Activity
From 11/09/2016 to 12/08/2016
12/08/2016
-
02:36 PM Bug #6940: OpenVPN management socket not listening after bootup / cannot restart the service.
- Send by mail.
-
02:01 PM Bug #6940: OpenVPN management socket not listening after bootup / cannot restart the service.
- Pi Ba wrote:
> My setup 'at work' running on ESXi has 5 openvpn instances running on a carp-ip. Its connected to sev... -
- My setup 'at work' running on ESXi has 5 openvpn instances running on a carp-ip. Its connected to several networks/vl...
-
- Can you give us more details about your setup? I couldn't replicate it on a box with some tunnels configured
-
- Luiz, when you are touching it, it would be nice to add code on PHP side to deal with interface in tentative state so...
-
- Luiz pushed a fix for that deadlock. Next round of 2.4.0 snapshots will have it applied so we can test
https://git... -
07:29 AM Bug #6995: Security Issue - SquidAnalyzer
- There is no SquidAnalyzer anywhere in pfSense packages. If you are unable to secure random third-party stuff properly...
-
07:28 AM Bug #6995 (Rejected): Security Issue - SquidAnalyzer
- There is no pfSense package by that name.
Furthermore, any package that runs its own daemon on an alternate port h... -
07:23 AM Bug #6995: Security Issue - SquidAnalyzer
- If you open the URL directly, +access is accomplished *without* authentication+.
-
- I found this flaw when I was testing SquidAnalyzer.
I noticed that it is possible to access the URL of the package... -
- It happened at some point but I couldn't reproduce it anymore. Leaving ticket in feedback state for now
-
- I've pushed a fix for #6857 that should fix it
-
- Applied in changeset commit:4c6135c288444be99fbf18915e0e09d1d865ae25.
-
-
- If ldap server is configured using hostname and it depends of local DNS resolver it also fails
-
- It's possible but doesn't sound quite the same. Here's a capture of the initial exchange I grabbed yesterday where th...
-
- @jimp: Perhaps this is relevant to HTTPS not working?
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=194483 -
- PR has been merged. Thanks!
-
05:40 AM Bug #6992: ZoneEdit DDNS does not update to CARP IP
- Maybe sending the proper "dnsto" parameter to Zoneedit will fix this, see Pull Request:
https://github.com/pfsense/p...
12/07/2016
-
08:06 PM pfSense Packages Bug #6983: pfBlockerNG-2.1.1_4 requires xmlrpc.inc which is removed or moved
- BBcan177 . wrote:
> Workaround here:
> https://forum.pfsense.org/index.php?topic=120040.0
>
That workaround do... -
06:01 PM Bug #3973: Route 53 dynamic DNS provider fails to update record
- The use of the UPCERT action in 6751 should address this bug.
-
- Please check next round of 2.3.3 or 2.4.0 snapshots to make sure issue persists with current code
-
02:38 PM Bug #6994 (Closed): [Portuguese] - Traffic graphs shows overwritten words by traffic values
- Changing language to Brazilian portuguese makes traffic graphs look oddly in dashboard. Larger "Entrada"/"Saida" word...
-
- I pushed some changes to populate the HTTP_PROXY_AUTH variable and it works for HTTP, but HTTPS does not work using t...
-
12:56 PM Bug #6993 (New): OpenVPN status error during CARP state transition
- Running two devices in HA and have stacked one IP Alias onto the CARP IP. If I bind a OpenVPN server to the IP Alias ...
-
- Merged, thanks!
-
- I'll check it
-
- I finally remembered and cared enough :)
Pull Request https://github.com/pfsense/pfsense/pull/3259
-
- Merged, thanks!
-
11:42 AM Bug #6992 (Resolved): ZoneEdit DDNS does not update to CARP IP
- When using ZoneEdit Dynamic DNS, using dual wan with a gateway group for failover, ZoneEdit domain gets the WAN/Inter...
-
11:32 AM Bug #6990: DDNS IPs not updating after a system restart
- HE.net has two kinds of service, the DDNS service and the IPv6 tunnel. You must be talking about HE.net Tunnelbroker ...
-
- The HE.net looks definitely wrong. As noted there, you should use the Tunnel ID, and NOT hostname.
-
- I'm using a no-ip and a he service. Both of them updating the same wan IPv4 address.
Could you please tell me what e... -
- Opened a ticket upstream:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=215122 -
- Full config attached, but it's nothing special - default config + static address on WAN + off-subnet gateway.
-
- I was finally able to reproduce this reliably today, and out of 5 failures once I was able to catch what was consumin...
-
-
- PR has been merged, thanks!
-
- Please check next round of 2.3.3 or 2.4.0 snapshots, that contain an updated code, to see if the issue persists
-
- Matt, you mentioned you submitted a Pull Request, what is the #?
-
- Pull Request https://github.com/pfsense/pfsense/pull/3258
12/06/2016
-
- That was fast, thanks. :)
-
- PRs have been merged. Thanks!
-
- Plus https://github.com/pfsense/FreeBSD-ports/pull/223
-
- https://github.com/pfsense/pfsense/pull/3254
-
- It would add a lot of complication and also increase the amount of time/processing it would take to notice an upstrea...
-
- See:
https://redmine.pfsense.org/issues/4354
https://redmine.pfsense.org/issues/1189
for past discussion about thi... -
04:43 AM Feature #6989 (Closed): Add second IP to monitoring in "Gateway Monitoring"
- A problem arises when the gateway IP is available but the network behind the gateway is unavailable, or if alternativ...
-
- Pull Request https://github.com/pfsense/pfsense/pull/3257
-
-
- Not vulnerable to those. It was patched in the ports tree by FreeBSD back in July....
-
10:59 AM Bug #6982: Nested Aliases with FQDNs do not populate parent table in some cases
- Here is the aliases export I am using to test. It should match the screenshot above.
-
- IPv6 NPt on its own works, and IPv6 policy routing on its own works, but if traffic hits a rule that sets it on a pat...
-
- Applied in changeset commit:9c8ce38b01fb59dbd474367f77e8de67655f0275.
-
- Alexandre Paradis wrote:
> Would it be logical to Have a dropdown menu directly for Openvpn, and when clicked it wou... -
-
09:22 AM pfSense Packages Bug #5940: Squid Local Authentication fails with passwords >8 characters
- Hi Jim,
I´ve tested with a recent version of the Squid package on amd64 and i386 (I know i386 is nearly dead).
Bo... -
-
- Appears to be fixed: https://github.com/pfsense/FreeBSD-ports/blob/devel/www/pfSense-pkg-squid/files/usr/local/pkg/sq...
-
-
- OSI layer-8 problem as noted above, can be closed.
-
-
- Duplicate of #5594. Squid won't work with CP.
-
-
- Fixed by https://github.com/pfsense/FreeBSD-ports/commit/a6d15b81474396a043df664c2c645356d7718601 AFAICT, please test...
-
-
- In case you enabled "Cache Dynamic Content" and defined something there, then either disable it altogether or pick up...
-
- We are well aware that strongSwan supports it, but it's not that simple. There are other factors to consider such as ...
-
07:44 AM Feature #6384: Allow IPSEC P1 to have 2 peer remote gateway IP addresses to allow VPN failover faster without requiring DDNS
- I'll add my tests since I need this feature as well
strongSwan 5.5.0 which is used in pfSense 2.3 already supports... -
- Not nearly enough detail.
