Activity

30 days up to

User

Subprojects

Activity

From 05/21/2017 to 06/19/2017

06/19/2017

08:46 PM Revision bb61608d: Added orange login page choice: Steve Beaver
08:18 PM Revision 05ae8524: Correct spacing for extra small view portal (phone): Steve Beaver
06:46 PM Revision 2d933f5a: Restore MITM warning: Steve Beaver
06:08 PM Revision 377f2570: Include host name if so configured: Steve Beaver
05:46 PM Revision f902a15c: Restore cookie warning via pop-up: Steve Beaver
05:19 PM Revision 1eca4f60: Ignore loginpage color values from previous version that used the file name: Steve Beaver
05:15 PM Revision d58a7378: Improved login page graphic: Steve Beaver
03:49 PM Bug #7634: When restoring from USB during install, if the config file contains RRD data, the final config.xml on the system will also contain all the RRD infomation: robi robi wrote:
> Is this feature left out intentionally from the future versions?
The installer was changed com... Jim Pingle
03:42 PM Bug #7634: When restoring from USB during install, if the config file contains RRD data, the final config.xml on the system will also contain all the RRD infomation: Is this feature left out intentionally from the future versions?
It's very handy. It allowed me to restore a firew... robi robi
01:14 PM Bug #7634: When restoring from USB during install, if the config file contains RRD data, the final config.xml on the system will also contain all the RRD infomation: Looks like there isn't any code to handle restoring RRD in that PFI path, only when diag_backup.php is used.
The f... Jim Pingle
02:36 PM pfSense Packages Bug #7524: Squid MITM/SSL-Bump broken with Chrome due to missing SAN in generated certificates: Packages are up for 2.4 and 2.3.4, 2.3.x snapshots will be up next time a snapshot runs. Test and let us know if it i... Jim Pingle
01:58 PM pfSense Packages Bug #7524 (Feedback): Squid MITM/SSL-Bump broken with Chrome due to missing SAN in generated certificates: Jim Pingle
01:54 PM pfSense Packages Bug #7524: Squid MITM/SSL-Bump broken with Chrome due to missing SAN in generated certificates: I'm getting 3.5.26 pulled into the package branches right now, should be building and up soon. Jim Pingle
02:01 PM Bug #7650 (Resolved): vendor/filebrowser/browser.php: Filename parameter is unencoded which can lead to a potential XSS: Fixed Jim Pingle
02:00 PM Bug #7651 (Resolved): firewall_nat_edit.php: dst_change JS can cause XSS with an invalid interface name: Fixed Jim Pingle
01:59 PM Bug #7652 (Resolved): diag_tables.php: 'type' parameter can lead to XSS: Fixed Jim Pingle
01:53 PM Bug #7649: pkg_edit.php - The last row cannot be deleted with ntopng.xml: It doesn't like that the element id has "delete" in it and it isn't part of a repeatable/rowhelper control.
If you... Jim Pingle
07:22 AM Feature #7598: Static IPv6 using IPv4 PPPoE as parent interface: No it's a patch in my repo. I wanted it tested before sending it on to the main repo. If you think it will be a usefu... Martin Wasley
07:17 AM Feature #7598: Static IPv6 using IPv4 PPPoE as parent interface: Is there a PR for that patch? I'm not seeing anything in the repo currently with that hash/id. Jim Pingle
06:17 AM Feature #7598: Static IPv6 using IPv4 PPPoE as parent interface: Appears it will never work for Greg as his ISP requires he must send a dhcp6 request.
For those of us who can use... Martin Wasley
07:16 AM Bug #5993 (Resolved): dhcp6c not started until an RA received: Jim Pingle
06:13 AM Bug #5993: dhcp6c not started until an RA received: This one should be closed Jim, it's been rock solid for months now.
Fixed - Resolved. Martin Wasley
06:29 AM Bug #7653 (Closed): 3gstats.php holding open the cuaU0.3 device: if the usb 3g/4g modem is unplugged then reconnected or itself rebooted (via AT commands) it comes up as ttyU1 (aka c... dean hamstead

06/17/2017

12:14 PM Revision 0fdfe230: Activate FreeRADIUS 3 for 2.3.4: Jim Pingle
06:31 AM pfSense Packages Bug #7617: OpenBGP not restarting on new WAN IP or firewall reload: Thank you, again. _shellcmd_ package was the answer.
Perhaps someone could close this now. (I can't see any way t... Phil Biggs
05:18 AM pfSense Packages Bug #7617: OpenBGP not restarting on new WAN IP or firewall reload: Yeah I'd say it's no longer needed since WAN IP change will trigger @filter_configure()@ on its own. Kill Bill
05:11 AM pfSense Packages Bug #7617: OpenBGP not restarting on new WAN IP or firewall reload: Many thanks for that. Tested and works.
I didn't know that _shellcmd_ even had that option. I've never used it b... Phil Biggs
03:59 AM pfSense Packages Bug #7617: OpenBGP not restarting on new WAN IP or firewall reload: Phil Biggs wrote:
> The table is successfully reloaded on new WAN IP but it doesn't work after a firewall rule chang... Kill Bill
03:39 AM pfSense Packages Bug #7617: OpenBGP not restarting on new WAN IP or firewall reload: It's a horrible hack but I added a line to openbgpd.inc:... Phil Biggs
06:15 AM Bug #7641: Multiple reboots without error message: That's going to be out of our hands then. Try to reproduce it on a plain FreeBSD system but it's probably an incompat... Jim Pingle
05:37 AM Bug #7641: Multiple reboots without error message: Thanks four your hint. I started a research and posted the results in the forum (german: https://forum.pfsense.org/in... Philipp Haefelfinger

06/13/2017

08:40 PM Bug #7645: SG-1000 VLAN interfaces do not work without promisc mode: Ref: forum thread https://forum.pfsense.org/index.php?topic=132055.0 Phillip Davis
03:03 PM Bug #7645 (Resolved): SG-1000 VLAN interfaces do not work without promisc mode: On the latest snapshot, VLAN interfaces do not function on SG-1000 units unless the parent NIC is set promiscuous (ma... Jim Pingle
05:12 PM Revision 0b2f2d41: Redact BGP MD5 password/key in status output. Fixes #7642: (cherry picked from commit aa18c5b9b62e110ebf88fbb24c39c2a13813bd89)
(cherry picked from commit 4122033534b5dd927cd56... Jim Pingle
05:11 PM Revision 41220335: Redact BGP MD5 password/key in status output. Fixes #7642: (cherry picked from commit aa18c5b9b62e110ebf88fbb24c39c2a13813bd89) Jim Pingle
05:11 PM Revision aa18c5b9: Redact BGP MD5 password/key in status output. Fixes #7642: Jim Pingle
12:22 PM pfSense Packages Bug #7524: Squid MITM/SSL-Bump broken with Chrome due to missing SAN in generated certificates: We should be able to pull that in unless there is something I'm not seeing. Assigning to Renato to check it over. Jim Pingle
12:20 PM Bug #7642 (Feedback): Redact BGP keying from status output: Applied in changeset commit:aa18c5b9b62e110ebf88fbb24c39c2a13813bd89. Jim Pingle
11:53 AM Bug #7644 (Rejected): Slow network speed LAN -> WAN: Jim Pingle
11:40 AM Bug #7644: Slow network speed LAN -> WAN: This is a bug tracker, not a support channel. Kindly use https://forum.pfsense.org/. Kill Bill
10:10 AM Bug #7644 (Rejected): Slow network speed LAN -> WAN: Xenserver 7
After install openvpn-server on pfsense (latest) in tap mode, very slow speed on client lan interface.
... Dmitry Svetl
04:54 AM pfSense Packages Feature #7449: feature request for openvpn-client-export package, add the support for openvpn up and down script, for mapping network drive: +1 for this!!
We also use connect scripts which we need to add manually after installing the client, would be so n... robi robi
04:47 AM pfSense Packages Feature #7621: OpenVPN Client Export name whens is a windows installer have the same name its a bit confused: +1 for this. We're exporting both x86 and x64 versions for each user, because we don't see in advance which os versio... robi robi
04:42 AM Feature #7643 (Resolved): Send notification when boot completed: Please add an option with a checkbox in System / Advanced / Notifications to send a notification when bootup has comp... robi robi

