Activity
From 07/10/2017 to 08/08/2017
08/08/2017
-
05:40 PM Bug #7272: 6rd not functioning on 2.4.0-BETA
- Luiz Otavio O Souza wrote:
> The 6rd patch was committed to 2.4 and is available on the latest snapshots. Tests are... -
05:29 PM Bug #7605: State Killing on Gateway Success
- It would be a good idea to have a second option to kill states on recovery to keep working states intact if desired. ...
-
03:22 PM Bug #6099: igmpproxy does not recognize upstream interface
- For the records:
Mr J wrote on https://forum.pfsense.org/index.php?topic=134795.0
> These instructions by james_h... -
01:54 PM Bug #7604: Bug #6594 is not resolved: Waiting for Internet connection to update pkg metadata and finish package reinstallation
- Just happened to me, moments ago.
Backup up a 2.3.4 machine (server is unstable) and replaced the server hardware ... -
11:53 AM pfSense Packages Bug #7756: suricata suricata_check_dir_size_limit() needs to be improved
- Thanks! Another user had also submitted a fix for the EVE JSON log rotation issue. I asked him about incorporating ...
-
11:43 AM pfSense Packages Bug #7756: suricata suricata_check_dir_size_limit() needs to be improved
- Filed https://github.com/pfsense/FreeBSD-ports/pull/389
08/07/2017
-
- I'm the volunteer package maintainer for Suricata on pfSense. Thank you for providing a patch to go along with your ...
-
07:32 PM Bug #7412: rtsold will not run on VLAN interfaces
- Has progress been made on this bug? Thanks.
-
05:56 PM pfSense Packages Bug #7267: Status Traffic Totals - Stacked Bar - Scale not high enough
- This should be fixed in the newer versions of nvd3. I am attempting to upgrade, but there are some kinks to work out.
-
02:28 PM Feature #7760 (Rejected): Reverse FQDN lookop from firewall rule
- The method for tracking hostnames requires aliases. Using them in rules directly is not possible in pf, and rewriting...
-
02:18 PM Feature #7760 (Rejected): Reverse FQDN lookop from firewall rule
- Currently to use a FQDN in a firewall rule you need to add an alias for it. The alias documentation states:
"Hosts ... -
12:59 PM Bug #7759 (Closed): No version control number showing when going to System > Update
- I am currently on 2.4.0.b.20170802.0604
When I goto System > Update it shows the attached picture (just "Warning" ... -
12:51 PM Bug #6099: igmpproxy does not recognize upstream interface
- Some of these reports seem to miss one very important information: which version of IGMP is used.
IMHO igmpproxy d... -
07:13 AM Bug #6099: igmpproxy does not recognize upstream interface
- igmpproxy does indeed work 100% for UK BT TV, BT Sport 4K (IPTV over BT Infinity FTTC/P) in ver. 2.4.0-BETA (Version ...
-
- Please take this discussion to the forum, mailing list, reddit, etc. If it runs for a few minutes then it is absolute...
-
- _
-
- The way I use igmpproxy it works properly. There are many posts above from other people who confirmed that IPTV works...
-
- This was fixed in this commit: https://github.com/pfsense/pfsense/commit/b8047a1f1d5e5fb529e716a349f153ea3a78280a
-
- This was fixed in the following: https://github.com/pfsense/pfsense/commit/e7d63f568c8e3982ee8f39387369778789593075
-
- That is most likely due to either a compatibility issue with your cipher selection in squid and that site, or with sq...
-
02:08 AM pfSense Packages Bug #7758 (Not a Bug): Error on squid
- I deployed pfsense 2.3.4 and installed Squid 3.5.26. I config squid in transparent mode and enable HTTPS/SSL intercep...
-
06:49 AM Todo #6606 (Resolved): Adapt captive portal to work without multi-instance ipfw
08/06/2017
-
09:47 PM Bug #7750: unbound refuses ipv6 queries after reboot
- This problem is also present in 2.3.4. I had not noticed it previously, because I never attempted to perform nslookup...
-
03:11 PM Bug #7272: 6rd not functioning on 2.4.0-BETA
- I believe a recent change here may have broke 6to4 tunnel on WAN..
https://forum.pfsense.org/index.php?topic=13474... -
- _
-
- Mr J wrote:
> Maybe Luiz Otavio O Souza should just FIX the bug for version 2.40 ????!!!!
Probably its not the be... -
- _
-
12:33 AM Todo #6606: Adapt captive portal to work without multi-instance ipfw
- Spent a few minutes on it. Everything seems to be working again.
