Activity

30 days up to

User

Subprojects

Activity

From 10/16/2017 to 11/14/2017

11/14/2017

05:25 PM Revision 7b60eb49: Fixed #8053: value vs text on Gateway selector
(cherry picked from commit 947394d291c2341afa24d3829d19721af20723df) Steve Beaver
04:53 PM Revision 947394d2: Fixed #8053: value vs text on Gateway selector Steve Beaver
03:51 PM pfSense Packages Feature #3478 (Resolved): OpenVPN Client Export Utility - save preferred settings: This has been in the export package for a while now. Jim Pingle
03:50 PM pfSense Packages Bug #6305: Quagga problems updating routes / mistakenly showing "kernel"-routes while they are not: If this still happens with Quagga, give FRR a try instead. Jim Pingle
03:49 PM pfSense Packages Bug #6449 (Rejected): Email Reports not wait a long command end to send the report.: This is almost certainly a configuration issue, likely from not using the full path to all commands involved. Follow ... Jim Pingle
03:47 PM pfSense Packages Bug #7470 (Closed): Status Traffic Totals - March 2017 is missing: Must be a quirk in vnstat handling of daylight saving time. The duplicate entries are not present now that DST has en... Jim Pingle
03:44 PM pfSense Packages Bug #7613 (Closed): quagga not starting after upgrade - initial boot: I haven't seen this happen in quite some time. It starts up after every upgrade here, and I upgrade test VMs with qua... Jim Pingle
03:44 PM pfSense Packages Bug #7736 (Resolved): Crahs with Quagga OSPF and the latest 2.4 Beta: Jim Pingle
03:44 PM pfSense Packages Bug #7820 (Closed): 2.4: dnsmasq can no longer handle punycode, compile time options change?: Jim Pingle
03:43 PM pfSense Packages Bug #7859 (Resolved): FRR doesn't use the raw config setting: Jim Pingle
03:43 PM pfSense Packages Bug #7935 (Assigned): FFR doesn't save prefix lists to bgpd.conf: Looks like that line was clobbered, probably by accident when I was making an update recently. I'll check it out again. Jim Pingle
03:41 PM pfSense Packages Bug #7950 (Closed): Quagga not displaying status messages on 2.4-rel: Closing, unable to reproduce. Jim Pingle
03:39 PM pfSense Packages Bug #7952 (Closed): OpenVPN export package for Windows flagged by a few AV's: No further reports, must have been a temporary false positive. Not much we could do about it anyhow. Jim Pingle
02:16 PM Bug #6406 (Resolved): Web process becomes unresponsive producing 502 Bad Gateway nginx: Anonymous
11:51 AM Revision 5228a05a: Enable devel/php-xdebug: Renato Botelho
11:50 AM Revision e065e756: Enable devel/php-xdebug: Renato Botelho
11:32 AM Revision 557f7ad0: Update translation files: Renato Botelho
11:26 AM Revision 3a80a823: Regenerate pot: Renato Botelho
11:23 AM Feature #8082 (Resolved): OpenVPN Redirect Gateway Option Only Works for IPv4: Jim Pingle
11:20 AM Feature #8082: OpenVPN Redirect Gateway Option Only Works for IPv4: On pfSense-netgate-memstick-ADI-2.4.2-DEVELOPMENT-amd64-20171114-0626 works as expected. Anonymous
11:23 AM Bug #8088 (Resolved): vpn_openvpn_client.php: CRL Selection is not saved or used: Jim Pingle
11:11 AM Bug #8088: vpn_openvpn_client.php: CRL Selection is not saved or used: Works as expected in pfSense-netgate-memstick-ADI-2.4.2-DEVELOPMENT-amd64-20171114-0626. Anonymous
11:00 AM Bug #8053 (Feedback): Firewall Rule IPv6 Gateway Cannot Be Selected: Applied in changeset commit:947394d291c2341afa24d3829d19721af20723df. Anonymous
09:16 AM Bug #8053 (Assigned): Firewall Rule IPv6 Gateway Cannot Be Selected: The GUI part appears correct but it's storing an incorrect value into config.xml and the gateway isn't reflected in t... Jim Pingle
08:55 AM Bug #8093 (Not a Bug): webConfigurator LDAP Authentication Issue in High Availability Cluster Configuration: The authentication source for the user manager is not a setting that synchronizes as a part of XMLRPC configuration s... Jim Pingle
08:47 AM Bug #8093 (Not a Bug): webConfigurator LDAP Authentication Issue in High Availability Cluster Configuration: I discovered the following issue in my pfsense 2.4.1 (amd64) high availability configuration.
When I configure an ... Nico Seeburger
04:36 AM Bug #8092 (Resolved): Captive Portal Allowed MAC bandwidth changes: Hi,
I've seen these in all of my pfsense devices.
Allowed Mac address changes in bandwidth doesn't apply.
Tried... Jesnar Miranda

11/13/2017

04:44 PM Revision 37f05e97: Add a separate checkbox for OpenVPN servers to redirect an IPv6 gateway now that OpenVPN has a native flag for it. Implements #8082: While here, since local network boxes are hidden when redirect gateway is enabled, do not use the values in those box... Jim Pingle
04:39 PM Bug #8042: VLAN Priority on dhcpc6c packets is not set. REF #7973: Nic, I can send you the updated dhcp6c client, it all works very nicely along with the PR 3862 Patch ID 6b8680a, it w... Martin Wasley
02:15 PM Bug #8042: VLAN Priority on dhcpc6c packets is not set. REF #7973: Martin Wasley wrote:
> Although VLAN tagging now works, it does not work for dhcp6c. @jimp suggested to @kwillers th... Nicolas Scheffer
04:15 PM Revision 97339595: Fix saving the CRL choice for OpenVPN clients. Fixes #8088: (cherry picked from commit 5bd94e5f2e3a4b694e3cfa91d16dab76078c118b)
(cherry picked from commit 2055285920b2714b71159... Jim Pingle
04:15 PM Revision 20552859: Fix saving the CRL choice for OpenVPN clients. Fixes #8088: (cherry picked from commit 5bd94e5f2e3a4b694e3cfa91d16dab76078c118b) Jim Pingle
04:04 PM Revision 5bd94e5f: Fix saving the CRL choice for OpenVPN clients. Fixes #8088: Jim Pingle
02:28 PM Bug #7425: dhclient not sending option 77: I agree with Nicolas,
we are quite a few to replace the Pfsense binaries to make this scenario work in France.
Re... Eric Scherlinger
02:11 PM Bug #7425: dhclient not sending option 77: Jim Pingle wrote:
> Moving target to 2.4.2 as we need 2.4.1 sooner than anticipated.
This option is mandatory to ... Nicolas Scheffer
02:27 PM pfSense Packages Bug #8047: XG-2758 - Coreboot Upgrade - Different ROM size: Update from the customer in my initial post:
Confirmed. After power cycling, the version reported was 01.00.00.18. Clinton Cory
12:06 PM pfSense Packages Bug #8047: XG-2758 - Coreboot Upgrade - Different ROM size: Update from the customer in my previous comment:
The BIOS now shows the latest version. Apparently a physical shut... Clinton Cory
11:40 AM pfSense Packages Bug #8047: XG-2758 - Coreboot Upgrade - Different ROM size: After powering off/on the equipment, the system shows the latest version number with the proper serial (I had no phys... Jose Luis Duran
10:41 AM pfSense Packages Bug #8047: XG-2758 - Coreboot Upgrade - Different ROM size: Here is an older report from another customer who initially reported this:
After trying to upgrade coreboot from 01.... Clinton Cory
09:56 AM pfSense Packages Bug #8047: XG-2758 - Coreboot Upgrade - Different ROM size: Example report from a customer (serial omitted):
Running 2.4.1 and trying to update Netgate Coreboot from 01.00.00.0... Clinton Cory
09:53 AM pfSense Packages Bug #8047: XG-2758 - Coreboot Upgrade - Different ROM size: Example screenshots attached. Clinton Cory
02:07 PM Bug #8085: DHCP deny client - breaks DHCP pool: I have verified that you generate the config file correctly. After trying to reproduce this again today, it appears t... Ken Bass
01:27 PM Bug #8085: DHCP deny client - breaks DHCP pool: It's not a bug in pfSense - we generate the configuration file correctly. If there is any issue it is one directly in... Jim Pingle
01:20 PM Bug #8085: DHCP deny client - breaks DHCP pool: I don't understand how this is Not a bug - forget about what I was trying to accomplish.
On the main LAN interface... Ken Bass
01:04 PM Bug #8085 (Not a Bug): DHCP deny client - breaks DHCP pool: The GUI places the directives in the correct places, within the specified pools, so there isn't any bug here.
That... Jim Pingle
01:22 PM Bug #8091: Limiters with fractional bandwidth values are not loaded correctly: If you have Limiters configured like that you can edit the values in the config file directly and re-save them in the... Steve Wheeler
12:53 PM Bug #8091 (Resolved): Limiters with fractional bandwidth values are not loaded correctly: IPFW is not loading the /tmp/rules.limiter file correctly in 2.4.X if the specified bandwidth value is not a whole nu... Steve Wheeler
12:33 PM Feature #8090 (Closed): Log Action of traffic when using float rule match to log traffic: It can't log "pass" or "block" because the log wasn't triggered by a pass or block rule. It doesn't have that kind of... Jim Pingle
12:11 PM Feature #8090 (Closed): Log Action of traffic when using float rule match to log traffic: I have a rule in float rules, which is set as follows.
Action: Match
Interface: LAN,DMZ
Family Address: IPV4
Pr... Jonny Proud
11:10 AM Bug #8089: VLAN page breaks after config restore to new hardware.: Sorry Affected Version is 2.4.1 Bridgetowermedia IT
11:09 AM Bug #8089 (New): VLAN page breaks after config restore to new hardware.: The VLAN interface page breaks after restoring a backup from devices using emX interfaces to devices using igbX inter... Bridgetowermedia IT
11:09 AM Bug #8022 (Resolved): radvd receives SIGBUS on SG-3100 (ARM): Renato Botelho
10:36 AM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM): Luiz Souza wrote:
> The regression was fixed.
>
> Thanks for reporting.
Updated, looks good.
Daryl Morse
08:52 AM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM): The regression was fixed.
Thanks for reporting. Luiz Souza
11:00 AM Feature #8082 (Feedback): OpenVPN Redirect Gateway Option Only Works for IPv4: Applied in changeset commit:37f05e979280123760a0d7508c4ea9dccaa2a542. Jim Pingle
10:42 AM Feature #8082 (Assigned): OpenVPN Redirect Gateway Option Only Works for IPv4: There was a ticket for this already at #6483 but that one had some really outdated info so I'll keep this one.
I'v... Jim Pingle
10:58 AM pfSense Packages Feature #7376 (Closed): ACME Package - Please add support Namecheap DNS service: Looks like Namecheap's API is problematic for this use case. acme.sh decided not to attempt supporting it. Aside from... Jim Pingle
10:53 AM pfSense Packages Feature #7377 (Resolved): ACME Certificate DNS-Digitalocean Verification Method: DigitalOcean support is present in the current ACME package. Jim Pingle
10:52 AM pfSense Packages Todo #7658 (Resolved): BGP support in Quagga: Raw config support is there now. If that isn't sufficient, switch to FRR which has a full BGP GUI. Jim Pingle
10:50 AM pfSense Packages Feature #7824 (Resolved): [acme / Let's Encrypt] Bump to the latest acme.sh package: This was merged some time ago and is in the current package. Jim Pingle
10:41 AM Feature #6483 (Duplicate): Add OpenVPN redirect-gateway option for IPv6: OpenVPN has a native flag for this now, closing in favor of #8082 since the info here is outdated and that one is cur... Jim Pingle
10:20 AM Bug #8088 (Feedback): vpn_openvpn_client.php: CRL Selection is not saved or used: Applied in changeset commit:5bd94e5f2e3a4b694e3cfa91d16dab76078c118b. Jim Pingle
10:07 AM Bug #8088 (Resolved): vpn_openvpn_client.php: CRL Selection is not saved or used: When saving an OpenVPN client, the CRL field value is not saved in config.xml and it is not used in the client. Jim Pingle
12:23 AM Bug #8087 (New): Provide Calling-Station-ID to RADIUS backed VPN connections: I'm using Duo 2fa radius proxy to connect to the on board RADIUS server in PFsense and am not getting an IP or a user... Sunrunner20 20

11/12/2017

08:40 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM): Random User wrote:
> Luiz Souza wrote:
> > the new (and working) version will be available in the next 2.4.2 snapsh... Daryl Morse
04:50 PM Bug #8086 (Closed): DHCPv6 no longer working: Upgraded from 2.3 and I no longer have a DHCP v6 address from Comcast.
Attach log file snippet almost looks like d... Ken Bass
04:45 PM Bug #8085 (Not a Bug): DHCP deny client - breaks DHCP pool: I decided that on my LAN I mainly wanted DHCP to be handed out to the static mappings and I wanted the static mapping... Ken Bass
12:21 PM Revision 772a7b3d: refactored interfaces_assign.php to to benefit people with large numbers of VLANs, as requested on the forum at https://forum.pfsense.org/index.php?topic=137391.0. Also contains a minor speedup for interfaces_vlan.php. Modified functions are contained in interfaces_fast.inc. Profiling code is still present but commented out, as is replaced code.: Peter Schofield
07:03 AM Feature #8084 (Duplicate): Implementação do Login Social no Captive Portal: Sugestão de implementação do Login Social no Captive Portal. Valdir Martins

11/11/2017

06:32 PM Bug #8083 (Duplicate): No Auto-reboot after guided ZFS installation: Duplicate of #7307 Jim Pingle
05:42 PM Bug #8083 (Duplicate): No Auto-reboot after guided ZFS installation: vt100
Accept
Install pfSense
Default Keymap
Auto (ZFS)
Proceed with Installation
Stripe - No Redundancy
da1
... Chris Linstruth
05:24 PM Feature #8082 (Resolved): OpenVPN Redirect Gateway Option Only Works for IPv4: The "Redirect Gateway" checkbox on the OpenVPN server settings page appears to only push the "redirect-gateway def1" ... Steve Matos
03:16 PM Bug #8081 (Closed): NICs malfunction: On a firewall with 8 NICs:
igb0: <Intel(R) PRO/1000 Network Connection, Version - 2.5.3-k>
igb1: <Intel(R) PRO/10... Giovanni Berisso
01:38 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM): Luiz Souza wrote:
> the new (and working) version will be available in the next 2.4.2 snapshot.
That commit rende... Random User
10:31 AM Bug #8074: Captive Portal RADIUS WISPr-Bandwith-Up value used incorrectly creating Limited rules: Some more info.
I also get this problem in version 2.4.1
I've been looking at the code in /etc/inc/captiveportal.in... Richard Gate
10:31 AM Bug #8079 (Resolved): XMLRPC Issues with Captive Portal Vouchers: Jim Pingle
10:19 AM Bug #8079: XMLRPC Issues with Captive Portal Vouchers: Tested latest snapshot 2.4.2.a.20171110.1936. Works here. Chris Linstruth
07:52 AM Bug #8080 (Resolved): DHCPv6 + SLAAC SG1000: Thank you James. Luiz Souza
05:43 AM Bug #8080: DHCPv6 + SLAAC SG1000: I can also confirm that after upgrading to the latest 2.4.2 development snapshot that the issue is resolved and radvd... James Webb
05:16 AM Bug #8080: DHCPv6 + SLAAC SG1000: On further inspection after clearing the log file and force restarting radvd, the routing log file simply consists of... James Webb

11/10/2017

10:07 PM Bug #8079: XMLRPC Issues with Captive Portal Vouchers: That snapshot is not recent enough to contain the changes Jim Pingle
09:34 PM Bug #8079: XMLRPC Issues with Captive Portal Vouchers: Tested in Current Base System 2.4.2.a.20171110.1037
Still produces Errors on Secondary after testing expired vouch... Paighton Bisconer
01:20 PM Bug #8079 (Feedback): XMLRPC Issues with Captive Portal Vouchers: Applied in changeset commit:66dd4fe2ad0c7d63f9da45a9b32bd6c94a78fc44. Jim Pingle
01:14 PM Bug #8079: XMLRPC Issues with Captive Portal Vouchers: Actually #1 is not valid because that section shouldn't sync that way. That typo breaking the sync in that direction ... Jim Pingle
12:01 PM Bug #8079 (Resolved): XMLRPC Issues with Captive Portal Vouchers: Multiple issues with Captive Portal vouchers:
1. Sync of the voucher configuration doesn't work because in /etc/rc... Jim Pingle
08:44 PM Bug #8080: DHCPv6 + SLAAC SG1000: Is there a message in any of the logs about radvd crashing? Jim Pingle
07:04 PM Bug #8080: DHCPv6 + SLAAC SG1000: Hi Jim,
Very good point. It does seem that radvd is NOT running. James Webb
06:58 PM Bug #8080: DHCPv6 + SLAAC SG1000: Is radvd running? This could be a duplicate of #8022
Without router advertisements, clients wouldn't know to conta... Jim Pingle
06:55 PM Bug #8080 (Resolved): DHCPv6 + SLAAC SG1000: Hi,
I recently bought an SG1000 device for use on a corporate network.
I have had quite a bit of experience with ... James Webb
08:20 PM Revision 6bb69034: Fixed #8053 Revised page JavaScript to update gateway selector on IP family change: (cherry picked from commit ae381698db23f260027c27c9aa12694a38c2f9ce) Steve Beaver
08:15 PM Revision ae381698: Fixed #8053 Revised page JavaScript to update gateway selector on IP family change: Steve Beaver
08:15 PM Revision 13f88d0a: Fixed #8053: Revised page JavaScript to update gateway selector on IP family change Steve Beaver
07:08 PM Revision 66dd4fe2: Remove this part, the voucher settings shouldn't be synchronized this way, it's handled via the voucher sync settings on the secondary. Fixes #8079: It was only working before because of this typo, the code shouldn't have been there at all. Jim Pingle
07:00 PM Revision 927a988e: When synchronizing vouchers, avoid allowing null values. Also, fix a missing variable global declaration. Part of ticket #8079: Jim Pingle
06:14 PM Revision ff25106d: Correct voucher config section name. Part of ticket #8079: Jim Pingle
04:33 PM Revision 9605cf97: Use a strict check of array_search() result: Renato Botelho
04:33 PM Revision a82c33f6: Use a strict check of array_search() result: Renato Botelho
04:33 PM Revision 2a6b3b70: Use a strict check of array_search() result: Renato Botelho
04:33 PM Revision bc60e070: Use a strict check of array_search() result: Renato Botelho
04:19 PM Revision 9b750b40: Remove empty items from output: Renato Botelho
04:18 PM Revision 5535d91d: Remove empty items from output: Renato Botelho
04:18 PM Revision 29c728a2: Remove empty items from output: Renato Botelho
04:18 PM Revision c253e352: Remove empty items from output: Renato Botelho
03:15 PM Bug #7426 (Resolved): UDP packet drops: Jim Pingle
02:30 PM Bug #8053: Firewall Rule IPv6 Gateway Cannot Be Selected: Applied in changeset commit:13f88d0a0a7347c7a44ffed7b33afa110cc64174. Anonymous
02:12 PM Bug #8053 (Feedback): Firewall Rule IPv6 Gateway Cannot Be Selected: firewall_rules_edit.php page JavaScript revised to update the gateway list dynamically. Anonymous
02:20 PM Revision 19dab63b: Detect when system is running a newer version than the one available on remote repository: Renato Botelho
02:20 PM Revision ab7813e8: Detect when system is running a newer version than the one available on remote repository: Renato Botelho
02:20 PM Revision f27bd8cd: Detect when system is running a newer version than the one available on remote repository: Renato Botelho
02:20 PM Revision 8d5ff32b: Detect when system is running a newer version than the one available on remote repository: Renato Botelho
02:17 PM Revision 840f28ca: Always do rquery when pkg search is not used: Renato Botelho
02:17 PM Revision fabfe51d: Always do rquery when pkg search is not used: Renato Botelho
02:17 PM Revision be8884da: Always do rquery when pkg search is not used: Renato Botelho
02:17 PM Revision eaed7e74: Always do rquery when pkg search is not used: Renato Botelho
12:52 PM Revision 005be784: Rename 2.3 repositories to keep list sorted in GUI: Renato Botelho
12:51 PM Revision a0494dc8: Rename 2.3 repositories to keep list sorted in GUI: Renato Botelho
12:50 PM Revision a64fe84d: Rename 2.3 repositories to keep list sorted in GUI: Renato Botelho
12:49 PM Revision 89d2b4c3: Rename 2.3 repositories to keep list sorted in GUI: Renato Botelho
12:23 PM Bug #8039 (Resolved): Invalid characters in static IP description will not resolve upon correction: Jim Pingle
12:15 PM Bug #7946 (Resolved): 2.4 Package Manager: Does Not List Installed Packages which have been removed from the repository.: Renato Botelho
11:57 AM Bug #7946: 2.4 Package Manager: Does Not List Installed Packages which have been removed from the repository.: freeradius2 remained at Installed Packages in the WebGUI. Fix confirmed. Anonymous
06:20 AM Bug #7946 (Feedback): 2.4 Package Manager: Does Not List Installed Packages which have been removed from the repository.: Applied in changeset commit:44cb7fee05969601e25376bba8ce1d2be10e4eb7. Renato Botelho
12:10 PM Revision a9b0a7a3: Fix #7946: Display installed packages missing on remote repo to let user to delete it: Renato Botelho
12:09 PM Revision 42b6ca6e: Fix #7946: Display installed packages missing on remote repo to let user to delete it: Renato Botelho
12:09 PM Revision ef1ed439: Fixed #8035: Steve Beaver
12:09 PM Revision a16690c8: Fix #7946: Display installed packages missing on remote repo to let user to delete it: Renato Botelho
12:09 PM Revision 44cb7fee: Fix #7946: Display installed packages missing on remote repo to let user to delete it: Renato Botelho
11:56 AM Revision 388bb779: Fixed #8035: Steve Beaver
11:10 AM Bug #7917 (Resolved): GUI shows "There are no packages currently installed" when repos are unreachable: Renato Botelho
11:03 AM Bug #7917: GUI shows "There are no packages currently installed" when repos are unreachable: installed a package, pulled WAN, went back to Packages and the package showed. Rebooted without WAN, checked again, p... Anonymous
06:15 AM Bug #7917 (Feedback): GUI shows "There are no packages currently installed" when repos are unreachable: I've confirmed fix pushed for #7946 also fix it Renato Botelho
10:40 AM Bug #8022 (Feedback): radvd receives SIGBUS on SG-3100 (ARM): The package was upgraded to recent upstream version (2.17) just to let us discover that the original bug was still pr... Luiz Souza