What are the exact types and services used in your Dynamic DNS configuration? You can ob... -
- When the system shuts down and then restarts (for example after a power failure) unsing a DSL connection with PPPoE, ...
-
- Duplicate of / Fixed by #6688
-
-
- No idea what's this patching, certainly not the current code @ https://github.com/pfsense/FreeBSD-ports/blob/devel/ww...
-
- I have no idea why's Squidguard logging something into Squid cache log. This is not a bug in Squid package, and given...
-
-
- Please close this. With Squid disabled, it won't ever start, let alone automatically restart.
-
-
- Fixed by https://github.com/pfsense/FreeBSD-ports/pull/185, can be closed.
-
05:34 AM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically
- Sorry, seems like bug #6000 has been deleted and i was not refering to feature #6000
-
01:57 AM pfSense Packages Bug #6988 (New): SNORT Package PHP memory error
- Crash report begins. Anonymous machine information:
amd64
10.3-RELEASE-p9
FreeBSD 10.3-RELEASE-p9 #1 5fc1b...
12/05/2016
-
10:42 PM pfSense Packages Bug #6987 (Closed): ntopng needs Google API key for GeoIP map
- ntopng needs to be updated to a version that supports use of a Google API key and the ntopng settings page needs a fi...
-
08:46 PM pfSense Packages Bug #6983: pfBlockerNG-2.1.1_4 requires xmlrpc.inc which is removed or moved
- Workaround here:
https://forum.pfsense.org/index.php?topic=120040.0
Will try to push a fix as time permits. -
04:03 AM pfSense Packages Bug #6983 (Resolved): pfBlockerNG-2.1.1_4 requires xmlrpc.inc which is removed or moved
- Hello,
I'm testing 2.4-BETA x64. Faced an issue with subject package installation:
@Warning: require_once(xmlrpc.... -
05:02 PM Bug #6823: No connectivity after changing link state to UP
- Jim Thompson wrote:
> We would have to provide the ports of the Intel drivers as packages, and then allow people to ... -
- Thanks as well.
(As for Status - NTP, AFAICT that'd require completely rewriting the code because of the "wonderf... -
- PR has been merged, thanks!
-
- Rules in the ruleset have reply-to, but any rules matching inbound traffic on non-default WANs fail to fully establis...
-
- As noted in the linked commit, it's not fixable in any reasonable way: https://github.com/pfsense/FreeBSD-ports/commi...
-
-
- Fixed in 3.0_10, please close.
-
-
- Obsolete unmaintained 2.2.x stuff, please close.
-
- Network Prefix Translation rules that worked on 2.3.2 are causing a filter reload error on 2.4
Real addresses mask... -
10:45 AM
Bug #6454 (Resolved): services_ntpd_acls.php: Can't change default options without setting custom access restriction
-
- Steve Beaver wrote:
> Applied in changeset commit:3b1c0951ddb913cefcf3aaca301c9a8803a50224.
Works, thanks. -
09:50 AM
Bug #6454 (Feedback): services_ntpd_acls.php: Can't change default options without setting custom access restriction
- Applied in changeset commit:3b1c0951ddb913cefcf3aaca301c9a8803a50224.
-
08:00 AM
Bug #6454: services_ntpd_acls.php: Can't change default options without setting custom access restriction
- Including the page name in the subject is helpful.
-
- More issues with this page noted at #6984
-
- OK... The button now almost fits, plus the issues on the second and third screenshots seem to be indeed fixed.
!ht... -
09:50 AM
Bug #6984: NTP/ACLs - Delete button partially invisible + rowhelper handling broken
- Applied in changeset commit:3b1c0951ddb913cefcf3aaca301c9a8803a50224.
-
09:48 AM
Bug #6984 (Feedback): NTP/ACLs - Delete button partially invisible + rowhelper handling broken
- Both issues fixed in JavaScript
-
- Playing with Delete is apparently lot of fun, also managed to produce this result:
!https://s15.postimg.org/x7rx3x... -
- Beyond #6454 (still unfixed), there are other issues with this thing, such as:
- the button not fitting the page
... -
- OK, after a bit of clicking, this is definitely not limited to aliases, let alone network-type ones. I managed to get...
-
04:17 AM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically
- @Marcel
It would be interesting to see what your dhcp6 is doing at the same time, could you post a snippit of both...
12/04/2016
-
- Anyone filling bugs about this package should consider a bounty to get it rewritten from scratch. I guess nothing sho...
-
12:49 PM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically
- Thank you Rick Strangman for the reply. I don't think, the issus are similar.
The Update will be scheduled for next ... -
- #6000 is about virtual IP's or am I missing something... quite possible at my age. :)
-
- Does this issue seem similar to bug #6000? If so I can probably help.
Rick -
- Can I make a suggestion. Before you do any major revision updates save a copy of your config file in case you wish to...
-
- Bump, this is still not fixed. Please, upgrade to 16.02.
-
01:04 AM Feature #6620: CoDel, FQ-CoDel, PIE and FQ-PIE AQMs
- I think it's late for 2.4, since it's beta.
12/03/2016
-
- Go to System->Updates->Update Settings, change Branch to "Development Snapshots" and save.
Now it will show an upgra... -
- The addresses are not changing. They stay.
What do you preffer or suggest? Updating would be ok for me. Is it possib... -
- Marcel Mayer wrote:
> As you can see here (logfiles attached in threads!)
>
> (English)https://forum.pfsense.org/... -
- As you can see here (logfiles attached in threads!)
(English)https://forum.pfsense.org/index.php?topic=119439.0
... -
- I should add that the only alias present in any rules is groupone. It is on LAN pass IPv4 any from LAN net destinatio...
-
- In some cases a nested alias containing FQDNs does not populate the parent table until filterdns runs again at its in...
-
06:42 AM Feature #6620: CoDel, FQ-CoDel, PIE and FQ-PIE AQMs
- bounty request with more forum links https://forum.pfsense.org/index.php?topic=90942.0
-
- forum link
https://forum.pfsense.org/index.php?topic=121198.0 -
- Can we get this added into 2.4 ??
-
02:49 AM Bug #6319: DHCP6 DDNS tsig key missing from dhcpv6.conf for reverse zone
- Can someone have another look at this please? IMHO this seems to be a simple fix. Unfortunatelly i don't have the cod...
12/02/2016
-
- Still missing in OpenVPN 2.3.13
-
- Duplicate of #2766
When OpenVPN properly populates IPv6 addresses in the status output, we can include them in the... -
- Applied in changeset commit:f829a8d3258e377b778ac84a1f2f345b8a79b766.
-
- Fix pushed, will show momentarily.
!http://i.imgur.com/oDe2MhN.png! -
- Applied in changeset commit:63b44eed9eeaa32567c1234c37dbce2e15dc8d37.
-
- Link to the associated PR: https://github.com/pfsense/pfsense/pull/3155
-
- Applied in changeset commit:bb6d61b1028697fe0e9e9a3b91a9b5491654319f.
-
-
11:36 AM Bug #6925: System Update Failed
- Ok ... But I can only update by removing the network cable after midnight and plugging in only on it. But in my netwo...
-
-
- All indications are that this is fixed now, from my own tests and from user feedback.
-
- Applied in changeset commit:80bc583c2365a0df606f409f6526385b1f0d8023.
