Activity

30 days up to

User

Subprojects

Activity

From 07/07/2016 to 08/05/2016

08/05/2016

10:30 PM Revision eea35b99: Improve the wording to make clear the legal restrictions for the use of the pfSense trademark.: Reviewed by: jimt
(cherry picked from commit d689bc7df5601d1a50aaccc3d75472099cd942b7) Luiz Souza
10:27 PM Revision d689bc7d: Improve the wording to make clear the legal restrictions for the use of the pfSense trademark.: Reviewed by: jimt Luiz Souza
06:13 PM Revision 88871e26: Ignore linkup eventos for interfaces that are member of bridges and have no IP address configured: Renato Botelho
06:13 PM Revision d9eac320: Ignore linkup eventos for interfaces that are member of bridges and have no IP address configured: Renato Botelho
02:59 PM Revision 8dc90525: Verify if interface is active gw for gw group before update dynamic DNS: Renato Botelho
02:58 PM Revision 05741e45: Verify if interface is active gw for gw group before update dynamic DNS: Renato Botelho
02:58 PM Revision e8382f7f: Verify if interface is active gw for gw group before update dynamic DNS: Renato Botelho
10:21 AM Bug #6683: Empty page 'Firewall: NAT: Port Forward' when Read-Only rights: OK, sorry Jim. But why no delete the right "WebCfg - Firewall: NAT: Port Forward page" if it does not work ? mr xhark
10:14 AM Bug #6683 (Not a Bug): Empty page 'Firewall: NAT: Port Forward' when Read-Only rights: To create a read-only user, give them the "Deny Config Write" privilege. Jim Pingle
10:09 AM Bug #6683 (Not a Bug): Empty page 'Firewall: NAT: Port Forward' when Read-Only rights: Hi,
To reproduce the issue :
* add a NAT Port Forward rule with admin account
* add a new user "john" (no group ... mr xhark
08:31 AM Bug #6682 (Not a Bug): OpenVPN Client does not use "interface" configured. Connection always established through default gateway.: The state table is fibbing to you a little bit in that case. pf is sending the traffic out the correct WAN, but the i... Jim Pingle
06:50 AM Bug #6682 (Not a Bug): OpenVPN Client does not use "interface" configured. Connection always established through default gateway.: Tested with 2.3, 2.3.1 and 2.3.2
Test scenario: configure multiple WANs, use WAN1 as default gateway, configure Open... Jose Duarte
12:59 AM Bug #5993: dhcp6c not started until an RA received: I still haven't had a chance to switch my LAN over to this software, but I'm aware of three other Telus users who are... Daryl Morse

08/04/2016

10:04 PM Revision 72f91833: pfSense.css: Fix sortable tables' font: Jose Luis Duran
10:04 PM Revision 98ea394a: Experiment using the OS' native font stack: Following the steps of bfbfa4dd254c110db4122925d0a3716a34d4c664,
experiment using the OS' native font stack.
Obtaine... Jose Luis Duran
10:03 PM Revision 802029ce: pfSense.css: Fix sortable tables' font: Jose Luis Duran
10:03 PM Revision 4310baaa: Experiment using the OS' native font stack: Following the steps of bfbfa4dd254c110db4122925d0a3716a34d4c664,
experiment using the OS' native font stack.
Obtaine... Jose Luis Duran
10:02 PM Revision 77413c25: Merge pull request #3084 from jlduran/native-font-stack: Jared Dillard
09:48 PM Revision 6ab43547: Update pfSense.pot: (cherry picked from commit 51c5313df8b9a9470cad9031b3e93594a4728c9e) Doktor Notor
09:48 PM Revision 8a4cc539: Allow URLs for TFTP Server (Bug #6634): The setPattern() thing ain't usable for this and just causes regressions.
(cherry picked from commit c411661a8e8f9f9e... Doktor Notor
09:48 PM Revision 8b125927: Allow URLs for TFTP Server (Bug #6634): is_URL() from util.inc is way too limited for this purpose.
(cherry picked from commit 8ff248d6a3f31dba42c4c64b529092... Doktor Notor
09:47 PM Revision b6843da7: Typo fix: (cherry picked from commit 4b79a9d443c4e16d6ffa304775aec79938d2988c) Doktor Notor
09:47 PM Revision 2e5a481c: Allow URLs for TFTP Server (Bug #6634): is_URL() from util.inc is way too limited for this purpose.
(cherry picked from commit 483816313924f87707bca0aa983c73... Doktor Notor
09:46 PM Revision 3691302f: Merge pull request #3083 from doktornotor/patch-2: Renato Botelho
09:36 PM Revision db392e36: Fix a redundant HTTP "User-Agent" string.: CURLOPT_USERAGENT expect the value to the user-agent string, not the entire key-value pair.
Before this fix, HTTP hea... Philip Soeberg
09:36 PM Revision 2d8770b2: Fix a redundant HTTP "User-Agent" string.: CURLOPT_USERAGENT expect the value to the user-agent string, not the entire key-value pair.
Before this fix, HTTP hea... Philip Soeberg
09:36 PM Revision 03ff3448: Merge pull request #3082 from philipsoeberg/fix-redundant-http-user-agent-string: Renato Botelho
09:33 PM Revision c22ddfe7: Merge pull request #3066 from phil-davis/notifychannelupdown: Renato Botelho
09:31 PM Revision a035b77c: Merge pull request #3065 from phil-davis/radius-openvpn: Renato Botelho
09:26 PM Bug #6675: Port Forward on LAN does not work in 2.3.x: If I need is more of the same as Squid is to work with the transparent proxy, redirecting only port 80 and not all tr... Tácio Andrade
09:25 PM Revision 0b95ff4c: services_dhcp: Ignore BOOTP queries: BOOTP leases do not have a maximum lease time by default, this could
potentially lead to a DHCP address pool exhausti... Jose Luis Duran
09:25 PM Revision b0478d98: Merge pull request #3086 from jlduran/ignore-bootp-queries: Renato Botelho
04:48 PM Bug #6634 (Feedback): DHCP Server "TFTP Server" field should allow URLs: PR has been merged, thanks! Renato Botelho
04:26 PM Feature #4351 (Feedback): Allow to disable BOOTP in DHCP server: Pull request has been merged. Thanks Renato Botelho
01:25 PM pfSense Packages Bug #6511: In some circumstances the HAProxy clone front-end button can add blank list entries to the front end being cloned resulting in a config that cannot be applied.: @Pi Ba
I agree that it should not be possible to end up with empty entries in the config but in the case that someho... Steve Wheeler
12:54 PM pfSense Packages Bug #6511: In some circumstances the HAProxy clone front-end button can add blank list entries to the front end being cloned resulting in a config that cannot be applied.: @Steve, the first issue of empty items being added when duplicating should be fixed in next version..
https://github... Pi Ba
12:12 PM Revision 353c8d2b: Add /etc/rc and /etc/pfSense-rc.shutdown to pfSense-rc package: Renato Botelho
12:04 PM pfSense Packages Feature #6445 (Rejected): Request: Zabbix 3.0 LTS proxy: Zabbix agent and proxy 3.0 is available on pfSense 2.3. If you see only Zabbix agent or proxy 2.2 or 2.4, you must st... Jim Pingle
11:56 AM pfSense Packages Feature #6445: Request: Zabbix 3.0 LTS proxy: Uhm... 3.0.x LTS is in fact the only version available in pfSense 2.3.x packages. Kill Bill
09:45 AM pfSense Packages Bug #6681 (Feedback): Squid local auth password handling is weak and only accepting short passwords: I just pushed a fix to change this to SHA512, which is working well even with long passwords (I only tried up to 32 c... Jim Pingle
09:34 AM pfSense Packages Bug #6681 (Resolved): Squid local auth password handling is weak and only accepting short passwords: The password handling in squid for local auth is using crypt() with default settings and cutting off passwords short ... Jim Pingle
09:25 AM Bug #6680 (Not a Bug): pfSense web ui freezes after clicking on Diagnostics->ARP Table: Please post on the forum or mailing list for assistance with your issue. It's highly unlikely to be a bug, but if it ... Jim Pingle
08:42 AM Bug #6680 (Not a Bug): pfSense web ui freezes after clicking on Diagnostics->ARP Table: For some reason, when I try to list the arp table, pfsense freezes and I need to restart PHP-FPM via console.
2.3.... Tiago Mello
07:07 AM pfSense Packages Bug #6571 (Resolved): NUT service can not start sometimes after boot when SNMP UPS interface is down: Jim Pingle
12:13 AM pfSense Packages Bug #6571: NUT service can not start sometimes after boot when SNMP UPS interface is down: This is resolved with version 2.7.4_1 of the nut package. Denny Page
07:04 AM Bug #6679 (Not a Bug): No config option for "limited" parameter in Default/Custom Access Restrictions in NTP: Jim Pingle
06:30 AM Bug #6679: No config option for "limited" parameter in Default/Custom Access Restrictions in NTP: KOD flag also toggles limited.
Sorry for opening this ticket. Patrik Andersin
06:17 AM Bug #6679 (Not a Bug): No config option for "limited" parameter in Default/Custom Access Restrictions in NTP: Now limited parameter is always included in restrict config lines.
Older Netapp filer uses sntp and sends 3 ntp qu... Patrik Andersin

07/31/2016

04:53 PM Bug #6668: IPSec tunnel + L2TP/IPSec VPN - wrong PSK chosen by pfSense: ERRATUM:
@ipsec.secrets@ (mistyped) should be:... Janusz Baranek
04:22 PM Bug #6668 (Closed): IPSec tunnel + L2TP/IPSec VPN - wrong PSK chosen by pfSense: Setup:
1. IPSec, IKEv1 site to site tunnel, PSK, Main mode. FQDN identifier - talking to a Mac OS server (racoon)
... Janusz Baranek
12:49 PM Revision 6d53301b: services_dhcp: Ignore BOOTP queries: BOOTP leases do not have a maximum lease time by default, this could
potentially lead to a DHCP address pool exhausti... Jose Luis Duran
11:47 AM Bug #6481: loading EAP_RADIUS method failed: I wanted to jump in to say I just had this same issue on 2.3.2 today. Same log message and everything. Confirming y... Randy Snow
09:49 AM Revision 51c5313d: Update pfSense.pot: Doktor Notor
09:27 AM Revision c411661a: Allow URLs for TFTP Server (Bug #6634): The setPattern() thing ain't usable for this and just causes regressions. Doktor Notor
09:23 AM Feature #5112: LDAP support for Captive Portal: I'm interested to this feature. It will be officially implemented? Filippo Sorbellini
08:38 AM Revision 8ff248d6: Allow URLs for TFTP Server (Bug #6634): is_URL() from util.inc is way too limited for this purpose. Doktor Notor
08:35 AM Revision ef726c3e: Update pfSense.pot: Doktor Notor
08:25 AM Revision 4b79a9d4: Typo fix: Doktor Notor
08:21 AM Revision 48381631: Allow URLs for TFTP Server (Bug #6634): is_URL() from util.inc is way too limited for this purpose. Doktor Notor
07:59 AM Feature #3971: IPv6 - Preserve the DUID used for WAN DHCP-PD in the configuration file: As mentioned in #6667, this also negatively impacts those with /var in RAM Jim Pingle
07:59 AM Bug #6667 (Duplicate): DHCP DUID file not preserved across reboots when "Use RAM Disks" is enabled: Duplicate of #3971 Jim Pingle
02:27 AM Bug #6667: DHCP DUID file not preserved across reboots when "Use RAM Disks" is enabled: Duplicate of https://redmine.pfsense.org/issues/3971 (this is a more generic problem, even without tmpfs-based /var, ... Kill Bill
07:52 AM Feature #4351: Allow to disable BOOTP in DHCP server: https://github.com/pfsense/pfsense/pull/3086 Jose Luis Duran
01:47 AM Feature #4351: Allow to disable BOOTP in DHCP server: I am also seeing BOOTP queries being served for captive portal users. The problem is that BOOTP leases do not have a ... Jose Luis Duran
07:45 AM pfSense Packages Bug #6632: siproxd hosts_allow_reg should be configurable: Chris Buechler wrote:
> if you open siproxd on WAN in firewall rules, you get what you're asking for security-wise. ... Kill Bill
03:23 AM Bug #6634: DHCP Server "TFTP Server" field should allow URLs: @Rene: Try https://github.com/pfsense/pfsense/pull/3083 Kill Bill
12:23 AM Bug #6666: IPV6 Log Spam?: Sorry:
Version: 2.3.2
Priority: Low
Spelling mistake on last line, should be DHCPv6 daemon Rick Strangman

07/30/2016

09:18 PM Bug #6667 (Duplicate): DHCP DUID file not preserved across reboots when "Use RAM Disks" is enabled: The file "/var/db/dhcp6c_duid" contains a DHCP Unique Identifier (DUID) that a host uses to uniquely identify itself ... Gary Dezern
07:08 PM Bug #6666 (Duplicate): IPV6 Log Spam?: I have a fully functioning dual stack IPv4 static and Prefix Delegated /56 IPv6 DHCPv6 network running over PPPOE. Th... Rick Strangman
05:44 PM Bug #6665: Upgrading packages when pfSense upgrade is available breaks package manager: (Same goes for merely installing a package, not just upgrading.) Kill Bill
05:39 PM Bug #6665 (Resolved): Upgrading packages when pfSense upgrade is available breaks package manager: As described here: https://forum.pfsense.org/index.php?topic=116026.0 - when you upgrade some package before upgradin... Kill Bill
05:16 AM Bug #6664: It's impossible to use HE.NET tunnel iface as a parent for OpenVPN instances: Yet another workaround: Specify a local port instead of empty/0. Looks like *$iface_ip* is not properly initialized w... Dmitriy K
04:58 AM Bug #6664 (Resolved): It's impossible to use HE.NET tunnel iface as a parent for OpenVPN instances: Setup:
* HE.NET tunnel iface [for example, WAN_HE]
Steps to reproduce:
* Create an IPv6 OpenVPN instance on pare... Dmitriy K
04:45 AM Bug #6663 (Resolved): IPv6 OpenVPN client is down after reboot: Setup:
# WAN PPPoE WAN
# HE.NET tunnel on WAN
# Static IPv6 on LAN
Steps to reproduce:
* Create a UDP6 TAP Ope... Dmitriy K

07/29/2016

11:39 PM Feature #6661 (Rejected): Show # of packages available for update on dashboard: The "Installed Packages" widget exists for those who want to know what packages are installed and which have availabl... Jim Pingle
07:13 PM Feature #6661 (Rejected): Show # of packages available for update on dashboard: The ability to show the number of packages that need updating under the system update status on the System Informatio... Ken Sim
08:53 PM Bug #6662 (Resolved): pkg_edit.php checkbox alignment issue when using the sethelp xml tag: When using pkg_edit.php, the checkbox alignment is off when using the <sethelp> XML tags.
See attached pic.
Can... BBcan177 .
02:55 PM Revision ce9a9572: Fix a redundant HTTP "User-Agent" string.: CURLOPT_USERAGENT expect the value to the user-agent string, not the entire key-value pair.
Before this fix, HTTP hea... Philip Soeberg
10:44 AM Bug #6659 (Confirmed): Default routes are not being removed after deletion: Confirmed, but it's not a regression. As far as I can see, default routes are never removed except by ppp-linkdown an... Jim Pingle
08:14 AM Bug #6659 (Resolved): Default routes are not being removed after deletion: I have noticed that when a default route is deleted via GUI, they are not removed from the system, only from the scre... Andre Luiz Paiz
09:53 AM Bug #6657 (Not a Bug): Unable to add network in the source section of a LAN firewall rule: I can't reproduce it using the settings you show. Make sure there are no extra spaces or anything else non-printable ... Jim Pingle
05:58 AM Bug #6657: Unable to add network in the source section of a LAN firewall rule: Destination host should be 8.8.8.8, but the error is the same. Edwin Chan
05:56 AM Bug #6657: Unable to add network in the source section of a LAN firewall rule: Phillip Davis wrote:
> That works fine for me - give more information about the data you enter and exactly which fie... Edwin Chan
05:49 AM Bug #6657: Unable to add network in the source section of a LAN firewall rule: That works fine for me - give more information about the data you enter and exactly which field the "Please match the... Phillip Davis
05:37 AM Bug #6657 (Not a Bug): Unable to add network in the source section of a LAN firewall rule: Since 2.3.2-RELEASE, the following causes an "Please match the request format" error:
1. Go to Firewall / Rules / LA... Edwin Chan
09:38 AM Todo #6660: Rename "admin" to "root" in GUI, because in fact it is "root" on BSD level.: Thanks Jim, for clarification. Vladimir Suhhanov
09:36 AM Todo #6660 (Rejected): Rename "admin" to "root" in GUI, because in fact it is "root" on BSD level.: Both admin and root exist at the OS level but they each work in different ways. While the password for both accounts ... Jim Pingle
09:32 AM Todo #6660 (Rejected): Rename "admin" to "root" in GUI, because in fact it is "root" on BSD level.: I think it will be more clear for new users and won't cause any misunderstandings. Vladimir Suhhanov
06:39 AM Bug #6658 (Resolved): DHCP Relay not working on 2.3.2: The DHCP Relay Service cannot be started on 2.3.2 with ath0, clients do not receive an IP address.... Kill Bill
12:23 AM Revision 3085b390: experiment with tighter styling: Jared Dillard
12:23 AM Revision 40742134: Fixes #6601 clean up installed packages html: Jared Dillard
12:23 AM Revision aebf6dad: clean up Installed Packages widget by removing category: Jared Dillard
12:19 AM Revision 13b2db87: experiment with tighter styling: Jared Dillard
12:19 AM Revision 5068d239: Fixes #6601 clean up installed packages html: Jared Dillard
12:19 AM Revision 0673b5ed: clean up Installed Packages widget by removing category: Jared Dillard
12:17 AM Revision bfbfa4dd: experiment with tighter styling: Jared Dillard
12:17 AM Revision 1cba7db4: Fixes #6601 clean up installed packages html: Jared Dillard
12:17 AM Revision 13b03802: clean up Installed Packages widget by removing category: Jared Dillard

