Activity

30 days up to

User

Subprojects

Activity

From 12/16/2016 to 01/14/2017

01/14/2017

09:53 PM Bug #7123: Kernel panic when setting TCP MD5 Password in OpenBGP: Rolf Sommerhalder wrote:
> Setting a TCP6 MD5 password in OpenBGP package triggers a panic in pfSense-2.4 amd64 snap... Rolf Sommerhalder
08:50 AM Bug #7123 (Resolved): Kernel panic when setting TCP MD5 Password in OpenBGP: Setting a TCP6 MD5 password in OpenBGP package triggers a panic in pfSense-2.4 amd64 snapshot from yesterday (Fri 13.... Rolf Sommerhalder
04:33 PM Revision 63586f71: Merge pull request #3383 from doktornotor/patch-1: Jim Pingle
04:30 PM Bug #6896: unbound root.key file corruption possibly related to full file system: I just had the same issue. /var/ was at 100%. After trying to recreate the root.key, and noticing that dhcpd.conf cou... Thaddeus Covert
03:43 PM Revision 4aefa6f2: Restart unbound after clearing logs (Bug #6915): Handle clearing the individual log as well. Doktor Notor
03:35 PM Feature #5549: Additional DNS entries in General Setup would be good for 3 or more WAN's: ok already had manually added staic route for 8.8.8.8 and 8.8.4.4 causes failure in error checking Michael Kellogg
03:08 PM Feature #5549: Additional DNS entries in General Setup would be good for 3 or more WAN's: that error happens re-saving current setup with 4 dns servers Michael Kellogg
03:06 PM Feature #5549: Additional DNS entries in General Setup would be good for 3 or more WAN's: getting this error whe trying to add more dns servers
A gateway can not be assigned to DNS '8.8.8.8' server which ... Michael Kellogg
01:07 AM Feature #5549: Additional DNS entries in General Setup would be good for 3 or more WAN's: Note: I kept this in the General Setup page where it has been since eternity. Just made it so a variable number of DN... Phillip Davis
11:00 AM pfSense Packages Feature #556: siproxd: add carp virtual IPs as interface candidates: Good catch, thanks. Kill Bill
09:42 AM pfSense Packages Feature #556: siproxd: add carp virtual IPs as interface candidates: The PR was close but it needed some backend changes as well, otherwise it was putting blank values in the configurati... Jim Pingle
10:48 AM Bug #7121: freshclam.conf advanced editing, configuring value of "Checks" has no effect on crontab entry: safebrowsing was never enabled in my setup. I also didn't investigate further. Alexander Berkes
10:37 AM Bug #7121: freshclam.conf advanced editing, configuring value of "Checks" has no effect on crontab entry: Alexander Berkes wrote:
> That really makes no sense in the minute crontab column and it definitely leads to multipl... Kill Bill
10:27 AM Bug #7121: freshclam.conf advanced editing, configuring value of "Checks" has no effect on crontab entry: Thanks for the git link. That makes things more clear.
Sorry I couldn't remember the exact value of the crontab en... Alexander Berkes
07:36 AM Bug #7121: freshclam.conf advanced editing, configuring value of "Checks" has no effect on crontab entry: This hopefully makes things more obvious: https://github.com/pfsense/FreeBSD-ports/pull/254
@OP: No, the above PR ... Kill Bill
06:52 AM Bug #7121: freshclam.conf advanced editing, configuring value of "Checks" has no effect on crontab entry: "Checks" in freshclam.conf is not using/configuring cron, at all. Switching to manual config and changing freshclam.c... Kill Bill
05:35 AM Bug #7121: freshclam.conf advanced editing, configuring value of "Checks" has no effect on crontab entry: Yeah you are right, I am talking about the squid package, but especially the freshclam component. Freshclam is execut... Alexander Berkes
02:27 AM Bug #7121: freshclam.conf advanced editing, configuring value of "Checks" has no effect on crontab entry: Assuming you are talking about Squid, it's not supposed to do anything with cron. You are totally on your own, this f... Kill Bill
10:34 AM Bug #6915 (Feedback): unbound logging not working after reboot or "Reset log files": PR merged, works fine. Will wait for it to be in snaps before one last test. Jim Pingle
09:44 AM Bug #6915: unbound logging not working after reboot or "Reset log files": Jim Pingle wrote:
> It works from the Settings tab if you reset all log files, but it doesn't work if you clear the ... Kill Bill
10:11 AM pfSense Packages Feature #3303 (Resolved): Allow quagga ospf stub, not so stub and totally stub areas: Seems to work Jim Pingle
09:20 AM pfSense Packages Feature #7000: ntopng historical data needs to be reworked: PR to hide this defunct stuff from GUI meanwhile: https://github.com/pfsense/FreeBSD-ports/pull/255 Kill Bill
08:57 AM pfSense Packages Bug #4736 (Resolved): ladvd crashes, dumps core: Problem on the ticket no longer happens, anything else belongs on a new ticket. Closing. Jim Pingle
08:57 AM pfSense Packages Bug #6346 (Rejected): Squid Proxy Server Service randomly stops: Jim Pingle
08:56 AM pfSense Packages Bug #5534 (Resolved): Captive Portal stop sending accounting updates to free radius: Unable to reproduce, lack of feedback, closing. Jim Pingle
08:55 AM pfSense Packages Bug #5614 (Resolved): mailreport - emails are going out when manually triggered, but not via cron: Unable to reproduce, lack of feedback, closing. Jim Pingle
08:31 AM Bug #6927 (Resolved): 1 to 1 NAT allows entry of mixed IP addresses: Yes, this should have a 2.4 target. And it's already been tested, but I tested it again on a current snapshot and it'... Jim Pingle
01:45 AM Bug #6927: 1 to 1 NAT allows entry of mixed IP addresses: Target version could be set to 2.4.0 and then some independent person test. Phillip Davis
08:09 AM pfSense Packages Feature #4752 (Feedback): SQUID. Exception for speed limits: Jim Pingle
08:03 AM pfSense Packages Feature #4752: SQUID. Exception for speed limits: Merged; test please and report back. Kill Bill
08:08 AM pfSense Packages Feature #6965 (Resolved): suricata + snort - making custom passlist additive to the default one: Jim Pingle
08:05 AM pfSense Packages Feature #6965: suricata + snort - making custom passlist additive to the default one: Apparently the issue was not with the package, nested aliases now work. Close please. Kill Bill
06:25 AM Revision 8ad8e9ab: Format of username in Logout: Phil Davis
01:42 AM pfSense Packages Feature #5052: Avahi Proxy Package: Add option to disable/control cache size.: This has a target version of 2.4.0 - is that really intended? Phillip Davis
01:37 AM Bug #6864: Error checking rejects IPv6 addresses with upper case A-F.: interfaces.php also has addrtolower() Phillip Davis
01:28 AM Bug #7031: Cannot configure OpenVPN on a DHCP interface that has not received an IP address: This just needs an independent person to test it. Phillip Davis
01:24 AM Feature #7122: Add filters to various dashboard widgets: The following are completed:
Services Widget UI changes: https://github.com/pfsense/pfsense/pull/3370
Interfaces Wi... Phillip Davis
01:14 AM Feature #7122 (Resolved): Add filters to various dashboard widgets: Some dashboard widgets can end up with a lot of rows or columns of data to display on bigger systems. It would be nic... Phillip Davis

01/10/2017

08:29 PM Bug #4310: Limiters + HA results in hangs on secondary: I would agree with Vladimir. Just would like to know if this will be definitely be fixed in 2.4 or pushed out furthe... James Kohout
08:27 PM Revision 6a9a7595: Merge pull request #3343 from phil-davis/retval1: Renato Botelho
08:21 PM Bug #7110 (Resolved): Empty custom NTP ACL produces syntax error in /var/etc/ntpd.conf: On the NTPD ACL tab [Services/NTP/ACLs] the blank default entry under Custom Access Restrictions results in addition ... John Silva
07:59 PM Bug #6986 (Resolved): reply-to is not functioning on pfSense 2.4: I tested this on two systems that previously reproduced the problem 100% of the time, and now they both work. Looks g... Jim Pingle
07:22 PM Bug #6986 (Feedback): reply-to is not functioning on pfSense 2.4: Fixed by https://github.com/pfsense/FreeBSD-src/commit/114dc4a89011a560c32421ca842ca73f5b29d449 Luiz Souza
05:03 PM Revision a271ed3d: Make sure file exists before try to open it: Renato Botelho
05:03 PM Revision 4f3fc80d: Fix style: Renato Botelho
04:30 PM Revision ada6bfa7: Services widget filter checkboxes: Phil Davis
02:48 PM Revision edcd7535: Breadcrumb links: Phil Davis
02:46 PM Revision 3870dcb7: Move checkbox styling to the beta file since it produces results that are not consistent across browsers and OS: Steve Beaver
11:04 AM Revision 155769f2: Revert "get_pkg_info() fallback using pkg info if no local copy of repo catalog": This reverts commit 46237e23f35db70a917939609061dce7b7f955f9. Renato Botelho
11:04 AM Revision 1e85a9ed: Revert "get_pkg_info() fallback using pkg info if no local copy of repo catalog": This reverts commit e47af756de79d4e8b0356cf22f72f62f09e9ad7d. Renato Botelho
09:17 AM Feature #4354: Allow dpinger to ping more than one destination for a gateway.: definitely like the idea of adding a decision layer the would then open options to create a daemon for other method... Michael Kellogg
06:48 AM Feature #4354: Allow dpinger to ping more than one destination for a gateway.: I posted a bounty: https://forum.pfsense.org/index.php?topic=123741.0 → luckman212
08:56 AM pfSense Packages Bug #7104: Rules created by traffic shaper wizard dont do anything: Jim if you want to test these new findings up to you but here is an update.
I have discovered the match rules crea... Chris Collins
08:23 AM Feature #7098 (Resolved): RAM Disk Management: Seems to work alright on a couple test boxes here. Jim Pingle
06:57 AM pfSense Packages Bug #7109: Squid 0.4.29_1 not Exist: Tank you,
now all is ok Claudio Berselli
06:52 AM pfSense Packages Bug #7109 (Rejected): Squid 0.4.29_1 not Exist: This sort of error will clear up on its own after a few moments, or run "pkg update -f" if it keeps happening.
Whe... Jim Pingle
06:45 AM pfSense Packages Bug #7109 (Rejected): Squid 0.4.29_1 not Exist: If tray to install Squid 0.4.29_1 I have this error:... Claudio Berselli
06:50 AM pfSense Packages Bug #6878: how to use snort, squid and squid_guard with a ram disk: The thinking was: Without NanoBSD, more people will be running a full install on unreliable media like CF/SD, so we n... Jim Pingle
04:24 AM pfSense Packages Bug #6878: how to use snort, squid and squid_guard with a ram disk: Jim Pingle wrote:
> Seems to be working.
Yeah, this seems to be working, except that noone is getting the fixes. ... Kill Bill
06:30 AM Bug #5993: dhcp6c not started until an RA received: Richard Patterson asked me by email to explain in more detail why I want to make these changes, here is my email to h... Martin Wasley
05:22 AM Bug #5993: dhcp6c not started until an RA received: OK, it seems we have a solution. It involves a change to dhcp6c, another new flag is added!
The flag, currently 'x... Martin Wasley

01/09/2017

10:21 PM Feature #4354: Allow dpinger to ping more than one destination for a gateway.: I agree that the "right" way to handle this would be to have dpinger remain dumb (for lack of a better term) and simp... → luckman212
08:28 PM Feature #4354: Allow dpinger to ping more than one destination for a gateway.: I agree with this analysis. To make this happen, there needs to be a layer between groups of dpinger process(es) and ... Phillip Davis
07:42 PM Feature #4354: Allow dpinger to ping more than one destination for a gateway.: Luke opened an issue with dpinger. For reference, I've copied the response here.
-----
Hey Luke,
I understan... Denny Page
10:06 PM pfSense Packages Bug #6305: Quagga problems updating routes / mistakenly showing "kernel"-routes while they are not: Affected me too. I tried settings with OpenVPN server + OpenVPN client.
Both:
Pfsense 2.3.2-RELEASE-p1
Quagga_OS... winmasta winmasta
09:37 PM Revision a1b39e94: openvpn, check for valid pid using isvalidpid(): Pi Ba
09:22 PM Feature #7098: RAM Disk Management: Upgraded RAM disk enabled system. Working fine.
Thanks NOYB NOYB
08:01 AM Feature #7098 (Feedback): RAM Disk Management: PR has been merged, thanks! Renato Botelho
09:17 PM Bug #7108: ntp does not keep time on virtualized pfsense: Trying with TSC-low now. That seems to have done the trick! The time offset is staying relatively stable now. Tha... John Silva
07:50 PM Bug #7108 (Not a Bug): ntp does not keep time on virtualized pfsense: OpenNTPD isn't better, it's worse. Jim Thompson
06:53 PM Bug #7108: ntp does not keep time on virtualized pfsense: Try with TSC or TSC-low. Anyway, this ain't a pfSense bug, needs to go upstream. Kill Bill
05:45 PM Bug #7108: ntp does not keep time on virtualized pfsense: Relevant logs:... John Silva
05:40 PM Bug #7108 (Not a Bug): ntp does not keep time on virtualized pfsense: I run pfsense virtualized under FreeBSD bhyve. I've read all of the normal advice and have implemented the usual wor... John Silva
07:55 PM pfSense Packages Bug #7107: IPv6 blocklists generate IPv4 auto-rules: I'll wait for a confirmed fix for the 'vtype' bug. The aliases are working fine for me, especially since I really on... John Silva
07:44 PM pfSense Packages Bug #7107: IPv6 blocklists generate IPv4 auto-rules: *Update:* Its going to be a little more involved to fix this issue... Best to use "Alias type" rules, until the next... BBcan177 .
07:22 PM pfSense Packages Bug #7107: IPv6 blocklists generate IPv4 auto-rules: Thanks for the report... I can confirm that there is a bug for the IPv6 Tab. The GeoIP tab doesn't have this issue th... BBcan177 .
06:32 PM pfSense Packages Bug #7107: IPv6 blocklists generate IPv4 auto-rules: Yes. I configured the list in the IPv6 tab of pfBlockerNG. When "List Action" is set to "Deny Both" the firewall ru... John Silva
06:21 PM pfSense Packages Bug #7107: IPv6 blocklists generate IPv4 auto-rules: Did you add these Lists in the IPv6 pfBlockerNG Tab? BBcan177 .
05:35 PM pfSense Packages Bug #7107 (Resolved): IPv6 blocklists generate IPv4 auto-rules: I set up some IPv6 blocklists with pfblocker and noticed that the autorules it created were created as IPv4 protocol ... John Silva
06:54 PM Bug #6257: Kernel panic with ALTQ: Also experiencing a very similar crash every few days in the igb driver queue thread after updating to 2.4.0 as long ... Nash Kaminski
06:34 PM Revision fc47d47a: Fix a case where the ALTQ capability warning was showing incorrectly. Fixes #7102: Jim Pingle
05:25 PM Bug #7106 (Not a Bug): TLS SMTP notification messages fail with expired certificate: Am using pfsense 2.3.3 development snapshot 2017-01-08.
When configuring SMTP notifications using STARTTLS over tc... John Silva
04:50 PM Revision 09744f3a: Merge branch 'RELENG_2_3' of git.netgate.com:pfsense/pfsense into RELENG_2_3: Steve Beaver
04:49 PM Revision 2813a467: Further refine checkbox styling: Steve Beaver
03:11 PM Bug #7105 (Resolved): ICMP type selection is assuming IPv6 when it should assume IPv4: I had an older rule which did not have an ipprotocol type set inside, which is quite common with configurations that ... Jim Pingle
02:46 PM Bug #6986: reply-to is not functioning on pfSense 2.4: It's still not working here. Port forwards only work on the WAN with the default gateway. Configuration is unchanged ... Jim Pingle
02:15 PM Bug #6986: reply-to is not functioning on pfSense 2.4: JimP, I cannot reproduce this bug with todays snapshot. This is a fresh install with two WANs (DHCP) and two port fo... Luiz Souza
02:18 PM Bug #7102: This firewall does not have any interfaces assigned that are capable of using ALTQ traffic shaping for igb interface: ok thanks for taking the time to find the cause.
I respect you want to sort of filter things out on the forum firs... Chris Collins
12:40 PM Bug #7102 (Feedback): This firewall does not have any interfaces assigned that are capable of using ALTQ traffic shaping for igb interface: Applied in changeset commit:fc47d47ae50e6b549b2ac38ded2576106be66504. Jim Pingle
12:34 PM Bug #7102 (Assigned): This firewall does not have any interfaces assigned that are capable of using ALTQ traffic shaping for igb interface: I found a way to reproduce this one, it's a different problem. If all of the ALTQ-capable interfaces were assigned an... Jim Pingle
02:00 PM Revision 6a004f6f: Merge pull request #2902 from NOYB/RAM_Disk_Management: Renato Botelho
01:56 PM Revision eaa55106: Crash Reporter report when no data found: The glob for $crash_files always returns an array - an empty one in the case when there are no matching crash files. ... Phil Davis
01:56 PM Revision af469a9f: Merge pull request #3368 from phil-davis/patch-2: Renato Botelho
01:54 PM Revision 376c71bc: Merge pull request #3365 from phil-davis/format_duid: Renato Botelho
01:52 PM Revision fd2e503a: format_DUID array_walk: Phil Davis
01:42 PM Revision 5bd45966: format_DUID use str_pad: Phil Davis
01:22 PM Revision febfd592: format_DUID review: Phil Davis
12:35 PM Bug #7066: vmx(4) interfaces do not have ALTQ support on pfSense 2.4, they had ALTQ support on 2.3: OK I put that back on #7102, it's all unrelated to this ticket. This ticket is now (again) only for vmx(4) lacking AL... Jim Pingle
12:26 PM Revision 66dba4d7: clarify type of firewall rule needed: A comment on the original PR says that it's not clear if the rule for this needs to be IPv6 or IPv4 with protocol IPv... Stilez y
12:26 PM Revision 2f93ba9e: change as commented and remove redundant help text: (cherry picked from commit 16fbe9b7ee1abfb8b9504a8d1e90dcd7592f9fe2) Stilez y
12:26 PM Revision b11927df: left label as comment above: (cherry picked from commit a0052ea3a5fe74246795d90bcacadd025801134a) Stilez y
12:26 PM Revision efeea350: Various wording changes: (cherry picked from commit a075265e0a076419813622e0d69556915b6f40f2) Stilez y
12:26 PM Revision df82227e: Improve labels + help text for IPv6 tunneling options: * Move the help message to be on the group as a whole not just the IP input field
* Clarify the IP field (label state... Stilez y
12:26 PM Revision cfa4a410: Merge pull request #3330 from stilez/patch-54: Renato Botelho
12:24 PM Revision bf68dc41: Remove unusued $heading in genhtmltitle(): It came into use in https://github.com/pfsense/pfsense/commit/45eebe10a93fa1e2399c6cdf133ad88dc21ee6e7 but genhtmlti... Phil Davis
12:24 PM Revision 0d2e7de8: Merge pull request #3363 from phil-davis/patch-1: Renato Botelho
10:38 AM Bug #7050 (Resolved): Limiter with PFsense 2.4 transparent proxy: Renato Botelho
10:25 AM Bug #7050: Limiter with PFsense 2.4 transparent proxy: Luiz Otavio O Souza wrote:
> Fixed in the latest snapshot.
>
> https://github.com/pfsense/FreeBSD-src/commit/994e... Nelson Junior
10:30 AM Bug #6882 (Needs Patch): bsnmpd uses all available CPU with hostres module active in some cases: The workaround is present and prevents the problem case from causing harm.
Rather than close this out, I'll leave... Jim Pingle
10:09 AM Bug #6835 (Resolved): firewall_nat_out_edit.php Translation section hidden: Jim Pingle
10:09 AM Bug #6711 (Resolved): diag_states_summary # States and # States twice (explain one is per protocol): Jim Pingle
09:54 AM Bug #6949 (Resolved): username/password not used by proxy support: Works on the latest snap including the patch. Jim Pingle
05:49 AM Bug #6949 (Feedback): username/password not used by proxy support: Done. Last commit was cherry-picked Renato Botelho
08:34 AM pfSense Packages Bug #7104: Rules created by traffic shaper wizard dont do anything: I did not explain how they work because this is not a support system, nor is it a discussion platform. All of this be... Jim Pingle
08:32 AM pfSense Packages Bug #7104: Rules created by traffic shaper wizard dont do anything: Jim Pingle wrote:
> The forum is the best place to discuss this until a real bug is identified. It is not about keep... Chris Collins
04:35 AM Revision cb6b7189: Crash Reporter report when no data found: The glob for $crash_files always returns an array - an empty one in the case when there are no matching crash files. ... Phil Davis
03:14 AM Revision ef5c0a3e: RAM Disk Management - Config Upgrade: NOYB NOYB
03:14 AM Revision 029d6129: RAM Disk Management - Update II - Restore RAM Disk Soon as it is Created and Include Logs: Restoring the RAM disk as soon as it is available will make it easier to include additional content that needs to per... NOYB NOYB
03:14 AM Revision 08696051: RAM Disk Management - Update I - Eliminate RRD XML Dump/Restore & Alias Tables Backup Age Logic: Eliminate rrd dump/restore to/from xlm file. Backup and restore the entire /var/db/rrd/ to/from the RAM Disk Store.
... NOYB NOYB
03:14 AM Revision 257d2fd6: RAM Disk Management: 1) Treat the RAM disk more like a permanent storage device with content managed/restored by the system and made avail... NOYB NOYB
02:40 AM Revision c50f228a: Breadcrumb links support: Phil Davis
02:39 AM Revision 70719baf: Add requirestatefilter. Implements #7069.: derelict-pf
02:36 AM Revision 88081ea2: Add requirestatefilter. Implements #7069.: derelict-pf
02:03 AM Revision 0a315089: Add requirestatefilter. Implements #7069.: derelict-pf

01/08/2017

11:35 PM Bug #6990: DDNS IPs not updating after a system restart: Hi,
yesterday, January 8, my customers router shut down due to a power loss.
When the power returned the router boo... Muchacha Grande
09:01 PM Feature #7069: Provide knob to disable state display in Diagnostics > States until a filter has been submitted.: New pull request: https://github.com/pfsense/pfsense/pull/3367 Chris Linstruth
08:02 PM Bug #7066: vmx(4) interfaces do not have ALTQ support on pfSense 2.4, they had ALTQ support on 2.3: Firewall-Traffic Shaper-By Interface. I didn't check the others. If I see traffic in the queues then AltQ should be ... Greg Siemon
07:50 PM Bug #7066: vmx(4) interfaces do not have ALTQ support on pfSense 2.4, they had ALTQ support on 2.3: What page does the error show on, exactly? I can't replicate any problem where that error shows up on a firewall that... Jim Pingle
07:13 PM Bug #7066: vmx(4) interfaces do not have ALTQ support on pfSense 2.4, they had ALTQ support on 2.3: Jim Pingle wrote:
> If there is any issue with igb, I can't replicate it here. On an SG-8860 with igb running 2.4, I... Greg Siemon
10:36 AM Bug #7066: vmx(4) interfaces do not have ALTQ support on pfSense 2.4, they had ALTQ support on 2.3: If there is any issue with igb, I can't replicate it here. On an SG-8860 with igb running 2.4, I can use ALTQ and it ... Jim Pingle
09:18 AM Bug #7066: vmx(4) interfaces do not have ALTQ support on pfSense 2.4, they had ALTQ support on 2.3: Chris Collins wrote:
> Jim ALTQ does looks its on the a downward path but still pfSense uses it and the traffic shap... Jim Thompson
04:57 PM pfSense Packages Bug #7104: Rules created by traffic shaper wizard dont do anything: Yeah exactly, this is to file bug reports. Not "ooops something somehow won't work for me, definitely must be a bug" ... Kill Bill
04:54 PM pfSense Packages Bug #7104 (Rejected): Rules created by traffic shaper wizard dont do anything: The forum is the best place to discuss this until a real bug is identified. It is not about keeping ticket counts dow... Jim Pingle
04:43 PM pfSense Packages Bug #7104: Rules created by traffic shaper wizard dont do anything: Kill Bill wrote:
> May I suggest using https://forum.pfsense.org/index.php?board=26.0 until you have a *real* bug? '... Chris Collins
04:42 PM pfSense Packages Bug #7104: Rules created by traffic shaper wizard dont do anything: I see match mentioned on this page https://home.nuug.no/~peter/pf/en/altqintro.html
But FreeBSD never updated PF t... Chris Collins
04:38 PM pfSense Packages Bug #7104: Rules created by traffic shaper wizard dont do anything: May I suggest using https://forum.pfsense.org/index.php?board=26.0 until you have a *real* bug? 'cos this one ain't a... Kill Bill
04:26 PM pfSense Packages Bug #7104: Rules created by traffic shaper wizard dont do anything: Ok some more information. Step by step of my diagnostics.
1 - Run the wizard and choose the first option, keep as... Chris Collins
04:12 PM pfSense Packages Bug #7104 (Rejected): Rules created by traffic shaper wizard dont do anything: The rules are created as match rules which is not passing them onto the specific queue.
I am talking about the rul... Chris Collins
03:20 PM Bug #7050 (Feedback): Limiter with PFsense 2.4 transparent proxy: Fixed in the latest snapshot.
https://github.com/pfsense/FreeBSD-src/commit/994e779f035e9ed49909936d5773f930adfc40... Luiz Souza
03:08 PM Revision f4bbec8b: Helper format_duid() for DUID input: Phil Davis
03:05 PM pfSense Packages Feature #4752: SQUID. Exception for speed limits: This is what 'Unrestricted IPs' on the ACLs tab was intended for; except that it never worked due a wrong check. Fixe... Kill Bill
02:36 PM Revision 286ed246: Fix typo. Ticket #7007: Jim Pingle
01:21 PM Bug #7093: "Outgoing Network Interfaces" is broken in dns resolver settings: The configuration is not enough on its own because your interfaces are DHCP. We need to see the addresses on the inte... Jim Pingle
12:53 PM Bug #7093: "Outgoing Network Interfaces" is broken in dns resolver settings: is it sufficient to do a backup of the config and send you that backup?
The setup is this.
Dns resolver enabled... Chris Collins
12:53 PM Bug #7102: This firewall does not have any interfaces assigned that are capable of using ALTQ traffic shaping for igb interface: The ticket was rejected because I attempted the same configuration and found no problem on current 2.4 snapshots. I h... Jim Pingle
12:43 PM Bug #7102: This firewall does not have any interfaces assigned that are capable of using ALTQ traffic shaping for igb interface: It is a bit of a wow that you have rejected a clear report telling you that there is a misleading message in the GUI.... Chris Collins
10:19 AM Bug #7102 (Rejected): This firewall does not have any interfaces assigned that are capable of using ALTQ traffic shaping for igb interface: Then you'll need to provide a lot more detail about your NICs & the drivers they use (dmesg, ifconfig output, GUI ass... Jim Pingle
10:17 AM Bug #7102: This firewall does not have any interfaces assigned that are capable of using ALTQ traffic shaping for igb interface: I can confirm 100% now ALTQ is working.
1 - if I apply the rules on cli is no error, if altq was broken it would s... Chris Collins
09:03 AM Bug #7102: This firewall does not have any interfaces assigned that are capable of using ALTQ traffic shaping for igb interface: The only place I see this message appear is when a NIC is in use that does NOT have ALTQ support (e.g. lagg, cpsw, et... Jim Pingle
11:06 AM pfSense Packages Bug #7103 (Rejected): Security issue regarding traffic shaper created by wizard: There is no security issue except the one you made by changing the rules. If there is a problem with the shaper rules... Jim Pingle
11:04 AM pfSense Packages Bug #7103 (Rejected): Security issue regarding traffic shaper created by wizard: So take this into consideration
The default dns resolver settings listen on "all" interfaces.
If I follow the... Chris Collins
10:53 AM Feature #7007 (Resolved): Change default IPsec/strongswan log levels: Works Jim Pingle
09:25 AM Bug #6836: Wrong queue length on "/status_queues.php" page under heavy traffic: So show me what is applied here and please remove all not applicable redmine "Ts & Cs" links from this site also. Vladimir Suhhanov
09:21 AM Bug #6836: Wrong queue length on "/status_queues.php" page under heavy traffic: The Ts & Cs of the redmine project don't apply here Jim Thompson
01:50 AM Revision e470f721: Rework how IPsec log settings are stored/retreived, adjust the default values. Implements #7007: Jim Pingle

