Project

General

Profile

Activity

From 09/27/2017 to 10/26/2017

10/26/2017

10:48 PM Bug #8017 (Duplicate): Changing VLAN assignments breaks parent LAGG interface
I updated to 2.4.1 tonight forgetting about the PPPoE over VLAN issue so I started changing my WAN interface and then... Samuel Kadolph
07:57 PM Bug #8016 (Closed): 1 pfsense out of several shows 2.4.0 available, not 2.4.1
1 firewall out of several shows 2.4.0 update available, not 2.4.1.
I tried changing update setting to Next Major Ver... Eduard Rozenberg
07:39 PM Revision ab67b772: Do not build ova
Renato Botelho
07:38 PM Revision 3310ee3a: Do not build ova
Renato Botelho
05:50 PM Bug #8015 (Resolved): IPsec VPN Not Reconnecting until complete reboot
We have multiple IPSec tunnels to our remote sites and Every now and then, some sites will fail to reconnect unless w... Lloyd Virola
04:43 PM Bug #7119: Changing LAGG attributes results in a panic/crash
Steve Wheeler wrote:
> If it didn't actually panic it's probably that MAC address issue. That should be fixed in 2.4... Michael OBrien
04:27 PM Revision dba5f62a: Make devel points to 2.3.5
Renato Botelho
04:24 PM pfSense Packages Bug #7961 (Feedback): JS Error on Status > Monitoring
Anonymous
04:12 PM Revision e2fdf098: Use eval to get proper variable value
Renato Botelho
04:12 PM Revision e81cf8fa: Use eval to get proper variable value
Renato Botelho
03:50 PM Revision 29c1ecb8: Added a description to mobile client to reflect description in phase1
Stephen Jones
01:18 PM Revision 2c357cf2: Make separate definitions for amd64 / i386 repos
Renato Botelho
01:05 PM Revision 7a2a31c3: Make separate definitions for amd64 / i386 repos
Renato Botelho
12:59 PM Revision c6f7774b: Use proper directory for i386
Renato Botelho
12:56 PM Revision 3b52996b: Fill default repo dinamically
Renato Botelho
12:55 PM Revision 09f8cf10: Define default repo
Renato Botelho
12:49 PM Revision 8674b2c7: Use proper directory for i386
Renato Botelho
12:47 PM Revision c7714767: Fill default repo dinamically
Renato Botelho
12:36 PM Bug #7979 (Feedback): Error setting limiter over 2GB/s
Fixed.
The limit is now ~4Gb (4294967295). Luiz Souza
11:53 AM Bug #8013: IPsec MSS clamping value shared for IPv4 and IPv6
Agree this would be good, but it really wants to be part of FreeBSD (upstream).
I've assigned it, but I don't know... Jim Thompson
11:09 AM Revision 9130827b: Define default repo
Renato Botelho
10:59 AM Revision b84d5518: Repo points to 2.3.5 which has default ABI
Renato Botelho
10:59 AM Bug #8014 (Resolved): DynDNS wildcard option doesn't work for provider Loopia
The DynDNS wildcard option doesn't work for provider Loopia.
It seems that this line never results in $this->_dnsW... Kristoffer Ekenstam
10:52 AM Revision 8b41966e: Remove grub2-bhyve
Renato Botelho
10:51 AM Revision 0489a769: Use correct repo conf to install bsdinstaller
Renato Botelho
10:40 AM Revision 46514a47: Revert "Disable ARJ option"
This reverts commit 45b843950ddc388837750db28238a81b0fa021e3. Renato Botelho
09:42 AM Revision c4865164: Fix typo in function name: insterface_is_qinq -> interface_is_qinq
Renato Botelho
08:06 AM Bug #8003: IPsec weirdness with 2.4.1

During work 32406 I found HTML was rendered fine but click on button does not expand table
<td colspan="10">
<d... Constantine Kormashev
05:14 AM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names
Luiz Souza wrote:
> Diego Henrique Pagani wrote:
> > Luiz Souza wrote:
> > > Fixed in the last 2.4.2 snapshot.
> ... Diego Henrique Pagani
04:51 AM Revision 2e240da1: Fix a typo.
(cherry picked from commit b0b70737ba38c5b7daca2ba779c5d71159e0ce05) Luiz Souza
04:51 AM Revision b0b70737: Fix a typo.
Luiz Souza
04:11 AM Bug #7989 (Feedback): Cannot update Nano from 2.3.4 to 2.3X snapshots
New versions of pfSense-upgrade force to reinstall itself when version differs from remote repo. It should be enough Renato Botelho
02:05 AM pfSense Packages Bug #7959: Dpinger - Probe Interval
Hmm... this doesn't quite make sense to me.
A probe of 28 bytes every 86 seconds seems a minuscule cost. With a lo... Denny Page
12:02 AM Bug #8012 (Feedback): Parse error: syntax error, unexpected '&&' (T_BOOLEAN_AND) in /etc/inc/util.inc on line 1565
Fixed. I'm restarting the builders, the new snapshots will be ready in a few hours. Luiz Souza

10/25/2017

11:50 PM Bug #8013 (New): IPsec MSS clamping value shared for IPv4 and IPv6
MSS clamping for IPsec can only be set globally. As a result, a value of 1452 for an IPv4 tunnel (required due to my... Kristopher Kolpin
11:04 PM Bug #8012 (Resolved): Parse error: syntax error, unexpected '&&' (T_BOOLEAN_AND) in /etc/inc/util.inc on line 1565
PLATFORM: pfSense-CE-memstick-ADI-2.4.2
VERSION: pfSense: 2.4.2-DEVELOPMENT amd64 Wed Oct 25 18:46:13 CDT 2017
CONT... Chase Turner
10:42 PM Bug #7594 (Feedback): "vtnet: driver does not support altq" following upgrade to 2.4 (worked in pfSense 2.3)
Fixed in the next snapshot. Luiz Souza
06:34 AM Bug #7594: "vtnet: driver does not support altq" following upgrade to 2.4 (worked in pfSense 2.3)
Hello -- yes, this hit me just now. A bit painful and surprising. For now I deactivated traffic shaping and it seems ... Casey Stone
08:07 PM Revision 2cf468c0: Allow the use of mbuf tags to set the VLAN pcp on output packets.
This is necessary for use with the pf 'set prio'.
Ticket #7973
(cherry picked from commit c2a14eec24fc2b41fb18453a6... Luiz Souza
08:07 PM Revision c2a14eec: Allow the use of mbuf tags to set the VLAN pcp on output packets.
This is necessary for use with the pf 'set prio'.
Ticket #7973 Luiz Souza
07:33 PM Revision 7dae2d55: Use devel repo as default
Renato Botelho
07:33 PM Revision 49e2b19a: added a string SESSION_TIMEOUT to be returned when a widget times out
Stephen Jones
07:31 PM Revision 5f6eca75: Fixed #7978 I added a section in the css that is only parsed by IE10+ and it just sets the margin for tables to 1px instead of 0 this stops it from collapsing
Stephen Jones
06:59 PM Revision b15ac924: The members of a LAGG cannot be assigned, used in VLANs, QinQ, or PPP.
This commit removes the LAGG members from the list of available interfaces.
(cherry picked from commit f2286620e48a4... Luiz Souza
06:58 PM Revision f2286620: The members of a LAGG cannot be assigned, used in VLANs, QinQ, or PPP.
This commit removes the LAGG members from the list of available interfaces. Luiz Souza
06:34 PM Revision 51e4121f: Do not allow direct download of .inc files (unparsed PHP source). Fixes #8005
(cherry picked from commit b1fccd42547201f4dbfe941bcc59c8eac3456364)
(cherry picked from commit 71c70114aa10e594253b9... Jim Pingle
06:34 PM Revision 82405c15: Do not allow direct download of .inc files (unparsed PHP source). Fixes #8005
(cherry picked from commit b1fccd42547201f4dbfe941bcc59c8eac3456364)
(cherry picked from commit 71c70114aa10e594253b9... Jim Pingle
06:34 PM Revision 71c70114: Do not allow direct download of .inc files (unparsed PHP source). Fixes #8005
(cherry picked from commit b1fccd42547201f4dbfe941bcc59c8eac3456364) Jim Pingle
06:33 PM Revision b1fccd42: Do not allow direct download of .inc files (unparsed PHP source). Fixes #8005
Jim Pingle
05:42 PM Bug #7119: Changing LAGG attributes results in a panic/crash
If it didn't actually panic it's probably that MAC address issue. That should be fixed in 2.4.2 snaps now. Please rep... Steve Wheeler
02:17 PM Bug #7119: Changing LAGG attributes results in a panic/crash
> Was this new ticket opened? When I change LAGG interface settings via the pfSense GUI or a command prompt, my pfSen... Michael OBrien
01:48 PM Bug #7119: Changing LAGG attributes results in a panic/crash
Luiz Souza wrote:
> Yes, the messages does not seem related with the original bug (crash at ifconfig laggX destroy).... Michael OBrien
05:25 PM Revision 947ed5e8: Do not return QinQ interfaces in the physical interface list.
(cherry picked from commit e48ae6f294709998cb209489cf02c604846b9539) Luiz Souza
05:25 PM Revision 25312d31: Fix the interface_is_vlan() function.
It now works when only QinQ VLANs exist in the system.
(cherry picked from commit 77eda8d57ed38cf8510d494a4294e7f0d4... Luiz Souza
05:23 PM Revision e48ae6f2: Do not return QinQ interfaces in the physical interface list.
Luiz Souza
05:20 PM Revision 77eda8d5: Fix the interface_is_vlan() function.
It now works when only QinQ VLANs exist in the system. Luiz Souza
05:13 PM Revision 4d23a168: Abort when binary is not found
Renato Botelho
05:12 PM Revision b03a71f1: Do not execute pfSense-upgrade on install media
Renato Botelho
05:00 PM Revision 37171fc6: Abort when binary is not found
Renato Botelho
05:00 PM Revision 20ede87a: Do not execute pfSense-upgrade on install media
Renato Botelho
04:45 PM Bug #8010 (Feedback): import cert: "The submitted private key does not match the submitted certificate data"
Are you absolutely certain that the certificate and key match?
That error can only happen if the public key extrac... Jim Pingle
04:00 PM Bug #8010 (Not a Bug): import cert: "The submitted private key does not match the submitted certificate data"
Hello, only with 2.4.x (I testing with 2.4.1) I have this error:
The submitted private key does not match the subm... Pol Hallen
04:14 PM Feature #8011 (Rejected): new release notify by email
We have a release announcement mailing list you can use for this, having the firewall send it would be redundant. Jim Pingle
04:12 PM Feature #8011 (Rejected): new release notify by email
available new release notify by email Pol Hallen
03:57 PM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names
Diego Henrique Pagani wrote:
> Luiz Souza wrote:
> > Fixed in the last 2.4.2 snapshot.
>
> I've been using dual-... Luiz Souza
07:55 AM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names
Luiz Souza wrote:
> Fixed in the last 2.4.2 snapshot.
I've been using dual-wan PPP connection, and one is working... Diego Henrique Pagani
04:10 AM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names
Zach Nedwich wrote:
> Luiz Souza wrote:
> > Fixed in the last 2.4.2 snapshot.
>
> I can confirm it is working he... Erik Scheffers
02:30 AM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names
Luiz Souza wrote:
> Fixed in the last 2.4.2 snapshot.
I can confirm it is working here, thanks for your effort. Zach Nedwich
01:02 AM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names
honestly that was not cool to change in a minor update. And to release this bug with 2.4.1 since that obviously alrea... tb o
03:55 PM Bug #7940: disabling LAGG causes system reboot on 2.4
Please, can you post the backtrace of this crash ? (or upload the crashdump text file)
I can't reproduce this cras... Luiz Souza
03:49 PM Bug #7928 (Resolved): LAGG interfaces lose MAC address
Luiz Souza
02:35 PM Bug #7928: LAGG interfaces lose MAC address
Steve Wheeler wrote:
> Confirmed. This appears resolved in 2.4.2.a.20171024.2153
Double-confirmed :) Michael OBrien
08:09 AM Bug #7928: LAGG interfaces lose MAC address
Confirmed. This appears resolved in 2.4.2.a.20171024.2153 Steve Wheeler
03:27 PM Bug #7942 (Feedback): QinQ interfaces never show as active
A few commits were made to address QinQ general issues.
This issue has to tested again. Luiz Souza
03:25 PM Bug #7973 (Feedback): VLAN Priority Set feature in firewall rules is not functioning
This issue is fixed.
The fix will be available in tomorrow's snapshot. Luiz Souza
02:48 PM Revision 7408e572: Fix status_queues.php for the new VLAN interface format. Fixes #8007
(cherry picked from commit 63a480cbf6b24d155421c1cd74f1b0409ae945de) Jim Pingle
02:47 PM Revision 63a480cb: Fix status_queues.php for the new VLAN interface format. Fixes #8007
Jim Pingle
02:40 PM Bug #7978 (Feedback): IE 11 - Headers of tables almost not visible when no entries made
Applied in changeset commit:5f6eca75e90ca2ee93715818b6b72571e9c2ef9b. Anonymous
01:40 PM Todo #8005 (Feedback): Block direct download of .inc files
Applied in changeset commit:b1fccd42547201f4dbfe941bcc59c8eac3456364. Jim Pingle
01:08 PM Bug #7969: md5 bgp sessions fail in 2.4.0
Definitely seems like it's deeper than the routing daemons. I tried the same config with FRR on 2.3.x and 2.4.x and o... Jim Pingle
01:08 PM Bug #7969: md5 bgp sessions fail in 2.4.0
Here is what I see on the lab setup. Both 2.3.4 and 2.4.0. Andrew Dul
11:04 AM Bug #7969: md5 bgp sessions fail in 2.4.0
Jim Pingle wrote:
> Terry Zink wrote:
> > Sure thing. Files attached (ip info scrubbed).
>
> Can you also get th... Terry Zink
10:50 AM Bug #7969: md5 bgp sessions fail in 2.4.0
Terry Zink wrote:
> Sure thing. Files attached (ip info scrubbed).
Can you also get the output of @setkey -D@ and... Jim Pingle
10:44 AM Bug #7969: md5 bgp sessions fail in 2.4.0
Sure thing. Files attached (ip info scrubbed).
 Terry Zink
10:29 AM Bug #7969: md5 bgp sessions fail in 2.4.0
Can someone, please, provide the output of 'ifconfig -v' of affected interfaces, 'kldstat' and 'netstat -sp tcp'. Luiz Souza
03:02 AM Bug #7969: md5 bgp sessions fail in 2.4.0
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219453 Jim Thompson
12:05 PM Bug #7999 (Resolved): XSS via 'hostname' parameter in diag_dns.php
works fine now Jim Pingle
11:37 AM Bug #7856 (Assigned): IPsec status does not show all connected mobile clients
On 2.4.2 snapshots, at least with an IKEv1 PSK+Xauth connection it's still only showing one connected client at a time. Jim Pingle
10:00 AM Bug #8007 (Feedback): Status -> Queues show as (loading) and don't update
Applied in changeset commit:63a480cbf6b24d155421c1cd74f1b0409ae945de. Jim Pingle
09:47 AM Bug #8007: Status -> Queues show as (loading) and don't update
The queue names are formed using the underlying interface and this apparently breaks the javascript selection of the ... Jim Pingle
03:43 AM Bug #8007 (Resolved): Status -> Queues show as (loading) and don't update
Has the changed of VLAN interface names to use the ‘dotted’ format broken the Queues page, it was fine with 2.4.0 ?
... Andy Kniveton
09:32 AM Bug #7995: pfSense Certificate Manager Issues Blank Certificates
So you used the exact same input on both systems and it worked on one and failed on the other?
Please take screens... Jim Pingle
09:12 AM Bug #7995: pfSense Certificate Manager Issues Blank Certificates
Hi Jim,
Thanks for taking a look at my issue.
I did a fresh demo install on VirtualBox with 2.4.1. Performed t... Kristopher Kolpin
08:14 AM Bug #8009 (Duplicate): Can't upgrade from 2.4.0 to 2.4.1
Hi,
I have 2 firewalls with different hardware and updating isn't possible from 2.4.0 (clean install) to 2.4.1.
... Raphaël JEUDY
07:30 AM Bug #8008 (Duplicate): PPPoE with MTU/MRU > 1492 (i.e. 1500) broken in 2.4.0
Jim Pingle
06:56 AM Bug #8008: PPPoE with MTU/MRU > 1492 (i.e. 1500) broken in 2.4.0
I believe this may actually be the problem https://redmine.pfsense.org/issues/7981 dean hamstead
06:53 AM Bug #8008: PPPoE with MTU/MRU > 1492 (i.e. 1500) broken in 2.4.0
should be v 2.4.1. dean hamstead
06:45 AM Bug #8008 (Duplicate): PPPoE with MTU/MRU > 1492 (i.e. 1500) broken in 2.4.0
I have just upgraded to 2.4 and my pppoe interface has stopped working.
My provider requires a larger frame, which... dean hamstead
06:05 AM Bug #8006 (Duplicate): 2.4.1 PPPoE client on vlan fails to initialise
Duplicate and already fixed in 2.4.2 snapshots Jim Pingle
01:34 AM Bug #8006: 2.4.1 PPPoE client on vlan fails to initialise
Duplicate of Bug #7981. Kill Bill
01:10 AM Bug #8006: 2.4.1 PPPoE client on vlan fails to initialise
to workaround problem i did
sed -i 's/igb0.640/igb0_640/' /conf/config.xml
and reboot.
 Grzegorz Krzystek
12:56 AM Bug #8006 (Duplicate): 2.4.1 PPPoE client on vlan fails to initialise
after upgrade to 2.4.1 i lost internet connectivity.
looks like after after vlan naming change something broken
eve... Grzegorz Krzystek
01:59 AM Revision f3690ad2: Do not attempt to change the MAC address when the interface do not store the vendor MAC address.
(cherry picked from commit 238ee9c6041a18edbe36254609dfb8e82ad8e402) Luiz Souza
01:58 AM Revision 238ee9c6: Do not attempt to change the MAC address when the interface do not store the vendor MAC address.
Luiz Souza
01:09 AM Revision 399f4d33: Fix a bug in interface_is_vlan(), only check QinQ interfaces when they exist.
(cherry picked from commit beabf7e7e3baeabd1dbb58c28d3fc14efd0d89f2) Luiz Souza
01:07 AM Revision beabf7e7: Fix a bug in interface_is_vlan(), only check QinQ interfaces when they exist.
Luiz Souza

