Activity

30 days up to

User

Subprojects

Activity

From 11/24/2016 to 12/23/2016

12/23/2016

08:32 PM Revision a51dd381: Save the igmpproxy configuration in /var/etc and not on /tmp.: Luiz Souza
07:32 PM Bug #7036 (Not a Bug): 2.4 ZFS on RCC-VE 2440 hangs: RCC-VE 2440, bios version 6
Downloaded 2.4.0.b.20161223.0723 and did a clean install. Auto ZFS, default values, se... qubit nano
06:47 PM Feature #7035: Make webgui authentication logs less invasive: I don't want to disable them, I feel knowing that is very useful, I just don't want them spilling out on my shell, es... Victor Coss
06:45 PM Feature #7035 (Rejected): Make webgui authentication logs less invasive: Login events are always logged that way for security reasons. If you want to disable those messages, use the "Disable... Jim Pingle
06:33 PM Feature #7035: Make webgui authentication logs less invasive: Just a note, I've only had the SG-1000 a few days so I haven't updated the DNS on the syslog box yet, so it shows the... Victor Coss
06:16 PM Feature #7035 (Rejected): Make webgui authentication logs less invasive: I'm not sure why, I'm guessing intentional, but webgui events, such as logins to the webgui, when they are logged can... Victor Coss
03:29 PM Revision 35d393f0: Change type of L2TP/PPTP WAN remote address to 'text' as it supports hostnames now, and the 'V4' type rejects them. Fixes #6899: Jim Pingle
03:03 PM Bug #7003: autoboot_delay on 2.4.0: Ok thank you :) Ken Sim
12:52 PM Bug #7003: autoboot_delay on 2.4.0: Ken Sim wrote:
> Am I correct that this is only set during install and we have to set it manually if already install... Renato Botelho
02:41 PM Bug #6099 (Feedback): igmpproxy does not recognize upstream interface: Fix committed.
Thanks! Luiz Souza
02:14 PM Revision d35a22d7: Fix field type for TFTP in DHCP server settings: Jim Pingle
02:14 PM Revision 0675eadb: Fix field type for TFTP in DHCP server settings: Jim Pingle
02:13 PM Revision 9d9736d7: Fix field type for TFTP in DHCP server settings: Jim Pingle
02:07 PM Bug #6930: DHCP server should be disabled for /31 and /32: It now doesn't enable dhcp on a /31 or /32 subnet, IMO the message "The DHCP Server can only be enabled on interfaces... Andy Kniveton
01:22 PM Revision 708dd35c: Fix variable name used to pre-fill the NTP orphan mode field, add placeholder with the default while I'm here. Fixes #7034: Jim Pingle
01:22 PM Revision 1a5982d9: Fix variable name used to pre-fill the NTP orphan mode field, add placeholder with the default while I'm here. Fixes #7034: Jim Pingle
01:21 PM Revision d0db0f9b: Fix variable name used to pre-fill the NTP orphan mode field, add placeholder with the default while I'm here. Fixes #7034: Jim Pingle
10:48 AM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: The Address given to the WAN interface is more or less irrelevant, cause it's not realy necessary for your firewall r... Marcel Mayer
08:52 AM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: When I check "Request only an IPv6 prefix" the WAN interface uses the first /64 prefix (prefix ID 0) out of the /56 p... Arno Gramatke
05:04 AM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: In my opinion we are not talking about a bug any more.
The problem seems to be a missconfiguration ...
For DTAG "... Marcel Mayer
04:33 AM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: The ISP (Deutsche Telekom) doesn't supply a router, so I can't do any Wireshark capture there. The German Telekom use... Arno Gramatke
10:14 AM Bug #6857 (Resolved): local_sync_accounts fails during boot when using ldap on a non-local network or hostname: Works, no failures or delays when booting with a remote LDAP server. Jim Pingle
10:13 AM Bug #6367 (Resolved): Long delays with LDAP enabled w/local users during boot at "Synchronizing user settings...": Works, no delay on boot with LDAP enabled when local accounts sync Jim Pingle
09:52 AM Bug #6761 (Not a Bug): Limiter doesn't limit at correct bandwidth: No response from the OP here or on Reddit. I can't reproduce this on a current 2.4 snapshot (also on vmware with vmxn... Jim Pingle
09:44 AM Feature #6899 (Resolved): Can't specify PPTP/L2TP gateway as FQDN: Works as expected with that last commit, when the client can resolve the hostname it connects. Jim Pingle
09:40 AM Feature #6899 (Feedback): Can't specify PPTP/L2TP gateway as FQDN: Applied in changeset commit:35d393f04add76d7f5ac55fb33aaa955f354b5b8. Jim Pingle
09:18 AM Feature #6899 (Assigned): Can't specify PPTP/L2TP gateway as FQDN: The JS input validation still rejects hostnames on the page. I'll push a fix shortly. Jim Pingle
09:24 AM Bug #6659 (Resolved): Default routes are not being removed after deletion: Works as expected now. Jim Pingle
09:14 AM Bug #6980 (Resolved): L2TP WAN gateway is missing the type at the end of its dynamic name: Works Jim Pingle
09:10 AM Bug #7005 (Resolved): IPsec mss clamping not working for mobile clients: Works Jim Pingle
09:06 AM Bug #6879 (Resolved): GUI doesn't show rebooting notification after upgrading: I've been keeping an eye on this and haven't seen it fail in quite some time. Every update I've run on any platform (... Jim Pingle
09:05 AM Bug #6869 (Resolved): Diagnostics / Routes Truncates Destination and Gateway Names: Works Jim Pingle
09:02 AM Bug #6668: IPSec tunnel + L2TP/IPSec VPN - wrong PSK chosen by pfSense: No response from the OP, can't seem to reproduce it.
If someone can reproduce it and test a potential fix, please ... Jim Pingle
08:55 AM Bug #6224 (Resolved): Firewall NAT Edit forgets dst type selection after reporting input errors: Works as expected now Jim Pingle
08:53 AM Bug #6094 (Resolved): VIP Other subnet does not expand into NAT entries: Works Jim Pingle
08:45 AM Bug #6976 (Resolved): Interface group and alias with same name creates firewall syntax error: All of the problem cases work as expected now. Names are rejected as being in use, I was not able to make a conflict. Jim Pingle
08:43 AM Bug #6892 (Resolved): CARP VIPs Deleted entering CARP Maintenance Mode: Works, VIPs are still there and their skews are raised as expected. Secondary takes over like it should. Comes out of... Jim Pingle
08:42 AM Bug #7034: NTP Orphan Mode stratum setting is not displayed in input field: Wow, that was fast :)
Thanks, and happy holidays! Thomas Rieschl
07:30 AM Bug #7034 (Feedback): NTP Orphan Mode stratum setting is not displayed in input field: Applied in changeset commit:d0db0f9bcae3d368c2d83cc7bc4b888fd07eade3. Jim Pingle
07:23 AM Bug #7034 (Confirmed): NTP Orphan Mode stratum setting is not displayed in input field: Jim Pingle
03:59 AM Bug #7034 (Resolved): NTP Orphan Mode stratum setting is not displayed in input field: The "Orphan Mode" setting in the NTP config is not displayed in the input form field.
It is used, though. I checke... Thomas Rieschl
08:39 AM Revision 8212a765: tidy: Martin Wasley
08:35 AM Bug #4815 (Resolved): NTP status widget shows truncated IPv6 address: Works Jim Pingle
08:24 AM Todo #7032 (Resolved): Make a lack of ALTQ-capable interfaces more obvious to the user: Looks much more obvious, hopefully it's clear to users now. Jim Pingle
08:23 AM Bug #7019 (Resolved): XSS issues in captive portal status pages: Seems fine now, and the sorting on the CP status page that was affected was also ripped out & replaced (see commit:e1... Jim Pingle
08:21 AM Todo #7021 (Resolved): system_advanced_network.php Deprecate/remove Device Polling on 2.4: It's all gone. Jim Pingle
08:20 AM Revision 1b17a4c9: changed to text to reflect standard text in other options.: Martin Wasley
08:20 AM Bug #7008 (Resolved): OpenVPN sever unable to authenticate users on 2.4: Works Jim Pingle
08:20 AM Bug #7002 (Resolved): OpenVPN unable to use authentication server with ampersand in descriptive name: Works Jim Pingle
08:19 AM Bug #7001 (Resolved): Certificate manager requiring private key when importing CA certificate authority: Works Jim Pingle
08:17 AM Bug #6838 (Resolved): bsnmpd logs errors when /etc/printcap is missing: Seems to be fine now, no more log spam and the dummy printcap file is there as expected. Jim Pingle
08:16 AM Bug #6741 (Resolved): /etc/rc.initial does not trap CTRL-C back to console menu but rather to # prompt.: Works well. I went into several console menu options and confirmed ^C returned to the menu from all of them rather th... Jim Pingle
08:15 AM Bug #6634 (Resolved): DHCP Server "TFTP Server" field should allow URLs: Works fine.
The TFTP field itself had a different issue as well, see commit:9d9736d7bf456a441e3cb95421cfed429502e220 Jim Pingle
08:10 AM Bug #6472 (Resolved): Disabling NAT (port forward) rule does not disable the associated firewall rule: Works, associated rules are toggled together with the NAT rule when the NAT rule is changed. Jim Pingle
08:09 AM Bug #6391 (Resolved): View Current Portal Page goes to wrong URL: Works correctly now Jim Pingle
08:08 AM Bug #6016: ovpn-linkup not populating IPv6 gateways: Great! Thank you! Jose Luis Duran
08:07 AM Bug #6016 (Resolved): ovpn-linkup not populating IPv6 gateways: Works Jim Pingle
07:45 AM Bug #7025 (Resolved): wizard.php?xml=setup_wizard.xml - Setup wizard is flagging valid LAN IP addresses as invalid: Anonymous
06:33 AM Bug #7033 (Duplicate): Hidden rule break the policy routing: Duplicate of #1136
If you must have a second gateway on WAN, add floating rules to match the outbound traffic to o... Jim Pingle
02:41 AM Bug #7033 (Duplicate): Hidden rule break the policy routing: Hello
I found a hidden rule who break the policy routing.
The rule :
pass out route-to ( lagg0_vlan2000 192.1... Maxence Sartiaux

12/22/2016

08:03 PM Revision e8165036: format correction: Martin Wasley
08:00 PM Revision 9e08a2bd: Added get_duid_from_file() function: Used in System->Advanced->Networking to display the current DUID in the placeholder for setting the DUID. Martin Wasley
07:56 PM Revision c0a3864e: Added real DUID placeholder, new text and call to new get_duid_from_file() function.: Martin Wasley
07:10 PM Revision e55ea79d: Refactor interface_has_dhcp: to reduce nesting
(cherry picked from commit 5e22050335c939572a43fd7b3e161d7ede5ff5a0) Phil Davis
07:10 PM Revision df84832c: Fix #7031 Allow interfaces that use DHCP for OpenVPN: even though the interface (or gateway group) has not yet actually
received an IP address.
This is useful when setting... Phil Davis
07:09 PM Revision ad230803: Merge pull request #3306 from phil-davis/ovpndhcp: Renato Botelho
07:02 PM Bug #7003: autoboot_delay on 2.4.0: Am I correct that this is only set during install and we have to set it manually if already installed? Wouldn't it ge... Ken Sim
06:27 PM Revision 11ee0c6d: Add new "Ignore client identifiers" DHCP feature: Exposes the underlying dhcpd configuration option "ignore-client-uids"
in the pfSense "Services / DHCP Server" GUI by... Brett Keller
06:07 PM pfSense Packages Bug #7017: Squid NT Domain authentication is broken: Just removed this deprecated stuff in https://github.com/pfsense/FreeBSD-ports/pull/241. People should use LDAP for A... Kill Bill
05:14 PM Bug #7026 (Resolved): filter_logs.inc: parse_firewall_log_line(): Filter logs do not display: Thanks you Luiz. Anonymous
04:48 PM Revision 5e220503: Refactor interface_has_dhcp: to reduce nesting Phil Davis
04:43 PM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: Don't delete the DUID mid session, its pointless, dhcp6c will generate a new one, which means that your ISP then sees... Martin Wasley
09:18 AM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: And I think it's important that this seems to be a problem with dhcp6c and NOT dhcp6d. Arno Gramatke
08:46 AM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: I still have this issue. I am not sure whether this has to do with the watchdog at all. When I enable IPv6 from the w... Arno Gramatke
03:20 PM Revision aa64bb65: Be more forthcoming with errors about ALTQ interfaces in relevant areas of the GUI. In particular, note when there are no capable interfaces assigned. Implements #7032: Jim Pingle
02:47 PM Bug #6318: IPsec dashboard widget causes GUI failure: This also affects Status > IPsec
We have access to a customer system that has 70 tunnels defined, and it happens e... Jim Pingle
02:42 PM pfSense Packages Bug #7028 (Resolved): Squid - all javascript broken by bootstrap conversion: Anonymous
02:41 PM pfSense Packages Bug #7028: Squid - all javascript broken by bootstrap conversion: Yeah, 0.4.28 behaves like it used to works on pfSense 2.2.x, all weirdness gone. Very cool. Thanks!!! Kill Bill
01:50 PM pfSense Packages Bug #7028: Squid - all javascript broken by bootstrap conversion: Can you describe"the weird behaviour" please? I don't see anything untoward. Also what Browser/OS are you using?
T... Anonymous
01:43 PM pfSense Packages Bug #7028: Squid - all javascript broken by bootstrap conversion: Well, that's kinda difficult to see with the package as is. :) What I did for testing was nuking all the "advanced" t... Kill Bill
01:27 PM pfSense Packages Bug #7028: Squid - all javascript broken by bootstrap conversion: I think that happens now. The XML fragment ... Anonymous
08:44 AM pfSense Packages Bug #7028: Squid - all javascript broken by bootstrap conversion: Steve Beaver wrote:
> Yep. Revised that yesterday. The Antivirus stuff appears to work as designed, but that design ... Kill Bill
07:14 AM pfSense Packages Bug #7028: Squid - all javascript broken by bootstrap conversion: Yep. Revised that yesterday. The Antivirus stuff appears to work as designed, but that design may not be ideal. It's ... Anonymous
01:44 PM Revision 016b7b5d: Typo correct: Martin Wasley
01:11 PM Bug #7031 (Feedback): Cannot configure OpenVPN on a DHCP interface that has not received an IP address: PR has been merged, thanks! Renato Botelho
06:00 AM Bug #7031: Cannot configure OpenVPN on a DHCP interface that has not received an IP address: A suggested solution in PR https://github.com/pfsense/pfsense/pull/3306 Phillip Davis
05:54 AM Bug #7031 (Resolved): Cannot configure OpenVPN on a DHCP interface that has not received an IP address: If the interface that an OpenVPN server or client is being configured on uses DHCP and has not yet received an IP add... Phillip Davis
01:09 PM Revision 5e866e12: Update obsoleted files list for 2.4: Renato Botelho
01:05 PM Revision 8a308280: Do not include debug files in base pkg: Renato Botelho
12:55 PM Revision 19ef4922: Remove rescue from installation media: Renato Botelho
11:57 AM Revision 0f2cf2a1: Fix #7031 Allow interfaces that use DHCP for OpenVPN: even though the interface (or gateway group) has not yet actually
received an IP address.
This is useful when setting... Phil Davis
09:30 AM Todo #7032 (Feedback): Make a lack of ALTQ-capable interfaces more obvious to the user: Applied in changeset commit:aa64bb6565db2f788846eee9a62bccde280a605a. Jim Pingle
09:18 AM Todo #7032 (Resolved): Make a lack of ALTQ-capable interfaces more obvious to the user: On systems that do not have any assigned interfaces capable of using ALTQ, that fact is not make obvious enough to th... Jim Pingle
07:26 AM Feature #4821: PPPoE WANs do not take full advantage of NIC driver queues for receiving traffic: It still happens on 2.4, actually it's a little worse since it doesn't appear to transmit on the additional queues li... Jim Pingle
01:51 AM Revision e2923158: Fix typo in grouping/$grouping: Steve Beaver
01:50 AM Revision 1c937bdc: Fix typo in grouping/$grouping: Steve Beaver
01:50 AM Revision 1f40cc7d: Captive portal: convert tables to sortable tables: Convert the used vouchers table from the old GET order method to a sortable table, and make the other tables (allowed... Caio Plumbeo

12/21/2016

09:48 PM Revision 5c2cfdbd: Captive portal: convert tables to sortable tables: Convert the used vouchers table from the old GET order method to a sortable table, and make the other tables (allowed... Caio Plumbeo
09:39 PM Revision aff01dbd: Text change: Martin Wasley
08:38 PM Revision 3dc2d0f1: Silence realpath errors when /dev/dumpdev does not exist.: Luiz Souza
07:19 PM Revision 3e2678ac: Fix "<onchange>" tag processing in package XML handling: Steve Beaver
07:18 PM Revision a038b816: Fix "<onchange>" tag processing in package XML handling: Steve Beaver
07:06 PM Revision 1ac0c535: Use sprintf(): (cherry picked from commit ea0a3f9ced58ab872e8cf83fb3c6200a5409bdb8) Doktor Notor
07:05 PM Revision f27fcac6: gettext-ize this while here: (cherry picked from commit 2f7cd36737b4e1b1ba02061c6c25f538bf9ed2b3) Doktor Notor
07:05 PM Revision 5017cb9a: Add enable link to Status > UPnP & NAT-PMP error message if disabled (Todo #6689): (cherry picked from commit cbe5405f70c8f1443b90d35a16890bcd9dc22714) Doktor Notor
07:05 PM Revision caee8fc9: Merge pull request #3290 from doktornotor/patch-3: Renato Botelho
06:52 PM Revision b67b143b: Move the Growl section down to the end of the page, SMTP is the most commonly used section.: Jim Pingle
06:42 PM pfSense Packages Bug #7028: Squid - all javascript broken by bootstrap conversion: OK, tested. The authentication tab works great. The antivirus stuff is quirky, will need to play with it. Most issues... Kill Bill
04:45 PM pfSense Packages Bug #7028: Squid - all javascript broken by bootstrap conversion: Should be there already Anonymous
04:41 PM pfSense Packages Bug #7028: Squid - all javascript broken by bootstrap conversion: Steve Beaver wrote:
> There was a bug in pkg_edit.php that was causing the \<onchange\> XML tag to be rendered incor... Kill Bill
04:30 PM pfSense Packages Bug #7028: Squid - all javascript broken by bootstrap conversion: Remember to update BOTH Squid from the package manager, AND the base system from the Update manager. Anonymous
04:21 PM pfSense Packages Bug #7028: Squid - all javascript broken by bootstrap conversion: Thanks, much appreciated! Will test with a new snapshot ASAP. Kill Bill
03:08 PM pfSense Packages Bug #7028 (Feedback): Squid - all javascript broken by bootstrap conversion: There were two issues: There was a bug in pkg_edit.php that was causing the \<onchange\> XML tag to be rendered incor... Anonymous
02:26 PM pfSense Packages Bug #7028: Squid - all javascript broken by bootstrap conversion: Thanks. Yours truly Santa. :-P Kill Bill
07:31 AM pfSense Packages Bug #7028: Squid - all javascript broken by bootstrap conversion: And a merry frickin' Christmas to you too :)
Looking at this now. Anonymous
03:58 AM pfSense Packages Bug #7028 (Resolved): Squid - all javascript broken by bootstrap conversion: Guys, there's this @squid_js.inc@ thing that used to do a lot of useful GUI work. It's completely no-op since the boo... Kill Bill
06:05 PM Bug #7027: Dynamic DNS dyndns.org no longer updates: Kill Bill wrote:
> Try with 2.3.3 snapshots.
Am using "2.3.3.a.20161220.0605" right now with same problems Tony Mace
04:15 AM Bug #7027: Dynamic DNS dyndns.org no longer updates: Try with 2.3.3 snapshots. Kill Bill
05:42 PM Bug #7026 (Feedback): filter_logs.inc: parse_firewall_log_line(): Filter logs do not display: It was broken only on 32bits platforms (ARM).
Fixed by: https://github.com/pfsense/FreeBSD-src/commit/aa25003286b4... Luiz Souza
11:15 AM Bug #7026 (Confirmed): filter_logs.inc: parse_firewall_log_line(): Filter logs do not display: That's right JimP, but seems like we have a regression... Luiz Souza
10:18 AM Bug #7026: filter_logs.inc: parse_firewall_log_line(): Filter logs do not display: Looks the same as #6919 Jim Pingle
04:53 PM Revision 57baf45f: Fix the download of files over https when the server uses a self signed certificate.: Submitted by: Marcelo Matos
Ticket #4766 Luiz Souza
04:53 PM Revision f763ca6e: Print an error when the given URL cannot be fetched instead of just ignoring it.: Fix an use of an uninitialized variable.
Ticket #4766 Luiz Souza
04:53 PM Revision 426522b3: Add a warning to notify the use why nothing happens when it tries to click on maintenance mode with the CARP disabled.: Luiz Souza
04:32 PM Revision c8d9654b: Fix missed reference to the pfSense-dhclient-script move.: Jim Pingle
03:26 PM Revision 7be23d53: User Defined DUID: User may define a DUID to use in System->Advanced->Networking. The
entered DUID is validated for composition and leng... Martin Wasley
01:17 PM pfSense Packages Feature #5434: Let's Encrypt pfSense support: Remove target. When PR is done and merged it's going to be available to stable versions Renato Botelho
01:16 PM Bug #5976 (Rejected): Load cryptodev as a kernel module: IPsec is builtin GENERIC kernel even in FreeBSD and it depends of crypto. This change doesn't make sense anymore Renato Botelho
12:55 PM pfSense Packages Bug #6983 (Resolved): pfBlockerNG-2.1.1_4 requires xmlrpc.inc which is removed or moved: Renato Botelho
12:46 PM pfSense Packages Bug #6983: pfBlockerNG-2.1.1_4 requires xmlrpc.inc which is removed or moved: Confirm: Fixed. Dmitriy K
12:45 PM Feature #7030 (New): New Feature Load Balance Per Amount Of GB: https://forum.pfsense.org/index.php?topic=122752.0 christian alfideo arminio
11:59 AM Revision 2b86d221: Use empty(): (cherry picked from commit 605a9e6c1f1fae786468b81bf7c911a874048fad) Doktor Notor
11:59 AM Revision 87a5d383: Fix CPU update period in System Information widget: This only updates after the refresh period set in System - General Setup - Dashboard update period; should not be har... Doktor Notor
11:58 AM Revision d6df09d0: Merge pull request #3301 from doktornotor/patch-1: Renato Botelho
11:55 AM Revision 605a9e6c: Use empty(): Doktor Notor
11:47 AM Revision 9e0e2b61: Fix display of the number of states in the firewall rules page: For numbers greater than 1000 format_number() returns strings formatted like N.NNN K/M/G/T, that get cut to only the ... Caio Plumbeo
11:46 AM Revision 6520f6c0: Fix display of the number of states in the firewall rules page: For numbers greater than 1000 format_number() returns strings formatted like N.NNN K/M/G/T, that get cut to only the ... Caio Plumbeo
11:46 AM Revision 49eed363: Merge pull request #3302 from plumbeo/number-of-states: Renato Botelho
11:17 AM Feature #7029: GRE interfaces not available as SPAN port: It may be valid on Cisco but does it actually function on FreeBSD? That would be the real question. GRE doesn't handl... Jim Pingle
11:13 AM Feature #7029 (Closed): GRE interfaces not available as SPAN port: GRE interfaces are removed from all bridge port lists. It is valid to select a GRE port as a SPAN port destination (... Adam C
11:12 AM Bug #4766 (Feedback): "URL Table (IPs)" and "URL (IPs)" do not work when text file is hosted on a fresh install of pfSense: Fix committed.
Thanks! Luiz Souza
10:09 AM Bug #6882: bsnmpd uses all available CPU with hostres module active in some cases: Reproduced it on a stock FreeBSD 11 system.
Opened a bug report upstream: https://bugs.freebsd.org/bugzilla/show_b... Jim Pingle
08:10 AM Bug #6978 (Not a Bug): Squidguard error page crashing after activating WebGUI PFSENSE https security: squidGuard can't redirect to https that way, the user will get a nasty cert error and/or it won't work.
Setup an e... Jim Pingle
07:59 AM Bug #6978: Squidguard error page crashing after activating WebGUI PFSENSE https security: sry, squidguard instead dansguardian.
Squid uses port 3128 and webgui 8989. Paulo Lima