01/07/2017

11:57 PM Revision 43de8397: Don't allow SNMP hostres module to be selected or used with VMware VMs that have a CD/DVD Drive device. Fixes #6882: Jim Pingle
11:55 PM Revision 9a548240: Add VMware detection to system_identify_specific_platform(). Ticket #6882: Jim Pingle
11:10 PM Bug #6836: Wrong queue length on "/status_queues.php" page under heavy traffic: Please point me to the some redmine EULA or law, why I can not use this name anymore like it was used for the 5 last ... Vladimir Suhhanov
12:26 PM Bug #6836 (Assigned): Wrong queue length on "/status_queues.php" page under heavy traffic: please close and reopen this as someone other than "Vladimir Putin".
not kidding. Jim Thompson
10:55 PM Bug #7102: This firewall does not have any interfaces assigned that are capable of using ALTQ traffic shaping for igb interface: Jim seems it is working, and its a GUI bug.
the command line doesnt give any errors, however I am not 100% sure as... Chris Collins
10:11 PM Bug #7102: This firewall does not have any interfaces assigned that are capable of using ALTQ traffic shaping for igb interface: Possibly yes as it seems also broken on realtek.
I tried to move both cables to the reX ports but it seems my re1 ... Chris Collins
09:05 PM Bug #7102 (Duplicate): This firewall does not have any interfaces assigned that are capable of using ALTQ traffic shaping for igb interface: Probably a duplicate of #7066 which appears to be a more general issue. Jim Pingle
09:04 PM Bug #7102 (Resolved): This firewall does not have any interfaces assigned that are capable of using ALTQ traffic shaping for igb interface: Is intel i350 interface
According to this url it can be patched to work. Can the patches please be made on the pf... Chris Collins
10:28 PM Bug #7093 (Rejected): "Outgoing Network Interfaces" is broken in dns resolver settings: I cannot reproduce this on current 2.4 snapshots. I have tried a variety of outgoing and other interface configuratio... Jim Pingle
10:18 PM Bug #7066: vmx(4) interfaces do not have ALTQ support on pfSense 2.4, they had ALTQ support on 2.3: Jim ALTQ does looks its on the a downward path but still pfSense uses it and the traffic shaper is an established key... Chris Collins
12:13 PM Bug #7066: vmx(4) interfaces do not have ALTQ support on pfSense 2.4, they had ALTQ support on 2.3: Personally, I think ALTQ is dead. Jim Thompson
10:02 PM Bug #7037: CPU frequency in System Information: The info might well be redundant, but dynamic resizing from different values is poor design. Aslak Sande
08:55 PM Revision 3509ad4f: clarify type of firewall rule needed: A comment on the original PR says that it's not clear if the rule for this needs to be IPv6 or IPv4 with protocol IPv... Stilez y
08:00 PM Feature #7007 (Feedback): Change default IPsec/strongswan log levels: Applied in changeset commit:e470f72139ed54972465e653e27536687ce58b23. Jim Pingle
12:12 PM Feature #7007: Change default IPsec/strongswan log levels: assigned to Pingle for resolution. Jim Thompson
06:48 PM Revision 877b5e10: Merge branch 'RELENG_2_3' of git.netgate.com:pfsense/pfsense into RELENG_2_3: Steve Beaver
06:45 PM Revision ba61a00b: Fix #7100: Steve Beaver
06:44 PM Revision 6d55e876: Fix #7100: Steve Beaver
06:09 PM Bug #6949: username/password not used by proxy support: Looks like the patch on the FreeBSD bug entry was committed. We should be able to pull it in from there. Jim Pingle
06:00 PM Bug #6882 (Feedback): bsnmpd uses all available CPU with hostres module active in some cases: Applied in changeset commit:43de83978ed93c9a4886e2844e341af0f3fe9a05. Jim Pingle
02:26 PM Revision f93e9098: Remove unusued $heading in genhtmltitle(): It came into use in https://github.com/pfsense/pfsense/commit/45eebe10a93fa1e2399c6cdf133ad88dc21ee6e7 but genhtmlti... Phil Davis
01:15 PM Bug #7100 (Resolved): pkg_edit.php - $("#showadv").prop('value') not working: Anonymous
01:01 PM Bug #7100: pkg_edit.php - $("#showadv").prop('value') not working: Works! ;) Thanks. Kill Bill
12:50 PM Bug #7100 (Feedback): pkg_edit.php - $("#showadv").prop('value') not working: Applied in changeset commit:6d55e876755d422e97bacb336f52f577087aa71c. Anonymous
08:36 AM Bug #7100 (Resolved): pkg_edit.php - $("#showadv").prop('value') not working: This code somehow does not work: https://github.com/pfsense/pfsense/blob/master/src/usr/local/www/pkg_edit.php#L1521 ... Kill Bill
12:35 PM Revision 7e33d908: Further internationalization: Steve Beaver
12:23 PM Bug #6974: radvd enabled on a disconnected interface kills RA completely on all interfaces: There is code in radvd to stop sending on interfaces that are no longer transmitting.
I don't know how difficult... Jim Thompson
12:10 PM Bug #7013: Changing group scope to remote does not remove it from group file: you would have to teach each affected process to re-run initgroups(3); setgroups(2); in order for them all to have a ... Jim Thompson
12:08 PM Revision 0a6273e2: Add missing internationalization: Steve Beaver
12:05 PM Todo #7084: Intel IEEE 802.11ac wireless network driver: I don't think we have any hardware to test this with. Jim Thompson
11:06 AM Bug #7101: services_dyndns.php not updating via gateway group, ok with the interface: Sorry, a mistake in line 1...
"with 2 PPPoE connection I have defined 3 DDNS: DDNS1.selfip.net for WADSL, DDNS2.se... Riccardo Di Sarcina
11:03 AM Bug #7101 (Duplicate): services_dyndns.php not updating via gateway group, ok with the interface: Hi,
with 2 connection I have defined 3 DDNS: DDNS1.selfip.net for WADSL, DDNS2.selfip.net for VDSL and DDNS.selfip... Riccardo Di Sarcina
09:10 AM Feature #7099: Make breadcrumbs clickable: I wondered about that also, at the time of the bootstrap conversion, but there was enough going on that I never follo... Phillip Davis
06:54 AM Feature #7099 (Resolved): Make breadcrumbs clickable: Dunno if it's just me, but the entire feature is very much pointless when it's unusable for navigation. Seems pretty ... Kill Bill
08:40 AM Feature #7077: Display negotiated data encryption algorithm in OpenVPN connection status: Great news!
We'll keep an eye out for it Jim Pingle
08:27 AM Feature #7077: Display negotiated data encryption algorithm in OpenVPN connection status: The proposal to add the info to status 2 / 3 has been accepted, and may make it into OVPN 2.4.1. I'll update this whe... Jeff Wischkaemper
06:30 AM Bug #7096: Unbound fails to start on boot if specific network devices are configured in the "Network Interfaces": I have a proposal which should make it easier for development.
I suggest removing the interface selection as is (f... Chris Collins
05:46 AM Feature #7098 (Resolved): RAM Disk Management: RAM Disk Management
https://github.com/pfsense/pfsense/pull/2902
1) Treat the RAM disk more like a permanent stor... NOYB NOYB
05:14 AM Revision c7df3de8: Merge pull request #3346 from scherma/reverting: Jim Pingle
05:14 AM Revision 1a86beff: Merge pull request #3359 from phil-davis/admin_notices: Jim Pingle
02:26 AM Revision a5d486e9: Revise gateway widget config form: Make non-checked checkboxes more visible by adding an outline Steve Beaver
02:24 AM Revision b2daca76: Fix username reference: Phil Davis
01:20 AM Bug #5993: dhcp6c not started until an RA received: The removal of the extra dhc6c_interface_script call does cause a problem for some, those who use dhcpwithoutra and w... Martin Wasley

01/06/2017

11:20 PM Feature #7097 (Feedback): Authentication cache for LDAP and RADIUS: PR merged Jim Pingle
02:41 PM Feature #7097 (Resolved): Authentication cache for LDAP and RADIUS: Currently PFSense does not remember LDAP or RADIUS authentication to the admin portal between requests. This results ... Joash Lewis
11:17 PM Revision 8845e137: openvpn, make sure config is written and not overwritten while starting openvpn, and wait for pid of child process to be written before exiting function: Pi Ba
11:16 PM Feature #7051 (Feedback): Allow control of what users can view and/or clear notices: PR merged Jim Pingle
11:54 AM Feature #7051: Allow control of what users can view and/or clear notices: This should fix it:
https://github.com/pfsense/pfsense/pull/3359
assuming it should be "fixed" Phillip Davis
11:23 AM Feature #7051: Allow control of what users can view and/or clear notices: Ditto, but that VM had apparently been broken in that way for some time and I never noticed until this morning when I... Jim Pingle
11:17 AM Feature #7051: Allow control of what users can view and/or clear notices: The code checks for having the specific new privs to view/clear notices or the "all pages" access. If the "root" user... Phillip Davis
11:05 AM Feature #7051: Allow control of what users can view and/or clear notices: More info: This appears to have happened because the 'admin' user on that VM was somehow not a member of the 'admins'... Jim Pingle
11:02 AM Feature #7051 (Assigned): Allow control of what users can view and/or clear notices: The notice alert/bell isn't displayed to the admin user when this code is in place. If I revert it, they show up. Jim Pingle
05:42 PM Revision fce3edc0: Allow admin to clear notices: Phil Davis
04:51 PM Revision 0fa3348b: Merge branch 'master' of git.netgate.com:pfsense/pfsense: Steve Beaver
04:11 PM Revision 49683e45: Etc/GMT timezone text using ngettext(): (cherry picked from commit 88de4ab06c8a330a3cedf474b3e218a941f6db66) Phil Davis
04:11 PM Revision b31208c1: Merge pull request #3358 from phil-davis/timezone_ngettext: Renato Botelho
02:48 PM Revision 88de4ab0: Etc/GMT timezone text using ngettext(): Phil Davis
02:28 PM Feature #6045: Updates that do not require a reboot should run reroot: Looks like reroot doesn't work with ZFS without changing vfs.root.mountfrom
https://bugs.freebsd.org/bugzilla/show... Renato Botelho
12:56 PM Feature #6045 (Assigned): Updates that do not require a reboot should run reroot: reroot crashes with ZFS. We will have to detect that case and fall back to a traditional reboot (or see if we can get... Jim Pingle
01:49 PM Revision d4fbcb9f: Merge pull request #3356 from phil-davis/gw_widget_filter: Steve Beaver
01:43 PM Bug #7096 (Resolved): Unbound fails to start on boot if specific network devices are configured in the "Network Interfaces": It starts fine if default ALL is selected.
But if specific interfaces are selected instead it prints bind errors a... Chris Collins
01:32 PM Revision 0612d7ca: Make the emphasis stronger when encouraging use of a geographic location time zone.: Jim Pingle
11:59 AM Revision c9911976: Ticket #7089 Enhance Etc/GMT timezone descriptions: These work opposite to the way mere mortals expect.
Read: https://github.com/eggert/tz/blob/master/etcetera
Based on... Renato Botelho
11:58 AM Revision e5f4c829: Ticket #7089 Enhance Etc/GMT timezone descriptions: These work opposite to the way mere mortals expect.
Read: https://github.com/eggert/tz/blob/master/etcetera
Based on... Renato Botelho
11:51 AM pfSense Packages Todo #7055 (Feedback): Update OpenVPN Client Export package with OpenVPN 2.4: This is now live for 2.3.2_1 users as well. What little feedback I received was positive. We'll move forward from her... Jim Pingle
11:46 AM Revision 50af3592: Redmine #7089 Add extra help about timezone: We could also add some text like this to encourage users to choose the "Continent/City" time zones.
(cherry picked fr... Phil Davis
11:46 AM Revision 84adeb8c: Merge pull request #3355 from phil-davis/patch-1: Renato Botelho
11:35 AM Feature #7095 (Resolved): Improve Remote Gateway field description for IPSec VPN Phase 1: I think it would be nice if it would be mentioned that 0.0.0.0 is a valid value for that field
So... Philippe Schnyder
11:33 AM Feature #4354: Allow dpinger to ping more than one destination for a gateway.: Luke Hamburg wrote:
> _"8.8.8.8 is not a good target"_ huhhh? Then why does https://doc.pfsense.org/index.php/Multi-... Kill Bill
10:29 AM Feature #4354: Allow dpinger to ping more than one destination for a gateway.: this is from the manual
Connection Health Check: Uses the following methods to check if the WAN interfaces are stil... Michael Kellogg
10:20 AM Feature #4354: Allow dpinger to ping more than one destination for a gateway.: let me add to this talk past experiences (as i have a couple of maybe the worst isps anywhere ) I had a old dual wan ... Michael Kellogg
10:05 AM Feature #4354: Allow dpinger to ping more than one destination for a gateway.: Luiz:
_"If you monitor a couple of IPs and one of them is really down, the one you really need access, how you are... → luckman212
09:45 AM Feature #4354: Allow dpinger to ping more than one destination for a gateway.: Phillip Davis wrote:
> I would like to see something like this also. I had been meaning to look at it a long time ag... Luiz Souza
09:24 AM Feature #4354: Allow dpinger to ping more than one destination for a gateway.: "excess traffic" -- a 0 byte payload ICMP? I don't think we can call that excess traffic :)
"too much time before... → luckman212
09:23 AM Feature #4354: Allow dpinger to ping more than one destination for a gateway.: I would like to see something like this also. I had been meaning to look at it a long time ago! Maybe I will play wit... Phillip Davis
09:19 AM Feature #4354: Allow dpinger to ping more than one destination for a gateway.: No matter how multiple targets are handled, it is worse off in some way (excess traffic, too much time before an outa... Jim Pingle
08:35 AM Feature #4354: Allow dpinger to ping more than one destination for a gateway.: Can we get this one re-opened? This "bit" me badly yesterday at a customer site. Monitor IP of 8.8.8.8 started "flap... → luckman212
11:30 AM Bug #7034 (Resolved): NTP Orphan Mode stratum setting is not displayed in input field: Jim Pingle
11:22 AM Bug #7034: NTP Orphan Mode stratum setting is not displayed in input field: Just tested again with @2.4.0-BETA (amd64) built on Fri Jan 06 01:41:07 CST 2017, FreeBSD 11.0-RELEASE-p5@ and it's w... Thomas Rieschl
11:09 AM Bug #7094 (Duplicate): Unbound startup syntax is incorrect: This one is perhaps complicated to fix.
Currently if a unbound-control reload is issued then unbound will shutdown... Chris Collins
11:05 AM Bug #7093 (Rejected): "Outgoing Network Interfaces" is broken in dns resolver settings: The "Outgoing Network Interfaces" incorrectly applies the WAN ipv6 link-local when ALL is not selected and also when ... Chris Collins
10:59 AM Feature #7092 (Closed): Kernel modules for alternate congestion control algorithms: These are provided via kernel modules cc_cubic and cc_htcp
I am aware pfsense when its not the endpoint these are ... Chris Collins
10:38 AM Todo #7091 (Not a Bug): Write upgrade code to rename igb devices to em: As announced at [1] igb devices will become em devices on FreeBSD 12. We need to have some upgrade code ready to dete... Renato Botelho
10:27 AM Revision d2b1c52f: Allow hiding of gateways in Gateways Widget: Sometimes there are gateways that I do not care about, so it is handy to
be able to save some space on the dashboard ... Phil Davis
10:17 AM Bug #6837: Gateway Failover does not failback: Wait, _what?_ Default gateway switching is an experimental feature? That checkbox has been there since at least 2.0.... → luckman212
09:12 AM Bug #7089: Opposite of + or - is occurring when selecting time zone: The thing needs to be kept in-line with what the "standard" tz-database distribution is doing. Otherwise, as Jim says... Phillip Davis
08:49 AM Bug #7089: Opposite of + or - is occurring when selecting time zone: pfSense is not other products. And the Etc zones are NOT what you want, likely ever. We have been tempted to remove o... Jim Pingle
08:37 AM Bug #7089: Opposite of + or - is occurring when selecting time zone: In every other environment I've worked in that I can think of, you can pick the -5 and it's correct. Why is this any ... Geoffrey Bricker
07:52 AM Bug #7089: Opposite of + or - is occurring when selecting time zone: You should not be picking what you think is an offset (but is really a special-use time zone). Pick a geographic zone... Jim Pingle
07:51 AM Bug #7089: Opposite of + or - is occurring when selecting time zone: Just so I can be clear, you're saying the intended behavior is that - is + and + is minus? Every other device I've ev... Geoffrey Bricker
06:01 AM Bug #7089 (Feedback): Opposite of + or - is occurring when selecting time zone: Changes were added to let user know about how it works, as proposed by Phil. Renato Botelho
12:59 AM Bug #7089: Opposite of + or - is occurring when selecting time zone: Suggested enhancement to UI:
https://github.com/pfsense/pfsense/pull/3354 Phillip Davis
08:51 AM Bug #6936: OpenVPN client boot race causes intermittent dependent rule failure.: There is a good chance this has been fixed by #6132 so it's worth trying on a current 2.4 snapshot. Jim Pingle
08:43 AM Bug #6936: OpenVPN client boot race causes intermittent dependent rule failure.: Gavin
Have you retested on a recent 2.4 snap? → luckman212
07:20 AM Revision 0436b9a5: Redmine #7089 Add extra help about timezone: We could also add some text like this to encourage users to choose the "Continent/City" time zones. Phil Davis
06:32 AM Bug #7090 (Not a Bug): Firewall rule is ignored when action is pass: Configuration error. Post on the forum for discussion. Jim Pingle
12:17 AM Revision 1794ecbb: Handle the RA Search Domain List when writing out the RADVD config. Fixes #7081: Jim Pingle

01/05/2017

11:38 PM Bug #7089: Opposite of + or - is occurring when selecting time zone: Also, 99.9% of users should be selecting a timezone based on a continent/city in their area. This makes summer time c... Phillip Davis
11:21 PM Bug #7089: Opposite of + or - is occurring when selecting time zone: https://en.wikipedia.org/wiki/Tz_database#Area
"The special area of "Etc" is used for some administrative zones, par... Phillip Davis
08:22 PM Bug #7089: Opposite of + or - is occurring when selecting time zone: Oh and Yes, the time is also incorrect not just the + and the - Geoffrey Bricker
08:09 PM Bug #7089 (Resolved): Opposite of + or - is occurring when selecting time zone: I select ETC/GMT-5 on the web interface, and typing 'date' in shell shows the opposite, +5. I changed to -4, it went ... Geoffrey Bricker
11:21 PM Bug #7090 (Not a Bug): Firewall rule is ignored when action is pass: Hi,
I've got a firewall rule that reads:
States Protocol Source Port Destination Port Gateway Queue Schedule De... Walter Steinlein
11:18 PM Revision 80e7011f: Return partial MAC address matching support to is_macaddr(). Fixes #7088: Jim Pingle
06:30 PM Bug #7081 (Feedback): Search Domains not populating from RA using SLAAC: Applied in changeset commit:1794ecbb8b37fc97bd1d2fe6ab7ecc19d87a9a68. Jim Pingle
10:45 AM Bug #7081: Search Domains not populating from RA using SLAAC: The field "radomainsearchlist" in the GUI is not referenced anywhere in the backend. Needs some research/testing Jim Pingle
10:40 AM Bug #7081 (Resolved): Search Domains not populating from RA using SLAAC: When I enter nameservers in the DNS list for Router Advertisements in unmanaged mode the client will populate with th... Matthew Fine
05:30 PM Bug #7088 (Feedback): DHCP does not accept input into MAC Control Fields.: Applied in changeset commit:80e7011fddd29a387c4c84b68c8c49dce4494729. Jim Pingle
05:19 PM Bug #7088: DHCP does not accept input into MAC Control Fields.: This affects the main DHCP settings page not just the pools
is_macaddr() lost its $partial parameter/support require... Jim Pingle
04:15 PM Bug #7088 (Confirmed): DHCP does not accept input into MAC Control Fields.: Jim Pingle
04:03 PM Bug #7088 (Resolved): DHCP does not accept input into MAC Control Fields.: "If a mac allow list is specified, it must contain only valid partial MAC addresses."
Attempted input (I also trie... Shane Poteet
05:21 PM Revision 1d3fbcc7: Remove redundancy, more indentation cleanup: Joash Lewis
05:19 PM Revision 47f96785: Captive portal: make captiveportal_disconnect_all() faster: captiveportal_disconnect_all() removes the users one at a time and in some cases, when many hundreds of users are con... Caio Plumbeo
04:35 PM Revision bbb28670: Corrected indentation style: Joash Lewis
04:09 PM pfSense Packages Bug #7087 (Rejected): DNSBL service does not start: Is pfBlocker actually installed, enabled, and properly configured?
Please post on the forum in the pfBlockerNG boa... Jim Pingle
03:51 PM pfSense Packages Bug #7087: DNSBL service does not start: Other errors:... Brenden Smerbeck
03:48 PM pfSense Packages Bug #7087 (Rejected): DNSBL service does not start: Noticed this while configuring 2.4. dnsbl service does not start, and the .pid file has no value. Brenden Smerbeck
02:14 PM Revision ea02e3cf: Completes fix for #6972: Steve Beaver
01:10 PM Bug #7053 (Resolved): OpenVPN Client Specific Overrides - GUI Omissions and Errors: Jim Pingle
12:47 PM Revision e551eed0: Correctly report unmonitored gateway status: If an alternate monitor IP has been entered and saved, then the user
checks "Disable Gateway Monitoring" and saves, t... Phil Davis
12:47 PM Revision b6a107ac: Merge pull request #3353 from phil-davis/gw_status_umonitored: Renato Botelho
12:44 PM Revision 46237e23: get_pkg_info() fallback using pkg info if no local copy of repo catalog: *Current behaviour*
At the moment, get_pkg_info() is used to get all information on packages. The parameter _$local... Stilez y
12:44 PM Revision e47af756: get_pkg_info() fallback using pkg info if no local copy of repo catalog: *Current behaviour*
At the moment, get_pkg_info() is used to get all information on packages. The parameter _$local... Stilez y
12:37 PM Bug #7086 (Resolved): stale zfs file systems: I am not sure if this is a bug or a feature. Seems the 'Auto install'-values are used from the native FreeBSD while p... Ekki Gehm
12:29 PM Feature #7085 (New): Edit Firewall Rules Seperator: Once a Firewall Rule Separator is added you cannot edit it. You have to delete and add it again to make any changes. Adam Piasecki
12:02 PM Todo #7084 (Resolved): Intel IEEE 802.11ac wireless network driver: Hey folks,
I wonder if it would be possible to include the if_iwm.ko and related firmware .kos. They are new as of... Ekki Gehm
11:35 AM Bug #7083 (Resolved): Put back some visual hint for required fields: Pretty sure the convention was that the @<fielddescr>@ for a @<required/>@ field was shown in bold in pfSense before ... Kill Bill
11:15 AM Bug #7082: pkg_edit.php - impossible to use default_value with rowhelperfield: I'm kinda unsure that the <default_value> works like that even for non-rowhelperfield fields. :-) What I see in packa... Kill Bill
11:04 AM Bug #7082: pkg_edit.php - impossible to use default_value with rowhelperfield: I will investigate.
I presume the desired functionality is that if the element has no current (stored) value, the ... Anonymous
11:00 AM Bug #7082 (New): pkg_edit.php - impossible to use default_value with rowhelperfield: I mean, things like:... Kill Bill
10:52 AM Bug #5673: pkg_edit - Rowhelper descriptions are not printing: So, is it possible to have the @<description>@ tag printed somehow? (As a hover on the @<fielddescr>@ or whatever?) W... Kill Bill
10:48 AM Bug #6972 (Resolved): "Are you sure you wish to?" prompts and other issues with deleting networks from network-type aliases: Renato Botelho
10:34 AM Bug #6972: "Are you sure you wish to?" prompts and other issues with deleting networks from network-type aliases: Looks all good here. Thanks. ;) Kill Bill
08:15 AM Bug #6972: "Are you sure you wish to?" prompts and other issues with deleting networks from network-type aliases: Fixed. Please retest. Anonymous
10:45 AM Bug #7080 (Resolved): pkg_edit.php - rowhelper fielddescr disappears when last row is deleted: Jim Pingle
10:38 AM Bug #7080: pkg_edit.php - rowhelper fielddescr disappears when last row is deleted: Well, this was apparently another manifestation of Bug #6972. The issue seems gone with ea02e3cf5d54c9f1ebbe09d9fa552... Kill Bill
08:25 AM Bug #7080 (Feedback): pkg_edit.php - rowhelper fielddescr disappears when last row is deleted: Unable to reproduce with Safari, Firefox or Chrome. Am I doing something wrong?
!rowhelper.gif! Anonymous
08:10 AM Bug #7080 (Resolved): pkg_edit.php - rowhelper fielddescr disappears when last row is deleted: An example: https://github.com/pfsense/FreeBSD-ports/blob/devel/www/pfSense-pkg-squid/files/usr/local/pkg/squid_rever... Kill Bill
10:38 AM Bug #7050: Limiter with PFsense 2.4 transparent proxy: yeah, sort of. this is a fallout of 4326 not being properly tested under all conditions (nat, binat and rdr) - they ... Luiz Souza
08:00 AM Feature #7077: Display negotiated data encryption algorithm in OpenVPN connection status: "verbosity 4"? As in the system logs? Sure, it's in the logs, sure, but scraping logs isn't proper status output. It ... Jim Pingle
07:52 AM Feature #7077: Display negotiated data encryption algorithm in OpenVPN connection status: Their initial reply is that it's available if you use verbosity 4... which is correct, but not entirely useful. I'm a... Jeff Wischkaemper
07:57 AM Revision 0c5d4e8d: Correctly report unmonitored gateway status: If an alternate monitor IP has been entered and saved, then the user
checks "Disable Gateway Monitoring" and saves, t... Phil Davis
07:49 AM pfSense Packages Bug #6950 (Resolved): Auto Config Backup always reports success: Renato Botelho
04:04 AM pfSense Packages Bug #6950: Auto Config Backup always reports success: Works (at least for cases where write_config() returns false, and there's not really much else that could be done here.) Kill Bill
07:20 AM Bug #7033: Hidden rule break the policy routing: Jim Pingle wrote:
> Duplicate of #1136
>
> If you must have a second gateway on WAN, add floating rules to match ... Maxence Sartiaux
06:17 AM pfSense Packages Feature #6951 (Resolved): Disable Auto Config Backup without uninstalling: Renato Botelho
04:01 AM pfSense Packages Feature #6951: Disable Auto Config Backup without uninstalling: Merged and works, can be closed. Kill Bill
03:09 AM Revision cd45956e: Fix label for consistency.: Jim Pingle
03:04 AM Revision 09b2a4ce: Merge pull request #3351 from phil-davis/patch-2: Jim Pingle
03:03 AM Revision 383bbc17: vpn_openvpn_client comment typo: Same stuff was copied here Phil Davis
03:01 AM Revision 531c3486: Correct the method used for input validation of NTP Orphan mode. Fixes #7034: Jim Pingle
02:55 AM Revision c6945de7: Merge pull request #3350 from phil-davis/patch-1: Steve Beaver
02:52 AM Revision 20fb094c: vpn_openvpn_server comment typo: Phil Davis
01:51 AM Revision b6dd335e: Fix up OpenVPN CSC page help text, add IPv6 tunnel network. Fixes #7053: Jim Pingle

