Activity
From 05/10/2016 to 06/08/2016
06/08/2016
- 11:29 PM Revision 00ad6390: Fix #6463 Dest net alias matching on page load
- Do not set destination field to use customarray
Note: dstbeginport_cust does not exist on this page, so I got removed... - 11:29 PM Revision 8a6261b3: Fix #6463 Dest net alias matching on page load
- Do not set destination field to use customarray
Note: dstbeginport_cust does not exist on this page, so I got removed... - 11:29 PM Revision 33872ac0: Merge pull request #2998 from phil-davis/patch-5
- 11:15 PM Revision bee62d27: Add resetwebgui to developer shell
- This might be helpful to people if they have set the theme to something
that they are having trouble displaying, read... - 11:15 PM Revision 50957283: Merge pull request #2997 from phil-davis/resetwebgui
- 11:15 PM Revision 21c18c3d: Fix #6460 Interface mismatch apply changes button
- 11:12 PM Revision d9f088f5: Fix #6460 Interface mismatch apply changes button
- 11:12 PM Revision f4ede227: Fix #6460 Interface mismatch apply changes button
-
11:03 PM Revision 9fd4b658: Rework pkg_mgr_install.php:
- - Stop using id parameter for additional packages, keep using it only
for firmware upgrades
- Created to control va... -
-
-
-
-
-
-
-
-
- - Stop using id parameter for additional packages, keep using it only
for firmware upgrades
- Created to control va... -
-
-
-
-
-
-
-
-
10:53 PM Feature #6457: Allow ability to configure AWS EC2 AMI via userdata
- Thinking through this, it may be easier to supply a userdata dictionary who's value is an S3 object that is a recorde...
-
- - Stop using id parameter for additional packages, keep using it only
for firmware upgrades
- Created to control va... -
- I believe that that was the case. I think that when I manually created the LAN interface, the addressing method was ...
-
05:51 PM Bug #6459: AWS EC2 Instance should skip interface config in setup wizard
- Danny Schuh wrote:
> Actually, I had skipped the initial setup wizard.
Then your WAN would be DHCP, that's the o... -
- Actually, I had skipped the initial setup wizard. I'm looking to eventually deploy this AMI w/o user interaction.
-
-
-
06:40 PM Bug #6463: Firewall > NAT, Outbound Network destination field incorrectly displays port aliases
- Applied in changeset commit:d4d8f29373f8d7396dfd0d1ead8b50cb713b1208.
-
- merged, thanks!
-
03:19 AM Bug #6463: Firewall > NAT, Outbound Network destination field incorrectly displays port aliases
- Pre-Feedback feedback. Phil's fix seems to work for me. Thanks.
-
-
- that PR seems fine to merge. Luiz, please review and merge if agreed.
-
-
-
- It never has. Rule doesn't do anything since there's no matching NAT. I thought there was already a ticket for this, ...
-
05:59 PM Bug #6472 (Resolved): Disabling NAT (port forward) rule does not disable the associated firewall rule
- As per subject. Worked just fine with 2.2.x.
NAT:
!http://image.prntscr.com/image/d5f3d6fc93424ef69b9dff46be019ba... -
- Applied in changeset commit:f4ede22769baab85577ff95da98f544d1b67a9f1.
-
- PR merged, thanks!
-
-
-
-
-
05:31 PM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic
- For me is that bug a big problem.
The traffic shaping feature was one decision to use pfsense.
I baught a XG-1540 w... -
04:03 PM pfSense Packages Bug #6471 (New): pfsense 2.3.1 squidguard -> common ACL -> Target Rules List missing...
- The clickable "Target Rules List" field in menu "common ACL" disappears if more than 7 "Target categories" are defined.
-
-
-
-
11:56 AM pfSense Packages Feature #6470 (New): CloudFlare Integration Module
- I would be interested in assisting with the development of a super simple cloudflare integration module.
It would ... -
- fixed
-
10:45 AM Bug #6467: DNS Resolver in forwarder mode should automatically disable DNSSEC
- You are right Chris. OpenDNS are the upstream servers and they do not support DNSSEC, but Google DNS servers do. It...
-
- Applied in changeset pfsense:commit:4a374da4778f8d94bca07f19cdc37d40208833b9.
-
08:55 AM pfSense Packages Todo #6443: Add ntopng package back into pfSense 2.3.x
- install fails on 2.3.2a here is log
\>>> Installing pfSense-pkg-ntopng...
Updating pfSense-core repository catalo... -
08:36 AM Bug #4637 (Not a Bug): system unreachable after deleting VLAN
- This is the expected behaviour for overlapping networks.
When you remove the IP from NIC/VLAN (this is not specifi... -
03:28 AM pfSense Packages Bug #6456: vm-bhyve not correctly detecting the modules in kernel
- This was fixed in vm-bhyve v0.12.3.
(https://github.com/churchers/vm-bhyve/commit/a74ef7e04a5fa5ce256fe2f213dec6f5... -
02:49 AM Revision 02705019: Rename item #12 in console menu
- The console menu item #12 (_"pfSense/$product developer shell"_) has a pointless title that doesn't help users much. ...
- 02:34 AM Revision a9dafcba: Fix #6468 Do not allow edit of day and times
- in rows of time ranges for a schedule.
The code was always intended that the user uses the calendar pad and start hou... - 01:53 AM Revision d4d8f293: Fix #6463 Dest net alias matching on page load
- Do not set destination field to use customarray
Note: dstbeginport_cust does not exist on this page, so I got removed... -
01:40 AM pfSense Packages Feature #6436: Add Stunnel binaries to the pfSense repository
- Latest package is in:
http://pkg.freebsd.org/freebsd:10:x86:64/latest/All/stunnel-5.31,1.txz
06/07/2016
-
-
- Pull request https://github.com/pfsense/pfsense/pull/2996
-
- Reported in the forum https://forum.pfsense.org/index.php?topic=113172.0
When restoring a configuration and the inte... -
-
- This is a genuine little bonus bug. Thanks for reporting.
Pull request https://github.com/pfsense/pfsense/pull/2998 -
- Sorry. Search fail. This is very similar to https://redmine.pfsense.org/issues/6287. This is still showing port alias...
-
- Create an outbound NAT rule with a source and destination network and save.
Re-edit the rule.
Type in the desti... -
-
07:44 AM Bug #6461 (Duplicate): firewall rules lose limiter association when limiter renamed
- this issue has been there since many older pfsense versions where suppose if u have some floating rules which had lim...
-
- I presume updated subject is what you're referring to, as it does default to DHCP. It ought to not prompt users in th...
-
- thanks for the follow up
-
11:06 PM
Bug #6465: No 'Apply Chnges' button in 2.3.1_1
- Experimented a bit and it seemed that for whatever reason I had a problem with uBlock origin. Apparently uBlock block...
-
- not seeing that here on Firefox on Windows or Linux, nor has anyone else reported same. At least hundreds and likely ...
-
02:16 PM
Bug #6465 (Not a Bug): No 'Apply Chnges' button in 2.3.1_1
- After upgrade to pfsense 2.3.1_p suddenly 'Apple Changes' button disappears in Firefox 46 and 47. Everything works gr...
-
- Strange - just did a test to override ca.yahoo.com to point to my local server and it is working. Now testing SafeSe...
-
- Shows the configured host override section. I have resolver disabled right now, but it was definitely checked and DN...
-
- Sorry - I should have been more clear: yes I put the overrides under the proper section under DNS Resolver. I have t...
-
- I have thought about putting a button to copy all overrides from Forwarder into Resolver (and vice-versa). It is part...
-
- What Phil said is exactly what I was writing when he posted it. Forwarder's overrides are for it only, Resolver's for...
-
- Did you put the host overrides into the DNS Resolver section?
Resolver won't use the Host Overrides from the DNS F... -
- I am using 2.3.1-RELEASE-p1 on SG-2440.
-
- I have a dedicated pfSense VM setup as a DNS server with packet filtering disabled and only one NIC, and I'm trying t...
-
- Thoughts on this:
# Expand the "help" function:
> help - _brief_ help and lists the options below
>
> help she... -
- It was never intended that users should be able to edit the day and time range in each of the rows of a schedule. If ...
-
- For example, it will accept 06:00-52:00. See screenshot
-
- only if your forwarding servers don't support DNSSEC. It isn't required and wouldn't be appropriate to automatically ...
-
- DNS Resolver configured in forwarding mode needs DNSSEC disabled to work correctly. Perhaps selecting forwarder chec...
-
08:08 PM pfSense Packages Todo #6443: Add ntopng package back into pfSense 2.3.x
- I've installed snapshot 2.3.2.a.20160606.1543, and ntopng via the web UI package manager.
I see only one possible ... -
04:44 PM pfSense Packages Todo #6443: Add ntopng package back into pfSense 2.3.x
- Hi Renato. Many thanks for adding it back. I suspect the answer may be no, but is there any way to run the package ...
-
- I've added it back to 2.3.2 snapshots, that can be downloaded at https://snapshots.pfsense.org
Note that it was no... -
04:47 PM Bug #6044 (Feedback): system>monitoring tooltip unit "null" for some graphs
- This should be fixed in PR141 https://github.com/pfsense/FreeBSD-ports/pull/141
-
01:03 PM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic
- +1 I have dozens of 2.1.5 boxes because of this critical bug.
Crossed my fingers but seems 2.3 still not productio... -
- merged PR 137 for the fix. Thanks Justin Rittenhouse and NOYB!
-
- The X axis ticks don't respond to resolution for custom time periods. Possible fix to is to use the resolution that i...
-
10:51 AM pfSense Packages Feature #6462 (Resolved): Add the php-pgsql module to the pfSense repo.
- The php-pgsql module was previously installable in 2.2.X and earlier and some users are using it in custom captive po...
- 07:27 AM Revision 9202151e: Add resetwebgui to developer shell
- This might be helpful to people if they have set the theme to something
that they are having trouble displaying, read... -
04:50 AM Bug #6167: IPsec IPComp not working
- Chris Buechler wrote:
> We'll leave this as-is for 2.3.1 to avoid introducing any regressions for something that's l... -
02:05 AM pfSense Packages Feature #6176: Privilege for OpenVPN Client Export
- it would be very cool to be able to limit access for users to their own client configs. users don't need to have acce...
-
- BBcan177 . wrote:
> By any chance, did you use the "view" button in the Update Tab? Something has recently changed t...
06/06/2016
-
- AWS EC2 instances should default to DHCP. EC2 instances are assigned IP addresses via DHCP. If you want to give the...
-
- The DHCPv6 service is enabled on the AWS EC2 instance. This normally wouldn't be an issue except when you attempt ad...
-
- Missed a pretty important one:
Interfaces - Allow the end-user to supply an array to configure the interfaces -
- Most AWS EC2 AMIs allow you to configure many aspects of the instances that you are launching via the 'userdata'. Cu...
-
- The issue is where you have a gateway that isn't within the interface's primary IP subnet (unusual), no VIPs within t...
-
05:27 PM Bug #6455: Can't delete Virtual IP "referenced by a least one gateway" if gateway outside interface subnet
- Hi @Tobi Miller Many of the firewall services use virtual IPs for load balancing. So suddenly removing the virtual IP...
-
02:50 PM Bug #6455: Can't delete Virtual IP "referenced by a least one gateway" if gateway outside interface subnet
- Okay, in case that this is better in the forum, I will open a thread there :-)
Just to answer your qestions:
* its ... -
09:56 AM Bug #6455 (Feedback): Can't delete Virtual IP "referenced by a least one gateway" if gateway outside interface subnet
- Not enough info to go by. Ideally this should be in a forum thread until a bug can be confirmed.
Is this an IP Ali... -
- I have pfsense 2.3.1 (amd64) running and the issue [[#3075]] seems to be present again. I have setup a main virtual I...
-
-
-
- Useful and detailed answer.
One way to resolve it that your comment _almost_ suggests but doesnt. Itr sounds like ... -
- The problem, as stated, is not a good idea, but could be handled better in a few separate tasks and not this directly...
-
- I happened to be checking the certs on my router, and noticed the main webconfigurator cert was 1024 bits, which has ...
-
03:16 PM pfSense Packages Bug #6456 (Not a Bug): vm-bhyve not correctly detecting the modules in kernel
- Trying to run bhyve in pfsense 2.3.1. I have install vm-bhyve. But I found it is not working properly when executing ...