10/24/2017

10:17 PM Revision edd492df: Revise timeout message
Steve Beaver
10:16 PM Revision b839aa8a: Do no set the MAC address for LAGG interfaces.
Ticket #7928
(cherry picked from commit 9875c1999bd546a6982e6d98309b6fc53db145b6) Luiz Souza
10:15 PM Revision 9875c199: Do no set the MAC address for LAGG interfaces.
Ticket #7928 Luiz Souza
10:04 PM Revision c0339bdc: Provide a mechanism to display a warning if the session times out and the dashboard is no longer updating
Steve Beaver
09:33 PM Todo #8005 (Resolved): Block direct download of .inc files
If a user tries to directly access a file ending in .inc, the browser will offer to download the file. There are no .... Jim Pingle
07:52 PM Revision 8b4c14f5: Encode uses of $widgetkey in various contexts so it isn't echoed back to the user raw. Fixes #7998
(cherry picked from commit e3907730bdcc879f968d5d917ec9ac6567518e58) Jim Pingle
07:50 PM Revision e3907730: Encode uses of $widgetkey in various contexts so it isn't echoed back to the user raw. Fixes #7998
Jim Pingle
07:20 PM Revision a716ff02: Point users to 2.3.5
Renato Botelho
07:16 PM Bug #8003 (Feedback): IPsec weirdness with 2.4.1
These appear to already be fixed on 2.4.2 and are only cosmetic. They may already be covered by See #6335 and #7856 b... Jim Pingle
05:47 PM Bug #8003: IPsec weirdness with 2.4.1
I can confirm the same issue. As someone already mentioned in the pfSense forum (https://forum.pfsense.org/index.php?... Marcel Kinzel
05:33 PM Bug #8003: IPsec weirdness with 2.4.1
Also note....On the picture...Reauth is (-) ... Other side of the tunnel shows 27933 seconds (07:45:33)
Other end of... Mike Sith
04:37 PM Bug #8003 (Resolved): IPsec weirdness with 2.4.1
Just upgraded to 2.4.1 and now my IPsec tunnels are in a funky state.
See the attached picture. 2 Tunnels are up and... Mike Sith
06:41 PM Revision 9211f96c: Copy files to proper place when it's RC
Renato Botelho
06:40 PM Revision 7811052a: Copy files to proper place when it's RC
Renato Botelho
06:39 PM Bug #8004 (New): Error notice for a deleted NAT that had a RULE or an existing NAT which is claimed to have no NAT port...
for detailed reference please see [[https://forum.pfsense.org/index.php?topic=130090.msg716756#msg716756]]
I can s... Ingo-Stefan Schilling
06:17 PM Revision c6adfaa6: Widget instance counter must be numeric. Fixes #8000
(cherry picked from commit 7b973ceb6f72e22ee1b335128fb8d7f655c82879)
(cherry picked from commit 13751e498e0c1023ffcaf... Jim Pingle
06:17 PM Revision 13751e49: Widget instance counter must be numeric. Fixes #8000
(cherry picked from commit 7b973ceb6f72e22ee1b335128fb8d7f655c82879) Jim Pingle
06:17 PM Revision 7b973ceb: Widget instance counter must be numeric. Fixes #8000
Jim Pingle
06:10 PM Revision ef8205f4: Encode hostname parameter contents in javascript for diag_dns.php. Fixes #7999
(cherry picked from commit 43746e1b4ef6fec0e9c915495aa3926a6b97e7a3) Jim Pingle
06:10 PM Revision ab1a2d26: Encode hostname parameter contents in javascript for diag_dns.php. Fixes #7999
(cherry picked from commit 43746e1b4ef6fec0e9c915495aa3926a6b97e7a3) Jim Pingle
06:10 PM Revision 2cececc4: Encode hostname parameter contents in javascript for diag_dns.php. Fixes #7999
(cherry picked from commit 43746e1b4ef6fec0e9c915495aa3926a6b97e7a3) Jim Pingle
06:09 PM Revision cd3e3a5c: Encode hostname parameter contents in javascript for diag_dns.php. Fixes #7999
(cherry picked from commit 43746e1b4ef6fec0e9c915495aa3926a6b97e7a3)
(cherry picked from commit 4aa5f989c8a802638ee9d... Jim Pingle
06:09 PM Revision 4aa5f989: Encode hostname parameter contents in javascript for diag_dns.php. Fixes #7999
(cherry picked from commit 43746e1b4ef6fec0e9c915495aa3926a6b97e7a3) Jim Pingle
06:08 PM Revision 43746e1b: Encode hostname parameter contents in javascript for diag_dns.php. Fixes #7999
Jim Pingle
05:33 PM Bug #7928 (Feedback): LAGG interfaces lose MAC address
A fix was committed to address this issue, please wait until the next 2.4.2 snapshot is ready and let me know if it d... Luiz Souza
02:58 AM Bug #7928: LAGG interfaces lose MAC address
You can also have the problem if you have vlans attached to the lagg interface:
1) create a new vlan
2) assign th... Denis Grilli
05:30 PM Bug #7981 (Feedback): PPP interfaces with a VLAN parent do not work with new VLAN names
Fixed in the last 2.4.2 snapshot. Luiz Souza
05:25 PM Revision 855f0798: Move stable users to 2.4.1 and devel to 2.4.2
Renato Botelho
05:08 PM Revision b47d7ccf: Made it so it doesn't display an error when the session expires it just
stops updating the graph. It will display in the console that it caught
and error when the session expires. Stephen Jones
04:58 PM Revision 80f14795: Move users direct to 2.4.1
Renato Botelho
03:25 PM Bug #7969: md5 bgp sessions fail in 2.4.0
Currently seeing this same issue. Updated to 2.4.0 from 2.3.x and my AWS Direct Connect sessions broke. AWS Support ... Terry Zink
03:10 PM Bug #6099: igmpproxy does not recognize upstream interface
Was this fixed in 2.4.0? I updated to it but my IGMP Proxy service is not working with the same message of: ... Samuel Kadolph
03:00 PM Bug #7998 (Feedback): XSS in widgetkey parameter of multi-instance dashboard widgets
Applied in changeset commit:e3907730bdcc879f968d5d917ec9ac6567518e58. Jim Pingle
12:52 PM Bug #7998 (Resolved): XSS in widgetkey parameter of multi-instance dashboard widgets
Widgets that populate $widgetkey from $_REQUEST are vulnerable to XSS
Test query: /widgets/widgets/interfaces.widg... Jim Pingle
02:13 PM Revision 130f3c92: Fixed #7856 fixed an issue with a slightly different array format. Also
updated the child key and id to be more robust. Stephen Jones
01:30 PM Bug #8000 (Feedback): XSS on index.php via widget sequence parameters
Applied in changeset commit:7b973ceb6f72e22ee1b335128fb8d7f655c82879. Jim Pingle
12:56 PM Bug #8000 (Resolved): XSS on index.php via widget sequence parameters
The widget 'sequence' parameter does not perform sanity checking on the widget instance counter, leading to an XSS as... Jim Pingle
01:20 PM Bug #7999 (Feedback): XSS via 'hostname' parameter in diag_dns.php
Applied in changeset commit:43746e1b4ef6fec0e9c915495aa3926a6b97e7a3. Jim Pingle
12:53 PM Bug #7999 (Resolved): XSS via 'hostname' parameter in diag_dns.php
On diag_dns.php the 'hostname' parameter is sent back to the user without encoding in a JavaScript block, leading to ... Jim Pingle
01:16 PM Bug #8002 (Not a Bug): wan not connected, no updates check
Hello,
I just installed 2.4 and testing it with only opt1 interface: opt1 is lan without internet.
pfsense try to... Pol Hallen
01:15 PM Revision 9e360962: Remove grub2-bhyve
Renato Botelho
01:06 PM Revision 8d90095a: Merge pull request #3811 from trunet/add-cloudns-to-dynamicdns
Steve Beaver
01:00 PM Bug #8001 (Closed): Invalid FQDN in alias causes alias table to fail *silently*
When you have a FQDN in an alias ans the FQDN does not resolve, the alias table creation will not happen and any othe... Stuart Wyatt
12:43 PM Revision 1e845e5b: Use correct repo conf to install bsdinstaller
Renato Botelho
12:32 PM Revision b54a3743: Interface description doesn't fit the console screen
Strip 2 more chars from interface description because with the new font used by 2.4 it goes off screen on VGA console. robi robi
12:12 PM Feature #7997: Clear screen before loading rc.initial shell menu
This is usually a client side issue. You can reset the terminal in screen with Ctrl-A,Z (Ctrl-A, then shift-Z), a 're... Jim Pingle
12:10 PM Feature #7997: Clear screen before loading rc.initial shell menu
Forgot to include the screen-shot. Imaged attached here
!!!!!! Clinton Cory
12:09 PM Feature #7997 (Rejected): Clear screen before loading rc.initial shell menu
I've encountered many instances where screen (or even putty) will output boot information on a single line that's dif... Clinton Cory
11:56 AM Revision 4fc006f2: Add 2.3 repo and set correct path for i386 default
Renato Botelho
11:54 AM Bug #7996: Unnecessary link tag in login page
I'm talking about the main login page. Andy Kniveton
11:50 AM Bug #7996 (Resolved): Unnecessary link tag in login page
Should the <a> & </a> be in the html?
It gives the impression that something will happen if you click on *Login to... Andy Kniveton
10:59 AM pfSense Packages Bug #7661: pfBlockerNG doesn't make a rule for Antarctica
pfBlockerNG is a package. Packages exist independent of versions, they have no target unless there is something versi... Jim Pingle
10:47 AM pfSense Packages Bug #7661: pfBlockerNG doesn't make a rule for Antarctica
Still a problem in 2.4
Can't a target version be set so it might get looked at?
 Stuart Wyatt
10:39 AM Revision 0c497210: Use different default repos for amd64 and i386
Renato Botelho
10:38 AM Revision 0a4de12a: Add new repos to lead users to 2.4.0 on amd64
Renato Botelho
10:37 AM Revision e0851756: Use different default repos for amd64 and i386
Renato Botelho
10:33 AM Revision 96d9a1a7: Lead users to 2.4.1
Renato Botelho
10:31 AM Revision 20e44376: Add new repos to lead users to 2.4.0 on amd64
Renato Botelho
10:20 AM Bug #7995 (Feedback): pfSense Certificate Manager Issues Blank Certificates
I can't make this happen on 2.4.0 or 2.4.1 here, I create CA and cert entries multiple times per day when testing thi... Jim Pingle
09:59 AM Bug #7995 (Closed): pfSense Certificate Manager Issues Blank Certificates
Strange issue I'm having with the certificate manager in pfSense 2.4.0 release. I can create a certificate authroity... Kristopher Kolpin
09:51 AM pfSense Packages Bug #7965: freeradius 3 with MySQL
this problem prevents the upgrade of servers to 2.4 Konstantin Ab
09:30 AM Bug #7856 (Feedback): IPsec status does not show all connected mobile clients
Applied in changeset commit:130f3c9266e0b8c626aa6e8991467bb417ff8fd2. Anonymous
09:02 AM Bug #7978: IE 11 - Headers of tables almost not visible when no entries made
Assigned to sjones (Has access to IE11) Anonymous
08:23 AM Bug #7994 (Resolved): system_certmanager.php: Unable to create a wildcard SAN
Trying to create a certificate or CSR with a wildcard in the SAN yields an error. When used as a common name, it is n... Jim Pingle
08:07 AM Feature #7823 (Feedback): Pull request: Add support for dynamic DNS provider ClouDNS
PR merged as requested. Thanks! Anonymous
08:02 AM Bug #7980 (Not a Bug): Support widget is displayed in Times New Roman
An administrator enters HTML formatted text into ProdTrack. That text is displayed exactly as entered on the widget.
... Anonymous
07:36 AM pfSense Packages Bug #7993 (Closed): zabbix 3.4 agent
Hi
The Zabbix agent 3.4.1 won't install on pfsense 2.3.4-RELEASE-p1. It returns:
pfSense-pkg-zabbix-agent34 inst... Tino Zidore
03:05 AM Revision c70811af: Fix the netgraph path for VLAN interfaces.
(cherry picked from commit 1b3d6ddd069c14c3c74b51ac37d2043857912b95) Luiz Souza
03:03 AM Revision 1b3d6ddd: Fix the netgraph path for VLAN interfaces.
Luiz Souza

10/23/2017

09:25 PM Bug #7992: SNMP service causes constant disk activity
Host Resources appears to be the culprit, and I have an empty CD drive like the related bug. Stuart Wyatt
09:14 PM Bug #7992: SNMP service causes constant disk activity
I'll do some tests to see if it's fixed with #6882 fix.
FYI, the CPU usage was low and swap was 0%. All sys info ... Stuart Wyatt
09:07 PM Bug #7992 (Duplicate): SNMP service causes constant disk activity
Most likely a duplicate of #6882 just a different symptom. Give 2.4.1 a try. Jim Pingle
08:22 PM Bug #7992 (Duplicate): SNMP service causes constant disk activity
I've only noticed this since upgrading to 2.4
With the SNMP service enabled, but not being used, the disk is const... Stuart Wyatt
08:17 PM Bug #7209: Something is seriously wrong with firewall aliases
I think I'm seeing the same problem.
I had an alias that wouldn't update. It is an alias made up of a list of oth... Stuart Wyatt
06:56 PM Revision 49f4edb7: Fix RSYNCIP for RELEASE and sign key for RC
Renato Botelho
06:56 PM Revision 383698b4: Fix RSYNCIP for RELEASE and sign key for RC
Renato Botelho
06:23 PM Revision 131f56c2: Move users to 2.3.5
Renato Botelho
06:22 PM Revision d763c618: Bump version to 2.3.6
Renato Botelho
06:22 PM Revision de337fa3: Welcome 2.3.5-RC
Renato Botelho
05:49 PM Bug #7969: md5 bgp sessions fail in 2.4.0
I was able to reproduce this on pfsense 2.3.4 vs 2.4.0 w/ fresh installs, running in virtual box w/ an Arista vEOS VM... Andrew Dul
02:51 PM pfSense Packages Bug #7987: Haproxy Widget: Missing Actions Button
Thanks Jim, your hint was right! I'm not shure how this could happen (maybe through an update ...) but the admin user... Kilian Ries
02:10 PM pfSense Packages Bug #7987: Haproxy Widget: Missing Actions Button
Please discuss the problem on the forum. You probably have unintentionally made a change to your users or groups whic... Jim Pingle
02:06 PM pfSense Packages Bug #7987: Haproxy Widget: Missing Actions Button
I'm working as admin in the pfsens gui - that account should have enough privileges, or? Kilian Ries
07:35 AM pfSense Packages Bug #7987 (Not a Bug): Haproxy Widget: Missing Actions Button
If the actions column is missing, your user does not have access to "WebCfg - Services: HAProxy package" so it does n... Jim Pingle
04:02 AM pfSense Packages Bug #7987: Haproxy Widget: Missing Actions Button
Here is my haproxy configuration:... Kilian Ries
03:06 AM pfSense Packages Bug #7987: Haproxy Widget: Missing Actions Button
There is no information to debug your issue, neither here, not on the forums. A cut off screenshot doesn't really cut... Kill Bill
02:41 AM pfSense Packages Bug #7987 (Not a Bug): Haproxy Widget: Missing Actions Button
Hi,
already opened a thread in the pfsense forum some weeks ago:
https://forum.pfsense.org/index.php?topic=1374... Kilian Ries
01:44 PM Bug #7991 (Closed): Bunch of webGUI fixes for 2.3.5
Before this goes to waste since I cannot see it fixed anywhere... Also see https://forum.pfsense.org/index.php?topic=... Kill Bill
01:38 PM Bug #7307: ZFS installer - shuts down instead of rebooting
This appears to only happen when installing ZFS to eMMC on SG boxes using the ADI image. Installing to SSD reboots no... Jim Pingle
01:13 PM Bug #6335: Status > IPsec shows both connected and disconnected with Split Connections enabled
Assigning to sjones since he's been working on other IPsec status issues Jim Pingle
01:04 PM Bug #6335: Status > IPsec shows both connected and disconnected with Split Connections enabled
This is apparently also happening with IKEv2. If it turns out to be too much trouble, bump back to 2.4.3 Jim Pingle
01:10 PM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names
It wasn't over 1000 VLANs, it was VLAN IDs >1000 (four digit VLAN ID numbers). So if someone used VLAN 1001, 1002, as... Jim Pingle
01:00 PM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names
Jim Pingle wrote:
> NIC drivers with 6 letter names, like mvneta, would break with VLANs >=1000
The ARM thing? Pe... Kill Bill
12:45 PM Bug #7981 (Confirmed): PPP interfaces with a VLAN parent do not work with new VLAN names
Jim Pingle
12:42 PM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names
The VLAN name change was done because NIC drivers with 6 letter names, like mvneta, would break with VLANs >=1000, wh... Jim Pingle
12:37 PM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names
This doesn't work and frankly this is an absolutely horrible change to dump on people in between maintenance versions... Kill Bill
08:39 AM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names
Having the exact same issue, my ISP provides internet over PPPoE on VLAN 6, worked perfectly until I upgraded to 2.4.... Erik Scheffers
03:48 AM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names
Renato Botelho wrote:
> Can you please try again when a new snapshot is available? mpd-5.8_3 contains a fix for that... Zach Nedwich
12:36 PM Bug #7714 (Resolved): NTP Widget Time Display
This has already been fixed on 2.4.1 Jim Pingle
12:36 PM pfSense Packages Bug #6748 (Resolved): rrd_fetch_json.php returns html when user is unauthorized (causes "Error: SyntaxError: Unexpected token <")
This has already been fixed on 2.4.1 Jim Pingle
12:24 PM Bug #7856: IPsec status does not show all connected mobile clients
Looks like there are a couple systems here I have which don't want to print child SAs with this code in place again. ... Jim Pingle
11:33 AM Feature #946: Allow aliases to be used to define IPsec phase 2 networks
Has been over 7 year now, it will be good to have that option?
Is there an update on this? Auric Sosa
08:54 AM Bug #7928: LAGG interfaces lose MAC address
Have the same issue in my configuration. Denis Grilli
08:24 AM Bug #7989 (Confirmed): Cannot update Nano from 2.3.4 to 2.3X snapshots
The difference appears to be in which version of pfSense-repo and pfSense-upgrade are on the box. Depending on the st... Jim Pingle
07:07 AM Bug #7989: Cannot update Nano from 2.3.4 to 2.3X snapshots
You have some weird system. It definitely is a choice here, and for others.
https://forum.pfsense.org/index.php?to... Kill Bill
07:06 AM Bug #7989: Cannot update Nano from 2.3.4 to 2.3X snapshots
Security/Errata is not a choice there. I have Stable, Development or Next Major Version.
Next major version obvio... Steve Wheeler
06:51 AM Bug #7989: Cannot update Nano from 2.3.4 to 2.3X snapshots
You need to select the Security/Errata only branch in update settings. Kill Bill
06:35 AM Bug #7989 (Resolved): Cannot update Nano from 2.3.4 to 2.3X snapshots
Testing using 2.3.4_1 Nano 64bit CE and trying to update to a 2.3.5 snapshot.
I can see the snapshot reported as a... Steve Wheeler
07:24 AM Bug #7990 (Resolved): SyntaxError: JSON.parse: unexpected character at line 1 column 1 of the JSON data
Yes, this should already be fixed by commit:63f686bde3e95eed8d2223d00e5f6403a5ef2d4c Jim Pingle
07:07 AM Bug #7990: SyntaxError: JSON.parse: unexpected character at line 1 column 1 of the JSON data
This was corrected in a recent update. The is in current snapshots and will and will appear in 2.4.1 in the near fut... Anonymous
06:47 AM Bug #7990 (Resolved): SyntaxError: JSON.parse: unexpected character at line 1 column 1 of the JSON data
I have some traffic graphs on my dashboard and they timeout after some time with the error below:
SyntaxError: JSO... Jasjit Chopra
07:18 AM Feature #4769: IPv6 support in the Traffic Shaper Wizard
Is this still accurate? This floating "match" rules are all set for IPv4. Corey Boyle
07:08 AM Bug #7898: PFsense 2.4 RC 9/28/17 update - Traffic Shaper HFSC Priority field missing
Okay i tried using CBQ and an alternative to nested Queues and the Queues do not properly calculate bandwidth see bug... Pushapraj Bhamra
05:34 AM Feature #7988 (New): Compact Theme based on Compact-RED with the default theme colors.
Proposal of new theme compact. Tomas Waldow
03:35 AM Bug #7970: Used Maximum Ram and freeze in new Version
Hello everyone, my problem may have been resolved.
I had a snapshot before installing the vmware tools package. Afte... gamaz uf
02:50 AM Bug #7973: VLAN Priority Set feature in firewall rules is not functioning
Jim Pingle wrote:
> The "VLAN Prio Set" option on firewall rules is supposed to alter the VLAN priority flag in 802.... Kev Willers