06/12/2017

06:48 PM Revision 12b9eedf: Don't remove examples from packages as obsolete, some packages rely on the files being there.: (cherry picked from commit 835d8b72effa274b5e2733f219fde00fee60f8e3)
(cherry picked from commit be263d6c8b0e1f6c4ea71... Jim Pingle
06:48 PM Revision be263d6c: Don't remove examples from packages as obsolete, some packages rely on the files being there.: (cherry picked from commit 835d8b72effa274b5e2733f219fde00fee60f8e3) Jim Pingle
06:48 PM Revision 835d8b72: Don't remove examples from packages as obsolete, some packages rely on the files being there.: Jim Pingle
03:40 PM Bug #7642 (Resolved): Redact BGP keying from status output: Some customers might consider BGP pass phrases, etc to be proprietary. They should probably be redacted from status o... Chris Linstruth
03:07 PM Bug #7641 (Rejected): Multiple reboots without error message: Sudden reboots without crash reports are nearly always hardware, despite the hardware's history.
Post on the forum... Jim Pingle
03:05 PM Bug #7641 (Rejected): Multiple reboots without error message: Hi
I'm running on the 2.4 Beta and I have several unplaned reboots during a normal day. Sometimes it is one within... Philipp Haefelfinger
02:20 PM Revision 8decdc4b: Merge pull request #3755 from doktornotor/patch-1: Jim Pingle
01:32 PM Feature #7640: Separate interfaces for different OpenVPN tunnels: Then the configuration procedure was performed incorrectly, follow up on the forum/list/reddit/etc for configuration ... Jim Pingle
01:31 PM Feature #7640: Separate interfaces for different OpenVPN tunnels: Doing that resulted in all OpenVPN packets for the particular tunnel being dropped, so I assumed it was flawed or an ... Riccardo Paolo Bestetti
01:20 PM Feature #7640 (Rejected): Separate interfaces for different OpenVPN tunnels: You can do this now by assigning the openvpn interfaces so you get a tab for each one individually, which is as close... Jim Pingle
01:18 PM Feature #7640 (Rejected): Separate interfaces for different OpenVPN tunnels: I think you should consider separating different OpenVPN tunnels as different interfaces in firewall_rules.php.
Ri... Riccardo Paolo Bestetti
01:01 PM Bug #7639 (Not a Bug): NAT does not work between OpenVPN and IPsec tunnels: Hello,
NAT rules don't get correctly triggered with packets being routed from OpenVPN remote clients to IPsec tunnel... Riccardo Paolo Bestetti
10:18 AM Bug #7439: IKE_SA (IKEv2) does not rekey on break before make startegy, just issues IKE_DELETE and connection is closed: Any updates on this? Can it be reproduced? Reinis Adovics
09:08 AM Revision 8679b740: Comment typo/whitespace fix: Doktor Notor
05:05 AM Bug #7629: FreeBSD PR affecting pfsense: All fixes are in 11.1 and 11-STABLE.
So if pfsense 2.4 migrates to 11.1 in july this will be fixed as well as many... Chris Collins

06/11/2017

08:07 PM pfSense Packages Bug #7524: Squid MITM/SSL-Bump broken with Chrome due to missing SAN in generated certificates: ryon m wrote:
> Looks like the Squid developers are getting ready to push v3.5.26, which appears to have a fix for b... Patricio Stegmann
07:41 PM Bug #7638: Carp Status incorrect - visual bug in webconfigurator interface: Looks like this is the case.
https://github.com/pfsense/pfsense/pull/3754 Chris Linstruth
07:01 PM Bug #7638 (Resolved): Carp Status incorrect - visual bug in webconfigurator interface: There is a bug where if certain high VHID numbers are added before lower numbers, the status on the Status -> CARP (f... Steven Brown
01:38 AM Bug #7637: Any operation of the suricata package will cause the system to crash: try remove the suricata package,and the pf system auto restart,then ipv6 tunnle network not normal work. test at 2.4.... yon Liu

06/10/2017

09:59 AM Bug #4494: axge bug - AX88179 chipset (network interface reseting): It seems the problem remains in 2.3.4 release. Oleg Cherkasov
04:03 AM Bug #7637 (Rejected): Any operation of the suricata package will cause the system to crash: Any operation of the suricata package will cause the system to crash. such as remove and close etc.
i have submit i... yon Liu

06/09/2017

10:57 PM Bug #7635: default acount can't login in chrome 58.0.3029.110 (64-bit): Tried Version 58.0.3029.110 (64-bit) here. No problem logging in. Latest snap full install 64bit.
Chris Palmer
09:46 PM Bug #7635: default acount can't login in chrome 58.0.3029.110 (64-bit): i have install pfSense-CE-memstick-2.4.0-BETA-amd64-20170609-1636.img, yon Liu
09:41 PM Bug #7635 (Rejected): default acount can't login in chrome 58.0.3029.110 (64-bit): Can't reproduce. Fresh 2.4 install, Chrome 58 and 59 both work fine. Use a current snapshot and a current Chrome, you... Jim Pingle
09:21 PM Bug #7635 (Rejected): default acount can't login in chrome 58.0.3029.110 (64-bit): when i new install pf 2.4 , use the admin pfsense account can't login in chrome 58.0.3029.110 (64-bit).
yon Liu
09:43 PM Bug #7636: Any operation of the suricata package will cause the system to crash: Jim Pingle wrote:
> Not nearly enough detail to make a valid bug report.
I have submitted bug log in the system b... yon Liu
09:30 PM Bug #7636 (Rejected): Any operation of the suricata package will cause the system to crash: Not nearly enough detail to make a valid bug report. Jim Pingle
09:27 PM Bug #7636 (Rejected): Any operation of the suricata package will cause the system to crash: Any operation of the suricata package will cause the system to crash. such as remove and close etc.
i have submit i... yon Liu
09:34 PM pfSense Packages Bug #7630: UEFI Booting: Dan Collins wrote:
> When trying to boot using UEFI mode, installer hangs at 'Consoles: EFI Consoles'
>
> Using D... yon Liu
08:43 PM Revision aa8b282d: Add Spanish (Argentina) to the list of available languages: Renato Botelho
08:42 PM Revision 8504e131: Update translation files: Renato Botelho
08:39 PM Revision cb049de9: Regenerate pot: Renato Botelho
01:01 PM Bug #7634: When restoring from USB during install, if the config file contains RRD data, the final config.xml on the system will also contain all the RRD infomation: I had this with an XML 10MB in size.
If this cannot be fixed, please post a warning in the documentation (page linke... robi robi
12:59 PM Bug #7634 (Resolved): When restoring from USB during install, if the config file contains RRD data, the final config.xml on the system will also contain all the RRD infomation: When restoring from USB during install (according to https://doc.pfsense.org/index.php/Automatically_Restore_During_I... robi robi
12:32 PM Revision 8deb09d6: Fix DNS wildcard support for Loopia: Fix for the problem that wildcard CNAME records disappear from Loopia when doing a DNS update. As discussed here: htt... Martin Hagelin
12:32 PM Revision 407f0b85: Fix DNS wildcard support for Loopia: Fix for the problem that wildcard CNAME records disappear from Loopia when doing a DNS update. As discussed here: htt... Martin Hagelin
12:31 PM Revision 72b58bad: Merge pull request #3753 from martin67/master: Jim Pingle
07:38 AM Feature #7633 (Rejected): option to rearrange gateways under routing: Duplicate of #3370 - The GUI needs a mechanism for choosing default-eligible gateways and their order, reordering gat... Jim Pingle
02:59 AM Feature #7633 (Rejected): option to rearrange gateways under routing: according to default gateway switching option, it will do that based on the next gateway in the config which might be... Bipin Chandra
07:20 AM Bug #7400: Traffic Graphs show bad data on 2.3.3_1: In my the scale is so confused, follow the attached image, even doing a clean installation in a test vm.
It was quit... João Victor Mata
07:10 AM Revision 6db16398: Fix DNS wildcard support for Loopia: Fix for the problem that wildcard CNAME records disappear from Loopia when doing a DNS update. As discussed here: htt... Martin Hagelin