-
01:47 PM Bug #6406: Web process becomes unresponsive producing 502 Bad Gateway nginx
- Kill Bill wrote:
> Well, while the original issue with the dashboard seems indeed gone, I managed to make the GUI co... -
-
-
09:23 AM Bug #6099: igmpproxy does not recognize upstream interface
- To be sure the 10.x address is not messing everything up I removed the address from the interface.
Sadly it didn't... -
08:35 AM Bug #6099: igmpproxy does not recognize upstream interface
- Just to compare with the same Version on my System:
MY router (192.168.1.254) periodily sends a Membership query (... -
- Just a hunch, but I suspect the second query coming from 10.10.10.1 is part of the problem. It's querying the same m...
-
- To check the IGMP Membership I made two traces on the firewall.
The first is made with the IGMP daemon I used on ver... -
- @Andrew
yes indeed
While the IP 192.168.1.35 sends a Membership request to 224.0.252.15211:56:36,591: Should ins... -
- It looks to me that, for whatever reason, the replies to the membership query aren't getting back to igmpproxy. Igmp...
-
- @Stefan Heck
The version you provided shows the same route exipration problem. See the log below.... -
- I'll check it today.
-
- @Andre Vink
Did you try the Version I have mentioned above? It is the same as the current Version from ViToni plus e... -
- In my opinion the mixup is a result of IGMPproxy not recognizing vlan and PPPoE interfaces.
The version from ViToni ... -
- Agree, it's what I see as well.
Looking at the logs you'll see the aging counter decrementing and the route removed ... -
- You mix up different issues in this thread.
The robustness if igmpproxy has nothing to do with "not recognize upst... -
02:33 AM Bug #6099: igmpproxy does not recognize upstream interface
- Andre Vink wrote:
> It looks like it has something to to with route aging.
Having looked at the code and at the l... -
- I have pfsense 2.3 (amd64) running and this issue seems to be present again. I have setup a main virtual IP which I u...
-
06:27 AM Bug #6454 (Resolved): services_ntpd_acls.php: Can't change default options without setting custom access restriction
- It's impossible to modify ONLY the 'Default Access Restriction' section without compiling the section 'Custom Access ...
-
- Useful utility function when it's necessary to verify that existing keys meets current practices
-
12:22 AM Bug #6364: PHP Fatal error: Allowed memory size of 268435456 bytes exhausted (tried to allocate 32 bytes) in /usr/local/www/status_carp.php on line 261
- Hello,
Any news with this bug?
06/05/2016
-
08:38 PM Bug #6451: IPv6 GIF tunnels to HE broken since 2.3-RELEASE
- No, I can't - and I don't see *any* responses from HE if I sniff the WAN interface, either.
The last bug I ran into ... -
- subject is definitely not true. If it were even just true on 32 bit it's a certainty we would have heard of it by now...
-
- (Sorry, keep hitting Submit and *then* thinking of something else to add.)
Both connections do have a static IP ad... -
- Oh, and both connections support full 1500-byte packets; no PPoE or anything like that in either case.
-
- So far, my searching has only uncovered one other person complaining: https://www.reddit.com/r/PFSENSE/comments/4iupz...
-
- I've just confirmed that since upgrading from 2.2.x to 2.3-RELEASE (and subsequently to 2.3.x-whatever's current) non...
-
08:34 PM Feature #6452 (Rejected): Restrict Login by subnet
- Hi, I would like to suggest a feature on the user manager page, an option that you can restrict the created user to l...
-
- I am now experiencing this issue on 2.3.1-RELEASE-p1 (i386)
Ive been having intermittent Layer 7 DDoS Attacks for ... -
- Well, while the original issue with the dashboard seems indeed gone, I managed to make the GUI completely unresponsiv...
-
02:52 PM Bug #6099: igmpproxy does not recognize upstream interface
- It looks like it has something to to with route aging.
The IGMP join is processed neaty and the route is added to th... - 10:43 AM Revision d6b79c39: Do not allow deleting your own user name
- Currently if you delete your own user name, then the config ends up with a blank user tag in it. Rather than fix that...
-
- To me, it seems dangerous to let users delete their own user name. Because if they (or others) do not know the passwo...
-
- Screen shot attached.
-
- 1) System->User Manager, create an account and give it membership of admins
2) Login to that account, go to System->... -
- fixed
-
- works
-
- fixed
-
- works
06/04/2016
-
10:44 PM Bug #6447: Interface allows dynamic gateway to be deleted
- I did not think I had made any changes to either of the default gateways, but I tried deleting it and it does work th...
-
- if you define any options outside the defaults, you can delete it (which brings back the fully default dynamic gateway)
-
- I have a SG-4860 appliance running 2.3.1-RELEASE-p1 (amd64). The WAN and LAN configurations are completely default. T...
-
- Thanks for the follow up. That makes this a duplicate of #6184
-
09:44 AM Bug #6245: Multi-WAN PPPoE not working
- Sorry for my late answer.
I could solve the problem. It was an problem with the nanobsd version. I've got an lot o... -
04:08 PM pfSense Packages Bug #6449 (Rejected): Email Reports not wait a long command end to send the report.
- how to repoduce :
-install speedtest-cli pkg install py27-speedtest-cli
-install email reports package ..
-ad... -
03:54 PM Feature #6228: Please provide a means for IGMPv3 and MLDv2 support
- Reading https://svnweb.freebsd.org/base?view=revision&revision=170613 suggests that the XORP project might be a/the s...
-
- Mousing over aliases and other elements in a firewall rule set pops up a hint showing the contents of the alias.
D... -
- the "runtime went backwards" is just log spam, but it was annoying me, and I tracked down where it was fixed in newer...
-
- fix pushed to RELENG_2_3, confirmed working when manually built.
-
- Hyper-V log spams a bunch of "runtime went backwards" logs during boot. This was fixed in FreeBSD in https://reviews....
06/03/2016
-
- can anyone try this on 2.3.1 and report back? It has a newer driver than anyone here has reported on.
-
-
07:33 PM Bug #6444: Monitoring graphs are down after reboot
- Hyper-V time sync is for pfSense VM disabled.
Hyper-V Server and pfSense are both synced with the same ntp servers.
... -
- your system clock was well into the future at some point. Disable Hyper-V's time sync to get rid of the runtime went ...
-
- If I type in: ps -axfw | grep updaterrd.sh it is running.
Here are the rrdtool erros from system logs:... -
- is updaterrd.sh running? any rrdtool errors in system log?
-
- Hello.
After I reboot the pfSense VM, all monitoring graphs are down. (Status/Monitoring)
I see the graph, but ev... -
06:20 PM pfSense Packages Bug #6368: pfBlockerNG General Settings - Erroneous Text
- Unfortunately the line break html code <br/> still exists after pfBlockerNG update to 2.0.17
-
02:12 PM pfSense Packages Feature #6445 (Rejected): Request: Zabbix 3.0 LTS proxy
- It would be nice to have the 3.0 LTS proxy for zabbix as it is not backwards compatible with the 2.2 or 2.4 version a...
-
- fixed
-
12:26 PM pfSense Packages Bug #6305: Quagga problems updating routes / mistakenly showing "kernel"-routes while they are not
- @jimp
i've updated reply #7 to include the config of client side & server side
the status of before/after was ... -
- I see the routes sometimes (but not always) marked as Kernel routes in the Zebra routing table, but I have not seen t...
-
09:10 AM pfSense Packages Bug #6305: Quagga problems updating routes / mistakenly showing "kernel"-routes while they are not
- jeroen van breedam wrote:
> Any of the coredevs been able to replicate this?
I have ( but I'm not a Dev) And ever... - 05:52 AM Revision 754f7091: Set keepalive_timeout 0 where captive portal in use, and update otherwise to nginx's current default of 75. Ticket #6421
- 05:51 AM Revision 54e7222e: Set keepalive_timeout 0 where captive portal in use, and update otherwise to nginx's current default of 75. Ticket #6421
- 05:51 AM Revision dbc5fd33: Set keepalive_timeout 0 where captive portal in use, and update otherwise to nginx's current default of 75. Ticket #6421
-
- Yes, sorry, ntopng package is here: https://github.com/pfsense/FreeBSD-ports/tree/devel/net/pfSense-pkg-ntopng
-
- pfsense-packages repo on github is no longer in use (it was used before 2.3 )
New packages go straight into the Free... -
- "*pfSense* has now been added back into the FreeBSD-ports tree" ... sorry, meant ntopng obviously.
-
- The ntopng package was previously removed from pfSense 2.3.x because the ntopng port didn't build in FreeBSD.
pfSe... -
- Good catch, Chris. Fix pushed to disable the keepalive in captive portal's nginx instances. In that circumstance, the...
06/02/2016
-
- it no longer exists. Documentation updated.
- 11:32 PM Revision 99c4d90d: Fix save and reset buttons on status_lb_pool.php. Ticket #6254
- 11:32 PM Revision f77510e4: Fix save and reset buttons on status_lb_pool.php. Ticket #6254
- 11:31 PM Revision e2f0b061: Fix save and reset buttons on status_lb_pool.php. Ticket #6254
-
- there were changes on other tickets forcing pkg updates which I believe fixed the original issue here in >=2.3.1.
-
-
- not seeing any issues here, and it seems to work for everyone else. Going to need an example config that doesn't work...
-
-
- fails because of the crypt using a base64_encode of the password as a salt in that case, plus also fails >8 character...
-
- that's the same root cause as #5940
- 08:56 PM Revision 98cad99b: Add grub2-bhyve to poudriere
- 08:56 PM Revision 068fb8bf: Add grub2-bhyve to poudriere
- 08:55 PM Revision 88aec75d: Add grub2-bhyve to poudriere
-
- this is likely a duplicate of #6296. Some other things noted, like the GUI dying, are probably duplicates of other di...
-
- haven't seen any other such reports. Gave Pale Moon a shot myself, it behaves just fine. Granted this is on 2.3.1_1, ...
- 07:00 PM Revision 0ff630f1: Fix #6440 RADIUS issued IPs
- This is a checkbox - the state in the config is stored as set or not set.
This should fix the reported issue. I don;t... - 07:00 PM Revision 74509a47: Fix #6440 RADIUS issued IPs
- This is a checkbox - the state in the config is stored as set or not set.
This should fix the reported issue. I don;t... - 06:59 PM Revision a409475b: Merge pull request #2991 from phil-davis/patch-2
-
- fix pushed
-
-
-
- Resolved with https://github.com/pfsense/FreeBSD-ports/pull/140
-
-
- Resolved with https://github.com/pfsense/FreeBSD-ports/pull/140
-
-
- Resolved with https://github.com/pfsense/FreeBSD-ports/pull/140
-
05:21 PM Bug #6441: Unable to restrict access to management interface
- Chris Buechler wrote:
> no it isn't, it's protocol "any"
Yes, I see it now. This is NOT a bug and this IS a 100% ... -
- no it isn't, it's protocol "any"
-
- Chris Buechler wrote:
> It's not a bug, please post to the forum for assistance. You can't specify ports if the prot... -
- Using Google Chrome Version 51.0.2704.63 (64-bit) allows me to rearrange the order of the rules for the firewall.
... -
- It's not a bug, please post to the forum for assistance. You can't specify ports if the protocol isn't TCP and/or UDP.
-
- Jim Pingle wrote:
> I can't reproduce this. I am able to use a port type alias in the destination ports field when t... -
- I can't reproduce this. I am able to use a port type alias in the destination ports field when the destination is set...
-
- OS: FreeBSD 10.3-RELEASE-p3
Ver: 2.3.1-RELEASE-p1(amd64)
The goal: To restrict access from one of the subnets (OP... -
- works
-
09:53 AM Bug #6438: System Tunables refuses non-alphanumeric characters
- Yes, I agree that this should cover it. Thanks!
-
03:31 PM Bug #4418: IPsec mobile clients - bogus "p" appended to search domain
- I have just setup a new pfSense install and I am seeing this bug again on version 2.3.1-RELEASE-p1. Happens regardle...
-
- not a replicable problem. That file is auto-generated by unbound's unbound-control-setup, which is run prior to testi...
-
09:09 AM Bug #6442 (Not a Bug): DNS Resolver - error
- Hello,
I'm getting the folowing error when I want to enable / save the DNS Resolver.