10/22/2017

10:21 PM Revision 488c6e22: Welcome 2.4.1-RELEASE
Renato Botelho
08:08 PM Feature #7985: Could support Realtek usb wifi on pfsense feature?
Thank for your reply.
I hope it will add in the feature. akong wu
11:31 AM Feature #7985 (Needs Patch): Could support Realtek usb wifi on pfsense feature?
If the driver makes it into FreeBSD, we can include the module, but it has to be accepted in FreeBSD first. I don't s... Jim Pingle
06:52 AM Feature #7985 (Needs Patch): Could support Realtek usb wifi on pfsense feature?
I use DLINK DWA171A1 wifi usb card.It's use RTL8821AU chipset.But pfsense can't load this driver.
I use usbconfig.I ... akong wu
07:31 PM Bug #7986 (New): WLAN card no longer properly initialized under 2.4.0
I have installed pfSense on an APU2C4 (bios 4.0.7) with a 32 GiB mSATA and a Compex WLE200NX (Atheros AR9280).
I d... Peter Voigt
05:19 PM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names
S Renato Botelho
11:40 AM Bug #1613 (Resolved): OpenVPN LDAP authentication should not modify mail attribute as login.
Jim Pingle
03:28 AM Bug #1613: OpenVPN LDAP authentication should not modify mail attribute as login.
This has been configurable for ~4 years; fixed.
https://github.com/pfsense/pfsense/commit/a5cd1c5a4286062b84caf32d... Kill Bill
11:39 AM Bug #2382 (Resolved): RADIUS attribute Service-Type should not be sent with accounting packets
Jim Pingle
03:46 AM Bug #2382: RADIUS attribute Service-Type should not be sent with accounting packets
Been removed ages ago, like... 2.1.x
 Kill Bill
11:39 AM Bug #3472 (Resolved): "Diagnostics -> Table -> [large table]" won't show table contents
Jim Pingle
04:25 AM Bug #3472: "Diagnostics -> Table -> [large table]" won't show table contents
Looks just fine here with ~435K table and 2.4.x
!https://image.prntscr.com/image/d98Fp3uJSvyUYPemD1doIA.png!
(O... Kill Bill
11:38 AM pfSense Packages Bug #6129 (Resolved): zabbix agent/proxy 2.4 not ported to pfSense 2.3
Jim Pingle
04:59 AM pfSense Packages Bug #6129: zabbix agent/proxy 2.4 not ported to pfSense 2.3
Fixed with https://github.com/pfsense/FreeBSD-ports/pull/434
 Kill Bill
11:37 AM Bug #7946: 2.4 Package Manager: Does Not List Installed Packages which have been removed from the repository.
I closed that one out instead, since this one is already setup for the right target. Jim Pingle
05:02 AM Bug #7946: 2.4 Package Manager: Does Not List Installed Packages which have been removed from the repository.
Apparently this has already been reported in Bug #6241 Kill Bill
11:34 AM Bug #6241 (Duplicate): Not all installed packages are shown in PFSense 2.3
Replaced by #7946 Jim Pingle
11:24 AM Feature #6897 (Duplicate): Use a dedicated favicon for the webConfigurator (one that differs from *.pfsense.org)
Duplicate of #7415 Jim Pingle
10:58 AM Feature #6897: Use a dedicated favicon for the webConfigurator (one that differs from *.pfsense.org)
Already done.
https://redmine.pfsense.org/issues/7415
https://github.com/pfsense/pfsense/commit/e7d63f568c8e3982e... Kill Bill
11:23 AM Feature #6851 (Resolved): System Information Widget
Jim Pingle
11:05 AM Feature #6851: System Information Widget
Platform has been gone for over a year in 2.4
https://github.com/pfsense/pfsense/commit/3f4a0df92c1fbb72028e5aa1a6... Kill Bill
10:46 AM Feature #7688: AutoConfigBackup - Info Icon - username only
I put this to https://github.com/pfsense/FreeBSD-ports/pull/441 (the infoblock seemed like a serious overkill for the... Kill Bill
08:00 AM pfSense Packages Bug #6252: Can't access darkstat if webgui is on HTTPS.
This issue could be be worked around once Bug #6650 is fixed. See https://github.com/pfsense/pfsense/pull/3856 for te... Kill Bill
07:30 AM Bug #6650: Option needed to disable HSTS
Got fed up with this... People who are interested in having HSTS optional kindly test this: https://github.com/pfsens... Kill Bill
05:04 AM pfSense Packages Todo #7411: LADVD Devices not wide enough
Sorry about the original post.
I've attached a few screenshots, 1 from pfSense and the other from Wireshark.
Od... Andy Kniveton
12:20 AM Bug #7984: restarting syslogd service makes sshlockout_pf process orphans
https://github.com/pfsense/pfsense/pull/3855 Kill Bill

10/21/2017

06:11 PM Bug #7984: restarting syslogd service makes sshlockout_pf process orphans
b.t.w. Using 2.4.1-RC (amd64)
built on Fri Oct 20 05:49:00 CDT 2017
FreeBSD 11.1-RELEASE-p2 Pi Ba
06:10 PM Bug #7984 (Resolved): restarting syslogd service makes sshlockout_pf process orphans
restarting syslogd service makes sshlockout_pf process orphans
When syslogd logs something from auth.info;authpriv... Pi Ba
04:27 PM Revision 600d230b: Fix #7981: Convert PPP ports interface names to new VLAN notation using dots
Renato Botelho
04:27 PM Revision 5b460fef: Fix #7981: Convert PPP ports interface names to new VLAN notation using dots
Renato Botelho
01:54 PM Bug #7979: Error setting limiter over 2GB/s
If you print before the bandwidth too large message you get this.... Mat Richmond
01:47 PM Bug #7979: Error setting limiter over 2GB/s
... Mat Richmond
01:30 PM Bug #7979: Error setting limiter over 2GB/s
... Mat Richmond
11:51 AM pfSense Packages Bug #7836 (Resolved): FreeRADIUS - certain chars in clients shared secret result in broken configuration
Jim Pingle
11:18 AM pfSense Packages Bug #7836: FreeRADIUS - certain chars in clients shared secret result in broken configuration
Merged. Kill Bill
11:51 AM pfSense Packages Bug #6563 (Resolved): Squid still accepts sha1 certificates
Jim Pingle
11:03 AM pfSense Packages Bug #6563: Squid still accepts sha1 certificates
Merged and fixed. Kill Bill
11:41 AM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names
Can you please try again when a new snapshot is available? mpd-5.8_3 contains a fix for that Renato Botelho
11:40 AM Bug #7981 (Feedback): PPP interfaces with a VLAN parent do not work with new VLAN names
Applied in changeset commit:5b460fef11eb736e99d0df21ff3b53e303745d06. Renato Botelho
11:38 AM pfSense Packages Bug #7670 (Not a Bug): Bind : Serial for slave zone is missing in IHM
Jim Pingle
11:35 AM pfSense Packages Bug #7670: Bind : Serial for slave zone is missing in IHM
yes, you are right. you can close it. Nicolas Marot
11:23 AM pfSense Packages Bug #7670: Bind : Serial for slave zone is missing in IHM
As noted above, this is by design. Kill Bill
11:32 AM Bug #7969: md5 bgp sessions fail in 2.4.0
Do you have "BSD Crypto Device" selected under System > Advanced, Misc tab, for Cryptographic Hardware? If not, selec... Jim Pingle
11:13 AM pfSense Packages Todo #7411: LADVD Devices not wide enough
Cannot see anything truncated here with current package in 2.4.x, plus the unformatted mess posted in the bug descrip... Kill Bill
08:43 AM pfSense Packages Bug #7983 (Rejected): DHCP on startup
Please keep support questions on the forum, mailing list, or reddit. Jim Pingle
02:27 AM pfSense Packages Bug #7983 (Rejected): DHCP on startup
Hello
I have a APU2C2 Router / Firewall. 3 x Gigabit LAN, Quad Core CPU, 16 GB SSD, 2 GB RAM from Teklager in swe... Lennart Eriksson

10/20/2017

09:46 PM Bug #7619 (Closed): Enable Enhanced networking on AWS
fixed in 2.4 Jim Thompson
09:26 PM Bug #7982 (Duplicate): PPP over VLAN fails
Duplicate of #7981 Jim Thompson
07:36 PM Bug #7982 (Duplicate): PPP over VLAN fails
Upgraded to development snapshot 2.4.2.a.20171020.0950 and PPPoE over a VLAN is failing... Zach Nedwich
09:25 PM Bug #7980: Support widget is displayed in Times New Roman
please have the correct parties educate themselves about fonts. Jim Thompson
12:26 PM Bug #7980 (Not a Bug): Support widget is displayed in Times New Roman
The support widget doesn't use the same font as the rest of WebGUI does. I've notice it happen on Windows boxes mostl... Ivor Kreso
08:25 PM Feature #7882: Seperator feature in DHCP Static mapping for this feature
Assigned to Beaver, so he can do the work (-should be trivial-) or re-assign to Pingle or Jones. Jim Thompson
08:24 PM Feature #6620: CoDel, FQ-CoDel, PIE and FQ-PIE AQMs

Code is in 11.1 / 2.4.
https://svnweb.freebsd.org/base?view=revision&revision=300779
GUI needs adaptation.
... Jim Thompson
08:13 PM Bug #7979: Error setting limiter over 2GB/s
That FreeBSD-net posting is 3 years old.
Current code looks better (function: read_bandwidth())
https://svnweb.fr... Jim Thompson
09:16 AM Bug #7979: Error setting limiter over 2GB/s
signed 32bit int max** Mat Richmond
09:15 AM Bug #7979 (Resolved): Error setting limiter over 2GB/s
Setting a bandwidth limiter over unsigned 32bit int max bps seems to fail.
Found initially when I tried to create ... Mat Richmond
07:32 PM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names
I am having the same issue when trying to dial PPPoE through a VLAN with the new dotted naming convention:... Zach Nedwich
02:03 PM Bug #7981 (Confirmed): PPP interfaces with a VLAN parent do not work with new VLAN names
Confirmed Jim Pingle
01:36 PM Bug #7981 (Resolved): PPP interfaces with a VLAN parent do not work with new VLAN names
Hello,
I Upgraded from 2.4.0 to 2.4.1-RC yesterday, and after the upgrade, the PPPOE interface didn't picked my ... Alexandre Paradis
03:35 PM Revision 56abeeba: fixed merge issue
Stephen Jones
03:33 PM Revision f23c1157: fixed indentation and timezone for NTP widget
(cherry picked from commit 80cd3d66821534331f9c922cb2307db8d15c24d3) Stephen Jones
03:29 PM Revision 80cd3d66: fixed indentation
Stephen Jones
03:26 PM Revision 1e9337f8: fixed indentation:
Stephen Jones
03:23 PM Revision 6a4b065d: fixed weird merge issue
Stephen Jones
03:15 PM Revision cc0e8de2: Fixed #7714 Edited it to show correct timezone
(cherry picked from commit fe814d92aae5c53305d484480fa403299a39541a) Stephen Jones
03:12 PM Revision fe814d92: Fixed #7714 Edited it to show correct timezone
Stephen Jones
03:04 PM Revision 75caecc9: Update translation files
Renato Botelho
03:04 PM Revision 2c7338ce: Regenerate pot
Renato Botelho
01:03 PM Revision d1f9423c: Update translation files
Renato Botelho
12:59 PM Revision 2524a214: Regenerate pot
Renato Botelho
11:52 AM Bug #7733: User Manager deletes non-selected users
I can't reproduce this as stated, the second delete attempt actually does nothing, rather than deleting anything as t... Jim Pingle
11:49 AM Bug #7789 (Resolved): GIF interface page does not validate IPv6 addresses
Jim Pingle
10:47 AM Revision bba21d87: Fix #7976: Do not add button value to gettext
Renato Botelho
10:47 AM Revision 56de4353: Fix #7976: Do not add button value to gettext
Renato Botelho
10:47 AM Revision 9006d84f: Fix #7976: Do not add button value to gettext
Renato Botelho
09:59 AM Bug #6860 (Resolved): Monitoring (RRD) graphs return "unknown" step value
Jim Pingle
09:58 AM Bug #6860 (Closed): Monitoring (RRD) graphs return "unknown" step value
I can't seem to break it now, but I couldn't reproduce the problem before, either, so it's a tough call on this one. ... Jim Pingle
09:47 AM Bug #7976 (Resolved): Config History not working when using (dutch) translation
Works with English and Dutch now Jim Pingle
06:00 AM Bug #7976 (Feedback): Config History not working when using (dutch) translation
Applied in changeset commit:9006d84f215c8ea54ecc4bda3296e12aa199824e. Renato Botelho
05:18 AM Bug #7976 (Resolved): Config History not working when using (dutch) translation
When using a localised version of the pfSense GUI (Dutch in my case), the diff function between different config vers... Hijmen Schilperoort
09:42 AM Bug #7949 (Resolved): DHCP UEFI file name under pools are ignored
This looks good Jim Pingle
09:26 AM pfSense Packages Feature #7824: [acme / Let's Encrypt] Bump to the latest acme.sh package
Thanks. The request is submitted in github (https://github.com/pfsense/FreeBSD-ports/pull/436) S. Debreuil
09:06 AM pfSense Packages Feature #7824: [acme / Let's Encrypt] Bump to the latest acme.sh package
Once the 2.4.x release process winds down I plan on making a pass through the ACME package and adding more providers,... Jim Pingle
09:02 AM Bug #7942 (Confirmed): QinQ interfaces never show as active
Apparently this still has some issues:
> Azamat: Created QinQ interface: OPT2 Interface (opt2, igb1_201_666) on SG... Jim Pingle
07:55 AM Bug #7978 (Resolved): IE 11 - Headers of tables almost not visible when no entries made
I noticed several times in the pfSense GUI that on pages where there no entries yet, the headers of the tables are no... Hijmen Schilperoort
07:41 AM Bug #7977 (New): English text shown in stead of translated text (Routing - Gateway groups - edit)
In the gateway groups edit page (https://192.168.1.1/system_gateway_groups_edit.php)the text explaining the Link Prio... Hijmen Schilperoort
05:21 AM Bug #6396: 504 gateway time out nginx
And SSH console freezes after admin login. Firewall works, people can access Internet, but reboot is needed to recove... Lepiment ASBL
05:06 AM Bug #6396: 504 gateway time out nginx
502 Bad Gateway happened again. Lepiment ASBL

10/19/2017

11:02 PM Revision 687be4d1: Point users to 2.4.1
Renato Botelho
08:09 PM Bug #7975: ESXi 6.5 UEFI boot stops at framebuffer info
I tested booting other current freebsd and pfsense ISOs.
Both pfsense 2.4.0 and freebsd 11.1 iso did not stop at the... Rich Murphey
07:54 PM Bug #7975 (Resolved): ESXi 6.5 UEFI boot stops at framebuffer info
Booting the pfSense-CE-2.4.1-RC-amd64-20171019-0852.iso on ESXi 6.5 using EFI bios, the boot stops after showing the ... Rich Murphey
07:49 PM Bug #7748 (Resolved): VLAN Priority
Jim Pingle
08:58 AM Bug #7748: VLAN Priority
2.4.1.a.20171019.0413 seems to have resolved the issue on my end. Thanks everyone. Corey Doss
08:09 AM Bug #7748: VLAN Priority
Corey Doss wrote:
> No luck for me (Google Fiber) on snapshot 2.4.1.a.20171018.1713. Maybe the next available buil... Jim Pingle
07:28 PM Feature #7968 (Resolved): Display NDI on shell menu
Jim Pingle
04:20 AM Feature #7968 (Feedback): Display NDI on shell menu
Applied in changeset commit:93a3b29649ca500aa17450213d69974e723e6091. Renato Botelho
04:03 PM pfSense Packages Feature #7824: [acme / Let's Encrypt] Bump to the latest acme.sh package
I just migrated to pfSense 2.4.0 and the latest acme package 0.1.20. That version bumped to a newer acme.sh version, ... S. Debreuil
03:19 PM Bug #7966: Live traffic graphs appear to have sampling errors
Chris Linstruth wrote:
> The Status > Traffic Graphs function and the Traffic Graph widget appear to have a regressi... Mike Dziedziela
03:07 PM Bug #6318: IPsec dashboard widget causes GUI failure
There have been some IPsec widget fixes here which may be relevant, since it is so difficult to reproduce, it is diff... Jim Pingle
03:04 PM pfSense Packages Bug #7923 (Resolved): 502 Bad Gateway and unresponsive OS with 2.4
A new version of pfBlockerNG has been released containing a fix for this problem. Jim Pingle
03:03 PM Bug #6406: Web process becomes unresponsive producing 502 Bad Gateway nginx
There have been some fixes here in the IPsec widget and pfBlocker which may help - moving this forward in case there ... Jim Pingle
01:00 PM Feature #7974 (New): ZFS RAID Monitor Not available
pfsense currently has a widget that allow you to see the status of a GEOM Mirror after setting up a GEOM RAID. It wo... Kayvil Rhodes
11:50 AM Bug #7918: Nightly error reloading rules
Still present on 2.4.0.
edit: and 2.4.1
edit: and 2.4.2 Michael Lustfield
10:23 AM Revision f6d840a1: Bump version to 2.4.2-DEVELOPMENT
Renato Botelho
10:21 AM Revision 4ab48744: Welcome 2.4.1-RC
Renato Botelho
09:08 AM Revision 4df6df83: Fix #7968
Show Network Device ID in console banner Renato Botelho
09:08 AM Revision bc0c0b46: Do not show Serial when it's empty
Renato Botelho
09:07 AM Revision b767654e: Stop using hostuuid as serial
Renato Botelho
09:07 AM Revision 93a3b296: Fix #7968
Show Network Device ID in console banner Renato Botelho
09:07 AM Revision df89ed3a: Do not show Serial when it's empty
Renato Botelho
08:43 AM Revision 4368d367: Stop using hostuuid as serial
Renato Botelho
08:11 AM Bug #7927 (Closed): (filterdns), uid 0: exited on signal 11 (core dumped)
Jim Pingle
07:54 AM Bug #7973 (Resolved): VLAN Priority Set feature in firewall rules is not functioning
The "VLAN Prio Set" option on firewall rules is supposed to alter the VLAN priority flag in 802.1q packets as they le... Jim Pingle
05:08 AM Bug #7970 (Duplicate): Used Maximum Ram and freeze in new Version
If you upgrade to 2.4.1 snapshot and keep seeing bsnmpd consuming high CPU please add a comment in #6882 so it can be... Renato Botelho
02:36 AM Bug #7970: Used Maximum Ram and freeze in new Version
Hey OP, I was reading into this further and found Bug #6882 https://redmine.pfsense.org/issues/6882 you might find in... Kim Mount
02:25 AM Bug #7970: Used Maximum Ram and freeze in new Version
Sorry for the update spam, before I rebooted it this time I sent an NMI from ESXi and it generated a textdump in /var... Kim Mount
02:19 AM Bug #7970: Used Maximum Ram and freeze in new Version
Hello,
I came to this tracker to look for similar reports to what I am experiencing and this is very similar.
I... Kim Mount
02:07 AM Bug #7970 (Duplicate): Used Maximum Ram and freeze in new Version
hi
i am upgrade my PFsense to newer Version . After do it pfsense used all memory (4GB). i am increase to 8GB but to... gamaz uf
05:04 AM Bug #7972 (Resolved): Captive portals do not synchronize voucher data in both directions
Hi,
I have a master and slave Captive portals. They synchronized well the data in both directions and immediately ... Dejan Milojevic
04:56 AM Feature #7971 (New): Allow import, export and synchronization of MACs under Captive Portal service
Hi,
Would it be possible to implement possibility to allow import/export (e.g. in CSV format) of allowed/disallowe... Dejan Milojevic
03:19 AM Bug #7426: UDP packet drops
*An important note*
The issue can be found on:
* sg1k for ordinary data transmission
* 3100 for VPN data transmi... Constantine Kormashev
02:45 AM Bug #7532: SG-1000 autonegotiation 10baseT speed and duplex
During investigation 27001 found some important things:
# Looks like the issue affects 100BaseTX
# Changing from au... Constantine Kormashev
01:30 AM Bug #7925: VT race condition panic at boot on ESXi 6.5.0U1 and FreeBSD 11.1 base
Jim Pingle wrote:
> For reference, at least one person appears to have encountered it on ESX 5.5 as well, though the... Nicolas Liaudat