11/09/2017

10:15 PM Bug #8039: Invalid characters in static IP description will not resolve upon correction: On pfSense-netgate-memstick-ADI-2.4.2-DEVELOPMENT-amd64-20171108-1341 could not reproduce the bad behavior. Anonymous
02:00 PM Bug #8039 (Feedback): Invalid characters in static IP description will not resolve upon correction: Applied in changeset commit:d70eaff5781015294376b42284e728265c56fd8d. Anonymous
07:52 PM Revision d70eaff5: Fixed #8039 Changed to on sanitizing data. This is to help so if the user has previous cookie data it shouldn't try and sanitize it.: Stephen Jones
07:00 PM Bug #8077: Filterlog format does not match documentation or RFC spec: You are of course right, and I am feeling silly. Can't see the wood for the trees.
There is a proper bug report ag... Joash Lewis
04:01 PM Bug #8077: Filterlog format does not match documentation or RFC spec: And that fact is already noted on the page. Immediately under the line you quoted. Jim Pingle
04:01 PM Bug #8077 (Not a Bug): Filterlog format does not match documentation or RFC spec: That is the format of the log in /var/log/filter.log
If it looks different coming across syslogd, that's a differe... Jim Pingle
03:58 PM Bug #8077 (Not a Bug): Filterlog format does not match documentation or RFC spec: The "documentation of the filterlog format":https://doc.pfsense.org/index.php/Filter_Log_Format_for_pfSense_2.2 indic... Joash Lewis
06:32 PM Revision 81fbfd64: Add missiing repo definitions: Renato Botelho
05:10 PM Revision 73568673: Also kill off sshlockout_pf processes when restarting syslogd. Fixes #7984: Jim Pingle
04:49 PM Feature #8078 (New): PPPoE Reconnect Wait Time: When there is an outage (whether accidental or network maintenenace) the PPPoE session will drop. With some ISPs the... Kristopher Kolpin
04:40 PM Revision e00f69c8: Fixed #7966 added a moving average smoothing factor to help out with some of the jagged graphs. Since the quickest update will be every other second this will help make it look smoother. Also added this to the widget and added some functionality to the status page so it can display in two different styles. Setting smoothing to 0 will make the graph the same as before this was added. Raising it will allow for a moving average to be taken into account to smooth out the graphs.: Stephen Jones
03:56 PM Bug #6459 (Resolved): AWS EC2 Instance should skip interface config in setup wizard: Jim Pingle
03:51 PM Bug #6459: AWS EC2 Instance should skip interface config in setup wizard: Tested ok today. Chris Macmahon
03:49 PM Bug #7856 (Resolved): IPsec status does not show all connected mobile clients: Jim Pingle
03:49 PM Bug #8003 (Resolved): IPsec weirdness with 2.4.1: Jim Pingle
03:46 PM Bug #8063 (Resolved): ZFS installs using MBR or geli end up with an empty /boot due to bootpool not being imported: Jim Pingle
03:43 PM Revision 152dd87a: 2.3 specific revision to custom repo system: Provide mechanism to allow for transition to a new package repository server
(cherry picked from commit 00d0c66e6217... Steve Beaver
01:42 PM Revision 10694d88: Fix repo path: Renato Botelho
01:13 PM Revision 7d7398f2: Add consolidate pkg repos to use on all branches: Renato Botelho
01:09 PM Revision 5ccb7e12: Fill default repo dinamically: Renato Botelho
01:08 PM Revision d52ca8eb: Define default repo: Renato Botelho
01:05 PM Revision 15f12d8e: Fill default repo dinamically: Renato Botelho
01:05 PM Revision 5e15203c: Define default repo: Renato Botelho
01:05 PM Revision c92d1db5: Add consolidate pkg repos to use on all branches: Renato Botelho
01:02 PM Revision dab47760: Add consolidate pkg repos to use on all branches: Renato Botelho
01:01 PM Revision d82a9bda: Add consolidate pkg repos to use on all branches: Renato Botelho
12:28 PM Feature #7823 (Resolved): Pull request: Add support for dynamic DNS provider ClouDNS: Jim Pingle
12:20 PM Bug #7966 (Resolved): Live traffic graphs appear to have sampling errors: Jim Pingle
11:59 AM Bug #7966: Live traffic graphs appear to have sampling errors: On pfSense-CE-memstick-ADI-2.4.2-DEVELOPMENT-amd64-20171108-1340 gitsync'd to master, the smoothing slider is availab... Anonymous
10:50 AM Bug #7966 (Feedback): Live traffic graphs appear to have sampling errors: Applied in changeset commit:e00f69c8cd29a58383ac40a8d1e30045449eec14. Anonymous
12:19 PM Bug #7984 (Resolved): restarting syslogd service makes sshlockout_pf process orphans: Jim Pingle
12:14 PM Bug #7984: restarting syslogd service makes sshlockout_pf process orphans: On pfSense-CE-memstick-ADI-2.4.2-DEVELOPMENT-amd64-20171108-1340 gitsync'd to master, works as expected. Anonymous
11:20 AM Bug #7984 (Feedback): restarting syslogd service makes sshlockout_pf process orphans: Applied in changeset commit:73568673ebb45bd3c58cdd638a93b754b09cc654. Jim Pingle
11:09 AM Bug #7984 (Assigned): restarting syslogd service makes sshlockout_pf process orphans: Yeah I see the problem with the restart case, I'll push a fix shortly. Jim Pingle
11:26 AM Bug #8043 (Resolved): Cannot enable IPsec Mobile Client Support when the interface is in french: Jim Pingle
11:21 AM Bug #8043: Cannot enable IPsec Mobile Client Support when the interface is in french: On pfSense-CE-memstick-ADI-2.4.2-DEVELOPMENT-amd64-20171108-1340, set language to French, went to IPSec and checked t... Anonymous
11:25 AM Bug #7786 (Resolved): traffic shaping queue on WAN wont allow total of all child to be 100%: Looks good here, too. Jim Pingle
11:13 AM pfSense Packages Bug #7961 (Resolved): JS Error on Status > Monitoring: Anonymous
11:09 AM pfSense Packages Bug #7961: JS Error on Status > Monitoring: on pfSense-CE-memstick-ADI-2.4.2-DEVELOPMENT-amd64-20171108-1340, went to Status > Monitoring clicked on Settings > D... Anonymous
11:11 AM Bug #8076 (New): User can easily apply an unusable interface configuration after restore: When loading a configuration file from a different device (with other
NICs) to a freshly installed pfSense, it corre... Adrian Zaugg
11:09 AM Bug #8075 (Rejected): OpenVPN binds to wrong interface with no ip on first interface: With two WAN interfaces and with an OpenVPN server on each, bound to its
interface, there is a wrong IP assertion in... Adrian Zaugg
10:57 AM Bug #8032 (Resolved): xmlrpcsync password fails with spaces in password: Works Jim Pingle
10:45 AM Bug #7978 (Resolved): IE 11 - Headers of tables almost not visible when no entries made: Jim Pingle
10:11 AM Bug #7307: ZFS installer - shuts down instead of rebooting: Given that this only happens when using eMMC, and the operator is already present at the hardware to perform the inst... Jim Pingle
09:58 AM Bug #8074: Captive Portal RADIUS WISPr-Bandwith-Up value used incorrectly creating Limited rules: Sorry should have set the Affected Version to 2.4.0 Richard Gate
09:30 AM Bug #8074 (Duplicate): Captive Portal RADIUS WISPr-Bandwith-Up value used incorrectly creating Limited rules: Since pfSense 2.4.0 and the re-write of Captive Portal, the RADIUS WISPr-Bandwidth-Up value is being used incorrectly... Richard Gate
09:14 AM Bug #7969 (Resolved): md5 bgp sessions fail in 2.4.0: Anything at the OS level appears to be fine now. I am able to establish a BGP peering with TCP MD5 and the latest FRR... Jim Pingle
08:15 AM Bug #8035 (Resolved): Installed packages widget does not show updates: Jim Pingle
08:11 AM Bug #8069 (Resolved): Services sorting is incorrect in several cases with multi-instance services: Jim Pingle
07:36 AM Bug #8059 (Resolved): /etc/ssl/openssl.cnf in 2.4.0 and 2.4.1 is broken: Jim Pingle
02:51 AM Bug #8073 (New): Traffic inexplicably not going through IPSEC despite (in theory) matching SPs: I am running a pfSense 2.4.0 twin installation with CARP between the two appliances.
I have been able to successfull... Fulvio Scapin

11/08/2017

07:56 PM Bug #8072: Limiter / Queue mask issues?: EDIT: To clarify. The old method of turning off pfsync and using just the limiters works as expected, however HA is... Damien Montanile
07:53 PM Bug #8072: Limiter / Queue mask issues?: Chris Linstruth wrote:
> It looks like you have your in/out directions mixed up.
>
> When you place Limiters on t... Damien Montanile
07:13 PM Bug #8072: Limiter / Queue mask issues?: And, further, if you want a separate pipe for each IP address you mask on the parent queue and do not set a child que... Chris Linstruth
06:46 PM Bug #8072: Limiter / Queue mask issues?: It looks like you have your in/out directions mixed up.
When you place Limiters on the LAN interface, the IN direc... Chris Linstruth
02:28 PM Bug #8072 (New): Limiter / Queue mask issues?: After upgrading to 2.4 and then again to 2.4.1, I noticed there is what appears to be a new issue as it applies to us... Damien Montanile
04:03 PM Revision e73cc753: Several corrections to service sorting to produce output consistent with user expectations. Fixes #8069: (cherry picked from commit 258fc75b0995a53997927edc5186b1fe8a5b409e)
(cherry picked from commit 8d9037dda9ab473af6df0... Jim Pingle
04:03 PM Revision 8d9037dd: Several corrections to service sorting to produce output consistent with user expectations. Fixes #8069: (cherry picked from commit 258fc75b0995a53997927edc5186b1fe8a5b409e) Jim Pingle
04:01 PM Revision 258fc75b: Several corrections to service sorting to produce output consistent with user expectations. Fixes #8069: Jim Pingle
03:46 PM Bug #8065 (Resolved): A manually configured filesystem layout with a separate /usr fails to properly setup several aspects of the system at boot time: Jim Pingle
03:10 PM Bug #7969: md5 bgp sessions fail in 2.4.0: Tim Economides wrote:
> Somewhat related issue I've first noticed while working with Quagga and FRR - When working w... Jim Pingle
03:03 PM Bug #7969: md5 bgp sessions fail in 2.4.0: Jim Pingle wrote:
> I added the flag to the raw config page. Unfortunately, fixing the other bug meant I had to rena... Tim Economides
02:40 PM Bug #7969: md5 bgp sessions fail in 2.4.0: I added the flag to the raw config page. Unfortunately, fixing the other bug meant I had to rename the fields so the ... Jim Pingle
01:33 PM Bug #7969: md5 bgp sessions fail in 2.4.0: Jim Pingle wrote:
> I just pushed a change to FRR to allow the user to manually choose whether or not they want to u... Tim Economides
12:51 PM Bug #7969: md5 bgp sessions fail in 2.4.0: I just pushed a change to FRR to allow the user to manually choose whether or not they want to use setkey entries for... Jim Pingle
02:06 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM): Dave I experienced exactly the same thing as you did. I don't know how to fix it. I was only setting up ipv6 for fun ... Leif Huhn
12:34 PM Bug #8071 (Resolved): DNSimple support for Dynamic DNS no longer working: It seems that DNSimple has deprecated API v1 so all attempts using the current implementation will fail as unauthoriz... Kevin Loukinen
11:46 AM Bug #8070 (Closed): IKEv2 IPSec tunnel under load crashes pfSense when AES-NI is enabled: I want to refer you to this forumpost: https://forum.pfsense.org/index.php?topic=139146.0
As I said, disabling AES... Jan Jurkus
10:37 AM Bug #8039: Invalid characters in static IP description will not resolve upon correction: The static mapping wouldn't have anything to do with the port forward page.
The error on the port forward page is ... Jim Pingle
10:32 AM Bug #8039: Invalid characters in static IP description will not resolve upon correction: You will have to mark this as 'could not replicate'. I blasted the installation and will have to try again in the fut... Diedrich Guenther
10:25 AM Bug #7995: pfSense Certificate Manager Issues Blank Certificates: It will appear OK after booting, most tests will look fine then. You have to watch the console during boot time, the ... Jim Pingle
10:24 AM Bug #7995: pfSense Certificate Manager Issues Blank Certificates: I'm having the same issue on a freshly upgraded factory configured SG-8860. This happens with my existing CA as well... Gary Graham
10:10 AM Bug #8069 (Feedback): Services sorting is incorrect in several cases with multi-instance services: Applied in changeset commit:258fc75b0995a53997927edc5186b1fe8a5b409e. Jim Pingle
09:59 AM Bug #8069 (Resolved): Services sorting is incorrect in several cases with multi-instance services: On services_status.php, services with multiple instances (e.g. openvpn) appear unsorted in the list.
On the servic... Jim Pingle
09:07 AM Bug #8003: IPsec weirdness with 2.4.1: This has been fixed in 2.4.2 in these commits a65b41a9e455786dd969a1ffcd110fdf195f9031 and 130f3c9266e0b8c626aa6e8991... Anonymous
04:23 AM Bug #8003: IPsec weirdness with 2.4.1: In my case there are more than 300 tunnels. It is very inconvenient to check which ones work and which ones do not wo... Kirill Z
01:14 AM Bug #8003: IPsec weirdness with 2.4.1: I have the same issue on two SG-8860 in a carp setup upgraded from 2.3.4 to 2.4.0 and then 2.4.1. Seven connected ips... Alexander Lindqvist
09:07 AM pfSense Packages Bug #8068 (Resolved): Status Traffic Totals package installation is not recorded in config.xml: The installation of the Status_Traffic_Totals package is not reflected in config.xml, thus it is not present in a bac... Jim Pingle
08:55 AM pfSense Packages Bug #7487 (Resolved): Status Traffic Totals doesnt persist through reboots.: Jim Pingle
07:12 AM pfSense Packages Bug #8067 (Closed): Avahi can't be stopped from registering on unassigned interfaces: Related to #7755.
In the settings page for Avahi, the deny interfaces list shows assigned interfaces only.
I ha... Nathan Phillips
02:58 AM Bug #8059: /etc/ssl/openssl.cnf in 2.4.0 and 2.4.1 is broken: Jim Pingle wrote:
> Applied in changeset commit:3414dea15b2f31099ef2ec962c2062ae95080a0e.
Hi Jim,
Thanks for t... Anonymous
02:04 AM Bug #8066 (New): Static routes not applied when they go out a interface using carp: I have a fw that has a /30 configured on one interface and then a separate /30 ip series applied used carp on the int... Rasmus Fauske

11/07/2017

11:30 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM): Leif Huhn wrote:
> Dave I formatted over the memory card, but I bet this would work for you:
>
> http://pkg.freeb... Dave Pugh
01:30 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM): Dave I formatted over the memory card, but I bet this would work for you:
http://pkg.freebsd.org/FreeBSD:11:armv6/... Leif Huhn
09:40 PM Bug #8024 (Resolved): static ipv6 config allow invalid addresses: Luiz Souza
07:29 PM Revision 05871043: Reorder reading the product name in pfSense-rc so it happens after all filesystems are mounted. Fixes #8065: Jim Pingle
06:53 PM pfSense Packages Bug #8058: FreeRadius Accounting Bug after upgrade 2.3->2.4: Now it is happening again...for some reason latest activity in captive portal just stops working for some users.
I r... Frotty Zaoldyeck
08:02 AM pfSense Packages Bug #8058 (Closed): FreeRadius Accounting Bug after upgrade 2.3->2.4: Jim Pingle
05:32 PM Revision 00d0c66e: Provide mechanism to allow for transition to a new package repository server: Steve Beaver
03:38 PM Revision 635dcc69: Check for /bootpool and import the bootpool zfs pool if present. Fixes #8063: Jim Pingle
02:58 PM Bug #7969: md5 bgp sessions fail in 2.4.0: Jim Pingle wrote:
> Could be quagga vs frr, I am testing with frr. I'm still not convinced the second SA is doing an... Tim Economides
01:40 PM Bug #8065 (Feedback): A manually configured filesystem layout with a separate /usr fails to properly setup several aspects of the system at boot time: Applied in changeset commit:05871043800e44b40f9d542e5a76f9506259c115. Jim Pingle
01:28 PM Bug #8065: A manually configured filesystem layout with a separate /usr fails to properly setup several aspects of the system at boot time: Renato says the patch looks good.
Further testing shows no problems:
- Affected UFS system is OK
- Regular UFS s... Jim Pingle
01:04 PM Bug #8065 (Resolved): A manually configured filesystem layout with a separate /usr fails to properly setup several aspects of the system at boot time: Choosing a manual installation with a separate /usr slice (ex: boot, /, /usr, /var, swap) fails to setup various aspe... Jim Pingle
01:06 PM Bug #7995 (Closed): pfSense Certificate Manager Issues Blank Certificates: After some more digging based on your later e-mail reply, I believe I found the root cause of this. See #8065
Clos... Jim Pingle
08:26 AM Bug #7995: pfSense Certificate Manager Issues Blank Certificates: I can't seem to replicate that here. I used the exact same inputs you sent via e-mail and it worked as expected on 2.... Jim Pingle
12:37 PM pfSense Packages Bug #8064 (Not a Bug): Freeradius 3 One Time Password (OTP) not working: It works fine, I just tested it multiple times yesterday and even replied to "your forum thread":https://forum.pfsens... Jim Pingle
12:30 PM pfSense Packages Bug #8064 (Not a Bug): Freeradius 3 One Time Password (OTP) not working: Hello,
clean Installation: Pfsense 2.4.1 with freeradius 0.15.2 OTP Google Authentcation is +not+ working
clean I... Anonymous
10:05 AM Bug #8049 (Duplicate): MTU stuck at 1280 for gif0 interface: Looks like a duplicate of #6868 Jim Pingle
10:03 AM Bug #8009 (Duplicate): Can't upgrade from 2.4.0 to 2.4.1: It's hard to tell due to lack of info, but I'm guessing this is a duplicate of #8063, the symptoms seem to match. If ... Jim Pingle
09:55 AM Bug #6223: IPsec + OpenBGPD fails with "PF_KEY socket: No buffer space available": Mitch Claborn wrote:
> What is the process for switching to FRR? Do I just install the FRR package or is there more ... Jim Pingle
09:53 AM Bug #6223: IPsec + OpenBGPD fails with "PF_KEY socket: No buffer space available": What is the process for switching to FRR? Do I just install the FRR package or is there more to it? Mitch Claborn
05:55 AM Bug #6223: IPsec + OpenBGPD fails with "PF_KEY socket: No buffer space available": I can confirm that this is still an issue on 2.4.0
Switching to FRR solved this for me. Andrew Wasilczuk
09:50 AM Bug #8063 (Feedback): ZFS installs using MBR or geli end up with an empty /boot due to bootpool not being imported: Applied in changeset commit:635dcc697a5caed4faebab384baa78809cf1c7b5. Jim Pingle
09:16 AM Bug #8063 (Resolved): ZFS installs using MBR or geli end up with an empty /boot due to bootpool not being imported: The zfs option in the installer can, in a few possible config paths, end up with a broken /boot. It looks like at lea... Jim Pingle
08:00 AM pfSense Packages Bug #8062: Fixes to AWS VPC VPN wizard: Thanks for the code submission! I had to remove those files from this public redmine post because that code is only a... Jim Pingle
05:48 AM pfSense Packages Bug #8062 (Resolved): Fixes to AWS VPC VPN wizard: A mixture of bug fixes and featured for the vpc vpn wizard.
h3. Use FRR BGP instead of OpenBGP
OpenBGP currentl... Andrew Wasilczuk
05:23 AM Feature #7962: Support for Intel 553 network card: Hi, having the same issue. I guess the new driver is needed.
Was fixed in FreeNAS already.
https://bugs.freenas.org... Jose Duarte
04:15 AM Revision 373513a5: Fix a bug in interfaces.php that will cause a failure on first 'Save' of 'OPT1' with some hardware configurations.: Luiz Souza
03:10 AM Revision 1328b154: Add the XML tags to support the switch entries.: Luiz Souza
03:10 AM Revision 3b135582: Remove stray white space.: Luiz Souza

11/06/2017

09:01 PM Revision 9b36e210: fixed the ipsec widget to show splitconnections for ikev2: Stephen Jones
08:54 PM Revision 3414dea1: Restore some customizations to openssl.cnf, otherwise it cannot generate a certificate. Fixes #8059: We set prompt=no, so most of these values will cause an error when openssl commands are run directly. Jim Pingle
08:47 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM): Leif Huhn wrote:
> I compiled 2.17 from ports on raspi2 and it runs on the SG-3100 without SIGBUS.
This issue is ... Dave Pugh
07:18 PM Bug #8061: LAN WAN Interfaces missing in Traffichshaper: Bridges and VLAN interfaces on LAN show up.
a spare interface on the same card shows up
It is just WAN interfaces a... W FM
07:13 PM Bug #8061: LAN WAN Interfaces missing in Traffichshaper: on irc someone else had the same issue.
Also worth noting this is i386 W FM
07:10 PM Bug #8061: LAN WAN Interfaces missing in Traffichshaper: em0@pci0:0:3:0: class=0x020000 card=0x10128086 chip=0x10108086 rev=0x01 hdr=0x00
vendor = 'Intel Corporation... W FM
06:46 PM Bug #8061: LAN WAN Interfaces missing in Traffichshaper: What type of interfaces are those (driver name)?
Perhaps they were supported by the shaper on older versions but t... Jim Pingle
06:38 PM Bug #8061: LAN WAN Interfaces missing in Traffichshaper: firewall_shaper.php
Firewall / Traffic Shaper / By Interface
(sorry for the typo) W FM
06:35 PM Bug #8061 (Resolved): LAN WAN Interfaces missing in Traffichshaper: In 2.3.5 LAN and WAN interface(s) are missing from the list.
see picture attached
If queues are deleted only wa... W FM
06:40 PM Bug #7936 (Resolved): bridge network interface does not support altq on 2.4.0-RELEASE: Luiz Souza
06:38 PM Bug #7940 (Resolved): disabling LAGG causes system reboot on 2.4: Luiz Souza
06:35 PM Bug #7981 (Resolved): PPP interfaces with a VLAN parent do not work with new VLAN names: Luiz Souza
05:48 PM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names: with
2.4.2-DEVELOPMENT (amd64)
built on Mon Nov 06 10:40:15 CST 2017
I confirm there is no more problem wit... Alexandre Paradis
03:25 PM Bug #8060 (Closed): Incorrect translation to Russian language: The main page in the "Version" section should be "Получение" instead of "Полчение". Alexander Ryazantsev
03:10 PM Bug #8059 (Feedback): /etc/ssl/openssl.cnf in 2.4.0 and 2.4.1 is broken: Applied in changeset commit:3414dea15b2f31099ef2ec962c2062ae95080a0e. Jim Pingle
03:00 PM Bug #8059: /etc/ssl/openssl.cnf in 2.4.0 and 2.4.1 is broken: I just pushed a fix for this, but a few important points need to be made:
1. The ACME package works fine serving f... Jim Pingle
02:30 PM Bug #8059 (Confirmed): /etc/ssl/openssl.cnf in 2.4.0 and 2.4.1 is broken: It is not broken, it works fine when you use it in a supported way (read: use the GUI or the ACME package).
Noneth... Jim Pingle
02:02 PM Bug #8059 (Resolved): /etc/ssl/openssl.cnf in 2.4.0 and 2.4.1 is broken: When using dehydrated (https://github.com/lukas2511/dehydrated) instead of the acme package for requesting LetsEncryp... Anonymous
02:59 PM Revision 2807660f: removed extra quote: Stephen Jones
11:57 AM pfSense Packages Bug #8058: FreeRadius Accounting Bug after upgrade 2.3->2.4: Okay, after recreated the client and interfaces, this time with "*" instead of the IP of the client, seemed to have w... Frotty Zaoldyeck
06:57 AM pfSense Packages Bug #8058 (Closed): FreeRadius Accounting Bug after upgrade 2.3->2.4: Hi,
I have been using FreeRadius with my captive portal successfully before freeRadius3 and pfsense 2.4
After the... Frotty Zaoldyeck
09:49 AM Bug #8044 (Resolved): LDAP authentication fails with a globally trusted root CA: Jim Pingle
09:45 AM Bug #8045: Terminal and WebGUI stops responding: Hi,
I have the same setup running (except nmap and snort).
Today I ran into the same issue.
I have a few of thes... Christian Rhomberg
08:34 AM Bug #8003: IPsec weirdness with 2.4.1: Constantine Kormashev wrote:
> Could not reproduce the issue with just one P2 entry. Seems it affects only multiply ... Neal Harrington
05:10 AM Bug #6650 (Resolved): Option needed to disable HSTS: Renato Botelho
03:15 AM Bug #8057 (Closed): don't start dpinger if still one running: It's the 2nd or 3rd time I see multiple instances of dpinger.
You have a pid file and can check for the process befo... Grischa Zengel
01:50 AM Revision 902cbde8: Support shutdown scripts in /usr/local/etc/rc.d. This allows packages to take critical shutdown actions such as: UPS power kill in NUT. Denny Page