I've installed a fresh (VA) ... -
-
- Applied in changeset commit:9a9b000767749bcb54f3583cd6099dddb6d555db.
-
- merged, thanks! that works.
-
- Pull request: https://github.com/pfsense/pfsense/pull/2991
I think that is the only bug here, please test and report... -
12:53 AM Bug #6440 (Resolved): vpn_l2tp.php: "RADIUS issued IPs" option is not set on page open
- Box: 2.3.1-RELEASE
Steps to reproduce:
# Check *RADIUS issued IPs* checkbox and save
# Go to any other page
# G... -
- Any of the coredevs been able to replicate this?
-
-
01:53 PM Bug #4031: Notifications mail bomb in some gateway failure circumstances
- It would be nice if something similar could be baked in for CARP notifications as well. Our relatively small HA setu...
-
11:20 AM Bug #2896: IPsec failover may not fully attach to new interface address
- Is this workaround no longer needed as of 2.2/2.3? I see that the "Force IPsec reload on failover" option was remove...
-
- Philipp Resch wrote:
> The issue still persists, I now get a picture right away with the new version, but it stops a... - 07:13 AM Revision 9a9b0007: Fix #6440 RADIUS issued IPs
- This is a checkbox - the state in the config is stored as set or not set.
This should fix the reported issue. I don;t... - 03:38 AM Revision bf19eec7: add dhcp_probe
- 03:38 AM Revision 2db3eac1: add dhcp_probe
- 03:37 AM Revision 964f77a8: add dhcp_probe
- 03:07 AM Revision 3eae2391: Add BIND package
- 03:06 AM Revision aa243f91: Add BIND package
- 03:06 AM Revision 64bbccf2: Add BIND package
- 12:44 AM Revision 77e9359b: Allow - and _ in sysctl values. Ticket #6438
- 12:44 AM Revision 3c8e75d4: Allow - and _ in sysctl values. Ticket #6438
- 12:43 AM Revision 582a45f9: Allow - and _ in sysctl values. Ticket #6438
06/01/2016
- 09:53 PM Revision e488da26: Don't override type so changing it is possible. Ticket #6439
- 09:53 PM Revision f69501ba: Don't override type so changing it is possible. Ticket #6439
- 09:52 PM Revision 7562fc99: Don't override type so changing it is possible. Ticket #6439
-
- some issues beyond that on that page as well.
-
11:51 AM Bug #6435 (Duplicate): Unable to edit PPTP using interfaces_ppps_edit.php
- Hey,
since 2.3 it is no longer possible to edit a PPTP wan configuration using /interfaces_ppps_edit.php .
Any v... - 07:47 PM Revision 889247b3: Allow - in TFTP Server field. Ticket #6433
- 07:46 PM Revision 0651aff3: Allow - in TFTP Server field. Ticket #6433
- 07:46 PM Revision be0ab085: Allow - in TFTP Server field. Ticket #6433
-
- I added - and _ as allowed characters. I believe that covers every usable sysctl value.
-
- Create system tunable 'kern.timecounter.hardware' with value 'TSC-low' through the web GUI of pfSense 2.3.1_1.
Try... - 06:55 PM Revision c72c71f9: Comment typos
- I can't resist fixing them when I see them.
- 06:55 PM Revision 00bdbab7: Merge pull request #2990 from phil-davis/colmn
-
- That wasn't the behavior I was seeing; but I was also knee deep in a dozen other fires most of the day, so I could be...
-
- You don't have to restart it. It only applies to new sessions, so you have to disconnect any existing if you want it ...
-
- Figured it out; when changing bandwidth limits, you seem to have to restart the captive portal instance/zone/service....
-
- no apparent issues. With no auth, on 2.3.1_1.
At 500 Kb up and down:
http://www.speedtest.net/my-result/53714747... -
- I have configured a captive portal and set download and upload speed limits. The downstream limit works as intended....
-
- fix pushed
-
- When changing the Link Type field on interfaces_ppps_edit.php, the page refreshes, and goes to the appropriate ?id=X&...
-
- Kill Bill: 2.3.1_1 fixed the bulk of remaining things there that 2.3.1 didn't. There's still something to this on occ...
-
- +1; seems pretty replicable here when you leave the dashboard page open in a browser for a couple of hours. (Not 2.3....
-
- fix pushed, thanks.
-
11:23 AM Bug #6433 (Resolved): "TFTP Server" field on DHCP server page does not allow hyphen character.
- Entering a host name with a "-" in it gives a generic "Please match the requested format" error, for the "TFTP Server...
-
- Child queues (not the interface itself) under interfaces set for CBQ are not showing options for bandwidth or borrowi...
-
12:46 PM pfSense Packages Feature #6436 (Resolved): Add Stunnel binaries to the pfSense repository
- Please consider adding the Stunnel binaries and its dependencies to the pfSense repository. The Stunnel package has d...
-
- Phillip
You may create a Account on
https://forum.pfsense.org/index.php?board=6.0
and send me your Email Adresse ... -
06:17 AM Bug #6099: igmpproxy does not recognize upstream interface
- The issue still persists, I now get a picture right away with the new version, but it stops after a few seconds.
H... -
- Philipp Resch wrote:
> Inserted route table entry for 232.0.20.35 on VIF #-1
> Inserted route table entry for 232.0... -
- Philipp Resch wrote:
> This might be of interest, if not, please remove.
>
> I am already on the "new" German Tel... -
- Updated the code at https://github.com/ViToni/igmpproxy/tree/getifaddrs
to get the correct value into @Dp->InVif@ an... -
- Stefan Heck wrote:
> @Victor Toni
> I did some Debugging today and finally got your Code working
>
> in mroute-... -
-
-
- Please try 1.1.2_3, I pushed a fix
-
- Looks like the dependency on sysutils/logrotate was listed in ports_before on the old 2.2.x package but that didn't g...
-
- 07:27 AM Revision e6367325: Comment typos
- I can't resist fixing them when I see them.
-
05:52 AM Bug #6432 (Resolved): Relative distinguished names should accept unicode during CA creation.
- Hi,
I found improper behavior during creation of CA.
Data that was used to create CA:
emailAddress=xxxxx@idium... -
04:16 AM Bug #6431 (Resolved): Cannot set queue bandwidth (CBQ)
- In CBQ mode when we would like to create or edit child queue there is no field to define the bandwidth.
And there ... -
01:25 AM Revision 7c97f817: Services Status Widget - Status Indicator
- Use the get service status icon function.
-
- Use status icon instead of text. Icon and title should be fine.
-
- Add prefixes to Status and Actions.
Remove textual status. Icon and title should be fine. -
- Add option for thumbs up/down icon.
Add option to specify title contents.
Distinguish between Stopped and Disabled wi... -
- Over the years I have thought that this would be handy, but never got around to doing anything about it.
Pull reques...
05/31/2016
- 11:28 PM Revision c25c6714: Add a check to see if the file exists before running filesize on it, to avoid PHP error.
- 11:26 PM Revision 14645549: Add a check to see if the file exists before running filesize on it, to avoid PHP error.
-
- It ought to ignore at least localhost and the system's own hostname.
the second suggestion is already done by dhc... -
08:57 PM Bug #6430 (Confirmed): pfsense should sanity-check hostnames when copying from dhcpd.leases to /etc/hosts
- Background - I was troubleshooting something and did a dig of localhost.
@aLinuxServer ~ $ dig localhost
...
;; ... - 10:14 PM Revision a094b5ff: Link to correct schedule from firewall_rules.php. Ticket #6428
- 10:13 PM Revision 20f46e77: Link to correct schedule from firewall_rules.php. Ticket #6428
- 10:13 PM Revision 92da593a: Link to correct schedule from firewall_rules.php. Ticket #6428
-
-
-
-
- tolower needs to be on the username field, otherwise im sure a lot more bugs will be filed due to the username only w...
-
- it works fine, please get in touch via support for assistance.
-
- I saw that ACB was reported as resolved so i ran all updates, removed, and reinstalled ACB, well guess what its still...
-
06:06 PM Bug #6429 (Not a Bug): DHCP: makeing dynamic entry static does not work
- I have this entry:
10.32.12.246 64:bc:0c:80:52:89 2016/05/31 22:04:39 2016/06/01 00:04:39 online active
an... -
- fix pushed
-
- The link to edit a schedule on firewall_rules.php always links to the first schedule.
fix coming momentarily. -
- Just a piece of outside advise, do not rule out the Draytek, im a Network Engineer with 24 Certification, i have seen...
-
- Gateway monitoring has no relation to PPPoE reconnection.
mpd is retrying over and over to connect in your logs. ... -
06:43 AM Bug #6423 (Not a Bug): WAN doesn't reconnect on dropped PPPoE session
- Hi,
I've been troubleshooting this issue for about a month solidly now, and am certain it's a bug after swapping o... -
03:59 PM Bug #6426 (Not a Bug): Regression Bug #3216
- I noticed that in version from 2.2.5 to 2.3.1 which I have tested there is a regression for this bug. If I want to cr...
-
-
-
-
- upgrade does not change that setting. Followed up in forum thread.
-
07:52 AM Bug #6425: serial terminal disabled after upgrading to 2.3.1_1
- forum link : https://forum.pfsense.org/index.php?topic=112812.msg627846
-
- pfSense on Alix APU1D (SSD 128, 4G RAM, AMD64), not the embedded version, the full version.
I was with pfSense 2.3... -
-
-
-
-
-
-
-
-
- Every time user is added or modified, make sure all default config
files are copied over from /etc/skel to user's hom... -
-
-
-
-
-
11:05 AM Feature #4821: PPPoE WANs do not take full advantage of NIC driver queues for receiving traffic
- Any news on this task? I'm deploying fiber internet on many pfsense APU2C4 and bandwith from wan is limited to 350 Mb...
-
-
-
- This works fine when properly configured. Please post to the forum for configuration assistance.
-
07:45 AM pfSense Packages Bug #6424 (Not a Bug): Proxy filter For HTTPS
- Not Able to Filter HTTPS traffic on 2.3.1-RELEASE-p1 (amd64).
-
- Victor,
the Change you have suggested does not work for me.
I also have the Problem that the streams stop respo... -
- Good catch!
While your are on it could you try to replace line https://github.com/ViToni/igmpproxy/blob/getifaddrs... -
- @Victor Toni
I did some Debugging today and finally got your Code working
in mroute-api.c function addMRoute the ... -
-
-
- to match edit to util.inc
-
- 1) Function can be simplified and all "if" statements removed, using intdiv (or casting result as int for PHP < 7) an...
-
05:28 AM Bug #6422 (Duplicate): PHP Fatal error: Call to undefined function gettext() in /etc/inc/rrd.inc on line 60
- HA Setup, fw2. Crash reporter multiple times, might be related with XMLRPC sync (which has been failing some times, w...
-
- Useful function in some circumstances - seems no reason not to have it.
Uses IP rather than hostname since not all A... -
- Using nginx as the captive portal web server with keepalive_timeout 65 causes attempts to access sites after authenti...
-
-
When there is no RRD data sample for the current minute the graph, last, and minimum data values are zero in certa...
05/30/2016
-
- OS: 2.3.1-RELEASE (i386)
built on Tue May 17 18:46:37 CDT 2016 FreeBSD 10.3-RELEASE-p3
Platform: PC-Engines Alix... -
-
- The only desired change for login.conf is to suppress motd. It will be
applied on FreeBSD-src, where it should be -
-
-
-
-
-
-
02:16 PM Bug #6418 (Resolved): NTP changes for system.inc
- There is a bug in system.inc in generating the custom access restrictions:...
-
-
- These files don't need to be present on pfSense main repo, they are
updated according our needs during first boot so ... -
12:54 PM Bug #6417 (Not a Bug): PHP startup errors
- Warning: PHP Startup: Unable to load dynamic library '/usr/local/lib/php/20131226/curl.so' - /usr/lib/libssl.so.7: Un...
-
10:06 AM pfSense Packages Bug #6274: Missing tabbar in HAProxy for restricted group
- Finally had time to update.
Yes it is fixed!
Thank you very much. -
- ...
-
- Philipp Resch wrote:
> Hi, your patched version does now also find the pppoe interfaces,
> although I was not yet a... -
- Hi, your patched version does now also find the pppoe interfaces,
although I was not yet able to get a picture.