08/05/2017
-
- Will check it out and report back when I get to the house.
-
11:05 PM Todo #6606 (Feedback): Adapt captive portal to work without multi-instance ipfw
- Fixed in the latest snapshots.
-
- The 6rd patch was committed to 2.4 and is available on the latest snapshots. Tests are much appreciate.
-
-
10:26 AM pfSense Packages Bug #7753: "Bypass Proxy for These Source IPs" does not seem to be working anymore
- This ticket should be closed. "Bypass Proxy for These Source IPs" works as expected.
-
03:50 AM Bug #7757 (Not a Bug): Auto Config Backup fails to upload unless Default Gateway is up
- Auto Config Backup will not upload when a Secondary WAN is active and the Primary WAN is down and Failover/Load balan...
08/04/2017
-
- The cleanup process in suricata_check_dir_size_limit() is not very optimal. There are a couple issues:
- It immed... -
05:11 AM pfSense Packages Bug #7755 (Closed): Avahi package is not secure by default
- pfSense Avahi Plugin is insecure per default and may at least cause internal information leaking to wrong network zon...
-
03:57 AM Bug #7754 (Not a Bug): Cannot access "WebCfg - OpenVPN: Client Export Utility" without also granting access to "WebCfg - OpenVPN: Servers"
- I tried to create a local group for admins with limited access and I only want that group to be able to export OpenVP...
08/03/2017
-
08:09 PM Bug #6406: Web process becomes unresponsive producing 502 Bad Gateway nginx
- All I have to do to cause this is just leave the dashboard web page open. The problem happens anywhere from 1 hour to...
-
07:01 PM
Bug #6406: Web process becomes unresponsive producing 502 Bad Gateway nginx
- Thanks for your offer. I have been working on this issue all week, sadly without getting very far because each diagno...
-
- pfsense team:
Why is this bug being pushed back to another release yet again to a date that has not been determine... -
07:50 PM Feature #855: Ability to selectively kill states on gateway recovery
- As echoed by others, I'm seeing the same thing for VOIP and other devices which auto negotiate VPN tunnels which main...
-
- I used to exclude two IPs using this option for Arlo Pro video cameras (by Netgear) and it used to work fine, but aft...
-
05:30 PM pfSense Packages Bug #7674: Issue Downloading Snort Alert Log Download
- This also appears to affect the downloading of the blocked hosts list. If you press the download button, it thinks a...
-
02:11 PM pfSense Packages Bug #7752: Squid 3 reverse proxy - HTTPS==>HTTP fails
- Jim Pingle wrote:
> Using an HTTP backend with an HTTPS frontend works fine in HAProxy if you need it to work right ... -
- Using an HTTP backend with an HTTPS frontend works fine in HAProxy if you need it to work right now. The reverse squi...
-
- I configured the package Squid 3 (version 0.4.37 based on Squid-3.5.26) as reverse proxy.
On my pfSense virtual ma... -
09:28 AM Bug #7751: Duplicated traffic graphs
- It appears to be the same behavior as https://redmine.pfsense.org/issues/3314 that was previously fixed, although I d...
-
12:05 AM Bug #7751 (Resolved): Duplicated traffic graphs
- When using VLANs traffic graph shows doubled traffic for out.
See discussion:https://forum.pfsense.org/index.php?to... -
03:48 AM Feature #5112: LDAP support for Captive Portal
- Any chance an implementation as outlined above would make it into upstream? Would be happy to give the implementation...
08/02/2017
-
- Here is a link to a post on the forum which shows the wireshark capture of the PD process:
[https://forum.pfsense... -
- This issue first appeared when changes were made to reduce how often unbound restarts. It may have been present befor...
-
-
08:26 AM Bug #7625: When creating IPv6 firewall rule for single host, netmask improperly displays
- I have now updated to latest build but unfortunatly it still does not work. (2.4.0-BETA (amd64) built on Wed Aug 02 ...
-
08:04 AM Feature #7749 (Resolved): Support ``0`` CIDR mask for IGMP Proxy networks
- I don't know if this CiDR notation is appropriate from a security point of view. But it appears that you can not setu...
-
02:54 AM Bug #7748 (Resolved): VLAN Priority
- I have a 2.3 and a 2.4 pfSsense system
On both systems I can create a VLAN 832 with Priority 6 (Attachment 1)
...
