Project

General

Profile

Activity

From 06/08/2017 to 07/07/2017

07/07/2017

03:46 PM Bug #7206 (Resolved): Authentication Method Used in Bug 6751 Removed by Amazon
PR was merged months ago, no recent complaints. Should be OK.
https://github.com/pfsense/pfsense/pull/3608 Jim Pingle
03:45 PM Bug #7213: Hyper-V install, no disk found
That's something that will need to be addressed by FreeBSD. If it's fixed in 11-STABLE, perhaps our next release afte... Jim Pingle
03:20 PM Bug #4696 (Not a Bug): OpenVPN Status / Client List
No additional confirmation or responses in several years/versions, and it wasn't clear it was ever a problem to begin... Jim Pingle
03:18 PM Bug #7446 (Resolved): RFC2136 Dynamic DNS needs local directive so updates are sourced correctly
Jim Pingle
03:14 PM pfSense Packages Bug #7263 (Resolved): FreeRADIUS - complete lack of input validation
Seems to be good. Jim Pingle
03:13 PM Bug #6967 (Resolved): DH Groups 22, 23, 24 missing from Phase 2 selection GUI
Jim Pingle
03:12 PM Bug #7295 (Resolved): RFC2136 not updating at boot time
It's working here as well, no problems with RFC2136 at boot on 2.4. Jim Pingle
03:11 PM Bug #6758 (Resolved): 2 x Crash with "PHP Fatal error: Call to undefined function pfSense_interface_listget() in /etc/inc/interfaces.inc on line 80"
The PHP extensions setup has been completely changed since this report, it's not valid any longer. Jim Pingle
03:11 PM Bug #6629 (Resolved): Can't update to "update" update (e.g. 2.3.1_5)
Lots of upgrade issues have been fixed since this report. Most anything left is either cosmetic, caused by network co... Jim Pingle
03:09 PM Bug #6559 (Not a Bug): OpenVPN 'mode server' directive missing
No response or confirmation from anyone else seeing the issue on recent versions.
As stated before, it isn't that ... Jim Pingle
03:07 PM Bug #4237 (Closed): Error "macro IPsec not defined" once after firmware upgrade
No recent reports on supported versions, unless this can be reproduced on 2.4 it appears to be solved. Jim Pingle
03:04 PM Bug #5741 (Closed): IPs from Random Aliases Lists Are Added to Routes Table
No response or confirmation from anyone else seeing the issue on recent versions. Jim Pingle
03:03 PM Bug #4113 (Resolved): multiple instances of /var/db/rrd/updaterrd.sh
No response or confirmation from anyone else seeing the issue on recent versions. Jim Pingle
02:39 PM pfSense Packages Bug #7237 (Resolved): ACME - first table row on certs tab does not autoexpand the fields
This has been fixed for a while now Jim Pingle
02:29 PM Bug #7667 (Resolved): Calls to unbound-control are missing configuration path so they fail
Jim Pingle
02:29 PM Bug #7649 (Resolved): pkg_edit.php - The last row cannot be deleted with ntopng.xml
Jim Pingle
01:43 PM Bug #7326: Unbound fails to start during rc.wanipchange when using large enough dns lists
Here is a patch to try, for those who had problems with the previous commit. Jim Pingle
01:28 PM Bug #7326: Unbound fails to start during rc.wanipchange when using large enough dns lists
BBcan177 . wrote:
> I would recommend the following command (And also for the other Unbound start/reload etc...)
> ... Jim Pingle
01:11 PM Bug #7677 (Resolved): Cert manager not creating server cert
Fixed Jim Pingle
01:10 PM Feature #7527 (Resolved): Sign CSRs - subjectAlternateNames
Works Jim Pingle
10:51 AM Bug #7680: Wrong IP address being entered against pfSense host name on a multi-interface system in /etc/hosts
Jim Pingle wrote:
> There isn't any viable method to override that and adding one would be a lot of work for little ... tqwqllrm tqwqllrm
10:27 AM Bug #7680 (Needs Patch): Wrong IP address being entered against pfSense host name on a multi-interface system in /etc/hosts
There isn't any viable method to override that and adding one would be a lot of work for little benefit. If someone w... Jim Pingle
10:23 AM Bug #7680 (Needs Patch): Wrong IP address being entered against pfSense host name on a multi-interface system in /etc/hosts
I'm running pfSense 2.3.4 and it has multiple interfaces. It chooses one of its IP address and enters it in /etc/hos... tqwqllrm tqwqllrm
09:56 AM Feature #6038: Add ability to configure which interface is chosen for defining hostname IP in /etc/hosts
Nicki Messerschmidt wrote:
> I stumbled over this problem also. In my case I have several LAN interfaces and the wro... tqwqllrm tqwqllrm
07:14 AM Bug #7679: Dynamic DNS don't select GW, only default gateway from kernel
It's ok!
Thank you =) Nielsen Oliveira
07:07 AM Bug #7679 (Rejected): Dynamic DNS don't select GW, only default gateway from kernel
Please post on the forum for assistance with your Dynamic DNS problem. I, and many others, use Dynamic DNS with multi... Jim Pingle
06:55 AM Bug #7679 (Rejected): Dynamic DNS don't select GW, only default gateway from kernel
Acredito que seja um bug, pois testei várias formas e realmente ele só assume o GW do kernel, quando utilizo tanto o ... Nielsen Oliveira
06:14 AM Bug #7678 (Duplicate): Bad HTML-encoding on the status_dhcp_leases.php page
This has already been fixed in 2.3.4-p1 (which is not yet released) and snapshot images.
https://doc.pfsense.org/i... Jim Pingle
12:38 AM Bug #7678 (Duplicate): Bad HTML-encoding on the status_dhcp_leases.php page
It seems that the 2.3.4 release reintroduced an old bug, see #6079. The description column currently shows HTML entit... Chris Vanclercq