H...
05/29/2016
-
10:48 AM Feature #6415 (Duplicate): Restore "Period" data summary column (Status > Monitoring) in pfSense 2.3
- pfSense versions prior to 2.3 included a period data _usage_ column under RRD Graphs. This was incredibly useful for ...
05/28/2016
-
09:03 AM Bug #6099: igmpproxy does not recognize upstream interface
- Victor Toni wrote:
> So I went for the getifaddrs() approach and integrated the patch into my branch. It seems to de... -
- I've created a pull request for this: https://github.com/pfsense/FreeBSD-ports/pull/138
Note that this is a diffe... - 02:25 AM Revision 7cbb6737: Use 0 here if specified. Ticket #6413
- 02:24 AM Revision 8ed54652: Use 0 here if specified. Ticket #6413
- 02:23 AM Revision c9fd7ee0: Use 0 here if specified. Ticket #6413
05/27/2016
-
- what I just pushed fixes
-
-
12:57 PM Bug #6413 (Resolved): dhcpd.conf DDNS PTR zone wrong with third octet of 0
- Reference Link:
https://forum.pfsense.org/index.php?topic=112607.0
______________________________________________... -
-
-
-
-
-
-
- Lars Karow wrote:
> Seems like, that ifvc.c (igmpproxy) does NOT create the full list of all interfaces in function ... -
- This might be of interest, if not, please remove.
I am already on the "new" German Telekom platform, where VLAN8 n... -
-
-
-
02:16 PM Feature #6414 (Rejected): SSHD listening on multiple ports
- Like it can be done on the sshd.conf allow multiples ports for SSHD listening socket.
-
-
-
-
12:53 PM
Bug #6158 (Resolved): diag_dump_states.php & others: Prefixes not taken in to consideration while sorting
-
04:35 AM Feature #6412 (New): Add includedir directive for /var/etc/xinet.d to xinetd configuration
- Dear pfsense developers,
is there a plan to add a check_mk agent package again ?
I use check_mk and have to fix... -
- Dear pfsense-developers,
i like your work to keep everything updated.
But would it be possible to classify if an ... -
04:24 AM pfSense Packages Bug #6410: when PFSENSE after server restart,openvpn+motp not login
- Chris Buechler wrote:
> is freeradius running at all before you do that?
1.i fund where pfsense server restart fr... -
- Chris Buechler wrote:
> is freeradius running at all before you do that?
1.i fund where pfsense server restart f... -
- is freeradius running at all before you do that?
05/26/2016
-
- Fixes the console on ARM.
-
08:29 PM
Bug #6372 (Resolved): OpenVPN client page does not expose proxy port field
-
- when PFSENSE after server restart,openvpn+motp not login
the solution is :
click services->freeradius->users
... -
05:32 PM Bug #6409: hostname in alias does not work for port forwarding
- Tested versions: 2.3, 2.3.1_1
-
- I have a docker container running with dynamic DNS I am trying to portforward out.
The name registry-sysd.containers... -
- Lars Karow wrote:
> Seems like, that ifvc.c (igmpproxy) does NOT create the full list of all interfaces in function ... -
- One person on the ticket claims it wasn't fixed. Many on the forum and elsewhere have stated it's fixed for them. Eit...
-
- Jim Pingle wrote:
> Sounds like #6296 -- Update to 2.3.1 or 2.3.1_1 and it should be fixed.
It would seem accordi... -
- Sounds like #6296 -- Update to 2.3.1 or 2.3.1_1 and it should be fixed.
-
- I am seeing an issue where one of my interfaces completely drops offline. em2 to be precise, it is a e1000 interface ...
-
11:27 AM Bug #6408 (Duplicate): NTP ACL settings page can't be updated
- In 2.3.1 and 2.3.1_1, I am unable to save any changes to the Services/NTP/ACLs page (services_ntpd_acls.php). Just cl...
-
08:41 AM Bug #6406 (Resolved): Web process becomes unresponsive producing 502 Bad Gateway nginx
- Eventually the web process becomes unresponsive and produces...
-
06:23 AM Bug #6405 (Not a Bug): OpenVPN Server fails to start at boot when listening on v6
- On the latest update (2.3.1_1 - and also occurred on 2.3), when OpenVPN is set to listen on v6 only, it fails to star...
-
- There's also four typos on the same page.
defined alias, or a *commma seperated* list
Should be "comma separate... -
- I noticed that in version from 2.2.5 to 2.3.1 which I have tested there is a regression for this bug. If I want to cr...
-
- 502 Bad Gateway happened again.
-
- *on standby node:*...
-
- That's the "still some large number of states", just exhausting the larger limit. How many states do you have active?...
-
- after upgrade to 2.3.1_1 same problem
Crash report begins. Anonymous machine information:
amd64
10.3-RELEA...
05/25/2016
-
09:32 PM pfSense Packages Bug #6404 (Resolved): FreeRADIUS Does Not Start After Upgrade
- After applying an upgrade to pfSense the system reboots. When the system reboots the radiusd daemon does not restart ...
-
- (cherry picked from commit f42ef69ab518237260a2e129cbdf391549c003ad)
-
-
- fixed
-
- works
-
07:10 AM
Bug #6401: OS X and Chrome change js doesn't change field visibility correctly
- Applied in changeset commit:fe68a6a2b28c897cb3a8f8fda452c25f649556f1.
-
06:58 AM
Bug #6401 (Feedback): OS X and Chrome change js doesn't change field visibility correctly
- This issue is caused by the way Chrome handles "click" events bound to select inputs.
Changing the JQuery from "cl... -
- the 502 is something different and unrelated, cause wasn't apparent. Keeping an eye on it
-
- Chris,
That same system is now displaying the following message, and the UI is down:... -
- Zeev: that isn't a valid test, you have to require config.inc like all the pages in the GUI do to get the ini_set wit...
-
- So that is running out of memory in pfSense_get_pf_states() and/or it trying to create the return $states array.
-
- sorry i can't
i changed
@
<?php
$nodes = array();
$states = pfSense_get_pf_states();
fo... -
- Can you get the value of count($states) ?
It will be interesting to know if the count of states is really crazy high.
-
- i found that following code is cause the crash:
/usr/local/www/status_carp.php lines 258-268
@<?php
$nodes = arra... -
- even update to 1GB is not helped:
_ Crash report begins. Anonymous machine information:
amd64
10.3-RELEASE-... -
- change of config.inc didn't helped
Crash report begins. Anonymous machine information:
amd64
10.3-RELEAS... -
- result of *uname -a*
FreeBSD TLWV-FW1.EISLAB-IL.INTRA 10.3-RELEASE-p3 FreeBSD 10.3-RELEASE-p3 #1 3ef16fb(RELENG_2_3_... -
- This is incorrect. i run cluster of 64bit. each server 2x X5660 (6core) CPUs and 32GB ram and i have the problem.
-
- fixed
-
- fix pushed
-
03:41 PM Bug #6296: Interface dies with IPsec and SMP
- This just happened to me again on 2.3.1 - I've left the system in the locked up state in case you want (or want me) t...
-
- This is perhaps a better fix.
https://github.com/pfsense/FreeBSD-ports/pull/137
-
- This should fix it.
https://github.com/pfsense/FreeBSD-ports/pull/136
-
- Make the code cleaner and easier to follow by using the same alias type designations as config.
(cherry picked from ... -
- Need to pass alias type to process_alias_urltable() function when creating a new url table alias because it is not ye...
-
- (cherry picked from commit f42ef69ab518237260a2e129cbdf391549c003ad)
-
- Make the code cleaner and easier to follow by using the same alias type designations as config.
(cherry picked from ... -
- Need to pass alias type to process_alias_urltable() function when creating a new url table alias because it is not ye...
- 12:29 PM Revision 6b1e89c9: Merge pull request #2983 from NOYB/Firewall_/_Aliases_/_Edit_-_New_URL_Table_Alias_Type
- 12:01 PM Revision e139a205: Fixed #6401
- (cherry picked from commit fe68a6a2b28c897cb3a8f8fda452c25f649556f1)
- 12:00 PM Revision c32e3ab8: Fixed #6401
- (cherry picked from commit fe68a6a2b28c897cb3a8f8fda452c25f649556f1)
- 11:59 AM Revision fe68a6a2: Fixed #6401
-
- From the tests we ran for the last couple of days we saw kernel panic using limiters in multiple vlans but no impact ...
- 05:06 AM Revision 5a677f81: Handle mode correctly with Auto IKE. Ticket #6360
- 05:06 AM Revision 065a9cd8: Handle mode correctly with Auto IKE. Ticket #6360
- 05:05 AM Revision f30e15fa: Handle mode correctly with Auto IKE. Ticket #6360
-
- Make alias type URL (IP) available for selection in firewall rules.
-
- Make alias type URL (IP) available for selection in firewall rules.
- 03:25 AM Revision f9c72062: Merge pull request #2985 from NOYB/Firewall_/_Rules_/_Edit_-_URL_(IP)_Alias
-
- Make alias type URL (IP) available for selection in firewall rules.
-
03:05 AM Bug #6376: Settings can't be saved
- I can confirm Ph. T's finding.
Removing deny config-write solves the problem.
-
-
- Make the code cleaner and easier to follow by using the same alias type designations as config.
-
- Need to pass alias type to process_alias_urltable() function when creating a new url table alias because it is not ye...
-
- A different forum member has came across this issue & has confirmed that reverting to 0.99.24.1 fixes the problem.
05/24/2016
-
- The change I made on #6318 resolves subject issue generally. I'll un-mark this as a duplicate for tracking purposes s...
-
- this is a duplicate of #6318 then. Yes if it's that easy to replicate, please email me so we can arrange access. thanks!
-
- Removing the IPsec widget appears to have prevented the eventual failure. This sounds like a different issue. Irrespe...
-
- there are limitless possible reasons for this to happen, just means php-fpm is hung up doing something. One I've hear...
-
- This is more widespread than just IPsec P1s. It appears to affect any page that has field changes from Javascript, fo...
-
- Choosing AES then 3DES on IKEv2 Phase 1 leaves key length selector active, resulting in a broken config.
I was abl... - 11:32 PM Revision dd4053d5: Lower default LDAP timeout to 5 seconds. Idea from Sandeep1991 in PR 2971. Ticket #6367
- 11:32 PM Revision 45859aae: Lower default LDAP timeout to 5 seconds. Idea from Sandeep1991 in PR 2971. Ticket #6367
- 11:31 PM Revision e8c09a23: Lower default LDAP timeout to 5 seconds. Idea from Sandeep1991 in PR 2971. Ticket #6367
- 11:17 PM Revision 062a5434: Set request_terminate_timeout to the same as max_execution_time in case something executed externally doesn't respond, to avoid hanging up all of php-fpm eventually. Ticket #6318 among other similar potential issues.
- 11:17 PM Revision 42d2f11a: Set request_terminate_timeout to the same as max_execution_time in case something executed externally doesn't respond, to avoid hanging up all of php-fpm eventually. Ticket #6318 among other similar potential issues.
- 11:12 PM Revision fa01d062: Set request_terminate_timeout to the same as max_execution_time in case something executed externally doesn't respond, to avoid hanging up all of php-fpm eventually. Ticket #6318 among other similar potential issues.
- 11:04 PM Revision 32960b14: Relax Suhosin to allow a 512M memory limit
- 11:03 PM Revision 4584521e: Relax Suhosin to allow a 512M memory limit
- 11:03 PM Revision 785cef80: Merge pull request #2984 from NewEraCracker/php-memlimit
-
- fixed, thanks!
-
- that works, merging
-
- Aliases of the URL (IP) type are not available for selection in firewall rules.
This should fix it.
https://githu... -
- Thanks to Alex for getting me into an affected system. It's occasionally getting stuck in pfSense_ipsec_list_sa, with...
-
- Steve Beaver wrote:
> I have looked through the code again and nothing really stands out.
>
Ditto. Heard of rou... -
01:05 PM
Bug #6318: IPsec dashboard widget causes GUI failure
- I have looked through the code again and nothing really stands out.
