Activity

30 days up to

User

Subprojects

Activity

From 09/11/2017 to 10/10/2017

10/10/2017

06:36 PM Feature #7922 (New): Add the option to select the ISP IPv6 Delegated Prefix as a destination in firewall rules: It would be useful to have the option to use the ISP delegated prefix (/48, /56, etc) from DHCPv6-PD as a destination... Scott D
06:13 PM Bug #7921: Reset All States on WAN IP Change does not stay unchecked when disabled in GUI: Current Base System 2.4.0.r.20171009.1800 Paighton Bisconer
06:12 PM Bug #7921 (Resolved): Reset All States on WAN IP Change does not stay unchecked when disabled in GUI: Under System > Advanced > Networking, the new option to reset all sates when a WAN IP changes does not stay unchecked... Paighton Bisconer
10:55 AM Revision 4183c042: Add new repos to lead users to 2.4.0 on amd64: Renato Botelho
10:50 AM Revision de2312f5: Welcome 2.4.0-RELEASE again. This time based on FreeBSD 11.1: Renato Botelho
10:47 AM Revision 9615f091: Update translation files: Renato Botelho
10:47 AM Revision 8a5ca070: Regenerate pot: Renato Botelho
10:40 AM Revision 2448d0fc: Update translation files: Renato Botelho
10:36 AM Revision ac9e9abb: Regenerate pot: Renato Botelho
07:17 AM Revision 10085279: Add filtering to pfTop page: → luckman212
05:22 AM Bug #7779: Traffic crossing a site-to-site OpenVPN tunnel fails to fragment.: We were able to disprove the situation with OpenVPN disabled. The initial description still holds. Steve Wheeler
05:15 AM Bug #7920 (Not a Bug): Logos Missing and wrong size: Renato Botelho
03:20 AM Bug #7920: Logos Missing and wrong size: Resolved
Browser cache... duh! Martin Wasley
02:43 AM Bug #7920: Logos Missing and wrong size: Forgot to add this is on 2.4.1.a.20171009.1853 Martin Wasley
02:42 AM Bug #7920 (Not a Bug): Logos Missing and wrong size: pfSense logo is the wrong size on the login screen, appears far too large. It's missing completely from the other pag... Martin Wasley
04:15 AM Bug #7841: CARP Sync Issue - when no internet on standby: Hi Jim,
I had the same issue when using a PfSense cluster with CARP with a /32 Public IP Allocation. I think lot o... Yann Tintignac

10/09/2017

10:51 PM Revision fd47fb02: Remove old custom logos: Renato Botelho
10:51 PM Revision 06a1b081: Remove old custom logos: Renato Botelho
10:43 PM Revision f9a6637a: Use include() to add logo content and use complete path: Renato Botelho
10:43 PM Revision fe8922b8: Use include() to add logo content and use complete path: Renato Botelho
10:36 PM Revision 4c072afb: update NYI logos: Jared Dillard
10:36 PM Revision 6244dca8: update svg logos to pull from file: Jared Dillard
08:55 PM Revision f2fd97c8: update NYI logos: Jared Dillard
08:46 PM Revision 9ae8ade5: update svg logos to pull from file: Jared Dillard
08:38 PM Revision 71e01ef0: Update obsoleted files list for 2.4: Renato Botelho
08:38 PM Revision f0d9e40e: Update obsoleted files list for 2.4: Renato Botelho
08:05 PM Revision 32fb158e: Custom logo is a svg and a css files now: Renato Botelho
08:05 PM Revision c8735982: Custom logo is a svg and a css files now: Renato Botelho
06:56 PM Revision e3acd13d: Do not reset SKIP_FINAL_RSYNC, it can make things to go to undesired place: Renato Botelho
06:56 PM Revision d01d2e79: Do not reset SKIP_FINAL_RSYNC, it can make things to go to undesired place: Renato Botelho
06:56 PM Revision 6c6c5b31: Do not reset SKIP_FINAL_RSYNC, it can make things to go to undesired place: Renato Botelho
06:56 PM Revision f19faa6d: Do not reset SKIP_FINAL_RSYNC, it can make things to go to undesired place: Renato Botelho
03:17 PM Revision 2d32e50b: Disable ARJ option: Renato Botelho
03:17 PM Revision 45b84395: Disable ARJ option: Renato Botelho
01:47 PM Bug #7919 (Resolved): Logging not working: Luiz pushed some fixes to clog to correct this, next new snapshot we're testing internally is good. Jim Pingle
10:55 AM Bug #7919: Logging not working: https://forum.pfsense.org/index.php?topic=137672.msg752928#msg752928
Kill Bill
08:40 AM Bug #7919: Logging not working: It's also possible syslogd is writing bad data to the file which breaks the clog format, so maybe the syslogd clog pa... Jim Pingle
08:38 AM Bug #7919 (Confirmed): Logging not working: It looks like clog is failing to recognize its own file header somehow.... Jim Pingle
08:36 AM Bug #7919 (Resolved): Logging not working: On new installs logging is failing with:... Steve Wheeler
12:49 PM Bug #4479: Firewall rules won't match GRE interface after applying IPSEC transport encryption on GRE tunnel: Any chance 2.4.0, with the FreeBSD 11.1 ipsec changes, may resolve this? Michael OBrien
11:39 AM Bug #7907: Cannot edit IPv4 and IPv6 Local Networks after tunnel creation: You can open a new bug report for that with an appropriate title/description, rather than re-using this one which was... Jim Pingle
10:30 AM Revision 39d413fa: Remove grub2-bhyve for now: Renato Botelho
10:30 AM Revision 07998395: Remove grub2-bhyve for now: Renato Botelho
09:38 AM Bug #7015: IPsec not working behind NAT: I’m still seeing problems with IPv6 tunneling over an IPv4 IPsec connection, but the symptoms are different from what... David Myers
04:07 AM Bug #7917: GUI shows "There are no packages currently installed" when repos are unreachable: Stephane Debreuil wrote:
> Same issue. It appears after upgrade to 2.4.0.r.20171007.0850 (from 2.4.0.r.20171004.xxxx... Kill Bill
01:57 AM Bug #7917: GUI shows "There are no packages currently installed" when repos are unreachable: Same issue. It appears after upgrade to 2.4.0.r.20171007.0850 (from 2.4.0.r.20171004.xxxx).
S. Debreuil
03:32 AM Bug #7918 (Not a Bug): Nightly error reloading rules: A while ago, I started getting the same notice in my logs every night at the same time. Most of my external servers r... Michael Lustfield

10/08/2017

11:14 PM Bug #7907: Cannot edit IPv4 and IPv6 Local Networks after tunnel creation: I figured out what the issue is. When "redirect gateway" option is checked the fields for local networks are hidden,... John Silva
06:44 PM Revision 75cc9f81: Remove grub2-bhyve for now: Renato Botelho
06:44 PM Revision 9ce60a31: Remove grub2-bhyve for now: Renato Botelho
05:33 PM Bug #6852: Commit 8f86722 breaks DHCPv6 leases status page: Duplicate of Bug #7413 Kill Bill
04:59 PM Bug #7917 (Resolved): GUI shows "There are no packages currently installed" when repos are unreachable: !https://image.prntscr.com/image/O75ZDOwbT8KKiypUxRhaWQ.png!... Kill Bill
03:36 PM Bug #7413: status_dhcpv6_leases.php: Some DHCPv6 leases are not displayed in the GUI: Jim Pingle wrote:
> I agree, but last I looked OMAPI didn't quite do everything we need. ... That may have changed ... Kill Bill
02:17 PM Bug #7413: status_dhcpv6_leases.php: Some DHCPv6 leases are not displayed in the GUI: I agree, but last I looked OMAPI didn't quite do everything we need, plus it required making a program in C to interf... Jim Pingle
02:04 PM Bug #7413: status_dhcpv6_leases.php: Some DHCPv6 leases are not displayed in the GUI: Am I the only one thinking that this absolutely unreadable regex madness needs to go to /dev/null and ISC DHCP server... Kill Bill
10:54 AM Feature #7814: Unbound serve-expired please add to GU as tickbox: yeah I should have updated, martin did the work. Chris Collins
05:45 AM Feature #7814: Unbound serve-expired please add to GU as tickbox: https://github.com/pfsense/pfsense/pull/3817
Kill Bill
10:44 AM Feature #7321: DynDNS - Add DreamHost DNS support: Frank Gruman wrote:
> I'm pretty interested in finally seeing this delivered. The pull request was accepted into ma... Kill Bill
08:36 AM Bug #6420: Monitoring graphs last sample being zero: Been fixed with https://github.com/pfsense/FreeBSD-ports/commit/5b20ed3661e6dc6d8b8d3c78aab5784556cc0dc3 almost a yea... Kill Bill
05:15 AM Bug #6848: Do not create an IPv4/6 gateway for an interface without according IPv4/6 address: Related forum discussion and PR:
https://forum.pfsense.org/index.php?topic=137317.0
https://github.com/pfsense/pfse... Kill Bill
04:55 AM Bug #6860: Monitoring (RRD) graphs return "unknown" step value: Jared Dillard wrote:
> Needs step 1800 added: https://forum.pfsense.org/index.php?topic=117036.msg695224#msg695224
... Kill Bill

10/04/2017

01:49 PM Todo #7911: Suricata missing dropsid sample file in SID Mgmt: Dan Collins wrote:
> Try a fresh install and none of the sample files are there.
That did not work, they are stil... Kill Bill
01:21 PM Todo #7911: Suricata missing dropsid sample file in SID Mgmt: Try a fresh install and none of the sample files are there. Dan Collins
01:13 PM Todo #7911 (Rejected): Suricata missing dropsid sample file in SID Mgmt: Jim Pingle
01:11 PM Todo #7911: Suricata missing dropsid sample file in SID Mgmt: Not really.
!https://image.prntscr.com/image/3cJ2VqXiSTmxQxOSiBZEDw.png!
Please post to the forums until you ha... Kill Bill
11:56 AM Todo #7911 (Rejected): Suricata missing dropsid sample file in SID Mgmt: Suricata - sample dropsid_sample.conf file no longer included in SID Mgmt files. Dan Collins
11:52 AM Feature #7910 (Duplicate): Notification GUI: I would like to see a GUI showing a list of alerts and the ability to turn them on/off from sending email. Dan Collins
10:15 AM Bug #7629 (Resolved): FreeBSD PR affecting pfsense: Moving target to 2.4.0 as this appears to be fixed by FreeBSD 11.1, which is now used by 2.4.0 Jim Pingle
10:10 AM Bug #7839: IPv6 ICMPv6 Type 3 Code 0 (hop limit exceeded in transit) reply uses wrong address.: Moving target to 2.4.0 as this appears to be fixed by FreeBSD 11.1, which is now used by 2.4.0 Jim Pingle
07:53 AM Bug #7825: missing "BACKUP" in CARP status with IPv6: I just tried this again and the procedure you list still doesn't result in the same outcome here. Try it again on 2.4... Jim Pingle
07:52 AM Bug #7909 (Duplicate): XMLRPC: missing "BACKUP" in CARP status with IPv6: Duplicate of #7825
Don't open a duplicate bug, the other one is still open, just in a feedback state. Jim Pingle
01:45 AM Bug #7909 (Duplicate): XMLRPC: missing "BACKUP" in CARP status with IPv6: Hi everyone,
as i am not able to reopen the ticket #7825 -- here we go again ;)
The descriptive text ("BACKUP") n... Helge Wiethoff

