Activity

30 days up to

User

Subprojects

Activity

From 08/24/2017 to 09/22/2017

09/22/2017

08:53 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: And it *BROKE* again on:
2.4.0-RC (amd64)
built on Fri Sep 22 11:35:27 CDT 2017
FreeBSD 11.0-RELEASE-p12 Larry Rosenman
04:02 PM Revision 27d1807a: Don't call widget callback function if no data is returned: (cherry picked from commit 89d83febe6bf0fd63ec72d53eb8e524a8d19994e) Steve Beaver
04:01 PM Revision 89d83feb: Don't call widget callback function if no data is returned: Steve Beaver
03:59 PM Revision 352f422c: Dashboard refresh system should not call the widget callback function if no data was returned: (cherry picked from commit 7a8131028874b334e43b5e7dcf894a86481543c6) Steve Beaver
03:57 PM Revision 7a813102: Dashboard refresh system should not call the widget callback function if no data was returned: Steve Beaver
02:43 PM Bug #7865 (Resolved): User groups -> Assigned Privileges doesn't work: Fixed Jim Pingle
01:53 PM Revision 97c69e81: Revert "Do not associate IP and MAC on down table. It should help #7813 and #7833": This reverts commit 0116f1c9bbf1a532fdd49c346c41b761c1e59d93. Luiz Souza
01:52 PM Revision bd068df3: Revert "Do not associate IP and MAC on down table. It should help #7813 and #7833": This reverts commit aa61ecfde0952ed1c3a035ac9489f5a5f9c51425. Luiz Souza
12:44 PM Feature #7847 (Needs Patch): USB NIC not loading (TP-Link UE300 RTL8153): Jim Pingle
12:44 PM pfSense Packages Bug #7278 (Resolved): Suricata Service - Advanced Configuration Pass-Through not working: Jim Pingle
11:53 AM Feature #7888 (New): Add a button in package manager GUI to upgrade all packages: Dunno, am I'm the only one who's missing this? Kill Bill
11:37 AM Bug #7869 (Feedback): Hyper-v vm traffic shaper error: hn0: driver does not support altq: There is a new knob to enable the support and now it is enabled by default in pfSense.
Will be available on the ne... Luiz Souza
01:37 AM Bug #7813 (Feedback): Missing download statistics on captive portal with MAC filtering enabled: Fixed. Please try the next snapshot (will be available on tomorrow's snapshot). Luiz Souza
01:36 AM Bug #7833 (Feedback): ipfw will not limit download speed - captiveportal: Fixed. Please try the next snapshot (will be available on tomorrow's snapshot). Luiz Souza
12:12 AM Feature #4796: Support Multiple FIBs in pfSense: I just stumbled upon a case where it would be nice to have the webConfigurator in a separate FIB, because of routing ... Stéphane Lapie

09/21/2017

07:45 PM Revision 603be247: Remove erroneous additional text.: AdamD
06:10 PM Revision 0116f1c9: Do not associate IP and MAC on down table. It should help #7813 and #7833: Renato Botelho
06:10 PM Revision aa61ecfd: Do not associate IP and MAC on down table. It should help #7813 and #7833: Renato Botelho
06:08 PM Revision a6f8dd7a: Revert "Update translation files": Bad commit log
This reverts commit ff8d44d194b6a5ada8fcd2aafe8c7ec358a7adae. Renato Botelho
06:05 PM Revision ff8d44d1: Update translation files: Renato Botelho
05:24 PM Bug #7887 (Not a Bug): User permissions do not protect firewall rules: It is working as designed. If you have permissions for a page, you can do anything on that page. The "Edit" page edit... Jim Pingle
05:10 PM Bug #7887: User permissions do not protect firewall rules: Michael Newton wrote:
> Javascript should have no bearing on it, since the permissions (should) get checked on the s... Kill Bill
05:04 PM Bug #7887: User permissions do not protect firewall rules: Kill Bill wrote:
> Michael Newton wrote:
> > 6. Right click on Save button, inspect in browser's tools and remove "... Michael Newton
04:55 PM Bug #7887: User permissions do not protect firewall rules: Michael Newton wrote:
> 6. Right click on Save button, inspect in browser's tools and remove "disabled" attribute
... Kill Bill
04:30 PM Bug #7887 (Not a Bug): User permissions do not protect firewall rules: User permissions have only cosmetic effect on the firewall page, if any, and are trivially easy to bypass.
Steps t... Michael Newton
05:02 PM Revision 575bc378: Update translation files: Renato Botelho
05:02 PM Revision f9cc13d0: Regenerate pot: Renato Botelho
04:27 PM Revision 1144e24c: Fixed #7856: Steve Beaver
02:23 PM Revision 0266efa6: Unbound - allow snoop from localhost: dig +trace fails without this, which is super annoying for debugging/diagnostics/benchmarking or whatever similar pur... Doktor Notor
12:57 PM Revision 1841c040: Update translation files: Renato Botelho
12:57 PM Revision 58a62782: Regenerate pot: Renato Botelho
12:37 PM Bug #7886: PRIQ, priority of 0 cannot be saved in GUI, GUI attempts to save a 0 value but actually ends up storing it as the default of 1: I also noticed that if you reorder and change the names of the priorities, and you have P2P catch-all set (default qu... jake xanaro
12:34 PM Bug #7886 (Resolved): PRIQ, priority of 0 cannot be saved in GUI, GUI attempts to save a 0 value but actually ends up storing it as the default of 1: PRIQ, priority of 0 cannot be saved in GUI, GUI attempts to save a 0 value but actually ends up storing it as the def... jake xanaro
12:06 PM Bug #7885 (Resolved): Cert. Manager should validate EKUs on importing a certificate authority: Currently, you can import any certificate as a CA, even ones that are actually unusable as a CA. Subsequently, you ca... Kill Bill
11:40 AM Bug #7856 (Feedback): IPsec status does not show all connected mobile clients: Applied in changeset commit:1144e24cabeda458b266b9874b827746f4c0f8a0. Anonymous
11:20 AM Bug #4723: Can't forward UDP fragmented packets with scrubbing enabled.: I am no longer able to troubleshoot this issue, I switched over to IPSec to resolve my SIP/UPD issue. I was working ... ryon m
11:13 AM Bug #7884 (Confirmed): Unbound refusing non-recursive/iterative queries even from localhost: PR looks good and the change lets @dig +trace@ and @drill -T@ work locally. Jim Pingle
09:42 AM Bug #7884 (Resolved): Unbound refusing non-recursive/iterative queries even from localhost: This is so much secure that it's annoying and getting in the way of normal work for not exactly any good reason.
<... Kill Bill
11:08 AM Bug #7500 (Resolved): Upgrade From 2.3.3_p1 to 2.4 Fails (libssl.so.8 not found): Jim Pingle
10:57 AM Bug #7500: Upgrade From 2.3.3_p1 to 2.4 Fails (libssl.so.8 not found): I'm no longer seeing this error on recent upgrades, please close the ticket.
For documentation, the following co... ryon m
07:45 AM Bug #7883 (Not a Bug): Aliases can only be deleted by some users: Most likely they had the 'deny config write' privilege which will do exactly this, and it's expected. On 2.4 it will ... Jim Pingle
04:25 AM Bug #7883: Aliases can only be deleted by some users: So, new insights (and the bug in that form can be closed):
- alias generation was not automatic but user triggered
... Felix Wolfsteller
03:57 AM Bug #7883 (Not a Bug): Aliases can only be deleted by some users: We have following setup:
- pfsense 2.3.4-RELEASE-p1
- one default admin user
- one user with all privileges assign... Felix Wolfsteller
05:45 AM Revision 316af8dc: Update misleading help text: Commit d57725aac5145b4f17097d61e3b5a6ca72f1754e updated the help text
to use LDAP search filter syntax. This is misle... AdamD
02:39 AM Feature #7882 (Rejected): Seperator feature in DHCP Static mapping for this feature: Under Firewall -> Rules you have the possibility to seperate the rules with a seperator, this is a nice feature and i... Arian olde Kalter

09/20/2017

02:54 PM Bug #7819 (Resolved): php-fpm crashing: This looks good with 0.50, it no longer crashes on either system I could reproduce the crash on originally. Jim Pingle
01:55 PM Bug #7819 (Feedback): php-fpm crashing: php56-pfSense-module version 0.50 should fix this Renato Botelho
02:37 PM Revision 2f4685ca: Merge branch 'master' of gitlab.netgate.com:pfsense/pfsense: Steve Beaver
02:35 PM Bug #7878 (Resolved): GUI lag in Edit Phase 1 ipsec: This works now for Chrome on OS X. Jim Pingle
02:32 PM pfSense Packages Bug #7876 (Resolved): Potential XSS in status_monitoring.php: Confirmed fixed on the latest snapshot. Jim Pingle
02:30 PM Bug #7864 (Resolved): OpenVPN (tun/tap) is not showing: This works now. The wizard is now correctly populating the appropriate variables for the VPN. Jim Pingle
12:28 PM Bug #7880: 504 Gateway Time-out: Yes, because the certificate verification and authentication is handled in PHP. If you have more questions, please po... Jim Pingle
12:24 PM Bug #7880: 504 Gateway Time-out: is there any reason vpn server not accepting incoming vpn connections? Nikos Kastanas
08:01 AM Bug #7880 (Not a Bug): 504 Gateway Time-out: If a command never terminates, it will run until something stops it (e.g. PHP execution timeout).
There is no way ... Jim Pingle
04:08 AM Bug #7880: 504 Gateway Time-out: Yeah nothing happens because the command will never return. It will keep pinging forever. PEBKAC. Kill Bill
03:18 AM Bug #7880 (Not a Bug): 504 Gateway Time-out: it is checked on different hardware with the same pfsense version 2.3.4-RELEASE-p1.
If try to run a command (eg ping... Nikos Kastanas
10:32 AM Feature #1205 (Closed): VPN: User-based / Group-based firewall rules: This has been in place since pfSense 2.1. It uses the same syntax as cisco inacl/outacl, for example "permit tcp from... Jim Pingle
10:07 AM Feature #1205: VPN: User-based / Group-based firewall rules: Ermal Luçi wrote:
> The user based rules are supported if they come from radius.
>
> Locally to pfSense they stil... Adrien Carlyle
09:46 AM Feature #6457: Allow ability to configure AWS EC2 AMI via userdata: Internal redmine ticket related to one of the user data options:
https://redmine.netgate.com/issues/162 Clinton Cory
06:51 AM Feature #7881 (New): OpenVPN client - add support for multiple server entries: OpenVPN in client mode supports multiple "remote" directives, these can be used for redundancy, if the first server f... robi robi
05:05 AM Bug #6406: Web process becomes unresponsive producing 502 Bad Gateway nginx: Chris Collins wrote:
> As an experiment I manually adjusted the php-fpm server configuration so there is more childr... Kill Bill
04:18 AM Bug #7813: Missing download statistics on captive portal with MAC filtering enabled: See Bug #7833 and kindly re-instate the AWOL fix. Kill Bill