12/20/2016

10:08 PM Revision aaddb090: Revert manual changes: Doktor Notor
10:06 PM Revision ef0e956e: Fix display of the number of states in the firewall rules page: For numbers greater than 1000 format_number() returns strings formatted like N.NNN K/M/G/T, that get cut to only the ... Caio Plumbeo
09:57 PM Revision ea0a3f9c: Use sprintf(): Doktor Notor
09:41 PM Revision 827c3f1e: Fix CPU update period in System Information widget: This only updates after the refresh period set in System - General Setup - Dashboard update period; should not be har... Doktor Notor
09:30 PM Bug #7027 (Resolved): Dynamic DNS dyndns.org no longer updates: Have paid DynDNS.org service - used to work - do not know exactly when it quit but now get following error in system ... Tony Mace
09:21 PM Bug #7026: filter_logs.inc: parse_firewall_log_line(): Filter logs do not display: I'll take this one, this happens because of a change on a struct size. Luiz Souza
09:18 PM Bug #7026: filter_logs.inc: parse_firewall_log_line(): Filter logs do not display: 2.4 logs:
Dec 1 16:34:41 pfSense filterlog: 61,16777216,,12000,cpsw0,match,block,in,0,bad-hlen=0),0
Dec 1 16:39:1... Anonymous
07:11 PM Bug #7026 (Resolved): filter_logs.inc: parse_firewall_log_line(): Filter logs do not display: There is a problem with the format of the filter logs which is causing src/etc/inc/filter_logs.inc: parse_firewall_lo... Anonymous
09:13 PM Bug #6892 (Feedback): CARP VIPs Deleted entering CARP Maintenance Mode: v6 CARP addresses now works too: https://github.com/pfsense/FreeBSD-src/commit/580e1b6a1155103292e67771940801d8fe896f45 Luiz Souza
07:12 PM Bug #6892: CARP VIPs Deleted entering CARP Maintenance Mode: IPv4 was fixed by this commit: https://github.com/pfsense/FreeBSD-src/commit/77805aa5fa51dbd2ed0b6c363c6235c892caee76... Luiz Souza
08:15 PM Revision 58dfe945: Allow "DHCP" in upper or lower case when adding LAN IP to setup wizard: Steve Beaver
08:14 PM Revision 1ef8d68c: Allow "DHCP" in upper or lower case when adding LAN IP to setup wizard: Steve Beaver
07:55 PM Revision 3575058b: Do not enter or leave the persistent maintenance mode if the CARP is temporary disabled.: While here update the CARP status check. Luiz Souza
07:55 PM Revision 34a5feac: Test fix for #6762: Steve Beaver
05:51 PM Revision 403dad2a: Disable DHCP server on interfaces with subnet >= 31. Fixes #6930: Renato Botelho
05:51 PM Revision e6650368: Disable DHCP server on interfaces with subnet >= 31. Fixes #6930: Renato Botelho
05:07 PM Revision f75f0ef7: Fix #6927 1:1 NAT validate address family: Ensure that all the manually-entered addresses come from the same
address family - i.e. they are all either IPv4 or I... Phil Davis
05:06 PM Revision c3a35c5d: NAT 1:1 use constant name when checking validateipaddr return value: (cherry picked from commit 13cf61ba2c7ab5c9029ba40606e27e71075ef8ac) Phil Davis
05:05 PM Revision ec38ba8b: Merge pull request #3299 from phil-davis/patch-8: Steve Beaver
05:04 PM Revision 42db415e: Fix #6927 1:1 NAT validate address family: Ensure that all the manually-entered addresses come from the same
address family - i.e. they are all either IPv4 or I... Phil Davis
05:03 PM Revision 13cf61ba: NAT 1:1 use constant name when checking validateipaddr return value: Phil Davis
05:02 PM Revision 809ff7c8: validateipaddr update return value comments: (cherry picked from commit 74999ad8c4cd2ae5e96c4ae21ee09a246b0a029b) Phil Davis
05:02 PM Revision ca834146: validateipaddr use constants from globals.inc: (cherry picked from commit dc9388397301912340b34398307936b5c9dc3fd6) Phil Davis
05:02 PM Revision 40ba600b: validateipaddr return address family: Enhanced the return values from validateipaddr() so the caller can know if the validated address is IPv4 or IPv6 (or ... Phil Davis
05:01 PM Revision 3d4c51e4: Merge pull request #3299 from phil-davis/patch-8: Steve Beaver
05:01 PM Revision 0ded76a6: Merge pull request #3298 from phil-davis/patch-7: Steve Beaver
04:57 PM Revision 74999ad8: validateipaddr update return value comments: Phil Davis
04:56 PM Revision dc5edc6e: Fix #7021: Deprecate device polling: Renato Botelho
04:55 PM Revision dc938839: validateipaddr use constants from globals.inc: Phil Davis
04:35 PM Revision 0f026668: Revise define values for address types to allow an easier transition in validateipaddr(): Steve Beaver
04:33 PM Revision ca86de04: Revise define values for address types to allow an easier transition in validateipaddr(): Steve Beaver
04:30 PM Revision 0ecbaa0e: Revert "ctrl-c is handy in the shell. Do not lock out.": This doesn't seem to be a problem these days. Fixes #6741
This reverts commit e8b82b8191356d50a2f210067d7a9f32976d4075. Renato Botelho
04:29 PM Revision 533f3160: Revert "ctrl-c is handy in the shell. Do not lock out.": This doesn't seem to be a problem these days. Fixes #6741
This reverts commit e8b82b8191356d50a2f210067d7a9f32976d4075. Renato Botelho
04:26 PM Revision bcdf4534: Fix #6927 1:1 NAT validate address family: Ensure that all the manually-entered addresses come from the same
address family - i.e. they are all either IPv4 or I... Phil Davis
04:22 PM Revision 24eb39e2: validateipaddr return address family: Enhanced the return values from validateipaddr() so the caller can know if the validated address is IPv4 or IPv6 (or ... Phil Davis
03:45 PM Revision a6a158e9: Captive Portal: convert active sessions table to a sortable table: Convert the active sessions table in the captive portal status page to a sortable table and remove the old sorting co... Caio Plumbeo
03:44 PM Revision cf9e9e84: Merge pull request #3287 from plumbeo/fix-order-by-lastact: Steve Beaver
03:40 PM Revision e12b438b: Captive Portal: convert active sessions table to a sortable table: Convert the active sessions table in the captive portal status page to a sortable table and remove the old sorting co... Caio Plumbeo
01:31 PM Bug #7025: wizard.php?xml=setup_wizard.xml - Setup wizard is flagging valid LAN IP addresses as invalid: It happens to me on Firefox (50.1.0 on Linux) but I was using an SG-1000 when I confirmed it, as that's what the repo... Jim Pingle
01:26 PM Bug #7025 (Confirmed): wizard.php?xml=setup_wizard.xml - Setup wizard is flagging valid LAN IP addresses as invalid: This appears to be Chrome related. No problem on Safari or Firefox. Probably the Chrome pattern matching bug. Checkin... Anonymous
01:19 PM Bug #7025 (Resolved): wizard.php?xml=setup_wizard.xml - Setup wizard is flagging valid LAN IP addresses as invalid: Go through the setup wizard to the LAN configuration page, enter a valid IP address, click or tab out of the field an... Jim Pingle
12:49 PM Revision 5d16bc84: "Internationalize" help text in router advertisements: Steve Beaver
12:48 PM Revision e9650eeb: "Internationalize" help text in router advertisements: Steve Beaver
12:41 PM Revision 4bc059ef: Unbound - add support for "deny_non_local" and "refuse_non_local" ACLs (Feature #6914): (cherry picked from commit 6ff48cf16b4264f6554feffcf35ec2eaea4bce16) Doktor Notor
12:41 PM Revision 77b7b90b: Unbound - add support for "deny_non_local" and "refuse_non_local" ACLs (Feature #6914): (cherry picked from commit 6a827f6959fc34972e532516a6a414e1cdf87714) Doktor Notor
12:41 PM Revision 2c84c28a: Merge pull request #3291 from doktornotor/patch-4: Renato Botelho
12:03 PM Revision 26ec7e01: dhcp6c no release: Script changes to allow no-release option of dhcp6c. These changes to be
used in conjunction with pfSense/FreeBSD-por... Martin Wasley
12:02 PM Revision fd67dcd4: Merge pull request #3295 from marjohn56/No-Release: Renato Botelho
12:00 PM Bug #6930 (Feedback): DHCP server should be disabled for /31 and /32: Applied in changeset commit:e66503688e06a8ce19875863ee87356bb4ce3cf8. Renato Botelho
11:10 AM Bug #6927 (Feedback): 1 to 1 NAT allows entry of mixed IP addresses: Applied in changeset commit:bcdf453402a2f742b2656cd59602250f062896ee. Phillip Davis
11:00 AM Todo #7021 (Feedback): system_advanced_network.php Deprecate/remove Device Polling on 2.4: Applied in changeset commit:dc5edc6e9840a53e6c7153414c1d0e1066efd058. Renato Botelho
10:40 AM Bug #6741 (Feedback): /etc/rc.initial does not trap CTRL-C back to console menu but rather to # prompt.: Applied in changeset commit:533f3160a46672e3cf74f6fd1af952f966ae5b06. Renato Botelho
10:35 AM Feature #6728 (Needs Patch): Route53 API mod and Geolocation: Target to future while we wait for the patch Renato Botelho
10:31 AM Todo #6998: Create a port for simplepie to keep it updated and use modular version: Convert code to use modular version of simplepie instead of static file Renato Botelho
10:22 AM Bug #4766: "URL Table (IPs)" and "URL (IPs)" do not work when text file is hosted on a fresh install of pfSense: https://192.168.1.1/firewall_aliases.php?tab=all
In URL you must to use same hostname on self-signed certificate. ... Marcelo Matos
10:08 AM Todo #3734 (Resolved): Remove PHP static pear modules from repo and use ports: Moving radius.inc change to a new ticket (#7024) Renato Botelho
10:07 AM Todo #7024 (Resolved): Replace copy of radius.inc by pear-Auth_RADIUS: Replace copy of radius.inc, with a good number of modifications, by pear-Auth_RADIUS provided by ports Renato Botelho
10:04 AM Bug #7023 (Rejected): dhclient: You are probably talking about this forum thread - https://forum.pfsense.org/index.php?topic=116487.0
I post an an... Renato Botelho
06:20 AM Bug #7023 (Rejected): dhclient: One of my testers has a site in France, the dhclient needs to send extra options ( Orange France ). Apparently there ... Martin Wasley
07:29 AM pfSense Packages Bug #7022 (Not a Bug): HAproxy action sequence bug: Jim Pingle
06:22 AM pfSense Packages Bug #7022: HAproxy action sequence bug: Yes, it is supposed to be always below the actions, I even linked the code and stated it explicitly. Dunno which part... Kill Bill
05:41 AM pfSense Packages Bug #7022: HAproxy action sequence bug: Kill Bill wrote:
> Actually, no, there is no such bug. The redirect rules are ordered perfectly fine as declared. An... Vladimir Tiukhtin
05:00 AM pfSense Packages Bug #7022: HAproxy action sequence bug: Actually, no, there is no such bug. The redirect rules are ordered perfectly fine as declared. And there's nothing to... Kill Bill
04:16 AM pfSense Packages Bug #7022: HAproxy action sequence bug: Kill Bill wrote:
> Fix the "tes" typo to "test" perhaps? Use https://forum.pfsense.org/index.php?board=60.0 for help... Vladimir Tiukhtin
03:49 AM pfSense Packages Bug #7022: HAproxy action sequence bug: Fix the "tes" typo to "test" perhaps? Use https://forum.pfsense.org/index.php?board=60.0 for help, Redmine is for bugs. Kill Bill
03:11 AM pfSense Packages Bug #7022 (Not a Bug): HAproxy action sequence bug: Web interface generate wrong action sequence in HAproxy config. See screenshots Vladimir Tiukhtin
05:45 AM pfSense Packages Bug #6950 (Feedback): Auto Config Backup always reports success: PR has been merged. Thanks! Renato Botelho
05:39 AM pfSense Packages Bug #6983 (Feedback): pfBlockerNG-2.1.1_4 requires xmlrpc.inc which is removed or moved: 2.1.1_5 should address this Renato Botelho

12/19/2016

09:32 PM Revision 50563530: dhcp6c no release: Script changes to allow no-release option of dhcp6c. These changes to be
used in conjunction with pfSense/FreeBSD-por... Martin Wasley
09:04 PM Revision e0c32322: Revised #6889 to use formatted list syntax: Steve Beaver
09:03 PM Revision 652ce2b5: Revised #6889 to use formatted list syntax: Steve Beaver
08:52 PM Revision 8bba3339: COmpleted #6889 by re-formatting help text: Steve Beaver
08:50 PM Revision 297190ed: COmpleted #6889 by re-formatting help text: Steve Beaver
08:27 PM Revision 3eaf25aa: Fix capitalization of confirmation messages for btn-danger buttons and fa-trash icons: Value and title were converted to lower case but not textContent. Consequently some pop-up messages included capitali... Caio Plumbeo
08:26 PM Revision 806a202a: Merge pull request #3286 from plumbeo/danger-lower-case: Jared Dillard
07:39 PM Revision 1d87a144: Reset the $icon variable (otherwise it can keep the last value - in a few broken cases): Luiz Souza
06:37 PM pfSense Packages Bug #6356 (Resolved): Snort - missing protocol in port scan detection: Renato Botelho
06:03 PM pfSense Packages Bug #6356: Snort - missing protocol in port scan detection: Been merged/fixed long time ago. Can be closed. Kill Bill
06:36 PM Bug #6997 (Resolved): DHCP/DHCPv6 server GUI should be accessible even if DHCP relay is enabled: Renato Botelho
05:52 PM Bug #6997: DHCP/DHCPv6 server GUI should be accessible even if DHCP relay is enabled: Works, thanks! 8-) Kill Bill
03:24 PM Revision e93e2b68: Update pot: Renato Botelho
03:22 PM Revision 7145bb56: Improve RADVD router mode help text (Todo #6889): (cherry picked from commit 69bfc8ede81fb28b6eceb7f1343d94c68073c706) Doktor Notor
03:22 PM Revision 0e95f736: Merge pull request #3289 from doktornotor/patch-2: Renato Botelho
03:21 PM Revision 91650d98: Update pot: Renato Botelho
02:53 PM Todo #6889 (Resolved): Improve router mode help text: Kill Bill text reformatted to take up less screen space. Thanks KB. Anonymous
02:32 PM Revision 12f15f47: Validate IP addresses using validateipaddr() function: Steve Beaver
01:07 PM Todo #7021 (Resolved): system_advanced_network.php Deprecate/remove Device Polling on 2.4: Given the other changes on 2.4 (e.g. dropping i386), it may also be time to remove the polling option from /usr/local... Jim Pingle
12:00 PM Revision fe81d18f: Add missing include: (cherry picked from commit 12094fd551055c40b3d0da8d27a5fcaabed0ae54) Doktor Notor
12:00 PM Revision 2f15609c: Restart unbound after clearing logs (Bug #6915): (cherry picked from commit ef72cd5c2d36ff300de8de5971c05e19d1c9443c) Doktor Notor
11:59 AM Revision 3d048d1b: Merge pull request #3284 from doktornotor/patch-1: Renato Botelho
11:57 AM Revision 7d25750f: status_queues.php - remove redundant escaping: (cherry picked from commit c69a1a745045cbb7feef216ee97fcb72a00558ec) Doktor Notor
11:57 AM Revision 539beb9f: Merge pull request #3292 from doktornotor/patch-5: Renato Botelho
11:21 AM Revision c69a1a74: status_queues.php - remove redundant escaping: Doktor Notor
10:56 AM Bug #6959 (Resolved): Remove or rename "LiveCD" option in the 2.4 installer: Done Renato Botelho
09:44 AM Bug #7020 (Duplicate): <Hostname> is omitted when sending logs on syslog: When sending "filterlog" over syslog the standard defined in https://doc.pfsense.org/index.php/Filter_Log_Format_for_... Idar Lund
08:48 AM pfSense Packages Bug #4034 (Resolved): AutoConfigBackup - user-config-readonly priv still does backup: Confirmed as fixed. A user with the Deny Config Write privilege won't trigger a new ACB entry on save. Jim Pingle
08:39 AM Bug #6990: DDNS IPs not updating after a system restart: Jim Pingle wrote:
> Nothing unusual in the settings, look for anything related to Dynamic DNS in the main system log... Muchacha Grande
07:48 AM Bug #6990: DDNS IPs not updating after a system restart: Nothing unusual in the settings, look for anything related to Dynamic DNS in the main system log, are there any error... Jim Pingle
06:18 AM Bug #6990: DDNS IPs not updating after a system restart: Jim Pingle wrote:
> Not nearly enough detail.
>
> What are the exact types and services used in your Dynamic DNS ... Muchacha Grande
06:00 AM Bug #6915 (Feedback): unbound logging not working after reboot or "Reset log files": PR has been merged Renato Botelho
05:55 AM pfSense Packages Feature #3303 (Feedback): Allow quagga ospf stub, not so stub and totally stub areas: PR has been merged Renato Botelho
05:49 AM pfSense Packages Feature #556 (Feedback): siproxd: add carp virtual IPs as interface candidates: PR merged Renato Botelho

12/18/2016

03:18 PM pfSense Packages Feature #556: siproxd: add carp virtual IPs as interface candidates: In case you are still waiting... https://github.com/pfsense/FreeBSD-ports/pull/235
LOLz. Kill Bill
02:22 PM Revision 53ceab5d: Update pfSense.pot: Doktor Notor
02:12 PM Revision 6ff48cf1: Unbound - add support for "deny_non_local" and "refuse_non_local" ACLs (Feature #6914): Doktor Notor
02:04 PM Revision 6a827f69: Unbound - add support for "deny_non_local" and "refuse_non_local" ACLs (Feature #6914): Doktor Notor
11:59 AM Revision 9d6d437b: Update pfSense.pot: Doktor Notor
11:53 AM Revision 2f7cd367: gettext-ize this while here: Doktor Notor
11:45 AM Revision cbe5405f: Add enable link to Status > UPnP & NAT-PMP error message if disabled (Todo #6689): Doktor Notor
11:02 AM Revision 66fa78b6: Update pfSense.pot: Doktor Notor
10:33 AM Revision 69bfc8ed: Improve RADVD router mode help text (Todo #6889): Doktor Notor
08:24 AM Feature #6914: unbound access-control lists: https://github.com/pfsense/pfsense/pull/3291 Kill Bill
05:45 AM Todo #6689: Add enable link to Status > UPnP & NAT-PMP error message if disabled: https://github.com/pfsense/pfsense/pull/3290 Kill Bill
04:34 AM Todo #6889: Improve router mode help text: I got annoyed once again by having to look up what the modes do in the PHP code, so did a PR:
https://github.com/p... Kill Bill
04:08 AM Revision 1992d9f9: Fix up validation and encoding on Captive Portal status pages. Fixes #7019: Jim Pingle
04:08 AM Revision c31fb7b0: Fix up validation and encoding on Captive Portal status pages. Fixes #7019: Jim Pingle
04:01 AM Revision ac90c901: Fix up validation and encoding on Captive Portal status pages. Fixes #7019: Jim Pingle