It would be helpful to know:
* How many tun... -
- 09:00 PM Revision e266e6d1: Relax Suhosin to allow a 512M memory limit
-
-
-
-
-
-
- 08:48 PM Revision b20c7ef1: Set PHP's memory limit to 512M on 64 bit. Ticket #6364
- 08:47 PM Revision 16bcd358: Set PHP's memory limit to 512M on 64 bit. Ticket #6364
- 08:47 PM Revision b6899307: Set PHP's memory limit to 512M on 64 bit. Ticket #6364
-
07:36 PM Bug #6402 (Resolved): Monitoring won't save default configuration of 8 hours with 1 minute resolution, resets resolution to 5 minutes when switching from 1 hour, 1 minute resolution
- I can save the default to 1 hour, 1 minute resolution, but just changing the window to 8 hours auto-selects a 5 minut...
- 07:10 PM Revision 751b9531: Add nrpe to poudriere_bulk
- 07:10 PM Revision 18f38828: Add nrpe to poudriere_bulk
- 07:10 PM Revision 4b643ce8: Add nrpe to poudriere_bulk
-
- This came about because I fixed #6352, so it's now doing things it should have been doing but wasn't previously in th...
- 05:44 PM Revision 5ce16fc1: Changed element type from date to text. Date inputs are not yet handled consistently accross different browsers :(
- (cherry picked from commit d78dbc34299652c637c77684b7848191c510f9f0)
- 05:44 PM Revision d78dbc34: Changed element type from date to text. Date inputs are not yet handled consistently accross different browsers :(
-
03:55 PM Bug #6400 (Closed): assign_interfaces.php issues with large numbers of interfaces
- On a firewall running 2.3.1, after creating ~200 vlans, assign_interfaces.php gets _very_ slow while taking 100% cpu....
-
- It has nothing to do with the number of VLANs or interfaces, if the state table is really large, it runs out of memor...
-
- currently i can't enable CARP on my cluster and if active node will failed for some reason I'll be without network at...
-
- Need to pass alias type to process_alias_urltable() function when creating a new url table alias because it is not ye...
-
- That is a different issue. It has to do with the url table download and parsing. It occurs irrespective of this fix...
-
- Phillip/Chris/Renato,
I've noticed that I had to save the URL several times before the issue went away. It seemed ... -
- Merged. Thanks!
-
- Proposed fix.
https://github.com/pfsense/pfsense/pull/2980
Keeps full line comments of downloaded url table file,... -
- Well I guess we can both lay claim to ignorance.
Looking over the FreeBSD pfctl man page it seems to me that "addr... -
- it shows what RRD files are there. You can delete old ones from /var/db/rrd/ if you no longer want that data. I've co...
-
04:25 AM Bug #6397 (Not a Bug): Status-Monitoring-Quality allows selection of nonexistent GW
- When you create a new WAN gateway it is automatically added to the monitoring drop down menu (quality section). If yo...
-
- only two remaining in 2.3.x+ are PPPoE and L2TP servers.
-
- Use apostrophe instead of quote.
(cherry picked from commit d3706c81f7f77d21635c335d19e6626a4f7b568b) -
-
- Fix for Bug #6395 that keeps full line comments of the downloaded file but strips them for the pf rules load.
(cherr... -
- 10:44 AM Revision 37135283: Fix #6381 ipv6nat_ipaddr
- (cherry picked from commit f489cfdbd4705578ee290b9df5bafe86efddbca8)
- 10:44 AM Revision cf44fe72: Fix #6381 ipv6nat_ipaddr
- (cherry picked from commit f489cfdbd4705578ee290b9df5bafe86efddbca8)
-
-
-
08:25 AM pfSense Packages Bug #5839: Squid package loses all settings when upgrading from 2.2.2 to 2.2.6.
- As an added note on this, on one of my systems at least, the option defaulted to not save and cleared the config on u...
-
-
-
- backups should be a numeric int.
text hint for number of backups can now refer to the global value for this platform ... -
- At the same time the platform is being detected for PHP/GUI purposes, set the default number of backups. Also handle ...
-
-
- Fix for Bug #6395 that keeps full line comments of the downloaded file but strips them for the pf rules load.
-
- Merged, thanks!
-
- If the current (and perhaps some recent) backup configs in the cache are unusable, due to failing checking on router ...
-
- I would like to support this request for an updated and more efficient support for multicast.
As a user of the IPTV... -
01:57 AM Bug #6372: OpenVPN client page does not expose proxy port field
- Legend!
Glad it was a simple fix, thanks!
05/23/2016
-
- I might show my ignorance here. pf supports the table directive like:
@table <spammers> persist file "/etc/spammers"... -
- I think there may be a bigger issue here that just it works this way and not that way.
Essentially it is being handl... -
- Yes, the ports "table" is actually implemented as a list contained in a file, which is inserted inline into the rules...
-
- Workaround: Use alias type URL (Ports) instead of URL Table (Ports).
A better way of removing the comments than re... -
- Phillip Davis wrote:
> Pull request https://github.com/pfsense/pfsense/pull/2979
> Can you try this?
> The old edi... -
- This has addressed the comment line removals.
FYI - the "URL Table (IPs)" did not have the comment removal issue.
... -
- Appears alias type url table (ports) is not being loaded as a table. It doesn't show up in diag>tables and the rules...
-
- Pull request https://github.com/pfsense/pfsense/pull/2979
Can you try this?
The old editing in 2.2.* was editing ou... -
- After upgrading from 2.2.6 on the 2.3.1 release, errors appear while loading rules, if the rule contains a "URL Table...
-
- On 2.3.1 after a bit of uptime, the web interface becomes inaccessible with the following message on a Netgate APU FW...
-
-
-
-
-
-
-
-
-
-
-
-
-
- duplicate of any number of other limiter issues
-
- James M wrote:
>
> I assume this is still a bug...?
No, see my last comment just above yours. -
12:57 PM Bug #5090: Wan failover fails to recover normal behaviour when all wans work again
- I am able to create the same issue, running a clean install of v2.3.1
2 WANs setup in gateway groups called "failo... -
12:25 PM Bug #6394 (Resolved): INCORRECT OUTPUT OF TRANSLATION
- Hello Development Team,
I want to report a problem with incorrect output on PfSense 2.3.1 when the language are de... -
10:48 AM Bug #6311: pfSense 2.3 locking up
- Marco Manenti wrote:
> if yes, try to add in /boot/loader.conf legal.intel_iwi.license_ack="1"
Uhm, I think that'... -
- There is some support in diag_smart.php for running smartd persistently that was activated in 2.3 (it was commented o...
-
09:24 AM pfSense Packages Bug #4304: pfflowd non-functional on 2.2.x versions
- Aside: Softflowd unfortunately doesn't let you specify the source interface/address for sending netflow packets (whic...
-
- The CN is applied properly in each case I've tried. For example:
!http://i.imgur.com/MP0rN2j.png!
Results in the ... -
01:04 AM Bug #6387 (Not a Bug): Comman Name ignored when creating SSL Server Certificate with the Cert Manager
- When creating a certificate for a server using the Cert Manager. The Common Name is not applied to the certificate, o...
-
- Use apostrophe instead of quote.
-
04:52 AM Feature #6392 (Duplicate): Allow folding based on separators in firewall rules
- When you have a lot of rules in the firewall section, you can visually seperate them with seperators (one of the new ...
-
03:27 AM Bug #6391 (Resolved): View Current Portal Page goes to wrong URL
- When uploading custom HTML for the Captive Portal, there are options to view the current uploaded HTML in browser.
... -
01:36 AM Todo #6390 (New): Autoscale from Traffic Graph not correct size (big graphs)
- Hey guys
The autoscale feature from the traffic graph is too big. Attached is a screeshot, where your can see what... -
01:31 AM pfSense Packages Bug #6389 (Resolved): Suricata typo under interface rules tab
- Under "Rule Signature ID (SID) Enable/Disable Overrides" it says below the buttons "When finished, click APPLY to sav...
-
- Hey guys
The Dashboard save the changes for all users. For example, I have 2 users (one admin and one for a monit...
05/22/2016
-
10:44 PM Bug #6386 (New): Switching Router Advertisements to disabled should broadcast IP Removal messages
- Switching the RA mode from anything to disabled causes the clients to remove the gateway but keep the address for awh...
-
09:05 PM Feature #6385 (Closed): Add Download-only option to System Update
- Can you please investigate allowing system updates to be downloaded separately to the upgrade and reboot of the syste...
-
- I have no issues since removing the IPsec widget. Now on 2.3.1 and have not seen a lockup
-
03:36 PM Feature #6384 (Duplicate): Allow IPSEC P1 to have 2 peer remote gateway IP addresses to allow VPN failover faster without requiring DDNS
- *The problem*
* IPSEC tunnel failover with DDNS takes over 2.5 minutes.
Today, with DDNDS and WAN gateway groups,... -
01:05 PM Bug #6383 (Not a Bug): Manual Update via WebGUI not working in 2.3.x
- The manual firmware update via the WebGUI is no longer working in PfSense > 2.3.x.
That feature ist very handy to up...
05/21/2016
- 11:33 PM Revision f489cfdb: Fix #6381 ipv6nat_ipaddr
-
- I assume that you are either on Nano or are using RamDisks? If that is the case, the /var folder gets wiped at reboot...
-
08:58 AM pfSense Packages Bug #6380 (Resolved): pfBlockerNG blocks traffic on server reboot
- I have pfblockerng with DNSBL enable.
I have one DNSBL List called "ConsolidatedDNSBLLists" that is pulling from "... -
- Thanks for the report. Will add the missing "." in the next version.
-
07:09 PM Bug #6381: IPv6 over IPv4 Tunneling Option
- I can confirm this does resolve the issue. Thanks
-
- This should help https://github.com/pfsense/pfsense/pull/2976
-
- I have checked all of my 2.3/2.3.1 installs and they all have the same problem.
-
- Since 2.3 I have noticed that the "IPv6 over IPv4 Tunneling" option in Advanced -> Networking does not retain the IP ...
-
05:06 PM pfSense Packages Bug #6274: Missing tabbar in HAProxy for restricted group
- Should be fixed in current pkg0.47 version. Can you confirm?
-
12:50 PM Bug #6382: assign firewall rule to a limiter kills its traffic
- update
after creating a limiter without assigning it to a rule, should i see a limiter on limiter info or should ... -
- after upgrading from 2.3 to 2.3.1 my traffic died and after some reinstalling and trying to make it work again
and ... -
12:01 AM pfSense Packages Feature #6379 (Closed): Please reinstate nameserver package
- Dear All,
Please consider bringing back TinyDNS or BIND packages. For a small place wishing to run own nameservers...
05/20/2016
-
- it was renamed in 2.3.1 to what we felt was most appropriate
-
-
-
-
-
-
-
- This reverts commit e7161dc3b62b306b57c8d094f93c2ec08c9e0af2.
-
- This reverts commit 5260817282c47a208be6daf683db0157544b2d08.
- 02:41 PM Revision c8009eee: Remove calls which rely in uninitizalized vars
- After analyzing implementations in RELENG_2_1 and RELENG_2_2, this code seems to be a left over after code rewrite
A... -
-
02:40 PM Revision 54f0c988: Add options to build zabbix3 packages
- (cherry picked from commit 783ca2b22f38fe22a465d2b5451c5e90fd9d1da6)
-
- 02:38 PM Revision 7f1349f7: Add freeDNS v6 support
- FreeDNS IPv6 support confirmed working using same method as v4 with v6 source address. Simple second service with _us...
- 02:38 PM Revision 52665e3d: Add menu item for freeDNS v6
- (cherry picked from commit d102e2d5d3f238fa4f35a1d935366a2e6153804e)
-
-
- I can't break either page with the new code, and I looked throughout the rest of the code base for any other similar ...
-
- The DNS servers are not necessarily ISP provided.
(cherry picked from commit 78869d5e82f149ad5bfb1e1d97d958d0bf1d0d54) -
-
- Use font awesome icons instead of text.
Universal recognition eliminates need of text translation.