10/18/2017

10:09 PM Bug #7969 (Resolved): md5 bgp sessions fail in 2.4.0
Upgraded to 2.4.0 from 2.3.4 and my bgp sessions which were secured via TCP md5 configurations in openbgpd & the new ... Andrew Dul
08:50 PM Bug #7748: VLAN Priority
Luiz Souza wrote:
> Found the regression. Please test the next snapshot.
No luck for me (Google Fiber) on snapsh... Corey Doss
07:34 PM Bug #7748 (Feedback): VLAN Priority
Found the regression. Please test the next snapshot. Luiz Souza
07:06 PM Bug #7927: (filterdns), uid 0: exited on signal 11 (core dumped)
As of 2.4.1.a.20171018.1438, I am not seeing further reports of a core dump by filterdns. Chase Turner
05:02 PM Revision 2b38f54d: Recognize the first level tag of QinQ interfaces as standard VLANs.
Luiz Souza
04:37 PM Bug #7604: Bug #6594 is not resolved: Waiting for Internet connection to update pkg metadata and finish package reinstallation
So I just tried again... this must be the most braindead thing ever.... Kill Bill
03:29 PM Feature #7968 (Resolved): Display NDI on shell menu
The NDI is displayed in the webGUI but not the shell menu. This forces customers to access the webGUI before they can... Clinton Cory
03:22 PM Revision 7857b28e: Disable zabbix 3.4 on pfSense 2.3.4
Renato Botelho
03:18 PM Revision 8ed52700: Enable build of new Zabbix versions (2.2, 3.2 and 3.4)
Renato Botelho
03:18 PM Revision 2f66e4e6: Enable build of new Zabbix versions (2.2, 3.2 and 3.4)
Renato Botelho
02:18 PM Bug #7967 (Not a Bug): LDAP User Naming Attribuite override isn't used in pfSense 2.4
The LDAP user naming attribute is read from the configuration and CN is not hardcoded, so it can only be from somethi... Jim Pingle
02:14 PM Bug #7967: LDAP User Naming Attribuite override isn't used in pfSense 2.4
I have been unable to duplicate this. A configured LDAP server here uses uid and the query is properly-filtered with ... Chris Linstruth
01:33 PM Bug #7967 (Not a Bug): LDAP User Naming Attribuite override isn't used in pfSense 2.4
Version 2.4 Authentication Servers page, User Naming Attribute is set to something other than CN. In my case the LDA... Anonymous
02:09 PM Bug #7925 (Resolved): VT race condition panic at boot on ESXi 6.5.0U1 and FreeBSD 11.1 base
I ran some more tests:
kern.vty=sc ADDED to /boot/loader.conf.local: 72 reboots (6 VMs, 12 reboots each), no crash... Jim Pingle
11:50 AM Bug #7925: VT race condition panic at boot on ESXi 6.5.0U1 and FreeBSD 11.1 base
To rule that out we should setup the kern.vty=sc workaround and continue testing for a bit to see if it still crashes... Jim Pingle
11:36 AM Bug #7925: VT race condition panic at boot on ESXi 6.5.0U1 and FreeBSD 11.1 base
Ok, I see now the two different crashes on the OP post.
While I take back part of what I said before, It still doe... Luiz Souza
11:32 AM Bug #7925: VT race condition panic at boot on ESXi 6.5.0U1 and FreeBSD 11.1 base
The recent crashes seems unrelated to the original crash in VT.
They actually seem to happen quite late in the ker... Luiz Souza
09:23 AM Bug #7925 (Assigned): VT race condition panic at boot on ESXi 6.5.0U1 and FreeBSD 11.1 base
Ditto, I see a similar crash. I had to reboot 5 VMs a few times before one of them failed.
!Selection_709.png! Jim Pingle
03:38 AM Bug #7925: VT race condition panic at boot on ESXi 6.5.0U1 and FreeBSD 11.1 base
Tried on 2 different esxi hosts latest 2.4.1 ova rebooted 20 times each VM. Once got error for 2nd VM.
!vm_bug.png... Constantine Kormashev
01:44 PM Revision c3a6a00f: Add missing space
Renato Botelho
01:12 PM Revision 2a781563: Fix #7953: Make sure a proper empty array is returned instead of NULL
Renato Botelho
01:11 PM Revision 58572d45: Revert "Fix #7953: Make sure NULL values are not passed to XMLRPC functions"
This reverts commit 73ee3d78d505c10e8c70606bf008732833c00859. Renato Botelho
12:24 PM pfSense Packages Feature #7657: OpenBGPD local-as feature in neighbors context
+1 for updating the openbgpd package so that it can support local-as.
Current package version will give me a syn... Andrew Dul
12:04 PM pfSense Packages Bug #7954: Package upgrade/reinstall gets stuck on deinstall if the package-provided service is not running
Sure, that should work fine Jim Pingle
12:01 PM pfSense Packages Bug #7954: Package upgrade/reinstall gets stuck on deinstall if the package-provided service is not running
Jim Pingle wrote:
> Looks like one viable method might be to echo with @&@, capture the pid of that process, sleep f... Kill Bill
11:39 AM pfSense Packages Bug #7954: Package upgrade/reinstall gets stuck on deinstall if the package-provided service is not running
Well yes I think there's something broken about c-icap in general, the named pipe (fifo) should vanish once the servi... Kill Bill
11:30 AM pfSense Packages Bug #7954: Package upgrade/reinstall gets stuck on deinstall if the package-provided service is not running
Looks like one viable method might be to echo with @&@, capture the pid of that process, sleep for a moment, and then... Jim Pingle
11:20 AM pfSense Packages Bug #7954 (Confirmed): Package upgrade/reinstall gets stuck on deinstall if the package-provided service is not running
OK, that does make a difference. If there are stale PID files it seems to get stuck because "/bin/sh /usr/local/etc/r... Jim Pingle
10:15 AM pfSense Packages Bug #7954: Package upgrade/reinstall gets stuck on deinstall if the package-provided service is not running
Jim Pingle wrote:
> I setup squid and enabled clamav, so I have squid, clamav, and c-icap services running. I manual... Kill Bill
09:37 AM pfSense Packages Bug #7954 (Feedback): Package upgrade/reinstall gets stuck on deinstall if the package-provided service is not running
I can't seem to replicate this as-is but there could be something I haven't quite triggered yet.
I setup squid and... Jim Pingle
10:00 AM Bug #7953 (Resolved): XMLRPC produces an error when attempting to sync an empty section
Works now, the last item delete gets synchronized as expected. Jim Pingle
08:20 AM Bug #7953 (Feedback): XMLRPC produces an error when attempting to sync an empty section
Applied in changeset commit:2a781563c6acf925a45e74d6c2f72d0e9b4173f9. Renato Botelho
09:42 AM Bug #7868 (Resolved): bsmtpd hostres feature should not be active when running on esx/proxmox/virtualbox
After the fix for #6882 this is no longer necessary. Jim Pingle
09:40 AM Bug #7960 (Resolved): Wirelss WAN can get caught in a configure loop
This looks good now. After upgrading to the latest snap, I can have a wireless WAN assigned and working, and also edi... Jim Pingle
09:10 AM Bug #6882 (Resolved): bsnmpd uses all available CPU with hostres module active in some cases
After importing the FreeBSD patch, this appears to be OK. CPU usage is back to normal, no sign of a memory leak, and ... Jim Pingle
07:53 AM Bug #7964: Restart openvpn on gateway switching
perhaps this would help: --remap-usr1 SIGHUP
I don't know how you handle openvpn exactly. Have you send SIGUSR1? At ... Grischa Zengel
07:09 AM pfSense Packages Bug #7963 (Not a Bug): Unable to upgrade pfSense v2.3.4-RELEASE to v2.3.4-RELEASE-p1 via web admin site. Clicking 'y' on console continues upgrade successfully.
Jim Pingle
04:11 AM pfSense Packages Bug #7965: freeradius 3 with MySQL
hmmm.... will this commit fall into the repository? or nothing?
how can I help? Konstantin Ab
04:07 AM pfSense Packages Bug #7965: freeradius 3 with MySQL
There is nothing for testing (beyond reverting that commit). The linked commit is potentially a *source* of the issue... Kill Bill
03:37 AM pfSense Packages Bug #7965: freeradius 3 with MySQL
where its apply for testing? Konstantin Ab
03:03 AM pfSense Packages Bug #7965: freeradius 3 with MySQL
This commit: https://github.com/pfsense/FreeBSD-ports/commit/eafa6ca5d0b89a3e6a9110dfea8e2a89fe24d245
- The hunk s... Kill Bill
03:17 AM Bug #7966 (Resolved): Live traffic graphs appear to have sampling errors
The Status > Traffic Graphs function and the Traffic Graph widget appear to have a regression (#7515 ? ).
The samp... Chris Linstruth
02:29 AM Bug #7426: UDP packet drops
The reason of UDP drop is packet processing slowdown which happens on ARM devices (1k, 3100). I observed ~2-7% for di... Constantine Kormashev

10/17/2017

11:58 PM pfSense Packages Bug #7965: freeradius 3 with MySQL
i use freeradius for Plain MAC Authentication Konstantin Ab
11:54 PM pfSense Packages Bug #7965 (Resolved): freeradius 3 with MySQL
sorry, I will duplicate issue 7947, BUT i think this is a 100% bug. Please, let's take it seriously.
I'm upgrading... Konstantin Ab
09:51 PM Revision 48450841: Helped make the ajax more robust to check for non json return types
Stephen Jones
09:37 PM Bug #7964: Restart openvpn on gateway switching
After the PPPoE interface is up, the openvpn clients still use Tier2 and didn't fall back to Tier1. Grischa Zengel
08:32 PM Bug #7964 (New): Restart openvpn on gateway switching
I have 2 openvpn clients with GW Group configured.
While Tier1 interface (PPPoE) was going down the two openvpn cras... Grischa Zengel
08:39 PM Revision 55c60100: Revert "Added JSON checks for widgets to prevent parsing errors."
This reverts commit e63aee854214c93fd0cba71f7023c194942c1ca9. Stephen Jones
08:10 PM Revision e63aee85: Added JSON checks for widgets to prevent parsing errors.
(cherry picked from commit 63f686bde3e95eed8d2223d00e5f6403a5ef2d4c) Stephen Jones
08:03 PM Revision 63f686bd: Added JSON checks for widgets to prevent parsing errors.
Stephen Jones
07:47 PM Revision 1b21bfdb: Simplify the code a little bit.
Luiz Souza
07:46 PM Revision 0d9b74f1: add cache busting to css using last modified timestamp
Jared Dillard
07:45 PM Revision 2e155305: Use the new function to validate the VLAN tags.
Luiz Souza
07:42 PM Revision 0793de1a: Fix the QinQ support.
Bring the QinQ support to the VLAN dotted format.
To avoid breaks third party software (such as dhcpd), we silently ... Luiz Souza
07:11 PM Revision 08a5e9a6: add cache busting to css using last modified timestamp
Jared Dillard
07:03 PM Revision cbd7c398: Restore auth_check()
Steve Beaver
06:43 PM Revision 6a6c0b16: Added back the previous commit since it got overwritten.
Stephen Jones
06:37 PM Revision 58f31015: Related to redmine #6318 helps fix some times when it would get back null data after a session ended
Stephen Jones
06:15 PM pfSense Packages Bug #7963: Unable to upgrade pfSense v2.3.4-RELEASE to v2.3.4-RELEASE-p1 via web admin site. Clicking 'y' on console continues upgrade successfully.
Steve Tanti wrote:
> Jim Pingle wrote:
> > Be sure to go to System > Update, Update Settings tab. Set the branch to... Steve Tanti
05:57 PM pfSense Packages Bug #7963: Unable to upgrade pfSense v2.3.4-RELEASE to v2.3.4-RELEASE-p1 via web admin site. Clicking 'y' on console continues upgrade successfully.
Jim Pingle wrote:
> Be sure to go to System > Update, Update Settings tab. Set the branch to Security/Errata Only an... Steve Tanti
05:43 PM pfSense Packages Bug #7963 (Feedback): Unable to upgrade pfSense v2.3.4-RELEASE to v2.3.4-RELEASE-p1 via web admin site. Clicking 'y' on console continues upgrade successfully.
Be sure to go to System > Update, Update Settings tab. Set the branch to Security/Errata Only and then try again. Jim Pingle
05:40 PM pfSense Packages Bug #7963 (Not a Bug): Unable to upgrade pfSense v2.3.4-RELEASE to v2.3.4-RELEASE-p1 via web admin site. Clicking 'y' on console continues upgrade successfully.
When I trigger an upgrade via the web console it hangs stating:
>>> Downloading upgrade packages...
I left it f... Steve Tanti
06:14 PM Revision 25a95b4c: Use pkg-static binary to prevent errors when moving to new major FreeBSD version
Renato Botelho
06:14 PM Revision 1dee6294: Use pkg-static binary to prevent errors when moving to new major FreeBSD version
Renato Botelho
06:13 PM Revision 9a0f7e2a: Use pkg-static binary to prevent errors when moving to new major FreeBSD version
Renato Botelho
06:13 PM Revision 58e60eb9: Use pkg-static binary to prevent errors when moving to new major FreeBSD version
Renato Botelho
06:10 PM Revision 73ee3d78: Fix #7953: Make sure NULL values are not passed to XMLRPC functions
Renato Botelho
04:57 PM Revision b87f0429: IPSec widget no longer includes session timout code
Steve Beaver
04:04 PM Revision 93d3a065: Do not reconfigure wireless on a link up event, or else it can get stuck in a loop. Fixes #7960
Jim Pingle
03:37 PM Bug #7951 (Resolved): WPA2 issue (KRACK)
Looks good as far as I can see, with hostapd and wpa_supplicant are updated and running as expected. Jim Pingle
12:27 PM Bug #7951: WPA2 issue (KRACK)
I've tested with ath0 and run0 as AP and BSS mode, both run the appropriate binaries from ports and appear to be OK. Jim Pingle
07:08 AM Bug #7951 (Feedback): WPA2 issue (KRACK)
Start using hostapd / wpa_supplicant from ports on 2.4.1 and 2.3.5. Next round of snapshots should be OK Renato Botelho
03:03 PM Bug #7953 (Assigned): XMLRPC produces an error when attempting to sync an empty section
The XMLRPC error is gone but the affected section does not sync when empty.
You can never delete the last virtual ... Jim Pingle
01:19 PM Bug #7953 (Feedback): XMLRPC produces an error when attempting to sync an empty section
Fix pushed Renato Botelho
02:19 PM Bug #6954 (Resolved): New installer has no "Quick/Easy" installation option
The Auto (UFS) behavior with a single drive works well Jim Pingle
07:28 AM Bug #6954 (Feedback): New installer has no "Quick/Easy" installation option
Added in 2.4.0 installer already. When Auto (UFS) is selected, if there is only one available disk it's automatically... Renato Botelho
01:55 PM Feature #7962: Support for Intel 553 network card
Hi,
could also be easier as this here:
https://lwn.net/Articles/735126/ or in more detail this: https://revie... Cullen Trey
01:16 PM Feature #7962 (Resolved): Support for Intel 553 network card
Hi,
just tried to get a Intel 553 network card running in pfsense 2.4, but it does not work.
Issue https://red... Cullen Trey
12:30 PM Bug #7868: bsmtpd hostres feature should not be active when running on esx/proxmox/virtualbox
It looks good with a gitsync, but needs another test once it's in snapshots. Jim Pingle
07:30 AM Bug #7868 (Feedback): bsmtpd hostres feature should not be active when running on esx/proxmox/virtualbox
Fix committed to FreeBSD-src and exceptions removed from GUI Renato Botelho
12:29 PM Bug #7921 (Resolved): Reset All States on WAN IP Change does not stay unchecked when disabled in GUI
The GUI control properly reflects the state of the option in the configuration, and changes are saved properly. Jim Pingle
12:26 PM Bug #7939 (Resolved): Voucher test page produces no output
Testing and expiring works now. Jim Pingle
12:25 PM Bug #7810 (Resolved): openssl/openvpn need to have loaded booth AESNI and cryptodev to accelerate AES operations , but gui alows you load only one at once
Jim Pingle
12:24 PM Bug #7810: openssl/openvpn need to have loaded booth AESNI and cryptodev to accelerate AES operations , but gui alows you load only one at once
Verified that the correct combination of aesni.ko and cryptodev.ko are present after a reboot and that cryptodev is o... Chris Linstruth
12:22 PM Todo #7938 (Resolved): Change pfSense-upgrade to use pkg-static instead of pkg
Looks to me like all of the references in the pfSense-upgrade code now call pkg-static so this is done. Jim Pingle
12:15 PM Bug #7937 (Resolved): FreeBSD 11 removed legacy ada aliases, some older installs will fail to mount root post-upgrade
Latest fix did the trick. I can now start with a VM with a legacy style fstab and the upgrade completes and boots up ... Jim Pingle
10:30 AM Bug #7937 (Feedback): FreeBSD 11 removed legacy ada aliases, some older installs will fail to mount root post-upgrade
I've added it to pfSense-repo package post-install script Renato Botelho
12:14 PM Bug #7925: VT race condition panic at boot on ESXi 6.5.0U1 and FreeBSD 11.1 base
I can't reproduce this on 2.4.1 snapshots but it was so random before that doesn't give me much confidence.
Anyone... Jim Pingle
12:12 PM Feature #7506 (Resolved): Use "auth-retry nointeract" to prevent OpenVPN clients from exiting or attempting to prompt for passwords
Works Jim Pingle
12:10 PM Revision e8972c2f: Fix 7868 - Allow to enable hostres on all platforms after fix on FreeBSD-src
Renato Botelho
12:07 PM Feature #7814 (Resolved): Unbound serve-expired please add to GU as tickbox
We've tested this a bit and it's working. Jim Pingle
12:01 PM Feature #7814: Unbound serve-expired please add to GU as tickbox
Martin informed this has been accepted and merged. Chris Collins
07:45 AM Feature #7814 (Feedback): Unbound serve-expired please add to GU as tickbox
Anonymous
11:21 AM Bug #7942 (Feedback): QinQ interfaces never show as active
Please, test again when the next snapshot is ready.
It is fixed and updated to use the same name format as VLANs.
... Luiz Souza
11:11 AM pfSense Packages Feature #7895: Add a script for CARP monitoring to NRPE
Here is a fixed version, I tested it based on your above output.
It now gives the following result :... Stéphane Lapie
10:43 AM pfSense Packages Feature #7895: Add a script for CARP monitoring to NRPE
Ah, I think I see. I did not handle the case of multiple VHIDs on one interface, I will fix it right now. Stéphane Lapie
10:11 AM pfSense Packages Feature #7895: Add a script for CARP monitoring to NRPE
I agree that it would be very helpful if there was a way to monitor carp status via SNMP.
I ran your script on my ... Phillip Hernandez
11:10 AM Bug #7960 (Feedback): Wirelss WAN can get caught in a configure loop
Applied in changeset commit:93d3a065260441dcb32fcd69cf4cb806d1021eea. Jim Pingle
11:04 AM Bug #7960 (Resolved): Wirelss WAN can get caught in a configure loop
At least with some wireless devices, they send a link up event to the OS when they associate successfully. This trigg... Jim Pingle
11:06 AM pfSense Packages Bug #7961 (Resolved): JS Error on Status > Monitoring
If you go to Status > Monitoring click Settings > Display Advanced > add view and then click cancel you get this cons... Anonymous
11:00 AM Revision 6a7a320e: Use hostapd / wpa_supplicant from ports when available
Renato Botelho
10:59 AM Revision 95605da1: Use hostapd / wpa_supplicant from ports when available
Renato Botelho
10:46 AM Revision 19a9070e: Enable build of new Zabbix versions (2.2, 3.2 and 3.4)
Renato Botelho
10:37 AM Revision af0d2a1f: Enable build of new Zabbix versions (2.2, 3.2 and 3.4)
Renato Botelho
10:28 AM Revision ac717bc0: Update Zabbix options
- Bring versions 3.2 and 3.4
- Enable IPMI, VMware and SSH monitoring for Zabbix Proxy
- Remove unnecessary items
(c... Danilo Baio
10:28 AM Revision af40692f: Update Zabbix options
- Bring versions 3.2 and 3.4
- Enable IPMI, VMware and SSH monitoring for Zabbix Proxy
- Remove unnecessary items
(c... Danilo Baio
10:28 AM Revision 54869134: Update Zabbix options
- Bring versions 3.2 and 3.4
- Enable IPMI, VMware and SSH monitoring for Zabbix Proxy
- Remove unnecessary items
(c... Danilo Baio
10:27 AM Revision 863ce211: Merge pull request #3851 from dbaio/master
Renato Botelho
10:17 AM pfSense Packages Bug #7959 (Not a Bug): Dpinger - Probe Interval
Dear Team
We are working with WAN satellite connections limited in bandwidth data per month.
The maximum probe inte... Lampros Papanastasiou
10:08 AM Bug #7958: Upgrade 2.4.0: IP alias with FQDN doesn't work any more
OK. Now have a look at the forum.
It looks like filterdns stops working and after a big change a second one will be ... Grischa Zengel
08:30 AM Bug #7958: Upgrade 2.4.0: IP alias with FQDN doesn't work any more
If it ever worked, it was by luck alone.
When I try to resolve www.google.de, I only receive two responses (one I... Jim Pingle
08:27 AM Bug #7958: Upgrade 2.4.0: IP alias with FQDN doesn't work any more
It was a test with google ...
The point is, that the other address are not shown.
And before update it worked as ... Grischa Zengel
08:24 AM Bug #7958: Upgrade 2.4.0: IP alias with FQDN doesn't work any more
You cannot rely on alias resolution for domains which return random sets of addresses. That will never work properly ... Jim Pingle
08:23 AM Bug #7958: Upgrade 2.4.0: IP alias with FQDN doesn't work any more
Some more info:
I'm using Domain Overrides.
I put www.google.de and a host from my Domain Overrides into a table ... Grischa Zengel
07:30 AM Bug #7958 (Not a Bug): Upgrade 2.4.0: IP alias with FQDN doesn't work any more
It works fine here on several firewalls and there is nowhere near enough detail here or on the linked thread to sugge... Jim Pingle
07:24 AM Bug #7958 (Not a Bug): Upgrade 2.4.0: IP alias with FQDN doesn't work any more
I'm not alone with this problem so I decide to open a issue an this:
https://forum.pfsense.org/index.php?topic=13817... Grischa Zengel
08:47 AM Bug #7856: IPsec status does not show all connected mobile clients
I did some tests with SG-2220 (2.4.1-DEVELOPMENT (amd64)) and IPsec widget was on Dashboard, but there wasn't any IPs... Azamat Khakimyanov
07:45 AM Bug #7748: VLAN Priority
Downgraded last night to 2.3.4, packets are now being properly tagged again. Here are some examples:... Oliver Palmer
06:58 AM Feature #7957 (New): GUI theme - separate "colour" from "compact/normal" in theme dropdown
At the moment one can choose themes such as normal, dark, and compact-RED.
There is also a colour selector with a wi... Stilez y
06:36 AM Feature #7956: Favicon able to match GUI colour setting?
Sample favicons attached Stilez y
06:19 AM Feature #7956 (New): Favicon able to match GUI colour setting?
I'm finding that with multiple pfSense routers in use, choosing the right tab in the browser would be a lot easier if... Stilez y
05:50 AM Bug #7955 (Closed): Upgrade in 2.4 GUI appears to fail when it actually succeeded (no D/L completion or reboot message, or sign of completion)
In previous versions, when upgrading, the activity textbox displays what's happening. At the end it said something li... Stilez y