07/28/2016

08:35 PM Bug #6435: Unable to edit PPTP using interfaces_ppps_edit.php: reassigned Jim Thompson
07:20 PM Bug #6601 (Feedback): Horizontal scroll bar on Installed Packages: Applied in changeset commit:1cba7db475b142e8c1dd5edeb71b294ae01347d3. Anonymous
04:35 PM Bug #3334: Status/Traffic Graph isn't IPv6 ready: IPv6 issue still present in 2.3.2 Luca Moncelli
03:43 PM Bug #6656 (Not a Bug): /rc.newwanip - Excessive Usage: Something is triggering it, usually a gateway outage. Post on the forum or mailing list for help diagnosing the actua... Jim Pingle
03:38 PM Bug #6656 (Not a Bug): /rc.newwanip - Excessive Usage: Currently having the following problem:
According to the systemlogs /rc.newwanip is executed every 3 minutes or so a... Christian M.
01:58 PM Revision b7e1b323: Increase filtering tail limit for logging, fixes #6652: Jim Pingle
01:58 PM Revision 6eb2dbe0: Whitespace fixes: Jim Pingle
01:58 PM Revision 363c7d41: Increase filtering tail limit for logging, fixes #6652: Jim Pingle
01:58 PM Revision f26a81c9: Whitespace fixes: Jim Pingle
01:57 PM Revision f1773759: Increase filtering tail limit for logging, fixes #6652: Jim Pingle
01:56 PM Revision cad2272f: Whitespace fixes: Jim Pingle
12:08 PM pfSense Packages Bug #6655 (Not a Bug): Installing sudo package breaks webGUI system update capabilities and Package Manager on 2.3.1-RELEASE-p1: The problem isn't the sudo package at all. It's that pkg was upgraded and the GUI doesn't understand the output of th... Jim Pingle
11:57 AM pfSense Packages Bug #6655: Installing sudo package breaks webGUI system update capabilities and Package Manager on 2.3.1-RELEASE-p1: I forgot to mention that removing the sudo package via ssh had no change aside from removing the package, the bugs st... Nick Zimmerman
11:56 AM pfSense Packages Bug #6655 (Not a Bug): Installing sudo package breaks webGUI system update capabilities and Package Manager on 2.3.1-RELEASE-p1: After installing the *sudo* package through the System > Package Manager menu, our firewalls are no longer able to ch... Nick Zimmerman
11:56 AM Bug #5652: Radius IETF Class Group Assignment - Incorrect Standard: Phillip Hernandez wrote:
> I disagree with using Cisco-AV:Pair and believe that using Filter-Id is a better option. ... Jay Shepherd
11:28 AM Bug #5652: Radius IETF Class Group Assignment - Incorrect Standard: I disagree with using Cisco-AV:Pair and believe that using Filter-Id is a better option.
Thanks
Phillip Hernandez
11:51 AM Bug #6640: DHCPv6 Server Time Format Change Reversed: Deleted. Daryl Morse
11:50 AM Bug #6640: DHCPv6 Server Time Format Change Reversed: Phillip Davis wrote:
> That looks like a bug that has been around for a while - it is not reversed, it is doubled.
... Daryl Morse
11:24 AM pfSense Packages Bug #6654: siproxyd Table issue: System: Netgate SG-2440 (amd64) Patrick King
11:20 AM pfSense Packages Bug #6654 (Resolved): siproxyd Table issue: Under services-> siproxyd -> Registered phones
Table is not aligned correctly and not showing correct number of re... Patrick King
09:10 AM Bug #6652 (Feedback): Filtering system logs doesn't include all log entries: Applied in changeset commit:f1773759e286fa7dfcaa10965fc7909b7abf560f. Jim Pingle
12:08 AM Bug #6652 (Resolved): Filtering system logs doesn't include all log entries: https://forum.pfsense.org/index.php?topic=115753.0

Log entries to be included in the filtering is capped/restr... NOYB NOYB
05:57 AM Bug #6528: The captive portal cannot be used on interface lan since it is part of a bridge but works anyway: Screamed horray to quick !
When the interface the CP is binded to is bridged, everything works except for the downlo... Orsiris de Jong
01:33 AM Bug #6637 (Confirmed): pfSense blocks return traffic (mostly TCP) on 2.3.1-RELEASE-p5: There is a known fix for this on PR 207598 that should be easy to import.
all FreeBSD 10.x base versions affected Chris Buechler
12:47 AM Bug #6653 (Not a Bug): DNS Forvarder dont worked Host Overrides: that's not true, they work fine. Please post to the forum for assistance. Chris Buechler
12:17 AM Bug #6653 (Not a Bug): DNS Forvarder dont worked Host Overrides: DNS Forvarder ignored all Host Overrides records. Cergo Cergoca
12:20 AM pfSense Packages Feature #6651: Loopback interfaces: For dynamic routing protocol.
As example border router supply originate option ( default gateway ) and use of lo* to... Slava Bendersky

07/27/2016

11:51 PM Bug #6650: Option needed to disable HSTS: A potential workaround may be to use a different host name for other NAT'ed ports.

NOYB NOYB
05:51 PM Bug #6650: Option needed to disable HSTS: Hint: Use haproxy with SNI and forget the ports. See https://github.com/PiBa-NL/pfsense-haproxy-package-doc/wiki (and... Kill Bill
05:04 PM Bug #6650 (Resolved): Option needed to disable HSTS: HSTS is based solely on hosts, and not port numbers. As a result, any HTTPS devices behind the pfSense are unreachabl... Michael Newton
10:50 PM pfSense Packages Feature #6651: Loopback interfaces: I'm curious, what use case do you have for additional lo* interfaces? Chris Buechler
10:31 PM pfSense Packages Feature #6651: Loopback interfaces: major think is create additional lo* interface as right now we can define LAN or WAN. Slava Bendersky
10:10 PM pfSense Packages Feature #6651: Loopback interfaces: you can already do that with virtual IPs on localhost. That doesn't allow cloning lo0 to lo1, though I don't think an... Chris Buechler
09:44 PM pfSense Packages Feature #6651: Loopback interfaces: Assign additional ip addresses like... Slava Bendersky
09:11 PM pfSense Packages Feature #6651: Loopback interfaces: manipulate loopback interfaces in what way? You can already set static routes to lo0 to null route, and add VIPs on l... Chris Buechler
08:59 PM pfSense Packages Feature #6651 (Resolved): Loopback interfaces: Hello Everyone,
I would like place request add ability manipulate loopback interfaces through web ui.
Use cases wh... Slava Bendersky
08:50 PM Bug #6648: pf V2.3.1 - Enabling captive portal failed to create captive portal security group: For support assistance of that nature, use the forum or mailing lists. Jim Pingle
08:33 PM Bug #6648: pf V2.3.1 - Enabling captive portal failed to create captive portal security group: Thank you for the reply, and please pardon my ignorance. Could you please tell me how to assign privileges to a group... Daren Lee
06:54 AM Bug #6648 (Not a Bug): pf V2.3.1 - Enabling captive portal failed to create captive portal security group: That is exactly how it is supposed to work. It is up to the firewall admin to create a group or add the privilege dir... Jim Pingle
01:07 AM Bug #6648 (Not a Bug): pf V2.3.1 - Enabling captive portal failed to create captive portal security group: on a fresh install, enabling Captive Portal failed to create the captive portal security group. could not assign user... Daren Lee
04:17 PM Feature #3718: radvd - enhancement proposal: ability to advertise routes and some fixes - patches attached: Updated the patch for version 2.3.2. Marc Posch
12:53 PM Revision 198f0578: Build ova by default for releases: Renato Botelho
12:52 PM Revision 3b6a57ae: Build ova by default for releases: Renato Botelho
12:52 PM Revision 7731df41: Build ova by default for releases: Renato Botelho
06:58 AM Bug #6649 (Not a Bug): pf v2.3.1 - gateway grouping failed to detect a member with no route to the internet - DNS problems also: Your gateway monitoring for that WAN must not have been correct. For example, pfSense may have been pinging the modem... Jim Pingle
05:14 AM Bug #6649: pf v2.3.1 - gateway grouping failed to detect a member with no route to the internet - DNS problems also: In this situation you need to specify an alternate monitor IP for the router/gateway. If you let it use the default, ... Phillip Davis
01:29 AM Bug #6649 (Not a Bug): pf v2.3.1 - gateway grouping failed to detect a member with no route to the internet - DNS problems also: there are two internet router members added to a Gateway Group. one router (4G wireless modem) became unregistered fr... Daren Lee

07/26/2016

08:30 PM Todo #6647 (New): Enable Additional Security Headers: The nginx instance for the web GUI should enable CSP. Just adding the following works: ... Chris Buechler
07:21 PM Revision 54b84a3b: Fix pkg repo name for tags: Renato Botelho
07:21 PM Revision defa7cab: Fix pkg repo name for tags: Renato Botelho
07:21 PM Revision 2a9df2be: Fix pkg repo name for tags: Renato Botelho
06:59 PM Revision aa26bdd2: Remove stray 'i': Renato Botelho
06:59 PM Revision 3437fab0: Remove stray 'i': Renato Botelho
06:59 PM Revision 42eda751: Remove stray 'i': Renato Botelho
05:03 PM Bug #6646 (Resolved): "Reject leases from" on interfaces.php only accepts IPs: "Reject leases from" on interfaces.php only accepts IP addresses. It should also accept subnets in CIDR notation. Chris Buechler
04:43 PM Feature #6644: Add console shutdown option along with reboot at end of installation: If its locked, then you just need to set it to none, and have your mouse over the apply button, and dont click it unt... Xander Venterus
03:21 PM Feature #6644: Add console shutdown option along with reboot at end of installation: Xander Venterus wrote:
> I do believe as you said it, this is more of a microsoft issue.
>
> HOWEVER, my HyperV a... Daryl Morse
03:17 PM Feature #6644: Add console shutdown option along with reboot at end of installation: I do believe as you said it, this is more of a microsoft issue.
HOWEVER, my HyperV allows me to eject virtual CDs ... Xander Venterus
01:20 PM Feature #6644 (Closed): Add console shutdown option along with reboot at end of installation: In windows 2012R2 hyper-v, there is no way to change boot order, dismount a CD or "eject" virtual media while a vm is... Daryl Morse
04:08 PM Revision c08625fb: Rename directory where product tarball lies to /distrib. It should fix #6643: Renato Botelho
04:08 PM Revision 78e9b001: Rename directory where product tarball lies to /distrib. It should fix #6643: Renato Botelho
01:39 PM Todo #6645 (Closed): More reliable update system: Today when 2.3.2 released to public, some peoples got troubles with update.
The main problem is that when update fai... Vladimir Suhhanov
12:56 PM Feature #6641: Please add DHCPv4 Server Time Format Change Setting: Chris Buechler wrote:
> it's already there, has been for a long time.
Noted. Sorry for the false alarm. Not sure ... Daryl Morse
11:35 AM Bug #6031: Anti-Lockoug Rule Not Effective Against Canned Interface Block Rules: Actually, that would be an easy thing for me to do: my entire LAN has public IPs, so in essence, that should be turne... Ronald Antony
11:20 AM Bug #6643 (Feedback): /usr/bin/install missing from new 2.3.2 installations: Applied in changeset commit:78e9b001e9c7f7995a9b79d831d8c33f95aeff3c. Renato Botelho
10:26 AM Bug #6643 (Resolved): /usr/bin/install missing from new 2.3.2 installations: The /usr/bin/install binary is needed by some packages (such as squid) during their installation procedures, but it i... Jim Pingle
09:55 AM Feature #1019: Lagg Failover Mode Master Interface: Is this on a roadmap for any future release? I just ran into this issue today myself and found this feature request. Christian Ulrich
09:42 AM Bug #6642 (Closed): Cant access certain IP's: I use pfSense with multiple LAN NICs:
10GWAN holds our 10G public /22 ip scope
1GWAN holds our 1G public /26 ip sco... Jesper Nissen
04:58 AM Revision ede53465: Display local DHCP lease times in 24-hour clock: It seems odd to me that when the times are displayed in UTC they have
24-hour clock, but when displayed in local time... Phil Davis
04:04 AM Revision a0d06968: Fix redmine #6640 DHCPv6 server time format: The original code here ended up always applying the time zone offset once, and if you had set dhcpv6leaseinlocaltime ... Phil Davis
04:04 AM Revision 78415e07: Fix redmine #6640 DHCPv6 server time format: The original code here ended up always applying the time zone offset once, and if you had set dhcpv6leaseinlocaltime ... Phil Davis
04:03 AM Revision 011a15a0: Merge pull request #3079 from phil-davis/patch-2: Chris Buechler
03:42 AM Revision ffe1a068: Fix redmine #6640 DHCPv6 server time format: The original code here ended up always applying the time zone offset once, and if you had set dhcpv6leaseinlocaltime ... Phil Davis
03:09 AM Bug #6634: DHCP Server "TFTP Server" field should allow URLs: see: https://forum.pfsense.org/index.php?topic=114085.0 Rene Plattner
03:08 AM Bug #6512: Upgrade to 2.3.1 causes network performance degradation (with High CPU usage by NIC kernel tasks): Hi,
I also has the problem of the performance degration!
We have a setup of a small hardware box (N3150 Mini-ITX ... Rene Plattner
01:54 AM Bug #4981: Remote logging not active after reboot: Any news on this? Still an issue in the latest 2.3.1_p5 release. I'm also logging to a Nagios Log Server now, and bot... Lars Jorgensen
01:28 AM Revision efd07e5e: Remove '-x' flag from dhcpwithoutra launch of dhcp6c: This is the equivalent fix for the RELENG_2_3 branch to pull request #3078 Phil Davis