-
- Works
-
- Applied in changeset commit:3343571b7f4c9c705869798ffc01bf9897d20aa0.
-
- an L2TP WAN dynamic gateway ends in "_", for example "WAN_L2TP1_" when it should end with the type, such as "WAN_L2TP...
-
- Looks good, no sign of mpd4, services still work.
-
-
- Seems to be working.
-
-
- Works better now. If it's left blank, it's assumed to be 0.
-
-
- Looks good, I don't see any left.
-
- Consoles are working on all 2.4 versions.
-
-
- Duplicate of #3393, and Phil's right, that can be done in pfBlocker already.
-
- This can be done with pfBlockerNG - example at https://forum.pfsense.org/index.php?topic=118431.0
A more manual meth... -
03:52 AM Feature #6979 (Duplicate): Create a rule using asn
- Create a rule using ASN
Example: block AS51773 Softonic adware and useless network.
12/01/2016
-
- Applied in changeset commit:ad477ffafc4491ccc7a9c69686cfdb404e6a7bca.
-
11:54 AM Bug #4479: Firewall rules won't match GRE interface after applying IPSEC transport encryption on GRE tunnel
- Jim Pingle wrote:
> Testing on 2.4 won't be reliable until #6937 is fixed.
Apparently this only affects mobile IP... -
- After some more testing this appears to be a problem only with mobile IPsec, specifically (at least) IKEv2 EAP-RADIUS...
-
11:35 AM Bug #6978 (Not a Bug): Squidguard error page crashing after activating WebGUI PFSENSE https security
- Blocking of pages by the capture of SSL works well, however when it activates the https security of webgui, the page ...
-
12:53 AM Bug #6975: <Hostname> is omitted when sending logs on syslog
- Jim Pingle wrote:
> Remote syslog data doesn't include the hostname, that is up to the receiving log server to handl...
11/30/2016
-
- Thanks, that's a better solution. ;)
-
- I've pushed a fix
-
07:44 PM Bug #5413: Reduce disruptions when changing DNS records from DHCP leases in Unbound
- Michael Marley wrote:
> Unbound is restarted directly by "dhcpleases"
Please post a Github link to the file + lin... -
- With the patch above applied, and "Register DHCP leases in the DNS Resolver" enabled, the Unbound service does not re...
-
12:19 PM Bug #6977 (New): VLAN traffic is erroneously counted as underlying iface (untagged) traffic
- On my pfs box I have one port carrying 3 subnets: first untagged and 2 other are VLANs, so the following layout:
igb... -
- Working now
-
- Attempting to store that large of value hits a suhosin variable limit. I updated the description of the ticket to mat...
-
- I can see why it would end up being called twice since in certain combinations of configurations the script would end...
-
03:53 AM Bug #5993: dhcp6c not started until an RA received
- JimP, please look at the last entry here.
-
- Whilst having a look at another issue, the fabled no release on dhcp6c option, I noticed on WAN intergace startup tha...
-
-
08:19 AM Bug #6969: Insufficient error checking on static ARP entries
- Seems fixed in todays 2.4 snapshots.
It won't allow the static DHCP lease to be submitted and the error message giv... -
- Remote syslog data doesn't include the hostname, that is up to the receiving log server to handle.
-
- When sending "filterlog" over syslog the standard defined in https://doc.pfsense.org/index.php/Filter_Log_Format_for_...
-
- This is also a problem on 2.4.
Input validation should prevent an alias from using a name that is already an inter... -
06:21 AM Bug #6976 (Resolved): Interface group and alias with same name creates firewall syntax error
- The firewall fails to reload when using the same name for an alias and interface group.
Steps to reproduce:
1. Cr... -
- PR has been merged
-
04:05 AM pfSense Packages Bug #6763: Squid ClamAv wrong redirect URL
- Frank Pineau wrote:
> I'm seeing the same redirect behavior.
Exact my problem.
So please reopen the issue. @... -
- After much head scratching about why devices are not getting v6 IPs any more, nothing short of disabling it on the di...
11/29/2016
-
07:34 PM pfSense Packages Bug #6763: Squid ClamAv wrong redirect URL
- I'm seeing the same redirect behavior. I can confirm that changing the GUI does update the squidclamav.conf file as i...
-
- Yet another Chris left so the bug went into an unassigned state.
JimP please verify, and assign back to me if we c... -
- The cert case is much simpler since there is a field for that directly. All the code has to check for is that the cer...
-
- Jim Pingle wrote:
> That would require some more work to detect if it's the GUI cert's issuer.
Hmmm well, that al... -
- That would require some more work to detect if it's the GUI cert's issuer, and the GUI cert could be self-signed, sin...
-
- Looks pretty good. CA in use detection works (tested with OpenVPN server, IPsec and LDAP), plus can no longer be dele...
-
- Applied in changeset commit:80080a0c8b5949b1af97d1d49b4cc834d06875cf.
-
- I was unable to reproduce the problem exactly as stated, but I added validation code to prevent incorrect keys from b...
-
- Applied in changeset commit:ab63443a9184f42f6a47907e5f2d3fbab6ff043e.
-
- Testing on 2.4 won't be reliable until #6937 is fixed.
-
- It appears to be worse than before now too.... ICMP doesn't work across the tunnel now either.
-
- Jorge Albarenque wrote:
> I can confirm this still occurs on 2.3.2. Probably worth checking on 2.4 since Chris had m... -
04:47 AM Bug #4479: Firewall rules won't match GRE interface after applying IPSEC transport encryption on GRE tunnel
- I can confirm this still occurs on 2.3.2. Probably worth checking on 2.4 since Chris had mentioned it seemed to be re...
-
- It's still a problem on 2.3 and 2.4...
-
- Applied in changeset commit:7a9c12b3d6e01e11ec0af3a6690a5c3de2fbbd2e.
-
- Duplicate of #2800 which is fixed on 2.4 already.
-
09:22 AM Bug #6973 (Duplicate): OpenVPN fails to verify client certificate when using intermediate CAs to sign server/user certs
- I am using pfSense and OpenVPN with a few intermediate CAs to seperate VPN servers by project:...
-
- It's working well now.
I updated the wiki and book to follow the new requirement, and made a slight adjustment to ... -
- An example:
!https://s14.postimg.org/7fgw3jrxd/aliases_delete_wth.png! -
- I randomly keep getting a nonsensical "Are you sure you wish to?" prompt when deleting networks from network-type al...
11/28/2016
-
- Well, apparently not a package bug.
-
05:31 PM pfSense Packages Bug #6968: Snort VRT Rules Fail to automatically update SSL read error
- Kill Bill wrote:
> You have pfBNG installed and Amazon S3 blocked?
Nope only package I have installed is snort.
... -
- You have pfBNG installed and Amazon S3 blocked?
-
- pfsense version: 2.3.2-RELEASE-p1 (amd64)
Snort Version: 3.2.9.1_14
Automatic update fails with following errors... -
09:14 PM pfSense Packages Bug #6971 (Closed): Interfaces.php: "Reserved Networks" checkboxes not shown
- Using Windows 10 snap window function to resize Firefox to half the display size causes the checkboxes on Reserve Net...
-
- yet another case where we lost track of the bug because Chris just removed himself when he left.
assigned back to ... -
- i think this is a freebsd bug, might be fixed.
-
- please validate and hand back.
-
- they moved because it's better.
but they have a really large environment.
we've known about kea for a while. (... -
- JimP, please verify, and if not valid, close.