10/03/2017

10:49 PM Revision 807160e9: VirtualIP, FIX, VIPs should have a <uniqueid> property inside the config.xml, however if they are added as 'proxy-arp' or 'other' and then modified to ipalias or carp, the uniqueid stays empty.: Pi Ba
06:49 PM Feature #7904: Automatic Bandwidth Limiter on Dummynet: Thanks Jim(s) ;)
A bounty has been created for this project to be completed and submitted to be added to pfSense. ... duev s
06:23 PM Revision 962faafa: Make devel repo point to 2.4.0 as well: Renato Botelho
03:35 PM Revision c604b571: Fix PPP log reference in status.php: (cherry picked from commit 35e5c404ef0d03d40eeac7f5a33f43da0d3ac6fc)
(cherry picked from commit 69ed1107fac3c256695d9... Jim Pingle
03:35 PM Revision e9ec739b: Fix PPP log reference in status.php: (cherry picked from commit 35e5c404ef0d03d40eeac7f5a33f43da0d3ac6fc)
(cherry picked from commit 69ed1107fac3c256695d9... Jim Pingle
03:35 PM Revision 69ed1107: Fix PPP log reference in status.php: (cherry picked from commit 35e5c404ef0d03d40eeac7f5a33f43da0d3ac6fc) Jim Pingle
03:34 PM Revision 35e5c404: Fix PPP log reference in status.php: Jim Pingle
09:23 AM Bug #7908: "Kill filtered states" button has no effect: Yes, unless you are killing states from a serial or VGA console, your own IP address will always show up as you're co... Jim Pingle
09:20 AM Bug #7908: "Kill filtered states" button has no effect: Erm, eh... you'll need to NOT refresh... like, you are recreating those states when you refresh the page. Kill Bill
09:06 AM Bug #7908: "Kill filtered states" button has no effect: There is my own IP address in the box.
Effectively, if I specify another IP address, it works. But not with my own. Alban Cousinié
08:46 AM Bug #7908 (Rejected): "Kill filtered states" button has no effect: What exactly did you have in the box? It only kills properly if you enter an IP address or subnet. The description ma... Jim Pingle
08:35 AM Bug #7908 (Rejected): "Kill filtered states" button has no effect: In pfsense 2.4.0-RC, when I attempt to kill states using the "Kill filtered states" button in the Diagnostics / State... Alban Cousinié

10/02/2017

11:13 PM Revision 28837c4d: Fix path: Renato Botelho
11:12 PM Revision f2daa63c: Fix path: Renato Botelho
07:11 PM Revision 3d90abca: Revert "Welcome pfSense 2.4.0-RELEASE": This reverts commit b6d433fdfc25b404693b85e9086d716db7d76460. Renato Botelho
07:05 PM Revision 388b6303: Revert "Add new repos to lead users to 2.4.0 on amd64": This reverts commit 42eecfeff0f6c1326a7dd7669cb48a7eccead0a6. Renato Botelho
04:52 PM Revision 42eecfef: Add new repos to lead users to 2.4.0 on amd64: Renato Botelho
12:27 PM Bug #7907 (Not a Bug): Cannot edit IPv4 and IPv6 Local Networks after tunnel creation: I can't reproduce anything like that here. The fields show up when editing existing tunnels that can push. Perhaps th... Jim Pingle
11:57 AM Bug #7907 (Not a Bug): Cannot edit IPv4 and IPv6 Local Networks after tunnel creation: IPv4 and IPv6 Local Networks may be specified when tunnel is created but is not exposed when editing existing tunnel ... John Silva
10:26 AM Bug #7754 (Not a Bug): Cannot access "WebCfg - OpenVPN: Client Export Utility" without also granting access to "WebCfg - OpenVPN: Servers": It's working as designed. The export package has no menu entry, so they can't see any menu entry for it.
Users wil... Jim Pingle
10:25 AM Bug #7754: Cannot access "WebCfg - OpenVPN: Client Export Utility" without also granting access to "WebCfg - OpenVPN: Servers": tqwqllrm tqwqllrm wrote:
> I tried to create a local group for admins with limited access and I only want that group... tqwqllrm tqwqllrm
08:15 AM Bug #7906: Dashboard Version Info Inconsistency: I'll post on the forum then, but it's still a bug, if perhaps one of a different color: the GUI System Update reporte... Jeff Morris
08:08 AM Bug #7906 (Not a Bug): Dashboard Version Info Inconsistency: Some component failed in your upgrade. Please post on the forum, mailing list, or reddit and someone can help you get... Jim Pingle
08:07 AM Bug #7906: Dashboard Version Info Inconsistency: Apologies, please disregard my original dashboard screenshot, I unintentionally captured it while it was still displa... Jeff Morris
08:04 AM Bug #7906 (Not a Bug): Dashboard Version Info Inconsistency: I was previously running pfSense-CE-2.3.3-RELEASE-4g-i386-nanobsd and used System Update from the GUI to upgrade to 2... Jeff Morris
07:59 AM Bug #7905: OpenVPN Authentication Against Backend Stalls All Server Traffic: Looks like it's a known issue with the nature of auth-user-pass-verify that OpenVPN does not plan to address: https:/... Jim Pingle
03:54 AM pfSense Packages Feature #7895: Add a script for CARP monitoring to NRPE: Little fix, the current plugin did not set the return code upon exiting. Stéphane Lapie

10/01/2017

05:29 PM Feature #7904 (Needs Patch): Automatic Bandwidth Limiter on Dummynet: It's possible in some specific circumstances, but I don't see one of those being a way that would work properly with ... Jim Pingle
12:00 PM Feature #7904: Automatic Bandwidth Limiter on Dummynet: Thanks Jim!
I really think this would be a highlight feature for pfSense.
It would be very effective traffic ... duev s
11:22 AM Feature #7904: Automatic Bandwidth Limiter on Dummynet: Actually, it seems completely possible. Van Jacobson’s “pathchar” showed so 20 years ago.
https://www.caida.org/t... Jim Thompson
11:03 AM Feature #7904: Automatic Bandwidth Limiter on Dummynet: The idea isn't to use a speedtest.net to monitor actual bandwidth, but to monitor ping latency to see if the dummynet... duev s
10:49 AM Feature #7904 (Rejected): Automatic Bandwidth Limiter on Dummynet: It's not possible. The firewall has no way to determine the actual circuit speed, it must be set manually. A speed te... Jim Pingle
09:33 AM Feature #7904 (Needs Patch): Automatic Bandwidth Limiter on Dummynet: Add an automatic bandwidth limiter to pfSense that dynamically limits Down and Up speeds on WAN based on latency in o... duev s
04:13 PM Bug #7905 (Resolved): OpenVPN Authentication Against Backend Stalls All Server Traffic: When authenticating an OpenVPN Remote Access server against an authentication backend such as RADIUS, all traffic on ... Chris Linstruth

09/30/2017

10:53 AM pfSense Packages Feature #7903 (New): Duo ssh package: When trying to compile the Duo ssh package I get errors. After fixing these, I cannot get the sshd configs to stick o... Jaosn Beitler
08:23 AM Feature #7881: OpenVPN client - add support for multiple server entries: Brendon Baumgartner wrote:
> I think to implement this is by setting the server to Other towards the top and leaving... Jim Pingle
02:00 AM Feature #7881: OpenVPN client - add support for multiple server entries: I think to implement this is by setting the server to Other towards the top and leaving the field blank. Then using t... Brendon Baumgartner
04:45 AM pfSense Packages Bug #6129: zabbix agent/proxy 2.4 not ported to pfSense 2.3: Brendon Baumgartner wrote:
> Zabbix proxies have to match the version of the Zabbix server so just supporting LTS he... Pim Janssen
02:02 AM pfSense Packages Bug #6129: zabbix agent/proxy 2.4 not ported to pfSense 2.3: Zabbix agents can be any version.
Zabbix proxies have to match the version of the Zabbix server so just supporting... Brendon Baumgartner

09/29/2017

09:44 PM Revision b7a91a4d: Fix path: Renato Botelho
09:43 PM Revision e3998059: Fix path: Renato Botelho
07:44 PM Revision 433a54ed: Send RELEASE to internal server: Renato Botelho
07:44 PM Revision 6a3df338: Send RELEASE to internal server: Renato Botelho
05:51 PM Revision b6d433fd: Welcome pfSense 2.4.0-RELEASE: Renato Botelho
02:15 PM pfSense Packages Feature #7902 (New): allow vpn client export of other to be a blank field: Under: OpenVPN -> Client Export -> Host Name Resolution -> Other
The Host Name field that appears requires a valu... Brendon Baumgartner
11:51 AM pfSense Packages Bug #7729 (Resolved): pfBlockerNG orders NAT licked rules to the bottom of firewall rules: Jim Pingle
11:34 AM pfSense Packages Bug #7729: pfBlockerNG orders NAT licked rules to the bottom of firewall rules: Merged and fixed since 2.1.1_9 Kill Bill
10:12 AM Bug #4723 (Resolved): Can't forward UDP fragmented packets with scrubbing enabled.: Thanks! Renato Botelho
09:57 AM Bug #4723: Can't forward UDP fragmented packets with scrubbing enabled.: I made the lab in order to reproduce the issue. But could not reproduce one.
I tried to use 2KB frames, and the fram... Constantine Kormashev
10:04 AM pfSense Packages Bug #7893: Kernel Panic Suricata Inline: Additional warning text has been added to the Group Help displayed in the Blocking Mode section of the INTERFACE SETT... Bill Meeks
10:01 AM Bug #7592 (Resolved): SG-1000: Unbound not always restarting properly after changes in /etc/hosts: Anonymous
06:28 AM Bug #7592: SG-1000: Unbound not always restarting properly after changes in /etc/hosts: I found there are error messages in logs, but I can see unbound works fine on latest FW on sg1000
Error messages a... Constantine Kormashev
10:00 AM Bug #7889: The dropdown tabs replacement fallback needs to be limited to certain pages: Pull requests have been submitted for removing the use of the <no_drop_down> tag on the SYNC tab in both the Snort an... Bill Meeks
08:57 AM Bug #7901 (Rejected): Cannot Import Valid SSL Certificate with Private Key: That message means the public key on the certificate does not match the public key stored with the private key. Post ... Jim Pingle
08:41 AM Bug #7901 (Rejected): Cannot Import Valid SSL Certificate with Private Key: I have a wildcard SSL certificate from a vendor using my own private key. This wildcard SSL certificate was successfu... Jarrad S
08:28 AM Bug #7900 (Not a Bug): DynamicDNS Amazon Route53 Not Working: Jim Pingle
06:39 AM Bug #7900: DynamicDNS Amazon Route53 Not Working: It looks like the settings for the HostZonedID input were changed (previously needed to specify a region and hosted z... George 77
06:15 AM Bug #7900 (Not a Bug): DynamicDNS Amazon Route53 Not Working: DynamicDNS Provider Route53 is not updating. Despite the failure, the error detection code doesn't catch that a failu... George 77
07:06 AM Bug #7272 (Resolved): 6rd not functioning on 2.4.0-BETA: Looks like the main problem here is fixed. If any specific problem is found, please open a new ticket with details Renato Botelho
07:05 AM Bug #7719 (Resolved): Dynamic DNS updates not working on interface failover: Works Renato Botelho
07:05 AM Bug #7750 (Resolved): unbound refuses ipv6 queries after reboot: Works Renato Botelho

