403 error
The only "problem" here is that you do not have Squid listening on loopback. That's required for the feature to work. Kill Bill
04:38 PM pfSense Packages Bug #3936: Proxy state tab of lightsquid
This has been fixed in https://github.com/pfsense/pfsense-packages/commit/ad48eb49d6d6506cc40c6b7edae23a3f73ced615 - ... Kill Bill
04:29 PM Bug #4345: Traffic Shaping doesn't work with Xen netfront driver
It's time for changes after 8 month:
https://redmine.pfsense.org/issues/4401#note-10
 Grischa Zengel
09:29 AM pfSense Packages Bug #5318 (Resolved): Upgrade FreeRadius to 2.2.9
Hi, This upgrade is required for the bugs with TLS 1.2, this affect the use of Android 6 and iOS 9 devices, the expla... Cristian Menghi
03:21 AM Bug #5317 (Not a Bug): CSR signed certificates shows issuer as external
Doing the following steps
# Creating an external CA.
# Adding that CAs cert to Pfsense.
# Creating a certificate... Mathias Andersson

10/17/2015

07:35 PM Bootstrap Bug #5316 (Resolved): OpenVPN wizard fails on manually created CA
*OpenVPN Wizard: Authentication Type Selection
-Select an Authentication Backend Type
Local User Access
Next
*O... Anonymous
07:30 PM Bootstrap Todo #5204 (Resolved): Clean up jquery sections at the bottom of pages
Anonymous
07:21 PM Bootstrap Bug #5302 (Resolved): Traffic shaper wizaerd has minor issues
OP reports the issues have been corrected. Anonymous
03:01 PM Bug #5039: Multiple PPPoE WANs no longer connect simultaneously after upgrade to 2.2.4
Would you believe, about the same time you wrote that the second line suddenly burst into life at about 6am one day. ... Michael Knowles
08:40 AM Bootstrap Bug #5315: System->advanced->Settings cannot save alternate URL
Functionality changed per description.
Chris, would you please verify this functionality is acceptable? Anonymous
08:40 AM Bootstrap Bug #5315 (Feedback): System->advanced->Settings cannot save alternate URL
Applied in changeset pfsense:commit:02570c3f093140e038452c7c58c202913b6b3858. Anonymous
08:35 AM Bootstrap Bug #5315 (Resolved): System->advanced->Settings cannot save alternate URL
The functionality of system->firmware->Updater Settings->Base URL has been changed. It now displays the URL associate... Anonymous
07:55 AM Bootstrap Bug #5310: Wizard error page not correctly formatted
Thanks. The Javascript alert was caused by an error I made in escaping the validation strings. Now corrected. Anonymous
05:18 AM Bootstrap Bug #5310: Wizard error page not correctly formatted
Error page seems now ok, but doing the same (that is entering a dot in the hostname field) results in a nonsense java... Lorenzo Milesi
03:31 AM Bug #5314: /etc/sshd script fails to restart SSH properly
Here's a second part of that log, showing that the bug ultimately results in SSH being killed instead of restarted. :... Kill Bill
03:21 AM Bug #5314 (Closed): /etc/sshd script fails to restart SSH properly
I pretty much only noticed this due to sshdcond package which tries to use the script on package resync. This more of... Kill Bill
01:03 AM Bug #5242 (Confirmed): IPsec debug log settings not applied after stop/start or restart
still has some duplication of logs, looks like auth levels need to be set to silent. Chris Buechler
01:01 AM Todo #4908: binding of destination interface of dhcrelay no longer necessary
this was put back the way it was, as despite reports received to the contrary, and seemingly dhcrelay's documentation... Chris Buechler
12:53 AM Bootstrap Bug #5293 (Resolved): Edit button on block private/bogon rules goes to wrong page
fixed Chris Buechler
12:30 AM Bug #5297: ppp-linkdown and ppp-linkup do not handle SLAAC, DHCP6 and DHCP-PD correctly
this works fine in a test setup. David, could you please confirm on your connection with the latest 2.2.5 snapshot? h... Chris Buechler
12:02 AM pfSense Packages Bug #4412 (Not a Bug): squid reverse proxy
Chris Buechler
12:01 AM pfSense Packages Bug #5231 (Resolved): spamd - insane pflogd logging
thanks Chris Buechler

10/16/2015

11:59 PM pfSense Packages Bug #5309 (Duplicate): Need to Re-Download Blacklist every-time I restart the box
duplicate of #4608 Chris Buechler
12:09 PM pfSense Packages Bug #5309: Need to Re-Download Blacklist every-time I restart the box
If you configured your /var to reside on ramdisk, kindly undo this. If you are on nanobsd, all I can say is that this... Kill Bill
11:27 PM pfSense Packages Bug #2142 (Resolved): Squid Reverse Proxy should have login=PASS on all peers
thanks Chris Buechler
12:23 PM pfSense Packages Bug #2142: Squid Reverse Proxy should have login=PASS on all peers
No such issue exists in any of existing Squid3 package versions; can be closed. Kill Bill
02:56 PM Bootstrap Bug #5310: Wizard error page not correctly formatted
traffic_shaper_wizard_multi_all* updated and tested for correct operation/appearance Anonymous
02:45 PM Bootstrap Bug #5310: Wizard error page not correctly formatted
wizard.php updated to generate correct jquery action handlers
dedicated wizard and include file updated to correct d... Anonymous
09:10 AM Bootstrap Bug #5310: Wizard error page not correctly formatted
Applied in changeset pfsense:commit:0342d2548a0a9cc7c3267b39e20b2c2d49050e5c. Anonymous
09:08 AM Bootstrap Bug #5310 (Feedback): Wizard error page not correctly formatted
Required page header and footer added to the error messages in setup_wizard.xml
"Back" button behavior is under re... Anonymous
06:23 AM Bootstrap Bug #5310 (Assigned): Wizard error page not correctly formatted
Anonymous
01:10 AM Bootstrap Bug #5310 (Resolved): Wizard error page not correctly formatted
I entered a wrong hostname in the configuration wizard and the attached error message appears.
The error is not bo... Lorenzo Milesi
12:24 PM pfSense Packages Bug #4412: squid reverse proxy
Inability to modify sysctls is not a package bug. And the input validation there is intentional and required. Kill Bill
12:16 PM pfSense Packages Bug #5231: spamd - insane pflogd logging
The logging is gone in latest package version, can be closed. Kill Bill
09:11 AM Bootstrap Bug #5312 (Resolved): system_advanced_admin.php - Serial speed drop-down is saving incorrect values
Tested, works fine now, thanks! Jim Pingle
09:06 AM Bootstrap Bug #5312 (Feedback): system_advanced_admin.php - Serial speed drop-down is saving incorrect values
Corrected select array type Anonymous
08:42 AM Bootstrap Bug #5312 (Resolved): system_advanced_admin.php - Serial speed drop-down is saving incorrect values
The serial speed drop down should be using the numerical serial speed for both the value and the label, and it's curr... Jim Pingle
09:10 AM Bug #5313: Intermediate internal CA's are created without a reference to the signing internal CA
Applied in changeset commit:dd76084d44b8bc936ff731350afff2d313a627f5. Matthew Smith
09:10 AM Bug #5313 (Feedback): Intermediate internal CA's are created without a reference to the signing internal CA
Applied in changeset commit:c9c31047004c4ac3e584a434917c4ae1be7cbe40. Matthew Smith
08:47 AM Bug #5313 (Resolved): Intermediate internal CA's are created without a reference to the signing internal CA
When adding a new CA in system_camanager.php with the method selected as "Create an intermediate certificate authorit... Matthew Smith
08:40 AM Bug #5243: only CAs specified in a P1 should be written out to cacerts
Applied in changeset commit:9d8f66b9791a2718fca5e9c4625bdf9474b60d36. Matthew Smith
08:40 AM Bug #5243 (Feedback): only CAs specified in a P1 should be written out to cacerts
Applied in changeset commit:c345288bf1ca821919c2af3b4381602f197cb4fa. Matthew Smith
08:26 AM Bug #5291: Difficult to be sure that a package install has ended
openvpn client export issue moved to a new ticket #5311 Anonymous
08:05 AM Bug #5291: Difficult to be sure that a package install has ended
Never mind the logs.
There were two issues specific to pfSense-pkg-openvpn-client-export:
My "Does the string b... Anonymous
08:00 AM Bug #5291: Difficult to be sure that a package install has ended
Applied in changeset pfsense:commit:1166ee1e443ac91ea827a567ab40975e0ec8213e. Anonymous
06:21 AM Bug #5291: Difficult to be sure that a package install has ended
No. You should see the logs from the uninstall and install processes for each package. I tested with a VM and with re... Anonymous
08:26 AM Bootstrap Bug #5311 (Resolved): vpn_openvpn_*.php: export tabs not installed after installing openvpn client export package
vpn_openvpn_client.php calls add_package_tabs() in guiconfig.php where the call to get_pkg_data() has been commented ... Anonymous
01:12 AM Bug #5273: UMTS / 3G Connection reports wrong Gateway information (10.64.64.0) and no data is going through that connection.
Hello Chris,
thanks for your fast answer. I finally got time to work on this.
Checked the UMTS stick first on a... Thomas Burger