If valid, please hand-off to bbcan117 -
- It's already in 2.3.3 snapshots
-
07:57 PM Bug #6970 (Rejected): Update pfSense 2.3 to Unbound 1.5.10
- I noticed the Unbound version pfSense is shipping is a bit old at 1.5.9. The latest release is 1.5.10. The .10 releas...
-
- Adding a note to clarify: It is OK for "IP address" to be blank/empty if "ARP Table Static Entry" is unchecked.
-
- When creating a static DHCP lease entry the GUI input checking does not prevent checking 'static ARP' without enterin...
-
- Applied in changeset commit:b35fc4331ac78f9459db00be04dc6b077f168593.
-
08:43 AM Bug #6223: IPsec + OpenBGPD fails with "PF_KEY socket: No buffer space available"
- To all having this problem - while there is no fix yet, I have put together a workaround I have been using successful...
-
08:08 AM Bug #6966: Display bug in Status / IPsec / Overview
- Jim Pingle wrote:
> That page outputs what is given to it by strongSwan. Check the output of "ipsec statusall" from ... -
- That page outputs what is given to it by strongSwan. Check the output of "ipsec statusall" from the console when it's...
-
- I have to IPsec tunnels configured. If one goes up, it is reported as both connected and disconnected in two separate...
-
07:41 AM Bug #6967 (Resolved): DH Groups 22, 23, 24 missing from Phase 2 selection GUI
- When configuring IPSec you can select DH Groups 22-24 for Phase 1, but for Phase 2 they are missing from the GUI.
...
11/27/2016
-
- And as for "the GUI does nothing":
!https://s15.postimg.org/fk5zywtsr/clamav_redirect_empty.png!... -
- The default URL is set to the pfSense GUI URL on package install. Simply because that's the only sensible default. Th...
-
- See: https://forum.pfsense.org/index.php?topic=115323.0
-
- Kill Bill wrote:
> Richard Eberhard wrote:
> > I also tried adding a redirect command in the custom squid config: n... -
-
- No bug here, let alone "very high" severity, can be closed. This is configurable in the GUI as shown above.
-
06:28 PM Bug #6223: IPsec + OpenBGPD fails with "PF_KEY socket: No buffer space available"
- Has anyone attempted this with 2.4 beta? I've already burned my downtime allowance testing with 2.3.x versions and va...
-
- Yes, set CN property surprisingly sets CN property. Sigh. Because that's exactly the purpose of the feature. Set != s...
-
- Kill Bill wrote:
> Sorry, but browser thinking a certificate is valid when it's not is NOT a Squid issue. Stop doing... -
-
- Sorry, but browser thinking a certificate is valid when it's not is NOT a Squid issue. Stop doing HTTPS MITM if you h...
-
-
- Ale Feltes wrote:
> I can't see issue's status control. I can only add comments.
That was aimed @pfSense guys. :) -
07:06 AM pfSense Packages Bug #5701: Sarg does not delete cron entry
- I can't see issue's status control. I can only add comments.
-
- Package no longer exists in 2.3+, use lightsquid.
Please, close.
-
-
- Package gone, please close.
-
-
- This already works with Avahi as noted above. Please, close this.
-
-
- Cannot be reproduced plus concerns obsolete 2.2.x PBI stuff.
Please, close. -
-
- Package no longer exists in 2.3+, please close.
-
-
- Been already done, can be closed.
https://github.com/pfsense/FreeBSD-ports/commits/devel/sysutils/pfSense-pkg-apcupsd -
-
- Darkstat does not support HTTPS. Cannot be fixed in the package. The issue is HSTS headers set by pfSense nginx. Best...
-
-
- Upstream bug tracker for Squid is at http://bugs.squid-cache.org/describecomponents.cgi?product=Squid - the pfSense p...
-
-
- 2.2.x is dead, plus this would not be a Squid package bug at all. Please, close this.
-
-
- No bug here, can be closed.
-
- It'd seriously help to have a checkbox that'd simply _add_ whatever custom alias(es) to the default passlist, instead...
-
- This is misfiled under Packages product, any changes here would need to be done in pfSense core.
11/26/2016
-
- Well, this still does not work properly at least with bzip2, because:...
-
- There's already #6023 for netmap + shaping.
-
02:12 PM Bug #5649: bce0: Discard frame w/o leading ethernet header (len 0 pkt len 0)
- I believe this issue can now be closed.
After using pci-stub on the Linux host for the two NIC's in question, whic... -
- The policy always gets assigned to the first instance (normally probably WAN) when you either
- use the Import butto... -
- https://github.com/pfsense/FreeBSD-ports/pull/220
-
- This got broken again. Together with some other cosmetics, this is fixed by https://github.com/pfsense/FreeBSD-ports/...
11/25/2016
-
10:27 PM Bug #6962: GUI allows selecting missing diffe-helman Paremeters for OpenVPN
- My vote would be either to grey out or remove the missing parameters from the OpenVPN dropdown, or to kick off a back...
-
- The GUI should probably grey out or otherwise note the selections without available files. Or maybe check for @/etc/d...
-
- I pushed a fix as stated. Works fine with and without key-based auth. Needs more testing once it hits snaps.
-
- The ssh authentication "keyboard-interactive" method fails on 2.3.2 and 2.4
This is due to the use of @UsePAM no@ ... -
- Duplicate of #6886
11/24/2016
-
- Uhm... generating these "on demand" is a horrible idea. Should be either pre-shipped or user told to do the job. User...
-
- When trying to use a 3072-bit Diffie-Hellman parameter with the OpenVPN server, the following error is logged and the...
-
- Kinda difficult to come with "pfSense native firewall"-like GUI, considering there's no pattern about what's going to...
-
- See https://github.com/pfsense/FreeBSD-ports/pull/218
-
09:31 AM Feature #6961 (Duplicate): IPv4/IPv6 Dual-Stack IPSEC mobile vpn
- It would be nice to have possibility to create Phase1 IPSec for Mobile Clients - for both IPv4 and IPv6.
Currently... -
07:51 AM Feature #6960: Introduce Kea DHCP as an alternative DHCP server for IPv4 and IPv6
- It looks like Facebook migrated to Kea DHCP. Should be for a good reason [[https://code.facebook.com/posts/8459090588...
-
- I think it would be a good idea to at least take a look at kea dhcp by ISC. It seems to be a much better solution for...
-
-
- Already fixed by https://github.com/pfsense/FreeBSD-ports/commit/5f79e53dcae89bb185279ba2164a99891bb70dfd
-
- Done
-
03:24 AM Bug #6762: "Please match the requested format" error in Chrome when editing certain form fields
- I'm still having this issue.
Norwegian settings in Chromve version 55.0.2883.59
I get the error when trying to ad...
11/23/2016
-
02:35 PM Bug #6850: FreeBSD 11.0 Route Syntax Change For Non-Local Gateway
- After going into System -> Routing -> Gateways, clicking edit on the current gateway outside the subnet, don't even h...
-
- When booting the 2.4 install media, the first screen of the installer offers a "Live CD" choice that is confusing to ...
-
12:51 PM
Bug #6958 (Resolved): services_dhcp_relay.php: Needs to be converted to more recent rowhelper standard
- Page still uses the deprecated setIsRepeated() method on the group. We no longer do that.