07/06/2017

04:57 PM Bug #7326: Unbound fails to start during rc.wanipchange when using large enough dns lists
Instead of using this stop command
mwexec("echo '/usr/local/sbin/unbound-control stop' | /usr/bin/su -m unboun... BBcan177 .
07:33 AM Bug #7326 (Assigned): Unbound fails to start during rc.wanipchange when using large enough dns lists
Jim Pingle
07:30 AM Bug #7326 (Feedback): Unbound fails to start during rc.wanipchange when using large enough dns lists
Applied in changeset commit:6e094e04f7d9634c7151bd9aa68ad93c71584d80. Jim Pingle
07:22 AM Bug #7326 (Assigned): Unbound fails to start during rc.wanipchange when using large enough dns lists
Several complaints of unbound not starting/stopping correctly after that last patch was added, so I backed it out for... Jim Pingle
02:10 PM Feature #1801 (Rejected): Intermediate SSL certs box
Just import intermediates into the CAs tab directly. See #2800 Jim Pingle
02:07 PM pfSense Packages Bug #4756 (Not a Bug): OpenVPN Client Export fails when using "real" certificate
It works fine if you import the chain, see #2800, which would include the case of a public CA (which should still nev... Jim Pingle
02:04 PM Bug #5317 (Not a Bug): CSR signed certificates shows issuer as external
Import the CA cert (cert only), any intermediate CA certs, and the signed cert. It will pick up the issuer correctly ... Jim Pingle
02:00 PM pfSense Packages Bug #7170 (Resolved): FreeRADIUS built-in certificate manager defaults to MD5 (!!!), no support for SHA2
This has all been removed from FreeRADIUS. Cert handling in FreeRADIUS is 100% done in the Cert Manager now on 2.3.4 ... Jim Pingle
01:48 PM Feature #7666 (Resolved): Adding SAN DNS:username to User Certificates that are created via User Manager the same way as it is done via Cert. Manager
Works fine now. Jim Pingle
01:34 PM Feature #7527: Sign CSRs - subjectAlternateNames
wow. Great. I'll try this out first thing tomorrow morning. Thank you very much :-) Philip Hofstetter
12:40 PM Feature #7527 (Feedback): Sign CSRs - subjectAlternateNames
Applied in changeset commit:0c82b8c2a77bba6b2b3ab42a880c0e478ebc70f6. Jim Pingle
12:35 PM Feature #7527 (Assigned): Sign CSRs - subjectAlternateNames
Jim Pingle
12:51 PM Feature #7383: system_certmanager.php?act=new: Add new select option to sign a CSR
Also, as of commit:0c82b8c2a77bba6b2b3ab42a880c0e478ebc70f6 I have changed how this operates slightly, there were a c... Jim Pingle
12:50 PM Feature #7383: system_certmanager.php?act=new: Add new select option to sign a CSR
Larry Westfall wrote:
> Below is the request:
> -----BEGIN NEW CERTIFICATE REQUEST-----
That's the problem, it h... Jim Pingle
12:40 PM Bug #7677 (Feedback): Cert manager not creating server cert
Applied in changeset commit:0c82b8c2a77bba6b2b3ab42a880c0e478ebc70f6. Jim Pingle
08:31 AM Bug #7677 (Assigned): Cert manager not creating server cert
I'm in the middle of some certificate work. It should have been in an OK state when I left it yesterday but it's poss... Jim Pingle
08:24 AM Bug #7677 (Resolved): Cert manager not creating server cert
Current snap
2.4.0-BETA (amd64)
built on Thu Jul 06 07:22:07 CDT 2017
FreeBSD 11.0-RELEASE-p10
Cert Manager not... JohnPoz _
08:22 AM Bug #7676 (Rejected): L2TP Settings not retained
Please discuss this on the forum for help diagnosing your issue. That is not a general problem, and more information ... Jim Pingle
08:13 AM Bug #7676 (Rejected): L2TP Settings not retained
Trying to configure L2TP VPN Server for a small company, we were able to login through L2TP but when checking again o... Henry Jesus Jr. Lastimosa
07:28 AM Bug #7675 (Feedback): Remove MSS clamping exclusions on pppoe, l2tp, pptp
PR Merged Jim Pingle

07/05/2017

07:12 PM Bug #6099: igmpproxy does not recognize upstream interface
Diogo Quintela wrote:
> Rai Wol wrote:
> > Can someone confirm its working in 2.4?
> >
> > Doesn't stop after 3... J L
06:12 PM Bug #7675: Remove MSS clamping exclusions on pppoe, l2tp, pptp
Pull request created to fix this:
https://github.com/pfsense/pfsense/pull/3777 Anonymous
05:43 PM Bug #7675 (Resolved): Remove MSS clamping exclusions on pppoe, l2tp, pptp
As per https://forum.pfsense.org/index.php?topic=132918.0
Creating an issue to track removing the exclusions setup... Anonymous
02:55 PM pfSense Packages Bug #7674 (Resolved): Issue Downloading Snort Alert Log Download
I have found that I am no longer able to download the Alert Logs from the snort_alerts.php page. I have attempted di... Ryan Eckenrode
12:40 PM Feature #7666 (Feedback): Adding SAN DNS:username to User Certificates that are created via User Manager the same way as it is done via Cert. Manager
Applied in changeset commit:b767fe6cdf7977916d2f245ea529f84f7e0d1f30. Jim Pingle
11:02 AM Bug #7673 (Not a Bug): multi wan 0.0.0.0
Hi,
Once it detects that there is the same ip address multiple times whenever you save something, the web server l... Christoffer Öhman

07/04/2017

02:40 PM Bug #7672 (Rejected): Enabling DNS Resolver returns erorr
Please discuss the problem on the forum to diagnose your problem and identify any potential bugs. If there is a repea... Jim Pingle
01:33 PM Bug #7672 (Rejected): Enabling DNS Resolver returns erorr
Hi
I am getting this error when I try to enable DNS Resolver. I haven't been using the DNS Resolver before because... Tino Zidore

07/03/2017

10:04 PM Feature #6753: Interfaces list order not consistent
It works in master 2.4, but it never got backported to RELENG_2_3 or RELENG_2_3_4.
This was the PR in master: https:... Phillip Davis
12:04 PM Feature #6753: Interfaces list order not consistent
Thank you guys for taking this into account. It works well, much better to use now!
May I ask for one last thing? Th... robi robi
11:19 AM Feature #7671: Gateway Monitoring Via Custom Script or Telnet.
many ISPs in India also do a similar thing and etisalat in UAE do a similar thing, if the bill isnt paid by the 15th ... Bipin Chandra
11:08 AM Feature #7671 (New): Gateway Monitoring Via Custom Script or Telnet.
It would be very helpful to have the ability to monitor gateways via a custom script or telnet. ISPs are beginning to... Bridgetowermedia IT

07/02/2017

04:53 PM pfSense Packages Bug #7670 (Not a Bug): Bind : Serial for slave zone is missing in IHM
Using bind as slave server, the page https://localhost:8443/pkg.php?xml=bind_zones.xml does not display the zone seri... Nicolas Marot

07/01/2017

07:52 PM Bug #7659 (Resolved): Crash "Invalid argument supplied for foreach() in /etc/inc/gwlb.inc on line 1739" when defining a IPv4 or IPv6 IP + adding gateway.
Jim Pingle
07:52 PM Bug #7452 (Resolved): Adding a gateway from interfaces.php does not work
Jim Pingle
05:09 PM Bug #7452: Adding a gateway from interfaces.php does not work
As mentioned by Philip Davis in #7659 the fix for the crash has now been implemented in https://github.com/pfsense/pf... Dan Lundqvist

06/30/2017

01:58 PM pfSense Packages Bug #7669: ACME Certificates
But we need to have a discussion -- on the forum -- about why that happened before it can be called a bug. The upgrad... Jim Pingle
01:11 PM pfSense Packages Bug #7669: ACME Certificates
I get that freeradius isn't related to acme. You just rejected the root of my problem which is no CA key for ACME gen... robbie foster
12:18 PM pfSense Packages Bug #7669 (Rejected): ACME Certificates
Please post on a new forum thread and discuss this before opening a bug report. It's possible something else went wro... Jim Pingle
12:15 PM pfSense Packages Bug #7669 (Rejected): ACME Certificates
version 2.4.0-beta. My letsencrypt certificates are about to expire and my certificates in acme certificates didn't m... robbie foster
10:00 AM Feature #7668: MAC Address spoofing
https://forum.pfsense.org/index.php?topic=132947.msg730892#msg730892 Andy Kniveton
09:56 AM Feature #7668 (Closed): MAC Address spoofing
The wording under the Interface -> General Configuration -> MAC Address box could do with stating that if the interfa... Andy Kniveton