08/01/2017
-
10:32 PM Feature #7537: Include mellanox mlx4 and mlx5 ethernet driver
- edit : It seems it's supported by the freebsd base : https://www.freebsd.org/releases/11.1R/hardware.html#ethernet
... -
09:10 PM Bug #4494: axge bug - AX88179 chipset (network interface reseting)
- FYI, still happening in v2.4 - but is on the FreeBSD HW compatibility list. Anything I can do to help debug?
Thanks! -
04:03 PM Feature #7747 (New): Minor UI Tweak: Make hitting enter on the console (esp via SSH) should not log you out, but simply redraw the menu
- When you don't have a password set on the console, the net effect is the same anyway. However, over SSH, this is ann...
-
- It's a subject to be discussed but doesn't make sense to change where_is_ipaddr_configured() this way since it uses g...
-
- Applied in changeset commit:036b32b57e88464d66e6e01e640178f68cf882ec.
-
- Close it in favor of #7467
-
- Generalize the topic to be able to close older tickets
-
- We need to make tests and it's too late for 2.4.0
-
- It doesn't depend of a pfSense version and as soon as package is updated will be available for all supported versions
-
- You can already use other types of VIPs to use additional addresses (IP Alias and CARP) just not for giant blocks of ...
-
01:00 PM Feature #7746: Proxy NDP
- I agree that it's horrible. But I still have a valid use case for such a feature because of *someone else's* preexis...
-
- There isn't any such daemon. We've had it come up before and it's not possible at this time, possibly ever. It would ...
-
- I can't find any evidence anywhere (including tcpdump) that "Proxy ARP" VIPs support NDP. I'm assuming they don't, s...
-
- We have "Proxy ARP" VIPs, now we need "Proxy NDP" VIPs to allow pfSense to function with service providers such as OV...
-
- Hmm. It's 100% trivially reproducible for me. When it's 100% reproducible for me, most of the time it's 100% reprod...
-
- It shouldn't happen that way, but again, you have not yet identified a specific bug, only a symptom. We need a lot mo...
-
- If this need to be better documented on the public Wiki, I can make those changes myself. I can't update the officia...
-
- Perhaps I could have been clearer: the complaint here is that:
- creating a 1:1 NAT entry and then removing it someh... -
- I don't see a bug here. It works just like IPv4. IPv4 1:1 would also fail if you added a mapping for some other IP ad...
-
- Update: it only breaks when the WAN interface is in the same "subnet" (possibly /64, haven't confirmed the affected p...
-
- Steps to reproduce:
1. configure (e.g.) WAN interface as 2607:5300:79:501:167:114:147:49/56. Configure default gate... -
- Applied in changeset commit:d08c13875483a81b6393f0127abe719e5734dea4.
-
- In FreeBSD 11, the syntax for matching and setting VLAN Priorities changed. See https://reviews.freebsd.org/D6786
...
07/31/2017
-
- Fixed (but not a bug)
-
- My "Affected version" list goes 2.3, 2.3.3, 2.3.3_1, 2.3.4, 2.4, 2.4.x.
No 2.3.4_1 option is available, although I s... -
- Also, when re-editing that 1:1 NAT rule, the GUI repeatedly resets the prefix length to "31". This, again, breaks al...
-
- (I believe this is why I thought IPv6 NAT was broken in #7740. Not 100% sure. Made enough mistakes today I'm not su...
-
- Adding an IPv6 1:1 NAT entry and choosing "Single Host" produces the resulting rule in /tmp/rules.debug:
binat on ... -
- When one configures IPv6 NPt (network prefix translation) to use a public prefix that *does* overlap with the interfa...
-
-
12:02 PM pfSense Packages Feature #7548: Add absolute offset stat to NTP monitoring display
- Tested, working (2.4.0.b.20170731.0959)
-
- It's allowed because it's valid. Granted it's not as useful and NPt does the same thing, essentially. If it were brok...
-
- The 1:1 NAT setup screen allows IPv6 addresses to be entered, even though they do not function. No warnings are emit...
-
- I just pushed a fix, give it a try when the package update shows next (0.6.20)
-
03:46 AM Bug #7734: Using opton ia pd0 does not renew prefix and prefix get dropped
- Sorry - was looking for it but forgot about /var/etc:...
07/30/2017
-
- Having the same gateway on more than one interface is not a supported configuration.
-
11:56 AM Feature #7739 (Rejected): If there is already a gateway, retrieve data from the one that already exists?
- Hi,
I have multiple gateway with the same ip and then it can not show them at the same time, but I had to mix with... -
- I've found it VERY difficult to determine precisely which combinations of ciphers and MACs will be hardware-accelerat...
