Activity

30 days up to

User

Subprojects

Activity

From 08/29/2017 to 09/27/2017

09/27/2017

11:52 PM Bug #7898 (Closed): PFsense 2.4 RC 9/28/17 update - Traffic Shaper HFSC Priority field missing: See attached screenshot of HFSC shaper parent and qInternet Child which i already setup traffic shaper on 2.3 when i ... Pushapraj Bhamra
08:06 PM Revision f3c5f4c5: Add copyright notice to dashboard page (but only once per upgrade): Steve Beaver
06:32 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: this time around it took a bit for it to come up, but it did....
[2.4.1-DEVELOPMENT][ler@home-fw.lerctr.org]/tmp: ... Larry Rosenman
05:55 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: I can also confirm that it works with the current release (2.4.0.r.20170927.1221).
Only difference (when it comes to... Morten Freberg
03:21 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: DHCP / WAN (passthrough from my NVG-599).
It's consistently (at least now) getting a route by default (I've moved... Larry Rosenman
03:16 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: The only way I found to reproduce this problem (no default gateway at boot) was using DHCP on WAN and I intentionally... Luiz Souza
05:08 PM Bug #7846 (Duplicate): Hyper-v vm traffic shaper error: hn0: driver does not support altq: Jim Pingle
04:01 PM Bug #7846: Hyper-v vm traffic shaper error: hn0: driver does not support altq: Duplicate of Bug #7869 and fixed. Kill Bill
05:08 PM pfSense Packages Bug #7850 (Resolved): Include file containing XML_RPC_encode() missing from snort: Jim Pingle
03:53 PM pfSense Packages Bug #7850: Include file containing XML_RPC_encode() missing from snort: Fixed. Kill Bill
05:08 PM Bug #7839 (Resolved): IPv6 ICMPv6 Type 3 Code 0 (hop limit exceeded in transit) reply uses wrong address.: Jim Pingle
04:50 PM Bug #7839: IPv6 ICMPv6 Type 3 Code 0 (hop limit exceeded in transit) reply uses wrong address.: Fixed in 2.4.1 Kill Bill
01:15 PM pfSense Packages Feature #6022: Consider MLVPN for bonded VPN: Has there been any traction with this? I have been looking for something like this too. I'll add to the kitty for t... Mike T
12:04 PM Feature #7897 (Rejected): User Dashboard: Nothing will be available without logging in. That is not a secure means of accomplishing that goal. You can make res... Jim Pingle
11:54 AM Feature #7897: User Dashboard: This could be useful for Diags on remote sites that users can check.
Also for putting on a Plasma/Monitor on the ... Philip Hadfield
11:50 AM Feature #7897 (Rejected): User Dashboard: Having a Dashboard that can show stats without logging in.
Traffic, Link status, EG all the widgets without any of... Philip Hadfield
10:13 AM Bug #7763 (Resolved): IX driver - fails to recognize media type with SFP after link drop: Closing this issue as the driver is working as intended.
The media options will not be detected until you restart ... Luiz Souza
09:28 AM Bug #7896 (Resolved): picture_widget.php: Hi everyone,
First of all, thanks a bunch for such an effort you put on developing this awesome application. While... Valentin Bajrami
07:59 AM Bug #6499: pf fragment states not purged: The specific bug on this ticket is fixed on version 2.3.2 and later. Your system may legitimately have a lot of fragm... Jim Pingle
07:56 AM Bug #6499: pf fragment states not purged: Chris Buechler wrote:
> fixed
Every so often I am seeing "[zone: pf frag entries] PF frag entries limit reached" ... Hillie Sample
05:16 AM pfSense Packages Feature #7895 (Resolved): Add a script for CARP monitoring to NRPE: I have deployed several CARP clusters at work, but I realized there is no real good way to monitor CARP status :
* S... Stéphane Lapie
01:12 AM pfSense Packages Bug #7893: Kernel Panic Suricata Inline: The “generic_XXXXXX” in one of your screenshots shows you’re not running s netmap-capable NIC. (You’re getting the e... Jim Thompson

09/26/2017

10:45 PM Bug #7894 (Not a Bug): Open VPN not redirecting traffic over tunnel. Remote IPV6 shows as public IP when "Force all client generated traffic through the tunnel." option is enabled and all IPV6 through pfsense is blocked: Yeah that would have to be on the client side. It might even be using its own IPv6 tunneling protocol like Teredo Jim Pingle
10:10 PM Bug #7894: Open VPN not redirecting traffic over tunnel. Remote IPV6 shows as public IP when "Force all client generated traffic through the tunnel." option is enabled and all IPV6 through pfsense is blocked: So after a bit more trouble shooting, I am leaning against this being a bug in PfSense and possibly in my linux build... Shawn Moss
09:51 PM Bug #7894 (Not a Bug): Open VPN not redirecting traffic over tunnel. Remote IPV6 shows as public IP when "Force all client generated traffic through the tunnel." option is enabled and all IPV6 through pfsense is blocked: Hello All,
I just updated to the newest dev build and connected to it remotely and had a shocking supprise. For... Shawn Moss
06:41 PM Revision d47d9b28: Default config packages need to have vital flag set too: Renato Botelho
06:30 PM pfSense Packages Bug #7893: Kernel Panic Suricata Inline: Thanks for the info, you guys might want to get the package maintainer to put some info under the inline selection, i... Ken Sim
06:22 PM pfSense Packages Bug #7893 (Needs Patch): Kernel Panic Suricata Inline: Inline/Netmap is known to have issues with certain hardware (real or virtual). It's still somewhat of an experimental... Jim Pingle
06:12 PM pfSense Packages Bug #7893: Kernel Panic Suricata Inline: I rebooted the VM a few times, and it appears to have stopped it's panic reboot cycle. When I went in to view Suricat... Ken Sim
06:01 PM pfSense Packages Bug #7893 (Needs Patch): Kernel Panic Suricata Inline: I have been playing around with the 2.4.0/1 snapshots, and have found that when Suricata is enabled with inline block... Ken Sim
06:00 PM Revision 7d368325: Mark some core packages as vital: Renato Botelho
06:00 PM Revision 99db0fa7: Mark some core packages as vital: Renato Botelho
03:06 PM Revision d3fda40d: Detect XG-1537: Renato Botelho
03:06 PM Revision 53476cfb: Detect XG-1537: Renato Botelho
03:06 PM Revision e4f613db: Detect XG-1537: Renato Botelho
03:06 PM Revision 90c5e3a9: Detect XG-1537: Renato Botelho
01:55 PM Bug #7889: The dropdown tabs replacement fallback needs to be limited to certain pages: Found it. Had to go back and think about it a minute. It's in the pkg_edit.php file in this code near the bottom of... Bill Meeks
10:20 AM Bug #7889: The dropdown tabs replacement fallback needs to be limited to certain pages: Which line are the comments on? I don't see any. Anonymous
01:41 PM Bug #7763: IX driver - fails to recognize media type with SFP after link drop: The actual bug reported in this ticket is already fixed.
There was a bug in the driver that would fail to add the ... Luiz Souza
11:40 AM Bug #7763 (Assigned): IX driver - fails to recognize media type with SFP after link drop: Renato Botelho
10:28 AM Bug #7763: IX driver - fails to recognize media type with SFP after link drop: Loaded the latest snapshot from today on a XG-2758. The interface media type displayed properly:
ix0: flags=8843<UP,... Clinton Cory
12:15 PM Bug #7606: Using limiters and VLANs on Supermicro Xeon D boards crashes with kernel panic: For now it appears my issue has been resolved on 2.4.0.r.20170926.1006.
Side note though, floating rule still does... putzomatic none
08:51 AM Bug #7877 (Resolved): Crash when enabling traffic shaper on more than 1 port: People on forum report it's fixed Renato Botelho
08:49 AM Bug #3710 (Resolved): Adding static DHCP leases doesn't cause BIND zones to update: Renato Botelho
08:48 AM Bug #7869 (Resolved): Hyper-v vm traffic shaper error: hn0: driver does not support altq: Renato Botelho
02:56 AM Bug #7869: Hyper-v vm traffic shaper error: hn0: driver does not support altq: Solved! Works for me, thanks! Nadav Rak
08:47 AM Bug #7879 (Resolved): traffic shaper crashes with hfsc_dequeue: Renato Botelho

09/25/2017

08:40 PM Bug #7889: The dropdown tabs replacement fallback needs to be limited to certain pages: Thanks Bill. I will try to determine why that change was made. Anonymous
08:09 PM Bug #7889: The dropdown tabs replacement fallback needs to be limited to certain pages: To add another note to the conversation. There is a parameter in the _display_top_tabs()_ function that is supposed ... Bill Meeks
05:32 PM Bug #7879: traffic shaper crashes with hfsc_dequeue: After initial testing with and pushing some traffic through my queue's which seemed like a sure way to crash it befor... Pi Ba
03:17 PM Bug #7879 (Feedback): traffic shaper crashes with hfsc_dequeue: Found and fixed, a new commit was made to address this issue.
Please test again on the next snapshot.
Thanks! Luiz Souza
03:18 PM Bug #7877 (Feedback): Crash when enabling traffic shaper on more than 1 port: (duplicate from #7879): Found and fixed, a new commit was made to address this issue.
Please test again on the nex... Luiz Souza
01:44 PM Bug #7833: ipfw will not limit download speed - captiveportal: Works here as well. Thanks. Kill Bill
11:35 AM Bug #7833 (Resolved): ipfw will not limit download speed - captiveportal: Renato Botelho
11:18 AM Bug #7833: ipfw will not limit download speed - captiveportal: Confirmed, this looks fixed.
I see limiters created and traffic going into them both up and down:... Steve Wheeler
09:46 AM Bug #7833: ipfw will not limit download speed - captiveportal: [2.4.1-DEVELOPMENT][admin@pf6.localdomain]/root: ipfw table all list
--- table(cp_ifaces), set(0) ---
vmx1 2100 147... Vladimir Lind
09:42 AM Bug #7833: ipfw will not limit download speed - captiveportal: Renato Botelho wrote:
> Kill Bill wrote:
> > This got reverted yet again. Sigh.
>
> Yes, because kernel was fixe... Kill Bill
08:57 AM Bug #7833: ipfw will not limit download speed - captiveportal: Kill Bill wrote:
> This got reverted yet again. Sigh.
Yes, because kernel was fixed. Renato Botelho
12:41 PM Bug #7819: php-fpm crashing: The problem stated on this ticket is resolved. If you still have an issue, it's something different. Just because you... Jim Pingle
12:24 PM Bug #7819: php-fpm crashing: I am still getting 502 Bad Gateway every day, so bad its about once an hour.. Here is what I can get when its locked ... Chad Brandenburg
11:36 AM Bug #7813: Missing download statistics on captive portal with MAC filtering enabled: Confirmed:... Steve Wheeler
10:29 AM Bug #7813 (Resolved): Missing download statistics on captive portal with MAC filtering enabled: Renato Botelho
10:07 AM Bug #7813: Missing download statistics on captive portal with MAC filtering enabled: 2.4.1-DEVELOPMENT (amd64)
built on Sun Sep 24 21:37:23 CDT 2017
With enabled MAC filtering:
--- table(teaget... Vladimir Lind
11:25 AM Bug #7834: Disabling captiveportal will not flush the ipfw pipes: Confirmed dynamic Limiters are removed as expected:... Steve Wheeler
10:29 AM Bug #7834 (Resolved): Disabling captiveportal will not flush the ipfw pipes: Renato Botelho
09:56 AM Bug #7834: Disabling captiveportal will not flush the ipfw pipes: Looks good after disabling CP:
[2.4.1-DEVELOPMENT][admin@pf6.localdomain]/root: ipfw table all list ; echo ; ipfw ... Vladimir Lind
11:22 AM Bug #7807: sg-1000 random reboot when traffic shaping enabled: ok ill try to get crash log again, on apu2 it crashes as soon as u enable shaping on more than 1 interface and on sg-... Bipin Chandra
10:54 AM Bug #7807 (Duplicate): sg-1000 random reboot when traffic shaping enabled: Neither of those logs contain useful information, the most important parts are before those logs start. If you captur... Jim Pingle
10:37 AM Bug #7807: sg-1000 random reboot when traffic shaping enabled: crash log attached Bipin Chandra
08:57 AM pfSense Packages Bug #7891 (Rejected): (suricata), uid 0: exited on signal 11 (core dumped) latest 2.4.0-RC: This does not appear to be a general issue with suricata, but may be specific to your configuration or installation. ... Jim Pingle
06:27 AM Feature #4242: Two Factor or OTP Authentication for Admin Interface: This feature will be really helpful to meet the specifications from the PCI-DSS / ISO27001 or another security certs. Florent A
03:12 AM Revision ce6d6fdb: Tiny typo: Just removed an extra `'.'` → luckman212