01/04/2017

11:16 PM pfSense Packages Todo #7055: Update OpenVPN Client Export package with OpenVPN 2.4: I just pushed this to 2.3.3 as well for more testing. Jim Pingle
07:58 AM pfSense Packages Todo #7055: Update OpenVPN Client Export package with OpenVPN 2.4: A new version of OpenVPN client export for pfSense 2.4 with OpenVPN 2.4 is up now for testing.
Key changes:
* Ope... Jim Pingle
10:50 PM Bug #6962 (Resolved): GUI allows selecting missing diffe-helman Paremeters for OpenVPN: I fixed this up among the other OpenVPN improvements this week. Jim Pingle
09:15 PM Revision d31a02b8: Fix a probably copy/paste error: Renato Botelho
09:14 PM Revision a1650bb7: Fix a probably copy/paste error: Renato Botelho
09:14 PM Revision 5fbb0cd7: As done on OpenVPN Server, delete tunnel when dev_mode changes so new device is created accordingly: Renato Botelho
09:14 PM Revision 21504a52: As done on OpenVPN Server, delete tunnel when dev_mode changes so new device is created accordingly: Renato Botelho
09:11 PM Revision 16fbe9b7: change as commented and remove redundant help text: Stilez y
09:10 PM Todo #7054 (Resolved): Update OpenVPN to 2.4.0: Jim Pingle
09:10 PM Bug #7034 (Feedback): NTP Orphan Mode stratum setting is not displayed in input field: Applied in changeset commit:531c348639adb8b7e7d190e8fdab709fea61f61a. Jim Pingle
09:00 PM Bug #7034 (Confirmed): NTP Orphan Mode stratum setting is not displayed in input field: Yep, something isn't quite right with how it's doing validation. Jim Pingle
03:45 PM Bug #7034: NTP Orphan Mode stratum setting is not displayed in input field: I just tested it with the current nightly (@2.4.0-BETA (amd64) built on Wed Jan 04 13:38:53 CST 2017; FreeBSD 11.0-RE... Thomas Rieschl
09:06 PM Revision 3b1642ff: Destroy tun/tap device when delete OpenVPN tunnel: Renato Botelho
09:06 PM Revision 9272a448: Remove unnecessary reference: Renato Botelho
09:06 PM Revision d37d7c3a: Fix conditional to work as expected when $id == 0: Renato Botelho
09:06 PM Revision 65bb2289: Remove unnecessary reference: Renato Botelho
09:06 PM Revision 99969821: Fix conditional to work as expected when $id == 0: Renato Botelho
08:57 PM Revision b191e31e: No longer add "null" to the selector when clicking a blank area: Steve Beaver
08:57 PM Revision 54c90c35: Minor help text change: Steve Beaver
08:55 PM Revision a0052ea3: left label as comment above: Stilez y
08:53 PM Revision 636a410c: Remove direct calls to /sbin/ifconfig destroy by pfSense_interface_destroy(): Renato Botelho
08:53 PM Revision 414aa359: Remove direct calls to /sbin/ifconfig destroy by pfSense_interface_destroy(): Renato Botelho
08:52 PM Revision ef703804: Revert "Destroy tun/tap device when delete OpenVPN tunnel": This reverts commit 0a07be0287189cda229fab27ad733e9de3dc12f5. Renato Botelho
08:52 PM Revision a075265e: Various wording changes: Stilez y
08:38 PM Revision 0a07be02: Destroy tun/tap device when delete OpenVPN tunnel: Renato Botelho
08:35 PM Revision 625b688c: Fix NCP breaking save on a new server/client. Ticket #7072: Jim Pingle
08:28 PM Revision e2f0ad13: Some improvements to the NCP validation. Ticket #7072: Jim Pingle
08:00 PM Bug #7053 (Feedback): OpenVPN Client Specific Overrides - GUI Omissions and Errors: Applied in changeset commit:b6dd335e6b81c89f2e4dd63cbd638853ebe2a275. Jim Pingle
07:51 PM Feature #7061 (Resolved): OpenVPN 2.4 supports pushing IPv6, allow the GUI to define IPv6 OpenVPN DNS servers to push to clients.: Jim Pingle
07:45 PM Revision fa351dd3: Add NCP options to OpenVPN client. Fixes #7072: Jim Pingle
07:45 PM Revision 9423ff32: Whitespace fixes. Ticket #7072: Jim Pingle
07:34 PM Bug #6099: igmpproxy does not recognize upstream interface: Is the change also available to 2.3.3 branch ? Alexandre Paradis
09:00 AM Bug #6099: igmpproxy does not recognize upstream interface: Luiz Otavio O Souza wrote:
> Ooops. Sorry for the breakage.
>
> Fixed in the latest version.
>
> Thanks for t... Lars Veldcholte
05:51 AM Bug #6099 (Resolved): igmpproxy does not recognize upstream interface: Renato Botelho
07:14 PM Feature #7077: Display negotiated data encryption algorithm in OpenVPN connection status: I'll see what I can do and report back. Jeff Wischkaemper
07:09 PM Feature #7077: Display negotiated data encryption algorithm in OpenVPN connection status: Nothing in particular comes to mind, it would be nice to see all of the known parameters for connecting clients/serve... Jim Pingle
06:45 PM Feature #7077: Display negotiated data encryption algorithm in OpenVPN connection status: Will do. Is there something specific I can ask for over there that would make it easier for you? Jeff Wischkaemper
05:31 PM Feature #7077 (Needs Patch): Display negotiated data encryption algorithm in OpenVPN connection status: We have no way to detect that currently. OpenVPN does not report that in any of their status output. Open a feature r... Jim Pingle
03:59 PM Feature #7077 (Resolved): Display negotiated data encryption algorithm in OpenVPN connection status: NCP is great. Not knowing what cipher NCP negotiated is less great.
It would be excellent to add something on the... Jeff Wischkaemper
07:13 PM Revision a095e8b2: Load current saved value to display in GUI: Joash Lewis
07:10 PM Revision d66cfa3d: Validate the submitted Encryption Algorithm and NCP Algorithm list. Ticket #7072: Jim Pingle
06:58 PM Revision a5978b9a: Server side validation and description amendment: Joash Lewis
06:57 PM Revision c73367d2: Add backend support to OpenVPN for NCP. Ticket #7072: Jim Pingle
06:55 PM Revision 280f0009: Set default in 'else' of if block: Joash Lewis
06:48 PM Bug #7079 (Closed): ClamAV C-ICAP causing Kernel Panic and System Crash: Running ClamAV causes sporadic kernel panics and resets with the following syntax:... Brenden Smerbeck
06:44 PM Feature #7078: Allow reordering of client specific overrides in OpenVPN: Organization, primarily. I have about 100 of them which are are generally speaking associated with different sites. I... Jeff Wischkaemper
05:27 PM Feature #7078: Allow reordering of client specific overrides in OpenVPN: For what purpose? They are all mutually exclusive. Jim Pingle
05:02 PM Feature #7078 (New): Allow reordering of client specific overrides in OpenVPN: It would be useful to rearrange the client specific overrides in OpenVPN. Jeff Wischkaemper
06:36 PM Revision 9d773c17: Fix NCP defaults when editing an OpenVPN server, some help changes/fixes for NCP as well.: Jim Pingle
06:22 PM Feature #7072 (Resolved): vpn_openvpn_server.php / vpn_openvpn_client.php : Add controls to OpenVPN for Negotiable Crypto Parameters: Looks good Jim Pingle
04:26 PM Feature #7072 (Feedback): vpn_openvpn_server.php / vpn_openvpn_client.php : Add controls to OpenVPN for Negotiable Crypto Parameters: Fixed Anonymous
03:38 PM Feature #7072 (Assigned): vpn_openvpn_server.php / vpn_openvpn_client.php : Add controls to OpenVPN for Negotiable Crypto Parameters: There's one little problem left with the NCP list control. Clicking in empty area on the right side adds a "null" ent... Jim Pingle
01:50 PM Feature #7072 (Feedback): vpn_openvpn_server.php / vpn_openvpn_client.php : Add controls to OpenVPN for Negotiable Crypto Parameters: Applied in changeset commit:fa351dd3c13e65dfabfb0f2ac2ed72b332276892. Jim Pingle
01:12 PM Feature #7072: vpn_openvpn_server.php / vpn_openvpn_client.php : Add controls to OpenVPN for Negotiable Crypto Parameters: See also:
* commit:bd07fbdb4b81fc358b8fa55b06469dde7a3870df
* commit:6c00adf3316d2c5214f7e9cf2e5f138c32845d58
* co... Jim Pingle
06:17 PM Revision 6c00adf3: Fix copy/paste error: Jim Pingle
06:16 PM Revision d6c4d9a0: Fix ntp gps status: - trim sat in use
- gps ok for GPGLL
- lat & lon direction for GPGGA & GPGLL
- sat in use text position fixed
(cherr... Jack Booth
06:16 PM Revision 03faed2b: Merge pull request #3326 from jskyboo/master: Renato Botelho
06:12 PM Revision bd07fbdb: Partial solution to #7072: Requires "Back-end" stuff to actually use this, and should be copied to the client page too Steve Beaver
04:37 PM Revision 414d2720: Captive portal: rework logging and RADIUS accounting when disabling a zone or rebooting: Make captiveportal_radius_stop_all() log the disconnections in the system log and fix it so that it works with the zo... Caio Plumbeo
04:36 PM Revision 364d473b: Merge pull request #3315 from plumbeo/accounting-on-disable-reboot: Renato Botelho
04:25 PM Revision 8ebf7ce7: Captive portal: use locking to avoid race conditions between rc.prunecaptiveportal and captiveportal_disconnect_all(): Convert rc.prunecaptiveportal to lock()/unlock()/try_lock() and use the lock to ensure that there aren't race conditi... Caio Plumbeo
04:25 PM Revision 2795722b: Captive portal: work around race condition between captiveportal_disconnect_all() and captiveportal_prune_old(): Captiveportal_disconnect_all() loops through the active users and disconnects them immediately but doesn't remove the... Caio Plumbeo
04:24 PM Revision 91ba532c: Merge pull request #3316 from plumbeo/fix-disconnect-all: Renato Botelho
04:17 PM Revision 7f799b0b: Make appropriate success or danger boxes in system_crlmanager: When there is a problem, the messages should be in a "danger" box.
Note: It is a bit difficult to actual get the dang... Phil Davis
04:17 PM Revision 9622df3f: Merge pull request #3348 from phil-davis/patch-2: Renato Botelho
04:15 PM Revision 0349ebaa: Remove unused print_info_box($savemsg): These are files that make no use of $savemsg.
May as well remove the print_info_box($savemsg) to avoid future
confusi... Phil Davis
04:15 PM Revision 65c02630: Merge pull request #3349 from phil-davis/unused_savemsg: Renato Botelho
04:08 PM Revision 6b680dac: dyndns.class, fix json curl body parsing for Cloudflare by not including headers: (cherry picked from commit 15dcf1320c08eb9339eda3e6fdf04599c51694b7) Pi Ba
04:08 PM Revision b628775d: Merge pull request #3342 from PiBa-NL/dyndns.class_json_body: Renato Botelho
04:07 PM Revision 8323e1d7: Change wording: (cherry picked from commit 6c1e85e544814d336b47fbc782a6aff77ea7301f) Doktor Notor
04:07 PM Revision ff2c0021: Update format: (cherry picked from commit 3d116b5c8d5c6474821d3a6607f9fa929df2f481) Doktor Notor
04:07 PM Revision 1d0322b5: Improve Unbound forwarding mode description: Make this consistent with System - General Setup - DNS Server Settings.
(cherry picked from commit 58523c575f9d075f0a... Doktor Notor
04:07 PM Revision 9e0fab88: Improve - System - General - DNS Server Settings descriptions: - Add missing DNS Resolver references
- Nuke PPTP VPN mentions
- Use letter case consistently.
The "Disable DNS Forw... Doktor Notor
04:07 PM Revision c1510eda: Merge pull request #3338 from doktornotor/patch-1: Renato Botelho
04:05 PM Revision 930b2110: firewall_rules_edit stop Floating field displaying: Seems to fix https://redmine.pfsense.org/issues/7057
But I have not looked underneath the hood - just copied the way ... Phil Davis
04:05 PM Revision 956be41c: Merge pull request #3329 from phil-davis/patch-1: Renato Botelho
03:48 PM Revision 23bd0f9d: Added support for CloudFlares Proxy.: Included a checkbox to enable and disable this feature when CloudeFlare
type is selected.
Included proxied variable i... CarlGill
03:48 PM Revision 901acd1f: Merge pull request #3132 from WorldTech-Solutions/master: Renato Botelho
02:37 PM Bug #6972: "Are you sure you wish to?" prompts and other issues with deleting networks from network-type aliases: To reproduce:
1/ Edit some alias
*2/ Add some rows*
3/ Now, try to delete them (or the previously existing rows)... Kill Bill
02:33 PM Bug #6972: "Are you sure you wish to?" prompts and other issues with deleting networks from network-type aliases: I am unable to reproduce this in the updated version. Clicking the trash can icon previously did not delete for me, b... Anonymous
02:08 PM Bug #6972 (Assigned): "Are you sure you wish to?" prompts and other issues with deleting networks from network-type aliases: Renato Botelho
01:35 PM Bug #6972: "Are you sure you wish to?" prompts and other issues with deleting networks from network-type aliases: OK, got to testing. As a good news, the annoying prompt is gone. The second symptom (unable to delete added rows when... Kill Bill
01:53 PM Revision f69e098f: Fix #7074: Fix automatic port number guessing: Rework openvpn_port_used() to take care of following conflicts after
ticket #7062 was committed:
* "UDP" is dual sta... Renato Botelho
01:40 PM Revision feec858c: Remove this extra comma. It's not causing a syntax error but it's also not necessary.: Jim Pingle
01:07 PM Revision 32771b5a: Rework openvpn_vpnid_next() and remove duplicated code: Renato Botelho
01:07 PM Revision 65d0277d: Rework openvpn_vpnid_next() and remove duplicated code: Renato Botelho
12:14 PM Bug #7074 (Resolved): Due to OpenVPN protocol selection changes, automatic port number guessing/adjustment is not working: I tried a few combinations and it all worked. Creating a new instance or using the wizard properly guessed the next h... Jim Pingle
08:00 AM Bug #7074 (Feedback): Due to OpenVPN protocol selection changes, automatic port number guessing/adjustment is not working: Applied in changeset commit:f69e098f41bb3937b244b557969009535a911ef4. Renato Botelho
06:48 AM Bug #7074: Due to OpenVPN protocol selection changes, automatic port number guessing/adjustment is not working: I'll work on it Renato Botelho
12:13 PM pfSense Packages Bug #6527 (Feedback): Squid 3.5 - Deprecated "ssl_bump server-first all" don't allow SNI in transparent mode with HTTPS/SSL Interception: PR has been merged to 2.4.0 and 2.3.3 snapshots Renato Botelho
11:32 AM Feature #7071 (Resolved): Add TLS Encryption (--tls-crypt) as an optional TLS Key usage type for OpenVPN 2.4: Works Jim Pingle
11:24 AM Revision c6aca57d: Remove duplicated if block: Joash Lewis
10:54 AM Bug #7076 (Duplicate): Packets accepted by IP but rejected because "Allow IP options" is disabled are not logged: Hi,
I added a rule to allow multicast traffic by IP without "Allow IP options" enabled (because I did not yet know... JJ Meijer
10:46 AM Bug #6906 (Resolved): Issues with /tmp and /var in RAM on 2.4: Works fine on two different systems here, thanks! Jim Pingle
08:13 AM Bug #6906 (Feedback): Issues with /tmp and /var in RAM on 2.4: The issue was happening on ZFS and should be fixed after commit:b712dd529e2445fc20e983815a80a4e8ea109760 Renato Botelho
10:19 AM Bug #5993: dhcp6c not started until an RA received: OK, had a look around that bit of code. This is what I have found:
1. RTSOLD still launches multiple dhcp6c client... Martin Wasley
02:41 AM Bug #5993: dhcp6c not started until an RA received: The dhcpc before RA was originally my fix for an issue we have with Sky ISP in the U.K. I got very busy with work and... Martin Wasley
09:55 AM Bug #6856 (Duplicate): "Force Config Settings" buton on master causes slave to loss IP alises on lo0: Duplicate of #7010 which is already fixed. Jim Pingle
09:52 AM Revision 24a4f2ef: Remove unused print_info_box($savemsg): These are files that make no use of $savemsg.
May as well remove the print_info_box($savemsg) to avoid future
confusi... Phil Davis
09:45 AM Revision 61d1ca3e: Make appropriate success or danger boxes in system_crlmanager: When there is a problem, the messages should be in a "danger" box.
Note: It is a bit difficult to actual get the dang... Phil Davis
02:35 AM Revision b743ea87: Add some more help text to OpenVPN pages.: Jim Pingle
01:14 AM Bug #4310: Limiters + HA results in hangs on secondary: Dear Luiz! Can we expect real fix in 2.4? We are waiting for it too long, and this is a really critical problem, sinc... Vladimir Usov
12:42 AM Revision cc38ae2d: Build net-snmp for experimentation purposes.: Jim Pingle