09/19/2017

09:38 PM Revision 72d2dbdf: Only run swapon and rc.savecore when the SWAPDEVICE is valid.: (cherry picked from commit d988e0bbf991e28c611b194e9e6ccd99f818209b) Luiz Souza
09:38 PM Revision d988e0bb: Only run swapon and rc.savecore when the SWAPDEVICE is valid.: Luiz Souza
07:59 PM Revision 7e0b401d: Include boot/modules and also kernel.debug in kernel-debug package: Renato Botelho
07:58 PM Revision fd349773: Include boot/modules and also kernel.debug in kernel-debug package: Renato Botelho
07:41 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: upgraded today to:
2.4.0-RC (amd64)
built on Tue Sep 19 18:30:48 CDT 2017
FreeBSD 11.0-RELEASE-p12
and 6RD... Larry Rosenman
07:03 PM Bug #7879: traffic shaper crashes with hfsc_dequeue: Possible duplicate of #7877 Jim Thompson
12:57 PM Bug #7879 (Resolved): traffic shaper crashes with hfsc_dequeue: Today i experienced several crashes in 2.4RC i think there were at least 5.
Ive submitted the crash report a few tim... Pi Ba
05:47 PM Revision 72878dfa: Authentication selector JavaScript changed to eliminate lag: (cherry picked from commit dbef7a85819d3c971319de41d287f06419342105) Steve Beaver
05:46 PM Revision dbef7a85: Authentication selector JavaScript changed to eliminate lag: Steve Beaver
05:21 PM Revision 8451d0a9: Fix #7834: Delete IPFW pipes when disable Captive Portal zone: Renato Botelho
05:21 PM Revision 76c6bf5b: Remove correct file: Renato Botelho
05:21 PM Revision 666cc3d7: Ticket #7834: Add missing global declarations: Renato Botelho
05:21 PM Revision b2c92623: Fix #7834: Delete IPFW pipes when disable Captive Portal zone: Renato Botelho
05:21 PM Revision 5c7fead1: Remove correct file: Renato Botelho
05:21 PM Revision fbfbc6bd: Ticket #7834: Add missing global declarations: Renato Botelho
03:47 PM Bug #7778: DHCP relay not working correctly with bridges: Any updates on this issue? Do you agree this is a bug or is there a good reason why the bridge interface isn't added ... Sander Peterse
02:30 PM Revision a2d83aaf: Setup wizard revisions: (cherry picked from commit 09237040fd9a05415673a47d26e669b274981c2e) Steve Beaver
02:29 PM Revision 09237040: Setup wizard revisions: Steve Beaver
12:48 PM Bug #7878 (Feedback): GUI lag in Edit Phase 1 ipsec: JavaScript changed to eliminate lag Anonymous
11:33 AM Bug #7878: GUI lag in Edit Phase 1 ipsec: Seems to be isolated to only Chrome and only on OS X.
Firefox on OS X is fine. Chrome on Linux and Windows is fine... Jim Pingle
11:15 AM Bug #7878 (Resolved): GUI lag in Edit Phase 1 ipsec: There appears to be a lag when selecting options for Authentication Method when editing Phase 1 for IPSec. Please se... Matthew Fine
12:30 PM Bug #7834 (Feedback): Disabling captiveportal will not flush the ipfw pipes: Applied in changeset commit:b2c926239223ed959a800ddf0c799e7650696d2e. Renato Botelho
10:41 AM pfSense Packages Bug #7876 (Feedback): Potential XSS in status_monitoring.php: Fixes pushed to the freebsd-ports repo:
FreeBSD-ports/devel "f044c1e4e3f647028c57ae1a572dc6377e555f... Jim Pingle
09:45 AM pfSense Packages Bug #7876 (Resolved): Potential XSS in status_monitoring.php: The "view" variable in status_monitoring.php is taken from $_GET and used in a hidden input ("view-title") without en... Jim Pingle
10:17 AM Bug #7877 (Resolved): Crash when enabling traffic shaper on more than 1 port: https://forum.pfsense.org/index.php?topic=136733.0 Anonymous
02:12 AM Revision 4c53dfbe: Changes Dynamic DNS Status Widget to display client description text for Custom and Custom (v6) entries. Implements #7843: Christopher Fazendin

09/18/2017

11:23 PM Revision 1c2ef5f2: notifycation, bootup complete: Pi Ba
09:39 PM pfSense Packages Bug #7875 (Rejected): HAProxy Frontend bug - pfsense 2.3.4-RELEASE-p1 (amd64): This is not a platform for discussion or asking support questions. Please post on the forum, mailing list, reddit, et... Jim Pingle
08:40 PM pfSense Packages Bug #7875 (Rejected): HAProxy Frontend bug - pfsense 2.3.4-RELEASE-p1 (amd64): Hi Support,
This issue is related to ticket #7851 .We are advise to upgrade to the latest version 2.3.4-RELEASE-p1... Peter Omolo
05:14 PM Revision eeb09d06: Use correct branch name: Renato Botelho
03:45 PM Revision 040e0b40: Remove the previous 'no_dad' workaround now that if_stf is fixed.: Partly revert b76e0baebb70775b192507ec18f523141800ce95.
(cherry picked from commit dad3885f9f5afbe0768387527122a8854... Luiz Souza
01:49 PM Revision 9a65d4a2: Populate more default values in the OpenVPN configuration generated by the wizard and rearrange some options so there is less of a difference when editing the configuration for the first time. Fixes #7864: (cherry picked from commit 95a8ebeb5b7d73e7e72eba27c22d2b2b312f92de) Jim Pingle
01:49 PM Revision 95a8ebeb: Populate more default values in the OpenVPN configuration generated by the wizard and rearrange some options so there is less of a difference when editing the configuration for the first time. Fixes #7864: Jim Pingle
01:09 PM Feature #7874 (Rejected): Change OpenVPN Help: The current example is valid. Your example does something different and more complicated that is not what the average... Jim Pingle
01:03 PM Feature #7874 (Rejected): Change OpenVPN Help: Currently the OpenVPN text reads:
@EXAMPLE: push "route 10.0.0.0 255.255.255.0"@
This should be updated to
@EXAM... Christian M.
01:00 PM Revision 81498c2c: Do not show group privilege controls unless the user is editing an existing group. Fixes #7865: (cherry picked from commit 7af38087fef168f213c6880c6782153630c13386) Jim Pingle
12:59 PM Revision 7af38087: Do not show group privilege controls unless the user is editing an existing group. Fixes #7865: Jim Pingle
11:48 AM Revision b9d54e38: Path must be relative here: Renato Botelho
11:47 AM Revision 0f2ee2eb: Path must be relative here: Renato Botelho
09:00 AM Bug #7864 (Feedback): OpenVPN (tun/tap) is not showing: Applied in changeset commit:95a8ebeb5b7d73e7e72eba27c22d2b2b312f92de. Jim Pingle
08:10 AM Bug #7865 (Feedback): User groups -> Assigned Privileges doesn't work: Applied in changeset commit:7af38087fef168f213c6880c6782153630c13386. Jim Pingle
08:03 AM Bug #7868: bsmtpd hostres feature should not be active when running on esx/proxmox/virtualbox: PR looks OK but we can't commit to making sure it's in 2.4-RELEASE at the moment. We'll talk it over internally. Jim Pingle
06:24 AM pfSense Packages Bug #7872 (Not a Bug): Edits not saving: Also, don't manually edit the config files. The GUI will always overwrite them on purpose. That's what the GUI is for... Jim Pingle
03:05 AM pfSense Packages Bug #7872: Edits not saving: Noone is fixing packages in outdated versions that you should not be using in the first place. There were multiple HA... Kill Bill
02:50 AM pfSense Packages Bug #7872: Edits not saving: Is it a known issue? Will upgrading fix? Don't want to upgrade and encounter the same. David Maina
02:40 AM pfSense Packages Bug #7872: Edits not saving: How about upgrading your pfSense? Kill Bill
02:28 AM pfSense Packages Bug #7872: Edits not saving: Am on *2.3.2-RELEASE-p1 (amd64)* David Maina
02:26 AM pfSense Packages Bug #7872 (Not a Bug): Edits not saving: Am editing */var/etc/haproxy/haproxy.cfg* but looks like changes are getting cleared if someone uses *Services/HAProx... David Maina
04:50 AM Bug #7873 (Closed): When upgrading, some services/packages do not come back online on the first reboot (but do on the second): I am using pfSense on virtual machines on VMware, and noticed the following services do not start properly on the fir... Stéphane Lapie
03:08 AM Feature #3013: Better upgrading for a CARP cluster: I have seen this improvement, so first of all, thank you so much.
However, the problem still remains that the CARP... Stéphane Lapie

09/17/2017

06:39 PM pfSense Packages Bug #7871: Add squid validation for selected CA when MITM is enabled: P.S. There's https://github.com/pfsense/FreeBSD-ports/pull/402 that's been sitting there for about a month, would be ... Kill Bill
06:32 PM pfSense Packages Bug #7871 (Resolved): Add squid validation for selected CA when MITM is enabled: Obviously, this needs to be a CA we have a private key to so that it can issue certificates on the fly to prevent PEB... Kill Bill
02:21 PM Bug #7870 (Not a Bug): Traffic Shaper Wizard produces rules that causes a fatal crash. Specifically, qLink:qInternet:qACK:qP2P:qGames:qOthersHigh:qOthersLow N:U:U:U:U:U:U:U' returned exit code '1': A crash+reboot when activating the shaper is not something that happens to everyone with the shaper. Those errors are... Jim Pingle
01:16 PM Bug #7870 (Not a Bug): Traffic Shaper Wizard produces rules that causes a fatal crash. Specifically, qLink:qInternet:qACK:qP2P:qGames:qOthersHigh:qOthersLow N:U:U:U:U:U:U:U' returned exit code '1': When running the traffic shaper wizard, after the filter refreshes the system crashes and does a forced reboot. Below... Hy Diep

09/16/2017

07:52 PM Feature #2358: NAT64 support: Seems FreeBSD 11.1 now has NAT64. This is what "we" were waiting on right?
https://www.freebsd.org/releases/11.1R/... Brandon Jackson
07:05 PM Bug #7865 (Confirmed): User groups -> Assigned Privileges doesn't work: The assign privileges control should be hidden when creating a group, but it's showing too soon.
Not critical enou... Jim Pingle
09:41 AM Bug #7865 (Resolved): User groups -> Assigned Privileges doesn't work: When you try to add a new usergroup (system_groupmanager.php?act=new) then you can assign privileges on this group an... Arian olde Kalter
06:57 PM Bug #7867 (Duplicate): Dynamic DNS provider password containing special character %: This is a duplicate of #6688, it has been fixed on 2.4, not 2.3.x. Jim Pingle
01:15 PM Bug #7867: Dynamic DNS provider password containing special character %: Login to the service openDNS failed then the password contained the special character %. The "Dynamic DNS Clients" GU... Olof Söderström
01:13 PM Bug #7867 (Duplicate): Dynamic DNS provider password containing special character %: Login to the service openDNS failed then the password contained the special character %. The "Dynamic DNS Clients" GU... Olof Söderström
06:48 PM Bug #7866 (Rejected): snort version 3.2.9.5_1 shows WAN status as stopped: Jim Pingle
06:46 PM Bug #7866: snort version 3.2.9.5_1 shows WAN status as stopped: ... Kill Bill
04:25 PM Bug #7866: snort version 3.2.9.5_1 shows WAN status as stopped: Here is snippet from the system log:... Yuri Weinstein
11:53 AM Bug #7866: snort version 3.2.9.5_1 shows WAN status as stopped: Ok posted on forum
So no bugs against snort are to be logged ?
What is unclear from this issue ?
Thx Yuri Weinstein
11:32 AM Bug #7866: snort version 3.2.9.5_1 shows WAN status as stopped: Please use forums [1] for support. There's no info here to identify any bug, plus there were no changes whatsoever re... Kill Bill
10:02 AM Bug #7866 (Rejected): snort version 3.2.9.5_1 shows WAN status as stopped: After updating to snort version 3.2.9.5_1 status for WAN is always shown as stopped via Services/Snort/Interfaces
... Yuri Weinstein
06:05 PM Revision d4d86e3e: SNMP, check for several hypervisors that cause hostres module high cpu usage: also skip setting it in the bnsmp config when such platform is detected without needing the user to save settings again Pi Ba
03:45 PM Bug #7869 (Resolved): Hyper-v vm traffic shaper error: hn0: driver does not support altq: after applying traffic shaper in a clean and new installed 2.4RC on a Hyper-v vm I got this message:
There were er... Nadav Rak
01:32 PM Bug #7868 (Resolved): bsmtpd hostres feature should not be active when running on esx/proxmox/virtualbox: Even though the message on services/smtp page says:
"The hostres module is not compatible with VMware virtual machin... Pi Ba
10:03 AM Bug #7864: OpenVPN (tun/tap) is not showing: I found out that when it was maked through the wizard option, this will happen. Arian olde Kalter
09:32 AM Bug #7864 (Resolved): OpenVPN (tun/tap) is not showing: In the description of the OpenVPN Servers there was the information of it was an (tun) or (tap) tunnel.
Now it only ... Arian olde Kalter
07:26 AM Bug #7594: "vtnet: driver does not support altq" following upgrade to 2.4 (worked in pfSense 2.3): I can confirm that Traffic Shaping is broken on VTNET Interfaces.
If active the Firewall / PortForward Rules don't w... T S
07:22 AM Bug #6028: no firewall rules loaded after reboot with invalid ruleset: Another example making no rulesloaded (vtnet doesnt support altq): https://redmine.pfsense.org/issues/7594 Pi Ba
05:13 AM Bug #7863 (New): The "WebCfg - All pages" permission inclueds the "User - System: Shell account access" even though that is not a WebCofg page.: If this is intended that is fine but it just seems wrong to me. David B
04:13 AM Revision 24e87e2e: Fix the kern-debug package. The debug modules are now in /usr/lib/debug/boot/kernel.: Include /boot/modules in the kernel package.
(cherry picked from commit 1ec6f217695fd15e9d1e9b3c0b6829e4b86eda0c) Luiz Souza
04:12 AM Revision 1ec6f217: Fix the kern-debug package. The debug modules are now in /usr/lib/debug/boot/kernel.: Include /boot/modules in the kernel package. Luiz Souza
03:46 AM pfSense Packages Bug #7862: package zabbix lts: Duplicate of Bug #6129. Kill Bill