11/05/2017

07:16 PM Feature #8030: Unbound: Add support for DNS over TLS to internal clients: I was able to get this to work using the following:
#this prevents port 853 tcp from working. Not sure why? Turnin... Mathew Keith
03:42 PM Bug #7426: UDP packet drops: Tested iperf3 in UDP mode between SG-1000 and SG-2440 (and SG-3100), could not reproduce the bad behavior. Saw a prob... Anonymous
02:47 PM Bug #7786: traffic shaping queue on WAN wont allow total of all child to be 100%: On pfSense-netgate-uFW-recover-2.4.2-DEVELOPMENT-armv6-20171104-1805 unable to reproduce. Created parent queue for 50... Anonymous
02:31 PM Bug #7975: ESXi 6.5 UEFI boot stops at framebuffer info: Booting pfSense-CE-2.4.1-RELEASE-amd64.iso on ESXi 6.0.0 Update 3 (Build 5224934) using UEFI mode.
Machine shutdow... Carlos Montalvo J.
11:15 AM Bug #8056: Bridge + CARP crashes/freezes pfSense: More context: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=200319
This configuration works well on 2.3.3+ (di... Anonymous
10:59 AM Bug #8056 (Resolved): Bridge + CARP crashes/freezes pfSense: Same behavior as the linked bug below: running CARP on a bridge interface and sending any non-trivial amount of traff... Anonymous
08:04 AM Bug #7929 (Resolved): IPSec CA certificate name corrupt if multiple RDNs of the same type are in subject name: Jim Pingle
01:15 AM Bug #7929: IPSec CA certificate name corrupt if multiple RDNs of the same type are in subject name: 2.4.2 17-11-04 could not reproduce the issue
rightca for latest @/DC=jimp/DC=pw/@
rightca for 2.4.1 @/DC=Array/@
A... Constantine Kormashev
05:59 AM Bug #8055 (Closed): pfsense GUI accessible over tun interface address from remote network: Anonymous
05:08 AM Bug #8055: pfsense GUI accessible over tun interface address from remote network: INVALID - please close, additional route path advertised by secondary client. Grzegorz Krzystek
02:40 AM Bug #8055 (Closed): pfsense GUI accessible over tun interface address from remote network: Configuration:
site A pfSense:
lan: 10.76.175.0/24
OpenVPN_TUN: 172.28.10.1/30 (OpenVPN routing 192.168.1.2/32)
... Grzegorz Krzystek
01:28 AM Bug #8003: IPsec weirdness with 2.4.1: Could not reproduce the issue with just one P2 entry. Seems it affects only multiply P2 Constantine Kormashev
12:30 AM Revision 0e2bed22: status_queues, provide 'realtime' statistics: -retrieve 'current' numbers from pfSense
not using qstats provides the following advantages:
-no long lag which requ... Pi Ba

11/04/2017

11:43 PM Bug #6406: Web process becomes unresponsive producing 502 Bad Gateway nginx: Running for 12+hours, dashboard up, IPSec widget (and many others including pfBlocker) loaded, no issues. (2.4.2.a.20... Anonymous
06:54 PM Revision e5960712: pkg, reinstall missing package: change the reference from install_package(.) as this function does not exist. Pi Ba
05:20 PM Bug #8016: 1 pfsense out of several shows 2.4.0 available, not 2.4.1: Followup notes:
* On the FW with the issue, did update from 2.3.4 to 2.4.0. Success
1) After reboot, Dashboard ... Eduard Rozenberg
04:31 PM Bug #7940: disabling LAGG causes system reboot on 2.4: could not replicate on 2.4.2.a.20171103.1355, not on HA though. Anonymous
04:13 PM Bug #7856: IPsec status does not show all connected mobile clients: tested on 2.4.2.a.20171103.1355, not seeing duplicate entries Anonymous
03:33 PM Revision 1b2c6dd9: Backport changes regarding login page: This commit improves consistency and prevents bugs by:
1) Not displaying the login CSS file in the theme list
2) Ensu... NewEraCracker
02:17 PM Bug #7594: "vtnet: driver does not support altq" following upgrade to 2.4 (worked in pfSense 2.3): Just updated to current and traffic shaping is still working for me. Maybe your queue config is triggering something... John Silva
01:03 PM Bug #7969: md5 bgp sessions fail in 2.4.0: Worth noting I have been seeing all of this with openbgpd, so it would be strange if it was specific to routing daemons. Terry Zink
01:01 PM Bug #4607: Bridge+CARP crashes/freezes pfSense: Is the patch for this still included in 2.4? I'm getting freezes that sound eerily similar to the issue described her... Anonymous
11:00 AM Bug #8054: DHCP server accepts trailing dot in domain names, DNS resolver adds another and breaks: To be clear: this happened with a static lease. Jove Too
10:46 AM Bug #8054 (Resolved): DHCP server accepts trailing dot in domain names, DNS resolver adds another and breaks: If you add a trailing dot on the domain name in the "domain name" and "domain search list", this is accepted. The DNS... Jove Too
07:41 AM Feature #8028: Unbound: Add advanced option for qname-minimization: I don't think strict should be an option through the GUI now that I've played with it.
With respect to qname-minim... Mathew Keith
03:17 AM Feature #8028: Unbound: Add advanced option for qname-minimization: Well if going to add options for the -strict in the gui... Needs to have BIG note on it that it WILL BREAK stuff... N... JohnPoz _
07:07 AM Bug #6400: assign_interfaces.php issues with large numbers of interfaces: https://forum.pfsense.org/index.php?topic=137391.msg757023#msg757023
Anonymous
04:55 AM Bug #7973: VLAN Priority Set feature in firewall rules is not functioning: A Pull request has been added address the issue of dhcp6 vlan priority requests
https://github.com/pfsense/pfsen... Kev Willers
12:19 AM Bug #8053 (Resolved): Firewall Rule IPv6 Gateway Cannot Be Selected: When there are multiple IPv6 gateways on a system an IPv6 firewall Rule can only be initially created with either the... Kristopher Kolpin

11/03/2017

09:59 PM Bug #6650: Option needed to disable HSTS: Tested on pfSense-netgate-memstick-ADI-2.4.2-DEVELOPMENT-amd64-20171103-1355.img, works as expected.... Anonymous
09:45 PM Revision 153f09b8: Fixed an issue where it was showing the escaped apostrophes on all info boxes. This will fix the issue of the javascript getting terminated in the ipsec status page in french. and not print it to the user: Stephen Jones
09:05 PM Revision 46b9efdd: Fixed #8043 It didn't like one of the french characters being saved in the config so it would rollback the config and not allow you to enable mobile clients. Added an html entities to replace it with safe characters. Also added some escapes when it tried to print certain words using a ['] and terminating a string in javascript for the ipsec_status page. This is a possibly a potential problem for multiple pages in French.: Stephen Jones
05:46 PM Revision 8c2831e1: Cosmetic changes to repo branch switching: Steve Beaver
05:23 PM Revision 73d5b5d2: Provide a firmware branch selector on the System->Update page to allow the user to change their mind.: On changing the selector, refresh the page to show the revised version information. Steve Beaver
04:38 PM Bug #8050: Enabling bridge while interfaces have link freezes console: This may be an issue on my end, with VMware...it's possible I saw what appeared to be the same issue on the XG-2758 b... Clinton Cory
04:22 PM Bug #8050: Enabling bridge while interfaces have link freezes console: PF was disabled during these tests and no IP assigned to the bridge interface. I had a similar problem with 2.3.5...
... Clinton Cory
03:51 PM Bug #8050: Enabling bridge while interfaces have link freezes console: Same issue with 2.4.1 Clinton Cory
03:32 PM Bug #8050: Enabling bridge while interfaces have link freezes console: Also may be related to changes here:
https://redmine.pfsense.org/issues/7936 Clinton Cory
03:24 PM Bug #8050 (Closed): Enabling bridge while interfaces have link freezes console: Installed 2.4.2-DEV CE (snapshot from about an hour ago) on both a VM and XG-2758.
If you try to create a bridge w... Clinton Cory
04:20 PM Bug #8043 (Feedback): Cannot enable IPsec Mobile Client Support when the interface is in french: Applied in changeset commit:46b9efddca9e78e1eabaf3a849c283f720dc35d7. Anonymous
04:06 PM Bug #8051: XG-2758 - Wrong Interface Assignment: Confirmed the same issue is present with 2.4.2 factory.
This was not a problem with 2.4.1 Clinton Cory
03:28 PM Bug #8051 (Resolved): XG-2758 - Wrong Interface Assignment: 2.4.2-DEV CE (latest from an hour or so ago) installed on XG-2758 and the interfaces do not assign as expected.
http... Clinton Cory
03:39 PM Feature #8052 (Rejected): Separate MTU interface values for IPv4 and IPv6: Some ISPs do not offer IPv6 connetivity yet or offer it via a tunnelling mechanism.
As such, in some cases PMTU di... Kristopher Kolpin
03:27 PM Revision 7e37da2e: When crafting the CA subject for ipsec.conf, handle component values that are arrays. Fixes #7929: Jim Pingle
03:14 PM Bug #8046 (Resolved): ntpd erroneously listens on all interfaces: Jim Pingle
08:30 AM Bug #8046 (Feedback): ntpd erroneously listens on all interfaces: Applied in changeset commit:c2a524405c65f973add431cf18d3efc5c3a8f2ea. Jim Pingle
02:52 PM Bug #7994 (Resolved): system_certmanager.php: Unable to create a wildcard SAN: Jim Pingle
02:52 PM Bug #7885 (Resolved): Cert. Manager should validate EKUs on importing a certificate authority: Jim Pingle
02:52 PM Bug #7733 (Resolved): User Manager deletes non-selected users: Jim Pingle
02:41 PM Bug #7969: md5 bgp sessions fail in 2.4.0: Jim Pingle wrote:
> Could be quagga vs frr, I am testing with frr. I'm still not convinced the second SA is doing an... Tim Economides
02:17 PM Bug #7969: md5 bgp sessions fail in 2.4.0: Could be quagga vs frr, I am testing with frr. I'm still not convinced the second SA is doing anything to help the si... Jim Pingle
02:00 PM Bug #7969: md5 bgp sessions fail in 2.4.0: Jim Pingle wrote:
> I'd be surprised if it was actually working due to that change alone. Maybe you changed somethin... Tim Economides
01:37 PM Bug #7969: md5 bgp sessions fail in 2.4.0: I'd be surprised if it was actually working due to that change alone. Maybe you changed something else unrelated to j... Jim Pingle
01:10 PM Bug #7969: md5 bgp sessions fail in 2.4.0: Jim Pingle wrote:
> Those changes do seem to be corroborated by the "setkey(8) man page":https://www.freebsd.org/cgi... Tim Economides
10:57 AM Bug #7969: md5 bgp sessions fail in 2.4.0: Those changes do seem to be corroborated by the "setkey(8) man page":https://www.freebsd.org/cgi/man.cgi?query=setkey... Jim Pingle
09:21 AM Bug #7969: md5 bgp sessions fail in 2.4.0: Tim Economides wrote:
> All - I did some digging and found that when I built MD5 support into Quagga (code which was... Tim Economides
02:24 PM Bug #8049 (Duplicate): MTU stuck at 1280 for gif0 interface: This is a bug that appears multiple times in past versions of pfSense. Even though the MTU for the 6in4 interface is... Kristopher Kolpin
02:14 PM Bug #8048 (Resolved): DHCPv6 Configured for LAN without LAN interface: Installed the latest 2.4.2-DEV CE snapshot on a VM with a single NIC
At the end of the installer I selected the op... Clinton Cory
01:39 PM Bug #8039: Invalid characters in static IP description will not resolve upon correction: I attempted to replicate this on a SG-2220 running Factory 2.4.2-DEV box but it seems to work just fine. I used stati... Clinton Cory
01:13 PM Revision c2a52440: When ntp is bound to specific interfaces, disable listening on wildcard. Fixes #8046: Jim Pingle
01:03 PM pfSense Packages Bug #8047 (Resolved): XG-2758 - Coreboot Upgrade - Different ROM size: XG-2758s have 8M and 16M ROMs. There is a J24 jumper to set the coreboot BIOS to either 8M or 16M. By default, the XG... Clinton Cory
10:40 AM Bug #7929 (Feedback): IPSec CA certificate name corrupt if multiple RDNs of the same type are in subject name: Applied in changeset commit:7e37da2e9db8dd153e3b8ef2844beb9a9fe24a56. Jim Pingle

11/02/2017

10:29 PM Bug #8015: IPsec VPN Not Reconnecting until complete reboot: Not sure we can do much about this in the current architecture. Jim Thompson
10:20 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM): Leif Huhn wrote:
> I compiled 2.17 from ports on raspi2 and it runs on the SG-3100 without SIGBUS.
We know the po... Jim Thompson
03:29 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM): I compiled 2.17 from ports on raspi2 and it runs on the SG-3100 without SIGBUS. Leif Huhn
02:40 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM): It looks like the radvd version is fairly old:... Leif Huhn
08:38 PM Revision 6b8680a7: Set VLAN Priority on dhcp6c packets: Martin Wasley
06:30 PM Revision 87c67243: Add an option for LDAP servers to use the global root CA list as a peer CA. Fixes #8044: Jim Pingle
06:20 PM Bug #8046 (Resolved): ntpd erroneously listens on all interfaces: Although I have selected only specific interfaces for ntpd to listen on, the service additionally listens to the wild... Alexander Berkes
04:59 PM Bug #8045 (Closed): Terminal and WebGUI stops responding: Running a Netgate APU2 with SSD and 4GB RAM. This started after upgrading from 2.3 to 2.4. After a few days, would tr... Anthony G
04:40 PM Revision d54ff1c2: Disable HSTS for captive portals: Doktor Notor
04:40 PM Revision 7f797833: Add option to disable HSTS for nginx (Bug #6650): Doktor Notor
04:40 PM Revision 42833525: Add option to disable HSTS for nginx (Bug #6650): Doktor Notor
04:40 PM Revision 193f628d: Add option to disable HSTS for nginx (Bug #6650): Doktor Notor
04:39 PM Revision 3ed3a367: Disable HSTS for captive portals: Doktor Notor
04:39 PM Revision a257c4c9: Add option to disable HSTS for nginx (Bug #6650): Doktor Notor
04:39 PM Revision b42a43f7: Add option to disable HSTS for nginx (Bug #6650): Doktor Notor
04:39 PM Revision 3684280d: Add option to disable HSTS for nginx (Bug #6650): Doktor Notor
03:56 PM Bug #7969: md5 bgp sessions fail in 2.4.0: All - I did some digging and found that when I built MD5 support into Quagga (code which was subsequently used in dev... Tim Economides
10:40 AM Bug #7969: md5 bgp sessions fail in 2.4.0: Downgraded my device back to 2.3.4 after taking the trip out to the DC. Working fine now. Definitely 2.4.x related. Terry Zink
03:23 PM Revision fbbd7d2b: Crudely fixed #7786 by eliminating check of parent bandwidth when children are sepcified in %: Steve Beaver
02:10 PM Revision a72dbd2a: pf, retry pfctl -f rule loading when pf is 'busy', don't try and fail to force -d -e as that would also fail at this point in time.: (cherry picked from commit a512609213f2a8fd86c7515c9235e1760d7026ed) Pi Ba
02:10 PM Revision 4ede18de: Merge pull request #3857 from PiBa-NL/20171022-pf-wait-dont-wedge: Renato Botelho
02:07 PM Revision 78089d06: Add filtering to pfTop page: (cherry picked from commit 1008527985c9ca392d62beca66b7a49be840330c) → luckman212
02:07 PM Revision 7f9b646c: Merge pull request #3847 from luckman212/pftop-extras-1: Renato Botelho
02:07 PM Revision 82bd941b: VirtualIP, FIX, VIPs should have a <uniqueid> property inside the config.xml, however if they are added as 'proxy-arp' or 'other' and then modified to ipalias or carp, the uniqueid stays empty.: (cherry picked from commit 807160e9db2e7fe2296d7312d602874290186505) Pi Ba
02:07 PM Revision 7ddc3024: Merge pull request #3842 from PiBa-NL/20171004-vip-uniqueid: Renato Botelho
02:04 PM Revision 7ea5b55b: Merge pull request #3859 from PiBa-NL/20171031-xmlrpc-encodedspace: Renato Botelho
02:03 PM Revision 0e4e4ca1: config, xmlparse throw exception instead of calling die(), so corruption check will properly handle the unlink action of the corrupted config: (cherry picked from commit 6153d6683eb682b936b9865114735fc90d7d64cd) Pi Ba
02:03 PM Revision d7e969dc: Merge pull request #3860 from PiBa-NL/20171031-config-backup-check-exception: Renato Botelho
01:48 PM Bug #8020 (Duplicate): Can't STARTTLS to LDAP server since 2.4.0: I ended up making a new issue for this, see #8044 for the fix. Jim Pingle
01:40 PM Bug #8044 (Feedback): LDAP authentication fails with a globally trusted root CA: Applied in changeset commit:87c67243c2cab5fd3e51d17df96ed5ac04bff799. Jim Pingle
01:28 PM Bug #8044 (Resolved): LDAP authentication fails with a globally trusted root CA: The OpenLDAP client does not automatically look for and trust the global root CA list we have from ca_root_nss, linke... Jim Pingle
01:30 PM Bug #8003: IPsec weirdness with 2.4.1: Marcel Kinzel wrote:
> I can confirm the same issue. As someone already mentioned in the pfSense forum (https://foru... Jorz Ybañez
12:19 PM Feature #8028: Unbound: Add advanced option for qname-minimization: I have been using the
qname-minimisation: yes
Option via adding it to custom option box for a few days now and h... JohnPoz _
11:20 AM Feature #8028: Unbound: Add advanced option for qname-minimization: RFC spec here:
https://tools.ietf.org/html/rfc7816
Should this be ignored if forwarding mode is enabled? I don't ... Mathew Keith
12:16 PM Bug #6650 (Feedback): Option needed to disable HSTS: PR has been merged Renato Botelho
11:53 AM Revision bff36903: Fix #6459: Skip interfaces config in AWS EC2 wizard: Renato Botelho
11:52 AM Revision eb809299: Implement <skip_flavors> tag in wizards to skip specific steps on specific flavors: Renato Botelho
11:51 AM Revision c31dacf2: Set title and description after $stepid changes: Renato Botelho
10:55 AM Bug #7990: SyntaxError: JSON.parse: unexpected character at line 1 column 1 of the JSON data: Do you know when 2.4.2 stable will be released?
Jasjit Chopra
08:57 AM Bug #7990: SyntaxError: JSON.parse: unexpected character at line 1 column 1 of the JSON data: This fix did not make it into 2.4.1 but it is implemented in 2.4.2. Anonymous
06:10 AM Bug #7990: SyntaxError: JSON.parse: unexpected character at line 1 column 1 of the JSON data: This is still not resolved in 2.4.1 - I am seeing the exact same behavior after upgrading to 2.4.1 ! Jasjit Chopra
10:30 AM Bug #7786 (Feedback): traffic shaping queue on WAN wont allow total of all child to be 100%: Applied in changeset commit:fbbd7d2b53492b9d7ce7fb02218de2cdda31ce27. Anonymous
09:34 AM Bug #7940 (Feedback): disabling LAGG causes system reboot on 2.4: Fixed.
The fix will be available on the next snapshot.
Testing this issue is non trivial, but still, I would ap... Luiz Souza
09:33 AM Bug #7856: IPsec status does not show all connected mobile clients: Applied in changeset a65b41a9e455786dd969a1ffcd110fdf195f9031. Anonymous
09:31 AM Bug #7856 (Feedback): IPsec status does not show all connected mobile clients: Anonymous
09:05 AM Bug #8032 (Feedback): xmlrpcsync password fails with spaces in password: PR has been merged Renato Botelho
08:52 AM Bug #7594: "vtnet: driver does not support altq" following upgrade to 2.4 (worked in pfSense 2.3): T S wrote:
> I can confirm that Traffic Shaping is broken on VTNET Interfaces.
> If active the Firewall / PortForwa... T S
08:46 AM Bug #7933: There were error(s) loading the rules: pfctl: vtnet0: driver does not support altq - The line in question reads [0]:: Hello,
the issue still exists with the newest 2.4.2 snapshot (tested yesterday).
Virtualized pfsense with virti... T S
07:10 AM pfSense Packages Bug #7959 (Not a Bug): Dpinger - Probe Interval: Please move discussion to a forum thread and if a real bug is found open a ticket with specific data Renato Botelho
07:00 AM Bug #6459 (Feedback): AWS EC2 Instance should skip interface config in setup wizard: Applied in changeset commit:bff36903ea4f1ca2615e31e2dd9d6927509df82b. Renato Botelho

11/01/2017

09:48 PM Revision a5126092: pf, retry pfctl -f rule loading when pf is 'busy', don't try and fail to force -d -e as that would also fail at this point in time.: Pi Ba
05:42 PM Bug #8043 (Resolved): Cannot enable IPsec Mobile Client Support when the interface is in french: Hello,
I set the interface of my pfSense in french. And if I go in "VPN > IPsec > Mobile Clients", check "Enable I... Manuel Carrera
12:48 PM Bug #8038 (Rejected): Cannot authenticate via LDAP+SSL in 2.4.1: Then that's not an intermediate CA. All you need is the root. Having that non-CA in the CA manager is probably the pr... Jim Pingle
12:36 PM Bug #8038: Cannot authenticate via LDAP+SSL in 2.4.1: DC1 CA is the Root CA cert of the Domain Controller. DC1 is the certificate of the domain controller signed by the Ro... Jimmy Chen
12:14 PM Bug #8038: Cannot authenticate via LDAP+SSL in 2.4.1: There must still be something about the chain that isn't quite right, the same test here works perfectly fine using S... Jim Pingle
12:01 PM Bug #8038: Cannot authenticate via LDAP+SSL in 2.4.1: I tried everything you suggested but the result is still exactly the same. I attached screenshots of the configuratio... Jimmy Chen
11:09 AM Bug #8038 (Feedback): Cannot authenticate via LDAP+SSL in 2.4.1: It works for me here with both a standard CA and with an intermediate CA chain on multiple firewalls and against mult... Jim Pingle
10:38 AM Bug #8037 (Duplicate): status_monitoring.php XSS: Looking back at #7876 it seems like the same base issue but there were two more potential vectors that needed repair,... Jim Pingle
09:29 AM Bug #8040 (Confirmed): diag_dns.php - external links to DNSstuff: From the looks of it, they're having some sort of issue with the site. That server has DNS records but isn't respondi... Jim Pingle
09:24 AM Revision 005f3aa7: Merge pull request #3858 from nagyrobi/patch-25: Renato Botelho
09:19 AM Bug #8041 (Confirmed): Missing download images for i386 platform: Jim Pingle
01:32 AM Bug #8041 (Resolved): Missing download images for i386 platform: Hello...
Could some one comment on this issue please...
I need to download an embedded pfsense image for the i386... Damien Myracle
09:17 AM Bug #8042 (Closed): VLAN Priority on dhcpc6c packets is not set. REF #7973: With the dhcp6c options seems best. In the future, requests for discussion/clarification like this should be on the d... Jim Pingle
02:40 AM Bug #8042 (Closed): VLAN Priority on dhcpc6c packets is not set. REF #7973: Although VLAN tagging now works, it does not work for dhcp6c. @jimp suggested to @kwillers that adding a new floating... Martin Wasley