-
- Perhaps this is a configuration issue, or a bug introduced during the 2.4 update.
I am now receiving the following... -
07:47 AM pfSense Packages Bug #7736 (Resolved): Crahs with Quagga OSPF and the latest 2.4 Beta
- Crash report begins. Anonymous machine information:
amd64
11.0-RELEASE-p11
FreeBSD 11.0-RELEASE-p11 #193 d...
07/29/2017
-
02:42 AM Bug #7734: Using opton ia pd0 does not renew prefix and prefix get dropped
- If you are still running 2.3 then it's not related at all, 7330 was a 2.4 issues and was fixed and is closed. The iss...
07/28/2017
-
02:20 PM Feature #3329: Allow creating "not" rules for IPsec Phase 2
- Example implementation
-
- This feature wil be really helpful. Lets assume a office firewall connected to a HQ firewall. It serves sub multiple ...
-
- We have the same problem. For my reminder. Configuration is created by /etc/inc/vpn.inc in the following lines
i... -
12:43 PM Feature #7549: Enable Python support in Unbound
- To use python with unbound the module also needs to be enabled in the configuration file with:...
-
- Steps to reproduce:
1. manually add the Globalsign CA
2. manually add the AlphaSSL intermediate CA
3. manually add... -
- This might be related to #7330
-
- From my ISP i am getting a vl/rl of 14400 seconds
The prefix is not renewed and is dropped after 4hrs, see below.
... -
- I'll check it
-
- I tried this morning and my devices which use to work are still being directed to the logon page. I have a few device...
-
09:03 AM Bug #7733 (Resolved): User Manager deletes non-selected users
- The User Manager seems to delete non-selected (wrong) users when using the 'red' delete button on the bottom of the U...
-
- This is a bug tracker, not a support system. Please post on the forum, reddit, mailing list, or another support chann...
-
01:06 AM Bug #7732 (Not a Bug): Unable to connect remote system after upgrading to the latest version
- Yesterday I was updated my pfsense to the latest version 2.3.4-RELEASE-p1 (amd64). After upgrading I am able to conne...
07/27/2017
-
05:42 PM Bug #6223: IPsec + OpenBGPD fails with "PF_KEY socket: No buffer space available"
- Jim Pingle wrote:
> Only in that we're making progress on replacing OpenBGPD with FRR
Well that's exciting! I ass... -
- @BBcan177
Looks like it worked !
Pls make it default. -
- @BBcan177
Thx for the clue.
What's the proper way to modify /usr/local/pkg/pfblockerng/pfblockerng.inc ?
I made c... -
11:32 AM pfSense Packages Bug #7729: pfBlockerNG orders NAT licked rules to the bottom of firewall rules
- Can you edit */usr/local/pkg/pfblockerng/pfblockerng.inc*
and replace the line (-) with the new line (+):
Line 4... -
11:15 AM Bug #7731 (Duplicate): DynDNS fail to update after connection lose
- Hi,
i experienced some problems with DynDNS update.
When the gateway is down (connection lost) and then come ba... -
08:16 AM Bug #7730: 2.3.4_1 greX: loop detected when hit save on filter rules or interfaces
- to clarify previous cluster sync comment:
If we make the change as described above on secondary the tunnel stays up ... -
- upgraded from 2.2.6
anytime we hit save in the GUI for interface or filter rules, even if no change was made, we sta...
07/26/2017
-
- When I use pfBlockerNG and rules order as this https://snag.gy/yFQa5b.jpg after rules update my NAT linked non-pfBlo...
-
-
06:45 PM Bug #7723: Cannot focus username or password input fields
- I upgraded to 2.3.4p1 and can no longer reproduce. Thanks!
-
- image of bad behaviour
-
- If you define a 1:1 NAT rule with a destination IP (source/destination match) this destination IP may be an alias. In...
-
02:37 PM Bug #7629: FreeBSD PR affecting pfsense
- Since JimP has confirmed 2.4.x will move to 11.1 then this bug is effectively resolved "after" that change occurs.
-
- Merged, thanks!
-
- pvclock is not a module, it's a standard piece of the kernel as you can see at original review at https://reviews.fre...
-
11:48 AM
Feature #7727: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port
- the game in question is "For Honor", but im pretty sure it affects any game that uses peer to peer matchmaking. There...
-
11:46 AM
Feature #7727 (Resolved): uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port
- It's a bug with pfsense, at least in my eyes (nearly 15 years experience in IT and am a senior security engineer with...