12/17/2016

10:10 PM Bug #7019 (Feedback): XSS issues in captive portal status pages: Applied in changeset commit:ac90c9012453c7e81ff0d0b472a55b116866c56e. Jim Pingle
10:07 PM Bug #7019 (Resolved): XSS issues in captive portal status pages: The zone parameter needs better validation/encoding on the captive portal status pages, and the 'order' parameter on ... Jim Pingle
09:59 PM Revision 19d905bc: IPv6, allow DHCP6 server to use a prefix size of /59 and /61 like dhcp client does: Pi Ba
06:57 PM pfSense Packages Bug #3380 (Not a Bug): FreeRadius-User-Option "Expiration Date" kills the FreeRadius-Server: Jim Pingle
06:10 PM pfSense Packages Bug #3380: FreeRadius-User-Option "Expiration Date" kills the FreeRadius-Server: Did you read the field description and the error message?
> Enter the date when this account should expire. *Forma... Kill Bill
05:58 PM pfSense Packages Bug #6805 (Duplicate): Freeradius + OTP sometimes auth failed when auth openvpn.: Probably fixed with #6900 anyhow. Closing. Jim Pingle
12:06 PM pfSense Packages Bug #6805: Freeradius + OTP sometimes auth failed when auth openvpn.: Not even remotely enough info here to debug anything. Please, move to https://forum.pfsense.org/ until you have a con... Kill Bill
05:52 PM Revision 4db8128c: Fix capitalization of confirmation messages for btn-danger buttons and fa-trash icons: Value and title were converted to lower case but not textContent. Consequently some pop-up messages included capitali... Caio Plumbeo
05:37 PM pfSense Packages Bug #6456: vm-bhyve not correctly detecting the modules in kernel: Jose Luis Duran wrote:
> This was fixed in vm-bhyve v0.12.3.
>
> (https://github.com/churchers/vm-bhyve/commit/a7... Kill Bill
03:45 PM Bug #7018: DHCP packets replicated on non-DHCP relay interface: No idea what's the bug here (the requests are relayed from the configured interfaces to the network where's the confi... Kill Bill
01:53 PM Bug #7018 (Closed): DHCP packets replicated on non-DHCP relay interface: When enabling DHCP relay for the following networks:
LAN: 192.168.2.0
PUBLIC: 192.168.4.0
But not on:
Se... Jan Eagleman
09:07 AM pfSense Packages Bug #6950: Auto Config Backup always reports success: Well, actually there's _some_ output needed no matter what, to provide some indication that the Backup button works. ... Kill Bill
08:31 AM pfSense Packages Bug #6950: Auto Config Backup always reports success: I just removed the misleading "success" noise as part of https://github.com/pfsense/FreeBSD-ports/pull/234 - as noted... Kill Bill
07:54 AM pfSense Packages Bug #4034: AutoConfigBackup - user-config-readonly priv still does backup: Well I think this bug is gone since this commit (which disabled the unwanted duplicated backups as well) - https://gi... Kill Bill
07:48 AM pfSense Packages Feature #4055 (Rejected): Enable area authentication from GUI: Jim Pingle
04:53 AM pfSense Packages Feature #4055: Enable area authentication from GUI: Works just fine with the GUI as well, cf. https://github.com/pfsense/FreeBSD-ports/blob/devel/net/pfSense-pkg-Quagga_... Kill Bill
07:16 AM pfSense Packages Feature #6951: Disable Auto Config Backup without uninstalling: https://github.com/pfsense/FreeBSD-ports/pull/234 Kill Bill
06:16 AM Bug #6852: Commit 8f86722 breaks DHCPv6 leases status page: only ipv6 that i get to show up is static mappings so I attached requested file currently on 2.3.3-DEVELOPMENT (amd6... Michael Kellogg
04:31 AM pfSense Packages Bug #5732: Qagga: Different output in ospfd.conf based on order of interfaces.: The description here makes no sense. I'd suggest to post some configuration screenshots with the interfaces configura... Kill Bill
03:33 AM pfSense Packages Feature #3303: Allow quagga ospf stub, not so stub and totally stub areas: Renato Botelho wrote:
> Please send it as using github pull request on https://github.com/pfsense/pfsense-packages r... Kill Bill
12:39 AM Revision 12094fd5: Add missing include: Doktor Notor
12:11 AM Revision ef72cd5c: Restart unbound after clearing logs (Bug #6915): Doktor Notor

12/16/2016

10:46 PM Revision 07c812a5: Merge pull request #3283 from doktornotor/patch-1: Jim Pingle
09:44 PM Revision f84d7989: Merge pull request #1 from stilez/jdillard-patch-1: Fix the Safari issue mentioned by @rbgarga. Taking RBG + Jared's word this fixes it :) Stilez y
06:45 PM pfSense Packages Bug #6616 (Duplicate): Client Export list empty when using intermediate CA: Jim Pingle
06:26 PM pfSense Packages Bug #6616: Client Export list empty when using intermediate CA: This works just fine here with 2.3.3, sounds like duplicate of Bug #2800. Kill Bill
06:33 PM Revision 18d8ab35: validateipaddr enhance flexibility for translation: By using sprintf() we can allow for some language where the label text does not fit at the start of the sentence.
(ch... Phil Davis
06:33 PM Revision 2a3d27a6: Merge pull request #3281 from phil-davis/patch-7: Renato Botelho
06:32 PM Revision c22a908d: validateipaddr code format: (cherry picked from commit aa2b8133b3cdb90791b577a90361842cd97bb16b) Phil Davis
06:32 PM Revision 4a725adc: Merge pull request #3280 from phil-davis/patch-2: Renato Botelho
06:12 PM Bug #6915: unbound logging not working after reboot or "Reset log files": The "reset log files" issue should be fixed by https://github.com/pfsense/pfsense/pull/3284
As for unbound logging... Kill Bill
06:07 PM pfSense Packages Bug #6061 (Closed): stunnel package update request: Jim Pingle
05:33 PM pfSense Packages Bug #6061: stunnel package update request: 2.2.x packages are not maintained. PR for stunnel package on 2.3+ is @ https://github.com/pfsense/FreeBSD-ports/pull/... Kill Bill
06:07 PM pfSense Packages Bug #6060 (Closed): stunnel certs tab does update cert tab: Jim Pingle
05:33 PM pfSense Packages Bug #6060: stunnel certs tab does update cert tab: 2.2.x packages are not maintained. PR for stunnel package on 2.3+ is @ https://github.com/pfsense/FreeBSD-ports/pull/... Kill Bill
05:48 PM pfSense Packages Feature #6436: Add Stunnel binaries to the pfSense repository: Adding the PR for reference: https://github.com/pfsense/FreeBSD-ports/pull/135
Kill Bill
05:46 PM Bug #6363: AutoConfigBackup Restore Actions column missing due to long XMLRPC sync merge strings in the configuration description: Hmmm, wraps into multiple lines just fine here.
!https://s29.postimg.org/8064c051j/Screenshot_ACB.png! Kill Bill
03:53 PM Revision 647db6bb: Ensure that the more secure option is used if both user-copy-files and user-copy-files-chroot is granted: Doktor Notor
02:42 PM pfSense Packages Bug #7017 (Resolved): Squid NT Domain authentication is broken: Relevant forum thread: https://forum.pfsense.org/index.php?topic=113667.0; the method used for Squid 3.3 does no long... Kill Bill
02:26 PM Bug #6982: Nested Aliases with FQDNs do not populate parent table in some cases: I'll work on it Renato Botelho
02:23 PM Revision d1aa3bba: Suppress error logging for Diag > Command Prompt so an error in user-entered code doesn't offer to submit a crash report. A notice is still generated since PHP <7 doesn't yet have error_clear_last(). Fixes #6702: Jim Pingle
02:23 PM Revision fb2f904c: Suppress error logging for Diag > Command Prompt so an error in user-entered code doesn't offer to submit a crash report. A notice is still generated since PHP <7 doesn't yet have error_clear_last(). Fixes #6702: Jim Pingle
02:20 PM Revision 45bcbee9: Suppress error logging for Diag > Command Prompt so an error in user-entered code doesn't offer to submit a crash report. A notice is still generated since PHP <7 doesn't yet have error_clear_last(). Fixes #6702: Jim Pingle
01:44 PM Feature #7016 (Resolved): system_information_widget.php - Indicate adaptive state timeout status when active: It would be helpful to show the user that pf has enabled adaptive state timeout scaling when it kicks in.
Some sam... Jim Pingle
01:04 PM Revision 4f48a261: Update pfSense.pot: Doktor Notor
12:53 PM Revision 8dd0a7da: Add support for chrooted SCP: Doktor Notor
12:33 PM Revision 74fd2299: Add support for chrooted SCP: Doktor Notor
11:43 AM Bug #7015 (Resolved): IPsec not working behind NAT: @luiz has the details, looks like a ESP fragment but it creates odd state with unknown IP address like:
enc0 icmp ... Renato Botelho
11:14 AM Bug #7013: Changing group scope to remote does not remove it from group file: Well, there's obviously much more wrong here, this actually requires a reboot to take effect. Also, adding/removing u... Kill Bill
09:06 AM Bug #6702 (Resolved): Command Prompt syntax error and crash detection report: Yeah that's part is good to stay, what still annoys me is that you get a notice from it (alert bell, e-mail notificat... Jim Pingle
08:48 AM Bug #6702: Command Prompt syntax error and crash detection report: Yup, works. (As for the error being shown in "PHP Response", I think that's OK and should actually stay, it's useful.) Kill Bill
08:30 AM Bug #6702: Command Prompt syntax error and crash detection report: Applied in changeset commit:45bcbee917920238248a2486a2742e3ff327b309. Jim Pingle
08:28 AM Bug #6702: Command Prompt syntax error and crash detection report: Pushed a small change so that it will at least not offer to submit a crash report. Jim Pingle
05:16 AM Bug #6702: Command Prompt syntax error and crash detection report: Well I think what was meant here is that pasting random potentially broken junk to Diagnostics - Command Prompt for t... Kill Bill
08:28 AM pfSense Packages Bug #1620: Can't use transparent proxy when using bridge.: I have no intention setting up bridges to test with transparent Squid. My understanding is that when the interface is... Kill Bill
08:06 AM pfSense Packages Bug #6182: HAProxy not supporting ALPN: Pi Ba wrote:
> Is it possible to make changes to existing ports makefiles?
See this and replace with < 1100000?
... Kill Bill
07:32 AM Bug #7014: inbound connections do not get through whilst using openvpn: Thanks posted on forum few weeks back but got no response
thanks for the detailed bug that does sound similar wel... r m
06:45 AM Bug #7014 (Rejected): inbound connections do not get through whilst using openvpn: Not enough usable info here. Please "post on the forum":https://forum.pfsense.org/index.php?board=69.0 with much more... Jim Pingle
06:15 AM Bug #7014: inbound connections do not get through whilst using openvpn: openvpn not opendns r m
04:29 AM Bug #7014 (Rejected): inbound connections do not get through whilst using openvpn: when using openvpn, inbound traffic is not received and do not get passed to the intended device,
when you turn o... r m
07:11 AM Bug #7012: scponly shipped with pfSense does not work with Linux scp: Jim Pingle wrote:
> Yeah it would need some extra bits but that can all be done by hand if the user really wants it,... Kill Bill
06:42 AM pfSense Packages Bug #6489 (Not a Bug): Squid Reverse Proxy: Deleting an entry on the "Redirects" tab does not reload config: Jim Pingle
05:34 AM pfSense Packages Bug #6489: Squid Reverse Proxy: Deleting an entry on the "Redirects" tab does not reload config: No idea how to reproduce. On save, squid_resync() is called [1] which in turn calls squid_resync_reverse() [2] which ... Kill Bill
06:41 AM pfSense Packages Bug #6632 (Resolved): siproxd hosts_allow_reg should be configurable: Jim Pingle
05:04 AM pfSense Packages Bug #6632: siproxd hosts_allow_reg should be configurable: Done with 1.1.3 (https://github.com/pfsense/FreeBSD-ports/pull/147), can be closed. Kill Bill
06:40 AM pfSense Packages Bug #6654 (Resolved): siproxyd Table issue: Jim Pingle
05:01 AM pfSense Packages Bug #6654: siproxyd Table issue: Fixed with 1.1.3 (https://github.com/pfsense/FreeBSD-ports/pull/147), can be closed. Kill Bill
06:38 AM pfSense Packages Bug #6999 (Resolved): ntopng missing preferences menu: Renato Botelho
04:54 AM pfSense Packages Bug #6999: ntopng missing preferences menu: Works. Kill Bill
03:12 AM Revision bb9747b2: validateipaddr enhance flexibility for translation: By using sprintf() we can allow for some language where the label text does not fit at the start of the sentence. Phil Davis
03:02 AM Revision aa2b8133: validateipaddr code format: Phil Davis

12/15/2016

09:49 PM Bug #6308 (Resolved): TFTP Proxy can't be turned off: Jim Pingle
07:32 PM Bug #6308: TFTP Proxy can't be turned off: Works, log noise gone. Yay! Kill Bill
10:50 AM Bug #6308 (Feedback): TFTP Proxy can't be turned off: Applied in changeset commit:0917101a0c0c4d611eeb41c2d3ee49062d52a2e9. Jim Pingle
10:46 AM Bug #6308: TFTP Proxy can't be turned off: To me, I've got a fix coming. Jim Pingle
09:49 PM Bug #7012 (Resolved): scponly shipped with pfSense does not work with Linux scp: Thanks for testing! Jim Pingle
07:28 PM Bug #7012: scponly shipped with pfSense does not work with Linux scp: Jim Pingle wrote:
> I pushed a change to fix the options up so it'll come through with the next update. pkg is smart... Kill Bill
08:53 AM Bug #7012: scponly shipped with pfSense does not work with Linux scp: Agree. I might do a PR eventually when I get bored.
(All this also could be done with OpenSSH "natively", but it s... Kill Bill
08:21 AM Bug #7012: scponly shipped with pfSense does not work with Linux scp: Yeah it would need some extra bits but that can all be done by hand if the user really wants it, it doesn't hurt to h... Jim Pingle
08:19 AM Bug #7012: scponly shipped with pfSense does not work with Linux scp: Yeah, thanks. I'll test in a while. (As for the chroot, that's going to need some pfSense code changes - adding a sep... Kill Bill
08:03 AM Bug #7012: scponly shipped with pfSense does not work with Linux scp: I pushed a change to fix the options up so it'll come through with the next update. pkg is smart enough to pick up th... Jim Pingle
07:40 AM Bug #7012 (Feedback): scponly shipped with pfSense does not work with Linux scp: Applied in changeset commit:ef76f693c54b01b40666a41dbf82be70f9379718. Jim Pingle
05:04 AM Bug #7012: scponly shipped with pfSense does not work with Linux scp: Session output with SCP (broken):... Kill Bill
04:54 AM Bug #7012 (Resolved): scponly shipped with pfSense does not work with Linux scp: Dunno guys how you compiled this, but scp does not work. Never worked in fact, as discussed at https://forum.pfsense.... Kill Bill
05:27 PM Revision 4c7af1ee: Fix comment: Steve Beaver
05:23 PM Revision c393f1d1: Fix comment: Steve Beaver
05:23 PM Revision 77a8a7d6: Added a function validateipaddr() use as:: // Validate a network address
// $addr: the address to validate
// $type: IPV4|IPV6|IPV4V6
// $label: ... Steve Beaver
05:04 PM Revision 9d4da801: Fix the Safari issue mentioned by @garga: https://github.com/pfsense/pfsense/pull/3139#pullrequestreview-156718
I ended up having to remove the select element... Jared Dillard
04:47 PM Revision 7f397447: If nothing is enabled that requires xinetd, do not run xinetd. Fixes #6308: Jim Pingle
04:47 PM Revision 26422762: If nothing is enabled that requires xinetd, do not run xinetd. Fixes #6308: Jim Pingle
04:47 PM Revision 0917101a: If nothing is enabled that requires xinetd, do not run xinetd. Fixes #6308: Jim Pingle
01:30 PM Revision 157c9f13: Set proper options for scponly. Fixes #7012: Jim Pingle
01:30 PM Revision 40daa7a5: Set proper options for scponly. Fixes #7012: Jim Pingle
01:29 PM Revision ef76f693: Set proper options for scponly. Fixes #7012: Jim Pingle
08:20 AM Bug #6099: igmpproxy does not recognize upstream interface: Dear Maintainers,
@Jorge M. Oliveira, thank you for your work to fix this issues.
I'm using the igmpproxy to co... Harald Gutmann
08:08 AM Bug #6852: Commit 8f86722 breaks DHCPv6 leases status page: If it breaks for you, please include the relevant portions of dhcpd6.leases that break it, or the entire file if poss... Jim Pingle
05:38 AM Bug #7013 (Resolved): Changing group scope to remote does not remove it from group file: If I understand things correctly, after implementing Bug #6012 the groups with scope set to "Remote" are not supposed... Kill Bill
01:07 AM Revision ecf72f9e: Merge pull request #3279 from doktornotor/patch-1: Jim Pingle
12:52 AM Revision c7c86565: Fix to match the pot template.: Doktor Notor
12:48 AM Revision 024b8386: Update pfSense.pot: Doktor Notor
12:29 AM Revision c7c45bcd: Nuke outdated hint about scponly install: Doktor Notor

12/14/2016

09:23 PM Revision 926e095d: Correct the descriptions and behavior of the Adaptive Start and Adaptive End settings.: Jim Pingle
09:22 PM Revision bbc28078: Correct the descriptions and behavior of the Adaptive Start and Adaptive End settings.: Jim Pingle
07:57 PM Bug #6852: Commit 8f86722 breaks DHCPv6 leases status page: This also just happened to me. There is more info when analyzing the stderr output from awk, or running the sed/awk c... Brenton Rothchild
05:58 PM Revision a546d014: Use variable: Renato Botelho
05:58 PM Revision 31e17cec: Use variable: Renato Botelho
05:34 PM Revision fd655c3d: openvpn, startup locking sequence to prevent issues around pid file / process management: fixes: https://redmine.pfsense.org/issues/6940
(cherry picked from commit ce983754d54578d24aec46aa81fec95199c67d80) Pi Ba
05:33 PM Revision b4175676: Merge pull request #3236 from PiBa-NL/openvpn_startup_lock: Renato Botelho
03:51 PM Revision 96428027: Fix path for loader.conf.local: Renato Botelho
03:06 PM Revision 535f8a75: Undo change accidentally pushed on last commit: Renato Botelho
03:03 PM Revision 788f1c3b: Re-add autoboot_delay=3 to loader.conf. Fixes #7003: Renato Botelho
02:50 PM Revision ed5b2a9d: DHCPv6 server edit when DHCPv6 Relay enabled: Part of Redmine #6997
This implements the similar behaviour as for the DHCPv4 server in Pull
Request https://github.c... Phil Davis
02:50 PM Revision b7355f66: Merge pull request #3274 from phil-davis/dhcpv6serverrelay: Renato Botelho
02:49 PM Revision 53d77ce2: DHCP server edit when DHCP Relay enabled: Part of Redmine #6997
1) Display the DHCP Server settings even when DHCP Relay is enabled, but
disable the "enable" c... Phil Davis
02:49 PM Revision 315dca33: Merge pull request #3271 from phil-davis/dhcpserverrelay: Renato Botelho
02:39 PM Revision faa5c573: Disable LCDproc on ARM: Renato Botelho
02:14 PM Revision bee486ae: Enable tinc package: Renato Botelho
02:14 PM Revision 3a6ac2a6: Enable tinc package: Renato Botelho
01:53 PM Revision 3369456f: Enable LCDproc package: Renato Botelho
01:53 PM Revision 3d289909: Enable LCDproc package: Renato Botelho
12:04 PM Feature #7011 (Resolved): Retain vendor MAC address at power up: There are circumstances where it is desirable to be able to read the vendor's MAC addresses on an interface, even if ... Anonymous
11:34 AM Bug #6132 (Feedback): race condition in OpenVPN startup: PR has been merged Renato Botelho
10:18 AM Bug #6940 (Duplicate): OpenVPN management socket not listening after bootup / cannot restart the service.: Duplicate of #6132 Renato Botelho
09:10 AM Bug #7003 (Feedback): autoboot_delay on 2.4.0: Applied in changeset commit:788f1c3bee47b409a357ec19750fb958a5397938. Renato Botelho
08:54 AM pfSense Packages Bug #7009: syslog_ng Log Viewer page didn't get converted to the new 2.3 bootstrap: https://github.com/pfsense/FreeBSD-ports/pull/278 Kill Bill
08:53 AM Bug #6997 (Feedback): DHCP/DHCPv6 server GUI should be accessible even if DHCP relay is enabled: Both PRs merged, thanks! Renato Botelho
07:15 AM Bug #4689 (New): Panic/Crash "sbflush_internal: cc 4294967166 || mb 0 || mbcnt 0": This is still happening to customers on 2.3.2-p1, so the imported patch didn't fix the problem. Jim Pingle
06:30 AM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: @Kill Bill: Deactivating watchdog solves my issue. It realy seems to make some trouble running it at moment. Especail... Marcel Mayer