10/31/2017

10:28 PM Revision 6153d668: config, xmlparse throw exception instead of calling die(), so corruption check will properly handle the unlink action of the corrupted config: Pi Ba
09:16 PM Bug #8040 (Resolved): diag_dns.php - external links to DNSstuff: Links to the external service _private.dnsstuff.com_ appear to be no longer valid.
Phil Biggs
08:03 PM Bug #8039 (Resolved): Invalid characters in static IP description will not resolve upon correction: I created a few dozen static IPs in the DHCP Server. A handful of those had descriptive names such as "Diedrich's lap... Diedrich Guenther
07:34 PM Bug #7940 (Confirmed): disabling LAGG causes system reboot on 2.4: Ok, I found a way to reproduce this.
It is not really related to lagg, it is a race that happens at interface deta... Luiz Souza
07:19 PM Revision 70b70f9d: Fix handling of wildcard CN/SAN entries in certificates. Fixes #7994: Jim Pingle
06:58 PM Revision 9e608d7a: Ensure that a certificate authority entry is capable of acting as a CA when importing. Fixes #7885: Jim Pingle
06:18 PM Revision 09038b21: Reindex the user and group arrays after deleting items, to avoid operating on incorrect array entries. Fixes #7733: (cherry picked from commit 92c27793b4c7f87e89aec3faec5582c17502d6d5)
(cherry picked from commit 106de6365c7407f2325d5... Jim Pingle
06:18 PM Revision 106de636: Reindex the user and group arrays after deleting items, to avoid operating on incorrect array entries. Fixes #7733: (cherry picked from commit 92c27793b4c7f87e89aec3faec5582c17502d6d5) Jim Pingle
06:17 PM Revision 92c27793: Reindex the user and group arrays after deleting items, to avoid operating on incorrect array entries. Fixes #7733: Jim Pingle
05:45 PM Bug #8038 (Rejected): Cannot authenticate via LDAP+SSL in 2.4.1: Same exact configuration that had been working previously in 2.3.x but is now not working after I upgraded to 2.4.1. ... Jimmy Chen
05:10 PM Bug #8037 (Duplicate): status_monitoring.php XSS: If you click the edit icon > display advanced > add view and then enter <script>alert(1)</script> it looks like it do... Anonymous
05:07 PM Bug #7978: IE 11 - Headers of tables almost not visible when no entries made: Confirmed, loaded the new css in 2.4.1 and is working fine now.
no more scrollbars and headers visible for tables wi... Hijmen Schilperoort
04:07 PM Bug #7733: User Manager deletes non-selected users: Jim Pingle wrote:
> This turned out to the same sort of issue as #7682 (on a different page, however), and a similar... Tom Wijnroks
01:30 PM Bug #7733 (Feedback): User Manager deletes non-selected users: Applied in changeset commit:92c27793b4c7f87e89aec3faec5582c17502d6d5. Jim Pingle
01:17 PM Bug #7733: User Manager deletes non-selected users: This turned out to the same sort of issue as #7682 (on a different page, however), and a similar fix addressed the pr... Jim Pingle
03:58 PM Bug #7905 (Confirmed): OpenVPN Authentication Against Backend Stalls All Server Traffic: I was finally able to confirm the problem, I'm looking at that auth_script plugin now, but it will require some signi... Jim Pingle
03:48 PM Revision 67b1afb3: Revert "Make devel points to 2.3.5": This reverts commit dba5f62ab6391ea12c2e06c4bee571cd26342207. Renato Botelho
03:11 PM Revision 07152ca7: Fixed #8035: (cherry picked from commit 9c4e7fd3e155d08911feb0afc527af21d79ce917) Steve Beaver
02:30 PM Bug #7994 (Feedback): system_certmanager.php: Unable to create a wildcard SAN: Applied in changeset commit:70b70f9dd5f52aba4cfb28c3251961ee0b48d359. Jim Pingle
02:25 PM Revision 9c4e7fd3: Fixed #8035: Steve Beaver
02:10 PM Bug #7885 (Feedback): Cert. Manager should validate EKUs on importing a certificate authority: Applied in changeset commit:9e608d7a5215534d2519dc633a46884e2981619d. Jim Pingle
01:42 PM Bug #8033 (Not a Bug): Certmanager import server certificate ignores purpose server: "Netscape Certificate Type"/nsCertType has been deprecated for quite some time as a supported certificate attribute (... Jim Pingle
04:04 AM Bug #8033 (Not a Bug): Certmanager import server certificate ignores purpose server: When importing a certificate generated with tinyca as server certificate (pem) the server setting gets ignored and in... Robert Sailer
11:50 AM Feature #8036: Want to run multiple Mobile Client IKEv2 server instances: There is a minor typo that I seem to be unable to correct. "Neither is possible on iOS." should have been "Neither is... Richard Yao
11:48 AM Feature #8036 (New): Want to run multiple Mobile Client IKEv2 server instances: The Mobile Client IKEv2 server in pfSense should be able to do two things that it presently cannot:
1. Bind to mul... Richard Yao
10:00 AM Feature #8030: Unbound: Add support for DNS over TLS to internal clients: Also it would need significantly more logic here than you've shown thus far. For instance, you can't always assume th... Jim Pingle
09:55 AM Feature #8030: Unbound: Add support for DNS over TLS to internal clients: I'd like to request that this FR be closed. When I created it I did so because I didn't think it was possible to do t... Mathew Keith
09:40 AM Bug #8035 (Feedback): Installed packages widget does not show updates: Applied in changeset commit:9c4e7fd3e155d08911feb0afc527af21d79ce917. Anonymous
07:08 AM Bug #8035 (Resolved): Installed packages widget does not show updates: https://forum.pfsense.org/index.php?topic=138876.0 Anonymous
09:30 AM Bug #8007 (Resolved): Status -> Queues show as (loading) and don't update: Jim Pingle
09:02 AM Bug #8007: Status -> Queues show as (loading) and don't update: Jim Pingle wrote:
> Applied in changeset commit:2d07b58d8cc2c67fbb701cf2d369691ad3ab0074.
Thank you Jim for fixin... Jorz Ybañez
08:42 AM Bug #8034 (Rejected): PHP crashes when trying to modify or add NAT rules in pfSense v.2.4.1: Please post on the forum, reddit, or the mailing list to discuss this in detail before opening a bug report. There ma... Jim Pingle
05:21 AM Bug #8034 (Rejected): PHP crashes when trying to modify or add NAT rules in pfSense v.2.4.1: Hello, I'm running pfSense v2.4.1, upgraded from v2.4.0 yesterday.
Every time I try to add or modify a NAT rule in... Alessandro Bariatti
12:49 AM Revision 2ec76321: xmlrpc, fix usage of space and + character that need different encoding: Pi Ba

10/30/2017

08:53 PM Feature #8030: Unbound: Add support for DNS over TLS to internal clients: Edit: I was able to get this to work. info posted below.
Forum link:
https://forum.pfsense.org/index.php?topic=1... Mathew Keith
05:30 PM Feature #8030: Unbound: Add support for DNS over TLS to internal clients: I did some more research on this. A simple checkbox that adds the following lines to the config should do the trick:
... Mathew Keith
11:46 AM Feature #8030: Unbound: Add support for DNS over TLS to internal clients: Also need to add the following lines:
interface: 0.0.0.0@853
interface: ::0@853
The interface address being set ... Mathew Keith
11:43 AM Feature #8030 (Resolved): Unbound: Add support for DNS over TLS to internal clients: Add support for DNS over TLS to internal clients.
A description of the feature can be found here.
https://dnspri... Mathew Keith
08:51 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM): Signs are pointing to a corrupt stack. From https://stackoverflow.com/questions/27577179/signal-sigbus-on-a-line-with... Leif Huhn
08:47 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM): Admittedly the above isn't terribly useful without symbols. Leif Huhn
08:38 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM): I don't know what is happening with gdb but I'm working around it by starting the process before entering gdb.
<pr... Leif Huhn
07:46 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM): That doesn't seem to be it. -n is actually the option to prevent forking, and in fact gdb is unable to debug any prog... Leif Huhn
02:22 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM): Leif Huhn wrote:
> I'm trying to install gdb to debug this but when I run:
>
> pkg add http://pkg.freebsd.org/Fre... Jim Thompson
07:51 PM Bug #8032: xmlrpcsync password fails with spaces in password: Fix: https://github.com/pfsense/pfsense/pull/3859 Pi Ba
06:43 PM Bug #8032 (Resolved): xmlrpcsync password fails with spaces in password: xmlrpcsync fails when there are spaces in the middle of the password. Mentioned this on IRC and got this reponse...
... Ed Byrne
07:35 PM Revision 97882d89: Change a few more instances of using the physical interface to the friendly interface in status_queues.php, which allows root queues to function with the new VLAN interface names. Fixes #8007: (cherry picked from commit 2d07b58d8cc2c67fbb701cf2d369691ad3ab0074) Jim Pingle
07:35 PM Revision 2d07b58d: Change a few more instances of using the physical interface to the friendly interface in status_queues.php, which allows root queues to function with the new VLAN interface names. Fixes #8007: Jim Pingle
06:19 PM Revision 545afa4d: Update the system sysctls to not harvest data from interrupts, point-to-point interfaces and ethernet devices.: The sysctl names changed in FreeBSD 11.
(cherry picked from commit c3938c16e3ba66e6911590653a775423371b4a3a) Luiz Souza
06:17 PM Revision c3938c16: Update the system sysctls to not harvest data from interrupts, point-to-point interfaces and ethernet devices.: The sysctl names changed in FreeBSD 11. Luiz Souza
04:37 PM Bug #7936 (Feedback): bridge network interface does not support altq on 2.4.0-RELEASE: The support for ALTQ is now restored, please check with tomorrow's snapshot. Luiz Souza
04:20 PM Revision c2b91018: Make is_ipaddrv6() compatible with is_ipaddrv4().: Only the IP address must be accepted, address with netmasks do not qualify.
Ticket #8024
(cherry picked from commit... Luiz Souza
04:20 PM Revision deccebcf: Check the correct variable.: All the IPv6 verification code block was being ignored before this commit.
Ticket #8024
(cherry picked from commit ... Luiz Souza
04:15 PM Revision 2f87470c: Make is_ipaddrv6() compatible with is_ipaddrv4().: Only the IP address must be accepted, address with netmasks do not qualify.
Ticket #8024 Luiz Souza
04:12 PM Revision d1630d95: Check the correct variable.: All the IPv6 verification code block was being ignored before this commit.
Ticket #8024 Luiz Souza
03:23 PM Feature #6626: Support for IPv6 firewall entries with dynamic delegated prefix and static host address: I would like to see support for this added as I have switched my home router to use pfSense and run into the same iss... Graham Gudgin
02:58 PM Revision 80392e01: added some security to strip html characters: Stephen Jones
02:50 PM Bug #8007 (Feedback): Status -> Queues show as (loading) and don't update: Applied in changeset commit:2d07b58d8cc2c67fbb701cf2d369691ad3ab0074. Jim Pingle
01:30 PM Bug #8007: Status -> Queues show as (loading) and don't update: Jim Pingle wrote:
> Aha, when I tested in PRIQ it all worked but it doesn't have root queues like HFSC, I'll check o... Jorz Ybañez
01:09 PM Bug #8007 (Assigned): Status -> Queues show as (loading) and don't update: Aha, when I tested in PRIQ it all worked but it doesn't have root queues like HFSC, I'll check on that. Thanks! Jim Pingle
12:33 PM Bug #8007: Status -> Queues show as (loading) and don't update: Jim Pingle wrote:
> Applied in changeset commit:63a480cbf6b24d155421c1cd74f1b0409ae945de.
Still displaying (Loadi... Jorz Ybañez
02:05 PM pfSense Packages Feature #8031 (New): FreeRADIUS copy entry function: Any chance we could have a copy function for FreeRADIUS Clients, MACs and NAS/Clients.
Something like the firewall... Andy Kniveton
12:53 PM Feature #7910: Notification GUI: I agree that this is a very useful addition and commonly requested.
Being able to see what notification will email... Clinton Cory
11:54 AM Bug #8029 (Duplicate): After upgrade to 2.4.1 from 2.3.4 the vlan interface name changed. But mpd5 not work with new vlan iface format.: Duplicate of #7981 and already fixed in 2.4.2 snapshots Jim Pingle
11:38 AM Bug #8029 (Duplicate): After upgrade to 2.4.1 from 2.3.4 the vlan interface name changed. But mpd5 not work with new vlan iface format.: After upgraded I can not connect to PPPOE server from vlan interface. If I change the vlan interface name back to bge... Chunlin Yao
11:33 AM Bug #8024 (Feedback): static ipv6 config allow invalid addresses: Fixed.
Please check with tomorrow's snapshot.
Thanks! Luiz Souza
11:30 AM Feature #8028 (Resolved): Unbound: Add advanced option for qname-minimization: Add support for qname-minimization and maybe qname-minimisation-strict.
This can be implemented in two ways, depen... Mathew Keith
11:26 AM Bug #8001: Invalid FQDN in alias causes alias table to fail *silently*: More specifically, in this case, the FDQN timed out (DNS didn't respond).
Stuart Wyatt
11:25 AM Revision bd1f390d: Do not display logo.css as a valid theme: Renato Botelho
11:25 AM Revision cc2187c3: Do not display logo.css as a valid theme: Renato Botelho
09:16 AM Bug #8000 (Resolved): XSS on index.php via widget sequence parameters: Jim Pingle
09:11 AM Bug #7998 (Resolved): XSS in widgetkey parameter of multi-instance dashboard widgets: Jim Pingle
08:40 AM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names: Marc-Andre Robert wrote:
> Looking into upgrading to 2.4.2. Is there anyway to update using the ISO and not loose my... Jim Pingle
08:19 AM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names: > Version 2.3 and newer
> In 2.3 and newer versions, the update system is pkg-based, changing the available update m... Anonymous
05:14 AM Feature #8027 (Closed): Add second password field for validation when doing encrypted config.xml backup: Currently if we want to encrypt the config.xml file, there is one textbox for password entry. If a typo is made, the... Greg Maub

10/29/2017

04:54 PM Feature #6240: vxlan driver: +1 Josh Van As
12:48 PM Bug #7979 (Resolved): Error setting limiter over 2GB/s: Luiz Souza
10:56 AM Bug #8010: import cert: "The submitted private key does not match the submitted certificate data": That would explain it, but you can't use a password-protected certificate anyhow, so it isn't worth importing. Jim Pingle
10:00 AM Bug #8010: import cert: "The submitted private key does not match the submitted certificate data": Hello again Jim :)
I investigate about my certs and I found the problem: that cert has a password, pfsense doesn't... Pol Hallen
07:00 AM Bug #8024 (Resolved): static ipv6 config allow invalid addresses: I discovered that the ipv6 static address allows user to insert invalid values and allows saving them. Due to this ot... Sorin Sbarnea

10/28/2017

11:56 PM Feature #8023: Redirect to FQDM: Good point.
Would it be acceptable to do all this transparently inside nginx conf leaving the interface as is? If... Derek Schrock
08:16 PM Feature #8023: Redirect to FQDM: The problem with doing this is that you do not know that the hostname exists in DNS and is working properly.
It wo... Jim Pingle
02:00 PM Feature #8023: Redirect to FQDM: Possible fix see attached patch Derek Schrock
01:03 PM Feature #8023 (Closed): Redirect to FQDM: When "WebGUI redirect" is unchecked from System->Advanced pfsense will redirect requests to http to https.
If you ... Derek Schrock
09:52 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM): I'm trying to install gdb to debug this but when I run:
pkg add http://pkg.freebsd.org/FreeBSD:11:armv6/release_1/... Leif Huhn
03:54 PM Bug #7973: VLAN Priority Set feature in firewall rules is not functioning: Jim indeed it was my rule or at least the order that pfSense rules are ordered in rules.debug
Full explanation he... Kev Willers
10:27 AM Revision 04422f4f: It's time for 2.3.5-RELEASE: Renato Botelho
09:06 AM Bug #7984: restarting syslogd service makes sshlockout_pf process orphans: A syslog service 'restart' still leaves the sshlockout_pf running. A 'stop' does end all running sshlockout_pf proces... Pi Ba
06:53 AM Todo #8005 (Resolved): Block direct download of .inc files: Jim Pingle
02:49 AM Todo #8005: Block direct download of .inc files: Could not download one... Constantine Kormashev
04:48 AM Bug #8020: Can't STARTTLS to LDAP server since 2.4.0: Forgot to add, when PfSense attempts to connect on my LDAP server, I see this on the server side:
@TLS: error: acc... Daniel Berteaud
03:16 AM Bug #8003: IPsec weirdness with 2.4.1: Got the same with latest 242.
Can see just 1 SPD P2 entry have to see 2 P2 entries
Can see
!bad_spd.png!
Have... Constantine Kormashev
02:38 AM Bug #7978: IE 11 - Headers of tables almost not visible when no entries made: The same w/o entries
!ie11_w10_wo_entr.png! Constantine Kormashev
02:34 AM Bug #7978: IE 11 - Headers of tables almost not visible when no entries made: Looks fine on latest 2.4.2 win10 ie 11
!ie11_w10.png! Constantine Kormashev
02:27 AM Bug #7979: Error setting limiter over 2GB/s: Tried 4096Mb/s looks fine
@00001: 4.096 Gbit/s 0 ms burst 0
q131073 50 sl. 0 flows (1 buckets) sched 65537 ... Constantine Kormashev

10/27/2017

09:14 PM Bug #7942 (Resolved): QinQ interfaces never show as active: Luiz Souza
09:13 PM Bug #7594 (Resolved): "vtnet: driver does not support altq" following upgrade to 2.4 (worked in pfSense 2.3): Luiz Souza
04:03 PM Bug #7594: "vtnet: driver does not support altq" following upgrade to 2.4 (worked in pfSense 2.3): Tested and working for me. Thanks! John Silva
08:54 PM Revision 748e38fa: Do not print JS when there are input errors on diag_dns.php; fix json_encode syntax. Ticket #7999: (cherry picked from commit f32e9531ae21852ef0b21709b8278d1091d55d56) Jim Pingle
08:54 PM Revision edc0092c: Do not print JS when there are input errors on diag_dns.php; fix json_encode syntax. Ticket #7999: (cherry picked from commit f32e9531ae21852ef0b21709b8278d1091d55d56) Jim Pingle
08:54 PM Revision ff042793: Do not print JS when there are input errors on diag_dns.php; fix json_encode syntax. Ticket #7999: (cherry picked from commit f32e9531ae21852ef0b21709b8278d1091d55d56) Jim Pingle
08:53 PM Revision 0f8cc881: Do not print JS when there are input errors on diag_dns.php; fix json_encode syntax. Ticket #7999: (cherry picked from commit f32e9531ae21852ef0b21709b8278d1091d55d56) Jim Pingle
08:53 PM Revision b9319086: Do not print JS when there are input errors on diag_dns.php; fix json_encode syntax. Ticket #7999: (cherry picked from commit f32e9531ae21852ef0b21709b8278d1091d55d56) Jim Pingle
08:52 PM Revision f32e9531: Do not print JS when there are input errors on diag_dns.php; fix json_encode syntax. Ticket #7999: Jim Pingle
06:12 PM Bug #8022 (Resolved): radvd receives SIGBUS on SG-3100 (ARM): Hi,
I just received my first pfsense box, the SG-3100. I tried to setup IPv6 on the LAN and advertise the network ... Leif Huhn
04:33 PM Revision 284726f1: Simplify logic: Renato Botelho
04:33 PM Revision 9f339e07: Only show copynotice when version changes: Renato Botelho
04:33 PM Revision a3ceaeaf: Add support for copyright notice: Steve Beaver
04:32 PM Revision d09972a9: Simplify logic: Renato Botelho
04:32 PM Revision 2ef48720: Only show copynotice when version changes: Renato Botelho
04:26 PM Revision 66912f58: Fix #7984: Make sure sshlockout_pf stops when syslogd stops: Renato Botelho
04:25 PM Revision fd0d84e9: Fix #7984: Make sure sshlockout_pf stops when syslogd stops: Renato Botelho
04:24 PM Revision 7dee71c3: Add support for copyright notice: Steve Beaver
04:19 PM Revision e8f4a96c: Fix #7984: Make sure sshlockout_pf stops when syslogd stops: Renato Botelho
04:11 PM pfSense Packages Bug #7959: Dpinger - Probe Interval: This would probably be better as a forum discussion...
A probe every 60 seconds is 40,320 bytes per day one-way, 1... Denny Page
04:37 AM pfSense Packages Bug #7959: Dpinger - Probe Interval: Many thanks for your input.
If the size of the packet is only 28 bytes ( 56 bytes calculating the reply as well ) ye... Lampros Papanastasiou
04:07 PM Feature #8021 (Rejected): change default mask values for ipv4 to /24 and ipv6 to /64: There seems to be a few threads where users have issues because mask defaults to /32
Would it be possible when set... JohnPoz _
04:02 PM Bug #8010: import cert: "The submitted private key does not match the submitted certificate data": If they don't match, that isn't a valid combination. Are you certain that actually works? Does the modulus of the key... Jim Pingle
03:33 PM Bug #8010: import cert: "The submitted private key does not match the submitted certificate data": Jim Pingle wrote:
> Are you absolutely certain that the certificate and key match?
I just checked and both don't ... Pol Hallen
11:40 AM Bug #7984 (Feedback): restarting syslogd service makes sshlockout_pf process orphans: Applied in changeset commit:e8f4a96c7dcd0af18eb2d9e95d48f4402d41182d. Renato Botelho
11:10 AM Bug #8020 (Duplicate): Can't STARTTLS to LDAP server since 2.4.0: This setup was running fine until my upgrade to 2.4.0 (and 2.4.1). I'm running an OpenLDAP server (on EL6). This LDAP... Daniel Berteaud
10:56 AM pfSense Packages Bug #7944 (Feedback): Bind XMLRPC Sync Error: PR has been merged. Thanks! Renato Botelho
10:26 AM pfSense Packages Bug #7944: Bind XMLRPC Sync Error: This also seems to affect 2.4.1 as well. Justin Opotzner
09:48 AM Bug #8012 (Resolved): Parse error: syntax error, unexpected '&&' (T_BOOLEAN_AND) in /etc/inc/util.inc on line 1565: Luiz Souza
09:47 AM Bug #7426 (Feedback): UDP packet drops: Fixed. Add nmbclusters set to 500000 on SG-1000 and 1000000 on SG-3100. Luiz Souza
09:00 AM Bug #8019 (Rejected): mobile view 2.4.1: Config issue.
System > General, change Top Navigation.
If that doesn't help, post on the forum, reddit, or mail... Jim Pingle
08:50 AM Bug #8019 (Rejected): mobile view 2.4.1: Hello,
the context menu is not scrollable at the mobile view. So it's not possible to reach all funktion. Ni Ma
08:31 AM Bug #7973: VLAN Priority Set feature in firewall rules is not functioning: Probably an error in your rules, has to be in a floating rule, on the right interface, quick enabled, outbound direct... Jim Pingle
08:22 AM Bug #7973: VLAN Priority Set feature in firewall rules is not functioning: Jim Pingle wrote:
> The "VLAN Prio Set" option on firewall rules is supposed to alter the VLAN priority flag in 802.... Kev Willers
08:08 AM Bug #7973 (Resolved): VLAN Priority Set feature in firewall rules is not functioning: Confirmed as fixed, setting a priority is reflected in the traffic on the wire now. Thanks! Jim Pingle
07:55 AM Bug #8018: Making WAN changes bricks PPPoE config: Apologies - I accidentally clicked submit too soon.
The problem is that making any change and saving the page will... Joe McNolan
07:55 AM Bug #8018 (Rejected): Making WAN changes bricks PPPoE config: Not nearly enough detail here for a bug report we can investigate. Please post on the forum, mailing list, or reddit ... Jim Pingle
07:53 AM Bug #8018 (Rejected): Making WAN changes bricks PPPoE config: We use a pfSense appliance as firewall at a site with a DSL Internet connection.
IPv6 Joe McNolan
06:25 AM Bug #8017 (Duplicate): Changing VLAN assignments breaks parent LAGG interface: Duplicate of #7928 Jim Pingle
05:49 AM Bug #7928: LAGG interfaces lose MAC address: Hi,
I had similar issue with this mb APU1D/T40E, pfsense 2.4.0 fresh install:
all 3 reX interfaces were members in ... Gianluca Toso