-
11:01 AM Bug #7474: Problems adding gateway from interface edit
- Already in master by PR https://github.com/pfsense/pfsense/pull/3700
So it happens already in 2.4 - no need to push ... -
- Push to 2.4.1
-
- Looks good now
-
09:52 AM
Bug #7128 (Feedback): system_advanced_network.php - fugly IPv6 over IPv4 input field alignment
- Changed layout to use two separate fields + JS hide/show
-
- Anything we need to do on the OS side is done already, the rest is up to the actual scripts to setup mounts/libraries...
-
- Merged
-
- Merged, thanks!
-
- Work is now complete
-
- This is not a general problem that can be reproduced here, and there is not enough detail in your report to speculate...
-
- See also: #7726
-
- Duplicate of #6400
-
05:43 AM Bug #7726 (Duplicate): Many VLANS and php-fpm 100%CPU Hangs web gui
- This problem was reported some time ago already:
https://forum.pfsense.org/index.php?topic=102607.0
https://forum... -
- +1
I would not even bother if dtrace kernel was an extra image for pfsense 2.4. -
12:05 AM Bug #7725 (Resolved): Support for iwm
- FreeBSD 11-Current added support for the Intel Dual Band Wireless AC 3160/7260/7265 IEEE 802.11ac network adapters (h...
07/25/2017
-
11:39 PM Bug #7724 (Rejected): Captive portal not blocking unauthorized MAC addresses
- We are using pfSense
Serial: 57625aa6-71ba-11e7-8e29-0800275891eb
Netgate Device ID: f3ad8559b22bd5e94b4d
From... -
- Only in that we're making progress on replacing OpenBGPD with FRR, which hopefully will not suffer from the same issu...
-
02:14 PM Bug #6223: IPsec + OpenBGPD fails with "PF_KEY socket: No buffer space available"
- Any progress on this?
-
- No problems here on Chrome with Android 7.1.2 and Chrome 59.0.3071.125 (Tablet) or Android 7.0 (Droid Turbot 2), in p...
-
- The username and password input fields cannot be focused when using Chrome on Android.
h2. Steps to reproduce
1... -
10:07 AM Bug #4218: Bridge does not have AUTO_LINKLOCAL flag
- PR: https://github.com/pfsense/pfsense/pull/3788 (simple checkbox, does not detect whether or not ipv6 is configured ...
-
- I think this feature could be implemented as follows:
* Provide a new advanced configuration option on the bridge ... -
- See also: #7722
-
- Duplicate of #7500
-
- Upgraded through WebGUI 2.3.4 to 2.4.0-BETA (amd64) everything seems to go smooth except I receive this error...
C... -
- In a multiwan setup, when selecting only one listening interface (eg. LAN), NTPd does not select external peers as th...
07/24/2017
-
- Per this topic, enabling watchdogd seems to be harder than it should be: https://forum.pfsense.org/index.php?topic=10...
-
03:56 PM Bug #7719 (Resolved): Dynamic DNS updates not working on interface failover
- I realized that dynamic DNS hostnames are not being updated on interface failover. When manually marking a gateway as...
-
10:05 AM Feature #7718 (New): Hostname for Custom DynDNS Updater.
- Hi,
right now I'm using a custom DynDNS service for VPN connectivity. The problem is that you can't set the hostna... -
-
09:29 AM pfSense Packages Bug #7191: squid package EN-US grammar errors
- Also fixed in 0.4.37 so I am sure this bug can be closed now.
-
- Ryan Eckenrode wrote:
> I have found that I am no longer able to download the Alert Logs from the snort_alerts.php p... -
03:32 AM Bug #4310: Limiters + HA results in hangs on secondary
- Jose Duarte wrote:
> For those still with problems you can use limiters in HA with any version w/out kernel panic bu...
07/22/2017
-
- We'll pick it up automatically once it hits the proper ports branches used by 2.3.x and 2.4.x.
-
06:26 AM Feature #7717 (Closed): DNS Resolver update to Unbound-1.6.4 to get RPZ / fastrpz support
- We would like to be able to use Reverse Policy Zones (RPZ) using the "fastrpz" patch which Unbound has included into ...
07/21/2017
-
07:08 PM pfSense Packages Bug #7716 (Resolved): Suricata - Barnyard2 webui configuration updates result in base64-encoded value written to the config for the password
- Any changes to the Suricata barnyard configuration page requires that you update the password as well, otherwise the ...