09/28/2017

04:54 PM Revision de5c66b5: Add copyright notice to dashboard page (but only once per upgrade): (cherry picked from commit f3c5f4c57362a893868976054c00dd7d9f37e721) Steve Beaver
04:38 PM Revision c731797d: Set kern.cam.boot_delay=10000 on target systems installed using memstick or ISO: Renato Botelho
04:38 PM Revision 286ec1c7: Set kern.cam.boot_delay=10000 on target systems installed using memstick or ISO: Renato Botelho
02:28 PM Revision c56630d7: Increase reserved space for loader/boot to 128Kb to make 8Gb disk size to fit: Renato Botelho
02:28 PM Revision 1b30618f: Default config packages need to have vital flag set too: Renato Botelho
02:27 PM Revision 0968ca43: Increase reserved space for loader/boot to 128Kb to make 8Gb disk size to fit: Renato Botelho
01:31 PM Revision 401e2ac7: Remove no-op code: See https://redmine.pfsense.org/issues/7889 for related discussion Doktor Notor
01:26 PM Revision cbbb8fdb: Remove no-op code: See https://redmine.pfsense.org/issues/7889 for related discussion Doktor Notor
12:49 PM Revision 5f63cb40: Fixed #7889: Increase max number of characters allowed in a tab array to 256 to prevent automatic conversion to pull-down Steve Beaver
09:16 AM Bug #7899: a floating 'match' rule on LAN does not put traffic from a broswer on a clientpc into a shaper queue: Note, I was using PRIQ. Kristopher Kolpin
09:16 AM Bug #7899 (New): a floating 'match' rule on LAN does not put traffic from a broswer on a clientpc into a shaper queue: Seeing bug 7116 (https://redmine.pfsense.org/issues/7116) again with squid and any other traffic originating from the... Kristopher Kolpin
09:13 AM Bug #7116: a floating 'match' rule on LAN does not put traffic from a broswer on a clientpc into a shaper queue: Seeing bug 7116 again with squid and any other traffic originating from the firewall. Cannot place it into any kind ... Kristopher Kolpin
09:13 AM Bug #7272 (Feedback): 6rd not functioning on 2.4.0-BETA: We will keep an eye on this issue, for now it seems to be working.
Thanks everybody. Luiz Souza
08:32 AM Bug #7889: The dropdown tabs replacement fallback needs to be limited to certain pages: Steve Beaver wrote:
> Yes; it should be nuked. I'd like to wait until after the 2.4 release before doing that, howev... Kill Bill
08:22 AM Bug #7889 (Resolved): The dropdown tabs replacement fallback needs to be limited to certain pages: Anonymous
08:22 AM Bug #7889: The dropdown tabs replacement fallback needs to be limited to certain pages: Yes; it should be nuked. I'd like to wait until after the 2.4 release before doing that, however. Anonymous
08:18 AM Bug #7889: The dropdown tabs replacement fallback needs to be limited to certain pages: That works (for the pkg.php/pkg_edit.php as well) provided the limit stays high-enough.
Should the no-op no_drop_... Kill Bill
08:00 AM Bug #7889 (Feedback): The dropdown tabs replacement fallback needs to be limited to certain pages: Applied in changeset commit:5f63cb40ca75f055f85427e78d9e2348b65b05c4. Anonymous
07:17 AM Bug #7898: PFsense 2.4 RC 9/28/17 update - Traffic Shaper HFSC Priority field missing: It was removed deliberately as a part of PR https://github.com/pfsense/pfsense/pull/3795 but in #1994 luiz says HFSC ... Jim Pingle
05:05 AM Bug #7898: PFsense 2.4 RC 9/28/17 update - Traffic Shaper HFSC Priority field missing: thats because HFSC doesnt use priorities Bipin Chandra
07:09 AM pfSense Packages Bug #7716 (Resolved): Suricata - Barnyard2 webui configuration updates result in base64-encoded value written to the config for the password: Jim Pingle
03:21 AM pfSense Packages Bug #7716: Suricata - Barnyard2 webui configuration updates result in base64-encoded value written to the config for the password: Fixed. Kill Bill
07:09 AM pfSense Packages Bug #7756 (Resolved): suricata suricata_check_dir_size_limit() needs to be improved: Jim Pingle
03:21 AM pfSense Packages Bug #7756: suricata suricata_check_dir_size_limit() needs to be improved: Fixed. Kill Bill
07:08 AM pfSense Packages Bug #7578 (Resolved): Suricata -- Removing Hosts from Block Table via Alerts: Jim Pingle
03:13 AM pfSense Packages Bug #7578: Suricata -- Removing Hosts from Block Table via Alerts: Fixed. Kill Bill
07:08 AM pfSense Packages Bug #5996 (Closed): Snort service does not start back after rules update: Jim Pingle
02:49 AM pfSense Packages Bug #5996: Snort service does not start back after rules update: Certainly not a general issue plus insufficient info here to identify any bug. Kill Bill
06:29 AM pfSense Packages Bug #7736: Crahs with Quagga OSPF and the latest 2.4 Beta: bump Jim Thompson
06:29 AM pfSense Packages Bug #6456 (Not a Bug): vm-bhyve not correctly detecting the modules in kernel: Jim Thompson
03:30 AM pfSense Packages Bug #6456: vm-bhyve not correctly detecting the modules in kernel: As noted above, long fixed. Kill Bill
05:50 AM Feature #7888: Add a button in package manager GUI to upgrade all packages: And on that note, one to remove them all would help as well. Kill Bill

09/27/2017

11:52 PM Bug #7898 (Closed): PFsense 2.4 RC 9/28/17 update - Traffic Shaper HFSC Priority field missing: See attached screenshot of HFSC shaper parent and qInternet Child which i already setup traffic shaper on 2.3 when i ... Pushapraj Bhamra
08:06 PM Revision f3c5f4c5: Add copyright notice to dashboard page (but only once per upgrade): Steve Beaver
06:32 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: this time around it took a bit for it to come up, but it did....
[2.4.1-DEVELOPMENT][ler@home-fw.lerctr.org]/tmp: ... Larry Rosenman
05:55 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: I can also confirm that it works with the current release (2.4.0.r.20170927.1221).
Only difference (when it comes to... Morten Freberg
03:21 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: DHCP / WAN (passthrough from my NVG-599).
It's consistently (at least now) getting a route by default (I've moved... Larry Rosenman
03:16 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: The only way I found to reproduce this problem (no default gateway at boot) was using DHCP on WAN and I intentionally... Luiz Souza
05:08 PM Bug #7846 (Duplicate): Hyper-v vm traffic shaper error: hn0: driver does not support altq: Jim Pingle
04:01 PM Bug #7846: Hyper-v vm traffic shaper error: hn0: driver does not support altq: Duplicate of Bug #7869 and fixed. Kill Bill
05:08 PM pfSense Packages Bug #7850 (Resolved): Include file containing XML_RPC_encode() missing from snort: Jim Pingle
03:53 PM pfSense Packages Bug #7850: Include file containing XML_RPC_encode() missing from snort: Fixed. Kill Bill
05:08 PM Bug #7839 (Resolved): IPv6 ICMPv6 Type 3 Code 0 (hop limit exceeded in transit) reply uses wrong address.: Jim Pingle
04:50 PM Bug #7839: IPv6 ICMPv6 Type 3 Code 0 (hop limit exceeded in transit) reply uses wrong address.: Fixed in 2.4.1 Kill Bill
01:15 PM pfSense Packages Feature #6022: Consider MLVPN for bonded VPN: Has there been any traction with this? I have been looking for something like this too. I'll add to the kitty for t... Mike T
12:04 PM Feature #7897 (Rejected): User Dashboard: Nothing will be available without logging in. That is not a secure means of accomplishing that goal. You can make res... Jim Pingle
11:54 AM Feature #7897: User Dashboard: This could be useful for Diags on remote sites that users can check.
Also for putting on a Plasma/Monitor on the ... Philip Hadfield
11:50 AM Feature #7897 (Rejected): User Dashboard: Having a Dashboard that can show stats without logging in.
Traffic, Link status, EG all the widgets without any of... Philip Hadfield
10:13 AM Bug #7763 (Resolved): IX driver - fails to recognize media type with SFP after link drop: Closing this issue as the driver is working as intended.
The media options will not be detected until you restart ... Luiz Souza
09:28 AM Bug #7896 (Resolved): picture_widget.php: Hi everyone,
First of all, thanks a bunch for such an effort you put on developing this awesome application. While... Valentin Bajrami
07:59 AM Bug #6499: pf fragment states not purged: The specific bug on this ticket is fixed on version 2.3.2 and later. Your system may legitimately have a lot of fragm... Jim Pingle
07:56 AM Bug #6499: pf fragment states not purged: Chris Buechler wrote:
> fixed
Every so often I am seeing "[zone: pf frag entries] PF frag entries limit reached" ... Hillie Sample
05:16 AM pfSense Packages Feature #7895 (Resolved): Add a script for CARP monitoring to NRPE: I have deployed several CARP clusters at work, but I realized there is no real good way to monitor CARP status :
* S... Stéphane Lapie
01:12 AM pfSense Packages Bug #7893: Kernel Panic Suricata Inline: The “generic_XXXXXX” in one of your screenshots shows you’re not running s netmap-capable NIC. (You’re getting the e... Jim Thompson

09/26/2017

10:45 PM Bug #7894 (Not a Bug): Open VPN not redirecting traffic over tunnel. Remote IPV6 shows as public IP when "Force all client generated traffic through the tunnel." option is enabled and all IPV6 through pfsense is blocked: Yeah that would have to be on the client side. It might even be using its own IPv6 tunneling protocol like Teredo Jim Pingle
10:10 PM Bug #7894: Open VPN not redirecting traffic over tunnel. Remote IPV6 shows as public IP when "Force all client generated traffic through the tunnel." option is enabled and all IPV6 through pfsense is blocked: So after a bit more trouble shooting, I am leaning against this being a bug in PfSense and possibly in my linux build... Shawn Moss
09:51 PM Bug #7894 (Not a Bug): Open VPN not redirecting traffic over tunnel. Remote IPV6 shows as public IP when "Force all client generated traffic through the tunnel." option is enabled and all IPV6 through pfsense is blocked: Hello All,
I just updated to the newest dev build and connected to it remotely and had a shocking supprise. For... Shawn Moss
06:41 PM Revision d47d9b28: Default config packages need to have vital flag set too: Renato Botelho
06:30 PM pfSense Packages Bug #7893: Kernel Panic Suricata Inline: Thanks for the info, you guys might want to get the package maintainer to put some info under the inline selection, i... Ken Sim
06:22 PM pfSense Packages Bug #7893 (Needs Patch): Kernel Panic Suricata Inline: Inline/Netmap is known to have issues with certain hardware (real or virtual). It's still somewhat of an experimental... Jim Pingle
06:12 PM pfSense Packages Bug #7893: Kernel Panic Suricata Inline: I rebooted the VM a few times, and it appears to have stopped it's panic reboot cycle. When I went in to view Suricat... Ken Sim
06:01 PM pfSense Packages Bug #7893 (Needs Patch): Kernel Panic Suricata Inline: I have been playing around with the 2.4.0/1 snapshots, and have found that when Suricata is enabled with inline block... Ken Sim
06:00 PM Revision 7d368325: Mark some core packages as vital: Renato Botelho
06:00 PM Revision 99db0fa7: Mark some core packages as vital: Renato Botelho
03:06 PM Revision d3fda40d: Detect XG-1537: Renato Botelho
03:06 PM Revision 53476cfb: Detect XG-1537: Renato Botelho
03:06 PM Revision e4f613db: Detect XG-1537: Renato Botelho
03:06 PM Revision 90c5e3a9: Detect XG-1537: Renato Botelho
01:55 PM Bug #7889: The dropdown tabs replacement fallback needs to be limited to certain pages: Found it. Had to go back and think about it a minute. It's in the pkg_edit.php file in this code near the bottom of... Bill Meeks
10:20 AM Bug #7889: The dropdown tabs replacement fallback needs to be limited to certain pages: Which line are the comments on? I don't see any. Anonymous
01:41 PM Bug #7763: IX driver - fails to recognize media type with SFP after link drop: The actual bug reported in this ticket is already fixed.
There was a bug in the driver that would fail to add the ... Luiz Souza
11:40 AM Bug #7763 (Assigned): IX driver - fails to recognize media type with SFP after link drop: Renato Botelho
10:28 AM Bug #7763: IX driver - fails to recognize media type with SFP after link drop: Loaded the latest snapshot from today on a XG-2758. The interface media type displayed properly:
ix0: flags=8843<UP,... Clinton Cory
12:15 PM Bug #7606: Using limiters and VLANs on Supermicro Xeon D boards crashes with kernel panic: For now it appears my issue has been resolved on 2.4.0.r.20170926.1006.
Side note though, floating rule still does... putzomatic none
08:51 AM Bug #7877 (Resolved): Crash when enabling traffic shaper on more than 1 port: People on forum report it's fixed Renato Botelho
08:49 AM Bug #3710 (Resolved): Adding static DHCP leases doesn't cause BIND zones to update: Renato Botelho
08:48 AM Bug #7869 (Resolved): Hyper-v vm traffic shaper error: hn0: driver does not support altq: Renato Botelho
02:56 AM Bug #7869: Hyper-v vm traffic shaper error: hn0: driver does not support altq: Solved! Works for me, thanks! Nadav Rak
08:47 AM Bug #7879 (Resolved): traffic shaper crashes with hfsc_dequeue: Renato Botelho