06/08/2017

08:12 PM Bug #7605: State Killing on Gateway Success: Another doubt about the same feature. On a multi-wan environment, is it possible to kill the states just of the fai... Michel Santello
07:26 PM Revision a550ca4e: Change the port list to use the pfSense FreeRADIUS 3.x package instead of freeradius3 directly.: Jim Pingle
06:48 PM pfSense Packages Bug #7617: OpenBGP not restarting on new WAN IP or firewall reload: I need to withdraw this report, assuming my assessment below is correct. Apologies for any effort wasted on this.
... Phil Biggs
04:44 PM Bug #4310: Limiters + HA results in hangs on secondary: Has this had any development recently?
This is the primary reason I can't use limiters in my HA setup, and the ass... Scott Rosenberg
03:21 PM pfSense Packages Bug #7632: CVE-2016-2107 in OpenSSL: Are you certain that your pfSense installation is current? We ran that same test against a 2.3.4 system with HAProxy ... Jim Pingle
02:45 PM pfSense Packages Bug #7632: CVE-2016-2107 in OpenSSL: Sorry, I follow what you are saying now!
The SSLLabs test still says that we are vulnerable when we test the site.... Adrian James
02:24 PM pfSense Packages Bug #7632: CVE-2016-2107 in OpenSSL: We have 2.3.4 in use, hosting a website with HAProxy TLS offload. SSLLabs confirms that it is vulnerable to Oracle P... Adrian James
08:12 AM pfSense Packages Bug #7632 (Rejected): CVE-2016-2107 in OpenSSL: FreeBSD patches OpenSSL in its own way, relying on the version number is not accurate to determine vulnerabilities.
... Jim Pingle
07:45 AM pfSense Packages Bug #7632 (Rejected): CVE-2016-2107 in OpenSSL: pfSense 2.3.4 uses OpenSSL 1.0.1s which is vulnerable to CVE-2016-2107 Oracle Padding attack. HAProxy TLS terminatio... Adrian James
01:10 PM Bug #7629: FreeBSD PR affecting pfsense: An update, I pulled the Freebsd-src from the repo and have actually now compiled the kernel patched and have it runni... Chris Collins
12:47 AM Bug #7629: FreeBSD PR affecting pfsense: another one and again turnstile_broadcast
db:0:kdb.enter.default> bt
Tracing pid 65385 tid 100750 td 0xfffff8001... Chris Collins
12:23 PM Revision f18475cb: Fix anchor tag location: Steve Beaver

06/07/2017

10:28 PM Bug #7604: Bug #6594 is not resolved: Waiting for Internet connection to update pkg metadata and finish package reinstallation: Just happened to me as well. Brand new SG-2440 from Netgate with 2.3.4 pre-installed. I restored a config from the ol... Oliver Hansen
09:37 PM pfSense Packages Feature #7631: Please allow static IPs be assigned from the DHCP range: For future readers:
And if you have a bit of address space that you want to use for static IPs in the middle of the ... Phillip Davis
02:33 PM pfSense Packages Feature #7631: Please allow static IPs be assigned from the DHCP range: Read the link, it's all explained there. Jim Pingle
02:21 PM pfSense Packages Feature #7631: Please allow static IPs be assigned from the DHCP range: why in the would all other vendors allow this and no pfSense? Yuri Weinstein
02:09 PM pfSense Packages Feature #7631 (Rejected): Please allow static IPs be assigned from the DHCP range: https://doc.pfsense.org/index.php/Why_can't_I_have_static_mappings_inside_my_DHCP_range Jim Pingle
02:04 PM pfSense Packages Feature #7631 (Rejected): Please allow static IPs be assigned from the DHCP range: Currently if a client was selected from the Leases table and a user wants to make an IP static pfSense forces it to b... Yuri Weinstein
03:38 PM Revision 88fbd229: Merge pull request #3750 from PiBa-NL/20170606-denyconfigwrite: Jim Pingle
11:23 AM pfSense Packages Bug #7630 (Needs Patch): UEFI Booting: When trying to boot using UEFI mode, installer hangs at 'Consoles: EFI Consoles'
Using Dell Optiplex 7010 or 9010 ... Dan Collins
10:35 AM Bug #7584 (Feedback): privileges abuse with page-diagnostics-dns: PR was merged Jim Pingle
09:47 AM Bug #6594: Package reinstallation post-config restore hangs if no Internet connectivity: I opened a new ticket for that problem, as the old one (this one) is closed
https://redmine.pfsense.org/issues/7604
... Marco Hofmann
09:39 AM Bug #6594: Package reinstallation post-config restore hangs if no Internet connectivity: Just happened to me as well. Brand new SG-2440 from Netgate with 2.3.4 pre-installed. I restored a config from the ol... Oliver Hansen

06/06/2017

09:52 PM Revision 6356e3e8: permissions, log when user tries to save the configuration but has the 'deny config write' permission: Pi Ba
07:57 PM Bug #7629: FreeBSD PR affecting pfsense: Affected version is 2.4 built on Wed Mar 15 18:17:17 CDT 2017
FreeBSD 11.0-RELEASE-p8 Chris Collins
07:56 PM Bug #7629 (Resolved): FreeBSD PR affecting pfsense: IS it possible to test the patch on a build of PFSense 2.4 which I am willing to test.
The patch is here
https:... Chris Collins
12:31 PM Revision 5e17c8e3: Change FreeRADIUS3 build options, previous build failed.: Jim Pingle
10:01 AM Bug #7628 (Not a Bug): The IP address must lie in the LAN subnet: Assigned openvpn interfaces do not work that way. You do not set an IP address on the interface like that, and they d... Jim Pingle
09:55 AM Bug #7628 (Not a Bug): The IP address must lie in the LAN subnet: Hello,
I found this was a problem one year ago:
https://redmine.pfsense.org/issues/5651
It however turns out... Hollander Hollander
07:38 AM Bug #7627 (Rejected): SG-1000 pfSense 2.4.0-BETA: Unbound domain overides with multiple DNS: Please post on the forum or mailing list to discuss configuration issues. There is no bug here.
You can define mul... Jim Pingle
07:28 AM Bug #7627 (Rejected): SG-1000 pfSense 2.4.0-BETA: Unbound domain overides with multiple DNS: Unbound domain overrides configuration does not allow multiple IP. d j

06/05/2017

11:39 PM Bug #6340: fsck hangs boot in background, fails to produce any action, resulting in broken firewall: I just wanted to add the following, as this was one of the #1 reasons I was nervous about using PFSense.
Before t... brennen smith
10:50 PM Feature #7626 (New): Add IPoE support for WAN: Many ISPs are moving away from PPPoE to IPoE for WAN connectivity. Please add IPoE native support for WAN connections.
Steven Perreau
08:44 PM Revision a8238357: Activate FreeRADIUS3 OS package for dev/testing (no GUI component yet): Jim Pingle
04:07 PM Revision 9fa31c24: dhcp-relay, replace the dhcprelay specific implementation of get_realinterface_for_destination() by the generic guess_interface_from_ip(): Pi Ba
03:24 PM Revision de147d3d: Add more checks to eliminate empty config tags in package settings. Fixes #7624: Jim Pingle
01:08 PM Bug #7601: Dynamic DNS - Hostname should not be required for DNS-O-Matic: Please see the attached trivial patch to make the hostname optional for DNS-O-Matic. Scott Reynolds
11:32 AM Bug #7625 (Resolved): When creating IPv6 firewall rule for single host, netmask improperly displays: When creating a firewall rule (I tested with a pass rule on WAN):
Address Family: IPv6
Source: Single Host or ali... Chris Linstruth
10:30 AM Bug #7624 (Feedback): Empty <config/> tags in package settings are still causing issues: Applied in changeset commit:de147d3d614c877df2022d85d37256a93047764c. Jim Pingle
10:10 AM Bug #7624 (Resolved): Empty <config/> tags in package settings are still causing issues: In some cases, packages can still end up with an empty @<config></config>@ or @<config/>@ tag which leads to problems... Jim Pingle
08:25 AM Feature #7623: Allow L2TP user passwords to contain special characters: The validation for L2TP user account passwords is the same as it has been since pfSense 2.0 when it was first added. ... Jim Pingle
08:16 AM Bug #7611 (Feedback): Diagnostics/Routes ipv6 ( netstat ), causes kernel panic: I can't seem to reproduce this as stated. I have a system with a GIF tunnel and I can disable/enable its WAN (it's a ... Jim Pingle
07:36 AM Bug #7615 (Rejected): User / Group Privileges for the "Status: Monitoring" page.: Maybe your user already has the privilege?
It's there on a normal install. It has to be specific to your installat... Jim Pingle
07:29 AM Bug #7612 (Rejected): No internet access through DHCP unless using static assigned address: Agreed. DHCP is not broken, at least in general. Post on the forum or mailing list for assistance.
If there is som... Jim Pingle

06/03/2017

10:55 AM Feature #7321: DynDNS - Add DreamHost DNS support: Any progress on this? I'd love to use it. Looking at the possibility of combining this with the acme and haproxy pack... Corey Boyle
09:51 AM Feature #7623 (Resolved): Allow L2TP user passwords to contain special characters: In older versions of pfSense, special characters (!@#$%^& etc) where allowed in passwords.
Since a while back this... Roland Giesler
07:31 AM Bug #7622 (Resolved): Don't include disabled ipsec phase2 entries on pf table vpn_networks: PF Table vpn_networks is populated with disabled Phase 2 entries.
This may lead to underperformance if
(a) You ha... Spike R.D.