06/29/2017

12:18 PM Bug #7148 (Duplicate): Spoofed mac addresses on VLAN interfaces apply to the same physical interface
Duplicate of #1337 Jim Pingle
11:54 AM Bug #7326: Unbound fails to start during rc.wanipchange when using large enough dns lists
ok thank you for fixing this, I will test the fix as soon as possible on my firewall. Chris Collins
11:43 AM Bug #7326: Unbound fails to start during rc.wanipchange when using large enough dns lists
Be aware that if you attempt to add a patch for this manually, you also need to apply the patch from #7667 first. Jim Pingle
11:40 AM Bug #7326 (Feedback): Unbound fails to start during rc.wanipchange when using large enough dns lists
Applied in changeset commit:38d110824c87ff60c6289c0432d55009586ceee4. Jim Pingle
11:31 AM Bug #7326: Unbound fails to start during rc.wanipchange when using large enough dns lists
Back to me, I have some changes ready that appear to fix this. Jim Pingle
11:40 AM Bug #7667 (Feedback): Calls to unbound-control are missing configuration path so they fail
Applied in changeset commit:8a0aa42c197361ebb82387e5bdc8378e5440837f. Jim Pingle
11:31 AM Bug #7667 (Resolved): Calls to unbound-control are missing configuration path so they fail
Calls to unbound-control inside @do_as_unbound_user()@ in /etc/inc/unbound.inc do not pass the configuration file loc... Jim Pingle

06/28/2017

06:48 PM Bug #7659: Crash "Invalid argument supplied for foreach() in /etc/inc/gwlb.inc on line 1739" when defining a IPv4 or IPv6 IP + adding gateway.
Hi Philip,
I updated the PF to 2.4.0-BETA (amd64) built on Wed Jun 28 16:02:43 CDT 2017 today and redid the proced... Dan Lundqvist
01:40 PM Feature #7666: Adding SAN DNS:username to User Certificates that are created via User Manager the same way as it is done via Cert. Manager
Thank you sooo much!
I am constantly sitting on the 2.4 beta edge (currently 2.4.0.b.20170627.1443), just let me now... Reinis Adovics
01:29 PM Feature #7666 (Assigned): Adding SAN DNS:username to User Certificates that are created via User Manager the same way as it is done via Cert. Manager
Current certificate best practices are to have the CN be the first SAN, so it shouldn't be optional. That small initi... Jim Pingle
01:24 PM Feature #7666: Adding SAN DNS:username to User Certificates that are created via User Manager the same way as it is done via Cert. Manager
It could also be made optional in _User Manager_.
By default there is no SAN (just as now), but there would be possi... Reinis Adovics
01:11 PM Feature #7666 (Resolved): Adding SAN DNS:username to User Certificates that are created via User Manager the same way as it is done via Cert. Manager
h1. Adding SAN DNS:username to User Certificates that are created via User Manager same way as it is done via Cert. M... Reinis Adovics
11:41 AM Bug #7665 (New): Host range validation for Aliases is not strict enough
Steps to reproduce:
1. Enter an invalid host range for an IP alias, such as 192.168.1.1-10, and click Save.
The... Re Load
08:09 AM pfSense Packages Todo #7664 (Rejected): https filtering in pfsense without configuring proxy settings in client browser .
What can be done, is already there. Splice to see domains or you have to install CA on clients. Post on the forum, do... Jim Pingle
08:07 AM pfSense Packages Todo #7664 (Rejected): https filtering in pfsense without configuring proxy settings in client browser .
https filtering in pfsense without configuring proxy settings in client web browser .
 Ravi Kumar
12:55 AM Bug #7641: Multiple reboots without error message
I checked the freebsd bugreports and found a similar issue but with an amd system. I added a comment there so here is... Philipp Haefelfinger

06/27/2017

02:56 PM Feature #7383: system_certmanager.php?act=new: Add new select option to sign a CSR
Larry Westfall wrote:
> Build 2.4.0.b.20170527.2111
>
> External generated CSR failed with
> The following input... Joseph McGuirl
02:45 PM Bug #6406: Web process becomes unresponsive producing 502 Bad Gateway nginx
Bryan Fehl wrote:
> Christoffer Öhman wrote:
> > I can not even use it before it locks.
> >
> > As soon as I try... Christoffer Öhman
10:59 AM Bug #6406: Web process becomes unresponsive producing 502 Bad Gateway nginx
Christoffer Öhman wrote:
> I can not even use it before it locks.
>
> As soon as I try to change something, it lo... Bryan Fehl
10:45 AM Bug #6406: Web process becomes unresponsive producing 502 Bad Gateway nginx
I can not even use it before it locks.
As soon as I try to change something, it loads a really long time before it... Christoffer Öhman
02:04 PM Bug #7663 (Closed): Persistent CARP Maintenance Mode doesn't work right in upgrade from 2.3.3-RELEASE-p1 to 2.3.4
Upgrading the OS to 2.3.4 from 2.3.3-RELEASE-p1 with Persistent CARP Maintenance Mode selected, the OS rebooted with ... Whit Blauvelt
10:25 AM Feature #4821: PPPoE WANs do not take full advantage of NIC driver queues for receiving traffic
As of the June 2, 2017 build, it does not look like it. Receiving over PPPoE is still limited to one queue. Scott Baugher
10:23 AM Bug #7604: Bug #6594 is not resolved: Waiting for Internet connection to update pkg metadata and finish package reinstallation
This is happening to me too, have a fresh 2.3.4 install. I will restore config from another 2.3.4 install. Sure enoug... Adam Piasecki
10:02 AM Bug #7662 (Resolved): Missing close span in login page 2.4.0-BETA
Fixed. Thanks for pointing that out. Anonymous
09:43 AM Bug #7662 (Resolved): Missing close span in login page 2.4.0-BETA
Using 2.4.0-BETA, the login page miss a close span
https://github.com/pfsense/pfsense/blob/master/src/etc/inc/authgu... d j
06:38 AM Bug #2218: CARP VIPs can become master too early at boot time
I didn't close the ticket and say it wouldn't be addressed eventually. When this old ticket was opened, maintenance m... Jim Pingle
04:01 AM Bug #2218: CARP VIPs can become master too early at boot time
Jim, what about if you have a power failure on the master firewall (and you have each firewall connected to different... Seb A