10/16/2017

07:49 PM Revision 12bcf7e9: Change the VLAN inteface names to use the 'dotted' format of FreeBSD, which is shorter and helps to keep the interface name smaller than the limit (16).
This fixes the 4 digit VLAN issues when the NIC name is 6 bytes long.
Ticket #294 Luiz Souza
07:07 PM Revision 40437d5d: xmlrpc, webgui, prevent that a xmlrpc.lock is placed that is never unlocked, thus hanging php and the webgui after a few more sync request are trying to acquire the lock and all are waiting..
(cherry picked from commit 8239af2dc167fd865818a29b4e01d7e464d564d3) Pi Ba
07:07 PM Revision ee0e2507: Merge pull request #3848 from PiBa-NL/20171011-xmlrpc-prevent-lost-lock
Renato Botelho
07:07 PM Revision 6665dd8c: Remove no-op code
See https://redmine.pfsense.org/issues/7889 for related discussion
(cherry picked from commit 401e2ac783756e22ab738d... Doktor Notor
07:07 PM Revision fc9abcc7: Remove no-op code
See https://redmine.pfsense.org/issues/7889 for related discussion
(cherry picked from commit cbbb8fdb62fc75bfac28b2... Doktor Notor
07:06 PM Revision 8734adf8: Merge pull request #3838 from doktornotor/patch-9
Renato Botelho
06:31 PM Revision 840a290e: Merge pull request #3831 from luckman212/patch-1
Renato Botelho
06:21 PM Revision e4aef1ed: Merge pull request #3850 from doktornotor/patch-11
Renato Botelho
06:07 PM Revision f96376a3: Allow both AES-NI and Crypto modules to be loaded at the same time. Fixes #7810
Jim Pingle
06:07 PM Bug #7951: WPA2 issue (KRACK)
Fixes for KRACK now in FreeBSD Ports tree: https://github.com/freebsd/freebsd-ports/commit/e0ec9d45b57b88487440141915... Jim Thompson
10:08 AM Bug #7951 (Resolved): WPA2 issue (KRACK)
We need to import the FreeBSD fixes for wpa_supplicant and hostapd related to the recently-disclosed key reinsertion ... Jim Pingle
05:53 PM Revision 5e5b13a9: Merge pull request #3821 from PiBa-NL/20170916-bsnmp-hostrest-check
Renato Botelho
05:43 PM Bug #6455: Can't delete Virtual IP "referenced by a least one gateway" if gateway outside interface subnet
Thanks! Just ran into this and changed the mast to /32 and I was then able to delete it. I thought it was a 2.4.0 bug... Brendon Baumgartner
05:16 PM Revision 2105c0e2: Change OpenVPN to retry client auth when it fails by default, rather than making the process exit which confuses users. Fixes #7506
(cherry picked from commit a69a9182278bab4843f3215a1b484f9452558884) Jim Pingle
05:14 PM Revision a69a9182: Change OpenVPN to retry client auth when it fails by default, rather than making the process exit which confuses users. Fixes #7506
Jim Pingle
04:17 PM Revision 7a696510: Merge pull request #3817 from marjohn56/Unbound-serve-expired
Steve Beaver
04:09 PM Revision 9503d881: Merge pull request #3826 from doktornotor/patch-5
Steve Beaver
04:05 PM Revision 84ec58b7: Unbound Serve expired
Serve expired – Records stay in cache after TTL expires, with a TTL value of 0, if a new lookup is requested the cach... Martin Wasley
03:45 PM Revision c676c135: Fixed #7896
2.3 is slightly different than 2.4 with different variables so this
fix is different than the 2.4 version. Stephen Jones
03:42 PM Bug #7884 (Resolved): Unbound refusing non-recursive/iterative queries even from localhost
Jim Pingle
03:34 PM Bug #7884: Unbound refusing non-recursive/iterative queries even from localhost
On pfSense-netgate-memstick-ADI-2.4.1-DEVELOPMENT-amd64-20171016-1127.img "dig google.com +trace" and "drill -T googl... Anonymous
03:28 PM pfSense Packages Bug #7871 (Resolved): Add squid validation for selected CA when MITM is enabled
Great, thanks for testing! Jim Pingle
03:22 PM pfSense Packages Bug #7871: Add squid validation for selected CA when MITM is enabled
Looks good here, only usable CAs are being offered in the Squid GUI with 0.4.42. Thanks! Kill Bill
11:19 AM pfSense Packages Bug #7871 (Feedback): Add squid validation for selected CA when MITM is enabled
OK I added two different sets of protection:
1. Input validation to warn if a user selected a CA without a private... Jim Pingle
03:22 PM Revision a55c5a21: roll back for 2_3 for picture widget
Stephen Jones
03:20 PM pfSense Packages Bug #7954 (Confirmed): Package upgrade/reinstall gets stuck on deinstall if the package-provided service is not running
So you have a package and the service is not running. Trying to upgrade/reinstall produces the following:... Kill Bill
02:55 PM Bug #7953 (Resolved): XMLRPC produces an error when attempting to sync an empty section
When attempting to sync an empty section (e.g. VIPs are set to sync, but no VIPs are defined), the following error is... Jim Pingle
02:55 PM Revision 1f8a9b40: Fixed #7896
Handled the case where there is no picture and made it simpler to load
a picture.
(cherry picked from commit dc91c94... Stephen Jones
02:51 PM Revision 14ef41c4: Let 2.4.0 users to go to 2.4.1
Renato Botelho
02:28 PM Revision dc91c949: Fixed #7896
Handled the case where there is no picture and made it simpler to load
a picture. Stephen Jones
01:57 PM Revision 7f9b448f: Fixed #7714
Added JS code to formate the date/time for UCT
(cherry picked from commit 893b609111be502233a7a4ad6804fff1e4779a03) Steve Beaver
01:53 PM Revision 893b6091: Fixed #7714
Added JS code to formate the date/time for UCT Steve Beaver
01:27 PM Revision 7077ba39: Update Zabbix options
- Bring versions 3.2 and 3.4
- Enable IPMI, VMware and SSH monitoring for Zabbix Proxy
- Remove unnecessary items Danilo Baio
01:20 PM Bug #7810 (Feedback): openssl/openvpn need to have loaded booth AESNI and cryptodev to accelerate AES operations , but gui alows you load only one at once
Applied in changeset commit:f96376a378211155181a02a053cbb7ff9a700056. Jim Pingle
10:34 AM Bug #7810: openssl/openvpn need to have loaded booth AESNI and cryptodev to accelerate AES operations , but gui alows you load only one at once
There is still some debate as to whether or not this is even necessary or would ever help, but it should be simple to... Jim Pingle
01:12 PM pfSense Packages Bug #7947 (Rejected): freeRadius 3 on pfSense 2.4 not work
There isn't enough really to go on here, please start a forum thread so we can discuss and diagnose the issue. Also, ... Jim Pingle
12:57 AM pfSense Packages Bug #7947: freeRadius 3 on pfSense 2.4 not work
i edit /usr/local/etc/raddb/sites-enabled/default
i comment:... Konstantin Ab
12:42 AM pfSense Packages Bug #7947: freeRadius 3 on pfSense 2.4 not work
i use EAP section
and freeRadius2 worked in 2.3.4
2.4 + FR3 = not worked Konstantin Ab
12:30 PM Feature #7506 (Feedback): Use "auth-retry nointeract" to prevent OpenVPN clients from exiting or attempting to prompt for passwords
Applied in changeset commit:a69a9182278bab4843f3215a1b484f9452558884. Jim Pingle
12:26 PM Revision 233dde07: Fixed #7921
(cherry picked from commit 5fce3e8e905c3a2029475293cf760ee2c2a51074) Steve Beaver
12:24 PM Revision 5fce3e8e: Fixed #7921
Steve Beaver
12:18 PM pfSense Packages Feature #7945 (Resolved): NET-SNMP - Flooding log entries
Great, thanks for testing!
 Jim Pingle
12:06 PM pfSense Packages Feature #7945: NET-SNMP - Flooding log entries
Jim Pingle wrote:
> I just pushed a fix for this, it will show up shortly to install.
Updated and tested. Looks g... Nonada Nonadz
07:49 AM pfSense Packages Feature #7945 (Feedback): NET-SNMP - Flooding log entries
I just pushed a fix for this, it will show up shortly to install. Jim Pingle
11:43 AM Bug #7946: 2.4 Package Manager: Does Not List Installed Packages which have been removed from the repository.
It seems to be anything it can't validate against the current repository (offline or online). It should list them all... Jim Pingle
11:41 AM Bug #7946: 2.4 Package Manager: Does Not List Installed Packages which have been removed from the repository.
Well yes, the inability to produce/take into account any offline results is indeed a bug. Kill Bill
07:54 AM Bug #7946: 2.4 Package Manager: Does Not List Installed Packages which have been removed from the repository.
It may still be a bug though. The package is indeed gone from the server-side database but it's still installed local... Jim Pingle
11:35 AM pfSense Packages Bug #7941 (Not a Bug): ntop-ng. Unable to reach web page
This was an issue with the rules on that one system and not a problem with ntopng. Jim Pingle
08:19 AM pfSense Packages Bug #7941 (Feedback): ntop-ng. Unable to reach web page
I see those errors here but it appears they happen during install or boot when it gets stopped/started a couple times... Jim Pingle
11:16 AM pfSense Packages Bug #7952 (Closed): OpenVPN export package for Windows flagged by a few AV's
We have received a report that exported OpenVPN client package is flagged by a few AV's.
https://forum.pfsense.or... Ivor Kreso
10:48 AM Revision e9bb33f3: Fix #7949
Add UEFI 32 and UEFI 64 filenames defined inside a pool to dhcpd.conf Renato Botelho
10:47 AM Revision 9d775c75: Fix #7949
Add UEFI 32 and UEFI 64 filenames defined inside a pool to dhcpd.conf Renato Botelho
09:40 AM Bug #7896 (Feedback): picture_widget.php
Applied in changeset commit:dc91c9490a61c374b4358a3a328019f3e0e150ab. Anonymous
09:10 AM Bug #7714: NTP Widget Time Display
Applied in changeset commit:7f9b448ff7d926c4c5b69ada8625e728c3f5c715. Anonymous
09:00 AM Bug #7714 (Feedback): NTP Widget Time Display
Applied in changeset commit:893b609111be502233a7a4ad6804fff1e4779a03. Anonymous
08:04 AM Bug #7940: disabling LAGG causes system reboot on 2.4
That does look almost identical to #7119, we should check to see if those patches need any adjustments for FreeBSD 11.1. Jim Pingle
07:54 AM Bug #7917: GUI shows "There are no packages currently installed" when repos are unreachable
See also: #7946 Jim Pingle
07:40 AM Bug #7921 (Feedback): Reset All States on WAN IP Change does not stay unchecked when disabled in GUI
Applied in changeset commit:5fce3e8e905c3a2029475293cf760ee2c2a51074. Anonymous
07:38 AM Bug #7948 (Rejected): pfsense 2.4 fall in black screen on ESXI 6.5
Please start a new thread on the forum with was much detail as possible. There is not enough to go by here, and some ... Jim Pingle
01:12 AM Bug #7948 (Rejected): pfsense 2.4 fall in black screen on ESXI 6.5
after upgrade from 2.3.4 pfsense periodically fall in black screen
you can enter letters from the keyboard, but th... Konstantin Ab
07:22 AM pfSense Packages Bug #7950 (Feedback): Quagga not displaying status messages on 2.4-rel
It's working fine here. Are all of the daemons running?
Does running one of the status commands at the CLI work?
<... Jim Pingle
06:59 AM pfSense Packages Bug #7950 (Closed): Quagga not displaying status messages on 2.4-rel
See attached screenshot. Quagga is working but no status messages are displayed. Vladimir Lind
06:40 AM Bug #6860 (Feedback): Monitoring (RRD) graphs return "unknown" step value
PR has been merged Renato Botelho
06:20 AM pfSense Packages Bug #7935 (Feedback): FFR doesn't save prefix lists to bgpd.conf
PR has been merged Renato Botelho
06:00 AM Bug #7949 (Feedback): DHCP UEFI file name under pools are ignored
Applied in changeset commit:9d775c7500e1ba09417e106f2ddc81b2cc8e67dc. Renato Botelho
05:47 AM Bug #7949 (Resolved): DHCP UEFI file name under pools are ignored
DHCP Server has places to define 3 files for netboot (BIOS, UEFI 32 and UEFI 64). When these options are configured i... Renato Botelho

10/15/2017

11:54 PM Bug #7946: 2.4 Package Manager: Does Not List Installed Packages which have been removed from the repository.
Not a bug.
https://forum.pfsense.org/index.php?topic=133280.0 Kill Bill
07:09 PM Bug #7946 (Resolved): 2.4 Package Manager: Does Not List Installed Packages which have been removed from the repository.
Upon upgrading to pfSense 2.4, I was unable to perform the recommended approach to move from freeradius 2.x to 3.x be... Andrew Barnes
11:00 PM pfSense Packages Bug #7947 (Rejected): freeRadius 3 on pfSense 2.4 not work
Afrer upgrade pfsense to 2.4 and install freeradius v3 -- freeRadius not execute.... Konstantin Ab
05:13 PM Bug #6882: bsnmpd uses all available CPU with hostres module active in some cases
I don't see any mention about memory leaks here but this might be related.
https://forum.pfsense.org/index.php?topic... Brendon Baumgartner
10:41 AM Bug #6882: bsnmpd uses all available CPU with hostres module active in some cases
Just found this bug report after chasing down the issue on my office's pfsense install that was upgraded to 2.4.
I... Michael Knowles
05:11 PM pfSense Packages Feature #7945 (Resolved): NET-SNMP - Flooding log entries
Please make a better solution for the NET-SNMP logging. Currently it floods the Genereal Log Entries (System Logs / S... Nonada Nonadz
03:44 PM pfSense Packages Bug #7944 (Resolved): Bind XMLRPC Sync Error
After upgrading to pfsense 2.4.0 syncing Bind is not possible anymore. Each time I update the config I get the follow... Maximilian Sesterhenn
02:00 PM Feature #7943 (Resolved): Overflow scrolling for top navigation drop-down menus in Fixed mode
Some resolutions (16:9 on laptops) don't have the vertical height to display all drop down menu items on items such a... Ken Moini
01:30 PM Bug #7942: QinQ interfaces never show as active
... Steve Wheeler
01:10 PM Bug #7942 (Resolved): QinQ interfaces never show as active
In a fresh 2.4 install QinQ interfaces always show in Status > Interfaces as down even when the parent interface show... Steve Wheeler
12:52 PM pfSense Packages Bug #7941 (Not a Bug): ntop-ng. Unable to reach web page
After installing and enabling ntop-ng with default settings in 2.4 it is not possible to reach the data display page ... Steve Wheeler
10:32 AM Bug #7937 (Assigned): FreeBSD 11 removed legacy ada aliases, some older installs will fail to mount root post-upgrade
The code itself appears to work but it doesn't get triggered unless you start to run the upgrade from the CLI, stop w... Jim Pingle
02:00 AM Revision c83649d3: Fix voucher test and expire pages. Fixes #7939
(cherry picked from commit 0b2d15478ee375c5bb9bde82ac493e1ea38d2eb6) Jim Pingle
02:00 AM Revision 0b2d1547: Fix voucher test and expire pages. Fixes #7939
Jim Pingle
01:40 AM Bug #7940 (Resolved): disabling LAGG causes system reboot on 2.4
It looks very similar to this - https://redmine.pfsense.org/issues/7119
When Lagg interface goes down:
<6>carp:... Vladimir Lind

10/14/2017

09:10 PM Bug #7939 (Feedback): Voucher test page produces no output
Applied in changeset commit:0b2d15478ee375c5bb9bde82ac493e1ea38d2eb6. Jim Pingle
08:58 PM Bug #7939: Voucher test page produces no output
Affects both status_captiveportal_test.php and status_captiveportal_expire.php Jim Pingle
08:50 PM Bug #7939 (Resolved): Voucher test page produces no output
The voucher test page does nothing when a value is submitted. Jim Pingle
07:39 PM Revision ed66d491: snmpd, hostres cpu usage on virtual environments that have a virtual cd drive seems to happen on most (all?) hypervisors.
Pi Ba
04:57 PM Feature #6754 (Duplicate): Use of aliases in OpenVPN configuration
Duplicate of #2668 Jim Pingle
03:50 PM Feature #6754: Use of aliases in OpenVPN configuration
Requested on forums also: https://forum.pfsense.org/index.php?topic=137852.0 robi robi
03:49 PM Feature #2668: Support aliases in OpenVPN local/remote/tunnel network fields
Requested on forums also: https://forum.pfsense.org/index.php?topic=137852.0 robi robi
03:38 PM Bug #6882: bsnmpd uses all available CPU with hostres module active in some cases
Judging by some responses on the forum it can also happen on bare metal, not just VMs. The exact conditions are uncle... Jim Pingle
02:44 PM Bug #6882: bsnmpd uses all available CPU with hostres module active in some cases
Please either fix the underlying issue if possible. Or at least commit this workaround that seems to be needed for mo... Pi Ba
11:20 AM pfSense Packages Bug #7932: 2.4.0 & Snort 3.2.9.5_1 Pass Lists
No, it's not directly a Snort issue. It appears to be something that was perhaps inadvertently introduced when the t... Bill Meeks
03:43 AM pfSense Packages Bug #7932: 2.4.0 & Snort 3.2.9.5_1 Pass Lists
Cheers guys, it does disapear after moving pfSense.mo pfSense.mo.old
So not a Snort issue then. Andy Kniveton
07:59 AM Revision 0c9a6bc3: Remove obsolete CLA information
https://www.netgate.com/blog/contributing-to-the-pfsense-project-gets-easier.html Doktor Notor
07:04 AM Bug #6223: IPsec + OpenBGPD fails with "PF_KEY socket: No buffer space available"
Michael OBrien wrote:
> Is there a reason you're moving this to 2.4.2, or you just need confirmation that it's good ... Jim Pingle
02:54 AM Revision c5a33683: Accept 'IP/mask' notation in 'Set interface IP address' from initial menu, there is no need to force use to enter the netmask in a different input.
Luiz Souza
02:13 AM Revision d326425e: Break from the loop when we run out of interfaces in console 'Assign Interfaces'.
Luiz Souza
12:31 AM Revision 286cd231: Mount the disk (the root slice) as read-only before running the fsck in the preen mode.
This force the flush of all pending writes to disk and thus put the disk in a consistent state.
The second effect of... Luiz Souza