12/13/2016

08:07 PM Revision 010dc589: status_dcp_leases change if statement style: (cherry picked from commit dadc11d7a7aae33ef284a4f8f4258d04e17d27fc) Phil Davis
08:07 PM Revision 0ee2a336: Status DHCP Leases show CID and other enhancements: 1) If there is a Client Id specified then show it (otherwise it is possible to define a Static Mapping that has only ... Phil Davis
08:07 PM Revision aed5681a: Merge pull request #3277 from phil-davis/patch-2: Renato Botelho
07:31 PM Revision 228cf850: Check for lo0 when reconfiguring VIPs on sync. Fixes #7010: Jim Pingle
07:31 PM Revision 69a991b3: Check for lo0 when reconfiguring VIPs on sync. Fixes #7010: Jim Pingle
07:25 PM Revision 5fda51cd: Check for lo0 when reconfiguring VIPs on sync. Fixes #7010: Jim Pingle
03:01 PM Revision dadc11d7: status_dcp_leases change if statement style: Phil Davis
01:57 PM Bug #7010 (Resolved): Problem Syncing IP Aliases on Localhost on HA cluster: Renato Botelho
01:54 PM Bug #7010: Problem Syncing IP Aliases on Localhost on HA cluster: Looks good here. Thanks. Chris Linstruth
01:30 PM Bug #7010 (Feedback): Problem Syncing IP Aliases on Localhost on HA cluster: Applied in changeset commit:5fda51cd2af8a099b89f35439343744dbe981fa1. Jim Pingle
01:10 PM Bug #7010: Problem Syncing IP Aliases on Localhost on HA cluster: Steps to reproduce:
Create HA cluster:
Add IP Alias VIP to Localhost on Primary. Save/Apply
Results: IP Alia... Chris Linstruth
12:57 PM Bug #7010 (Resolved): Problem Syncing IP Aliases on Localhost on HA cluster: IP Alias VIPs can be added to Localhost on primary node and are properly XMLRPC synced to secondary's configuration.
... Chris Linstruth
01:35 PM Revision 231fe954: Add case for 59 to prefix functions: Maybe these functions should have a case added for prefix length 59? Phil Davis
01:17 PM Revision 86115e71: Status DHCP Leases show CID and other enhancements: 1) If there is a Client Id specified then show it (otherwise it is possible to define a Static Mapping that has only ... Phil Davis
12:58 PM Revision 564dc6fa: dhcpv6_pd_str_help add default case: When the interface concerned does not yet have its details known (e.g. Track Interface values from upstream have not ... Phil Davis
12:58 PM Revision cc9213e0: Merge pull request #3276 from phil-davis/patch-10: Renato Botelho
12:56 PM Revision b2a682a3: Services DHCPv6 Static Edit fix var name: The example format at the end of the error message was not coming out.
(cherry picked from commit d59ac1d6b8e14fb12dd... Phil Davis
12:56 PM Revision 6371edbd: Merge pull request #3275 from phil-davis/patch-9: Renato Botelho
12:55 PM Revision aef27ab5: Status DHCP Leases table row end: Each row of the table needs a tr end, only the last row was getting the tr end.
(cherry picked from commit cd2b1e7644... Phil Davis
12:55 PM Revision cd598ba9: Merge pull request #3272 from phil-davis/patch-7: Renato Botelho
12:53 PM Revision cdb96d08: DHCP4 Relay must relay to an IPv4 address: This code would accept an IPv6 address, but that causes an error to be reported by the DHCP (v4) Relay service on sta... Phil Davis
12:53 PM Revision 4cc53fbd: Merge pull request #3270 from phil-davis/patch-5: Renato Botelho
12:51 PM Revision a2dea93a: DHCPv6 Relay Form_IpAddress is V6: (cherry picked from commit 3cb06e5ffaa4d101267825715e777ace1fa30f41) Phil Davis
12:51 PM Revision e51c28c1: Improve input validation for services_dhcpv6_relay: Make the same imrovements as was done for services_dhcp_relay in commit https://github.com/pfsense/pfsense/commit/ac9... Phil Davis
12:51 PM pfSense Packages Bug #7009 (Resolved): syslog_ng Log Viewer page didn't get converted to the new 2.3 bootstrap: It is not as noticeable on the default theme, but shows up on the dark theme.
page url: syslog-ng_log_viewer.php Jared Dillard
12:50 PM Revision 495aefc3: Merge pull request #3269 from phil-davis/patch-2: Renato Botelho
12:47 PM Revision a860a0dd: Add PC Engines APU2 to the list of serial-only platforms: The vidconsole needs to be explicitly disabled for PC Engines APU2,
otherwise the comconsole is garbled and mostly un... Brett Keller
12:46 PM Revision 28b3cba8: Add specific platform detection for PC Engines APU2: Based detection on $product rather than $hw_model, because $hw_model
returns the name of the AMD SoC, which might be ... Brett Keller
12:46 PM Revision 572dce1f: Merge pull request #3268 from blkeller/apu2-serial-fix: Renato Botelho
12:33 PM Revision b7908243: dhcpv6_pd_str_help add default case: When the interface concerned does not yet have its details known (e.g. Track Interface values from upstream have not ... Phil Davis
12:28 PM Revision d59ac1d6: Services DHCPv6 Static Edit fix var name: The example format at the end of the error message was not coming out. Phil Davis
12:03 PM Revision 756da4bd: DHCPv6 server edit when DHCPv6 Relay enabled: Part of Redmine #6997
This implements the similar behaviour as for the DHCPv4 server in Pull
Request https://github.c... Phil Davis
09:36 AM Revision cd2b1e76: Status DHCP Leases table row end: Each row of the table needs a tr end, only the last row was getting the tr end. Phil Davis
08:25 AM Bug #6223: IPsec + OpenBGPD fails with "PF_KEY socket: No buffer space available": As long as you're logging things, dump the output from @/usr/bin/netstat -s -ppfkey@ as well to see if the errors in ... Jim Pingle
07:54 AM Bug #6223: IPsec + OpenBGPD fails with "PF_KEY socket: No buffer space available": I've created a little patch to the ipsecmon.sh file to actually log the output using logger, and made it a little eas... James Cornman
07:40 AM Bug #6997: DHCP/DHCPv6 server GUI should be accessible even if DHCP relay is enabled: https://github.com/pfsense/pfsense/pull/3274 addresses the DHCP (v6) Server part. Phillip Davis
04:20 AM Bug #6997: DHCP/DHCPv6 server GUI should be accessible even if DHCP relay is enabled: Phillip Davis wrote:
> Some fixups/enhancements to Status DHCP Leases in https://github.com/pfsense/pfsense/pull/327... Kill Bill
03:54 AM Bug #6997: DHCP/DHCPv6 server GUI should be accessible even if DHCP relay is enabled: Some fixups/enhancements to Status DHCP Leases in https://github.com/pfsense/pfsense/pull/3273
If DHCP Server is dis... Phillip Davis
01:13 AM Bug #6997: DHCP/DHCPv6 server GUI should be accessible even if DHCP relay is enabled: https://github.com/pfsense/pfsense/pull/3271 addresses the DHCP (v4) Server part. Phillip Davis
07:35 AM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: The only thing that the watchdog does is setting up a cronjob which in turn checks every minute whether configured se... Kill Bill
06:19 AM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: I think System Watchdog needs some dusting off. I stopped using it a while ago as it seems to cause more problems tha... → luckman212
12:57 AM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: That now looks pretty normal. Martin Wasley
07:06 AM Revision 48614394: DHCP server edit when DHCP Relay enabled: Part of Redmine #6997
1) Display the DHCP Server settings even when DHCP Relay is enabled, but
disable the "enable" c... Phil Davis
05:43 AM Revision 3cb06e5f: DHCPv6 Relay Form_IpAddress is V6: Phil Davis
05:39 AM Revision bdda1446: DHCP4 Relay must relay to an IPv4 address: This code would accept an IPv6 address, but that causes an error to be reported by the DHCP (v4) Relay service on sta... Phil Davis
05:26 AM Revision 03444470: Improve input validation for services_dhcpv6_relay: Make the same imrovements as was done for services_dhcp_relay in commit https://github.com/pfsense/pfsense/commit/ac9... Phil Davis
01:41 AM Bug #6406: Web process becomes unresponsive producing 502 Bad Gateway nginx: Well, to me it started to happen when I readded the "Traffic Graphs" widget. It never happened before without that. Michele Di Maria

12/12/2016

09:10 PM Revision 089c18f3: Add PC Engines APU2 to the list of serial-only platforms: The vidconsole needs to be explicitly disabled for PC Engines APU2,
otherwise the comconsole is garbled and mostly un... Brett Keller
08:46 PM Revision ffda0181: Add specific platform detection for PC Engines APU2: Based detection on $product rather than $hw_model, because $hw_model
returns the name of the AMD SoC, which might be ... Brett Keller
08:38 PM Revision f24b6fb6: Encode the auth server list before passing it on the CLI, to avoid issues with special characters that break when interpreted as URL parameters during OpenVPN auth. Fixes #7002: Jim Pingle
08:37 PM Revision c165a17e: Encode the auth server list before passing it on the CLI, to avoid issues with special characters that break when interpreted as URL parameters during OpenVPN auth. Fixes #7002: Jim Pingle
08:24 PM Revision e719538c: This script is not called directly in a way that requires a shabang, and it interferes with the script output, preventing successful authentication. Fixes #7008: Jim Pingle
06:44 PM Revision 768037ee: Do not allow a group name to start with 'pkg-', reserve it for packages use (e.g. tinc): Renato Botelho
06:44 PM Revision 6af92afd: Update interface group name validation rules to match ifconfig: Renato Botelho
06:44 PM Revision f6e519ec: Fix #6976: Make sure interface description, interface name and alias don't have the same name: Renato Botelho
06:44 PM Revision e4830f02: Ticket #6976: Check disabled interfaces: Renato Botelho
06:43 PM Revision ebdcad3b: Do not allow a group name to start with 'pkg-', reserve it for packages use (e.g. tinc): Renato Botelho
06:43 PM Revision 2326f325: Update interface group name validation rules to match ifconfig: Renato Botelho
06:43 PM Revision 7ec6e283: Fix #6976: Make sure interface description, interface name and alias don't have the same name: Renato Botelho
06:43 PM Revision ee5284ce: Ticket #6976: Check disabled interfaces: Renato Botelho
06:29 PM Revision 6d40829b: Fix CA input validation to (again) allow an import without a key. Fixes #7001: Jim Pingle
05:56 PM Revision 93ab5b34: Ensure that mobile IPsec client addresses are added to vpn_networks. Fixes #7005: Jim Pingle
05:55 PM Revision d4ed1bd9: Ensure that mobile IPsec client addresses are added to vpn_networks. Fixes #7005: Jim Pingle
03:33 PM Bug #7004: [2.3.3] NAT no longer respects interface selection: Screenshot is fixed.
It may seem absurd to you but what else should it do? There isn't any programmatic way for it... Jim Pingle
03:26 PM Bug #7004: [2.3.3] NAT no longer respects interface selection: The resolver is answering queries just fine on LAN. Until you set up a NAT rule on WLAN. Sorry, but this behavior is ... Kill Bill
03:07 PM Bug #7004: [2.3.3] NAT no longer respects interface selection: There isn't anything to fix. Logically, it's acting as intended. That's what NAT reflection does -- it redirects anyt... Jim Pingle
03:03 PM Bug #7004: [2.3.3] NAT no longer respects interface selection: Well perhaps this should be left open till it's somehow fixed, sending packets coming from completely unrelated inter... Kill Bill
02:55 PM Bug #7004 (Not a Bug): [2.3.3] NAT no longer respects interface selection: The extra interfaces are coming from NAT reflection and it doesn't appear to be a regression, but a quirk of having r... Jim Pingle
01:21 PM Bug #7004: [2.3.3] NAT no longer respects interface selection: !https://s23.postimg.org/53zzev93f/Screenshot.png! Kill Bill
01:19 PM Bug #7004: [2.3.3] NAT no longer respects interface selection: What options do you have configured for NAT Reflection under System > Advanced, Firewall & NAT? Jim Pingle
12:55 PM Bug #7004: [2.3.3] NAT no longer respects interface selection: The rule from config.xml:... Kill Bill
12:13 PM Bug #7004 (Feedback): [2.3.3] NAT no longer respects interface selection: I can't reproduce this on current snapshots with 2.3.3 or 2.4, can you show the XML for that rule in config.xml? And ... Jim Pingle
06:24 AM Bug #7004: [2.3.3] NAT no longer respects interface selection: Doing this from *LAN* machine (remember, the redirection is supposed to happen on *WLAN*):... Kill Bill
06:19 AM Bug #7004 (Not a Bug): [2.3.3] NAT no longer respects interface selection: Dunno guys when this regressed, however NAT rules apply on ALL interfaces, no matter what you select. Say, you follow... Kill Bill
02:48 PM Feature #7007: Change default IPsec/strongswan log levels: Those are a different story entirely and unrelated to this at all. See #4227 (If you set "Networking" and "Message E... Jim Pingle
01:54 PM Feature #7007: Change default IPsec/strongswan log levels: Any attempts on tweaks useful for debugging here are completely useless while IPsec log is being flooding with tons o... Kill Bill
01:46 PM Feature #7007 (Resolved): Change default IPsec/strongswan log levels: It is usually beneficial to set IKE SA, IKE Child SA, and Configuration Backend to logging level "Diag" when troubles... Chris Linstruth
02:40 PM Bug #7002 (Feedback): OpenVPN unable to use authentication server with ampersand in descriptive name: Applied in changeset commit:c165a17e0225f09afb4882d360ba086f629f2b77. Jim Pingle
02:30 PM Bug #7008 (Feedback): OpenVPN sever unable to authenticate users on 2.4: Applied in changeset commit:e719538c01cde5c444255941655a54134c68f16b. Jim Pingle
02:24 PM Bug #7008 (Resolved): OpenVPN sever unable to authenticate users on 2.4: On 2.4, OpenVPN is unable to authenticate local or remote users. The logs show that the user authenticates successful... Jim Pingle
12:50 PM Bug #6976 (Feedback): Interface group and alias with same name creates firewall syntax error: Applied in changeset commit:7ec6e2831fe56514e90fcbd2beb5af52b7054ab6. Renato Botelho
07:06 AM Bug #6976: Interface group and alias with same name creates firewall syntax error: I'll handle it Renato Botelho
12:49 PM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: DNS Resolver/General - Network Interfaces and Outgoing interfaces = both are set to "All"
Removed dhcpd from monit... Marcel Mayer
07:00 AM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: What do you have selected in DNS Resolver/General - Network Interfaces and Outgoing interfaces? Martin Wasley
06:44 AM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: Some confusing log entrys are still there. See attached file. Marcel Mayer
12:40 PM Bug #7001 (Feedback): Certificate manager requiring private key when importing CA certificate authority: Applied in changeset commit:6d40829b6905bf55c238bffc6c779e9bf063297f. Jim Pingle
12:00 PM Bug #7005 (Feedback): IPsec mss clamping not working for mobile clients: Applied in changeset commit:d4ed1bd9a86a23ff3d4baed97db32eb90cd21947. Jim Pingle
11:37 AM Bug #7005 (Confirmed): IPsec mss clamping not working for mobile clients: Confirmed. To me, I have a fix. Jim Pingle
08:13 AM Bug #7005 (Resolved): IPsec mss clamping not working for mobile clients: Doesn't look that mss-clamping is working on a IPsec mobile client setup.
1) In IPSec -> Advanced Settings -> Ena... Lars Pedersen
11:41 AM Revision 30bc2971: Update services_captiveportal.php: fixes https://redmine.pfsense.org/issues/6391
(cherry picked from commit 6ba184a1d6ead4cdbc4369c1a7ddcc820e8ffcce) Stefan Kronawithleitner
11:40 AM Revision 7739e0ce: Merge pull request #3267 from noledge/patch-1: Renato Botelho
11:37 AM Revision b7b72880: Comment typos in itemid.inc: (cherry picked from commit 632a238f1fb7f0c80e76058563a95bbf6785df53) Phil Davis
11:37 AM Revision fcfe8031: Merge pull request #3264 from phil-davis/patch-2: Renato Botelho
09:12 AM Bug #7006 (Not a Bug): radius authentication doesn't work: It works fine on current snapshots when properly configured. Post on the forum for help with your configuration. Jim Pingle
09:07 AM Bug #7006 (Not a Bug): radius authentication doesn't work: hello,
the remote authentication seems to be broken.
I configured my company Cisco ACS as authentication server (t... Giuanin Piemunteis
06:50 AM Feature #3971: IPv6 - Preserve the DUID used for WAN DHCP-PD in the configuration file: Added as part of PR #3262
Martin Wasley
05:54 AM pfSense Packages Bug #6999 (Feedback): ntopng missing preferences menu: PR has been merged, thanks! Renato Botelho
05:42 AM Bug #6391 (Feedback): View Current Portal Page goes to wrong URL: PR has been merged Renato Botelho
05:39 AM Bug #6997: DHCP/DHCPv6 server GUI should be accessible even if DHCP relay is enabled: One more thing I noticed - Status/DHCP(v6) Leases, on the contrary, is something that should not be accessible when D... Kill Bill
04:19 AM pfSense Packages Feature #6480: pfBlockerNG - add ability to force download of a list: Hi - would it be possible to revisit this please? The issue with the method proposed above is that, for a long list,... Andrew -
03:12 AM Feature #628: Ability to specify listen IP address of management services (SSH, web interface): Marlin Cremers wrote:
> Is there a way for me to at least look at this? Are there particular things I have to keep i... Kill Bill
02:38 AM Feature #628: Ability to specify listen IP address of management services (SSH, web interface): I would love to see this as I'm using pfSense as router and would like to disable the firewall to get greater perform... Marlin Cremers

12/11/2016

04:46 PM Bug #6985 (Resolved): NPt rules are causing a filter error on 2.4: Looks good on a current snapshot Jim Pingle
04:13 PM Bug #7003: autoboot_delay on 2.4.0: Most likely cause is that the setting isn't being put in place by the new installer Jim Pingle
12:46 PM Bug #7003 (Resolved): autoboot_delay on 2.4.0: It seems the autoboot_delay in loader.conf has been set/left at the default 10 seconds. It seems 2.3 and prior have a... Ken Sim
04:09 PM Bug #6850 (Resolved): FreeBSD 11.0 Route Syntax Change For Non-Local Gateway: Jim Pingle
02:18 PM Bug #6850: FreeBSD 11.0 Route Syntax Change For Non-Local Gateway: Everything seems to be working as expected now with that patch applied. I have played around with the gateways for ab... Ken Sim
03:55 PM Revision 6ba184a1: Update services_captiveportal.php: fixes https://redmine.pfsense.org/issues/6391 Stefan Kronawithleitner
10:37 AM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: Found the solution for that.
The Leasetable hold two entries (no idea why). After deleting them, everything now work... Marcel Mayer
08:44 AM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: What I found and confuses me are this lines in general log:
/rc.newwanipv6: The command '/usr/local/sbin/dhcpd -us... Marcel Mayer
08:25 AM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: I started to do the test today and realised, that IPv6 is working for the moment without the described issue.
Used t... Marcel Mayer
09:06 AM pfSense Packages Bug #6999: ntopng missing preferences menu: https://github.com/pfsense/FreeBSD-ports/pull/226 Kill Bill
04:12 AM Bug #6997: DHCP/DHCPv6 server GUI should be accessible even if DHCP relay is enabled: Thanks, Phil. And yes, also when migrating the other way round (i.e., when moving your DHCP to pfSense), you want to ... Kill Bill