10/15/2015

10:15 PM Bug #5291: Difficult to be sure that a package install has ended
I did reinstall all on a system with Cron and OpenVPN Client Export Utility installed. The reinstall completed very q... Phillip Davis
12:03 PM Bug #5291: Difficult to be sure that a package install has ended
reinstallall functionality restored and tested.
Please note that the progress bar is suppressed during this operat... Anonymous
07:37 AM Bug #5291: Difficult to be sure that a package install has ended
Single package reinstall works.
But Diagnostics->Backup/Restore, "Reinstall Packages" does nothing after pressing "C... Phillip Davis
07:05 AM Bug #5291: Difficult to be sure that a package install has ended
Confirmed that reinstallation works as expected. (tested with sudo, snort and pfBlockerNG)
PR merged and tested.
... Anonymous
06:54 AM Bug #5291: Difficult to be sure that a package install has ended
I believe the reinstallation issue was fixed late yesterday with an update to the pfSense-update script but I will ch... Anonymous
02:38 AM Bug #5291: Difficult to be sure that a package install has ended
See pull request https://github.com/pfsense/pfsense/pull/1965 for a couple of changes to tidy up a few bits of text.
... Phillip Davis
09:03 PM pfSense Packages Bug #5309 (Duplicate): Need to Re-Download Blacklist every-time I restart the box
I have been facing this issue since I don't know when. I am currently on version 2.2.4-RELEASE (amd64), supposedly t... Vinod Adhikary
08:10 PM Bug #4856: Traffic Shaper blocks traffic when the config is otherwise changed
I've seen similar symptoms using 2.2.4 on AMD64 and ADI/Embedded architectures. I can reproduce this by configuring W... Wayne Huang
07:19 PM pfSense Packages Bug #4420: warning: bad command startup -- throttling
This didn't help me - I also had to do a
@pkg install Postfix
@
and everything burst into life. Criggie .
04:03 PM pfSense Packages Bug #4508: Mailscanner does not work on pfSense 2.2.
Neither postfix nor mailscanner even begin running in 2.2. The maintainer has offered a 'sort of' workaround for pos... Harry Coin
02:39 PM pfSense Packages Bug #4453 (Resolved): Squid-in-the-middle SSL Bump downgrades client SSL/TLS connections
thanks Chris Buechler
01:48 PM pfSense Packages Bug #4453: Squid-in-the-middle SSL Bump downgrades client SSL/TLS connections
@OP: This is fixed with 0.4.1.
Note: If you need more strict ciphers without the "high" ones, use System Patches p... Kill Bill
02:19 PM Bug #5308 (Resolved): Failed Namecheap DDNS updates don't cause an error in the GUI.
Hi,
I recently tried to set up Namecheap DDNS and ran into a minor issue. When I added the client it appeared to ... Ryan Jaeb
11:54 AM Bug #5213 (Not a Bug): pkg_edit.php advancedfield - show advanced option does not work in some cases
thanks Chris Buechler
11:49 AM Bug #4558: DHCP traffic getting blocked with DHCP Relay enabled
Yes, thanks, I missed your point there. fixed Chris Buechler
11:42 AM Feature #5284 (Resolved): Add IPv6 to Virtual Address Pool options for Mobile IPsec with IKEv2
works Chris Buechler
11:41 AM pfSense Packages Bug #5255 (Resolved): Clamav not updating
Chris Buechler
10:30 AM Bug #5241: rightca should be specified in ipsec.conf
Applied in changeset commit:cd4aa77ca3f6099c533800934efbb1496b9ff7e6. Matthew Smith
10:30 AM Bug #5241 (Feedback): rightca should be specified in ipsec.conf
Applied in changeset commit:7a7e1ba909e37d237e36c43a847faecfdf9559b5. Matthew Smith
10:08 AM Bug #4401: remove xen netfront driver until it can handle altq
I've been told that there has been posted a patch that will give us the switch we need:
https://svnweb.freebsd.org... Andreas Pflug
01:53 AM Bug #4401: remove xen netfront driver until it can handle altq
2.2.4 running, still no ALTQ...
I don't see any traffic on freebsd-xen@freebsd.org about xn, so it appears that we c... Andreas Pflug
01:43 AM Bug #4345: Traffic Shaping doesn't work with Xen netfront driver
Just to step in, until VLAN and ALTQ is supported there really needs to be a way to disable xn. Andreas Pflug
01:41 AM Bootstrap Bug #5248: OpenVPN dashboard widget layout
That looks good now - thanks.
2.3-ALPHA (amd64)
built on Wed Oct 14 16:15:05 CDT 2015 Phillip Davis