01/03/2017

11:31 PM Revision 4034876f: Fix indentation: Joash Lewis
11:30 PM Bug #7050: Limiter with PFsense 2.4 transparent proxy: Luiz Otavio O Souza wrote:
> The issue here is limiter (dummynet) and pf redir on the same interface.
> The transpa... Kill Bill
05:45 PM Bug #7050 (Confirmed): Limiter with PFsense 2.4 transparent proxy: The issue here is limiter (dummynet) and pf redir on the same interface.
The transparent proxy adds a rdr rule to ... Luiz Souza
11:24 PM Revision 79e18c9f: Merge branch 'master' into reverting: Joash Lewis
11:23 PM Revision 47ec605d: Enable setting auth refresh time in GUI: Joash Lewis
11:16 PM Revision 457c4151: GUI auth refresh timer preference: Joash Lewis
11:06 PM Revision 6240c8fe: Override default timer if set in system config: Joash Lewis
10:26 PM Revision 02b8b883: Cache authentication for a short time: Currently there is an authentication lookup for every GET; a single page load can cause dozens of lookups and hundred... Joash Lewis
10:18 PM Revision 745b8095: Cache authentication for a short time: Currently there is an authentication lookup for every GET; a single page load can cause dozens of lookups and hundred... Joash Lewis
09:23 PM Bug #7066: vmx(4) interfaces do not have ALTQ support on pfSense 2.4, they had ALTQ support on 2.3: I also see this on Hyper-V virtual NICs (not legacy). Perhaps this is a more generalized issue?
Michael OBrien
05:14 PM Bug #7066: vmx(4) interfaces do not have ALTQ support on pfSense 2.4, they had ALTQ support on 2.3: This appears to be caused by r263259 in FreeBSD 11 - Add Tx/Rx multiqueue support to vmx(4).
I believe that ALTQ d... Greg Siemon
08:59 PM Revision 9416a5a3: SESSION remembers authentication instead of checking for every HTTP request: Joash Lewis
08:52 PM Revision b399d623: SESSION remembers authentication instead of checking for every HTTP request: Joash Lewis
05:46 PM Bug #6594: Package reinstallation post-config restore hangs if no Internet connectivity: I was just hit by this as well. In my case I am preparing to replace a device at a remote site. I used pfsense's rest... Pig Monkey
04:47 PM Revision 4cfd15a9: Replace "client-cert-not-required" with "verify-client-cert none". Fixes #7073: Jim Pingle
04:44 PM Bug #6099: igmpproxy does not recognize upstream interface: No problem, sh** happens ;-)
I updated my box today to version 2.4.0.b.20170103.0147.
Checked igmpproxy for new b... Philipp Haefelfinger
03:39 PM Revision b8b6a303: Add some help text to OpenVPN client/server for encryption and auth digest.: Jim Pingle
03:29 PM Revision c854afcc: Add --tls-crypt support for OpenVPN servers and clients. Implements #7071: Jim Pingle
02:27 PM Revision b712dd52: Make sure ZFS partiion is mounted read-write before try to change items in filesystem: Renato Botelho
01:50 PM Revision 23adb26d: Break some long lines, no functional changes: Renato Botelho
01:39 PM Revision 858e0d8d: Rework logic and reduce indent levels. No functional changes: Renato Botelho
01:34 PM Revision 3a92e10c: Fix #6357: Validate if RFC2136 dyndns updates succeeded: Renato Botelho
01:34 PM Revision 3bfb38f9: Fix #6357: Validate if RFC2136 dyndns updates succeeded: Renato Botelho
01:03 PM pfSense Packages Bug #6987: ntopng needs Google API key for GeoIP map: It is working on 2.3.3 snapshots as well. Kill Bill
11:21 AM pfSense Packages Bug #6987: ntopng needs Google API key for GeoIP map: Thanks, that's the information I was missing.
Stuart Wyatt
08:29 AM pfSense Packages Bug #6987: ntopng needs Google API key for GeoIP map: ntopng 2.4 is available on pfSense 2.4, and it works there. If/when the package is updated on other branches it will ... Jim Pingle
08:16 AM pfSense Packages Bug #6987: ntopng needs Google API key for GeoIP map: The bug referenced the need for ntopng version 2.4 to resolve the problem, so why is it being closed when version 2.2... Stuart Wyatt
05:28 AM pfSense Packages Bug #6987 (Closed): ntopng needs Google API key for GeoIP map: Renato Botelho
03:46 AM pfSense Packages Bug #6987: ntopng needs Google API key for GeoIP map: Apparently no patching required with ntopng-2.4.2016.10.14 - you can configure the API key in Preferences - Users - G... Kill Bill
11:53 AM Bug #7075 (Resolved): firewall states show negative value for total bytes processed: As seen in the screenshot, the "Firewall >> Rules >> LAN" page shows a negative number for total bytes processed by a... Bryan Stenson
11:42 AM Feature #4821: PPPoE WANs do not take full advantage of NIC driver queues for receiving traffic: According to this
https://lists.freebsd.org/pipermail/freebsd-net/2013-May/035564.html
Script that can solve CPU 1... Vladimir Suhhanov
11:10 AM Bug #7073 (Resolved): OpenVPN 2.4: client-cert-not-required is deprecated, replace with "verify-client-cert none": Works Jim Pingle
11:10 AM Bug #7073 (Feedback): OpenVPN 2.4: client-cert-not-required is deprecated, replace with "verify-client-cert none": Applied in changeset commit:4cfd15a94a97445d1334ad87bddf0c3700f74bf2. Jim Pingle
10:38 AM Bug #7073 (Resolved): OpenVPN 2.4: client-cert-not-required is deprecated, replace with "verify-client-cert none": In OpenVPN 2.4 "client-cert-not-required" is deprecated, the new functional equivalent directive is "verify-client-ce... Jim Pingle
11:10 AM Bug #7068 (Resolved): Prevent GCM encryption from being selected for Shared Key modes in OpenVPN: Works Jim Pingle
11:09 AM Feature #7064 (Resolved): Add LZO4 options for OpenVPN 2.4: Seems to work in every combination I've thrown at it. Jim Pingle
10:58 AM Bug #7074 (Resolved): Due to OpenVPN protocol selection changes, automatic port number guessing/adjustment is not working: After the protocol selection changes needed for #7062, the OpenVPN server page is not adjusting the port numbers like... Jim Pingle
09:56 AM Feature #7072 (Resolved): vpn_openvpn_server.php / vpn_openvpn_client.php : Add controls to OpenVPN for Negotiable Crypto Parameters: OpenVPN 2.4 automatically attempts to negotiate crypto between the client and server, due to this, the tunnel can end... Jim Pingle
09:40 AM Feature #7071 (Feedback): Add TLS Encryption (--tls-crypt) as an optional TLS Key usage type for OpenVPN 2.4: Applied in changeset commit:c854afcc3d7830414a2514a640248a5b239569a3. Jim Pingle
09:27 AM Feature #7071 (Resolved): Add TLS Encryption (--tls-crypt) as an optional TLS Key usage type for OpenVPN 2.4: OpenVPN 2.4 added --tls-crypt which works similar to --tls-auth, but also encrypts the control channel. It does not r... Jim Pingle
08:20 AM Revision 3cb0c7c3: vpn_ipsec_settings - do not redirect on save: When the user presses save, and there are no input errors, the data is
saved - good. But the page redirects away to i... Phil Davis
08:16 AM Revision 32973108: Ignore return from system_syslogd_start: system_syslogd_start returns the retrn value from mwexec_bg, which is
the PID of the background process. It is not an... Phil Davis
08:00 AM Bug #6357 (Feedback): Dynamic DNS (RFC2136) updates always considered successful: Applied in changeset commit:3bfb38f99cd1c15b5d502b3dbabc913226550d9c. Renato Botelho
07:24 AM Bug #6357 (Assigned): Dynamic DNS (RFC2136) updates always considered successful: Renato Botelho
05:30 AM Todo #7054 (Feedback): Update OpenVPN to 2.4.0: Basic updates are complete, now dealing with specific changes in separate tickets Renato Botelho
05:26 AM Bug #7070 (Duplicate): Sync username for xmlrmc seems considerate: Already fixed on 2.4.0 - see #809 Renato Botelho
05:01 AM Bug #7070 (Duplicate): Sync username for xmlrmc seems considerate: On master I do the folowing configuration:
!pfsense.png!
I have the folowing log on master :
@/rc.filter_sync... Lilian Deloche
05:05 AM Revision 44c42356: Report problems applying changes: 1) Strictly keep track of the accumulating $retval from calls to various
functions that apply changes.
2) Use new fun... Phil Davis
03:49 AM pfSense Packages Bug #7067: usbhid-ups - no such file or directory: There is no such thing needed, simply reboot after installing the package. Kill Bill
03:35 AM Revision 46c06ade: Fix typo. Ticket #7068: Jim Pingle
03:29 AM Feature #7069: Provide knob to disable state display in Diagnostics > States until a filter has been submitted.: https://github.com/pfsense/pfsense/pull/3344 Chris Linstruth
12:53 AM Feature #7069 (Resolved): Provide knob to disable state display in Diagnostics > States until a filter has been submitted.: Diagnostics > States becomes cumbersome on systems with large state tables. Provide a mechanism to suppress the displ... Chris Linstruth
03:18 AM Revision c13c0fd0: Reject the invalid OpenVPN combination of static key + GCM. Fixes #7068: Jim Pingle
02:24 AM Revision a4b36246: Bring compression options in line with OpenVPN 2.4. Note that the old style options are deprecated/legacy but don't remove yet, for compatibility. Implements #7064: Jim Pingle
12:10 AM Feature #2358: NAT64 support: UPVOTE!
First of all, thank you for the great open source firewall product. As Apple starts to require all the new... DB Tsai

01/02/2017

09:48 PM Bug #6906 (Assigned): Issues with /tmp and /var in RAM on 2.4: On a freshly installed VM I activated the option and when it rebooted, it came up all the way but it shows no package... Jim Pingle
09:20 AM Bug #6906 (Feedback): Issues with /tmp and /var in RAM on 2.4: I've used wrong ticket # in commit log. Relevant commits are:
commit:9bf6cdc135ddf108bc08f048687130c09cd09f4b and ... Renato Botelho
09:20 PM Bug #7068 (Feedback): Prevent GCM encryption from being selected for Shared Key modes in OpenVPN: Applied in changeset commit:c13c0fd0fe547fa8e35997d7ede7f8a6b33088fa. Jim Pingle
09:18 PM Bug #7068 (Resolved): Prevent GCM encryption from being selected for Shared Key modes in OpenVPN: OpenVPN 2.4 supports GCM encryption but it cannot be used in Shared Key mode. If you attempt to activate it, OpenVPN ... Jim Pingle
08:30 PM Feature #7064 (Feedback): Add LZO4 options for OpenVPN 2.4: Applied in changeset commit:a4b3624650aa46c9dc4a20afc5b522c6b9191904. Jim Pingle
08:11 PM Bug #1994 (Rejected): Remove priority on HFSC: HFSC support priorities just as any other scheduler:
hfsc Hierarchical Fair Service Curve. Queues attached ... Luiz Souza
09:20 AM Bug #1994: Remove priority on HFSC: Is there any possibility to change the target to 2.4.1?
Or... just fix it somebody, please :) Vladimir Suhhanov
06:52 PM Revision c66990a8: Fix up and enchance the help text for DH parameters, point to the doc wiki for info on how to generate new ones. Also add help text for ECDH Curve. #7063: Jim Pingle
05:28 PM Revision 9187d6f7: Change "privilege" to "access": in various text to make it read better Phil Davis
05:17 PM Revision 2906d139: Fix printing of local/remote host in OpenVPN status for Client Instances. If the client was not connected it was printing a ":" and nothing else in the field which was odd/confusing. Ticket #2766: Jim Pingle
04:36 PM Revision d9f1170e: Fixed #6972: I was only able to reproduce tis issue using Chrome, but it should now be resolved Steve Beaver
04:34 PM Revision fab3c245: Fixed #6972: I was only able to reproduce tis issue using Chrome, but it should now be resolved Steve Beaver
03:56 PM Revision 21312954: Use admin rather than root in UI text: Phil Davis
03:28 PM Revision 6c1e85e5: Change wording: Doktor Notor
03:27 PM Revision 3d116b5c: Update format: Doktor Notor
03:16 PM Revision 24318185: Revert "Theoretical fix for #6972": This reverts commit 335e63d66ce8af690d1a144d4ec6b385cbe39af4. Steve Beaver
03:10 PM Revision 8ccb89f5: Theoretical fix for #6972: Steve Beaver
02:58 PM Revision 3705d263: Ticket #6096: Add PKG_DBDIR and PKG_CACHEDIR to user environment: Renato Botelho
02:57 PM Revision 1494b4fa: Ticket #6096: Remove target before try to move, also use mv -f to avoid human interaction: Renato Botelho
02:55 PM Revision 550a7f4b: Pass specific filename to tar and rm during rrd backup: Renato Botelho
02:55 PM Revision 47158cfa: Check if array key exist before read its value: Renato Botelho
02:55 PM Revision b11f80ae: Fix indent: Renato Botelho
02:54 PM Revision f09aede6: Ticket #6096: Add PKG_DBDIR and PKG_CACHEDIR to user environment: Renato Botelho
02:54 PM Revision 9bf6cdc1: Ticket #6096: Remove target before try to move, also use mv -f to avoid human interaction: Renato Botelho
02:54 PM Revision 64f16544: Pass specific filename to tar and rm during rrd backup: Renato Botelho
02:54 PM Revision dc6d4775: Check if array key exist before read its value: Renato Botelho
02:54 PM Revision cee543b7: Fix indent: Renato Botelho
02:50 PM Revision c3372809: Fix up wording of the DUID option.: Jim Pingle
02:34 PM Revision a5d56253: Merge pull request #3304 from marjohn56/master: Jim Pingle
02:34 PM Bug #7062 (Resolved): OpenVPN 2.4 treats "udp" and "tcp" as dual stack now, move old preference to udp4/tcp4: OpenVPN's man page and docs say it should work but it tosses an error on the bind directive.
It appears to do the ... Jim Pingle
11:25 AM Bug #7062 (Assigned): OpenVPN 2.4 treats "udp" and "tcp" as dual stack now, move old preference to udp4/tcp4: This apparently still needs one more change. The IPv6 only modes need:... Jim Pingle
01:34 PM Revision 80d3effa: Make sure $openvpn_dh_lengths is declared global. Ticket #7065: Jim Pingle
01:29 PM Bug #7057 (Resolved): Hidden field displays in browser: Anonymous
01:09 PM Bug #7066: vmx(4) interfaces do not have ALTQ support on pfSense 2.4, they had ALTQ support on 2.3: For what it's worth, I saw the same behavior with igb interfaces after restoring a 2.3 config with a shaper. Landon Timothy
09:49 AM Bug #7066 (Resolved): vmx(4) interfaces do not have ALTQ support on pfSense 2.4, they had ALTQ support on 2.3: Attempting to configure traffic shaping on a pfSense 2.4 VMware VM with vmx NICs results in an error:... Jim Pingle
12:57 PM Revision af997ff7: Merge pull request #3339 from phil-davis/ovpn: Jim Pingle
12:54 PM Feature #7063 (Resolved): Add OpenVPN 2.4 ECDH options: I pushed a change with help text for DH & ECDH and also updated the doc wiki a bit: https://doc.pfsense.org/index.php... Jim Pingle
01:52 AM Feature #7063: Add OpenVPN 2.4 ECDH options: A little fix in https://github.com/pfsense/pfsense/pull/3340 Phillip Davis
12:00 PM Revision 57188e47: Add security notes for privilege assignment pages: Suggested solution for Redmine 2247 Phil Davis
11:39 AM Bug #6099: igmpproxy does not recognize upstream interface: Ooops. Sorry for the breakage.
Fixed in the latest version.
Thanks for the report. Luiz Souza
11:24 AM Feature #7061: OpenVPN 2.4 supports pushing IPv6, allow the GUI to define IPv6 OpenVPN DNS servers to push to clients.: Works fine. Client receives IPv6 DNS servers if they are configured. Jim Pingle
11:19 AM Feature #2766 (Resolved): status_openvpn.php needs IPv6 support: Works! Jim Pingle
10:50 AM Revision fafdd8f0: Fix #7059 Set expected icmptypes format: icmptype is a comma-separated list in the config. When attempting to save, the array in $_POST['icmptype'] needs to b... Phil Davis
10:50 AM Revision 8db81fbc: Merge pull request #3334 from phil-davis/patch-2: Renato Botelho
10:45 AM Revision b961bc23: Remove redundant gettext() in firewall_rules_edit: The 'helpmsg' here is already translated with gettext() when the 'helpmsg' array entries are set up, so IMHO there is... Phil Davis
10:45 AM Revision 43d72226: Merge pull request #3336 from phil-davis/patch-4: Renato Botelho
10:44 AM Revision c603ead7: firewall_rules_edit whitespace: (cherry picked from commit da391430080cb0e1b2054c6f676c9c678164f957) Phil Davis
10:44 AM Revision 6c536f39: Merge pull request #3335 from phil-davis/patch-3: Renato Botelho
10:42 AM pfSense Packages Bug #7067 (Closed): usbhid-ups - no such file or directory: After installing NUT and connecting a generic (Costco) CyberPower UPS, I receive the following error in the log:
u... Karl Janus
10:42 AM Revision 2025ba8c: Standardize privilege name capitalization: While looking at some privilege stuff, I noticed that various
capitlization looked inconsistent down the list. This m... Phil Davis
10:42 AM Revision 797ca4c7: Merge pull request #3322 from phil-davis/pagenames: Renato Botelho
10:40 AM Bug #6972: "Are you sure you wish to?" prompts and other issues with deleting networks from network-type aliases: Applied in changeset commit:fab3c245cfb52964cebdab2ea47dddb21731352a. Anonymous
10:37 AM Bug #6972 (Feedback): "Are you sure you wish to?" prompts and other issues with deleting networks from network-type aliases: I am only able to reproduce this with Chrome but it should now be resolved. Anonymous
10:38 AM Revision bc26d887: Merge pull request #3340 from phil-davis/patch-6: Renato Botelho
09:58 AM Bug #5976 (Assigned): Load cryptodev as a kernel module: reopening since crypto is not cryptodev. Pointy hat to me Renato Botelho
09:37 AM Bug #7065 (Resolved): OpenVPN Server conf files not created in /var/etc after upgrading to 2017.01.01.1906 release: Renato Botelho
08:54 AM Bug #7065: OpenVPN Server conf files not created in /var/etc after upgrading to 2017.01.01.1906 release: Working now.
Thanks again for the quick turnaround.
Jeff Wischkaemper
08:27 AM Bug #7065: OpenVPN Server conf files not created in /var/etc after upgrading to 2017.01.01.1906 release: Now it˛`s all good.
Thanks again! Greg M
08:00 AM Bug #7065: OpenVPN Server conf files not created in /var/etc after upgrading to 2017.01.01.1906 release: Yes it's building right now, we restarted the snapshot builds to make sure it gets picked up. Jim Pingle
07:57 AM Bug #7065: OpenVPN Server conf files not created in /var/etc after upgrading to 2017.01.01.1906 release: Thanks for the quick response on this Jim. I assume another snapshot will hit later this morning or early afternoon? Jeff Wischkaemper
07:50 AM Bug #7065: OpenVPN Server conf files not created in /var/etc after upgrading to 2017.01.01.1906 release: That was probably from before the sync. Clear the error and check again. If you can, reboot and see if the error is g... Jim Pingle
07:45 AM Bug #7065: OpenVPN Server conf files not created in /var/etc after upgrading to 2017.01.01.1906 release: I just have this now...
Crash report begins. Anonymous machine information:
amd64
11.0-RELEASE-p5
FreeB... Greg M
07:44 AM Bug #7065: OpenVPN Server conf files not created in /var/etc after upgrading to 2017.01.01.1906 release: OK. We will wait for it to show up in snapshots and re-test and then if it's OK there, this can be closed. Jim Pingle
07:43 AM Bug #7065: OpenVPN Server conf files not created in /var/etc after upgrading to 2017.01.01.1906 release: Yep, all works now.
Thanks! Greg M
07:36 AM Bug #7065: OpenVPN Server conf files not created in /var/etc after upgrading to 2017.01.01.1906 release: I just pushed another change that should help, give it ~5-10 mins to show up on github and then gitsync or apply that... Jim Pingle
07:34 AM Bug #7065: OpenVPN Server conf files not created in /var/etc after upgrading to 2017.01.01.1906 release: Greg M wrote:
> Ummm I`m on: 2.4.0.b.20170102.0439
> Issue persists.
Try to gitsync with master or wait next sna... Renato Botelho
07:32 AM Bug #7065: OpenVPN Server conf files not created in /var/etc after upgrading to 2017.01.01.1906 release: Ummm I`m on: 2.4.0.b.20170102.0439
Issue persists. Greg M
07:29 AM Bug #7065 (Feedback): OpenVPN Server conf files not created in /var/etc after upgrading to 2017.01.01.1906 release: This should be fixed by the PR that was merged a short while ago and is already in the latest snapshot. Update to the... Jim Pingle
07:26 AM Bug #7065: OpenVPN Server conf files not created in /var/etc after upgrading to 2017.01.01.1906 release: I am seeing the same errors as Greg, though I'm using a DH of 4096 instead of 2048.
Problem is still occurring on... Jeff Wischkaemper
07:24 AM Bug #7065: OpenVPN Server conf files not created in /var/etc after upgrading to 2017.01.01.1906 release: Forgot to add...
If I use ECDH only it works... Greg M
07:23 AM Bug #7065: OpenVPN Server conf files not created in /var/etc after upgrading to 2017.01.01.1906 release: Hi!
I`m also affected.
First thing:
Crash report begins. Anonymous machine information:
amd64
11.0... Greg M
07:05 AM Bug #7065: OpenVPN Server conf files not created in /var/etc after upgrading to 2017.01.01.1906 release: The only error that could cause the settings to not be written is if you have selected DH parameters that do not have... Jim Pingle
01:12 AM Bug #7065: OpenVPN Server conf files not created in /var/etc after upgrading to 2017.01.01.1906 release: First problem I found is if you edit/save a client, it writes the protocol description to the config, rather than the... Phillip Davis
08:05 AM Bug #7059 (Resolved): firewall_rules_edit.php - strlen error when there are input errors: Looks good, no more strlen error. Jim Pingle
04:51 AM Bug #7059 (Feedback): firewall_rules_edit.php - strlen error when there are input errors: PR has been merged Renato Botelho
07:48 AM Revision c6668aba: Fix var name cut-paste error in openvpn.inc: Phil Davis
07:08 AM Revision 128b93e0: OpenVPN Client 2.4 save correct protocol: This needs to be fixed the same as vpn_openvpn_server.php Phil Davis
04:15 AM Bug #5218: CSRF magic modifies content in pfSense interface: No, it's back again on my installation (2.3.2), in my case while editing php files with embedded html Raffaele Candeliere
12:24 AM Revision f888c35a: Add OpenVPN ECDH options. Implements #7063: Jim Pingle

01/01/2017

11:34 PM Bug #7065 (Resolved): OpenVPN Server conf files not created in /var/etc after upgrading to 2017.01.01.1906 release: After upgrading to the latest release (20170101.1906), OpenVPN server conf files are not populated in the /var/etc di... Jeff Wischkaemper
11:09 PM Revision 58523c57: Improve Unbound forwarding mode description: Make this consistent with System - General Setup - DNS Server Settings. Doktor Notor
10:42 PM Revision a56e37ca: Improve - System - General - DNS Server Settings descriptions: - Add missing DNS Resolver references
- Nuke PPTP VPN mentions
- Use letter case consistently.
The "Disable DNS Forw... Doktor Notor
09:47 PM Revision ca366676: Update OpenVPN protocol preferences to match the new behavior of OpenVPN 2.4. Fixes #7062: Jim Pingle
07:31 PM Revision 6a638752: Allow OpenVPN DNS servers for clients to be IPv6 as well as IPv4. Implements #7061: Jim Pingle
06:58 PM Feature #7064 (Resolved): Add LZO4 options for OpenVPN 2.4: OpenVPN 2.4 added support for LZO4 which gets better performance and consumes less CPU... Jim Pingle
06:30 PM Feature #7063 (Feedback): Add OpenVPN 2.4 ECDH options: Applied in changeset commit:f888c35aa25b38cdf5b1a73fc65ed6959451bfe0. Jim Pingle
06:23 PM Feature #7063 (Resolved): Add OpenVPN 2.4 ECDH options: OpenVPN 2.4 added two ECDH-related options:
1. Settings "dh" to "none" tells OpenVPN to use only ECDH and not DH
... Jim Pingle
06:03 PM Bug #7057: Hidden field displays in browser: Using the addGlobal() method is the best way to do this as Phil has demonstrated. That creates a simple input without... Anonymous
05:49 PM Revision 9b3518d0: Print IPv6 addresses in the widget, too. Ticket #2766: Jim Pingle
05:23 PM Revision bffa3185: Show IPv6 for static key servers, too. Fixes #2766: Jim Pingle
04:59 PM Revision cbfd0754: Add IPv6 virtual address to SSL/TLS client output, formatting corrections/enhancement for SSL/TLS client and server. Ticket #2766: Jim Pingle
04:49 PM Feature #5549: Additional DNS entries in General Setup would be good for 3 or more WAN's: Yup. It'd be awesome if those settings were moved to the relevant place (i.e., DNS forwarder/resolver settings). This... Kill Bill
03:29 PM Feature #5549: Additional DNS entries in General Setup would be good for 3 or more WAN's: That's for the host resolver itself -- dnsmasq and unbound in forwarding mode will pick up more. Jim Pingle
03:01 PM Feature #5549: Additional DNS entries in General Setup would be good for 3 or more WAN's: Maybe someone could instead fix/nuke the misleading note from the GUI, instead of putting in more DNS servers that wi... Kill Bill
01:00 PM Feature #5549: Additional DNS entries in General Setup would be good for 3 or more WAN's: this is true add ipv6 and it has even more need
Michael Kellogg
04:03 PM Revision 6f17547a: Update OpenVPN SSL/TLS server status to reflect changes in OpenVPN 2.4. Ticket #2766: Jim Pingle
04:00 PM Bug #7062 (Feedback): OpenVPN 2.4 treats "udp" and "tcp" as dual stack now, move old preference to udp4/tcp4: Applied in changeset commit:ca3666766588538934bedc6933934fbadb9249ef. Jim Pingle
03:47 PM Bug #7062 (Resolved): OpenVPN 2.4 treats "udp" and "tcp" as dual stack now, move old preference to udp4/tcp4: OpenVPN 2.4 changed the meaning of "udp" and "tcp" to be dual stack, listening on IPv6 on all interfaces at once. "lo... Jim Pingle
01:40 PM Feature #7061 (Feedback): OpenVPN 2.4 supports pushing IPv6, allow the GUI to define IPv6 OpenVPN DNS servers to push to clients.: Applied in changeset commit:6a638752c8a3861a3309c3dc8d557c8904ff84d6. Jim Pingle
01:31 PM Feature #7061 (Resolved): OpenVPN 2.4 supports pushing IPv6, allow the GUI to define IPv6 OpenVPN DNS servers to push to clients.: OpenVPN 2.4 supports pushing IPv6, allow the GUI to define IPv6 OpenVPN DNS servers to push to clients.
To me, I h... Jim Pingle
11:58 AM Bug #7036: 2.4 ZFS on RCC-VE 2440 hangs: I also have the same issue on my RCC-VE 2440. I've tried with both Bios 06 and 08, same issue. It takes 15-20 minut... J Harnick
11:30 AM Feature #2766 (Feedback): status_openvpn.php needs IPv6 support: Applied in changeset commit:bffa3185a63cbdd727701704d3b82abd7c61a78c. Jim Pingle
09:16 AM Feature #2766: status_openvpn.php needs IPv6 support: It's finally there in OpenVPN 2.4!
And since it's caused the status page to report fields incorrectly, it needs to... Jim Pingle
10:31 AM Bug #6340: fsck hangs boot in background, fails to produce any action, resulting in broken firewall: Turn off sync mode.
On a clean system, before an issue crops up. It will let UFS do what it does, and not genera... ky41083 -
08:00 AM Todo #7060 (Rejected): Logically organise various backup/restore functions?: We don't like to move things just to move them, unless it's worth updating all of the documentation and other related... Jim Pingle
07:13 AM Todo #7060 (Rejected): Logically organise various backup/restore functions?: I'd like to do a quick reorganise of the various backup and restore functions in the GUI. While not a huge problem it... Stilez y
05:32 AM Feature #4632: Support for Multipath TCP (MPTCP): Hello,
Could you please add this feature on 2.4.0 version? serdar kekik
05:16 AM Revision cffe1271: Remove redundant gettext() in firewall_rules_edit: The 'helpmsg' here is already translated with gettext() when the 'helpmsg' array entries are set up, so IMHO there is... Phil Davis
05:11 AM Bug #2247: Misleading security permission: Next round of possibilities in PR https://github.com/pfsense/pfsense/pull/3337 Phillip Davis
05:09 AM Revision da391430: firewall_rules_edit whitespace: Phil Davis
04:32 AM Revision 23057964: Fix #7059 Set expected icmptypes format: icmptype is a comma-separated list in the config. When attempting to save, the array in $_POST['icmptype'] needs to b... Phil Davis