(cherry picked fr... -
- 02:27 PM Revision adc90ad9: Removed global variables used on the version 2.2
- (cherry picked from commit d4af7f9e4a332278a80ba2a9c56df2064dc579d9)
-
- 02:26 PM Revision a5e2c664: Add the function gettext
- (cherry picked from commit 8d0b16a11c6a2a61fe51507a9b43b3bcad3aab80)
-
- 02:24 PM Revision 21951782: Fix Captive Portal's MACs icons
- Standardize pass/block icons with the rest of the system
(cherry picked from commit 96abde901f0c4e81d4cac0acd2361267... -
- 02:23 PM Revision fd45b31a: Fix closing `tbody` tag in Captive Portal's MACs
- (cherry picked from commit 22b50541377ec212d71e0686a0b6a20149b23a7c)
-
- 12:43 PM Revision 22b50541: Fix closing `tbody` tag in Captive Portal's MACs
- 12:34 PM Revision 96abde90: Fix Captive Portal's MACs icons
- Standardize pass/block icons with the rest of the system
-
-
12:23 PM Bug #6376: Settings can't be saved
- Same thing.
Admin work well but not LDAP user.
Modify group rights to resolve this issue. So no issue with HA as Ji... -
- Ok, i solved my problem:
within every new version of priviliges
my reflex is to add them to the user/usergro... -
- I think i can now clarify what causes the issue in my case:
Setup: vm (esxi-setup) with HA activated.
diff... -
- Please do not mix and mention other bugs on this ticket, as they are unlikely to be relevant.
The only way I could... -
- My configuration (hope it help):
Two pfsense on physical hardware (master and backup using HA)
(since version 2.3... -
10:08 AM Bug #6376: Settings can't be saved
- After upgrade pfsense amd64 2.3u1 to 2.3.1. I have the same problem, I using ESXI 5.5U3. For example the rules don't ...
-
- What is different in the system section between those two configuration files? Can you provide us with both system se...
-
- I found out, that i can trigger problem if i
import the system section of the active system.
- importing aliases ... -
- I think the problem is not comming from VM, I am using two physical servers with two different hardware (amd 64 both)...
-
- HA-Pair, i restored parts of configuration from the active system (2.3. -> 2.3.0_1 -> 2.3.1) which does no longer all...
-
08:19 AM Bug #6376: Settings can't be saved
- Jim Pingle wrote:
> That's not a good test. FreeBSD 10.x is not supported on ESX 5.1, only 5.5U3 or later. See http:... -
- That's not a good test. FreeBSD 10.x is not supported on ESX 5.1, only 5.5U3 or later. See http://www.vmware.com/reso...
-
- just did some more tests...
i have 2 environments
a) VMware vSphere 6: Update from pfSense 2.3u1 --> 2.3.1 witho... -
- Was the old configuration you restored from 2.3.x? You cannot restore parts of an older configuration to a new system...
-
- Same issue here:
- Basically the apply-settings does not appear.
Started from a clean install and imported parts
... -
- Thank you Steve and Yasin ls for feedback.
Same thing here: Problem occured after updating from 2.3u1 --> 2.3.1 -
- Thank you Steve.
Problem occured after updating from 2.3u1 --> 2.3.1
May this is important to now. if i can do so... -
- Same Problem here.
i just added new ethernet-interfaces in vmware and tried to configure them.
GUI did not save t... -
06:56 AM
Bug #6376 (Feedback): Settings can't be saved
- This is not reproducible and there are no other report of this from the field, which of course there would be were it...
-
- When configuration has to be updated using web gui, nothing is saved.
- 12:04 PM Revision 788c3cf5: Fixed #6872 Restored missing proxy port setting
- (cherry picked from commit 6b43692408912de3375b34cc1982ff73f52762a5)
- 12:02 PM Revision 6b436924: Fixed #6872 Restored missing proxy port setting
- 12:02 PM Revision 16fd5b50: Reduce maximum length of string to gettext()
- This limit is set at 4096 on PHP 5.6: http://lxr.php.net/xref/PHP_5_6/ext/gettext/gettext.c#139
Bug report on forum:... -
- > When you look at squidguard's Target Category list (assuming it's populated), the text is too faint as compared to ...
-
-
-
09:56 AM Bug #6318: IPsec dashboard widget causes GUI failure
- Brent Kerlin wrote:
> I have seen this issue frequently on clients since 2.3 rolled. I was more concerned with #62... -
- Use font awesome icons instead of text.
Universal recognition eliminates need of text translation. -
07:05 AM
Bug #6372 (Feedback): OpenVPN client page does not expose proxy port field
- Missing proxy port field restored.
-
- Ulysse FONTAINE wrote:
> Someone have made a commit on the pali/igmpproxy git: https://github.com/pali/igmpproxy/pul... -
05:13 AM Feature #6377 (Resolved): 6rd ipv6 tunnel: MTU settings not editable and not correlated to interface MTU (hardcoded to 1280)
- 6rd tunnel MTU is not user editable and is hardcoded to 1280.
The proper MTU value should be interface MTU minus 20 ... -
- Though LDAP is causing this delay, I do not think it is due to this as we have the same rc.bootup file for long time....
-
01:59 AM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic
- Hamilton Calixto wrote:
> We have this bug for 1 year. When a solution is presented? I am dismayed by this as it is ...
05/19/2016
-
-
- Meant to open under 2.3.2
-
- IPSec Profile in VPN menu should be renamed to *iOS IPSec Profile* . Would make it consistent with the heading under...
-
-
- 08:35 PM Revision 3b44f18b: Update openvpn.inc
-
07:50 PM Feature #6374 (Resolved): Provide sample server-side logic to report peer's IP address for use with DDNS
- Pursuant to Issue #6373 -
We can help (our) users of DDNS by providing sample code which organizations could choos... -
- Our RFC2136-style DDNS depends on external determination of the real IP address (usu. DHCP-assigned by the ISP). Suc...
-
07:24 PM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic
- We have this bug for 1 year. When a solution is presented? I am dismayed by this as it is an extremely important feat...
-
- Cannot configure OpenVPN client to use a proxy with the GUI, since the proxy port field is not exposed to the user.
... -
-
-
- Applied in changeset commit:335f1a8977cf0f711c712864379773e410e996a5.
-
- When action=config and smartmonemail contains a backticked shell command, it is executed on submit. The parameter doe...
-
- I first found this happening on 2.3, but waited until post upgrade on 2.3.1 and tested again extensively.
[[https://... -
-
-
- On forms with dynamic fields which will be shown/hidden while changing some drop down values like "Key Exchange versi...
-
- I was going to post again about this as well -- 2.3.x still doing this quite often and it's really crazy bad sometime...
-
11:31 AM Bug #4031: Notifications mail bomb in some gateway failure circumstances
- I am also experiencing this, with 2.3 and now also with 2.3.1. My absolute worst case was 1,500 emails within couple ...
-
- The DNS servers are not necessarily ISP provided.
-
- Global Logging Check Box
Firewall Rule logging - Enable Global logging to [ Status: System Logs: FIREWALL Log ]<br... -
- Memory already configured for 512M but in some place still configured ini_set('memory_limit', '256M'); your fix is f...
-
- Though this is my first bug fix. I think I found the solution to the bug. Php is crashing due to lack of memory. So f...
-
- 2.3.1 has same problem
-
- OP hasn't found the time to respond to the post.
a different forum member has confirmed reverting to version above s... -
- I'm guessing this may have been fixed by the more proper validation that config.cache is sane.
05/18/2016
-
-
Haven't seen this yet on 2.3.1 but because it is so inconsistent/sporadic, it is too soon to tell really. But so ... -
-
Have not seen this so far on 2.3.1. It's not been long and only a few reboots, but previously it was every boot. ... -
09:18 PM Bug #6367 (Resolved): Long delays with LDAP enabled w/local users during boot at "Synchronizing user settings..."
- This occurs when:
* an LDAP authentication server is selected under User Manager > Settings > Authentication Server
... - 07:40 PM Revision 8d0b16a1: Add the function gettext
-
05:45 PM Bug #6233: Bootloop with Alix after 2.3 upgrade
- Same on version 2.3.1 unfortunately. :(
-
- Never mind. My bad. Other than the resolution terminology which a PR has already be submitted for.
-
-
Initial selection of custom time period sets the resolution to "Lowest Possible" (should be "Highest Possible"; su... - 01:29 PM Revision 1168634b: Merge pull request #2968 from NewEraCracker/patch-gettext-maxlen
- 01:28 PM Revision 83c7a421: Initialize output var in firewall_shaper_queues
- To clear any previous use of the var elsewhere in included files.
Forum: https://forum.pfsense.org/index.php?topic=11... - 01:06 PM Revision 293c90fb: Merge pull request #2967 from phil-davis/patch-2
-
11:58 AM Bug #6311: pfSense 2.3 locking up
- Markus Strangl wrote:
> System info:
> SuperMicro Intel Westmere rack boxes, 2 each in HA Cluster with CARP and p... -
-
-
11:49 AM Feature #6365 (Duplicate): Current images do not install on UEFI Machines
- There is already request for that feature [[https://redmine.pfsense.org/issues/4044]].
But I think is better to exte... -
-
-
- adding ini_set('memory_limit', '490M'); to the top of status_carp.php file help to display upper part of page but at ...
-
- Crash report begins. Anonymous machine information:
amd64
10.3-RELEASE
FreeBSD 10.3-RELEASE #6 05adf0a(REL... -
- Hello,
i have pretty big carp cluster with:
WAN@1 10.165.128.254 BACKUP
VLAN20@2 10.161.20.210 BACKUP
VLA... -
03:12 AM Bug #6296: Interface dies with IPsec and SMP
- Thanks guys!
For the official boxes (ADI image) there is no 2.3.1 development branch that we could upgrade to corr...
05/17/2016
-
- On a backup firewall in an HA cluster, when the backup has been triggered by a merged-in config the "Configuration Ch...
- 08:38 PM Revision 95f46512: Reduce maximum length of string to gettext()
- This limit is set at 4096 on PHP 5.6: http://lxr.php.net/xref/PHP_5_6/ext/gettext/gettext.c#139
Bug report on forum:... -
- Brent Kerlin wrote:
> Chris Buechler wrote:
> > This has lasted over 3 days now in multiple scenarios that wouldn't... -
- Chris Buechler wrote:
> This has lasted over 3 days now in multiple scenarios that wouldn't last 4 hours on affected... -
> Restarting the webconfigurator from the console does not resolve the issue.
> Other than the web not functioning...-
- Chris Buechler wrote:
> that's 2.3(.0)_1 rather than 2.3.1. It wasn't 2.3->2.3_1 that did it, since that only upgrad... -
10:43 AM Bug #6177: pkg update checking with no Internet access kills web GUI
- this fixed my issue on 2.3, thanks
-
- this patched worked for me, but only after changing the uppercase HTTP_PROXY to lowercase http_proxy
-
- Testing confirms that it does not work with IKEv1, as expected, but that it does work with IKEv2 following that stron...
-
08:15 AM Bug #6245: Multi-WAN PPPoE not working
- We have 3 setups with multi-wan and the terminating on the same AC. One we are even using ourselves with dual t-busin...
-
07:20 AM Bug #6099: igmpproxy does not recognize upstream interface
- Hi, I have some news.
Someone have made a commit on the pali/igmpproxy git: https://github.com/pali/igmpproxy/pull/2... -
- Don't think this is viable at this point because of a larger issue that prevents traffic originating from the firewal...
- 01:24 AM Revision 49701df3: Initialize output var in firewall_shaper_queues
- To clear any previous use of the var elsewhere in included files.
Forum: https://forum.pfsense.org/index.php?topic=11... -
12:36 AM Bug #6297: rc.linkup doesn't trigger filter reload
- Hi Chris!
Thanks for your response. I've applied your change to /etc/rc.linkup as requested. So far, I haven't run...
05/16/2016
-
11:35 PM Feature #6362 (New): Allow specifying the client identifier hardware type
- Situation: Mac OS X 10.11 client, wireless. DHCP is specified with 'myhostname' in DHCP Client ID.
In pfSense, DHC... -
-
-
-
-
-
-
-
-
- fixed
-
- added sanitation of the output in head.inc as well
-
-
-
12:09 PM Bug #6361 (Not a Bug): Responsive Mobile Menu issue
- This is only applicable when you have the General | webConfigurator | Top Navigation set to Fixed.
Once logged in ... -
- This reverts commit f5a9bb1f2180e6b9fcc9e81006524c2f6813e037.
-
- Section panel header title.