-
11:47 AM Bug #7715: Update from 2.3.4 to -p1 mangled many config entries including users, patches, other config
- ok
-
- Please discuss a problem such as this on the forum or mailing list rather than jumping right to assuming it's a bug a...
-
- Logs
-
- I updated my test router 2.3.4 to 2.3.4-p1 and a load of config got wiped out in the process, including users reset a...
-
- Note: The time itself is correctly fetched from the firewall, but is being adjusted to the wrong time _zone_ when dis...
-
09:45 AM Bug #7714 (Resolved): NTP Widget Time Display
- NTP Widget on 2.3.4-RELEASE-p1 is showing a time other than the received NTP time. Timezone is set to Etc/UTC as per ...
-
- Start a new bug report for that. It may be using the local time _zone_ incorrectly but it is not using the local cloc...
-
- Jim Pingle wrote:
> The fix was in 2.3.4 and any release after that.
>
> It is not pulling local time. I just con... -
- The fix was in 2.3.4 and any release after that.
It is not pulling local time. I just confirmed it by loading the ... -
- This appears to still be pulling local time in 2.3.4-RELEASE-p1.
Was this fix part of 2.3.4 or am I misreading somet... -
- Please discuss the problem on the forum before opening a bug report.
It is highly unlikely that we will make speci... -
04:37 AM Bug #7713: APU2C4 + TRAFFIC SHAPER CBQ = KERNEL PANIC
- The issue occur with a simple install with at least 1 vlan (vlan number2).
Without VLAN the issue doesn't occur.
... -
- Hardware APU2C4
Pfsense 2.3.4_1
Coreboot 4.0.7
As soon as you activated traffic shaper with CBQ, there is a kern... -
04:19 AM Bug #4310: Limiters + HA results in hangs on secondary
- For those still with problems you can use limiters in HA with any version w/out kernel panic but for that you need ad...
07/20/2017
-
- Superseded by #7383
-
06:42 PM Feature #7712: Support NPt with Dynamic WAN Interfaces
- Jim Pingle wrote:
> Duplicate of #4881
Oops. My apologies, my search was incomplete. -
- Duplicate of #4881
-
- Currently, using Multi-WAN with IPv6 requires a static IPv6 address on all WAN connections. Mass market cable and DS...
-
- Ok, I will do more testing and keep you inform.
Thanks. -
- Like most other x86/x86-64 hardware, while it may work, we do not specifically test on that platform to ensure compat...
-
- Ok but APUC4 is a compatible pfsense hardware no?
-
- Please discuss the problem on the forum before opening a bug report.
It's entirely possible that even if it isn't ... -
- The stability of the APU2C4 was perfect for 5 months before traffic shapper testing...
Same issue with 3 other APU... -
- Hardware APU2C4 with SSD 16Gb
As soon as I configure traffic shapper (wizard or not), my pfsense is completely stu... -
04:23 AM Bug #7709: raspberry pi or anything that can emulate ethernet gadget over usb mac id not read
- i had filed a bug request on bugzilla on freebsd site and the devs there provided a patch to test but i have no clue ...
07/19/2017
-
- I still haven't been able to replicate the original problem here, but unbound appears to be restarting OK on WAN fail...
-
- Works. States get killed, client cannot make new connections.
-
- well the mac spoofing works in gui but the base mac id keeps changing so pfsense doesnt query for the new mac id when...
-
- That would be the same as setting a MAC address to spoof on the interface configuration in the GUI. If that doesn't w...
-
- there is a way mentioned here https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=174464
no idea if this can be implem... -
- Works!
07/18/2017
-
09:47 PM Bug #7697: NAT port forward rule using "WAN address" doesn't work as expected if router does not acquire a WAN address on startup
- I'll try to test it out in the next couple of weeks hopefully. Thanks for the fix.
-
01:49 PM Bug #7710 (Resolved): IGMP Proxy
- IGMP Proxy failed on SG-1000, its been working O.K and for some reason the recent updates have caused it to fail agai...
-
- If it's a FreeBSD bug, which it appears to be, report it upstream to FreeBSD. Once they fix it, the change will trick...
-
- based on the discussion here
https://forum.pfsense.org/index.php?topic=133695.0
it seems like a freebsd issue whe... -
- Applied in changeset commit:e5aeaeb6a8b46c9532119285630f4e42d0e79b24.
-
- The new bsdinstall installer does not have an option to recover an existing config.xml from a previous installation.