12/31/2016

10:33 PM Bug #7059: firewall_rules_edit.php - strlen error when there are input errors: Try PR https://github.com/pfsense/pfsense/pull/3334 Phillip Davis
09:31 AM Bug #7059 (Resolved): firewall_rules_edit.php - strlen error when there are input errors: Craft an invalid firewall rule, such as one set for IPv4 with an IPv6 src/dst, and when the input errors are displaye... Jim Pingle
01:42 PM Revision 48157a04: Standardize privilege name capitalization: While looking at some privilege stuff, I noticed that various
capitlization looked inconsistent down the list. This m... Phil Davis
11:42 AM Revision 5e391e58: Improve labels + help text for IPv6 tunneling options: * Move the help message to be on the group as a whole not just the IP input field
* Clarify the IP field (label state... Stilez y
11:25 AM Revision 76895c7f: firewall_rules_edit stop Floating field displaying: Seems to fix https://redmine.pfsense.org/issues/7057
But I have not looked underneath the hood - just copied the way ... Phil Davis
07:45 AM Bug #7058: Alias type-checking issues: You cannot specify either one in the rule directly because it doesn't make sense. Use an alias with mixed contents in... Jim Pingle
07:31 AM Bug #7058: Alias type-checking issues: In which case flip the question on-end, why does the code (_firewall_rules_edit.php_) seem to disallow IPv4 and IPv6 ... Stilez y
07:01 AM Bug #7058 (Not a Bug): Alias type-checking issues: What's the bug here?
pf allows mixed aliases and only uses appropriate addresses when matching. We allow it becaus... Jim Pingle
04:50 AM Bug #7058 (Not a Bug): Alias type-checking issues: pfSense really needs a more strongly type-checked alias system/API/library.
Current example: often these days a s... Stilez y
07:25 AM Bug #6099: igmpproxy does not recognize upstream interface: edit: 31-12-2016
I've established a working setup, using the develop version, already on theh box.
When I disable... Vincent Gijsen
05:04 AM Bug #6099: igmpproxy does not recognize upstream interface: Philipp Haefelfinger wrote:
> Is this commit in the latest build applied? If yes, there seems to be something buggy ... Vincent Gijsen
07:23 AM Bug #2247: Misleading security permission: See "PR 3331":https://github.com/pfsense/pfsense/pull/3331 . Note added to assignment pages, probably suffices? Stilez y
05:50 AM Bug #2247: Misleading security permission: And as soon as you have "Diagnostics->Edit File" you can change whatever code you like, so you can add/modify code to... Phillip Davis
05:07 AM Bug #2247: Misleading security permission: I suppose that "WebCfg - All pages" includes shell command prompt, so it's clearly on reflection going to have shell ... Stilez y
05:27 AM Bug #7057: Hidden field displays in browser: PR https://github.com/pfsense/pfsense/pull/3329
I made the "Floating" field be created with the same construction as... Phillip Davis
03:40 AM Bug #7057 (Resolved): Hidden field displays in browser: _firewall_rules_edit.php_ on Firefox 50.1, see attached screenshot
Html looks correct (contains "hidden" parameter... Stilez y
05:11 AM Bug #2873: IPv6 rules, filter by protocol: As of 2.3.x the original issue is resolved (it's now allowed/valid) so this issue can be closed as resolved Stilez y

12/30/2016

08:51 PM Bug #6911: no network on hyperv-v 2012 R1: This is not so easy, there are a lot more relevant commits to MFC, a lot. Luiz Souza
05:17 AM Bug #6911: no network on hyperv-v 2012 R1: This seems to be relevant commit - https://svnweb.freebsd.org/base?view=revision&revision=306433
Assign to Luiz for ... Renato Botelho
06:43 PM Bug #7053: OpenVPN Client Specific Overrides - GUI Omissions and Errors: I think I understand why the text under Remote networks is written the way it is now. Apologies for the misunderstan... Greg Siemon
06:20 PM Bug #7053: OpenVPN Client Specific Overrides - GUI Omissions and Errors: All of the settings are from the perspective of the server, even the override. The descriptions reflect this, they do... Jim Pingle
05:25 PM Bug #7053: OpenVPN Client Specific Overrides - GUI Omissions and Errors: Jim Pingle wrote:
> The wording of IPv4 Remote Networks is correct. The box defines a client-side network ("routed _... Greg Siemon
10:10 AM Bug #7053: OpenVPN Client Specific Overrides - GUI Omissions and Errors: OpenVPN 2.4 makes it more obvious that you can't mix static IPv4 in an override with dynamic IPv6, so there is a grea... Jim Pingle
07:16 AM Bug #7053: OpenVPN Client Specific Overrides - GUI Omissions and Errors: The wording of IPv4 Remote Networks is correct. The box defines a client-side network ("routed _to_ this client") for... Jim Pingle
01:59 AM Bug #7053 (Resolved): OpenVPN Client Specific Overrides - GUI Omissions and Errors: The OpenVPN Client Specific Overrides page under OpenVPN settings only has a single Tunnel Network field. In fact t... Greg Siemon
02:37 PM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: Happy to helped. Last good action for 2016.
Happy new year^^ Marcel Mayer
12:02 PM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: It does work for me now - Marcel's hint to check "Request only an IPv6 prefix" was indeed correct. After two more reb... Arno Gramatke
02:17 PM Revision 56110c72: Ticket #7054: Remove tun-ipv6 option, deprecated on OpenVPN 2.4.0 and related GUI knobs: Renato Botelho
02:02 PM Revision 55e0a1a0: Fix IPv4/IPv6 copy paste error in OpenVPN client-specific overrides. Ticket #7053: Jim Pingle
02:02 PM Revision 6bb91e08: Fix IPv4/IPv6 copy paste error in OpenVPN client-specific overrides. Ticket #7053: Jim Pingle
01:54 PM Revision e10a9781: Fix IPv4/IPv6 copy paste error in OpenVPN client-specific overrides. Ticket #7053: Jim Pingle
12:06 PM Revision db058e30: capitalise "Any": (cherry picked from commit b1cff5815344220340a218938cd7f3df64687203) Stilez y
12:06 PM Revision 059571c6: "Any" moved to top of list in new blank rules: @jim-p wanted this split out from PR 3159 as it wasn't related to that PR.
Puts "any" at the logical place people lo... Stilez y
12:06 PM Revision 59dc8b6f: Merge pull request #3325 from stilez/patch-51: Renato Botelho
11:54 AM Revision ee781eaa: Remove and replace white spaces: Safari doesn't seem to have editing issues (or else they very quickly fixed it). Removed all white spaces and re-ent... Stilez y
11:54 AM Revision 3283a412: Put back "any" in same place it came from in dropdown: (cherry picked from commit 43a0cf73f2c2f951b9a1c5e777551de1b82c25f2) Stilez y
11:54 AM Revision b66bb3ef: revert protocol order change (unrelated to PR): Will pu in separate PR afterwards as requested
(cherry picked from commit 86554b5aecb1d219e2f72c97b14de8b5fef495aa) Stilez y
11:54 AM Revision a8235a3d: Data sanitation - check IP protocol in form data: Code doesn't seem to check that IP protocol is valid (IPv4/6/4+6) or report via $input_errors[] if not. Simple fix. O... Stilez y
11:54 AM Revision f2aeaff9: Alternate fix for jim-p's point that seems to resolve everything neatly: @jim-p commented on the PR that:
> This change is unwarranted. The protocol default should remain TCP, it is set tha... Stilez y
11:54 AM Revision ab2822c8: improve CSS handling for icmp types (overflow/table): Minor CSS and formatting improvement to layout for icmp types in rules table. With this change, if several icmp types... Stilez y
11:53 AM Revision 744c5ffc: Fix the Safari issue mentioned by @garga: https://github.com/pfsense/pfsense/pull/3139#pullrequestreview-156718
I ended up having to remove the select element... Jared Dillard
11:53 AM Revision cc20c205: coding layout fix: (cherry picked from commit 97eebb23531bc95af2cde686641080851107c42c) Stilez y
11:53 AM Revision 6b82964d: remove gettext() not needed: (cherry picked from commit c7e31e37c1aa0a8e4154528a99a121c46ebf018d) Stilez y
11:53 AM Revision a42dae51: add gettext() to icmptype descriptions: (cherry picked from commit fa16b2f9c1162ec90bed0099c0ae25e36d9fd9b0) Stilez y
11:53 AM Revision 15ac04da: move implode() to same line as previous change: (cherry picked from commit 91822dc6d0b829a34254638c5d15db72fe70932d) Stilez y
11:53 AM Revision 82e6451e: simplify avoiding loop. Also localise with gettext(): (cherry picked from commit 16b91b19e08e0778522c16e811754c22f03b5150) Stilez y
11:53 AM Revision 6ab670c2: Bugfixes: 1. On creating a new rule, $pconfig['ipprotocol'] is undefined, rather than defaults to what is seen in GUI (IPv4). F... Stilez y
11:53 AM Revision eb4e0aa0: Improve icmptype input sanitising: (cherry picked from commit 0e782e9f576aee02d4e2e5147e24bc5def261355) Stilez y
11:53 AM Revision 73c57bf4: Enhance ICMP types in rules: See main PR for details
(cherry picked from commit cf1aaf9c5afcd34ed6d2bebc577fd527c42c80b4) Stilez y
11:53 AM Revision 2b451108: Enhance ICMP type handling in rules: See main PR for details
(cherry picked from commit 7a4b11b6a495ddc747db5e44f5a62891ef86398c) Stilez y
11:53 AM Revision 5b39fb10: typo: (cherry picked from commit 58aa4d7ce3d0c602516e8d7691fc0137b593262c) Stilez y
11:53 AM Revision 02ffc582: Enhance ICMP rules: See main PR details
(cherry picked from commit 4784d8cef74bac4d1397fbfd7312c08912d8890a) Stilez y
11:53 AM Revision ffc4c4a3: Merge pull request #3139 from stilez/patch-38: Renato Botelho
11:48 AM Revision 04665e78: Add privs to control display of notices: This is a suggested way to allow control of the display and clearing of
notices. The use case is:
1) A user with mini... Phil Davis
11:48 AM Revision 8d379f23: Merge pull request #3322 from phil-davis/viewclearnotices: Renato Botelho
11:42 AM Revision b88518df: Fix #6982: Remove wrong global definition of use_filterdns and pass it as reference: Renato Botelho
11:42 AM Revision 631217f4: Fix #6982: Remove wrong global definition of use_filterdns and pass it as reference: Renato Botelho
11:00 AM Bug #7050: Limiter with PFsense 2.4 transparent proxy: Luiz good afternoon, I have two files as you requested, one working perfectly, which is called BKP_2.1.5_Functionando... Nelson Junior
09:36 AM Todo #7054 (Assigned): Update OpenVPN to 2.4.0: Package was updated as well Renato Botelho
07:33 AM Todo #7054 (Resolved): Update OpenVPN to 2.4.0: Update OpenVPN to 2.4.0 and make necessary adjustments. Noted after a quick look:
* Remove tun-ipv6 from config si... Renato Botelho
08:08 AM Bug #7056: Add gpg keys to repo for proper iso download verification method: Ah, I had assumed it was simply two httpd's on the same box as they had an adjacent IP address.
Still however, if ... John Smith
07:59 AM Bug #7056 (Duplicate): Add gpg keys to repo for proper iso download verification method: Duplicate of #4472
That said, a _copy_ of the hash is on the same server as the files, but the hash is also availa... Jim Pingle
07:49 AM Bug #7056 (Duplicate): Add gpg keys to repo for proper iso download verification method: Currently there is no legitimate way to properly verify the .iso download has not been tampered with.
The sha256 f... John Smith
07:40 AM pfSense Packages Todo #7055 (Resolved): Update OpenVPN Client Export package with OpenVPN 2.4: OpenVPN 2.4 has made a few changes to the Windows installer that may need accounting for. See https://community.openv... Jim Pingle
07:07 AM Bug #6982: Nested Aliases with FQDNs do not populate parent table in some cases: Port aliases work again with that last commit. Will leave it open waiting for feedback to make sure the original issu... Jim Pingle
05:50 AM Bug #6982 (Feedback): Nested Aliases with FQDNs do not populate parent table in some cases: Applied in changeset commit:631217f488c682ce4ffa8af5d0c54b03c016af46. Renato Botelho
05:49 AM Feature #7051 (Feedback): Allow control of what users can view and/or clear notices: PR has been merged, thanks! Renato Botelho
02:55 AM Revision da4d341e: Remove the now unnecessary and commented code.: Ticket #7042 Luiz Souza

12/29/2016

10:44 PM Revision e9de838d: Implement a different method to obtain the 'main' IP (v4) for the interface.: The last interface IP is always saved in /var/db/${interface}_ip. Use that file, if it exist, to find the main inter... Luiz Souza
09:52 PM Revision fdb04797: Fix ntp gps status: - trim sat in use
- gps ok for GPGLL
- lat & lon direction for GPGGA & GPGLL
- sat in use text position fixed Jack Booth
08:28 PM Bug #6982 (Assigned): Nested Aliases with FQDNs do not populate parent table in some cases: This fix broke port aliases.
With this commit, port aliases are empty:... Jim Pingle
08:23 PM Revision 6522505c: Ticket #6920: Use filter_rule_function tag to detect function name: Renato Botelho
08:12 PM Revision e1b3d6f2: Revert "Fix #6920: Do not include stale .inc files": It's 2.4 only, merged accidentally
This reverts commit 87913c3053c83c5d8473d6e24f39c38833d75b47. Renato Botelho
08:03 PM Bug #6852: Commit 8f86722 breaks DHCPv6 leases status page: were the files I uploaded any help or is something more needed? Michael Kellogg
08:02 PM Bug #6594: Package reinstallation post-config restore hangs if no Internet connectivity: I'm running into this right now. Not a big network guy, just trying to replace our small business' router with a SG-4... Kevin Wojniak
07:42 PM Revision fef29f5a: Fix #6920: Do not include stale .inc files: Packages can declare a function called $pkgname_generate_rules() and it
will be executed during filter reload process... Renato Botelho
07:42 PM Revision 87913c30: Fix #6920: Do not include stale .inc files: Packages can declare a function called $pkgname_generate_rules() and it
will be executed during filter reload process... Renato Botelho
07:37 PM Revision 9bf81d66: Revert "Instead of ignoring the IP, add it to interface even if we cannot do it with setfirst.": This reverts commit af6248407bae4d476b483dcb3a388744fb74b465.
Not necessary at all.
Pointy hat to: me
Ticket #7042 Luiz Souza
06:59 PM Revision b1cff581: capitalise "Any": Stilez y
06:38 PM Revision af624840: Instead of ignoring the IP, add it to interface even if we cannot do it with setfirst.: Ticket #7042 Luiz Souza
05:45 PM Revision 3ece6d54: Captive portal: rework logging and RADIUS accounting when disabling a zone or rebooting: Make captiveportal_radius_stop_all() log the disconnections in the system log and fix it so that it works with the zo... Caio Plumbeo
05:05 PM Bug #6972: "Are you sure you wish to?" prompts and other issues with deleting networks from network-type aliases: I'll take care of it :) Anonymous
04:52 PM Bug #6972: "Are you sure you wish to?" prompts and other issues with deleting networks from network-type aliases: Renato Botelho wrote:
> It happens when you click on fa-trash icon. If you click on other areas of the button confir... Kill Bill
12:28 PM Bug #6972 (Confirmed): "Are you sure you wish to?" prompts and other issues with deleting networks from network-type aliases: I've found the way to reproduce it. It happens when you click on fa-trash icon. If you click on other areas of the bu... Renato Botelho
04:59 PM Bug #7042 (Feedback): DHCP client configures wrong address in some circumstances (setfirst support missing from ifconfig): Luiz Souza
04:04 PM Revision a1035bd8: Remove obsolete console menu option that was a remnant of the livecd which was removed some time ago.: Jim Pingle
03:21 PM Revision 387dbe43: Only fetch ZFS status if ZFS is loaded. Otherwise it can load it unintentionally on a system that doesn't need it.: Jim Pingle
03:20 PM Revision a2c453fd: Add reroot support to system_reboot_sync() and to the /etc/rc.initial.reboot menu. Ticket #6045: Jim Pingle
03:19 PM Bug #6099: igmpproxy does not recognize upstream interface: Is this commit in the latest build applied? If yes, there seems to be something buggy with the fix.
I just updated m... Philipp Haefelfinger
02:15 PM Revision b34c29cb: Teach /etc/rc.reboot to reroot when -r parameter is specified: Renato Botelho
02:13 PM Revision 016a0b25: Remove old hacks used to upgrade from 2.1 to 2.2: Renato Botelho
01:50 PM Bug #6920 (Feedback): Upgrading to 2.4 with a stale package .inc file can prevent the system from fully booting after upgrade: Applied in changeset commit:fef29f5aee32899b72886f8a0c00205bf0f2fc09. Renato Botelho
01:01 PM Bug #7052 (Rejected): Fails to monitor ipv6 gateway: From log... Roger Skjetlein
12:48 PM Feature #6746 (Feedback): Option to select dark or misc background for Traffic Graphs when a dark theme is selected.: New traffic graphs respect theme colors. Should be OK now Renato Botelho
12:33 PM pfSense Packages Feature #6831: Snort does not support aliases containing FQDN: Keeping it opened for reference but I'm not sure if Bill Meeks will implement it based on his comments on the forum t... Renato Botelho
12:20 PM Revision 1ca5d09f: Put print_info_box severity class in quotes: These should be strings in quotes, otherwise PHP looks for them to be
constants and would be issuing notice level "er... Phil Davis
12:20 PM Revision b9e0e420: Merge pull request #3323 from phil-davis/print_info_box: Renato Botelho
10:55 AM Revision d793617e: Captive portal: use locking to avoid race conditions between rc.prunecaptiveportal and captiveportal_disconnect_all(): Convert rc.prunecaptiveportal to lock()/unlock()/try_lock() and use the lock to ensure that there aren't race conditi... Caio Plumbeo
10:55 AM Revision 025ec94a: Captive portal: work around race condition between captiveportal_disconnect_all() and captiveportal_prune_old(): Captiveportal_disconnect_all() loops through the active users and disconnects them immediately but doesn't remove the... Caio Plumbeo
09:44 AM Feature #6045: Updates that do not require a reboot should run reroot: Jim Pingle wrote:
> Doing a reroot style restart works nicely on its own, need to test it during an upgrade to know ... Renato Botelho
09:27 AM Feature #6045: Updates that do not require a reboot should run reroot: Doing a reroot style restart works nicely on its own, need to test it during an upgrade to know for sure how it handl... Jim Pingle
08:53 AM Feature #6045 (Feedback): Updates that do not require a reboot should run reroot: Done. pfSense-upgrade 0.11 on recent 2.4.0 system will do the trick Renato Botelho
09:40 AM Bug #7050: Limiter with PFsense 2.4 transparent proxy: Nelson, can you submit (even privately if you prefer) a copy of your working settings for the 2.1.x version and also ... Luiz Souza
07:06 AM Bug #7050: Limiter with PFsense 2.4 transparent proxy: Not sure what's special about 2.4 here; this has _never_ worked since the hidden rules created by the package when se... Kill Bill
06:58 AM Bug #7050 (Resolved): Limiter with PFsense 2.4 transparent proxy: Good morning Luiz, is as follows, transparent proxy use with the limiter by ip, what happens is that when setada the ... Nelson Junior
09:16 AM Revision 416322ee: Changes whuch to which... fat fingers: Martin Wasley
08:22 AM Revision e9b3d2c3: "Any" moved to top of list in new blank rules: @jim-p wanted this split out from PR 3159 as it wasn't related to that PR.
Puts "any" at the logical place people lo... Stilez y
07:53 AM Todo #7047 (Resolved): Update status.php with new info helpful to support staff: Seems to all be working and sufficient. Can add more later if needed. Jim Pingle
07:53 AM Bug #3454 (Resolved): Acknowledge all notices is presented to users who do not have privilege: Renato Botelho
07:19 AM Bug #3454: Acknowledge all notices is presented to users who do not have privilege: The changes here fix this bug report.
For a followon feature request to implement control of view/clear notices see:... Phillip Davis
07:53 AM Feature #7046 (Resolved): Bring back a method of viewing the gateway status from the shell and status output: Works great Jim Pingle
07:48 AM Bug #7045 (Resolved): PHP Shell outputs startup message when running a playback script: Fixed Jim Pingle
07:21 AM Feature #7051: Allow control of what users can view and/or clear notices: Proposed code in PR https://github.com/pfsense/pfsense/pull/3322 Phillip Davis
07:16 AM Feature #7051 (Resolved): Allow control of what users can view and/or clear notices: Use case:
A user with minimal page privs (e.g. can just change their password, or access a few status pages or...) s... Phillip Davis
06:28 AM Revision 499adf73: Put print_info_box severity class in quotes: These should be strings in quotes, otherwise PHP looks for them to be
constants and would be issuing notice level "er... Phil Davis
05:58 AM pfSense Packages Bug #7049 (Rejected): Problema No Limiter Com Proxy Transparente 2.4 Beta: After talk with Nelson on facebook he agreed to open a new ticket in english Renato Botelho
04:20 AM Revision c7fd8cd0: Fix variable reference. Ticket #7047: Jim Pingle