09/24/2017

10:11 PM Bug #7763 (Feedback): IX driver - fails to recognize media type with SFP after link drop: Seems like you have found a real bug in the driver.
It is fixed in pfSense 2.4-RC, please try the next snapshot.
... Luiz Souza
09:06 PM pfSense Packages Bug #7891: (suricata), uid 0: exited on signal 11 (core dumped) latest 2.4.0-RC: Did a fresh reinstall and restored the backup and still got same issue. rub man
04:20 PM pfSense Packages Bug #7891: (suricata), uid 0: exited on signal 11 (core dumped) latest 2.4.0-RC: I found the core dump file.
I couldn't upload the .core file here as it is huge...
so I upload it to my dropbox:
... rub man
03:49 PM pfSense Packages Bug #7891 (Rejected): (suricata), uid 0: exited on signal 11 (core dumped) latest 2.4.0-RC: Hi,
Just upgraded from latest stable to next major version 2.4.0-RC today via gui.
Only major problem I have is s... rub man
04:50 PM Bug #7892 (Closed): AutoConfigBackup status reported incorrectly: Around 12PM Central time (9/24/17), AutoConfigBackup showed some alerts about unsuccessfully backing up the config.
... Anonymous
12:30 PM Bug #7879: traffic shaper crashes with hfsc_dequeue: I tried 2.4.1 with 'em' E1000 nics on ESXi.. that crashes to..
Version 2.4.1-DEVELOPMENT (amd64)
built on Sat Sep ... Pi Ba
06:53 AM Bug #7272: 6rd not functioning on 2.4.0-BETA: Larry Rosenman wrote:
> with the current code a straight reboot has the IPv6 default installed.
>
> However, on ... Jim Thompson
06:47 AM Bug #7272: 6rd not functioning on 2.4.0-BETA: with the current code a straight reboot has the IPv6 default installed.
However, on the upgrade to this code did ... Larry Rosenman
06:38 AM Bug #7272: 6rd not functioning on 2.4.0-BETA: Well I'm just saying that the results of your testing appear to be completely random and unrelated to any versions. H... Kill Bill
06:30 AM Bug #7272: 6rd not functioning on 2.4.0-BETA: just reporting what I'm seeing. I update to each RC and when I get IPv6 default route working I post, and when I see... Larry Rosenman
06:27 AM Bug #7272: 6rd not functioning on 2.4.0-BETA: Larry Rosenman wrote:
> Broke again at:
> 2.4.0-RC (amd64)
> built on Sat Sep 23 22:28:05 CDT 2017
> FreeBSD 11... Kill Bill
06:14 AM Bug #7272: 6rd not functioning on 2.4.0-BETA: Broke again at:
2.4.0-RC (amd64)
built on Sat Sep 23 22:28:05 CDT 2017
FreeBSD 11.0-RELEASE-p12 Larry Rosenman
04:36 AM Bug #7833: ipfw will not limit download speed - captiveportal: This got reverted yet again. Sigh. Kill Bill
01:02 AM Bug #6911: no network on hyperv-v 2012 R1: resolved in 2.4.1 Dmitry Ivanov

09/23/2017

11:12 PM Feature #7890: Support for Intel/AMD CPU microcode updates: https://github.com/pfsense/pfsense/pull/3828 for sysutils/devcpu-data and the kernel bits. Adding the GUI toggle to b... Kill Bill
11:08 PM Feature #7890 (Rejected): Support for Intel/AMD CPU microcode updates: It'd be useful to include support for Intel/AMD CPU microcode updates.
https://www.freebsd.org/doc/en/books/faq/co... Kill Bill
11:58 AM Bug #7594: "vtnet: driver does not support altq" following upgrade to 2.4 (worked in pfSense 2.3): What are the chances of getting this fixed for 2.4-RELEASE? Similar bugs (https://redmine.pfsense.org/issues/7869) s... John Silva
09:49 AM Bug #7272: 6rd not functioning on 2.4.0-BETA: And it works again at:
2.4.0-RC (amd64)
built on Fri Sep 22 20:41:05 CDT 2017
FreeBSD 11.0-RELEASE-p12 Larry Rosenman
09:27 AM Feature #7847: USB NIC not loading (TP-Link UE300 RTL8153): J L wrote:
> can this be considered as a request to have this automated ?
Stick it as earlyshellcmd to Shellcmd p... Kill Bill
05:58 AM Bug #7889 (Resolved): The dropdown tabs replacement fallback needs to be limited to certain pages: AFAICT, this was designed to aid systems with lots of interfaces, and intended for places such as Firewall - Rules. I... Kill Bill

09/22/2017

08:53 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: And it *BROKE* again on:
2.4.0-RC (amd64)
built on Fri Sep 22 11:35:27 CDT 2017
FreeBSD 11.0-RELEASE-p12 Larry Rosenman
04:02 PM Revision 27d1807a: Don't call widget callback function if no data is returned: (cherry picked from commit 89d83febe6bf0fd63ec72d53eb8e524a8d19994e) Steve Beaver
04:01 PM Revision 89d83feb: Don't call widget callback function if no data is returned: Steve Beaver
03:59 PM Revision 352f422c: Dashboard refresh system should not call the widget callback function if no data was returned: (cherry picked from commit 7a8131028874b334e43b5e7dcf894a86481543c6) Steve Beaver
03:57 PM Revision 7a813102: Dashboard refresh system should not call the widget callback function if no data was returned: Steve Beaver
02:43 PM Bug #7865 (Resolved): User groups -> Assigned Privileges doesn't work: Fixed Jim Pingle
01:53 PM Revision 97c69e81: Revert "Do not associate IP and MAC on down table. It should help #7813 and #7833": This reverts commit 0116f1c9bbf1a532fdd49c346c41b761c1e59d93. Luiz Souza
01:52 PM Revision bd068df3: Revert "Do not associate IP and MAC on down table. It should help #7813 and #7833": This reverts commit aa61ecfde0952ed1c3a035ac9489f5a5f9c51425. Luiz Souza
12:44 PM Feature #7847 (Needs Patch): USB NIC not loading (TP-Link UE300 RTL8153): Jim Pingle
12:44 PM pfSense Packages Bug #7278 (Resolved): Suricata Service - Advanced Configuration Pass-Through not working: Jim Pingle
11:53 AM Feature #7888 (New): Add a button in package manager GUI to upgrade all packages: Dunno, am I'm the only one who's missing this? Kill Bill
11:37 AM Bug #7869 (Feedback): Hyper-v vm traffic shaper error: hn0: driver does not support altq: There is a new knob to enable the support and now it is enabled by default in pfSense.
Will be available on the ne... Luiz Souza
01:37 AM Bug #7813 (Feedback): Missing download statistics on captive portal with MAC filtering enabled: Fixed. Please try the next snapshot (will be available on tomorrow's snapshot). Luiz Souza
01:36 AM Bug #7833 (Feedback): ipfw will not limit download speed - captiveportal: Fixed. Please try the next snapshot (will be available on tomorrow's snapshot). Luiz Souza
12:12 AM Feature #4796: Support Multiple FIBs in pfSense: I just stumbled upon a case where it would be nice to have the webConfigurator in a separate FIB, because of routing ... Stéphane Lapie

09/21/2017

07:45 PM Revision 603be247: Remove erroneous additional text.: AdamD
06:10 PM Revision 0116f1c9: Do not associate IP and MAC on down table. It should help #7813 and #7833: Renato Botelho
06:10 PM Revision aa61ecfd: Do not associate IP and MAC on down table. It should help #7813 and #7833: Renato Botelho
06:08 PM Revision a6f8dd7a: Revert "Update translation files": Bad commit log
This reverts commit ff8d44d194b6a5ada8fcd2aafe8c7ec358a7adae. Renato Botelho
06:05 PM Revision ff8d44d1: Update translation files: Renato Botelho
05:24 PM Bug #7887 (Not a Bug): User permissions do not protect firewall rules: It is working as designed. If you have permissions for a page, you can do anything on that page. The "Edit" page edit... Jim Pingle
05:10 PM Bug #7887: User permissions do not protect firewall rules: Michael Newton wrote:
> Javascript should have no bearing on it, since the permissions (should) get checked on the s... Kill Bill
05:04 PM Bug #7887: User permissions do not protect firewall rules: Kill Bill wrote:
> Michael Newton wrote:
> > 6. Right click on Save button, inspect in browser's tools and remove "... Michael Newton
04:55 PM Bug #7887: User permissions do not protect firewall rules: Michael Newton wrote:
> 6. Right click on Save button, inspect in browser's tools and remove "disabled" attribute
... Kill Bill
04:30 PM Bug #7887 (Not a Bug): User permissions do not protect firewall rules: User permissions have only cosmetic effect on the firewall page, if any, and are trivially easy to bypass.
Steps t... Michael Newton
05:02 PM Revision 575bc378: Update translation files: Renato Botelho
05:02 PM Revision f9cc13d0: Regenerate pot: Renato Botelho
04:27 PM Revision 1144e24c: Fixed #7856: Steve Beaver
02:23 PM Revision 0266efa6: Unbound - allow snoop from localhost: dig +trace fails without this, which is super annoying for debugging/diagnostics/benchmarking or whatever similar pur... Doktor Notor
12:57 PM Revision 1841c040: Update translation files: Renato Botelho
12:57 PM Revision 58a62782: Regenerate pot: Renato Botelho
12:37 PM Bug #7886: PRIQ, priority of 0 cannot be saved in GUI, GUI attempts to save a 0 value but actually ends up storing it as the default of 1: I also noticed that if you reorder and change the names of the priorities, and you have P2P catch-all set (default qu... jake xanaro
12:34 PM Bug #7886 (Resolved): PRIQ, priority of 0 cannot be saved in GUI, GUI attempts to save a 0 value but actually ends up storing it as the default of 1: PRIQ, priority of 0 cannot be saved in GUI, GUI attempts to save a 0 value but actually ends up storing it as the def... jake xanaro
12:06 PM Bug #7885 (Resolved): Cert. Manager should validate EKUs on importing a certificate authority: Currently, you can import any certificate as a CA, even ones that are actually unusable as a CA. Subsequently, you ca... Kill Bill
11:40 AM Bug #7856 (Feedback): IPsec status does not show all connected mobile clients: Applied in changeset commit:1144e24cabeda458b266b9874b827746f4c0f8a0. Anonymous
11:20 AM Bug #4723: Can't forward UDP fragmented packets with scrubbing enabled.: I am no longer able to troubleshoot this issue, I switched over to IPSec to resolve my SIP/UPD issue. I was working ... ryon m
11:13 AM Bug #7884 (Confirmed): Unbound refusing non-recursive/iterative queries even from localhost: PR looks good and the change lets @dig +trace@ and @drill -T@ work locally. Jim Pingle
09:42 AM Bug #7884 (Resolved): Unbound refusing non-recursive/iterative queries even from localhost: This is so much secure that it's annoying and getting in the way of normal work for not exactly any good reason.
<... Kill Bill
11:08 AM Bug #7500 (Resolved): Upgrade From 2.3.3_p1 to 2.4 Fails (libssl.so.8 not found): Jim Pingle
10:57 AM Bug #7500: Upgrade From 2.3.3_p1 to 2.4 Fails (libssl.so.8 not found): I'm no longer seeing this error on recent upgrades, please close the ticket.
For documentation, the following co... ryon m
07:45 AM Bug #7883 (Not a Bug): Aliases can only be deleted by some users: Most likely they had the 'deny config write' privilege which will do exactly this, and it's expected. On 2.4 it will ... Jim Pingle
04:25 AM Bug #7883: Aliases can only be deleted by some users: So, new insights (and the bug in that form can be closed):
- alias generation was not automatic but user triggered
... Felix Wolfsteller
03:57 AM Bug #7883 (Not a Bug): Aliases can only be deleted by some users: We have following setup:
- pfsense 2.3.4-RELEASE-p1
- one default admin user
- one user with all privileges assign... Felix Wolfsteller
05:45 AM Revision 316af8dc: Update misleading help text: Commit d57725aac5145b4f17097d61e3b5a6ca72f1754e updated the help text
to use LDAP search filter syntax. This is misle... AdamD
02:39 AM Feature #7882 (Rejected): Seperator feature in DHCP Static mapping for this feature: Under Firewall -> Rules you have the possibility to seperate the rules with a seperator, this is a nice feature and i... Arian olde Kalter