06/26/2017

05:53 PM Bug #2218: CARP VIPs can become master too early at boot time
While true, it'll still fail at some point. I'm not sure this can be reasonably described as a non-issue with such se... Louis Hather
12:47 PM Bug #2218: CARP VIPs can become master too early at boot time
Then focus on fixing the source of the crashes if they happen that often -- The avoidable cases are already avoidable. Jim Pingle
12:39 PM Bug #2218: CARP VIPs can become master too early at boot time
Sure, but I don't reboot my firewalls - they crash. See the issue? Louis Hather
12:05 PM Bug #2218: CARP VIPs can become master too early at boot time
It's a non-issue if you put a node into maintenance mode from Status > CARP before updating or rebooting. Jim Pingle
12:03 PM Bug #2218: CARP VIPs can become master too early at boot time
This is still an issue as of 2.3.4. Louis Hather
11:42 AM pfSense Packages Bug #7661 (Resolved): pfBlockerNG doesn't make a rule for Antarctica
If Antarctica entries with a count > 0 are added to the pfBlockerNG GeoIP, there won't be an Antarctica rule created.... Stuart Wyatt
10:27 AM pfSense Packages Todo #7658: BGP support in Quagga
OK done. Please see https://redmine.pfsense.org/issues/7660 Chris Zimman
10:25 AM pfSense Packages Todo #7658: BGP support in Quagga
This issue is for BGP only, not other features. Scope creep isn't helpful, that needs to be in a separate feature req... Jim Pingle
10:22 AM pfSense Packages Todo #7658: BGP support in Quagga
Right now, in the Quagga GUI, there's a single entry for a CARP address to monitor. If you're adding better GUI supp... Chris Zimman
10:11 AM pfSense Packages Todo #7658: BGP support in Quagga
That is unrelated to the topic on this ticket. It would be a separate feature request. Jim Pingle
10:10 AM pfSense Packages Todo #7658: BGP support in Quagga
We need to be able to monitor more than one CARP IP for failover. Our config has CARP on the inbound and outbound si... Chris Zimman
10:27 AM pfSense Packages Feature #7660 (Rejected): Please add the ability to monitor more than one CARP address to the Quagga GUI support
We need to be able to monitor more than one CARP IP for failover. Our config has CARP on the inbound and outbound sid... Chris Zimman
03:13 AM pfSense Packages Feature #7655: Captive portal and squid non transparent
I have readed all about that link and sorry, but i don't understand anything ?
 Jose Perez

06/25/2017

09:45 AM Feature #4821: PPPoE WANs do not take full advantage of NIC driver queues for receiving traffic
Scott Baugher wrote:
> I'm using the nightly builds (2.4.0.b.20170522.1522 as of right now). I also use gigabit fib... Julien REVERT
07:39 AM Bug #3710: Adding static DHCP leases doesn't cause BIND zones to update
David Horn wrote:
> Tried disabling config knob, enabling, etc. Works well at this point for static and dynamic DHC... Kill Bill

06/24/2017

09:32 PM Bug #7659: Crash "Invalid argument supplied for foreach() in /etc/inc/gwlb.inc on line 1739" when defining a IPv4 or IPv6 IP + adding gateway.
See PR https://github.com/pfsense/pfsense/pull/3764 Phillip Davis
10:54 AM Bug #7659 (Resolved): Crash "Invalid argument supplied for foreach() in /etc/inc/gwlb.inc on line 1739" when defining a IPv4 or IPv6 IP + adding gateway.
RUNNING ON: *pfSense-CE-2.4.0-BETA-amd64-20170623-1439.iso* fresh installed today 24/6.2017 in VirtualBox and no othe... Dan Lundqvist
05:11 PM Bug #3710: Adding static DHCP leases doesn't cause BIND zones to update
I tested this fix successfully against the 2.4-BETA snapshot: 2.4.0-BETA (amd64) built on Sat May 06 22:51:06 CDT 20... David Horn
03:03 PM Bug #6099: igmpproxy does not recognize upstream interface
Jeremy Lewis wrote:
> The way I managed to get it working reliably was to turn off the IGMP snooping on my managed s... Mr B
11:15 AM Bug #7501: Interfaces statistics widget GUI + JSON (2 issues)
I have tested the #7501 on fresh "pfSense-CE-2.4.0-BETA-amd64-20170623-1439.iso" install in Virtualbox on amd64
addi... Dan Lundqvist
10:34 AM Bug #7452: Adding a gateway from interfaces.php does not work
Hello,
I have tested both IPv4 and IPv6 PR corrections running on fresh "pfSense-CE-2.4.0-BETA-amd64-20170623-1439... Dan Lundqvist
10:14 AM pfSense Packages Todo #7658: BGP support in Quagga
There is a PR to support using it via raw config, but no GUI yet.
https://github.com/pfsense/FreeBSD-ports/pull/356 Jim Pingle
10:07 AM pfSense Packages Todo #7658 (Resolved): BGP support in Quagga
OpenBGPD pkg on pfsense doesn't seem to be up to date for years (since 2012 probably) - a lot of recently (and may be... Vladimir Lind
07:40 AM pfSense Packages Feature #7657: OpenBGPD local-as feature in neighbors context
UPD: Looks like some commands which are not present in webgui do work when pasting directly in bgp neighbor context i... Vladimir Lind
02:26 AM pfSense Packages Feature #7657 (Rejected): OpenBGPD local-as feature in neighbors context
Please add "local-as" feature in OpenBGPD webgui "neighbors" tab -> "Neighbor Parameters". This command is described ... Vladimir Lind

06/23/2017

12:32 PM Bug #7645 (Resolved): SG-1000 VLAN interfaces do not work without promisc mode
Fixed in current snapshots Jim Pingle
11:32 AM pfSense Packages Bug #6129: zabbix agent/proxy 2.4 not ported to pfSense 2.3
Pim Janssen wrote:
> 4.0 LTS Will be added in september 2017. I think having only LTS releases would be enough.
Y... James Lavoy
11:27 AM pfSense Packages Bug #6129: zabbix agent/proxy 2.4 not ported to pfSense 2.3
4.0 LTS Will be added in september 2017. I think having only LTS releases would be enough. Pim Janssen
11:24 AM pfSense Packages Bug #6129: zabbix agent/proxy 2.4 not ported to pfSense 2.3
James Lavoy wrote:
> Therefore this change has caused pfSense to be unable to be used as a proxy if someone is using... James Lavoy
11:20 AM pfSense Packages Bug #6129: zabbix agent/proxy 2.4 not ported to pfSense 2.3
I apologize, in the future I will be sure to track every version of software released everywhere and update my bug re... James Lavoy
11:18 AM pfSense Packages Bug #6129: zabbix agent/proxy 2.4 not ported to pfSense 2.3
Information in a ticket needs to be precise and specific no matter when it's read. It is unreasonable to expect anyon... Jim Pingle
11:14 AM pfSense Packages Bug #6129: zabbix agent/proxy 2.4 not ported to pfSense 2.3
Jim Pingle wrote:
> If that is the case, it was not stated clearly anywhere on the problem description or even in th... James Lavoy
11:06 AM pfSense Packages Bug #6129 (New): zabbix agent/proxy 2.4 not ported to pfSense 2.3
If that is the case, it was not stated clearly anywhere on the problem description or even in the comments. Maybe if ... Jim Pingle
10:52 AM pfSense Packages Bug #6129: zabbix agent/proxy 2.4 not ported to pfSense 2.3
@Jim
The issue is here because the 3.0 proxy is NOT backwards compatible. For that reason it would be good to have a... Pim Janssen
10:44 AM pfSense Packages Bug #6129 (Resolved): zabbix agent/proxy 2.4 not ported to pfSense 2.3
Jim Pingle
10:26 AM pfSense Packages Bug #6129: zabbix agent/proxy 2.4 not ported to pfSense 2.3
Looks like a done case.
Currently zabbix agent and proxy 3.0 LTS is available in pfsense-2.3 Heðin Ejdesgaard Møller
10:57 AM Feature #5825: Allow EAP-RADIUS for authentication servers
Related: https://redmine.pfsense.org/issues/7111
Although it's not EAP, MSCHAPv2 is better than PAP Joe McNolan