12/28/2016

10:56 PM Revision d4b2ebae: Remove and replace white spaces: Safari doesn't seem to have editing issues (or else they very quickly fixed it). Removed all white spaces and re-ent... Stilez y
10:51 PM Revision 43a0cf73: Put back "any" in same place it came from in dropdown: Stilez y
10:46 PM Revision 86554b5a: revert protocol order change (unrelated to PR): Will pu in separate PR afterwards as requested Stilez y
09:16 PM Revision 15dcf132: dyndns.class, fix json curl body parsing for Cloudflare by not including headers: Pi Ba
08:11 PM Revision a2da1706: Add version and build data to status output. Ticket #7047: Jim Pingle
07:43 PM Revision b7b2cb7f: Add playback scripts to drill into pf tables and anchors to list their contents.: Jim Pingle
07:42 PM Revision 524b631f: Fix license for gatewaystatus playback script: Jim Pingle
07:05 PM Revision 84fe48d4: Bring status.php up-to-date and add a number of new items as listed on redmine. Fixes #7047: Added:
The firewall platform and serial number
ARP Table
NDP Table
Gateway status (See #7046)
ZFS... Jim Pingle
06:52 PM Revision f88743cb: Add a pfSense php shell playback script to show the gateway status. Ticket #7046: Jim Pingle
06:51 PM Revision a4867a30: Add a function to format and return plain text output showing the gateway status, for use by a shell script and status.php. Ticket #7046: Jim Pingle
06:47 PM Revision 337822a3: Do not output PHP shell starup message unless it is run interactively. Fixes #7045: Jim Pingle
06:43 PM pfSense Packages Bug #7049 (Rejected): Problema No Limiter Com Proxy Transparente 2.4 Beta: boa noite, estou tendo problemas no limiter funcionando com proxy transparente, nas versões acima da 2.1.5, todas tes... Nelson Junior
03:41 PM Revision 5280f021: Add privs to control display of notices: This is a suggested way to allow control of the display and clearing of
notices. The use case is:
1) A user with mini... Phil Davis
03:36 PM Revision 3b56806e: Refactor to use notify_all_remote: While looking at notices.inc I noticed (pardon the pun) that notify_all_remote did exactly the same as these 2 lines ... Phil Davis
03:36 PM Revision 8128464b: Merge pull request #3317 from phil-davis/patch-1: Renato Botelho
03:33 PM Revision 0434fb77: Merge pull request #3320 from phil-davis/patch-4: Renato Botelho
03:31 PM Revision 1eaf9684: Merge pull request #3318 from phil-davis/patch-2: Renato Botelho
03:31 PM Revision ea4f5252: Fix #3454 Do not show Mark All as Read button when no priv: If the user does not have access to index.php then the "Mark All as Read" button for the notices popup does not work ... Phil Davis
03:31 PM Revision fdb4c19e: Merge pull request #3319 from phil-davis/patch-3: Renato Botelho
03:29 PM Revision 063c02c9: Change system admin to firewall admin: (cherry picked from commit 6f4323f3d3cc7066e833f8a898f0608e6527871d) Phil Davis
03:29 PM Revision bc2b824d: Fix #7043 Do not display crash reporter link when no crash_reporter access: (cherry picked from commit c87eeb08acc6d5d0fd642e50990b93b7137657ee) Phil Davis
03:28 PM Revision 3314e3e1: Merge pull request #3321 from phil-davis/patch-5: Renato Botelho
03:17 PM Revision 6f4323f3: Change system admin to firewall admin: Phil Davis
02:14 PM Revision 46886273: Remove unused get_notices() from xmlrpc.php: Phil Davis
01:40 PM pfSense Packages Bug #7048: Add IPv6 support to squid: Squid's own capabilities mean nothing here. You need support in the underlying OS to work with. Even if I made all th... Kill Bill
01:32 PM pfSense Packages Bug #7048: Add IPv6 support to squid: Regarding the comment, "The NAT used for transparent IPv4 proxy won't work, and there's nothing to hook into regardin... Matthew Hall
01:25 PM pfSense Packages Bug #7048: Add IPv6 support to squid: A couple of notes on this: The only part of Squid working with IPv6 is the reverse proxy (though, that's not advertis... Kill Bill
01:11 PM pfSense Packages Bug #7048: Add IPv6 support to squid: Corrected subject - This is not a "bypass" in the way that is stated. The squid package only supports IPv4 currently.... Jim Pingle
01:03 PM pfSense Packages Bug #7048 (Resolved): Add IPv6 support to squid: Missing IPv6 support in the squid package allows traffic to escape intended inspection and apparently also the firewa... Matthew Hall
01:13 PM Feature #7046 (Feedback): Bring back a method of viewing the gateway status from the shell and status output: Last part of this was implemented by #7046 Jim Pingle
12:50 PM Feature #7046 (Resolved): Bring back a method of viewing the gateway status from the shell and status output: Since the switch to dpinger, there is no easy way to view the gateway status from the shell. Having the gateway statu... Jim Pingle
01:10 PM Todo #7047 (Feedback): Update status.php with new info helpful to support staff: Applied in changeset commit:84fe48d414dc59ffd236b072000f07ea7423380e. Jim Pingle
01:02 PM Todo #7047 (Resolved): Update status.php with new info helpful to support staff: Items to add:
* The firewall platform and serial number
* ARP Table
* NDP Table
* Gateway status (See #7046)
* Z... Jim Pingle
01:10 PM Bug #7045 (Feedback): PHP Shell outputs startup message when running a playback script: Applied in changeset commit:337822a39bfd89c011cfda4092a6e5e409a7dbcf. Jim Pingle
12:49 PM Bug #7045 (Resolved): PHP Shell outputs startup message when running a playback script: When running a playback script, there is extra output from pfSsh.php that is unnecessary:... Jim Pingle
11:34 AM Feature #7044 (Duplicate): Gateway Monitoring - Add More IPs: Jim Pingle
11:18 AM Feature #7044: Gateway Monitoring - Add More IPs: See #6989 Kill Bill
10:31 AM Feature #7044 (Duplicate): Gateway Monitoring - Add More IPs: I would like to request that it be possible to add more than one ip to monitor the gateway (s), today we have the pos... Douglas Silva
11:33 AM Revision bf60bf20: Remove unused variable: Renato Botelho
09:40 AM Bug #3454 (Feedback): Acknowledge all notices is presented to users who do not have privilege: Applied in changeset commit:fe80b3aac6ddd661c7a2daf52ad54f1722915590. Phillip Davis
12:45 AM Bug #3454: Acknowledge all notices is presented to users who do not have privilege: Bug fix PR https://github.com/pfsense/pfsense/pull/3319
I will raise another feature issue to discuss what could b... Phillip Davis
09:30 AM Bug #7043 (Feedback): If user does not have crash_reporter page access the crash reported link is useless: Applied in changeset commit:c87eeb08acc6d5d0fd642e50990b93b7137657ee. Phillip Davis
02:00 AM Bug #7043: If user does not have crash_reporter page access the crash reported link is useless: PR https://github.com/pfsense/pfsense/pull/3321 Phillip Davis
01:59 AM Bug #7043 (Resolved): If user does not have crash_reporter page access the crash reported link is useless: When the user clicks "here" for more information, nothing happens, because they do not have carsh_reporter page acces... Phillip Davis
07:59 AM Revision c87eeb08: Fix #7043 Do not display crash reporter link when no crash_reporter access: Phil Davis
07:58 AM pfSense Packages Bug #7028: Squid - all javascript broken by bootstrap conversion: Steve Beaver wrote:
> Right. It is not "A new bug", it is the original bug that has just been fixed.
https://gith... Luiz Gustavo S. Costa
07:56 AM pfSense Packages Bug #7028: Squid - all javascript broken by bootstrap conversion: Right. It is not "A new bug", it is the original bug that has just been fixed. Anonymous
07:49 AM pfSense Packages Bug #7028: Squid - all javascript broken by bootstrap conversion: None of those fixes are in 2.3.2 so it's just pointless to test anything there. Kill Bill
07:36 AM pfSense Packages Bug #7028: Squid - all javascript broken by bootstrap conversion: A new bug is revelead, see:
!http://i.imgur.com/U6Ggy4d.png!
The syntax is duplicated.
New installation from... Luiz Gustavo S. Costa
06:24 AM Revision 76a13ab1: Remove unused print_noices and print_notice_box: When looking into how the notices features work these days, I found that these functions are no longer used anywhere.... Phil Davis
06:16 AM Revision fe80b3aa: Fix #3454 Do not show Mark All as Read button when no priv: If the user does not have access to index.php then the "Mark All as Read" button for the notices popup does not work ... Phil Davis
05:45 AM Revision ee5d140e: Fix get_notices parameter in xmlrpc.php: This looks to me like the var name here should be $category
Note: I don't see where this get_notices() inside class p... Phil Davis
05:35 AM Revision a2e35163: Refactor to use notify_all_remote: While looking at notices.inc I noticed (pardon the pun) that notify_all_remote did exactly the same as these 2 lines ... Phil Davis
05:22 AM Bug #6982 (Resolved): Nested Aliases with FQDNs do not populate parent table in some cases: Renato Botelho

12/27/2016

11:04 PM Revision 151b4e35: Allow capturing based on MAC address as well.: Jim Pingle
09:32 PM Revision 378574a3: Disable "setfirst" line in pfSense-dhclient-script for now. Ticket #7042: Jim Pingle
07:59 PM Revision 3033c93f: Changes as requested: Martin Wasley
07:57 PM Revision 2acedbbf: Changes as requested: Martin Wasley
07:39 PM Bug #6982: Nested Aliases with FQDNs do not populate parent table in some cases: This is working well for me with changeset applied using system patches on 2.3.2_1 that I was using in my initial tes... Chris Linstruth
01:30 PM Bug #6982 (Feedback): Nested Aliases with FQDNs do not populate parent table in some cases: Applied in changeset commit:5d1cf6f5cf85c6371078e288172da1e05df1380c. Renato Botelho
07:39 PM Revision 3c2c034d: Captive portal: add button to disconnect all users: Add a function to disconnect all logged in users and a button to call it in the captive portal status page.
(cherry ... Caio Plumbeo
07:39 PM Revision 15aac11e: Merge pull request #3300 from plumbeo/disconnect-all: Renato Botelho
07:38 PM Revision c729f32a: Add new "Ignore client identifiers" DHCP feature: Exposes the underlying dhcpd configuration option "ignore-client-uids"
in the pfSense "Services / DHCP Server" GUI by... Brett Keller
07:37 PM Revision 5ae621d8: Merge pull request #3307 from blkeller/ignore-client-uids: Renato Botelho
07:36 PM Revision 145105bb: Add case for 59 to prefix functions: Maybe these functions should have a case added for prefix length 59?
(cherry picked from commit 231fe9543c696bb2dcdc7... Phil Davis
07:36 PM Revision c6fa0501: IPv6, allow DHCP6 client to use a prefix size of /59: (cherry picked from commit 260f60a9b60d42be7a274b29a8c217c2b4b53507) Pi Ba
07:36 PM Revision de508134: IPv6, allow DHCP6 server to use a prefix size of /59 and /61 like dhcp client does: (cherry picked from commit 19d905bcaecfed47abdf5e3854f54684d19c3b8f) Pi Ba
07:36 PM Revision 17a6140d: Merge pull request #3266 from PiBa-NL/IPv6-prefixdelegation-size59: Renato Botelho
07:34 PM Revision 25e5d826: Fix #3560 correctly handle disabled static routes: 1) util.inc - add parameter to get_staticroutes() so the caller can
choose to see all static routes or only the ones ... Phil Davis
07:32 PM Revision 56b8ace0: Merge pull request #3312 from phil-davis/staticroutes: Renato Botelho
07:25 PM Revision 639cfc1b: Fix nested aliases with FQDN (Fixes #6982): Make $use_filterdns a parameter. It needs to be persistent across
recursive calls otherwise it ends up not adding nec... Renato Botelho
07:24 PM Revision 5d1cf6f5: Fix nested aliases with FQDN (Fixes #6982): Make $use_filterdns a parameter. It needs to be persistent across
recursive calls otherwise it ends up not adding nec... Renato Botelho
06:27 PM Revision a1e7d048: Remove unused variable: Renato Botelho
06:21 PM pfSense Packages Bug #6527: Squid 3.5 - Deprecated "ssl_bump server-first all" don't allow SNI in transparent mode with HTTPS/SSL Interception: https://github.com/pfsense/FreeBSD-ports/pull/242
Kindly test and report back either here, and/or @ https://forum.... Kill Bill
03:44 PM Bug #7042: DHCP client configures wrong address in some circumstances (setfirst support missing from ifconfig): Simplest way to reproduce this is to use a DNS Resolver override for "setfirst" and the firewall's domain, set to an ... Jim Pingle
03:31 PM Bug #7042 (Resolved): DHCP client configures wrong address in some circumstances (setfirst support missing from ifconfig): In certain circumstances a DHCP client interface gets configured with an incorrect address. The address that should b... Jim Pingle
02:47 PM pfSense Packages Bug #7017 (Resolved): Squid NT Domain authentication is broken: Renato Botelho
02:19 PM pfSense Packages Bug #7017: Squid NT Domain authentication is broken: Broken feature gone -> can be closed. Thanks. Kill Bill
06:35 AM pfSense Packages Bug #7017 (Feedback): Squid NT Domain authentication is broken: PR has been merged, thanks! Renato Botelho
02:21 PM Revision 4a673efc: PPTP Remote IP is host or V4: Now that Form_IpAddress() supports a range of types of input, this can be specified as HOSTV4.
(cherry picked from co... Phil Davis
02:21 PM Revision 82b2eb65: Merge pull request #3314 from phil-davis/patch-1: Renato Botelho
01:44 PM Revision 4890b6ec: PPTP Remote IP is host or V4: Now that Form_IpAddress() supports a range of types of input, this can be specified as HOSTV4. Phil Davis
01:35 PM Bug #3560 (Feedback): Disabled Static Route not fully disabled: PR has been merged, thanks! Renato Botelho
06:04 AM Bug #3560: Disabled Static Route not fully disabled: See PR https://github.com/pfsense/pfsense/pull/3312 Phillip Davis
12:47 PM Revision 4a1a2050: Form_IpAddress add types remove patterns: 1) Add alias and host types to Form_IpAddress with the appropriate hover
text.
2) Remove the patterns - the UI of tho... Phil Davis
12:47 PM Revision ac4e656a: Merge pull request #3248 from phil-davis/ipaddressnopattern: Renato Botelho
12:42 PM Revision 914ddfa2: Captive portal: add popup with session details to the active sessions list in the status page: (cherry picked from commit 081a46fe3bc2393778c4e270cd8388230d39b38c) Caio Plumbeo
12:42 PM Revision 58b5c957: Merge pull request #3308 from plumbeo/details-popup: Renato Botelho
12:41 PM Revision 29069aed: Fix DNS Server Gateway Check: If I enter a DNS server IP address that is on a locally connected network, and choose a gateway for it, this code was... Phil Davis
12:41 PM Revision c80bf53b: Merge pull request #3311 from phil-davis/patch-1: Renato Botelho
11:09 AM Revision cf08b49e: Fix #3560 correctly handle disabled static routes: 1) util.inc - add parameter to get_staticroutes() so the caller can
choose to see all static routes or only the ones ... Phil Davis
10:13 AM Feature #3151 (Resolved): Disable gateway monitoring actions without disabling gateway monitoring: Works here, too. Gateway status shows it going up/down but no actions are taken when it transitions. Jim Pingle
01:52 AM Feature #3151: Disable gateway monitoring actions without disabling gateway monitoring: Been working for me, but it would be good to get some feedback from anyone else who has tried/tested this. Phillip Davis
09:43 AM Revision d8587952: Fix DNS Server Gateway Check: If I enter a DNS server IP address that is on a locally connected network, and choose a gateway for it, this code was... Phil Davis
06:36 AM pfSense Packages Feature #6593 (Feedback): squid: allow user to configure DH key size, SINGLE_DH_USE, NO-SSLv3, Cipher-Suites - performance improvement hint: PR has been merged, thanks! Renato Botelho
06:36 AM pfSense Packages Bug #6592 (Feedback): squid does NOT use EDH and EECDH cipher suites because "tls-dh" is not configured and so these ciphers are silently dropped - see squid documentation: PR has been merged, thanks! Renato Botelho
02:11 AM Revision 202e23a8: Data sanitation - check IP protocol in form data: Code doesn't seem to check that IP protocol is valid (IPv4/6/4+6) or report via $input_errors[] if not. Simple fix. O... Stilez y
01:31 AM Revision 8afd8c04: Alternate fix for jim-p's point that seems to resolve everything neatly: @jim-p commented on the PR that:
> This change is unwarranted. The protocol default should remain TCP, it is set tha... Stilez y
01:15 AM Revision 675c9e59: improve CSS handling for icmp types (overflow/table): Minor CSS and formatting improvement to layout for icmp types in rules table. With this change, if several icmp types... Stilez y

12/26/2016

11:07 PM Revision 081a46fe: Captive portal: add popup with session details to the active sessions list in the status page: Caio Plumbeo
09:36 PM Bug #7036: 2.4 ZFS on RCC-VE 2440 hangs: Running bios version 08 (ADI_RCCVE-01.00.00.08-nodebug) with no change. pfSense-CE-memstick-ADI-2.4.0-BETA-amd64-2016... qubit nano
11:26 AM Bug #7036 (Feedback): 2.4 ZFS on RCC-VE 2440 hangs: Follow the procedure at http://netgate.com/docs/reference/adi-bios-flash.html#adi-bios-flash-procedure and update to ... Jim Pingle
08:54 PM Revision 7faa9379: Add case for 59 to prefix functions merge_ipv6_delegated_prefix / dhcpv6_pd_str_help: Add case for 59 to prefix functions merge_ipv6_delegated_prefix / dhcpv6_pd_str_help Pi Ba
07:36 PM Bug #7041 (Rejected): Not all mobile IPsec phase 2 entries pass traffic through the correct interface: Most likely a configuration error. Please post on the forum for discussion before opening a bug report. Jim Pingle
07:24 PM Bug #7041 (Rejected): Not all mobile IPsec phase 2 entries pass traffic through the correct interface: My phase 2 configuration is as follows:
VLAN 10 [Home]- 192.168.1.0/24
VLAN 12 [VMs] - 10.1.2.0/24
VLAN 13 [Lega... Jameson P
06:53 PM Revision c01bdca9: Exclude /var/empty from tar extract and make sure its permissions are respected when it's created: Renato Botelho
05:05 PM pfSense Packages Feature #2133 (Closed): Add ET's SidReporter to snort package: Jim Pingle
04:55 PM pfSense Packages Feature #2133: Add ET's SidReporter to snort package: Cannot be downloaded anywhere, another thing killed by Proofpoint.
Close please. Kill Bill
02:37 PM Revision 9080e20d: Modify DHCP Server messages: (cherry picked from commit 12e08722bd9264f649e76030dce24259430f2832) Phil Davis
02:37 PM Revision 1d52ceac: Customize DHCP Server on interfaces message: (cherry picked from commit b70904493917a5213ee4b752c5466b7d36f884b8) Phil Davis
02:37 PM Revision cded235b: Merge pull request #3309 from phil-davis/dhcp31msg: Renato Botelho
02:32 PM Revision c90bf891: Captive portal: hide empty MAC column in status page: When MAC filtering is disabled the client MAC address isn't recorded and the relative column is empty. In this case, ... Caio Plumbeo
02:32 PM Revision bebb4b8a: Merge pull request #3310 from plumbeo/hide-mac-column: Renato Botelho
10:29 AM Revision d08f68e2: Captive portal: hide empty MAC column in status page: When MAC filtering is disabled the client MAC address isn't recorded and the relative column is empty. In this case, ... Caio Plumbeo
09:59 AM Bug #7038 (Confirmed): SG-1000 Quagga zebra service fails to start with signal 6 abort: Confirmed, happens even with a very basic config (one interface, dummy password, standard router ID and area filled i... Jim Pingle
07:54 AM pfSense Packages Bug #6592: squid does NOT use EDH and EECDH cipher suites because "tls-dh" is not configured and so these ciphers are silently dropped - see squid documentation: https://github.com/pfsense/FreeBSD-ports/pull/241
Kill Bill
07:54 AM pfSense Packages Feature #6593: squid: allow user to configure DH key size, SINGLE_DH_USE, NO-SSLv3, Cipher-Suites - performance improvement hint: https://github.com/pfsense/FreeBSD-ports/pull/241
Added options matching the reverse proxy options (modern/interme... Kill Bill
06:50 AM pfSense Packages Bug #6636 (Resolved): Squid Reverse Proxy with Additional IP and compatibility="Intermediate" writes bad squid.conf: Renato Botelho
05:23 AM pfSense Packages Bug #6636: Squid Reverse Proxy with Additional IP and compatibility="Intermediate" writes bad squid.conf: Works. Kill Bill
02:56 AM Bug #7040 (Resolved): Issue when disabling an interface: I am using the interfaces like this :
ix0
ix0_vlan1
ix0_vlan35
I just want to disable only ix0, but still h... Alexandre Paradis
02:38 AM pfSense Packages Bug #7039 (Feedback): HAProxy backend configuration does not handle intermediate CAs properly: In HAProxy backend settings, when configuring a server, there is the option to have it validate SSL certificates agai... Stéphane Lapie
02:33 AM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: I'm confused as to why they would issue a /64 PD on the wan.
dhcp6c does ask for renew, as shown in the attached i... Martin Wasley

12/25/2016

11:47 PM Bug #7027: Dynamic DNS dyndns.org no longer updates: Tony Mace wrote:
> Kill Bill wrote:
> > Try with 2.3.3 snapshots.
>
> Am using "2.3.3.a.20161220.0605" right now... Tony Mace
10:31 PM Bug #7038: SG-1000 Quagga zebra service fails to start with signal 6 abort: Relevant logs (system.log):... Ryan H
10:24 PM Bug #7038 (Resolved): SG-1000 Quagga zebra service fails to start with signal 6 abort: Quagga_OSPF 0.6.16 package installed from package manager. Using config pasted below (raw, not assisted). OSPFd servi... Ryan H
08:45 AM Bug #7037 (Not a Bug): CPU frequency in System Information: If the frequency is at maximum, the information is redundant and thus hidden. There isn't any reason to think it isn'... Jim Pingle
04:48 AM Bug #7037: CPU frequency in System Information: That seems reasonable, but resizing the column on refresh is not pretty. I don't see any reason to why it should't sh... Aslak Sande
04:00 AM Bug #7037: CPU frequency in System Information: This only shows when the actual CPU freq is lower than max. By taxing the CPU with reloading the dashboard every 5 se... Kill Bill
12:09 AM Bug #7037 (Not a Bug): CPU frequency in System Information: On dashboard under "CPU Type" the "Current" frequency rarely appears. Maybe 1 in 10 refreshes? This is with refresh i... Aslak Sande

12/24/2016

10:37 PM Revision feab4e54: Captive portal: add button to disconnect all users: Add a function to disconnect all logged in users and a button to call it in the captive portal status page. Caio Plumbeo
07:44 PM Feature #4821: PPPoE WANs do not take full advantage of NIC driver queues for receiving traffic: I would like to add that I am also experiencing this issue. I would love to see this fixed in pfSense 2.4 if possible... Chris Allen
03:02 PM Revision 12e08722: Modify DHCP Server messages: Phil Davis
02:17 PM Revision a3f671ec: This should be a regular input form since it is no longer using an IP address class input type.: Jim Pingle
07:01 AM Revision b7090449: Customize DHCP Server on interfaces message: Phil Davis
03:16 AM Bug #6930: DHCP server should be disabled for /31 and /32: Yup looks much better looking at the error message in the source code. Andy Kniveton
01:13 AM Bug #6930: DHCP server should be disabled for /31 and /32: Something like https://github.com/pfsense/pfsense/pull/3309 ? Phillip Davis

12/23/2016

08:32 PM Revision a51dd381: Save the igmpproxy configuration in /var/etc and not on /tmp.: Luiz Souza
07:32 PM Bug #7036 (Not a Bug): 2.4 ZFS on RCC-VE 2440 hangs: RCC-VE 2440, bios version 6
Downloaded 2.4.0.b.20161223.0723 and did a clean install. Auto ZFS, default values, se... qubit nano
06:47 PM Feature #7035: Make webgui authentication logs less invasive: I don't want to disable them, I feel knowing that is very useful, I just don't want them spilling out on my shell, es... Victor Coss
06:45 PM Feature #7035 (Rejected): Make webgui authentication logs less invasive: Login events are always logged that way for security reasons. If you want to disable those messages, use the "Disable... Jim Pingle
06:33 PM Feature #7035: Make webgui authentication logs less invasive: Just a note, I've only had the SG-1000 a few days so I haven't updated the DNS on the syslog box yet, so it shows the... Victor Coss
06:16 PM Feature #7035 (Rejected): Make webgui authentication logs less invasive: I'm not sure why, I'm guessing intentional, but webgui events, such as logins to the webgui, when they are logged can... Victor Coss
03:29 PM Revision 35d393f0: Change type of L2TP/PPTP WAN remote address to 'text' as it supports hostnames now, and the 'V4' type rejects them. Fixes #6899: Jim Pingle
03:03 PM Bug #7003: autoboot_delay on 2.4.0: Ok thank you :) Ken Sim
12:52 PM Bug #7003: autoboot_delay on 2.4.0: Ken Sim wrote:
> Am I correct that this is only set during install and we have to set it manually if already install... Renato Botelho
02:41 PM Bug #6099 (Feedback): igmpproxy does not recognize upstream interface: Fix committed.
Thanks! Luiz Souza
02:14 PM Revision d35a22d7: Fix field type for TFTP in DHCP server settings: Jim Pingle
02:14 PM Revision 0675eadb: Fix field type for TFTP in DHCP server settings: Jim Pingle
02:13 PM Revision 9d9736d7: Fix field type for TFTP in DHCP server settings: Jim Pingle
02:07 PM Bug #6930: DHCP server should be disabled for /31 and /32: It now doesn't enable dhcp on a /31 or /32 subnet, IMO the message "The DHCP Server can only be enabled on interfaces... Andy Kniveton
01:22 PM Revision 708dd35c: Fix variable name used to pre-fill the NTP orphan mode field, add placeholder with the default while I'm here. Fixes #7034: Jim Pingle
01:22 PM Revision 1a5982d9: Fix variable name used to pre-fill the NTP orphan mode field, add placeholder with the default while I'm here. Fixes #7034: Jim Pingle
01:21 PM Revision d0db0f9b: Fix variable name used to pre-fill the NTP orphan mode field, add placeholder with the default while I'm here. Fixes #7034: Jim Pingle
10:48 AM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: The Address given to the WAN interface is more or less irrelevant, cause it's not realy necessary for your firewall r... Marcel Mayer
08:52 AM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: When I check "Request only an IPv6 prefix" the WAN interface uses the first /64 prefix (prefix ID 0) out of the /56 p... Arno Gramatke
05:04 AM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: In my opinion we are not talking about a bug any more.
The problem seems to be a missconfiguration ...
For DTAG "... Marcel Mayer
04:33 AM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: The ISP (Deutsche Telekom) doesn't supply a router, so I can't do any Wireshark capture there. The German Telekom use... Arno Gramatke
10:14 AM Bug #6857 (Resolved): local_sync_accounts fails during boot when using ldap on a non-local network or hostname: Works, no failures or delays when booting with a remote LDAP server. Jim Pingle
10:13 AM Bug #6367 (Resolved): Long delays with LDAP enabled w/local users during boot at "Synchronizing user settings...": Works, no delay on boot with LDAP enabled when local accounts sync Jim Pingle
09:52 AM Bug #6761 (Not a Bug): Limiter doesn't limit at correct bandwidth: No response from the OP here or on Reddit. I can't reproduce this on a current 2.4 snapshot (also on vmware with vmxn... Jim Pingle
09:44 AM Feature #6899 (Resolved): Can't specify PPTP/L2TP gateway as FQDN: Works as expected with that last commit, when the client can resolve the hostname it connects. Jim Pingle
09:40 AM Feature #6899 (Feedback): Can't specify PPTP/L2TP gateway as FQDN: Applied in changeset commit:35d393f04add76d7f5ac55fb33aaa955f354b5b8. Jim Pingle
09:18 AM Feature #6899 (Assigned): Can't specify PPTP/L2TP gateway as FQDN: The JS input validation still rejects hostnames on the page. I'll push a fix shortly. Jim Pingle
09:24 AM Bug #6659 (Resolved): Default routes are not being removed after deletion: Works as expected now. Jim Pingle
09:14 AM Bug #6980 (Resolved): L2TP WAN gateway is missing the type at the end of its dynamic name: Works Jim Pingle
09:10 AM Bug #7005 (Resolved): IPsec mss clamping not working for mobile clients: Works Jim Pingle
09:06 AM Bug #6879 (Resolved): GUI doesn't show rebooting notification after upgrading: I've been keeping an eye on this and haven't seen it fail in quite some time. Every update I've run on any platform (... Jim Pingle
09:05 AM Bug #6869 (Resolved): Diagnostics / Routes Truncates Destination and Gateway Names: Works Jim Pingle
09:02 AM Bug #6668: IPSec tunnel + L2TP/IPSec VPN - wrong PSK chosen by pfSense: No response from the OP, can't seem to reproduce it.
If someone can reproduce it and test a potential fix, please ... Jim Pingle
08:55 AM Bug #6224 (Resolved): Firewall NAT Edit forgets dst type selection after reporting input errors: Works as expected now Jim Pingle
08:53 AM Bug #6094 (Resolved): VIP Other subnet does not expand into NAT entries: Works Jim Pingle
08:45 AM Bug #6976 (Resolved): Interface group and alias with same name creates firewall syntax error: All of the problem cases work as expected now. Names are rejected as being in use, I was not able to make a conflict. Jim Pingle
08:43 AM Bug #6892 (Resolved): CARP VIPs Deleted entering CARP Maintenance Mode: Works, VIPs are still there and their skews are raised as expected. Secondary takes over like it should. Comes out of... Jim Pingle
08:42 AM Bug #7034: NTP Orphan Mode stratum setting is not displayed in input field: Wow, that was fast :)
Thanks, and happy holidays! Thomas Rieschl
07:30 AM Bug #7034 (Feedback): NTP Orphan Mode stratum setting is not displayed in input field: Applied in changeset commit:d0db0f9bcae3d368c2d83cc7bc4b888fd07eade3. Jim Pingle
07:23 AM Bug #7034 (Confirmed): NTP Orphan Mode stratum setting is not displayed in input field: Jim Pingle
03:59 AM Bug #7034 (Resolved): NTP Orphan Mode stratum setting is not displayed in input field: The "Orphan Mode" setting in the NTP config is not displayed in the input form field.
It is used, though. I checke... Thomas Rieschl
08:39 AM Revision 8212a765: tidy: Martin Wasley
08:35 AM Bug #4815 (Resolved): NTP status widget shows truncated IPv6 address: Works Jim Pingle
08:24 AM Todo #7032 (Resolved): Make a lack of ALTQ-capable interfaces more obvious to the user: Looks much more obvious, hopefully it's clear to users now. Jim Pingle
08:23 AM Bug #7019 (Resolved): XSS issues in captive portal status pages: Seems fine now, and the sorting on the CP status page that was affected was also ripped out & replaced (see commit:e1... Jim Pingle
08:21 AM Todo #7021 (Resolved): system_advanced_network.php Deprecate/remove Device Polling on 2.4: It's all gone. Jim Pingle
08:20 AM Revision 1b17a4c9: changed to text to reflect standard text in other options.: Martin Wasley
08:20 AM Bug #7008 (Resolved): OpenVPN sever unable to authenticate users on 2.4: Works Jim Pingle
08:20 AM Bug #7002 (Resolved): OpenVPN unable to use authentication server with ampersand in descriptive name: Works Jim Pingle
08:19 AM Bug #7001 (Resolved): Certificate manager requiring private key when importing CA certificate authority: Works Jim Pingle
08:17 AM Bug #6838 (Resolved): bsnmpd logs errors when /etc/printcap is missing: Seems to be fine now, no more log spam and the dummy printcap file is there as expected. Jim Pingle
08:16 AM Bug #6741 (Resolved): /etc/rc.initial does not trap CTRL-C back to console menu but rather to # prompt.: Works well. I went into several console menu options and confirmed ^C returned to the menu from all of them rather th... Jim Pingle
08:15 AM Bug #6634 (Resolved): DHCP Server "TFTP Server" field should allow URLs: Works fine.
The TFTP field itself had a different issue as well, see commit:9d9736d7bf456a441e3cb95421cfed429502e220 Jim Pingle
08:10 AM Bug #6472 (Resolved): Disabling NAT (port forward) rule does not disable the associated firewall rule: Works, associated rules are toggled together with the NAT rule when the NAT rule is changed. Jim Pingle
08:09 AM Bug #6391 (Resolved): View Current Portal Page goes to wrong URL: Works correctly now Jim Pingle
08:08 AM Bug #6016: ovpn-linkup not populating IPv6 gateways: Great! Thank you! Jose Luis Duran
08:07 AM Bug #6016 (Resolved): ovpn-linkup not populating IPv6 gateways: Works Jim Pingle
07:45 AM Bug #7025 (Resolved): wizard.php?xml=setup_wizard.xml - Setup wizard is flagging valid LAN IP addresses as invalid: Anonymous
06:33 AM Bug #7033 (Duplicate): Hidden rule break the policy routing: Duplicate of #1136
If you must have a second gateway on WAN, add floating rules to match the outbound traffic to o... Jim Pingle
02:41 AM Bug #7033 (Duplicate): Hidden rule break the policy routing: Hello
I found a hidden rule who break the policy routing.
The rule :
pass out route-to ( lagg0_vlan2000 192.1... Maxence Sartiaux