12/10/2016

11:49 PM Bug #6997: DHCP/DHCPv6 server GUI should be accessible even if DHCP relay is enabled: This looks not too hard to do, and will help those who would like to be able to see and manipulate disabled-DHCP-serv... Phillip Davis
11:36 PM Revision 260f60a9: IPv6, allow DHCP6 client to use a prefix size of /59: Pi Ba
11:06 PM Bug #7002 (Resolved): OpenVPN unable to use authentication server with ampersand in descriptive name: Add LDAP server in System/User Manager/Authentication Servers, include an ampersand in the Descriptive Name. Test aga... Anonymous
10:08 PM Revision 6d587359: Improve input validation for services_dhcp_relay: While looking at interactions between DHCP Relay and DHCP Server, I noticed a few annoying/inconsistent things in dri... Phil Davis
10:05 PM Revision ad7bdc9b: Merge pull request #3265 from phil-davis/patch-5: Steve Beaver
02:27 PM Revision ac999f3b: Improve input validation for services_dhcp_relay: While looking at interactions between DHCP Relay and DHCP Server, I noticed a few annoying/inconsistent things in dri... Phil Davis
02:13 PM Bug #7001 (Resolved): Certificate manager requiring private key when importing CA certificate authority: Attempts to import just the public key portion of a certificate authority errors out because a private key is not pre... Chris Linstruth
12:55 PM Bug #1819: DNS Resolver Not Registering DHCP Server Specified Domain Name: Well nobody's assigned to it and it's a 5 year old ticket. Last few comments were from Chris and he works for Ubiquit... → luckman212
09:53 AM Revision 632a238f: Comment typos in itemid.inc: Phil Davis
09:43 AM pfSense Packages Feature #7000 (Closed): ntopng historical data needs to be reworked: Reference:
- http://www.ntop.org/ntopng/exploring-historical-data-using-ntopng/
- http://www.ntop.org/ntopng/explor... Kill Bill
06:03 AM Bug #4310: Limiters + HA results in hangs on secondary: I updated a test cluster to a snapshot from a couple hours ago, which from the timestamp looks like it should have th... Jim Pingle
05:55 AM pfSense Packages Bug #6999: ntopng missing preferences menu: Unable to submit anything via GitHub (server error 500 since yesterday). If it works for someone:... Kill Bill
05:20 AM pfSense Packages Bug #6999 (Resolved): ntopng missing preferences menu: This is caused by the admin user not being a member of "administrator" group. Related forum thread: https://forum.pfs... Kill Bill
05:13 AM Revision ca8ab3c9: Add a gateway state plugin hook.: Pull Request #3093 Luiz Souza
04:35 AM Revision 140f1f6f: Revert the workaround now that the pf parsing issue is fixed.: Ticket #6985 Luiz Souza

12/09/2016

11:28 PM Revision a3ed7862: move export button to heading for status monitoring page: Jared Dillard
11:27 PM Revision 726ebc65: move export button to heading for status monitoring page: Jared Dillard
11:24 PM Bug #4310: Limiters + HA results in hangs on secondary: 2.4 has a few new fixes for use-after-free pfsync states. The limiters issue is also fixed. Luiz Souza
11:11 PM pfSense Packages Bug #6983: pfBlockerNG-2.1.1_4 requires xmlrpc.inc which is removed or moved: Angel Torres, best to post in the forum for that... Not related to this issue..
Maybe this is causing your issue? ... BBcan177 .
10:49 PM Bug #6985: NPt rules are causing a filter error on 2.4: Fixed the parsing issue on pf (and reverted the workaround): https://github.com/pfsense/FreeBSD-src/commit/e4a708b0c1... Luiz Souza
08:25 PM Revision 77b6d849: Fix #6472: Enable/Disable associated firewall rule when NAT rule changes: Renato Botelho
08:25 PM Revision 7a76bc6f: Ticket #6472: Respect disabled field: Respect disabled field when creating firewall associated rule Renato Botelho
08:25 PM Revision 9e21304e: Ticket #6472: Add toggle_id: Introduce toggle_id() used to enable/disable associated firewall rules Renato Botelho
08:25 PM Revision 3335fee9: Do not set disabled or nordr fields when they are not selected. Checks are using isset() and not its boolean value: Renato Botelho
08:25 PM Revision 6d52d0bf: Simplify logic: Renato Botelho
08:25 PM Revision 9601f6ad: Fix comments: Renato Botelho
08:25 PM Revision 2a080336: $array doesn't need to be a reference here: Renato Botelho
08:24 PM Revision be1bc233: Fix #6472: Enable/Disable associated firewall rule when NAT rule changes: Renato Botelho
08:24 PM Revision 8a915911: Ticket #6472: Respect disabled field: Respect disabled field when creating firewall associated rule Renato Botelho
08:23 PM Revision 8aa2dd26: Ticket #6472: Add toggle_id: Introduce toggle_id() used to enable/disable associated firewall rules Renato Botelho
08:23 PM Revision 15586fff: Do not set disabled or nordr fields when they are not selected. Checks are using isset() and not its boolean value: Renato Botelho
08:22 PM Revision 75bb5037: Simplify logic: Renato Botelho
08:22 PM Revision 21408bb4: Fix comments: Renato Botelho
08:22 PM Revision 9f61bcc9: $array doesn't need to be a reference here: Renato Botelho
07:46 PM Revision cdec7893: Rule type icon should not change to 'X' when disabled: Steve Beaver
06:27 PM Revision 67bc28c9: Update simplepie (RSS Parsing library) to 1.4.3: Jim Pingle
06:26 PM Revision 73a0719a: Update simplepie (RSS Parsing library) to 1.4.3: Jim Pingle
06:03 PM Revision 650ba8d7: Fix copy/paste error in variable test.: Jim Pingle
06:03 PM Revision c7435c36: Fix copy/paste error in variable test.: Jim Pingle
06:03 PM Revision 530eceb9: Fix copy/paste error in variable test.: Jim Pingle
05:25 PM Revision 898aa92c: Change (assign) to Assignments in Interfaces menu: Add HTML divider in Interfaces menu to separate actions form the interface list Steve Beaver
05:21 PM pfSense Packages Bug #6987: ntopng needs Google API key for GeoIP map: Result after patching:
!https://s30.postimg.org/m3vi0pxy9/ntopng_geomap.png! Kill Bill
05:18 PM pfSense Packages Bug #6987: ntopng needs Google API key for GeoIP map: Well... this additionally need a patch to the ntopng port itself (basically the one from https://github.com/ntop/ntop... Kill Bill
03:51 PM pfSense Packages Bug #6987: ntopng needs Google API key for GeoIP map: Please, test the attached patch and report back. (Would like to submit a PR on GitHub, however the only thing that Gi... Kill Bill
04:41 PM Revision 8638429a: Fix log file deletion: Steve Beaver
04:35 PM Revision 8d8b2fc7: Fix log file deletion: Steve Beaver
03:47 PM Revision 5eab2de4: Fix #6996 using existing variable: Renato Botelho
03:47 PM Revision 803c9768: Fix #6996 using existing variable: Renato Botelho
02:30 PM Bug #6472 (Feedback): Disabling NAT (port forward) rule does not disable the associated firewall rule: Applied in changeset commit:be1bc233931122a67821bee7e02778f7c5138779. Renato Botelho
12:36 PM Todo #6998 (Resolved): Create a port for simplepie to keep it updated and use modular version: Simple build process:
Clone from https://github.com/simplepie/simplepie.git
run "php build/compile.php" from inside... Jim Pingle
12:26 PM Bug #6996 (Resolved): DHCP traffic getting blocked (still/again) with DHCP Relay enabled: Renato Botelho
12:22 PM Bug #6996: DHCP traffic getting blocked (still/again) with DHCP Relay enabled: Works, hooray! Thanks. Reminds me it's Friday -> time for some:
!http://cdn.pcwallart.com/images/homer-simpson-bee... Kill Bill
09:50 AM Bug #6996 (Feedback): DHCP traffic getting blocked (still/again) with DHCP Relay enabled: Applied in changeset commit:803c97685fef85f35a6cf781143259458486c34a. Renato Botelho
04:41 AM Bug #6996: DHCP traffic getting blocked (still/again) with DHCP Relay enabled: https://github.com/pfsense/pfsense/pull/3263 (kindly commit to 2.3.x as well). Thanks. Kill Bill
04:31 AM Bug #6996 (Resolved): DHCP traffic getting blocked (still/again) with DHCP Relay enabled: Exact same issue as Bug #4558. The traffic is getting blocked since $dhcrelaycfg is nowhere defined.
Kill Bill
09:54 AM Bug #6850: FreeBSD 11.0 Route Syntax Change For Non-Local Gateway: It works well for me now, I can run the route command by hand and also apply settings in the GUI. Assigning back to t... Jim Pingle
09:44 AM pfSense Packages Bug #6971 (Closed): Interfaces.php: "Reserved Networks" checkboxes not shown: This issue appears to be limited to FireFox, but also seems to be fixed on pfSense 2.3.3 and later. Anonymous
09:44 AM pfSense Packages Feature #4548 (Resolved): syslog-ng interface doesn't allow rule ordering: Renato Botelho
09:06 AM pfSense Packages Feature #4548: syslog-ng interface doesn't allow rule ordering: Works. Kill Bill
09:19 AM Bug #6997 (Resolved): DHCP/DHCPv6 server GUI should be accessible even if DHCP relay is enabled: So, I wanted to copy the DHCP static leases from the GUI. Cannot do, since all I get is _"DHCP Relay is currently ena... Kill Bill
09:17 AM pfSense Packages Bug #6047 (Resolved): syslog-ng does not logrotate: Renato Botelho
08:58 AM pfSense Packages Bug #6047: syslog-ng does not logrotate: All working now. Kill Bill
09:17 AM pfSense Packages Bug #4518 (Closed): Pfsense 2.2 squid3 + negotiate_kerberos_auth: Renato Botelho
08:57 AM pfSense Packages Bug #4518: Pfsense 2.2 squid3 + negotiate_kerberos_auth: 2.2.x packages are not maintained, please close. Kill Bill
06:17 AM Bug #6978: Squidguard error page crashing after activating WebGUI PFSENSE https security: 1/ Dansguardian does not even exist as a pfSense package in 2.3.x.
2/ Whatever are you doing there, you cannot have... Kill Bill
06:04 AM Bug #6978: Squidguard error page crashing after activating WebGUI PFSENSE https security: I believe in something about dansguardian
If I'm wrong, please close the ticket. Paulo Lima
06:03 AM Bug #6978: Squidguard error page crashing after activating WebGUI PFSENSE https security: I believe in something about dansguardian Paulo Lima

12/08/2016

02:36 PM Bug #6940: OpenVPN management socket not listening after bootup / cannot restart the service.: Send by mail. Pi Ba
02:01 PM Bug #6940: OpenVPN management socket not listening after bootup / cannot restart the service.: Pi Ba wrote:
> My setup 'at work' running on ESXi has 5 openvpn instances running on a carp-ip. Its connected to sev... Renato Botelho
01:47 PM Bug #6940: OpenVPN management socket not listening after bootup / cannot restart the service.: My setup 'at work' running on ESXi has 5 openvpn instances running on a carp-ip. Its connected to several networks/vl... Pi Ba
07:05 AM Bug #6940: OpenVPN management socket not listening after bootup / cannot restart the service.: Can you give us more details about your setup? I couldn't replicate it on a box with some tunnels configured Renato Botelho
02:35 PM Bug #6333: Bootup starts/restarts dpinger multiple times: Luiz, when you are touching it, it would be nice to add code on PHP side to deal with interface in tentative state so... Renato Botelho
01:29 PM Bug #6850 (Feedback): FreeBSD 11.0 Route Syntax Change For Non-Local Gateway: Luiz pushed a fix for that deadlock. Next round of 2.4.0 snapshots will have it applied so we can test
https://git... Renato Botelho
01:14 PM Revision b8f13447: Fix #6857: During boot local_sync_acocunts() should be able to access LDAP server
on a non-local network or also resolve LDAP se... Renato Botelho
01:11 PM Revision 4c6135c2: Fix #6857: During boot local_sync_acocunts() should be able to access LDAP server
on a non-local network or also resolve LDAP se... Renato Botelho
11:52 AM Revision 8b82942f: Specify IP to set for zoneedit: (cherry picked from commit 176d24e1206586cc67888bcbd3a4d947f043a187) Phil Davis
11:52 AM Revision bde382dd: Merge pull request #3261 from phil-davis/zoneedit: Renato Botelho
11:32 AM Revision 176d24e1: Specify IP to set for zoneedit: Phil Davis
11:27 AM Revision eee6c580: Remove destination self from NAT 1:1: It is not needed and caused problems if used and was not remembered on
edit anyway.
(cherry picked from commit 6b8f9... Phil Davis
11:27 AM Revision ccb14855: Merge pull request #3260 from phil-davis/nat11noself: Renato Botelho
07:29 AM Bug #6995: Security Issue - SquidAnalyzer: There is no SquidAnalyzer anywhere in pfSense packages. If you are unable to secure random third-party stuff properly... Kill Bill
07:28 AM Bug #6995 (Rejected): Security Issue - SquidAnalyzer: There is no pfSense package by that name.
Furthermore, any package that runs its own daemon on an alternate port h... Jim Pingle
07:23 AM Bug #6995: Security Issue - SquidAnalyzer: If you open the URL directly, +access is accomplished *without* authentication+. Bruno Kammers
07:19 AM Bug #6995 (Rejected): Security Issue - SquidAnalyzer: I found this flaw when I was testing SquidAnalyzer.
I noticed that it is possible to access the URL of the package... Bruno Kammers
07:26 AM Bug #6879 (Feedback): GUI doesn't show rebooting notification after upgrading: It happened at some point but I couldn't reproduce it anymore. Leaving ticket in feedback state for now Renato Botelho
07:24 AM Bug #6367 (Feedback): Long delays with LDAP enabled w/local users during boot at "Synchronizing user settings...": I've pushed a fix for #6857 that should fix it Renato Botelho
07:20 AM Bug #6857 (Feedback): local_sync_accounts fails during boot when using ldap on a non-local network or hostname: Applied in changeset commit:4c6135c288444be99fbf18915e0e09d1d865ae25. Renato Botelho
07:11 AM Bug #6857 (Confirmed): local_sync_accounts fails during boot when using ldap on a non-local network or hostname: Renato Botelho
07:11 AM Bug #6857: local_sync_accounts fails during boot when using ldap on a non-local network or hostname: If ldap server is configured using hostname and it depends of local DNS resolver it also fails Renato Botelho
07:08 AM Bug #6949: username/password not used by proxy support: It's possible but doesn't sound quite the same. Here's a capture of the initial exchange I grabbed yesterday where th... Jim Pingle
02:30 AM Bug #6949: username/password not used by proxy support: @jimp: Perhaps this is relevant to HTTPS not working?
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=194483 Kill Bill
05:53 AM Bug #6992 (Feedback): ZoneEdit DDNS does not update to CARP IP: PR has been merged. Thanks! Renato Botelho
05:40 AM Bug #6992: ZoneEdit DDNS does not update to CARP IP: Maybe sending the proper "dnsto" parameter to Zoneedit will fix this, see Pull Request:
https://github.com/pfsense/p... Phillip Davis
03:24 AM Revision 6b8f9c35: Remove destination self from NAT 1:1: It is not needed and caused problems if used and was not remembered on
edit anyway. Phil Davis

12/07/2016

08:06 PM pfSense Packages Bug #6983: pfBlockerNG-2.1.1_4 requires xmlrpc.inc which is removed or moved: BBcan177 . wrote:
> Workaround here:
> https://forum.pfsense.org/index.php?topic=120040.0
>
That workaround do... Angel Torres
06:55 PM Revision 1060378f: Populate the HTTP_PROXY_AUTH env var. Ticket #6949: Jim Pingle
06:09 PM Revision 823b7a1a: Fix #6224 NAT edit - preserve user selections when input errors: 1) Edit a NAT Port Forward rule, change the destination type to "Network", but do not input any network address/mask.... Phil Davis
06:09 PM Revision bbe0c513: Merge pull request #3257 from phil-davis/patch-7: Renato Botelho
06:07 PM Revision bb0a0bb2: Feature #3151 Disable gateway monitoring actions: without disabling gateway monitoring.
This allows the user to continue to monitor the gateway with dpinger, so
they ... Phil Davis
06:07 PM Revision 92cdad2b: Merge pull request #3259 from phil-davis/disablegatewayactions: Renato Botelho
06:01 PM Bug #3973: Route 53 dynamic DNS provider fails to update record: The use of the UPCERT action in 6751 should address this bug. Jason McCormick
07:47 AM Bug #3973 (Feedback): Route 53 dynamic DNS provider fails to update record: Please check next round of 2.3.3 or 2.4.0 snapshots to make sure issue persists with current code Renato Botelho
03:37 PM Revision f396d2b7: Feature #3151 Disable gateway monitoring actions: without disabling gateway monitoring.
This allows the user to continue to monitor the gateway with dpinger, so
they ... Phil Davis
02:38 PM Bug #6994 (Closed): [Portuguese] - Traffic graphs shows overwritten words by traffic values: Changing language to Brazilian portuguese makes traffic graphs look oddly in dashboard. Larger "Entrada"/"Saida" word... Luzemario Dantas
02:32 PM Revision c7cecab8: Fix bandwidth limitation in mac passthrough auth: (cherry picked from commit aa1c6774927fd6e1b11a9315900035c0e084fd82) Jonatan Ramos
02:32 PM Revision e85f3a2b: Merge pull request #3130 from omnia-dev/master: Renato Botelho
01:41 PM Revision af41271b: move back to r53.class for license continuity: (cherry picked from commit 16b163661b1d1a5bcc9a24ce023f7a06c5fb420e) Jason McCormick
01:41 PM Revision 08698a02: note inspiration/sanity check from r53.class code: (cherry picked from commit 260228142573deeb8ef5eaee34c761ca783f8cd3) Jason McCormick
01:41 PM Revision db49d9ad: fix testing headers for bad data: (cherry picked from commit 8d8405baf12806a7f09ef8562cfb24f9083809d3) Jason McCormick
01:41 PM Revision 57298463: noted testing for Route53: (cherry picked from commit c46412956fb629a2f7dc94ca2a553444046a39c3) Jason McCormick
01:41 PM Revision 4bc737dc: Fixed status success message typo and cleaned up: (cherry picked from commit 166f4a4c67e61334791b43a21845603c1295ab2c) Jason McCormick
01:41 PM Revision 9783e0c2: fix auth header and minor XML tag issue: (cherry picked from commit 616a24828992d37ea67e810dbf9fd84ec80562e7) Jason McCormick
01:41 PM Revision a0dd4ec2: initial commit of code -- having a signing error: (cherry picked from commit cc5adcaa679686e54e4035fa5bc283b1cac085a2) Jason McCormick
01:35 PM Revision e61436df: Merge pull request #3155 from jxmx/6751_route53: Renato Botelho
01:14 PM Revision e102e1d9: php fatal error logging: (cherry picked from commit ae3463540ea0a3cc94c18ad9c7b829b2645e8910) Pi Ba
01:14 PM Revision 9f834c4b: Merge pull request #3193 from PiBa-NL/php_notice_fatal: Renato Botelho
01:14 PM Bug #6949: username/password not used by proxy support: I pushed some changes to populate the HTTP_PROXY_AUTH variable and it works for HTTP, but HTTPS does not work using t... Jim Pingle
12:56 PM Bug #6993 (New): OpenVPN status error during CARP state transition: Running two devices in HA and have stacked one IP Alias onto the CARP IP. If I bind a OpenVPN server to the IP Alias ... James Webb
12:10 PM Feature #3151 (Feedback): Disable gateway monitoring actions without disabling gateway monitoring: Merged, thanks! Renato Botelho
09:58 AM Feature #3151: Disable gateway monitoring actions without disabling gateway monitoring: I'll check it Renato Botelho
09:42 AM Feature #3151: Disable gateway monitoring actions without disabling gateway monitoring: I finally remembered and cared enough :)
Pull Request https://github.com/pfsense/pfsense/pull/3259
Phillip Davis
12:10 PM Bug #6224 (Feedback): Firewall NAT Edit forgets dst type selection after reporting input errors: Merged, thanks! Renato Botelho
11:42 AM Bug #6992 (Resolved): ZoneEdit DDNS does not update to CARP IP: When using ZoneEdit Dynamic DNS, using dual wan with a gateway group for failover, ZoneEdit domain gets the WAN/Inter... James Kohout
11:32 AM Bug #6990: DDNS IPs not updating after a system restart: HE.net has two kinds of service, the DDNS service and the IPv6 tunnel. You must be talking about HE.net Tunnelbroker ... Muchacha Grande
06:02 AM Bug #6990: DDNS IPs not updating after a system restart: The HE.net looks definitely wrong. As noted there, you should use the Tunnel ID, and NOT hostname. Kill Bill
05:48 AM Bug #6990: DDNS IPs not updating after a system restart: I'm using a no-ip and a he service. Both of them updating the same wan IPv4 address.
Could you please tell me what e... Muchacha Grande
10:28 AM Bug #6850: FreeBSD 11.0 Route Syntax Change For Non-Local Gateway: Opened a ticket upstream:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=215122 Renato Botelho
10:08 AM Bug #6850: FreeBSD 11.0 Route Syntax Change For Non-Local Gateway: Full config attached, but it's nothing special - default config + static address on WAN + off-subnet gateway. Jim Pingle
10:03 AM Bug #6850 (Confirmed): FreeBSD 11.0 Route Syntax Change For Non-Local Gateway: I was finally able to reproduce this reliably today, and out of 5 failures once I was able to catch what was consumin... Jim Pingle
07:48 AM Bug #6751 (Feedback): Route53 DynDNS Problems / Replace Route53 DynDNS Module: Renato Botelho
07:44 AM Bug #6751: Route53 DynDNS Problems / Replace Route53 DynDNS Module: PR has been merged, thanks! Renato Botelho
07:47 AM Bug #5054 (Feedback): Dynamic DNS - Route53 errors should probably be more verbose: Please check next round of 2.3.3 or 2.4.0 snapshots, that contain an updated code, to see if the issue persists Renato Botelho
07:45 AM Feature #6728: Route53 API mod and Geolocation: Matt, you mentioned you submitted a Pull Request, what is the #? Renato Botelho
07:29 AM Bug #6927: 1 to 1 NAT allows entry of mixed IP addresses: Pull Request https://github.com/pfsense/pfsense/pull/3258 Phillip Davis