10/14/2015

08:39 PM pfSense Packages Bug #4453: Squid-in-the-middle SSL Bump downgrades client SSL/TLS connections
This nonsense is "fixed" here: https://github.com/doktornotor/pfsense-packages/commit/509120a29dba7761c6fcd0b63eb34ab... Kill Bill
05:19 PM pfSense Packages Bug #5255: Clamav not updating
This works just fine in 0.4.0; the broken code has been completely rewritten. Kill Bill
12:10 PM Bug #5259: firewall_aliases_edit.php: Switch to a URL Table type when you already have multiple rows
Applied in changeset pfsense:commit:a955944077507b434f1870ae6002b714c78b7648. Anonymous
12:08 PM Bug #5259 (Feedback): firewall_aliases_edit.php: Switch to a URL Table type when you already have multiple rows
Added Javascript to hide and disable rows > 0 on selecting table types. Disabling them is required to ensure they are... Anonymous
10:57 AM Feature #4732 (Feedback): Add MS-CHAPv2 option to L2TP Configuration
Matthew Smith
10:44 AM Feature #4732 (Resolved): Add MS-CHAPv2 option to L2TP Configuration
I reviewed the code and tested it's effect on the config file generation and it looks ok. It has been merged.
 Matthew Smith
10:55 AM Bug #5207 (Feedback): Hybrid RSA + xauth doesn't appear to configure strongswan correctly for hybrid auth
Matthew Smith
10:54 AM Bug #5207 (Resolved): Hybrid RSA + xauth doesn't appear to configure strongswan correctly for hybrid auth
This was fixed in the previously referenced commit and has been tested. Matthew Smith
10:50 AM Bug #5291: Difficult to be sure that a package install has ended
Applied in changeset pfsense:commit:35fcf1c1eb105da320b63550edfa5063af7312b3. Anonymous
10:46 AM Bug #5291 (Feedback): Difficult to be sure that a package install has ended
The package installer now shows a color coded completion banner, "real time" log data and a progress bar.
The prog... Anonymous
10:47 AM Bootstrap Todo #5279 (Resolved): Package installation GUI updates
Scripts combined and reloads handled. Anonymous
10:14 AM Bug #5257: tcpdump is not working with zerocopy enabled (net.bpf.zerocopy_enable=1)
Fix submitted to upstream: https://github.com/the-tcpdump-group/tcpdump/pull/486 Luiz Souza
07:37 AM Feature #5307 (New): Add logarithmic scale option to RRD graphs
Some graphs have data at much different scales, such as the quality graph's loss and latency, where detail can be los... Jim Pingle
05:25 AM Bug #4686: Rekeyed SAs are not properly removed
I confirm.
All my pfsense boxes on latest 2.2.4 version.
IPsec tunnels working!
Thanks. Ivo B
04:13 AM Bug #5306 (New): textarea fields should have linebreaks sanitized automatically on save
To avoid nonsense like this: https://github.com/doktornotor/pfsense-packages/blob/patch-2/config/squid3/34/squid.inc#... Kill Bill
04:08 AM Bug #5213: pkg_edit.php advancedfield - show advanced option does not work in some cases
OK, I guess you can close this. The Squid3 code was completely insane in the first place and was rewritten from scratch. Kill Bill
02:35 AM Bug #4558: DHCP traffic getting blocked with DHCP Relay enabled
I guess I should have been more explicit - your really sure you don't want... Kill Bill
02:20 AM Bug #4558: DHCP traffic getting blocked with DHCP Relay enabled
Kill Bill wrote:
> Are you sure this is correct?
>
Yes, $on is the interface identifier (wan/lan/optX) at that ... Chris Buechler
02:11 AM Bug #4558: DHCP traffic getting blocked with DHCP Relay enabled
Are you sure this is correct?... Kill Bill
01:36 AM Bug #4558 (Feedback): DHCP traffic getting blocked with DHCP Relay enabled
should be fixed, leaving for confirmation in snapshot builds. Chris Buechler