06/22/2017

06:13 PM Bug #6099: igmpproxy does not recognize upstream interface
The way I managed to get it working reliably was to turn off the IGMP snooping on my managed switch, then the timing ... Jeremy Lewis
04:18 PM Bug #6099: igmpproxy does not recognize upstream interface
Hi,
This still isn't working for me on 2.4 - 2.4.0.b.20170622.0342 - keep getting the cut off after 4 minutes.
... Mr B
06:01 PM Feature #1189: Gateway: Multiple monitor ips
Hadn't noticed this issue before...
With regard to dpinger itself, please see #4354#note-18
 Denny Page
08:30 AM Feature #1189: Gateway: Multiple monitor ips
So I put in a feature request @ the dpinger github here: https://github.com/dennypage/dpinger/issues/24
Here is wh... Web Dawg
10:28 AM Feature #4354: Allow dpinger to ping more than one destination for a gateway.
Dpinger using multiple targets has been discussed. See updates 18-21. Denny Page
08:30 AM Feature #4354: Allow dpinger to ping more than one destination for a gateway.
So I put in a feature request @ the dpinger github here: https://github.com/dennypage/dpinger/issues/24
Here is w... Web Dawg
05:46 AM Bug #7499 (Resolved): ipsec.widget.php: Tunnel Status incorrect
Jim Pingle
04:49 AM Bug #7499: ipsec.widget.php: Tunnel Status incorrect
Seems fixed. Working good for on
2.4.0-BETA (amd64)
built on Thu Jun 22 03:42:40 CDT 2017
Thanks. Hugo Sousa

06/21/2017

07:08 PM Bug #7656 (Closed): TypeError: n is undefined JavaScript error in status_monitoring.php
I'm using 2.3.4-RELEASE (i386) and when I open the Staus->Monitoring page, I get a JavaScript error (below). It appe... Blinking Man
04:18 PM pfSense Packages Feature #7655: Captive portal and squid non transparent
Kindly read https://redmine.pfsense.org/issues/5594#note-11. Kill Bill
01:39 AM pfSense Packages Feature #7655 (Bogus): Captive portal and squid non transparent
Hi.
When we configure squid in non-transparent mode and in the browser we configure the proxy address and the port, ... Jose Perez
01:06 PM Bug #7638 (Resolved): Carp Status incorrect - visual bug in webconfigurator interface
Fixed Jim Pingle
10:41 AM Bug #4544 (Resolved): PD not requested if no interfaces set to track6
Jim Pingle

06/20/2017

02:14 PM Bug #7642 (Resolved): Redact BGP keying from status output
Works
 Jim Pingle
02:08 PM pfSense Packages Bug #7524 (Resolved): Squid MITM/SSL-Bump broken with Chrome due to missing SAN in generated certificates
This works for me now. I can browse secure sites through squid HTTPS MITM with Chrome and there are no certificate er... Jim Pingle
10:00 AM Bug #7638 (Feedback): Carp Status incorrect - visual bug in webconfigurator interface
Applied in changeset commit:fd4e14b8853e7a30ee23532d686270cb40d84d03. Jim Pingle
08:07 AM Bug #7649: pkg_edit.php - The last row cannot be deleted with ntopng.xml
Works (just edited manually for a quick test). Kill Bill
07:36 AM Bug #7649 (Feedback): pkg_edit.php - The last row cannot be deleted with ntopng.xml
New version of ntopng with a renamed ID is building now. Jim Pingle
07:20 AM pfSense Packages Bug #7654 (Resolved): Can't use a LDAP search filter containing an accent
Hi,
I use a virtual machine with pfSense 2.3.4 (amd64) with Squid package v0.4.37 (including squid 3.5.26).
I h... mr xhark
04:34 AM Feature #7598: Static IPv6 using IPv4 PPPoE as parent interface
PR issued 3761 Martin Wasley
04:08 AM Bug #7634: When restoring from USB during install, if the config file contains RRD data, the final config.xml on the system will also contain all the RRD infomation
OK, I vote for it to be re-implemented in future versions, this is a very handy feature to have. robi robi

06/19/2017

03:49 PM Bug #7634: When restoring from USB during install, if the config file contains RRD data, the final config.xml on the system will also contain all the RRD infomation
robi robi wrote:
> Is this feature left out intentionally from the future versions?
The installer was changed com... Jim Pingle
03:42 PM Bug #7634: When restoring from USB during install, if the config file contains RRD data, the final config.xml on the system will also contain all the RRD infomation
Is this feature left out intentionally from the future versions?
It's very handy. It allowed me to restore a firew... robi robi
01:14 PM Bug #7634: When restoring from USB during install, if the config file contains RRD data, the final config.xml on the system will also contain all the RRD infomation
Looks like there isn't any code to handle restoring RRD in that PFI path, only when diag_backup.php is used.
The f... Jim Pingle
02:36 PM pfSense Packages Bug #7524: Squid MITM/SSL-Bump broken with Chrome due to missing SAN in generated certificates
Packages are up for 2.4 and 2.3.4, 2.3.x snapshots will be up next time a snapshot runs. Test and let us know if it i... Jim Pingle
01:58 PM pfSense Packages Bug #7524 (Feedback): Squid MITM/SSL-Bump broken with Chrome due to missing SAN in generated certificates
Jim Pingle
01:54 PM pfSense Packages Bug #7524: Squid MITM/SSL-Bump broken with Chrome due to missing SAN in generated certificates
I'm getting 3.5.26 pulled into the package branches right now, should be building and up soon. Jim Pingle
02:01 PM Bug #7650 (Resolved): vendor/filebrowser/browser.php: Filename parameter is unencoded which can lead to a potential XSS
Fixed Jim Pingle
02:00 PM Bug #7651 (Resolved): firewall_nat_edit.php: dst_change JS can cause XSS with an invalid interface name
Fixed Jim Pingle
01:59 PM Bug #7652 (Resolved): diag_tables.php: 'type' parameter can lead to XSS
Fixed Jim Pingle
01:53 PM Bug #7649: pkg_edit.php - The last row cannot be deleted with ntopng.xml
It doesn't like that the element id has "delete" in it and it isn't part of a repeatable/rowhelper control.
If you... Jim Pingle
07:22 AM Feature #7598: Static IPv6 using IPv4 PPPoE as parent interface
No it's a patch in my repo. I wanted it tested before sending it on to the main repo. If you think it will be a usefu... Martin Wasley
07:17 AM Feature #7598: Static IPv6 using IPv4 PPPoE as parent interface
Is there a PR for that patch? I'm not seeing anything in the repo currently with that hash/id. Jim Pingle
06:17 AM Feature #7598: Static IPv6 using IPv4 PPPoE as parent interface
Appears it will never work for Greg as his ISP requires he must send a dhcp6 request.
For those of us who can use... Martin Wasley
07:16 AM Bug #5993 (Resolved): dhcp6c not started until an RA received
Jim Pingle
06:13 AM Bug #5993: dhcp6c not started until an RA received
This one should be closed Jim, it's been rock solid for months now.
Fixed - Resolved. Martin Wasley
06:29 AM Bug #7653 (Closed): 3gstats.php holding open the cuaU0.3 device
if the usb 3g/4g modem is unplugged then reconnected or itself rebooted (via AT commands) it comes up as ttyU1 (aka c... dean hamstead