... -
09:56 AM Feature #7707 (Resolved): Captive Portal - Radius Time out configuration field
- Captive Portal Radius Server connection function has a hardcoded timeout value of '3' there are instances where it i...
07/17/2017
-
- In some cases it would be handy to have the certificate data written out to the filesystem so that action scripts cou...
07/16/2017
-
10:04 AM Feature #7705 (Resolved): Support dynamic interface address for 1:1 NAT
- Currently, in the 1:1 NAT UI, the "External subnet IP" field cannot be populated with options such as "WAN address" o...
-
- If you set "Any" as the Destination port range for a Port Forward TCP or UDP entry, upon saving the new rule you get ...
07/15/2017
-
- OK, NP - thought it was best to capture ... I admit, not sure of the link between the forum and redmine. Sorry!
FY... -
- This is not happening on any systems here. Please do not open bug reports until the problems have been properly evalu...
-
- Hi,
I have been seeing this in recent v2.4 builds, thinking it's something that should be fixed. When I reboot (or... -
- This is a topic for a forum discussion, not a bug report. This is not a discussion or question/answer support platform.
-
- Hi,
This may be me, but just in case - likely good to log it, in case it's not.
Trying to use HW acceleration i... -
- OK, thanks! Wasn't sure if that state was equal to closed or not. Sorry for the extra "traffic".
-
02:10 PM Bug #4695: TAP (OpenVPN) Traffic Blocked
- It's already closed: "Not a bug".
Thanks. -
- Agreed, resolved - close this out (I don't know how, sorry!).
-
- Hi,
It may just be me (sorry if it is!), but similar to this thread ... I'm finding that some custom shell command... -
- Hi,
As captured in this thread - it seems that recently Port Forwarding / NAT is broken, when using aliases (works... -
- Working correctly in v2.4.0, so this one should be closed - I'd close it, not sure how ... :(.
Thanks! -
- Hi,
Just a thought, but - it would be nice to be able to set this option in Client Export, not just in the server ... -
- This has already been fixed, the 2.3.4-p1 release is about to come out and includes this correction.
https://doc.pfs... -
06:13 AM Bug #7698 (Duplicate): Umlauts are no longer displayed properly
- In the newest Version on the DHCP Status Page (/status_dhcp_leases.php) Umlauts in the Description Field are no longe...
07/14/2017
-
05:40 PM
Bug #7692: andwidthd date on daily report incorrect.
- I have created a report with bandwidthd here:
https://sourceforge.net/p/bandwidthd/bugs/50/ -
- I don't have it installed on either of my SG-1000s right now. It's possible there is an ARM-specific bug that affects...
-
02:58 PM
Bug #7692: andwidthd date on daily report incorrect.
- It is not the browser cache, the date seems to change on every graph generation, and the software was installed just ...
-
- Most likely something is cached in your browser. Try ctrl+F5 or shift+click reload. It is fine on all of my systems w...
-
07:04 AM
Bug #7692 (Not a Bug): andwidthd date on daily report incorrect.
- Bandwidthd shows incorrect date (changing between graphs) in daily report.
See attachment for screenshot.
Env... -
04:28 PM Bug #7697: NAT port forward rule using "WAN address" doesn't work as expected if router does not acquire a WAN address on startup
- The pull-request was pulled yesterday. https://github.com/pfsense/pfsense/commit/40c09b6dadb04928dc9a279969193b620ff1...
-
- This forum post:
https://forum.pfsense.org/index.php?topic=127585.msg733528#msg733528
Describes what I'm seeing:
<... -
- I don't see any target version on this bug. Is this being worked on? Any chances this could be fixed for 2.4?
-
- Looks good, multiple confirmations that it works.
-
- The contents of the password field are not being passed properly to the telegraf.conf file. The password is being en...
-
02:59 PM Bug #6529: dhcp6c fails to start with track6 on a bridge interface
- I am adding a sighting. My logs are as follows:
@Jul 12 06:23:21 pfSense dhcp6c[17300]: /var/etc/dhcp6c_wan.conf:13 ... -
- Applied in changeset commit:782453b4dbb77e5bc97a43f56b95a006c5434d65.
-
- Moving the sshlockout portion to #7695
-
- GUI portion is done. It also kills states if someone tries to access the GUI while in the table, so if it isn't feasi...
-
- The way that browsers and ssh clients work, it may be possible to exceed brute force protection limits enforced by ss...
07/13/2017
-
- We would like to integrate additional icap services into the pfsense squid configuration, but there is no way add the...
