Activity

30 days up to

User

Subprojects

Activity

From 06/10/2017 to 07/09/2017

07/09/2017

08:05 PM Bug #7684: Web Configurator - IP address is cutoff in the Gateways widget: The gateway x.y.104.1 is the IP address of the router that is upstream from the pfSense WAN.
Dynamic DNS should set ... Phillip Davis
08:04 PM Bug #7684: Web Configurator - IP address is cutoff in the Gateways widget: Jim Pingle wrote:

> They are not the same thing.
Oops. Where is the "embarassed" emoji when I need it?
Michael Woffenden
07:59 PM Bug #7684 (Rejected): Web Configurator - IP address is cutoff in the Gateways widget: One of those is your upstream ISP gateway (gateways widget)
The other is your firewall's own IP address (Dynamic D... Jim Pingle
07:56 PM Bug #7684 (Rejected): Web Configurator - IP address is cutoff in the Gateways widget: I currently have an IP address that is XX.XX.XXX.XXX and in the Gateways widget the last 2 digits on the right are mi... Michael Woffenden
02:39 PM Revision 19be2fc2: Reduce complexity of checking whether system should be rebooted after RAM Disk option change.: Also fix the issue when RAM Disk option is changed, but there is an input error and thus on subsequent form submittin... Nazar Mokrynskyi

07/08/2017

10:50 PM pfSense Packages Feature #7683 (New): Splunk Universal Forwarder Package: It would be nice to have a Splunk Universal Forwarder package so we can send logs and other monitor capable files e.g... Dennis Chow
10:01 PM Bug #7682: system_authservers delete UI bugs: master: https://github.com/pfsense/pfsense/pull/3780
RELENG_2_3:https://github.com/pfsense/pfsense/pull/3778
RELENG... Phillip Davis
09:46 PM Bug #7682 (Resolved): system_authservers delete UI bugs: 1) In system_authservers, have a list of at least 3 extra auth servers defined, and Local Database will be at the end... Phillip Davis
07:40 PM pfSense Packages Bug #7681 (Not a Bug): OpenVPN client export utility - Exporting Android inline configuration can include incorrect client auth method in .ovpn file: Intro:
Hello this is my first bug entry. I hope I have done a good job reporting the specifics of what I believe to ... David Nuzik

07/04/2017

02:40 PM Bug #7672 (Rejected): Enabling DNS Resolver returns erorr: Please discuss the problem on the forum to diagnose your problem and identify any potential bugs. If there is a repea... Jim Pingle
01:33 PM Bug #7672 (Rejected): Enabling DNS Resolver returns erorr: Hi
I am getting this error when I try to enable DNS Resolver. I haven't been using the DNS Resolver before because... Tino Zidore
02:57 AM Revision 3666d731: Add user option to sort interface names RELENG_2_3: Signed-off-by: Phil Davis <phil@jankaritech.com> Phil Davis

07/03/2017

10:24 PM Revision 7c6f38e4: ipsec, prevent simultaneous/repeated calling of vpn_ipsec_configure() by /etc/rc.newipsecdns: Pi Ba
10:04 PM Feature #6753: Interfaces list order not consistent: It works in master 2.4, but it never got backported to RELENG_2_3 or RELENG_2_3_4.
This was the PR in master: https:... Phillip Davis
12:04 PM Feature #6753: Interfaces list order not consistent: Thank you guys for taking this into account. It works well, much better to use now!
May I ask for one last thing? Th... robi robi
08:15 PM Revision c2530487: bootup, change message to "Checking config backups consistency..." to tell whats taking time, as there is usually little to cleanup involved: Pi Ba
11:19 AM Feature #7671: Gateway Monitoring Via Custom Script or Telnet.: many ISPs in India also do a similar thing and etisalat in UAE do a similar thing, if the bill isnt paid by the 15th ... Bipin Chandra
11:08 AM Feature #7671 (New): Gateway Monitoring Via Custom Script or Telnet.: It would be very helpful to have the ability to monitor gateways via a custom script or telnet. ISPs are beginning to... Bridgetowermedia IT

07/02/2017

04:53 PM pfSense Packages Bug #7670 (Not a Bug): Bind : Serial for slave zone is missing in IHM: Using bind as slave server, the page https://localhost:8443/pkg.php?xml=bind_zones.xml does not display the zone seri... Nicolas Marot

07/01/2017

09:01 PM Revision ce3371fe: cron, fix job removal by index splice and write valid schedules for ramdrive backups: Pi Ba
07:52 PM Bug #7659 (Resolved): Crash "Invalid argument supplied for foreach() in /etc/inc/gwlb.inc on line 1739" when defining a IPv4 or IPv6 IP + adding gateway.: Jim Pingle
07:52 PM Bug #7452 (Resolved): Adding a gateway from interfaces.php does not work: Jim Pingle
05:09 PM Bug #7452: Adding a gateway from interfaces.php does not work: As mentioned by Philip Davis in #7659 the fix for the crash has now been implemented in https://github.com/pfsense/pf... Dan Lundqvist

06/30/2017

01:58 PM pfSense Packages Bug #7669: ACME Certificates: But we need to have a discussion -- on the forum -- about why that happened before it can be called a bug. The upgrad... Jim Pingle
01:11 PM pfSense Packages Bug #7669: ACME Certificates: I get that freeradius isn't related to acme. You just rejected the root of my problem which is no CA key for ACME gen... robbie foster
12:18 PM pfSense Packages Bug #7669 (Rejected): ACME Certificates: Please post on a new forum thread and discuss this before opening a bug report. It's possible something else went wro... Jim Pingle
12:15 PM pfSense Packages Bug #7669 (Rejected): ACME Certificates: version 2.4.0-beta. My letsencrypt certificates are about to expire and my certificates in acme certificates didn't m... robbie foster
10:00 AM Feature #7668: MAC Address spoofing: https://forum.pfsense.org/index.php?topic=132947.msg730892#msg730892 Andy Kniveton
09:56 AM Feature #7668 (Closed): MAC Address spoofing: The wording under the Interface -> General Configuration -> MAC Address box could do with stating that if the interfa... Andy Kniveton
08:41 AM Revision ab95d1fa: Merge remote-tracking branch 'upstream/master': hamnur
08:41 AM Revision 1e0442e0: Activate RADIUS accounting for mobile ipsec if it was selected on the auth server view: hamnur

06/29/2017

04:34 PM Revision 863804a9: Change the way unbound is stopped when the process is being restarted, to give the old process enough time to exit cleanly. Fixes #7326: (cherry picked from commit 38d110824c87ff60c6289c0432d55009586ceee4) Jim Pingle
04:34 PM Revision cad82db7: unbound-control needs to know the config path or else it can't work properly. Fixes #7667: (cherry picked from commit 8a0aa42c197361ebb82387e5bdc8378e5440837f) Jim Pingle
04:34 PM Revision 0577d9df: Change the way unbound is stopped when the process is being restarted, to give the old process enough time to exit cleanly. Fixes #7326: (cherry picked from commit 38d110824c87ff60c6289c0432d55009586ceee4) Jim Pingle
04:34 PM Revision eb95f88c: unbound-control needs to know the config path or else it can't work properly. Fixes #7667: (cherry picked from commit 8a0aa42c197361ebb82387e5bdc8378e5440837f) Jim Pingle
04:32 PM Revision 38d11082: Change the way unbound is stopped when the process is being restarted, to give the old process enough time to exit cleanly. Fixes #7326: Jim Pingle
04:21 PM Revision 8a0aa42c: unbound-control needs to know the config path or else it can't work properly. Fixes #7667: Jim Pingle
02:18 PM Revision 95420116: Add strongswan rekeymargin attribute to vpn ipsec phase1 view: hamnur
02:02 PM Revision 1a96a3a9: Set a value for this variable in each case, so a previous value isn't re-used in a loop.: (cherry picked from commit faab657a256f9385d5e0ffb4084666e760b515a5)
(cherry picked from commit 86ab9eb54b30b591703e7... Jim Pingle
02:02 PM Revision 86ab9eb5: Set a value for this variable in each case, so a previous value isn't re-used in a loop.: (cherry picked from commit faab657a256f9385d5e0ffb4084666e760b515a5) Jim Pingle
02:01 PM Revision faab657a: Set a value for this variable in each case, so a previous value isn't re-used in a loop.: Jim Pingle
12:18 PM Bug #7148 (Duplicate): Spoofed mac addresses on VLAN interfaces apply to the same physical interface: Duplicate of #1337 Jim Pingle
12:09 PM Revision 39eeab69: Enable Python support for Unbound. Implements #7549: Jim Pingle
11:54 AM Bug #7326: Unbound fails to start during rc.wanipchange when using large enough dns lists: ok thank you for fixing this, I will test the fix as soon as possible on my firewall. Chris Collins
11:43 AM Bug #7326: Unbound fails to start during rc.wanipchange when using large enough dns lists: Be aware that if you attempt to add a patch for this manually, you also need to apply the patch from #7667 first. Jim Pingle
11:40 AM Bug #7326 (Feedback): Unbound fails to start during rc.wanipchange when using large enough dns lists: Applied in changeset commit:38d110824c87ff60c6289c0432d55009586ceee4. Jim Pingle
11:31 AM Bug #7326: Unbound fails to start during rc.wanipchange when using large enough dns lists: Back to me, I have some changes ready that appear to fix this. Jim Pingle
11:40 AM Bug #7667 (Feedback): Calls to unbound-control are missing configuration path so they fail: Applied in changeset commit:8a0aa42c197361ebb82387e5bdc8378e5440837f. Jim Pingle
11:31 AM Bug #7667 (Resolved): Calls to unbound-control are missing configuration path so they fail: Calls to unbound-control inside @do_as_unbound_user()@ in /etc/inc/unbound.inc do not pass the configuration file loc... Jim Pingle