09/25/2017

08:40 PM Bug #7889: The dropdown tabs replacement fallback needs to be limited to certain pages: Thanks Bill. I will try to determine why that change was made. Anonymous
08:09 PM Bug #7889: The dropdown tabs replacement fallback needs to be limited to certain pages: To add another note to the conversation. There is a parameter in the _display_top_tabs()_ function that is supposed ... Bill Meeks
05:32 PM Bug #7879: traffic shaper crashes with hfsc_dequeue: After initial testing with and pushing some traffic through my queue's which seemed like a sure way to crash it befor... Pi Ba
03:17 PM Bug #7879 (Feedback): traffic shaper crashes with hfsc_dequeue: Found and fixed, a new commit was made to address this issue.
Please test again on the next snapshot.
Thanks! Luiz Souza
03:18 PM Bug #7877 (Feedback): Crash when enabling traffic shaper on more than 1 port: (duplicate from #7879): Found and fixed, a new commit was made to address this issue.
Please test again on the nex... Luiz Souza
01:44 PM Bug #7833: ipfw will not limit download speed - captiveportal: Works here as well. Thanks. Kill Bill
11:35 AM Bug #7833 (Resolved): ipfw will not limit download speed - captiveportal: Renato Botelho
11:18 AM Bug #7833: ipfw will not limit download speed - captiveportal: Confirmed, this looks fixed.
I see limiters created and traffic going into them both up and down:... Steve Wheeler
09:46 AM Bug #7833: ipfw will not limit download speed - captiveportal: [2.4.1-DEVELOPMENT][admin@pf6.localdomain]/root: ipfw table all list
--- table(cp_ifaces), set(0) ---
vmx1 2100 147... Vladimir Lind
09:42 AM Bug #7833: ipfw will not limit download speed - captiveportal: Renato Botelho wrote:
> Kill Bill wrote:
> > This got reverted yet again. Sigh.
>
> Yes, because kernel was fixe... Kill Bill
08:57 AM Bug #7833: ipfw will not limit download speed - captiveportal: Kill Bill wrote:
> This got reverted yet again. Sigh.
Yes, because kernel was fixed. Renato Botelho
12:41 PM Bug #7819: php-fpm crashing: The problem stated on this ticket is resolved. If you still have an issue, it's something different. Just because you... Jim Pingle
12:24 PM Bug #7819: php-fpm crashing: I am still getting 502 Bad Gateway every day, so bad its about once an hour.. Here is what I can get when its locked ... Chad Brandenburg
11:36 AM Bug #7813: Missing download statistics on captive portal with MAC filtering enabled: Confirmed:... Steve Wheeler
10:29 AM Bug #7813 (Resolved): Missing download statistics on captive portal with MAC filtering enabled: Renato Botelho
10:07 AM Bug #7813: Missing download statistics on captive portal with MAC filtering enabled: 2.4.1-DEVELOPMENT (amd64)
built on Sun Sep 24 21:37:23 CDT 2017
With enabled MAC filtering:
--- table(teaget... Vladimir Lind
11:25 AM Bug #7834: Disabling captiveportal will not flush the ipfw pipes: Confirmed dynamic Limiters are removed as expected:... Steve Wheeler
10:29 AM Bug #7834 (Resolved): Disabling captiveportal will not flush the ipfw pipes: Renato Botelho
09:56 AM Bug #7834: Disabling captiveportal will not flush the ipfw pipes: Looks good after disabling CP:
[2.4.1-DEVELOPMENT][admin@pf6.localdomain]/root: ipfw table all list ; echo ; ipfw ... Vladimir Lind
11:22 AM Bug #7807: sg-1000 random reboot when traffic shaping enabled: ok ill try to get crash log again, on apu2 it crashes as soon as u enable shaping on more than 1 interface and on sg-... Bipin Chandra
10:54 AM Bug #7807 (Duplicate): sg-1000 random reboot when traffic shaping enabled: Neither of those logs contain useful information, the most important parts are before those logs start. If you captur... Jim Pingle
10:37 AM Bug #7807: sg-1000 random reboot when traffic shaping enabled: crash log attached Bipin Chandra
08:57 AM pfSense Packages Bug #7891 (Rejected): (suricata), uid 0: exited on signal 11 (core dumped) latest 2.4.0-RC: This does not appear to be a general issue with suricata, but may be specific to your configuration or installation. ... Jim Pingle
06:27 AM Feature #4242: Two Factor or OTP Authentication for Admin Interface: This feature will be really helpful to meet the specifications from the PCI-DSS / ISO27001 or another security certs. Florent A
03:12 AM Revision ce6d6fdb: Tiny typo: Just removed an extra `'.'` → luckman212

09/24/2017

10:11 PM Bug #7763 (Feedback): IX driver - fails to recognize media type with SFP after link drop: Seems like you have found a real bug in the driver.
It is fixed in pfSense 2.4-RC, please try the next snapshot.
... Luiz Souza
09:06 PM pfSense Packages Bug #7891: (suricata), uid 0: exited on signal 11 (core dumped) latest 2.4.0-RC: Did a fresh reinstall and restored the backup and still got same issue. rub man
04:20 PM pfSense Packages Bug #7891: (suricata), uid 0: exited on signal 11 (core dumped) latest 2.4.0-RC: I found the core dump file.
I couldn't upload the .core file here as it is huge...
so I upload it to my dropbox:
... rub man
03:49 PM pfSense Packages Bug #7891 (Rejected): (suricata), uid 0: exited on signal 11 (core dumped) latest 2.4.0-RC: Hi,
Just upgraded from latest stable to next major version 2.4.0-RC today via gui.
Only major problem I have is s... rub man
04:50 PM Bug #7892 (Closed): AutoConfigBackup status reported incorrectly: Around 12PM Central time (9/24/17), AutoConfigBackup showed some alerts about unsuccessfully backing up the config.
... Anonymous
12:30 PM Bug #7879: traffic shaper crashes with hfsc_dequeue: I tried 2.4.1 with 'em' E1000 nics on ESXi.. that crashes to..
Version 2.4.1-DEVELOPMENT (amd64)
built on Sat Sep ... Pi Ba
06:53 AM Bug #7272: 6rd not functioning on 2.4.0-BETA: Larry Rosenman wrote:
> with the current code a straight reboot has the IPv6 default installed.
>
> However, on ... Jim Thompson
06:47 AM Bug #7272: 6rd not functioning on 2.4.0-BETA: with the current code a straight reboot has the IPv6 default installed.
However, on the upgrade to this code did ... Larry Rosenman
06:38 AM Bug #7272: 6rd not functioning on 2.4.0-BETA: Well I'm just saying that the results of your testing appear to be completely random and unrelated to any versions. H... Kill Bill
06:30 AM Bug #7272: 6rd not functioning on 2.4.0-BETA: just reporting what I'm seeing. I update to each RC and when I get IPv6 default route working I post, and when I see... Larry Rosenman
06:27 AM Bug #7272: 6rd not functioning on 2.4.0-BETA: Larry Rosenman wrote:
> Broke again at:
> 2.4.0-RC (amd64)
> built on Sat Sep 23 22:28:05 CDT 2017
> FreeBSD 11... Kill Bill
06:14 AM Bug #7272: 6rd not functioning on 2.4.0-BETA: Broke again at:
2.4.0-RC (amd64)
built on Sat Sep 23 22:28:05 CDT 2017
FreeBSD 11.0-RELEASE-p12 Larry Rosenman
04:36 AM Bug #7833: ipfw will not limit download speed - captiveportal: This got reverted yet again. Sigh. Kill Bill
01:02 AM Bug #6911: no network on hyperv-v 2012 R1: resolved in 2.4.1 Dmitry Ivanov

09/23/2017

11:12 PM Feature #7890: Support for Intel/AMD CPU microcode updates: https://github.com/pfsense/pfsense/pull/3828 for sysutils/devcpu-data and the kernel bits. Adding the GUI toggle to b... Kill Bill
11:08 PM Feature #7890 (Rejected): Support for Intel/AMD CPU microcode updates: It'd be useful to include support for Intel/AMD CPU microcode updates.
https://www.freebsd.org/doc/en/books/faq/co... Kill Bill
11:58 AM Bug #7594: "vtnet: driver does not support altq" following upgrade to 2.4 (worked in pfSense 2.3): What are the chances of getting this fixed for 2.4-RELEASE? Similar bugs (https://redmine.pfsense.org/issues/7869) s... John Silva
09:49 AM Bug #7272: 6rd not functioning on 2.4.0-BETA: And it works again at:
2.4.0-RC (amd64)
built on Fri Sep 22 20:41:05 CDT 2017
FreeBSD 11.0-RELEASE-p12 Larry Rosenman
09:27 AM Feature #7847: USB NIC not loading (TP-Link UE300 RTL8153): J L wrote:
> can this be considered as a request to have this automated ?
Stick it as earlyshellcmd to Shellcmd p... Kill Bill
05:58 AM Bug #7889 (Resolved): The dropdown tabs replacement fallback needs to be limited to certain pages: AFAICT, this was designed to aid systems with lots of interfaces, and intended for places such as Firewall - Rules. I... Kill Bill