(cherry picked from commit 5414794c12fbcd6455a48f81428e0457a9cf0c95) - 11:41 AM Revision d736d861: Merge pull request #2965 from NOYB/Miscellaneous_Textual_Corrections_-_System_/_Advanced_/_Firewall_&_NAT
- 11:40 AM Revision d72312ef: Make limiters info box work same as By Interface
- The info box displayed on Firewall->Shaper, By Interface come down the bottom with and info icon and can be shown/hid...
- 11:39 AM Revision 890bd153: Merge pull request #2964 from phil-davis/patch-3
- 11:39 AM Revision 170fbb18: Customize limiter info message
- The $dn_default_shaper_msg is what is displayed on the Limiters tab. It needs to talk about "limiter" rather than "qu...
- 11:38 AM Revision 973a2d45: Merge pull request #2963 from phil-davis/patch-2
-
- (cherry picked from commit 542d14be063e0a90b9182ee3dac9dc3fdb52d04d)
- 11:37 AM Revision 5543a460: Merge pull request #2961 from NOYB/Miscellaneous_Textual_Corrections_-_System_/_Advanced_/_Networking
-
- (cherry picked from commit 850211423b3486353b2419b02211213196d8c36e)
- 11:36 AM Revision 8185eabc: Merge pull request #2960 from NOYB/Miscellaneous_Textual_Corrections_-_System_/_User_Manager_/_Settings
- 11:36 AM Revision c6c8cfea: Miscellanous Textual Corrections - Add missing dots, normalize case
- (cherry picked from commit cb6c20a997eeb77b3529e157cd512fabb4ff69f0)
- 11:35 AM Revision 2c6faa05: Merge pull request #2954 from NewEraCracker/textual-corrections
- 11:24 AM Revision 0f1304ee: Sanitize notice output here as well. Ticket #6154
- 11:23 AM Revision e4710ed5: Sanitize notice output here as well. Ticket #6154
-
10:48 AM pfSense Packages Bug #2591: Squid3 can't listen on a CARP VIP
- For those getting bit by the missing CARP interfaces, a viable workaround is to
* Bind Squid to Loopback (127.0.0... -
- it's definitely replicable, ran into it a couple days ago myself but haven't had time to get back to it yet.
-
- See: CPY-83269
-
- It's possible to end up in situation where neither the IKE mode or Negotiation mode are defined in the config file or...
-
- there in latest snapshot.
-
- Done
-
- 06:02 AM Revision 31872607: Correct force updates when chosen. Ticket #6359
- 06:01 AM Revision c2b51a45: Correct force updates when chosen. Ticket #6359
-
- that's 2.3(.0)_1 rather than 2.3.1. It wasn't 2.3->2.3_1 that did it, since that only upgraded ntpd, rather something...
-
- rc.linkup doesn't trigger a filter reload. It probably should, though that has the potential for introducing other is...
-
- it ought to do a better job of reloading, rather than the "kill them all and restart" currently.
- 01:34 AM Revision 0876ed6c: Fix script name in error log
- 01:33 AM Revision 92674d7f: Fix script name in error log
- 01:32 AM Revision 223ebd3f: Fix misspellings.
- 01:31 AM Revision 38edc490: Fix misspellings.
-
- works
-
- fixed
-
- The "Save & Force Update" button for RFC 2136 DDNS doesn't actually force updates.
fix coming -
- Couple different issues here. One I opened up #6359 to cover and fixed that there, so the force update actually force...
05/15/2016
-
- if someone can get me access to a box that exhibits this issue, that would help greatly (email cmb at pfsense dot org...
-
12:01 PM Bug #6132: race condition in OpenVPN startup
- Sorry for my english
-
- After i upgraded 2.3 -> 2.3.1, i have same issue.
After Pfsense boot, Widget doesn't show OpenVpn connection, but tu... -
- Need to upgrade OpenVPN to 2.3.11.
https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn23
-
- Those changes helped some instance of this, but definitely doesn't fix the problem for all.
-
- works
- 10:54 PM Revision b4f400a4: Update openvpn.inc
-
- Section panel header title.
- 10:21 PM Revision bc5ab7af: Update openvpn.inc
-
- This has lasted over 3 days now in multiple scenarios that wouldn't last 4 hours on affected kernels. Multiple outsid...
-
06:19 PM Bug #6357 (Resolved): Dynamic DNS (RFC2136) updates always considered successful
- Architecture: amd64
Installed version: 2.3
I've set the Priority as High, because the functionality isn't working... -
- Thanks. Just to make sure we're not at cross purposes, this is a different issue to the one I posted about here: ht...
-
- There is a PR for this already. Waiting for approval from the Devs...
https://github.com/pfsense/FreeBSD-ports/pul... -
04:01 PM pfSense Packages Bug #6346: Squid Proxy Server Service randomly stops
- I have the same experience and would like to learn how to fix this.
Everything else I have tried in pfsense works O... - 05:25 AM Revision a79dfdaa: Make limiters info box work same as By Interface
- The info box displayed on Firewall->Shaper, By Interface come down the bottom with and info icon and can be shown/hid...
- 05:04 AM Revision aadc1358: Customize limiter info message
- The $dn_default_shaper_msg is what is displayed on the Limiters tab. It needs to talk about "limiter" rather than "qu...
05/14/2016
-
-
- On the Snort > Snort Interfaces > WAN Preprocs > Portscan detection tab, the UDP protocol is missing from the Protoco...
05/13/2016
-
-
04:21 PM Bug #6099: igmpproxy does not recognize upstream interface
- ioctl( Sock, SIOCGIFCONF, &IoCtlReq ) returns a lot more interfaces in FreeBSD 10.3 than my tests under Debian showed...
- 01:22 PM Revision a23600ef: Disable ipcomp regardless of config setting to avoid problem. Ticket #6167
- 01:21 PM Revision c7759e4e: Disable ipcomp regardless of config setting to avoid problem. Ticket #6167
- 12:04 PM Revision a8872fdb: Silence mwexec output. Now that the groupdel actually works, it spams the log when group isn't found. Ticket #6352
- 12:03 PM Revision 535634e5: Silence mwexec output. Now that the groupdel actually works, it spams the log when group isn't found. Ticket #6352
-
- The dhcp relay will relay dhcp requests that arrive on it's upstream interface, where the dhcp server is, resulting i...
- 09:01 AM Revision 4680f6bf: Make rule_columns_with_alias end params optional
- Stops PHP warnings like reported in forum https://forum.pfsense.org/index.php?topic=111768.0
- 09:01 AM Revision 6d49499d: Merge pull request #2959 from phil-davis/patch-2
-
- We'll leave this as-is for 2.3.1 to avoid introducing any regressions for something that's little-used and off by def...
-
- Kill Bill wrote:
> Kindly provide a *choice* of filesystem on install - every single Linux distro can do that, why's... -
- Thanks for the confirmation. Also confirmed in another setup here, looks good.
-
- Confirmed! I did a gitsync and the bug seems to have been squashed! Went through a couple of reboot cycles and firew...
-
- fix pushed, works here.
-
- Now I see what's happening. If you have default gateway switching enabled and a link local gateway, this happens.
-
- been through multiple upgrades to 2.3.1 with no connectivity post-upgrade with no issue. Duplicate of #6180
Rich:... - 07:16 AM Revision 7e752d72: Make rule_columns_with_alias end params optional
- Stops PHP warnings like reported in forum https://forum.pfsense.org/index.php?topic=111768.0
-
- works
-
- that exposed another issue, just pushed a fix for that. All works now.
- 06:30 AM Revision 361b388b: Unbound and dnsmasq can both be enabled so restart both if need be
- 06:30 AM Revision 6d642137: Merge pull request #2958 from k-paulius/patch-16
- 05:44 AM Revision 3ded329e: Fix scope for IPv6 link local gateway IPs. Ticket #6353
- 05:43 AM Revision a4b55d11: Fix scope for IPv6 link local gateway IPs. Ticket #6353
- 05:34 AM Revision ea940381: Handle link local IPv6 gateways and default gateway switching correctly. Ticket #6258
- 05:34 AM Revision 857f3490: Handle link local IPv6 gateways and default gateway switching correctly. Ticket #6258
- 04:24 AM Revision 1a444f88: Unbound and dnsmasq can both be enabled so restart both if need be
-
- 03:52 AM Revision e02a2756: Merge pull request #2957 from NOYB/Miscellaneous_Textual_Corrections_-_System_Advanced
-
- 03:50 AM Revision ce252674: Merge pull request #2956 from NOYB/Miscellaneous_Textual_Corrections_-_Services_NTP_PPS
- 03:40 AM Revision b460c43b: Don't start unbound in track6 config if system is booting. Add dnsmasq here as well. Based on PR 2943. Ticket #6186
- 03:39 AM Revision 6d4fd80b: Don't start unbound in track6 config if system is booting. Add dnsmasq here as well. Based on PR 2943. Ticket #6186
-
- It could be fixed as a consequence of one of the other fixes in 2.3.1. It didn't seem like it was reliably replicable...
-
03:06 AM Bug #6110: Default gateway switching not always working with PPP
- Yeah it`s for ipv4.
I don`t get it what changed. We can close it? -
- Greg M wrote:
> Hi!
> Has this been fixed with latest snap?
> I can`t repro it anymore and it works correctly now.... -
- Hi!
Has this been fixed with latest snap?
I can`t repro it anymore and it works correctly now. - 03:20 AM Revision cd227001: Use -g with groupdel when passing a GID. Ticket #6352
- 03:20 AM Revision 34d58bad: Use -g with groupdel when passing a GID. Ticket #6352
-
- works
-
- fix pushed
-
- The static route for IPv6 monitor IPs with link local gateways isn't added correctly, missing the scope.
-
- Some parts of the code made the assumption dnsmasq and unbound wouldn't run simultaneously, which isn't necessarily t...
-
- all still running fine after around 11 hours. That's more than 7 hours longer than any affected kernel has lasted in ...
- 12:35 AM Revision 22f9e40f: Fixed #6349
- (cherry picked from commit c032a89a890a350540df12a9d2e41b9c7d8efda5)
05/12/2016
-
- all works now
-
- It passed on all my tests too
-
- the removal part was fine. The reinstall post-upgrade wasn't working until my last commit. Leaving to verify once tha...
-
- works now
-
- Package list now correct, the package reinstall was skipped until my last commit on #6137. This succeeded with that c...
-
- Update: I have decided to test 2.3.1 snapshots. I am now on 2.3.1.a.20160512.1401 and there hasn't been any change a...
-
- fix pushed
-
- one of the pw groupdel commands passes a GID without -g, resulting in bootup log like: ...
-
- (cherry picked from commit 44b30d595f41d69b0a4db7c032f57ca3e5d338c9)
- 09:53 PM Revision c032a89a: Fixed #6349
-
- my test setups are past 4 hours run time now, in a scenario where they never exceeded 4 hours before the fix.
One... -
- latest available snapshot has the fix merged. Test environments running now to verify.
-
-
-
-
-
-
-
05:00 PM
Bug #6349: system_advanced_misc.php - Reboot when changing RAM disk option happens even when input validation error occurs and the change isn't saved
- Applied in changeset commit:c032a89a890a350540df12a9d2e41b9c7d8efda5.
-
04:57 PM
Bug #6349 (Feedback): system_advanced_misc.php - Reboot when changing RAM disk option happens even when input validation error occurs and the change isn't saved
- reboot flag now unset on validation errors
-
- When checking the RAM disk option and clicking Save, the user is prompted to approve a reboot. If the input validatio...
-
- Luiz merged the upstream fix for this in 384ae63efc9d676414c45591c9b6095197919513. With the note: "I changed the IPv6...
-
- Thanks for your report.
Fix send for both packages: https://github.com/pfsense/FreeBSD-ports/pull/127 -
- Seems like, that ifvc.c (igmpproxy) does NOT create the full list of all interfaces in function "buildIfVc()".
May... - 03:41 PM Revision 60ebb473: Add alias display to target host and target port columns
- (cherry picked from commit 474e70a2d178de50060c6e5f1114bb5b6963a6b6)
- 03:41 PM Revision 474e70a2: Add alias display to target host and target port columns
-
- fixed. Verified that was the last remaining instance of that enable flag.
-
- Applied in changeset commit:88cce82b304cd9e0e253f29a9bd3fdc9241260a7.
-
- In /etc/rc.newipsecdns it tests to see if IPsec is enabled by checking:...