06/17/2017

06:31 AM pfSense Packages Bug #7617: OpenBGP not restarting on new WAN IP or firewall reload
Thank you, again. _shellcmd_ package was the answer.
Perhaps someone could close this now. (I can't see any way t... Phil Biggs
05:18 AM pfSense Packages Bug #7617: OpenBGP not restarting on new WAN IP or firewall reload
Yeah I'd say it's no longer needed since WAN IP change will trigger @filter_configure()@ on its own. Kill Bill
05:11 AM pfSense Packages Bug #7617: OpenBGP not restarting on new WAN IP or firewall reload
Many thanks for that. Tested and works.
I didn't know that _shellcmd_ even had that option. I've never used it b... Phil Biggs
03:59 AM pfSense Packages Bug #7617: OpenBGP not restarting on new WAN IP or firewall reload
Phil Biggs wrote:
> The table is successfully reloaded on new WAN IP but it doesn't work after a firewall rule chang... Kill Bill
03:39 AM pfSense Packages Bug #7617: OpenBGP not restarting on new WAN IP or firewall reload
It's a horrible hack but I added a line to openbgpd.inc:... Phil Biggs
06:15 AM Bug #7641: Multiple reboots without error message
That's going to be out of our hands then. Try to reproduce it on a plain FreeBSD system but it's probably an incompat... Jim Pingle
05:37 AM Bug #7641: Multiple reboots without error message
Thanks four your hint. I started a research and posted the results in the forum (german: https://forum.pfsense.org/in... Philipp Haefelfinger

06/16/2017

03:00 PM Bug #7652 (Feedback): diag_tables.php: 'type' parameter can lead to XSS
Applied in changeset commit:e90eaf31f079dc29187d1c08cfe88ceabc0786f4. Jim Pingle
02:08 PM Bug #7652 (Resolved): diag_tables.php: 'type' parameter can lead to XSS
Two problems with diag_tables.php that together can lead to XSS via the type (table name) parameter:
* Lack of inp... Jim Pingle
03:00 PM Bug #7651 (Feedback): firewall_nat_edit.php: dst_change JS can cause XSS with an invalid interface name
Applied in changeset commit:9c8540ca53f8258a44aaf13100d575b30ae77e65. Jim Pingle
02:08 PM Bug #7651 (Resolved): firewall_nat_edit.php: dst_change JS can cause XSS with an invalid interface name
Two problems with firewall_nat_edit.php that together can lead to XSS via the interface parameter:
* Lack of input... Jim Pingle
03:00 PM Bug #7650 (Feedback): vendor/filebrowser/browser.php: Filename parameter is unencoded which can lead to a potential XSS
Applied in changeset commit:d0acfddd3afb11cb53aa13a00bf2f89b0a98ae4f. Jim Pingle
02:08 PM Bug #7650 (Resolved): vendor/filebrowser/browser.php: Filename parameter is unencoded which can lead to a potential XSS
First load a file on diag_edit.php and then save it with @');alert('XSS@ appended to the name, then browse and try to... Jim Pingle
01:48 PM Feature #7643: Send notification when boot completed
Here's a more meaningful command in one line, containing the hostname of the system:... robi robi
02:54 AM Bug #7649: pkg_edit.php - The last row cannot be deleted with ntopng.xml
Eh, linked wrong line: https://github.com/pfsense/FreeBSD-ports/blob/devel/net/pfSense-pkg-ntopng/files/usr/local/pkg... Kill Bill
02:48 AM Bug #7649 (Resolved): pkg_edit.php - The last row cannot be deleted with ntopng.xml
When I click on "Delete data" button in Diagnostics - ntopng Settings, I only get "the last row cannot be deleted" po... Kill Bill

06/15/2017

06:23 PM Bug #7606: Using limiters and VLANs on Supermicro Xeon D boards crashes with kernel panic
Im curious if the information I posted is useful enough to determine what might be happening since I havent seen any ... putzomatic none
12:52 PM Bug #7611: Diagnostics/Routes ipv6 ( netstat ), causes kernel panic
Ok new repro with a fresh virtual install on virtualbox of pfSense-CE-2.4.0-BETA-amd64-20170615-0858.iso with 1 bridg... Pi Ba
11:26 AM Bug #7584 (Resolved): privileges abuse with page-diagnostics-dns
Jim Pingle
11:25 AM Bug #7451 (Resolved): vpn_openvpn_client.php - Fields not hidden/processed correctly in chrome
Jim Pingle
11:24 AM Bug #6890 (Resolved): PPP service name error
Jim Pingle
11:24 AM Bug #6087 (Resolved): Missmatching description to default value on net.inet.ip.random_id under system tunables
Jim Pingle
10:31 AM Bug #7646 (Resolved): Captive portal live page view feature no longer shows the portal web server view
Jim Pingle
10:31 AM pfSense Packages Feature #7621 (Resolved): OpenVPN Client Export name whens is a windows installer have the same name its a bit confused
Jim Pingle
10:30 AM pfSense Packages Bug #7533 (Resolved): HAProxy 1.7.3+ Breaks with DNS Resolvers configured (UNIX stats sockets fail)
Workaround is in place and functioning OK. Next HAProxy release will have it included without needing a local patch. ... Jim Pingle
10:20 AM Bug #7624 (Resolved): Empty <config/> tags in package settings are still causing issues
Jim Pingle
10:18 AM Bug #7591 (Resolved): services_captiveportal.php suggest default auth_method, and old links
Jim Pingle
10:10 AM Bug #7588 (Resolved): missing label for form in services_dyndns_edit
Jim Pingle
10:08 AM Todo #7587 (Resolved): sort system_groupmanager_addprivs privileges
Jim Pingle
10:08 AM Todo #7586 (Resolved): system_usermanager_addprivs show user name
Jim Pingle
10:07 AM Bug #7580 (Resolved): pftop impossible options in web gui
Needed one more fix but now it's OK. Jim Pingle
10:07 AM Bug #7579 (Resolved): pftop size sort is same as none
Needed one more fix but now it's OK. Jim Pingle
09:47 AM Bug #7585 (Resolved): system_usermanager.php showcert does nothing
Jim Pingle
09:44 AM Bug #7581 (Resolved): etc/pfSense.obsoletedfiles wrong path for diag_system_pftop.php
Jim Pingle
09:38 AM Bug #7569 (Resolved): openvpn wizard reused settings cause wrong defaults
Jim Pingle
09:37 AM Bug #7572 (Resolved): openvpn client resolv-retry infinite issues
Jim Pingle
09:37 AM Todo #7573 (Resolved): openvpn tunnel networks and "second network address will be assigned"
Jim Pingle
09:36 AM Bug #7565 (Resolved): openvpn and port 0
Jim Pingle
09:35 AM Bug #7567 (Resolved): unused openvpn address pool setting?
Jim Pingle
09:35 AM Bug #7568 (Resolved): unused openvpn client_mgmt_port ?
Jim Pingle
09:34 AM Bug #7561 (Resolved): l2tp turn off local user database
Jim Pingle
09:34 AM Bug #7564 (Resolved): l2tp broken logging shortut
Jim Pingle
09:33 AM Todo #7560 (Resolved): vpn_l2tp.php dns checks
Jim Pingle
09:33 AM Bug #7559 (Resolved): l2tp wins unused code
Jim Pingle
09:33 AM Feature #7549: Enable Python support in Unbound
Python is there but still has some other issues that need worked out related to running unbound in a chroot.
Also it... Jim Pingle
09:31 AM Bug #7528 (Resolved): Captive Portal caches user RADIUS credentials inconsistently with needs/described behavior
Jim Pingle
09:30 AM Bug #7472 (Not a Bug): External Authentication servers with names longer than 48 characters fail to authenticate with OpenVPN server configured for TLS + User Auth
This turned out to be a symptom of a different problem specific to that specific device, not a bug. Jim Pingle
09:10 AM Bug #7499 (Feedback): ipsec.widget.php: Tunnel Status incorrect
Applied in changeset commit:4de753e52d8bbc732f23f90dd77df1707fbc3912. Jim Pingle
08:05 AM Bug #7637 (Rejected): Any operation of the suricata package will cause the system to crash
This appears to be specific to your hardware not being stable or fully compatible with NETMAP for inline mode, and no... Jim Pingle
08:01 AM Todo #7540 (Resolved): Fix ca/cert input validation to allow currently blocked characters
Jim Pingle
06:09 AM Bug #6406: Web process becomes unresponsive producing 502 Bad Gateway nginx
we are as well getting this randomly every few days for a few months now. running always latest stable.
reproduction... IT IGP