06/28/2017

09:01 PM Revision 626aefbe: Revise Dark gray color code for login page: Steve Beaver
06:48 PM Bug #7659: Crash "Invalid argument supplied for foreach() in /etc/inc/gwlb.inc on line 1739" when defining a IPv4 or IPv6 IP + adding gateway.: Hi Philip,
I updated the PF to 2.4.0-BETA (amd64) built on Wed Jun 28 16:02:43 CDT 2017 today and redid the proced... Dan Lundqvist
01:40 PM Feature #7666: Adding SAN DNS:username to User Certificates that are created via User Manager the same way as it is done via Cert. Manager: Thank you sooo much!
I am constantly sitting on the 2.4 beta edge (currently 2.4.0.b.20170627.1443), just let me now... Reinis Adovics
01:29 PM Feature #7666 (Assigned): Adding SAN DNS:username to User Certificates that are created via User Manager the same way as it is done via Cert. Manager: Current certificate best practices are to have the CN be the first SAN, so it shouldn't be optional. That small initi... Jim Pingle
01:24 PM Feature #7666: Adding SAN DNS:username to User Certificates that are created via User Manager the same way as it is done via Cert. Manager: It could also be made optional in _User Manager_.
By default there is no SAN (just as now), but there would be possi... Reinis Adovics
01:11 PM Feature #7666 (Resolved): Adding SAN DNS:username to User Certificates that are created via User Manager the same way as it is done via Cert. Manager: h1. Adding SAN DNS:username to User Certificates that are created via User Manager same way as it is done via Cert. M... Reinis Adovics
11:41 AM Bug #7665 (New): Host range validation for Aliases is not strict enough: Steps to reproduce:
1. Enter an invalid host range for an IP alias, such as 192.168.1.1-10, and click Save.
The... Re Load
08:09 AM pfSense Packages Todo #7664 (Rejected): https filtering in pfsense without configuring proxy settings in client browser .: What can be done, is already there. Splice to see domains or you have to install CA on clients. Post on the forum, do... Jim Pingle
08:07 AM pfSense Packages Todo #7664 (Rejected): https filtering in pfsense without configuring proxy settings in client browser .: https filtering in pfsense without configuring proxy settings in client web browser .
Ravi Kumar
12:55 AM Bug #7641: Multiple reboots without error message: I checked the freebsd bugreports and found a similar issue but with an amd system. I added a comment there so here is... Philipp Haefelfinger

06/27/2017

03:01 PM Revision a33ece86: Fix missing '>' on /span tag: Steve Beaver
02:56 PM Feature #7383: system_certmanager.php?act=new: Add new select option to sign a CSR: Larry Westfall wrote:
> Build 2.4.0.b.20170527.2111
>
> External generated CSR failed with
> The following input... Joseph McGuirl
02:45 PM Bug #6406: Web process becomes unresponsive producing 502 Bad Gateway nginx: Bryan Fehl wrote:
> Christoffer Öhman wrote:
> > I can not even use it before it locks.
> >
> > As soon as I try... Christoffer Öhman
10:59 AM Bug #6406: Web process becomes unresponsive producing 502 Bad Gateway nginx: Christoffer Öhman wrote:
> I can not even use it before it locks.
>
> As soon as I try to change something, it lo... Bryan Fehl
10:45 AM Bug #6406: Web process becomes unresponsive producing 502 Bad Gateway nginx: I can not even use it before it locks.
As soon as I try to change something, it loads a really long time before it... Christoffer Öhman
02:04 PM Bug #7663 (Closed): Persistent CARP Maintenance Mode doesn't work right in upgrade from 2.3.3-RELEASE-p1 to 2.3.4: Upgrading the OS to 2.3.4 from 2.3.3-RELEASE-p1 with Persistent CARP Maintenance Mode selected, the OS rebooted with ... Whit Blauvelt
12:28 PM Revision 79cd920c: Add "Dark Gray" login page color: Steve Beaver
10:40 AM Revision 50153f21: Update translation files: Renato Botelho
10:37 AM Revision 651ad331: Regenerate pot: Renato Botelho
10:25 AM Feature #4821: PPPoE WANs do not take full advantage of NIC driver queues for receiving traffic: As of the June 2, 2017 build, it does not look like it. Receiving over PPPoE is still limited to one queue. Scott Baugher
10:23 AM Bug #7604: Bug #6594 is not resolved: Waiting for Internet connection to update pkg metadata and finish package reinstallation: This is happening to me too, have a fresh 2.3.4 install. I will restore config from another 2.3.4 install. Sure enoug... Adam Piasecki
10:02 AM Bug #7662 (Resolved): Missing close span in login page 2.4.0-BETA: Fixed. Thanks for pointing that out. Anonymous
09:43 AM Bug #7662 (Resolved): Missing close span in login page 2.4.0-BETA: Using 2.4.0-BETA, the login page miss a close span
https://github.com/pfsense/pfsense/blob/master/src/etc/inc/authgu... d j
06:38 AM Bug #2218: CARP VIPs can become master too early at boot time: I didn't close the ticket and say it wouldn't be addressed eventually. When this old ticket was opened, maintenance m... Jim Pingle
04:01 AM Bug #2218: CARP VIPs can become master too early at boot time: Jim, what about if you have a power failure on the master firewall (and you have each firewall connected to different... Seb A