-
12:18 PM Bug #6957 (Closed): CARP arp reply with wrong src mac
- The problem is same as https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=141023
I find a patch on pfsense/FreeBSD-sr... -
12:01 PM Feature #6956 (New): Allow more control over concurrent logins
- Currently there is a checkbox that allows concurrent logins, or not. I'd like to be able to replace that binary check...
-
- My interfaces:LAN, WAN, WAN2
1、I add IP Alias VIP 155.155.155.155 on WAN2, it's ok. Get the uniqid: 5831b1cbbbdcd
... -
- The new installer has a number of useful options but there is no choice that replicates the "Quick/Easy Install" opti...
-
- After discussed it, we decided to let user create wireless clone interface before assign it and remove any special tr...
-
- It works on the latest CE snapshot from overnight, but there is one regression from the previous behavior. At the mom...
-
- Kill Bill wrote:
> I guess you produced a typo in the latest commit.
>
> [...]
>
> https://github.com/pfsense/... -
- Steps to reproduce:
* have existing internal CA
* import external CA (in my case, signed by the internal CA but g... -
- Steps to reproduce:
* Import external CA
* Do not set "Serial for next certificate"
* Try to create a user certi...
11/22/2016
-
- I guess you produced a typo in the latest commit....
-
-
- Wow, this is much better than before, shows complete progress output now. 8-) Thanks.
-
09:51 AM
Bug #6864 (Assigned): Error checking rejects IPv6 addresses with upper case A-F.
- Force IPv6 to lowercase via addrtolower() has been added to:
firewall_aliases_edit.php
firewall_rules_edit.php
... -
09:48 AM
Bug #6918 (Closed): Javascript Lowercase for IPv6 addresses prevents use of aliases with capital letters
- Closed in favor of #6864
-
- What happens if you use www.xn--bcher-kva.ch as the name to block in the rule?
Is that effective?
I wonder if pf ... -
- Most likely it's a configuration issue and not a bug. It's best to discuss this on the forum before opening a bug rep...
-
- What appears in /var/dhcpd/etc/dhcpd.conf ?
When I put specific DNS servers in there, I get a line like:
option dom... -
- The only way to disable the auto config backup package after the credentials have been entered is to uninstall it. Th...
-
- The 'Backup Now' function always reports 'Backup completed successfully.' even if the backup to the server failed. If...
-
- Fixed by #6900
-
02:23 AM pfSense Packages Bug #6410: when PFSENSE after server restart,openvpn+motp not login
- SOLVED: Did update with Version freeradius2 1.7.4 and everything runs fine now
11/21/2016
-
- Thanks for looking into it (it's not like the exact messages would be really critical, but it was an indication of a ...
-
01:43 PM
Bug #6931: Status > Filter Reload page is confusingly worded
- The root cause of the issue was that the filter reload process over-wrote the status file with every message, so ther...
-
11:59 AM
Bug #6931: Status > Filter Reload page is confusingly worded
- The system I was testing on was too fast to notice the intermediate messages. Thanks for pointing that out. Fix coming.
-
- I'm very sure the thing has actually been displaying _real_ activity during reload. Such as, loading the various pack...
-
11:14 AM
Bug #6931: Status > Filter Reload page is confusingly worded
- Previously when visiting the page from the status menu the page would say that it was reloading the filter then after...
-
- Uhm, dunno guys, it appears to me like this made the thing basically no-op? Previously, it's been showing what's goin...
-
10:58 AM
Bug #6922 (Resolved): Dynamic DNS widget broken with Custom v6 entries
-
- Works, thanks.
!https://s22.postimg.org/kxalm38rl/screenshot_dyndns_widget.png! -
10:54 AM
Bug #6922: Dynamic DNS widget broken with Custom v6 entries
- Added code to handle IPv6 (cache file has "_v6" appended)
-
10:50 AM
Bug #6922: Dynamic DNS widget broken with Custom v6 entries
- Applied in changeset commit:a7391526c83a8d4b33e81d730141a4811ae8d482.
-
- ...
-
08:58 AM
Bug #6922 (Feedback): Dynamic DNS widget broken with Custom v6 entries
- Kill Bill,
Could you post or send me the contents of the /cf/conf/*.cache file that pertains to he HEIPV6 entry pl... -
10:57 AM
Bug #6864: Error checking rejects IPv6 addresses with upper case A-F.
- See #6918
A new function has been provided to force IPv6 to lower case on save. This is being added to GUI pages as ... -
-
- Fixed. Dragging below/above the visible window in FW rules works, HAproxy and Status_Traffic_Totals still have the re...
-
09:50 AM
pfSense Packages
Bug #6939: HAproxy - backend server list broken with recent 2.3.3 snapshots
- Applied in changeset pfsense:commit:f6973634c34b34908644e2df17154274d2ab12be.
-
09:40 AM
pfSense Packages
Bug #6939: HAproxy - backend server list broken with recent 2.3.3 snapshots
- Applied in changeset pfsense:commit:dd455f50b7be7957428b0733b5b2c93ccba9e284.
-
09:37 AM
pfSense Packages
Bug #6939 (Feedback): HAproxy - backend server list broken with recent 2.3.3 snapshots
- The scroll gimmick CSS has been removed from the master CSS file, and added only to firewall_rues.php and firewall_na...
-
- Applied in changeset commit:fc84b222e75c9d92e394a2e9ddb80c5ead382f52.
-
09:02 AM
Bug #6903 (Resolved): services_dnsmasq_edit.php: Configuration XML hosts section order appears randomized
-
09:02 AM
Bug #6918: Javascript Lowercase for IPv6 addresses prevents use of aliases with capital letters
- I have added a new function addretolower() to detect if a string is a valid IPv6 address, and if so convert it to low...
-
- That worked, thanks!
I did make one small tweak. Before, we used @kdb.enter.default@ rather than @kdb.enter.panic@... -
- Applied in changeset commit:0529323ff97f81e0203553086df8917aeb5542d3.
-
- Kill Bill wrote:
> Yay!!! Will only be able to test after this weekend; going to post feedback here. Thanks.
!htt... -
02:56 AM Bug #6949 (Resolved): username/password not used by proxy support
- hello,
it seems that username and password is not used for the proxy connection. it works only with IP and port but ... -
- I was able to update. But I had to take the cable out of the router and leave it to pfsense only. Very sensitive. lol...
11/20/2016
-
04:35 PM Bug #6945: Firewall alias naming restrictions are too limiting
- I am well aware of DNS's Punycode encoding and of the homograph problem. The former is alas needed for backwards com...
-
- Hmmm... So, that's caused by the bogus empty file at the top, which I never placed there in the first place. NFC how ...
-
- No idea what's this bootstrap nonsense validating where yet again. It is absolutely impossible to input anything ther...
-
- This is beyond uncool. When I accidentally deleted an external (intermediate) CA cert from the CAs tab, it wiped the ...
-
01:08 AM Bug #6946 (Not a Bug): Unable to override dns servers in dhcp server
- Trying to provide specific DNS servers for specific optX network. No matter what I set the dns server fields to, the...
11/19/2016
-
- This is how's www.bücher.ch represented in DNS: www.xn--bcher-kva.ch; believe it or not, people do NOT want to deal w...
-
- Thanks for the link. Hopefully they won't reject the bug. Why do you think they would? (You do know that the majo...
-
- Sean McBride wrote:
> Do you know where I should file this upstream then?
https://bugs.freebsd.org/ if you insist... -
- I figured it would be something like that.