10/26/2017

10:48 PM Bug #8017 (Duplicate): Changing VLAN assignments breaks parent LAGG interface: I updated to 2.4.1 tonight forgetting about the PPPoE over VLAN issue so I started changing my WAN interface and then... Samuel Kadolph
07:57 PM Bug #8016 (Closed): 1 pfsense out of several shows 2.4.0 available, not 2.4.1: 1 firewall out of several shows 2.4.0 update available, not 2.4.1.
I tried changing update setting to Next Major Ver... Eduard Rozenberg
07:39 PM Revision ab67b772: Do not build ova: Renato Botelho
07:38 PM Revision 3310ee3a: Do not build ova: Renato Botelho
05:50 PM Bug #8015 (Resolved): IPsec VPN Not Reconnecting until complete reboot: We have multiple IPSec tunnels to our remote sites and Every now and then, some sites will fail to reconnect unless w... Lloyd Virola
04:43 PM Bug #7119: Changing LAGG attributes results in a panic/crash: Steve Wheeler wrote:
> If it didn't actually panic it's probably that MAC address issue. That should be fixed in 2.4... Michael OBrien
04:27 PM Revision dba5f62a: Make devel points to 2.3.5: Renato Botelho
04:24 PM pfSense Packages Bug #7961 (Feedback): JS Error on Status > Monitoring: Anonymous
04:12 PM Revision e2fdf098: Use eval to get proper variable value: Renato Botelho
04:12 PM Revision e81cf8fa: Use eval to get proper variable value: Renato Botelho
03:50 PM Revision 29c1ecb8: Added a description to mobile client to reflect description in phase1: Stephen Jones
01:18 PM Revision 2c357cf2: Make separate definitions for amd64 / i386 repos: Renato Botelho
01:05 PM Revision 7a2a31c3: Make separate definitions for amd64 / i386 repos: Renato Botelho
12:59 PM Revision c6f7774b: Use proper directory for i386: Renato Botelho
12:56 PM Revision 3b52996b: Fill default repo dinamically: Renato Botelho
12:55 PM Revision 09f8cf10: Define default repo: Renato Botelho
12:49 PM Revision 8674b2c7: Use proper directory for i386: Renato Botelho
12:47 PM Revision c7714767: Fill default repo dinamically: Renato Botelho
12:36 PM Bug #7979 (Feedback): Error setting limiter over 2GB/s: Fixed.
The limit is now ~4Gb (4294967295). Luiz Souza
11:53 AM Bug #8013: IPsec MSS clamping value shared for IPv4 and IPv6: Agree this would be good, but it really wants to be part of FreeBSD (upstream).
I've assigned it, but I don't know... Jim Thompson
11:09 AM Revision 9130827b: Define default repo: Renato Botelho
10:59 AM Revision b84d5518: Repo points to 2.3.5 which has default ABI: Renato Botelho
10:59 AM Bug #8014 (Resolved): DynDNS wildcard option doesn't work for provider Loopia: The DynDNS wildcard option doesn't work for provider Loopia.
It seems that this line never results in $this->_dnsW... Kristoffer Ekenstam
10:52 AM Revision 8b41966e: Remove grub2-bhyve: Renato Botelho
10:51 AM Revision 0489a769: Use correct repo conf to install bsdinstaller: Renato Botelho
10:40 AM Revision 46514a47: Revert "Disable ARJ option": This reverts commit 45b843950ddc388837750db28238a81b0fa021e3. Renato Botelho
09:42 AM Revision c4865164: Fix typo in function name: insterface_is_qinq -> interface_is_qinq: Renato Botelho
08:06 AM Bug #8003: IPsec weirdness with 2.4.1: During work 32406 I found HTML was rendered fine but click on button does not expand table
<td colspan="10">
<d... Constantine Kormashev
05:14 AM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names: Luiz Souza wrote:
> Diego Henrique Pagani wrote:
> > Luiz Souza wrote:
> > > Fixed in the last 2.4.2 snapshot.
> ... Diego Henrique Pagani
04:51 AM Revision 2e240da1: Fix a typo.: (cherry picked from commit b0b70737ba38c5b7daca2ba779c5d71159e0ce05) Luiz Souza
04:51 AM Revision b0b70737: Fix a typo.: Luiz Souza
04:11 AM Bug #7989 (Feedback): Cannot update Nano from 2.3.4 to 2.3X snapshots: New versions of pfSense-upgrade force to reinstall itself when version differs from remote repo. It should be enough Renato Botelho
02:05 AM pfSense Packages Bug #7959: Dpinger - Probe Interval: Hmm... this doesn't quite make sense to me.
A probe of 28 bytes every 86 seconds seems a minuscule cost. With a lo... Denny Page
12:02 AM Bug #8012 (Feedback): Parse error: syntax error, unexpected '&&' (T_BOOLEAN_AND) in /etc/inc/util.inc on line 1565: Fixed. I'm restarting the builders, the new snapshots will be ready in a few hours. Luiz Souza

10/25/2017

11:50 PM Bug #8013 (New): IPsec MSS clamping value shared for IPv4 and IPv6: MSS clamping for IPsec can only be set globally. As a result, a value of 1452 for an IPv4 tunnel (required due to my... Kristopher Kolpin
11:04 PM Bug #8012 (Resolved): Parse error: syntax error, unexpected '&&' (T_BOOLEAN_AND) in /etc/inc/util.inc on line 1565: PLATFORM: pfSense-CE-memstick-ADI-2.4.2
VERSION: pfSense: 2.4.2-DEVELOPMENT amd64 Wed Oct 25 18:46:13 CDT 2017
CONT... Chase Turner
10:42 PM Bug #7594 (Feedback): "vtnet: driver does not support altq" following upgrade to 2.4 (worked in pfSense 2.3): Fixed in the next snapshot. Luiz Souza
06:34 AM Bug #7594: "vtnet: driver does not support altq" following upgrade to 2.4 (worked in pfSense 2.3): Hello -- yes, this hit me just now. A bit painful and surprising. For now I deactivated traffic shaping and it seems ... Casey Stone
08:07 PM Revision 2cf468c0: Allow the use of mbuf tags to set the VLAN pcp on output packets.: This is necessary for use with the pf 'set prio'.
Ticket #7973
(cherry picked from commit c2a14eec24fc2b41fb18453a6... Luiz Souza
08:07 PM Revision c2a14eec: Allow the use of mbuf tags to set the VLAN pcp on output packets.: This is necessary for use with the pf 'set prio'.
Ticket #7973 Luiz Souza
07:33 PM Revision 7dae2d55: Use devel repo as default: Renato Botelho
07:33 PM Revision 49e2b19a: added a string SESSION_TIMEOUT to be returned when a widget times out: Stephen Jones
07:31 PM Revision 5f6eca75: Fixed #7978 I added a section in the css that is only parsed by IE10+ and it just sets the margin for tables to 1px instead of 0 this stops it from collapsing: Stephen Jones
06:59 PM Revision b15ac924: The members of a LAGG cannot be assigned, used in VLANs, QinQ, or PPP.: This commit removes the LAGG members from the list of available interfaces.
(cherry picked from commit f2286620e48a4... Luiz Souza
06:58 PM Revision f2286620: The members of a LAGG cannot be assigned, used in VLANs, QinQ, or PPP.: This commit removes the LAGG members from the list of available interfaces. Luiz Souza
06:34 PM Revision 51e4121f: Do not allow direct download of .inc files (unparsed PHP source). Fixes #8005: (cherry picked from commit b1fccd42547201f4dbfe941bcc59c8eac3456364)
(cherry picked from commit 71c70114aa10e594253b9... Jim Pingle
06:34 PM Revision 82405c15: Do not allow direct download of .inc files (unparsed PHP source). Fixes #8005: (cherry picked from commit b1fccd42547201f4dbfe941bcc59c8eac3456364)
(cherry picked from commit 71c70114aa10e594253b9... Jim Pingle
06:34 PM Revision 71c70114: Do not allow direct download of .inc files (unparsed PHP source). Fixes #8005: (cherry picked from commit b1fccd42547201f4dbfe941bcc59c8eac3456364) Jim Pingle
06:33 PM Revision b1fccd42: Do not allow direct download of .inc files (unparsed PHP source). Fixes #8005: Jim Pingle
05:42 PM Bug #7119: Changing LAGG attributes results in a panic/crash: If it didn't actually panic it's probably that MAC address issue. That should be fixed in 2.4.2 snaps now. Please rep... Steve Wheeler
02:17 PM Bug #7119: Changing LAGG attributes results in a panic/crash: > Was this new ticket opened? When I change LAGG interface settings via the pfSense GUI or a command prompt, my pfSen... Michael OBrien
01:48 PM Bug #7119: Changing LAGG attributes results in a panic/crash: Luiz Souza wrote:
> Yes, the messages does not seem related with the original bug (crash at ifconfig laggX destroy).... Michael OBrien
05:25 PM Revision 947ed5e8: Do not return QinQ interfaces in the physical interface list.: (cherry picked from commit e48ae6f294709998cb209489cf02c604846b9539) Luiz Souza
05:25 PM Revision 25312d31: Fix the interface_is_vlan() function.: It now works when only QinQ VLANs exist in the system.
(cherry picked from commit 77eda8d57ed38cf8510d494a4294e7f0d4... Luiz Souza
05:23 PM Revision e48ae6f2: Do not return QinQ interfaces in the physical interface list.: Luiz Souza
05:20 PM Revision 77eda8d5: Fix the interface_is_vlan() function.: It now works when only QinQ VLANs exist in the system. Luiz Souza
05:13 PM Revision 4d23a168: Abort when binary is not found: Renato Botelho
05:12 PM Revision b03a71f1: Do not execute pfSense-upgrade on install media: Renato Botelho
05:00 PM Revision 37171fc6: Abort when binary is not found: Renato Botelho
05:00 PM Revision 20ede87a: Do not execute pfSense-upgrade on install media: Renato Botelho
04:45 PM Bug #8010 (Feedback): import cert: "The submitted private key does not match the submitted certificate data": Are you absolutely certain that the certificate and key match?
That error can only happen if the public key extrac... Jim Pingle
04:00 PM Bug #8010 (Not a Bug): import cert: "The submitted private key does not match the submitted certificate data": Hello, only with 2.4.x (I testing with 2.4.1) I have this error:
The submitted private key does not match the subm... Pol Hallen
04:14 PM Feature #8011 (Rejected): new release notify by email: We have a release announcement mailing list you can use for this, having the firewall send it would be redundant. Jim Pingle
04:12 PM Feature #8011 (Rejected): new release notify by email: available new release notify by email Pol Hallen
03:57 PM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names: Diego Henrique Pagani wrote:
> Luiz Souza wrote:
> > Fixed in the last 2.4.2 snapshot.
>
> I've been using dual-... Luiz Souza
07:55 AM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names: Luiz Souza wrote:
> Fixed in the last 2.4.2 snapshot.
I've been using dual-wan PPP connection, and one is working... Diego Henrique Pagani
04:10 AM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names: Zach Nedwich wrote:
> Luiz Souza wrote:
> > Fixed in the last 2.4.2 snapshot.
>
> I can confirm it is working he... Erik Scheffers
02:30 AM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names: Luiz Souza wrote:
> Fixed in the last 2.4.2 snapshot.
I can confirm it is working here, thanks for your effort. Zach Nedwich
01:02 AM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names: honestly that was not cool to change in a minor update. And to release this bug with 2.4.1 since that obviously alrea... tb o
03:55 PM Bug #7940: disabling LAGG causes system reboot on 2.4: Please, can you post the backtrace of this crash ? (or upload the crashdump text file)
I can't reproduce this cras... Luiz Souza
03:49 PM Bug #7928 (Resolved): LAGG interfaces lose MAC address: Luiz Souza
02:35 PM Bug #7928: LAGG interfaces lose MAC address: Steve Wheeler wrote:
> Confirmed. This appears resolved in 2.4.2.a.20171024.2153
Double-confirmed :) Michael OBrien
08:09 AM Bug #7928: LAGG interfaces lose MAC address: Confirmed. This appears resolved in 2.4.2.a.20171024.2153 Steve Wheeler
03:27 PM Bug #7942 (Feedback): QinQ interfaces never show as active: A few commits were made to address QinQ general issues.
This issue has to tested again. Luiz Souza
03:25 PM Bug #7973 (Feedback): VLAN Priority Set feature in firewall rules is not functioning: This issue is fixed.
The fix will be available in tomorrow's snapshot. Luiz Souza
02:48 PM Revision 7408e572: Fix status_queues.php for the new VLAN interface format. Fixes #8007: (cherry picked from commit 63a480cbf6b24d155421c1cd74f1b0409ae945de) Jim Pingle
02:47 PM Revision 63a480cb: Fix status_queues.php for the new VLAN interface format. Fixes #8007: Jim Pingle
02:40 PM Bug #7978 (Feedback): IE 11 - Headers of tables almost not visible when no entries made: Applied in changeset commit:5f6eca75e90ca2ee93715818b6b72571e9c2ef9b. Anonymous
01:40 PM Todo #8005 (Feedback): Block direct download of .inc files: Applied in changeset commit:b1fccd42547201f4dbfe941bcc59c8eac3456364. Jim Pingle
01:08 PM Bug #7969: md5 bgp sessions fail in 2.4.0: Definitely seems like it's deeper than the routing daemons. I tried the same config with FRR on 2.3.x and 2.4.x and o... Jim Pingle
01:08 PM Bug #7969: md5 bgp sessions fail in 2.4.0: Here is what I see on the lab setup. Both 2.3.4 and 2.4.0. Andrew Dul
11:04 AM Bug #7969: md5 bgp sessions fail in 2.4.0: Jim Pingle wrote:
> Terry Zink wrote:
> > Sure thing. Files attached (ip info scrubbed).
>
> Can you also get th... Terry Zink
10:50 AM Bug #7969: md5 bgp sessions fail in 2.4.0: Terry Zink wrote:
> Sure thing. Files attached (ip info scrubbed).
Can you also get the output of @setkey -D@ and... Jim Pingle
10:44 AM Bug #7969: md5 bgp sessions fail in 2.4.0: Sure thing. Files attached (ip info scrubbed).
Terry Zink
10:29 AM Bug #7969: md5 bgp sessions fail in 2.4.0: Can someone, please, provide the output of 'ifconfig -v' of affected interfaces, 'kldstat' and 'netstat -sp tcp'. Luiz Souza
03:02 AM Bug #7969: md5 bgp sessions fail in 2.4.0: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219453 Jim Thompson
12:05 PM Bug #7999 (Resolved): XSS via 'hostname' parameter in diag_dns.php: works fine now Jim Pingle
11:37 AM Bug #7856 (Assigned): IPsec status does not show all connected mobile clients: On 2.4.2 snapshots, at least with an IKEv1 PSK+Xauth connection it's still only showing one connected client at a time. Jim Pingle
10:00 AM Bug #8007 (Feedback): Status -> Queues show as (loading) and don't update: Applied in changeset commit:63a480cbf6b24d155421c1cd74f1b0409ae945de. Jim Pingle
09:47 AM Bug #8007: Status -> Queues show as (loading) and don't update: The queue names are formed using the underlying interface and this apparently breaks the javascript selection of the ... Jim Pingle
03:43 AM Bug #8007 (Resolved): Status -> Queues show as (loading) and don't update: Has the changed of VLAN interface names to use the ‘dotted’ format broken the Queues page, it was fine with 2.4.0 ?
... Andy Kniveton
09:32 AM Bug #7995: pfSense Certificate Manager Issues Blank Certificates: So you used the exact same input on both systems and it worked on one and failed on the other?
Please take screens... Jim Pingle
09:12 AM Bug #7995: pfSense Certificate Manager Issues Blank Certificates: Hi Jim,
Thanks for taking a look at my issue.
I did a fresh demo install on VirtualBox with 2.4.1. Performed t... Kristopher Kolpin
08:14 AM Bug #8009 (Duplicate): Can't upgrade from 2.4.0 to 2.4.1: Hi,
I have 2 firewalls with different hardware and updating isn't possible from 2.4.0 (clean install) to 2.4.1.
... Raphaël JEUDY
07:30 AM Bug #8008 (Duplicate): PPPoE with MTU/MRU > 1492 (i.e. 1500) broken in 2.4.0: Jim Pingle
06:56 AM Bug #8008: PPPoE with MTU/MRU > 1492 (i.e. 1500) broken in 2.4.0: I believe this may actually be the problem https://redmine.pfsense.org/issues/7981 dean hamstead
06:53 AM Bug #8008: PPPoE with MTU/MRU > 1492 (i.e. 1500) broken in 2.4.0: should be v 2.4.1. dean hamstead
06:45 AM Bug #8008 (Duplicate): PPPoE with MTU/MRU > 1492 (i.e. 1500) broken in 2.4.0: I have just upgraded to 2.4 and my pppoe interface has stopped working.
My provider requires a larger frame, which... dean hamstead
06:05 AM Bug #8006 (Duplicate): 2.4.1 PPPoE client on vlan fails to initialise: Duplicate and already fixed in 2.4.2 snapshots Jim Pingle
01:34 AM Bug #8006: 2.4.1 PPPoE client on vlan fails to initialise: Duplicate of Bug #7981. Kill Bill
01:10 AM Bug #8006: 2.4.1 PPPoE client on vlan fails to initialise: to workaround problem i did
sed -i 's/igb0.640/igb0_640/' /conf/config.xml
and reboot.
Grzegorz Krzystek
12:56 AM Bug #8006 (Duplicate): 2.4.1 PPPoE client on vlan fails to initialise: after upgrade to 2.4.1 i lost internet connectivity.
looks like after after vlan naming change something broken
eve... Grzegorz Krzystek
01:59 AM Revision f3690ad2: Do not attempt to change the MAC address when the interface do not store the vendor MAC address.: (cherry picked from commit 238ee9c6041a18edbe36254609dfb8e82ad8e402) Luiz Souza
01:58 AM Revision 238ee9c6: Do not attempt to change the MAC address when the interface do not store the vendor MAC address.: Luiz Souza
01:09 AM Revision 399f4d33: Fix a bug in interface_is_vlan(), only check QinQ interfaces when they exist.: (cherry picked from commit beabf7e7e3baeabd1dbb58c28d3fc14efd0d89f2) Luiz Souza
01:07 AM Revision beabf7e7: Fix a bug in interface_is_vlan(), only check QinQ interfaces when they exist.: Luiz Souza