09/22/2017

08:53 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: And it *BROKE* again on:
2.4.0-RC (amd64)
built on Fri Sep 22 11:35:27 CDT 2017
FreeBSD 11.0-RELEASE-p12 Larry Rosenman
04:02 PM Revision 27d1807a: Don't call widget callback function if no data is returned: (cherry picked from commit 89d83febe6bf0fd63ec72d53eb8e524a8d19994e) Steve Beaver
04:01 PM Revision 89d83feb: Don't call widget callback function if no data is returned: Steve Beaver
03:59 PM Revision 352f422c: Dashboard refresh system should not call the widget callback function if no data was returned: (cherry picked from commit 7a8131028874b334e43b5e7dcf894a86481543c6) Steve Beaver
03:57 PM Revision 7a813102: Dashboard refresh system should not call the widget callback function if no data was returned: Steve Beaver
02:43 PM Bug #7865 (Resolved): User groups -> Assigned Privileges doesn't work: Fixed Jim Pingle
01:53 PM Revision 97c69e81: Revert "Do not associate IP and MAC on down table. It should help #7813 and #7833": This reverts commit 0116f1c9bbf1a532fdd49c346c41b761c1e59d93. Luiz Souza
01:52 PM Revision bd068df3: Revert "Do not associate IP and MAC on down table. It should help #7813 and #7833": This reverts commit aa61ecfde0952ed1c3a035ac9489f5a5f9c51425. Luiz Souza
12:44 PM Feature #7847 (Needs Patch): USB NIC not loading (TP-Link UE300 RTL8153): Jim Pingle
12:44 PM pfSense Packages Bug #7278 (Resolved): Suricata Service - Advanced Configuration Pass-Through not working: Jim Pingle
11:53 AM Feature #7888 (New): Add a button in package manager GUI to upgrade all packages: Dunno, am I'm the only one who's missing this? Kill Bill
11:37 AM Bug #7869 (Feedback): Hyper-v vm traffic shaper error: hn0: driver does not support altq: There is a new knob to enable the support and now it is enabled by default in pfSense.
Will be available on the ne... Luiz Souza
01:37 AM Bug #7813 (Feedback): Missing download statistics on captive portal with MAC filtering enabled: Fixed. Please try the next snapshot (will be available on tomorrow's snapshot). Luiz Souza
01:36 AM Bug #7833 (Feedback): ipfw will not limit download speed - captiveportal: Fixed. Please try the next snapshot (will be available on tomorrow's snapshot). Luiz Souza
12:12 AM Feature #4796: Support Multiple FIBs in pfSense: I just stumbled upon a case where it would be nice to have the webConfigurator in a separate FIB, because of routing ... Stéphane Lapie

09/21/2017

07:45 PM Revision 603be247: Remove erroneous additional text.: AdamD
06:10 PM Revision 0116f1c9: Do not associate IP and MAC on down table. It should help #7813 and #7833: Renato Botelho
06:10 PM Revision aa61ecfd: Do not associate IP and MAC on down table. It should help #7813 and #7833: Renato Botelho
06:08 PM Revision a6f8dd7a: Revert "Update translation files": Bad commit log
This reverts commit ff8d44d194b6a5ada8fcd2aafe8c7ec358a7adae. Renato Botelho
06:05 PM Revision ff8d44d1: Update translation files: Renato Botelho
05:24 PM Bug #7887 (Not a Bug): User permissions do not protect firewall rules: It is working as designed. If you have permissions for a page, you can do anything on that page. The "Edit" page edit... Jim Pingle
05:10 PM Bug #7887: User permissions do not protect firewall rules: Michael Newton wrote:
> Javascript should have no bearing on it, since the permissions (should) get checked on the s... Kill Bill
05:04 PM Bug #7887: User permissions do not protect firewall rules: Kill Bill wrote:
> Michael Newton wrote:
> > 6. Right click on Save button, inspect in browser's tools and remove "... Michael Newton
04:55 PM Bug #7887: User permissions do not protect firewall rules: Michael Newton wrote:
> 6. Right click on Save button, inspect in browser's tools and remove "disabled" attribute
... Kill Bill
04:30 PM Bug #7887 (Not a Bug): User permissions do not protect firewall rules: User permissions have only cosmetic effect on the firewall page, if any, and are trivially easy to bypass.
Steps t... Michael Newton
05:02 PM Revision 575bc378: Update translation files: Renato Botelho
05:02 PM Revision f9cc13d0: Regenerate pot: Renato Botelho
04:27 PM Revision 1144e24c: Fixed #7856: Steve Beaver
02:23 PM Revision 0266efa6: Unbound - allow snoop from localhost: dig +trace fails without this, which is super annoying for debugging/diagnostics/benchmarking or whatever similar pur... Doktor Notor
12:57 PM Revision 1841c040: Update translation files: Renato Botelho
12:57 PM Revision 58a62782: Regenerate pot: Renato Botelho
12:37 PM Bug #7886: PRIQ, priority of 0 cannot be saved in GUI, GUI attempts to save a 0 value but actually ends up storing it as the default of 1: I also noticed that if you reorder and change the names of the priorities, and you have P2P catch-all set (default qu... jake xanaro
12:34 PM Bug #7886 (Resolved): PRIQ, priority of 0 cannot be saved in GUI, GUI attempts to save a 0 value but actually ends up storing it as the default of 1: PRIQ, priority of 0 cannot be saved in GUI, GUI attempts to save a 0 value but actually ends up storing it as the def... jake xanaro
12:06 PM Bug #7885 (Resolved): Cert. Manager should validate EKUs on importing a certificate authority: Currently, you can import any certificate as a CA, even ones that are actually unusable as a CA. Subsequently, you ca... Kill Bill
11:40 AM Bug #7856 (Feedback): IPsec status does not show all connected mobile clients: Applied in changeset commit:1144e24cabeda458b266b9874b827746f4c0f8a0. Anonymous
11:20 AM Bug #4723: Can't forward UDP fragmented packets with scrubbing enabled.: I am no longer able to troubleshoot this issue, I switched over to IPSec to resolve my SIP/UPD issue. I was working ... ryon m
11:13 AM Bug #7884 (Confirmed): Unbound refusing non-recursive/iterative queries even from localhost: PR looks good and the change lets @dig +trace@ and @drill -T@ work locally. Jim Pingle
09:42 AM Bug #7884 (Resolved): Unbound refusing non-recursive/iterative queries even from localhost: This is so much secure that it's annoying and getting in the way of normal work for not exactly any good reason.
<... Kill Bill
11:08 AM Bug #7500 (Resolved): Upgrade From 2.3.3_p1 to 2.4 Fails (libssl.so.8 not found): Jim Pingle
10:57 AM Bug #7500: Upgrade From 2.3.3_p1 to 2.4 Fails (libssl.so.8 not found): I'm no longer seeing this error on recent upgrades, please close the ticket.
For documentation, the following co... ryon m
07:45 AM Bug #7883 (Not a Bug): Aliases can only be deleted by some users: Most likely they had the 'deny config write' privilege which will do exactly this, and it's expected. On 2.4 it will ... Jim Pingle
04:25 AM Bug #7883: Aliases can only be deleted by some users: So, new insights (and the bug in that form can be closed):
- alias generation was not automatic but user triggered
... Felix Wolfsteller
03:57 AM Bug #7883 (Not a Bug): Aliases can only be deleted by some users: We have following setup:
- pfsense 2.3.4-RELEASE-p1
- one default admin user
- one user with all privileges assign... Felix Wolfsteller
05:45 AM Revision 316af8dc: Update misleading help text: Commit d57725aac5145b4f17097d61e3b5a6ca72f1754e updated the help text
to use LDAP search filter syntax. This is misle... AdamD
02:39 AM Feature #7882 (Rejected): Seperator feature in DHCP Static mapping for this feature: Under Firewall -> Rules you have the possibility to seperate the rules with a seperator, this is a nice feature and i... Arian olde Kalter

09/20/2017

02:54 PM Bug #7819 (Resolved): php-fpm crashing: This looks good with 0.50, it no longer crashes on either system I could reproduce the crash on originally. Jim Pingle
01:55 PM Bug #7819 (Feedback): php-fpm crashing: php56-pfSense-module version 0.50 should fix this Renato Botelho
02:37 PM Revision 2f4685ca: Merge branch 'master' of gitlab.netgate.com:pfsense/pfsense: Steve Beaver
02:35 PM Bug #7878 (Resolved): GUI lag in Edit Phase 1 ipsec: This works now for Chrome on OS X. Jim Pingle
02:32 PM pfSense Packages Bug #7876 (Resolved): Potential XSS in status_monitoring.php: Confirmed fixed on the latest snapshot. Jim Pingle
02:30 PM Bug #7864 (Resolved): OpenVPN (tun/tap) is not showing: This works now. The wizard is now correctly populating the appropriate variables for the VPN. Jim Pingle
12:28 PM Bug #7880: 504 Gateway Time-out: Yes, because the certificate verification and authentication is handled in PHP. If you have more questions, please po... Jim Pingle
12:24 PM Bug #7880: 504 Gateway Time-out: is there any reason vpn server not accepting incoming vpn connections? Nikos Kastanas
08:01 AM Bug #7880 (Not a Bug): 504 Gateway Time-out: If a command never terminates, it will run until something stops it (e.g. PHP execution timeout).
There is no way ... Jim Pingle
04:08 AM Bug #7880: 504 Gateway Time-out: Yeah nothing happens because the command will never return. It will keep pinging forever. PEBKAC. Kill Bill
03:18 AM Bug #7880 (Not a Bug): 504 Gateway Time-out: it is checked on different hardware with the same pfsense version 2.3.4-RELEASE-p1.
If try to run a command (eg ping... Nikos Kastanas
10:32 AM Feature #1205 (Closed): VPN: User-based / Group-based firewall rules: This has been in place since pfSense 2.1. It uses the same syntax as cisco inacl/outacl, for example "permit tcp from... Jim Pingle
10:07 AM Feature #1205: VPN: User-based / Group-based firewall rules: Ermal Luçi wrote:
> The user based rules are supported if they come from radius.
>
> Locally to pfSense they stil... Adrien Carlyle
09:46 AM Feature #6457: Allow ability to configure AWS EC2 AMI via userdata: Internal redmine ticket related to one of the user data options:
https://redmine.netgate.com/issues/162 Clinton Cory
06:51 AM Feature #7881 (New): OpenVPN client - add support for multiple server entries: OpenVPN in client mode supports multiple "remote" directives, these can be used for redundancy, if the first server f... robi robi
05:05 AM Bug #6406: Web process becomes unresponsive producing 502 Bad Gateway nginx: Chris Collins wrote:
> As an experiment I manually adjusted the php-fpm server configuration so there is more childr... Kill Bill
04:18 AM Bug #7813: Missing download statistics on captive portal with MAC filtering enabled: See Bug #7833 and kindly re-instate the AWOL fix. Kill Bill