06/02/2017

02:04 PM pfSense Packages Feature #7621: OpenVPN Client Export name whens is a windows installer have the same name its a bit confused: Fixing the sentence:
So, will be like that for Windows Vista, 64 bits: pfSense-udp-1194-prolinx-x64-win6-install.exe André Araujo
01:30 PM pfSense Packages Feature #7621 (Resolved): OpenVPN Client Export name whens is a windows installer have the same name its a bit confused: When you export a OpenVpn files it's not possible distinguished by the name file between win6, x86, x64, xp, etc.
... André Araujo
12:52 PM Bug #7620 (Resolved): State table cannot be displayed because lack of PHP memory: Please see [[https://forum.pfsense.org/index.php?topic=130797.0]]
@
Crash report begins. Anonymous machine infor... Luzemario Dantas

06/01/2017

06:19 PM Bug #7606: Using limiters and VLANs on Supermicro Xeon D boards crashes with kernel panic: I was able to capture the very beginning of the crash, see pic putzomatic none
05:46 PM Bug #7606: Using limiters and VLANs on Supermicro Xeon D boards crashes with kernel panic: I dont think I can provide a crash dump without swap on my build but here are some screencaps of the console once the... putzomatic none
01:32 PM Revision 7cdddd8b: Remove memorydisk support: Renato Botelho
01:15 PM Revision 067a2bdf: Improve comment: Steve Beaver
12:58 PM Revision de88f421: Use the section ID as an anchor so that hyperlinks can jump directly to that sectiom: e.g.: $section = new Form_Section("My section", "a_here");
then: https://firewall/system_somepage.php#a_here Steve Beaver
12:27 PM Bug #7619 (Closed): Enable Enhanced networking on AWS: https://svnweb.freebsd.org/base?view=revision&revision=293739
https://aws.amazon.com/ec2/instance-types/#enhanced_... Chris Macmahon
12:05 PM pfSense Packages Bug #7524: Squid MITM/SSL-Bump broken with Chrome due to missing SAN in generated certificates: Looks like the Squid developers are getting ready to push v3.5.26, which appears to have a fix for bug 4711:
http:... ryon m
09:32 AM pfSense Packages Bug #7524: Squid MITM/SSL-Bump broken with Chrome due to missing SAN in generated certificates: Patricio Stegmann wrote:
> I can confirm the bug in pfSense 2.3.4 and the fix on squid issue tracker at http://bugs.... Kill Bill
08:12 AM Feature #7618 (Resolved): Add support for user-supplied Host-Uniq tag and handle PADM messages in Netgraph PPPoE: Hi,
can this patch already working be added to pfSense to enable it to deal with custom Host-Uniq tags?
A new input... Uccio Papa

05/31/2017

08:39 PM pfSense Packages Bug #7617: OpenBGP not restarting on new WAN IP or firewall reload: Attaching some system and routing logs. Phil Biggs
06:55 PM pfSense Packages Bug #7617: OpenBGP not restarting on new WAN IP or firewall reload: A symptom of this is that a table maintained by OpenBGP is not updated after a WAN IP change or firewall reload.
S... Phil Biggs
06:07 PM pfSense Packages Bug #7617 (Closed): OpenBGP not restarting on new WAN IP or firewall reload: OpenBGP does not reload/restart with other packages when the WAN IP changes or the firewall rules are reloaded.
... Phil Biggs
04:49 PM Bug #7600: Unable to save DNS Resolver settings: There is validation of DNSBL after each feed is downloaded and parsed.
If you add the include line in /var/unbound/u... BBcan177 .
04:19 PM Bug #7600: Unable to save DNS Resolver settings: I can reproduce the issue. Load up an assload (technical term) of lists in the pfBlockerNG plugin in the DNSBL Feeds ... Jason Smith
02:53 PM Bug #7116: a floating 'match' rule on LAN does not put traffic from a broswer on a clientpc into a shaper queue: Suffering same, any plans this would get fixed soon because converting rules to a pass isn't feasible in my situation... Bipin Chandra
01:49 PM pfSense Packages Bug #7278: Suricata Service - Advanced Configuration Pass-Through not working: Hi all,
i just run into this bug as i was testing configs for an other feature i'm currently developing for suric... Julian Wecke
01:26 PM Bug #7611: Diagnostics/Routes ipv6 ( netstat ), causes kernel panic: For easiest reproduction ive found the following settings:
Gif interface with parent:wan ,gifremote: 4.4.4.4 ,gift... Pi Ba

05/30/2017

09:47 PM Bug #7615: User / Group Privileges for the "Status: Monitoring" page.: Well this is interesting.. The file /etc/inc/priv/pfSense-Status_Monitoring.priv.inc is there, but it doesn't show up... Landon Wubbels
08:24 PM Bug #7615: User / Group Privileges for the "Status: Monitoring" page.: It is there in the list for me, and works when I give it to a user.
Status monitoring is provided in pfSense like a ... Phillip Davis
11:40 AM Bug #7615 (Rejected): User / Group Privileges for the "Status: Monitoring" page.: I'm not sure if this is a bug or if it needs to be a feature request. I'm was just attempting to make a new pfsense u... Landon Wubbels
07:14 PM pfSense Packages Bug #7616 (Closed): Barnyard2 webui configuration updates result in ****** written to the config for the password: Any changes to the barnyard configuration page requires that you update the password as well, otherwise ****** is wri... Scott Zawalski
03:31 PM Bug #5413: Reduce disruptions when changing DNS records from DHCP leases in Unbound: Sadly, I've faced the same problem with Unbound. This issue forced me to use RAM disks. I hope there will be a fix in... Dmitriy K
06:42 AM Bug #5413: Reduce disruptions when changing DNS records from DHCP leases in Unbound: Hi all
I'm facing same issue on our pfSense boxes.
We're using unbound and configured dhcp server to update unb... Anonymous
11:23 AM Bug #7614 (Resolved): Port forwards where the destination is a network alias can create invalid refection rules if multiple subnets are in that alias.: For example if the chosen destination is 'WAN net' and there is a VIP on the WAN in the different subnet.
NAT refl... Steve Wheeler
10:44 AM Revision 3ca59456: Fix preg_match call without delimiter and also use preg_quote() to variable used in pattern: Renato Botelho
10:44 AM Revision 63cbb655: Fix preg_match call without delimiter and also use preg_quote() to variable used in pattern: Renato Botelho
05:32 AM pfSense Packages Bug #7613: quagga not starting after upgrade - initial boot: forgot to mention that quagga is mainly used to supply routes over openvpn site2site tunnels jeroen van breedam
03:47 AM pfSense Packages Bug #7613 (Closed): quagga not starting after upgrade - initial boot: initial boot after upgrade:
* quagga not started, it is upgraded/installed
* service can be started manually by GU... jeroen van breedam