10/24/2017

10:17 PM Revision edd492df: Revise timeout message: Steve Beaver
10:16 PM Revision b839aa8a: Do no set the MAC address for LAGG interfaces.: Ticket #7928
(cherry picked from commit 9875c1999bd546a6982e6d98309b6fc53db145b6) Luiz Souza
10:15 PM Revision 9875c199: Do no set the MAC address for LAGG interfaces.: Ticket #7928 Luiz Souza
10:04 PM Revision c0339bdc: Provide a mechanism to display a warning if the session times out and the dashboard is no longer updating: Steve Beaver
09:33 PM Todo #8005 (Resolved): Block direct download of .inc files: If a user tries to directly access a file ending in .inc, the browser will offer to download the file. There are no .... Jim Pingle
07:52 PM Revision 8b4c14f5: Encode uses of $widgetkey in various contexts so it isn't echoed back to the user raw. Fixes #7998: (cherry picked from commit e3907730bdcc879f968d5d917ec9ac6567518e58) Jim Pingle
07:50 PM Revision e3907730: Encode uses of $widgetkey in various contexts so it isn't echoed back to the user raw. Fixes #7998: Jim Pingle
07:20 PM Revision a716ff02: Point users to 2.3.5: Renato Botelho
07:16 PM Bug #8003 (Feedback): IPsec weirdness with 2.4.1: These appear to already be fixed on 2.4.2 and are only cosmetic. They may already be covered by See #6335 and #7856 b... Jim Pingle
05:47 PM Bug #8003: IPsec weirdness with 2.4.1: I can confirm the same issue. As someone already mentioned in the pfSense forum (https://forum.pfsense.org/index.php?... Marcel Kinzel
05:33 PM Bug #8003: IPsec weirdness with 2.4.1: Also note....On the picture...Reauth is (-) ... Other side of the tunnel shows 27933 seconds (07:45:33)
Other end of... Mike Sith
04:37 PM Bug #8003 (Resolved): IPsec weirdness with 2.4.1: Just upgraded to 2.4.1 and now my IPsec tunnels are in a funky state.
See the attached picture. 2 Tunnels are up and... Mike Sith
06:41 PM Revision 9211f96c: Copy files to proper place when it's RC: Renato Botelho
06:40 PM Revision 7811052a: Copy files to proper place when it's RC: Renato Botelho
06:39 PM Bug #8004 (New): Error notice for a deleted NAT that had a RULE or an existing NAT which is claimed to have no NAT port...: for detailed reference please see [[https://forum.pfsense.org/index.php?topic=130090.msg716756#msg716756]]
I can s... Ingo-Stefan Schilling
06:17 PM Revision c6adfaa6: Widget instance counter must be numeric. Fixes #8000: (cherry picked from commit 7b973ceb6f72e22ee1b335128fb8d7f655c82879)
(cherry picked from commit 13751e498e0c1023ffcaf... Jim Pingle
06:17 PM Revision 13751e49: Widget instance counter must be numeric. Fixes #8000: (cherry picked from commit 7b973ceb6f72e22ee1b335128fb8d7f655c82879) Jim Pingle
06:17 PM Revision 7b973ceb: Widget instance counter must be numeric. Fixes #8000: Jim Pingle
06:10 PM Revision ef8205f4: Encode hostname parameter contents in javascript for diag_dns.php. Fixes #7999: (cherry picked from commit 43746e1b4ef6fec0e9c915495aa3926a6b97e7a3) Jim Pingle
06:10 PM Revision ab1a2d26: Encode hostname parameter contents in javascript for diag_dns.php. Fixes #7999: (cherry picked from commit 43746e1b4ef6fec0e9c915495aa3926a6b97e7a3) Jim Pingle
06:10 PM Revision 2cececc4: Encode hostname parameter contents in javascript for diag_dns.php. Fixes #7999: (cherry picked from commit 43746e1b4ef6fec0e9c915495aa3926a6b97e7a3) Jim Pingle
06:09 PM Revision cd3e3a5c: Encode hostname parameter contents in javascript for diag_dns.php. Fixes #7999: (cherry picked from commit 43746e1b4ef6fec0e9c915495aa3926a6b97e7a3)
(cherry picked from commit 4aa5f989c8a802638ee9d... Jim Pingle
06:09 PM Revision 4aa5f989: Encode hostname parameter contents in javascript for diag_dns.php. Fixes #7999: (cherry picked from commit 43746e1b4ef6fec0e9c915495aa3926a6b97e7a3) Jim Pingle
06:08 PM Revision 43746e1b: Encode hostname parameter contents in javascript for diag_dns.php. Fixes #7999: Jim Pingle
05:33 PM Bug #7928 (Feedback): LAGG interfaces lose MAC address: A fix was committed to address this issue, please wait until the next 2.4.2 snapshot is ready and let me know if it d... Luiz Souza
02:58 AM Bug #7928: LAGG interfaces lose MAC address: You can also have the problem if you have vlans attached to the lagg interface:
1) create a new vlan
2) assign th... Denis Grilli
05:30 PM Bug #7981 (Feedback): PPP interfaces with a VLAN parent do not work with new VLAN names: Fixed in the last 2.4.2 snapshot. Luiz Souza
05:25 PM Revision 855f0798: Move stable users to 2.4.1 and devel to 2.4.2: Renato Botelho
05:08 PM Revision b47d7ccf: Made it so it doesn't display an error when the session expires it just: stops updating the graph. It will display in the console that it caught
and error when the session expires. Stephen Jones
04:58 PM Revision 80f14795: Move users direct to 2.4.1: Renato Botelho
03:25 PM Bug #7969: md5 bgp sessions fail in 2.4.0: Currently seeing this same issue. Updated to 2.4.0 from 2.3.x and my AWS Direct Connect sessions broke. AWS Support ... Terry Zink
03:10 PM Bug #6099: igmpproxy does not recognize upstream interface: Was this fixed in 2.4.0? I updated to it but my IGMP Proxy service is not working with the same message of: ... Samuel Kadolph
03:00 PM Bug #7998 (Feedback): XSS in widgetkey parameter of multi-instance dashboard widgets: Applied in changeset commit:e3907730bdcc879f968d5d917ec9ac6567518e58. Jim Pingle
12:52 PM Bug #7998 (Resolved): XSS in widgetkey parameter of multi-instance dashboard widgets: Widgets that populate $widgetkey from $_REQUEST are vulnerable to XSS
Test query: /widgets/widgets/interfaces.widg... Jim Pingle
02:13 PM Revision 130f3c92: Fixed #7856 fixed an issue with a slightly different array format. Also: updated the child key and id to be more robust. Stephen Jones
01:30 PM Bug #8000 (Feedback): XSS on index.php via widget sequence parameters: Applied in changeset commit:7b973ceb6f72e22ee1b335128fb8d7f655c82879. Jim Pingle
12:56 PM Bug #8000 (Resolved): XSS on index.php via widget sequence parameters: The widget 'sequence' parameter does not perform sanity checking on the widget instance counter, leading to an XSS as... Jim Pingle
01:20 PM Bug #7999 (Feedback): XSS via 'hostname' parameter in diag_dns.php: Applied in changeset commit:43746e1b4ef6fec0e9c915495aa3926a6b97e7a3. Jim Pingle
12:53 PM Bug #7999 (Resolved): XSS via 'hostname' parameter in diag_dns.php: On diag_dns.php the 'hostname' parameter is sent back to the user without encoding in a JavaScript block, leading to ... Jim Pingle
01:16 PM Bug #8002 (Not a Bug): wan not connected, no updates check: Hello,
I just installed 2.4 and testing it with only opt1 interface: opt1 is lan without internet.
pfsense try to... Pol Hallen
01:15 PM Revision 9e360962: Remove grub2-bhyve: Renato Botelho
01:06 PM Revision 8d90095a: Merge pull request #3811 from trunet/add-cloudns-to-dynamicdns: Steve Beaver
01:00 PM Bug #8001 (Closed): Invalid FQDN in alias causes alias table to fail *silently*: When you have a FQDN in an alias ans the FQDN does not resolve, the alias table creation will not happen and any othe... Stuart Wyatt
12:43 PM Revision 1e845e5b: Use correct repo conf to install bsdinstaller: Renato Botelho
12:32 PM Revision b54a3743: Interface description doesn't fit the console screen: Strip 2 more chars from interface description because with the new font used by 2.4 it goes off screen on VGA console. robi robi
12:12 PM Feature #7997: Clear screen before loading rc.initial shell menu: This is usually a client side issue. You can reset the terminal in screen with Ctrl-A,Z (Ctrl-A, then shift-Z), a 're... Jim Pingle
12:10 PM Feature #7997: Clear screen before loading rc.initial shell menu: Forgot to include the screen-shot. Imaged attached here
!!!!!! Clinton Cory
12:09 PM Feature #7997 (Rejected): Clear screen before loading rc.initial shell menu: I've encountered many instances where screen (or even putty) will output boot information on a single line that's dif... Clinton Cory
11:56 AM Revision 4fc006f2: Add 2.3 repo and set correct path for i386 default: Renato Botelho
11:54 AM Bug #7996: Unnecessary link tag in login page: I'm talking about the main login page. Andy Kniveton
11:50 AM Bug #7996 (Resolved): Unnecessary link tag in login page: Should the <a> & </a> be in the html?
It gives the impression that something will happen if you click on *Login to... Andy Kniveton
10:59 AM pfSense Packages Bug #7661: pfBlockerNG doesn't make a rule for Antarctica: pfBlockerNG is a package. Packages exist independent of versions, they have no target unless there is something versi... Jim Pingle
10:47 AM pfSense Packages Bug #7661: pfBlockerNG doesn't make a rule for Antarctica: Still a problem in 2.4
Can't a target version be set so it might get looked at?
Stuart Wyatt
10:39 AM Revision 0c497210: Use different default repos for amd64 and i386: Renato Botelho
10:38 AM Revision 0a4de12a: Add new repos to lead users to 2.4.0 on amd64: Renato Botelho
10:37 AM Revision e0851756: Use different default repos for amd64 and i386: Renato Botelho
10:33 AM Revision 96d9a1a7: Lead users to 2.4.1: Renato Botelho
10:31 AM Revision 20e44376: Add new repos to lead users to 2.4.0 on amd64: Renato Botelho
10:20 AM Bug #7995 (Feedback): pfSense Certificate Manager Issues Blank Certificates: I can't make this happen on 2.4.0 or 2.4.1 here, I create CA and cert entries multiple times per day when testing thi... Jim Pingle
09:59 AM Bug #7995 (Closed): pfSense Certificate Manager Issues Blank Certificates: Strange issue I'm having with the certificate manager in pfSense 2.4.0 release. I can create a certificate authroity... Kristopher Kolpin
09:51 AM pfSense Packages Bug #7965: freeradius 3 with MySQL: this problem prevents the upgrade of servers to 2.4 Konstantin Ab
09:30 AM Bug #7856 (Feedback): IPsec status does not show all connected mobile clients: Applied in changeset commit:130f3c9266e0b8c626aa6e8991467bb417ff8fd2. Anonymous
09:02 AM Bug #7978: IE 11 - Headers of tables almost not visible when no entries made: Assigned to sjones (Has access to IE11) Anonymous
08:23 AM Bug #7994 (Resolved): system_certmanager.php: Unable to create a wildcard SAN: Trying to create a certificate or CSR with a wildcard in the SAN yields an error. When used as a common name, it is n... Jim Pingle
08:07 AM Feature #7823 (Feedback): Pull request: Add support for dynamic DNS provider ClouDNS: PR merged as requested. Thanks! Anonymous
08:02 AM Bug #7980 (Not a Bug): Support widget is displayed in Times New Roman: An administrator enters HTML formatted text into ProdTrack. That text is displayed exactly as entered on the widget.
... Anonymous
07:36 AM pfSense Packages Bug #7993 (Closed): zabbix 3.4 agent: Hi
The Zabbix agent 3.4.1 won't install on pfsense 2.3.4-RELEASE-p1. It returns:
pfSense-pkg-zabbix-agent34 inst... Tino Zidore
03:05 AM Revision c70811af: Fix the netgraph path for VLAN interfaces.: (cherry picked from commit 1b3d6ddd069c14c3c74b51ac37d2043857912b95) Luiz Souza
03:03 AM Revision 1b3d6ddd: Fix the netgraph path for VLAN interfaces.: Luiz Souza

10/23/2017

09:25 PM Bug #7992: SNMP service causes constant disk activity: Host Resources appears to be the culprit, and I have an empty CD drive like the related bug. Stuart Wyatt
09:14 PM Bug #7992: SNMP service causes constant disk activity: I'll do some tests to see if it's fixed with #6882 fix.
FYI, the CPU usage was low and swap was 0%. All sys info ... Stuart Wyatt
09:07 PM Bug #7992 (Duplicate): SNMP service causes constant disk activity: Most likely a duplicate of #6882 just a different symptom. Give 2.4.1 a try. Jim Pingle
08:22 PM Bug #7992 (Duplicate): SNMP service causes constant disk activity: I've only noticed this since upgrading to 2.4
With the SNMP service enabled, but not being used, the disk is const... Stuart Wyatt
08:17 PM Bug #7209: Something is seriously wrong with firewall aliases: I think I'm seeing the same problem.
I had an alias that wouldn't update. It is an alias made up of a list of oth... Stuart Wyatt
06:56 PM Revision 49f4edb7: Fix RSYNCIP for RELEASE and sign key for RC: Renato Botelho
06:56 PM Revision 383698b4: Fix RSYNCIP for RELEASE and sign key for RC: Renato Botelho
06:23 PM Revision 131f56c2: Move users to 2.3.5: Renato Botelho
06:22 PM Revision d763c618: Bump version to 2.3.6: Renato Botelho
06:22 PM Revision de337fa3: Welcome 2.3.5-RC: Renato Botelho
05:49 PM Bug #7969: md5 bgp sessions fail in 2.4.0: I was able to reproduce this on pfsense 2.3.4 vs 2.4.0 w/ fresh installs, running in virtual box w/ an Arista vEOS VM... Andrew Dul
02:51 PM pfSense Packages Bug #7987: Haproxy Widget: Missing Actions Button: Thanks Jim, your hint was right! I'm not shure how this could happen (maybe through an update ...) but the admin user... Kilian Ries
02:10 PM pfSense Packages Bug #7987: Haproxy Widget: Missing Actions Button: Please discuss the problem on the forum. You probably have unintentionally made a change to your users or groups whic... Jim Pingle
02:06 PM pfSense Packages Bug #7987: Haproxy Widget: Missing Actions Button: I'm working as admin in the pfsens gui - that account should have enough privileges, or? Kilian Ries
07:35 AM pfSense Packages Bug #7987 (Not a Bug): Haproxy Widget: Missing Actions Button: If the actions column is missing, your user does not have access to "WebCfg - Services: HAProxy package" so it does n... Jim Pingle
04:02 AM pfSense Packages Bug #7987: Haproxy Widget: Missing Actions Button: Here is my haproxy configuration:... Kilian Ries
03:06 AM pfSense Packages Bug #7987: Haproxy Widget: Missing Actions Button: There is no information to debug your issue, neither here, not on the forums. A cut off screenshot doesn't really cut... Kill Bill
02:41 AM pfSense Packages Bug #7987 (Not a Bug): Haproxy Widget: Missing Actions Button: Hi,
already opened a thread in the pfsense forum some weeks ago:
https://forum.pfsense.org/index.php?topic=1374... Kilian Ries
01:44 PM Bug #7991 (Closed): Bunch of webGUI fixes for 2.3.5: Before this goes to waste since I cannot see it fixed anywhere... Also see https://forum.pfsense.org/index.php?topic=... Kill Bill
01:38 PM Bug #7307: ZFS installer - shuts down instead of rebooting: This appears to only happen when installing ZFS to eMMC on SG boxes using the ADI image. Installing to SSD reboots no... Jim Pingle
01:13 PM Bug #6335: Status > IPsec shows both connected and disconnected with Split Connections enabled: Assigning to sjones since he's been working on other IPsec status issues Jim Pingle
01:04 PM Bug #6335: Status > IPsec shows both connected and disconnected with Split Connections enabled: This is apparently also happening with IKEv2. If it turns out to be too much trouble, bump back to 2.4.3 Jim Pingle
01:10 PM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names: It wasn't over 1000 VLANs, it was VLAN IDs >1000 (four digit VLAN ID numbers). So if someone used VLAN 1001, 1002, as... Jim Pingle
01:00 PM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names: Jim Pingle wrote:
> NIC drivers with 6 letter names, like mvneta, would break with VLANs >=1000
The ARM thing? Pe... Kill Bill
12:45 PM Bug #7981 (Confirmed): PPP interfaces with a VLAN parent do not work with new VLAN names: Jim Pingle
12:42 PM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names: The VLAN name change was done because NIC drivers with 6 letter names, like mvneta, would break with VLANs >=1000, wh... Jim Pingle
12:37 PM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names: This doesn't work and frankly this is an absolutely horrible change to dump on people in between maintenance versions... Kill Bill
08:39 AM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names: Having the exact same issue, my ISP provides internet over PPPoE on VLAN 6, worked perfectly until I upgraded to 2.4.... Erik Scheffers
03:48 AM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names: Renato Botelho wrote:
> Can you please try again when a new snapshot is available? mpd-5.8_3 contains a fix for that... Zach Nedwich
12:36 PM Bug #7714 (Resolved): NTP Widget Time Display: This has already been fixed on 2.4.1 Jim Pingle
12:36 PM pfSense Packages Bug #6748 (Resolved): rrd_fetch_json.php returns html when user is unauthorized (causes "Error: SyntaxError: Unexpected token <"): This has already been fixed on 2.4.1 Jim Pingle
12:24 PM Bug #7856: IPsec status does not show all connected mobile clients: Looks like there are a couple systems here I have which don't want to print child SAs with this code in place again. ... Jim Pingle
11:33 AM Feature #946: Allow aliases to be used to define IPsec phase 2 networks: Has been over 7 year now, it will be good to have that option?
Is there an update on this? Auric Sosa
08:54 AM Bug #7928: LAGG interfaces lose MAC address: Have the same issue in my configuration. Denis Grilli
08:24 AM Bug #7989 (Confirmed): Cannot update Nano from 2.3.4 to 2.3X snapshots: The difference appears to be in which version of pfSense-repo and pfSense-upgrade are on the box. Depending on the st... Jim Pingle
07:07 AM Bug #7989: Cannot update Nano from 2.3.4 to 2.3X snapshots: You have some weird system. It definitely is a choice here, and for others.
https://forum.pfsense.org/index.php?to... Kill Bill
07:06 AM Bug #7989: Cannot update Nano from 2.3.4 to 2.3X snapshots: Security/Errata is not a choice there. I have Stable, Development or Next Major Version.
Next major version obvio... Steve Wheeler
06:51 AM Bug #7989: Cannot update Nano from 2.3.4 to 2.3X snapshots: You need to select the Security/Errata only branch in update settings. Kill Bill
06:35 AM Bug #7989 (Resolved): Cannot update Nano from 2.3.4 to 2.3X snapshots: Testing using 2.3.4_1 Nano 64bit CE and trying to update to a 2.3.5 snapshot.
I can see the snapshot reported as a... Steve Wheeler
07:24 AM Bug #7990 (Resolved): SyntaxError: JSON.parse: unexpected character at line 1 column 1 of the JSON data: Yes, this should already be fixed by commit:63f686bde3e95eed8d2223d00e5f6403a5ef2d4c Jim Pingle
07:07 AM Bug #7990: SyntaxError: JSON.parse: unexpected character at line 1 column 1 of the JSON data: This was corrected in a recent update. The is in current snapshots and will and will appear in 2.4.1 in the near fut... Anonymous
06:47 AM Bug #7990 (Resolved): SyntaxError: JSON.parse: unexpected character at line 1 column 1 of the JSON data: I have some traffic graphs on my dashboard and they timeout after some time with the error below:
SyntaxError: JSO... Jasjit Chopra
07:18 AM Feature #4769: IPv6 support in the Traffic Shaper Wizard: Is this still accurate? This floating "match" rules are all set for IPv4. Corey Boyle
07:08 AM Bug #7898: PFsense 2.4 RC 9/28/17 update - Traffic Shaper HFSC Priority field missing: Okay i tried using CBQ and an alternative to nested Queues and the Queues do not properly calculate bandwidth see bug... Pushapraj Bhamra
05:34 AM Feature #7988 (New): Compact Theme based on Compact-RED with the default theme colors.: Proposal of new theme compact. Tomas Waldow
03:35 AM Bug #7970: Used Maximum Ram and freeze in new Version: Hello everyone, my problem may have been resolved.
I had a snapshot before installing the vmware tools package. Afte... gamaz uf
02:50 AM Bug #7973: VLAN Priority Set feature in firewall rules is not functioning: Jim Pingle wrote:
> The "VLAN Prio Set" option on firewall rules is supposed to alter the VLAN priority flag in 802.... Kev Willers

10/22/2017

10:21 PM Revision 488c6e22: Welcome 2.4.1-RELEASE: Renato Botelho
08:08 PM Feature #7985: Could support Realtek usb wifi on pfsense feature?: Thank for your reply.
I hope it will add in the feature. akong wu
11:31 AM Feature #7985 (Needs Patch): Could support Realtek usb wifi on pfsense feature?: If the driver makes it into FreeBSD, we can include the module, but it has to be accepted in FreeBSD first. I don't s... Jim Pingle
06:52 AM Feature #7985 (Needs Patch): Could support Realtek usb wifi on pfsense feature?: I use DLINK DWA171A1 wifi usb card.It's use RTL8821AU chipset.But pfsense can't load this driver.
I use usbconfig.I ... akong wu
07:31 PM Bug #7986 (New): WLAN card no longer properly initialized under 2.4.0: I have installed pfSense on an APU2C4 (bios 4.0.7) with a 32 GiB mSATA and a Compex WLE200NX (Atheros AR9280).
I d... Peter Voigt
05:19 PM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names: S Renato Botelho
11:40 AM Bug #1613 (Resolved): OpenVPN LDAP authentication should not modify mail attribute as login.: Jim Pingle
03:28 AM Bug #1613: OpenVPN LDAP authentication should not modify mail attribute as login.: This has been configurable for ~4 years; fixed.
https://github.com/pfsense/pfsense/commit/a5cd1c5a4286062b84caf32d... Kill Bill
11:39 AM Bug #2382 (Resolved): RADIUS attribute Service-Type should not be sent with accounting packets: Jim Pingle
03:46 AM Bug #2382: RADIUS attribute Service-Type should not be sent with accounting packets: Been removed ages ago, like... 2.1.x
Kill Bill
11:39 AM Bug #3472 (Resolved): "Diagnostics -> Table -> [large table]" won't show table contents: Jim Pingle
04:25 AM Bug #3472: "Diagnostics -> Table -> [large table]" won't show table contents: Looks just fine here with ~435K table and 2.4.x
!https://image.prntscr.com/image/d98Fp3uJSvyUYPemD1doIA.png!
(O... Kill Bill
11:38 AM pfSense Packages Bug #6129 (Resolved): zabbix agent/proxy 2.4 not ported to pfSense 2.3: Jim Pingle
04:59 AM pfSense Packages Bug #6129: zabbix agent/proxy 2.4 not ported to pfSense 2.3: Fixed with https://github.com/pfsense/FreeBSD-ports/pull/434
Kill Bill
11:37 AM Bug #7946: 2.4 Package Manager: Does Not List Installed Packages which have been removed from the repository.: I closed that one out instead, since this one is already setup for the right target. Jim Pingle
05:02 AM Bug #7946: 2.4 Package Manager: Does Not List Installed Packages which have been removed from the repository.: Apparently this has already been reported in Bug #6241 Kill Bill
11:34 AM Bug #6241 (Duplicate): Not all installed packages are shown in PFSense 2.3: Replaced by #7946 Jim Pingle
11:24 AM Feature #6897 (Duplicate): Use a dedicated favicon for the webConfigurator (one that differs from *.pfsense.org): Duplicate of #7415 Jim Pingle
10:58 AM Feature #6897: Use a dedicated favicon for the webConfigurator (one that differs from *.pfsense.org): Already done.
https://redmine.pfsense.org/issues/7415
https://github.com/pfsense/pfsense/commit/e7d63f568c8e3982e... Kill Bill
11:23 AM Feature #6851 (Resolved): System Information Widget: Jim Pingle
11:05 AM Feature #6851: System Information Widget: Platform has been gone for over a year in 2.4
https://github.com/pfsense/pfsense/commit/3f4a0df92c1fbb72028e5aa1a6... Kill Bill
10:46 AM Feature #7688: AutoConfigBackup - Info Icon - username only: I put this to https://github.com/pfsense/FreeBSD-ports/pull/441 (the infoblock seemed like a serious overkill for the... Kill Bill
08:00 AM pfSense Packages Bug #6252: Can't access darkstat if webgui is on HTTPS.: This issue could be be worked around once Bug #6650 is fixed. See https://github.com/pfsense/pfsense/pull/3856 for te... Kill Bill
07:30 AM Bug #6650: Option needed to disable HSTS: Got fed up with this... People who are interested in having HSTS optional kindly test this: https://github.com/pfsens... Kill Bill
05:04 AM pfSense Packages Todo #7411: LADVD Devices not wide enough: Sorry about the original post.
I've attached a few screenshots, 1 from pfSense and the other from Wireshark.
Od... Andy Kniveton
12:20 AM Bug #7984: restarting syslogd service makes sshlockout_pf process orphans: https://github.com/pfsense/pfsense/pull/3855 Kill Bill

10/21/2017

06:11 PM Bug #7984: restarting syslogd service makes sshlockout_pf process orphans: b.t.w. Using 2.4.1-RC (amd64)
built on Fri Oct 20 05:49:00 CDT 2017
FreeBSD 11.1-RELEASE-p2 Pi Ba
06:10 PM Bug #7984 (Resolved): restarting syslogd service makes sshlockout_pf process orphans: restarting syslogd service makes sshlockout_pf process orphans
When syslogd logs something from auth.info;authpriv... Pi Ba
04:27 PM Revision 600d230b: Fix #7981: Convert PPP ports interface names to new VLAN notation using dots: Renato Botelho
04:27 PM Revision 5b460fef: Fix #7981: Convert PPP ports interface names to new VLAN notation using dots: Renato Botelho
01:54 PM Bug #7979: Error setting limiter over 2GB/s: If you print before the bandwidth too large message you get this.... Mat Richmond
01:47 PM Bug #7979: Error setting limiter over 2GB/s: ... Mat Richmond
01:30 PM Bug #7979: Error setting limiter over 2GB/s: ... Mat Richmond
11:51 AM pfSense Packages Bug #7836 (Resolved): FreeRADIUS - certain chars in clients shared secret result in broken configuration: Jim Pingle
11:18 AM pfSense Packages Bug #7836: FreeRADIUS - certain chars in clients shared secret result in broken configuration: Merged. Kill Bill
11:51 AM pfSense Packages Bug #6563 (Resolved): Squid still accepts sha1 certificates: Jim Pingle
11:03 AM pfSense Packages Bug #6563: Squid still accepts sha1 certificates: Merged and fixed. Kill Bill
11:41 AM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names: Can you please try again when a new snapshot is available? mpd-5.8_3 contains a fix for that Renato Botelho
11:40 AM Bug #7981 (Feedback): PPP interfaces with a VLAN parent do not work with new VLAN names: Applied in changeset commit:5b460fef11eb736e99d0df21ff3b53e303745d06. Renato Botelho
11:38 AM pfSense Packages Bug #7670 (Not a Bug): Bind : Serial for slave zone is missing in IHM: Jim Pingle
11:35 AM pfSense Packages Bug #7670: Bind : Serial for slave zone is missing in IHM: yes, you are right. you can close it. Nicolas Marot
11:23 AM pfSense Packages Bug #7670: Bind : Serial for slave zone is missing in IHM: As noted above, this is by design. Kill Bill
11:32 AM Bug #7969: md5 bgp sessions fail in 2.4.0: Do you have "BSD Crypto Device" selected under System > Advanced, Misc tab, for Cryptographic Hardware? If not, selec... Jim Pingle
11:13 AM pfSense Packages Todo #7411: LADVD Devices not wide enough: Cannot see anything truncated here with current package in 2.4.x, plus the unformatted mess posted in the bug descrip... Kill Bill
08:43 AM pfSense Packages Bug #7983 (Rejected): DHCP on startup: Please keep support questions on the forum, mailing list, or reddit. Jim Pingle
02:27 AM pfSense Packages Bug #7983 (Rejected): DHCP on startup: Hello
I have a APU2C2 Router / Firewall. 3 x Gigabit LAN, Quad Core CPU, 16 GB SSD, 2 GB RAM from Teklager in swe... Lennart Eriksson