06/14/2017

09:19 PM Bug #7648: SPAN ports on an interface renders CARP HA inoperative
CARP is known to not work well with any kind of bridging, including span ports.
It is not a common enough requirem... Jim Pingle
09:05 PM Bug #7648 (New): SPAN ports on an interface renders CARP HA inoperative
When a SPAN port is added to an interface, CARP breaks.
The source address of the CARP announcement, which should ... David Van Cleef
03:18 PM pfSense Packages Feature #7621 (Feedback): OpenVPN Client Export name whens is a windows installer have the same name its a bit confused
I pushed a change to add more detail to the filename, but I used a different tactic so it will be more accurate.
T... Jim Pingle
10:45 AM Bug #7647: Router reboots in a day after upgrade to new snapshot
I run one that way already and it's completely stable here. Please take the discussion to a support platform. Jim Pingle
10:43 AM Bug #7647: Router reboots in a day after upgrade to new snapshot
My system also works fine for days without issue after first reboot that happens on its own after approximately 1 day... Nazar Mokrynskyi
10:39 AM Bug #7647 (Rejected): Router reboots in a day after upgrade to new snapshot
There is not enough detail here for a bug report. Please post on the forum/list/reddit/etc to discuss the problem fir... Jim Pingle
10:30 AM Bug #7647 (Rejected): Router reboots in a day after upgrade to new snapshot
I have latest snapshot of pfSense 2.4 installed with RAM Disk enabled.
After upgrade to the next snapshot pfSense ... Nazar Mokrynskyi
10:14 AM pfSense Packages Bug #7630 (Needs Patch): UEFI Booting
Once FreeBSD figures out a fix it can be pulled in, but a bug like that isn't going to hold up 2.4 since it is specif... Jim Pingle
10:06 AM pfSense Packages Bug #7630: UEFI Booting
It is actually a FreeBSD bug which I have reported. Happens with many different models of Dell Optiplex's.
Every oth... Dan Collins
09:40 AM Bug #7646 (Feedback): Captive portal live page view feature no longer shows the portal web server view
Applied in changeset commit:cd66b033aef4984cbdb8688d3b8826d276c7c1f3. Jim Pingle
09:26 AM Bug #7646 (Resolved): Captive portal live page view feature no longer shows the portal web server view
When #6391 was fixed the ability to view the "Live" portal page by connecting directly to the daemon was removed. Tha... Jim Pingle
06:05 AM Feature #6960: Introduce Kea DHCP as an alternative DHCP server for IPv4 and IPv6
Agreed. We are implementing this internally as well and it'd be great to be able to run it on our pfSense boxes. Eron Lloyd
04:48 AM pfSense Packages Bug #7524: Squid MITM/SSL-Bump broken with Chrome due to missing SAN in generated certificates
Jim Pingle wrote:
> We should be able to pull that in unless there is something I'm not seeing. Assigning to Renato ... Kill Bill
03:02 AM Bug #7644: Slow network speed LAN -> WAN
Is not this a bug? Dmitry Svetl

06/13/2017

08:40 PM Bug #7645: SG-1000 VLAN interfaces do not work without promisc mode
Ref: forum thread https://forum.pfsense.org/index.php?topic=132055.0 Phillip Davis
03:03 PM Bug #7645 (Resolved): SG-1000 VLAN interfaces do not work without promisc mode
On the latest snapshot, VLAN interfaces do not function on SG-1000 units unless the parent NIC is set promiscuous (ma... Jim Pingle
12:22 PM pfSense Packages Bug #7524: Squid MITM/SSL-Bump broken with Chrome due to missing SAN in generated certificates
We should be able to pull that in unless there is something I'm not seeing. Assigning to Renato to check it over. Jim Pingle
12:20 PM Bug #7642 (Feedback): Redact BGP keying from status output
Applied in changeset commit:aa18c5b9b62e110ebf88fbb24c39c2a13813bd89. Jim Pingle
11:53 AM Bug #7644 (Rejected): Slow network speed LAN -> WAN
Jim Pingle
11:40 AM Bug #7644: Slow network speed LAN -> WAN
This is a bug tracker, not a support channel. Kindly use https://forum.pfsense.org/. Kill Bill
10:10 AM Bug #7644 (Rejected): Slow network speed LAN -> WAN
Xenserver 7
After install openvpn-server on pfsense (latest) in tap mode, very slow speed on client lan interface.
... Dmitry Svetl
04:54 AM pfSense Packages Feature #7449: feature request for openvpn-client-export package, add the support for openvpn up and down script, for mapping network drive
+1 for this!!
We also use connect scripts which we need to add manually after installing the client, would be so n... robi robi
04:47 AM pfSense Packages Feature #7621: OpenVPN Client Export name whens is a windows installer have the same name its a bit confused
+1 for this. We're exporting both x86 and x64 versions for each user, because we don't see in advance which os versio... robi robi
04:42 AM Feature #7643 (Resolved): Send notification when boot completed
Please add an option with a checkbox in System / Advanced / Notifications to send a notification when bootup has comp... robi robi

06/12/2017

03:40 PM Bug #7642 (Resolved): Redact BGP keying from status output
Some customers might consider BGP pass phrases, etc to be proprietary. They should probably be redacted from status o... Chris Linstruth
03:07 PM Bug #7641 (Rejected): Multiple reboots without error message
Sudden reboots without crash reports are nearly always hardware, despite the hardware's history.
Post on the forum... Jim Pingle
03:05 PM Bug #7641 (Rejected): Multiple reboots without error message
Hi
I'm running on the 2.4 Beta and I have several unplaned reboots during a normal day. Sometimes it is one within... Philipp Haefelfinger
01:32 PM Feature #7640: Separate interfaces for different OpenVPN tunnels
Then the configuration procedure was performed incorrectly, follow up on the forum/list/reddit/etc for configuration ... Jim Pingle
01:31 PM Feature #7640: Separate interfaces for different OpenVPN tunnels
Doing that resulted in all OpenVPN packets for the particular tunnel being dropped, so I assumed it was flawed or an ... Riccardo Paolo Bestetti
01:20 PM Feature #7640 (Rejected): Separate interfaces for different OpenVPN tunnels
You can do this now by assigning the openvpn interfaces so you get a tab for each one individually, which is as close... Jim Pingle
01:18 PM Feature #7640 (Rejected): Separate interfaces for different OpenVPN tunnels
I think you should consider separating different OpenVPN tunnels as different interfaces in firewall_rules.php.
Ri... Riccardo Paolo Bestetti
01:01 PM Bug #7639 (Not a Bug): NAT does not work between OpenVPN and IPsec tunnels
Hello,
NAT rules don't get correctly triggered with packets being routed from OpenVPN remote clients to IPsec tunnel... Riccardo Paolo Bestetti
10:18 AM Bug #7439: IKE_SA (IKEv2) does not rekey on break before make startegy, just issues IKE_DELETE and connection is closed
Any updates on this? Can it be reproduced? Reinis Adovics
05:05 AM Bug #7629: FreeBSD PR affecting pfsense
All fixes are in 11.1 and 11-STABLE.
So if pfsense 2.4 migrates to 11.1 in july this will be fixed as well as many... Chris Collins