09/15/2017

08:54 PM Revision cb1ce2d4: Remove debug code.: (cherry picked from commit 48009b827409d6d6dd19a9f0d5d18f80ca62092a) Luiz Souza
08:54 PM Revision 34ca88c3: Do not remove the temporary files (debug only).: (cherry picked from commit b9253e25374bb686824a33d1c9201bdb7aeb1483) Luiz Souza
08:54 PM Revision 10417dca: Set a default when findroot is not set.: (cherry picked from commit 3eb019d5214f40e67520c919e3d42ba776d9a212) Luiz Souza
08:54 PM Revision b5b1ada8: Add some debug output.: (cherry picked from commit 5d376f2d315490861a30dd41da50165d2f7e6a2d) Luiz Souza
08:51 PM Revision 48009b82: Remove debug code.: Luiz Souza
08:16 PM Revision b0bb406d: Fixed #7728: Revised enabled/disabled diplay to match other firewall pages
(cherry picked from commit 25b82b200de7e846066bef3c6a3... Steve Beaver
08:15 PM Revision faa88940: Implements PR170013 - Revise setup wizardwording and links: (cherry picked from commit d8455e10d71ab90b7faa96bc1748fa761e7a4166) Steve Beaver
08:12 PM Revision b9253e25: Do not remove the temporary files (debug only).: Luiz Souza
08:00 PM Revision 3eb019d5: Set a default when findroot is not set.: Luiz Souza
07:39 PM Revision 5d376f2d: Add some debug output.: Luiz Souza
07:02 PM Bug #4310: Limiters + HA results in hangs on secondary: Moved, yet again :( Jose Duarte
05:57 PM Revision abe02f2b: Fix the build, add the new getopt option.: Reported by: garga
Pointy-hat to: loos
(cherry picked from commit 5e58e8bdedb48f605df96b4a7f942a2fd979d5d4) Luiz Souza
05:56 PM Revision 5e58e8bd: Fix the build, add the new getopt option.: Reported by: garga
Pointy-hat to: loos Luiz Souza
05:23 PM Revision dad3885f: Remove the previous 'no_dad' workaround now that if_stf is fixed.: Partly revert b76e0baebb70775b192507ec18f523141800ce95. Luiz Souza
04:46 PM Revision 64ff77ec: Switch FreeBSD branch to RELENG_2_4 -> RELENG_11_1: Luiz Souza
04:31 PM Revision e1605823: Pass the search path to create_core_package.sh.: This allows the use of more than one path to build the package.
(cherry picked from commit 318a7b7766d442c9c4de0f29b... Luiz Souza
04:30 PM Revision 318a7b77: Pass the search path to create_core_package.sh.: This allows the use of more than one path to build the package. Luiz Souza
03:57 PM Revision d8455e10: Implements PR170013 - Revise setup wizardwording and links: Steve Beaver
03:44 PM Bug #7790: dpinger / code using it, falsely defines a down gateway as up after dpinger gets restarted.: Yes it was definitely weird, I saw it on maybe 3/12 test systems (so ~1/4) but not every boot either. They're all OK ... Jim Pingle
03:40 PM Bug #7790: dpinger / code using it, falsely defines a down gateway as up after dpinger gets restarted.: Thats kinda what i meant with "i dont want to know", as even though now the check and usage are always only microseco... Pi Ba
03:17 PM Bug #7790: dpinger / code using it, falsely defines a down gateway as up after dpinger gets restarted.: Because during the sleep while it's in the loop, the file can disappear if something happens in the background. Jim Pingle
03:11 PM Bug #7790: dpinger / code using it, falsely defines a down gateway as up after dpinger gets restarted.: So 'file exists' check returns true, but then it doesn't exist.. Wondering how that can be ;) well i probably dont wa... Pi Ba
02:52 PM Bug #7790 (Resolved): dpinger / code using it, falsely defines a down gateway as up after dpinger gets restarted.: Seems OK, though I did have to push a fix because this resulted in PHP errors in some cases. See commit:59104a6ff6c86... Jim Pingle
03:34 PM Bug #7728 (Resolved): 1:1 NAT: Destination IP Alias not displayed as web link: Looks good now (was missing from RELENG_2_4_0 so not in 2.4-RC snaps) Jim Pingle
03:30 PM Bug #7728 (Feedback): 1:1 NAT: Destination IP Alias not displayed as web link: Applied in changeset commit:b0bb406db95414d8ceaae1f782c1172a5a97e0d1. Anonymous
02:50 PM Bug #7728 (Assigned): 1:1 NAT: Destination IP Alias not displayed as web link: I still don't see alias details when using an alias as a destination. Just the word, no special formatting/display/li... Jim Pingle
03:27 PM Bug #6860 (Assigned): Monitoring (RRD) graphs return "unknown" step value: The step value from the last comment is still missing. Jim Pingle
03:08 PM Bug #7268 (Resolved): System Info Widget "All" button does not work with "Disable the automatic dashboard auto-update check": Looks good, on SG-1000 I have the auto update check disabled and the JS all/none selector still works for me in the s... Jim Pingle
03:07 PM Bug #7805 (Resolved): dashboard System Information - inconsistent date formats: Looks good to me Jim Pingle
03:03 PM Bug #7804 (Resolved): System info widget CPU usage not updating in IE. Needs Math.trunc() polyfill.: Works in IE now Jim Pingle
03:01 PM Bug #7185 (Resolved): DHCP6c SIGTERM, SIGKILL: Jim Pingle
02:58 PM Bug #6782 (Resolved): pkg update can trigger multiple updates per second: Seems fine now to me. Jim Pingle
02:57 PM Bug #4287 (Resolved): Wrong display for ppp in Interfaces page: Closing this out. If it's still a problem for someone that can reproduce it, please comment and we can look deeper. Jim Pingle
02:47 PM Bug #7625 (Resolved): When creating IPv6 firewall rule for single host, netmask improperly displays: Looks OK all-around now. Jim Pingle
02:45 PM Bug #7501 (Resolved): Interfaces statistics widget GUI + JSON (2 issues): works Jim Pingle
02:43 PM Feature #7193 (Resolved): NTP process PGRMF: PR was merged, seems to be OK but not possible to confirm at the moment. If it is not working, someone can reply here... Jim Pingle
02:42 PM Feature #7122 (Resolved): Add filters to various dashboard widgets: All the filters I've tried work well. Looks good from here. Closing. Jim Pingle
02:42 PM Bug #7415 (Resolved): favicon is not correctly implemented: Jim Pingle
02:42 PM Todo #6885 (Resolved): Add vectorized logo in web interface: Jim Pingle
02:41 PM Todo #6853 (Resolved): Convert nanobsd installation to full install during upgrade: Directions work fine, upgrade results in a working full install using the entire disk. Jim Pingle
02:38 PM Bug #6318 (New): IPsec dashboard widget causes GUI failure: I still see this but it seems less common than it did in the past. Either have bad timing or sit on the dashboard too... Jim Pingle
02:30 PM Bug #7324 (Resolved): DHCPv6 Dynamic DNS hostname: Works, the directive is in the config now. Jim Pingle
02:29 PM Bug #7854 (Resolved): OpenVPN Remote Access Server Setup Wizard - Regex too strict: The wizard now allows the user to use any characters they want in certificate fields and escapes them properly before... Jim Pingle
02:28 PM Bug #7853 (Resolved): Signed CSRs always use SHA1, which is weak: Works now, uses whatever the user chooses and defaults to SHA256 Jim Pingle
02:28 PM Bug #7830 (Resolved): LDAP authentication fails using SSL with intermediate certificates: Works now Jim Pingle
11:06 AM pfSense Packages Bug #7862 (Duplicate): package zabbix lts: zabbix proxy package + zabbix 3.4
Connection problem:
Without the functionality in this release.
Altemon Moura Altemon
10:51 AM Feature #7861 (Resolved): Make "Descriptive name" of certificates editable: Please make it possible to edit the "Descriptive name" of System --> Certificate Manager --> Certificates. You can ed... Lars Möller
07:13 AM Bug #7860 (Rejected): Plicy base routing with "any" destination is not working: Discuss this on the forum, reddit, or mailing list first. I use rules with exactly that setup on multiple firewalls a... Jim Pingle
12:56 AM Bug #7860 (Rejected): Plicy base routing with "any" destination is not working: After update from 2.2.6 to 2.3.4, all PBR
With "any" destination go through default GW Nima Mohammadi
03:06 AM Revision b98f6074: If /boot/loader.conf is not presetn check /boot/loader.conf.local.: (cherry picked from commit 4ff3adec7a6bdd6d87cc5eeae2b1039954ee5ce2) Luiz Souza
03:06 AM Revision 4ff3adec: If /boot/loader.conf is not presetn check /boot/loader.conf.local.: Luiz Souza

09/14/2017

08:35 PM Feature #7541: ZFS Install, add hot spare option: So instead of just making changes about a target version and priority, can we get some real dialogue here? T M
08:22 PM pfSense Packages Bug #7850: Include file containing XML_RPC_encode() missing from snort: Fix was merged into the Packages respository on 9/14/2017. This bug report can be closed.
Bill Bill Meeks
01:53 PM Feature #7842: New Dynamic DNS Provider: Mythic-Beasts: Jim Thompson wrote:
> Do you have a pull request?
Nope. I can help with the cURL commands that are needed, but I'... Darryn Storm
01:36 PM Feature #7842: New Dynamic DNS Provider: Mythic-Beasts: Do you have a pull request? Jim Thompson
01:29 PM Revision 9b6a7693: Move this file_exists test inside the dpinger status check loop and also suppress PHP errors from stream_socket_client(): Both are done to avoid a race where the status file can be missing and the status check fails, resulting in an alert/... Jim Pingle
12:55 PM Revision 793dc52d: Move this file_exists test inside the dpinger status check loop and also suppress PHP errors from stream_socket_client(): Both are done to avoid a race where the status file can be missing and the status check fails, resulting in an alert/... Jim Pingle
12:53 PM Revision 59104a6f: Move this file_exists test inside the dpinger status check loop and also suppress PHP errors from stream_socket_client(): Both are done to avoid a race where the status file can be missing and the status check fails, resulting in an alert/... Jim Pingle
12:47 PM Revision 271fc45e: Fix incorrect function name/typo. Ticket #7719: (cherry picked from commit 48c4a0ea0958c0820f6caab2bf5182967114ac58) Jim Pingle
12:46 PM Revision 48c4a0ea: Fix incorrect function name/typo. Ticket #7719: Jim Pingle
09:12 AM pfSense Packages Bug #7859 (Feedback): FRR doesn't use the raw config setting: Pushed a fix, will be up shortly. Jim Pingle
08:37 AM pfSense Packages Bug #7859 (Resolved): FRR doesn't use the raw config setting: FRR package doesn't use the raw config settings because of the bug in the config generation. I guess the XML tag has ... Iasen Kostov

09/13/2017

05:06 PM pfSense Packages Bug #7820: 2.4: dnsmasq can no longer handle punycode, compile time options change?: Jim Pingle wrote:
> We are compiling everything the way it should be, there isn't anything for us to change or fix. ... Paul Tarsus
02:51 PM Bug #7858: CARP and preemption: Hello Jim,
I've retried the testing by disconnecting a network cable, and yes the preemption works.
Sorry for this ... Phil Keep
02:41 PM Bug #7858: CARP and preemption: Hello Jim,
I'm using 2 physical boxes. I'm not using VMs.
Cheers Phil. Phil Keep
02:37 PM Bug #7858 (Not a Bug): CARP and preemption: If you unplug an adapter (or mark it down in the hypervisor -- NOT at the OS level) then CARP will preempt, the prima... Jim Pingle
02:34 PM Bug #7858 (Not a Bug): CARP and preemption: There is a pending ticket related or close to the CARP preemption behavior:
https://redmine.pfsense.org/issues/4845
... Phil Keep
09:30 AM Bug #6223: IPsec + OpenBGPD fails with "PF_KEY socket: No buffer space available": FYI- FRR is now available for 2.4, 2.3.5 (snapshots), and 2.3.4 users. Internal tests show that it does not suffer fr... Jim Pingle
05:14 AM Bug #7600: Unable to save DNS Resolver settings: I just want to chime in on this problem. I'm experiencing this problem also.
Something I noticed is, that I cannot e... Nicki Messerschmidt
03:43 AM Bug #7857 (New): Interfaces Widget U/I fails to wrap IPV6 addresses when the string is too wide for the widget: Strictly a U/I issue, the widget fails to wrap when the browser window is set small enough to make the string too wid... Bryan Stenson