06/26/2017

09:53 PM Revision 418fdfb3: php-fpm, add status page for local usage from console/shell, this provides a way to check what scripts are currently running in the php-fpm processes.: For example the following can be executed from the local shell:
` fetch --no-verify-hostname --no-verify-peer "https:... Pi Ba
05:53 PM Bug #2218: CARP VIPs can become master too early at boot time: While true, it'll still fail at some point. I'm not sure this can be reasonably described as a non-issue with such se... Louis Hather
12:47 PM Bug #2218: CARP VIPs can become master too early at boot time: Then focus on fixing the source of the crashes if they happen that often -- The avoidable cases are already avoidable. Jim Pingle
12:39 PM Bug #2218: CARP VIPs can become master too early at boot time: Sure, but I don't reboot my firewalls - they crash. See the issue? Louis Hather
12:05 PM Bug #2218: CARP VIPs can become master too early at boot time: It's a non-issue if you put a node into maintenance mode from Status > CARP before updating or rebooting. Jim Pingle
12:03 PM Bug #2218: CARP VIPs can become master too early at boot time: This is still an issue as of 2.3.4. Louis Hather
01:16 PM Revision 68c614a7: Update diag_gmirror.php: Fix typo
(cherry picked from commit 55588e0ce32865568522e0afd0b577fdfabd3b74) BBcan177 .
01:16 PM Revision 882bb24e: Update diag_gmirror.php: Fix typo
(cherry picked from commit 55588e0ce32865568522e0afd0b577fdfabd3b74) BBcan177 .
01:16 PM Revision b720d27a: Merge pull request #3767 from BBcan177/patch-1: Renato Botelho
01:15 PM Revision 4fa10fc8: Merge pull request #3764 from phil-davis/gwlb-issue-7659: Renato Botelho
01:12 PM Revision f3f285d9: Issue #7659 foreach warning on adding gateway RELENG_2_3: Signed-off-by: Phil Davis <phil@jankaritech.com>
(cherry picked from commit 5c88dacbc259c668899d8127e9ad1ec74d12e565) Phillip Davis
01:12 PM Revision 02b661c8: Merge pull request #3766 from phil-davis/gwbl-issue-7659-RELENG_2_3_4: Renato Botelho
11:42 AM pfSense Packages Bug #7661 (Resolved): pfBlockerNG doesn't make a rule for Antarctica: If Antarctica entries with a count > 0 are added to the pfBlockerNG GeoIP, there won't be an Antarctica rule created.... Stuart Wyatt
10:27 AM pfSense Packages Todo #7658: BGP support in Quagga: OK done. Please see https://redmine.pfsense.org/issues/7660 Chris Zimman
10:25 AM pfSense Packages Todo #7658: BGP support in Quagga: This issue is for BGP only, not other features. Scope creep isn't helpful, that needs to be in a separate feature req... Jim Pingle
10:22 AM pfSense Packages Todo #7658: BGP support in Quagga: Right now, in the Quagga GUI, there's a single entry for a CARP address to monitor. If you're adding better GUI supp... Chris Zimman
10:11 AM pfSense Packages Todo #7658: BGP support in Quagga: That is unrelated to the topic on this ticket. It would be a separate feature request. Jim Pingle
10:10 AM pfSense Packages Todo #7658: BGP support in Quagga: We need to be able to monitor more than one CARP IP for failover. Our config has CARP on the inbound and outbound si... Chris Zimman
10:27 AM pfSense Packages Feature #7660 (Rejected): Please add the ability to monitor more than one CARP address to the Quagga GUI support: We need to be able to monitor more than one CARP IP for failover. Our config has CARP on the inbound and outbound sid... Chris Zimman
03:13 AM pfSense Packages Feature #7655: Captive portal and squid non transparent: I have readed all about that link and sorry, but i don't understand anything ?
Jose Perez

06/25/2017

05:58 PM Revision 55588e0c: Update diag_gmirror.php: Fix typo BBcan177 .
09:45 AM Feature #4821: PPPoE WANs do not take full advantage of NIC driver queues for receiving traffic: Scott Baugher wrote:
> I'm using the nightly builds (2.4.0.b.20170522.1522 as of right now). I also use gigabit fib... Julien REVERT
07:39 AM Bug #3710: Adding static DHCP leases doesn't cause BIND zones to update: David Horn wrote:
> Tried disabling config knob, enabling, etc. Works well at this point for static and dynamic DHC... Kill Bill
02:42 AM Revision 5c88dacb: Issue #7659 foreach warning on adding gateway RELENG_2_3: Signed-off-by: Phil Davis <phil@jankaritech.com> Phillip Davis
02:20 AM Revision d540ed34: Issue #7659 foreach warning on adding gateway: Signed-off-by: Phil Davis <phil@jankaritech.com> Phillip Davis

06/24/2017

09:32 PM Bug #7659: Crash "Invalid argument supplied for foreach() in /etc/inc/gwlb.inc on line 1739" when defining a IPv4 or IPv6 IP + adding gateway.: See PR https://github.com/pfsense/pfsense/pull/3764 Phillip Davis
10:54 AM Bug #7659 (Resolved): Crash "Invalid argument supplied for foreach() in /etc/inc/gwlb.inc on line 1739" when defining a IPv4 or IPv6 IP + adding gateway.: RUNNING ON: *pfSense-CE-2.4.0-BETA-amd64-20170623-1439.iso* fresh installed today 24/6.2017 in VirtualBox and no othe... Dan Lundqvist
06:09 PM Revision 29fa6f0f: gateway monitoring, give apinger some time to properly 'initialize' before using its results: Pi Ba
05:25 PM Revision 48196bf0: rc.gateway_alarm, add syslog message that shows that a alarm was raised/cleared and what the parameters were: This helps clarify why sometimes services are restarted when reading through the syslogs. Pi Ba
05:11 PM Bug #3710: Adding static DHCP leases doesn't cause BIND zones to update: I tested this fix successfully against the 2.4-BETA snapshot: 2.4.0-BETA (amd64) built on Sat May 06 22:51:06 CDT 20... David Horn
03:03 PM Bug #6099: igmpproxy does not recognize upstream interface: Jeremy Lewis wrote:
> The way I managed to get it working reliably was to turn off the IGMP snooping on my managed s... Mr B
11:15 AM Bug #7501: Interfaces statistics widget GUI + JSON (2 issues): I have tested the #7501 on fresh "pfSense-CE-2.4.0-BETA-amd64-20170623-1439.iso" install in Virtualbox on amd64
addi... Dan Lundqvist
10:34 AM Bug #7452: Adding a gateway from interfaces.php does not work: Hello,
I have tested both IPv4 and IPv6 PR corrections running on fresh "pfSense-CE-2.4.0-BETA-amd64-20170623-1439... Dan Lundqvist
10:14 AM pfSense Packages Todo #7658: BGP support in Quagga: There is a PR to support using it via raw config, but no GUI yet.
https://github.com/pfsense/FreeBSD-ports/pull/356 Jim Pingle
10:07 AM pfSense Packages Todo #7658 (Resolved): BGP support in Quagga: OpenBGPD pkg on pfsense doesn't seem to be up to date for years (since 2012 probably) - a lot of recently (and may be... Vladimir Lind
07:40 AM pfSense Packages Feature #7657: OpenBGPD local-as feature in neighbors context: UPD: Looks like some commands which are not present in webgui do work when pasting directly in bgp neighbor context i... Vladimir Lind
02:26 AM pfSense Packages Feature #7657 (Rejected): OpenBGPD local-as feature in neighbors context: Please add "local-as" feature in OpenBGPD webgui "neighbors" tab -> "Neighbor Parameters". This command is described ... Vladimir Lind