12/06/2016

07:54 PM Revision a04cc2c5: NAT 1:1 edit - preserve user selections on edit-save with input errors: 1) Edit a NAT 1:1 rule, change the source and/or destination type to "Network", but do not input any network address/... Phil Davis
07:54 PM Revision 45d8b8a6: Merge pull request #3256 from phil-davis/patch-5: Renato Botelho
07:48 PM Revision cc99b298: Captive portal: add option to include idle time in total session time: Add an option to choose whether the time spent idle by a user disconnected for exceeding the idle timeout must be inc... Caio Plumbeo
07:48 PM Revision d253d5c6: Merge pull request #3249 from plumbeo/idletime-in-sessiontime: Renato Botelho
07:44 PM Revision 36868398: Add BIND logging to proper facility (Bug #5524): Stop the /etc/inc/system.inc patching by dns/pfSense-pkg-bind9 package.
(cherry picked from commit 957ec89e7959e966e8... Doktor Notor
07:44 PM Revision 7bcd5671: Merge pull request #3254 from doktornotor/patch-1: Renato Botelho
05:51 PM Revision 836c858f: Added STARTTLS to LDAP Auth Server Config: (cherry picked from commit d672403c250556ced61d6eec7c51f5518b5f8c6b) derelict-pf
05:51 PM Revision f459bcce: Merge pull request #3240 from derelict-pf/ldap_starttls: Renato Botelho
05:23 PM Revision f7405cd2: Fix #6224 NAT edit - preserve user selections when input errors: 1) Edit a NAT Port Forward rule, change the destination type to "Network", but do not input any network address/mask.... Phil Davis
03:59 PM Revision 9c8ce38b: Work around the NPt rule loading issue to load the rules as they were on previous versions. Fixes #6985: Jim Pingle
03:47 PM Revision d99ce9cc: NAT 1:1 edit - preserve user selections on edit-save with input errors: 1) Edit a NAT 1:1 rule, change the source and/or destination type to "Network", but do not input any network address/... Phil Davis
03:09 PM Revision 957ec89e: Add BIND logging to proper facility (Bug #5524): Stop the /etc/inc/system.inc patching by dns/pfSense-pkg-bind9 package. Doktor Notor
02:04 PM pfSense Packages Bug #5524: bind package is patching /etc/inc/system.inc (syslog configuration): That was fast, thanks. :) Kill Bill
01:45 PM pfSense Packages Bug #5524 (Feedback): bind package is patching /etc/inc/system.inc (syslog configuration): PRs have been merged. Thanks! Renato Botelho
09:43 AM pfSense Packages Bug #5524: bind package is patching /etc/inc/system.inc (syslog configuration): Plus https://github.com/pfsense/FreeBSD-ports/pull/223 Kill Bill
09:10 AM pfSense Packages Bug #5524: bind package is patching /etc/inc/system.inc (syslog configuration): https://github.com/pfsense/pfsense/pull/3254 Kill Bill
12:14 PM Revision 3dd6ce64: Merge pull request #3252 from phil-davis/unset_glxsb: Renato Botelho
12:13 PM Revision 13622c26: Merge pull request #3251 from phil-davis/dyndnsclass23: Renato Botelho
12:10 PM Revision cdcce1c4: Tidy input errors in services_ntpd_acls: 1) If there are multiple rows with invalid IP addresses then the same message was displayed multiple times. We might ... Phil Davis
12:10 PM Revision 71bafaa6: Merge pull request #3253 from phil-davis/patch-2: Renato Botelho
11:43 AM Feature #6989 (Closed): Add second IP to monitoring in "Gateway Monitoring": It would add a lot of complication and also increase the amount of time/processing it would take to notice an upstrea... Jim Pingle
11:32 AM Feature #6989: Add second IP to monitoring in "Gateway Monitoring": See:
https://redmine.pfsense.org/issues/4354
https://redmine.pfsense.org/issues/1189
for past discussion about thi... Phillip Davis
04:43 AM Feature #6989 (Closed): Add second IP to monitoring in "Gateway Monitoring": A problem arises when the gateway IP is available but the network behind the gateway is unavailable, or if alternativ... Vasyl Semenchuk
11:39 AM Bug #6224: Firewall NAT Edit forgets dst type selection after reporting input errors: Pull Request https://github.com/pfsense/pfsense/pull/3257 Phillip Davis
11:37 AM pfSense Packages Bug #6473 (Resolved): OpenVPN Client Export package - depends on vulnerable p7zip version (CVE-2016-2334, CVE-2016-2335): Jim Pingle
11:36 AM pfSense Packages Bug #6473 (Rejected): OpenVPN Client Export package - depends on vulnerable p7zip version (CVE-2016-2334, CVE-2016-2335): Not vulnerable to those. It was patched in the ports tree by FreeBSD back in July.... Jim Pingle
10:59 AM Bug #6982: Nested Aliases with FQDNs do not populate parent table in some cases: Here is the aliases export I am using to test. It should match the screenshot above. Chris Linstruth
10:21 AM Bug #6991 (Resolved): IPv6 traffic hitting a rule with policy routing and NPt fails/disappears: IPv6 NPt on its own works, and IPv6 policy routing on its own works, but if traffic hits a rule that sets it on a pat... Jim Pingle
10:10 AM Bug #6985 (Feedback): NPt rules are causing a filter error on 2.4: Applied in changeset commit:9c8ce38b01fb59dbd474367f77e8de67655f0275. Jim Pingle
10:05 AM pfSense Packages Feature #6176: Privilege for OpenVPN Client Export: Alexandre Paradis wrote:
> Would it be logical to Have a dropdown menu directly for Openvpn, and when clicked it wou... Kill Bill
09:23 AM pfSense Packages Bug #5940 (Resolved): Squid Local Authentication fails with passwords >8 characters: Jim Pingle
09:22 AM pfSense Packages Bug #5940: Squid Local Authentication fails with passwords >8 characters: Hi Jim,
I´ve tested with a recent version of the Squid package on amd64 and i386 (I know i386 is nearly dead).
Bo... Markus Brungs
08:17 AM pfSense Packages Bug #5940 (Feedback): Squid Local Authentication fails with passwords >8 characters: Jim Pingle
08:09 AM pfSense Packages Bug #5940: Squid Local Authentication fails with passwords >8 characters: Appears to be fixed: https://github.com/pfsense/FreeBSD-ports/blob/devel/www/pfSense-pkg-squid/files/usr/local/pkg/sq... Kill Bill
08:47 AM pfSense Packages Bug #6484 (Rejected): pfsense 2.3.1_1 does not accept haproxy advanced parameters: Jim Pingle
08:46 AM pfSense Packages Bug #6484: pfsense 2.3.1_1 does not accept haproxy advanced parameters: OSI layer-8 problem as noted above, can be closed. Kill Bill
08:01 AM pfSense Packages Bug #6019 (Closed): Squid service runs but doesn't process requests after reboot: Jim Pingle
07:58 AM pfSense Packages Bug #6019: Squid service runs but doesn't process requests after reboot: Duplicate of #5594. Squid won't work with CP. Kill Bill
07:56 AM pfSense Packages Bug #6636 (Feedback): Squid Reverse Proxy with Additional IP and compatibility="Intermediate" writes bad squid.conf: Jim Pingle
07:50 AM pfSense Packages Bug #6636: Squid Reverse Proxy with Additional IP and compatibility="Intermediate" writes bad squid.conf: Fixed by https://github.com/pfsense/FreeBSD-ports/commit/a6d15b81474396a043df664c2c645356d7718601 AFAICT, please test... Kill Bill
07:56 AM pfSense Packages Bug #6612 (Closed): squid Multi segmented downloading is broken: Jim Pingle
07:46 AM pfSense Packages Bug #6612: squid Multi segmented downloading is broken: In case you enabled "Cache Dynamic Content" and defined something there, then either disable it altogether or pick up... Kill Bill
07:48 AM Feature #6384: Allow IPSEC P1 to have 2 peer remote gateway IP addresses to allow VPN failover faster without requiring DDNS: We are well aware that strongSwan supports it, but it's not that simple. There are other factors to consider such as ... Jim Pingle
07:44 AM Feature #6384: Allow IPSEC P1 to have 2 peer remote gateway IP addresses to allow VPN failover faster without requiring DDNS: I'll add my tests since I need this feature as well
strongSwan 5.5.0 which is used in pfSense 2.3 already supports... Cristian Mammoli
07:37 AM Bug #6990 (Feedback): DDNS IPs not updating after a system restart: Not nearly enough detail.
What are the exact types and services used in your Dynamic DNS configuration? You can ob... Jim Pingle
06:14 AM Bug #6990 (Not a Bug): DDNS IPs not updating after a system restart: When the system shuts down and then restarts (for example after a power failure) unsing a DSL connection with PPPoE, ... Muchacha Grande
07:32 AM Bug #3885 (Duplicate): Dynamic DNS provider password containing special character ampersand &: Duplicate of / Fixed by #6688 Jim Pingle
07:27 AM pfSense Packages Bug #5736 (Closed): Squid did not authorize user with Captive Portal: Jim Pingle
07:18 AM pfSense Packages Bug #5736: Squid did not authorize user with Captive Portal: No idea what's this patching, certainly not the current code @ https://github.com/pfsense/FreeBSD-ports/blob/devel/ww... Kill Bill
07:25 AM pfSense Packages Bug #6083: Suqid Realtime Monitor / Squid Cache Table not diplaying correctly: I have no idea why's Squidguard logging something into Squid cache log. This is not a bug in Squid package, and given... Kill Bill
07:16 AM pfSense Packages Bug #5506 (Closed): Gateway restart stops service and does not restart Squid: Jim Pingle
07:09 AM pfSense Packages Bug #5506: Gateway restart stops service and does not restart Squid: Please close this. With Squid disabled, it won't ever start, let alone automatically restart. Kill Bill
06:41 AM pfSense Packages Bug #6419 (Resolved): RRD_Summary reports incorrect bandwidth statistics.: Renato Botelho
06:34 AM pfSense Packages Bug #6419: RRD_Summary reports incorrect bandwidth statistics.: Fixed by https://github.com/pfsense/FreeBSD-ports/pull/185, can be closed. Kill Bill
05:34 AM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: Sorry, seems like bug #6000 has been deleted and i was not refering to feature #6000 Rick Strangman
04:53 AM Revision 7c7d3605: Tidy input errors in services_ntpd_acls: 1) If there are multiple rows with invalid IP addresses then the same message was displayed multiple times. We might ... Phil Davis
03:29 AM Revision e030050d: Fix unset glxsb: This bit of upgrade_config code needs a global reference to $config Phil Davis
03:17 AM Revision be17e372: Backport Cloudflare and Gratis plus passwords in base64 DynDNS changes: Note: corresponding change to upgrade_config.inc to come in master to
correctly implement the upgrade_155_to_156 code... Phil Davis
01:57 AM pfSense Packages Bug #6988 (New): SNORT Package PHP memory error: Crash report begins. Anonymous machine information:
amd64
10.3-RELEASE-p9
FreeBSD 10.3-RELEASE-p9 #1 5fc1b... Zeev Zalessky

12/05/2016

10:42 PM pfSense Packages Bug #6987 (Closed): ntopng needs Google API key for GeoIP map: ntopng needs to be updated to a version that supports use of a Google API key and the ntopng settings page needs a fi... Stuart Wyatt
08:46 PM pfSense Packages Bug #6983: pfBlockerNG-2.1.1_4 requires xmlrpc.inc which is removed or moved: Workaround here:
https://forum.pfsense.org/index.php?topic=120040.0
Will try to push a fix as time permits. BBcan177 .
04:03 AM pfSense Packages Bug #6983 (Resolved): pfBlockerNG-2.1.1_4 requires xmlrpc.inc which is removed or moved: Hello,
I'm testing 2.4-BETA x64. Faced an issue with subject package installation:
@Warning: require_once(xmlrpc.... Dmitriy K
08:12 PM Revision 74213edf: Do not truncate IPv6 addresss in NTP widget (Bug #4815): (cherry picked from commit cd2c59c9839e38fa7cbd4ae217fe14883b086145) Doktor Notor
08:11 PM Revision fc6b7031: Merge pull request #4815 from doktornotor/patch-2: Renato Botelho
07:34 PM Revision f34e9794: Stopgap to keep filter reload errors from happening due to NPt rule errors. Ticket #6985: Jim Pingle
07:12 PM Revision b0787bc8: wbr tag needs a css compatibility fix for some browsers: See comment in the PR
(cherry picked from commit e67157bee85f71929d687e2c03020618f18c8f6d) Stilez y
07:11 PM Revision 0b037063: Merge pull request #3159 from stilez/patch-46: Jared Dillard
07:09 PM Revision fc709ad3: [theme] Compact-RED: fix `sortable` table fonts: (cherry picked from commit f84c1e1ef92e7e69e0eb8672a450a255ee2dfe95) Alexander Moisseev
07:09 PM Revision 9a275fb0: Merge pull request #3181 from moisseev/master: Jared Dillard
05:02 PM Bug #6823: No connectivity after changing link state to UP: Jim Thompson wrote:
> We would have to provide the ports of the Intel drivers as packages, and then allow people to ... C S
04:25 PM Revision d667692e: Start building tftpd package: Renato Botelho
04:25 PM Revision 7f62cada: Start building tftpd package: Renato Botelho
04:09 PM Revision eb44f662: remove bogus debug: Steve Beaver
04:08 PM Revision ac572fc1: remove bogus debug: Steve Beaver
03:47 PM Revision 30735b1e: Fixed #6454: Fixed #6984 Steve Beaver
03:45 PM Revision 3b1c0951: Fixed #6454: Fixed #6984 Steve Beaver
02:27 PM Bug #4815: NTP status widget shows truncated IPv6 address: Thanks as well.
(As for Status - NTP, AFAICT that'd require completely rewriting the code because of the "wonderf... Kill Bill
02:13 PM Bug #4815 (Feedback): NTP status widget shows truncated IPv6 address: PR has been merged, thanks! Renato Botelho
02:08 PM Bug #6986 (Resolved): reply-to is not functioning on pfSense 2.4: Rules in the ruleset have reply-to, but any rules matching inbound traffic on non-default WANs fail to fully establis... Jim Pingle
01:59 PM pfSense Packages Bug #3962: LADVD interface handling issues with lagg and bridge: As noted in the linked commit, it's not fixable in any reasonable way: https://github.com/pfsense/FreeBSD-ports/commi... Kill Bill
01:59 PM pfSense Packages Bug #6389 (Resolved): Suricata typo under interface rules tab: Jim Pingle
01:53 PM pfSense Packages Bug #6389: Suricata typo under interface rules tab: Fixed in 3.0_10, please close. Kill Bill
01:52 PM pfSense Packages Bug #5515 (Closed): Squid3 change log URL leads to a 404 error: Jim Pingle
01:51 PM pfSense Packages Bug #5515: Squid3 change log URL leads to a 404 error: Obsolete unmaintained 2.2.x stuff, please close. Kill Bill
01:21 PM Bug #6985 (Resolved): NPt rules are causing a filter error on 2.4: Network Prefix Translation rules that worked on 2.3.2 are causing a filter reload error on 2.4
Real addresses mask... Jim Pingle
10:45 AM Bug #6454 (Resolved): services_ntpd_acls.php: Can't change default options without setting custom access restriction: Anonymous
10:18 AM Bug #6454: services_ntpd_acls.php: Can't change default options without setting custom access restriction: Steve Beaver wrote:
> Applied in changeset commit:3b1c0951ddb913cefcf3aaca301c9a8803a50224.
Works, thanks. Kill Bill
09:50 AM Bug #6454 (Feedback): services_ntpd_acls.php: Can't change default options without setting custom access restriction: Applied in changeset commit:3b1c0951ddb913cefcf3aaca301c9a8803a50224. Anonymous
08:00 AM Bug #6454: services_ntpd_acls.php: Can't change default options without setting custom access restriction: Including the page name in the subject is helpful. Anonymous
07:44 AM Bug #6454: services_ntpd_acls.php: Can't change default options without setting custom access restriction: More issues with this page noted at #6984 Kill Bill
10:14 AM Bug #6984: NTP/ACLs - Delete button partially invisible + rowhelper handling broken: OK... The button now almost fits, plus the issues on the second and third screenshots seem to be indeed fixed.
!ht... Kill Bill
09:50 AM Bug #6984: NTP/ACLs - Delete button partially invisible + rowhelper handling broken: Applied in changeset commit:3b1c0951ddb913cefcf3aaca301c9a8803a50224. Anonymous
09:48 AM Bug #6984 (Feedback): NTP/ACLs - Delete button partially invisible + rowhelper handling broken: Both issues fixed in JavaScript Anonymous
07:54 AM Bug #6984: NTP/ACLs - Delete button partially invisible + rowhelper handling broken: Playing with Delete is apparently lot of fun, also managed to produce this result:
!https://s15.postimg.org/x7rx3x... Kill Bill
07:43 AM Bug #6984 (Resolved): NTP/ACLs - Delete button partially invisible + rowhelper handling broken: Beyond #6454 (still unfixed), there are other issues with this thing, such as:
- the button not fitting the page
... Kill Bill
07:53 AM Bug #6972: "Are you sure you wish to?" prompts and other issues with deleting networks from network-type aliases: OK, after a bit of clicking, this is definitely not limited to aliases, let alone network-type ones. I managed to get... Kill Bill
04:17 AM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: @Marcel
It would be interesting to see what your dhcp6 is doing at the same time, could you post a snippit of both... Martin Wasley

12/04/2016

05:42 PM pfSense Packages Bug #6378: inline background styles in squidguard package: Anyone filling bugs about this package should consider a bounty to get it rewritten from scratch. I guess nothing sho... Kill Bill
12:49 PM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: Thank you Rick Strangman for the reply. I don't think, the issus are similar.
The Update will be scheduled for next ... Marcel Mayer
08:58 AM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: #6000 is about virtual IP's or am I missing something... quite possible at my age. :) Martin Wasley
06:36 AM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: Does this issue seem similar to bug #6000? If so I can probably help.
Rick Rick Strangman
05:01 AM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: Can I make a suggestion. Before you do any major revision updates save a copy of your config file in case you wish to... Martin Wasley
09:44 AM Revision cd2c59c9: Do not truncate IPv6 addresss in NTP widget (Bug #4815): Doktor Notor
06:24 AM pfSense Packages Bug #6473: OpenVPN Client Export package - depends on vulnerable p7zip version (CVE-2016-2334, CVE-2016-2335): Bump, this is still not fixed. Please, upgrade to 16.02. Kill Bill
01:04 AM Feature #6620: CoDel, FQ-CoDel, PIE and FQ-PIE AQMs: I think it's late for 2.4, since it's beta. Vladimir Suhhanov

12/03/2016

11:43 PM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: Go to System->Updates->Update Settings, change Branch to "Development Snapshots" and save.
Now it will show an upgra... Phillip Davis
11:29 AM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: The addresses are not changing. They stay.
What do you preffer or suggest? Updating would be ok for me. Is it possib... Marcel Mayer
10:30 AM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: Marcel Mayer wrote:
> As you can see here (logfiles attached in threads!)
>
> (English)https://forum.pfsense.org/... Martin Wasley
05:01 AM Bug #6981 (Closed): IPv6, rc.newwanipv6, flooding log and resets connection periodically: As you can see here (logfiles attached in threads!)
(English)https://forum.pfsense.org/index.php?topic=119439.0
... Marcel Mayer
05:03 PM Revision 1878e1c9: Captive portal: add option to include idle time in total session time: Add an option to choose whether the time spent idle by a user disconnected for exceeding the idle timeout must be inc... Caio Plumbeo
02:24 PM Bug #6982: Nested Aliases with FQDNs do not populate parent table in some cases: I should add that the only alias present in any rules is groupone. It is on LAN pass IPv4 any from LAN net destinatio... Chris Linstruth
02:07 PM Bug #6982 (Resolved): Nested Aliases with FQDNs do not populate parent table in some cases: In some cases a nested alias containing FQDNs does not populate the parent table until filterdns runs again at its in... Chris Linstruth
01:36 PM Revision 45541aae: Form_IpAddress add types remove patterns: 1) Add alias and host types to Form_IpAddress with the appropriate hover
text.
2) Remove the patterns - the UI of tho... Phil Davis
01:04 PM Revision 0f2fbcd7: fix typo from merge: Jason McCormick
01:00 PM Revision a5676b5d: Merge remote-tracking branch 'upstream/master' into 6751_route53: Jason McCormick
06:42 AM Feature #6620: CoDel, FQ-CoDel, PIE and FQ-PIE AQMs: bounty request with more forum links https://forum.pfsense.org/index.php?topic=90942.0 Michael Kellogg
06:31 AM Feature #6620: CoDel, FQ-CoDel, PIE and FQ-PIE AQMs: forum link
https://forum.pfsense.org/index.php?topic=121198.0 Michael Kellogg
06:30 AM Feature #6620: CoDel, FQ-CoDel, PIE and FQ-PIE AQMs: Can we get this added into 2.4 ?? Michael Kellogg
04:22 AM Revision 7d4d9ec5: Remove the PHP limit from diag_dump_states(), it is now managed on pfSense_get_pf_state().: Luiz Souza
02:49 AM Bug #6319: DHCP6 DDNS tsig key missing from dhcpv6.conf for reverse zone: Can someone have another look at this please? IMHO this seems to be a simple fix. Unfortunatelly i don't have the cod... Bogdan P