09/20/2017

02:54 PM Bug #7819 (Resolved): php-fpm crashing: This looks good with 0.50, it no longer crashes on either system I could reproduce the crash on originally. Jim Pingle
01:55 PM Bug #7819 (Feedback): php-fpm crashing: php56-pfSense-module version 0.50 should fix this Renato Botelho
02:37 PM Revision 2f4685ca: Merge branch 'master' of gitlab.netgate.com:pfsense/pfsense: Steve Beaver
02:35 PM Bug #7878 (Resolved): GUI lag in Edit Phase 1 ipsec: This works now for Chrome on OS X. Jim Pingle
02:32 PM pfSense Packages Bug #7876 (Resolved): Potential XSS in status_monitoring.php: Confirmed fixed on the latest snapshot. Jim Pingle
02:30 PM Bug #7864 (Resolved): OpenVPN (tun/tap) is not showing: This works now. The wizard is now correctly populating the appropriate variables for the VPN. Jim Pingle
12:28 PM Bug #7880: 504 Gateway Time-out: Yes, because the certificate verification and authentication is handled in PHP. If you have more questions, please po... Jim Pingle
12:24 PM Bug #7880: 504 Gateway Time-out: is there any reason vpn server not accepting incoming vpn connections? Nikos Kastanas
08:01 AM Bug #7880 (Not a Bug): 504 Gateway Time-out: If a command never terminates, it will run until something stops it (e.g. PHP execution timeout).
There is no way ... Jim Pingle
04:08 AM Bug #7880: 504 Gateway Time-out: Yeah nothing happens because the command will never return. It will keep pinging forever. PEBKAC. Kill Bill
03:18 AM Bug #7880 (Not a Bug): 504 Gateway Time-out: it is checked on different hardware with the same pfsense version 2.3.4-RELEASE-p1.
If try to run a command (eg ping... Nikos Kastanas
10:32 AM Feature #1205 (Closed): VPN: User-based / Group-based firewall rules: This has been in place since pfSense 2.1. It uses the same syntax as cisco inacl/outacl, for example "permit tcp from... Jim Pingle
10:07 AM Feature #1205: VPN: User-based / Group-based firewall rules: Ermal Luçi wrote:
> The user based rules are supported if they come from radius.
>
> Locally to pfSense they stil... Adrien Carlyle
09:46 AM Feature #6457: Allow ability to configure AWS EC2 AMI via userdata: Internal redmine ticket related to one of the user data options:
https://redmine.netgate.com/issues/162 Clinton Cory
06:51 AM Feature #7881 (New): OpenVPN client - add support for multiple server entries: OpenVPN in client mode supports multiple "remote" directives, these can be used for redundancy, if the first server f... robi robi
05:05 AM Bug #6406: Web process becomes unresponsive producing 502 Bad Gateway nginx: Chris Collins wrote:
> As an experiment I manually adjusted the php-fpm server configuration so there is more childr... Kill Bill
04:18 AM Bug #7813: Missing download statistics on captive portal with MAC filtering enabled: See Bug #7833 and kindly re-instate the AWOL fix. Kill Bill

09/19/2017

09:38 PM Revision 72d2dbdf: Only run swapon and rc.savecore when the SWAPDEVICE is valid.: (cherry picked from commit d988e0bbf991e28c611b194e9e6ccd99f818209b) Luiz Souza
09:38 PM Revision d988e0bb: Only run swapon and rc.savecore when the SWAPDEVICE is valid.: Luiz Souza
07:59 PM Revision 7e0b401d: Include boot/modules and also kernel.debug in kernel-debug package: Renato Botelho
07:58 PM Revision fd349773: Include boot/modules and also kernel.debug in kernel-debug package: Renato Botelho
07:41 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: upgraded today to:
2.4.0-RC (amd64)
built on Tue Sep 19 18:30:48 CDT 2017
FreeBSD 11.0-RELEASE-p12
and 6RD... Larry Rosenman
07:03 PM Bug #7879: traffic shaper crashes with hfsc_dequeue: Possible duplicate of #7877 Jim Thompson
12:57 PM Bug #7879 (Resolved): traffic shaper crashes with hfsc_dequeue: Today i experienced several crashes in 2.4RC i think there were at least 5.
Ive submitted the crash report a few tim... Pi Ba
05:47 PM Revision 72878dfa: Authentication selector JavaScript changed to eliminate lag: (cherry picked from commit dbef7a85819d3c971319de41d287f06419342105) Steve Beaver
05:46 PM Revision dbef7a85: Authentication selector JavaScript changed to eliminate lag: Steve Beaver
05:21 PM Revision 8451d0a9: Fix #7834: Delete IPFW pipes when disable Captive Portal zone: Renato Botelho
05:21 PM Revision 76c6bf5b: Remove correct file: Renato Botelho
05:21 PM Revision 666cc3d7: Ticket #7834: Add missing global declarations: Renato Botelho
05:21 PM Revision b2c92623: Fix #7834: Delete IPFW pipes when disable Captive Portal zone: Renato Botelho
05:21 PM Revision 5c7fead1: Remove correct file: Renato Botelho
05:21 PM Revision fbfbc6bd: Ticket #7834: Add missing global declarations: Renato Botelho
03:47 PM Bug #7778: DHCP relay not working correctly with bridges: Any updates on this issue? Do you agree this is a bug or is there a good reason why the bridge interface isn't added ... Sander Peterse
02:30 PM Revision a2d83aaf: Setup wizard revisions: (cherry picked from commit 09237040fd9a05415673a47d26e669b274981c2e) Steve Beaver
02:29 PM Revision 09237040: Setup wizard revisions: Steve Beaver
12:48 PM Bug #7878 (Feedback): GUI lag in Edit Phase 1 ipsec: JavaScript changed to eliminate lag Anonymous
11:33 AM Bug #7878: GUI lag in Edit Phase 1 ipsec: Seems to be isolated to only Chrome and only on OS X.
Firefox on OS X is fine. Chrome on Linux and Windows is fine... Jim Pingle
11:15 AM Bug #7878 (Resolved): GUI lag in Edit Phase 1 ipsec: There appears to be a lag when selecting options for Authentication Method when editing Phase 1 for IPSec. Please se... Matthew Fine
12:30 PM Bug #7834 (Feedback): Disabling captiveportal will not flush the ipfw pipes: Applied in changeset commit:b2c926239223ed959a800ddf0c799e7650696d2e. Renato Botelho
10:41 AM pfSense Packages Bug #7876 (Feedback): Potential XSS in status_monitoring.php: Fixes pushed to the freebsd-ports repo:
FreeBSD-ports/devel "f044c1e4e3f647028c57ae1a572dc6377e555f... Jim Pingle
09:45 AM pfSense Packages Bug #7876 (Resolved): Potential XSS in status_monitoring.php: The "view" variable in status_monitoring.php is taken from $_GET and used in a hidden input ("view-title") without en... Jim Pingle
10:17 AM Bug #7877 (Resolved): Crash when enabling traffic shaper on more than 1 port: https://forum.pfsense.org/index.php?topic=136733.0 Anonymous
02:12 AM Revision 4c53dfbe: Changes Dynamic DNS Status Widget to display client description text for Custom and Custom (v6) entries. Implements #7843: Christopher Fazendin

09/18/2017

11:23 PM Revision 1c2ef5f2: notifycation, bootup complete: Pi Ba
09:39 PM pfSense Packages Bug #7875 (Rejected): HAProxy Frontend bug - pfsense 2.3.4-RELEASE-p1 (amd64): This is not a platform for discussion or asking support questions. Please post on the forum, mailing list, reddit, et... Jim Pingle
08:40 PM pfSense Packages Bug #7875 (Rejected): HAProxy Frontend bug - pfsense 2.3.4-RELEASE-p1 (amd64): Hi Support,
This issue is related to ticket #7851 .We are advise to upgrade to the latest version 2.3.4-RELEASE-p1... Peter Omolo
05:14 PM Revision eeb09d06: Use correct branch name: Renato Botelho
03:45 PM Revision 040e0b40: Remove the previous 'no_dad' workaround now that if_stf is fixed.: Partly revert b76e0baebb70775b192507ec18f523141800ce95.
(cherry picked from commit dad3885f9f5afbe0768387527122a8854... Luiz Souza
01:49 PM Revision 9a65d4a2: Populate more default values in the OpenVPN configuration generated by the wizard and rearrange some options so there is less of a difference when editing the configuration for the first time. Fixes #7864: (cherry picked from commit 95a8ebeb5b7d73e7e72eba27c22d2b2b312f92de) Jim Pingle
01:49 PM Revision 95a8ebeb: Populate more default values in the OpenVPN configuration generated by the wizard and rearrange some options so there is less of a difference when editing the configuration for the first time. Fixes #7864: Jim Pingle
01:09 PM Feature #7874 (Rejected): Change OpenVPN Help: The current example is valid. Your example does something different and more complicated that is not what the average... Jim Pingle
01:03 PM Feature #7874 (Rejected): Change OpenVPN Help: Currently the OpenVPN text reads:
@EXAMPLE: push "route 10.0.0.0 255.255.255.0"@
This should be updated to
@EXAM... Christian M.
01:00 PM Revision 81498c2c: Do not show group privilege controls unless the user is editing an existing group. Fixes #7865: (cherry picked from commit 7af38087fef168f213c6880c6782153630c13386) Jim Pingle
12:59 PM Revision 7af38087: Do not show group privilege controls unless the user is editing an existing group. Fixes #7865: Jim Pingle
11:48 AM Revision b9d54e38: Path must be relative here: Renato Botelho
11:47 AM Revision 0f2ee2eb: Path must be relative here: Renato Botelho
09:00 AM Bug #7864 (Feedback): OpenVPN (tun/tap) is not showing: Applied in changeset commit:95a8ebeb5b7d73e7e72eba27c22d2b2b312f92de. Jim Pingle
08:10 AM Bug #7865 (Feedback): User groups -> Assigned Privileges doesn't work: Applied in changeset commit:7af38087fef168f213c6880c6782153630c13386. Jim Pingle
08:03 AM Bug #7868: bsmtpd hostres feature should not be active when running on esx/proxmox/virtualbox: PR looks OK but we can't commit to making sure it's in 2.4-RELEASE at the moment. We'll talk it over internally. Jim Pingle
06:24 AM pfSense Packages Bug #7872 (Not a Bug): Edits not saving: Also, don't manually edit the config files. The GUI will always overwrite them on purpose. That's what the GUI is for... Jim Pingle
03:05 AM pfSense Packages Bug #7872: Edits not saving: Noone is fixing packages in outdated versions that you should not be using in the first place. There were multiple HA... Kill Bill
02:50 AM pfSense Packages Bug #7872: Edits not saving: Is it a known issue? Will upgrading fix? Don't want to upgrade and encounter the same. David Maina
02:40 AM pfSense Packages Bug #7872: Edits not saving: How about upgrading your pfSense? Kill Bill
02:28 AM pfSense Packages Bug #7872: Edits not saving: Am on *2.3.2-RELEASE-p1 (amd64)* David Maina
02:26 AM pfSense Packages Bug #7872 (Not a Bug): Edits not saving: Am editing */var/etc/haproxy/haproxy.cfg* but looks like changes are getting cleared if someone uses *Services/HAProx... David Maina
04:50 AM Bug #7873 (Closed): When upgrading, some services/packages do not come back online on the first reboot (but do on the second): I am using pfSense on virtual machines on VMware, and noticed the following services do not start properly on the fir... Stéphane Lapie
03:08 AM Feature #3013: Better upgrading for a CARP cluster: I have seen this improvement, so first of all, thank you so much.
However, the problem still remains that the CARP... Stéphane Lapie