10/13/2015

10:24 PM Bug #5257: tcpdump is not working with zerocopy enabled (net.bpf.zerocopy_enable=1)
The recent fixes I did in bpf (that fixed the zerocopy buffers in bpf) caused this issue (now that tcpdump is really ... Luiz Souza
09:55 PM Bug #5207: Hybrid RSA + xauth doesn't appear to configure strongswan correctly for hybrid auth
commit:
https://github.com/pfsense/pfsense/commit/db322752ebb5fecc54bd9ce841874b47624c89c6 Chris Buechler
09:41 PM Feature #5305 (Resolved): IPv4 and IPv6 can co-exist on P2s when using IKEv2
IKEv2 P1s can have both IPv4 and IPv6 P2s.
already implemented, didn't have a ticket.
https://github.com/pfsens... Chris Buechler
09:17 PM Feature #5284 (Feedback): Add IPv6 to Virtual Address Pool options for Mobile IPsec with IKEv2
committed to RELENG_2_2 in https://github.com/pfsense/pfsense/commit/5bf321b6dd7a00124927fe3894e07b35b1f27640
Chris Buechler
09:15 PM Bug #5294 (Feedback): System users and groups not fully protected from deletion
Chris Buechler
07:37 PM Bug #3858 (Resolved): DynDNS errno 47: Address family not supported by protocol family
confirmed fixed Chris Buechler
07:30 PM Todo #5254 (Resolved): TZdata update to 2015f
done Chris Buechler
08:10 AM Todo #5254 (Feedback): TZdata update to 2015f
Applied in changeset commit:8832202d54d2ff3f50875b86243c6a1a2708743d. Renato Botelho
07:21 PM Bug #5039: Multiple PPPoE WANs no longer connect simultaneously after upgrade to 2.2.4
I think something other than the upgrade to 2.2.4 changed things here, and it doesn't appear to be attributable to a ... Chris Buechler
07:12 PM Bug #5245 (Confirmed): iOS IPsec PSK mismatches
I'm assigning this to Matt, and putting it back in Confirmed, so he can weigh-in. Jim Thompson
07:10 PM Bug #5129: OpenVPN - incorrect netmask sent to client with static IP set in RADIUS
Assigned to Chris for verification and close Jim Thompson
06:09 PM Bug #5242: IPsec debug log settings not applied after stop/start or restart
this seems to be fine, works on 2.2.5 and 2.3 after reboot and a stop/start. Asked mgsmith to double check. Chris Buechler
05:56 PM Bug #5303 (Resolved): system_get_timezone_list misses zones in root dir
fixed, thanks! Chris Buechler
02:40 PM Bug #5303 (Feedback): system_get_timezone_list misses zones in root dir
Applied in changeset commit:fc3bec296c676d1bf5a618b62b18f96580d1235b. Renato Botelho
02:13 PM Bug #5303 (Resolved): system_get_timezone_list misses zones in root dir
The zones that are within /usr/share/zoneinfo/ and not one of its sub-directories are missing in 2.3. That includes m... Chris Buechler
05:49 PM Todo #5304 (Resolved): include all logs in status output
done Chris Buechler
05:16 PM Todo #5304 (Resolved): include all logs in status output
Including all the log files instead of just some in the status tgz output would be very helpful for support purposes. Chris Buechler
04:21 PM Bug #4463 (Confirmed): Fix the NTPD Access Restrictions / and other NTPD related issues, including GPS
services_ntpd needs be updated to allow the selection of access controls on a per interface basis. Jeremy Porter
01:56 PM Bug #5220 (Resolved): Date timezone warning spewing out on factory defaults
fixed Chris Buechler
01:55 PM Bootstrap Todo #5299 (Resolved): Remove Reinstall GUI funtionality from installed packages
I removed the text from wiki page. Jared Dillard
12:54 PM Bootstrap Todo #5299: Remove Reinstall GUI funtionality from installed packages
Code has been removed. Would you please update the wikior assign to whomever does that? Anonymous
01:18 PM Bootstrap Bug #5302 (Resolved): Traffic shaper wizaerd has minor issues
See: https://forum.pfsense.org/index.php?topic=100762.0
This is an issue for both Multiple Lan/Wan;traffic_shaper_... Anonymous
01:17 PM Bootstrap Bug #5248 (Resolved): OpenVPN dashboard widget layout
Anonymous
01:03 PM Bootstrap Todo #5279: Package installation GUI updates
The package installation system has been updated such that:
* The installer is run in the background so that the GUI... Anonymous
01:02 PM Bug #5291 (Assigned): Difficult to be sure that a package install has ended
The package installation system has been updated such that:
* The installer is run in the background so that the GUI... Anonymous
12:55 PM Bootstrap Bug #5296 (Resolved): Notification E-Mail Auth Mechanism missing
Anonymous
12:21 PM Bug #5298 (Resolved): gitsync screws /tmp permissions
fixed, thanks Chris Buechler
11:54 AM Bug #5298: gitsync screws /tmp permissions
Thanks; did run gitsync twice and the permisssions went back to 01777.
P.S. Regarding "PHP chmod() doesn't like 1... Kill Bill
09:40 AM Bug #5298: gitsync screws /tmp permissions
Applied in changeset commit:61af87f68d2d48036822f9f769830c4b61cf6bc4. Renato Botelho
09:30 AM Bug #5298 (Feedback): gitsync screws /tmp permissions
Applied in changeset commit:8aec82088cc65605161c1d21180ba8e6ec737e22. Renato Botelho
11:46 AM pfSense Packages Bug #5301: System Patches - fails to set permissions from a 'new file mode' line in a git diff
Use the Filer package for this. Kill Bill
10:49 AM pfSense Packages Bug #5301 (Needs Patch): System Patches - fails to set permissions from a 'new file mode' line in a git diff
The package only invokes the patch utility in FreeBSD using the patch contents. It does not parse the patch itself. S... Jim Pingle
10:45 AM pfSense Packages Bug #5301 (Needs Patch): System Patches - fails to set permissions from a 'new file mode' line in a git diff
System Patches doesn't handle 'new file mode' lines in a git diff, for example:... David Wood
10:42 AM Bug #5260: 2.3-ALPHA console option 13 upgrade hangs after installing the upgrade
This is now somewhat out-of-date. Menu 13 - Upgrade from console - now does stuff to the other slice, get "Illegal nu... Phillip Davis
09:36 AM Bug #5260 (Feedback): 2.3-ALPHA console option 13 upgrade hangs after installing the upgrade
I'm guessing the error happening because the version you were running before upgrade contained the old version of pfS... Renato Botelho
07:00 AM Bug #5300 (Resolved): Wrong order of extensions.ini break PHP
When one extension depends of other, if they are in wrong order inside extensions.ini PHP breaks. For instance, if su... Renato Botelho
04:49 AM Bug #5297: ppp-linkdown and ppp-linkup do not handle SLAAC, DHCP6 and DHCP-PD correctly
Supplementary pull request to fix master: https://github.com/pfsense/pfsense/pull/1963
Apologies - I forgot about ... David Wood
02:50 AM pfSense Packages Bug #4615: /var/logs/c-icap/server.log & access.log growing without being rotated
There is "manual configuration" option in the Antivirus GUI which lets you edit the files manually put those where-ev... Kill Bill
01:32 AM pfSense Packages Bug #4615: /var/logs/c-icap/server.log & access.log growing without being rotated
6 months ago, I have tested the code in 3 different (2x x64, 1x x86) machines for squid3 ver 0.3.4 without any king o... Nicolas Liaudat
12:32 AM Bug #4931: dhcpleases misses some DHCP lease changes
the same original issue still seems to exist in latest 2.2.5. Obtained leases on 50 clients, all registered fine. Ano... Chris Buechler

10/12/2015

10:55 PM Bug #4568 (Resolved): mlppp settings lost after save on interface page
fixed Chris Buechler
10:48 PM Todo #4841: update AES-GCM/AES-NI bits from FreeBSD -HEAD
moving this to 2.3, we'll leave 2.2.5 as-is. Chris Buechler
10:00 PM Bug #5238 (Resolved): CA certificates not removed from strongswan cacerts upon deletion
fixed Chris Buechler
09:44 PM Bug #5242 (Feedback): IPsec debug log settings not applied after stop/start or restart
should be fixed, leaving for review. Chris Buechler
07:06 PM Bug #5297 (Feedback): ppp-linkdown and ppp-linkup do not handle SLAAC, DHCP6 and DHCP-PD correctly
Thanks David! Both merged, leaving for additional testing confirmation once they're in a snapshot. Chris Buechler
12:29 AM Bug #5297: ppp-linkdown and ppp-linkup do not handle SLAAC, DHCP6 and DHCP-PD correctly
Pull requests submitted:
master: https://github.com/pfsense/pfsense/pull/1961
RELENG_2_2: https://github.com/pfse... David Wood
12:24 AM Bug #5297 (Resolved): ppp-linkdown and ppp-linkup do not handle SLAAC, DHCP6 and DHCP-PD correctly
ppp-linkdown and ppp-linkup are not aware of SLAAC, DHCP6 and DHCP-PD. This has the following consequences:
Link g... David Wood
06:58 PM Bug #5211 (Resolved): Auto-added IPsec rules overmatch in some circumstances
fixed Chris Buechler
06:19 PM Bug #5180: DDNS sometimes not updating after primary WAN failure
Thanks for the feedback. The original issue doesn't always happen, so as long as the config is otherwise fine, you mi... Chris Buechler
05:48 PM Feature #5244: Allow configuring both leftca and rightca
Assigned to Matt, but if it doesn't get fixed for 2.3, I'm not bothered. Jim Thompson
05:47 PM pfSense Packages Bug #5239: Quagga webgui on 2.3-alpha errors on addInput()
assigning to Steve Beaver so he can see if it's really fixed. Jim Thompson
05:36 PM Bootstrap Todo #5299: Remove Reinstall GUI funtionality from installed packages
Ok great. The wiki page would also need to be updated: https://doc.pfsense.org/index.php/Package_Manager Jared Dillard
05:24 PM Bootstrap Todo #5299 (Assigned): Remove Reinstall GUI funtionality from installed packages
I believe this needs to be removed. I will do so today. Anonymous
03:38 PM Bootstrap Todo #5299 (Resolved): Remove Reinstall GUI funtionality from installed packages
Remove the Reinstall GUI button from pkg_mgr_installed.php and the supporting code in pkg_mgr_install.php?mode=reinst... Jared Dillard
05:17 PM Bug #4642: OpenVPN process status stopped... but its running
2.2.5 already has OpenVPN 2.3.8. If someone who can replicate can try 2.2.5 and report back, that'd be appreciated. I... Chris Buechler
05:06 PM Bug #5298 (Confirmed): gitsync screws /tmp permissions
gitsync itself hasn't changed in RELENG_2_2 since pre-2.2.0 release, but something it's calling has, confirmed /tmp p... Chris Buechler
02:53 PM Bug #5298 (Resolved): gitsync screws /tmp permissions
... Kill Bill
03:44 PM Bootstrap Bug #5085 (Resolved): dashboard "progress bars" hard to read
Steve Beaver cleaned it up by moving the text below the progress bar. Jared Dillard
12:24 PM Bootstrap Bug #5248 (Feedback): OpenVPN dashboard widget layout
Steve Beaver wrote:
> Jarred: Would you play with the panel-heading class colors in this widget please? We should pr... Jared Dillard
11:45 AM Bug #5294: System users and groups not fully protected from deletion
System User Delete checks committed https://github.com/pfsense/pfsense/commit/8d070c072ec2b662f6a235cc3779fb62835dd64... Phillip Davis
07:10 AM Bootstrap Bug #5296: Notification E-Mail Auth Mechanism missing
Applied in changeset pfsense:commit:f00e23d991f0397ea918c55ad1c6c54c003aa645. Anonymous
07:03 AM Bootstrap Bug #5296 (Feedback): Notification E-Mail Auth Mechanism missing
Anonymous
07:02 AM Bootstrap Bug #5296: Notification E-Mail Auth Mechanism missing
Missing selector provided and tested
Thanks for finding.
 Anonymous
07:00 AM Bootstrap Bug #5296 (Confirmed): Notification E-Mail Auth Mechanism missing
Anonymous
01:04 AM Bug #5258: Using pppoe WAN with ipv6 SLAAC, reply-to rules use the wrong interface address
There is a forum thread relating to this bug: https://forum.pfsense.org/index.php?topic=100403 David Wood