12/22/2016

08:03 PM Revision e8165036: format correction: Martin Wasley
08:00 PM Revision 9e08a2bd: Added get_duid_from_file() function: Used in System->Advanced->Networking to display the current DUID in the placeholder for setting the DUID. Martin Wasley
07:56 PM Revision c0a3864e: Added real DUID placeholder, new text and call to new get_duid_from_file() function.: Martin Wasley
07:10 PM Revision e55ea79d: Refactor interface_has_dhcp: to reduce nesting
(cherry picked from commit 5e22050335c939572a43fd7b3e161d7ede5ff5a0) Phil Davis
07:10 PM Revision df84832c: Fix #7031 Allow interfaces that use DHCP for OpenVPN: even though the interface (or gateway group) has not yet actually
received an IP address.
This is useful when setting... Phil Davis
07:09 PM Revision ad230803: Merge pull request #3306 from phil-davis/ovpndhcp: Renato Botelho
07:02 PM Bug #7003: autoboot_delay on 2.4.0: Am I correct that this is only set during install and we have to set it manually if already installed? Wouldn't it ge... Ken Sim
06:27 PM Revision 11ee0c6d: Add new "Ignore client identifiers" DHCP feature: Exposes the underlying dhcpd configuration option "ignore-client-uids"
in the pfSense "Services / DHCP Server" GUI by... Brett Keller
06:07 PM pfSense Packages Bug #7017: Squid NT Domain authentication is broken: Just removed this deprecated stuff in https://github.com/pfsense/FreeBSD-ports/pull/241. People should use LDAP for A... Kill Bill
05:14 PM Bug #7026 (Resolved): filter_logs.inc: parse_firewall_log_line(): Filter logs do not display: Thanks you Luiz. Anonymous
04:48 PM Revision 5e220503: Refactor interface_has_dhcp: to reduce nesting Phil Davis
04:43 PM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: Don't delete the DUID mid session, its pointless, dhcp6c will generate a new one, which means that your ISP then sees... Martin Wasley
09:18 AM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: And I think it's important that this seems to be a problem with dhcp6c and NOT dhcp6d. Arno Gramatke
08:46 AM Bug #6981: IPv6, rc.newwanipv6, flooding log and resets connection periodically: I still have this issue. I am not sure whether this has to do with the watchdog at all. When I enable IPv6 from the w... Arno Gramatke
03:20 PM Revision aa64bb65: Be more forthcoming with errors about ALTQ interfaces in relevant areas of the GUI. In particular, note when there are no capable interfaces assigned. Implements #7032: Jim Pingle
02:47 PM Bug #6318: IPsec dashboard widget causes GUI failure: This also affects Status > IPsec
We have access to a customer system that has 70 tunnels defined, and it happens e... Jim Pingle
02:42 PM pfSense Packages Bug #7028 (Resolved): Squid - all javascript broken by bootstrap conversion: Anonymous
02:41 PM pfSense Packages Bug #7028: Squid - all javascript broken by bootstrap conversion: Yeah, 0.4.28 behaves like it used to works on pfSense 2.2.x, all weirdness gone. Very cool. Thanks!!! Kill Bill
01:50 PM pfSense Packages Bug #7028: Squid - all javascript broken by bootstrap conversion: Can you describe"the weird behaviour" please? I don't see anything untoward. Also what Browser/OS are you using?
T... Anonymous
01:43 PM pfSense Packages Bug #7028: Squid - all javascript broken by bootstrap conversion: Well, that's kinda difficult to see with the package as is. :) What I did for testing was nuking all the "advanced" t... Kill Bill
01:27 PM pfSense Packages Bug #7028: Squid - all javascript broken by bootstrap conversion: I think that happens now. The XML fragment ... Anonymous
08:44 AM pfSense Packages Bug #7028: Squid - all javascript broken by bootstrap conversion: Steve Beaver wrote:
> Yep. Revised that yesterday. The Antivirus stuff appears to work as designed, but that design ... Kill Bill
07:14 AM pfSense Packages Bug #7028: Squid - all javascript broken by bootstrap conversion: Yep. Revised that yesterday. The Antivirus stuff appears to work as designed, but that design may not be ideal. It's ... Anonymous
01:44 PM Revision 016b7b5d: Typo correct: Martin Wasley
01:11 PM Bug #7031 (Feedback): Cannot configure OpenVPN on a DHCP interface that has not received an IP address: PR has been merged, thanks! Renato Botelho
06:00 AM Bug #7031: Cannot configure OpenVPN on a DHCP interface that has not received an IP address: A suggested solution in PR https://github.com/pfsense/pfsense/pull/3306 Phillip Davis
05:54 AM Bug #7031 (Resolved): Cannot configure OpenVPN on a DHCP interface that has not received an IP address: If the interface that an OpenVPN server or client is being configured on uses DHCP and has not yet received an IP add... Phillip Davis
01:09 PM Revision 5e866e12: Update obsoleted files list for 2.4: Renato Botelho
01:05 PM Revision 8a308280: Do not include debug files in base pkg: Renato Botelho
12:55 PM Revision 19ef4922: Remove rescue from installation media: Renato Botelho
11:57 AM Revision 0f2cf2a1: Fix #7031 Allow interfaces that use DHCP for OpenVPN: even though the interface (or gateway group) has not yet actually
received an IP address.
This is useful when setting... Phil Davis
09:30 AM Todo #7032 (Feedback): Make a lack of ALTQ-capable interfaces more obvious to the user: Applied in changeset commit:aa64bb6565db2f788846eee9a62bccde280a605a. Jim Pingle
09:18 AM Todo #7032 (Resolved): Make a lack of ALTQ-capable interfaces more obvious to the user: On systems that do not have any assigned interfaces capable of using ALTQ, that fact is not make obvious enough to th... Jim Pingle
07:26 AM Feature #4821: PPPoE WANs do not take full advantage of NIC driver queues for receiving traffic: It still happens on 2.4, actually it's a little worse since it doesn't appear to transmit on the additional queues li... Jim Pingle
01:51 AM Revision e2923158: Fix typo in grouping/$grouping: Steve Beaver
01:50 AM Revision 1c937bdc: Fix typo in grouping/$grouping: Steve Beaver
01:50 AM Revision 1f40cc7d: Captive portal: convert tables to sortable tables: Convert the used vouchers table from the old GET order method to a sortable table, and make the other tables (allowed... Caio Plumbeo

12/21/2016

09:48 PM Revision 5c2cfdbd: Captive portal: convert tables to sortable tables: Convert the used vouchers table from the old GET order method to a sortable table, and make the other tables (allowed... Caio Plumbeo
09:39 PM Revision aff01dbd: Text change: Martin Wasley
08:38 PM Revision 3dc2d0f1: Silence realpath errors when /dev/dumpdev does not exist.: Luiz Souza
07:19 PM Revision 3e2678ac: Fix "<onchange>" tag processing in package XML handling: Steve Beaver
07:18 PM Revision a038b816: Fix "<onchange>" tag processing in package XML handling: Steve Beaver
07:06 PM Revision 1ac0c535: Use sprintf(): (cherry picked from commit ea0a3f9ced58ab872e8cf83fb3c6200a5409bdb8) Doktor Notor
07:05 PM Revision f27fcac6: gettext-ize this while here: (cherry picked from commit 2f7cd36737b4e1b1ba02061c6c25f538bf9ed2b3) Doktor Notor
07:05 PM Revision 5017cb9a: Add enable link to Status > UPnP & NAT-PMP error message if disabled (Todo #6689): (cherry picked from commit cbe5405f70c8f1443b90d35a16890bcd9dc22714) Doktor Notor
07:05 PM Revision caee8fc9: Merge pull request #3290 from doktornotor/patch-3: Renato Botelho
06:52 PM Revision b67b143b: Move the Growl section down to the end of the page, SMTP is the most commonly used section.: Jim Pingle
06:42 PM pfSense Packages Bug #7028: Squid - all javascript broken by bootstrap conversion: OK, tested. The authentication tab works great. The antivirus stuff is quirky, will need to play with it. Most issues... Kill Bill
04:45 PM pfSense Packages Bug #7028: Squid - all javascript broken by bootstrap conversion: Should be there already Anonymous
04:41 PM pfSense Packages Bug #7028: Squid - all javascript broken by bootstrap conversion: Steve Beaver wrote:
> There was a bug in pkg_edit.php that was causing the \<onchange\> XML tag to be rendered incor... Kill Bill
04:30 PM pfSense Packages Bug #7028: Squid - all javascript broken by bootstrap conversion: Remember to update BOTH Squid from the package manager, AND the base system from the Update manager. Anonymous
04:21 PM pfSense Packages Bug #7028: Squid - all javascript broken by bootstrap conversion: Thanks, much appreciated! Will test with a new snapshot ASAP. Kill Bill
03:08 PM pfSense Packages Bug #7028 (Feedback): Squid - all javascript broken by bootstrap conversion: There were two issues: There was a bug in pkg_edit.php that was causing the \<onchange\> XML tag to be rendered incor... Anonymous
02:26 PM pfSense Packages Bug #7028: Squid - all javascript broken by bootstrap conversion: Thanks. Yours truly Santa. :-P Kill Bill
07:31 AM pfSense Packages Bug #7028: Squid - all javascript broken by bootstrap conversion: And a merry frickin' Christmas to you too :)
Looking at this now. Anonymous
03:58 AM pfSense Packages Bug #7028 (Resolved): Squid - all javascript broken by bootstrap conversion: Guys, there's this @squid_js.inc@ thing that used to do a lot of useful GUI work. It's completely no-op since the boo... Kill Bill
06:05 PM Bug #7027: Dynamic DNS dyndns.org no longer updates: Kill Bill wrote:
> Try with 2.3.3 snapshots.
Am using "2.3.3.a.20161220.0605" right now with same problems Tony Mace
04:15 AM Bug #7027: Dynamic DNS dyndns.org no longer updates: Try with 2.3.3 snapshots. Kill Bill
05:42 PM Bug #7026 (Feedback): filter_logs.inc: parse_firewall_log_line(): Filter logs do not display: It was broken only on 32bits platforms (ARM).
Fixed by: https://github.com/pfsense/FreeBSD-src/commit/aa25003286b4... Luiz Souza
11:15 AM Bug #7026 (Confirmed): filter_logs.inc: parse_firewall_log_line(): Filter logs do not display: That's right JimP, but seems like we have a regression... Luiz Souza
10:18 AM Bug #7026: filter_logs.inc: parse_firewall_log_line(): Filter logs do not display: Looks the same as #6919 Jim Pingle
04:53 PM Revision 57baf45f: Fix the download of files over https when the server uses a self signed certificate.: Submitted by: Marcelo Matos
Ticket #4766 Luiz Souza
04:53 PM Revision f763ca6e: Print an error when the given URL cannot be fetched instead of just ignoring it.: Fix an use of an uninitialized variable.
Ticket #4766 Luiz Souza
04:53 PM Revision 426522b3: Add a warning to notify the use why nothing happens when it tries to click on maintenance mode with the CARP disabled.: Luiz Souza
04:32 PM Revision c8d9654b: Fix missed reference to the pfSense-dhclient-script move.: Jim Pingle
03:26 PM Revision 7be23d53: User Defined DUID: User may define a DUID to use in System->Advanced->Networking. The
entered DUID is validated for composition and leng... Martin Wasley
01:17 PM pfSense Packages Feature #5434: Let's Encrypt pfSense support: Remove target. When PR is done and merged it's going to be available to stable versions Renato Botelho
01:16 PM Bug #5976 (Rejected): Load cryptodev as a kernel module: IPsec is builtin GENERIC kernel even in FreeBSD and it depends of crypto. This change doesn't make sense anymore Renato Botelho
12:55 PM pfSense Packages Bug #6983 (Resolved): pfBlockerNG-2.1.1_4 requires xmlrpc.inc which is removed or moved: Renato Botelho
12:46 PM pfSense Packages Bug #6983: pfBlockerNG-2.1.1_4 requires xmlrpc.inc which is removed or moved: Confirm: Fixed. Dmitriy K
12:45 PM Feature #7030 (New): New Feature Load Balance Per Amount Of GB: https://forum.pfsense.org/index.php?topic=122752.0 christian alfideo arminio
11:59 AM Revision 2b86d221: Use empty(): (cherry picked from commit 605a9e6c1f1fae786468b81bf7c911a874048fad) Doktor Notor
11:59 AM Revision 87a5d383: Fix CPU update period in System Information widget: This only updates after the refresh period set in System - General Setup - Dashboard update period; should not be har... Doktor Notor
11:58 AM Revision d6df09d0: Merge pull request #3301 from doktornotor/patch-1: Renato Botelho
11:55 AM Revision 605a9e6c: Use empty(): Doktor Notor
11:47 AM Revision 9e0e2b61: Fix display of the number of states in the firewall rules page: For numbers greater than 1000 format_number() returns strings formatted like N.NNN K/M/G/T, that get cut to only the ... Caio Plumbeo
11:46 AM Revision 6520f6c0: Fix display of the number of states in the firewall rules page: For numbers greater than 1000 format_number() returns strings formatted like N.NNN K/M/G/T, that get cut to only the ... Caio Plumbeo
11:46 AM Revision 49eed363: Merge pull request #3302 from plumbeo/number-of-states: Renato Botelho
11:17 AM Feature #7029: GRE interfaces not available as SPAN port: It may be valid on Cisco but does it actually function on FreeBSD? That would be the real question. GRE doesn't handl... Jim Pingle
11:13 AM Feature #7029 (Closed): GRE interfaces not available as SPAN port: GRE interfaces are removed from all bridge port lists. It is valid to select a GRE port as a SPAN port destination (... Adam C
11:12 AM Bug #4766 (Feedback): "URL Table (IPs)" and "URL (IPs)" do not work when text file is hosted on a fresh install of pfSense: Fix committed.
Thanks! Luiz Souza
10:09 AM Bug #6882: bsnmpd uses all available CPU with hostres module active in some cases: Reproduced it on a stock FreeBSD 11 system.
Opened a bug report upstream: https://bugs.freebsd.org/bugzilla/show_b... Jim Pingle
08:10 AM Bug #6978 (Not a Bug): Squidguard error page crashing after activating WebGUI PFSENSE https security: squidGuard can't redirect to https that way, the user will get a nasty cert error and/or it won't work.
Setup an e... Jim Pingle
07:59 AM Bug #6978: Squidguard error page crashing after activating WebGUI PFSENSE https security: sry, squidguard instead dansguardian.
Squid uses port 3128 and webgui 8989. Paulo Lima

12/20/2016

10:08 PM Revision aaddb090: Revert manual changes: Doktor Notor
10:06 PM Revision ef0e956e: Fix display of the number of states in the firewall rules page: For numbers greater than 1000 format_number() returns strings formatted like N.NNN K/M/G/T, that get cut to only the ... Caio Plumbeo
09:57 PM Revision ea0a3f9c: Use sprintf(): Doktor Notor
09:41 PM Revision 827c3f1e: Fix CPU update period in System Information widget: This only updates after the refresh period set in System - General Setup - Dashboard update period; should not be har... Doktor Notor
09:30 PM Bug #7027 (Resolved): Dynamic DNS dyndns.org no longer updates: Have paid DynDNS.org service - used to work - do not know exactly when it quit but now get following error in system ... Tony Mace
09:21 PM Bug #7026: filter_logs.inc: parse_firewall_log_line(): Filter logs do not display: I'll take this one, this happens because of a change on a struct size. Luiz Souza
09:18 PM Bug #7026: filter_logs.inc: parse_firewall_log_line(): Filter logs do not display: 2.4 logs:
Dec 1 16:34:41 pfSense filterlog: 61,16777216,,12000,cpsw0,match,block,in,0,bad-hlen=0),0
Dec 1 16:39:1... Anonymous
07:11 PM Bug #7026 (Resolved): filter_logs.inc: parse_firewall_log_line(): Filter logs do not display: There is a problem with the format of the filter logs which is causing src/etc/inc/filter_logs.inc: parse_firewall_lo... Anonymous
09:13 PM Bug #6892 (Feedback): CARP VIPs Deleted entering CARP Maintenance Mode: v6 CARP addresses now works too: https://github.com/pfsense/FreeBSD-src/commit/580e1b6a1155103292e67771940801d8fe896f45 Luiz Souza
07:12 PM Bug #6892: CARP VIPs Deleted entering CARP Maintenance Mode: IPv4 was fixed by this commit: https://github.com/pfsense/FreeBSD-src/commit/77805aa5fa51dbd2ed0b6c363c6235c892caee76... Luiz Souza
08:15 PM Revision 58dfe945: Allow "DHCP" in upper or lower case when adding LAN IP to setup wizard: Steve Beaver
08:14 PM Revision 1ef8d68c: Allow "DHCP" in upper or lower case when adding LAN IP to setup wizard: Steve Beaver
07:55 PM Revision 3575058b: Do not enter or leave the persistent maintenance mode if the CARP is temporary disabled.: While here update the CARP status check. Luiz Souza
07:55 PM Revision 34a5feac: Test fix for #6762: Steve Beaver
05:51 PM Revision 403dad2a: Disable DHCP server on interfaces with subnet >= 31. Fixes #6930: Renato Botelho
05:51 PM Revision e6650368: Disable DHCP server on interfaces with subnet >= 31. Fixes #6930: Renato Botelho
05:07 PM Revision f75f0ef7: Fix #6927 1:1 NAT validate address family: Ensure that all the manually-entered addresses come from the same
address family - i.e. they are all either IPv4 or I... Phil Davis
05:06 PM Revision c3a35c5d: NAT 1:1 use constant name when checking validateipaddr return value: (cherry picked from commit 13cf61ba2c7ab5c9029ba40606e27e71075ef8ac) Phil Davis
05:05 PM Revision ec38ba8b: Merge pull request #3299 from phil-davis/patch-8: Steve Beaver
05:04 PM Revision 42db415e: Fix #6927 1:1 NAT validate address family: Ensure that all the manually-entered addresses come from the same
address family - i.e. they are all either IPv4 or I... Phil Davis
05:03 PM Revision 13cf61ba: NAT 1:1 use constant name when checking validateipaddr return value: Phil Davis
05:02 PM Revision 809ff7c8: validateipaddr update return value comments: (cherry picked from commit 74999ad8c4cd2ae5e96c4ae21ee09a246b0a029b) Phil Davis
05:02 PM Revision ca834146: validateipaddr use constants from globals.inc: (cherry picked from commit dc9388397301912340b34398307936b5c9dc3fd6) Phil Davis
05:02 PM Revision 40ba600b: validateipaddr return address family: Enhanced the return values from validateipaddr() so the caller can know if the validated address is IPv4 or IPv6 (or ... Phil Davis
05:01 PM Revision 3d4c51e4: Merge pull request #3299 from phil-davis/patch-8: Steve Beaver
05:01 PM Revision 0ded76a6: Merge pull request #3298 from phil-davis/patch-7: Steve Beaver
04:57 PM Revision 74999ad8: validateipaddr update return value comments: Phil Davis
04:56 PM Revision dc5edc6e: Fix #7021: Deprecate device polling: Renato Botelho
04:55 PM Revision dc938839: validateipaddr use constants from globals.inc: Phil Davis
04:35 PM Revision 0f026668: Revise define values for address types to allow an easier transition in validateipaddr(): Steve Beaver
04:33 PM Revision ca86de04: Revise define values for address types to allow an easier transition in validateipaddr(): Steve Beaver
04:30 PM Revision 0ecbaa0e: Revert "ctrl-c is handy in the shell. Do not lock out.": This doesn't seem to be a problem these days. Fixes #6741
This reverts commit e8b82b8191356d50a2f210067d7a9f32976d4075. Renato Botelho
04:29 PM Revision 533f3160: Revert "ctrl-c is handy in the shell. Do not lock out.": This doesn't seem to be a problem these days. Fixes #6741
This reverts commit e8b82b8191356d50a2f210067d7a9f32976d4075. Renato Botelho
04:26 PM Revision bcdf4534: Fix #6927 1:1 NAT validate address family: Ensure that all the manually-entered addresses come from the same
address family - i.e. they are all either IPv4 or I... Phil Davis
04:22 PM Revision 24eb39e2: validateipaddr return address family: Enhanced the return values from validateipaddr() so the caller can know if the validated address is IPv4 or IPv6 (or ... Phil Davis
03:45 PM Revision a6a158e9: Captive Portal: convert active sessions table to a sortable table: Convert the active sessions table in the captive portal status page to a sortable table and remove the old sorting co... Caio Plumbeo
03:44 PM Revision cf9e9e84: Merge pull request #3287 from plumbeo/fix-order-by-lastact: Steve Beaver
03:40 PM Revision e12b438b: Captive Portal: convert active sessions table to a sortable table: Convert the active sessions table in the captive portal status page to a sortable table and remove the old sorting co... Caio Plumbeo
01:31 PM Bug #7025: wizard.php?xml=setup_wizard.xml - Setup wizard is flagging valid LAN IP addresses as invalid: It happens to me on Firefox (50.1.0 on Linux) but I was using an SG-1000 when I confirmed it, as that's what the repo... Jim Pingle
01:26 PM Bug #7025 (Confirmed): wizard.php?xml=setup_wizard.xml - Setup wizard is flagging valid LAN IP addresses as invalid: This appears to be Chrome related. No problem on Safari or Firefox. Probably the Chrome pattern matching bug. Checkin... Anonymous
01:19 PM Bug #7025 (Resolved): wizard.php?xml=setup_wizard.xml - Setup wizard is flagging valid LAN IP addresses as invalid: Go through the setup wizard to the LAN configuration page, enter a valid IP address, click or tab out of the field an... Jim Pingle
12:49 PM Revision 5d16bc84: "Internationalize" help text in router advertisements: Steve Beaver
12:48 PM Revision e9650eeb: "Internationalize" help text in router advertisements: Steve Beaver
12:41 PM Revision 4bc059ef: Unbound - add support for "deny_non_local" and "refuse_non_local" ACLs (Feature #6914): (cherry picked from commit 6ff48cf16b4264f6554feffcf35ec2eaea4bce16) Doktor Notor
12:41 PM Revision 77b7b90b: Unbound - add support for "deny_non_local" and "refuse_non_local" ACLs (Feature #6914): (cherry picked from commit 6a827f6959fc34972e532516a6a414e1cdf87714) Doktor Notor
12:41 PM Revision 2c84c28a: Merge pull request #3291 from doktornotor/patch-4: Renato Botelho
12:03 PM Revision 26ec7e01: dhcp6c no release: Script changes to allow no-release option of dhcp6c. These changes to be
used in conjunction with pfSense/FreeBSD-por... Martin Wasley
12:02 PM Revision fd67dcd4: Merge pull request #3295 from marjohn56/No-Release: Renato Botelho
12:00 PM Bug #6930 (Feedback): DHCP server should be disabled for /31 and /32: Applied in changeset commit:e66503688e06a8ce19875863ee87356bb4ce3cf8. Renato Botelho
11:10 AM Bug #6927 (Feedback): 1 to 1 NAT allows entry of mixed IP addresses: Applied in changeset commit:bcdf453402a2f742b2656cd59602250f062896ee. Phillip Davis
11:00 AM Todo #7021 (Feedback): system_advanced_network.php Deprecate/remove Device Polling on 2.4: Applied in changeset commit:dc5edc6e9840a53e6c7153414c1d0e1066efd058. Renato Botelho
10:40 AM Bug #6741 (Feedback): /etc/rc.initial does not trap CTRL-C back to console menu but rather to # prompt.: Applied in changeset commit:533f3160a46672e3cf74f6fd1af952f966ae5b06. Renato Botelho
10:35 AM Feature #6728 (Needs Patch): Route53 API mod and Geolocation: Target to future while we wait for the patch Renato Botelho
10:31 AM Todo #6998: Create a port for simplepie to keep it updated and use modular version: Convert code to use modular version of simplepie instead of static file Renato Botelho
10:22 AM Bug #4766: "URL Table (IPs)" and "URL (IPs)" do not work when text file is hosted on a fresh install of pfSense: https://192.168.1.1/firewall_aliases.php?tab=all
In URL you must to use same hostname on self-signed certificate. ... Marcelo Matos
10:08 AM Todo #3734 (Resolved): Remove PHP static pear modules from repo and use ports: Moving radius.inc change to a new ticket (#7024) Renato Botelho
10:07 AM Todo #7024 (Resolved): Replace copy of radius.inc by pear-Auth_RADIUS: Replace copy of radius.inc, with a good number of modifications, by pear-Auth_RADIUS provided by ports Renato Botelho
10:04 AM Bug #7023 (Rejected): dhclient: You are probably talking about this forum thread - https://forum.pfsense.org/index.php?topic=116487.0
I post an an... Renato Botelho
06:20 AM Bug #7023 (Rejected): dhclient: One of my testers has a site in France, the dhclient needs to send extra options ( Orange France ). Apparently there ... Martin Wasley
07:29 AM pfSense Packages Bug #7022 (Not a Bug): HAproxy action sequence bug: Jim Pingle
06:22 AM pfSense Packages Bug #7022: HAproxy action sequence bug: Yes, it is supposed to be always below the actions, I even linked the code and stated it explicitly. Dunno which part... Kill Bill
05:41 AM pfSense Packages Bug #7022: HAproxy action sequence bug: Kill Bill wrote:
> Actually, no, there is no such bug. The redirect rules are ordered perfectly fine as declared. An... Vladimir Tiukhtin
05:00 AM pfSense Packages Bug #7022: HAproxy action sequence bug: Actually, no, there is no such bug. The redirect rules are ordered perfectly fine as declared. And there's nothing to... Kill Bill
04:16 AM pfSense Packages Bug #7022: HAproxy action sequence bug: Kill Bill wrote:
> Fix the "tes" typo to "test" perhaps? Use https://forum.pfsense.org/index.php?board=60.0 for help... Vladimir Tiukhtin
03:49 AM pfSense Packages Bug #7022: HAproxy action sequence bug: Fix the "tes" typo to "test" perhaps? Use https://forum.pfsense.org/index.php?board=60.0 for help, Redmine is for bugs. Kill Bill
03:11 AM pfSense Packages Bug #7022 (Not a Bug): HAproxy action sequence bug: Web interface generate wrong action sequence in HAproxy config. See screenshots Vladimir Tiukhtin
05:45 AM pfSense Packages Bug #6950 (Feedback): Auto Config Backup always reports success: PR has been merged. Thanks! Renato Botelho
05:39 AM pfSense Packages Bug #6983 (Feedback): pfBlockerNG-2.1.1_4 requires xmlrpc.inc which is removed or moved: 2.1.1_5 should address this Renato Botelho