09/17/2017

06:39 PM pfSense Packages Bug #7871: Add squid validation for selected CA when MITM is enabled: P.S. There's https://github.com/pfsense/FreeBSD-ports/pull/402 that's been sitting there for about a month, would be ... Kill Bill
06:32 PM pfSense Packages Bug #7871 (Resolved): Add squid validation for selected CA when MITM is enabled: Obviously, this needs to be a CA we have a private key to so that it can issue certificates on the fly to prevent PEB... Kill Bill
02:21 PM Bug #7870 (Not a Bug): Traffic Shaper Wizard produces rules that causes a fatal crash. Specifically, qLink:qInternet:qACK:qP2P:qGames:qOthersHigh:qOthersLow N:U:U:U:U:U:U:U' returned exit code '1': A crash+reboot when activating the shaper is not something that happens to everyone with the shaper. Those errors are... Jim Pingle
01:16 PM Bug #7870 (Not a Bug): Traffic Shaper Wizard produces rules that causes a fatal crash. Specifically, qLink:qInternet:qACK:qP2P:qGames:qOthersHigh:qOthersLow N:U:U:U:U:U:U:U' returned exit code '1': When running the traffic shaper wizard, after the filter refreshes the system crashes and does a forced reboot. Below... Hy Diep

09/16/2017

07:52 PM Feature #2358: NAT64 support: Seems FreeBSD 11.1 now has NAT64. This is what "we" were waiting on right?
https://www.freebsd.org/releases/11.1R/... Brandon Jackson
07:05 PM Bug #7865 (Confirmed): User groups -> Assigned Privileges doesn't work: The assign privileges control should be hidden when creating a group, but it's showing too soon.
Not critical enou... Jim Pingle
09:41 AM Bug #7865 (Resolved): User groups -> Assigned Privileges doesn't work: When you try to add a new usergroup (system_groupmanager.php?act=new) then you can assign privileges on this group an... Arian olde Kalter
06:57 PM Bug #7867 (Duplicate): Dynamic DNS provider password containing special character %: This is a duplicate of #6688, it has been fixed on 2.4, not 2.3.x. Jim Pingle
01:15 PM Bug #7867: Dynamic DNS provider password containing special character %: Login to the service openDNS failed then the password contained the special character %. The "Dynamic DNS Clients" GU... Olof Söderström
01:13 PM Bug #7867 (Duplicate): Dynamic DNS provider password containing special character %: Login to the service openDNS failed then the password contained the special character %. The "Dynamic DNS Clients" GU... Olof Söderström
06:48 PM Bug #7866 (Rejected): snort version 3.2.9.5_1 shows WAN status as stopped: Jim Pingle
06:46 PM Bug #7866: snort version 3.2.9.5_1 shows WAN status as stopped: ... Kill Bill
04:25 PM Bug #7866: snort version 3.2.9.5_1 shows WAN status as stopped: Here is snippet from the system log:... Yuri Weinstein
11:53 AM Bug #7866: snort version 3.2.9.5_1 shows WAN status as stopped: Ok posted on forum
So no bugs against snort are to be logged ?
What is unclear from this issue ?
Thx Yuri Weinstein
11:32 AM Bug #7866: snort version 3.2.9.5_1 shows WAN status as stopped: Please use forums [1] for support. There's no info here to identify any bug, plus there were no changes whatsoever re... Kill Bill
10:02 AM Bug #7866 (Rejected): snort version 3.2.9.5_1 shows WAN status as stopped: After updating to snort version 3.2.9.5_1 status for WAN is always shown as stopped via Services/Snort/Interfaces
... Yuri Weinstein
06:05 PM Revision d4d86e3e: SNMP, check for several hypervisors that cause hostres module high cpu usage: also skip setting it in the bnsmp config when such platform is detected without needing the user to save settings again Pi Ba
03:45 PM Bug #7869 (Resolved): Hyper-v vm traffic shaper error: hn0: driver does not support altq: after applying traffic shaper in a clean and new installed 2.4RC on a Hyper-v vm I got this message:
There were er... Nadav Rak
01:32 PM Bug #7868 (Resolved): bsmtpd hostres feature should not be active when running on esx/proxmox/virtualbox: Even though the message on services/smtp page says:
"The hostres module is not compatible with VMware virtual machin... Pi Ba
10:03 AM Bug #7864: OpenVPN (tun/tap) is not showing: I found out that when it was maked through the wizard option, this will happen. Arian olde Kalter
09:32 AM Bug #7864 (Resolved): OpenVPN (tun/tap) is not showing: In the description of the OpenVPN Servers there was the information of it was an (tun) or (tap) tunnel.
Now it only ... Arian olde Kalter
07:26 AM Bug #7594: "vtnet: driver does not support altq" following upgrade to 2.4 (worked in pfSense 2.3): I can confirm that Traffic Shaping is broken on VTNET Interfaces.
If active the Firewall / PortForward Rules don't w... T S
07:22 AM Bug #6028: no firewall rules loaded after reboot with invalid ruleset: Another example making no rulesloaded (vtnet doesnt support altq): https://redmine.pfsense.org/issues/7594 Pi Ba
05:13 AM Bug #7863 (New): The "WebCfg - All pages" permission inclueds the "User - System: Shell account access" even though that is not a WebCofg page.: If this is intended that is fine but it just seems wrong to me. David B
04:13 AM Revision 24e87e2e: Fix the kern-debug package. The debug modules are now in /usr/lib/debug/boot/kernel.: Include /boot/modules in the kernel package.
(cherry picked from commit 1ec6f217695fd15e9d1e9b3c0b6829e4b86eda0c) Luiz Souza
04:12 AM Revision 1ec6f217: Fix the kern-debug package. The debug modules are now in /usr/lib/debug/boot/kernel.: Include /boot/modules in the kernel package. Luiz Souza
03:46 AM pfSense Packages Bug #7862: package zabbix lts: Duplicate of Bug #6129. Kill Bill