06/23/2017

05:28 PM Revision 4eb92692: Respect GUI Login autocomplete preference setting: Steve Beaver
01:16 PM Revision b3875714: Fix some other outdated links: Jim Pingle
12:58 PM Revision 58d471e9: Restyle autocomplete on webkit browsers to remove the yellow background used by Chrome: Steve Beaver
12:46 PM Revision 81b22639: Correct intenting: Steve Beaver
12:42 PM Revision 10ba62c2: Code style cleanup: Steve Beaver
12:39 PM Revision e7908ab5: Fix interface groups link: (cherry picked from commit c0dd390b666d86b6b9ea61438c95b1370adda052) Jim Pingle
12:39 PM Revision c0dd390b: Fix interface groups link: Jim Pingle
12:38 PM Revision 85180bd6: Fix interface groups link.: Jim Pingle
12:32 PM Bug #7645 (Resolved): SG-1000 VLAN interfaces do not work without promisc mode: Fixed in current snapshots Jim Pingle
12:25 PM Revision 44a94b03: Minor positioning tweak to login page: Steve Beaver
11:32 AM pfSense Packages Bug #6129: zabbix agent/proxy 2.4 not ported to pfSense 2.3: Pim Janssen wrote:
> 4.0 LTS Will be added in september 2017. I think having only LTS releases would be enough.
Y... James Lavoy
11:27 AM pfSense Packages Bug #6129: zabbix agent/proxy 2.4 not ported to pfSense 2.3: 4.0 LTS Will be added in september 2017. I think having only LTS releases would be enough. Pim Janssen
11:24 AM pfSense Packages Bug #6129: zabbix agent/proxy 2.4 not ported to pfSense 2.3: James Lavoy wrote:
> Therefore this change has caused pfSense to be unable to be used as a proxy if someone is using... James Lavoy
11:20 AM pfSense Packages Bug #6129: zabbix agent/proxy 2.4 not ported to pfSense 2.3: I apologize, in the future I will be sure to track every version of software released everywhere and update my bug re... James Lavoy
11:18 AM pfSense Packages Bug #6129: zabbix agent/proxy 2.4 not ported to pfSense 2.3: Information in a ticket needs to be precise and specific no matter when it's read. It is unreasonable to expect anyon... Jim Pingle
11:14 AM pfSense Packages Bug #6129: zabbix agent/proxy 2.4 not ported to pfSense 2.3: Jim Pingle wrote:
> If that is the case, it was not stated clearly anywhere on the problem description or even in th... James Lavoy
11:06 AM pfSense Packages Bug #6129 (New): zabbix agent/proxy 2.4 not ported to pfSense 2.3: If that is the case, it was not stated clearly anywhere on the problem description or even in the comments. Maybe if ... Jim Pingle
10:52 AM pfSense Packages Bug #6129: zabbix agent/proxy 2.4 not ported to pfSense 2.3: @Jim
The issue is here because the 3.0 proxy is NOT backwards compatible. For that reason it would be good to have a... Pim Janssen
10:44 AM pfSense Packages Bug #6129 (Resolved): zabbix agent/proxy 2.4 not ported to pfSense 2.3: Jim Pingle
10:26 AM pfSense Packages Bug #6129: zabbix agent/proxy 2.4 not ported to pfSense 2.3: Looks like a done case.
Currently zabbix agent and proxy 3.0 LTS is available in pfsense-2.3 Heðin Ejdesgaard Møller
10:57 AM Feature #5825: Allow EAP-RADIUS for authentication servers: Related: https://redmine.pfsense.org/issues/7111
Although it's not EAP, MSCHAPv2 is better than PAP Joe McNolan

06/22/2017

06:13 PM Bug #6099: igmpproxy does not recognize upstream interface: The way I managed to get it working reliably was to turn off the IGMP snooping on my managed switch, then the timing ... Jeremy Lewis
04:18 PM Bug #6099: igmpproxy does not recognize upstream interface: Hi,
This still isn't working for me on 2.4 - 2.4.0.b.20170622.0342 - keep getting the cut off after 4 minutes.
... Mr B
06:01 PM Feature #1189: Gateway: Multiple monitor ips: Hadn't noticed this issue before...
With regard to dpinger itself, please see #4354#note-18
Denny Page
08:30 AM Feature #1189: Gateway: Multiple monitor ips: So I put in a feature request @ the dpinger github here: https://github.com/dennypage/dpinger/issues/24
Here is wh... Web Dawg
10:28 AM Feature #4354: Allow dpinger to ping more than one destination for a gateway.: Dpinger using multiple targets has been discussed. See updates 18-21. Denny Page
08:30 AM Feature #4354: Allow dpinger to ping more than one destination for a gateway.: So I put in a feature request @ the dpinger github here: https://github.com/dennypage/dpinger/issues/24
Here is w... Web Dawg
05:46 AM Bug #7499 (Resolved): ipsec.widget.php: Tunnel Status incorrect: Jim Pingle
04:49 AM Bug #7499: ipsec.widget.php: Tunnel Status incorrect: Seems fixed. Working good for on
2.4.0-BETA (amd64)
built on Thu Jun 22 03:42:40 CDT 2017
Thanks. Hugo Sousa

06/21/2017

07:08 PM Bug #7656 (Closed): TypeError: n is undefined JavaScript error in status_monitoring.php: I'm using 2.3.4-RELEASE (i386) and when I open the Staus->Monitoring page, I get a JavaScript error (below). It appe... Blinking Man
05:56 PM Revision 751f2a7f: Add more checks to eliminate empty config tags in package settings. Fixes #7624: Jim Pingle
04:18 PM pfSense Packages Feature #7655: Captive portal and squid non transparent: Kindly read https://redmine.pfsense.org/issues/5594#note-11. Kill Bill
01:39 AM pfSense Packages Feature #7655 (Bogus): Captive portal and squid non transparent: Hi.
When we configure squid in non-transparent mode and in the browser we configure the proxy address and the port, ... Jose Perez
02:20 PM Revision f1db0b56: Use recently added hwaddr field to restore original MAC address: Renato Botelho
02:19 PM Revision f660ac5b: Revert "Use specific branch for gnid": It's not necessary anymore after 97b5bfe35a
This reverts commit 97b5bfe35a46651762f9037b113ed72de7fc1c27. Renato Botelho
01:59 PM Revision 8f144450: Removed htmlspecialchars when loading leases from config: (cherry picked from commit 2322e9f3cb6dea9203d63a17c6a27de3a2c6b8bc)
(cherry picked from commit b4ff414aef9f43dce093... Yoann Lecuyer
01:56 PM Revision aaf137f8: Add missing break for cloudflare case: (cherry picked from commit d900381c9384676462c91c0b2e7e59ec42723237)
(cherry picked from commit 2c4865e3fa05cf589891... Phillip Davis
01:56 PM Revision a5ea2254: Integrate various cloudflare changes: (cherry picked from commit 5ce6ce4b1ad850e70d5a2fe218317b1a1b545907)
(cherry picked from commit 543ea703f2dd41e53a74... Phillip Davis
01:55 PM Revision 4a5faec6: Add more checks to eliminate empty config tags in package settings. Fixes #7624: (cherry picked from commit de147d3d614c877df2022d85d37256a93047764c) Jim Pingle
01:55 PM Revision cab08bfb: pkg_edit, fix empty config tag check: (cherry picked from commit 6bf2a65086f7664c870a9565b70c39655c2a3dcf)
(cherry picked from commit eb65e543b4d04b29ee494... Pi Ba
01:55 PM Revision b66865b5: Change paid support help link to new support URL: (cherry picked from commit 16bf962333c3897170defb6bf95a2d69c7fdf506) Steve Beaver
01:54 PM Revision 7e78fa71: virtualips, ability to sort the table: (cherry picked from commit 77c53e65fb7d4f40baec5c01a796a637c9cc5034)
(cherry picked from commit 3af287f33a0ccf9de34e6... Pi Ba
01:54 PM Revision 254fb5b4: Diag DNS disable Add Alias button when host field is changed: (cherry picked from commit 45eafdbd7b958bd4f9459d90a6a63ff8202eec3b)
(cherry picked from commit 2e294992e4151a80a7d57... Phillip Davis
01:54 PM Revision 137196e7: Diag DNS fix update alias button text after add alias: 1) Lookup a name with Diag DNS
2) Press "Add Alias"
The alias is added, but the button still says "Add Alias".
Actua... Phillip Davis
01:54 PM Revision d9f7babc: Diag DNS do not show Add Alias if no priv to add alais: (cherry picked from commit 7fcccc8f09afd7f4a524ff598b43e15d678905eb)
(cherry picked from commit f54a3ede59ee819500f27... Phillip Davis
01:54 PM Revision 7de0b827: Diag DNS do not create an empty alias if name does not resolve: (cherry picked from commit f445385114c43cb46b8188a7cea425648f7647f2)
(cherry picked from commit 14e90f2e5d34ca34cf226... Phillip Davis
01:53 PM Revision 1965f662: Remove stray debug-code (/tmp/script): (cherry picked from commit a29361a2d94eed754255e75d63d511e7889d6c9f)
(cherry picked from commit 12ca33f4dc915c37eeee4... Lorenz Schori
01:53 PM Revision 314e05bc: Fix net.inet.ip.random_id tunable description (Bug #6087): (cherry picked from commit 77408e612de12311d9fd517b2de2de586f4c0ddb)
(cherry picked from commit df0b717d364ac3743ae6... Doktor Notor
01:53 PM Revision f2c3dceb: Fix APU2 with coreboot v4.x detection: See https://forum.pfsense.org/index.php?topic=106444.msg716558#msg716558
(cherry picked from commit 9457d0f616506bf0e... Doktor Notor
01:52 PM Revision 1ea6736f: Make consistent rule information section: (cherry picked from commit f0dc8b688c2b7d973bc18769579ee8cc6d3d2dad)
(cherry picked from commit 4c4504b1e785396d92be8... Phillip Davis
01:51 PM Revision f4f220a7: Use is_numeric() to make sure $prefix is not 0: Jim Pingle
01:50 PM Revision 317d00df: Update interfaces.inc: Not defined pid file on starting choparp. The pfSense may not kill the program to reconfiguration.
(cherry picked fro... aLexander Panfilov
01:50 PM Revision a0a8590c: Request PD even if no interfaces are set to track6 (Bug #4544): See https://redmine.pfsense.org/issues/4544#note-4
(cherry picked from commit b0837cebf9836c4cdd5873b3e463f1afb840381... Doktor Notor
01:50 PM Revision 9d0d51e5: Update dyndns.class: (cherry picked from commit 61c813f96de90e07bb63075847dabc041a5560b8)
(cherry picked from commit 0673b7b8eccfdd1d7aa8... xygrec
01:06 PM Bug #7638 (Resolved): Carp Status incorrect - visual bug in webconfigurator interface: Fixed Jim Pingle
10:41 AM Bug #4544 (Resolved): PD not requested if no interfaces set to track6: Jim Pingle
03:13 AM Revision 980af015: Add support to CESA crypto accelerator in pfSense GUI.: Luiz Souza