10/11/2015

08:48 PM Bootstrap Bug #5296: Notification E-Mail Auth Mechanism missing
This code was committed to master in https://github.com/pfsense/pfsense/pull/1421/files
and was backported to RELENG... Phillip Davis
08:38 PM Bootstrap Bug #5296 (Resolved): Notification E-Mail Auth Mechanism missing
This dropdown to choose PLAIN or LOGIN is a recent addition to 2.2.*
It is missing in 2.3-ALPHA
Forum https://forum... Phillip Davis
06:30 PM Feature #5295 (Closed): RRD Graphs custom color selection
I'm sure I am not the only person that suffers from this problem but I am colorblind and a lot of the default colors ... Joshua Benson
09:55 AM Feature #4542: Support for PPPoE with MTU/MRU > 1492 (i.e. 1500)
This work is complete and pull requests against pfSense 2.3 have been submitted:
mpd5 changes: https://github.com/... David Wood
03:40 AM pfSense Packages Bug #4615: /var/logs/c-icap/server.log & access.log growing without being rotated
P.S. And just to be explicit here: /dev/null does NOT work. It causes C-ICAP to spit Error: [No Error] and makes it u... Kill Bill
03:39 AM pfSense Packages Bug #4615: /var/logs/c-icap/server.log & access.log growing without being rotated
The above will be reverted in 0.4.0, except for the DebugLevel. It breaks things badly and I wasted two days debuggin... Kill Bill
03:39 AM Bug #5294: System users and groups not fully protected from deletion
If these fixes for RELENG_2_2 are accepted, then they need to also be done in master for 2.3 Phillip Davis
03:38 AM Bug #5294: System users and groups not fully protected from deletion
https://github.com/pfsense/pfsense/pull/1958
Similar fix for preventing deletion of a system group. Phillip Davis
03:13 AM Bug #5294: System users and groups not fully protected from deletion
https://github.com/pfsense/pfsense/pull/1957 should check for this case of the user manually messing with the $POST v... Phillip Davis

10/10/2015

05:55 PM Bug #5180: DDNS sometimes not updating after primary WAN failure
Yup, I saw that and dug through the code and believe I've figured out what's going on (although I seem to have two se... ben selinger
02:35 PM Bug #5294 (Resolved): System users and groups not fully protected from deletion
It's possible to shoot yourself on the foot and delete the admin user and all/admin groups.
1. Configure tamper d... Fernando Munoz
01:45 PM Bug #4642: OpenVPN process status stopped... but its running
If it is the bug, it can even be fixed for 2.2.5 with an update of OpenVPN to 2.3.8. Cullen Trey
01:39 PM Bug #4642: OpenVPN process status stopped... but its running
A similar but not identical case is described in the bug tracker of OpenVPN. From my understanding, even we don't use... Cullen Trey
10:08 AM pfSense Packages Bug #5005: Quagga OSPF Package GUI Fails on 2.2.4
Great success! The webgui Status tab works and I've got 4 neighbors again. Thanks! paul f
08:14 AM pfSense Packages Bug #5005: Quagga OSPF Package GUI Fails on 2.2.4
Can you try reinstalling the package again?
The pullrequest was committed 15 minutes ago. Pi Ba
07:56 AM Bug #1974: Captive Portal RADIUS accounting bytes wrong
The bug is still here on 2.2.4 release 32bits as well as 64bits, why is this taking so much to resolve ?
Browsed and... houari benayada
07:34 AM pfSense Packages Bug #5205: squid General Tab configuration can't be saved
It's most likely something in the way it (re)reads/parses or writes the config which causes the existing $config to b... Jim Pingle
03:28 AM pfSense Packages Bug #5205: squid General Tab configuration can't be saved
I would truly appreciate if someone traced the *real* cause of the install_cron_job() breakage, instead of reverting ... Kill Bill
07:10 AM Bootstrap Bug #5293: Edit button on block private/bogon rules goes to wrong page
Applied in changeset pfsense:commit:6f5a3fead80408f084156aa76f471b3bb611dc48. Anonymous
07:08 AM Bootstrap Bug #5293 (Feedback): Edit button on block private/bogon rules goes to wrong page
Button link corrected. Anonymous
02:14 AM Todo #4841: update AES-GCM/AES-NI bits from FreeBSD -HEAD
What's in Luiz's src repo passes all the basic tests including Linux and Cisco ASA interoperability. Let's get that m... Chris Buechler
12:33 AM Bug #5291: Difficult to be sure that a package install has ended
part of #5279, but good feedback here, will leave to make sure that's addressed once finished. Chris Buechler
12:24 AM Bootstrap Bug #5109 (Resolved): services_captiveportal.php missing description for RADIUS servers fields
I fixed the help text so it shows the field description, which was the primary issue here. That'll suffice. Chris Buechler
12:03 AM Todo #5219: EAP-RADIUS selection for IKEv2 Mobile IPsec should warn if the selected authentication backend is not a RADIUS server.
moving since it's not bootstrap-specific Chris Buechler
12:02 AM Bootstrap Bug #5194 (Resolved): diag_dump_states.php "Remove" button should be an X
looks good, thanks! Chris Buechler