09/15/2017

08:54 PM Revision cb1ce2d4: Remove debug code.: (cherry picked from commit 48009b827409d6d6dd19a9f0d5d18f80ca62092a) Luiz Souza
08:54 PM Revision 34ca88c3: Do not remove the temporary files (debug only).: (cherry picked from commit b9253e25374bb686824a33d1c9201bdb7aeb1483) Luiz Souza
08:54 PM Revision 10417dca: Set a default when findroot is not set.: (cherry picked from commit 3eb019d5214f40e67520c919e3d42ba776d9a212) Luiz Souza
08:54 PM Revision b5b1ada8: Add some debug output.: (cherry picked from commit 5d376f2d315490861a30dd41da50165d2f7e6a2d) Luiz Souza
08:51 PM Revision 48009b82: Remove debug code.: Luiz Souza
08:16 PM Revision b0bb406d: Fixed #7728: Revised enabled/disabled diplay to match other firewall pages
(cherry picked from commit 25b82b200de7e846066bef3c6a3... Steve Beaver
08:15 PM Revision faa88940: Implements PR170013 - Revise setup wizardwording and links: (cherry picked from commit d8455e10d71ab90b7faa96bc1748fa761e7a4166) Steve Beaver
08:12 PM Revision b9253e25: Do not remove the temporary files (debug only).: Luiz Souza
08:00 PM Revision 3eb019d5: Set a default when findroot is not set.: Luiz Souza
07:39 PM Revision 5d376f2d: Add some debug output.: Luiz Souza
07:02 PM Bug #4310: Limiters + HA results in hangs on secondary: Moved, yet again :( Jose Duarte
05:57 PM Revision abe02f2b: Fix the build, add the new getopt option.: Reported by: garga
Pointy-hat to: loos
(cherry picked from commit 5e58e8bdedb48f605df96b4a7f942a2fd979d5d4) Luiz Souza
05:56 PM Revision 5e58e8bd: Fix the build, add the new getopt option.: Reported by: garga
Pointy-hat to: loos Luiz Souza
05:23 PM Revision dad3885f: Remove the previous 'no_dad' workaround now that if_stf is fixed.: Partly revert b76e0baebb70775b192507ec18f523141800ce95. Luiz Souza
04:46 PM Revision 64ff77ec: Switch FreeBSD branch to RELENG_2_4 -> RELENG_11_1: Luiz Souza
04:31 PM Revision e1605823: Pass the search path to create_core_package.sh.: This allows the use of more than one path to build the package.
(cherry picked from commit 318a7b7766d442c9c4de0f29b... Luiz Souza
04:30 PM Revision 318a7b77: Pass the search path to create_core_package.sh.: This allows the use of more than one path to build the package. Luiz Souza
03:57 PM Revision d8455e10: Implements PR170013 - Revise setup wizardwording and links: Steve Beaver
03:44 PM Bug #7790: dpinger / code using it, falsely defines a down gateway as up after dpinger gets restarted.: Yes it was definitely weird, I saw it on maybe 3/12 test systems (so ~1/4) but not every boot either. They're all OK ... Jim Pingle
03:40 PM Bug #7790: dpinger / code using it, falsely defines a down gateway as up after dpinger gets restarted.: Thats kinda what i meant with "i dont want to know", as even though now the check and usage are always only microseco... Pi Ba
03:17 PM Bug #7790: dpinger / code using it, falsely defines a down gateway as up after dpinger gets restarted.: Because during the sleep while it's in the loop, the file can disappear if something happens in the background. Jim Pingle
03:11 PM Bug #7790: dpinger / code using it, falsely defines a down gateway as up after dpinger gets restarted.: So 'file exists' check returns true, but then it doesn't exist.. Wondering how that can be ;) well i probably dont wa... Pi Ba
02:52 PM Bug #7790 (Resolved): dpinger / code using it, falsely defines a down gateway as up after dpinger gets restarted.: Seems OK, though I did have to push a fix because this resulted in PHP errors in some cases. See commit:59104a6ff6c86... Jim Pingle
03:34 PM Bug #7728 (Resolved): 1:1 NAT: Destination IP Alias not displayed as web link: Looks good now (was missing from RELENG_2_4_0 so not in 2.4-RC snaps) Jim Pingle
03:30 PM Bug #7728 (Feedback): 1:1 NAT: Destination IP Alias not displayed as web link: Applied in changeset commit:b0bb406db95414d8ceaae1f782c1172a5a97e0d1. Anonymous
02:50 PM Bug #7728 (Assigned): 1:1 NAT: Destination IP Alias not displayed as web link: I still don't see alias details when using an alias as a destination. Just the word, no special formatting/display/li... Jim Pingle
03:27 PM Bug #6860 (Assigned): Monitoring (RRD) graphs return "unknown" step value: The step value from the last comment is still missing. Jim Pingle
03:08 PM Bug #7268 (Resolved): System Info Widget "All" button does not work with "Disable the automatic dashboard auto-update check": Looks good, on SG-1000 I have the auto update check disabled and the JS all/none selector still works for me in the s... Jim Pingle
03:07 PM Bug #7805 (Resolved): dashboard System Information - inconsistent date formats: Looks good to me Jim Pingle
03:03 PM Bug #7804 (Resolved): System info widget CPU usage not updating in IE. Needs Math.trunc() polyfill.: Works in IE now Jim Pingle
03:01 PM Bug #7185 (Resolved): DHCP6c SIGTERM, SIGKILL: Jim Pingle
02:58 PM Bug #6782 (Resolved): pkg update can trigger multiple updates per second: Seems fine now to me. Jim Pingle
02:57 PM Bug #4287 (Resolved): Wrong display for ppp in Interfaces page: Closing this out. If it's still a problem for someone that can reproduce it, please comment and we can look deeper. Jim Pingle
02:47 PM Bug #7625 (Resolved): When creating IPv6 firewall rule for single host, netmask improperly displays: Looks OK all-around now. Jim Pingle
02:45 PM Bug #7501 (Resolved): Interfaces statistics widget GUI + JSON (2 issues): works Jim Pingle
02:43 PM Feature #7193 (Resolved): NTP process PGRMF: PR was merged, seems to be OK but not possible to confirm at the moment. If it is not working, someone can reply here... Jim Pingle
02:42 PM Feature #7122 (Resolved): Add filters to various dashboard widgets: All the filters I've tried work well. Looks good from here. Closing. Jim Pingle
02:42 PM Bug #7415 (Resolved): favicon is not correctly implemented: Jim Pingle
02:42 PM Todo #6885 (Resolved): Add vectorized logo in web interface: Jim Pingle
02:41 PM Todo #6853 (Resolved): Convert nanobsd installation to full install during upgrade: Directions work fine, upgrade results in a working full install using the entire disk. Jim Pingle
02:38 PM Bug #6318 (New): IPsec dashboard widget causes GUI failure: I still see this but it seems less common than it did in the past. Either have bad timing or sit on the dashboard too... Jim Pingle
02:30 PM Bug #7324 (Resolved): DHCPv6 Dynamic DNS hostname: Works, the directive is in the config now. Jim Pingle
02:29 PM Bug #7854 (Resolved): OpenVPN Remote Access Server Setup Wizard - Regex too strict: The wizard now allows the user to use any characters they want in certificate fields and escapes them properly before... Jim Pingle
02:28 PM Bug #7853 (Resolved): Signed CSRs always use SHA1, which is weak: Works now, uses whatever the user chooses and defaults to SHA256 Jim Pingle
02:28 PM Bug #7830 (Resolved): LDAP authentication fails using SSL with intermediate certificates: Works now Jim Pingle
11:06 AM pfSense Packages Bug #7862 (Duplicate): package zabbix lts: zabbix proxy package + zabbix 3.4
Connection problem:
Without the functionality in this release.
Altemon Moura Altemon
10:51 AM Feature #7861 (Resolved): Make "Descriptive name" of certificates editable: Please make it possible to edit the "Descriptive name" of System --> Certificate Manager --> Certificates. You can ed... Lars Möller
07:13 AM Bug #7860 (Rejected): Plicy base routing with "any" destination is not working: Discuss this on the forum, reddit, or mailing list first. I use rules with exactly that setup on multiple firewalls a... Jim Pingle
12:56 AM Bug #7860 (Rejected): Plicy base routing with "any" destination is not working: After update from 2.2.6 to 2.3.4, all PBR
With "any" destination go through default GW Nima Mohammadi
03:06 AM Revision b98f6074: If /boot/loader.conf is not presetn check /boot/loader.conf.local.: (cherry picked from commit 4ff3adec7a6bdd6d87cc5eeae2b1039954ee5ce2) Luiz Souza
03:06 AM Revision 4ff3adec: If /boot/loader.conf is not presetn check /boot/loader.conf.local.: Luiz Souza

09/14/2017

08:35 PM Feature #7541: ZFS Install, add hot spare option: So instead of just making changes about a target version and priority, can we get some real dialogue here? T M
08:22 PM pfSense Packages Bug #7850: Include file containing XML_RPC_encode() missing from snort: Fix was merged into the Packages respository on 9/14/2017. This bug report can be closed.
Bill Bill Meeks
01:53 PM Feature #7842: New Dynamic DNS Provider: Mythic-Beasts: Jim Thompson wrote:
> Do you have a pull request?
Nope. I can help with the cURL commands that are needed, but I'... Darryn Storm
01:36 PM Feature #7842: New Dynamic DNS Provider: Mythic-Beasts: Do you have a pull request? Jim Thompson
01:29 PM Revision 9b6a7693: Move this file_exists test inside the dpinger status check loop and also suppress PHP errors from stream_socket_client(): Both are done to avoid a race where the status file can be missing and the status check fails, resulting in an alert/... Jim Pingle
12:55 PM Revision 793dc52d: Move this file_exists test inside the dpinger status check loop and also suppress PHP errors from stream_socket_client(): Both are done to avoid a race where the status file can be missing and the status check fails, resulting in an alert/... Jim Pingle
12:53 PM Revision 59104a6f: Move this file_exists test inside the dpinger status check loop and also suppress PHP errors from stream_socket_client(): Both are done to avoid a race where the status file can be missing and the status check fails, resulting in an alert/... Jim Pingle
12:47 PM Revision 271fc45e: Fix incorrect function name/typo. Ticket #7719: (cherry picked from commit 48c4a0ea0958c0820f6caab2bf5182967114ac58) Jim Pingle
12:46 PM Revision 48c4a0ea: Fix incorrect function name/typo. Ticket #7719: Jim Pingle
09:12 AM pfSense Packages Bug #7859 (Feedback): FRR doesn't use the raw config setting: Pushed a fix, will be up shortly. Jim Pingle
08:37 AM pfSense Packages Bug #7859 (Resolved): FRR doesn't use the raw config setting: FRR package doesn't use the raw config settings because of the bug in the config generation. I guess the XML tag has ... Iasen Kostov

09/13/2017

05:06 PM pfSense Packages Bug #7820: 2.4: dnsmasq can no longer handle punycode, compile time options change?: Jim Pingle wrote:
> We are compiling everything the way it should be, there isn't anything for us to change or fix. ... Paul Tarsus
02:51 PM Bug #7858: CARP and preemption: Hello Jim,
I've retried the testing by disconnecting a network cable, and yes the preemption works.
Sorry for this ... Phil Keep
02:41 PM Bug #7858: CARP and preemption: Hello Jim,
I'm using 2 physical boxes. I'm not using VMs.
Cheers Phil. Phil Keep
02:37 PM Bug #7858 (Not a Bug): CARP and preemption: If you unplug an adapter (or mark it down in the hypervisor -- NOT at the OS level) then CARP will preempt, the prima... Jim Pingle
02:34 PM Bug #7858 (Not a Bug): CARP and preemption: There is a pending ticket related or close to the CARP preemption behavior:
https://redmine.pfsense.org/issues/4845
... Phil Keep
09:30 AM Bug #6223: IPsec + OpenBGPD fails with "PF_KEY socket: No buffer space available": FYI- FRR is now available for 2.4, 2.3.5 (snapshots), and 2.3.4 users. Internal tests show that it does not suffer fr... Jim Pingle
05:14 AM Bug #7600: Unable to save DNS Resolver settings: I just want to chime in on this problem. I'm experiencing this problem also.
Something I noticed is, that I cannot e... Nicki Messerschmidt
03:43 AM Bug #7857 (New): Interfaces Widget U/I fails to wrap IPV6 addresses when the string is too wide for the widget: Strictly a U/I issue, the widget fails to wrap when the browser window is set small enough to make the string too wid... Bryan Stenson

09/12/2017

09:44 PM pfSense Packages Bug #7850: Include file containing XML_RPC_encode() missing from snort: The fix for this problem has been submitted in a Github pull request. Once that request is approved and merged, this... Bill Meeks
05:51 PM Revision 5311adaa: Relax OpenVPN wizard cert validation to match that of the cert manager and encode values before using them. Fixes #7854: Also, CDATA escape these fields in config.xml since they will most likely contain characters which are invalid in XML... Jim Pingle
05:49 PM Revision 00d5594c: Relax OpenVPN wizard cert validation to match that of the cert manager and encode values before using them. Fixes #7854: Also, CDATA escape these fields in config.xml since they will most likely contain characters which are invalid in XML... Jim Pingle
02:55 PM Bug #7856 (Resolved): IPsec status does not show all connected mobile clients: The IPsec status page only shows one connected mobile client, no matter how many are connected. All clients are shown... Jim Pingle
01:33 PM Bug #7763: IX driver - fails to recognize media type with SFP after link drop: FreeBSD 11.1 also appears to be running 3.1.13-k driver. Intel driver:
https://downloadcenter.intel.com/download/146... Clinton Cory
01:01 PM Bug #7854: OpenVPN Remote Access Server Setup Wizard - Regex too strict: After inspecting the code, this was a bit easier than I expected it to be, so I pushed a fix. Jim Pingle
01:00 PM Bug #7854 (Feedback): OpenVPN Remote Access Server Setup Wizard - Regex too strict: Applied in changeset commit:00d5594c737d475abab8e0361bb3ff7f93b98ac8. Jim Pingle
08:03 AM Bug #7854 (Confirmed): OpenVPN Remote Access Server Setup Wizard - Regex too strict: In light of #7540 all of that validation probably does need to be revisited soonish. There are relatively few restric... Jim Pingle
03:27 AM Bug #7854: OpenVPN Remote Access Server Setup Wizard - Regex too strict: Must be something else than email, that message is for country/state/city/organization.
https://github.com/pfsense... Kill Bill
12:37 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: Paal Andreas Lindsetmo wrote:
> I hope this can help you with the troubleshooting/isolation of the problem:
>
> W... Morten Freberg
08:08 AM Bug #7272: 6rd not functioning on 2.4.0-BETA: I hope this can help you with the troubleshooting/isolation of the problem:
When I use a clean system with WAN+LAN... Paal Andreas Lindsetmo
07:17 AM Bug #7790: dpinger / code using it, falsely defines a down gateway as up after dpinger gets restarted.: Works for me :). But then again, i made the patch. Would be weird if it didn't 'fix' my reported issue..
Question ... Pi Ba
06:56 AM Bug #7855 (Duplicate): Captive Portal and IPv6 doesn't work: Jim Pingle
06:52 AM Bug #7855: Captive Portal and IPv6 doesn't work: Duplicate of #1831 Kill Bill
06:50 AM Bug #7855 (Duplicate): Captive Portal and IPv6 doesn't work: My pfsense works with IPv4 + IPv6 routing normal.
However, when I activate the Captive Portal all IPv6 traffic is ... Daniel Franca