06/11/2017

08:07 PM pfSense Packages Bug #7524: Squid MITM/SSL-Bump broken with Chrome due to missing SAN in generated certificates
ryon m wrote:
> Looks like the Squid developers are getting ready to push v3.5.26, which appears to have a fix for b... Patricio Stegmann
07:41 PM Bug #7638: Carp Status incorrect - visual bug in webconfigurator interface
Looks like this is the case.
https://github.com/pfsense/pfsense/pull/3754 Chris Linstruth
07:01 PM Bug #7638 (Resolved): Carp Status incorrect - visual bug in webconfigurator interface
There is a bug where if certain high VHID numbers are added before lower numbers, the status on the Status -> CARP (f... Steven Brown
01:38 AM Bug #7637: Any operation of the suricata package will cause the system to crash
try remove the suricata package,and the pf system auto restart,then ipv6 tunnle network not normal work. test at 2.4.... yon Liu

06/10/2017

09:59 AM Bug #4494: axge bug - AX88179 chipset (network interface reseting)
It seems the problem remains in 2.3.4 release. Oleg Cherkasov
04:03 AM Bug #7637 (Rejected): Any operation of the suricata package will cause the system to crash
Any operation of the suricata package will cause the system to crash. such as remove and close etc.
i have submit i... yon Liu

06/09/2017

10:57 PM Bug #7635: default acount can't login in chrome 58.0.3029.110 (64-bit)
Tried Version 58.0.3029.110 (64-bit) here. No problem logging in. Latest snap full install 64bit.
 Chris Palmer
09:46 PM Bug #7635: default acount can't login in chrome 58.0.3029.110 (64-bit)
i have install pfSense-CE-memstick-2.4.0-BETA-amd64-20170609-1636.img, yon Liu
09:41 PM Bug #7635 (Rejected): default acount can't login in chrome 58.0.3029.110 (64-bit)
Can't reproduce. Fresh 2.4 install, Chrome 58 and 59 both work fine. Use a current snapshot and a current Chrome, you... Jim Pingle
09:21 PM Bug #7635 (Rejected): default acount can't login in chrome 58.0.3029.110 (64-bit)
when i new install pf 2.4 , use the admin pfsense account can't login in chrome 58.0.3029.110 (64-bit).
 yon Liu
09:43 PM Bug #7636: Any operation of the suricata package will cause the system to crash
Jim Pingle wrote:
> Not nearly enough detail to make a valid bug report.
I have submitted bug log in the system b... yon Liu
09:30 PM Bug #7636 (Rejected): Any operation of the suricata package will cause the system to crash
Not nearly enough detail to make a valid bug report. Jim Pingle
09:27 PM Bug #7636 (Rejected): Any operation of the suricata package will cause the system to crash
Any operation of the suricata package will cause the system to crash. such as remove and close etc.
i have submit i... yon Liu
09:34 PM pfSense Packages Bug #7630: UEFI Booting
Dan Collins wrote:
> When trying to boot using UEFI mode, installer hangs at 'Consoles: EFI Consoles'
>
> Using D... yon Liu
01:01 PM Bug #7634: When restoring from USB during install, if the config file contains RRD data, the final config.xml on the system will also contain all the RRD infomation
I had this with an XML 10MB in size.
If this cannot be fixed, please post a warning in the documentation (page linke... robi robi
12:59 PM Bug #7634 (Resolved): When restoring from USB during install, if the config file contains RRD data, the final config.xml on the system will also contain all the RRD infomation
When restoring from USB during install (according to https://doc.pfsense.org/index.php/Automatically_Restore_During_I... robi robi
07:38 AM Feature #7633 (Rejected): option to rearrange gateways under routing
Duplicate of #3370 - The GUI needs a mechanism for choosing default-eligible gateways and their order, reordering gat... Jim Pingle
02:59 AM Feature #7633 (Rejected): option to rearrange gateways under routing
according to default gateway switching option, it will do that based on the next gateway in the config which might be... Bipin Chandra
07:20 AM Bug #7400: Traffic Graphs show bad data on 2.3.3_1
In my the scale is so confused, follow the attached image, even doing a clean installation in a test vm.
It was quit... João Victor Mata

06/08/2017

08:12 PM Bug #7605: State Killing on Gateway Success

Another doubt about the same feature. On a multi-wan environment, is it possible to kill the states just of the fai... Michel Santello
06:48 PM pfSense Packages Bug #7617: OpenBGP not restarting on new WAN IP or firewall reload
I need to withdraw this report, assuming my assessment below is correct. Apologies for any effort wasted on this.
... Phil Biggs
04:44 PM Bug #4310: Limiters + HA results in hangs on secondary
Has this had any development recently?
This is the primary reason I can't use limiters in my HA setup, and the ass... Scott Rosenberg
03:21 PM pfSense Packages Bug #7632: CVE-2016-2107 in OpenSSL
Are you certain that your pfSense installation is current? We ran that same test against a 2.3.4 system with HAProxy ... Jim Pingle
02:45 PM pfSense Packages Bug #7632: CVE-2016-2107 in OpenSSL
Sorry, I follow what you are saying now!
The SSLLabs test still says that we are vulnerable when we test the site.... Adrian James
02:24 PM pfSense Packages Bug #7632: CVE-2016-2107 in OpenSSL
We have 2.3.4 in use, hosting a website with HAProxy TLS offload. SSLLabs confirms that it is vulnerable to Oracle P... Adrian James
08:12 AM pfSense Packages Bug #7632 (Rejected): CVE-2016-2107 in OpenSSL
FreeBSD patches OpenSSL in its own way, relying on the version number is not accurate to determine vulnerabilities.
... Jim Pingle
07:45 AM pfSense Packages Bug #7632 (Rejected): CVE-2016-2107 in OpenSSL
pfSense 2.3.4 uses OpenSSL 1.0.1s which is vulnerable to CVE-2016-2107 Oracle Padding attack. HAProxy TLS terminatio... Adrian James
01:10 PM Bug #7629: FreeBSD PR affecting pfsense
An update, I pulled the Freebsd-src from the repo and have actually now compiled the kernel patched and have it runni... Chris Collins
12:47 AM Bug #7629: FreeBSD PR affecting pfsense
another one and again turnstile_broadcast
db:0:kdb.enter.default> bt
Tracing pid 65385 tid 100750 td 0xfffff8001... Chris Collins
 

Also available in: Atom