09/12/2017

09:44 PM pfSense Packages Bug #7850: Include file containing XML_RPC_encode() missing from snort: The fix for this problem has been submitted in a Github pull request. Once that request is approved and merged, this... Bill Meeks
05:51 PM Revision 5311adaa: Relax OpenVPN wizard cert validation to match that of the cert manager and encode values before using them. Fixes #7854: Also, CDATA escape these fields in config.xml since they will most likely contain characters which are invalid in XML... Jim Pingle
05:49 PM Revision 00d5594c: Relax OpenVPN wizard cert validation to match that of the cert manager and encode values before using them. Fixes #7854: Also, CDATA escape these fields in config.xml since they will most likely contain characters which are invalid in XML... Jim Pingle
02:55 PM Bug #7856 (Resolved): IPsec status does not show all connected mobile clients: The IPsec status page only shows one connected mobile client, no matter how many are connected. All clients are shown... Jim Pingle
01:33 PM Bug #7763: IX driver - fails to recognize media type with SFP after link drop: FreeBSD 11.1 also appears to be running 3.1.13-k driver. Intel driver:
https://downloadcenter.intel.com/download/146... Clinton Cory
01:01 PM Bug #7854: OpenVPN Remote Access Server Setup Wizard - Regex too strict: After inspecting the code, this was a bit easier than I expected it to be, so I pushed a fix. Jim Pingle
01:00 PM Bug #7854 (Feedback): OpenVPN Remote Access Server Setup Wizard - Regex too strict: Applied in changeset commit:00d5594c737d475abab8e0361bb3ff7f93b98ac8. Jim Pingle
08:03 AM Bug #7854 (Confirmed): OpenVPN Remote Access Server Setup Wizard - Regex too strict: In light of #7540 all of that validation probably does need to be revisited soonish. There are relatively few restric... Jim Pingle
03:27 AM Bug #7854: OpenVPN Remote Access Server Setup Wizard - Regex too strict: Must be something else than email, that message is for country/state/city/organization.
https://github.com/pfsense... Kill Bill
12:37 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: Paal Andreas Lindsetmo wrote:
> I hope this can help you with the troubleshooting/isolation of the problem:
>
> W... Morten Freberg
08:08 AM Bug #7272: 6rd not functioning on 2.4.0-BETA: I hope this can help you with the troubleshooting/isolation of the problem:
When I use a clean system with WAN+LAN... Paal Andreas Lindsetmo
07:17 AM Bug #7790: dpinger / code using it, falsely defines a down gateway as up after dpinger gets restarted.: Works for me :). But then again, i made the patch. Would be weird if it didn't 'fix' my reported issue..
Question ... Pi Ba
06:56 AM Bug #7855 (Duplicate): Captive Portal and IPv6 doesn't work: Jim Pingle
06:52 AM Bug #7855: Captive Portal and IPv6 doesn't work: Duplicate of #1831 Kill Bill
06:50 AM Bug #7855 (Duplicate): Captive Portal and IPv6 doesn't work: My pfsense works with IPv4 + IPv6 routing normal.
However, when I activate the Captive Portal all IPv6 traffic is ... Daniel Franca

09/11/2017

09:30 PM Bug #7854 (Resolved): OpenVPN Remote Access Server Setup Wizard - Regex too strict: In the OpenVPN Remote Access Server Setup Wizard, when trying to input a valid email, "The following input errors wer... Ryan Skinner
08:44 PM Revision 17058e37: Fix #7719: When Dynamic DNS entry uses a gateway group as interface,
return_gateway_groups_array() will be called and it returns... Renato Botelho
08:40 PM Revision 46583aba: Fix #7719: When Dynamic DNS entry uses a gateway group as interface,
return_gateway_groups_array() will be called and it returns... Renato Botelho
08:02 PM Revision f9f087eb: gateway monitoring, give apinger some time to properly 'initialize' before using its results: (cherry picked from commit 29fa6f0f46ba039a67a93c00a08bcaecc3935b78) Pi Ba
08:02 PM Revision ec5a3865: gateway monitoring, give apinger some time to properly 'initialize' before using its results: (cherry picked from commit 29fa6f0f46ba039a67a93c00a08bcaecc3935b78) Pi Ba
08:02 PM Revision 78670b63: Merge pull request #3763 from PiBa-NL/20170624-apinger-initialize: Renato Botelho
08:02 PM Revision 18bc2e2a: Update translation files: Renato Botelho
08:02 PM Revision bf4e4651: Regenerate pot: Renato Botelho
07:51 PM Revision 4cf6048b: Update translation files: Renato Botelho
07:51 PM Revision b71adf8c: Regenerate pot: Renato Botelho
05:46 PM Revision 27127b4a: Add a field to pick a digest algo when signing a CSR, otherwise it ends up with SHA1. Fixes #7853: While here, add the cert serial number and sig digest type to the info block for each cert.
(cherry picked from comm... Jim Pingle
05:44 PM Revision aec3a259: Add a field to pick a digest algo when signing a CSR, otherwise it ends up with SHA1. Fixes #7853: While here, add the cert serial number and sig digest type to the info block for each cert. Jim Pingle
04:19 PM Bug #7710: IGMP Proxy: Note,,,,,IGMP Proxy is working fine on SG-2220 on same configuration. Jeremy Lewis
03:50 PM Bug #7719 (Feedback): Dynamic DNS updates not working on interface failover: Applied in changeset commit:46583aba3a382c28fb6bc4bbbcd7dbf28fe38782. Renato Botelho
03:48 PM Bug #7819: php-fpm crashing: Luiz is working on this Renato Botelho
08:14 AM Bug #7819: php-fpm crashing: I have been experiencing the same issues on one VM for a few weeks now. Another VM, and 4 appliances are all fine. ... Marc Mapplebeck
03:31 PM pfSense Packages Bug #7820: 2.4: dnsmasq can no longer handle punycode, compile time options change?: We are compiling everything the way it should be, there isn't anything for us to change or fix. If you can replicate ... Jim Pingle
03:24 PM pfSense Packages Bug #7820: 2.4: dnsmasq can no longer handle punycode, compile time options change?: So I take it 2.4 will ship with this regression? Paul Tarsus
03:03 PM Bug #7790 (Feedback): dpinger / code using it, falsely defines a down gateway as up after dpinger gets restarted.: PR has been merged, thanks Renato Botelho
02:58 PM Bug #7272 (Assigned): 6rd not functioning on 2.4.0-BETA: Renato Botelho
01:00 PM Bug #7853 (Feedback): Signed CSRs always use SHA1, which is weak: Applied in changeset commit:aec3a259271be5dae63b148a48b7778c0cd0660e. Jim Pingle
12:42 PM Bug #7853 (Resolved): Signed CSRs always use SHA1, which is weak: When signing a CSR in the 2.4 GUI there is no choice to pick a digest algorithm for signing. Thus, when a CSR is sign... Jim Pingle
12:26 PM Feature #7852 (New): Add views support to Unbound GUI: See https://forum.pfsense.org/index.php?topic=126740.msg699877#msg699877 for usage hints.
(Yes, this is the BIND-s... Kill Bill
08:57 AM pfSense Packages Bug #7851 (Not a Bug): HAProxy Frontend bug - pfSense 2.3.2-RELEASE: That value works for me, I can't reproduce this at all. I can create new entries with that or edit existing entries. ... Jim Pingle
08:50 AM pfSense Packages Bug #7851: HAProxy Frontend bug - pfSense 2.3.2-RELEASE: The value I had was/is *1000000*
Is there a limit in the number of entries I can add under the "Actions" section of ... Peter Omolo
07:22 AM pfSense Packages Bug #7851 (Feedback): HAProxy Frontend bug - pfSense 2.3.2-RELEASE: What exact value did the field have?
I can't reproduce any problem here. If I put in a number and save, it saves t... Jim Pingle
08:29 AM Bug #6340 (Resolved): fsck hangs boot in background, fails to produce any action, resulting in broken firewall: Renato Botelho
08:14 AM Bug #4689 (Resolved): Panic/Crash "sbflush_internal: cc 4294967166 || mb 0 || mbcnt 0": The FreeBSD bug report is still open, though it doesn't contain any reports of issues on 11.x. I haven't seen any rec... Jim Pingle
12:10 AM Bug #4689: Panic/Crash "sbflush_internal: cc 4294967166 || mb 0 || mbcnt 0": does anyone see this on 2.3 (and an 11.0 base)? Jim Thompson
07:53 AM pfSense Packages Bug #7850 (Confirmed): Include file containing XML_RPC_encode() missing from snort: Checking the code, I can confirm that the snort package hasn't been adjusted for XMLRPC sync on 2.4. Looking at that ... Jim Pingle

09/10/2017

11:46 PM pfSense Packages Bug #7851: HAProxy Frontend bug - pfSense 2.3.2-RELEASE: assigned to Pingle for evaluation. Jim Thompson
11:22 PM pfSense Packages Bug #7851 (Not a Bug): HAProxy Frontend bug - pfSense 2.3.2-RELEASE: Hi Support,

I encountered a bug while trying to add an ACL entry on the HAProxy frontend. When I click save the “... Peter Omolo
10:59 PM pfSense Packages Bug #7850: Include file containing XML_RPC_encode() missing from snort: This did not turn up in my pre-report search: https://forum.pfsense.org/index.php?topic=136388 Chris Linstruth
03:11 PM pfSense Packages Bug #7850 (Resolved): Include file containing XML_RPC_encode() missing from snort: Attempting to enable XMLRPC Sync in Snort results in this:
Fatal error: Call to undefined function XML_RPC_encode(... Chris Linstruth
02:06 PM Revision c5007d58: show disabled status on status-interfaces: Phillip Davis
09:15 AM Feature #7085: Edit Firewall Rules Seperator: +1 for this Eron Lloyd
07:53 AM Bug #7272: 6rd not functioning on 2.4.0-BETA: Larry Rosenman wrote:
> No, I can *NOT* ping ipv6 addresses from the FW. Add the default route, and all is better. ... Morten Freberg
03:29 AM Bug #7807: sg-1000 random reboot when traffic shaping enabled: i noticed it crashes and reboots when u max out any one internet line by running speedtest.net above 50mbps download ... Bipin Chandra
02:34 AM Bug #7807: sg-1000 random reboot when traffic shaping enabled: sorry attached the wrong image earlier, kindly delete that Bipin Chandra
02:33 AM Bug #7807: sg-1000 random reboot when traffic shaping enabled: this also happens on the apu2 when u have 2 WAN connections and floating match rules to assign traffic to queues for ... Bipin Chandra

09/09/2017

10:34 PM Revision adf5849b: openvpn, show interface configured for openvpn server/client on the overview: Pi Ba
02:37 PM Bug #7849: 2.4.0.b.20170804.1634 doesnt upgrade: 'Not a Bug' is a closed state. Jim Pingle
02:25 PM Bug #7849: 2.4.0.b.20170804.1634 doesnt upgrade: ok, found and tried this :
https://forum.pfsense.org/index.php?topic=135004.msg741752#msg741752
pkg update -f
pk... gavin penney
07:02 AM Bug #7849 (Not a Bug): 2.4.0.b.20170804.1634 doesnt upgrade: There was a minor issue around the time of your present snapshot, but it was solved a day or two later and thus is no... Jim Pingle
06:49 AM Bug #7849 (Not a Bug): 2.4.0.b.20170804.1634 doesnt upgrade: upgrade doesnt work, says everything is successful, reboots...and is the same version as before it "upgraded"
I ha... gavin penney

09/08/2017

05:11 PM Revision c95c70e2: Build FRR on 2.3.4: Jim Pingle
11:45 AM Bug #7819: php-fpm crashing: With php56-pfSense-module-0.49, one system (8860 on Factory) no longer sees the crashes. However, the other system (A... Jim Pingle
11:21 AM Bug #6363: AutoConfigBackup Restore Actions column missing due to long XMLRPC sync merge strings in the configuration description: Fixed description, PR was merged. Jim Pingle
11:11 AM Bug #7145: rc.newwanipv6 running in all cases, even for a renew: Given the scope of the changes and what had to be done, it's unlikely to make it to 2.3.x. Jim Pingle
10:31 AM Bug #7272: 6rd not functioning on 2.4.0-BETA: No, I can *NOT* ping ipv6 addresses from the FW. Add the default route, and all is better.
Something somewhere i... Larry Rosenman
10:30 AM Bug #7272: 6rd not functioning on 2.4.0-BETA: Larry Rosenman wrote:
> I'm still seeing the missing Default Gateway for IPv6 on my box. I'm here in Austin, so if ... Ole-Henrik Jakobsen
09:52 AM Bug #7272: 6rd not functioning on 2.4.0-BETA: I'm still seeing the missing Default Gateway for IPv6 on my box. I'm here in Austin, so if a local netgate person wa... Larry Rosenman
09:30 AM Bug #7272: 6rd not functioning on 2.4.0-BETA: Just want to update that this is probably fixed. After I changed the monitoring IP to something else than Altibox gat... Ole-Henrik Jakobsen

09/07/2017

06:05 PM Bug #7848: NDP Table Sort by Expiration Error: This also affects the ARP table in 2.4.0 RC. Daryl Morse
06:04 PM Bug #7848 (New): NDP Table Sort by Expiration Error: When you try to sort the NDP table by expiration, sorting is based on the value of the first digit, irrespective of t... Daryl Morse
04:11 AM Bug #7825: missing "BACKUP" in CARP status with IPv6: Hello again,
I think it's probably a bug after all.