09/11/2017

09:30 PM Bug #7854 (Resolved): OpenVPN Remote Access Server Setup Wizard - Regex too strict: In the OpenVPN Remote Access Server Setup Wizard, when trying to input a valid email, "The following input errors wer... Ryan Skinner
08:44 PM Revision 17058e37: Fix #7719: When Dynamic DNS entry uses a gateway group as interface,
return_gateway_groups_array() will be called and it returns... Renato Botelho
08:40 PM Revision 46583aba: Fix #7719: When Dynamic DNS entry uses a gateway group as interface,
return_gateway_groups_array() will be called and it returns... Renato Botelho
08:02 PM Revision f9f087eb: gateway monitoring, give apinger some time to properly 'initialize' before using its results: (cherry picked from commit 29fa6f0f46ba039a67a93c00a08bcaecc3935b78) Pi Ba
08:02 PM Revision ec5a3865: gateway monitoring, give apinger some time to properly 'initialize' before using its results: (cherry picked from commit 29fa6f0f46ba039a67a93c00a08bcaecc3935b78) Pi Ba
08:02 PM Revision 78670b63: Merge pull request #3763 from PiBa-NL/20170624-apinger-initialize: Renato Botelho
08:02 PM Revision 18bc2e2a: Update translation files: Renato Botelho
08:02 PM Revision bf4e4651: Regenerate pot: Renato Botelho
07:51 PM Revision 4cf6048b: Update translation files: Renato Botelho
07:51 PM Revision b71adf8c: Regenerate pot: Renato Botelho
05:46 PM Revision 27127b4a: Add a field to pick a digest algo when signing a CSR, otherwise it ends up with SHA1. Fixes #7853: While here, add the cert serial number and sig digest type to the info block for each cert.
(cherry picked from comm... Jim Pingle
05:44 PM Revision aec3a259: Add a field to pick a digest algo when signing a CSR, otherwise it ends up with SHA1. Fixes #7853: While here, add the cert serial number and sig digest type to the info block for each cert. Jim Pingle
04:19 PM Bug #7710: IGMP Proxy: Note,,,,,IGMP Proxy is working fine on SG-2220 on same configuration. Jeremy Lewis
03:50 PM Bug #7719 (Feedback): Dynamic DNS updates not working on interface failover: Applied in changeset commit:46583aba3a382c28fb6bc4bbbcd7dbf28fe38782. Renato Botelho
03:48 PM Bug #7819: php-fpm crashing: Luiz is working on this Renato Botelho
08:14 AM Bug #7819: php-fpm crashing: I have been experiencing the same issues on one VM for a few weeks now. Another VM, and 4 appliances are all fine. ... Marc Mapplebeck
03:31 PM pfSense Packages Bug #7820: 2.4: dnsmasq can no longer handle punycode, compile time options change?: We are compiling everything the way it should be, there isn't anything for us to change or fix. If you can replicate ... Jim Pingle
03:24 PM pfSense Packages Bug #7820: 2.4: dnsmasq can no longer handle punycode, compile time options change?: So I take it 2.4 will ship with this regression? Paul Tarsus
03:03 PM Bug #7790 (Feedback): dpinger / code using it, falsely defines a down gateway as up after dpinger gets restarted.: PR has been merged, thanks Renato Botelho
02:58 PM Bug #7272 (Assigned): 6rd not functioning on 2.4.0-BETA: Renato Botelho
01:00 PM Bug #7853 (Feedback): Signed CSRs always use SHA1, which is weak: Applied in changeset commit:aec3a259271be5dae63b148a48b7778c0cd0660e. Jim Pingle
12:42 PM Bug #7853 (Resolved): Signed CSRs always use SHA1, which is weak: When signing a CSR in the 2.4 GUI there is no choice to pick a digest algorithm for signing. Thus, when a CSR is sign... Jim Pingle
12:26 PM Feature #7852 (New): Add views support to Unbound GUI: See https://forum.pfsense.org/index.php?topic=126740.msg699877#msg699877 for usage hints.
(Yes, this is the BIND-s... Kill Bill
08:57 AM pfSense Packages Bug #7851 (Not a Bug): HAProxy Frontend bug - pfSense 2.3.2-RELEASE: That value works for me, I can't reproduce this at all. I can create new entries with that or edit existing entries. ... Jim Pingle
08:50 AM pfSense Packages Bug #7851: HAProxy Frontend bug - pfSense 2.3.2-RELEASE: The value I had was/is *1000000*
Is there a limit in the number of entries I can add under the "Actions" section of ... Peter Omolo
07:22 AM pfSense Packages Bug #7851 (Feedback): HAProxy Frontend bug - pfSense 2.3.2-RELEASE: What exact value did the field have?
I can't reproduce any problem here. If I put in a number and save, it saves t... Jim Pingle
08:29 AM Bug #6340 (Resolved): fsck hangs boot in background, fails to produce any action, resulting in broken firewall: Renato Botelho
08:14 AM Bug #4689 (Resolved): Panic/Crash "sbflush_internal: cc 4294967166 || mb 0 || mbcnt 0": The FreeBSD bug report is still open, though it doesn't contain any reports of issues on 11.x. I haven't seen any rec... Jim Pingle
12:10 AM Bug #4689: Panic/Crash "sbflush_internal: cc 4294967166 || mb 0 || mbcnt 0": does anyone see this on 2.3 (and an 11.0 base)? Jim Thompson
07:53 AM pfSense Packages Bug #7850 (Confirmed): Include file containing XML_RPC_encode() missing from snort: Checking the code, I can confirm that the snort package hasn't been adjusted for XMLRPC sync on 2.4. Looking at that ... Jim Pingle

09/10/2017

11:46 PM pfSense Packages Bug #7851: HAProxy Frontend bug - pfSense 2.3.2-RELEASE: assigned to Pingle for evaluation. Jim Thompson
11:22 PM pfSense Packages Bug #7851 (Not a Bug): HAProxy Frontend bug - pfSense 2.3.2-RELEASE: Hi Support,

I encountered a bug while trying to add an ACL entry on the HAProxy frontend. When I click save the “... Peter Omolo
10:59 PM pfSense Packages Bug #7850: Include file containing XML_RPC_encode() missing from snort: This did not turn up in my pre-report search: https://forum.pfsense.org/index.php?topic=136388 Chris Linstruth
03:11 PM pfSense Packages Bug #7850 (Resolved): Include file containing XML_RPC_encode() missing from snort: Attempting to enable XMLRPC Sync in Snort results in this:
Fatal error: Call to undefined function XML_RPC_encode(... Chris Linstruth
02:06 PM Revision c5007d58: show disabled status on status-interfaces: Phillip Davis
09:15 AM Feature #7085: Edit Firewall Rules Seperator: +1 for this Eron Lloyd
07:53 AM Bug #7272: 6rd not functioning on 2.4.0-BETA: Larry Rosenman wrote:
> No, I can *NOT* ping ipv6 addresses from the FW. Add the default route, and all is better. ... Morten Freberg
03:29 AM Bug #7807: sg-1000 random reboot when traffic shaping enabled: i noticed it crashes and reboots when u max out any one internet line by running speedtest.net above 50mbps download ... Bipin Chandra
02:34 AM Bug #7807: sg-1000 random reboot when traffic shaping enabled: sorry attached the wrong image earlier, kindly delete that Bipin Chandra
02:33 AM Bug #7807: sg-1000 random reboot when traffic shaping enabled: this also happens on the apu2 when u have 2 WAN connections and floating match rules to assign traffic to queues for ... Bipin Chandra

09/09/2017

10:34 PM Revision adf5849b: openvpn, show interface configured for openvpn server/client on the overview: Pi Ba
02:37 PM Bug #7849: 2.4.0.b.20170804.1634 doesnt upgrade: 'Not a Bug' is a closed state. Jim Pingle
02:25 PM Bug #7849: 2.4.0.b.20170804.1634 doesnt upgrade: ok, found and tried this :
https://forum.pfsense.org/index.php?topic=135004.msg741752#msg741752
pkg update -f
pk... gavin penney
07:02 AM Bug #7849 (Not a Bug): 2.4.0.b.20170804.1634 doesnt upgrade: There was a minor issue around the time of your present snapshot, but it was solved a day or two later and thus is no... Jim Pingle
06:49 AM Bug #7849 (Not a Bug): 2.4.0.b.20170804.1634 doesnt upgrade: upgrade doesnt work, says everything is successful, reboots...and is the same version as before it "upgraded"
I ha... gavin penney

09/08/2017

05:11 PM Revision c95c70e2: Build FRR on 2.3.4: Jim Pingle
11:45 AM Bug #7819: php-fpm crashing: With php56-pfSense-module-0.49, one system (8860 on Factory) no longer sees the crashes. However, the other system (A... Jim Pingle
11:21 AM Bug #6363: AutoConfigBackup Restore Actions column missing due to long XMLRPC sync merge strings in the configuration description: Fixed description, PR was merged. Jim Pingle
11:11 AM Bug #7145: rc.newwanipv6 running in all cases, even for a renew: Given the scope of the changes and what had to be done, it's unlikely to make it to 2.3.x. Jim Pingle
10:31 AM Bug #7272: 6rd not functioning on 2.4.0-BETA: No, I can *NOT* ping ipv6 addresses from the FW. Add the default route, and all is better.
Something somewhere i... Larry Rosenman
10:30 AM Bug #7272: 6rd not functioning on 2.4.0-BETA: Larry Rosenman wrote:
> I'm still seeing the missing Default Gateway for IPv6 on my box. I'm here in Austin, so if ... Ole-Henrik Jakobsen
09:52 AM Bug #7272: 6rd not functioning on 2.4.0-BETA: I'm still seeing the missing Default Gateway for IPv6 on my box. I'm here in Austin, so if a local netgate person wa... Larry Rosenman
09:30 AM Bug #7272: 6rd not functioning on 2.4.0-BETA: Just want to update that this is probably fixed. After I changed the monitoring IP to something else than Altibox gat... Ole-Henrik Jakobsen

09/07/2017

06:05 PM Bug #7848: NDP Table Sort by Expiration Error: This also affects the ARP table in 2.4.0 RC. Daryl Morse
06:04 PM Bug #7848 (New): NDP Table Sort by Expiration Error: When you try to sort the NDP table by expiration, sorting is based on the value of the first digit, irrespective of t... Daryl Morse
04:11 AM Bug #7825: missing "BACKUP" in CARP status with IPv6: Hello again,
I think it's probably a bug after all.