10/13/2017

09:52 PM Bug #6223: IPsec + OpenBGPD fails with "PF_KEY socket: No buffer space available"
Jim Pingle wrote:
> FYI- FRR is now available for 2.4, 2.3.5 (snapshots), and 2.3.4 users. Internal tests show that ... Michael OBrien
03:42 PM Bug #6882: bsnmpd uses all available CPU with hostres module active in some cases
Looks Like KVM has the same issue btw. I am running 2.4.1-DEVELOPMENT (amd64)
built on Fri Oct 13 12:32:36 CDT 2017... Chris Stocker
09:32 AM Bug #6882: bsnmpd uses all available CPU with hostres module active in some cases
It looks like there is actually a patch for FreeBSD now which might help: https://bugs.freebsd.org/bugzilla/show_bug.... Jim Pingle
03:02 PM Bug #7931 (Duplicate): Error: SyntaxError: Unexpected token < in JSON at position 0
Jim Pingle
10:57 AM Bug #7931: Error: SyntaxError: Unexpected token < in JSON at position 0
This one is actually a duplicate of Bug #6748 and I'm still seeing this randomly. Kill Bill
02:30 PM pfSense Packages Bug #7932: 2.4.0 & Snort 3.2.9.5_1 Pass Lists
Bill Meeks wrote:
> Andy Kniveton wrote:
> UPDATE- an empty string is the cause, now to find out why ???
>
> Bi... Kill Bill
02:09 PM pfSense Packages Bug #7932: 2.4.0 & Snort 3.2.9.5_1 Pass Lists
Andy Kniveton wrote:
> Ah I don't have an Assigned Alias, so it displays the txt regardless of what ever the locale ... Bill Meeks
12:29 PM pfSense Packages Bug #7932: 2.4.0 & Snort 3.2.9.5_1 Pass Lists
Ah I don't have an Assigned Alias, so it displays the txt regardless of what ever the locale is set to.
Just creat... Andy Kniveton
12:22 PM pfSense Packages Bug #7932: 2.4.0 & Snort 3.2.9.5_1 Pass Lists
I've upgraded from 2.3.4-p1 to 2.4.0 and not changed the locale. it's using the default English I guess as I've not s... Andy Kniveton
10:23 AM pfSense Packages Bug #7932: 2.4.0 & Snort 3.2.9.5_1 Pass Lists
I am so far unable to reproduce this problem in my virtual machine test environment. What language/locale is your fi... Bill Meeks
09:46 AM pfSense Packages Bug #7932: 2.4.0 & Snort 3.2.9.5_1 Pass Lists
Thanks for the report. I will look into the problem.
Bill Bill Meeks
12:10 PM pfSense Packages Bug #7923: 502 Bad Gateway and unresponsive OS with 2.4
This is definitely due to a locking issue with file access in the index.php file for pfBlocker DNSBL. Not sure why it... Jim Pingle
10:50 AM Bug #7748: VLAN Priority
Hey, I'm one of those users thanks for putting this in the queue for 2.4.1.
I did a real quick tcpdump looking for... Oliver Palmer
09:35 AM Bug #7748: VLAN Priority
Apparently this negatively impacts users on Google Fiber
https://forum.pfsense.org/index.php?topic=137916.msg754579#... Jim Pingle
10:48 AM pfSense Packages Bug #7935: FFR doesn't save prefix lists to bgpd.conf
There is a pending PR for this, https://github.com/pfsense/FreeBSD-ports/pull/417
We'll be reviewing PRs shortly n... Jim Pingle
10:44 AM Bug #7937 (Feedback): FreeBSD 11 removed legacy ada aliases, some older installs will fail to mount root post-upgrade
pfSense-upgrade version 0.27_2 on 2.3.x and 0.34 on 2.4.x check for /dev/adN under /etc/fstab and call "/usr/local/sb... Renato Botelho
07:50 AM Bug #7937 (Resolved): FreeBSD 11 removed legacy ada aliases, some older installs will fail to mount root post-upgrade
Some upgrade attempts are failing to mount root after the kernel is upgraded to FreeBSD 11.x due to ada disk driver c... Jim Pingle
10:43 AM Todo #7938 (Feedback): Change pfSense-upgrade to use pkg-static instead of pkg
pfSense-upgrade version 0.27_2 on 2.3.x and 0.34 on 2.4.x are changed Renato Botelho
09:16 AM Todo #7938 (Resolved): Change pfSense-upgrade to use pkg-static instead of pkg
pfSense-upgrade should use pkg-static internally, rather than pkg, to avoid issues with major version upgrades, poten... Jim Pingle
10:37 AM Feature #1557: Add the Interface descriptions to the OS interface descriptions
Hi there,
This would be a great feature for those who use Zabbix or similar.
Thanks
Gareth Gareth Hay
09:12 AM Bug #7928: LAGG interfaces lose MAC address
Can confirm, this is new behavior and I am able to duplicate it per Steve's steps at a client site. The secondary fir... Arthur Brownlee IV
08:50 AM Bug #7925: VT race condition panic at boot on ESXi 6.5.0U1 and FreeBSD 11.1 base
For reference, at least one person appears to have encountered it on ESX 5.5 as well, though the majority of users ar... Jim Pingle
07:07 AM Bug #7936 (Confirmed): bridge network interface does not support altq on 2.4.0-RELEASE
I thought we had another entry for bridge already but today I don't see it. So I reopened this and changed the subjec... Jim Pingle
03:00 AM Bug #7916: There were error(s) loading the rules: pfctl: ix0: driver does not support altq - The line in question reads [0]: | Intel X520-DA2
Same problem on 2.4.0! Roman Fidi
01:22 AM Bug #4310: Limiters + HA results in hangs on secondary
Sander Naudts wrote:
> Why not change target version to 2.9.9... sorry just little frustrating that this doesn't get... Lars Jorgensen

10/12/2017

11:42 PM Bug #6882: bsnmpd uses all available CPU with hostres module active in some cases
It should be noted that when upgrading, if the host resources MIB was already selected BEFORE the upgrade, it will re... Stéphane Lapie
09:51 PM Bug #7936: bridge network interface does not support altq on 2.4.0-RELEASE
That is true, but all interfaces assigned to bridge0 are igbx, will retest tomorrow John Schneider
09:13 PM Bug #7936 (Rejected): bridge network interface does not support altq on 2.4.0-RELEASE
bridge0 is not igbX. Jim Pingle
09:07 PM Bug #7936 (Resolved): bridge network interface does not support altq on 2.4.0-RELEASE
The bridge interface is currently not being built with altq support enabled. This leads to a situation where the user... John Schneider
07:28 PM pfSense Packages Bug #7935 (Resolved): FFR doesn't save prefix lists to bgpd.conf
Prefix lists referenced in route-maps or directly do not work with bgp when created using the webui. Have to copy the... Louis McLennan
05:47 PM Bug #7925: VT race condition panic at boot on ESXi 6.5.0U1 and FreeBSD 11.1 base
For information, the same problem occurs in Workstation 12.5.7 (build 5813279), vm hardware version 11.
It happened ... Gianluca Toso
09:18 AM Bug #7925: VT race condition panic at boot on ESXi 6.5.0U1 and FreeBSD 11.1 base
For anyone experiencing this crash in the meantime, adding @kern.vty=sc@ to @/boot/loader.conf.local@ is confirmed to... Jim Pingle
04:38 PM Feature #7934: format support phone# for international use
Assigned to sdavis. This is a server-side issue Anonymous
04:10 PM Feature #7934 (New): format support phone# for international use
In the new 2.4.0 release, the Netgate Services and Support dashboard gadget shows the phone# to call. (Good idea, bt... Adam Thompson
03:00 PM Revision 855aab21: Merge branch 'master' into add-cloudns-to-dynamicdns
Wagner Sartori Junior
02:47 PM Feature #7643: Send notification when boot completed
I also think that would be very useful function. Luca Moncelli
02:26 PM Bug #7933: There were error(s) loading the rules: pfctl: vtnet0: driver does not support altq - The line in question reads [0]:
Doesn't make a difference, still the same bug on the same version. If it was closed, you might have a point but it's ... Jim Pingle
02:23 PM Bug #7933: There were error(s) loading the rules: pfctl: vtnet0: driver does not support altq - The line in question reads [0]:
Maybe, but the bugs remains on release 2.4.0-RELEASE (amd64), that was for 2.4 BETA and 2.4 RC. Albert Lightware
02:18 PM Bug #7933 (Duplicate): There were error(s) loading the rules: pfctl: vtnet0: driver does not support altq - The line in question reads [0]:
Duplicate of #7594 Jim Pingle
02:03 PM Bug #7933: There were error(s) loading the rules: pfctl: vtnet0: driver does not support altq - The line in question reads [0]:
To let you now my configuration was working nice on 2.3.4-RELEASE-p1 Albert Lightware
02:01 PM Bug #7933 (Duplicate): There were error(s) loading the rules: pfctl: vtnet0: driver does not support altq - The line in question reads [0]:
After a clean installation to have zfs filesystem, I restored my configuration, and there is no internet connection c... Albert Lightware
02:19 PM Bug #4479: Firewall rules won't match GRE interface after applying IPSEC transport encryption on GRE tunnel
Michael OBrien wrote:
> Any chance 2.4.0, with the FreeBSD 11.1 ipsec changes, may resolve this?
Just loaded up 2... Michael OBrien
12:03 PM pfSense Packages Bug #7932: 2.4.0 & Snort 3.2.9.5_1 Pass Lists
https://forum.pfsense.org/index.php?topic=137921.0 Andy Kniveton
12:02 PM pfSense Packages Bug #7932: 2.4.0 & Snort 3.2.9.5_1 Pass Lists
Please also post that in the IDS/IPS board of the forum so the package maintainer has a higher chance of seeing it:
... Jim Pingle
11:53 AM pfSense Packages Bug #7932 (Resolved): 2.4.0 & Snort 3.2.9.5_1 Pass Lists
The following appears under Assigned Alias header :-
Project-Id-Version: PACKAGE VERSION Report-Msgid-Bugs-To: POT... Andy Kniveton
11:48 AM Bug #7931 (Not a Bug): Error: SyntaxError: Unexpected token < in JSON at position 0
Most likely it was old/cached data in your browser and the refresh let it pick up new copies. We have added some prot... Jim Pingle
11:46 AM Bug #7931: Error: SyntaxError: Unexpected token < in JSON at position 0
After a refresh the error is gone btw Christian M.
11:44 AM Bug #7931 (Duplicate): Error: SyntaxError: Unexpected token < in JSON at position 0
After Upgrading to 2.4.0 this error is shown in the Traffic Graph Widget on the Dashboard
@Error: SyntaxError: Une... Christian M.
11:15 AM Feature #7930 (Rejected): Upgrade notification
Sending an e-mail notification for that from the firewall itself isn't really a good idea. There are many other ways ... Jim Pingle
11:13 AM Feature #7930 (Rejected): Upgrade notification
It would be nice if there was some sort of alerting or notification when pfSense has a new upgrade available (via ema... Joshua Craft
10:55 AM Bug #4310: Limiters + HA results in hangs on secondary
We expected to have more time before 2.4.1 but we need to have it out in a week or so, there isn't time to get to thi... Jim Pingle
10:53 AM Bug #4310: Limiters + HA results in hangs on secondary
Why not change target version to 2.9.9... sorry just little frustrating that this doesn't get fixed. Sander Naudts
10:36 AM Feature #7926: limit clog -f look-back size
You'd be surprised, there are a number of them out there on CF, USB sticks and the like, and some of them have opted ... Jim Pingle
10:33 AM Feature #7926: limit clog -f look-back size
Thanks, Jim. That would be a perfectly acceptable solution, with a whole bunch of side benefits.
Especially since I... Adam Thompson
10:28 AM Bug #7786: traffic shaping queue on WAN wont allow total of all child to be 100%
i think this requires some php code changes only as the web gui doesnt allow, the shaper itself is fine with it when ... Bipin Chandra
09:46 AM Bug #7786: traffic shaping queue on WAN wont allow total of all child to be 100%
Moving target to 2.4.2 as we need 2.4.1 sooner than anticipated. Jim Pingle
10:23 AM Bug #7474 (Resolved): Problems adding gateway from interface edit
Jim Pingle
10:09 AM Bug #4031: Notifications mail bomb in some gateway failure circumstances
Moving target to 2.4.2 as we need 2.4.1 sooner than anticipated. Jim Pingle
10:02 AM Bug #6420 (Resolved): Monitoring graphs last sample being zero
Jim Pingle
10:01 AM Feature #7823: Pull request: Add support for dynamic DNS provider ClouDNS
conflict is fixed. Wagner Sartori Junior
09:46 AM Feature #7823: Pull request: Add support for dynamic DNS provider ClouDNS
The PR has conflicts that need resolved.
Moving target to 2.4.2 as we need 2.4.1 sooner than anticipated. Jim Pingle
09:55 AM Bug #7079: ClamAV C-ICAP causing Kernel Panic and System Crash
This should be re-tested on 2.4.0-RELEASE, the newer FreeBSD 11.1 base has a patch for that crash, I believe. Also it... Jim Pingle
09:52 AM Bug #7213 (Feedback): Hyper-V install, no disk found
Please retry this on 2.4.0-RELEASE which uses a FreeBSD 11.1 base and it has several fixes for Hyper-V. Jim Pingle
09:51 AM Bug #7412: rtsold will not run on VLAN interfaces
Moving target to 2.4.2 as we need 2.4.1 sooner than anticipated. Jim Pingle
09:51 AM Bug #7413: status_dhcpv6_leases.php: Some DHCPv6 leases are not displayed in the GUI
Moving target to 2.4.2 as we need 2.4.1 sooner than anticipated. Jim Pingle
09:51 AM Bug #7425: dhclient not sending option 77
Moving target to 2.4.2 as we need 2.4.1 sooner than anticipated. Jim Pingle
09:49 AM Bug #7439: IKE_SA (IKEv2) does not rekey on break before make startegy, just issues IKE_DELETE and connection is closed
There is a new version of strongSwan on 2.4.0-RELEASE, please make this is still happening there.
Moving target to 2... Jim Pingle
09:48 AM Feature #7467: Add iPhone/Android/Generic USB tethering support
Moving target to 2.4.2 as we need 2.4.1 sooner than anticipated. Jim Pingle
09:48 AM Bug #7469: local_sync_accounts() slowness can trigger GUI/XMLRPC failures with many accounts
Moving target to 2.4.2 as we need 2.4.1 sooner than anticipated. Jim Pingle
09:47 AM Bug #7480: pkg framework - textarea on rowhelperfield errors
Moving target to 2.4.2 as we need 2.4.1 sooner than anticipated. Jim Pingle
09:47 AM Bug #7481: pkg-framework - rowhelper ignores <advancedfield/>
Moving target to 2.4.2 as we need 2.4.1 sooner than anticipated. Jim Pingle
09:47 AM Bug #7532: SG-1000 autonegotiation 10baseT speed and duplex
Moving target to 2.4.2 as we need 2.4.1 sooner than anticipated. Jim Pingle
09:47 AM Bug #7605: State Killing on Gateway Success
Moving target to 2.4.2 as we need 2.4.1 sooner than anticipated. Jim Pingle
09:47 AM Feature #7623: Allow L2TP user passwords to contain special characters
Moving target to 2.4.2 as we need 2.4.1 sooner than anticipated. Jim Pingle
09:46 AM Bug #7714: NTP Widget Time Display
Moving target to 2.4.2 as we need 2.4.1 sooner than anticipated. Jim Pingle
09:46 AM Todo #7762: Add uid check to pfSense-upgrade and exit unless it is run as uid=0
Moving target to 2.4.2 as we need 2.4.1 sooner than anticipated. Jim Pingle
09:46 AM Bug #7774: No TCP Reply State Established on GRE in IPsec Transport
Moving target to 2.4.2 as we need 2.4.1 sooner than anticipated. Jim Pingle
09:46 AM Bug #7801: UDP fragments received over IPsec tunnel are not properly reassembled and forwarded
Moving target to 2.4.2 as we need 2.4.1 sooner than anticipated. Jim Pingle
09:46 AM Bug #7856: IPsec status does not show all connected mobile clients
Moving target to 2.4.2 as we need 2.4.1 sooner than anticipated. Jim Pingle
09:46 AM Feature #7882: Seperator feature in DHCP Static mapping for this feature
Moving target to 2.4.2 as we need 2.4.1 sooner than anticipated. Jim Pingle
09:46 AM Bug #7885: Cert. Manager should validate EKUs on importing a certificate authority
Moving target to 2.4.2 as we need 2.4.1 sooner than anticipated. Jim Pingle
09:46 AM Bug #7905: OpenVPN Authentication Against Backend Stalls All Server Traffic
Moving target to 2.4.2 as we need 2.4.1 sooner than anticipated. Jim Pingle
06:31 AM Feature #7321 (Resolved): DynDNS - Add DreamHost DNS support
Renato Botelho
01:43 AM Bug #7929 (Resolved): IPSec CA certificate name corrupt if multiple RDNs of the same type are in subject name
When the CA certificate subject is converted to OSF style, but multiple RDN components of the same type are in the su... Daniel Sands