05/29/2017

10:01 PM Bug #7612: No internet access through DHCP unless using static assigned address: DHCP is not broken in 2.4. There must be another issue in play. Please take this to the forum and post specifics ther... Chris Linstruth
09:46 PM Bug #7612 (Rejected): No internet access through DHCP unless using static assigned address: Currently running 2.4.0-BETA (amd64) built on Mon May 29 17:12:34 CDT 2017
This issue has persisted since updatin... Brad Endsley
07:06 PM Bug #7611 (Not a Bug): Diagnostics/Routes ipv6 ( netstat ), causes kernel panic: Diagnostics/Routes ipv6 ( netstat ), causes kernel panic
Several crashdumps uploaded past few hours.. (my ip ends ... Pi Ba
06:20 PM Revision ce5e2867: Don't create system notices for errors in user-entered ad-hoc PHP (diag_command.php): (cherry picked from commit ff4e29fb9d048162f0d4d28b0c3e818ed2c1fd8e) Stilez y
06:20 PM Revision 39dc4fc5: Various updates to PR: 1) convert echo to print, and add infobox, as requested in PR comments
2) If no identifiable line number, say so
3) E... Stilez y
06:20 PM Revision ad6be377: create global for user code dir, in diag_command.php: Going to try and stop user code generating notices, by putting it in a specific dir which doesn't give notices for sy... Stilez y
06:20 PM Revision 6be84d7f: add comment: (cherry picked from commit d2d58d6ad1b32e0ccce094bfd247547f353e38ba) Stilez y
06:20 PM Revision 1ca0f7f7: typo: (cherry picked from commit 4711322b4a6ecedba6a4a11c1f7f04ef8427b46e) Stilez y
06:20 PM Revision 5c1fea17: If user-entered PHP errors out, display the error line in context to help the user: If the user enters PHP in the command-line page, and it errors out, it's usually a typo or something minor. But the u... Stilez y
06:20 PM Revision 7c2ca154: Merge pull request #3740 from stilez/patch-59: Renato Botelho
06:20 PM Revision b4ff414a: Removed htmlspecialchars when loading leases from config: (cherry picked from commit 2322e9f3cb6dea9203d63a17c6a27de3a2c6b8bc) Yoann Lecuyer
06:19 PM Revision d4d9aa66: Merge pull request #3731 from ylecuyer/ylecuyer-patch-1: Renato Botelho
05:50 PM pfSense Packages Bug #7610: Squid use all memory ram.: I did the update to pfsense 2.3.4 with new verion of squid, but still have the problem, memory used by squid only gro... Rodrigo Rafael
02:30 PM pfSense Packages Bug #7610: Squid use all memory ram.: I am using Pfsense version
2.3.3-RELEASE (amd64)
built on Thu Feb 16 06:59:53 CST 2017
FreeBSD 10.3-RELEASE-p... Rodrigo Rafael
02:27 PM pfSense Packages Bug #7610 (Closed): Squid use all memory ram.: We have this forum https://forum.pfsense.org/index.php?topic=126309.0, and i have the same version of the problem on ... Rodrigo Rafael
11:28 AM Revision 1ab06215: Update translation files: Renato Botelho
11:25 AM Revision 766084d3: Regenerate pot: Renato Botelho
09:35 AM Bug #7609 (Resolved): NTP Status not parsing all NTP Access Restrictions preventing status display when it is actually allowed: Status/NTP displays "Statistics unavailable because ntpq and ntpdc queries are disabled in the NTP service settings",... Jed Clear
12:00 AM Revision 06d8454b: dhcp-relay, combine clean and fix code for destination interface discovery: Pi Ba

05/28/2017

02:16 PM Feature #7383: system_certmanager.php?act=new: Add new select option to sign a CSR: Build 2.4.0.b.20170527.2111
External generated CSR failed with
The following input errors were detected:
•This s... Larry Westfall
01:43 PM Revision 8452bfc2: Code cleanup, and add an info message under widget list: Minor code cleanup/simplifying. Also many pages have their settings in their built-in settings panel, so the fact tha... Stilez y
09:08 AM pfSense Packages Feature #7608: Captive Portal amount of traffic Account + Free Radius+Mysql: It is up to the RADIUS server/database to count traffic and decide when to cut the user off, not Captive Portal. Capt... Jim Pingle
01:47 AM pfSense Packages Feature #7608 (New): Captive Portal amount of traffic Account + Free Radius+Mysql: limitation on amount of traffic does not work when used CP and Free Radiusand and Mysql to gether
It seams... mohsen abbaspour

05/27/2017

07:05 PM Bug #7607: Chelsio T4/T5 CXGBE drivers not loaded as ALTq capable in the PfSense UI: Also tested on 2.3.4 non-functional Justin Smith
06:53 PM Bug #7607 (Resolved): Chelsio T4/T5 CXGBE drivers not loaded as ALTq capable in the PfSense UI: ( Please reference https://redmine.pfsense.org/issues/6830 ) Information below duplicated from this ticket. Testing e... Justin Smith
06:45 PM Bug #6830: Chelsio T4/T5 CXGBE drivers not loaded as ALTq capable in the PfSense UI: Using Chelsio T4 on;
2.4.0-BETA (amd64)
built on Fri May 26 19:15:04 CDT 2017
FreeBSD 11.0-RELEASE-p10
This ... Justin Smith
01:14 PM Revision ff4e29fb: Don't create system notices for errors in user-entered ad-hoc PHP (diag_command.php): Stilez y
12:49 PM Revision 1155cd63: Various updates to PR: 1) convert echo to print, and add infobox, as requested in PR comments
2) If no identifiable line number, say so
3) E... Stilez y
12:44 PM Revision 8d80a771: create global for user code dir, in diag_command.php: Going to try and stop user code generating notices, by putting it in a specific dir which doesn't give notices for sy... Stilez y

05/26/2017

07:03 PM pfSense Packages Bug #7555: Snort settings show translation metadata when creating a new interface that is not yet defined: Jim Pingle wrote:
> You might consider changing "None" to "New Interface" or something like that as otherwise the ta... Bill Meeks
03:45 PM pfSense Packages Bug #7555: Snort settings show translation metadata when creating a new interface that is not yet defined: You might consider changing "None" to "New Interface" or something like that as otherwise the tab names could be conf... Jim Pingle
03:44 PM pfSense Packages Bug #7555 (Resolved): Snort settings show translation metadata when creating a new interface that is not yet defined: This is working in the current package. Thanks! Jim Pingle
02:56 PM Revision afe8afac: auth_check, faster authentication check while automatically refreshing diag_routes: (cherry picked from commit 60ba7c7642036deb1001f1862e5c19d465fbdf74) Pi Ba
02:55 PM Revision 183c713b: auth_check, move the cmp_page_matches() to its own file so it can be shared by both auth_check.inc and priv.inc: (cherry picked from commit ddd54e83f28d324a14a13f3f75564e5b53d53c8c) Pi Ba
02:55 PM Revision a4c64e37: auth_check lowers cpu usage for checking if the user has permission for the page requested when used in place of guiconfig, especially useful for frequent requests like those made by stats and traffic widgets: (cherry picked from commit c07071cbcadd1c9de9951d9ba497b73752ee52cc) Pi Ba
02:55 PM Revision 2c8c8578: Merge pull request #3728 from PiBa-NL/20170511-fastauth: Renato Botelho
02:54 PM Revision 2c4865e3: Add missing break for cloudflare case: (cherry picked from commit d900381c9384676462c91c0b2e7e59ec42723237) Phillip Davis
02:54 PM Revision 543ea703: Integrate various cloudflare changes: (cherry picked from commit 5ce6ce4b1ad850e70d5a2fe218317b1a1b545907) Phillip Davis
02:54 PM Revision 8b8fb93d: Merge pull request #3717 from phil-davis/patch-11: Renato Botelho
02:51 PM Revision c2856a97: Enable iprange build: Renato Botelho
01:57 PM Bug #7606: Using limiters and VLANs on Supermicro Xeon D boards crashes with kernel panic: Installed:
pfSense-CE-2.4.0-BETA-amd64-20170526-0955.iso
Installed on 500GB hard drive. Swap exists.
Proble... Collateral Fortune
01:25 PM Bug #7606: Using limiters and VLANs on Supermicro Xeon D boards crashes with kernel panic: Sorry not sure if this is right place for this but this issue seems almost identical to what I am experiencing on 2.4... putzomatic none
12:43 PM Bug #7606 (Feedback): Using limiters and VLANs on Supermicro Xeon D boards crashes with kernel panic: Please test against a 2.4 snapshot. Attach crash dump data here as well, as the report has very little use without it... Jim Pingle
12:38 PM Bug #7606 (Resolved): Using limiters and VLANs on Supermicro Xeon D boards crashes with kernel panic: Confirmed on three different Supermicro Xeon D boards, 1508/1518/1521. With the similarities between these boards t... Collateral Fortune
07:17 AM Bug #7605 (Duplicate): State Killing on Gateway Success: Hi,
We have the option that the firewall can kill states on gateway failure. This is great in multi-wan environnem... Julien REVERT
04:23 AM Feature #7598: Static IPv6 using IPv4 PPPoE as parent interface: OK, here's a patch to try. The patch is against today's snapshot.
You'll have a new option when selecting a v6 sta... Martin Wasley
03:42 AM Bug #7604 (Resolved): Bug #6594 is not resolved: Waiting for Internet connection to update pkg metadata and finish package reinstallation: I reference Bug #6594 - https://redmine.pfsense.org/issues/6594#change-32802
I left a comment there, but the bug i... Marco Hofmann