06/20/2017

06:49 PM Revision ee7bdbe6: Use correct wording for menu entry "Reset All States" in "System/Advanced Network": Fernsehkind
06:42 PM Revision 8e7d47fe: Use correct wording for log output when IP address has changed and states are killed accordingly: Fernsehkind
05:20 PM Revision 91614f03: Update translation files: Renato Botelho
05:17 PM Revision 1e161fd0: Regenerate pot: Renato Botelho
02:49 PM Revision ff4034ed: Match whitespace after $vhid when checking CARP status to avoid partial matches. Fixes #7638: While here, fix variable references with braces and combine the two calls to grep into a single pattern.
(cherry pic... Jim Pingle
02:49 PM Revision 8cb09b29: Match whitespace after $vhid when checking CARP status to avoid partial matches. Fixes #7638: While here, fix variable references with braces and combine the two calls to grep into a single pattern.
(cherry pic... Jim Pingle
02:48 PM Revision fd4e14b8: Match whitespace after $vhid when checking CARP status to avoid partial matches. Fixes #7638: While here, fix variable references with braces and combine the two calls to grep into a single pattern. Jim Pingle
02:24 PM Revision 07ef7e79: Merge pull request #3756 from PiBa-NL/20170613-wol: Steve Beaver
02:14 PM Bug #7642 (Resolved): Redact BGP keying from status output: Works
Jim Pingle
02:08 PM pfSense Packages Bug #7524 (Resolved): Squid MITM/SSL-Bump broken with Chrome due to missing SAN in generated certificates: This works for me now. I can browse secure sites through squid HTTPS MITM with Chrome and there are no certificate er... Jim Pingle
01:46 PM Revision 8046f683: Merge pull request #3745 from stilez/patch-64: Steve Beaver
01:30 PM Revision 097efc7d: Merge pull request #3638 from doktornotor/patch-25: Steve Beaver
01:29 PM Revision c8fa7e0a: Merge pull request #3631 from doktornotor/patch-20: Steve Beaver
01:28 PM Revision 0e4500e7: Fix spelling in comment: Steve Beaver
12:06 PM Revision ef1e838b: Use more informative IDs in login page HTML: Steve Beaver
11:53 AM Revision 7f4b697f: Don't display login CSS files in theme list: Steve Beaver
10:00 AM Bug #7638 (Feedback): Carp Status incorrect - visual bug in webconfigurator interface: Applied in changeset commit:fd4e14b8853e7a30ee23532d686270cb40d84d03. Jim Pingle
08:07 AM Bug #7649: pkg_edit.php - The last row cannot be deleted with ntopng.xml: Works (just edited manually for a quick test). Kill Bill
07:36 AM Bug #7649 (Feedback): pkg_edit.php - The last row cannot be deleted with ntopng.xml: New version of ntopng with a renamed ID is building now. Jim Pingle
07:20 AM pfSense Packages Bug #7654 (Resolved): Can't use a LDAP search filter containing an accent: Hi,
I use a virtual machine with pfSense 2.3.4 (amd64) with Squid package v0.4.37 (including squid 3.5.26).
I h... mr xhark
04:34 AM Feature #7598: Static IPv6 using IPv4 PPPoE as parent interface: PR issued 3761 Martin Wasley
04:08 AM Bug #7634: When restoring from USB during install, if the config file contains RRD data, the final config.xml on the system will also contain all the RRD infomation: OK, I vote for it to be re-implemented in future versions, this is a very handy feature to have. robi robi

06/19/2017

08:46 PM Revision bb61608d: Added orange login page choice: Steve Beaver
08:18 PM Revision 05ae8524: Correct spacing for extra small view portal (phone): Steve Beaver
06:46 PM Revision 2d933f5a: Restore MITM warning: Steve Beaver
06:08 PM Revision 377f2570: Include host name if so configured: Steve Beaver
05:46 PM Revision f902a15c: Restore cookie warning via pop-up: Steve Beaver
05:19 PM Revision 1eca4f60: Ignore loginpage color values from previous version that used the file name: Steve Beaver
05:15 PM Revision d58a7378: Improved login page graphic: Steve Beaver
03:49 PM Bug #7634: When restoring from USB during install, if the config file contains RRD data, the final config.xml on the system will also contain all the RRD infomation: robi robi wrote:
> Is this feature left out intentionally from the future versions?
The installer was changed com... Jim Pingle
03:42 PM Bug #7634: When restoring from USB during install, if the config file contains RRD data, the final config.xml on the system will also contain all the RRD infomation: Is this feature left out intentionally from the future versions?
It's very handy. It allowed me to restore a firew... robi robi
01:14 PM Bug #7634: When restoring from USB during install, if the config file contains RRD data, the final config.xml on the system will also contain all the RRD infomation: Looks like there isn't any code to handle restoring RRD in that PFI path, only when diag_backup.php is used.
The f... Jim Pingle
02:36 PM pfSense Packages Bug #7524: Squid MITM/SSL-Bump broken with Chrome due to missing SAN in generated certificates: Packages are up for 2.4 and 2.3.4, 2.3.x snapshots will be up next time a snapshot runs. Test and let us know if it i... Jim Pingle
01:58 PM pfSense Packages Bug #7524 (Feedback): Squid MITM/SSL-Bump broken with Chrome due to missing SAN in generated certificates: Jim Pingle
01:54 PM pfSense Packages Bug #7524: Squid MITM/SSL-Bump broken with Chrome due to missing SAN in generated certificates: I'm getting 3.5.26 pulled into the package branches right now, should be building and up soon. Jim Pingle
02:01 PM Bug #7650 (Resolved): vendor/filebrowser/browser.php: Filename parameter is unencoded which can lead to a potential XSS: Fixed Jim Pingle
02:00 PM Bug #7651 (Resolved): firewall_nat_edit.php: dst_change JS can cause XSS with an invalid interface name: Fixed Jim Pingle
01:59 PM Bug #7652 (Resolved): diag_tables.php: 'type' parameter can lead to XSS: Fixed Jim Pingle
01:53 PM Bug #7649: pkg_edit.php - The last row cannot be deleted with ntopng.xml: It doesn't like that the element id has "delete" in it and it isn't part of a repeatable/rowhelper control.
If you... Jim Pingle
07:22 AM Feature #7598: Static IPv6 using IPv4 PPPoE as parent interface: No it's a patch in my repo. I wanted it tested before sending it on to the main repo. If you think it will be a usefu... Martin Wasley
07:17 AM Feature #7598: Static IPv6 using IPv4 PPPoE as parent interface: Is there a PR for that patch? I'm not seeing anything in the repo currently with that hash/id. Jim Pingle
06:17 AM Feature #7598: Static IPv6 using IPv4 PPPoE as parent interface: Appears it will never work for Greg as his ISP requires he must send a dhcp6 request.
For those of us who can use... Martin Wasley
07:16 AM Bug #5993 (Resolved): dhcp6c not started until an RA received: Jim Pingle
06:13 AM Bug #5993: dhcp6c not started until an RA received: This one should be closed Jim, it's been rock solid for months now.
Fixed - Resolved. Martin Wasley
06:29 AM Bug #7653 (Closed): 3gstats.php holding open the cuaU0.3 device: if the usb 3g/4g modem is unplugged then reconnected or itself rebooted (via AT commands) it comes up as ttyU1 (aka c... dean hamstead