To trigger the error, I proceed as follows:
0. Use XMLRPC s... Helge Wiethoff

09/06/2017

05:27 PM Feature #7847: USB NIC not loading (TP-Link UE300 RTL8153): Just found https://lists.freebsd.org/pipermail/freebsd-net/2015-June/042396.html
usbconfig -d ugen0.2 set_config 1... J L
05:19 PM Feature #7847: USB NIC not loading (TP-Link UE300 RTL8153): Please, let me know if there's anything i can do to advance this J L
05:18 PM Feature #7847 (Needs Patch): USB NIC not loading (TP-Link UE300 RTL8153): The TP-Link UE300 usb nic is not loading an interface. The device is well supported on Apple OSX, Linux, Microsoft Wi... J L
05:08 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: Alright, I followed this old guide and made it work:
http://www.dslreports.com/forum/r30489490-IPv6-6rd-pfSense-Andr... Ole-Henrik Jakobsen
04:56 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: You need the Router Advertisements tab. Not DHCPv6. Kill Bill
04:51 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: Larry Rosenman wrote:
> YES. it's what makes SLAAC work.
>
> Do look at the RADVD pages on the IPv6 DHCP pages.
... Ole-Henrik Jakobsen
04:33 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: YES. it's what makes SLAAC work.
Do look at the RADVD pages on the IPv6 DHCP pages. Larry Rosenman
04:32 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: Larry Rosenman wrote:
> is radvd running on your box?
>
> The symptom I described is what I'm seeing on
> Fre... Ole-Henrik Jakobsen
04:20 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: is radvd running on your box?
The symptom I described is what I'm seeing on
FreeBSD 11.0-RELEASE-p12 #23 8ac57... Larry Rosenman
04:17 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: Larry Rosenman wrote:
> The issue is the 6RD default IPv6 route goes away/isn't set up at boot.
>
> If I just rou... Ole-Henrik Jakobsen
03:44 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: The issue is the 6RD default IPv6 route goes away/isn't set up at boot.
If I just route -6 add default <IPv6 versi... Larry Rosenman
03:42 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: Morten Freberg wrote:
> Ole-Henrik Jakobsen wrote:
> > Morten Freberg wrote:
> > > This does still not work after ... Ole-Henrik Jakobsen
03:48 AM Bug #7272: 6rd not functioning on 2.4.0-BETA: Ole-Henrik Jakobsen wrote:
> Morten Freberg wrote:
> > This does still not work after a reboot.
> >
> > Although... Morten Freberg
04:54 PM Revision e01c77c8: adding case route53-v6 to setvisible(): adding case route53-v6 to setvisible() Matthew Fine
04:50 PM Revision 3b6c7333: adding route53-v6: modified constants DYNDNS_PROVIDER_VALUES and DYNDNS_PROVIDER_DESCRIPTIONS to add route 53 v6. Matthew Fine
04:44 PM Revision 49b8fbdd: adding getRequestBodyV6 method to the Route53 class: adding getRequestBodyV6 method to add AAAA rtype to Route53 class. Matthew Fine
04:40 PM Revision 44c64da1: adding route53-v6 case: adding route53-v6 to allow dynamic dns to update route 53 with a AAAA type. Matthew Fine
03:10 PM Bug #7846 (Duplicate): Hyper-v vm traffic shaper error: hn0: driver does not support altq: after applying traffic shaper in a clean and new installed 2.4RC on a Hyper-v vm I got this message:... Nadav Rak
02:04 PM Revision f0b23d73: Fix boot loader on first slice: Renato Botelho
01:47 PM Revision e6a46f60: Try to prevent it to run on a bad system: Renato Botelho
12:27 PM pfSense Packages Bug #7845 (Rejected): Lets Encrypt acme plugin doesn't update webConfigurator certificate: It certainly does. I'm running it on a dozen systems in my lab and they all update the GUI certificate.
Be sure to... Jim Pingle
12:24 PM pfSense Packages Bug #7845 (Rejected): Lets Encrypt acme plugin doesn't update webConfigurator certificate: Acme renews the Lets Encrypt certificate without any problems. But it never replaces the old certificate with the ren... Dennis Alexandersson
11:37 AM Revision d071acf5: Make sure pkg, pfSense, pfSense-base, pfSense-rc and kernel are set as vital: Renato Botelho
11:37 AM Revision fdcec236: Make sure pkg, pfSense, pfSense-base, pfSense-rc and kernel are set as vital: Renato Botelho
10:48 AM Bug #7844 (Rejected): no login to pfSense if multiprocessing is enabled in Firefox 55.0.3 fresh install, no profile, clean setup with 2.4.0-RC: I use several instances of FF 55.0.3 with multiprocess across several operating systems (Linux, OS X, Windows) and ha... Jim Pingle
10:38 AM Bug #7844 (Rejected): no login to pfSense if multiprocessing is enabled in Firefox 55.0.3 fresh install, no profile, clean setup with 2.4.0-RC: I just found that a login to pfsense 2.4.0-RC is impossible due to cookie issues with Message: The browser must suppo... Ingo-Stefan Schilling
08:15 AM Feature #7843 (Resolved): DynamicDNS Widget - Show Description: Allow the widget to show the DynamicDNS provider configuration description.
If you are using a custom provider, t... Darryn Storm
08:12 AM Feature #7842 (Resolved): New Dynamic DNS Provider: Mythic-Beasts: Add DynamicDNS Provider - Mythic-Beasts
API documentation can be found here: https://www.mythic-beasts.com/support... Darryn Storm
07:11 AM Bug #7841: CARP Sync Issue - when no internet on standby: That scenario is rare and not one we technically support or encourage. It's OK for secondary WANs or LANs but both fi... Jim Pingle
03:47 AM Bug #7841 (Closed): CARP Sync Issue - when no internet on standby: Hi all
I've noted a possible bug in pfSense CARP. We have multiple pf instances set up in failover. In some of t... Brian Stivala
03:13 AM Bug #7833: ipfw will not limit download speed - captiveportal: Related forum threads:
- https://forum.pfsense.org/index.php?topic=136221.0
- https://forum.pfsense.org/index.php?t... Kill Bill

09/05/2017

07:31 PM Revision 617bb801: Spell it correct: Renato Botelho
06:51 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: Morten Freberg wrote:
> This does still not work after a reboot.
>
> Although it works until next reboot if you g... Ole-Henrik Jakobsen
03:51 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: This does still not work after a reboot.
Although it works until next reboot if you go to Interfaces -> WAN and th... Morten Freberg
03:33 PM Revision d3324e2c: Remove /cf partition and move its content to /cf directory under / partition: Renato Botelho
03:30 PM Revision 37330ae1: Do not call pfSense-upgrade, let user do it: Renato Botelho
01:55 PM Todo #6853 (Feedback): Convert nanobsd installation to full install during upgrade: Instructions to help users migrate their nanobsd to full install are here https://doc.pfsense.org/index.php/Upgrading... Renato Botelho
01:55 PM Todo #4847 (Closed): NanoBSD Image Flash Block Misalignment: nanobsd is dead in 2.4 and future versions Renato Botelho
01:12 PM Revision b9d12420: Add set -e to abort if any of main commands fail: Renato Botelho
12:57 PM Revision 94db81da: Add a script to help users converting nanobsd to full install: Renato Botelho
11:57 AM Bug #7838 (Not a Bug): NAT outbound source using alias always shows /32: When you use an alias, the CIDR drop-down on the NAT page does nothing. Any subnet mask must be specified in a networ... Jim Pingle
11:56 AM pfSense Packages Bug #3342 (Resolved): Missing input validation for MAC addresses: Jim Pingle
11:31 AM Bug #7145: rc.newwanipv6 running in all cases, even for a renew: Are there any plans to have this fixed with a 2.3.* release?
I'm having the same problem (https://forum.pfsense.o... Rodrigo Ferraz

09/04/2017

09:58 PM Bug #6028: no firewall rules loaded after reboot with invalid ruleset: I wrote this 4 years ago in #3175 Grischa Zengel
02:11 PM Bug #7840 (Resolved): OpenVPN 2.4 Server: Hide Interface when Protocol is Multihome: This is merely cosmetic, but may also help cut down on some confusion.
If "Protocol" is set for "<UDP/TCP> IPv4 an... Brandon Jackson
02:01 PM Revision e9034b15: Remove /root/force_growfs after use it: Renato Botelho
02:01 PM Revision 5f2cdcf2: Remove /root/force_growfs after use it: Renato Botelho
01:44 PM Bug #7839 (Resolved): IPv6 ICMPv6 Type 3 Code 0 (hop limit exceeded in transit) reply uses wrong address.: Forum post here https://forum.pfsense.org/index.php?topic=136009.0
When pfsense receives a packet with a TTL of 1,... Brandon Jackson
09:56 AM Bug #7778: DHCP relay not working correctly with bridges: When adding interface that's member of the bridge: yes
When adding the bridge (without it's interfaces): no Sander Peterse
03:21 AM Bug #7838 (Not a Bug): NAT outbound source using alias always shows /32: Using alias for NAT outbound source network which in our case is a /24 always shows /32 when you edit it again.
If y... Alexander Lindqvist
02:55 AM Bug #7837: fragmented packets not reassembled over IPSec tunnel: Disabling NAT in the tunnel does not change anything. Florian Apolloner

09/03/2017

03:28 PM Bug #7837 (Duplicate): fragmented packets not reassembled over IPSec tunnel: I am trying to ping a machine over an ipsec tunnel:... Florian Apolloner
04:46 AM pfSense Packages Bug #6378: inline background styles in squidguard package: Someone kindly merge this PR and call it a day. https://github.com/pfsense/FreeBSD-ports/pull/385
It makes things ... Kill Bill
04:38 AM pfSense Packages Bug #3342: Missing input validation for MAC addresses: Validation has been there for a while.
https://github.com/pfsense/FreeBSD-ports/pull/308
https://github.com/pfsen... Kill Bill
03:17 AM pfSense Packages Bug #7670: Bind : Serial for slave zone is missing in IHM: I have no idea what's IHM but there's no serial saved in config.xml for slave zones (you cannot even configure it, th... Kill Bill
03:04 AM pfSense Packages Bug #7271: Co-existence of unbound and BIND/named: Test this please.
https://github.com/pfsense/FreeBSD-ports/pull/416 Kill Bill

09/02/2017

06:53 AM pfSense Packages Bug #7836: FreeRADIUS - certain chars in clients shared secret result in broken configuration: https://github.com/pfsense/FreeBSD-ports/pull/415 Kill Bill
06:50 AM pfSense Packages Bug #7836 (Resolved): FreeRADIUS - certain chars in clients shared secret result in broken configuration: See https://forum.pfsense.org/index.php?topic=135980.msg744283#msg744283 and following.
E.g., having a shared secr... Kill Bill
04:22 AM Bug #7592: SG-1000: Unbound not always restarting properly after changes in /etc/hosts: @Sep 2 02:01:45 dhcpleases kqueue error: unkown
Sep 2 02:01:45 dhcpleases Could not deliver signal HUP to process ... rub man

09/01/2017

07:55 PM Revision d10d17e8: Revert "Add the AWS ena module to MODULES_OVERRIDE list.": This reverts commit 5ba35b98a3726ab206931cdfa51e3dd23227b7b2. Renato Botelho
07:55 PM Revision 2da8f1b0: Revert "Add the AWS ena module to MODULES_OVERRIDE list.": This reverts commit 5ba35b98a3726ab206931cdfa51e3dd23227b7b2. Renato Botelho
05:15 PM Revision bf6a223c: Use RELENG_2_4_0 for now: Renato Botelho