05/25/2017

09:38 PM pfSense Packages Bug #7555: Snort settings show translation metadata when creating a new interface that is not yet defined: This is fixed in Snort GUI package version 3.2.9.3. The value is checked, and if NULL, the string "None" is substitu... Bill Meeks
08:14 PM Revision 0895c1bd: Activate bandwidthd: Jim Pingle
04:58 PM Revision 597aef5f: Enable aws-sdk-php build: Renato Botelho
04:58 PM Revision d8f58b4f: Enable aws-sdk-php build: Renato Botelho
04:58 PM Revision c57f66ff: Enable aws-sdk-php build: Renato Botelho
01:00 PM Revision d138398d: Activate bandwidthd for testing: Jim Pingle
07:17 AM Bug #6461 (Duplicate): firewall rules lose limiter association when limiter renamed: Duplicate of #3924 Jim Pingle
07:17 AM Bug #7603 (Duplicate): firewall rule looses limiter refrence when limiter name changed: Duplicate of #3924 Jim Pingle
07:09 AM Bug #7603 (Duplicate): firewall rule looses limiter refrence when limiter name changed: suppose u have a firewall rule with up and down limiters set, then when u goto edit the limiter name, the rule looses... Bipin Chandra
04:11 AM Revision d2d58d6a: add comment: Stilez y
04:08 AM Revision 4711322b: typo: Stilez y
02:22 AM Feature #7598: Static IPv6 using IPv4 PPPoE as parent interface: I'll post here when I have patches to test. Next week sometime, I have to do some real work for a few days. :) Martin Wasley
01:12 AM Feature #7602 (New): Auto-Create bootable USB for recovery: Option to insert a blank USB drive, and create a bootable recovery image on the device.
Possible options to save i... Paighton Bisconer
12:42 AM Bug #7601 (Resolved): Dynamic DNS - Hostname should not be required for DNS-O-Matic: Background: DNS-O-Matic allows updates to be sent without a hostname or service specified, in which case all services... Scott Reynolds
12:33 AM Revision d900381c: Add missing break for cloudflare case: Phillip Davis

05/24/2017

04:44 PM Revision f94873b8: Enable iprange build: Renato Botelho
04:43 PM Revision 66916861: Enable iprange build: Renato Botelho
01:36 PM Revision 90f3f556: Activate bandwidthd for testing: Jim Pingle
08:26 AM Bug #7600 (Feedback): Unable to save DNS Resolver settings: I can't replicate this as stated. There must be some missing detail to reliably replicate it. Please discuss it furth... Jim Pingle
06:39 AM Revision fd1bd705: If user-entered PHP errors out, display the error line in context to help the user: If the user enters PHP in the command-line page, and it errors out, it's usually a typo or something minor. But the u... Stilez y
01:23 AM Feature #7598: Static IPv6 using IPv4 PPPoE as parent interface: Pretty please :)
I have the same dpinger problem :) Greg M

05/23/2017

10:05 PM Bug #7552 (Rejected): IPFW crashes on load or unload of modules: Jim Pingle
06:58 PM Bug #7552: IPFW crashes on load or unload of modules: Please close this, seems I made a mistake on how to employ our version of Captive portal, and thought the kldunload o... Anthony Hernandez
07:04 PM Revision 7b084fd3: SG-23* serial number is igb0 mac address: Renato Botelho
07:04 PM Bug #7600 (Closed): Unable to save DNS Resolver settings: https://forum.pfsense.org/index.php?topic=118226.15
I was about to respond to this, currently happening on a 2.3.4... Anthony Hernandez
04:59 PM Revision 62174481: Merge pull request #3739 from PiBa-NL/20170521-js-versioning: Renato Botelho
04:59 PM Revision 2e294992: Diag DNS disable Add Alias button when host field is changed: (cherry picked from commit 45eafdbd7b958bd4f9459d90a6a63ff8202eec3b) Phillip Davis
04:59 PM Revision f8ba7256: Merge pull request #3737 from phil-davis/diag-dns-hide-add-alias-button: Renato Botelho
04:57 PM Revision 12ca33f4: Remove stray debug-code (/tmp/script): (cherry picked from commit a29361a2d94eed754255e75d63d511e7889d6c9f) Lorenz Schori
04:57 PM Revision 2470b276: Merge pull request #3729 from znerol/bug/master/tmp-script: Renato Botelho
04:55 PM Revision fbac0f19: Merge pull request #3715 from phil-davis/if-stats-widget-settings: Renato Botelho
04:55 PM Revision 3af287f3: virtualips, ability to sort the table: (cherry picked from commit 77c53e65fb7d4f40baec5c01a796a637c9cc5034) Pi Ba
04:54 PM Revision d6b030d7: Merge pull request #3730 from PiBa-NL/20170517-sort-virtualips: Renato Botelho
04:54 PM Revision 4c4504b1: Make consistent rule information section: (cherry picked from commit f0dc8b688c2b7d973bc18769579ee8cc6d3d2dad) Phillip Davis
04:54 PM Revision 6e0474ed: Merge pull request #3732 from phil-davis/rule-created-updated: Renato Botelho
04:52 PM Revision 7c4cfa35: Add download button/function directly on status.php to ease confusion.: (cherry picked from commit f7a72733f8c482e230e0042a6c65f4935a2b723a)
(cherry picked from commit b44ee60da886ae7eb7862... Jim Pingle
04:52 PM Revision b44ee60d: Add download button/function directly on status.php to ease confusion.: (cherry picked from commit f7a72733f8c482e230e0042a6c65f4935a2b723a) Jim Pingle
04:51 PM Revision f7a72733: Add download button/function directly on status.php to ease confusion.: Jim Pingle
04:42 PM Revision eb65e543: pkg_edit, fix empty config tag check: (cherry picked from commit 6bf2a65086f7664c870a9565b70c39655c2a3dcf) Pi Ba
04:42 PM Revision 977d48d2: Merge pull request #3733 from PiBa-NL/20170520-pkgedit-shiftemptyelement: Renato Botelho
04:41 PM Revision e78a436c: Diag DNS fix update alias button text after add alias: 1) Lookup a name with Diag DNS
2) Press "Add Alias"
The alias is added, but the button still says "Add Alias".
Actua... Phillip Davis
04:41 PM Revision d6f6e63d: Merge pull request #3734 from phil-davis/patch-1: Renato Botelho
04:41 PM Revision f54a3ede: Diag DNS do not show Add Alias if no priv to add alais: (cherry picked from commit 7fcccc8f09afd7f4a524ff598b43e15d678905eb) Phillip Davis
04:40 PM Revision 5175d2d8: Merge pull request #3735 from phil-davis/dns-lookup-add-alias: Renato Botelho
04:40 PM Revision 14e90f2e: Diag DNS do not create an empty alias if name does not resolve: (cherry picked from commit f445385114c43cb46b8188a7cea425648f7647f2) Phillip Davis
04:39 PM Revision 8c102a4b: Merge pull request #3736 from phil-davis/diag-dns-change-host-add-alias: Renato Botelho
04:13 PM Revision 81de04ae: Add NGID to status.php: (cherry picked from commit fcc24426ab16b02ffc77bc7c9ee040d76dd987a2)
(cherry picked from commit 2e7f67b274960210ef2d6... Jim Pingle
04:13 PM Revision 2e7f67b2: Add NGID to status.php: (cherry picked from commit fcc24426ab16b02ffc77bc7c9ee040d76dd987a2) Jim Pingle
04:12 PM Revision fcc24426: Add NGID to status.php: Jim Pingle
02:10 PM Bug #7599 (Closed): System->Update unavailable in WebGUI after connection failure during update: Using the WebGUI to update pfsense from 2.3.3_1 to 2.3.4.
During the update process (downloading packages) the netwo... Robert Bear
01:17 PM Revision b0572bad: Add Bosnian to GUI since it's over 75% translated: Renato Botelho
01:10 PM Revision 7eee170c: Update translation files: Renato Botelho
01:02 PM Revision cd4fd16b: Regenerate pot: Renato Botelho
11:56 AM Bug #7501 (Feedback): Interfaces statistics widget GUI + JSON (2 issues): PR has been merged, thanks! Renato Botelho
11:46 AM Feature #7598 (Resolved): Static IPv6 using IPv4 PPPoE as parent interface: A strange requirement has come up. When selecting to use Static IPV6 it's not possible to specify using the PPPoE int... Martin Wasley
09:46 AM Feature #4821: PPPoE WANs do not take full advantage of NIC driver queues for receiving traffic: I'm using the nightly builds (2.4.0.b.20170522.1522 as of right now). I also use gigabit fiber over PPPoE, so I'm ha... Scott Baugher
08:52 AM Feature #4923: Add LDAP support for RFC2307 style group membership: This bug is old, and resolved. It works perfectly, and I use it every day. If you have an issue it is different than ... Jim Pingle
07:10 AM Feature #4923: Add LDAP support for RFC2307 style group membership: This is not a support system. For help, please post on the forum, mailing list, or use another support method. Jim Pingle