Do you know where I should file this upstream then? -
- We are bound by the limits in pf. We can only allow what they allow. (A-Z, a-z, 0-9, and _)
Use the description fi... -
- In Firewalls > Aliases, when creating/editing an alias there is a 'name' field. This field disallows most characters...
-
- Just found this one issue, looks i made a duplicate https://redmine.pfsense.org/issues/6940 , i did implemented the '...
-
- Fixable by: https://github.com/pfsense/pfsense/pull/3236
-
- DDB is there now but something still isn't triggering textdumps. 2.4 has a different /etc/ddb.conf file from the one ...
-
- I quoted a wrong post, however, both the HAproxy and the Status_Traffic_Totals have been fixed by reverting the offen...
-
- Kill Bill wrote:
> I'm not one of those bootstrap guys. :/ Perhaps @sbeaver could help. As for excessively wide drop... -
- I believe such an RFC exists already:
https://tools.ietf.org/html/rfc6151
Section 2: "MD5 is no longer acceptab... -
- There is a problem some users are having with dhcp6c sending a release on exit, in 99% of cases this is not an issue ...
-
01:21 AM Feature #6832: [PATCH] Add the USB ID for the Sierra MC7430
- Thanks, but I don't see it in the @RELENG_2_4@ branch.
11/18/2016
-
- There are known issues with re(4) and spoofed MACs, it isn't always the driver, sometimes it is the chip itself.
Y... -
07:44 PM Bug #6941: VLAN interface does not work unless parent/or vlan interface are in promiscious mode
- Jim Pingle wrote:
> That would be a limit of your specific NIC chip and/or driver. If it's possible to be fixed at a... -
04:08 PM
pfSense Packages
Bug #6939: HAproxy - backend server list broken with recent 2.3.3 snapshots
- I'll take care of it
-
- I'm not one of those bootstrap guys. :/ Perhaps @sbeaver could help. As for excessively wide dropdowns, perhaps this ...
-
- Yah shortening the field lengths would likely help.. but how to do that in a bootstrapped kinda way.?.
-
- Not sure either, the "port" field could definitely be shrunk quite a bit, for starters, though that'd only mitigate t...
-
- There used to be a scrollbar.. Thats hidden now by this fix: https://redmine.pfsense.org/issues/6895
Reverting htt... -
- Still seeing some issues, if I edit anything with the local-gateway even just the description and click apply changes...
-
- Ken Sim wrote:
> Still seeing system lockup on 2.4.0-BETA when dealing with non-local gateways.
I've tried to rep... -
- Already added
-
- I believe the responsible for so many queries is System Information Widget, that checks for upgrades every time it sh...
-
- Yay!!! Will only be able to test after this weekend; going to post feedback here. Thanks.
-
- Patch removed and package updated to 4.3.5 on pfSense 2.3.3 and 2.4.0
-
- Done for 2.3.3 and 2.4.0
-
- Labels are working, GPT was the default, ZFS is working (See #6929). This looks good to me. Closing.
-
- - GPT is now default
- Labels are being used on fstab
- ZFS installation is working as expected -
- option DDB added to pfSense kernel
-
- The amd64 kernel in 2.4 does not contain "options DDB" so textdumps are not working. It does have "options KDB", but ...
-
- It will only show what it finds in DNS, which is what it gets from DHCP static mappings, leases, host overrides, and ...
-
06:18 AM Bug #6942 (Duplicate): Traffic Graph displays wrong local FQDN
- In a configuration with several networks and different local domain names for each network where hosts get their name...
-
07:18 AM Bug #6877: nsCertType "Server" property of a certificate is not detected if additional nsCertType flags are also set
- And in the same spirit, https://github.com/pfsense/pfsense/pull/3234
-
- Done during 2.4 alpha
11/17/2016
-
- That would be a limit of your specific NIC chip and/or driver. If it's possible to be fixed at all, it would have to ...
-
- Hi,
I have a pfsense box with two physical interfaces re0/re1.
My setup is two vlan interfaces defined re0_102 ... -
06:07 PM Bug #4689: Panic/Crash "sbflush_internal: cc 4294967166 || mb 0 || mbcnt 0"
- I am getting this symptom (crashs) on v2.3.2, multiple times a day:...
-
- Reading this would help to understand why it's not supported.
https://forum.pfsense.org/index.php?topic=87211.msg514... -
02:30 PM
Bug #6931: Status > Filter Reload page is confusingly worded
- Applied in changeset commit:d3cb20cef80a084f162495b5698190405df7a1dd.
-
02:24 PM
Bug #6931 (Feedback): Status > Filter Reload page is confusingly worded
- Page un-uglyfied as requested
-
- P.S. Cannot make the window any wider, it's already fullscreen on a full HD monitor, not even F11 helps. :-D
-
- That's the same image I'm running, so it's most likely a problem with the package in general. It's possible there was...
-
- Well, not sure what's current. The box has been upgraded about ~2 hours ago. ...
-
- Is this still the same on a current snapshot? Is it the same if you force a page reload to clear the cache? Make the ...
-
- This definitely used to work, however it got badly broken recently. The SSL checkbox and weight fields are completely...
-
- OpenVPN management socket not listening after bootup
The dashboard shows the following: "Unable to contact daemon ... -
- Jim Pingle wrote:
> One thing I did notice in your original description is that the network config is invalid. You c... -
- Looks good, filter log contains the expected entries now.
-
- We determined this page was OK because it's acceptable for a host override to have zero aliases. Without the button t...
-
- Works, can XMLRPC sync so long as the user has the "System - HA node sync" privilege.
-
08:17 AM Bug #5319: Error message "No config named" in charon daemon
- I can confirm this one too. 2.3.2 in use....
-
- Looks good, thanks for testing!
-
- Works ;)
!https://s15.postimg.org/w34bhj9az/Cert_Manager_Screenshot_Fixed.png! -
- Merged PR
-
- I don't think I've ever seen one with both set, and practically there is rarely if ever a reason to do so. It's worth...
-
- Yeah, this cannot work...
-
- Well, this does not work properly even with the nsCertType set. Example:...
-
-
01:18 AM Bug #6934: /usr/bin/install missing from new 2.4 installations
- I just did a fresh install with the 11/16/16 build. I was able to restore my configuration and all packages installe...
11/16/2016
-
09:48 PM Bug #6938: DNS with OpenVPN gateway specified is routed through wrong interface. 2.4 regression.
- I've been trying to identify if the same issue exists when setting a DNS entry with a normal WAN gateway (with static...
-
- System -> General Setup -> DNS Server Settings
Setting a DNS with an OpenVPN client gateway (dynamic IP address) is ... -
- I have now verified that this is reproducible on 2.4 nightly 20161116-0701.
-
- Moving the start of OpenVPN will undoubtedly have other unintended consequences. What is likely happening here is tha...
-
- Yes.
-
- Do you have System > Advanced, Misc, "Do not create rules when gateway is down" set?
-
- Please note that Status -> Filter Reload also works to properly initialise the rule after boot (as an alternative to ...
-
- *Summary*:
A race condition starting OpenVPN client at boot (rc.bootup) is causing a firewall rule (that is dependen... -
- I've already taken everyone off the network, but I can not update only timeout.
((>>> Updating repositories meta... -
-
- Traffic entering enc0 on 2.4 is not creating a state, thus TCP traffic will not pass. ICMP works as the return traffi...