10/09/2015

11:59 PM Bootstrap Bug #5288 (Confirmed): After Execute PHP Commands with bad code, menus do not work
I think the root cause here is more widely applicable than just this circumstance. For instance, if a dashboard widge... Chris Buechler
04:07 AM Bootstrap Bug #5288 (Resolved): After Execute PHP Commands with bad code, menus do not work
Diagnostics->Command Prompt
In "Execute PHP Commands" box, put some code with a fatal PHP problem:
$x = badfuncti... Phillip Davis
11:46 PM Bootstrap Bug #5289 (Resolved): Available Packages display - version is missing from displayed data
looks good Chris Buechler
07:40 AM Bootstrap Bug #5289: Available Packages display - version is missing from displayed data
PR phil-davis:patch-10 applied.
Thanks. Anonymous
07:40 AM Bootstrap Bug #5289 (Feedback): Available Packages display - version is missing from displayed data
Applied in changeset pfsense:commit:c4f5e057fe0aec72a442a058fc0a92e317b0541b. Phillip Davis
04:22 AM Bootstrap Bug #5289 (Resolved): Available Packages display - version is missing from displayed data
Forum: https://forum.pfsense.org/index.php?topic=100609.0
The version column heading is there, but the description... Phillip Davis
11:00 PM Bug #5180: DDNS sometimes not updating after primary WAN failure
In that last log snippet, you didn't have functional DNS resolution. That "Could not resolve checkip.dyndns.org" log ... Chris Buechler
10:27 PM Bug #5180: DDNS sometimes not updating after primary WAN failure
Okay, I'm not sure why this changed, as I've made no changes to config since opening the ticket, but I noticed this w... ben selinger
10:45 PM Bootstrap Bug #5293 (Resolved): Edit button on block private/bogon rules goes to wrong page
The edit button to the right of the block private and block bogon rules on firewall_rules.php goes to the wrong page.... Chris Buechler
08:43 PM Bootstrap Bug #5248: OpenVPN dashboard widget layout
That looks much better.
I see what you mean about the columns - in each section the columns will adjust depending on... Phillip Davis
02:24 PM Bootstrap Bug #5248 (Assigned): OpenVPN dashboard widget layout
Widget revised to use Bootstrap panels instead of outer tables. Table layout and classes corrected. There is a somewh... Anonymous
02:20 PM Bootstrap Bug #5248: OpenVPN dashboard widget layout
Applied in changeset pfsense:commit:b18303f197f95a6591d5684771a9fe8166b286be. Anonymous
12:04 PM Bootstrap Bug #5248: OpenVPN dashboard widget layout
Thanks. I just need to bite the bullet and configure something similar here. JimP is going to help me with that. Anonymous
11:58 AM Bootstrap Bug #5248: OpenVPN dashboard widget layout
This screen shot is from a system with 1 OpenVPN road-warrior server and 3 site-to-site clients.
The server sectio... Phillip Davis
10:24 AM Bootstrap Bug #5248 (Feedback): OpenVPN dashboard widget layout
Widget tables have been updated to Bootstrap classes, header tags and rowspans corrected.
The appearance seems to ... Anonymous
01:48 AM Bootstrap Bug #5248 (Assigned): OpenVPN dashboard widget layout
arrows look good. Put this back to assigned for the remainder Chris Buechler
06:30 PM Bootstrap Bug #5292 (Resolved): Log widget icons not functional
Fixed by restoring/fixing the Javascript Anonymous
06:30 PM Bootstrap Bug #5292 (Resolved): Log widget icons not functional
More missing JS Anonymous
05:23 PM Bootstrap Bug #5194 (Feedback): diag_dump_states.php "Remove" button should be an X
Fixed via PR: https://github.com/pfsense/pfsense/pull/1956
 Anonymous
04:31 PM Bootstrap Bug #5194: diag_dump_states.php "Remove" button should be an X
PR: https://github.com/pfsense/pfsense/pull/1956 jeroen van breedam
05:10 PM pfSense Packages Bug #5005: Quagga OSPF Package GUI Fails on 2.2.4
I've had three successful upgrades so far on different boxes. The one failed upgrade that I reproduced with the confi... paul f
04:39 PM pfSense Packages Bug #5005: Quagga OSPF Package GUI Fails on 2.2.4
Looks like a bug to me, this might be the issue: https://github.com/pfsense/pfsense-packages/pull/1090
Installatio... Pi Ba
04:08 PM pfSense Packages Bug #5255: Clamav not updating
Please, try with 0.3.9.1. Preferably on a sane box that did not have 159 previous Squid versions installed. Kill Bill
03:57 PM Bug #4210: Bring back a FTP proxy
I agree with Jérémy R. The FTP proxy is still needed to properly handle communication with an FTP server sitting behi... David Justl
03:38 PM Bootstrap Bug #5290: Installed packages listed on pkg_mgr.php
Just dropping a note here to note that commit:54c8ef44041a0213da54bf93f14d1d7fca218000 was also put in to help here -... Jim Pingle
08:40 AM Bootstrap Bug #5290 (Resolved): Installed packages listed on pkg_mgr.php
Page no longer displays installed packages Anonymous
07:49 AM Bootstrap Bug #5290 (Resolved): Installed packages listed on pkg_mgr.php
Packages already installed should not be listed here. Anonymous
11:47 AM Bug #5291 (Confirmed): Difficult to be sure that a package install has ended
Duplicates #5279
The package manager is a WIP. I am converting it to a system that starts the installation process... Anonymous
11:45 AM Bug #5291: Difficult to be sure that a package install has ended
Also when you remove a package, the title of the text box says "Beginning package installation" - that is a bit dumb,... Phillip Davis
11:41 AM Bug #5291 (Resolved): Difficult to be sure that a package install has ended
The Package Installer screen has a scrolling text box that shows the progress of the package installation. Various st... Phillip Davis
12:47 AM Bootstrap Bug #5264 (Resolved): Services Status widget crash after selecting hidden services
fixed Chris Buechler
12:46 AM Bootstrap Bug #5274 (Resolved): services_dyndns_edit.php existing password is not loaded/saved when editing
fixed Chris Buechler