10/11/2017

07:27 PM Feature #7321: DynDNS - Add DreamHost DNS support
OK - I do see that it made it into the 2.4.0 Git branch. I didn't see it listed at https://redmine.pfsense.org/versi... Frank Gruman
06:08 PM Bug #7928 (Resolved): LAGG interfaces lose MAC address
LAGG interfaces lose their MAC address, normally inherited from the first member, if all links are disconnected and t... Steve Wheeler
03:03 PM Bug #7927 (Closed): (filterdns), uid 0: exited on signal 11 (core dumped)
#Problem:
With 2.4, and also with 2.4.1, I am seeing frequent error messages
> kernel: pid 12918 (filterdns),... Chase Turner
02:21 PM Bug #7015: IPsec not working behind NAT
The problem I reported above occurs when the Phase 2 IPv6 Tunnel "Local Network" is set to "LAN subnet", and therefor... David Myers
12:57 PM Feature #7926: limit clog -f look-back size
The way clog reads the records it has to figure out where the start is and then unwind it from there, so it doesn't e... Jim Pingle
12:47 PM Feature #7926: limit clog -f look-back size
FWIW, I'm thinking of "tail -f"'s behaviour, where it only tail's the last ~10 lines (I think most implementations de... Adam Thompson
12:44 PM Feature #7926 (Closed): limit clog -f look-back size
I've configured the system log files to be substantially larger than normal, in order to get some reasonable retentio... Adam Thompson
12:51 PM Bug #7925 (Feedback): VT race condition panic at boot on ESXi 6.5.0U1 and FreeBSD 11.1 base
The fix is already merge and will be available on next snapshot. Luiz Souza
09:21 AM Bug #7925 (Resolved): VT race condition panic at boot on ESXi 6.5.0U1 and FreeBSD 11.1 base
Some users occasionally encounter a panic during OS hardware detection on 2.4 running under ESXi 6.5.0 U1 (Build 6765... Jim Pingle
12:24 PM pfSense Packages Bug #7923: 502 Bad Gateway and unresponsive OS with 2.4
If it's happening on 2.4.0 and started around that time, it's likely related to the FreeBSD 11.1 change and not the I... Jim Pingle
10:53 AM pfSense Packages Bug #7923: 502 Bad Gateway and unresponsive OS with 2.4
Jim Pingle wrote:
> The affected code was on 2.4.0 for a couple days but is no longer there now. Current 2.4.0-RC sn... Chad Brandenburg
10:35 AM pfSense Packages Bug #7923: 502 Bad Gateway and unresponsive OS with 2.4
The affected code was on 2.4.0 for a couple days but is no longer there now. Current 2.4.0-RC snapshots and the actua... Jim Pingle
10:28 AM pfSense Packages Bug #7923: 502 Bad Gateway and unresponsive OS with 2.4
Jim Pingle wrote:
> At the moment, the only change in 2.4.1 that isn't in 2.4.0 that might be relevant is #7856
>
... Chad Brandenburg
07:13 AM pfSense Packages Bug #7923: 502 Bad Gateway and unresponsive OS with 2.4
At the moment, the only change in 2.4.1 that isn't in 2.4.0 that might be relevant is #7856
And since we already k... Jim Pingle
06:21 AM pfSense Packages Bug #7923 (Resolved): 502 Bad Gateway and unresponsive OS with 2.4
Multiple users complaining that following the infamous 502 Bad Gateway, they eventually are unable to do anything wit... Kill Bill
08:36 AM Bug #7924 (Rejected): DHCP Server fails to start after updating to 2.4.0.r.20171009.1758
You must have upgraded to a snapshot that was broken before that one. You'll need to fix your local installation manu... Jim Pingle
08:29 AM Bug #7924 (Rejected): DHCP Server fails to start after updating to 2.4.0.r.20171009.1758
After upgrading to 2.4.0.r.20171009.1758, the DHCP server fails with the following error message:
Can't attach int... Jeff Wischkaemper
07:17 AM Bug #7856 (Assigned): IPsec status does not show all connected mobile clients
It looks like this change caused a regression, see #7923
Also one person on the forum reported that the status bre... Jim Pingle
02:21 AM Bug #7272: 6rd not functioning on 2.4.0-BETA
I can confirm that my issue has been fixed (Altibox Norway ISP). Thank you very much! Paal Andreas Lindsetmo
12:41 AM Revision 8239af2d: xmlrpc, webgui, prevent that a xmlrpc.lock is placed that is never unlocked, thus hanging php and the webgui after a few more sync request are trying to acquire the lock and all are waiting..
Pi Ba

10/10/2017

06:36 PM Feature #7922 (New): Add the option to select the ISP IPv6 Delegated Prefix as a destination in firewall rules
It would be useful to have the option to use the ISP delegated prefix (/48, /56, etc) from DHCPv6-PD as a destination... Scott D
06:13 PM Bug #7921: Reset All States on WAN IP Change does not stay unchecked when disabled in GUI
Current Base System 2.4.0.r.20171009.1800 Paighton Bisconer
06:12 PM Bug #7921 (Resolved): Reset All States on WAN IP Change does not stay unchecked when disabled in GUI
Under System > Advanced > Networking, the new option to reset all sates when a WAN IP changes does not stay unchecked... Paighton Bisconer
10:55 AM Revision 4183c042: Add new repos to lead users to 2.4.0 on amd64
Renato Botelho
10:50 AM Revision de2312f5: Welcome 2.4.0-RELEASE again. This time based on FreeBSD 11.1
Renato Botelho
10:47 AM Revision 9615f091: Update translation files
Renato Botelho
10:47 AM Revision 8a5ca070: Regenerate pot
Renato Botelho
10:40 AM Revision 2448d0fc: Update translation files
Renato Botelho
10:36 AM Revision ac9e9abb: Regenerate pot
Renato Botelho
07:17 AM Revision 10085279: Add filtering to pfTop page
→ luckman212
05:22 AM Bug #7779: Traffic crossing a site-to-site OpenVPN tunnel fails to fragment.
We were able to disprove the situation with OpenVPN disabled. The initial description still holds. Steve Wheeler
05:15 AM Bug #7920 (Not a Bug): Logos Missing and wrong size
Renato Botelho
03:20 AM Bug #7920: Logos Missing and wrong size
Resolved
Browser cache... duh! Martin Wasley
02:43 AM Bug #7920: Logos Missing and wrong size
Forgot to add this is on 2.4.1.a.20171009.1853 Martin Wasley
02:42 AM Bug #7920 (Not a Bug): Logos Missing and wrong size
pfSense logo is the wrong size on the login screen, appears far too large. It's missing completely from the other pag... Martin Wasley
04:15 AM Bug #7841: CARP Sync Issue - when no internet on standby
Hi Jim,
I had the same issue when using a PfSense cluster with CARP with a /32 Public IP Allocation. I think lot o... Yann Tintignac

10/09/2017

10:51 PM Revision fd47fb02: Remove old custom logos
Renato Botelho
10:51 PM Revision 06a1b081: Remove old custom logos
Renato Botelho
10:43 PM Revision f9a6637a: Use include() to add logo content and use complete path
Renato Botelho
10:43 PM Revision fe8922b8: Use include() to add logo content and use complete path
Renato Botelho
10:36 PM Revision 4c072afb: update NYI logos
Jared Dillard
10:36 PM Revision 6244dca8: update svg logos to pull from file
Jared Dillard
08:55 PM Revision f2fd97c8: update NYI logos
Jared Dillard
08:46 PM Revision 9ae8ade5: update svg logos to pull from file
Jared Dillard
08:38 PM Revision 71e01ef0: Update obsoleted files list for 2.4
Renato Botelho
08:38 PM Revision f0d9e40e: Update obsoleted files list for 2.4
Renato Botelho
08:05 PM Revision 32fb158e: Custom logo is a svg and a css files now
Renato Botelho
08:05 PM Revision c8735982: Custom logo is a svg and a css files now
Renato Botelho
06:56 PM Revision e3acd13d: Do not reset SKIP_FINAL_RSYNC, it can make things to go to undesired place
Renato Botelho
06:56 PM Revision d01d2e79: Do not reset SKIP_FINAL_RSYNC, it can make things to go to undesired place
Renato Botelho
06:56 PM Revision 6c6c5b31: Do not reset SKIP_FINAL_RSYNC, it can make things to go to undesired place
Renato Botelho
06:56 PM Revision f19faa6d: Do not reset SKIP_FINAL_RSYNC, it can make things to go to undesired place
Renato Botelho
03:17 PM Revision 2d32e50b: Disable ARJ option
Renato Botelho
03:17 PM Revision 45b84395: Disable ARJ option
Renato Botelho
01:47 PM Bug #7919 (Resolved): Logging not working
Luiz pushed some fixes to clog to correct this, next new snapshot we're testing internally is good. Jim Pingle
10:55 AM Bug #7919: Logging not working
https://forum.pfsense.org/index.php?topic=137672.msg752928#msg752928
 Kill Bill
08:40 AM Bug #7919: Logging not working
It's also possible syslogd is writing bad data to the file which breaks the clog format, so maybe the syslogd clog pa... Jim Pingle
08:38 AM Bug #7919 (Confirmed): Logging not working
It looks like clog is failing to recognize its own file header somehow.... Jim Pingle
08:36 AM Bug #7919 (Resolved): Logging not working
On new installs logging is failing with:... Steve Wheeler
12:49 PM Bug #4479: Firewall rules won't match GRE interface after applying IPSEC transport encryption on GRE tunnel
Any chance 2.4.0, with the FreeBSD 11.1 ipsec changes, may resolve this? Michael OBrien
11:39 AM Bug #7907: Cannot edit IPv4 and IPv6 Local Networks after tunnel creation
You can open a new bug report for that with an appropriate title/description, rather than re-using this one which was... Jim Pingle
10:30 AM Revision 39d413fa: Remove grub2-bhyve for now
Renato Botelho
10:30 AM Revision 07998395: Remove grub2-bhyve for now
Renato Botelho
09:38 AM Bug #7015: IPsec not working behind NAT
I’m still seeing problems with IPv6 tunneling over an IPv4 IPsec connection, but the symptoms are different from what... David Myers
04:07 AM Bug #7917: GUI shows "There are no packages currently installed" when repos are unreachable
Stephane Debreuil wrote:
> Same issue. It appears after upgrade to 2.4.0.r.20171007.0850 (from 2.4.0.r.20171004.xxxx... Kill Bill
01:57 AM Bug #7917: GUI shows "There are no packages currently installed" when repos are unreachable
Same issue. It appears after upgrade to 2.4.0.r.20171007.0850 (from 2.4.0.r.20171004.xxxx).
 S. Debreuil
03:32 AM Bug #7918 (Not a Bug): Nightly error reloading rules
A while ago, I started getting the same notice in my logs every night at the same time. Most of my external servers r... Michael Lustfield

10/08/2017

11:14 PM Bug #7907: Cannot edit IPv4 and IPv6 Local Networks after tunnel creation
I figured out what the issue is. When "redirect gateway" option is checked the fields for local networks are hidden,... John Silva
06:44 PM Revision 75cc9f81: Remove grub2-bhyve for now
Renato Botelho
06:44 PM Revision 9ce60a31: Remove grub2-bhyve for now
Renato Botelho
05:33 PM Bug #6852: Commit 8f86722 breaks DHCPv6 leases status page
Duplicate of Bug #7413 Kill Bill
04:59 PM Bug #7917 (Resolved): GUI shows "There are no packages currently installed" when repos are unreachable
!https://image.prntscr.com/image/O75ZDOwbT8KKiypUxRhaWQ.png!... Kill Bill
03:36 PM Bug #7413: status_dhcpv6_leases.php: Some DHCPv6 leases are not displayed in the GUI
Jim Pingle wrote:
> I agree, but last I looked OMAPI didn't quite do everything we need. ... That may have changed ... Kill Bill
02:17 PM Bug #7413: status_dhcpv6_leases.php: Some DHCPv6 leases are not displayed in the GUI
I agree, but last I looked OMAPI didn't quite do everything we need, plus it required making a program in C to interf... Jim Pingle
02:04 PM Bug #7413: status_dhcpv6_leases.php: Some DHCPv6 leases are not displayed in the GUI
Am I the only one thinking that this absolutely unreadable regex madness needs to go to /dev/null and ISC DHCP server... Kill Bill
10:54 AM Feature #7814: Unbound serve-expired please add to GU as tickbox
yeah I should have updated, martin did the work. Chris Collins
05:45 AM Feature #7814: Unbound serve-expired please add to GU as tickbox
https://github.com/pfsense/pfsense/pull/3817
 Kill Bill
10:44 AM Feature #7321: DynDNS - Add DreamHost DNS support
Frank Gruman wrote:
> I'm pretty interested in finally seeing this delivered. The pull request was accepted into ma... Kill Bill
08:36 AM Bug #6420: Monitoring graphs last sample being zero
Been fixed with https://github.com/pfsense/FreeBSD-ports/commit/5b20ed3661e6dc6d8b8d3c78aab5784556cc0dc3 almost a yea... Kill Bill
05:15 AM Bug #6848: Do not create an IPv4/6 gateway for an interface without according IPv4/6 address
Related forum discussion and PR:
https://forum.pfsense.org/index.php?topic=137317.0
https://github.com/pfsense/pfse... Kill Bill
04:55 AM Bug #6860: Monitoring (RRD) graphs return "unknown" step value
Jared Dillard wrote:
> Needs step 1800 added: https://forum.pfsense.org/index.php?topic=117036.msg695224#msg695224
... Kill Bill

10/07/2017

05:20 PM Bug #7916: There were error(s) loading the rules: pfctl: ix0: driver does not support altq - The line in question reads [0]: | Intel X520-DA2
Please try a recent 2.4 snapshot. Jim Thompson
04:59 PM Bug #7916 (Duplicate): There were error(s) loading the rules: pfctl: ix0: driver does not support altq - The line in question reads [0]: | Intel X520-DA2
Today i installed a new pfSense Firewall with an Intel X520-DA2 10GB Adapter. After setup the traffic shaper i got th... Roman Fidi
03:17 PM Bug #7913 (Resolved): Applying wizard for creating Traffic Shapers with PRIQ and Prioritize VoIP traffic doesn't create qVoIP and Floating Rule
Fixed in current snapshots Jim Pingle
01:49 PM Revision 8b69a5b0: Update pfsense small logo
Renato Botelho
01:49 PM Revision 869d86b0: Update pfsense small logo
Renato Botelho
01:48 PM Revision be50d028: Update pfsense small logo
Renato Botelho
01:48 PM Revision 01318817: Update pfsense small logo
Renato Botelho

10/06/2017

11:17 PM Bug #7915 (Resolved): CBQ Child queue set bandwidth does not apply correctly
Example:
LAN interface -> create 2 direct children qLink for the local traffic then qInternet that will house more c... Pushapraj Bhamra
11:03 PM Bug #7645: SG-1000 VLAN interfaces do not work without promisc mode
Confirmed. VLANs are functional again on the latest snapshot without needing to use promisc mode. Jim Pingle
08:03 PM Bug #7645: SG-1000 VLAN interfaces do not work without promisc mode
Fixed in the latest snapshot. Luiz Souza
09:41 AM Bug #7645: SG-1000 VLAN interfaces do not work without promisc mode
Upgraded to latest release candidate
2.4.0-RC (arm)
built on Thu Oct 05 21:17:11 CDT 2017
FreeBSD 11.1-RELEASE-p... Christian Carrier
09:18 PM Feature #7321: DynDNS - Add DreamHost DNS support
I'm pretty interested in finally seeing this delivered. The pull request was accepted into master 5 months ago. Is ... Frank Gruman
08:07 PM Bug #7015: IPsec not working behind NAT
Please re-test with a recent 2.4.0-RC image based on FreeBSD 11.1.
There are significant improvements in this area... Luiz Souza
05:06 PM Revision 05c41986: If ECL picks up a config on the first boot post-install, trigger a package sync and don't run the wizard.
(cherry picked from commit 695f7d5c054b7df724ea4fd6883a29a2da60cca5)
(cherry picked from commit 661c5b7f6a80e9a281939... Jim Pingle
05:06 PM Revision 7d9248c1: If ECL picks up a config on the first boot post-install, trigger a package sync and don't run the wizard.
(cherry picked from commit 695f7d5c054b7df724ea4fd6883a29a2da60cca5)
(cherry picked from commit 661c5b7f6a80e9a281939... Jim Pingle
05:06 PM Revision 661c5b7f: If ECL picks up a config on the first boot post-install, trigger a package sync and don't run the wizard.
(cherry picked from commit 695f7d5c054b7df724ea4fd6883a29a2da60cca5) Jim Pingle
05:06 PM Revision 695f7d5c: If ECL picks up a config on the first boot post-install, trigger a package sync and don't run the wizard.
Jim Pingle
03:44 PM Bug #7914 (Resolved): External Config Locator does not trigger a package sync or clear the wizard, so it does not result in a functional and expected restore
Restoring a configuration via the External Config Locator (ECL) does not trigger a package sync, so if the restore co... Jim Pingle
01:53 PM Revision e94ca10f: Unbreak PRIQ queue creation for VoIP, Penalty Box, and P2P options. Fixes #7913
(cherry picked from commit 10e93284be3cd62fe871710205e61de0e36dcc2f) Jim Pingle
01:52 PM Revision 10e93284: Unbreak PRIQ queue creation for VoIP, Penalty Box, and P2P options. Fixes #7913
Jim Pingle
11:42 AM Revision fed79d56: Update translation files
Renato Botelho
11:42 AM Revision 8484fbab: Regenerate pot
Renato Botelho
11:30 AM Revision 9c33d1b7: Update translation files
Renato Botelho
11:25 AM Revision 12b2aa0b: Regenerate pot
Renato Botelho
09:00 AM Bug #7913 (Feedback): Applying wizard for creating Traffic Shapers with PRIQ and Prioritize VoIP traffic doesn't create qVoIP and Floating Rule
Applied in changeset commit:10e93284be3cd62fe871710205e61de0e36dcc2f. Jim Pingle
08:58 AM Bug #7913: Applying wizard for creating Traffic Shapers with PRIQ and Prioritize VoIP traffic doesn't create qVoIP and Floating Rule
This was caused by commit:7798eb1e6ac48963a2785b449306cb49c942381f - I just pushed a fix that changes the tests a bit... Jim Pingle
08:22 AM Bug #7913 (Resolved): Applying wizard for creating Traffic Shapers with PRIQ and Prioritize VoIP traffic doesn't create qVoIP and Floating Rule
For 2.3.4_p1 traffic shaper wizard with PRIQ and enabling VoIP creates qVoIP and Floating Rule
pfctl -sa ALTQ:
queu... Azamat Khakimyanov
03:47 AM Revision 4f62b7c0: Don't create vestigial gateways, alt. approach
→ luckman212

10/05/2017

01:35 PM Revision 4120969b: Simplify logic
Renato Botelho
01:35 PM Revision 101a3d62: Simplify logic
Renato Botelho
01:27 PM Revision fa3208ee: Sort pfSense.obsoletedfiles
Renato Botelho
01:27 PM Revision 31c8b40b: Only show copynotice when version changes
Renato Botelho
01:25 PM Revision 9389398b: Sort pfSense.obsoletedfiles
Renato Botelho
01:25 PM Revision 5e3d8bf1: Only show copynotice when version changes
Renato Botelho
05:22 AM Bug #7912 (Resolved): LDAP Test Results modal doesn't comply with theming
Under "System > User Manager > Settings > Save & Test", there are sections that seem to only partially comply with th... Zachary Hill

10/04/2017

01:49 PM Todo #7911: Suricata missing dropsid sample file in SID Mgmt
Dan Collins wrote:
> Try a fresh install and none of the sample files are there.
That did not work, they are stil... Kill Bill
01:21 PM Todo #7911: Suricata missing dropsid sample file in SID Mgmt
Try a fresh install and none of the sample files are there. Dan Collins
01:13 PM Todo #7911 (Rejected): Suricata missing dropsid sample file in SID Mgmt
Jim Pingle
01:11 PM Todo #7911: Suricata missing dropsid sample file in SID Mgmt
Not really.
!https://image.prntscr.com/image/3cJ2VqXiSTmxQxOSiBZEDw.png!
Please post to the forums until you ha... Kill Bill
11:56 AM Todo #7911 (Rejected): Suricata missing dropsid sample file in SID Mgmt
Suricata - sample dropsid_sample.conf file no longer included in SID Mgmt files. Dan Collins
11:52 AM Feature #7910 (Duplicate): Notification GUI
I would like to see a GUI showing a list of alerts and the ability to turn them on/off from sending email. Dan Collins
10:15 AM Bug #7629 (Resolved): FreeBSD PR affecting pfsense
Moving target to 2.4.0 as this appears to be fixed by FreeBSD 11.1, which is now used by 2.4.0 Jim Pingle
10:10 AM Bug #7839: IPv6 ICMPv6 Type 3 Code 0 (hop limit exceeded in transit) reply uses wrong address.
Moving target to 2.4.0 as this appears to be fixed by FreeBSD 11.1, which is now used by 2.4.0 Jim Pingle
07:53 AM Bug #7825: missing "BACKUP" in CARP status with IPv6
I just tried this again and the procedure you list still doesn't result in the same outcome here. Try it again on 2.4... Jim Pingle
07:52 AM Bug #7909 (Duplicate): XMLRPC: missing "BACKUP" in CARP status with IPv6
Duplicate of #7825
Don't open a duplicate bug, the other one is still open, just in a feedback state. Jim Pingle
01:45 AM Bug #7909 (Duplicate): XMLRPC: missing "BACKUP" in CARP status with IPv6
Hi everyone,
as i am not able to reopen the ticket #7825 -- here we go again ;)
The descriptive text ("BACKUP") n... Helge Wiethoff