07/25/2016

11:05 PM Bug #6640 (Feedback): DHCPv6 Server Time Format Change Reversed: merged, thanks Phil Chris Buechler
10:46 PM Bug #6640: DHCPv6 Server Time Format Change Reversed: That looks like a bug that has been around for a while - it is not reversed, it is doubled.
If you have the checkbox... Phillip Davis
09:14 PM Bug #6640 (Resolved): DHCPv6 Server Time Format Change Reversed: The DHCPv6 Server Time Format Change setting "Change DHCPv6 display lease time from UTC to local time" is reversed. W... Daryl Morse
10:43 PM Feature #6641 (Closed): Please add DHCPv4 Server Time Format Change Setting: it's already there, has been for a long time. Chris Buechler
09:16 PM Feature #6641 (Closed): Please add DHCPv4 Server Time Format Change Setting: The DHCPv6 server has a Time Format Change setting to allow display of leases in local time or UTC. Please add a simi... Daryl Morse
08:26 PM Bug #5993: dhcp6c not started until an RA received: Chris Buechler wrote:
> merged this for 2.4 as it needs more baking time in snapshots than we're going to have for 2... Daryl Morse
01:38 PM Feature #6639 (Resolved): Utilize nextboot to control the behavior of the next firewall reboot: Now that we include nextboot, we can use it to control the properties of the next firewall boot sequence.
Two idea... Jim Pingle
10:24 AM pfSense Packages Feature #5434: Let's Encrypt pfSense support: Sory, but now it's working via some simple manual steps...
https://thedevops.party/lets-encrypt-ssl-certificate-on... Ernesto Victor Villarreal
01:44 AM Bug #6637: pfSense blocks return traffic (mostly TCP) on 2.3.1-RELEASE-p5: Chris Buechler wrote:
> this seems like it's probably the issue here?
> https://bugs.freebsd.org/bugzilla/show_bug... Remko Lodder

07/24/2016

06:16 PM pfSense Packages Feature #6196 (Closed): APU2 Thermal sensor: patch is already upstream (by us, not OPNsense).
Jim Thompson
01:19 AM pfSense Packages Feature #6196: APU2 Thermal sensor: This has already been committed upstream:
https://github.com/freebsd/freebsd/commit/cf2857955cc43bf478bbb4716641d1... Jose Luis Duran
05:26 PM Bug #6422: PHP Fatal error: Call to undefined function gettext() in /etc/inc/rrd.inc on line 60: I've been getting this consistently on two new installs that are both dual-WAN load balanced (Gateway Groups).
Mos... Jeffrey Posluns

07/23/2016

10:15 PM Revision 4aaf3874: dpinger: fixed check for pidfile length #6505: Daniel Hoffend
05:18 PM Bug #6505: dpinger - socket name too large: I've pushed a hotfix for this commit. Somehow i checked the wrong variable ... Please check
https://github.com/pfs... Daniel Hoffend
03:44 PM Bug #6507: GRE and GIF tunnels on dynamic IPv6 interface are not brought up during boot: IMO this function should be combined with the ipsec tunnel reload. This way you can combine point2point ipsec connect... Daniel Hoffend
09:26 AM Feature #3718: radvd - enhancement proposal: ability to advertise routes and some fixes - patches attached: Hi,
I have upgraded my pfsense box to 2.3.1 finally, since I have seen that there were major changes in the web in... Marc Posch

07/22/2016

11:27 PM Bug #6635 (Not a Bug): Dyndns not updating for no-ip: It works fine as-is. Their old API apparently accepts either hostname or h[] there, since it worked before, and it st... Chris Buechler
12:24 PM Bug #6635: Dyndns not updating for no-ip: My updates on several boxes are working fine. 2.3.1 p5 (I use noip for my primary server dns also so have the ... Chris Palmer
02:56 AM Bug #6635: Dyndns not updating for no-ip: Could have sworn I'd used my no-ip account for testing since that commit. Though my account isn't working either way ... Chris Buechler
11:23 PM Todo #6638 (Resolved): Update no-ip DDNS to new API: no-ip's API has changed (sometime in 2011 apparently), though they still accept updates using the old URL, it should ... Chris Buechler
07:24 PM Revision b8e4f5ff: Section title was wrong, discovered by mfine: Jeremy Porter
06:16 PM Revision a869a931: Section title was wrong, discovered by mfine: Jeremy Porter
03:20 PM Bug #6637: pfSense blocks return traffic (mostly TCP) on 2.3.1-RELEASE-p5: this seems like it's probably the issue here?
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=207598
we haven'... Chris Buechler
03:25 AM Bug #6637: pfSense blocks return traffic (mostly TCP) on 2.3.1-RELEASE-p5: I can narrow this down to the 'block out' rule. (And I believe there is no configurable option, perhaps except on the... Remko Lodder
03:19 AM Bug #6637 (Resolved): pfSense blocks return traffic (mostly TCP) on 2.3.1-RELEASE-p5: Dear people,
I am setting up a host where I have my AP's connecting to the pfSense box over IPSEC.
I use the "tra... Remko Lodder
09:25 AM Bug #6433: "TFTP Server" field on DHCP server page does not allow hyphen character.: New ticket now open.
See TICKET #6634 Shane Poteet
03:03 AM Bug #6634 (Confirmed): DHCP Server "TFTP Server" field should allow URLs: different issue, we'll keep this here. Chris Buechler
02:47 AM Bug #4723: Can't forward UDP fragmented packets with scrubbing enabled.: Chris Buechler wrote:
> I hit this issue with a customer last week. Worked fine after disabling scrub. I have pcaps ... Remko Lodder

07/21/2016

09:50 PM pfSense Packages Bug #6636 (Resolved): Squid Reverse Proxy with Additional IP and compatibility="Intermediate" writes bad squid.conf: I use a CARP config, actual IP on this box is x.x.x.135, Virtual IP x.x.x.133. When compatibility="Intermediate" the... Marc Skarshinski
08:38 PM Bug #6635: Dyndns not updating for no-ip: It was "&hostname=" for many years up until 30 Jan 2016, when this commit changed it for some reason:
https://github... Phillip Davis
07:51 PM Bug #6635 (Not a Bug): Dyndns not updating for no-ip: There's a typo on line 431 of dyndns.class where '&h[]=' should be '&hostname='. As is, it doesn't update and logs a... Terry T
02:42 PM Bug #6572: Config sync hangs php-fpm on secondary: Hi Chris,
I have the same problem. I do 1-2 config changes and everything works just fine. If I do a couple more I... Bogdan Cornea
02:04 PM Bug #6634 (Resolved): DHCP Server "TFTP Server" field should allow URLs: Please reopen bug #6433. Not familiar with system here or I would try.
The filter on the web interface is not allo... Shane Poteet
01:58 PM Revision 5a5a11cd: replace attribute 'name' to 'id' in openvpn status: Bruno Ferri
01:55 PM Bug #6433: "TFTP Server" field on DHCP server page does not allow hyphen character.: This still does not have the necessary functionality as it did on 2.2.x as of 2.3.1-5. I need to be able to populate ... Shane Poteet
07:07 AM Bug #6631: vesa_configure error on boot: In that case we'll get the change automatically when we switch to a FreeBSD 11 base for pfSense 2.4, which is only a ... Jim Pingle
02:25 AM Bug #6631: vesa_configure error on boot: I've verified that it's already fixed. Not that the bug still persists. This means that the pfSense kernel should be ... Thijs Cramer
03:56 AM Bug #6558: Pf-sense 2.3 doesn't detect shutdow event with em driver and Intel Chipset 82574L: Chris Buechler wrote:
> No, it's not a bug in our code and doesn't affect any of the hardware we sell or have sold, ... Atlante Informatica
02:24 AM Revision f39ea4c4: Backport openvpn_add_dhcpopts already sets redirect-gateway: Ticket 6633
Original commit to master was
https://github.com/pfsense/pfsense/commit/f8038899f250c656b1ef03fe351fb9cfd... Phil Davis
01:29 AM Revision dbcc45d1: Backport Add missing recommended key lengths/digest to Cert system: Original pull request to master was #2944 Phil Davis
12:56 AM Revision f8038899: openvpn_add_dhcpopts already sets redirect-gateway, don't add it a second time. Ticket #6633: Chris Buechler

07/20/2016

07:59 PM Bug #6633 (Feedback): redirect-gateway duplicated in client specific overrides: fix pushed Chris Buechler
07:58 PM Bug #6633 (Resolved): redirect-gateway duplicated in client specific overrides: as reported here.
https://forum.pfsense.org/index.php?topic=115429.0 Chris Buechler
07:55 PM pfSense Packages Bug #6632 (Confirmed): siproxd hosts_allow_reg should be configurable: if you open siproxd on WAN in firewall rules, you get what you're asking for security-wise. No shortage of potential ... Chris Buechler
05:09 PM pfSense Packages Bug #6632 (Resolved): siproxd hosts_allow_reg should be configurable: siproxd is providing a configuration option "hosts_allow_reg" which
implements a positive access control list for ho... Robert Jordan
02:48 PM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic: this is from the use of dummynet in pf, which doesn't exist in stock FreeBSD. And the implementation apparently leave... Chris Buechler
02:23 PM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic: Chris Buechler wrote:
> There isn't one because the code/feature in question doesn't exist there.
Now I'm confuse... → luckman212
01:55 PM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic: Andrew Maslin wrote:
> Can someone share the FreeBSD bug # so we can track the progress of the root of the issue? L... Chris Buechler
11:29 AM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic: Can someone share the FreeBSD bug # so we can track the progress of the root of the issue? Like Luke, I would like t... Andrew Maslin
06:48 AM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic: Have you guys tried using a queue inside the limiter instead of the limiter itself? It could make a difference since ... Jose Duarte
02:47 PM Bug #6558: Pf-sense 2.3 doesn't detect shutdow event with em driver and Intel Chipset 82574L: No, it's not a bug in our code and doesn't affect any of the hardware we sell or have sold, so not something we'll ad... Chris Buechler
06:15 AM Bug #6558: Pf-sense 2.3 doesn't detect shutdow event with em driver and Intel Chipset 82574L: Atlante Informatica wrote:
> Chris Buechler wrote:
> > subject isn't true in general, 82574L in the FW-7541 correc... Atlante Informatica
01:56 PM Bug #6629: Can't update to "update" update (e.g. 2.3.1_5): which is correct, guessing it's no longer showing as described? As that output would give you 2.3.1_5 as an update av... Chris Buechler
08:13 AM Bug #6629: Can't update to "update" update (e.g. 2.3.1_5): Chris Buechler wrote:
> not replicable. Those two pages use the same function to obtain their data, so no apparent m... Jonathon Reinhart
01:54 PM Bug #6631 (Closed): vesa_configure error on boot: The change that's in reference to was only in 11, what you're seeing there isn't the same thing. Not a bug in our cod... Chris Buechler
01:03 PM Bug #6631 (Closed): vesa_configure error on boot: I have the same issue as this FreeBSD Mailing List thread: http://markmail.org/message/aoq6ub636ainxcxe#query:+page:1... Thijs Cramer
10:44 AM pfSense Packages Todo #6443 (Resolved): Add ntopng package back into pfSense 2.3.x: ntopng will be in the pfSense 2.3.2 release. New tickets should be opened if there are issues with the package upon r... Jared Dillard
10:37 AM Revision b89bc607: Backport Check IP Services: Original pull request to master was #3037 Phil Davis
10:15 AM Revision 30505ba6: Backport Remove input_errors2Ajax calls: Original commit to master was
https://github.com/pfsense/pfsense/commit/86d431a89d920f64dda5e7e1821f720daf6e067b Phil Davis
10:01 AM Revision 9cf9f30f: Backport Fix issue with QinQ on LAGG interfaces where MTU doesn't apply to parent: Original pull request to master was #2905 Phil Davis
09:50 AM Revision f24e175e: Backport simplify subnet_size(): Original pull request to master was #3007 Phil Davis
08:02 AM Revision eafd9cfb: Backport Use all certificates in the chain when creating the ca-file for server-side OpenVPN configuration: Original pull request to master was #2966 Phil Davis
07:55 AM Revision 197cd6c0: Backport notify by email and in syslog when a channel goes up or down: Original pull request to master was #2847 Phil Davis
07:39 AM Revision 10d4fe2e: Backport Radius auth server to detect openVPN: Original pull request to master was #3057 Phil Davis
07:11 AM Revision b18e885c: Backport IPv6 support for CloudFlare: Original code for master in pull request #3061 Phil Davis
06:54 AM Revision f50f74a4: Backport DHCP6 init before RA: Original PR to master was #3055 Phil Davis
06:37 AM Revision 1cdf2c91: Formatting tidy of interfaces.inc: After #3055 Phil Davis

07/19/2016

08:51 PM Bug #5993: dhcp6c not started until an RA received: Chris Buechler wrote:
> merged this for 2.4 as it needs more baking time in snapshots than we're going to have for 2... Daryl Morse
08:12 PM Bug #6629: Can't update to "update" update (e.g. 2.3.1_5): I observed the same thing about a week ago. Performing an update from the console resolved the issue. Anonymous
07:27 PM Bug #6629 (Feedback): Can't update to "update" update (e.g. 2.3.1_5): not replicable. Those two pages use the same function to obtain their data, so no apparent means for one to show an u... Chris Buechler
05:31 PM Bug #6629 (Resolved): Can't update to "update" update (e.g. 2.3.1_5): It appears that there is an update available, but when I try to install it, pfSense says it's up-to-date.
I just i... Jonathon Reinhart
08:01 PM Revision eeddd261: Fix variable name: Renato Botelho
08:01 PM Revision c9d6b915: Fix variable name: Renato Botelho
08:01 PM Revision 2e1ebfdd: Fix variable name: Renato Botelho
07:13 PM Revision f3553ac9: Remove immutable flag before delete directory: Renato Botelho
07:13 PM Revision e4de9720: Remove immutable flag before delete directory: Renato Botelho
07:13 PM Revision a034c5bd: Remove immutable flag before delete directory: Renato Botelho
06:00 PM Bug #6630 (Assigned): Set Defaults for Graphs - Traffic/WAN + Packets/WAN doesn't work: Jared Dillard
05:39 PM Bug #6630 (Resolved): Set Defaults for Graphs - Traffic/WAN + Packets/WAN doesn't work: Tested on two installations.
2.3.2-DEVELOPMENT (amd64)
built on Mon Jul 18 13:42:01 CDT 2016
FreeBSD 10.3-RELE... Jordan Heinz
03:55 PM Bug #6628 (Resolved): extensions.ini can end up missing required items: In some currently-unknown edge case, extensions.ini can end up missing lines, breaking things.
One example post-2... Chris Buechler
03:51 PM Bug #6578: Filter reload hangs with IPsec hostnames that don't resolve configured: This gets very ugly in circumstances where DNS servers aren't reachable at all. resolve_retry takes extremely long in... Chris Buechler
02:20 PM Revision 446ed60e: Move RELENG_2_3 to 2.3.3-DEVELOPMENT and point stable to 2.3.2: Renato Botelho
02:18 PM Revision a3cba833: Welcome 2.3.2-RELEASE: Renato Botelho
07:05 AM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic: Now that the target version bumped to 2.4 (FREEBSD-11) can anyone at least say whether the bug has been fixed in Free... → luckman212
04:27 AM Bug #5990: AES-GCM should be an allowed encryption algorithm for IKEv2 in P1: Confirmed that it works with IKEv2 PSK mobile client using:
ike = aes256gcm128-sha512-ecp512bp!
esp = aes256gcm... Lars Pedersen
02:11 AM Bug #6625: firewall forwards all traffic through wan interface, via default gateway, even if alternative route had been installed: Chris Buechler wrote:
> Hi Remko,
> This seems like a duplicate of #1136, is the VPN in this case reachable via a s... Remko Lodder
12:25 AM Bug #6625 (Feedback): firewall forwards all traffic through wan interface, via default gateway, even if alternative route had been installed: Hi Remko,
This seems like a duplicate of #1136, is the VPN in this case reachable via a static route? Chris Buechler
12:50 AM Bug #6437 (Resolved): CBQ queues are not displaying options for bandwidth or borrowing: works, thanks Steve Chris Buechler