10/08/2015

09:24 PM Bootstrap Bug #5249 (Resolved): Gateways dashboard widget display selection option AWOL
fixed Chris Buechler
09:16 PM Bootstrap Bug #5275 (Resolved): services_dyndns_edit.php there is no save and force update button
fixed Chris Buechler
05:36 PM Bootstrap Bug #5287 (Resolved): System Information widget issues
all good Chris Buechler
05:00 PM Bootstrap Bug #5287: System Information widget issues
Applied in changeset pfsense:commit:a306181b6b7ce5e066b8a2ba69cc1e4ac5bffb3a. Anonymous
04:56 PM Bootstrap Bug #5287 (Feedback): System Information widget issues
Javascript MIA
Retrieved, updated and fixed
Graph values now appears under the bar graphs not inside (so you can re... Anonymous
01:40 PM Bootstrap Bug #5287 (Assigned): System Information widget issues
Anonymous
12:55 PM Bootstrap Bug #5287 (Resolved): System Information widget issues
The System Information widget has lost the numeric values displayed for state table size, mbuf usage, memory usage, a... Chris Buechler
05:08 PM Bootstrap Bug #5034 (Resolved): status_rrd_graph.php should go straight to graph chosen
fixed Chris Buechler
08:00 AM Bootstrap Bug #5034: status_rrd_graph.php should go straight to graph chosen
Applied in changeset pfsense:commit:112284e15581a31e34e67a283bc20fdd7f04132d. Anonymous
07:53 AM Bootstrap Bug #5034 (Feedback): status_rrd_graph.php should go straight to graph chosen
Made it so. Anonymous
05:08 PM Bootstrap Bug #5261 (Resolved): Existing src or dst network is not shown when editing a rule
all those circumstances seem fine, been through a variety in the past couple days with no issues found. Chris Buechler
04:21 PM pfSense Packages Bug #5205 (Resolved): squid General Tab configuration can't be saved
Chris Buechler
04:20 PM pfSense Packages Bug #5205: squid General Tab configuration can't be saved
It was available in the package repo at the same time the commit showed up here on the ticket. It's there now. Jim Pingle
03:32 PM pfSense Packages Bug #5205: squid General Tab configuration can't be saved
This version of squid.inc seems to solve the problem of saving general parameters.
When the fixed version will be ... Anonymous
04:20 PM Bootstrap Bug #5265 (Resolved): RSS Feed Content Limit is restricted to multiples of 100
fixed Chris Buechler
12:44 PM Bootstrap Bug #5234 (Resolved): Edit file Save does not work
issue's fixed. the success message isn't that big of a deal, but if you find a way to add dismiss there Phil, feel fr... Chris Buechler
09:00 AM Bootstrap Bug #5286 (Resolved): Alias pop-ups should display the target description as well as its value
Converted pop-up format to table and added description Anonymous
08:59 AM Bootstrap Bug #5286 (Resolved): Alias pop-ups should display the target description as well as its value
It's all in the title. Anonymous