09/19/2017

09:38 PM Revision 72d2dbdf: Only run swapon and rc.savecore when the SWAPDEVICE is valid.: (cherry picked from commit d988e0bbf991e28c611b194e9e6ccd99f818209b) Luiz Souza
09:38 PM Revision d988e0bb: Only run swapon and rc.savecore when the SWAPDEVICE is valid.: Luiz Souza
07:59 PM Revision 7e0b401d: Include boot/modules and also kernel.debug in kernel-debug package: Renato Botelho
07:58 PM Revision fd349773: Include boot/modules and also kernel.debug in kernel-debug package: Renato Botelho
07:41 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: upgraded today to:
2.4.0-RC (amd64)
built on Tue Sep 19 18:30:48 CDT 2017
FreeBSD 11.0-RELEASE-p12
and 6RD... Larry Rosenman
07:03 PM Bug #7879: traffic shaper crashes with hfsc_dequeue: Possible duplicate of #7877 Jim Thompson
12:57 PM Bug #7879 (Resolved): traffic shaper crashes with hfsc_dequeue: Today i experienced several crashes in 2.4RC i think there were at least 5.
Ive submitted the crash report a few tim... Pi Ba
05:47 PM Revision 72878dfa: Authentication selector JavaScript changed to eliminate lag: (cherry picked from commit dbef7a85819d3c971319de41d287f06419342105) Steve Beaver
05:46 PM Revision dbef7a85: Authentication selector JavaScript changed to eliminate lag: Steve Beaver
05:21 PM Revision 8451d0a9: Fix #7834: Delete IPFW pipes when disable Captive Portal zone: Renato Botelho
05:21 PM Revision 76c6bf5b: Remove correct file: Renato Botelho
05:21 PM Revision 666cc3d7: Ticket #7834: Add missing global declarations: Renato Botelho
05:21 PM Revision b2c92623: Fix #7834: Delete IPFW pipes when disable Captive Portal zone: Renato Botelho
05:21 PM Revision 5c7fead1: Remove correct file: Renato Botelho
05:21 PM Revision fbfbc6bd: Ticket #7834: Add missing global declarations: Renato Botelho
03:47 PM Bug #7778: DHCP relay not working correctly with bridges: Any updates on this issue? Do you agree this is a bug or is there a good reason why the bridge interface isn't added ... Sander Peterse
02:30 PM Revision a2d83aaf: Setup wizard revisions: (cherry picked from commit 09237040fd9a05415673a47d26e669b274981c2e) Steve Beaver
02:29 PM Revision 09237040: Setup wizard revisions: Steve Beaver
12:48 PM Bug #7878 (Feedback): GUI lag in Edit Phase 1 ipsec: JavaScript changed to eliminate lag Anonymous
11:33 AM Bug #7878: GUI lag in Edit Phase 1 ipsec: Seems to be isolated to only Chrome and only on OS X.
Firefox on OS X is fine. Chrome on Linux and Windows is fine... Jim Pingle
11:15 AM Bug #7878 (Resolved): GUI lag in Edit Phase 1 ipsec: There appears to be a lag when selecting options for Authentication Method when editing Phase 1 for IPSec. Please se... Matthew Fine
12:30 PM Bug #7834 (Feedback): Disabling captiveportal will not flush the ipfw pipes: Applied in changeset commit:b2c926239223ed959a800ddf0c799e7650696d2e. Renato Botelho
10:41 AM pfSense Packages Bug #7876 (Feedback): Potential XSS in status_monitoring.php: Fixes pushed to the freebsd-ports repo:
FreeBSD-ports/devel "f044c1e4e3f647028c57ae1a572dc6377e555f... Jim Pingle
09:45 AM pfSense Packages Bug #7876 (Resolved): Potential XSS in status_monitoring.php: The "view" variable in status_monitoring.php is taken from $_GET and used in a hidden input ("view-title") without en... Jim Pingle
10:17 AM Bug #7877 (Resolved): Crash when enabling traffic shaper on more than 1 port: https://forum.pfsense.org/index.php?topic=136733.0 Anonymous
02:12 AM Revision 4c53dfbe: Changes Dynamic DNS Status Widget to display client description text for Custom and Custom (v6) entries. Implements #7843: Christopher Fazendin

09/18/2017

11:23 PM Revision 1c2ef5f2: notifycation, bootup complete: Pi Ba
09:39 PM pfSense Packages Bug #7875 (Rejected): HAProxy Frontend bug - pfsense 2.3.4-RELEASE-p1 (amd64): This is not a platform for discussion or asking support questions. Please post on the forum, mailing list, reddit, et... Jim Pingle
08:40 PM pfSense Packages Bug #7875 (Rejected): HAProxy Frontend bug - pfsense 2.3.4-RELEASE-p1 (amd64): Hi Support,
This issue is related to ticket #7851 .We are advise to upgrade to the latest version 2.3.4-RELEASE-p1... Peter Omolo
05:14 PM Revision eeb09d06: Use correct branch name: Renato Botelho
03:45 PM Revision 040e0b40: Remove the previous 'no_dad' workaround now that if_stf is fixed.: Partly revert b76e0baebb70775b192507ec18f523141800ce95.
(cherry picked from commit dad3885f9f5afbe0768387527122a8854... Luiz Souza
01:49 PM Revision 9a65d4a2: Populate more default values in the OpenVPN configuration generated by the wizard and rearrange some options so there is less of a difference when editing the configuration for the first time. Fixes #7864: (cherry picked from commit 95a8ebeb5b7d73e7e72eba27c22d2b2b312f92de) Jim Pingle
01:49 PM Revision 95a8ebeb: Populate more default values in the OpenVPN configuration generated by the wizard and rearrange some options so there is less of a difference when editing the configuration for the first time. Fixes #7864: Jim Pingle
01:09 PM Feature #7874 (Rejected): Change OpenVPN Help: The current example is valid. Your example does something different and more complicated that is not what the average... Jim Pingle
01:03 PM Feature #7874 (Rejected): Change OpenVPN Help: Currently the OpenVPN text reads:
@EXAMPLE: push "route 10.0.0.0 255.255.255.0"@
This should be updated to
@EXAM... Christian M.
01:00 PM Revision 81498c2c: Do not show group privilege controls unless the user is editing an existing group. Fixes #7865: (cherry picked from commit 7af38087fef168f213c6880c6782153630c13386) Jim Pingle
12:59 PM Revision 7af38087: Do not show group privilege controls unless the user is editing an existing group. Fixes #7865: Jim Pingle
11:48 AM Revision b9d54e38: Path must be relative here: Renato Botelho
11:47 AM Revision 0f2ee2eb: Path must be relative here: Renato Botelho
09:00 AM Bug #7864 (Feedback): OpenVPN (tun/tap) is not showing: Applied in changeset commit:95a8ebeb5b7d73e7e72eba27c22d2b2b312f92de. Jim Pingle
08:10 AM Bug #7865 (Feedback): User groups -> Assigned Privileges doesn't work: Applied in changeset commit:7af38087fef168f213c6880c6782153630c13386. Jim Pingle
08:03 AM Bug #7868: bsmtpd hostres feature should not be active when running on esx/proxmox/virtualbox: PR looks OK but we can't commit to making sure it's in 2.4-RELEASE at the moment. We'll talk it over internally. Jim Pingle
06:24 AM pfSense Packages Bug #7872 (Not a Bug): Edits not saving: Also, don't manually edit the config files. The GUI will always overwrite them on purpose. That's what the GUI is for... Jim Pingle
03:05 AM pfSense Packages Bug #7872: Edits not saving: Noone is fixing packages in outdated versions that you should not be using in the first place. There were multiple HA... Kill Bill
02:50 AM pfSense Packages Bug #7872: Edits not saving: Is it a known issue? Will upgrading fix? Don't want to upgrade and encounter the same. David Maina
02:40 AM pfSense Packages Bug #7872: Edits not saving: How about upgrading your pfSense? Kill Bill
02:28 AM pfSense Packages Bug #7872: Edits not saving: Am on *2.3.2-RELEASE-p1 (amd64)* David Maina
02:26 AM pfSense Packages Bug #7872 (Not a Bug): Edits not saving: Am editing */var/etc/haproxy/haproxy.cfg* but looks like changes are getting cleared if someone uses *Services/HAProx... David Maina
04:50 AM Bug #7873 (Closed): When upgrading, some services/packages do not come back online on the first reboot (but do on the second): I am using pfSense on virtual machines on VMware, and noticed the following services do not start properly on the fir... Stéphane Lapie
03:08 AM Feature #3013: Better upgrading for a CARP cluster: I have seen this improvement, so first of all, thank you so much.
However, the problem still remains that the CARP... Stéphane Lapie

09/17/2017

06:39 PM pfSense Packages Bug #7871: Add squid validation for selected CA when MITM is enabled: P.S. There's https://github.com/pfsense/FreeBSD-ports/pull/402 that's been sitting there for about a month, would be ... Kill Bill
06:32 PM pfSense Packages Bug #7871 (Resolved): Add squid validation for selected CA when MITM is enabled: Obviously, this needs to be a CA we have a private key to so that it can issue certificates on the fly to prevent PEB... Kill Bill
02:21 PM Bug #7870 (Not a Bug): Traffic Shaper Wizard produces rules that causes a fatal crash. Specifically, qLink:qInternet:qACK:qP2P:qGames:qOthersHigh:qOthersLow N:U:U:U:U:U:U:U' returned exit code '1': A crash+reboot when activating the shaper is not something that happens to everyone with the shaper. Those errors are... Jim Pingle
01:16 PM Bug #7870 (Not a Bug): Traffic Shaper Wizard produces rules that causes a fatal crash. Specifically, qLink:qInternet:qACK:qP2P:qGames:qOthersHigh:qOthersLow N:U:U:U:U:U:U:U' returned exit code '1': When running the traffic shaper wizard, after the filter refreshes the system crashes and does a forced reboot. Below... Hy Diep

09/16/2017

07:52 PM Feature #2358: NAT64 support: Seems FreeBSD 11.1 now has NAT64. This is what "we" were waiting on right?
https://www.freebsd.org/releases/11.1R/... Brandon Jackson
07:05 PM Bug #7865 (Confirmed): User groups -> Assigned Privileges doesn't work: The assign privileges control should be hidden when creating a group, but it's showing too soon.
Not critical enou... Jim Pingle
09:41 AM Bug #7865 (Resolved): User groups -> Assigned Privileges doesn't work: When you try to add a new usergroup (system_groupmanager.php?act=new) then you can assign privileges on this group an... Arian olde Kalter
06:57 PM Bug #7867 (Duplicate): Dynamic DNS provider password containing special character %: This is a duplicate of #6688, it has been fixed on 2.4, not 2.3.x. Jim Pingle
01:15 PM Bug #7867: Dynamic DNS provider password containing special character %: Login to the service openDNS failed then the password contained the special character %. The "Dynamic DNS Clients" GU... Olof Söderström
01:13 PM Bug #7867 (Duplicate): Dynamic DNS provider password containing special character %: Login to the service openDNS failed then the password contained the special character %. The "Dynamic DNS Clients" GU... Olof Söderström
06:48 PM Bug #7866 (Rejected): snort version 3.2.9.5_1 shows WAN status as stopped: Jim Pingle
06:46 PM Bug #7866: snort version 3.2.9.5_1 shows WAN status as stopped: ... Kill Bill
04:25 PM Bug #7866: snort version 3.2.9.5_1 shows WAN status as stopped: Here is snippet from the system log:... Yuri Weinstein
11:53 AM Bug #7866: snort version 3.2.9.5_1 shows WAN status as stopped: Ok posted on forum
So no bugs against snort are to be logged ?
What is unclear from this issue ?
Thx Yuri Weinstein
11:32 AM Bug #7866: snort version 3.2.9.5_1 shows WAN status as stopped: Please use forums [1] for support. There's no info here to identify any bug, plus there were no changes whatsoever re... Kill Bill
10:02 AM Bug #7866 (Rejected): snort version 3.2.9.5_1 shows WAN status as stopped: After updating to snort version 3.2.9.5_1 status for WAN is always shown as stopped via Services/Snort/Interfaces
... Yuri Weinstein
06:05 PM Revision d4d86e3e: SNMP, check for several hypervisors that cause hostres module high cpu usage: also skip setting it in the bnsmp config when such platform is detected without needing the user to save settings again Pi Ba
03:45 PM Bug #7869 (Resolved): Hyper-v vm traffic shaper error: hn0: driver does not support altq: after applying traffic shaper in a clean and new installed 2.4RC on a Hyper-v vm I got this message:
There were er... Nadav Rak
01:32 PM Bug #7868 (Resolved): bsmtpd hostres feature should not be active when running on esx/proxmox/virtualbox: Even though the message on services/smtp page says:
"The hostres module is not compatible with VMware virtual machin... Pi Ba
10:03 AM Bug #7864: OpenVPN (tun/tap) is not showing: I found out that when it was maked through the wizard option, this will happen. Arian olde Kalter
09:32 AM Bug #7864 (Resolved): OpenVPN (tun/tap) is not showing: In the description of the OpenVPN Servers there was the information of it was an (tun) or (tap) tunnel.
Now it only ... Arian olde Kalter
07:26 AM Bug #7594: "vtnet: driver does not support altq" following upgrade to 2.4 (worked in pfSense 2.3): I can confirm that Traffic Shaping is broken on VTNET Interfaces.
If active the Firewall / PortForward Rules don't w... T S
07:22 AM Bug #6028: no firewall rules loaded after reboot with invalid ruleset: Another example making no rulesloaded (vtnet doesnt support altq): https://redmine.pfsense.org/issues/7594 Pi Ba
05:13 AM Bug #7863 (New): The "WebCfg - All pages" permission inclueds the "User - System: Shell account access" even though that is not a WebCofg page.: If this is intended that is fine but it just seems wrong to me. David B
04:13 AM Revision 24e87e2e: Fix the kern-debug package. The debug modules are now in /usr/lib/debug/boot/kernel.: Include /boot/modules in the kernel package.
(cherry picked from commit 1ec6f217695fd15e9d1e9b3c0b6829e4b86eda0c) Luiz Souza
04:12 AM Revision 1ec6f217: Fix the kern-debug package. The debug modules are now in /usr/lib/debug/boot/kernel.: Include /boot/modules in the kernel package. Luiz Souza
03:46 AM pfSense Packages Bug #7862: package zabbix lts: Duplicate of Bug #6129. Kill Bill