05/22/2017

11:33 PM pfSense Packages Bug #7595: suricata custom SID Mgmt configuration missing after full system restore: Appreciate the response, Bill.
It would be good to have an API where packages can mark files/directories for backu... John Silva
09:53 PM pfSense Packages Bug #7595: suricata custom SID Mgmt configuration missing after full system restore: This is admittedly not optimal, but it is by design (by default). This is because all of the firewall configuration ... Bill Meeks
10:00 PM pfSense Packages Bug #7578: Suricata -- Removing Hosts from Block Table via Alerts: I have added this bug report to my list of TODO bug fixes for the next Suricata update.
Bill Bill Meeks
09:04 PM pfSense Packages Bug #7524: Squid MITM/SSL-Bump broken with Chrome due to missing SAN in generated certificates: Kill Bill wrote:
> Upstream bug: http://bugs.squid-cache.org/show_bug.cgi?id=4711
>
> Also, there were multiple o... Patricio Stegmann
08:18 PM Revision ce2d9c6e: Fix links to CP MAC management page so they include the zone name. Fixes #7591: Jim Pingle
08:10 PM Revision d80812af: Select "No Authentication" for a portal zone by default, since it is the default behavior, but the GUI requires a value to be set. Fixes #7591: Jim Pingle
07:53 PM Revision bc07c192: Fix options text/display for IPv4 DNS and Verify SSL on DynDNS clients. Fixes #7588: Jim Pingle
07:42 PM Revision 2c1a08a8: Standardize privilege page and sorting between users and groups. Fixes #7587: Jim Pingle
07:34 PM Revision 8abe8272: Add username to display when adding user privileges. Fixes #7586: Jim Pingle
07:29 PM Revision fc1913fe: Provide a useful error message to the user when there is no private CA with which to create a new user certificate. Fixes #7585: Jim Pingle
06:48 PM Revision ec0736af: Fix path to old pftop file in obsolete list. Fixes #7581: Jim Pingle
06:43 PM Revision c07a2b86: Do not offer the 'peak' and 'rate' views for pftop since they only work in interactive mode with cached data, not batch mode like the GUI uses. Fixes #7580: Jim Pingle
06:38 PM Revision 9cf0609b: Remove "size" option from pftop as it does nothing. The "bytes" option is the correct one to use. Fixes #7579: Jim Pingle
06:16 PM Revision 7120ef41: In the OpenVPN wizard, if the user chooses a different auth server type, clear out stored settings so the wizard does not pre-fill bad info. Fixes #7569: Jim Pingle
05:35 PM Revision 919a0f4a: The logic for resolv-retry infinite was always setting it in client mode no matter what the GUI option wanted. Remove the GUI option and clean up the logic so it isn't duplicated. Fixes #7572: Jim Pingle
05:25 PM Revision 473f7ec4: Clarify address assignment behavior in the Tunnel Network fields for openvpn clients and servers. Fixes #7573: Jim Pingle
05:11 PM Revision 85d564f0: Fix help text for route_no_exec. Issue #7575: Jim Pingle
04:35 PM Revision 39fed386: Fix OpenVPN server port validation to disallow "0". 0 is still OK for client port, which is the same meaning as blank/empty. Fixes #7565: Jim Pingle
04:24 PM Revision bc3669e4: Remove references to unused "Address Pool" setting. The address behavior is now determined by the mode, and has been for years. Fixes #7567: Jim Pingle
04:15 PM Revision d44942d3: Remove refs to defunct OpenVPN client manager port. Fixes #7568: Jim Pingle
03:57 PM Revision 0116009a: Fix L2TP section log shortcut. Fixes #7564: Jim Pingle
03:50 PM Revision 5de4b046: Disable internal L2TP users when activating RADIUS, to follow the behavior stated in the GUI. Fixes #7561: Jim Pingle
03:41 PM Revision 11a3e413: Improve L2TP Server DNS input validation. Fixes #7560: Jim Pingle
03:31 PM Revision 45b5afa4: Remove unused WINS code for L2TP. Fixes #7559: Jim Pingle
03:30 PM Bug #7591 (Feedback): services_captiveportal.php suggest default auth_method, and old links: Applied in changeset commit:d80812af5dafe616e7ea33b3a7ea12413c87bdf4. Jim Pingle
03:19 PM Bug #7591 (Assigned): services_captiveportal.php suggest default auth_method, and old links: Jim Pingle
03:02 PM Feature #7596 (Rejected): Ting Config: The mobile provider list is pulled from the FreeBSD port net/mobile-broadband-provider-info/ which in turn gets the l... Jim Pingle
03:00 PM Bug #7588 (Feedback): missing label for form in services_dyndns_edit: Applied in changeset commit:bc07c19263afbb43b4e1f8a3ad318a0d6e7ff6fb. Jim Pingle
02:54 PM Bug #7588 (Assigned): missing label for form in services_dyndns_edit: Jim Pingle
02:58 PM Bug #7584: privileges abuse with page-diagnostics-dns: The fix in the PR Looks good to me. Jim Pingle
02:50 PM Todo #7587 (Feedback): sort system_groupmanager_addprivs privileges: Applied in changeset commit:2c1a08a8a30bb4cd0476af5b45ea25ba0a859af4. Jim Pingle
02:43 PM Todo #7587 (Assigned): sort system_groupmanager_addprivs privileges: Jim Pingle
02:50 PM Todo #7586 (Feedback): system_usermanager_addprivs show user name: Applied in changeset commit:8abe82728750782f4adebf8d4336570402a5583d. Jim Pingle
02:34 PM Todo #7586 (Assigned): system_usermanager_addprivs show user name: Jim Pingle
02:40 PM Bug #7585 (Feedback): system_usermanager.php showcert does nothing: Applied in changeset commit:fc1913fef29fbc7f90e8e2fe9374b761411f09ae. Jim Pingle
02:29 PM Bug #7585 (Assigned): system_usermanager.php showcert does nothing: It will not show anything meaningful unless the firewall has a CA with which it can create/sign user certificates.
... Jim Pingle
02:00 PM Bug #7581 (Feedback): etc/pfSense.obsoletedfiles wrong path for diag_system_pftop.php: Applied in changeset commit:ec0736af255a8c2b3f158156ef00845ca3c6c4d9. Jim Pingle
01:47 PM Bug #7581 (Assigned): etc/pfSense.obsoletedfiles wrong path for diag_system_pftop.php: Jim Pingle
01:59 PM Bug #7583 (Needs Patch): pkg_mgr confusing versions: There isn't enough room in the column headers to label our internal version number "pfSense pkg version" without badl... Jim Pingle
01:50 PM Todo #7582 (Rejected): diag_dump_states and non-existent IP: You can also filter for a subnet and kill by that, but it also shows no states. It may not be intuitive, but it's a v... Jim Pingle
01:50 PM Bug #7580 (Feedback): pftop impossible options in web gui: Applied in changeset commit:c07a2b866b0d7b9b4fa8a2899e4a20562f9f2f24. Jim Pingle
01:44 PM Bug #7580 (Assigned): pftop impossible options in web gui: Jim Pingle
01:50 PM Bug #7579 (Feedback): pftop size sort is same as none: Applied in changeset commit:9cf0609b8b8c8f3104326d883f3d0fac9359a896. Jim Pingle
01:44 PM Bug #7579: pftop size sort is same as none: FYI- The man page is wrong on this, then. It appears we originally included it since the man page listed it among the... Jim Pingle
01:38 PM Bug #7579 (Assigned): pftop size sort is same as none: Jim Pingle
01:33 PM Todo #7577 (Resolved): growl and notification suggestions: Already has a fix merged on 2.4 so the buttons use the new settings:
https://github.com/pfsense/pfsense/pull/3691 Jim Pingle
01:31 PM Todo #7576 (Needs Patch): invalid sysctl tunables: I'm not certain there is a good way to do this in a way that wouldn't break other, valid behavior. Working with sysct... Jim Pingle
01:30 PM Bug #7569 (Feedback): openvpn wizard reused settings cause wrong defaults: Applied in changeset commit:7120ef411c122e67f6585be13fb89daa9df9a152. Jim Pingle
01:16 PM Bug #7569 (Assigned): openvpn wizard reused settings cause wrong defaults: Jim Pingle
01:18 PM Bug #7570 (Feedback): openvpn_wizard old error message: How did you skip creating a certificate? I can't reproduce this error message or condition.
Need more precise inst... Jim Pingle
12:50 PM Bug #7572 (Feedback): openvpn client resolv-retry infinite issues: Applied in changeset commit:919a0f4a4b8ec00693811d3bfb8cdbc05802da30. Jim Pingle
12:39 PM Bug #7572 (Assigned): openvpn client resolv-retry infinite issues: Looks like we can remove it since it's been forced on for clients for some time now (~3 years). Jim Pingle
12:40 PM Todo #7573 (Feedback): openvpn tunnel networks and "second network address will be assigned": Applied in changeset commit:473f7ec48f7510a60ade574ef32b09f4abaa6b9a. Jim Pingle
12:25 PM Todo #7573 (Assigned): openvpn tunnel networks and "second network address will be assigned": Jim Pingle
12:12 PM Bug #7575 (Resolved): openvpn client and --route-up: Yes, it works. route-noexec in OpenVPN tells it not to run the Operating System executable to install routes (e.g. /s... Jim Pingle
12:07 PM Bug #7574 (Rejected): openvpn ifconfig using IP instead of subnet mask: It's not that cut and dried.
Point-to-Point modes still use "IP1 IP2" style, which includes Shared Key, SSL/TLS wi... Jim Pingle
12:02 PM Bug #7571 (Rejected): openvpn client shortcut wrongly points to "server" configuration: That's a quirk of how the shortcut system works. The "related settings" link is filled in to the "main" page for a se... Jim Pingle
11:50 AM Bug #7565 (Feedback): openvpn and port 0: Applied in changeset commit:39fed386534d3e7dc6fc248cc6cdf831cf422000. Jim Pingle
11:36 AM Bug #7565 (Assigned): openvpn and port 0: Server shouldn't allow 0, but for clients, 0 is the same as blank/empty so that's OK. Needs to reflect the proper ran... Jim Pingle
11:30 AM Bug #7567 (Feedback): unused openvpn address pool setting?: Applied in changeset commit:bc3669e4e88cb75eb987ee073a5360f4a69b10b1. Jim Pingle
11:20 AM Bug #7567 (Assigned): unused openvpn address pool setting?: The setting isn't required, the backend behavior is determined by the mode now. Safe to remove. Jim Pingle
11:30 AM Bug #7568 (Feedback): unused openvpn client_mgmt_port ?: Applied in changeset commit:d44942d3477c609e37794dc31c36fcd5c4435fbb. Jim Pingle
11:20 AM Bug #7568: unused openvpn client_mgmt_port ?: Indeed, in "the olden days" we had to run OpenVPN Manager on a Windows client so that unpriv users could use it to st... Phillip Davis
11:15 AM Bug #7568 (Assigned): unused openvpn client_mgmt_port ?: It was a part of the OpenVPN Client Export package that was used with the OpenVPNManager add-on. That add-on has been... Jim Pingle
11:28 AM Bug #7566 (Rejected): need more dh-parameters files or generate it: On 2.4 the GUI only shows options for files that exist. Click the "i" on the text for the setting and follow the link... Jim Pingle
11:10 AM Bug #7564 (Feedback): l2tp broken logging shortut: Applied in changeset commit:0116009a07f7f0f8c25e4306485102b5432676f4. Jim Pingle
10:57 AM Bug #7564 (Assigned): l2tp broken logging shortut: Jim Pingle
11:10 AM Bug #7561 (Feedback): l2tp turn off local user database: Applied in changeset commit:5de4b0463871c9077850ab81ea506d5d5a892439. Jim Pingle
10:49 AM Bug #7561 (Assigned): l2tp turn off local user database: Jim Pingle
11:10 AM Todo #7560 (Feedback): vpn_l2tp.php dns checks: Applied in changeset commit:11a3e413225b3719c6424b74ed7103f91852ac62. Jim Pingle
10:40 AM Todo #7560 (Assigned): vpn_l2tp.php dns checks: Jim Pingle
11:10 AM Bug #7559 (Feedback): l2tp wins unused code: Applied in changeset commit:45b5afa4f4dd978ed9adbd1c0673bca5c861d8b5. Jim Pingle
10:32 AM Bug #7559 (Assigned): l2tp wins unused code: Jim Pingle
04:21 AM Bug #7597 (Duplicate): DynDNS fail to update after connection lose: Hi,
i experienced some problem with DynDNS update.
When the gateway is down (connection lost) and then come b... Alessandro Mannini