10/20/2017

09:46 PM Bug #7619 (Closed): Enable Enhanced networking on AWS: fixed in 2.4 Jim Thompson
09:26 PM Bug #7982 (Duplicate): PPP over VLAN fails: Duplicate of #7981 Jim Thompson
07:36 PM Bug #7982 (Duplicate): PPP over VLAN fails: Upgraded to development snapshot 2.4.2.a.20171020.0950 and PPPoE over a VLAN is failing... Zach Nedwich
09:25 PM Bug #7980: Support widget is displayed in Times New Roman: please have the correct parties educate themselves about fonts. Jim Thompson
12:26 PM Bug #7980 (Not a Bug): Support widget is displayed in Times New Roman: The support widget doesn't use the same font as the rest of WebGUI does. I've notice it happen on Windows boxes mostl... Ivor Kreso
08:25 PM Feature #7882: Seperator feature in DHCP Static mapping for this feature: Assigned to Beaver, so he can do the work (-should be trivial-) or re-assign to Pingle or Jones. Jim Thompson
08:24 PM Feature #6620: CoDel, FQ-CoDel, PIE and FQ-PIE AQMs: Code is in 11.1 / 2.4.
https://svnweb.freebsd.org/base?view=revision&revision=300779
GUI needs adaptation.
... Jim Thompson
08:13 PM Bug #7979: Error setting limiter over 2GB/s: That FreeBSD-net posting is 3 years old.
Current code looks better (function: read_bandwidth())
https://svnweb.fr... Jim Thompson
09:16 AM Bug #7979: Error setting limiter over 2GB/s: signed 32bit int max** Mat Richmond
09:15 AM Bug #7979 (Resolved): Error setting limiter over 2GB/s: Setting a bandwidth limiter over unsigned 32bit int max bps seems to fail.
Found initially when I tried to create ... Mat Richmond
07:32 PM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names: I am having the same issue when trying to dial PPPoE through a VLAN with the new dotted naming convention:... Zach Nedwich
02:03 PM Bug #7981 (Confirmed): PPP interfaces with a VLAN parent do not work with new VLAN names: Confirmed Jim Pingle
01:36 PM Bug #7981 (Resolved): PPP interfaces with a VLAN parent do not work with new VLAN names: Hello,
I Upgraded from 2.4.0 to 2.4.1-RC yesterday, and after the upgrade, the PPPOE interface didn't picked my ... Alexandre Paradis
03:35 PM Revision 56abeeba: fixed merge issue: Stephen Jones
03:33 PM Revision f23c1157: fixed indentation and timezone for NTP widget: (cherry picked from commit 80cd3d66821534331f9c922cb2307db8d15c24d3) Stephen Jones
03:29 PM Revision 80cd3d66: fixed indentation: Stephen Jones
03:26 PM Revision 1e9337f8: fixed indentation:: Stephen Jones
03:23 PM Revision 6a4b065d: fixed weird merge issue: Stephen Jones
03:15 PM Revision cc0e8de2: Fixed #7714 Edited it to show correct timezone: (cherry picked from commit fe814d92aae5c53305d484480fa403299a39541a) Stephen Jones
03:12 PM Revision fe814d92: Fixed #7714 Edited it to show correct timezone: Stephen Jones
03:04 PM Revision 75caecc9: Update translation files: Renato Botelho
03:04 PM Revision 2c7338ce: Regenerate pot: Renato Botelho
01:03 PM Revision d1f9423c: Update translation files: Renato Botelho
12:59 PM Revision 2524a214: Regenerate pot: Renato Botelho
11:52 AM Bug #7733: User Manager deletes non-selected users: I can't reproduce this as stated, the second delete attempt actually does nothing, rather than deleting anything as t... Jim Pingle
11:49 AM Bug #7789 (Resolved): GIF interface page does not validate IPv6 addresses: Jim Pingle
10:47 AM Revision bba21d87: Fix #7976: Do not add button value to gettext: Renato Botelho
10:47 AM Revision 56de4353: Fix #7976: Do not add button value to gettext: Renato Botelho
10:47 AM Revision 9006d84f: Fix #7976: Do not add button value to gettext: Renato Botelho
09:59 AM Bug #6860 (Resolved): Monitoring (RRD) graphs return "unknown" step value: Jim Pingle
09:58 AM Bug #6860 (Closed): Monitoring (RRD) graphs return "unknown" step value: I can't seem to break it now, but I couldn't reproduce the problem before, either, so it's a tough call on this one. ... Jim Pingle
09:47 AM Bug #7976 (Resolved): Config History not working when using (dutch) translation: Works with English and Dutch now Jim Pingle
06:00 AM Bug #7976 (Feedback): Config History not working when using (dutch) translation: Applied in changeset commit:9006d84f215c8ea54ecc4bda3296e12aa199824e. Renato Botelho
05:18 AM Bug #7976 (Resolved): Config History not working when using (dutch) translation: When using a localised version of the pfSense GUI (Dutch in my case), the diff function between different config vers... Hijmen Schilperoort
09:42 AM Bug #7949 (Resolved): DHCP UEFI file name under pools are ignored: This looks good Jim Pingle
09:26 AM pfSense Packages Feature #7824: [acme / Let's Encrypt] Bump to the latest acme.sh package: Thanks. The request is submitted in github (https://github.com/pfsense/FreeBSD-ports/pull/436) S. Debreuil
09:06 AM pfSense Packages Feature #7824: [acme / Let's Encrypt] Bump to the latest acme.sh package: Once the 2.4.x release process winds down I plan on making a pass through the ACME package and adding more providers,... Jim Pingle
09:02 AM Bug #7942 (Confirmed): QinQ interfaces never show as active: Apparently this still has some issues:
> Azamat: Created QinQ interface: OPT2 Interface (opt2, igb1_201_666) on SG... Jim Pingle
07:55 AM Bug #7978 (Resolved): IE 11 - Headers of tables almost not visible when no entries made: I noticed several times in the pfSense GUI that on pages where there no entries yet, the headers of the tables are no... Hijmen Schilperoort
07:41 AM Bug #7977 (New): English text shown in stead of translated text (Routing - Gateway groups - edit): In the gateway groups edit page (https://192.168.1.1/system_gateway_groups_edit.php)the text explaining the Link Prio... Hijmen Schilperoort
05:21 AM Bug #6396: 504 gateway time out nginx: And SSH console freezes after admin login. Firewall works, people can access Internet, but reboot is needed to recove... Lepiment ASBL
05:06 AM Bug #6396: 504 gateway time out nginx: 502 Bad Gateway happened again. Lepiment ASBL

10/19/2017

11:02 PM Revision 687be4d1: Point users to 2.4.1: Renato Botelho
08:09 PM Bug #7975: ESXi 6.5 UEFI boot stops at framebuffer info: I tested booting other current freebsd and pfsense ISOs.
Both pfsense 2.4.0 and freebsd 11.1 iso did not stop at the... Rich Murphey
07:54 PM Bug #7975 (Resolved): ESXi 6.5 UEFI boot stops at framebuffer info: Booting the pfSense-CE-2.4.1-RC-amd64-20171019-0852.iso on ESXi 6.5 using EFI bios, the boot stops after showing the ... Rich Murphey
07:49 PM Bug #7748 (Resolved): VLAN Priority: Jim Pingle
08:58 AM Bug #7748: VLAN Priority: 2.4.1.a.20171019.0413 seems to have resolved the issue on my end. Thanks everyone. Corey Doss
08:09 AM Bug #7748: VLAN Priority: Corey Doss wrote:
> No luck for me (Google Fiber) on snapshot 2.4.1.a.20171018.1713. Maybe the next available buil... Jim Pingle
07:28 PM Feature #7968 (Resolved): Display NDI on shell menu: Jim Pingle
04:20 AM Feature #7968 (Feedback): Display NDI on shell menu: Applied in changeset commit:93a3b29649ca500aa17450213d69974e723e6091. Renato Botelho
04:03 PM pfSense Packages Feature #7824: [acme / Let's Encrypt] Bump to the latest acme.sh package: I just migrated to pfSense 2.4.0 and the latest acme package 0.1.20. That version bumped to a newer acme.sh version, ... S. Debreuil
03:19 PM Bug #7966: Live traffic graphs appear to have sampling errors: Chris Linstruth wrote:
> The Status > Traffic Graphs function and the Traffic Graph widget appear to have a regressi... Mike Dziedziela
03:07 PM Bug #6318: IPsec dashboard widget causes GUI failure: There have been some IPsec widget fixes here which may be relevant, since it is so difficult to reproduce, it is diff... Jim Pingle
03:04 PM pfSense Packages Bug #7923 (Resolved): 502 Bad Gateway and unresponsive OS with 2.4: A new version of pfBlockerNG has been released containing a fix for this problem. Jim Pingle
03:03 PM Bug #6406: Web process becomes unresponsive producing 502 Bad Gateway nginx: There have been some fixes here in the IPsec widget and pfBlocker which may help - moving this forward in case there ... Jim Pingle
01:00 PM Feature #7974 (New): ZFS RAID Monitor Not available: pfsense currently has a widget that allow you to see the status of a GEOM Mirror after setting up a GEOM RAID. It wo... Kayvil Rhodes
11:50 AM Bug #7918: Nightly error reloading rules: Still present on 2.4.0.
edit: and 2.4.1
edit: and 2.4.2 Michael Lustfield
10:23 AM Revision f6d840a1: Bump version to 2.4.2-DEVELOPMENT: Renato Botelho
10:21 AM Revision 4ab48744: Welcome 2.4.1-RC: Renato Botelho
09:08 AM Revision 4df6df83: Fix #7968: Show Network Device ID in console banner Renato Botelho
09:08 AM Revision bc0c0b46: Do not show Serial when it's empty: Renato Botelho
09:07 AM Revision b767654e: Stop using hostuuid as serial: Renato Botelho
09:07 AM Revision 93a3b296: Fix #7968: Show Network Device ID in console banner Renato Botelho
09:07 AM Revision df89ed3a: Do not show Serial when it's empty: Renato Botelho
08:43 AM Revision 4368d367: Stop using hostuuid as serial: Renato Botelho
08:11 AM Bug #7927 (Closed): (filterdns), uid 0: exited on signal 11 (core dumped): Jim Pingle
07:54 AM Bug #7973 (Resolved): VLAN Priority Set feature in firewall rules is not functioning: The "VLAN Prio Set" option on firewall rules is supposed to alter the VLAN priority flag in 802.1q packets as they le... Jim Pingle
05:08 AM Bug #7970 (Duplicate): Used Maximum Ram and freeze in new Version: If you upgrade to 2.4.1 snapshot and keep seeing bsnmpd consuming high CPU please add a comment in #6882 so it can be... Renato Botelho
02:36 AM Bug #7970: Used Maximum Ram and freeze in new Version: Hey OP, I was reading into this further and found Bug #6882 https://redmine.pfsense.org/issues/6882 you might find in... Kim Mount
02:25 AM Bug #7970: Used Maximum Ram and freeze in new Version: Sorry for the update spam, before I rebooted it this time I sent an NMI from ESXi and it generated a textdump in /var... Kim Mount
02:19 AM Bug #7970: Used Maximum Ram and freeze in new Version: Hello,
I came to this tracker to look for similar reports to what I am experiencing and this is very similar.
I... Kim Mount
02:07 AM Bug #7970 (Duplicate): Used Maximum Ram and freeze in new Version: hi
i am upgrade my PFsense to newer Version . After do it pfsense used all memory (4GB). i am increase to 8GB but to... gamaz uf
05:04 AM Bug #7972 (Resolved): Captive portals do not synchronize voucher data in both directions: Hi,
I have a master and slave Captive portals. They synchronized well the data in both directions and immediately ... Dejan Milojevic
04:56 AM Feature #7971 (New): Allow import, export and synchronization of MACs under Captive Portal service: Hi,
Would it be possible to implement possibility to allow import/export (e.g. in CSV format) of allowed/disallowe... Dejan Milojevic
03:19 AM Bug #7426: UDP packet drops: *An important note*
The issue can be found on:
* sg1k for ordinary data transmission
* 3100 for VPN data transmi... Constantine Kormashev
02:45 AM Bug #7532: SG-1000 autonegotiation 10baseT speed and duplex: During investigation 27001 found some important things:
# Looks like the issue affects 100BaseTX
# Changing from au... Constantine Kormashev
01:30 AM Bug #7925: VT race condition panic at boot on ESXi 6.5.0U1 and FreeBSD 11.1 base: Jim Pingle wrote:
> For reference, at least one person appears to have encountered it on ESX 5.5 as well, though the... Nicolas Liaudat

10/18/2017

10:09 PM Bug #7969 (Resolved): md5 bgp sessions fail in 2.4.0: Upgraded to 2.4.0 from 2.3.4 and my bgp sessions which were secured via TCP md5 configurations in openbgpd & the new ... Andrew Dul
08:50 PM Bug #7748: VLAN Priority: Luiz Souza wrote:
> Found the regression. Please test the next snapshot.
No luck for me (Google Fiber) on snapsh... Corey Doss
07:34 PM Bug #7748 (Feedback): VLAN Priority: Found the regression. Please test the next snapshot. Luiz Souza
07:06 PM Bug #7927: (filterdns), uid 0: exited on signal 11 (core dumped): As of 2.4.1.a.20171018.1438, I am not seeing further reports of a core dump by filterdns. Chase Turner
05:02 PM Revision 2b38f54d: Recognize the first level tag of QinQ interfaces as standard VLANs.: Luiz Souza
04:37 PM Bug #7604: Bug #6594 is not resolved: Waiting for Internet connection to update pkg metadata and finish package reinstallation: So I just tried again... this must be the most braindead thing ever.... Kill Bill
03:29 PM Feature #7968 (Resolved): Display NDI on shell menu: The NDI is displayed in the webGUI but not the shell menu. This forces customers to access the webGUI before they can... Clinton Cory
03:22 PM Revision 7857b28e: Disable zabbix 3.4 on pfSense 2.3.4: Renato Botelho
03:18 PM Revision 8ed52700: Enable build of new Zabbix versions (2.2, 3.2 and 3.4): Renato Botelho
03:18 PM Revision 2f66e4e6: Enable build of new Zabbix versions (2.2, 3.2 and 3.4): Renato Botelho
02:18 PM Bug #7967 (Not a Bug): LDAP User Naming Attribuite override isn't used in pfSense 2.4: The LDAP user naming attribute is read from the configuration and CN is not hardcoded, so it can only be from somethi... Jim Pingle
02:14 PM Bug #7967: LDAP User Naming Attribuite override isn't used in pfSense 2.4: I have been unable to duplicate this. A configured LDAP server here uses uid and the query is properly-filtered with ... Chris Linstruth
01:33 PM Bug #7967 (Not a Bug): LDAP User Naming Attribuite override isn't used in pfSense 2.4: Version 2.4 Authentication Servers page, User Naming Attribute is set to something other than CN. In my case the LDA... Anonymous
02:09 PM Bug #7925 (Resolved): VT race condition panic at boot on ESXi 6.5.0U1 and FreeBSD 11.1 base: I ran some more tests:
kern.vty=sc ADDED to /boot/loader.conf.local: 72 reboots (6 VMs, 12 reboots each), no crash... Jim Pingle
11:50 AM Bug #7925: VT race condition panic at boot on ESXi 6.5.0U1 and FreeBSD 11.1 base: To rule that out we should setup the kern.vty=sc workaround and continue testing for a bit to see if it still crashes... Jim Pingle
11:36 AM Bug #7925: VT race condition panic at boot on ESXi 6.5.0U1 and FreeBSD 11.1 base: Ok, I see now the two different crashes on the OP post.
While I take back part of what I said before, It still doe... Luiz Souza
11:32 AM Bug #7925: VT race condition panic at boot on ESXi 6.5.0U1 and FreeBSD 11.1 base: The recent crashes seems unrelated to the original crash in VT.
They actually seem to happen quite late in the ker... Luiz Souza
09:23 AM Bug #7925 (Assigned): VT race condition panic at boot on ESXi 6.5.0U1 and FreeBSD 11.1 base: Ditto, I see a similar crash. I had to reboot 5 VMs a few times before one of them failed.
!Selection_709.png! Jim Pingle
03:38 AM Bug #7925: VT race condition panic at boot on ESXi 6.5.0U1 and FreeBSD 11.1 base: Tried on 2 different esxi hosts latest 2.4.1 ova rebooted 20 times each VM. Once got error for 2nd VM.
!vm_bug.png... Constantine Kormashev
01:44 PM Revision c3a6a00f: Add missing space: Renato Botelho
01:12 PM Revision 2a781563: Fix #7953: Make sure a proper empty array is returned instead of NULL: Renato Botelho
01:11 PM Revision 58572d45: Revert "Fix #7953: Make sure NULL values are not passed to XMLRPC functions": This reverts commit 73ee3d78d505c10e8c70606bf008732833c00859. Renato Botelho
12:24 PM pfSense Packages Feature #7657: OpenBGPD local-as feature in neighbors context: +1 for updating the openbgpd package so that it can support local-as.
Current package version will give me a syn... Andrew Dul
12:04 PM pfSense Packages Bug #7954: Package upgrade/reinstall gets stuck on deinstall if the package-provided service is not running: Sure, that should work fine Jim Pingle
12:01 PM pfSense Packages Bug #7954: Package upgrade/reinstall gets stuck on deinstall if the package-provided service is not running: Jim Pingle wrote:
> Looks like one viable method might be to echo with @&@, capture the pid of that process, sleep f... Kill Bill
11:39 AM pfSense Packages Bug #7954: Package upgrade/reinstall gets stuck on deinstall if the package-provided service is not running: Well yes I think there's something broken about c-icap in general, the named pipe (fifo) should vanish once the servi... Kill Bill
11:30 AM pfSense Packages Bug #7954: Package upgrade/reinstall gets stuck on deinstall if the package-provided service is not running: Looks like one viable method might be to echo with @&@, capture the pid of that process, sleep for a moment, and then... Jim Pingle
11:20 AM pfSense Packages Bug #7954 (Confirmed): Package upgrade/reinstall gets stuck on deinstall if the package-provided service is not running: OK, that does make a difference. If there are stale PID files it seems to get stuck because "/bin/sh /usr/local/etc/r... Jim Pingle
10:15 AM pfSense Packages Bug #7954: Package upgrade/reinstall gets stuck on deinstall if the package-provided service is not running: Jim Pingle wrote:
> I setup squid and enabled clamav, so I have squid, clamav, and c-icap services running. I manual... Kill Bill
09:37 AM pfSense Packages Bug #7954 (Feedback): Package upgrade/reinstall gets stuck on deinstall if the package-provided service is not running: I can't seem to replicate this as-is but there could be something I haven't quite triggered yet.
I setup squid and... Jim Pingle
10:00 AM Bug #7953 (Resolved): XMLRPC produces an error when attempting to sync an empty section: Works now, the last item delete gets synchronized as expected. Jim Pingle
08:20 AM Bug #7953 (Feedback): XMLRPC produces an error when attempting to sync an empty section: Applied in changeset commit:2a781563c6acf925a45e74d6c2f72d0e9b4173f9. Renato Botelho
09:42 AM Bug #7868 (Resolved): bsmtpd hostres feature should not be active when running on esx/proxmox/virtualbox: After the fix for #6882 this is no longer necessary. Jim Pingle
09:40 AM Bug #7960 (Resolved): Wirelss WAN can get caught in a configure loop: This looks good now. After upgrading to the latest snap, I can have a wireless WAN assigned and working, and also edi... Jim Pingle
09:10 AM Bug #6882 (Resolved): bsnmpd uses all available CPU with hostres module active in some cases: After importing the FreeBSD patch, this appears to be OK. CPU usage is back to normal, no sign of a memory leak, and ... Jim Pingle
07:53 AM Bug #7964: Restart openvpn on gateway switching: perhaps this would help: --remap-usr1 SIGHUP
I don't know how you handle openvpn exactly. Have you send SIGUSR1? At ... Grischa Zengel
07:09 AM pfSense Packages Bug #7963 (Not a Bug): Unable to upgrade pfSense v2.3.4-RELEASE to v2.3.4-RELEASE-p1 via web admin site. Clicking 'y' on console continues upgrade successfully.: Jim Pingle
04:11 AM pfSense Packages Bug #7965: freeradius 3 with MySQL: hmmm.... will this commit fall into the repository? or nothing?
how can I help? Konstantin Ab
04:07 AM pfSense Packages Bug #7965: freeradius 3 with MySQL: There is nothing for testing (beyond reverting that commit). The linked commit is potentially a *source* of the issue... Kill Bill
03:37 AM pfSense Packages Bug #7965: freeradius 3 with MySQL: where its apply for testing? Konstantin Ab
03:03 AM pfSense Packages Bug #7965: freeradius 3 with MySQL: This commit: https://github.com/pfsense/FreeBSD-ports/commit/eafa6ca5d0b89a3e6a9110dfea8e2a89fe24d245
- The hunk s... Kill Bill
03:17 AM Bug #7966 (Resolved): Live traffic graphs appear to have sampling errors: The Status > Traffic Graphs function and the Traffic Graph widget appear to have a regression (#7515 ? ).
The samp... Chris Linstruth
02:29 AM Bug #7426: UDP packet drops: The reason of UDP drop is packet processing slowdown which happens on ARM devices (1k, 3100). I observed ~2-7% for di... Constantine Kormashev