09/15/2017

08:54 PM Revision cb1ce2d4: Remove debug code.: (cherry picked from commit 48009b827409d6d6dd19a9f0d5d18f80ca62092a) Luiz Souza
08:54 PM Revision 34ca88c3: Do not remove the temporary files (debug only).: (cherry picked from commit b9253e25374bb686824a33d1c9201bdb7aeb1483) Luiz Souza
08:54 PM Revision 10417dca: Set a default when findroot is not set.: (cherry picked from commit 3eb019d5214f40e67520c919e3d42ba776d9a212) Luiz Souza
08:54 PM Revision b5b1ada8: Add some debug output.: (cherry picked from commit 5d376f2d315490861a30dd41da50165d2f7e6a2d) Luiz Souza
08:51 PM Revision 48009b82: Remove debug code.: Luiz Souza
08:16 PM Revision b0bb406d: Fixed #7728: Revised enabled/disabled diplay to match other firewall pages
(cherry picked from commit 25b82b200de7e846066bef3c6a3... Steve Beaver
08:15 PM Revision faa88940: Implements PR170013 - Revise setup wizardwording and links: (cherry picked from commit d8455e10d71ab90b7faa96bc1748fa761e7a4166) Steve Beaver
08:12 PM Revision b9253e25: Do not remove the temporary files (debug only).: Luiz Souza
08:00 PM Revision 3eb019d5: Set a default when findroot is not set.: Luiz Souza
07:39 PM Revision 5d376f2d: Add some debug output.: Luiz Souza
07:02 PM Bug #4310: Limiters + HA results in hangs on secondary: Moved, yet again :( Jose Duarte
05:57 PM Revision abe02f2b: Fix the build, add the new getopt option.: Reported by: garga
Pointy-hat to: loos
(cherry picked from commit 5e58e8bdedb48f605df96b4a7f942a2fd979d5d4) Luiz Souza
05:56 PM Revision 5e58e8bd: Fix the build, add the new getopt option.: Reported by: garga
Pointy-hat to: loos Luiz Souza
05:23 PM Revision dad3885f: Remove the previous 'no_dad' workaround now that if_stf is fixed.: Partly revert b76e0baebb70775b192507ec18f523141800ce95. Luiz Souza
04:46 PM Revision 64ff77ec: Switch FreeBSD branch to RELENG_2_4 -> RELENG_11_1: Luiz Souza
04:31 PM Revision e1605823: Pass the search path to create_core_package.sh.: This allows the use of more than one path to build the package.
(cherry picked from commit 318a7b7766d442c9c4de0f29b... Luiz Souza
04:30 PM Revision 318a7b77: Pass the search path to create_core_package.sh.: This allows the use of more than one path to build the package. Luiz Souza
03:57 PM Revision d8455e10: Implements PR170013 - Revise setup wizardwording and links: Steve Beaver
03:44 PM Bug #7790: dpinger / code using it, falsely defines a down gateway as up after dpinger gets restarted.: Yes it was definitely weird, I saw it on maybe 3/12 test systems (so ~1/4) but not every boot either. They're all OK ... Jim Pingle
03:40 PM Bug #7790: dpinger / code using it, falsely defines a down gateway as up after dpinger gets restarted.: Thats kinda what i meant with "i dont want to know", as even though now the check and usage are always only microseco... Pi Ba
03:17 PM Bug #7790: dpinger / code using it, falsely defines a down gateway as up after dpinger gets restarted.: Because during the sleep while it's in the loop, the file can disappear if something happens in the background. Jim Pingle
03:11 PM Bug #7790: dpinger / code using it, falsely defines a down gateway as up after dpinger gets restarted.: So 'file exists' check returns true, but then it doesn't exist.. Wondering how that can be ;) well i probably dont wa... Pi Ba
02:52 PM Bug #7790 (Resolved): dpinger / code using it, falsely defines a down gateway as up after dpinger gets restarted.: Seems OK, though I did have to push a fix because this resulted in PHP errors in some cases. See commit:59104a6ff6c86... Jim Pingle
03:34 PM Bug #7728 (Resolved): 1:1 NAT: Destination IP Alias not displayed as web link: Looks good now (was missing from RELENG_2_4_0 so not in 2.4-RC snaps) Jim Pingle
03:30 PM Bug #7728 (Feedback): 1:1 NAT: Destination IP Alias not displayed as web link: Applied in changeset commit:b0bb406db95414d8ceaae1f782c1172a5a97e0d1. Anonymous
02:50 PM Bug #7728 (Assigned): 1:1 NAT: Destination IP Alias not displayed as web link: I still don't see alias details when using an alias as a destination. Just the word, no special formatting/display/li... Jim Pingle
03:27 PM Bug #6860 (Assigned): Monitoring (RRD) graphs return "unknown" step value: The step value from the last comment is still missing. Jim Pingle
03:08 PM Bug #7268 (Resolved): System Info Widget "All" button does not work with "Disable the automatic dashboard auto-update check": Looks good, on SG-1000 I have the auto update check disabled and the JS all/none selector still works for me in the s... Jim Pingle
03:07 PM Bug #7805 (Resolved): dashboard System Information - inconsistent date formats: Looks good to me Jim Pingle
03:03 PM Bug #7804 (Resolved): System info widget CPU usage not updating in IE. Needs Math.trunc() polyfill.: Works in IE now Jim Pingle
03:01 PM Bug #7185 (Resolved): DHCP6c SIGTERM, SIGKILL: Jim Pingle
02:58 PM Bug #6782 (Resolved): pkg update can trigger multiple updates per second: Seems fine now to me. Jim Pingle
02:57 PM Bug #4287 (Resolved): Wrong display for ppp in Interfaces page: Closing this out. If it's still a problem for someone that can reproduce it, please comment and we can look deeper. Jim Pingle
02:47 PM Bug #7625 (Resolved): When creating IPv6 firewall rule for single host, netmask improperly displays: Looks OK all-around now. Jim Pingle
02:45 PM Bug #7501 (Resolved): Interfaces statistics widget GUI + JSON (2 issues): works Jim Pingle
02:43 PM Feature #7193 (Resolved): NTP process PGRMF: PR was merged, seems to be OK but not possible to confirm at the moment. If it is not working, someone can reply here... Jim Pingle
02:42 PM Feature #7122 (Resolved): Add filters to various dashboard widgets: All the filters I've tried work well. Looks good from here. Closing. Jim Pingle
02:42 PM Bug #7415 (Resolved): favicon is not correctly implemented: Jim Pingle
02:42 PM Todo #6885 (Resolved): Add vectorized logo in web interface: Jim Pingle
02:41 PM Todo #6853 (Resolved): Convert nanobsd installation to full install during upgrade: Directions work fine, upgrade results in a working full install using the entire disk. Jim Pingle
02:38 PM Bug #6318 (New): IPsec dashboard widget causes GUI failure: I still see this but it seems less common than it did in the past. Either have bad timing or sit on the dashboard too... Jim Pingle
02:30 PM Bug #7324 (Resolved): DHCPv6 Dynamic DNS hostname: Works, the directive is in the config now. Jim Pingle
02:29 PM Bug #7854 (Resolved): OpenVPN Remote Access Server Setup Wizard - Regex too strict: The wizard now allows the user to use any characters they want in certificate fields and escapes them properly before... Jim Pingle
02:28 PM Bug #7853 (Resolved): Signed CSRs always use SHA1, which is weak: Works now, uses whatever the user chooses and defaults to SHA256 Jim Pingle
02:28 PM Bug #7830 (Resolved): LDAP authentication fails using SSL with intermediate certificates: Works now Jim Pingle
11:06 AM pfSense Packages Bug #7862 (Duplicate): package zabbix lts: zabbix proxy package + zabbix 3.4
Connection problem:
Without the functionality in this release.
Altemon Moura Altemon
10:51 AM Feature #7861 (Resolved): Make "Descriptive name" of certificates editable: Please make it possible to edit the "Descriptive name" of System --> Certificate Manager --> Certificates. You can ed... Lars Möller
07:13 AM Bug #7860 (Rejected): Plicy base routing with "any" destination is not working: Discuss this on the forum, reddit, or mailing list first. I use rules with exactly that setup on multiple firewalls a... Jim Pingle
12:56 AM Bug #7860 (Rejected): Plicy base routing with "any" destination is not working: After update from 2.2.6 to 2.3.4, all PBR
With "any" destination go through default GW Nima Mohammadi
03:06 AM Revision b98f6074: If /boot/loader.conf is not presetn check /boot/loader.conf.local.: (cherry picked from commit 4ff3adec7a6bdd6d87cc5eeae2b1039954ee5ce2) Luiz Souza
03:06 AM Revision 4ff3adec: If /boot/loader.conf is not presetn check /boot/loader.conf.local.: Luiz Souza

09/14/2017

08:35 PM Feature #7541: ZFS Install, add hot spare option: So instead of just making changes about a target version and priority, can we get some real dialogue here? T M
08:22 PM pfSense Packages Bug #7850: Include file containing XML_RPC_encode() missing from snort: Fix was merged into the Packages respository on 9/14/2017. This bug report can be closed.
Bill Bill Meeks
01:53 PM Feature #7842: New Dynamic DNS Provider: Mythic-Beasts: Jim Thompson wrote:
> Do you have a pull request?
Nope. I can help with the cURL commands that are needed, but I'... Darryn Storm
01:36 PM Feature #7842: New Dynamic DNS Provider: Mythic-Beasts: Do you have a pull request? Jim Thompson
01:29 PM Revision 9b6a7693: Move this file_exists test inside the dpinger status check loop and also suppress PHP errors from stream_socket_client(): Both are done to avoid a race where the status file can be missing and the status check fails, resulting in an alert/... Jim Pingle
12:55 PM Revision 793dc52d: Move this file_exists test inside the dpinger status check loop and also suppress PHP errors from stream_socket_client(): Both are done to avoid a race where the status file can be missing and the status check fails, resulting in an alert/... Jim Pingle
12:53 PM Revision 59104a6f: Move this file_exists test inside the dpinger status check loop and also suppress PHP errors from stream_socket_client(): Both are done to avoid a race where the status file can be missing and the status check fails, resulting in an alert/... Jim Pingle
12:47 PM Revision 271fc45e: Fix incorrect function name/typo. Ticket #7719: (cherry picked from commit 48c4a0ea0958c0820f6caab2bf5182967114ac58) Jim Pingle
12:46 PM Revision 48c4a0ea: Fix incorrect function name/typo. Ticket #7719: Jim Pingle
09:12 AM pfSense Packages Bug #7859 (Feedback): FRR doesn't use the raw config setting: Pushed a fix, will be up shortly. Jim Pingle
08:37 AM pfSense Packages Bug #7859 (Resolved): FRR doesn't use the raw config setting: FRR package doesn't use the raw config settings because of the bug in the config generation. I guess the XML tag has ... Iasen Kostov