07/18/2016

07:44 PM pfSense Packages Bug #6571: NUT service can not start sometimes after boot when SNMP UPS interface is down: The new NUT package allows for a nut supported way to retry the startup of the driver. Denny Page
06:41 PM Revision d5906132: Set HTTP_PROXY to empty as recommended at https://httpoxy.org/#fix-now: Renato Botelho
06:40 PM Revision 2039a3c1: Set HTTP_PROXY to empty as recommended at https://httpoxy.org/#fix-now: Renato Botelho
06:29 PM Revision d29bdf01: Make sure licenses dir is removed to avoid duplicate it in the wrong package: Renato Botelho
06:29 PM Revision 7147142e: Make sure licenses dir is removed to avoid duplicate it in the wrong package: Renato Botelho
03:52 PM Bug #5990: AES-GCM should be an allowed encryption algorithm for IKEv2 in P1: Jose Luis Duran wrote:
> Is this going to be backported?
>
> As this was a breaking change from 2.2 to 2.3 (not a... Renato Botelho
03:35 PM Bug #5990 (Resolved): AES-GCM should be an allowed encryption algorithm for IKEv2 in P1: fixed
Nothing to back port it to, 2.3.2 is the next release. Chris Buechler
03:16 PM Bug #5990: AES-GCM should be an allowed encryption algorithm for IKEv2 in P1: Is this going to be backported?
As this was a breaking change from 2.2 to 2.3 (not appearing in the Change log). Jose Luis Duran
02:59 PM Bug #5990: AES-GCM should be an allowed encryption algorithm for IKEv2 in P1: Lars Pedersen wrote:
> Chris Buechler wrote:
> > fix pushed
>
> Looks good. Will verify it when the next snapsho... Renato Botelho
03:46 AM Bug #5990: AES-GCM should be an allowed encryption algorithm for IKEv2 in P1: Chris Buechler wrote:
> fix pushed
Looks good. Will verify it when the next snapshot is being build. Lars Pedersen
03:44 PM Revision fe179ed6: Allow section header to be omitted by specifying "NOTITLE" as the section title.: (cherry picked from commit 9ce54773be5e02235e3be7d2b970f61fbb27ba86) Stephen Beaver
03:43 PM Revision 9ce54773: Allow section header to be omitted by specifying "NOTITLE" as the section title.: Stephen Beaver
03:11 PM Revision 2e2ffafc: Fixed #6437: (cherry picked from commit 7bba13e8d53adfe4beb03c8444e60848ae6e25e9) Stephen Beaver
03:09 PM Revision 7bba13e8: Fixed #6437: Stephen Beaver
03:07 PM Revision 5be7a5bf: Show "cannot delete alias" message as error: If I try to delete an alias that is in use, the "cannot delete alias" message was being displayed as the "success" co... Phil Davis
03:06 PM Revision b6bd4012: Show "cannot delete alias" message as error: If I try to delete an alias that is in use, the "cannot delete alias" message was being displayed as the "success" co... Phil Davis
11:45 AM Feature #6569: Support Rockwell ZODIAC binary protocol (Jupiter receiver) for high precision: And now I've had gpsmon SIGSEGV on me. It doesn't happen often, but it has happened from time to time.
gpsd itself... Bruce Simpson
09:28 AM Feature #6569: Support Rockwell ZODIAC binary protocol (Jupiter receiver) for high precision: I think there may also be (benign) bugs in the gpsmon monitor for UBX in gpsd.
I just swapped out a car antenna (S... Bruce Simpson
10:20 AM Bug #6437: CBQ queues are not displaying options for bandwidth or borrowing: Applied in changeset commit:2e2ffafc35f73282f0a40132de4949cae2dbf4bf. Anonymous
10:13 AM Bug #6437: CBQ queues are not displaying options for bandwidth or borrowing: Form section containing bandwidth and borrow was not being added to the composed form. Anonymous
10:10 AM Bug #6437 (Feedback): CBQ queues are not displaying options for bandwidth or borrowing: Applied in changeset commit:7bba13e8d53adfe4beb03c8444e60848ae6e25e9. Anonymous
09:15 AM Bug #1629: invalid state table entries after WAN IP change: I posted "over on the forum":https://forum.pfsense.org/index.php?topic=108895.msg639527#msg639527 but I am not sure w... → luckman212
08:22 AM Bug #6627 (New): floating tab match rules ignore quick action so should be removed: i noticed since queue rules in floating tab was removed and just match in list or maybe queue renamed to match, the q... Bipin Chandra
07:51 AM Feature #6626 (Closed): Support for IPv6 firewall entries with dynamic delegated prefix and static host address: When using an ISP with dynamic prefix delegation, the prefix may change at any time, resulting in a change of the IP ... Anonymous
06:44 AM Bug #6625 (Duplicate): firewall forwards all traffic through wan interface, via default gateway, even if alternative route had been installed: We have setup a new pfSense box that will route our VPN traffic between endpoints.
That goes out on our WAN interfac... Remko Lodder
06:02 AM Bug #6487: PfSense crashes during boot at configuring LAGG interfacess: Possibly related:
* https://forum.pfsense.org/index.php?topic=112042.msg623929#msg623929
* https://forum.pfsense.or... Kilian H
04:19 AM Revision 76a0eecb: Allow AES-GCM for P1 where using IKEv2. Ticket #5990: Chris Buechler
04:18 AM Revision a46e0d74: Allow AES-GCM for P1 where using IKEv2. Ticket #5990: Chris Buechler
02:25 AM Revision cadcc898: Clarify that HMAC-MD5 key is required. Ticket #6622: Chris Buechler
02:24 AM Revision 4d55ef96: Clarify that HMAC-MD5 key is required. Ticket #6622: Chris Buechler
02:20 AM Revision 6061a7a9: Merge pull request #3061 from thoughtpolice/cloudflarev6: Chris Buechler
02:15 AM Revision 655fb9df: Merge pull request #3055 from marjohn56/master: Chris Buechler
12:24 AM Bug #4268 (Closed): changes in strongswan config don't apply to SAD or SPD: when this started, it was a much bigger issue. The worst of it was fixed, but the remaining part with the SAD is stil... Chris Buechler
12:22 AM Bug #6624 (Confirmed): changes in IPsec config should down the connection: The fact that strongswan doesn't take down an established connection after changing the config has lead to a number o... Chris Buechler

07/17/2016

11:19 PM Bug #5990 (Feedback): AES-GCM should be an allowed encryption algorithm for IKEv2 in P1: fix pushed Chris Buechler
09:28 PM Bug #6622 (Resolved): DHCP Server: Dynamic DNS required fields are ambiguous: Thanks, committed clarification to description. Chris Buechler
01:10 PM Bug #6622 (Resolved): DHCP Server: Dynamic DNS required fields are ambiguous: This is a screenshot of the current DHCP Server's advanced Dynamic DNS options, as of 2.3.1-p5:
!http://i.imgur.co... Thomas Ward
09:21 PM Feature #6623 (Resolved): Cloudflare DDNS IPv6 support: merged to master from PR 3061.
https://github.com/pfsense/pfsense/pull/3061
Chris Buechler
09:16 PM Bug #5993 (Feedback): dhcp6c not started until an RA received: merged this for 2.4 as it needs more baking time in snapshots than we're going to have for 2.3.2. Chris Buechler
09:10 PM Bug #6355 (Resolved): DHCP relay listens for dhcp requests on the upstream interface.: works Chris Buechler
09:00 PM Bug #6589 (Resolved): dhcpd.leases missing hostnames in some cases: works Chris Buechler
08:37 PM Bug #6619 (Not a Bug): NAT - Outbound - Edit/Add: Can't enter alias in source/destination network field: the stable version of Opera works fine. They broke something in the development release, report it there. Chris Buechler
10:16 AM Bug #6619: NAT - Outbound - Edit/Add: Can't enter alias in source/destination network field: This happens in Opera 40. In Edge everything works fine. Dmitriy K
09:57 AM Bug #6619: NAT - Outbound - Edit/Add: Can't enter alias in source/destination network field: The same "bug" goes for Firewall rule Add/Edit page: There is no way to use an alias.
Looks like a certain commit... Dmitriy K
09:38 AM Bug #6619 (Not a Bug): NAT - Outbound - Edit/Add: Can't enter alias in source/destination network field: Mayday mayday: There is no way to use network(s) alias in network field on the Outbound NAT Add/Edit page.
Tested... Dmitriy K
08:32 PM Bug #6617 (Resolved): "UNKNOWN" links in package manager: fixed Chris Buechler
01:11 PM Feature #6621: Permit DHCP Server Dynamic DNS server key algorithm type selection and use: Related bug report on the ambiguity of the algorithm currently needed for the DNS secret key: #6622 (https://redmine.... Thomas Ward
01:10 PM Feature #6621 (Resolved): Permit DHCP Server Dynamic DNS server key algorithm type selection and use: Under the DHCP Server page, you are able to do advanced configuration of Dynamic DNS with an internal nameserver (not... Thomas Ward
10:01 AM Feature #6620 (Resolved): CoDel, FQ-CoDel, PIE and FQ-PIE AQMs: Patches for new AQMs CoDel, FQ-CoDel, PIE and FQ-PIE were submitted to CURRENT a few months ago and are now in 10-STA... qubit nano
09:41 AM Revision 3a05e4c3: dyndns: add IPv6 support for CloudFlare: Signed-off-by: Austin Seipp <aseipp@pobox.com> Austin Seipp
09:37 AM Bug #6437: CBQ queues are not displaying options for bandwidth or borrowing: well i hit into this today Bipin Chandra

07/16/2016

05:28 PM Feature #6618 (Duplicate): Alert when reboot required for updates: duplicate of #6411 Chris Buechler
04:41 PM Feature #6618 (Duplicate): Alert when reboot required for updates: Hi,
When new updates, the user is not notified if the reboot is required to complete the update.
Why not add a ... Frederic Lietart
11:11 AM Feature #6569: Support Rockwell ZODIAC binary protocol (Jupiter receiver) for high precision: An apparently identical uBlox5 MiniPCIe module (on site at a client's0 stops responding after CFG-PRT to UBX only.
... Bruce Simpson
05:29 AM Revision 47de3b06: Fix "http://pf.sense/UNKNOWN" links in Pkg Manager: I noticed recently that many packages do not have the 'www' field in the database filled, or have it set to UNKNOWN ... → luckman212
05:29 AM Revision 8f70ba67: Merge pull request #3060 from lukehamburg/patch-2: Chris Buechler
01:25 AM Revision 7940050b: Fix "http://pf.sense/UNKNOWN" links in Pkg Manager: I noticed recently that many packages do not have the 'www' field in the database filled, or have it set to UNKNOWN ... → luckman212
01:04 AM Bug #6594: Package reinstallation post-config restore hangs if no Internet connectivity: It's still the package reinstall that gets hung up, regardless of whether or not you have packages installed. It sets... Chris Buechler
12:30 AM Bug #6617 (Resolved): "UNKNOWN" links in package manager: From Luke Hamburg on PR 3060:
"I noticed recently that many packages do not have the 'www' field in the database f... Chris Buechler
12:25 AM Bug #6139 (Resolved): vpn_openvpn_server.php - When saving a server, all CSCs should be resynced: fixed Chris Buechler
12:06 AM Bug #6613 (Resolved): Interface mismatch allows applying changes without saving them: works, now doesn't allow applying until after you save, so people can't get confused.
This same bug actually goes... Chris Buechler

07/15/2016

11:28 PM Revision 4e0f1a1e: fix typo: Chris Buechler
11:27 PM Revision 1d653e86: fix typo: Chris Buechler
10:56 PM Bug #4639 (Resolved): NAT fails to correctly translate udp port numbers embedded in certain ICMP error packets: Pretty sure this overlaps with PR 201519, which is confirmed fixed.
Daniel: if you're still seeing issues on 2.3.... Chris Buechler
09:50 PM Bug #6450 (Resolved): Deleting yourself in User Manager results in an empty user tag in the config: Thanks Phil, setting the target was overlooked after the merge. Just double checked 2.3.2 and it's good. Chris Buechler
08:33 PM Bug #6450: Deleting yourself in User Manager results in an empty user tag in the config: This was committed to master, RELENG_2_3 and RELENG_2_3_1 around 23 June 2016.
That looks like it is later than the ... Phillip Davis
08:18 PM Revision 0f743680: Fix license.php to show correct text: Renato Botelho
08:05 PM Revision 1b7647bd: Revert wrong conversion in license.php: Renato Botelho
07:42 PM Revision a06db880: Update pot: Renato Botelho
07:41 PM Revision ef65be16: Move remaining ESF license file to APACHE20: Renato Botelho
07:38 PM Revision cbf5f75e: Fix xml syntax after license update: (cherry picked from commit f7057140af3a98af925f76b6b0bb544dc7bfc418) NewEraCracker
07:38 PM Revision 7b24d53b: Merge pull request #3059 from NewEraCracker/xml-syntax-fix: Renato Botelho
07:30 PM Revision b12ea3fb: Move to Apache License 2.0: Renato Botelho
07:19 PM Revision 0eef97aa: Make a function to resync all OpenVPN CSCs and use it when saving an OpenVPN server. Fixes #6139: Jim Pingle
07:14 PM Revision f7057140: Fix xml syntax after license update: NewEraCracker
07:09 PM Revision 1f954318: Make a function to resync all OpenVPN CSCs and use it when saving an OpenVPN server. Fixes #6139: Jim Pingle
06:53 PM Revision 64bac84e: dse was under contract with BSDP for all the work he did, we own (c): Chris Buechler
06:49 PM Revision f0314a2a: dse was under contract with BSDP for all the work he did, we own (c): Chris Buechler
06:32 PM Revision aaec5634: Review license / copyright on all files (final round): Renato Botelho
06:30 PM Revision c5d81585: Review license / copyright on all files (final round): Renato Botelho
06:14 PM Revision 318e0383: Set dhcp-cache-threshold to 0 to avoid a bug in dhcpd 4.3.x where it omits client-hostname where the cache threshold is reached. Ticket #6589: Chris Buechler
06:13 PM Revision 9dacff7f: Set dhcp-cache-threshold to 0 to avoid a bug in dhcpd 4.3.x where it omits client-hostname where the cache threshold is reached. Ticket #6589: Chris Buechler
05:50 PM pfSense Packages Feature #6204: Integrate ntopng with pfSense - assistance required by ntopng developer: Wow, this would be incredible (being able to mark traffic based on ntop filters) - did not even know that was theoret... → luckman212
02:20 PM Bug #6139: vpn_openvpn_server.php - When saving a server, all CSCs should be resynced: Applied in changeset commit:1f954318266fc0da7ee41bb532da969ec9da8b95. Jim Pingle
01:15 PM Bug #6589 (Feedback): dhcpd.leases missing hostnames in some cases: this is a bug with the dhcp-cache-threshold feature.
https://lists.isc.org/pipermail/dhcp-users/2016-July/020183.ht... Chris Buechler
11:18 AM Bug #6495: No default route on PPPoE after reconnect or IP change in some cases: Hi Chris,
> I brought back the behavior of 2.2.6 and earlier here, as the root cause isn't readily apparent. The rou... Mario Lener
12:15 AM Bug #6495: No default route on PPPoE after reconnect or IP change in some cases: I brought back the behavior of 2.2.6 and earlier here, as the root cause isn't readily apparent. The router file ends... Chris Buechler
05:09 AM Revision 5bd2dd83: Bring back the "set iface route default" used in 2.2.6 and earlier versions, which works around the root problem in Ticket #6495: Chris Buechler
05:08 AM Revision 258f1f11: Bring back the "set iface route default" used in 2.2.6 and earlier versions, which works around the root problem in Ticket #6495: Chris Buechler
05:04 AM pfSense Packages Bug #6616 (Duplicate): Client Export list empty when using intermediate CA: Certificate setup:
A Root CA which has signed a VPN CA certificate.
This VPN CA signed the VPN server certificate... Johan Braeken
04:29 AM pfSense Packages Bug #6571: NUT service can not start sometimes after boot when SNMP UPS interface is down: I think the reason why this feature is not implemented by NUT team is because it should be implemented on the OS side... Vladimir Suhhanov
03:50 AM Feature #6615 (New): new DHCP server option: Some hardware can't receive a dhcp lease until they has been configured with a valid IP address.
In that circumstanc... Fabien Duay
03:24 AM Revision 42f47efc: Fix #6613 Do not show Aply Changes button when Save needed: I got a bit carried away in the fix for #6460 https://github.com/pfsense/pfsense/commit/21c18c3df11547aba172c10f95872... Phil Davis
03:24 AM Revision 47e3809d: Merge pull request #3058 from phil-davis/patch-1: Chris Buechler