10/17/2017

11:58 PM pfSense Packages Bug #7965: freeradius 3 with MySQL: i use freeradius for Plain MAC Authentication Konstantin Ab
11:54 PM pfSense Packages Bug #7965 (Resolved): freeradius 3 with MySQL: sorry, I will duplicate issue 7947, BUT i think this is a 100% bug. Please, let's take it seriously.
I'm upgrading... Konstantin Ab
09:51 PM Revision 48450841: Helped make the ajax more robust to check for non json return types: Stephen Jones
09:37 PM Bug #7964: Restart openvpn on gateway switching: After the PPPoE interface is up, the openvpn clients still use Tier2 and didn't fall back to Tier1. Grischa Zengel
08:32 PM Bug #7964 (New): Restart openvpn on gateway switching: I have 2 openvpn clients with GW Group configured.
While Tier1 interface (PPPoE) was going down the two openvpn cras... Grischa Zengel
08:39 PM Revision 55c60100: Revert "Added JSON checks for widgets to prevent parsing errors.": This reverts commit e63aee854214c93fd0cba71f7023c194942c1ca9. Stephen Jones
08:10 PM Revision e63aee85: Added JSON checks for widgets to prevent parsing errors.: (cherry picked from commit 63f686bde3e95eed8d2223d00e5f6403a5ef2d4c) Stephen Jones
08:03 PM Revision 63f686bd: Added JSON checks for widgets to prevent parsing errors.: Stephen Jones
07:47 PM Revision 1b21bfdb: Simplify the code a little bit.: Luiz Souza
07:46 PM Revision 0d9b74f1: add cache busting to css using last modified timestamp: Jared Dillard
07:45 PM Revision 2e155305: Use the new function to validate the VLAN tags.: Luiz Souza
07:42 PM Revision 0793de1a: Fix the QinQ support.: Bring the QinQ support to the VLAN dotted format.
To avoid breaks third party software (such as dhcpd), we silently ... Luiz Souza
07:11 PM Revision 08a5e9a6: add cache busting to css using last modified timestamp: Jared Dillard
07:03 PM Revision cbd7c398: Restore auth_check(): Steve Beaver
06:43 PM Revision 6a6c0b16: Added back the previous commit since it got overwritten.: Stephen Jones
06:37 PM Revision 58f31015: Related to redmine #6318 helps fix some times when it would get back null data after a session ended: Stephen Jones
06:15 PM pfSense Packages Bug #7963: Unable to upgrade pfSense v2.3.4-RELEASE to v2.3.4-RELEASE-p1 via web admin site. Clicking 'y' on console continues upgrade successfully.: Steve Tanti wrote:
> Jim Pingle wrote:
> > Be sure to go to System > Update, Update Settings tab. Set the branch to... Steve Tanti
05:57 PM pfSense Packages Bug #7963: Unable to upgrade pfSense v2.3.4-RELEASE to v2.3.4-RELEASE-p1 via web admin site. Clicking 'y' on console continues upgrade successfully.: Jim Pingle wrote:
> Be sure to go to System > Update, Update Settings tab. Set the branch to Security/Errata Only an... Steve Tanti
05:43 PM pfSense Packages Bug #7963 (Feedback): Unable to upgrade pfSense v2.3.4-RELEASE to v2.3.4-RELEASE-p1 via web admin site. Clicking 'y' on console continues upgrade successfully.: Be sure to go to System > Update, Update Settings tab. Set the branch to Security/Errata Only and then try again. Jim Pingle
05:40 PM pfSense Packages Bug #7963 (Not a Bug): Unable to upgrade pfSense v2.3.4-RELEASE to v2.3.4-RELEASE-p1 via web admin site. Clicking 'y' on console continues upgrade successfully.: When I trigger an upgrade via the web console it hangs stating:
>>> Downloading upgrade packages...
I left it f... Steve Tanti
06:14 PM Revision 25a95b4c: Use pkg-static binary to prevent errors when moving to new major FreeBSD version: Renato Botelho
06:14 PM Revision 1dee6294: Use pkg-static binary to prevent errors when moving to new major FreeBSD version: Renato Botelho
06:13 PM Revision 9a0f7e2a: Use pkg-static binary to prevent errors when moving to new major FreeBSD version: Renato Botelho
06:13 PM Revision 58e60eb9: Use pkg-static binary to prevent errors when moving to new major FreeBSD version: Renato Botelho
06:10 PM Revision 73ee3d78: Fix #7953: Make sure NULL values are not passed to XMLRPC functions: Renato Botelho
04:57 PM Revision b87f0429: IPSec widget no longer includes session timout code: Steve Beaver
04:04 PM Revision 93d3a065: Do not reconfigure wireless on a link up event, or else it can get stuck in a loop. Fixes #7960: Jim Pingle
03:37 PM Bug #7951 (Resolved): WPA2 issue (KRACK): Looks good as far as I can see, with hostapd and wpa_supplicant are updated and running as expected. Jim Pingle
12:27 PM Bug #7951: WPA2 issue (KRACK): I've tested with ath0 and run0 as AP and BSS mode, both run the appropriate binaries from ports and appear to be OK. Jim Pingle
07:08 AM Bug #7951 (Feedback): WPA2 issue (KRACK): Start using hostapd / wpa_supplicant from ports on 2.4.1 and 2.3.5. Next round of snapshots should be OK Renato Botelho
03:03 PM Bug #7953 (Assigned): XMLRPC produces an error when attempting to sync an empty section: The XMLRPC error is gone but the affected section does not sync when empty.
You can never delete the last virtual ... Jim Pingle
01:19 PM Bug #7953 (Feedback): XMLRPC produces an error when attempting to sync an empty section: Fix pushed Renato Botelho
02:19 PM Bug #6954 (Resolved): New installer has no "Quick/Easy" installation option: The Auto (UFS) behavior with a single drive works well Jim Pingle
07:28 AM Bug #6954 (Feedback): New installer has no "Quick/Easy" installation option: Added in 2.4.0 installer already. When Auto (UFS) is selected, if there is only one available disk it's automatically... Renato Botelho
01:55 PM Feature #7962: Support for Intel 553 network card: Hi,
could also be easier as this here:
https://lwn.net/Articles/735126/ or in more detail this: https://revie... Cullen Trey
01:16 PM Feature #7962 (Resolved): Support for Intel 553 network card: Hi,
just tried to get a Intel 553 network card running in pfsense 2.4, but it does not work.
Issue https://red... Cullen Trey
12:30 PM Bug #7868: bsmtpd hostres feature should not be active when running on esx/proxmox/virtualbox: It looks good with a gitsync, but needs another test once it's in snapshots. Jim Pingle
07:30 AM Bug #7868 (Feedback): bsmtpd hostres feature should not be active when running on esx/proxmox/virtualbox: Fix committed to FreeBSD-src and exceptions removed from GUI Renato Botelho
12:29 PM Bug #7921 (Resolved): Reset All States on WAN IP Change does not stay unchecked when disabled in GUI: The GUI control properly reflects the state of the option in the configuration, and changes are saved properly. Jim Pingle
12:26 PM Bug #7939 (Resolved): Voucher test page produces no output: Testing and expiring works now. Jim Pingle
12:25 PM Bug #7810 (Resolved): openssl/openvpn need to have loaded booth AESNI and cryptodev to accelerate AES operations , but gui alows you load only one at once: Jim Pingle
12:24 PM Bug #7810: openssl/openvpn need to have loaded booth AESNI and cryptodev to accelerate AES operations , but gui alows you load only one at once: Verified that the correct combination of aesni.ko and cryptodev.ko are present after a reboot and that cryptodev is o... Chris Linstruth
12:22 PM Todo #7938 (Resolved): Change pfSense-upgrade to use pkg-static instead of pkg: Looks to me like all of the references in the pfSense-upgrade code now call pkg-static so this is done. Jim Pingle
12:15 PM Bug #7937 (Resolved): FreeBSD 11 removed legacy ada aliases, some older installs will fail to mount root post-upgrade: Latest fix did the trick. I can now start with a VM with a legacy style fstab and the upgrade completes and boots up ... Jim Pingle
10:30 AM Bug #7937 (Feedback): FreeBSD 11 removed legacy ada aliases, some older installs will fail to mount root post-upgrade: I've added it to pfSense-repo package post-install script Renato Botelho
12:14 PM Bug #7925: VT race condition panic at boot on ESXi 6.5.0U1 and FreeBSD 11.1 base: I can't reproduce this on 2.4.1 snapshots but it was so random before that doesn't give me much confidence.
Anyone... Jim Pingle
12:12 PM Feature #7506 (Resolved): Use "auth-retry nointeract" to prevent OpenVPN clients from exiting or attempting to prompt for passwords: Works Jim Pingle
12:10 PM Revision e8972c2f: Fix 7868 - Allow to enable hostres on all platforms after fix on FreeBSD-src: Renato Botelho
12:07 PM Feature #7814 (Resolved): Unbound serve-expired please add to GU as tickbox: We've tested this a bit and it's working. Jim Pingle
12:01 PM Feature #7814: Unbound serve-expired please add to GU as tickbox: Martin informed this has been accepted and merged. Chris Collins
07:45 AM Feature #7814 (Feedback): Unbound serve-expired please add to GU as tickbox: Anonymous
11:21 AM Bug #7942 (Feedback): QinQ interfaces never show as active: Please, test again when the next snapshot is ready.
It is fixed and updated to use the same name format as VLANs.
... Luiz Souza
11:11 AM pfSense Packages Feature #7895: Add a script for CARP monitoring to NRPE: Here is a fixed version, I tested it based on your above output.
It now gives the following result :... Stéphane Lapie
10:43 AM pfSense Packages Feature #7895: Add a script for CARP monitoring to NRPE: Ah, I think I see. I did not handle the case of multiple VHIDs on one interface, I will fix it right now. Stéphane Lapie
10:11 AM pfSense Packages Feature #7895: Add a script for CARP monitoring to NRPE: I agree that it would be very helpful if there was a way to monitor carp status via SNMP.
I ran your script on my ... Phillip Hernandez
11:10 AM Bug #7960 (Feedback): Wirelss WAN can get caught in a configure loop: Applied in changeset commit:93d3a065260441dcb32fcd69cf4cb806d1021eea. Jim Pingle
11:04 AM Bug #7960 (Resolved): Wirelss WAN can get caught in a configure loop: At least with some wireless devices, they send a link up event to the OS when they associate successfully. This trigg... Jim Pingle
11:06 AM pfSense Packages Bug #7961 (Resolved): JS Error on Status > Monitoring: If you go to Status > Monitoring click Settings > Display Advanced > add view and then click cancel you get this cons... Anonymous
11:00 AM Revision 6a7a320e: Use hostapd / wpa_supplicant from ports when available: Renato Botelho
10:59 AM Revision 95605da1: Use hostapd / wpa_supplicant from ports when available: Renato Botelho
10:46 AM Revision 19a9070e: Enable build of new Zabbix versions (2.2, 3.2 and 3.4): Renato Botelho
10:37 AM Revision af0d2a1f: Enable build of new Zabbix versions (2.2, 3.2 and 3.4): Renato Botelho
10:28 AM Revision ac717bc0: Update Zabbix options: - Bring versions 3.2 and 3.4
- Enable IPMI, VMware and SSH monitoring for Zabbix Proxy
- Remove unnecessary items
(c... Danilo Baio
10:28 AM Revision af40692f: Update Zabbix options: - Bring versions 3.2 and 3.4
- Enable IPMI, VMware and SSH monitoring for Zabbix Proxy
- Remove unnecessary items
(c... Danilo Baio
10:28 AM Revision 54869134: Update Zabbix options: - Bring versions 3.2 and 3.4
- Enable IPMI, VMware and SSH monitoring for Zabbix Proxy
- Remove unnecessary items
(c... Danilo Baio
10:27 AM Revision 863ce211: Merge pull request #3851 from dbaio/master: Renato Botelho
10:17 AM pfSense Packages Bug #7959 (Not a Bug): Dpinger - Probe Interval: Dear Team
We are working with WAN satellite connections limited in bandwidth data per month.
The maximum probe inte... Lampros Papanastasiou
10:08 AM Bug #7958: Upgrade 2.4.0: IP alias with FQDN doesn't work any more: OK. Now have a look at the forum.
It looks like filterdns stops working and after a big change a second one will be ... Grischa Zengel
08:30 AM Bug #7958: Upgrade 2.4.0: IP alias with FQDN doesn't work any more: If it ever worked, it was by luck alone.
When I try to resolve www.google.de, I only receive two responses (one I... Jim Pingle
08:27 AM Bug #7958: Upgrade 2.4.0: IP alias with FQDN doesn't work any more: It was a test with google ...
The point is, that the other address are not shown.
And before update it worked as ... Grischa Zengel
08:24 AM Bug #7958: Upgrade 2.4.0: IP alias with FQDN doesn't work any more: You cannot rely on alias resolution for domains which return random sets of addresses. That will never work properly ... Jim Pingle
08:23 AM Bug #7958: Upgrade 2.4.0: IP alias with FQDN doesn't work any more: Some more info:
I'm using Domain Overrides.
I put www.google.de and a host from my Domain Overrides into a table ... Grischa Zengel
07:30 AM Bug #7958 (Not a Bug): Upgrade 2.4.0: IP alias with FQDN doesn't work any more: It works fine here on several firewalls and there is nowhere near enough detail here or on the linked thread to sugge... Jim Pingle
07:24 AM Bug #7958 (Not a Bug): Upgrade 2.4.0: IP alias with FQDN doesn't work any more: I'm not alone with this problem so I decide to open a issue an this:
https://forum.pfsense.org/index.php?topic=13817... Grischa Zengel
08:47 AM Bug #7856: IPsec status does not show all connected mobile clients: I did some tests with SG-2220 (2.4.1-DEVELOPMENT (amd64)) and IPsec widget was on Dashboard, but there wasn't any IPs... Azamat Khakimyanov
07:45 AM Bug #7748: VLAN Priority: Downgraded last night to 2.3.4, packets are now being properly tagged again. Here are some examples:... Oliver Palmer
06:58 AM Feature #7957 (New): GUI theme - separate "colour" from "compact/normal" in theme dropdown: At the moment one can choose themes such as normal, dark, and compact-RED.
There is also a colour selector with a wi... Stilez y
06:36 AM Feature #7956: Favicon able to match GUI colour setting?: Sample favicons attached Stilez y
06:19 AM Feature #7956 (New): Favicon able to match GUI colour setting?: I'm finding that with multiple pfSense routers in use, choosing the right tab in the browser would be a lot easier if... Stilez y
05:50 AM Bug #7955 (Closed): Upgrade in 2.4 GUI appears to fail when it actually succeeded (no D/L completion or reboot message, or sign of completion): In previous versions, when upgrading, the activity textbox displays what's happening. At the end it said something li... Stilez y

10/16/2017

07:49 PM Revision 12bcf7e9: Change the VLAN inteface names to use the 'dotted' format of FreeBSD, which is shorter and helps to keep the interface name smaller than the limit (16).: This fixes the 4 digit VLAN issues when the NIC name is 6 bytes long.
Ticket #294 Luiz Souza
07:07 PM Revision 40437d5d: xmlrpc, webgui, prevent that a xmlrpc.lock is placed that is never unlocked, thus hanging php and the webgui after a few more sync request are trying to acquire the lock and all are waiting..: (cherry picked from commit 8239af2dc167fd865818a29b4e01d7e464d564d3) Pi Ba
07:07 PM Revision ee0e2507: Merge pull request #3848 from PiBa-NL/20171011-xmlrpc-prevent-lost-lock: Renato Botelho
07:07 PM Revision 6665dd8c: Remove no-op code: See https://redmine.pfsense.org/issues/7889 for related discussion
(cherry picked from commit 401e2ac783756e22ab738d... Doktor Notor
07:07 PM Revision fc9abcc7: Remove no-op code: See https://redmine.pfsense.org/issues/7889 for related discussion
(cherry picked from commit cbbb8fdb62fc75bfac28b2... Doktor Notor
07:06 PM Revision 8734adf8: Merge pull request #3838 from doktornotor/patch-9: Renato Botelho
06:31 PM Revision 840a290e: Merge pull request #3831 from luckman212/patch-1: Renato Botelho
06:21 PM Revision e4aef1ed: Merge pull request #3850 from doktornotor/patch-11: Renato Botelho
06:07 PM Revision f96376a3: Allow both AES-NI and Crypto modules to be loaded at the same time. Fixes #7810: Jim Pingle
06:07 PM Bug #7951: WPA2 issue (KRACK): Fixes for KRACK now in FreeBSD Ports tree: https://github.com/freebsd/freebsd-ports/commit/e0ec9d45b57b88487440141915... Jim Thompson
10:08 AM Bug #7951 (Resolved): WPA2 issue (KRACK): We need to import the FreeBSD fixes for wpa_supplicant and hostapd related to the recently-disclosed key reinsertion ... Jim Pingle
05:53 PM Revision 5e5b13a9: Merge pull request #3821 from PiBa-NL/20170916-bsnmp-hostrest-check: Renato Botelho
05:43 PM Bug #6455: Can't delete Virtual IP "referenced by a least one gateway" if gateway outside interface subnet: Thanks! Just ran into this and changed the mast to /32 and I was then able to delete it. I thought it was a 2.4.0 bug... Brendon Baumgartner
05:16 PM Revision 2105c0e2: Change OpenVPN to retry client auth when it fails by default, rather than making the process exit which confuses users. Fixes #7506: (cherry picked from commit a69a9182278bab4843f3215a1b484f9452558884) Jim Pingle
05:14 PM Revision a69a9182: Change OpenVPN to retry client auth when it fails by default, rather than making the process exit which confuses users. Fixes #7506: Jim Pingle
04:17 PM Revision 7a696510: Merge pull request #3817 from marjohn56/Unbound-serve-expired: Steve Beaver
04:09 PM Revision 9503d881: Merge pull request #3826 from doktornotor/patch-5: Steve Beaver
04:05 PM Revision 84ec58b7: Unbound Serve expired: Serve expired – Records stay in cache after TTL expires, with a TTL value of 0, if a new lookup is requested the cach... Martin Wasley
03:45 PM Revision c676c135: Fixed #7896: 2.3 is slightly different than 2.4 with different variables so this
fix is different than the 2.4 version. Stephen Jones
03:42 PM Bug #7884 (Resolved): Unbound refusing non-recursive/iterative queries even from localhost: Jim Pingle
03:34 PM Bug #7884: Unbound refusing non-recursive/iterative queries even from localhost: On pfSense-netgate-memstick-ADI-2.4.1-DEVELOPMENT-amd64-20171016-1127.img "dig google.com +trace" and "drill -T googl... Anonymous
03:28 PM pfSense Packages Bug #7871 (Resolved): Add squid validation for selected CA when MITM is enabled: Great, thanks for testing! Jim Pingle
03:22 PM pfSense Packages Bug #7871: Add squid validation for selected CA when MITM is enabled: Looks good here, only usable CAs are being offered in the Squid GUI with 0.4.42. Thanks! Kill Bill
11:19 AM pfSense Packages Bug #7871 (Feedback): Add squid validation for selected CA when MITM is enabled: OK I added two different sets of protection:
1. Input validation to warn if a user selected a CA without a private... Jim Pingle
03:22 PM Revision a55c5a21: roll back for 2_3 for picture widget: Stephen Jones
03:20 PM pfSense Packages Bug #7954 (Confirmed): Package upgrade/reinstall gets stuck on deinstall if the package-provided service is not running: So you have a package and the service is not running. Trying to upgrade/reinstall produces the following:... Kill Bill
02:55 PM Bug #7953 (Resolved): XMLRPC produces an error when attempting to sync an empty section: When attempting to sync an empty section (e.g. VIPs are set to sync, but no VIPs are defined), the following error is... Jim Pingle
02:55 PM Revision 1f8a9b40: Fixed #7896: Handled the case where there is no picture and made it simpler to load
a picture.
(cherry picked from commit dc91c94... Stephen Jones
02:51 PM Revision 14ef41c4: Let 2.4.0 users to go to 2.4.1: Renato Botelho
02:28 PM Revision dc91c949: Fixed #7896: Handled the case where there is no picture and made it simpler to load
a picture. Stephen Jones
01:57 PM Revision 7f9b448f: Fixed #7714: Added JS code to formate the date/time for UCT
(cherry picked from commit 893b609111be502233a7a4ad6804fff1e4779a03) Steve Beaver
01:53 PM Revision 893b6091: Fixed #7714: Added JS code to formate the date/time for UCT Steve Beaver
01:27 PM Revision 7077ba39: Update Zabbix options: - Bring versions 3.2 and 3.4
- Enable IPMI, VMware and SSH monitoring for Zabbix Proxy
- Remove unnecessary items Danilo Baio
01:20 PM Bug #7810 (Feedback): openssl/openvpn need to have loaded booth AESNI and cryptodev to accelerate AES operations , but gui alows you load only one at once: Applied in changeset commit:f96376a378211155181a02a053cbb7ff9a700056. Jim Pingle
10:34 AM Bug #7810: openssl/openvpn need to have loaded booth AESNI and cryptodev to accelerate AES operations , but gui alows you load only one at once: There is still some debate as to whether or not this is even necessary or would ever help, but it should be simple to... Jim Pingle
01:12 PM pfSense Packages Bug #7947 (Rejected): freeRadius 3 on pfSense 2.4 not work: There isn't enough really to go on here, please start a forum thread so we can discuss and diagnose the issue. Also, ... Jim Pingle
12:57 AM pfSense Packages Bug #7947: freeRadius 3 on pfSense 2.4 not work: i edit /usr/local/etc/raddb/sites-enabled/default
i comment:... Konstantin Ab
12:42 AM pfSense Packages Bug #7947: freeRadius 3 on pfSense 2.4 not work: i use EAP section
and freeRadius2 worked in 2.3.4
2.4 + FR3 = not worked Konstantin Ab
12:30 PM Feature #7506 (Feedback): Use "auth-retry nointeract" to prevent OpenVPN clients from exiting or attempting to prompt for passwords: Applied in changeset commit:a69a9182278bab4843f3215a1b484f9452558884. Jim Pingle
12:26 PM Revision 233dde07: Fixed #7921: (cherry picked from commit 5fce3e8e905c3a2029475293cf760ee2c2a51074) Steve Beaver
12:24 PM Revision 5fce3e8e: Fixed #7921: Steve Beaver
12:18 PM pfSense Packages Feature #7945 (Resolved): NET-SNMP - Flooding log entries: Great, thanks for testing!
Jim Pingle
12:06 PM pfSense Packages Feature #7945: NET-SNMP - Flooding log entries: Jim Pingle wrote:
> I just pushed a fix for this, it will show up shortly to install.
Updated and tested. Looks g... Nonada Nonadz
07:49 AM pfSense Packages Feature #7945 (Feedback): NET-SNMP - Flooding log entries: I just pushed a fix for this, it will show up shortly to install. Jim Pingle
11:43 AM Bug #7946: 2.4 Package Manager: Does Not List Installed Packages which have been removed from the repository.: It seems to be anything it can't validate against the current repository (offline or online). It should list them all... Jim Pingle
11:41 AM Bug #7946: 2.4 Package Manager: Does Not List Installed Packages which have been removed from the repository.: Well yes, the inability to produce/take into account any offline results is indeed a bug. Kill Bill
07:54 AM Bug #7946: 2.4 Package Manager: Does Not List Installed Packages which have been removed from the repository.: It may still be a bug though. The package is indeed gone from the server-side database but it's still installed local... Jim Pingle
11:35 AM pfSense Packages Bug #7941 (Not a Bug): ntop-ng. Unable to reach web page: This was an issue with the rules on that one system and not a problem with ntopng. Jim Pingle
08:19 AM pfSense Packages Bug #7941 (Feedback): ntop-ng. Unable to reach web page: I see those errors here but it appears they happen during install or boot when it gets stopped/started a couple times... Jim Pingle
11:16 AM pfSense Packages Bug #7952 (Closed): OpenVPN export package for Windows flagged by a few AV's: We have received a report that exported OpenVPN client package is flagged by a few AV's.
https://forum.pfsense.or... Ivor Kreso
10:48 AM Revision e9bb33f3: Fix #7949: Add UEFI 32 and UEFI 64 filenames defined inside a pool to dhcpd.conf Renato Botelho
10:47 AM Revision 9d775c75: Fix #7949: Add UEFI 32 and UEFI 64 filenames defined inside a pool to dhcpd.conf Renato Botelho
09:40 AM Bug #7896 (Feedback): picture_widget.php: Applied in changeset commit:dc91c9490a61c374b4358a3a328019f3e0e150ab. Anonymous
09:10 AM Bug #7714: NTP Widget Time Display: Applied in changeset commit:7f9b448ff7d926c4c5b69ada8625e728c3f5c715. Anonymous
09:00 AM Bug #7714 (Feedback): NTP Widget Time Display: Applied in changeset commit:893b609111be502233a7a4ad6804fff1e4779a03. Anonymous
08:04 AM Bug #7940: disabling LAGG causes system reboot on 2.4: That does look almost identical to #7119, we should check to see if those patches need any adjustments for FreeBSD 11.1. Jim Pingle
07:54 AM Bug #7917: GUI shows "There are no packages currently installed" when repos are unreachable: See also: #7946 Jim Pingle
07:40 AM Bug #7921 (Feedback): Reset All States on WAN IP Change does not stay unchecked when disabled in GUI: Applied in changeset commit:5fce3e8e905c3a2029475293cf760ee2c2a51074. Anonymous
07:38 AM Bug #7948 (Rejected): pfsense 2.4 fall in black screen on ESXI 6.5: Please start a new thread on the forum with was much detail as possible. There is not enough to go by here, and some ... Jim Pingle
01:12 AM Bug #7948 (Rejected): pfsense 2.4 fall in black screen on ESXI 6.5: after upgrade from 2.3.4 pfsense periodically fall in black screen
you can enter letters from the keyboard, but th... Konstantin Ab
07:22 AM pfSense Packages Bug #7950 (Feedback): Quagga not displaying status messages on 2.4-rel: It's working fine here. Are all of the daemons running?
Does running one of the status commands at the CLI work?
<... Jim Pingle
06:59 AM pfSense Packages Bug #7950 (Closed): Quagga not displaying status messages on 2.4-rel: See attached screenshot. Quagga is working but no status messages are displayed. Vladimir Lind
06:40 AM Bug #6860 (Feedback): Monitoring (RRD) graphs return "unknown" step value: PR has been merged Renato Botelho
06:20 AM pfSense Packages Bug #7935 (Feedback): FFR doesn't save prefix lists to bgpd.conf: PR has been merged Renato Botelho
06:00 AM Bug #7949 (Feedback): DHCP UEFI file name under pools are ignored: Applied in changeset commit:9d775c7500e1ba09417e106f2ddc81b2cc8e67dc. Renato Botelho
05:47 AM Bug #7949 (Resolved): DHCP UEFI file name under pools are ignored: DHCP Server has places to define 3 files for netboot (BIOS, UEFI 32 and UEFI 64). When these options are configured i... Renato Botelho

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

11/14/2017

11/13/2017

11/12/2017

11/11/2017

11/10/2017

11/09/2017

11/08/2017

11/07/2017

11/06/2017

11/05/2017

11/04/2017

11/03/2017

11/02/2017

11/01/2017

10/31/2017

10/30/2017

10/29/2017

10/28/2017

10/27/2017

10/26/2017

10/25/2017

10/24/2017

10/23/2017

10/22/2017

10/21/2017

10/20/2017

10/19/2017

10/18/2017

10/17/2017

10/16/2017