12/02/2016

07:41 PM Revision f829a8d3: OpenVPN populates IPv6 env vars now, so we can fetch them for the IPv6 gateway. Fixes #6016: Jim Pingle
06:18 PM Revision 8ec77040: Fix indent: Jim Pingle
06:18 PM Revision da83e212: Merge pull request #3145 from skrude61/master: Jim Pingle
06:04 PM Revision 01d98377: Create a dummy /etc/printcap when starting bsnmpd so it it will not log errors. Fixes #6838: Jim Pingle
06:04 PM Revision 26be03d7: Create a dummy /etc/printcap when starting bsnmpd so it it will not log errors. Fixes #6838: Jim Pingle
06:03 PM Revision 63b44eed: Create a dummy /etc/printcap when starting bsnmpd so it it will not log errors. Fixes #6838: Jim Pingle
05:51 PM Revision bb6d61b1: Add www/pound to the list of packages to build. Fixes #6793: Jim Pingle
05:15 PM Revision 80bc583c: Standardize and fix 'other' type VIP display on NAT pages. Fixes #6094: Jim Pingle
05:15 PM Revision d2ce7d30: Fix 'Other' type VIP options. Ticket #6094: While here, remove some defunct 'range' code that was never used. Jim Pingle
04:48 PM Revision 2a38eaf4: interfaces, show error message if adding duplicate gateway: (cherry picked from commit e8517c7c16b8a845333c7d0e91f552144e6b5560) Pi Ba
04:47 PM Revision 778f9885: Merge pull request #3213 from PiBa-NL/interfaces-gateway-message: Renato Botelho
04:00 PM Revision d7155857: Clarified help text for ddnsforcehostname option.: (cherry picked from commit 9ca5d4abf949e088d6f1966003a6bf957f3cbdf6) Ross Williams
04:00 PM Revision 6a2c8e35: Added title to ddnsforcehostname checkbox: (cherry picked from commit cfc10a3364fee9ab220b9ada5584bfbe62ba800c) Ross Williams
04:00 PM Revision 7b0df184: Removed TODO comment: (cherry picked from commit a7e3001c740c79da652a9a4d53509e95adaf0c77) Ross Williams
04:00 PM Revision e8f2eb8d: Add ddnsforcehostname option to DHCP6 Server configuration editor: (cherry picked from commit 1a6bda5b389df05d6dac024e8445d3a00e01e823) Ross Williams
04:00 PM Revision eeffd48c: Add ddnsforcehostname option to DHCP Server configuration editor: (cherry picked from commit cf15bcb41f5befb3668f4608aafeddcb8bb18a58) Ross Williams
04:00 PM Revision 149575ae: Add ddnsforcehostname option to Static Mapping editor: (cherry picked from commit 62abab65c9c3fb010862201b327b426b3b9fc3b8) Ross Williams
04:00 PM Revision 8960e397: Put DDNS hostname config in the wrong place: It is relevant to the interface, not just the per-static-mapping DDNS config.
(cherry picked from commit f0cce276a6c... Ross Williams
04:00 PM Revision 25b18b5d: Implement ddns-hostname option emission for static hosts in services.inc.: (cherry picked from commit 011f550d9b6d5980bd486af3254b387d3019783b) Ross Williams
03:59 PM Revision 6cb599da: Merge pull request #3246 from overhacked/dhcpd-dyndns-force-hostname: Renato Botelho
03:51 PM Revision d2ad2359: Add missing L2TP from this gateway handling case. Fixes #6980: Jim Pingle
03:51 PM Revision 8091b5d7: Add missing L2TP from this gateway handling case. Fixes #6980: Jim Pingle
03:50 PM Revision 3343571b: Add missing L2TP from this gateway handling case. Fixes #6980: Jim Pingle
03:34 PM Revision d265a53b: Fix reversed accounting style: (cherry picked from commit f3838572c59ea5ebe656851511c75d217afec815) Caio Plumbeo
03:34 PM Revision 45a84d8d: Fix reversed accounting style: (cherry picked from commit f3838572c59ea5ebe656851511c75d217afec815) Caio Plumbeo
03:34 PM Revision 00847ca8: Merge pull request #3247 from plumbeo/fix-reverse-acct: Renato Botelho
02:04 PM Feature #2766: status_openvpn.php needs IPv6 support: Still missing in OpenVPN 2.3.13 Jim Pingle
02:03 PM Bug #6249 (Duplicate): OpenVPN widget does not show client instance's IPv6 address: Duplicate of #2766
When OpenVPN properly populates IPv6 addresses in the status output, we can include them in the... Jim Pingle
01:50 PM Bug #6016 (Feedback): ovpn-linkup not populating IPv6 gateways: Applied in changeset commit:f829a8d3258e377b778ac84a1f2f345b8a79b766. Jim Pingle
01:46 PM Bug #6016: ovpn-linkup not populating IPv6 gateways: Fix pushed, will show momentarily.
!http://i.imgur.com/oDe2MhN.png! Jim Pingle
01:46 PM Revision e6fa3b22: Add decoration to "On latest version" message: Steve Beaver
01:10 PM Revision c73a2f31: Revise status messages. Adjust PID file timeout to accommodate slower systems: Steve Beaver
12:10 PM Bug #6838 (Feedback): bsnmpd logs errors when /etc/printcap is missing: Applied in changeset commit:63b44eed9eeaa32567c1234c37dbce2e15dc8d37. Jim Pingle
12:08 PM Bug #6751: Route53 DynDNS Problems / Replace Route53 DynDNS Module: Link to the associated PR: https://github.com/pfsense/pfsense/pull/3155 Jim Pingle
12:00 PM Feature #6793 (Feedback): Add pound package to the pfSense repository: Applied in changeset commit:bb6d61b1028697fe0e9e9a3b91a9b5491654319f. Jim Pingle
11:39 AM Bug #6495 (Resolved): No default route on PPPoE after reconnect or IP change in some cases: Jim Pingle
11:36 AM Bug #6925: System Update Failed: Ok ... But I can only update by removing the network cable after midnight and plugging in only on it. But in my netwo... Edson Bueno
10:06 AM Bug #6925 (Resolved): System Update Failed: Jim Pingle
11:25 AM Bug #4326 (Resolved): Limiters on firewall rules where NAT applies drop all traffic: All indications are that this is fixed now, from my own tests and from user feedback. Jim Pingle
11:20 AM Bug #6094 (Feedback): VIP Other subnet does not expand into NAT entries: Applied in changeset commit:80bc583c2365a0df606f409f6526385b1f0d8023. Jim Pingle
10:08 AM Feature #4351 (Resolved): Allow to disable BOOTP in DHCP server: Works Jim Pingle
10:00 AM Bug #6980 (Feedback): L2TP WAN gateway is missing the type at the end of its dynamic name: Applied in changeset commit:3343571b7f4c9c705869798ffc01bf9897d20aa0. Jim Pingle
09:50 AM Bug #6980 (Resolved): L2TP WAN gateway is missing the type at the end of its dynamic name: an L2TP WAN dynamic gateway ends in "_", for example "WAN_L2TP1_" when it should end with the type, such as "WAN_L2TP... Jim Pingle
09:53 AM Todo #4706 (Resolved): MPD needs to be upgraded to version 5 even for the various other tunnels: Looks good, no sign of mpd4, services still work. Jim Pingle
09:29 AM Bug #6393 (Resolved): SMART service handling is incomplete/missing: Jim Pingle
09:24 AM pfSense Packages Bug #6878 (Resolved): how to use snort, squid and squid_guard with a ram disk: Seems to be working. Jim Pingle
09:13 AM Bug #6953 (Resolved): on mismatching private key for CA, "edit user" silently creates user cert using different CA: Jim Pingle
09:13 AM Bug #6952 (Resolved): Generating user certs from imported CA fails silently when no starting serial# is set: Works better now. If it's left blank, it's assumed to be 0. Jim Pingle
09:11 AM Bug #6947 (Resolved): Deleting an external CA wipes certificates in use: Jim Pingle
09:01 AM Todo #5538 (Resolved): remove symlinks from /etc/ to /var/etc/: Looks good, I don't see any left. Jim Pingle
09:00 AM Todo #5368 (Resolved): Review /etc/ttys for serial console: Consoles are working on all 2.4 versions. Jim Pingle
08:56 AM Bug #6658 (Resolved): DHCP Relay not working on 2.3.2: Jim Pingle
07:58 AM Feature #6979 (Duplicate): Create a rule using asn: Duplicate of #3393, and Phil's right, that can be done in pfBlocker already. Jim Pingle
05:33 AM Feature #6979: Create a rule using asn: This can be done with pfBlockerNG - example at https://forum.pfsense.org/index.php?topic=118431.0
A more manual meth... Phillip Davis
03:52 AM Feature #6979 (Duplicate): Create a rule using asn: Create a rule using ASN
Example: block AS51773 Softonic adware and useless network. Oscar Francia

12/01/2016

09:02 PM Revision ad477ffa: Remove the broken e-mail options from diag_smart.php. Fixes #6393: Jim Pingle
08:43 PM Revision 66e5d4f2: Print a message about SMART not working on uFW/SG-1000 (smartmontools is not available there): Jim Pingle
04:18 PM Revision 1f4d1851: Remove extraneous ): Renato Botelho
04:17 PM Revision cf15d484: Remove extraneous ): Renato Botelho
04:04 PM Revision f3838572: Fix reversed accounting style: Caio Plumbeo
03:10 PM Bug #6393 (Feedback): SMART service handling is incomplete/missing: Applied in changeset commit:ad477ffafc4491ccc7a9c69686cfdb404e6a7bca. Jim Pingle
11:54 AM Bug #4479: Firewall rules won't match GRE interface after applying IPSEC transport encryption on GRE tunnel: Jim Pingle wrote:
> Testing on 2.4 won't be reliable until #6937 is fixed.
Apparently this only affects mobile IP... Jonathan Black
11:48 AM Bug #6937: Inbound traffic on enc0 is not creating a state with mobile IPsec: After some more testing this appears to be a problem only with mobile IPsec, specifically (at least) IKEv2 EAP-RADIUS... Jim Pingle
11:35 AM Bug #6978 (Not a Bug): Squidguard error page crashing after activating WebGUI PFSENSE https security: Blocking of pages by the capture of SSL works well, however when it activates the https security of webgui, the page ... Paulo Lima
12:53 AM Bug #6975: <Hostname> is omitted when sending logs on syslog: Jim Pingle wrote:
> Remote syslog data doesn't include the hostname, that is up to the receiving log server to handl... Idar Lund

11/30/2016

10:45 PM pfSense Packages Feature #4548: syslog-ng interface doesn't allow rule ordering: Thanks, that's a better solution. ;) Kill Bill
07:04 AM pfSense Packages Feature #4548 (Feedback): syslog-ng interface doesn't allow rule ordering: I've pushed a fix Renato Botelho
07:44 PM Bug #5413: Reduce disruptions when changing DNS records from DHCP leases in Unbound: Michael Marley wrote:
> Unbound is restarted directly by "dhcpleases"
Please post a Github link to the file + lin... ky41083 -
07:32 PM Bug #5413: Reduce disruptions when changing DNS records from DHCP leases in Unbound: With the patch above applied, and "Register DHCP leases in the DNS Resolver" enabled, the Unbound service does not re... ky41083 -
04:17 PM Revision 7f927cf4: Correct "not ready" flag: Steve Beaver
04:16 PM Revision 4a140c44: Correct "not ready" flag: Steve Beaver
03:55 PM Revision b4dd9f25: Allow for slower uFW by removing log file before upgrading, and allowing more time for the PID to appear: Steve Beaver
02:47 PM Revision 9ca5d4ab: Clarified help text for ddnsforcehostname option.: Ross Williams
02:38 PM Revision cfc10a33: Added title to ddnsforcehostname checkbox: Ross Williams
02:29 PM Revision a7e3001c: Removed TODO comment: Ross Williams
12:19 PM Bug #6977 (New): VLAN traffic is erroneously counted as underlying iface (untagged) traffic: On my pfs box I have one port carrying 3 subnets: first untagged and 2 other are VLANs, so the following layout:
igb... Dmitry Kernel
10:02 AM Bug #6963 (Resolved): SSH Keyboard-Interactive Authentication fails on 2.3.2/2.4: Working now Jim Pingle
09:35 AM Bug #6588: PHP suhosin max value length prevents Quagga OSPF from storing a very large zebra.conf: Attempting to store that large of value hits a suhosin variable limit. I updated the description of the ticket to mat... Jim Pingle
08:27 AM Bug #5993: dhcp6c not started until an RA received: I can see why it would end up being called twice since in certain combinations of configurations the script would end... Jim Pingle
03:53 AM Bug #5993: dhcp6c not started until an RA received: JimP, please look at the last entry here. Jim Thompson
02:45 AM Bug #5993: dhcp6c not started until an RA received: Whilst having a look at another issue, the fabled no release on dhcp6c option, I noticed on WAN intergace startup tha... Martin Wasley
08:21 AM Bug #6969 (Resolved): Insufficient error checking on static ARP entries: Jim Pingle
08:19 AM Bug #6969: Insufficient error checking on static ARP entries: Seems fixed in todays 2.4 snapshots.
It won't allow the static DHCP lease to be submitted and the error message giv... Steve Wheeler
07:20 AM Bug #6975 (Rejected): <Hostname> is omitted when sending logs on syslog: Remote syslog data doesn't include the hostname, that is up to the receiving log server to handle. Jim Pingle
03:55 AM Bug #6975 (Rejected): <Hostname> is omitted when sending logs on syslog: When sending "filterlog" over syslog the standard defined in https://doc.pfsense.org/index.php/Filter_Log_Format_for_... Idar Lund
07:16 AM Bug #6976 (Confirmed): Interface group and alias with same name creates firewall syntax error: This is also a problem on 2.4.
Input validation should prevent an alias from using a name that is already an inter... Jim Pingle
06:21 AM Bug #6976 (Resolved): Interface group and alias with same name creates firewall syntax error: The firewall fails to reload when using the same name for an alias and interface group.
Steps to reproduce:
1. Cr... Sander Peterse
07:06 AM pfSense Packages Bug #6547 (Feedback): syslog-ng log browser only shows the first few lines: PR has been merged Renato Botelho
04:05 AM pfSense Packages Bug #6763: Squid ClamAv wrong redirect URL: Frank Pineau wrote:
> I'm seeing the same redirect behavior.
Exact my problem.
So please reopen the issue. @... Richard Eberhard
03:33 AM Revision 1a6bda5b: Add ddnsforcehostname option to DHCP6 Server configuration editor: Ross Williams
03:30 AM Revision cf15bcb4: Add ddnsforcehostname option to DHCP Server configuration editor: Ross Williams
03:21 AM Revision 62abab65: Add ddnsforcehostname option to Static Mapping editor: Ross Williams
03:14 AM Revision f0cce276: Put DDNS hostname config in the wrong place: It is relevant to the interface, not just the per-static-mapping DDNS config. Ross Williams
03:01 AM Bug #6974 (Resolved): radvd enabled on a disconnected interface kills RA completely on all interfaces: After much head scratching about why devices are not getting v6 IPs any more, nothing short of disabling it on the di... Kill Bill
02:55 AM Revision 011f550d: Implement ddns-hostname option emission for static hosts in services.inc.: Ross Williams

11/29/2016

07:34 PM pfSense Packages Bug #6763: Squid ClamAv wrong redirect URL: I'm seeing the same redirect behavior. I can confirm that changing the GUI does update the squidclamav.conf file as i... Frank Pineau
07:18 PM Revision 75e80f16: If there are input errors when creating a user certificate from the user manager, stop and show the errors rather than appearing to fail silently. Fixes #6953: Jim Pingle
07:13 PM Revision 2cf5db21: Ensure that the submitted private key matches the certificate or CA when importing. Ticket #6953: Jim Pingle
06:48 PM Revision ab63443a: Fix certificate generation for CAs without a serial set on import. Fixes #6952: Jim Pingle
06:45 PM Bug #6588: PHP suhosin max value length prevents Quagga OSPF from storing a very large zebra.conf: Yet another Chris left so the bug went into an unassigned state.
JimP please verify, and assign back to me if we c... Jim Thompson
06:34 PM Revision 80080a0c: When deleting a CA, do not delete all certificates from this CA, only remove the CA reference from certificates that used this CA, as the relationship can be rebuilt if needed. Also, prevent in-use CAs from being deleted and print a list of places a CA is used, similar to the output on certificates. Fixes #6947: Jim Pingle
06:32 PM Revision e2c718c8: Add some CA in-use test utility functions. Ticket #6947: Jim Pingle
05:01 PM Revision cce6c834: Fix the static ARP test: Jim Pingle
04:57 PM Revision 04fe6f00: Update setup_wizard.xml: (cherry picked from commit b0b2af901f352dbbaad0b09d06fe7adb105ff7a4) Jonathon Anderson
04:57 PM Revision 04d7836b: LAN IP validation logic: (cherry picked from commit 6a365a4c80aced41ec87ad93ed2c986d9935a4ea) Jonathon Anderson
04:57 PM Revision d1a4cb8d: Update setup_wizard.xml: (cherry picked from commit 3ad0f9b63f690f77cf8c4d398b521eba6909f0bc) Jonathon Anderson
04:57 PM Revision ab5f464a: update conditional re:LAN dhcp: (cherry picked from commit 0eb2512f93c7e187511ea258948715c2e230e98f) Jonathon Anderson
04:57 PM Revision bdffccfd: update LAN regex for case insensitivity: (cherry picked from commit 32980f321e854bf008efa04ee9187553231b6423) Jonathon Anderson
04:56 PM Revision 31ec01c3: Merge pull request #3219 from NonSecwitter/patch-2: Renato Botelho
04:53 PM Revision 4a77c4ea: - added support for duiadns.net ipv4 and ipv6: (cherry picked from commit 19b7263e859243adfcf6588533cb47b4c768765e) Ionut
04:53 PM Revision 473f37a9: Merge pull request #3239 from duiadns/master: Renato Botelho
04:40 PM Revision 6cade780: IPv6 address can contain a dot: When requiring the entry of an IPv6 address, the regex pattern should still allow a dot, so that an IPv6 address can ... Phil Davis
04:39 PM Revision 6a320efb: Merge pull request #3241 from phil-davis/patch-2: Renato Botelho
04:37 PM Revision 6e623580: Captive portal: use "Admin Reset" as termination cause when disconnecting a user from admin UI: When a user is disconnected by the administrator using the pfSense captive portal status page or widget set the value... Caio Plumbeo
04:37 PM Revision 993ff722: Merge pull request #3243 from plumbeo/term-cause: Renato Botelho
04:33 PM Revision 7b861bce: clarified input format hint for expiration date: (cherry picked from commit 98b87cfafe8a890787ca5d22a1089678b9b250ac) Jonathon Anderson
04:33 PM Revision 890a80eb: Merge pull request #3244 from NonSecwitter/patch-3: Renato Botelho
03:53 PM Revision 7a9c12b3: Improve input validation on static ARP for DHCP static mapping entries, also prevent the backend from attempting to apply entries with insufficient information stored. Fixes #6969: Jim Pingle
02:47 PM Revision 98b87cfa: clarified input format hint for expiration date: Jonathon Anderson
02:34 PM Revision 2a119ed3: Captive portal: use "Admin Reset" as termination cause when disconnecting a user from admin UI: When a user is disconnected by the administrator using the pfSense captive portal status page or widget set the value... Caio Plumbeo
02:29 PM Revision 481db4fe: Reword/rework wireless note on assignment page. Ticket #6770: Jim Pingle
01:24 PM Bug #6947: Deleting an external CA wipes certificates in use: The cert case is much simpler since there is a field for that directly. All the code has to check for is that the cer... Jim Pingle
01:13 PM Bug #6947: Deleting an external CA wipes certificates in use: Jim Pingle wrote:
> That would require some more work to detect if it's the GUI cert's issuer.
Hmmm well, that al... Kill Bill
01:08 PM Bug #6947: Deleting an external CA wipes certificates in use: That would require some more work to detect if it's the GUI cert's issuer, and the GUI cert could be self-signed, sin... Jim Pingle
01:06 PM Bug #6947: Deleting an external CA wipes certificates in use: Looks pretty good. CA in use detection works (tested with OpenVPN server, IPsec and LDAP), plus can no longer be dele... Kill Bill
12:40 PM Bug #6947 (Feedback): Deleting an external CA wipes certificates in use: Applied in changeset commit:80080a0c8b5949b1af97d1d49b4cc834d06875cf. Jim Pingle
01:19 PM Bug #6953 (Feedback): on mismatching private key for CA, "edit user" silently creates user cert using different CA: I was unable to reproduce the problem exactly as stated, but I added validation code to prevent incorrect keys from b... Jim Pingle
12:50 PM Bug #6952 (Feedback): Generating user certs from imported CA fails silently when no starting serial# is set: Applied in changeset commit:ab63443a9184f42f6a47907e5f2d3fbab6ff043e. Jim Pingle
11:16 AM Bug #4479: Firewall rules won't match GRE interface after applying IPSEC transport encryption on GRE tunnel: Testing on 2.4 won't be reliable until #6937 is fixed. Jim Pingle
11:15 AM Bug #4479: Firewall rules won't match GRE interface after applying IPSEC transport encryption on GRE tunnel: It appears to be worse than before now too.... ICMP doesn't work across the tunnel now either. Jonathan Black
11:07 AM Bug #4479: Firewall rules won't match GRE interface after applying IPSEC transport encryption on GRE tunnel: Jorge Albarenque wrote:
> I can confirm this still occurs on 2.3.2. Probably worth checking on 2.4 since Chris had m... Jonathan Black
04:47 AM Bug #4479: Firewall rules won't match GRE interface after applying IPSEC transport encryption on GRE tunnel: I can confirm this still occurs on 2.3.2. Probably worth checking on 2.4 since Chris had mentioned it seemed to be re... Jorge Albarenque
10:50 AM pfSense Packages Bug #6603: pfblockerng's Unbound modifications leave system broken post-config restore: It's still a problem on 2.3 and 2.4... Jim Pingle
10:00 AM Bug #6969 (Feedback): Insufficient error checking on static ARP entries: Applied in changeset commit:7a9c12b3d6e01e11ec0af3a6690a5c3de2fbbd2e. Jim Pingle
09:35 AM Bug #6973 (Duplicate): OpenVPN fails to verify client certificate when using intermediate CAs to sign server/user certs: Duplicate of #2800 which is fixed on 2.4 already. Jim Pingle
09:22 AM Bug #6973 (Duplicate): OpenVPN fails to verify client certificate when using intermediate CAs to sign server/user certs: I am using pfSense and OpenVPN with a few intermediate CAs to seperate VPN servers by project:... Harald Linden
08:31 AM Bug #6770 (Resolved): 802.11 stack on FreeBSD 11 requires changes to support its new device creation method: It's working well now.
I updated the wiki and book to follow the new requirement, and made a slight adjustment to ... Jim Pingle
07:13 AM Bug #6972: "Are you sure you wish to?" prompts and other issues with deleting networks from network-type aliases: An example:
!https://s14.postimg.org/7fgw3jrxd/aliases_delete_wth.png! Kill Bill
07:02 AM Bug #6972 (Resolved): "Are you sure you wish to?" prompts and other issues with deleting networks from network-type aliases: I randomly keep getting a nonsensical "Are you sure you wish to?" prompt when deleting networks from network-type al... Kill Bill