09/13/2017

05:06 PM pfSense Packages Bug #7820: 2.4: dnsmasq can no longer handle punycode, compile time options change?: Jim Pingle wrote:
> We are compiling everything the way it should be, there isn't anything for us to change or fix. ... Paul Tarsus
02:51 PM Bug #7858: CARP and preemption: Hello Jim,
I've retried the testing by disconnecting a network cable, and yes the preemption works.
Sorry for this ... Phil Keep
02:41 PM Bug #7858: CARP and preemption: Hello Jim,
I'm using 2 physical boxes. I'm not using VMs.
Cheers Phil. Phil Keep
02:37 PM Bug #7858 (Not a Bug): CARP and preemption: If you unplug an adapter (or mark it down in the hypervisor -- NOT at the OS level) then CARP will preempt, the prima... Jim Pingle
02:34 PM Bug #7858 (Not a Bug): CARP and preemption: There is a pending ticket related or close to the CARP preemption behavior:
https://redmine.pfsense.org/issues/4845
... Phil Keep
09:30 AM Bug #6223: IPsec + OpenBGPD fails with "PF_KEY socket: No buffer space available": FYI- FRR is now available for 2.4, 2.3.5 (snapshots), and 2.3.4 users. Internal tests show that it does not suffer fr... Jim Pingle
05:14 AM Bug #7600: Unable to save DNS Resolver settings: I just want to chime in on this problem. I'm experiencing this problem also.
Something I noticed is, that I cannot e... Nicki Messerschmidt
03:43 AM Bug #7857 (New): Interfaces Widget U/I fails to wrap IPV6 addresses when the string is too wide for the widget: Strictly a U/I issue, the widget fails to wrap when the browser window is set small enough to make the string too wid... Bryan Stenson

09/12/2017

09:44 PM pfSense Packages Bug #7850: Include file containing XML_RPC_encode() missing from snort: The fix for this problem has been submitted in a Github pull request. Once that request is approved and merged, this... Bill Meeks
05:51 PM Revision 5311adaa: Relax OpenVPN wizard cert validation to match that of the cert manager and encode values before using them. Fixes #7854: Also, CDATA escape these fields in config.xml since they will most likely contain characters which are invalid in XML... Jim Pingle
05:49 PM Revision 00d5594c: Relax OpenVPN wizard cert validation to match that of the cert manager and encode values before using them. Fixes #7854: Also, CDATA escape these fields in config.xml since they will most likely contain characters which are invalid in XML... Jim Pingle
02:55 PM Bug #7856 (Resolved): IPsec status does not show all connected mobile clients: The IPsec status page only shows one connected mobile client, no matter how many are connected. All clients are shown... Jim Pingle
01:33 PM Bug #7763: IX driver - fails to recognize media type with SFP after link drop: FreeBSD 11.1 also appears to be running 3.1.13-k driver. Intel driver:
https://downloadcenter.intel.com/download/146... Clinton Cory
01:01 PM Bug #7854: OpenVPN Remote Access Server Setup Wizard - Regex too strict: After inspecting the code, this was a bit easier than I expected it to be, so I pushed a fix. Jim Pingle
01:00 PM Bug #7854 (Feedback): OpenVPN Remote Access Server Setup Wizard - Regex too strict: Applied in changeset commit:00d5594c737d475abab8e0361bb3ff7f93b98ac8. Jim Pingle
08:03 AM Bug #7854 (Confirmed): OpenVPN Remote Access Server Setup Wizard - Regex too strict: In light of #7540 all of that validation probably does need to be revisited soonish. There are relatively few restric... Jim Pingle
03:27 AM Bug #7854: OpenVPN Remote Access Server Setup Wizard - Regex too strict: Must be something else than email, that message is for country/state/city/organization.
https://github.com/pfsense... Kill Bill
12:37 PM Bug #7272: 6rd not functioning on 2.4.0-BETA: Paal Andreas Lindsetmo wrote:
> I hope this can help you with the troubleshooting/isolation of the problem:
>
> W... Morten Freberg
08:08 AM Bug #7272: 6rd not functioning on 2.4.0-BETA: I hope this can help you with the troubleshooting/isolation of the problem:
When I use a clean system with WAN+LAN... Paal Andreas Lindsetmo
07:17 AM Bug #7790: dpinger / code using it, falsely defines a down gateway as up after dpinger gets restarted.: Works for me :). But then again, i made the patch. Would be weird if it didn't 'fix' my reported issue..
Question ... Pi Ba
06:56 AM Bug #7855 (Duplicate): Captive Portal and IPv6 doesn't work: Jim Pingle
06:52 AM Bug #7855: Captive Portal and IPv6 doesn't work: Duplicate of #1831 Kill Bill
06:50 AM Bug #7855 (Duplicate): Captive Portal and IPv6 doesn't work: My pfsense works with IPv4 + IPv6 routing normal.
However, when I activate the Captive Portal all IPv6 traffic is ... Daniel Franca

09/11/2017

09:30 PM Bug #7854 (Resolved): OpenVPN Remote Access Server Setup Wizard - Regex too strict: In the OpenVPN Remote Access Server Setup Wizard, when trying to input a valid email, "The following input errors wer... Ryan Skinner
08:44 PM Revision 17058e37: Fix #7719: When Dynamic DNS entry uses a gateway group as interface,
return_gateway_groups_array() will be called and it returns... Renato Botelho
08:40 PM Revision 46583aba: Fix #7719: When Dynamic DNS entry uses a gateway group as interface,
return_gateway_groups_array() will be called and it returns... Renato Botelho
08:02 PM Revision f9f087eb: gateway monitoring, give apinger some time to properly 'initialize' before using its results: (cherry picked from commit 29fa6f0f46ba039a67a93c00a08bcaecc3935b78) Pi Ba
08:02 PM Revision ec5a3865: gateway monitoring, give apinger some time to properly 'initialize' before using its results: (cherry picked from commit 29fa6f0f46ba039a67a93c00a08bcaecc3935b78) Pi Ba
08:02 PM Revision 78670b63: Merge pull request #3763 from PiBa-NL/20170624-apinger-initialize: Renato Botelho
08:02 PM Revision 18bc2e2a: Update translation files: Renato Botelho
08:02 PM Revision bf4e4651: Regenerate pot: Renato Botelho
07:51 PM Revision 4cf6048b: Update translation files: Renato Botelho
07:51 PM Revision b71adf8c: Regenerate pot: Renato Botelho
05:46 PM Revision 27127b4a: Add a field to pick a digest algo when signing a CSR, otherwise it ends up with SHA1. Fixes #7853: While here, add the cert serial number and sig digest type to the info block for each cert.
(cherry picked from comm... Jim Pingle
05:44 PM Revision aec3a259: Add a field to pick a digest algo when signing a CSR, otherwise it ends up with SHA1. Fixes #7853: While here, add the cert serial number and sig digest type to the info block for each cert. Jim Pingle
04:19 PM Bug #7710: IGMP Proxy: Note,,,,,IGMP Proxy is working fine on SG-2220 on same configuration. Jeremy Lewis
03:50 PM Bug #7719 (Feedback): Dynamic DNS updates not working on interface failover: Applied in changeset commit:46583aba3a382c28fb6bc4bbbcd7dbf28fe38782. Renato Botelho
03:48 PM Bug #7819: php-fpm crashing: Luiz is working on this Renato Botelho
08:14 AM Bug #7819: php-fpm crashing: I have been experiencing the same issues on one VM for a few weeks now. Another VM, and 4 appliances are all fine. ... Marc Mapplebeck
03:31 PM pfSense Packages Bug #7820: 2.4: dnsmasq can no longer handle punycode, compile time options change?: We are compiling everything the way it should be, there isn't anything for us to change or fix. If you can replicate ... Jim Pingle
03:24 PM pfSense Packages Bug #7820: 2.4: dnsmasq can no longer handle punycode, compile time options change?: So I take it 2.4 will ship with this regression? Paul Tarsus
03:03 PM Bug #7790 (Feedback): dpinger / code using it, falsely defines a down gateway as up after dpinger gets restarted.: PR has been merged, thanks Renato Botelho
02:58 PM Bug #7272 (Assigned): 6rd not functioning on 2.4.0-BETA: Renato Botelho
01:00 PM Bug #7853 (Feedback): Signed CSRs always use SHA1, which is weak: Applied in changeset commit:aec3a259271be5dae63b148a48b7778c0cd0660e. Jim Pingle
12:42 PM Bug #7853 (Resolved): Signed CSRs always use SHA1, which is weak: When signing a CSR in the 2.4 GUI there is no choice to pick a digest algorithm for signing. Thus, when a CSR is sign... Jim Pingle
12:26 PM Feature #7852 (New): Add views support to Unbound GUI: See https://forum.pfsense.org/index.php?topic=126740.msg699877#msg699877 for usage hints.
(Yes, this is the BIND-s... Kill Bill
08:57 AM pfSense Packages Bug #7851 (Not a Bug): HAProxy Frontend bug - pfSense 2.3.2-RELEASE: That value works for me, I can't reproduce this at all. I can create new entries with that or edit existing entries. ... Jim Pingle
08:50 AM pfSense Packages Bug #7851: HAProxy Frontend bug - pfSense 2.3.2-RELEASE: The value I had was/is *1000000*
Is there a limit in the number of entries I can add under the "Actions" section of ... Peter Omolo
07:22 AM pfSense Packages Bug #7851 (Feedback): HAProxy Frontend bug - pfSense 2.3.2-RELEASE: What exact value did the field have?
I can't reproduce any problem here. If I put in a number and save, it saves t... Jim Pingle
08:29 AM Bug #6340 (Resolved): fsck hangs boot in background, fails to produce any action, resulting in broken firewall: Renato Botelho
08:14 AM Bug #4689 (Resolved): Panic/Crash "sbflush_internal: cc 4294967166 || mb 0 || mbcnt 0": The FreeBSD bug report is still open, though it doesn't contain any reports of issues on 11.x. I haven't seen any rec... Jim Pingle
12:10 AM Bug #4689: Panic/Crash "sbflush_internal: cc 4294967166 || mb 0 || mbcnt 0": does anyone see this on 2.3 (and an 11.0 base)? Jim Thompson
07:53 AM pfSense Packages Bug #7850 (Confirmed): Include file containing XML_RPC_encode() missing from snort: Checking the code, I can confirm that the snort package hasn't been adjusted for XMLRPC sync on 2.4. Looking at that ... Jim Pingle

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

10/10/2017

10/09/2017

10/08/2017

10/07/2017

10/06/2017

10/05/2017

10/04/2017

10/03/2017

10/02/2017

10/01/2017

09/30/2017

09/29/2017

09/28/2017

09/27/2017

09/26/2017

09/25/2017

09/24/2017

09/23/2017

09/22/2017

09/21/2017

09/20/2017

09/19/2017

09/18/2017

09/17/2017

09/16/2017

09/15/2017

09/14/2017

09/13/2017

09/12/2017

09/11/2017