07/14/2016

11:54 PM Bug #6613: Interface mismatch allows applying changes without saving them: "The way it worked in 2.2.X was when you hit apply changes it saved and rebooted the pfsense at the same time."
Hm... Phillip Davis
10:30 PM Bug #6613: Interface mismatch allows applying changes without saving them: Applied in changeset commit:1602106bf511e91c8d8f371ff8d5a92cfa70879a. Phillip Davis
10:25 PM Bug #6613 (Feedback): Interface mismatch allows applying changes without saving them: merged, thanks Phil. Chris Buechler
09:17 PM Bug #6613: Interface mismatch allows applying changes without saving them: Phillip Davis wrote:
> The Apply Changes button is being shown too early in the workflow.
> PR https://github.com/p... Adam Piasecki
06:17 PM Bug #6613: Interface mismatch allows applying changes without saving them: The Apply Changes button is being shown too early in the workflow.
PR https://github.com/pfsense/pfsense/pull/3058 s... Phillip Davis
10:19 AM Bug #6613 (Resolved): Interface mismatch allows applying changes without saving them: When selecting Apply Changes after fixing a interface mismatch. The button does not save the changes, and asks again ... Adam Piasecki
11:27 PM pfSense Packages Bug #6571: NUT service can not start sometimes after boot when SNMP UPS interface is down: I've taken a look at this, and this behavior appears to be an intentional choice on the part of the NUT team. I agree... Denny Page
11:14 PM Revision 1602106b: Fix #6613 Do not show Aply Changes button when Save needed: I got a bit carried away in the fix for #6460 https://github.com/pfsense/pfsense/commit/21c18c3df11547aba172c10f95872... Phil Davis
10:42 PM Feature #3254 (Closed): Add DNS controls for radvd on tracking interfaces: this was addressed in 2.3 Chris Buechler
10:38 PM Feature #3366 (Duplicate): Diagnostics: DNS Lookup does not return AAAA records: this was implemented in 2.3.2 on a diff ticket Chris Buechler
10:38 PM pfSense Packages Feature #3685 (Resolved): haproxy listener ip from alias: Chris Buechler
10:30 PM Todo #1934 (Resolved): Add input validation for interface addresses in GUI and console: this was done quite some time ago Chris Buechler
09:36 PM Revision 8acd654a: Review license / copyright on all files (1st round): Renato Botelho
09:34 PM Revision fdd09cbd: Retire deactivated widgets: Renato Botelho
09:34 PM Revision 368adf79: chmod 0644 php web pages: Renato Botelho
09:34 PM Revision fc91ddca: Retire copyright-master.txt: Renato Botelho
09:34 PM Revision 3f757bb2: chmod 0644 php web pages: Renato Botelho
09:34 PM Revision 483fef7e: Retire /usr/local/bin/slowdownpipe.sh: Renato Botelho
09:33 PM Revision ac24dc24: Review license / copyright on all files (1st round): Renato Botelho
09:10 PM Revision 30b94997: Retire deactivated widgets: Renato Botelho
08:51 PM Revision e7b8ee69: chmod 0644 php web pages: Renato Botelho
08:50 PM Revision e15252dc: Retire copyright-master.txt: Renato Botelho
08:49 PM Revision 0d21a99e: chmod 0644 php web pages: Renato Botelho
08:33 PM Revision 38f54fec: Retire /usr/local/bin/slowdownpipe.sh: Renato Botelho
07:41 PM Bug #6481: loading EAP_RADIUS method failed: happened to encounter this with a support customer today. It appears a reload of strongswan doesn't correctly enable ... Chris Buechler
03:30 PM Revision f1750639: Ignore cp result for cases when files are the same. Ticket #6557: Renato Botelho
03:17 PM Bug #6494 (Resolved): Hang during bootup on lock('filter.lock'): thanks for the feedback Chris Buechler
11:57 AM Bug #6494: Hang during bootup on lock('filter.lock'): I've never tried a 'snapshot' before this.
So... here goes.... While I'm waiting for 2.3.2.a.20160714.0044:
T... Harry Coin
03:15 PM Revision e18eadcc: Ignore cp result for cases when files are the same. Ticket #6557: Renato Botelho
03:04 PM Bug #6614 (Confirmed): Dashboard high CPU usage: the number of things that dynamically update is significantly higher than it was in 2.2.x and prior. Still, something... Chris Buechler
01:16 PM Bug #6614: Dashboard high CPU usage: I visit the package manager listing, loads hover around 1, processor 98% idle. Back to the dashboard: wait 20 sec fo... Harry Coin
12:32 PM Bug #6614 (Confirmed): Dashboard high CPU usage: In a very low traffic sandbox environment, the new 2.3.2 snapshot of today hums along with a load average of 0.48 or ... Harry Coin
02:11 PM pfSense Packages Todo #6443: Add ntopng package back into pfSense 2.3.x: Rich Murphey wrote:
> I've installed snapshot 2.3.2.a.20160606.1543, and ntopng via the web UI package manager.
>
... Jim Pingle
10:03 AM Bug #6610: Restore Config Interface Mismatch asks again on boot.: Once i fix the interface mismatch, and hit *apply changes* it reboots, and asks again at boot. Apply changes is not s... Adam Piasecki
05:09 AM Revision a90d497d: Merge pull request #3057 from wokis/master: Chris Buechler
03:48 AM Bug #6607: OpenVPN server won't start after reboot, when set to a Gateway Group specifing CARP VIPs: See: VPA-15570 Steve Wheeler
03:14 AM Feature #6569: Support Rockwell ZODIAC binary protocol (Jupiter receiver) for high precision: Using gpsctl to initialize the GPS is rather slow, due to the repeated auto-detection (even when the device type is f... Bruce Simpson
03:09 AM Feature #6569: Support Rockwell ZODIAC binary protocol (Jupiter receiver) for high precision: uBlox5 1PPS modifications. From memory, I believe green is TX data (at 3.3V level), grey is 1PPS (also 3.3V; configur... Bruce Simpson
02:21 AM Feature #6569: Support Rockwell ZODIAC binary protocol (Jupiter receiver) for high precision: Woops. Forgot to update the comment about 1PPS. We need it to supply only UTC seconds, and that's what the blob does.... Bruce Simpson
02:10 AM Feature #6569: Support Rockwell ZODIAC binary protocol (Jupiter receiver) for high precision: This !ublox5-boot.sh! is a bit ugly to embed in Shellcmd, but good enough to copy to /root and invoke from there. Bruce Simpson
01:19 AM Feature #6569: Support Rockwell ZODIAC binary protocol (Jupiter receiver) for high precision: I now have a fix. I traced this back to an error in the NAVX5 message.
There is a 2-byte version (0000) in front wh... Bruce Simpson
12:20 AM Bug #4544: PD not requested if no interfaces set to track6: The code here is at fault.
https://github.com/pfsense/pfsense/blob/master/src/etc/inc/interfaces.inc#L3927
It sh... Chris Buechler
12:09 AM Bug #6609 (Feedback): OpenVPN Radius auth doesn't send NAS attributes and is not consistent with how strongSwan does it: Thanks, merged to master for 2.4. Chris Buechler

07/13/2016

11:43 PM Bug #6223: IPsec + OpenBGPD fails with "PF_KEY socket: No buffer space available": bumping net.inet.raw.maxdgram, net.inet.raw.recvspace, net.raw.recvspace and net.raw.sendspace even further seems to ... Chris Buechler
11:39 PM Feature #6569: Support Rockwell ZODIAC binary protocol (Jupiter receiver) for high precision: Success pushing uBlox5 into binary mode; but don't let gpsd write to
the GPS (-b switch) just in case. I got NMEA a... Bruce Simpson
10:17 PM Feature #6569: Support Rockwell ZODIAC binary protocol (Jupiter receiver) for high precision: I hate little endian. Endian little hate I. This is the endian-fixed CFG-PRT packet. I get only UBX now, but I don't ... Bruce Simpson
10:04 PM Feature #6569: Support Rockwell ZODIAC binary protocol (Jupiter receiver) for high precision: According to Pg. 10 of [[http://www.pcengines.ch/schema/alix6b.pdf]], there is no way to power-cycle the MiniPCIe USB... Bruce Simpson
09:37 PM Feature #6569: Support Rockwell ZODIAC binary protocol (Jupiter receiver) for high precision: Indeed, UBX messages are little-endian by definition. I'll have to revisit this -- being dragged into other things at... Bruce Simpson
09:07 PM Feature #6569: Support Rockwell ZODIAC binary protocol (Jupiter receiver) for high precision: OK. I'm having trouble with the uBlox5. Specifically, it is difficult to force the unit into a binary-only mode; it d... Bruce Simpson
11:40 AM Feature #6569: Support Rockwell ZODIAC binary protocol (Jupiter receiver) for high precision: Picture of modified u-Blox5 unit -- pictures of modification (on lower side PCB) to follow !P1010540.jpeg! Bruce Simpson
09:29 AM Feature #6569: Support Rockwell ZODIAC binary protocol (Jupiter receiver) for high precision: I am pivoting back to working on u-Blox 5 with GPSD, now that the SUT for Rockwell Jupiter is being soak-tested with ... Bruce Simpson
11:23 PM Bug #6548 (Resolved): Enclosed delimiters not protected in DHCP client advanced options: works Chris Buechler
02:57 PM Bug #6548 (Feedback): Enclosed delimiters not protected in DHCP client advanced options: PR #3020 merged, thanks! Renato Botelho
02:05 PM Bug #6548: Enclosed delimiters not protected in DHCP client advanced options: I'll handle this Renato Botelho
10:09 PM Bug #6494: Hang during bootup on lock('filter.lock'): That seems to work.
Harry: could you please try the latest 2.3.2 snapshot ASAP (we're looking to build release on... Chris Buechler
03:30 PM Bug #6494 (Feedback): Hang during bootup on lock('filter.lock'): Yes, this looks correct. In addition to this fix I would like to open the files with FD_CLOEXEC set, but I could not ... Luiz Souza
10:01 PM Revision c323224d: Fix #6050 DHCP - provide Network Booting display/hide advanced button: This one moves the "Network Booting" above the "Additional BOOTP/DHCP Options". That allows "Network Booting" to be a... Phil Davis
10:01 PM Revision 0666f04e: Merge pull request #3052 from phil-davis/patch-3: Renato Botelho
09:18 PM Revision a409a857: Added and modified functions to send correct Radius attributes to the Radius authenticator.: Kacper Boström
07:56 PM Revision c34b069e: simplify DHCP_Config_Option_Split, no loop needed for returning option array: (cherry picked from commit 264ca54e406eee7c01b01f748aabd4a29e9c4872) Daniel Wilhelm
07:56 PM Revision 489091dc: Allow passing comma in string quoted DHCP client options: (cherry picked from commit 332a64d0c8a6486d40c6295351ca3068a77a216a) Daniel Wilhelm
07:55 PM Revision 9da88ef5: Merge pull request #3020 from shieldwed/Allow_comma_in_DHCP_option_string: Renato Botelho
07:43 PM pfSense Packages Bug #6612: squid Multi segmented downloading is broken: likely an issue in squid itself that should be reported there. They don't seem fond of download managers Chris Buechler
07:22 PM pfSense Packages Bug #6612 (Closed): squid Multi segmented downloading is broken: it looks like that squid Multi segmented downloading is broken again in squid.
TCP_MISS_ABORTED/206
It was fixe... ageekhere ageekhere
07:43 PM Bug #6607 (Not a Bug): OpenVPN server won't start after reboot, when set to a Gateway Group specifing CARP VIPs: subject isn't true. That was all fully verified in 2.3.1, and just checked again to verify on 2.3.1_5 and 2.3.2, and ... Chris Buechler
02:17 AM Bug #6607: OpenVPN server won't start after reboot, when set to a Gateway Group specifing CARP VIPs: Affected version is 2.3.1-RELEASE-p1. I am using SG-4860 hardware. r00 00m
02:14 AM Bug #6607 (Not a Bug): OpenVPN server won't start after reboot, when set to a Gateway Group specifing CARP VIPs: No problem for OpenVPN clients.
When OpenVPN server is set to a simple CARP VIP, it will start after reboot.
Wh... r00 00m
07:02 PM Bug #6611: Kernel panic when running PPPoE Server on tun/tap interface: Setting it to ovpn interface was just an attempt to see the result. Frank Schmied
06:57 PM Bug #6611 (Confirmed): Kernel panic when running PPPoE Server on tun/tap interface: also makes no sense to run on OpenVPN. That should be prohibited. other ticket is #4510 Chris Buechler
06:45 PM Bug #6611: Kernel panic when running PPPoE Server on tun/tap interface: I've seen the other ticket. The first attempt was on wan interface, which has a fixed ip (no PPPoE client). The secon... Frank Schmied
06:10 PM Bug #6611 (Feedback): Kernel panic when running PPPoE Server on tun/tap interface: what's the parent interface of the PPPoE? only way I know of doing something like this is making a PPPoE server inter... Chris Buechler
06:01 PM Bug #6611 (Closed): Kernel panic when running PPPoE Server on tun/tap interface: 2.3.1-RELEASE-p5, running in 64 bit kvm vm.
After updating PPPoE settings and confirmation by clicking the green s... Frank Schmied
06:22 PM Bug #6050 (Resolved): services_dhcp.php: "Network booting" section default style is confusing/easy to overlook: Looks good, thanks Phil Chris Buechler
05:02 PM Bug #6050 (Feedback): services_dhcp.php: "Network booting" section default style is confusing/easy to overlook: Merged, thanks Phil! Renato Botelho
04:32 PM Bug #6609: OpenVPN Radius auth doesn't send NAS attributes and is not consistent with how strongSwan does it: I fixed the lines that reverted the recent changes. My bad for committing things that really aren't part of the patch... Kacper Boström
04:08 PM Bug #6609: OpenVPN Radius auth doesn't send NAS attributes and is not consistent with how strongSwan does it: Thanks Kacper. Looks reasonable, outside the one line I left a comment on where a recent change was reverted, but som... Chris Buechler
03:57 PM Bug #6609: OpenVPN Radius auth doesn't send NAS attributes and is not consistent with how strongSwan does it: I've submitted a github pull request (#3057) fixing this issue. Kacper Boström
03:53 PM Bug #6609 (Confirmed): OpenVPN Radius auth doesn't send NAS attributes and is not consistent with how strongSwan does it: Chris Buechler
11:31 AM Bug #6609 (Resolved): OpenVPN Radius auth doesn't send NAS attributes and is not consistent with how strongSwan does it: OpenVPN Radius auth doesn't send NAS Port-Type (which should be "Virtual") and NAS Port (which preferably should be t... Kacper Boström
04:09 PM Bug #4804 (Closed): PPPoE Restart won't update IPv6 routing table with gif: Chris Buechler
11:06 AM Bug #4804: PPPoE Restart won't update IPv6 routing table with gif: Chris,
no, I''m afraid as I don't use pfSense anymore! Armin Tueting
03:51 PM Bug #6610 (Not a Bug): Restore Config Interface Mismatch asks again on boot.: only if you didn't correct the interface mismatch and save that change. That only comes up when there are assigned in... Chris Buechler
12:04 PM Bug #6610 (Not a Bug): Restore Config Interface Mismatch asks again on boot.: When restoring a config with a interface mismatch, it prompts to fix the mismatch, after this it reboots the system. ... Adam Piasecki
03:21 PM Bug #6315 (Resolved): tftp-proxy is not functioning properly through xinetd: works Renato Botelho
02:59 PM Bug #6315 (Feedback): tftp-proxy is not functioning properly through xinetd: Luiz pushed a fix fot xinetd - https://github.com/pfsense/FreeBSD-ports/commit/eeb3abaa71905ccaec35b0bee7bc4dcc40cfc306 Renato Botelho
12:00 PM Bug #6594: Package reinstallation post-config restore hangs if no Internet connectivity: This happens even without packages installed. I restored a config without any package information in it. Even selecte... Adam Piasecki
11:41 AM Bug #6074 (Resolved): Odd wrap behavior on sortable tables: works Renato Botelho
10:02 AM Bug #4031: Notifications mail bomb in some gateway failure circumstances: I too have seen this I shut off emails cause it makes gui inaccessible when it starts bombing no coding skills here b... Michael Kellogg
09:47 AM Bug #4031: Notifications mail bomb in some gateway failure circumstances: Luke Hamburg wrote:
> I noticed the target version was bumped to 2.4.0 and the assignee is still cmb — this one bit ... Jim Thompson
07:58 AM Bug #4031: Notifications mail bomb in some gateway failure circumstances: I noticed the target version was bumped to 2.4.0 and the assignee is still cmb — this one bit me again this morning s... → luckman212
07:53 AM Revision 1a8e5f2f: Some tweaks to improve alignment in table with checkbox: 1) If a checkbox does not have a description (even if it is empty), layout will be broken as checkbox won't be aligne... NewEraCracker
05:52 AM Feature #6608 (New): backup and restore dhcp: good morning people,
I'm with a problem in dhcp backup restoration, I will explain the case.
My client has 3 ... caio dias de souza
01:49 AM pfSense Packages Todo #6443: Add ntopng package back into pfSense 2.3.x: I'm still having the issue with ntopng not restarting after a reboot, with the following errors in the log.
Jul 13... Andrew -
01:40 AM pfSense Packages Feature #6204: Integrate ntopng with pfSense - assistance required by ntopng developer: Hi
I think this ticket is different to #6443.
#6443 is simply about getting ntopng back into pfSense 2.3, follo... Andrew -
01:18 AM Revision 0d9fc91c: Merge pull request #2847 from jazzl0ver/patch-1: Chris Buechler
01:14 AM Revision 9046c581: Merge pull request #2966 from scipiojr/master: Chris Buechler
01:11 AM Revision 6c947c1d: Merge pull request #3007 from stilez/patch-34: Chris Buechler