11/28/2016

10:09 PM pfSense Packages Bug #6968: Snort VRT Rules Fail to automatically update SSL read error: Well, apparently not a package bug. Kill Bill
05:31 PM pfSense Packages Bug #6968: Snort VRT Rules Fail to automatically update SSL read error: Kill Bill wrote:
> You have pfBNG installed and Amazon S3 blocked?
Nope only package I have installed is snort.
... rub man
09:43 AM pfSense Packages Bug #6968: Snort VRT Rules Fail to automatically update SSL read error: You have pfBNG installed and Amazon S3 blocked? Kill Bill
08:54 AM pfSense Packages Bug #6968 (Rejected): Snort VRT Rules Fail to automatically update SSL read error: pfsense version: 2.3.2-RELEASE-p1 (amd64)
Snort Version: 3.2.9.1_14
Automatic update fails with following errors... rub man
09:14 PM pfSense Packages Bug #6971 (Closed): Interfaces.php: "Reserved Networks" checkboxes not shown: Using Windows 10 snap window function to resize Firefox to half the display size causes the checkboxes on Reserve Net... Bart K
09:12 PM Bug #4479: Firewall rules won't match GRE interface after applying IPSEC transport encryption on GRE tunnel: yet another case where we lost track of the bug because Chris just removed himself when he left.
assigned back to ... Jim Thompson
09:08 PM Bug #6938: DNS with OpenVPN gateway specified is routed through wrong interface. 2.4 regression.: i think this is a freebsd bug, might be fixed. Jim Thompson
09:04 PM Bug #6947: Deleting an external CA wipes certificates in use: please validate and hand back. Jim Thompson
09:03 PM Feature #6960: Introduce Kea DHCP as an alternative DHCP server for IPv4 and IPv6: they moved because it's better.
but they have a really large environment.
we've known about kea for a while. (... Jim Thompson
08:57 PM pfSense Packages Bug #6603: pfblockerng's Unbound modifications leave system broken post-config restore: JimP, please verify, and if not valid, close.
If valid, please hand-off to bbcan117 Jim Thompson
08:11 PM Bug #6970 (Rejected): Update pfSense 2.3 to Unbound 1.5.10: It's already in 2.3.3 snapshots Jim Pingle
07:57 PM Bug #6970 (Rejected): Update pfSense 2.3 to Unbound 1.5.10: I noticed the Unbound version pfSense is shipping is a bit old at 1.5.9. The latest release is 1.5.10. The .10 releas... Brad Smith
03:35 PM Revision d68efad1: Fix System Update link: Renato Botelho
03:35 PM Revision 85b36c34: Fix System Update link: Renato Botelho
01:16 PM Revision cacbc2cb: Send packages to files03 too: Renato Botelho
01:16 PM Revision f74e2105: Send packages to files03 too: Renato Botelho
01:15 PM Revision c3d2384b: Send packages to files03 too: Renato Botelho
12:01 PM Bug #6969 (Confirmed): Insufficient error checking on static ARP entries: Adding a note to clarify: It is OK for "IP address" to be blank/empty if "ARP Table Static Entry" is unchecked. Jim Pingle
11:40 AM Bug #6969 (Resolved): Insufficient error checking on static ARP entries: When creating a static DHCP lease entry the GUI input checking does not prevent checking 'static ARP' without enterin... Steve Wheeler
11:14 AM Bug #6963: SSH Keyboard-Interactive Authentication fails on 2.3.2/2.4: Applied in changeset commit:b35fc4331ac78f9459db00be04dc6b077f168593. Jim Pingle
08:43 AM Bug #6223: IPsec + OpenBGPD fails with "PF_KEY socket: No buffer space available": To all having this problem - while there is no fix yet, I have put together a workaround I have been using successful... Firstname Surname
08:08 AM Bug #6966: Display bug in Status / IPsec / Overview: Jim Pingle wrote:
> That page outputs what is given to it by strongSwan. Check the output of "ipsec statusall" from ... Lars Jorgensen
07:35 AM Bug #6966 (Feedback): Display bug in Status / IPsec / Overview: That page outputs what is given to it by strongSwan. Check the output of "ipsec statusall" from the console when it's... Jim Pingle
06:10 AM Bug #6966 (Resolved): Display bug in Status / IPsec / Overview: I have to IPsec tunnels configured. If one goes up, it is reported as both connected and disconnected in two separate... Lars Jorgensen
07:41 AM Bug #6967 (Resolved): DH Groups 22, 23, 24 missing from Phase 2 selection GUI: When configuring IPSec you can select DH Groups 22-24 for Phase 1, but for Phase 2 they are missing from the GUI.
... Sec Sec

11/27/2016

06:31 PM pfSense Packages Bug #6763: Squid ClamAv wrong redirect URL: And as for "the GUI does nothing":
!https://s15.postimg.org/fk5zywtsr/clamav_redirect_empty.png!... Kill Bill
06:04 PM pfSense Packages Bug #6763: Squid ClamAv wrong redirect URL: The default URL is set to the pfSense GUI URL on package install. Simply because that's the only sensible default. Th... Kill Bill
02:40 PM pfSense Packages Bug #6763: Squid ClamAv wrong redirect URL: See: https://forum.pfsense.org/index.php?topic=115323.0 Richard Eberhard
02:39 PM pfSense Packages Bug #6763: Squid ClamAv wrong redirect URL: Kill Bill wrote:
> Richard Eberhard wrote:
> > I also tried adding a redirect command in the custom squid config: n... Richard Eberhard
08:28 AM pfSense Packages Bug #6763 (Not a Bug): Squid ClamAv wrong redirect URL: Jim Pingle
04:08 AM pfSense Packages Bug #6763: Squid ClamAv wrong redirect URL: No bug here, let alone "very high" severity, can be closed. This is configurable in the GUI as shown above. Kill Bill
06:28 PM Bug #6223: IPsec + OpenBGPD fails with "PF_KEY socket: No buffer space available": Has anyone attempted this with 2.4 beta? I've already burned my downtime allowance testing with 2.3.x versions and va... Michael OBrien
05:53 PM pfSense Packages Bug #6562: Bug/Wrong description in the squid settings: Yes, set CN property surprisingly sets CN property. Sigh. Because that's exactly the purpose of the feature. Set != s... Kill Bill
02:46 PM pfSense Packages Bug #6562: Bug/Wrong description in the squid settings: Kill Bill wrote:
> Sorry, but browser thinking a certificate is valid when it's not is NOT a Squid issue. Stop doing... Richard Eberhard
08:30 AM pfSense Packages Bug #6562 (Not a Bug): Bug/Wrong description in the squid settings: Jim Pingle
04:16 AM pfSense Packages Bug #6562: Bug/Wrong description in the squid settings: Sorry, but browser thinking a certificate is valid when it's not is NOT a Squid issue. Stop doing HTTPS MITM if you h... Kill Bill
08:34 AM pfSense Packages Bug #5701 (Not a Bug): Sarg does not delete cron entry: Jim Pingle
08:04 AM pfSense Packages Bug #5701: Sarg does not delete cron entry: Ale Feltes wrote:
> I can't see issue's status control. I can only add comments.
That was aimed @pfSense guys. :) Kill Bill
07:06 AM pfSense Packages Bug #5701: Sarg does not delete cron entry: I can't see issue's status control. I can only add comments. Ale Feltes
04:35 AM pfSense Packages Bug #5701: Sarg does not delete cron entry: Package no longer exists in 2.3+, use lightsquid.
Please, close.
Kill Bill
08:34 AM pfSense Packages Bug #3986 (Closed): BandwidthD can break php-fpm in unknown rare edge case: Jim Pingle
04:56 AM pfSense Packages Bug #3986: BandwidthD can break php-fpm in unknown rare edge case: Package gone, please close. Kill Bill
08:33 AM pfSense Packages Feature #2170 (Closed): Enable AirPrint mdns via Avahi: Jim Pingle
04:43 AM pfSense Packages Feature #2170: Enable AirPrint mdns via Avahi: This already works with Avahi as noted above. Please, close this. Kill Bill
08:32 AM pfSense Packages Bug #4676 (Rejected): Avahi & .local domain in config file: Jim Pingle
04:41 AM pfSense Packages Bug #4676: Avahi & .local domain in config file: Cannot be reproduced plus concerns obsolete 2.2.x PBI stuff.
Please, close. Kill Bill
08:31 AM pfSense Packages Bug #4301 (Closed): arpwatch not sending email reports on 2.2: Jim Pingle
04:37 AM pfSense Packages Bug #4301: arpwatch not sending email reports on 2.2: Package no longer exists in 2.3+, please close. Kill Bill
08:31 AM pfSense Packages Feature #6141 (Resolved): Convert apcupsd package to 2.3: Jim Pingle
04:33 AM pfSense Packages Feature #6141: Convert apcupsd package to 2.3: Been already done, can be closed.
https://github.com/pfsense/FreeBSD-ports/commits/devel/sysutils/pfSense-pkg-apcupsd Kill Bill
08:30 AM pfSense Packages Bug #6252 (Not a Bug): Can't access darkstat if webgui is on HTTPS.: Jim Pingle
04:25 AM pfSense Packages Bug #6252: Can't access darkstat if webgui is on HTTPS.: Darkstat does not support HTTPS. Cannot be fixed in the package. The issue is HSTS headers set by pfSense nginx. Best... Kill Bill
08:30 AM pfSense Packages Bug #6485 (Rejected): Squid garbage collection is a blocking thread and stops all network traffic: Jim Pingle
04:20 AM pfSense Packages Bug #6485: Squid garbage collection is a blocking thread and stops all network traffic: Upstream bug tracker for Squid is at http://bugs.squid-cache.org/describecomponents.cgi?product=Squid - the pfSense p... Kill Bill
08:29 AM pfSense Packages Bug #6497 (Closed): Squid3 web GUI page not saving settings for users in custom system privileged groups in v 2.2.2: Jim Pingle
04:13 AM pfSense Packages Bug #6497: Squid3 web GUI page not saving settings for users in custom system privileged groups in v 2.2.2: 2.2.x is dead, plus this would not be a Squid package bug at all. Please, close this. Kill Bill
08:28 AM pfSense Packages Bug #6814 (Not a Bug): pfBlockerNG cannot define table pfB_Europe_v6 after pfsense upgrade to 2.3.2-RELEASE (amd64): Jim Pingle
04:05 AM pfSense Packages Bug #6814: pfBlockerNG cannot define table pfB_Europe_v6 after pfsense upgrade to 2.3.2-RELEASE (amd64): No bug here, can be closed. Kill Bill
06:32 AM pfSense Packages Feature #6965 (Resolved): suricata + snort - making custom passlist additive to the default one: It'd seriously help to have a checkbox that'd simply _add_ whatever custom alias(es) to the default passlist, instead... Kill Bill
04:39 AM Feature #5619: Curl with ARES support: This is misfiled under Packages product, any changes here would need to be done in pfSense core. Kill Bill

11/26/2016

09:15 PM pfSense Packages Bug #6047: syslog-ng does not logrotate: Well, this still does not work properly at least with bzip2, because:... Kill Bill
04:19 PM Revision b0b2af90: Update setup_wizard.xml: Jonathon Anderson
04:18 PM pfSense Packages Bug #6690: SURICATA IPS Issue - Kills VLANS & Traffic Shaper: There's already #6023 for netmap + shaping. Kill Bill
02:12 PM Bug #5649: bce0: Discard frame w/o leading ethernet header (len 0 pkt len 0): I believe this issue can now be closed.
After using pci-stub on the Linux host for the two NIC's in question, whic... Matt Parnell
12:21 PM pfSense Packages Bug #6964 (Resolved): Host OS Policy Assignment broken when using "Import" or "Aliases" buttons: The policy always gets assigned to the first instance (normally probably WAN) when you either
- use the Import butto... Kill Bill
10:41 AM Revision b8678b63: IPv6 address can contain a dot: When requiring the entry of an IPv6 address, the regex pattern should still allow a dot, so that an IPv6 address can ... Phil Davis
06:44 AM pfSense Packages Bug #6389: Suricata typo under interface rules tab: https://github.com/pfsense/FreeBSD-ports/pull/220 Kill Bill
06:38 AM pfSense Packages Bug #5938: Link for Signing up for ETPro account got changed - Suricata: This got broken again. Together with some other cosmetics, this is fixed by https://github.com/pfsense/FreeBSD-ports/... Kill Bill

11/25/2016

10:27 PM Bug #6962: GUI allows selecting missing diffe-helman Paremeters for OpenVPN: My vote would be either to grey out or remove the missing parameters from the OpenVPN dropdown, or to kick off a back... Andy Sayler
09:25 AM Bug #6962 (Confirmed): GUI allows selecting missing diffe-helman Paremeters for OpenVPN: The GUI should probably grey out or otherwise note the selections without available files. Or maybe check for @/etc/d... Jim Pingle
09:04 PM Revision 19b7263e: - added support for duiadns.net ipv4 and ipv6: Ionut
08:17 PM Revision 8505ccf0: Disable PAM when using only key-based authentication, otherwise keyboard-interactive fails. Fixes #6963: Jim Pingle
08:17 PM Revision ec64b0a8: Disable PAM when using only key-based authentication, otherwise keyboard-interactive fails. Fixes #6963: Jim Pingle
08:08 PM Revision b35fc433: Disable PAM when using only key-based authentication, otherwise keyboard-interactive fails. Fixes #6963: Jim Pingle
05:09 PM Revision 6be782ed: increase webgui usability when the remote ldap server isn't available: (cherry picked from commit b77a63948b4bd54f3d2e6e9d3822588105fb5741) Pi Ba
05:09 PM Revision 23a8dae0: Merge pull request #3196 from PiBa-NL/authfallbackspeed: Renato Botelho
05:06 PM Revision 54098908: ipsec mobile clients, don't check mobile leases if mobile client isn't enabled to begin with: (cherry picked from commit 339279415ced4aaaafb96fc14a334a172b8db49f) Pi Ba
05:06 PM Revision ba2253da: Merge pull request #3212 from PiBa-NL/ipsec-mobile-leasecheck: Renato Botelho
05:05 PM Revision 9e2fa369: Improved error message to explicitly state allowable characters: Related to Bug #6432.
(cherry picked from commit 3b55b54e9c76998a2b0e28897a0be79d5cf0cb8f) Sean McBride
05:05 PM Revision 823091b1: Merge pull request #3216 from seanm/master: Renato Botelho
05:01 PM Revision f968d06d: DHCPv6 ddnsdomainprimary must currently be IPv4: This field is currently validated to allow only an IPv4 address to be entered, so it may as well be consistent client... Phil Davis
05:00 PM Revision d0e73557: Merge pull request #3231 from phil-davis/patch-8: Renato Botelho
04:59 PM Revision 19509df3: services_dhcp_edit add extra IPv4 validation: a) Validate that ipaddr must be IPv4 (note if you enter an IPv6 address, it will fail other later tests of being in t... Phil Davis
04:59 PM Revision ab97c6aa: Merge pull request #3230 from phil-davis/patch-7: Renato Botelho
04:48 PM Revision e9544016: Specify the IP address family in interfaces.php: Where it is known what sort of IP address is required, we can specify it in the call to Form_IpAddress. That will mak... Phil Davis
04:48 PM Revision 8adb1946: Merge pull request #3226 from phil-davis/patch-3: Renato Botelho
04:47 PM Revision 57808367: Keep the rule type selection after input errors on firewall rule: If the user:
a) Edit a firewall rule
b) Select "single host or alias"
c) Enter an invalid IP address that is not an a... Phil Davis
04:47 PM Revision 81e2aa25: Merge pull request #3224 from phil-davis/patch-2: Renato Botelho
04:45 PM Revision fbcdf576: add All-Inkl to services.class: (cherry picked from commit 360f3a9011d143944fcd8e5e6b69fced2f9baaf7) Christoph Filnkößl
04:45 PM Revision 3c2a6448: add All-Inkl to dyndns.class: (cherry picked from commit 575b1dcf0bdb28c431fca420d27bdedf579ec9c4) Christoph Filnkößl
04:45 PM Revision 75357823: Merge pull request #3223 from filnko/patch-1: Renato Botelho
04:11 PM Bug #6963 (Feedback): SSH Keyboard-Interactive Authentication fails on 2.3.2/2.4: I pushed a fix as stated. Works fine with and without key-based auth. Needs more testing once it hits snaps. Jim Pingle
02:15 PM Bug #6963 (Resolved): SSH Keyboard-Interactive Authentication fails on 2.3.2/2.4: The ssh authentication "keyboard-interactive" method fails on 2.3.2 and 2.4
This is due to the use of @UsePAM no@ ... Jim Pingle
09:28 AM Feature #6961 (Duplicate): IPv4/IPv6 Dual-Stack IPSEC mobile vpn: Duplicate of #6886 Jim Pingle

11/24/2016

04:21 PM Bug #6962: GUI allows selecting missing diffe-helman Paremeters for OpenVPN: Uhm... generating these "on demand" is a horrible idea. Should be either pre-shipped or user told to do the job. User... Kill Bill
03:58 PM Bug #6962 (Resolved): GUI allows selecting missing diffe-helman Paremeters for OpenVPN: When trying to use a 3072-bit Diffie-Hellman parameter with the OpenVPN server, the following error is logged and the... Andy Sayler
12:43 PM Revision f6bea44d: Silence kenv calls: Renato Botelho
12:43 PM Revision 411f439a: Silence kenv calls: Renato Botelho
12:21 PM pfSense Packages Bug #6547: syslog-ng log browser only shows the first few lines: Kinda difficult to come with "pfSense native firewall"-like GUI, considering there's no pattern about what's going to... Kill Bill
11:26 AM pfSense Packages Feature #4548: syslog-ng interface doesn't allow rule ordering: See https://github.com/pfsense/FreeBSD-ports/pull/218 Kill Bill
09:31 AM Feature #6961 (Duplicate): IPv4/IPv6 Dual-Stack IPSEC mobile vpn: It would be nice to have possibility to create Phase1 IPSec for Mobile Clients - for both IPv4 and IPv6.
Currently... Vladimir Lind
07:51 AM Feature #6960: Introduce Kea DHCP as an alternative DHCP server for IPv4 and IPv6: It looks like Facebook migrated to Kea DHCP. Should be for a good reason [[https://code.facebook.com/posts/8459090588... Raul Ramos
06:51 AM Feature #6960 (Resolved): Introduce Kea DHCP as an alternative DHCP server for IPv4 and IPv6: I think it would be a good idea to at least take a look at kea dhcp by ISC. It seems to be a much better solution for... Bogdan P
07:22 AM pfSense Packages Bug #6492 (Resolved): Syslog-ng configuration file warning is treated as syntax error: Renato Botelho
07:05 AM pfSense Packages Bug #6492: Syslog-ng configuration file warning is treated as syntax error: Already fixed by https://github.com/pfsense/FreeBSD-ports/commit/5f79e53dcae89bb185279ba2164a99891bb70dfd Kill Bill
03:28 AM Bug #6959 (Feedback): Remove or rename "LiveCD" option in the 2.4 installer: Done Renato Botelho
03:24 AM Bug #6762: "Please match the requested format" error in Chrome when editing certain form fields: I'm still having this issue.
Norwegian settings in Chromve version 55.0.2883.59
I get the error when trying to ad... Øistein Kjos

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

12/23/2016

12/22/2016

12/21/2016

12/20/2016

12/19/2016

12/18/2016

12/17/2016

12/16/2016

12/15/2016

12/14/2016

12/13/2016

12/12/2016

12/11/2016

12/10/2016

12/09/2016

12/08/2016

12/07/2016

12/06/2016

12/05/2016

12/04/2016

12/03/2016

12/02/2016

12/01/2016

11/30/2016

11/29/2016

11/28/2016

11/27/2016

11/26/2016

11/25/2016

11/24/2016