To trigger the error, I proceed as follows:
0. Use XMLRPC s... Helge Wiethoff

09/06/2017

05:27 PM Feature #7847: USB NIC not loading (TP-Link UE300 RTL8153): Just found https://lists.freebsd.org/pipermail/freebsd-net/2015-June/042396.html
usbconfig -d ugen0.2 set_config 1... J L
05:19 PM Feature #7847: USB NIC not loading (TP-Link UE300 RTL8153): Please, let me know if there's anything i can do to advance this J L
05:18 PM Feature #7847 (Needs Patch): USB NIC not loading (TP-Link UE300 RTL8153): The TP-Link UE300 usb nic is not loading an interface. The device is well supported on Apple OSX, Linux, Microsoft Wi... J L
05:08 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: Alright, I followed this old guide and made it work:
http://www.dslreports.com/forum/r30489490-IPv6-6rd-pfSense-Andr... Ole-Henrik Jakobsen
04:56 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: You need the Router Advertisements tab. Not DHCPv6. Kill Bill
04:51 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: Larry Rosenman wrote:
> YES. it's what makes SLAAC work.
>
> Do look at the RADVD pages on the IPv6 DHCP pages.
... Ole-Henrik Jakobsen
04:33 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: YES. it's what makes SLAAC work.
Do look at the RADVD pages on the IPv6 DHCP pages. Larry Rosenman
04:32 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: Larry Rosenman wrote:
> is radvd running on your box?
>
> The symptom I described is what I'm seeing on
> Fre... Ole-Henrik Jakobsen
04:20 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: is radvd running on your box?
The symptom I described is what I'm seeing on
FreeBSD 11.0-RELEASE-p12 #23 8ac57... Larry Rosenman
04:17 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: Larry Rosenman wrote:
> The issue is the 6RD default IPv6 route goes away/isn't set up at boot.
>
> If I just rou... Ole-Henrik Jakobsen
03:44 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: The issue is the 6RD default IPv6 route goes away/isn't set up at boot.
If I just route -6 add default <IPv6 versi... Larry Rosenman
03:42 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: Morten Freberg wrote:
> Ole-Henrik Jakobsen wrote:
> > Morten Freberg wrote:
> > > This does still not work after ... Ole-Henrik Jakobsen
03:48 AM Bug #7272: 6rd not functioning on 2.4.0-BETA: Ole-Henrik Jakobsen wrote:
> Morten Freberg wrote:
> > This does still not work after a reboot.
> >
> > Although... Morten Freberg
04:54 PM Revision e01c77c8: adding case route53-v6 to setvisible(): adding case route53-v6 to setvisible() Matthew Fine
04:50 PM Revision 3b6c7333: adding route53-v6: modified constants DYNDNS_PROVIDER_VALUES and DYNDNS_PROVIDER_DESCRIPTIONS to add route 53 v6. Matthew Fine
04:44 PM Revision 49b8fbdd: adding getRequestBodyV6 method to the Route53 class: adding getRequestBodyV6 method to add AAAA rtype to Route53 class. Matthew Fine
04:40 PM Revision 44c64da1: adding route53-v6 case: adding route53-v6 to allow dynamic dns to update route 53 with a AAAA type. Matthew Fine
03:10 PM Bug #7846 (Duplicate): Hyper-v vm traffic shaper error: hn0: driver does not support altq: after applying traffic shaper in a clean and new installed 2.4RC on a Hyper-v vm I got this message:... Nadav Rak
02:04 PM Revision f0b23d73: Fix boot loader on first slice: Renato Botelho
01:47 PM Revision e6a46f60: Try to prevent it to run on a bad system: Renato Botelho
12:27 PM pfSense Packages Bug #7845 (Rejected): Lets Encrypt acme plugin doesn't update webConfigurator certificate: It certainly does. I'm running it on a dozen systems in my lab and they all update the GUI certificate.
Be sure to... Jim Pingle
12:24 PM pfSense Packages Bug #7845 (Rejected): Lets Encrypt acme plugin doesn't update webConfigurator certificate: Acme renews the Lets Encrypt certificate without any problems. But it never replaces the old certificate with the ren... Dennis Alexandersson
11:37 AM Revision d071acf5: Make sure pkg, pfSense, pfSense-base, pfSense-rc and kernel are set as vital: Renato Botelho
11:37 AM Revision fdcec236: Make sure pkg, pfSense, pfSense-base, pfSense-rc and kernel are set as vital: Renato Botelho
10:48 AM Bug #7844 (Rejected): no login to pfSense if multiprocessing is enabled in Firefox 55.0.3 fresh install, no profile, clean setup with 2.4.0-RC: I use several instances of FF 55.0.3 with multiprocess across several operating systems (Linux, OS X, Windows) and ha... Jim Pingle
10:38 AM Bug #7844 (Rejected): no login to pfSense if multiprocessing is enabled in Firefox 55.0.3 fresh install, no profile, clean setup with 2.4.0-RC: I just found that a login to pfsense 2.4.0-RC is impossible due to cookie issues with Message: The browser must suppo... Ingo-Stefan Schilling
08:15 AM Feature #7843 (Resolved): DynamicDNS Widget - Show Description: Allow the widget to show the DynamicDNS provider configuration description.
If you are using a custom provider, t... Darryn Storm
08:12 AM Feature #7842 (Resolved): New Dynamic DNS Provider: Mythic-Beasts: Add DynamicDNS Provider - Mythic-Beasts
API documentation can be found here: https://www.mythic-beasts.com/support... Darryn Storm
07:11 AM Bug #7841: CARP Sync Issue - when no internet on standby: That scenario is rare and not one we technically support or encourage. It's OK for secondary WANs or LANs but both fi... Jim Pingle
03:47 AM Bug #7841 (Closed): CARP Sync Issue - when no internet on standby: Hi all
I've noted a possible bug in pfSense CARP. We have multiple pf instances set up in failover. In some of t... Brian Stivala
03:13 AM Bug #7833: ipfw will not limit download speed - captiveportal: Related forum threads:
- https://forum.pfsense.org/index.php?topic=136221.0
- https://forum.pfsense.org/index.php?t... Kill Bill

09/05/2017

07:31 PM Revision 617bb801: Spell it correct: Renato Botelho
06:51 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: Morten Freberg wrote:
> This does still not work after a reboot.
>
> Although it works until next reboot if you g... Ole-Henrik Jakobsen
03:51 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: This does still not work after a reboot.
Although it works until next reboot if you go to Interfaces -> WAN and th... Morten Freberg
03:33 PM Revision d3324e2c: Remove /cf partition and move its content to /cf directory under / partition: Renato Botelho
03:30 PM Revision 37330ae1: Do not call pfSense-upgrade, let user do it: Renato Botelho
01:55 PM Todo #6853 (Feedback): Convert nanobsd installation to full install during upgrade: Instructions to help users migrate their nanobsd to full install are here https://doc.pfsense.org/index.php/Upgrading... Renato Botelho
01:55 PM Todo #4847 (Closed): NanoBSD Image Flash Block Misalignment: nanobsd is dead in 2.4 and future versions Renato Botelho
01:12 PM Revision b9d12420: Add set -e to abort if any of main commands fail: Renato Botelho
12:57 PM Revision 94db81da: Add a script to help users converting nanobsd to full install: Renato Botelho
11:57 AM Bug #7838 (Not a Bug): NAT outbound source using alias always shows /32: When you use an alias, the CIDR drop-down on the NAT page does nothing. Any subnet mask must be specified in a networ... Jim Pingle
11:56 AM pfSense Packages Bug #3342 (Resolved): Missing input validation for MAC addresses: Jim Pingle
11:31 AM Bug #7145: rc.newwanipv6 running in all cases, even for a renew: Are there any plans to have this fixed with a 2.3.* release?
I'm having the same problem (https://forum.pfsense.o... Rodrigo Ferraz

09/04/2017

09:58 PM Bug #6028: no firewall rules loaded after reboot with invalid ruleset: I wrote this 4 years ago in #3175 Grischa Zengel
02:11 PM Bug #7840 (Resolved): OpenVPN 2.4 Server: Hide Interface when Protocol is Multihome: This is merely cosmetic, but may also help cut down on some confusion.
If "Protocol" is set for "<UDP/TCP> IPv4 an... Brandon Jackson
02:01 PM Revision e9034b15: Remove /root/force_growfs after use it: Renato Botelho
02:01 PM Revision 5f2cdcf2: Remove /root/force_growfs after use it: Renato Botelho
01:44 PM Bug #7839 (Resolved): IPv6 ICMPv6 Type 3 Code 0 (hop limit exceeded in transit) reply uses wrong address.: Forum post here https://forum.pfsense.org/index.php?topic=136009.0
When pfsense receives a packet with a TTL of 1,... Brandon Jackson
09:56 AM Bug #7778: DHCP relay not working correctly with bridges: When adding interface that's member of the bridge: yes
When adding the bridge (without it's interfaces): no Sander Peterse
03:21 AM Bug #7838 (Not a Bug): NAT outbound source using alias always shows /32: Using alias for NAT outbound source network which in our case is a /24 always shows /32 when you edit it again.
If y... Alexander Lindqvist
02:55 AM Bug #7837: fragmented packets not reassembled over IPSec tunnel: Disabling NAT in the tunnel does not change anything. Florian Apolloner

09/03/2017

03:28 PM Bug #7837 (Duplicate): fragmented packets not reassembled over IPSec tunnel: I am trying to ping a machine over an ipsec tunnel:... Florian Apolloner
04:46 AM pfSense Packages Bug #6378: inline background styles in squidguard package: Someone kindly merge this PR and call it a day. https://github.com/pfsense/FreeBSD-ports/pull/385
It makes things ... Kill Bill
04:38 AM pfSense Packages Bug #3342: Missing input validation for MAC addresses: Validation has been there for a while.
https://github.com/pfsense/FreeBSD-ports/pull/308
https://github.com/pfsen... Kill Bill
03:17 AM pfSense Packages Bug #7670: Bind : Serial for slave zone is missing in IHM: I have no idea what's IHM but there's no serial saved in config.xml for slave zones (you cannot even configure it, th... Kill Bill
03:04 AM pfSense Packages Bug #7271: Co-existence of unbound and BIND/named: Test this please.
https://github.com/pfsense/FreeBSD-ports/pull/416 Kill Bill

09/02/2017

06:53 AM pfSense Packages Bug #7836: FreeRADIUS - certain chars in clients shared secret result in broken configuration: https://github.com/pfsense/FreeBSD-ports/pull/415 Kill Bill
06:50 AM pfSense Packages Bug #7836 (Resolved): FreeRADIUS - certain chars in clients shared secret result in broken configuration: See https://forum.pfsense.org/index.php?topic=135980.msg744283#msg744283 and following.
E.g., having a shared secr... Kill Bill
04:22 AM Bug #7592: SG-1000: Unbound not always restarting properly after changes in /etc/hosts: @Sep 2 02:01:45 dhcpleases kqueue error: unkown
Sep 2 02:01:45 dhcpleases Could not deliver signal HUP to process ... rub man