06/17/2017

12:14 PM Revision 0fdfe230: Activate FreeRADIUS 3 for 2.3.4: Jim Pingle
06:31 AM pfSense Packages Bug #7617: OpenBGP not restarting on new WAN IP or firewall reload: Thank you, again. _shellcmd_ package was the answer.
Perhaps someone could close this now. (I can't see any way t... Phil Biggs
05:18 AM pfSense Packages Bug #7617: OpenBGP not restarting on new WAN IP or firewall reload: Yeah I'd say it's no longer needed since WAN IP change will trigger @filter_configure()@ on its own. Kill Bill
05:11 AM pfSense Packages Bug #7617: OpenBGP not restarting on new WAN IP or firewall reload: Many thanks for that. Tested and works.
I didn't know that _shellcmd_ even had that option. I've never used it b... Phil Biggs
03:59 AM pfSense Packages Bug #7617: OpenBGP not restarting on new WAN IP or firewall reload: Phil Biggs wrote:
> The table is successfully reloaded on new WAN IP but it doesn't work after a firewall rule chang... Kill Bill
03:39 AM pfSense Packages Bug #7617: OpenBGP not restarting on new WAN IP or firewall reload: It's a horrible hack but I added a line to openbgpd.inc:... Phil Biggs
06:15 AM Bug #7641: Multiple reboots without error message: That's going to be out of our hands then. Try to reproduce it on a plain FreeBSD system but it's probably an incompat... Jim Pingle
05:37 AM Bug #7641: Multiple reboots without error message: Thanks four your hint. I started a research and posted the results in the forum (german: https://forum.pfsense.org/in... Philipp Haefelfinger

06/16/2017

10:34 PM Revision f6f1e117: Revised CSS for login page: Steve Beaver
07:36 PM Revision bae3b2be: Add input validation for interface names on firewall_nat_edit.php and fix encoding of the interface name in dst_change. Fixes #7651: Jim Pingle
07:36 PM Revision 425174ae: Add input validation for interface names on firewall_nat_edit.php and fix encoding of the interface name in dst_change. Fixes #7651: Jim Pingle
07:26 PM Revision e243e325: Fix handling of the 'type' parameter so it is validated and encoded on diag_table.php. Fixes #7652: Jim Pingle
07:26 PM Revision 6c989d4a: Fix handling of the 'type' parameter so it is validated and encoded on diag_table.php. Fixes #7652: Jim Pingle
07:24 PM Revision 5ca16d84: Prevent the filename from being used to run XSS in the diag_edit.php file browser. Fixes #7650: Jim Pingle
07:24 PM Revision d6f20c32: Prevent the filename from being used to run XSS in the diag_edit.php file browser. Fixes #7650: Jim Pingle
07:24 PM Revision e90eaf31: Fix handling of the 'type' parameter so it is validated and encoded on diag_table.php. Fixes #7652: Jim Pingle
07:24 PM Revision 9c8540ca: Add input validation for interface names on firewall_nat_edit.php and fix encoding of the interface name in dst_change. Fixes #7651: Jim Pingle
07:24 PM Revision d0acfddd: Prevent the filename from being used to run XSS in the diag_edit.php file browser. Fixes #7650: Jim Pingle
03:00 PM Bug #7652 (Feedback): diag_tables.php: 'type' parameter can lead to XSS: Applied in changeset commit:e90eaf31f079dc29187d1c08cfe88ceabc0786f4. Jim Pingle
02:08 PM Bug #7652 (Resolved): diag_tables.php: 'type' parameter can lead to XSS: Two problems with diag_tables.php that together can lead to XSS via the type (table name) parameter:
* Lack of inp... Jim Pingle
03:00 PM Bug #7651 (Feedback): firewall_nat_edit.php: dst_change JS can cause XSS with an invalid interface name: Applied in changeset commit:9c8540ca53f8258a44aaf13100d575b30ae77e65. Jim Pingle
02:08 PM Bug #7651 (Resolved): firewall_nat_edit.php: dst_change JS can cause XSS with an invalid interface name: Two problems with firewall_nat_edit.php that together can lead to XSS via the interface parameter:
* Lack of input... Jim Pingle
03:00 PM Bug #7650 (Feedback): vendor/filebrowser/browser.php: Filename parameter is unencoded which can lead to a potential XSS: Applied in changeset commit:d0acfddd3afb11cb53aa13a00bf2f89b0a98ae4f. Jim Pingle
02:08 PM Bug #7650 (Resolved): vendor/filebrowser/browser.php: Filename parameter is unencoded which can lead to a potential XSS: First load a file on diag_edit.php and then save it with @');alert('XSS@ appended to the name, then browse and try to... Jim Pingle
01:48 PM Feature #7643: Send notification when boot completed: Here's a more meaningful command in one line, containing the hostname of the system:... robi robi
11:49 AM Revision 16bf9623: Change paid support help link to new support URL: Steve Beaver
11:46 AM Revision 6b7b9d35: Change login page footer positioning: Change paid support link to https://www.netgate.com/support Steve Beaver
02:54 AM Bug #7649: pkg_edit.php - The last row cannot be deleted with ntopng.xml: Eh, linked wrong line: https://github.com/pfsense/FreeBSD-ports/blob/devel/net/pfSense-pkg-ntopng/files/usr/local/pkg... Kill Bill
02:48 AM Bug #7649 (Resolved): pkg_edit.php - The last row cannot be deleted with ntopng.xml: When I click on "Delete data" button in Diagnostics - ntopng Settings, I only get "the last row cannot be deleted" po... Kill Bill