10/07/2015

10:51 PM Bootstrap Todo #5216 (Resolved): Wizard conversion
done Chris Buechler
10:48 PM Bootstrap Bug #5251 (Resolved): Firewall Aliases Edit URL Table allowing multiple rows
fixed Chris Buechler
10:33 PM Bootstrap Todo #5206 (Resolved): Convert package UI pages to Bootstrap
this is finished Chris Buechler
10:25 PM Bootstrap Bug #5193 (Resolved): "Are you sure you wish to Yes?" prompts
those are fixed, haven't seen any other instances of this. Chris Buechler
10:23 PM Bootstrap Bug #5247 (Resolved): NTP Status Widget format
settings button was removed. all fixed Chris Buechler
10:22 PM Bootstrap Bug #5181 (Resolved): vpn_ipsec.php phase 2 reordering issues
fixed Chris Buechler
01:18 PM Bootstrap Bug #5181: vpn_ipsec.php phase 2 reordering issues
Drag/drop ordering of P2s has been added and tested.
Jared - Let me know if you want me to look at the manual re-o... Anonymous
12:39 PM Bootstrap Bug #5181: vpn_ipsec.php phase 2 reordering issues
we should not be using "Move to here" buttons any more but drag/drop ordering. If you assign this to me I can take ca... Anonymous
10:22 PM Bootstrap Bug #5232 (Resolved): status_captiveportal.php zone selection issue
fixed Chris Buechler
10:21 PM Bootstrap Bug #5212 (Resolved): Top menus not showing installed packages
fixed Chris Buechler
10:20 PM Bootstrap Bug #5252 (Resolved): Existing Alias is not shown when edit a rule
fixed Chris Buechler
10:19 PM Bootstrap Bug #5276 (Resolved): halt.php - Service status output is not properly formatted
fixed Chris Buechler
07:20 AM Bootstrap Bug #5276: halt.php - Service status output is not properly formatted
Applied in changeset pfsense:commit:ea1bbc43042235f4d763421702408072499e8d87. Anonymous
07:13 AM Bootstrap Bug #5276 (Feedback): halt.php - Service status output is not properly formatted
And so it was. Anonymous
07:02 AM Bootstrap Bug #5276 (Resolved): halt.php - Service status output is not properly formatted
Same issue as #5271 but on halt.php, should be an identical fix. Jim Pingle
10:17 PM Bootstrap Bug #5277 (Resolved): Services Status Widget - Clicking an action (start, stop, restart) has no effect
fixed Chris Buechler
08:00 AM Bootstrap Bug #5277: Services Status Widget - Clicking an action (start, stop, restart) has no effect
Applied in changeset pfsense:commit:d8ed9328d7924c91d4cef20584facd119e55a85f. Anonymous
07:58 AM Bootstrap Bug #5277 (Feedback): Services Status Widget - Clicking an action (start, stop, restart) has no effect
I broke this by converting the services->status page to POST. All pages that reference services have now been fixed t... Anonymous
07:10 AM Bootstrap Bug #5277: Services Status Widget - Clicking an action (start, stop, restart) has no effect
Same thing happens with the service controls in the shortcut bar on other pages for a specific service. Jim Pingle
07:09 AM Bootstrap Bug #5277 (Resolved): Services Status Widget - Clicking an action (start, stop, restart) has no effect
Clicking an action icon to control a service in the service status widget has no effect. Instead, the page scrolls up... Jim Pingle
10:14 PM Bootstrap Bug #5283 (Resolved): Firewall rule Destination Type is missing This Firewall (self)
fixed Chris Buechler
12:20 PM Bootstrap Bug #5283: Firewall rule Destination Type is missing This Firewall (self)
Applied in changeset pfsense:commit:bda7ff6da0cfadbacf5f564fc56a632cc2fc8f99. Anonymous
12:14 PM Bootstrap Bug #5283: Firewall rule Destination Type is missing This Firewall (self)
Done Anonymous
11:49 AM Bootstrap Bug #5283: Firewall rule Destination Type is missing This Firewall (self)
"self" needs to be "(self)" as commented on the GitHub commit. Phillip Davis
11:20 AM Bootstrap Bug #5283: Firewall rule Destination Type is missing This Firewall (self)
Applied in changeset pfsense:commit:654e800764e365d5f0bf5cede7fc9e2862b293fa. Anonymous
11:17 AM Bootstrap Bug #5283 (Feedback): Firewall rule Destination Type is missing This Firewall (self)
"self" option added to destination selector (only) Anonymous
11:03 AM Bootstrap Bug #5283: Firewall rule Destination Type is missing This Firewall (self)
Adding a sample screen shot from 2.2.* system for reference. Phillip Davis
11:02 AM Bootstrap Bug #5283 (Resolved): Firewall rule Destination Type is missing This Firewall (self)
On 2.2.4 a destination type "This Firewall (self)" can be selected when editing a rule.
This does not appear in the ... Phillip Davis
07:41 PM Bug #5210 (Resolved): Package logging entries are not being removed from syslog.conf on package uninstall
fixed Chris Buechler
07:25 PM Feature #2774: Extend DHCP Pools code to allow using different subnets
Steve Thomas wrote:
> Is support for this no longer planned??
Not likely for 2.3, maybe at some point. Not a very... Chris Buechler
06:05 PM Bug #5273 (Feedback): UMTS / 3G Connection reports wrong Gateway information (10.64.64.0) and no data is going through that connection.
10.64.64.0 is what gets filled in if you don't have a gateway obtained from PPP. I'm guessing it's actually failing t... Chris Buechler
01:20 AM Bug #5273 (Closed): UMTS / 3G Connection reports wrong Gateway information (10.64.64.0) and no data is going through that connection.
Hello Pfsense team,
first of all thanks for all the work you put into PFsense. I am using it since 5 years now and... Thomas Burger
04:33 PM Bug #5285 (Not a Bug): Failsafe mode
if the XML is invalid, and there are backups in the config history, it'll restore from there. So there is a "failsafe... Chris Buechler
01:20 PM Bug #5285: Failsafe mode
Unfortunately, I don't know for sure, I installed all the available packages and tried to use invalid data in every i... Fernando Munoz
12:21 PM Bug #5285 (Feedback): Failsafe mode
what specifically did you do to break it? that looks like $config is no longer an array and is within the config upgr... Chris Buechler
11:54 AM Bug #5285 (Not a Bug): Failsafe mode
I'm not sure if this should be a feature request or a bug report, anyway since I've been messing around the webUI on ... Fernando Munoz
01:45 PM Bootstrap Bug #5282: Alias system broken on edit
Further updated to support both src and dst.
elseif replaced with if since they are not mutually exclusive. Anonymous
10:32 AM Bootstrap Bug #5282 (Resolved): Alias system broken on edit
* Fixed JavaScript
* Unable to reproduce
* Misplaced return caused alias system to only process one type of alias p... Anonymous
09:25 AM Bootstrap Bug #5282 (Resolved): Alias system broken on edit
https://forum.pfsense.org/index.php?topic=100494.0
# When inserting\editing a port or URL alias, it's possible to ... Anonymous
12:43 PM Bootstrap Bug #5224 (Resolved): Alias Edit Description text repeates every row
Chris Buechler
12:36 PM Bootstrap Bug #5109: services_captiveportal.php missing description for RADIUS servers fields
The Bootstrap framework does not have the ability to show column titles. We can look at this in a future release, but... Anonymous
12:30 PM Bootstrap Todo #5204: Clean up jquery sections at the bottom of pages
Common functions have already been moved to jquery/pfSense-helper.js Anonymous
12:13 PM Bootstrap Bug #5223: Dashboard Available Widgets section is always open
https://git.pfmechanics.com/pfsense/pfsense/commit/025972525b49c513bd3d1dad5cc69cf49e98605b
Prevents "Store widget... Anonymous
11:19 AM Bootstrap Bug #5223 (Resolved): Dashboard Available Widgets section is always open
thanks Chris Buechler
11:17 AM Bootstrap Bug #5223: Dashboard Available Widgets section is always open
Looks good, saves dashboard space, and it works - 3 pluses :) Phillip Davis
10:59 AM Bootstrap Bug #5223 (Feedback): Dashboard Available Widgets section is always open
Better to close my unneeded ticket. Yours was first :)
I was able to add the suggested functionality this morning. Anonymous
10:56 AM Bootstrap Bug #5223: Dashboard Available Widgets section is always open
This is now a duplicate of https://redmine.pfsense.org/issues/5280
This can be closed. Phillip Davis
11:31 AM Feature #5284 (Resolved): Add IPv6 to Virtual Address Pool options for Mobile IPsec with IKEv2
Mobile IPsec with IKEv2 can use both IPv4 and IPv6 at once but we only have a GUI option to allocate IPv4.
Needs s... Jim Pingle
09:30 AM pfSense Packages Bug #5205: squid General Tab configuration can't be saved
Applied in changeset commit:7d613d5c35a0effaadfe409cc80e07068fdcc39b. Jim Pingle
09:20 AM Bootstrap Bug #5281 (Resolved): IPSec widget is ugly when no tunnels defined
Appearance changed to a more subtle and compatible one. Anonymous
09:19 AM Bootstrap Bug #5281 (Resolved): IPSec widget is ugly when no tunnels defined
<h2> and class="alert" makes for an ugly appearance that is not in line with other widgets. Anonymous
08:23 AM Bootstrap Todo #5279 (Resolved): Package installation GUI updates
Recent changes to the package system require the GUI is updated to match.
pkg_install.php will now start the insta... Anonymous
08:04 AM Bootstrap Bug #5275: services_dyndns_edit.php there is no save and force update button
Fixed, thanks.
I purposely went to DynDNS and changed the IP address of the DynDNS name to some random rubbish and... Phillip Davis
07:20 AM Bootstrap Bug #5275: services_dyndns_edit.php there is no save and force update button
Applied in changeset pfsense:commit:06972ee55b6fd3da0a54de9b41424ab3184567be. Anonymous
07:10 AM Bootstrap Bug #5275 (Feedback): services_dyndns_edit.php there is no save and force update button
Save and Force Update button added.
Tested by following code path, but not with a real DynDNS provided. Anonymous
05:33 AM Bootstrap Bug #5275 (Resolved): services_dyndns_edit.php there is no save and force update button
There used to be a "Save and Force Update" button on this screen, so you could make the dynamic DNS try to update its... Phillip Davis
07:54 AM Bootstrap Bug #5274: services_dyndns_edit.php existing password is not loaded/saved when editing
Fixed, thanks. Phillip Davis
07:00 AM Bootstrap Bug #5274: services_dyndns_edit.php existing password is not loaded/saved when editing
Applied in changeset pfsense:commit:b19ff0d2dfc39f32ecb6b7d5f4836cd22a3c4ea0. Anonymous
06:58 AM Bootstrap Bug #5274 (Feedback): services_dyndns_edit.php existing password is not loaded/saved when editing
Element names corrected for password and description.
Page now displays those values on load. Anonymous
05:19 AM Bootstrap Bug #5274 (Resolved): services_dyndns_edit.php existing password is not loaded/saved when editing
Try to edit an existing Dynamic DNS entry.
In 2.2.* you can edit, change the description or other inconsequential ... Phillip Davis
07:01 AM Bootstrap Bug #5271 (Resolved): reboot.php - Service status output is not properly formatted
Looks right now, thanks! Jim Pingle
12:12 AM Bug #5039: Multiple PPPoE WANs no longer connect simultaneously after upgrade to 2.2.4
Thanks, that helps. I removed the attachments and committed them to a private internal repo so a few others can see i... Chris Buechler
 

Also available in: Atom