09/01/2017

07:55 PM Revision d10d17e8: Revert "Add the AWS ena module to MODULES_OVERRIDE list.": This reverts commit 5ba35b98a3726ab206931cdfa51e3dd23227b7b2. Renato Botelho
07:55 PM Revision 2da8f1b0: Revert "Add the AWS ena module to MODULES_OVERRIDE list.": This reverts commit 5ba35b98a3726ab206931cdfa51e3dd23227b7b2. Renato Botelho
05:15 PM Revision bf6a223c: Use RELENG_2_4_0 for now: Renato Botelho

08/31/2017

03:48 PM Bug #4703 (Closed): Inconsistent availability of direction on CP IP/MAC/hostname passthrough: Anonymous
03:43 PM Bug #4703: Inconsistent availability of direction on CP IP/MAC/hostname passthrough: The direction has been back for over 2 years.
https://github.com/pfsense/pfsense/commit/ef548f9824380d008722870dd1... Kill Bill
03:32 PM Bug #1875: Captive Portal Voucher Error Messages won´t accept Umlauts: Duplicate of Bug #1454, plus should be a non-issue now that UTF-8 is being used. Kill Bill
03:20 PM Bug #7833: ipfw will not limit download speed - captiveportal: Duplicate of Bug #7813. No idea why https://github.com/pfsense/pfsense/commit/5f6825bbac6373a909651c90e8ca268242f6eed... Kill Bill
08:03 AM Bug #7833 (Resolved): ipfw will not limit download speed - captiveportal: With a fresh snapshot 2.4.0-RC install, only enabled the captiveportal and set a Default download (Kbit/s).
When I l... Azure it
03:08 PM Revision dee2ecb2: Enable upload mode when rsync'ing snaps or packages: Renato Botelho
03:08 PM Revision 297a7fe4: Enable upload mode when rsync'ing snaps or packages: Renato Botelho
03:07 PM Revision d610e4ba: Enable upload mode when rsync'ing snaps or packages: Renato Botelho
03:07 PM Revision d2dfde1a: Enable upload mode when rsync'ing snaps or packages: Renato Botelho
01:08 PM Revision 9686b337: Use spaces in the write_config() message to prevent text wrapping issues in webGUI: See https://redmine.pfsense.org/issues/6363
(cherry picked from commit 8cb29dac04283045f82303c2ee1d2f772299d238) Doktor Notor
01:08 PM Revision 529dac21: Merge pull request #3809 from doktornotor/patch-5: Jim Pingle
12:16 PM pfSense Packages Bug #7835: freeradius unit wrong for varusersmaxbandwidthup and varusersmaxbandwidthdown: May I suggest "Enter the maximum bandwidth for download in Kbps" and moving on? Kill Bill
12:09 PM pfSense Packages Bug #7835: freeradius unit wrong for varusersmaxbandwidthup and varusersmaxbandwidthdown: Then we can change the description to say kibibit instead. Changing the multiplier would result in people having an u... Jim Pingle
11:51 AM pfSense Packages Bug #7835: freeradius unit wrong for varusersmaxbandwidthup and varusersmaxbandwidthdown: Jim Pingle wrote:
> There are 1024 bits in a kilobit. Not 1000. I'll fix the "in in" typo.
Freebsd uses 1000 bits... Azure it
09:36 AM pfSense Packages Bug #7835 (Not a Bug): freeradius unit wrong for varusersmaxbandwidthup and varusersmaxbandwidthdown: There are 1024 bits in a kilobit. Not 1000. I'll fix the "in in" typo. Jim Pingle
09:31 AM pfSense Packages Bug #7835 (Not a Bug): freeradius unit wrong for varusersmaxbandwidthup and varusersmaxbandwidthdown: When we add a new radius user, we can set Maximum Bandwidth Down/Up and in the help we can read:
*Enter the maximum ... Azure it
11:35 AM Bug #7817: Login CSRF token fail on boot.: Jim Pingle wrote:
> What packages do you have installed? Which dashboard widgets?
>
> I update about a dozen lab ... John Pettitt
08:04 AM Bug #7817 (Feedback): Login CSRF token fail on boot.: What packages do you have installed? Which dashboard widgets?
I update about a dozen lab systems every day or two ... Jim Pingle
09:14 AM Bug #7832 (Duplicate): ipv6cp enabled, even with ipv6 disabled: Jim Pingle
09:06 AM Bug #7832: ipv6cp enabled, even with ipv6 disabled: https://redmine.pfsense.org/issues/7822 Michael Kellogg
04:37 AM Bug #7832 (Duplicate): ipv6cp enabled, even with ipv6 disabled: For a ppp(oe) interface, even when ipv6 is disabled the "set bundle enable ipv6cp" line is present and ipv6cp negotia... dean hamstead
09:01 AM Bug #7834 (Resolved): Disabling captiveportal will not flush the ipfw pipes: Disabling captiveportal will not flush the ipfw pipes.
Has we can seen with the commands *ipfw table all list ;echo;... Azure it
08:37 AM Bug #7825: missing "BACKUP" in CARP status with IPv6: okay. Thanks for the hint. Just to complete this issue: The problem was the synchronization of the "Virtual IP Passwo... Helge Wiethoff
08:12 AM Bug #7825 (Not a Bug): missing "BACKUP" in CARP status with IPv6: OK, so something is amiss in the VIP or interface state on the secondary, but the status page is actually doing all i... Jim Pingle
08:07 AM Bug #7825: missing "BACKUP" in CARP status with IPv6: Jim Pingle wrote:
> Is the status OK on the master node?
Yupp. On the master node everything is fine and the text f... Helge Wiethoff
07:52 AM Bug #7825 (Feedback): missing "BACKUP" in CARP status with IPv6: I can't reproduce this but the only IPv6-enabled cluster I have handy is on 2.4.0
Is the status OK on the master n... Jim Pingle
04:56 AM Feature #7812: ZFS handling of autopreplace: ideally, there ought to be a page for managing zfs, like there is for geom mirrors(albiet pretty limited), or at leas... gavin penney

08/30/2017

06:45 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: Anything new on this?
Any log files we can provide with? Ole-Henrik Jakobsen
06:40 PM Feature #7831: Enable an option to choose how to restart system: Jim Pingle wrote:
> The problem is specific to your hardware and not a general issue. Adding an option for that, whi... Ole-Henrik Jakobsen
06:14 PM Feature #7831 (Needs Patch): Enable an option to choose how to restart system: The problem is specific to your hardware and not a general issue. Adding an option for that, which would be of no use... Jim Pingle
04:28 PM Feature #7831 (Needs Patch): Enable an option to choose how to restart system: With the current reboot cycle it will just hang at the end, and I tried to disable ACPI and find related settings in ... Ole-Henrik Jakobsen
06:08 PM Revision 389020e3: Use the full CA chain when sending an LDAP SSL query. Fixes #7830: While here, fix a couple more ldap_start_tls() calls that need a preceding @.
(cherry picked from commit ff500c90646... Jim Pingle
06:07 PM Revision ff500c90: Use the full CA chain when sending an LDAP SSL query. Fixes #7830: While here, fix a couple more ldap_start_tls() calls that need a preceding @. Jim Pingle
01:20 PM Bug #7830 (Feedback): LDAP authentication fails using SSL with intermediate certificates: Applied in changeset commit:ff500c90646c8db5abe77d7efb02c7d191df6902. Jim Pingle
01:05 PM Bug #7830 (Resolved): LDAP authentication fails using SSL with intermediate certificates: When attempting authentication against and LDAP server using SSL/TLS, attempts to bind to the server fail if the serv... Jim Pingle
12:22 PM Revision 52e5efc8: Restore bad login message: (cherry picked from commit 7d7c65c2ffa4bcabccc10d0e3e319afbd979192b) Steve Beaver
12:21 PM Revision 7d7c65c2: Restore bad login message: Steve Beaver
12:15 PM Revision 56de61a7: Restore bad username or password message: (cherry picked from commit ca44a37cad5e905e3a76b6ce862de6ec5d3bcb06) Steve Beaver
12:14 PM Revision ca44a37c: Restore bad username or password message: Steve Beaver
11:02 AM Revision 2b58318b: Unbound Serve expired: Serve expired – Records stay in cache after TTL expires, with a TTL value of 0, if a new lookup is requested the cach... Martin Wasley
07:06 AM Bug #7719: Dynamic DNS updates not working on interface failover: See also: #7101, #7798 Jim Pingle
07:05 AM Bug #7798 (Duplicate): DynDNS client does not update when running on a gateway group.: Duplicate of #7719 Jim Pingle
07:05 AM Bug #7101 (Duplicate): services_dyndns.php not updating via gateway group, ok with the interface: Duplicate of #7719 Jim Pingle
05:39 AM pfSense Packages Bug #7782 (Resolved): FreeRADIUS 3 - temporary FreeRADIUS CA/certificate generated on each package reinstall: Renato Botelho
02:03 AM pfSense Packages Bug #7782: FreeRADIUS 3 - temporary FreeRADIUS CA/certificate generated on each package reinstall: Confirmed fixed, certificate/CA saved in config and no duplicates generated on reinstall. Thanks. Kill Bill
05:39 AM Bug #7827 (Resolved): Clicking "Cancel" while deleting a firewall state will still delete it: Renato Botelho
01:12 AM Bug #7827: Clicking "Cancel" while deleting a firewall state will still delete it: I can confirm this is now fixed. Nano Caiordo

08/29/2017

06:15 PM Revision 6ad9ab93: Fixed #7827: (cherry picked from commit 634d68709128495b22caffef36f9351e3361e2ff) Steve Beaver
06:14 PM Revision 634d6870: Fixed #7827: Steve Beaver
05:09 PM Bug #7719: Dynamic DNS updates not working on interface failover: Yes, it looks like the same root cause to me.
Has anyone from the dev team seen these? Jorge Albarenque
04:37 PM Bug #7719: Dynamic DNS updates not working on interface failover: Maybe related to Bug #7101?
Problem still present with pfSense 2.3.4-RELEASE-p1 (amd64) Riccardo Di Sarcina
02:31 PM pfSense Packages Bug #7829 (Confirmed): Unable to expand the "Advanced Server Settings" in ACME certificate edit: OK. I see what you're talking about now.
Those settings do not exist for DNS-Manual. The fact that it displays any... Jim Pingle
02:14 PM pfSense Packages Bug #7829 (Not a Bug): Unable to expand the "Advanced Server Settings" in ACME certificate edit: Not enough detail here (what "Method" is selected? What + button?)
The only method with a "Key Type" is nsupdate, ... Jim Pingle
01:49 PM pfSense Packages Bug #7829 (Duplicate): Unable to expand the "Advanced Server Settings" in ACME certificate edit: Under Services\Acme\Certificate options: Edit, under Domain SAN List, clicking on the + icon next to "Key Type..." ap... Bart K
02:28 PM Revision b1655527: Don't print a PHP error if LDAP STARTTLS fails.: (cherry picked from commit b2c7a79c5ff8eefda4b19cf2718056c1ba6c12ca) Jim Pingle
02:27 PM Revision b2c7a79c: Don't print a PHP error if LDAP STARTTLS fails.: Jim Pingle
02:14 PM pfSense Packages Bug #7782 (Feedback): FreeRADIUS 3 - temporary FreeRADIUS CA/certificate generated on each package reinstall: This should, I hope, be fixed with 0.13 of the FreeRADIUS3 package. Jim Pingle
02:07 PM Bug #7828 (Duplicate): Unable to expand the "Advanced Server Settings: Duplicate of #7829 Jim Pingle
01:43 PM Bug #7828: Unable to expand the "Advanced Server Settings: Tested on Firefox 54 and Microsoft Edge 40.15063.0.0 Bart K
01:40 PM Bug #7828: Unable to expand the "Advanced Server Settings: Under Services\Acme\Certificate options: Edit, under Domain SAN List, clicking on the + icon next to "Key Type..." ... Bart K
01:38 PM Bug #7828 (Duplicate): Unable to expand the "Advanced Server Settings: Bart K
01:20 PM Bug #7827: Clicking "Cancel" while deleting a firewall state will still delete it: Applied in changeset commit:634d68709128495b22caffef36f9351e3361e2ff. Anonymous
01:16 PM Bug #7827 (Feedback): Clicking "Cancel" while deleting a firewall state will still delete it: Fixed as requested Anonymous
12:50 PM Bug #7827: Clicking "Cancel" while deleting a firewall state will still delete it: 2.4.0-RC (amd64)
built on Tue Aug 29 09:29:29 CDT 2017 Nano Caiordo
12:49 PM Bug #7827 (Resolved): Clicking "Cancel" while deleting a firewall state will still delete it: Hello gents,
On Diagnostic -> States if you click on the bin to delete a firewall state but then you click on Canc... Nano Caiordo
11:23 AM pfSense Packages Bug #7826 (Rejected): rule to open port 4500 udp for ipsec/ikev2 ignored and blocked: There must be something different about the packet causing it to be dropped. Please post on the forum, list, or reddi... Jim Pingle
11:02 AM pfSense Packages Bug #7826 (Rejected): rule to open port 4500 udp for ipsec/ikev2 ignored and blocked: Hello,
on a pfsense 2.3.4_1 installed on a vm ( vmware ), i create a ikev2 ipsec server.
If i try to connect with... Domenico De Monte
10:50 AM Bug #7821: GIF does not support broadcast: I found out the issue. I had to:
* change the tunnel IF IPv6 from None to Static
* access the radvd page for the ... Greg Toombs
07:40 AM Bug #7825 (Not a Bug): missing "BACKUP" in CARP status with IPv6: In status_carp.php the descriptive text ("BACKUP") next to the button is missing within an ipv6 CARP-setup:
!carp-ip... Helge Wiethoff