-
-
-
03:37 AM Bug #6935: Rule (which contains a pfBlockerNG URL-Alias) cannot be saved
- Kill Bill wrote:
> Duplicate of Bug #6918
Ups, sorry -
- Duplicate of Bug #6918
-
- I cannot create or edit a Rule which contains a pfBlockerNG (URL-)Alias. The name of the Alias will automatically con...
-
- Applied in changeset commit:c0ac85e7408bd34beac586b25a57901dc2c5c885.
11/15/2016
-
11:44 PM Bug #6913: install on Hyper-v R2
- Yes, it works.
Thank you. -
- There were fixes put in today for ZFS and it might have affected other things you're seeing. Try it again on a new sn...
-
- I don't have anything capable of running Hyper-V on Windows Server (R1 or R2) nearby so I can't easily confirm the is...
-
- I just experienced this apparently same crash on 2.4 while running the DSLReports Speedtest. The system crashed afte...
-
10:02 PM Bug #6918: Javascript Lowercase for IPv6 addresses prevents use of aliases with capital letters
- I reverted all these changes until the proper solution is committed.
The 'real' solution here is convert the IPv6 ... -
- There are more related pending PRs that may help, but I was talking to sbeaver earlier and he had some ideas on how i...
-
- I'm sorry but this is *still* broken. I go to Firewall - NAT - Port Forward, there's a rule with an alias called "RAS...
-
- Should be fixed in filterlog-0.1_5.
-
- Nah, Nepal is innocent -- the mirrors have been slow like molasses for some two days or so...
-
- I am also getting this the last day or so. I thought it was related to moving back to Nepal and having slower internet.
-
-
- ZFS now works on CE and Factory snapshots, thanks!
-
- Pushed a fix, please try next round of snapshots
-
- Same as #6643 but it's happening again on 2.4 now.
/usr/bin/install is missing from a fresh install, updating to a... -
- Duplicate of #6768
-
08:07 AM
Bug #6933 (Duplicate): Wrong IPv6 address is served over DNS when static mapping is used with Track6 interface
- I have a router with pfSense 2.3.2 that has several LAN interfaces, each set to Track6 mode to assign IPv6 addresses ...
-
- 1:1 NAT does work for IPv6. It's similar to NPt, but for a single address -- NPt is really just a slightly different ...
-
- At the moment it allows entry of IPv6 addresses. Is that correct? Is the 1:1 NAT feature supposed to work fine with I...
11/14/2016
-
- Please open a forum thread for discussion and diagnosis before opening a bug report. It does work for some people, an...
-
10:11 PM Bug #6932 (Not a Bug): MLPPP
- This feature has been broken for a very long time. I have tested with x64 and x86 and different hardware with no luck...
-
- The way the Filter Reload page is displayed implies that the filter rules are loaded by simply visiting the page.
... -
05:32 PM
Bug #6812: IPsec filterdns crash
- OK these issues have surfaces again this morning. Truth be told, I have no idea what's Ipsec and as far as I know, I...
-
- Applied in changeset commit:9444a281f051e11d5456cc37b2a3f56fc8a7bc33.
-
- The PR looks good, appears to do the proper thing in each case. I just merged it in.
-
03:28 PM pfSense Packages Feature #6651: Loopback interfaces
- Loopback interfaces are a cisco best practice for GRE/IPSec tunnels. I would use them for site-to-site IPSec as an in...
-
- Related forum thread: https://forum.pfsense.org/index.php?topic=121105.0
Basically
- disable the enable DHCP serv... -
- Choosing the ZFS option results in a system that starts to boot, but cannot mount the root slice because it doesn't k...
-
- the problem appears to be fixed in FreeBSD 11.0- *STABLE*
11/13/2016
-
11:13 PM pfSense Packages Bug #6928: freeRADIUS, logging with "Access-Reject" not work in mysql table radpostauth
- for change it - needed uncomment this:
/usr/local/etc/raddb/sites-enabled/default
section post-auth
variable sql
... -
- The table(radpostauth) is recorded only events "Access-Accept".
in the table(radpostauth) needed events "Acces-Reje... -
- 11-stable have fixed this issue
-
- Bug 212721 - FreeBSD 11.0-RC2/RC3/RELEASE fails on Hyper-V 2012r2
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id... -
- "Operation timed out" => when download fails, you cannot upgrade.
-
- >>> Updating repositories metadata...
Updating pfSense-core repository catalogue...
pfSense-core repository is up-... -
- When adding a 1:1 NAT entry it is possible to enter a mix of IPv4 and IPv6 addresses in the various External Internal...
-
- See pull request https://github.com/pfsense/pfsense/pull/3225 for a suggested fix.
-
11:05 AM Bug #6918: Javascript Lowercase for IPv6 addresses prevents use of aliases with capital letters
- Yes. Confirmed on:
2.3.3-DEVELOPMENT (amd64)
built on Fri Nov 11 16:36:08 CST 2016
FreeBSD 10.3-RELEASE-p12
... -
12:17 PM Bug #6926 (New): Miniupnp advertising expired IPv6 address
- Version 2.3.2_1
With WAN set to DHCP6 and LAN set to track interface, the miniupnp service does not get notified i... -
- It's possible something being configured on the previous one made it appear that it failed (e.g. states got reset). I...
-
- I added a new network card and I set up ipv4 and saved it and it was just spinning. Now I added another set and it wa...
-
05:55 AM pfSense Packages Bug #3343: (re)starting freeradius service throws "The command '/usr/local/etc/rc.d/radiusd.sh stop' returned exit code '1', the output was 'radiusd not running?'"
- The problem is, that pfSense restarts the packages it self and also calls the restart method of freeradius itself.
... -
- Bug 213618 - When running as a Hyper-V Guest, FreeBSD 11 networking does not work
https://bugs.freebsd.org/bugzilla...
11/12/2016
-
- I can't duplicate this here on a current snapshot. The package installs fine.
Make sure you are on a completely up... -
- Fetching pfSense-pkg-nrpe-2.3.1_1.txz: . done
Fetching nrpe-ssl-2.15_6.txz: ... done
Fetching nagios-plugins-2.1.3,... -
- Can you explain in more detail about exactly what you are doing that is failing?
I am able to assign an interface ... -
- Configures all standard parameters prompts to save. But it just keeps rolling.
But by option 2 (Set interface (s) IP... -
- Self-explanatory:
!https://s16.postimg.org/9l1y6nq6t/Screenshot1.png!
!https://s16.postimg.org/t46jg0oyd/Screensh...
11/11/2016
-
11:22 PM Bug #6921 (Not a Bug): Poor speed with Chelsio T420-CR
- I have a Chelsio T420-CR 10gbe NIC in a Supermicro A1SRi-2758f based pfsense router. I get poor speed (~1.2gbps) test...
-
- Base64 encoding works fine here.
-
- Tested on a few systems, works fine.
-
- Applied in changeset commit:fbb652ed28641c50b14b9897a914ed317c323d73.
-
- Tested on a few systems, works fine.
-
- Applied in changeset commit:92a78939583e2be7f7cc52d045bc48a2e2264d1d.
-
- I upgraded a 2.3 VM that had recently had FreeRADIUS installed, but removed. The old freeradius.inc was somehow left ...
-
- The filter logs contain information but not enough data:...