-
- This could help quite a bit imho :) https://github.com/pfsense/pfsense/pull/3768
-
- Works
-
- Applied in changeset commit:021332fa29f0c08bff833ce1c7ddcb9ac9a769b1.
-
- Still needs the fix ported to 2.3.x, it did not cherry-pick cleanly.
-
- Applied in changeset commit:4541f84d12c86775022b0e49d527d6f4f9a6911f.
-
11:50 AM Bug #6318: IPsec dashboard widget causes GUI failure
- I think this bug's priority should be raised since it also breaks openvpn functionality.
-
07:14 AM Bug #5319: Error message "No config named" in charon daemon
- This bug is also present in 2.3.4, I have to kill the charon process every 2-3 days to keep the problem from appearing.
07/12/2017
-
- If user chose option 'Redirect' on 'System Domain Local Zone Type' in services_unbound.php unbound doesn't start with...
-
- Change committed to freebsd-src repo, should show up in snapshots soon.
-
- Feature is described here:
https://doc.pfsense.org/index.php/Automatically_Restore_During_Install
Basically: Loca... -
12:46 PM Bug #7615: User / Group Privileges for the "Status: Monitoring" page.
- Ok. It appears that when the package "Status_Traffic_Totals" is installed it replaces "Status: Monitoring" in the use...
-
- Relevant Commits:
2.4:
https://github.com/pfsense/FreeBSD-ports/commit/119d687658b46a0310a481c22f5a435e5de9625f
... -
- Works on both 2.4 and 2.3.x now.
07/11/2017
-
04:52 PM Bug #7604: Bug #6594 is not resolved: Waiting for Internet connection to update pkg metadata and finish package reinstallation
- A quick workaround:
Interrupt update process with ctrl+c and enter to a shell. Then:
vi /usr/local/etc/pkg/repos/... -
- Pushed a fix for 2.3.x versions now.
-
- Well, it works on 2.4, needs some adjustments for 2.3.x yet.
-
- I just pushed a new feature to the ACME package, it can now send service restart commands via XMLRPC using the system...
-
- I went through and tried a few of the packages and some did need the write, others did not. I didn't test the whole l...
-
- It would be beneficial to include a hover icon (info tip) on the AutoConfigBackup setup page that informs users to us...
-
- Thanks for testing!
-
07:43 AM
Bug #7675: Remove MSS clamping exclusions on pppoe, l2tp, pptp
- I have updated to the last few snapshots and I have not had any issues with the MSS clamping being set on the PPPOE c...
-
- It's also in /conf/config.xml where it can be read by anyone on the box.
At the moment, it's all a part of how the... -
05:11 AM Bug #7687 (Not a Bug): File permissions to open for /var/etc/mpd_wan.conf
- Considering this file has the clear text password to the ISP account it needs to have something less than world reada...
07/10/2017
-
- Works.
-
- Applied in changeset commit:4e4cac0dd53afcf26aa2b523dc16916730d92133.
-
- The fix seems to work but it could be better/simpler, see my comments on PR 3780.
-
- Fixed.
Only actual digest algorithms show now, and not their aliases. Configurations that referenced an alias are ... -
- I pushed a fix for this in commit:f49ef559060ec8cad5c7a3a548d509cf08b5549b but forgot to put this ticket number on th...
-
- This also appears to be confirmed by @openssl list-message-digest-algorithms@, which lists which names/aliases map to...
-
- The way "openvpn --show-digests" works it ends up listing several algorithms that are functionally equivalent but som...
-
09:44 AM pfSense Packages Bug #7681: OpenVPN client export utility - Exporting Android inline configuration can include incorrect client auth method in .ovpn file
- Thank you Jim! Makes sense.
-
- I made a different issue entry for the actual underlying problem here: https://redmine.pfsense.org/issues/7685
-
- It does appear that they are the same, but different versions of OpenSSL or different libraries that are OpenSSL-like...
-
08:29 AM pfSense Packages Feature #7686: Add option in HAProxy to configure SSL defaults based on the Mozilla SSL Configuration Generator
- oops, misspelled configure in the subject line
-
- Would be nice to have "Modern | Intermediate | Old" options in the configuration of HAProxy for SSL cipher suites, ba...
-
- If it's remote access, you need to give it a tunnel network. It is not valid for remote access without a tunnel netwo...
-
06:04 AM Bug #6559: OpenVPN 'mode server' directive missing
- Jim Pingle wrote:
> or you have to setup bridging, etc.
>
> It is only doing what it is told (or not told, as the...
Also available in: Atom