08/28/2017

07:54 PM Revision c5ad4704: Update translation files: Renato Botelho
07:54 PM Revision 12e8e8f6: Regenerate pot: Renato Botelho
07:51 PM Revision b8ab4260: Update translation files: Renato Botelho
07:46 PM Revision 8c306fcf: Regenerate pot: Renato Botelho
06:31 PM Bug #7805: dashboard System Information - inconsistent date formats: Much better.
Future enhancement: dashboard selection of locale (e.g. date format DD MMM CCYY instead of MMM DD CCY... David Burns
11:05 AM Bug #7805 (Feedback): dashboard System Information - inconsistent date formats: Bios date and version check date formats now match other timestamps on the dashboard
Thanks to sjones@netgate.com Anonymous
09:15 AM Bug #7805: dashboard System Information - inconsistent date formats: We can certainly change the "Version information updated" format. The others will require some research. Anonymous
04:03 PM Revision 5d383489: Partially addresses #7805: Bios date and version check date formats now match other timestamps on the dashboard
(cherry picked from commit fddb... Steve Beaver
04:02 PM Revision fddb73c7: Partially addresses #7805: Bios date and version check date formats now match other timestamps on the dashboard Steve Beaver
03:47 PM Revision 19b24bcc: Build FRR on 2.3.5 snaps for testing: Jim Pingle
12:52 PM pfSense Packages Bug #7820: 2.4: dnsmasq can no longer handle punycode, compile time options change?: Jim Pingle wrote:
> dnsmasq on 2.4 is compiled with NLS enabled
Hmmmm...... Kill Bill
12:10 PM pfSense Packages Bug #7820: 2.4: dnsmasq can no longer handle punycode, compile time options change?: Jim Pingle wrote:
> dnsmasq on 2.4 is compiled with NLS enabled, which in turn sets up a dependency for IDN2 and use... Paul Tarsus
09:01 AM pfSense Packages Bug #7820 (Feedback): 2.4: dnsmasq can no longer handle punycode, compile time options change?: dnsmasq on 2.4 is compiled with NLS enabled, which in turn sets up a dependency for IDN2 and uses -DHAVE_LIBIDN2. It ... Jim Pingle
12:00 PM pfSense Packages Feature #7824 (Resolved): [acme / Let's Encrypt] Bump to the latest acme.sh package: Our domain names are managed by Gandi, and we cannot use the Gandi Live API for the verification of the domain name o... S. Debreuil
11:52 AM Bug #7819 (Confirmed): php-fpm crashing: Those pf errors are unlikely to be related.
I can now reproduce the php-fpm crash on two units here. It may be a c... Jim Pingle
11:22 AM Bug #7819: php-fpm crashing: At one point in the alert section of the UI I also saw this:... Greg Toombs
11:06 AM Bug #7819: php-fpm crashing: 1. yes
2.... Greg Toombs
11:03 AM Bug #7819: php-fpm crashing: That 502 gateway timeout error happens when PHP crashes, so that's expected in this problem case. Sometimes it happen... Jim Pingle
09:56 AM Bug #7819: php-fpm crashing: I have updated to the latest snapshot:... Greg Toombs
08:45 AM Bug #7819: php-fpm crashing: If you update to a current snapshot, does it still crash? I can only seem to reproduce this on one system here, but i... Jim Pingle
10:30 AM Revision 745d3779: dyndns: Adding support for ClouDNS (https://www.cloudns.net): Wagner Sartori Junior
07:28 AM Revision c22d9142: MPD Custom Modem Init: Sven Auhagen
07:15 AM Feature #7823 (Resolved): Pull request: Add support for dynamic DNS provider ClouDNS: Hello,
Would be nice to have cloudns as a dynamic dns provider.
Pull request is done already:
https://github.c... Wagner Sartori Junior
02:40 AM Revision 8cb29dac: Use spaces in the write_config() message to prevent text wrapping issues in webGUI: See https://redmine.pfsense.org/issues/6363 Doktor Notor

08/27/2017

09:20 PM Bug #6363: AutoConfigBackup Restore Actions column missing due to long XMLRPC sync merge strings in the configuration description: Yeah, you have suggested a fix for an issue that noone could reproduce due to bad description and the screenshots com... Kill Bill
08:21 PM Bug #6363: AutoConfigBackup Restore Actions column missing due to long XMLRPC sync merge strings in the configuration description: Sure,
ACB has a problem displaying messages with long strings of text without spaces.
PFBlocker generates messa... Brett Merrick
07:58 PM Bug #6363: AutoConfigBackup Restore Actions column missing due to long XMLRPC sync merge strings in the configuration description: Huh? This bug is about ACB. Kill Bill
05:50 PM Bug #6363: AutoConfigBackup Restore Actions column missing due to long XMLRPC sync merge strings in the configuration description: Sorry, latest version and issue still exists:
Looks like the issue might be the list of PFBlocker lists has no spa... Brett Merrick
08:56 AM Bug #6363 (Resolved): AutoConfigBackup Restore Actions column missing due to long XMLRPC sync merge strings in the configuration description: Jim Pingle
03:13 AM Bug #6363: AutoConfigBackup Restore Actions column missing due to long XMLRPC sync merge strings in the configuration description: As noted above, wraps and works just fine on multiple boxes with Chrome, nothing invisible anywhere. Kill Bill
08:55 PM Bug #7819: php-fpm crashing: ... Greg Toombs
08:49 PM Bug #7819: php-fpm crashing: Please post the output of the following commands:... Jim Pingle
08:27 PM Bug #7819: php-fpm crashing: Disabling the interface stats widget did not help. I got another crash:... Greg Toombs
12:39 PM Bug #7819: php-fpm crashing: I don't see any pattern in the URLs. It's crashed with:... Greg Toombs
09:45 AM Bug #7819: php-fpm crashing: Core dump attached Greg Toombs
09:26 AM Bug #7819 (Resolved): php-fpm crashing: This might be a regression of #6813. It mentions some errors that are the same as what I'm seeing:... Greg Toombs
08:03 PM Bug #7822 (Closed): pppoe gui ivp6 set to none still enables in conf: pppoe gui ivp6 set to none still enables in conf
https://forum.pfsense.org/index.php?topic=135802.0 Michael Kellogg
07:50 PM Bug #4455: Router Advertisment Daemon does not add UnicastOnly for OpenVPN interfaces: I filed #7821. Same messages, different version, possibly a different cause. Greg Toombs
07:49 PM Bug #7821 (New): GIF does not support broadcast: This might be related to #4455.
I am seeing the same radvd spam under System / Routing logs:... Greg Toombs
07:31 PM Bug #7804: System info widget CPU usage not updating in IE. Needs Math.trunc() polyfill.: Need to wait for the next snap. The fix has been applied but not built yet. Anonymous
06:49 PM Bug #7804: System info widget CPU usage not updating in IE. Needs Math.trunc() polyfill.: IE 11.540 issue still present. "Retrieving CPU data" spinning gear. Bart K
03:28 PM Bug #7817: Login CSRF token fail on boot.: OK just updated (screen grabs attached), boot screen came up after update, then waited 30 seconds and tried to login ... John Pettitt
12:56 PM pfSense Packages Bug #7820: 2.4: dnsmasq can no longer handle punycode, compile time options change?: Just noticed this change in dnsmasq 2.77, new in 2.4:
> Remove historic automatic inclusion of IDN support when bu... Paul Tarsus
12:49 PM pfSense Packages Bug #7820 (Closed): 2.4: dnsmasq can no longer handle punycode, compile time options change?: I've used dnsmasq with a custom hosts file for years, with mappings including the following:
> 0.0.0.0 r7---sn-vgq... Paul Tarsus
10:51 AM Bug #6813: 2.3.3 built on Fri Sep 23 11:34:50 CDT 2016 - segfaulting processes result in non-functional system: Greg Toombs wrote:
> I'm not using OpenVPN, nor accessing the menu, but I still get a segfault that looks similar to... Kill Bill
10:46 AM Bug #6813: 2.3.3 built on Fri Sep 23 11:34:50 CDT 2016 - segfaulting processes result in non-functional system: Kill Bill wrote:
> Going to VPN - OpenVPN menu causes php-fpm to segfault.
I'm not using OpenVPN, nor accessing t... Greg Toombs
08:57 AM pfSense Packages Feature #6436 (Resolved): Add Stunnel binaries to the pfSense repository: Jim Pingle
03:04 AM pfSense Packages Feature #6436: Add Stunnel binaries to the pfSense repository: Merged, can be closed. Kill Bill
08:56 AM pfSense Packages Bug #6948 (Resolved): HAproxy files tab input validation nonsense - impossible to save files: Jim Pingle
03:15 AM pfSense Packages Bug #6948: HAproxy files tab input validation nonsense - impossible to save files: Can be closed. Kill Bill

08/26/2017

06:55 PM Bug #7818 (Duplicate): NTP clock frequency not plotting on monitor graph: Since 2.4 the NTP clock frequency is always plotted as zero rather than the actual frequency on the monitoring graph. John Pettitt
06:53 PM Bug #7817 (Not a Bug): Login CSRF token fail on boot.: When rebooting after an update the initial login works then ajax calls start failing a few seconds later and a re-log... John Pettitt
01:35 PM Feature #3971 (Resolved): IPv6 - Preserve the DUID used for WAN DHCP-PD in the configuration file: Jim Pingle
11:02 AM Feature #3971: IPv6 - Preserve the DUID used for WAN DHCP-PD in the configuration file: Done with https://github.com/pfsense/pfsense/pull/3304, can be closed. Kill Bill
09:40 AM Bug #7272: 6rd not functioning on 2.4.0-BETA: I'm seeing no default route for IPv6 after a reboot until I do another save on the WAN interface.
Larry Rosenman
06:52 AM Bug #7272: 6rd not functioning on 2.4.0-BETA: 2.4.0-RC (amd64) and custom hardware
built on Fri Aug 25 18:40:44 CDT 2017
FreeBSD 11.0-RELEASE-p12
net.link.br... Paal Andreas Lindsetmo
07:45 AM Bug #7816: IPv6 breaks on reboot: Hey, and thanks for the swift reply.
What about the fact that the firewall's WAN interface is unable to ping6 ipv6... Paal Andreas Lindsetmo
07:17 AM Bug #7816 (Duplicate): IPv6 breaks on reboot: Looks the same as #3965 -- bridges are setup too late for them to be used as a track interface at boot time. Jim Pingle
07:13 AM Bug #7816: IPv6 breaks on reboot: Paal Andreas Lindsetmo wrote:
> My setup:
>
> 2.4.0-RC (amd64) (custom hardware)
> built on Fri Aug 25 18:40:44 ... Paal Andreas Lindsetmo
07:07 AM Bug #7816 (Duplicate): IPv6 breaks on reboot: My setup:
2.4.0-RC (amd64) (custom hardware)
built on Fri Aug 25 18:40:44 CDT 2017
FreeBSD 11.0-RELEASE-p12
... Paal Andreas Lindsetmo
06:18 AM Todo #204: All write_config() statements should include a reason of some sort: https://github.com/pfsense/pfsense/pull/3805 (interfaces*.php)
https://github.com/pfsense/pfsense/pull/3806 (firewal... Kill Bill
03:49 AM Bug #7815 (Closed): IPSec MSS Clamping is matching traffic not related to IPSec: Hello,
IPSec setting "Maximum MSS" (MSS clamping) is acting on traffic that doesn't pass across IPSec, perhaps WAN... Spike R.D.