-
- Looks good.
-
- Text is correct now.
-
-
- This appears to have broken the use of Aliases that have names using capital letters. See #6918
-
- It's in the list now for snapshots.
-
- Routing has been fine on 2.4 in every scenario I've tried so far.
-
- Fixed, only one entry is present in the override file now.
-
- New extension loading method is working well.
-
- I've run through several installs lately and this is definitely OK now.
-
- Still missing in OpenVPN 2.3.12
-
- If you have an alias, say "Blah", and try to enter it in a field on a firewall rule, it is automatically translated t...
-
10:21 AM
Bug #6893 (Resolved): Configuration XML is inconsistent with self closing tags
-
10:20 AM
Bug #6916: interfaces_vlan.php: Clicking on "Cancel" deletes VLAN
- Applied in changeset commit:38fe6f07922c8ee6bde81ba1f07ab6ffe380f12b.
-
10:14 AM
Bug #6916 (Feedback): interfaces_vlan.php: Clicking on "Cancel" deletes VLAN
- Automatic confirmation suppressed and manual confirm substituted.
-
- Just another small bug from VLAN delete confirmation dialog (see Bug #5541). If one clicks on trash icon, the delete ...
-
- The update check always has to leave the interface with the default gateway, as any traffic originating from the fire...
-
- Hi guys,
Please add an option to allow the user to choose from what IP or interface the request for updates is out... -
- Works in snapshots that include the fix
-
- Works
-
- Works
-
- Feedback from a customer who was hitting this confirmed it's now working.
-
- Works
-
- Closing for lack of feedback.
-
- Works
-
- It's been 4 years and this hasn't come up again. If someone needs it, they can add these options manually.
-
05:50 AM
Bug #6895 (Resolved): Moving rules does not scroll
-
- Can this pretty please finally get the disastrous patch reverted? Not only it did not fix what it was supposed to fix...
-
03:08 AM pfSense Packages Bug #6736: Snort fails to start after upgrade to 2.3.2-RELEASE
- Get the same issue when updateing from pfSense 2.3.1_5 to 2.3.2_1
In my logs when SNORT tries to start I also get:... -
02:09 AM Bug #6915 (Resolved): unbound logging not working after reboot or "Reset log files"
- After "reboot the machine" or "Status => System Logs => Settings" => "Reset log files" then unbound logs are not s...
11/10/2016
-
11:07 PM Feature #6914 (Resolved): unbound access-control lists
- Hello! In
Services -> DNS Resolver -> Access Lists -> Add -> Actions
we have only 4 options "Deny", "Refuse", "Allo... -
04:04 PM Bug #6099: igmpproxy does not recognize upstream interface
- That's interesting. But unfortunately this is not the case for my system. Swisscom transmits everything on vlan10 and...
-
- The prompt when booting appears to be due to the fact that /var was not cleaned out when switching to RAM disk, and t...
-
- can't install 2.4 on Hyper-V 2012 R2
fix... -
- Better fix is in now, see #6878
-
- Works here, must be something local or site-specific.
-
- Each of these changes was made on 2.4 only, as some assumptions were made that could conflict in some cases (e.g. Nan...
-
- I pushed a change to teach squidGuard to keep its databases in a persistent directory when /var is in RAM. The files ...
-
- Pushed a change for squid to teach clamav to keep its DB in a persistent location if /var is a RAM disk. It doesn't c...
-
- can't install 2.4 on Hyper-v R2 (all updates installed)
fix:... -
- But the details you mention are not solved by this suggestion. The interface is already filled/selected when you crea...
-
11:14 AM Bug #6910: Pre-fill 'interface' field when creating firewall rule on interface -> efficiency
- I mean it constructively, btw, not to whine or something.
-
- I'm assuming people want to work efficient.
What is wrong with copying a field into a field to make sure people do... -
- You're assuming everyone uses it the same way you use it, which isn't the case. Removing functionality to prevent foo...
-
- 1. Button: 'copy'
2. Popup: which fields to change (interface);
3. Save = copied with altered values. -
- Being able to edit the interface allows you to move a rule from one interface to another. (e.g. copy LAN rule, edit L...
-
- Now it is possible to create a firewall rule on a vlan tab, and fill in the wrong interface in that rule. Aside from ...
-
- Thanks for the feedback!
-
- I think you should mark it as "resolved/closed". Thanks!
-
- i have installed 2.4 on hyper-v 2012 R1, set ip. no network.. no ping.. have updated drivers, enabled and disabled hw...
-
- Example: I want to copy ALL FW rules from VLAN100 to VLAN110 at once.
Then, in that copy, or (see previous issue r... -
- For example: copy one alias (the content of course) into another alias (like in FW rules), sort alias, filter alias, ...
11/09/2016
-
10:51 PM Bug #6907 (Duplicate): DNS Resolver does not use domain name set in DHCP subnet, only the global one
- Ran into this myself & found a relevant forum post here: https://forum.pfsense.org/index.php?topic=119717.0
In sho... -
- Many bugs were fixed in 2.4.
2.3.2 is very broken with respect to limiters.
Could you try a recent 2.4 snapshot ? -
- Found sth on different site:
[[https://sourceforge.net/p/igmpproxy/bugs/4/#472a]]
So for at least with DE-Telekom ... -
- Fixed the snort directories in commit:ce8fedd
Will look into squidGuard soon. -
- Checking deeper, @pkg info@ is empty after switching, which explains why the installed packages showed damaged, but a...
-
- I set /tmp and /var to be in RAM on a test box running 2.4 and hit a couple issues:
1. I had two packages installe... -
02:23 PM
Feature #6881: services_unbound_host_edit.php: DNS Resolver Add V4 and V6 host override at the same time
- In addition any aliases created would have to include both the V4 and V6 addresses.
-
- It is still an issue but it can be easily worked around by adding a floating rule to pass outbound to the destination...
-
- The verify script is in @/usr/local/etc/raddb/scripts/otpverify.sh@ on current versions. The FreeRADIUS package code ...
-
- Pull request has been merged. Thanks!
-
- I can reproduce this somewhat here on 2.3.2. With a WAN/LAN style bridge, putting @synproxy@ on a TCP rule will event...
-
- I can't reproduce this here on 2.3.2_1. I can make edits to the bridge and the MAC stays the same and I can still rou...
-
09:00 AM
Bug #6903: services_dnsmasq_edit.php: Configuration XML hosts section order appears randomized
- Applied in changeset commit:8e7fea674a34ab217c9b9821c608639ca45bd281.
-
08:18 AM
Bug #6903 (Feedback): services_dnsmasq_edit.php: Configuration XML hosts section order appears randomized
- It is certainly not "randomized", but since the two tables may be sorted (by clicking the column headers) the hosts c...
-
- The route now appears on the OpenVPN interface as expected, and clients can connect/pass traffic with static addresse...
-
07:57 AM Bug #5319: Error message "No config named" in charon daemon
- I've just been hit by this as well and like the last comment, restarting ipsec from the cmd line fixes the problem fo...
-
- Merge is in commit:b8b0fab1a4ef44758ff7fdd9cbfcc8bab2fe49b9
-
- Merged PR
-
- When trying to perform an XMLRPC between two 2.4 HA systems, the secondary won't accept new settings, believing it ha...
-
- Dirty patch attached to thread above, restores old behavior...
Correct way would be to determine parent interface ...
Also available in: Atom