08/31/2017

03:48 PM Bug #4703 (Closed): Inconsistent availability of direction on CP IP/MAC/hostname passthrough: Anonymous
03:43 PM Bug #4703: Inconsistent availability of direction on CP IP/MAC/hostname passthrough: The direction has been back for over 2 years.
https://github.com/pfsense/pfsense/commit/ef548f9824380d008722870dd1... Kill Bill
03:32 PM Bug #1875: Captive Portal Voucher Error Messages won´t accept Umlauts: Duplicate of Bug #1454, plus should be a non-issue now that UTF-8 is being used. Kill Bill
03:20 PM Bug #7833: ipfw will not limit download speed - captiveportal: Duplicate of Bug #7813. No idea why https://github.com/pfsense/pfsense/commit/5f6825bbac6373a909651c90e8ca268242f6eed... Kill Bill
08:03 AM Bug #7833 (Resolved): ipfw will not limit download speed - captiveportal: With a fresh snapshot 2.4.0-RC install, only enabled the captiveportal and set a Default download (Kbit/s).
When I l... Azure it
03:08 PM Revision dee2ecb2: Enable upload mode when rsync'ing snaps or packages: Renato Botelho
03:08 PM Revision 297a7fe4: Enable upload mode when rsync'ing snaps or packages: Renato Botelho
03:07 PM Revision d610e4ba: Enable upload mode when rsync'ing snaps or packages: Renato Botelho
03:07 PM Revision d2dfde1a: Enable upload mode when rsync'ing snaps or packages: Renato Botelho
01:08 PM Revision 9686b337: Use spaces in the write_config() message to prevent text wrapping issues in webGUI: See https://redmine.pfsense.org/issues/6363
(cherry picked from commit 8cb29dac04283045f82303c2ee1d2f772299d238) Doktor Notor
01:08 PM Revision 529dac21: Merge pull request #3809 from doktornotor/patch-5: Jim Pingle
12:16 PM pfSense Packages Bug #7835: freeradius unit wrong for varusersmaxbandwidthup and varusersmaxbandwidthdown: May I suggest "Enter the maximum bandwidth for download in Kbps" and moving on? Kill Bill
12:09 PM pfSense Packages Bug #7835: freeradius unit wrong for varusersmaxbandwidthup and varusersmaxbandwidthdown: Then we can change the description to say kibibit instead. Changing the multiplier would result in people having an u... Jim Pingle
11:51 AM pfSense Packages Bug #7835: freeradius unit wrong for varusersmaxbandwidthup and varusersmaxbandwidthdown: Jim Pingle wrote:
> There are 1024 bits in a kilobit. Not 1000. I'll fix the "in in" typo.
Freebsd uses 1000 bits... Azure it
09:36 AM pfSense Packages Bug #7835 (Not a Bug): freeradius unit wrong for varusersmaxbandwidthup and varusersmaxbandwidthdown: There are 1024 bits in a kilobit. Not 1000. I'll fix the "in in" typo. Jim Pingle
09:31 AM pfSense Packages Bug #7835 (Not a Bug): freeradius unit wrong for varusersmaxbandwidthup and varusersmaxbandwidthdown: When we add a new radius user, we can set Maximum Bandwidth Down/Up and in the help we can read:
*Enter the maximum ... Azure it
11:35 AM Bug #7817: Login CSRF token fail on boot.: Jim Pingle wrote:
> What packages do you have installed? Which dashboard widgets?
>
> I update about a dozen lab ... John Pettitt
08:04 AM Bug #7817 (Feedback): Login CSRF token fail on boot.: What packages do you have installed? Which dashboard widgets?
I update about a dozen lab systems every day or two ... Jim Pingle
09:14 AM Bug #7832 (Duplicate): ipv6cp enabled, even with ipv6 disabled: Jim Pingle
09:06 AM Bug #7832: ipv6cp enabled, even with ipv6 disabled: https://redmine.pfsense.org/issues/7822 Michael Kellogg
04:37 AM Bug #7832 (Duplicate): ipv6cp enabled, even with ipv6 disabled: For a ppp(oe) interface, even when ipv6 is disabled the "set bundle enable ipv6cp" line is present and ipv6cp negotia... dean hamstead
09:01 AM Bug #7834 (Resolved): Disabling captiveportal will not flush the ipfw pipes: Disabling captiveportal will not flush the ipfw pipes.
Has we can seen with the commands *ipfw table all list ;echo;... Azure it
08:37 AM Bug #7825: missing "BACKUP" in CARP status with IPv6: okay. Thanks for the hint. Just to complete this issue: The problem was the synchronization of the "Virtual IP Passwo... Helge Wiethoff
08:12 AM Bug #7825 (Not a Bug): missing "BACKUP" in CARP status with IPv6: OK, so something is amiss in the VIP or interface state on the secondary, but the status page is actually doing all i... Jim Pingle
08:07 AM Bug #7825: missing "BACKUP" in CARP status with IPv6: Jim Pingle wrote:
> Is the status OK on the master node?
Yupp. On the master node everything is fine and the text f... Helge Wiethoff
07:52 AM Bug #7825 (Feedback): missing "BACKUP" in CARP status with IPv6: I can't reproduce this but the only IPv6-enabled cluster I have handy is on 2.4.0
Is the status OK on the master n... Jim Pingle
04:56 AM Feature #7812: ZFS handling of autopreplace: ideally, there ought to be a page for managing zfs, like there is for geom mirrors(albiet pretty limited), or at leas... gavin penney

08/30/2017

06:45 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: Anything new on this?
Any log files we can provide with? Ole-Henrik Jakobsen
06:40 PM Feature #7831: Enable an option to choose how to restart system: Jim Pingle wrote:
> The problem is specific to your hardware and not a general issue. Adding an option for that, whi... Ole-Henrik Jakobsen
06:14 PM Feature #7831 (Needs Patch): Enable an option to choose how to restart system: The problem is specific to your hardware and not a general issue. Adding an option for that, which would be of no use... Jim Pingle
04:28 PM Feature #7831 (Needs Patch): Enable an option to choose how to restart system: With the current reboot cycle it will just hang at the end, and I tried to disable ACPI and find related settings in ... Ole-Henrik Jakobsen
06:08 PM Revision 389020e3: Use the full CA chain when sending an LDAP SSL query. Fixes #7830: While here, fix a couple more ldap_start_tls() calls that need a preceding @.
(cherry picked from commit ff500c90646... Jim Pingle
06:07 PM Revision ff500c90: Use the full CA chain when sending an LDAP SSL query. Fixes #7830: While here, fix a couple more ldap_start_tls() calls that need a preceding @. Jim Pingle
01:20 PM Bug #7830 (Feedback): LDAP authentication fails using SSL with intermediate certificates: Applied in changeset commit:ff500c90646c8db5abe77d7efb02c7d191df6902. Jim Pingle
01:05 PM Bug #7830 (Resolved): LDAP authentication fails using SSL with intermediate certificates: When attempting authentication against and LDAP server using SSL/TLS, attempts to bind to the server fail if the serv... Jim Pingle
12:22 PM Revision 52e5efc8: Restore bad login message: (cherry picked from commit 7d7c65c2ffa4bcabccc10d0e3e319afbd979192b) Steve Beaver
12:21 PM Revision 7d7c65c2: Restore bad login message: Steve Beaver
12:15 PM Revision 56de61a7: Restore bad username or password message: (cherry picked from commit ca44a37cad5e905e3a76b6ce862de6ec5d3bcb06) Steve Beaver
12:14 PM Revision ca44a37c: Restore bad username or password message: Steve Beaver
11:02 AM Revision 2b58318b: Unbound Serve expired: Serve expired – Records stay in cache after TTL expires, with a TTL value of 0, if a new lookup is requested the cach... Martin Wasley
07:06 AM Bug #7719: Dynamic DNS updates not working on interface failover: See also: #7101, #7798 Jim Pingle
07:05 AM Bug #7798 (Duplicate): DynDNS client does not update when running on a gateway group.: Duplicate of #7719 Jim Pingle
07:05 AM Bug #7101 (Duplicate): services_dyndns.php not updating via gateway group, ok with the interface: Duplicate of #7719 Jim Pingle
05:39 AM pfSense Packages Bug #7782 (Resolved): FreeRADIUS 3 - temporary FreeRADIUS CA/certificate generated on each package reinstall: Renato Botelho
02:03 AM pfSense Packages Bug #7782: FreeRADIUS 3 - temporary FreeRADIUS CA/certificate generated on each package reinstall: Confirmed fixed, certificate/CA saved in config and no duplicates generated on reinstall. Thanks. Kill Bill
05:39 AM Bug #7827 (Resolved): Clicking "Cancel" while deleting a firewall state will still delete it: Renato Botelho
01:12 AM Bug #7827: Clicking "Cancel" while deleting a firewall state will still delete it: I can confirm this is now fixed. Nano Caiordo

08/29/2017

06:15 PM Revision 6ad9ab93: Fixed #7827: (cherry picked from commit 634d68709128495b22caffef36f9351e3361e2ff) Steve Beaver
06:14 PM Revision 634d6870: Fixed #7827: Steve Beaver
05:09 PM Bug #7719: Dynamic DNS updates not working on interface failover: Yes, it looks like the same root cause to me.
Has anyone from the dev team seen these? Jorge Albarenque
04:37 PM Bug #7719: Dynamic DNS updates not working on interface failover: Maybe related to Bug #7101?
Problem still present with pfSense 2.3.4-RELEASE-p1 (amd64) Riccardo Di Sarcina
02:31 PM pfSense Packages Bug #7829 (Confirmed): Unable to expand the "Advanced Server Settings" in ACME certificate edit: OK. I see what you're talking about now.
Those settings do not exist for DNS-Manual. The fact that it displays any... Jim Pingle
02:14 PM pfSense Packages Bug #7829 (Not a Bug): Unable to expand the "Advanced Server Settings" in ACME certificate edit: Not enough detail here (what "Method" is selected? What + button?)
The only method with a "Key Type" is nsupdate, ... Jim Pingle
01:49 PM pfSense Packages Bug #7829 (Duplicate): Unable to expand the "Advanced Server Settings" in ACME certificate edit: Under Services\Acme\Certificate options: Edit, under Domain SAN List, clicking on the + icon next to "Key Type..." ap... Bart K
02:28 PM Revision b1655527: Don't print a PHP error if LDAP STARTTLS fails.: (cherry picked from commit b2c7a79c5ff8eefda4b19cf2718056c1ba6c12ca) Jim Pingle
02:27 PM Revision b2c7a79c: Don't print a PHP error if LDAP STARTTLS fails.: Jim Pingle
02:14 PM pfSense Packages Bug #7782 (Feedback): FreeRADIUS 3 - temporary FreeRADIUS CA/certificate generated on each package reinstall: This should, I hope, be fixed with 0.13 of the FreeRADIUS3 package. Jim Pingle
02:07 PM Bug #7828 (Duplicate): Unable to expand the "Advanced Server Settings: Duplicate of #7829 Jim Pingle
01:43 PM Bug #7828: Unable to expand the "Advanced Server Settings: Tested on Firefox 54 and Microsoft Edge 40.15063.0.0 Bart K
01:40 PM Bug #7828: Unable to expand the "Advanced Server Settings: Under Services\Acme\Certificate options: Edit, under Domain SAN List, clicking on the + icon next to "Key Type..." ... Bart K
01:38 PM Bug #7828 (Duplicate): Unable to expand the "Advanced Server Settings: Bart K
01:20 PM Bug #7827: Clicking "Cancel" while deleting a firewall state will still delete it: Applied in changeset commit:634d68709128495b22caffef36f9351e3361e2ff. Anonymous
01:16 PM Bug #7827 (Feedback): Clicking "Cancel" while deleting a firewall state will still delete it: Fixed as requested Anonymous
12:50 PM Bug #7827: Clicking "Cancel" while deleting a firewall state will still delete it: 2.4.0-RC (amd64)
built on Tue Aug 29 09:29:29 CDT 2017 Nano Caiordo
12:49 PM Bug #7827 (Resolved): Clicking "Cancel" while deleting a firewall state will still delete it: Hello gents,
On Diagnostic -> States if you click on the bin to delete a firewall state but then you click on Canc... Nano Caiordo
11:23 AM pfSense Packages Bug #7826 (Rejected): rule to open port 4500 udp for ipsec/ikev2 ignored and blocked: There must be something different about the packet causing it to be dropped. Please post on the forum, list, or reddi... Jim Pingle
11:02 AM pfSense Packages Bug #7826 (Rejected): rule to open port 4500 udp for ipsec/ikev2 ignored and blocked: Hello,
on a pfsense 2.3.4_1 installed on a vm ( vmware ), i create a ikev2 ipsec server.
If i try to connect with... Domenico De Monte
10:50 AM Bug #7821: GIF does not support broadcast: I found out the issue. I had to:
* change the tunnel IF IPv6 from None to Static
* access the radvd page for the ... Greg Toombs
07:40 AM Bug #7825 (Not a Bug): missing "BACKUP" in CARP status with IPv6: In status_carp.php the descriptive text ("BACKUP") next to the button is missing within an ipv6 CARP-setup:
!carp-ip... Helge Wiethoff

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

09/27/2017

09/26/2017

09/25/2017

09/24/2017

09/23/2017

09/22/2017

09/21/2017

09/20/2017

09/19/2017

09/18/2017

09/17/2017

09/16/2017

09/15/2017

09/14/2017

09/13/2017

09/12/2017

09/11/2017

09/10/2017

09/09/2017

09/08/2017

09/07/2017

09/06/2017

09/05/2017

09/04/2017

09/03/2017

09/02/2017

09/01/2017

08/31/2017

08/30/2017

08/29/2017