07/12/2016

11:10 PM Revision a8f24429: style sortable tables: Jared Dillard
11:10 PM Revision f78b316a: clean up captive poral widget: Jared Dillard
11:10 PM Revision ff24fa40: change order of css files in head element: Jared Dillard
11:08 PM pfSense Packages Bug #4634 (Resolved): Still broken openbgpd config generation logic in 2.2: fixed last year Chris Buechler
11:08 PM Revision b9212b15: style sortable tables: Jared Dillard
11:08 PM Revision c6310cf4: clean up captive poral widget: Jared Dillard
11:07 PM Revision 79c50872: change order of css files in head element: Jared Dillard
11:07 PM pfSense Packages Bug #3605 (Closed): Dansguardian not saving groups config files with correct PICS paths.: package no longer exists, and Dansguardian itself is not maintained Chris Buechler
11:07 PM pfSense Packages Bug #3439 (Closed): TFTP - cannot start or restart from Status -> Services: package no longer exists Chris Buechler
11:00 PM pfSense Packages Bug #2920 (Not a Bug): OSPF on interfaces with IP Alias and carp unpredictable: Chris Buechler
10:54 PM Bug #4500 (Confirmed): UPnP/NAT-PMP status page does not display all port mappings: Chris Buechler
10:53 PM Feature #4495 (Duplicate): IPv6 support for DynDNS client: duplicate of #1825 Chris Buechler
10:53 PM pfSense Packages Feature #6204 (Duplicate): Integrate ntopng with pfSense - assistance required by ntopng developer: duplicate of #6443 Chris Buechler
08:15 PM Bug #2800 (Feedback): OpenVPN doesn't work properly with intermediate/chained CAs: Merged PR 2966 for 2.4 to address this.
https://github.com/pfsense/pfsense/pull/2966
If OpenVPN Client Export ne... Chris Buechler
08:12 PM Revision e1f0ea2e: Merge pull request #2905 from Chrisc-c-c/LAGG-MTU: Chris Buechler
08:03 PM Todo #6606 (Resolved): Adapt captive portal to work without multi-instance ipfw: Captive portal needs to be adapted to work minus the multi-instance ipfw capabilities. Chris Buechler
07:46 PM Bug #6605 (Confirmed): rc.linkup logic issues with actions taken: The actions taken by rc.linkup differ depending on whether the interface has a static or no IPv4 and IPv6 IP, and eve... Chris Buechler
06:14 PM Bug #6074 (Feedback): Odd wrap behavior on sortable tables: I added a CSS nowrap property and a "table-responsive" div to the captive portal widget as well as styled the sortabl... Jared Dillard
03:12 PM Bug #6227 (Feedback): LAGG MTU not set correctly when it has child QinQ interfaces: PR merged Chris Buechler
03:06 PM Bug #6507: GRE and GIF tunnels on dynamic IPv6 interface are not brought up during boot: Any idea? Is there any hook we can bind to? Like change of interface ip addresses? Which could get our tunnels reconf... Daniel Hoffend
01:17 PM Bug #6044: system>monitoring tooltip unit "null" for some graphs: works Renato Botelho
01:16 PM Bug #6044 (Resolved): system>monitoring tooltip unit "null" for some graphs: fixed Chris Buechler
01:13 PM Bug #6181 (Resolved): Updating url alias tables fails when remote server returns empty document.: works Renato Botelho
12:51 PM Bug #6291 (Resolved): Serial console data fields not displayed on nanobsd VGA: works Renato Botelho
11:24 AM Bug #6315: tftp-proxy is not functioning properly through xinetd: I reproduced it on stock FreeBSD and opened a ticket on FreeBSD's bugzilla - https://bugs.freebsd.org/bugzilla/show_b... Renato Botelho
09:30 AM Bug #4754 (Resolved): enabling net.inet.ipsec.directdispatch on 32 bit results in kernel panics: Renato Botelho
09:16 AM Bug #6402 (Resolved): Monitoring won't save default configuration of 8 hours with 1 minute resolution, resets resolution to 5 minutes when switching from 1 hour, 1 minute resolution: works Renato Botelho
05:23 AM pfSense Packages Bug #6603: pfblockerng's Unbound modifications leave system broken post-config restore: Oh, and - the original problem is much worse on nanobsd - no config restore needed. This breaks on every system upgra... Kill Bill
05:17 AM pfSense Packages Bug #6603: pfblockerng's Unbound modifications leave system broken post-config restore: Rather than such ad hoc hacks - cannot we get something like the sanity checking from pfBNG to Unbound itself? Like, ... Kill Bill
03:57 AM Bug #6572: Config sync hangs php-fpm on secondary: Hi Chris,
Any updates please? Kindly ask should you require further information if needed from our end, thanks.
... Brian Stivala
02:57 AM Revision d368b298: write_config before openvpn_resync here as well. Ticket #6139: Chris Buechler
02:57 AM Revision 5a9c3449: write_config before openvpn_resync here as well. Ticket #6139: Chris Buechler

07/11/2016

11:19 PM pfSense Packages Bug #6603: pfblockerng's Unbound modifications leave system broken post-config restore: It can get complicated if a user adds other *include: /blah/blah.conf* lines, but splits it into two lines.... For th... BBcan177 .
11:13 PM pfSense Packages Bug #6603: pfblockerng's Unbound modifications leave system broken post-config restore: Yes, this is a known issue... I can't fix it in the package as it needs to be addressed in unbound.inc.
I can add ... BBcan177 .
05:22 PM pfSense Packages Bug #6603 (Resolved): pfblockerng's Unbound modifications leave system broken post-config restore: pfblocker's "include: /var/unbound/pfb_dnsbl.conf" in the Unbound config leaves you with a broken system after config... Chris Buechler
11:06 PM Feature #6388 (Resolved): Status / Dashboard save changes for all users: works Chris Buechler
10:47 PM Bug #6601 (Confirmed): Horizontal scroll bar on Installed Packages: Chris Buechler
04:04 PM Bug #6601 (Resolved): Horizontal scroll bar on Installed Packages: On Installed Packages page horizontal bottom scroll bar appears. Jared has all the information. Ivor Kreso
10:20 PM Feature #6604: Allow NTP server list to be overridden by DHCP/PPP: Enabling this option would of course enable the ntp service to use the DHCP supplied NTP servers (section 8.3 of http... Danny Schuh
10:11 PM Feature #6604 (New): Allow NTP server list to be overridden by DHCP/PPP: In the System / General Setup page, there is a DNS Server Settings option to "Allow DNS server list to be overridden ... Danny Schuh
10:19 PM Todo #6586 (Resolved): interfaces_gre_edit.php: Checkbox options that set link0, link1, and link2 appear to be no-ops on FreeBSD now: works Chris Buechler
11:52 AM Todo #6586 (Feedback): interfaces_gre_edit.php: Checkbox options that set link0, link1, and link2 appear to be no-ops on FreeBSD now: Tested OK here. Leaving open for another run once it's in snapshots. Jim Pingle
10:16 PM Todo #6587 (Resolved): interfaces_gif_edit.php: Link flag changes need to catch up with FreeBSD: all good Chris Buechler
11:52 AM Todo #6587 (Feedback): interfaces_gif_edit.php: Link flag changes need to catch up with FreeBSD: Tested OK here. Leaving open for another run once it's in snapshots. Jim Pingle
10:08 PM Bug #6595 (Resolved): Checking advanced DHCP config checkbox breaks option to ignore DHCP lease from specific IP: fixed Chris Buechler
10:04 PM Bug #6464 (Resolved): X axis ticks don't respond to resolution for custom time periods: fixed Chris Buechler
10:03 PM Bug #6138 (Confirmed): Long hostnames overlap the "time" title in the Monitoring graphs: Chris Buechler
10:00 PM Bug #6139: vpn_openvpn_server.php - When saving a server, all CSCs should be resynced: same order change made on vpn_openvpn_client.php
JimP: can you confirm whether this fixed the issue you were seein... Chris Buechler
09:55 PM Bug #6597 (Resolved): "PPPoE clients" placeholder wrong in firewall rules, floating rules on PPPoE creates broken ruleset: works Chris Buechler
09:41 PM Bug #5993: dhcp6c not started until an RA received: Martin Wasley wrote:
> I finally managed to get back to this after several weeks having to work for a living. The fi... Kevin Morse
09:22 PM Bug #6400 (Confirmed): assign_interfaces.php issues with large numbers of interfaces: Not seeing any issues with 200 assigned interfaces (somewhat slower than 2.2.x, but still usable), but take it up to ... Chris Buechler
08:44 PM Bug #6520 (Duplicate): Time out when trying to look at interfaces_assign.php: same as #6400 Chris Buechler
04:57 PM Feature #6602 (New): Config writes denied via "deny config write" permission should notify as such: If you have a group set with the deny config write privilege, its config saves look to the user to have been successf... Chris Buechler
04:44 PM Revision ee9fb7bc: Add upgrade code to clean up the old GRE/GIF flags that are no longer used. Ticket #6586 and Ticket #6587: Jim Pingle
04:44 PM Revision 2cc19f46: Align GIF link options with those currently supported by the base OS. Ticket #6587: Jim Pingle
04:44 PM Revision b5baa9e7: Remove GRE link flag options from GUI/backend. Keep link1 as it was also used to add an explicit static route, though the GUI previous GUI option name wasn't related to that at all. Updated GUI description to match reality. Ticket #6586: Jim Pingle
04:42 PM Revision b9087e1d: Add upgrade code to clean up the old GRE/GIF flags that are no longer used. Ticket #6586 and Ticket #6587: Jim Pingle
04:04 PM Revision ab28a010: Align GIF link options with those currently supported by the base OS. Ticket #6587: Jim Pingle
03:42 PM Revision 43c40296: Remove GRE link flag options from GUI/backend. Keep link1 as it was also used to add an explicit static route, though the GUI previous GUI option name wasn't related to that at all. Updated GUI description to match reality. Ticket #6586: Jim Pingle
02:51 PM Feature #6600: DHCP Server - Primary DDNS Address won't accept IPv6 address: the way that field is used, it must be an IPv4 IP. 'primary' is where it's specified in dhcpd.conf, which must be IPv... Chris Buechler
10:04 AM Feature #6600 (Resolved): DHCP Server - Primary DDNS Address won't accept IPv6 address: For the DDNS feature in the DHCP Server one cannot enter an IPv6 address. The error message is: ... Pim Pish
02:23 PM Bug #6315 (Assigned): tftp-proxy is not functioning properly through xinetd: working on that Renato Botelho
01:35 PM Bug #6355 (Feedback): DHCP relay listens for dhcp requests on the upstream interface.: Patch imported from debian, also submitted the fix for FreeBSD at https://reviews.freebsd.org/D7190 and opened a bug ... Renato Botelho
12:42 PM Bug #6355 (Confirmed): DHCP relay listens for dhcp requests on the upstream interface.: Working on it Renato Botelho
12:28 PM Feature #6172 (Resolved): Restore the traffic totals previously displayed in RRD graphs data summary.: Status_Traffic_Totals package is now available Renato Botelho
07:29 AM Bug #5934: When two distinct Phase 1 are configured, only the first one connects ar startup: Hi Chris,
I said to Renato that 2.3.x fixed the issue, but forgot to update the ticket here, my bad!
But just f... Luiz Fernando Cavalcanti
02:32 AM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic: OMG.
The NAT 1:1 problem using limiters persist.
Works well on 2.1.5, 2.2.x = BAD, 2.3.x = BAD sigh ! We are forc... Luca De Andreis
01:21 AM Revision b1be0cdc: write_config before calling openvpn_resync. Ticket #6319: Chris Buechler
01:21 AM Revision 82b8011b: write_config before calling openvpn_resync. Ticket #6319: Chris Buechler
12:40 AM Revision 89f140d3: Fix firewall rules for PPPoE server: 1) PPPoE Clients are located within 'Remote Address Range' (sa) and not Server Address (ip), see lines 1194 and 1195.... NewEraCracker
12:39 AM Revision 9850771f: Merge pull request #3032 from NewEraCracker/patch-pppoe-rules: Chris Buechler
12:21 AM Revision 8f1a91f7: Properly follow style guidelines.: Nash Kaminski
12:21 AM Revision eb6cbf8c: Include ignored DHCP server(s) config option even when advanced DHCP config is enabled: Nash Kaminski
12:20 AM Revision 497a0358: Merge pull request #3054 from nkaminski/master: Chris Buechler