08/25/2017

08:41 PM Bug #7802 (Resolved): OpenVPN Server Compression option - misspelling: Jim Pingle
08:11 PM Bug #7802: OpenVPN Server Compression option - misspelling: Fixed.
David Burns
06:13 PM Revision 9b6fbf5a: remove old logo from default page: Jared Dillard
06:13 PM Revision 81c4f647: make css compatible with newer nvd3 version: Jared Dillard
06:12 PM Revision 07ce4d2b: update top nav bar logo: Jared Dillard
06:12 PM Revision e1aea63d: remove image from rss widget: Jared Dillard
06:12 PM Revision 4cbb6a6e: update favicon: Jared Dillard
05:39 PM Revision cd7ae8ba: remove old logo from default page: Jared Dillard
05:39 PM Revision 0b5ed87d: make css compatible with newer nvd3 version: Jared Dillard
05:39 PM Revision 0e11820b: update top nav bar logo: Jared Dillard
05:39 PM Revision 4b518ad0: remove image from rss widget: Jared Dillard
05:39 PM Revision 0408ddb1: update favicon: Jared Dillard
02:45 PM pfSense Packages Bug #7696 (Resolved): Telegraf Package Saving Incorrect Password: Jim Pingle
09:23 AM pfSense Packages Bug #7696: Telegraf Package Saving Incorrect Password: Fixed in 0.3 Kill Bill
02:45 PM pfSense Packages Bug #6603 (Resolved): pfblockerng's Unbound modifications leave system broken post-config restore: Jim Pingle
09:22 AM pfSense Packages Bug #6603: pfblockerng's Unbound modifications leave system broken post-config restore: The above is included in 2.1.1_10. Kill Bill
02:44 PM Bug #7809 (Resolved): Wireless interfaces are not upgraded properly for 2.4.0: Fixed Jim Pingle
01:42 PM pfSense Packages Bug #7797: Squid Reverse Proxy alternating between destinations: Kill Bill wrote:
> As noted on another bug (Bug #7752), the reverse proxy part of Squid is pretty much unmaintained.... Mickael Fouquet
09:35 AM Feature #7814 (Resolved): Unbound serve-expired please add to GU as tickbox: Suggest default to off
Description of feature here, its pretty killer.
serve-expired: <yes or no>
... Chris Collins
09:31 AM Bug #6406: Web process becomes unresponsive producing 502 Bad Gateway nginx: Having a fair amount of experience myself managing php hosting systems I can offer some thoughts.
On my own pfsens... Chris Collins
07:31 AM Bug #7813 (Resolved): Missing download statistics on captive portal with MAC filtering enabled: I'm testing the captive portal on 2.4 RC (updated to today) and I noticed that when MAC filtering is enabled the byte... Caio Plumbeo
06:00 AM Todo #6606: Adapt captive portal to work without multi-instance ipfw: EDIT: I created a new bug #7813 Caio Plumbeo
04:57 AM Bug #5319: Error message "No config named" in charon daemon: Bug is still present in 2.3.4-RELEASE-p1. Any news on fixing this? Kilian Ries

08/24/2017

06:44 PM Feature #7812 (New): ZFS handling of autopreplace: This idea was posted on the forum. It doesn't look hard and if an install needs ZFS (not just reinstall + use a saved... Stilez y
06:23 PM Revision 6f4e64ec: Fixed #7811: (cherry picked from commit 0b6c886bd69370842b0137f49add16fde00a0b2f) Steve Beaver
06:22 PM Revision 0b6c886b: Fixed #7811: Steve Beaver
06:20 PM Revision 7bf76c8c: Merge branch 'RELENG_2_4_0' of gitlab.netgate.com:pfsense/pfsense into RELENG_2_4_0: Steve Beaver
06:20 PM Revision c5180b26: Fixed #7811: (cherry picked from commit 1562b46aaaa0e402cb3b253d85aae734d4677dec) Steve Beaver
06:19 PM Revision 1562b46a: Fixed #7811: Steve Beaver
05:33 PM Revision b9a40f9b: I changed the path of egrep: Sven Auhagen
03:53 PM Revision 1e885cfd: Bump config revision, fix comment. Ticket #7809: Jim Pingle
03:53 PM Revision 15cc4eb4: Setup upgrade code for wireless interfaces to the new format needed for 2.4, and switch rc.bootup so the config upgrade happens before a mismatch test, otherwise we can't fix this type of situation. Fixes #7809: Jim Pingle
03:52 PM Revision fc319749: Bump config revision, fix comment. Ticket #7809: Jim Pingle
03:12 PM Bug #7811 (Resolved): Installed pacakges dashboard widget breaks if no packages are installed: Anonymous
01:30 PM Bug #7811: Installed pacakges dashboard widget breaks if no packages are installed: Applied in changeset commit:1562b46aaaa0e402cb3b253d85aae734d4677dec. Anonymous
01:24 PM Bug #7811 (Feedback): Installed pacakges dashboard widget breaks if no packages are installed: Fixed and tested in 2.4, 2.4.0, 2.3 & 2.3.4 Anonymous
01:18 PM Bug #7811 (Resolved): Installed pacakges dashboard widget breaks if no packages are installed: https://forum.pfsense.org/index.php?topic=135637.0 Anonymous
03:11 PM Revision 79ccd1f2: Setup upgrade code for wireless interfaces to the new format needed for 2.4, and switch rc.bootup so the config upgrade happens before a mismatch test, otherwise we can't fix this type of situation. Fixes #7809: Jim Pingle
01:02 PM Bug #7810 (Resolved): openssl/openvpn need to have loaded booth AESNI and cryptodev to accelerate AES operations , but gui alows you load only one at once: [2.4.0-RC][root@castor.ninex.info]/boot/kernel: kldunload cryptodev
[2.4.0-RC][root@castor.ninex.info]/boot/kernel: ... Grzegorz Krzystek
12:52 PM Revision f82af17a: Fixed #7804 Replace Math.trunc with Math.floor to make IE happy: (cherry picked from commit a1c3244c96b033891136ff2d95be61500a720231) Steve Beaver
12:50 PM Revision a1c3244c: Fixed #7804 Replace Math.trunc with Math.floor to make IE happy: Steve Beaver
12:49 PM Revision 113caa09: Fixed #7804: Replace Math.trunc with Math.floor to make IE happy
(cherry picked from commit ab5a3fa10e8dd2b88219a00ac410cb9ea8a0b... Steve Beaver
12:48 PM Revision ab5a3fa1: Fixed #7804: Replace Math.trunc with Math.floor to make IE happy Steve Beaver
12:41 PM Bug #5263: Installed Packages widget causes index.php to hang: Steve Beaver wrote:
> Version 2.4 now checks for updates via Ajax and so no longer "hangs" the dashboard.
??!!
... Kill Bill
12:34 PM Bug #5263: Installed Packages widget causes index.php to hang: Version 2.4 now checks for updates via Ajax and so no longer "hangs" the dashboard. Anonymous
11:44 AM Bug #7808: Dashboard brakes when adding widgets: I don't think there's anything new here. This widget, the dashboard update check and pretty much anything that runs p... Kill Bill
11:32 AM Bug #7808: Dashboard brakes when adding widgets: Sorry, still the same here. I have to reinstall to make it work again. How can I force to reset the GUI configuration... Pablo Trincavelli
09:56 AM Bug #7808 (Feedback): Dashboard brakes when adding widgets: Jim Thompson
09:35 AM Bug #7808: Dashboard brakes when adding widgets: Just tried it on 2.4.0.r.20170823.0033
can't duplicate. please retest with latest version.
Jim Thompson
08:56 AM Bug #7808: Dashboard brakes when adding widgets: Sorry, tested in version 2.4.0_RC Pablo Trincavelli
08:55 AM Bug #7808 (Resolved): Dashboard brakes when adding widgets: Apparently when adding Installed Packages widget, dashboard brakes and it does not update. Also the menu stop working... Pablo Trincavelli
10:52 AM Bug #7785: jQuery syntax error: unterminated regular expression literal: Well that's not a problem. I thought the intent of your latest fix was to have the same code on 2.3 and 2.4; if that'... Kill Bill
10:34 AM Bug #7785: jQuery syntax error: unterminated regular expression literal: I made a mistake. It was fixed as fast as possible and then fixed more comprehensively. Stuff happens.
The codebas... Anonymous
10:22 AM Bug #7785: jQuery syntax error: unterminated regular expression literal: Steve Beaver wrote:
> Re-written to accommodate old and new refresh systems based on whether register_ajax() functio... Kill Bill
07:12 AM Bug #7785: jQuery syntax error: unterminated regular expression literal: You are right :( Re-written to accommodate old and new refresh systems based on whether register_ajax() function exists. Anonymous
10:20 AM Bug #7809 (Feedback): Wireless interfaces are not upgraded properly for 2.4.0: Applied in changeset commit:79ccd1f2796059a7a60b865a383dc288662f86b7. Jim Pingle
09:24 AM Bug #7809: Wireless interfaces are not upgraded properly for 2.4.0: Looks like the interface mismatch test comes before the upgrade code, complicating this further. Jim Pingle
08:56 AM Bug #7809 (Resolved): Wireless interfaces are not upgraded properly for 2.4.0: The wireless interface structure changed on FreeBSD 11 (#6770) but there is no upgrade code to convert 2.3.x and olde... Jim Pingle
08:00 AM Bug #7804: System info widget CPU usage not updating in IE. Needs Math.trunc() polyfill.: Applied in changeset commit:ab5a3fa10e8dd2b88219a00ac410cb9ea8a0b5aa. Anonymous
07:53 AM Bug #7804 (Feedback): System info widget CPU usage not updating in IE. Needs Math.trunc() polyfill.: Anonymous
07:18 AM Bug #7804: System info widget CPU usage not updating in IE. Needs Math.trunc() polyfill.: polyfill.js is included by foot.inc so +should+ be available. I will attempt to reproduce. Which version of IE are yo... Anonymous
06:09 AM Bug #7176 (Resolved): IPv6 Monitor IP does not seem to propagate: Thanks! Renato Botelho
01:49 AM Bug #7176: IPv6 Monitor IP does not seem to propagate: 2.4.0-RC (amd64)
built on Wed Aug 23 05:47:05 CDT 2017
FreeBSD 11.0-RELEASE-p12
This now seems resolved.
Chris Palmer
06:03 AM Bug #7806 (Rejected): dashboard System Information - inconsistent crypto information: That is by design. The information in the CPU section is specific to the CPU, and shows up even when support for the ... Jim Pingle
04:57 AM Revision 8317f391: As discussed: Sven Auhagen
04:29 AM pfSense Packages Bug #6563: Squid still accepts sha1 certificates: https://github.com/pfsense/FreeBSD-ports/pull/402 since pretty much any decent browser nags about these nowadays. Kill Bill
03:16 AM pfSense Packages Feature #7691: Allow for custom icap services for squid: You can integrate any of them by putting them to _Custom Options (After Auth)_ (or pretty much any of the advanced cu... Kill Bill
02:09 AM Bug #7272: 6rd not functioning on 2.4.0-BETA: Larry Rosenman wrote:
> on my ATT 6RD Dpinger is now happy with
> Version 2.4.0-RC (amd64)
> built on Wed Aug 23... Ole-Henrik Jakobsen

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

09/22/2017

09/21/2017

09/20/2017

09/19/2017

09/18/2017

09/17/2017

09/16/2017

09/15/2017

09/14/2017

09/13/2017

09/12/2017

09/11/2017

09/10/2017

09/09/2017

09/08/2017

09/07/2017

09/06/2017

09/05/2017

09/04/2017

09/03/2017

09/02/2017

09/01/2017

08/31/2017

08/30/2017

08/29/2017

08/28/2017

08/27/2017

08/26/2017

08/25/2017

08/24/2017