10/03/2017

10:49 PM Revision 807160e9: VirtualIP, FIX, VIPs should have a <uniqueid> property inside the config.xml, however if they are added as 'proxy-arp' or 'other' and then modified to ipalias or carp, the uniqueid stays empty.
Pi Ba
06:49 PM Feature #7904: Automatic Bandwidth Limiter on Dummynet
Thanks Jim(s) ;)
A bounty has been created for this project to be completed and submitted to be added to pfSense. ... duev s
06:23 PM Revision 962faafa: Make devel repo point to 2.4.0 as well
Renato Botelho
03:35 PM Revision c604b571: Fix PPP log reference in status.php
(cherry picked from commit 35e5c404ef0d03d40eeac7f5a33f43da0d3ac6fc)
(cherry picked from commit 69ed1107fac3c256695d9... Jim Pingle
03:35 PM Revision e9ec739b: Fix PPP log reference in status.php
(cherry picked from commit 35e5c404ef0d03d40eeac7f5a33f43da0d3ac6fc)
(cherry picked from commit 69ed1107fac3c256695d9... Jim Pingle
03:35 PM Revision 69ed1107: Fix PPP log reference in status.php
(cherry picked from commit 35e5c404ef0d03d40eeac7f5a33f43da0d3ac6fc) Jim Pingle
03:34 PM Revision 35e5c404: Fix PPP log reference in status.php
Jim Pingle
09:23 AM Bug #7908: "Kill filtered states" button has no effect
Yes, unless you are killing states from a serial or VGA console, your own IP address will always show up as you're co... Jim Pingle
09:20 AM Bug #7908: "Kill filtered states" button has no effect
Erm, eh... you'll need to NOT refresh... like, you are recreating those states when you refresh the page. Kill Bill
09:06 AM Bug #7908: "Kill filtered states" button has no effect
There is my own IP address in the box.
Effectively, if I specify another IP address, it works. But not with my own. Alban Cousinié
08:46 AM Bug #7908 (Rejected): "Kill filtered states" button has no effect
What exactly did you have in the box? It only kills properly if you enter an IP address or subnet. The description ma... Jim Pingle
08:35 AM Bug #7908 (Rejected): "Kill filtered states" button has no effect
In pfsense 2.4.0-RC, when I attempt to kill states using the "Kill filtered states" button in the Diagnostics / State... Alban Cousinié

10/02/2017

11:13 PM Revision 28837c4d: Fix path
Renato Botelho
11:12 PM Revision f2daa63c: Fix path
Renato Botelho
07:11 PM Revision 3d90abca: Revert "Welcome pfSense 2.4.0-RELEASE"
This reverts commit b6d433fdfc25b404693b85e9086d716db7d76460. Renato Botelho
07:05 PM Revision 388b6303: Revert "Add new repos to lead users to 2.4.0 on amd64"
This reverts commit 42eecfeff0f6c1326a7dd7669cb48a7eccead0a6. Renato Botelho
04:52 PM Revision 42eecfef: Add new repos to lead users to 2.4.0 on amd64
Renato Botelho
12:27 PM Bug #7907 (Not a Bug): Cannot edit IPv4 and IPv6 Local Networks after tunnel creation
I can't reproduce anything like that here. The fields show up when editing existing tunnels that can push. Perhaps th... Jim Pingle
11:57 AM Bug #7907 (Not a Bug): Cannot edit IPv4 and IPv6 Local Networks after tunnel creation
IPv4 and IPv6 Local Networks may be specified when tunnel is created but is not exposed when editing existing tunnel ... John Silva
10:26 AM Bug #7754 (Not a Bug): Cannot access "WebCfg - OpenVPN: Client Export Utility" without also granting access to "WebCfg - OpenVPN: Servers"
It's working as designed. The export package has no menu entry, so they can't see any menu entry for it.
Users wil... Jim Pingle
10:25 AM Bug #7754: Cannot access "WebCfg - OpenVPN: Client Export Utility" without also granting access to "WebCfg - OpenVPN: Servers"
tqwqllrm tqwqllrm wrote:
> I tried to create a local group for admins with limited access and I only want that group... tqwqllrm tqwqllrm
08:15 AM Bug #7906: Dashboard Version Info Inconsistency
I'll post on the forum then, but it's still a bug, if perhaps one of a different color: the GUI System Update reporte... Jeff Morris
08:08 AM Bug #7906 (Not a Bug): Dashboard Version Info Inconsistency
Some component failed in your upgrade. Please post on the forum, mailing list, or reddit and someone can help you get... Jim Pingle
08:07 AM Bug #7906: Dashboard Version Info Inconsistency
Apologies, please disregard my original dashboard screenshot, I unintentionally captured it while it was still displa... Jeff Morris
08:04 AM Bug #7906 (Not a Bug): Dashboard Version Info Inconsistency
I was previously running pfSense-CE-2.3.3-RELEASE-4g-i386-nanobsd and used System Update from the GUI to upgrade to 2... Jeff Morris
07:59 AM Bug #7905: OpenVPN Authentication Against Backend Stalls All Server Traffic
Looks like it's a known issue with the nature of auth-user-pass-verify that OpenVPN does not plan to address: https:/... Jim Pingle
03:54 AM pfSense Packages Feature #7895: Add a script for CARP monitoring to NRPE
Little fix, the current plugin did not set the return code upon exiting. Stéphane Lapie

10/01/2017

05:29 PM Feature #7904 (Needs Patch): Automatic Bandwidth Limiter on Dummynet
It's possible in some specific circumstances, but I don't see one of those being a way that would work properly with ... Jim Pingle
12:00 PM Feature #7904: Automatic Bandwidth Limiter on Dummynet
Thanks Jim!
I really think this would be a highlight feature for pfSense.
It would be very effective traffic ... duev s
11:22 AM Feature #7904: Automatic Bandwidth Limiter on Dummynet
Actually, it seems completely possible. Van Jacobson’s “pathchar” showed so 20 years ago.
https://www.caida.org/t... Jim Thompson
11:03 AM Feature #7904: Automatic Bandwidth Limiter on Dummynet
The idea isn't to use a speedtest.net to monitor actual bandwidth, but to monitor ping latency to see if the dummynet... duev s
10:49 AM Feature #7904 (Rejected): Automatic Bandwidth Limiter on Dummynet
It's not possible. The firewall has no way to determine the actual circuit speed, it must be set manually. A speed te... Jim Pingle
09:33 AM Feature #7904 (Needs Patch): Automatic Bandwidth Limiter on Dummynet
Add an automatic bandwidth limiter to pfSense that dynamically limits Down and Up speeds on WAN based on latency in o... duev s
04:13 PM Bug #7905 (Resolved): OpenVPN Authentication Against Backend Stalls All Server Traffic
When authenticating an OpenVPN Remote Access server against an authentication backend such as RADIUS, all traffic on ... Chris Linstruth

09/30/2017

10:53 AM pfSense Packages Feature #7903 (New): Duo ssh package
When trying to compile the Duo ssh package I get errors. After fixing these, I cannot get the sshd configs to stick o... Jaosn Beitler
08:23 AM Feature #7881: OpenVPN client - add support for multiple server entries
Brendon Baumgartner wrote:
> I think to implement this is by setting the server to Other towards the top and leaving... Jim Pingle
02:00 AM Feature #7881: OpenVPN client - add support for multiple server entries
I think to implement this is by setting the server to Other towards the top and leaving the field blank. Then using t... Brendon Baumgartner
04:45 AM pfSense Packages Bug #6129: zabbix agent/proxy 2.4 not ported to pfSense 2.3
Brendon Baumgartner wrote:
> Zabbix proxies have to match the version of the Zabbix server so just supporting LTS he... Pim Janssen
02:02 AM pfSense Packages Bug #6129: zabbix agent/proxy 2.4 not ported to pfSense 2.3
Zabbix agents can be any version.
Zabbix proxies have to match the version of the Zabbix server so just supporting... Brendon Baumgartner

09/29/2017

09:44 PM Revision b7a91a4d: Fix path
Renato Botelho
09:43 PM Revision e3998059: Fix path
Renato Botelho
07:44 PM Revision 433a54ed: Send RELEASE to internal server
Renato Botelho
07:44 PM Revision 6a3df338: Send RELEASE to internal server
Renato Botelho
05:51 PM Revision b6d433fd: Welcome pfSense 2.4.0-RELEASE
Renato Botelho
02:15 PM pfSense Packages Feature #7902 (New): allow vpn client export of other to be a blank field
Under: OpenVPN -> Client Export -> Host Name Resolution -> Other
The Host Name field that appears requires a valu... Brendon Baumgartner
11:51 AM pfSense Packages Bug #7729 (Resolved): pfBlockerNG orders NAT licked rules to the bottom of firewall rules
Jim Pingle
11:34 AM pfSense Packages Bug #7729: pfBlockerNG orders NAT licked rules to the bottom of firewall rules
Merged and fixed since 2.1.1_9 Kill Bill
10:12 AM Bug #4723 (Resolved): Can't forward UDP fragmented packets with scrubbing enabled.
Thanks! Renato Botelho
09:57 AM Bug #4723: Can't forward UDP fragmented packets with scrubbing enabled.
I made the lab in order to reproduce the issue. But could not reproduce one.
I tried to use 2KB frames, and the fram... Constantine Kormashev
10:04 AM pfSense Packages Bug #7893: Kernel Panic Suricata Inline
Additional warning text has been added to the Group Help displayed in the Blocking Mode section of the INTERFACE SETT... Bill Meeks
10:01 AM Bug #7592 (Resolved): SG-1000: Unbound not always restarting properly after changes in /etc/hosts
Anonymous
06:28 AM Bug #7592: SG-1000: Unbound not always restarting properly after changes in /etc/hosts
I found there are error messages in logs, but I can see unbound works fine on latest FW on sg1000
Error messages a... Constantine Kormashev
10:00 AM Bug #7889: The dropdown tabs replacement fallback needs to be limited to certain pages
Pull requests have been submitted for removing the use of the <no_drop_down> tag on the SYNC tab in both the Snort an... Bill Meeks
08:57 AM Bug #7901 (Rejected): Cannot Import Valid SSL Certificate with Private Key
That message means the public key on the certificate does not match the public key stored with the private key. Post ... Jim Pingle
08:41 AM Bug #7901 (Rejected): Cannot Import Valid SSL Certificate with Private Key
I have a wildcard SSL certificate from a vendor using my own private key. This wildcard SSL certificate was successfu... Jarrad S
08:28 AM Bug #7900 (Not a Bug): DynamicDNS Amazon Route53 Not Working
Jim Pingle
06:39 AM Bug #7900: DynamicDNS Amazon Route53 Not Working
It looks like the settings for the HostZonedID input were changed (previously needed to specify a region and hosted z... George 77
06:15 AM Bug #7900 (Not a Bug): DynamicDNS Amazon Route53 Not Working
DynamicDNS Provider Route53 is not updating. Despite the failure, the error detection code doesn't catch that a failu... George 77
07:06 AM Bug #7272 (Resolved): 6rd not functioning on 2.4.0-BETA
Looks like the main problem here is fixed. If any specific problem is found, please open a new ticket with details Renato Botelho
07:05 AM Bug #7719 (Resolved): Dynamic DNS updates not working on interface failover
Works Renato Botelho
07:05 AM Bug #7750 (Resolved): unbound refuses ipv6 queries after reboot
Works Renato Botelho

09/28/2017

04:54 PM Revision de5c66b5: Add copyright notice to dashboard page (but only once per upgrade)
(cherry picked from commit f3c5f4c57362a893868976054c00dd7d9f37e721) Steve Beaver
04:38 PM Revision c731797d: Set kern.cam.boot_delay=10000 on target systems installed using memstick or ISO
Renato Botelho
04:38 PM Revision 286ec1c7: Set kern.cam.boot_delay=10000 on target systems installed using memstick or ISO
Renato Botelho
02:28 PM Revision c56630d7: Increase reserved space for loader/boot to 128Kb to make 8Gb disk size to fit
Renato Botelho
02:28 PM Revision 1b30618f: Default config packages need to have vital flag set too
Renato Botelho
02:27 PM Revision 0968ca43: Increase reserved space for loader/boot to 128Kb to make 8Gb disk size to fit
Renato Botelho
01:31 PM Revision 401e2ac7: Remove no-op code
See https://redmine.pfsense.org/issues/7889 for related discussion Doktor Notor
01:26 PM Revision cbbb8fdb: Remove no-op code
See https://redmine.pfsense.org/issues/7889 for related discussion Doktor Notor
12:49 PM Revision 5f63cb40: Fixed #7889
Increase max number of characters allowed in a tab array to 256 to prevent automatic conversion to pull-down Steve Beaver
09:16 AM Bug #7899: a floating 'match' rule on LAN does not put traffic from a broswer on a clientpc into a shaper queue
Note, I was using PRIQ. Kristopher Kolpin
09:16 AM Bug #7899 (New): a floating 'match' rule on LAN does not put traffic from a broswer on a clientpc into a shaper queue
Seeing bug 7116 (https://redmine.pfsense.org/issues/7116) again with squid and any other traffic originating from the... Kristopher Kolpin
09:13 AM Bug #7116: a floating 'match' rule on LAN does not put traffic from a broswer on a clientpc into a shaper queue
Seeing bug 7116 again with squid and any other traffic originating from the firewall. Cannot place it into any kind ... Kristopher Kolpin
09:13 AM Bug #7272 (Feedback): 6rd not functioning on 2.4.0-BETA
We will keep an eye on this issue, for now it seems to be working.
Thanks everybody. Luiz Souza
08:32 AM Bug #7889: The dropdown tabs replacement fallback needs to be limited to certain pages
Steve Beaver wrote:
> Yes; it should be nuked. I'd like to wait until after the 2.4 release before doing that, howev... Kill Bill
08:22 AM Bug #7889 (Resolved): The dropdown tabs replacement fallback needs to be limited to certain pages
Anonymous
08:22 AM Bug #7889: The dropdown tabs replacement fallback needs to be limited to certain pages
Yes; it should be nuked. I'd like to wait until after the 2.4 release before doing that, however. Anonymous
08:18 AM Bug #7889: The dropdown tabs replacement fallback needs to be limited to certain pages
That works (for the pkg.php/pkg_edit.php as well) provided the limit stays high-enough.
Should the no-op no_drop_... Kill Bill
08:00 AM Bug #7889 (Feedback): The dropdown tabs replacement fallback needs to be limited to certain pages
Applied in changeset commit:5f63cb40ca75f055f85427e78d9e2348b65b05c4. Anonymous
07:17 AM Bug #7898: PFsense 2.4 RC 9/28/17 update - Traffic Shaper HFSC Priority field missing
It was removed deliberately as a part of PR https://github.com/pfsense/pfsense/pull/3795 but in #1994 luiz says HFSC ... Jim Pingle
05:05 AM Bug #7898: PFsense 2.4 RC 9/28/17 update - Traffic Shaper HFSC Priority field missing
thats because HFSC doesnt use priorities Bipin Chandra
07:09 AM pfSense Packages Bug #7716 (Resolved): Suricata - Barnyard2 webui configuration updates result in base64-encoded value written to the config for the password
Jim Pingle
03:21 AM pfSense Packages Bug #7716: Suricata - Barnyard2 webui configuration updates result in base64-encoded value written to the config for the password
Fixed. Kill Bill
07:09 AM pfSense Packages Bug #7756 (Resolved): suricata suricata_check_dir_size_limit() needs to be improved
Jim Pingle
03:21 AM pfSense Packages Bug #7756: suricata suricata_check_dir_size_limit() needs to be improved
Fixed. Kill Bill
07:08 AM pfSense Packages Bug #7578 (Resolved): Suricata -- Removing Hosts from Block Table via Alerts
Jim Pingle
03:13 AM pfSense Packages Bug #7578: Suricata -- Removing Hosts from Block Table via Alerts
Fixed. Kill Bill
07:08 AM pfSense Packages Bug #5996 (Closed): Snort service does not start back after rules update
Jim Pingle
02:49 AM pfSense Packages Bug #5996: Snort service does not start back after rules update
Certainly not a general issue plus insufficient info here to identify any bug. Kill Bill
06:29 AM pfSense Packages Bug #7736: Crahs with Quagga OSPF and the latest 2.4 Beta
bump Jim Thompson
06:29 AM pfSense Packages Bug #6456 (Not a Bug): vm-bhyve not correctly detecting the modules in kernel
Jim Thompson
03:30 AM pfSense Packages Bug #6456: vm-bhyve not correctly detecting the modules in kernel
As noted above, long fixed. Kill Bill
05:50 AM Feature #7888: Add a button in package manager GUI to upgrade all packages
And on that note, one to remove them all would help as well. Kill Bill

09/27/2017

11:52 PM Bug #7898 (Closed): PFsense 2.4 RC 9/28/17 update - Traffic Shaper HFSC Priority field missing
See attached screenshot of HFSC shaper parent and qInternet Child which i already setup traffic shaper on 2.3 when i ... Pushapraj Bhamra
08:06 PM Revision f3c5f4c5: Add copyright notice to dashboard page (but only once per upgrade)
Steve Beaver
06:32 PM Bug #7272: 6rd not functioning on 2.4.0-BETA
this time around it took a bit for it to come up, but it did....
[2.4.1-DEVELOPMENT][ler@home-fw.lerctr.org]/tmp: ... Larry Rosenman
05:55 PM Bug #7272: 6rd not functioning on 2.4.0-BETA
I can also confirm that it works with the current release (2.4.0.r.20170927.1221).
Only difference (when it comes to... Morten Freberg
03:21 PM Bug #7272: 6rd not functioning on 2.4.0-BETA
DHCP / WAN (passthrough from my NVG-599).
It's consistently (at least now) getting a route by default (I've moved... Larry Rosenman
03:16 PM Bug #7272: 6rd not functioning on 2.4.0-BETA
The only way I found to reproduce this problem (no default gateway at boot) was using DHCP on WAN and I intentionally... Luiz Souza
05:08 PM Bug #7846 (Duplicate): Hyper-v vm traffic shaper error: hn0: driver does not support altq
Jim Pingle
04:01 PM Bug #7846: Hyper-v vm traffic shaper error: hn0: driver does not support altq
Duplicate of Bug #7869 and fixed. Kill Bill
05:08 PM pfSense Packages Bug #7850 (Resolved): Include file containing XML_RPC_encode() missing from snort
Jim Pingle
03:53 PM pfSense Packages Bug #7850: Include file containing XML_RPC_encode() missing from snort
Fixed. Kill Bill
05:08 PM Bug #7839 (Resolved): IPv6 ICMPv6 Type 3 Code 0 (hop limit exceeded in transit) reply uses wrong address.
Jim Pingle
04:50 PM Bug #7839: IPv6 ICMPv6 Type 3 Code 0 (hop limit exceeded in transit) reply uses wrong address.
Fixed in 2.4.1 Kill Bill
01:15 PM pfSense Packages Feature #6022: Consider MLVPN for bonded VPN
Has there been any traction with this? I have been looking for something like this too. I'll add to the kitty for t... Mike T
12:04 PM Feature #7897 (Rejected): User Dashboard
Nothing will be available without logging in. That is not a secure means of accomplishing that goal. You can make res... Jim Pingle
11:54 AM Feature #7897: User Dashboard
This could be useful for Diags on remote sites that users can check.
Also for putting on a Plasma/Monitor on the ... Philip Hadfield
11:50 AM Feature #7897 (Rejected): User Dashboard
Having a Dashboard that can show stats without logging in.
Traffic, Link status, EG all the widgets without any of... Philip Hadfield
10:13 AM Bug #7763 (Resolved): IX driver - fails to recognize media type with SFP after link drop
Closing this issue as the driver is working as intended.
The media options will not be detected until you restart ... Luiz Souza
09:28 AM Bug #7896 (Resolved): picture_widget.php
Hi everyone,
First of all, thanks a bunch for such an effort you put on developing this awesome application. While... Valentin Bajrami
07:59 AM Bug #6499: pf fragment states not purged
The specific bug on this ticket is fixed on version 2.3.2 and later. Your system may legitimately have a lot of fragm... Jim Pingle
07:56 AM Bug #6499: pf fragment states not purged
Chris Buechler wrote:
> fixed
Every so often I am seeing "[zone: pf frag entries] PF frag entries limit reached" ... Hillie Sample
05:16 AM pfSense Packages Feature #7895 (Resolved): Add a script for CARP monitoring to NRPE
I have deployed several CARP clusters at work, but I realized there is no real good way to monitor CARP status :
* S... Stéphane Lapie
01:12 AM pfSense Packages Bug #7893: Kernel Panic Suricata Inline
The “generic_XXXXXX” in one of your screenshots shows you’re not running s netmap-capable NIC. (You’re getting the e... Jim Thompson
 

Also available in: Atom