07/10/2016

11:51 PM Bug #6595: Checking advanced DHCP config checkbox breaks option to ignore DHCP lease from specific IP: Minor description correction: ...is no longer included in the actual DHCP server config file.. should read ...is no ... Nash Kaminski
07:21 PM Bug #6595 (Feedback): Checking advanced DHCP config checkbox breaks option to ignore DHCP lease from specific IP: PR fixes, merged. leaving to confirm once it hits a snapshot Chris Buechler
07:19 PM Bug #6595 (Confirmed): Checking advanced DHCP config checkbox breaks option to ignore DHCP lease from specific IP: Chris Buechler
04:24 AM Bug #6595: Checking advanced DHCP config checkbox breaks option to ignore DHCP lease from specific IP: This bug also appears to a regression from 2.2.x since the "DHCP Advanced configuration" option did not exist and the... Nash Kaminski
04:20 AM Bug #6595 (Resolved): Checking advanced DHCP config checkbox breaks option to ignore DHCP lease from specific IP: When the advanced DHCP configuration option checkbox is checked for an interface setup as a DHCP client, such as the ... Nash Kaminski
11:30 PM Bug #6599 (Not a Bug): Routing problem with IKE v2: Please post to the forum for assistance, this isn't a bug. Chris Buechler
09:00 PM Bug #6599 (Not a Bug): Routing problem with IKE v2: Following a suggestion to use IKE v2 instead of L2TP/IPsec, I have set up an IKE v2 IPsec connection following https:... Bruno Grossmann
08:24 PM Bug #6139 (Feedback): vpn_openvpn_server.php - When saving a server, all CSCs should be resynced: Saving a server triggers openvpn_resync_all which runs openvpn_resync_csc: ... Chris Buechler
08:10 PM Bug #4630 (Not a Bug): OpenVPN Client Limiting Download Speeds: there aren't any general performance regressions in OpenVPN. Chris Buechler
07:43 PM Bug #6598 (Resolved): "PPPoE clients" placeholder in rules only includes first PPPoE server instance: The "PPPoE clients" placeholder in firewall rules only includes the client subnet of the first instance of the PPPoE ... Chris Buechler
07:40 PM Bug #6597 (Resolved): "PPPoE clients" placeholder wrong in firewall rules, floating rules on PPPoE creates broken ruleset: Couple issues with firewall rules and PPPoE server.
1) the "PPPoE Clients" network wrongly fills in the server IP... Chris Buechler
05:02 PM Revision 16457f23: Properly follow style guidelines.: Nash Kaminski
04:58 PM Revision 8c661bc8: DHCP6 init before RA: Some ISP BNG's require that a dhcp6c init is sent before RA. The
additions to interfaces.php adds a new option flag ... Martin Wasley
01:55 PM Bug #6494: Hang during bootup on lock('filter.lock'): Corrected patch (ln -s terms swapped)... Harry Coin
11:58 AM Bug #6596: Not able to connect from Windows 7 to L2TP/IPsec: Thanks. The strongswan ticket seems to indicate the issue was fixed 4 years ago though so I am not quite sure what I ... Bruno Grossmann
11:44 AM Bug #6596 (Closed): Not able to connect from Windows 7 to L2TP/IPsec: There isn't anything we can do for that. It's an issue in Windows when connecting to strongSwan. https://wiki.strongs... Jim Pingle
10:31 AM Bug #6596: Not able to connect from Windows 7 to L2TP/IPsec: Log for IPsec is displayed in ipsec_log0.png. Tcpdump log is in tcpdump_enc0.png
Do not hesitate to contact me if ... Bruno Grossmann
10:28 AM Bug #6596 (Closed): Not able to connect from Windows 7 to L2TP/IPsec: Hello,
First, thanks for all your work. This is a fine product that I have used numerous times and it usually works ... Bruno Grossmann
09:08 AM Revision 4feecbff: Include ignored DHCP server(s) config option even when advanced DHCP config is enabled: Nash Kaminski
07:29 AM Feature #6569: Support Rockwell ZODIAC binary protocol (Jupiter receiver) for high precision: It may be that the best way forward is to go with GPSD instead of NTPD refclock_nmea. The NTPsec people broadly overl... Bruce Simpson
07:25 AM Feature #6569: Support Rockwell ZODIAC binary protocol (Jupiter receiver) for high precision: Ironically, IEEE 1588 provides for this loss of fix by allowing a clock to advertise that it's lost its primary refer... Bruce Simpson
07:20 AM Feature #6569: Support Rockwell ZODIAC binary protocol (Jupiter receiver) for high precision: Here's a picture of the Rockwell-based SUT: !P1010521.jpeg!
It is occasionally losing the fix. That's kind of a pr... Bruce Simpson
06:06 AM Feature #6573: /var/run/dmesg.boot: Perfect.
Thank you! Jose Luis Duran
03:49 AM Feature #6573 (Resolved): /var/run/dmesg.boot: works Chris Buechler
05:56 AM Revision 86d431a8: Remove input_errors2Ajax calls, was never implemented. Ticket #3027: Chris Buechler
04:36 AM Revision 0cb7999c: fix typo. noticed-by: phil.davis: Chris Buechler
04:35 AM Revision 9da9b523: fix typo. noticed-by: phil.davis: Chris Buechler
03:53 AM Bug #6335 (Confirmed): Status > IPsec shows both connected and disconnected with Split Connections enabled: Chris Buechler
03:48 AM Feature #6002 (Resolved): UPNP presentation_url and model_number: works Chris Buechler
12:10 AM Feature #6002 (Feedback): UPNP presentation_url and model_number: PR was merged for this a couple weeks ago Chris Buechler
03:41 AM Feature #6533 (Resolved): Allow configuration of Min and MaxRtrAdvInterval, AdvDefaultLifetime: fixed Chris Buechler
03:41 AM Bug #6581 (Resolved): Router Advertisement forces (possibly empty) interface subnet contrary to GUI text, can crash radavd on boot.: fixed Chris Buechler
01:01 AM Bug #6297 (Resolved): rc.linkup doesn't trigger filter reload: works Chris Buechler
12:58 AM Bug #3027 (Resolved): input_errors2Ajax function: removed all references to input_errors2Ajax. Chris Buechler
12:49 AM Feature #2969 (Closed): Automatic config.xml recovery / reinstallation: the "rescue config" option in the installer works for this. Chris Buechler
12:45 AM Bug #3355 (Resolved): Interface monitor logic changes firewall tables too late for DynDNS: the fix for #4066 also addresses this Chris Buechler
12:39 AM Bug #4710 (Duplicate): System Log - Firewall Fails to 'Click to Resolve' for IPv6 Addresses: addressed in #6585 Chris Buechler
12:36 AM Bug #4528 (Duplicate): no DynDNS RFC2136 Updates are done on some pfSense-installations: duplicates #6357 Chris Buechler
12:33 AM Bug #3626 (Not a Bug): rc.start_packages called twice on startup if WAN is set to DHCP: It's correct that it does so. There is another ticket to improve which packages restart on dynamic WAN reconnection Chris Buechler
12:31 AM Bug #3965 (Confirmed): dhcp6c started before bridge configured at boot, preventing interface tracking: Chris Buechler
12:24 AM Bug #5791 (Confirmed): tftp-proxy functionality is easilly broken by unrelated rules: Chris Buechler
12:22 AM Bug #5378 (Closed): Intel x710 10GbE NIC doesn't work (no carrier): Likely this is fine on 2.3.x with the latest driver. If not, should be reported upstream to FreeBSD. Chris Buechler
12:21 AM Bug #4749 (Duplicate): DHCPv6 server not disabling after initial setup: duplicate of other that was fixed in 2.3.x Chris Buechler
12:17 AM Bug #5890 (Resolved): "External config loader" not loading config.xml from USB at boot: fixed in 2.3.0 and newer Chris Buechler
12:16 AM Bug #5934 (Not a Bug): When two distinct Phase 1 are configured, only the first one connects ar startup: no apparent issues here, and no feedback Chris Buechler
12:14 AM Revision 1a33a597: set net.isr.dispatch instead since net.inet.ipsec.directdispatch no longer exists. Ticket #4754: Chris Buechler
12:13 AM Bug #6275 (Confirmed): Disconnected IPsec phase 2 entries are not shown in IPsec status: Pre-strongswan, each P2 showed as its own entry on status_ipsec.php, so you could see which defined P2s were up and d... Chris Buechler
12:12 AM Revision 9a330eff: Remove workaround for Ticket #4754 in 2.4 since 32 bit is dead.: Chris Buechler
12:07 AM Revision d12fc6cd: Add config option for AdvDefaultLifetime, clean up descriptions on other. Ticket #6533: Chris Buechler
12:06 AM Revision d37bd612: Add config option for AdvDefaultLifetime, clean up descriptions on other. Ticket #6533: Chris Buechler

07/09/2016

11:40 PM Revision 48eb136f: Add configuration for Min and MaxRtrAdvInterval. Ticket #6533: Chris Buechler
11:40 PM Revision c3099b79: Add configuration for Min and MaxRtrAdvInterval. Ticket #6533: Chris Buechler
09:26 PM Bug #3069 (Resolved): traceroute6 fails to timeout and hangs the webconfigurator GUI: works Chris Buechler
09:11 PM Bug #4326: Limiters on firewall rules where NAT applies drop all traffic: Since we are not getting a solution any time soon, i guess we can use 2 pfsense boxes in line one with limiter and t... oscar velazquez
08:54 PM Bug #6594 (Resolved): Package reinstallation post-config restore hangs if no Internet connectivity: If you restore a config, and upon reboot the system doesn't have Internet connectivity when trying to update metadata... Chris Buechler
08:16 PM Bug #6582 (Resolved): Import on Firewall/Aliases Only Works for IPs: works Chris Buechler
07:19 PM Bug #6590 (Resolved): Services - NTP: leap seconds file upload does not work: Chris Buechler
02:40 AM Bug #6590: Services - NTP: leap seconds file upload does not work: Works, thanks. ;) Kill Bill
02:30 AM Bug #6590: Services - NTP: leap seconds file upload does not work: Applied in changeset commit:76763c4c5a3d537b778243524a15ee9204f68c6f. Phillip Davis
02:22 AM Bug #6590 (Feedback): Services - NTP: leap seconds file upload does not work: Thanks Phil, PR merged. Chris Buechler
01:33 AM Bug #6590: Services - NTP: leap seconds file upload does not work: This is easy to fix - just a bit of magic code is missing to enable file uploads on this page.
PR https://github.com... Phillip Davis
07:18 PM Bug #6110 (Resolved): Default gateway switching not always working with PPP: Thanks Greg. Going to consider this fixed then, one of the other gateway-related tickets target 2.3.1 must have resol... Chris Buechler
02:48 AM Bug #6110: Default gateway switching not always working with PPP: Hi!
Nope, all fine here.
Tested multiple times... Greg M
07:17 PM Bug #4754 (Feedback): enabling net.inet.ipsec.directdispatch on 32 bit results in kernel panics: I removed that directdispatch sysctl from 2.4 entirely since 32 bit is gone there, and changed RELENG_2_3 to net.isr.... Chris Buechler
11:59 AM Bug #4754: enabling net.inet.ipsec.directdispatch on 32 bit results in kernel panics: Apparently this can also affect 2.3.x and that tunable is no longer present. To work around the issue, use @net.isr.d... Jim Pingle
07:08 PM Feature #6533 (Feedback): Allow configuration of Min and MaxRtrAdvInterval, AdvDefaultLifetime: added Min and MaxRtrAdvInterval as well as AdvDefaultLifetime.
Greg: if there are other options you'd like to see... Chris Buechler
02:47 AM Feature #6533: Allow configuration of Min and MaxRtrAdvInterval, AdvDefaultLifetime: Hi Chris!
Great news, are those Router lifetime, Route lifetime etc.. also added to be able to configure them? Greg M
02:19 AM Feature #6533 (Assigned): Allow configuration of Min and MaxRtrAdvInterval, AdvDefaultLifetime: this mostly done, want to review with fresh eyes tomorrow before committing though. Chris Buechler
02:31 PM pfSense Packages Bug #6592: squid does NOT use EDH and EECDH cipher suites because "tls-dh" is not configured and so these ciphers are silently dropped - see squid documentation: Seems to focus oon reverse proxy only. Alexander Wilke
12:56 PM pfSense Packages Bug #6592: squid does NOT use EDH and EECDH cipher suites because "tls-dh" is not configured and so these ciphers are silently dropped - see squid documentation: Already covered by https://github.com/pfsense/FreeBSD-ports/pull/110 when someone gets to it. Kill Bill
11:05 AM pfSense Packages Bug #6592 (Resolved): squid does NOT use EDH and EECDH cipher suites because "tls-dh" is not configured and so these ciphers are silently dropped - see squid documentation: Here it is documented how "http_port" can be configured:
http://www.squid-cache.org/Doc/config/http_port/
EDH and... Alexander Wilke
02:03 PM Feature #6569: Support Rockwell ZODIAC binary protocol (Jupiter receiver) for high precision: I seem to have a stable fix with 5-6 PRNs now. This is comparable to the uBlox5 unit (pfSense 2.3.1, i386, ALIX 6D2) ... Bruce Simpson
12:44 PM Feature #6569: Support Rockwell ZODIAC binary protocol (Jupiter receiver) for high precision: P.S. Those of us who are only using NTPD for reference clock support (and time distribution), and/or plan to run IEEE... Bruce Simpson
12:33 PM Feature #6569: Support Rockwell ZODIAC binary protocol (Jupiter receiver) for high precision: I'm still having some receiver issues, however...
I can get the higher quality SHM refclock derived from PPS in GP... Bruce Simpson
07:29 AM Feature #6569: Support Rockwell ZODIAC binary protocol (Jupiter receiver) for high precision: Proceeding under the assumption that refclock_jupiter.c may have bitrotted, I discovered that there is not a snowball... Bruce Simpson
12:48 PM pfSense Packages Feature #6593: squid: allow user to configure DH key size, SINGLE_DH_USE, NO-SSLv3, Cipher-Suites - performance improvement hint: Alexander Wilke wrote:
> For the user it would be good to have the possibility to modify "NO_SSLv3" using the WebUI ... Kill Bill
11:18 AM pfSense Packages Feature #6593 (Resolved): squid: allow user to configure DH key size, SINGLE_DH_USE, NO-SSLv3, Cipher-Suites - performance improvement hint: Squid has some additional options set like:
options=NO_SSLv2,NO_SSLv3,SINGLE_DH_USE (and should have "SINGLE_ECDH_... Alexander Wilke
07:32 AM Revision 68de2169: Fix #6050 DHCP - provide Network Booting display/hide advanced button: This one moves the "Network Booting" above the "Additional BOOTP/DHCP Options". That allows "Network Booting" to be a... Phil Davis
07:21 AM Revision bfc9741a: Fix #6590 NTPd Leapfile Upload: Phil Davis
07:21 AM Revision f5495307: Merge pull request #3050 from phil-davis/patch-1: Chris Buechler
06:32 AM Revision 76763c4c: Fix #6590 NTPd Leapfile Upload: Phil Davis
04:24 AM Revision cc4fc50b: Merge pull request #3037 from NOYB/Check_IP_Services: Chris Buechler
03:12 AM Revision 350a7001: Leave this to 2.4 only for now. Revert "Omit non-qualified hostnames from unbound's local-data. Ticket #6064": This reverts commit cde0ef17a60cffa4a54f3ab4922b77bc0447d068. Chris Buechler
03:11 AM Revision 0fa68840: Exclude non-qualified hostnames from hosts file. Ticket #6064: Chris Buechler
03:04 AM Revision cde0ef17: Omit non-qualified hostnames from unbound's local-data. Ticket #6064: Chris Buechler
03:02 AM Revision f1db82ac: Omit non-qualified hostnames from unbound's local-data. Ticket #6064: Chris Buechler
02:58 AM Revision 6a8dc7bc: Call filter_configure in rc.linkup. Ticket #6297: Chris Buechler
02:57 AM Revision e3bda4fa: Call filter_configure in rc.linkup. Ticket #6297: Chris Buechler
02:54 AM Revision e2158306: Verify a valid IPv6 subnet is going to be used before including in radvd's config. Ticket #6581: Chris Buechler
02:52 AM Revision f8f8d131: Verify a valid IPv6 subnet is going to be used before including in radvd's config. Ticket #6581: Chris Buechler
02:37 AM Bug #6050: services_dhcp.php: "Network booting" section default style is confusing/easy to overlook: I have made 2 PRs with different ways to organize the page:
https://github.com/pfsense/pfsense/pull/3051
https://gi... Phillip Davis
01:19 AM Revision 84b6f05a: Missing closing quote: Doktor Notor
01:18 AM Bug #6577 (Resolved): pkg_edit.php: rowhelper data not preserved on validation error: works Chris Buechler
01:18 AM Revision 6ee6c8bb: Create /var/run/dmesg.boot symlink for vm-bhyve (Feature #6573): See https://redmine.pfsense.org/issues/6573 Doktor Notor
01:18 AM Revision a018cc36: Merge pull request #3049 from doktornotor/patch-2: Chris Buechler