06/15/2017

07:35 PM Revision 78f3e29d: Set options for BIND 9.11 and disable LMDB per ISC and US-CERT recommendation: Ref:
https://kb.isc.org/article/AA-01497
https://www.us-cert.gov/ncas/current-activity/2017/06/15/ISC-Releases-Secu... Jim Pingle
07:35 PM Revision f83d52e1: Set options for BIND 9.11 and disable LMDB per ISC and US-CERT recommendation: Ref:
https://kb.isc.org/article/AA-01497
https://www.us-cert.gov/ncas/current-activity/2017/06/15/ISC-Releases-Secu... Jim Pingle
07:35 PM Revision 60334159: Set options for BIND 9.11 and disable LMDB per ISC and US-CERT recommendation: Ref:
https://kb.isc.org/article/AA-01497
https://www.us-cert.gov/ncas/current-activity/2017/06/15/ISC-Releases-Secu... Jim Pingle
06:57 PM Revision 4edbea4c: Remove experimental login page stuff: Steve Beaver
06:37 PM Revision 0e8d22c7: Activate FreeRADIUS 3 for 2.3.x snapshots: Jim Pingle
06:23 PM Bug #7606: Using limiters and VLANs on Supermicro Xeon D boards crashes with kernel panic: Im curious if the information I posted is useful enough to determine what might be happening since I havent seen any ... putzomatic none
06:22 PM Revision e29fb699: Improve "new design" notice: Steve Beaver
06:07 PM Revision e79ff1ee: Experimental login page design: Set your favorite color in System->General->"Login CSS file" Steve Beaver
03:03 PM Revision 21cd53c0: Set options for BIND 9.11 and disable LMDB per ISC and US-CERT recommendation: Ref:
https://kb.isc.org/article/AA-01497
https://www.us-cert.gov/ncas/current-activity/2017/06/15/ISC-Releases-Secu... Jim Pingle
03:02 PM Revision 35fd88d3: Set options for BIND 9.11 and disable LMDB per ISC and US-CERT recommendation: Ref:
https://kb.isc.org/article/AA-01497
https://www.us-cert.gov/ncas/current-activity/2017/06/15/ISC-Releases-Secu... Jim Pingle
03:01 PM Revision 4705e0f8: Set options for BIND 9.11 and disable LMDB per ISC and US-CERT recommendation: Ref:
https://kb.isc.org/article/AA-01497
https://www.us-cert.gov/ncas/current-activity/2017/06/15/ISC-Releases-Secu... Jim Pingle
02:42 PM Revision e8140fa4: Remove pftop peak and rate from the sort options as they won't produce anything useful when run the way the GUI does. Fixes #7580: Jim Pingle
02:41 PM Revision 646a993e: Remove pftop size from this list, too. Fixes #7579: Jim Pingle
01:56 PM Revision 4de753e5: Change IPsec widget tunnel status to handle newer strongSwan childid format. Fixes #7499: Jim Pingle
12:52 PM Bug #7611: Diagnostics/Routes ipv6 ( netstat ), causes kernel panic: Ok new repro with a fresh virtual install on virtualbox of pfSense-CE-2.4.0-BETA-amd64-20170615-0858.iso with 1 bridg... Pi Ba
11:26 AM Bug #7584 (Resolved): privileges abuse with page-diagnostics-dns: Jim Pingle
11:25 AM Bug #7451 (Resolved): vpn_openvpn_client.php - Fields not hidden/processed correctly in chrome: Jim Pingle
11:24 AM Bug #6890 (Resolved): PPP service name error: Jim Pingle
11:24 AM Bug #6087 (Resolved): Missmatching description to default value on net.inet.ip.random_id under system tunables: Jim Pingle
10:31 AM Bug #7646 (Resolved): Captive portal live page view feature no longer shows the portal web server view: Jim Pingle
10:31 AM pfSense Packages Feature #7621 (Resolved): OpenVPN Client Export name whens is a windows installer have the same name its a bit confused: Jim Pingle
10:30 AM pfSense Packages Bug #7533 (Resolved): HAProxy 1.7.3+ Breaks with DNS Resolvers configured (UNIX stats sockets fail): Workaround is in place and functioning OK. Next HAProxy release will have it included without needing a local patch. ... Jim Pingle
10:20 AM Bug #7624 (Resolved): Empty <config/> tags in package settings are still causing issues: Jim Pingle
10:18 AM Bug #7591 (Resolved): services_captiveportal.php suggest default auth_method, and old links: Jim Pingle
10:10 AM Bug #7588 (Resolved): missing label for form in services_dyndns_edit: Jim Pingle
10:08 AM Todo #7587 (Resolved): sort system_groupmanager_addprivs privileges: Jim Pingle
10:08 AM Todo #7586 (Resolved): system_usermanager_addprivs show user name: Jim Pingle
10:07 AM Bug #7580 (Resolved): pftop impossible options in web gui: Needed one more fix but now it's OK. Jim Pingle
10:07 AM Bug #7579 (Resolved): pftop size sort is same as none: Needed one more fix but now it's OK. Jim Pingle
09:47 AM Bug #7585 (Resolved): system_usermanager.php showcert does nothing: Jim Pingle
09:44 AM Bug #7581 (Resolved): etc/pfSense.obsoletedfiles wrong path for diag_system_pftop.php: Jim Pingle
09:38 AM Bug #7569 (Resolved): openvpn wizard reused settings cause wrong defaults: Jim Pingle
09:37 AM Bug #7572 (Resolved): openvpn client resolv-retry infinite issues: Jim Pingle
09:37 AM Todo #7573 (Resolved): openvpn tunnel networks and "second network address will be assigned": Jim Pingle
09:36 AM Bug #7565 (Resolved): openvpn and port 0: Jim Pingle
09:35 AM Bug #7567 (Resolved): unused openvpn address pool setting?: Jim Pingle
09:35 AM Bug #7568 (Resolved): unused openvpn client_mgmt_port ?: Jim Pingle
09:34 AM Bug #7561 (Resolved): l2tp turn off local user database: Jim Pingle
09:34 AM Bug #7564 (Resolved): l2tp broken logging shortut: Jim Pingle
09:33 AM Todo #7560 (Resolved): vpn_l2tp.php dns checks: Jim Pingle
09:33 AM Bug #7559 (Resolved): l2tp wins unused code: Jim Pingle
09:33 AM Feature #7549: Enable Python support in Unbound: Python is there but still has some other issues that need worked out related to running unbound in a chroot.
Also it... Jim Pingle
09:31 AM Bug #7528 (Resolved): Captive Portal caches user RADIUS credentials inconsistently with needs/described behavior: Jim Pingle
09:30 AM Bug #7472 (Not a Bug): External Authentication servers with names longer than 48 characters fail to authenticate with OpenVPN server configured for TLS + User Auth: This turned out to be a symptom of a different problem specific to that specific device, not a bug. Jim Pingle
09:10 AM Bug #7499 (Feedback): ipsec.widget.php: Tunnel Status incorrect: Applied in changeset commit:4de753e52d8bbc732f23f90dd77df1707fbc3912. Jim Pingle
08:05 AM Bug #7637 (Rejected): Any operation of the suricata package will cause the system to crash: This appears to be specific to your hardware not being stable or fully compatible with NETMAP for inline mode, and no... Jim Pingle
08:01 AM Todo #7540 (Resolved): Fix ca/cert input validation to allow currently blocked characters: Jim Pingle
06:09 AM Bug #6406: Web process becomes unresponsive producing 502 Bad Gateway nginx: we are as well getting this randomly every few days for a few months now. running always latest stable.
reproduction... IT IGP

06/14/2017

09:19 PM Bug #7648: SPAN ports on an interface renders CARP HA inoperative: CARP is known to not work well with any kind of bridging, including span ports.
It is not a common enough requirem... Jim Pingle
09:05 PM Bug #7648 (New): SPAN ports on an interface renders CARP HA inoperative: When a SPAN port is added to an interface, CARP breaks.
The source address of the CARP announcement, which should ... David Van Cleef
05:54 PM Revision 9cc7e37b: wol, use 'usepost' for links that need to send the magic packet: Pi Ba
03:18 PM pfSense Packages Feature #7621 (Feedback): OpenVPN Client Export name whens is a windows installer have the same name its a bit confused: I pushed a change to add more detail to the filename, but I used a different tactic so it will be more accurate.
T... Jim Pingle
02:30 PM Revision bf55e977: Restore the captive portal feature to view the captive portal page directly from the portal web server. Add this as an additional button so both methods are possible. Fixes #7646: Jim Pingle
02:30 PM Revision d0dab7f6: Restore the captive portal feature to view the captive portal page directly from the portal web server. Add this as an additional button so both methods are possible. Fixes #7646: Jim Pingle
02:28 PM Revision cd66b033: Restore the captive portal feature to view the captive portal page directly from the portal web server. Add this as an additional button so both methods are possible. Fixes #7646: Jim Pingle
10:45 AM Bug #7647: Router reboots in a day after upgrade to new snapshot: I run one that way already and it's completely stable here. Please take the discussion to a support platform. Jim Pingle
10:43 AM Bug #7647: Router reboots in a day after upgrade to new snapshot: My system also works fine for days without issue after first reboot that happens on its own after approximately 1 day... Nazar Mokrynskyi
10:39 AM Bug #7647 (Rejected): Router reboots in a day after upgrade to new snapshot: There is not enough detail here for a bug report. Please post on the forum/list/reddit/etc to discuss the problem fir... Jim Pingle
10:30 AM Bug #7647 (Rejected): Router reboots in a day after upgrade to new snapshot: I have latest snapshot of pfSense 2.4 installed with RAM Disk enabled.
After upgrade to the next snapshot pfSense ... Nazar Mokrynskyi
10:14 AM pfSense Packages Bug #7630 (Needs Patch): UEFI Booting: Once FreeBSD figures out a fix it can be pulled in, but a bug like that isn't going to hold up 2.4 since it is specif... Jim Pingle
10:06 AM pfSense Packages Bug #7630: UEFI Booting: It is actually a FreeBSD bug which I have reported. Happens with many different models of Dell Optiplex's.
Every oth... Dan Collins
09:40 AM Bug #7646 (Feedback): Captive portal live page view feature no longer shows the portal web server view: Applied in changeset commit:cd66b033aef4984cbdb8688d3b8826d276c7c1f3. Jim Pingle
09:26 AM Bug #7646 (Resolved): Captive portal live page view feature no longer shows the portal web server view: When #6391 was fixed the ability to view the "Live" portal page by connecting directly to the daemon was removed. Tha... Jim Pingle
06:05 AM Feature #6960: Introduce Kea DHCP as an alternative DHCP server for IPv4 and IPv6: Agreed. We are implementing this internally as well and it'd be great to be able to run it on our pfSense boxes. Eron Lloyd
04:48 AM pfSense Packages Bug #7524: Squid MITM/SSL-Bump broken with Chrome due to missing SAN in generated certificates: Jim Pingle wrote:
> We should be able to pull that in unless there is something I'm not seeing. Assigning to Renato ... Kill Bill
03:02 AM Bug #7644: Slow network speed LAN -> WAN: Is not this a bug? Dmitry Svetl