05/21/2017

09:54 PM Revision 60ba7c76: auth_check, faster authentication check while automatically refreshing diag_routes: Pi Ba
09:44 PM Revision d8837d57: webgui, load .js files with ?v=mtime version to prevent using old scripts after updating: Pi Ba
09:38 PM Revision b920ef36: NAT-1on1, don't write pf rules with wrong or missing from/to information: Pi Ba
08:22 PM Feature #7596 (Rejected): Ting Config: When setting up a PPP, it would be great to get Ting as an option for a provider. Thanks. Peter Dennert
07:07 PM pfSense Packages Bug #6603: pfblockerng's Unbound modifications leave system broken post-config restore: Ran into this issue today building a new 2.4 snapshot machine.
Is there any reason that /var/unbound/conf.d isn't ... John Silva
07:01 PM pfSense Packages Bug #7595: suricata custom SID Mgmt configuration missing after full system restore: Sorry, should have filed this under pfSense-Packages. John Silva
07:00 PM pfSense Packages Bug #7595 (Not a Bug): suricata custom SID Mgmt configuration missing after full system restore: Decided to try 2.4 today. I first tried building a new ZFS VM and attempted to restore my config to a clean system. ... John Silva
06:48 PM Bug #7594 (Resolved): "vtnet: driver does not support altq" following upgrade to 2.4 (worked in pfSense 2.3): Decided to try 2.4 today so I upgraded a clone of my 2.3.5 snapshot firewall. The upgrade went reasonably well, exce... John Silva
01:14 PM Feature #7593 (Rejected): Enable FreeBSD 11 pvclock module in 2.4 builds: FreeBSD brings the pvclock module. According to https://lists.freebsd.org/pipermail/freebsd-arch/2015-January/016587.... Markus Stockhausen
10:06 AM Bug #7592: SG-1000: Unbound not always restarting properly after changes in /etc/hosts: I just noticed I overlooked a part after rewording the issue:
"Those cases" on line 2 refers to the successfull on... Manuel Frischknecht
10:02 AM Bug #7592 (Resolved): SG-1000: Unbound not always restarting properly after changes in /etc/hosts: I'm observing an issue on my SG-1000 (came preloaded with 2.4b, currently running v. 2.4.0.b.20170430.0444) which cau... Manuel Frischknecht
04:44 AM Revision 45eafdbd: Diag DNS disable Add Alias button when host field is changed: Phillip Davis
04:04 AM Revision f4453851: Diag DNS do not create an empty alias if name does not resolve: Phillip Davis
03:22 AM Revision 7fcccc8f: Diag DNS do not show Add Alias if no priv to add alais: Phillip Davis
03:15 AM Revision 474b2756: Diag DNS fix update alias button text after add alias: 1) Lookup a name with Diag DNS
2) Press "Add Alias"
The alias is added, but the button still says "Add Alias".
Actua... Phillip Davis

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

06/19/2017

06/17/2017

06/16/2017

06/15/2017

06/14/2017

06/13/2017

06/12/2017

06/11/2017

06/10/2017

06/09/2017

06/08/2017

06/07/2017

06/06/2017

06/05/2017

06/03/2017

06/02/2017

06/01/2017

05/31/2017

05/30/2017

05/29/2017

05/28/2017

05/27/2017

05/26/2017

05/25/2017

05/24/2017

05/23/2017

05/22/2017

05/21/2017