07/08/2016

11:58 PM Feature #6569: Support Rockwell ZODIAC binary protocol (Jupiter receiver) for high precision: Something in the mix keeps setting the baud rate to 4800, though -- overriding /dev/cuau0.lock settings. My guess is ... Bruce Simpson
11:37 PM Feature #6569: Support Rockwell ZODIAC binary protocol (Jupiter receiver) for high precision: I have a shell script which configures the unit for 9600 baud binary operation. [[gpsdo-boot.sh]]
This requires th... Bruce Simpson
09:22 PM Feature #6569: Support Rockwell ZODIAC binary protocol (Jupiter receiver) for high precision: Swapping out the cables DID help. Always ensure you're using a high-quality, shielded serial cable for talking to a G... Bruce Simpson
11:28 PM Bug #6590 (Confirmed): Services - NTP: leap seconds file upload does not work: Chris Buechler
10:46 AM Bug #6590 (Resolved): Services - NTP: leap seconds file upload does not work: Grab the ftp://tycho.usno.navy.mil/pub/ntp/leap-seconds.list, try to upload it via Services - NTP - Leap seconds file... Kill Bill
11:25 PM Feature #6591 (Duplicate): Configurable DDNS check IP services: merged from PR 3037
https://github.com/pfsense/pfsense/pull/3037
ticket for tracking Chris Buechler
10:37 PM Bug #6153 (Confirmed): RFC 2136 Client fails to update more than 1 record: Chris Buechler
10:34 PM Bug #4843 (Not a Bug): Traffic Shapper Wizard: the hierarchy is correct Chris Buechler
10:31 PM Bug #4804: PPPoE Restart won't update IPv6 routing table with gif: Armin: you still seeing this on 2.3.1_5 (or newer)? Chris Buechler
10:30 PM pfSense Packages Bug #5511 (Resolved): quagga zebra.conf and openvpn interface: works Chris Buechler
10:29 PM Bug #5355: on Dynamic WAN IP (DHCP Client) it takes 10 minutes before Phase1 reconnects: The root cause here is likely that the SA that exists at the time of the IP change is still hanging around afterwards... Chris Buechler
10:20 PM Bug #6132 (Confirmed): race condition in OpenVPN startup: The root issue can still be a problem. Probably ought to put a lock around it, but long-term needs a better service m... Chris Buechler
10:13 PM Bug #6064 (Feedback): non-fully qualified hostnames included in hosts file and Unbound local-data: fix pushed to master/2.4 only, as that'll need more widespread testing than 2.3.2 will get before release. Chris Buechler
09:58 PM Bug #6297 (Feedback): rc.linkup doesn't trigger filter reload: fix pushed Chris Buechler
09:55 PM Bug #6249 (Confirmed): OpenVPN widget does not show client instance's IPv6 address: Chris Buechler
09:55 PM Bug #6416 (Resolved): wrong number for speed in /usr/local/www/services_ntpd_gps.php: fixed Chris Buechler
09:54 PM Bug #6581 (Feedback): Router Advertisement forces (possibly empty) interface subnet contrary to GUI text, can crash radavd on boot.: fix pushed Chris Buechler
05:19 AM Bug #6581 (Confirmed): Router Advertisement forces (possibly empty) interface subnet contrary to GUI text, can crash radavd on boot.: Needs to verify it's a valid subnet and prefix before getting into this block, and skip it if it's not.
https://git... Chris Buechler
09:26 PM Bug #6543 (Resolved): Some leases do not show up in DHCPv6 Lease status: works.
Whether systems show online or offline depends on whether the DHCPv6 leased IP is in the NDP cache. If the... Chris Buechler
05:28 PM Bug #6543: Some leases do not show up in DHCPv6 Lease status: Renato Botelho wrote:
> You can install the package "System Patches" and then apply following patch to you system:
... Axel Taferner
03:21 PM Bug #6543: Some leases do not show up in DHCPv6 Lease status: Axel Taferner wrote:
> Sorry, I can't confirm if the fix worked for me as I'm not running the snapshots. I'll open a... Renato Botelho
02:59 PM Bug #6543: Some leases do not show up in DHCPv6 Lease status: Sorry, I can't confirm if the fix worked for me as I'm not running the snapshots. I'll open another bug for the separ... Axel Taferner
01:47 PM Bug #6543: Some leases do not show up in DHCPv6 Lease status: Axel Taferner wrote:
> Awesome. Should I open another bug for the problem I mentioned where hosts who have staticall... Renato Botelho
11:12 AM Bug #6543: Some leases do not show up in DHCPv6 Lease status: Awesome. Should I open another bug for the problem I mentioned where hosts who have statically assigned dhcpv6 leases... Axel Taferner
09:50 AM Bug #6543 (Feedback): Some leases do not show up in DHCPv6 Lease status: Applied in changeset commit:1f9c2cb696f493aaaa3512f29c080b7e422b24f2. Renato Botelho
09:48 AM Bug #6543: Some leases do not show up in DHCPv6 Lease status: Pushed a fix on RELENG_2_3, 2.3.2 snapshots will be fine Renato Botelho
09:21 PM Bug #6110 (Feedback): Default gateway switching not always working with PPP: Greg M: does this still happen for you?
James M: you're referring to something entirely unrelated. Chris Buechler
09:19 PM Feature #6504 (Resolved): services_dhcp.php: DHCP Static Mappings table should be sortable: works Chris Buechler
08:19 PM Feature #6573 (Feedback): /var/run/dmesg.boot: PR merged Chris Buechler
11:22 AM Feature #6573: /var/run/dmesg.boot: https://github.com/pfsense/pfsense/pull/3049 Kill Bill
08:08 PM Bug #6557 (Resolved): nanobsd upgrades may fail from lacking resolv.conf: confirmed fixed on multiple upgrades Chris Buechler
07:31 PM Revision 87025b35: Fix indent and spaces: Renato Botelho
07:30 PM Revision 4041a5f1: Remove stray ': Renato Botelho
07:30 PM Revision ffa1178e: Fix indent and spaces: Renato Botelho
07:30 PM Revision 731e7cfd: Remove stray ': Renato Botelho
04:24 PM Revision 2e6883c5: Missing closing quote: Doktor Notor
04:22 PM Revision 25ff3fc9: Create /var/run/dmesg.boot symlink for vm-bhyve (Feature #6573): See https://redmine.pfsense.org/issues/6573 Doktor Notor
03:30 PM Revision 9461d208: Fix #6582 Allow import of ports: This change does:
1) Allow bulk import of a port alias. That happens when the Import
button is pressed from the Ports... Phil Davis
03:29 PM Revision 7d383978: Merge pull request #3046 from phil-davis/portimport: Renato Botelho
02:47 PM Revision 8f867225: Improve patterns to read dhcpd6.leases to prevent leases containing '}' in ia-na line not showing up. It fixes #6543: Renato Botelho
02:47 PM Revision 1f9c2cb6: Improve patterns to read dhcpd6.leases to prevent leases containing '}' in ia-na line not showing up. It fixes #6543: Renato Botelho
10:37 AM Feature #6415 (Duplicate): Restore "Period" data summary column (Status > Monitoring) in pfSense 2.3: This is a duplicate of #6172 Jared Dillard
10:35 AM Bug #6366 (Not a Bug): Status monitoring custom resolution quirkiness: Closing by submitter's request Renato Botelho
10:31 AM Bug #6582 (Feedback): Import on Firewall/Aliases Only Works for IPs: Merged, thanks! Renato Botelho
09:36 AM Revision d5861220: Fix #6585 Do not use [] syntax for lookups: IPv6 address plus port is displayed with the format [1:2::3]:80 - the address is in square brackets followed by colon... Phil Davis
09:33 AM Revision 65231ec5: Merge pull request #3047 from phil-davis/patch-2: Chris Buechler
08:40 AM Bug #6585 (Resolved): status_logs_filter.php ipv6 support (reverse lookup): Renato Botelho
08:26 AM Bug #6585: status_logs_filter.php ipv6 support (reverse lookup): This issue could be changed from "feature" to "bug". Phillip Davis
04:40 AM Bug #6585: status_logs_filter.php ipv6 support (reverse lookup): Applied in changeset commit:30df6b722d577fe8c1b38476244bfb797ec89b5a. Phillip Davis
04:38 AM Bug #6585 (Feedback): status_logs_filter.php ipv6 support (reverse lookup): Merged, thanks Phil. Chris Buechler
04:25 AM Bug #6585: status_logs_filter.php ipv6 support (reverse lookup): Thanks for testing.
The Firewall Log Dynamic view does not have the reverse lookup buton, so it won't be broken!
Th... Phillip Davis
02:19 AM Bug #6585: status_logs_filter.php ipv6 support (reverse lookup): It works!
Now for ipv6 addresses ptr records are returned,
and in case of no prt "Cannot resolve".
Great work, tha... Luca Moncelli
03:35 AM Bug #6394 (Resolved): INCORRECT OUTPUT OF TRANSLATION: fixed, thanks NewEraCracker Chris Buechler
01:34 AM Revision 30df6b72: Fix #6585 Do not use [] syntax for lookups: IPv6 address plus port is displayed with the format [1:2::3]:80 - the address is in square brackets followed by colon... Phil Davis
12:59 AM Bug #6437 (Confirmed): CBQ queues are not displaying options for bandwidth or borrowing: Steve: don't think this is extremely involved, if you can get it addressed in the next few days we can get it in for ... Chris Buechler
12:51 AM Revision 3db367fb: Show "cannot delete alias" message as error: If I try to delete an alias that is in use, the "cannot delete alias" message was being displayed as the "success" co... Phil Davis
12:09 AM Bug #6589 (Resolved): dhcpd.leases missing hostnames in some cases: Since the upgrade to ISC dhcpd 4.3 in 2.3x, several users have reported missing hostnames in the dhcpd.leases file. T... Chris Buechler

07/07/2016

08:58 PM Bug #6588 (Closed): PHP suhosin max value length prevents Quagga OSPF from storing a very large zebra.conf: pfsense 2.3.1-RELEASE-p5 (amd64)
Quagga_OSPF net 0.6.14
I tried to add some static routes in Services>Quagga OSP... Fisher Wei
08:39 PM Bug #6585: status_logs_filter.php ipv6 support (reverse lookup): The IPv6 addresses there are displayed using the [1:2::3]:80 format with [IPv6-address]:port which is good for displa... Phillip Davis
01:31 PM Bug #6585 (Resolved): status_logs_filter.php ipv6 support (reverse lookup): status_logs_filter.php reverse lookup lacks IPv6 support,
"i" click to resolve doesn't returs any info for IPv6 addr... Luca Moncelli
05:54 PM Bug #6543 (Confirmed): Some leases do not show up in DHCPv6 Lease status: Forwarded it to you, Renato. Chris Buechler
08:37 AM Bug #6543: Some leases do not show up in DHCPv6 Lease status: Axel Taferner wrote:
> I sent the email last week, I hope you received it.
Hello Axel,
Can you also send it to... Renato Botelho
04:17 PM Bug #6584 (Not a Bug): FirewallTraffic ShaperLimiters on in/out rule mixed up: That's correct. Upload is in on LAN, download is out on LAN. Chris Buechler
06:31 AM Bug #6584 (Not a Bug): FirewallTraffic ShaperLimiters on in/out rule mixed up: When apply traffic rule on the lan interface default any rule. the in and out is mixed up.
in= upstream (upload)
... danny van aalstede
03:22 PM Todo #6587 (Resolved): interfaces_gif_edit.php: Link flag changes need to catch up with FreeBSD: link0 is no longer supported on gif, it used to be multi-destination behavior, we had it labeled as "route caching" -... Jim Pingle
03:16 PM Todo #6586 (Resolved): interfaces_gre_edit.php: Checkbox options that set link0, link1, and link2 appear to be no-ops on FreeBSD now: gre(4) in FreeBSD 10.3 (and 10.2) no longer appears to support the link0/link1/link2 tweaks it used to have for route... Jim Pingle
02:55 PM Revision 1729ee29: Do not check platform to decide if enableserial and primaryconsole fields will be hidden, global parameters are the rule to decide it. Fixes #6291: Renato Botelho
02:54 PM Revision 2a884911: Do not check platform to decide if enableserial and primaryconsole fields will be hidden, global parameters are the rule to decide it. Fixes #6291: Renato Botelho
01:07 PM Bug #6334 (Resolved): No data periods in monitoring are represented as 0 (zero). Skewing averages.: Renato Botelho
12:53 PM Revision bada7f8b: Merge pull request #3045 from phil-davis/patch-2: Stephen Beaver
12:44 PM Feature #6561 (Resolved): diag_dns.php IPv6 support: Renato Botelho
12:42 PM Feature #6561: diag_dns.php IPv6 support: now works on 2.3.2.a.20160707.1019 : ipv4/ipv6 name lookup and reverse. Luca Moncelli
12:43 PM Bug #3069 (Feedback): traceroute6 fails to timeout and hangs the webconfigurator GUI: Imported traceroute6 patch to FreeBSD-src repo. It'll be available on next round of snapshots Renato Botelho
09:32 AM Bug #3069: traceroute6 fails to timeout and hangs the webconfigurator GUI: I'll make some tests and import the patch to our tree Renato Botelho
12:32 PM Feature #5498: RRD needs a makeover: Period data is now available in 2.3.2 snapshots in the new Traffic Totals package, based on the vnstat database.
h... Jared Dillard
12:30 PM Feature #6172 (Feedback): Restore the traffic totals previously displayed in RRD graphs data summary.: There is now a Traffic Totals package in 2.3.2 snapshots that shows traffic totals for hours/days/months, using the v... Jared Dillard
12:18 PM Feature #6569: Support Rockwell ZODIAC binary protocol (Jupiter receiver) for high precision: Bug in present patch: '$PRWIINIT,A,,,,,,,,,,,,,\r\n' is an absolute reset, losing the date. This may have caused inte... Bruce Simpson
11:39 AM Bug #5990: AES-GCM should be an allowed encryption algorithm for IKEv2 in P1: Can I suggest that in the meantime, there shouldn't be a default selection made for encryption algorithm? And further... Michael Newton
10:28 AM Bug #6395 (Resolved): Comments are not removed from URL Table (Ports) links: Renato Botelho
10:05 AM Bug #6395: Comments are not removed from URL Table (Ports) links: FYI - I need this update to be rolled up into 2.3.2 as I cannot upgrade to 2.3.1_5 directly without breaking firewall... Alex Vergilis
10:03 AM Bug #6395: Comments are not removed from URL Table (Ports) links: 2.3.1_5 appears to have fixed it. Thank you. Alex Vergilis
09:18 AM Bug #6395: Comments are not removed from URL Table (Ports) links: Alex Vergilis wrote:
> Phillip/Chris/Renato,
>
> I've noticed that I had to save the URL several times before the... Renato Botelho
10:00 AM Bug #6291 (Feedback): Serial console data fields not displayed on nanobsd VGA: Applied in changeset commit:2a8849119c7c48976161faeaedc477c347e9b724. Renato Botelho
09:55 AM Bug #6291: Serial console data fields not displayed on nanobsd VGA: It was replaced by $g['enableserial_force']. I've pushed a fix for System Advanced page Renato Botelho
09:20 AM Feature #6045: Updates that do not require a reboot should run reroot: All updates are requiring reboot nowadays while we didn't test reroot accordingly. IMO it's a big change for 2.3 seri... Renato Botelho
08:59 AM Bug #6582: Import on Firewall/Aliases Only Works for IPs: Yes, agree. It is new functionality that does not need to risk breaking something in 2.3.1_* Phillip Davis
08:55 AM Bug #6582: Import on Firewall/Aliases Only Works for IPs: Such a big change for 2.3.1, pushing it to 2.3.2 Renato Botelho
02:01 AM Bug #6582: Import on Firewall/Aliases Only Works for IPs: Suggested combination fix and enhancement pull request https://github.com/pfsense/pfsense/pull/3046 Phillip Davis
08:57 AM Bug #6583 (Not a Bug): Unbound Query Logging: Definitely works, no bug here.
Depending on your other selected options you may need to have a line before it for ... Jim Pingle
08:51 AM Bug #6583 (Feedback): Unbound Query Logging: I've added it to custom options without any problem. Make sure any extra char was not added by accident, check if unb... Renato Botelho
02:22 AM Bug #6583 (Not a Bug): Unbound Query Logging: It is not possible to configure query logging in the DNS Resolver UI page; adding "log-queries: yes" to the custom op... Chris Kuethe
08:34 AM pfSense Packages Bug #5713 (Rejected): SSHDCond package broken - Incorrect path in /etc/sshd file: sshdcond package was deprecated in pfSense 2.3 Renato Botelho
06:57 AM Revision e4c784bf: Fix #6582 Allow import of ports: This change does:
1) Allow bulk import of a port alias. That happens when the Import
button is pressed from the Ports... Phil Davis
06:39 AM Revision 04b571e8: Show "cannot delete alias" message as error: If I try to delete an alias that is in use, the "cannot delete alias" message was being displayed as the "success" co... Phil Davis
01:12 AM pfSense Packages Bug #6246 (Resolved): pfBlockerNG - filter rule error if all entries in a block list de-dupe out: thanks BBcan Chris Buechler

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

08/05/2016

08/04/2016

08/03/2016

08/02/2016

08/01/2016

07/31/2016

07/30/2016

07/29/2016

07/28/2016

07/27/2016

07/26/2016

07/25/2016

07/24/2016

07/23/2016

07/22/2016

07/21/2016

07/20/2016

07/19/2016

07/18/2016

07/17/2016

07/16/2016

07/15/2016

07/14/2016

07/13/2016

07/12/2016

07/11/2016

07/10/2016

07/09/2016

07/08/2016

07/07/2016