12/19/2016

09:32 PM Revision 50563530: dhcp6c no release: Script changes to allow no-release option of dhcp6c. These changes to be
used in conjunction with pfSense/FreeBSD-por... Martin Wasley
09:04 PM Revision e0c32322: Revised #6889 to use formatted list syntax: Steve Beaver
09:03 PM Revision 652ce2b5: Revised #6889 to use formatted list syntax: Steve Beaver
08:52 PM Revision 8bba3339: COmpleted #6889 by re-formatting help text: Steve Beaver
08:50 PM Revision 297190ed: COmpleted #6889 by re-formatting help text: Steve Beaver
08:27 PM Revision 3eaf25aa: Fix capitalization of confirmation messages for btn-danger buttons and fa-trash icons: Value and title were converted to lower case but not textContent. Consequently some pop-up messages included capitali... Caio Plumbeo
08:26 PM Revision 806a202a: Merge pull request #3286 from plumbeo/danger-lower-case: Jared Dillard
07:39 PM Revision 1d87a144: Reset the $icon variable (otherwise it can keep the last value - in a few broken cases): Luiz Souza
06:37 PM pfSense Packages Bug #6356 (Resolved): Snort - missing protocol in port scan detection: Renato Botelho
06:03 PM pfSense Packages Bug #6356: Snort - missing protocol in port scan detection: Been merged/fixed long time ago. Can be closed. Kill Bill
06:36 PM Bug #6997 (Resolved): DHCP/DHCPv6 server GUI should be accessible even if DHCP relay is enabled: Renato Botelho
05:52 PM Bug #6997: DHCP/DHCPv6 server GUI should be accessible even if DHCP relay is enabled: Works, thanks! 8-) Kill Bill
03:24 PM Revision e93e2b68: Update pot: Renato Botelho
03:22 PM Revision 7145bb56: Improve RADVD router mode help text (Todo #6889): (cherry picked from commit 69bfc8ede81fb28b6eceb7f1343d94c68073c706) Doktor Notor
03:22 PM Revision 0e95f736: Merge pull request #3289 from doktornotor/patch-2: Renato Botelho
03:21 PM Revision 91650d98: Update pot: Renato Botelho
02:53 PM Todo #6889 (Resolved): Improve router mode help text: Kill Bill text reformatted to take up less screen space. Thanks KB. Anonymous
02:32 PM Revision 12f15f47: Validate IP addresses using validateipaddr() function: Steve Beaver
01:07 PM Todo #7021 (Resolved): system_advanced_network.php Deprecate/remove Device Polling on 2.4: Given the other changes on 2.4 (e.g. dropping i386), it may also be time to remove the polling option from /usr/local... Jim Pingle
12:00 PM Revision fe81d18f: Add missing include: (cherry picked from commit 12094fd551055c40b3d0da8d27a5fcaabed0ae54) Doktor Notor
12:00 PM Revision 2f15609c: Restart unbound after clearing logs (Bug #6915): (cherry picked from commit ef72cd5c2d36ff300de8de5971c05e19d1c9443c) Doktor Notor
11:59 AM Revision 3d048d1b: Merge pull request #3284 from doktornotor/patch-1: Renato Botelho
11:57 AM Revision 7d25750f: status_queues.php - remove redundant escaping: (cherry picked from commit c69a1a745045cbb7feef216ee97fcb72a00558ec) Doktor Notor
11:57 AM Revision 539beb9f: Merge pull request #3292 from doktornotor/patch-5: Renato Botelho
11:21 AM Revision c69a1a74: status_queues.php - remove redundant escaping: Doktor Notor
10:56 AM Bug #6959 (Resolved): Remove or rename "LiveCD" option in the 2.4 installer: Done Renato Botelho
09:44 AM Bug #7020 (Duplicate): <Hostname> is omitted when sending logs on syslog: When sending "filterlog" over syslog the standard defined in https://doc.pfsense.org/index.php/Filter_Log_Format_for_... Idar Lund
08:48 AM pfSense Packages Bug #4034 (Resolved): AutoConfigBackup - user-config-readonly priv still does backup: Confirmed as fixed. A user with the Deny Config Write privilege won't trigger a new ACB entry on save. Jim Pingle
08:39 AM Bug #6990: DDNS IPs not updating after a system restart: Jim Pingle wrote:
> Nothing unusual in the settings, look for anything related to Dynamic DNS in the main system log... Muchacha Grande
07:48 AM Bug #6990: DDNS IPs not updating after a system restart: Nothing unusual in the settings, look for anything related to Dynamic DNS in the main system log, are there any error... Jim Pingle
06:18 AM Bug #6990: DDNS IPs not updating after a system restart: Jim Pingle wrote:
> Not nearly enough detail.
>
> What are the exact types and services used in your Dynamic DNS ... Muchacha Grande
06:00 AM Bug #6915 (Feedback): unbound logging not working after reboot or "Reset log files": PR has been merged Renato Botelho
05:55 AM pfSense Packages Feature #3303 (Feedback): Allow quagga ospf stub, not so stub and totally stub areas: PR has been merged Renato Botelho
05:49 AM pfSense Packages Feature #556 (Feedback): siproxd: add carp virtual IPs as interface candidates: PR merged Renato Botelho

12/18/2016

03:18 PM pfSense Packages Feature #556: siproxd: add carp virtual IPs as interface candidates: In case you are still waiting... https://github.com/pfsense/FreeBSD-ports/pull/235
LOLz. Kill Bill
02:22 PM Revision 53ceab5d: Update pfSense.pot: Doktor Notor
02:12 PM Revision 6ff48cf1: Unbound - add support for "deny_non_local" and "refuse_non_local" ACLs (Feature #6914): Doktor Notor
02:04 PM Revision 6a827f69: Unbound - add support for "deny_non_local" and "refuse_non_local" ACLs (Feature #6914): Doktor Notor
11:59 AM Revision 9d6d437b: Update pfSense.pot: Doktor Notor
11:53 AM Revision 2f7cd367: gettext-ize this while here: Doktor Notor
11:45 AM Revision cbe5405f: Add enable link to Status > UPnP & NAT-PMP error message if disabled (Todo #6689): Doktor Notor
11:02 AM Revision 66fa78b6: Update pfSense.pot: Doktor Notor
10:33 AM Revision 69bfc8ed: Improve RADVD router mode help text (Todo #6889): Doktor Notor
08:24 AM Feature #6914: unbound access-control lists: https://github.com/pfsense/pfsense/pull/3291 Kill Bill
05:45 AM Todo #6689: Add enable link to Status > UPnP & NAT-PMP error message if disabled: https://github.com/pfsense/pfsense/pull/3290 Kill Bill
04:34 AM Todo #6889: Improve router mode help text: I got annoyed once again by having to look up what the modes do in the PHP code, so did a PR:
https://github.com/p... Kill Bill
04:08 AM Revision 1992d9f9: Fix up validation and encoding on Captive Portal status pages. Fixes #7019: Jim Pingle
04:08 AM Revision c31fb7b0: Fix up validation and encoding on Captive Portal status pages. Fixes #7019: Jim Pingle
04:01 AM Revision ac90c901: Fix up validation and encoding on Captive Portal status pages. Fixes #7019: Jim Pingle

12/17/2016

10:10 PM Bug #7019 (Feedback): XSS issues in captive portal status pages: Applied in changeset commit:ac90c9012453c7e81ff0d0b472a55b116866c56e. Jim Pingle
10:07 PM Bug #7019 (Resolved): XSS issues in captive portal status pages: The zone parameter needs better validation/encoding on the captive portal status pages, and the 'order' parameter on ... Jim Pingle
09:59 PM Revision 19d905bc: IPv6, allow DHCP6 server to use a prefix size of /59 and /61 like dhcp client does: Pi Ba
06:57 PM pfSense Packages Bug #3380 (Not a Bug): FreeRadius-User-Option "Expiration Date" kills the FreeRadius-Server: Jim Pingle
06:10 PM pfSense Packages Bug #3380: FreeRadius-User-Option "Expiration Date" kills the FreeRadius-Server: Did you read the field description and the error message?
> Enter the date when this account should expire. *Forma... Kill Bill
05:58 PM pfSense Packages Bug #6805 (Duplicate): Freeradius + OTP sometimes auth failed when auth openvpn.: Probably fixed with #6900 anyhow. Closing. Jim Pingle
12:06 PM pfSense Packages Bug #6805: Freeradius + OTP sometimes auth failed when auth openvpn.: Not even remotely enough info here to debug anything. Please, move to https://forum.pfsense.org/ until you have a con... Kill Bill
05:52 PM Revision 4db8128c: Fix capitalization of confirmation messages for btn-danger buttons and fa-trash icons: Value and title were converted to lower case but not textContent. Consequently some pop-up messages included capitali... Caio Plumbeo
05:37 PM pfSense Packages Bug #6456: vm-bhyve not correctly detecting the modules in kernel: Jose Luis Duran wrote:
> This was fixed in vm-bhyve v0.12.3.
>
> (https://github.com/churchers/vm-bhyve/commit/a7... Kill Bill
03:45 PM Bug #7018: DHCP packets replicated on non-DHCP relay interface: No idea what's the bug here (the requests are relayed from the configured interfaces to the network where's the confi... Kill Bill
01:53 PM Bug #7018 (Closed): DHCP packets replicated on non-DHCP relay interface: When enabling DHCP relay for the following networks:
LAN: 192.168.2.0
PUBLIC: 192.168.4.0
But not on:
Se... Jan Eagleman
09:07 AM pfSense Packages Bug #6950: Auto Config Backup always reports success: Well, actually there's _some_ output needed no matter what, to provide some indication that the Backup button works. ... Kill Bill
08:31 AM pfSense Packages Bug #6950: Auto Config Backup always reports success: I just removed the misleading "success" noise as part of https://github.com/pfsense/FreeBSD-ports/pull/234 - as noted... Kill Bill
07:54 AM pfSense Packages Bug #4034: AutoConfigBackup - user-config-readonly priv still does backup: Well I think this bug is gone since this commit (which disabled the unwanted duplicated backups as well) - https://gi... Kill Bill
07:48 AM pfSense Packages Feature #4055 (Rejected): Enable area authentication from GUI: Jim Pingle
04:53 AM pfSense Packages Feature #4055: Enable area authentication from GUI: Works just fine with the GUI as well, cf. https://github.com/pfsense/FreeBSD-ports/blob/devel/net/pfSense-pkg-Quagga_... Kill Bill
07:16 AM pfSense Packages Feature #6951: Disable Auto Config Backup without uninstalling: https://github.com/pfsense/FreeBSD-ports/pull/234 Kill Bill
06:16 AM Bug #6852: Commit 8f86722 breaks DHCPv6 leases status page: only ipv6 that i get to show up is static mappings so I attached requested file currently on 2.3.3-DEVELOPMENT (amd6... Michael Kellogg
04:31 AM pfSense Packages Bug #5732: Qagga: Different output in ospfd.conf based on order of interfaces.: The description here makes no sense. I'd suggest to post some configuration screenshots with the interfaces configura... Kill Bill
03:33 AM pfSense Packages Feature #3303: Allow quagga ospf stub, not so stub and totally stub areas: Renato Botelho wrote:
> Please send it as using github pull request on https://github.com/pfsense/pfsense-packages r... Kill Bill
12:39 AM Revision 12094fd5: Add missing include: Doktor Notor
12:11 AM Revision ef72cd5c: Restart unbound after clearing logs (Bug #6915): Doktor Notor

12/16/2016

10:46 PM Revision 07c812a5: Merge pull request #3283 from doktornotor/patch-1: Jim Pingle
09:44 PM Revision f84d7989: Merge pull request #1 from stilez/jdillard-patch-1: Fix the Safari issue mentioned by @rbgarga. Taking RBG + Jared's word this fixes it :) Stilez y
06:45 PM pfSense Packages Bug #6616 (Duplicate): Client Export list empty when using intermediate CA: Jim Pingle
06:26 PM pfSense Packages Bug #6616: Client Export list empty when using intermediate CA: This works just fine here with 2.3.3, sounds like duplicate of Bug #2800. Kill Bill
06:33 PM Revision 18d8ab35: validateipaddr enhance flexibility for translation: By using sprintf() we can allow for some language where the label text does not fit at the start of the sentence.
(ch... Phil Davis
06:33 PM Revision 2a3d27a6: Merge pull request #3281 from phil-davis/patch-7: Renato Botelho
06:32 PM Revision c22a908d: validateipaddr code format: (cherry picked from commit aa2b8133b3cdb90791b577a90361842cd97bb16b) Phil Davis
06:32 PM Revision 4a725adc: Merge pull request #3280 from phil-davis/patch-2: Renato Botelho
06:12 PM Bug #6915: unbound logging not working after reboot or "Reset log files": The "reset log files" issue should be fixed by https://github.com/pfsense/pfsense/pull/3284
As for unbound logging... Kill Bill
06:07 PM pfSense Packages Bug #6061 (Closed): stunnel package update request: Jim Pingle
05:33 PM pfSense Packages Bug #6061: stunnel package update request: 2.2.x packages are not maintained. PR for stunnel package on 2.3+ is @ https://github.com/pfsense/FreeBSD-ports/pull/... Kill Bill
06:07 PM pfSense Packages Bug #6060 (Closed): stunnel certs tab does update cert tab: Jim Pingle
05:33 PM pfSense Packages Bug #6060: stunnel certs tab does update cert tab: 2.2.x packages are not maintained. PR for stunnel package on 2.3+ is @ https://github.com/pfsense/FreeBSD-ports/pull/... Kill Bill
05:48 PM pfSense Packages Feature #6436: Add Stunnel binaries to the pfSense repository: Adding the PR for reference: https://github.com/pfsense/FreeBSD-ports/pull/135
Kill Bill
05:46 PM Bug #6363: AutoConfigBackup Restore Actions column missing due to long XMLRPC sync merge strings in the configuration description: Hmmm, wraps into multiple lines just fine here.
!https://s29.postimg.org/8064c051j/Screenshot_ACB.png! Kill Bill
03:53 PM Revision 647db6bb: Ensure that the more secure option is used if both user-copy-files and user-copy-files-chroot is granted: Doktor Notor
02:42 PM pfSense Packages Bug #7017 (Resolved): Squid NT Domain authentication is broken: Relevant forum thread: https://forum.pfsense.org/index.php?topic=113667.0; the method used for Squid 3.3 does no long... Kill Bill
02:26 PM Bug #6982: Nested Aliases with FQDNs do not populate parent table in some cases: I'll work on it Renato Botelho
02:23 PM Revision d1aa3bba: Suppress error logging for Diag > Command Prompt so an error in user-entered code doesn't offer to submit a crash report. A notice is still generated since PHP <7 doesn't yet have error_clear_last(). Fixes #6702: Jim Pingle
02:23 PM Revision fb2f904c: Suppress error logging for Diag > Command Prompt so an error in user-entered code doesn't offer to submit a crash report. A notice is still generated since PHP <7 doesn't yet have error_clear_last(). Fixes #6702: Jim Pingle
02:20 PM Revision 45bcbee9: Suppress error logging for Diag > Command Prompt so an error in user-entered code doesn't offer to submit a crash report. A notice is still generated since PHP <7 doesn't yet have error_clear_last(). Fixes #6702: Jim Pingle
01:44 PM Feature #7016 (Resolved): system_information_widget.php - Indicate adaptive state timeout status when active: It would be helpful to show the user that pf has enabled adaptive state timeout scaling when it kicks in.
Some sam... Jim Pingle
01:04 PM Revision 4f48a261: Update pfSense.pot: Doktor Notor
12:53 PM Revision 8dd0a7da: Add support for chrooted SCP: Doktor Notor
12:33 PM Revision 74fd2299: Add support for chrooted SCP: Doktor Notor
11:43 AM Bug #7015 (Resolved): IPsec not working behind NAT: @luiz has the details, looks like a ESP fragment but it creates odd state with unknown IP address like:
enc0 icmp ... Renato Botelho
11:14 AM Bug #7013: Changing group scope to remote does not remove it from group file: Well, there's obviously much more wrong here, this actually requires a reboot to take effect. Also, adding/removing u... Kill Bill
09:06 AM Bug #6702 (Resolved): Command Prompt syntax error and crash detection report: Yeah that's part is good to stay, what still annoys me is that you get a notice from it (alert bell, e-mail notificat... Jim Pingle
08:48 AM Bug #6702: Command Prompt syntax error and crash detection report: Yup, works. (As for the error being shown in "PHP Response", I think that's OK and should actually stay, it's useful.) Kill Bill
08:30 AM Bug #6702: Command Prompt syntax error and crash detection report: Applied in changeset commit:45bcbee917920238248a2486a2742e3ff327b309. Jim Pingle
08:28 AM Bug #6702: Command Prompt syntax error and crash detection report: Pushed a small change so that it will at least not offer to submit a crash report. Jim Pingle
05:16 AM Bug #6702: Command Prompt syntax error and crash detection report: Well I think what was meant here is that pasting random potentially broken junk to Diagnostics - Command Prompt for t... Kill Bill
08:28 AM pfSense Packages Bug #1620: Can't use transparent proxy when using bridge.: I have no intention setting up bridges to test with transparent Squid. My understanding is that when the interface is... Kill Bill
08:06 AM pfSense Packages Bug #6182: HAProxy not supporting ALPN: Pi Ba wrote:
> Is it possible to make changes to existing ports makefiles?
See this and replace with < 1100000?
... Kill Bill
07:32 AM Bug #7014: inbound connections do not get through whilst using openvpn: Thanks posted on forum few weeks back but got no response
thanks for the detailed bug that does sound similar wel... r m
06:45 AM Bug #7014 (Rejected): inbound connections do not get through whilst using openvpn: Not enough usable info here. Please "post on the forum":https://forum.pfsense.org/index.php?board=69.0 with much more... Jim Pingle
06:15 AM Bug #7014: inbound connections do not get through whilst using openvpn: openvpn not opendns r m
04:29 AM Bug #7014 (Rejected): inbound connections do not get through whilst using openvpn: when using openvpn, inbound traffic is not received and do not get passed to the intended device,
when you turn o... r m
07:11 AM Bug #7012: scponly shipped with pfSense does not work with Linux scp: Jim Pingle wrote:
> Yeah it would need some extra bits but that can all be done by hand if the user really wants it,... Kill Bill
06:42 AM pfSense Packages Bug #6489 (Not a Bug): Squid Reverse Proxy: Deleting an entry on the "Redirects" tab does not reload config: Jim Pingle
05:34 AM pfSense Packages Bug #6489: Squid Reverse Proxy: Deleting an entry on the "Redirects" tab does not reload config: No idea how to reproduce. On save, squid_resync() is called [1] which in turn calls squid_resync_reverse() [2] which ... Kill Bill
06:41 AM pfSense Packages Bug #6632 (Resolved): siproxd hosts_allow_reg should be configurable: Jim Pingle
05:04 AM pfSense Packages Bug #6632: siproxd hosts_allow_reg should be configurable: Done with 1.1.3 (https://github.com/pfsense/FreeBSD-ports/pull/147), can be closed. Kill Bill
06:40 AM pfSense Packages Bug #6654 (Resolved): siproxyd Table issue: Jim Pingle
05:01 AM pfSense Packages Bug #6654: siproxyd Table issue: Fixed with 1.1.3 (https://github.com/pfsense/FreeBSD-ports/pull/147), can be closed. Kill Bill
06:38 AM pfSense Packages Bug #6999 (Resolved): ntopng missing preferences menu: Renato Botelho
04:54 AM pfSense Packages Bug #6999: ntopng missing preferences menu: Works. Kill Bill
03:12 AM Revision bb9747b2: validateipaddr enhance flexibility for translation: By using sprintf() we can allow for some language where the label text does not fit at the start of the sentence. Phil Davis
03:02 AM Revision aa2b8133: validateipaddr code format: Phil Davis

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

01/14/2017

01/13/2017

01/12/2017

01/11/2017

01/10/2017

01/09/2017

01/08/2017

01/07/2017

01/06/2017

01/05/2017

01/04/2017

01/03/2017

01/02/2017

01/01/2017

12/31/2016

12/30/2016

12/29/2016

12/28/2016

12/27/2016

12/26/2016

12/25/2016

12/24/2016

12/23/2016

12/22/2016

12/21/2016

12/20/2016

12/19/2016

12/18/2016

12/17/2016

12/16/2016