-
- that was already fixed in #6303
-
06:05 AM Bug #6348 (Duplicate): DHCP Server - Delete Additional Pools
- Hi,
After creating an additional pool, trash can to delete it have a wrong url, the interface is missing.
https... -
- All this took to cause apparently fatal damage to the "robust" UFS was a *single* power failure. Since the SSD is jus...
-
- 1000+ power cycles later in above described case, no issues. This isn't any worse than it's been in any 10.x base ver...
-
11:42 AM pfSense Packages Bug #6350 (Closed): Auto Config Backup - Uncaught Exception
- When attempting to "Show Info" and unable to decrypt the backup, the following warning is generated:...
-
-
- $cpzone is always in lowercase, it's used as the array key used in
config.xml. Use it in two cases where the $cp['zon... -
-
- $cpzone is always in lowercase, it's used as the array key used in
config.xml. Use it in two cases where the $cp['zon... - 09:31 AM Revision 78012791: Store notices safely to prevent potential XSS when notices are displayed locally or by remote systems where they're shipped. Ticket #6154
- 09:29 AM Revision e392cc2b: Store notices safely to prevent potential XSS when notices are displayed locally or by remote systems where they're shipped. Ticket #6154
-
08:39 AM Bug #5990: AES-GCM should be an allowed encryption algorithm for IKEv2 in P1
- Took the initiative and asked the strongswan mailing list if the AES-GCM was supported in IKEv2. The response is in t...
- 07:14 AM Revision 7b31a030: Fix package_reinstall_all post-upgrade when packages have been removed in pre_upgrade. Ticket #6137
- 07:09 AM Revision 4458ed6b: Fix package_reinstall_all post-upgrade when packages have been removed in pre_upgrade. Ticket #6137
-
- Applied in changeset commit:0c388fefae197d481c8c1a85fe1dd802d5ead400.
-
- I'd rather store it safely, as there's less chance it'll become a security issue in our code, or outside of it where ...
-
- Thanks for the feedback
-
- Ok, sorry, it was indeed a Cache Problem and I haven't realized the changed behavior
-
- also works fine here. That was changed to AJAX updating in 2.3.1 rather than the old reload the page and show "x serv...
-
- I just updated to that build also, and those buttons are working for me.
Exactly what does not work?
What are the s... -
- on WEB Interface: Status - Services
The Action Buttons "Restart", "Stop" and "Start" are not functioning after upda... -
- all fixed now
05/11/2016
-
-
10:50 PM pfSense Packages Bug #6346: Squid Proxy Server Service randomly stops
- this is everything before the restart
May 12 10:48:09 check_reload_status Syncing firewall
May 12 10:48:09 php... -
- is there anything in the system log (Status>System logs) when it fails to start under Status>Services?
-
- I dont know how to get better logging for squid but this is everything in the cache file
2016/05/12 10:28:48 kid1|... -
- best to start a forum thread so others can help pinpoint the specific cause and whether it's actually a bug. Impossib...
-
- Squid Proxy Server Service stops from time to time and will not start from the services tab, requires a restart of th...
- 10:07 PM Revision 807e3bfc: Tweak upgrade - Remove unused code and document changes better
- This will ensure a smooth upgrade for those running config 15.4 to any next version.
- 10:07 PM Revision 586f5681: Merge pull request #2955 from NewEraCracker/upgrade-code-tweak
- 09:33 PM Revision 6c6e8e34: Prefer index.php over index.html where both exist.
- 09:32 PM Revision 3a643eb8: Prefer index.php over index.html where both exist.
- 08:49 PM Revision 374f8c51: Tweak upgrade - Remove unused code and document changes better
- This will ensure a smooth upgrade for those running config 15.4 to any next version.
-
- Yep, fair enough. If tgharold in the forum can explain the history of his system so we can understand how FE80 got in...
-
- We've never set anything other than user-defined input there. The described config wouldn't pass input validation in ...
-
- It has been reported that ipaddrv6 tag for an interface has just "FE80" in it in some pre-2.3 configs:
https://forum... - 07:15 PM Revision cb6c20a9: Miscellanous Textual Corrections - Add missing dots, normalize case
-
-
-
-
-
- that appears to be 2.3.0, as the 2.3.1 URLs would have 2_3 not 2_3_0 in them. Is that definitely 2.3.1? Looks like a ...
-
- When internet connectivity is unavailable, pfsenese 2.3.1 will not boot due to 'update -f' failing and retrying indef...
-
- Applied in changeset commit:24d2e48271a6b48227268de9216edd66572ed77c.
-
- There were some at least somewhat relevant changes to that in 2.3.1, particularly with having a separator at the bott...
-
11:00 AM Bug #6344 (Resolved): Firewall rules being deleted when separators are added
- I'm seeing an issue where separators are causing rules to disappear. Doing a config restore removes the separators an...
- 12:34 PM Revision 48d321ca: Miscellanous Textual Corrections - Add missing dots to phrases
- (cherry picked from commit e4c7d45fc7a294817325354e13f4d5bc4987739e)
- 12:34 PM Revision 4296459a: Merge pull request #2953 from NewEraCracker/textual-corrections
- 12:33 PM Revision 289233b9: Merge branch 'master' of git.pfmechanics.com:pfsense/pfsense
-
- (cherry picked from commit 1c4e2ed053a04f7768a21129171a27e6804dbb0c)
- 12:31 PM Revision 61a0217e: Merge pull request #2950 from NOYB/Miscellaneous_Textual_Corrections_-_Services_Dynamic_DNS
-
- Chris Buechler wrote:
> doktornotor: welcome back. What's your wireless config like on there? What type of card and ... -
- Chris Buechler wrote:
> He's referring to the web installer, which was removed in one of the 2.2.x versions.
Ah, ... -
- I struck out on attempting with various wireless configs in a few dozen power cycles. Also tried writing out a slew o...
- 08:43 AM Revision e4c7d45f: Miscellanous Textual Corrections - Add missing dots to phrases
-
- Changing ACB directly was the quickest way to get a fix for everyone without updating pfSense itself, but looking thr...
-
- ACB is good now. But head.inc probably should sanitize $id and $notice unconditionally. Any reason we couldn't always...
- 06:56 AM Revision 3f398f0d: Hide CIDR for alias types that do not use it
- Suggested/discussed in forum
https://forum.pfsense.org/index.php?topic=111593.0 - 06:56 AM Revision f212adc8: hideMask only modify input-group on first parent
- Otherwise when unhiding (e.g. for Network type alias), input-group gets
added to every div up the DM hierarchy and th... - 06:52 AM Revision 4d6914a1: Merge pull request #2952 from phil-davis/hidemask
-
06:00 AM Bug #5993: dhcp6c not started until an RA received
- Chris Buechler wrote:
> David Wood wrote:
> > The precautionary principle suggests that changing the current behavi... - 05:52 AM Revision 60ec2d7a: Rename OSPF and System Patches packages in pre_upgrade_command. Ticket #6118
- 05:51 AM Revision ab2060d9: Rename OSPF and System Patches packages in pre_upgrade_command. Ticket #6118
- 05:30 AM Revision 6086293b: Revert "Add config upgrade code to update package names. Ticket #6118"
- This reverts commit 297ace668e4a4ffbf1fb1581e7c765e2ed158e29.
- 05:29 AM Revision 538a3c04: Revert "Add config upgrade code to update package names. Ticket #6118"
- This reverts commit 291fad43870bdb39ef0ab32125b022e268a29cf7.
- 04:19 AM Revision 685a06f2: Hide CIDR for alias types that do not use it
- Suggested/discussed in forum
https://forum.pfsense.org/index.php?topic=111593.0 - 04:14 AM Revision 01142f51: hideMask only modify input-group on first parent
- Otherwise when unhiding (e.g. for Network type alias), input-group gets
added to every div up the DM hierarchy and th... - 03:55 AM Revision 381b8f1c: Check for is_array here to avoid possible issues if the config.cache is invalid. Adapted from PR 2925
- 03:53 AM Revision adb6925e: Check for is_array here to avoid possible issues if the config.cache is invalid. Adapted from PR 2925
- 03:44 AM Revision 5925b419: Spaces->tabs
- (cherry picked from commit e1caefc74fba6cbbb680288c1f8d930e4f0ad474)
- 03:42 AM Revision e1caefc7: Spaces->tabs
-
- this works both in GUI and CLI.
-
- that's #6296
-
02:57 AM Bug #6342 (Duplicate): Pf-Sense use lots of CPU time and all connections is down
- Hi,
I have many Pf-sense firewalls in VM-ware esx-i 5.5 enviroment. I Upgrade all Pf-senses to 2.3 version.
I ha... -
- What I committed takes things back to 2.2.x and earlier behavior, plus retaining the fix for #5952. That's confirmed ...
- 03:16 AM Revision 25a96ffb: Added hideMask() function
-
- all works now
-
- looks good, thanks!
-
- fixed
-
- that works. leaving to test once it hits a snapshot.
-
- the config upgrade code worked, or would have if it were actually in the config at that point. The pre_upgrade_comman...
05/10/2016
-
-
- doktornotor: welcome back. What's your wireless config like on there? What type of card and config. Not that it shoul...
-
- Kill Bill wrote:
> The only stable thing for me was ZFS - which, sadly, ain't doable any more with 2.3
Why wouldn... -
- Yeah, I understand it's not recommended or supported or whatever, however the stable solution (which was in place whe...
-
03:59 PM Bug #6340: fsck hangs boot in background, fails to produce any action, resulting in broken firewall
- Kill Bill wrote:
> No, this was not any old upgraded install. Happened on a fresh 2.3 full install with SU+J being... -
- Renato Botelho wrote:
> So you have SUJ off, but you have Soft Updates enabled, right? Did you disabled SUJ for any ... -
- Renato Botelho wrote:
> So you have SUJ off, but you have Soft Updates enabled, right? Did you disabled SUJ for any ... -
- So you have SUJ off, but you have Soft Updates enabled, right? Did you disabled SUJ for any reason or is it an old in...
-
- Kill Bill wrote:
> it hangs reliably on every second reboot, no matter the troubleshooting steps above. It's repeata... -
- Jim Pingle wrote:
> He's alive! :-)
Yeah, indeed... :-)
> This sounds like a different failure mode with poten... -
- He's alive! :-)
This sounds like a different failure mode with potentially the same root cause as #5592, which app... -
-
- Hi, guys! (Yeah, still alive, eventually might get back to fixing something in pfSense. :-P)
Meanwhile - this fsck... -
- works
-
- Applied in changeset commit:16203db3766d694c22a49ff25353e1109bf64c6d.
-
- When editing a Mobile P1, the "Mobile Clients" tab is highlighted, though it's not really a function of that tab.
... -
-
-
07:04 PM Bug #6177: pkg update checking with no Internet access kills web GUI
- Steve Beaver wrote:
> Which widgets are enabled on you dashboard?
- System Information
- Interfaces
- Firewall ... -
03:56 PM
Bug #6177: pkg update checking with no Internet access kills web GUI
- Which widgets are enabled on you dashboard?
-
- Disabling the 'automatic dashboard auto-update check' at /system_update_settings.php seems to mitigate the issue for ...
-
- something is wrong in your network, probably an IP conflict from the sounds of that.
- 01:10 PM Revision d515da75: Adding missing spaces between punctuation
- (cherry picked from commit 0e63fe1f372584a03a6c84aeb6268fde8de75b3a)
- 01:10 PM Revision 0161bbb4: Merge pull request #2949 from NewEraCracker/textual-corrections
-
- (cherry picked from commit f3817766671915583074465aa725152c7a293568)
- 01:09 PM Revision da1fdf78: Merge pull request #2948 from NOYB/Miscellaneous_Textual_Corrections_-_Services_Load_Balancer
- 09:39 AM Revision 0e63fe1f: Adding missing spaces between punctuation
-
02:52 AM Bug #6099: igmpproxy does not recognize upstream interface
- For testing I copied the igmpproxy from version 2.2.6 to latest pfsense Version. Then I had to Link /tmp/igmpproxy.co...
-
12:18 AM pfSense Packages Bug #6339 (Resolved): OpenVPN Client Export package option for "Use Microsoft Certificate Storage" does not specify which certificate to use
- Just spent a while tracking this down, please disregard if it's a PEBKAC issue. :)
I tried the option in the clie...
Also available in: Atom