06/13/2017

08:40 PM Bug #7645: SG-1000 VLAN interfaces do not work without promisc mode: Ref: forum thread https://forum.pfsense.org/index.php?topic=132055.0 Phillip Davis
03:03 PM Bug #7645 (Resolved): SG-1000 VLAN interfaces do not work without promisc mode: On the latest snapshot, VLAN interfaces do not function on SG-1000 units unless the parent NIC is set promiscuous (ma... Jim Pingle
05:12 PM Revision 0b2f2d41: Redact BGP MD5 password/key in status output. Fixes #7642: (cherry picked from commit aa18c5b9b62e110ebf88fbb24c39c2a13813bd89)
(cherry picked from commit 4122033534b5dd927cd56... Jim Pingle
05:11 PM Revision 41220335: Redact BGP MD5 password/key in status output. Fixes #7642: (cherry picked from commit aa18c5b9b62e110ebf88fbb24c39c2a13813bd89) Jim Pingle
05:11 PM Revision aa18c5b9: Redact BGP MD5 password/key in status output. Fixes #7642: Jim Pingle
12:22 PM pfSense Packages Bug #7524: Squid MITM/SSL-Bump broken with Chrome due to missing SAN in generated certificates: We should be able to pull that in unless there is something I'm not seeing. Assigning to Renato to check it over. Jim Pingle
12:20 PM Bug #7642 (Feedback): Redact BGP keying from status output: Applied in changeset commit:aa18c5b9b62e110ebf88fbb24c39c2a13813bd89. Jim Pingle
11:53 AM Bug #7644 (Rejected): Slow network speed LAN -> WAN: Jim Pingle
11:40 AM Bug #7644: Slow network speed LAN -> WAN: This is a bug tracker, not a support channel. Kindly use https://forum.pfsense.org/. Kill Bill
10:10 AM Bug #7644 (Rejected): Slow network speed LAN -> WAN: Xenserver 7
After install openvpn-server on pfsense (latest) in tap mode, very slow speed on client lan interface.
... Dmitry Svetl
04:54 AM pfSense Packages Feature #7449: feature request for openvpn-client-export package, add the support for openvpn up and down script, for mapping network drive: +1 for this!!
We also use connect scripts which we need to add manually after installing the client, would be so n... robi robi
04:47 AM pfSense Packages Feature #7621: OpenVPN Client Export name whens is a windows installer have the same name its a bit confused: +1 for this. We're exporting both x86 and x64 versions for each user, because we don't see in advance which os versio... robi robi
04:42 AM Feature #7643 (Resolved): Send notification when boot completed: Please add an option with a checkbox in System / Advanced / Notifications to send a notification when bootup has comp... robi robi

06/12/2017

06:48 PM Revision 12b9eedf: Don't remove examples from packages as obsolete, some packages rely on the files being there.: (cherry picked from commit 835d8b72effa274b5e2733f219fde00fee60f8e3)
(cherry picked from commit be263d6c8b0e1f6c4ea71... Jim Pingle
06:48 PM Revision be263d6c: Don't remove examples from packages as obsolete, some packages rely on the files being there.: (cherry picked from commit 835d8b72effa274b5e2733f219fde00fee60f8e3) Jim Pingle
06:48 PM Revision 835d8b72: Don't remove examples from packages as obsolete, some packages rely on the files being there.: Jim Pingle
03:40 PM Bug #7642 (Resolved): Redact BGP keying from status output: Some customers might consider BGP pass phrases, etc to be proprietary. They should probably be redacted from status o... Chris Linstruth
03:07 PM Bug #7641 (Rejected): Multiple reboots without error message: Sudden reboots without crash reports are nearly always hardware, despite the hardware's history.
Post on the forum... Jim Pingle
03:05 PM Bug #7641 (Rejected): Multiple reboots without error message: Hi
I'm running on the 2.4 Beta and I have several unplaned reboots during a normal day. Sometimes it is one within... Philipp Haefelfinger
02:20 PM Revision 8decdc4b: Merge pull request #3755 from doktornotor/patch-1: Jim Pingle
01:32 PM Feature #7640: Separate interfaces for different OpenVPN tunnels: Then the configuration procedure was performed incorrectly, follow up on the forum/list/reddit/etc for configuration ... Jim Pingle
01:31 PM Feature #7640: Separate interfaces for different OpenVPN tunnels: Doing that resulted in all OpenVPN packets for the particular tunnel being dropped, so I assumed it was flawed or an ... Riccardo Paolo Bestetti
01:20 PM Feature #7640 (Rejected): Separate interfaces for different OpenVPN tunnels: You can do this now by assigning the openvpn interfaces so you get a tab for each one individually, which is as close... Jim Pingle
01:18 PM Feature #7640 (Rejected): Separate interfaces for different OpenVPN tunnels: I think you should consider separating different OpenVPN tunnels as different interfaces in firewall_rules.php.
Ri... Riccardo Paolo Bestetti
01:01 PM Bug #7639 (Not a Bug): NAT does not work between OpenVPN and IPsec tunnels: Hello,
NAT rules don't get correctly triggered with packets being routed from OpenVPN remote clients to IPsec tunnel... Riccardo Paolo Bestetti
10:18 AM Bug #7439: IKE_SA (IKEv2) does not rekey on break before make startegy, just issues IKE_DELETE and connection is closed: Any updates on this? Can it be reproduced? Reinis Adovics
09:08 AM Revision 8679b740: Comment typo/whitespace fix: Doktor Notor
05:05 AM Bug #7629: FreeBSD PR affecting pfsense: All fixes are in 11.1 and 11-STABLE.
So if pfsense 2.4 migrates to 11.1 in july this will be fixed as well as many... Chris Collins

06/11/2017

08:07 PM pfSense Packages Bug #7524: Squid MITM/SSL-Bump broken with Chrome due to missing SAN in generated certificates: ryon m wrote:
> Looks like the Squid developers are getting ready to push v3.5.26, which appears to have a fix for b... Patricio Stegmann
07:41 PM Bug #7638: Carp Status incorrect - visual bug in webconfigurator interface: Looks like this is the case.
https://github.com/pfsense/pfsense/pull/3754 Chris Linstruth
07:01 PM Bug #7638 (Resolved): Carp Status incorrect - visual bug in webconfigurator interface: There is a bug where if certain high VHID numbers are added before lower numbers, the status on the Status -> CARP (f... Steven Brown
01:38 AM Bug #7637: Any operation of the suricata package will cause the system to crash: try remove the suricata package,and the pf system auto restart,then ipv6 tunnle network not normal work. test at 2.4.... yon Liu

06/10/2017

09:59 AM Bug #4494: axge bug - AX88179 chipset (network interface reseting): It seems the problem remains in 2.3.4 release. Oleg Cherkasov
04:03 AM Bug #7637 (Rejected): Any operation of the suricata package will cause the system to crash: Any operation of the suricata package will cause the system to crash. such as remove and close etc.
i have submit i... yon Liu

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

07/09/2017

07/08/2017

07/07/2017

07/06/2017

07/05/2017

07/04/2017

07/03/2017

07/02/2017

07/01/2017

06/30/2017

06/29/2017

06/28/2017

06/27/2017

06/26/2017

06/25/2017

06/24/2017

06/23/2017

06/22/2017

06/21/2017

06/20/2017

06/19/2017

06/17/2017

06/16/2017

06/15/2017

06/14/2017

06/13/2017

06/12/2017

06/11/2017

06/10/2017