Activity

30 days up to

User

Subprojects

Activity

From 10/23/2017 to 11/21/2017

11/21/2017

09:36 PM Revision 3e90d18b: local authentication option, use key value instead of translated name.: Pi Ba
07:41 PM pfSense Packages Bug #8115: After update 2.3.4_1-> 2.4.0 ospf over gre looks broken: Sorry picture broken . GRE tunnel inside IPSEC Konstantin Pobudzey
07:39 PM pfSense Packages Bug #8115 (Duplicate): After update 2.3.4_1-> 2.4.0 ospf over gre looks broken: #
#site1 ( 2.3.4_1 )
logs
Nov 4 09:47:58 ospfd 45632 Packet[DD]: Neighbor 10.10.10.18 MTU 1400 is large... Konstantin Pobudzey
03:44 PM Bug #8114 (Not a Bug): DHCPv6 PD client not working after 2.4.2 upgrade: I was just double checking this and confirmed it was working here on a test box. Thanks for the follow-up. Jim Pingle
03:37 PM Bug #8114: DHCPv6 PD client not working after 2.4.2 upgrade: I'm sorry, somehow I made a mistake in my configuration just before the upgrade (disabled interface tracking). After ... Tim Balmer
02:27 PM Bug #8114 (Not a Bug): DHCPv6 PD client not working after 2.4.2 upgrade: I just upgraded from 2.4.1 to 2.4.2 but after the upgrade IPv6 is not working anymore. After checking the logs I see ... Tim Balmer
03:22 PM Revision db28039e: Fixed #8112: Steve Beaver
02:07 PM Bug #8108 (Closed): IPSec NAT issue: Ivor Kreso
02:07 PM Bug #8108: IPSec NAT issue: Please submit a bug with your problem description as we cannot pull random fixes.
Thank you. Ivor Kreso
01:42 PM Bug #8075: OpenVPN binds to wrong interface with no ip on first interface: Workaround: bind both OpenVPNs to 127.0.0.1 (localhost) (use different ports). Then forward these ports to their resp... robi robi
01:38 PM Bug #8089: VLAN page breaks after config restore to new hardware.: Also related to https://redmine.pfsense.org/issues/8076 robi robi
01:33 PM Bug #8089: VLAN page breaks after config restore to new hardware.: Same here.
Workaround is to replace manually interface names from emX to igbX in config.xml, before restoration. robi robi
01:38 PM Bug #8076: User can easily apply an unusable interface configuration after restore: Also related to https://redmine.pfsense.org/issues/8089 robi robi
01:37 PM Bug #8076: User can easily apply an unusable interface configuration after restore: In the interface setup page, when a mismatch of the network interfaces is detected, there should be options to fix VL... robi robi
12:46 PM Bug #8113 (New): MTU setting on bridge, openvpn clients ignored: I set the MTU field in the GUI for a pair of openvpn clients and the bridge interface to 1492.
However, the 'inter... Harry Coin
10:57 AM Feature #6742: OAuth2 authentication for OpenVPN (and for FreeRadius): +1 as well! we are building a ton of infrastructure just to tackle with this issue! would be so great to be able to a... Luis Paolini
10:40 AM Revision 5f56dee4: Bug in get_interface_ip: Global variable $config was not available, and IP was always fetched using find_interface_ip Jackson Laskoski
09:30 AM Bug #8112 (Feedback): Internal IP mask is always reset to /32 when editing a 1:1 NAT: Applied in changeset commit:db28039e4e8606cb8fdb4a342e5193f1a8a3db36. Anonymous
08:10 AM Bug #8112 (Confirmed): Internal IP mask is always reset to /32 when editing a 1:1 NAT: Jim Pingle
04:20 AM Bug #8112 (Resolved): Internal IP mask is always reset to /32 when editing a 1:1 NAT: Hi,
Whenever I edit a _1:1_ NAT, the mask of @Internal IP@ is always reset to @/32@, even when it was set to a diffe... Louis Sautier
04:14 AM Bug #8111: Disabled 1:1 NATs are not passed the "disabled" class (not greyed out): This seems to have been fixed in 2.4. Could we get it backported to 2.3? Louis Sautier
04:06 AM Bug #8111 (Resolved): Disabled 1:1 NATs are not passed the "disabled" class (not greyed out): Hi,
I noticed that _Port Forward_ NATs get a @disabled@ CSS class in addition to the @fa-times@ icon. This makes the... Louis Sautier

11/20/2017

06:07 PM Bug #8061: LAN WAN Interfaces missing in Traffichshaper: I have the same issue. WAN is nfe0. LAN is em0. Corey Boyle
02:49 PM Bug #8110: undefined functions validate_gateway($_post, $id) and save_gateway($_POST, $realid) in system_gateways_edit.php: The update process does check the integrity, but it's possible some other problem (disk issue, for example) can cause... Jim Pingle
02:47 PM Bug #8110: undefined functions validate_gateway($_post, $id) and save_gateway($_POST, $realid) in system_gateways_edit.php: those functions are NOT present in gwlb.inc in my install, and the file is not damaged. Clearly this is a partial upd... Peter Schofield
01:05 PM Bug #8110: undefined functions validate_gateway($_post, $id) and save_gateway($_POST, $realid) in system_gateways_edit.php: Jim Pingle wrote:
> hose functions are defined in source:src/etc/inc/gwlb.inc which is included through functions.in... Random User
12:53 PM Bug #8110 (Not a Bug): undefined functions validate_gateway($_post, $id) and save_gateway($_POST, $realid) in system_gateways_edit.php: Those functions are defined in source:src/etc/inc/gwlb.inc which is included through functions.inc which is included ... Jim Pingle
12:44 PM Bug #8110 (Not a Bug): undefined functions validate_gateway($_post, $id) and save_gateway($_POST, $realid) in system_gateways_edit.php: While setting up he.net 6 to 4 tunnel as per the howto documented in the wiki, I ran into this while making the edits... Peter Schofield
02:23 PM Revision 1248a2fa: Add -i parameter to define SKIP_FNAL_RSYNC: Renato Botelho
02:23 PM Revision 693b0903: Add -i parameter to define SKIP_FNAL_RSYNC: Renato Botelho
02:21 PM Revision 6d448e2a: Add -i parameter to define SKIP_FNAL_RSYNC: Renato Botelho
02:21 PM Revision 1de3ef87: Add -i parameter to define SKIP_FNAL_RSYNC: Renato Botelho
02:21 PM Revision 158999e9: Add -i parameter to define SKIP_FNAL_RSYNC: Renato Botelho
01:42 PM Revision 196427f9: Add missing %%REPO_BRANCH_PREFIX%%: Renato Botelho
01:42 PM Revision 4b1f7145: Add missing %%REPO_BRANCH_PREFIX%%: Renato Botelho
01:28 PM Revision 98476258: Prevent Clickjacking in CSRF error page: Yorick Koster
01:21 PM Revision 386d89b0: Prevent Clickjacking in CSRF error page: (cherry picked from commit 6026c9dabdd66a154c8a9a5170947ea098959835) Jim Pingle
01:21 PM Revision 6026c9da: Prevent Clickjacking in CSRF error page: Jim Pingle
01:15 PM Revision ae268fd4: Point release to 2.4.2: Renato Botelho
01:14 PM Revision cf34b5d1: Fill REPO_BRANCH_PREFIX on poudriere make.conf: Renato Botelho
01:14 PM Revision 1b3abaab: Use REPO_BRANCH_PREFIX to define POUDRIERE_PORTS_GIT_URL: Renato Botelho
01:14 PM Revision 77c66e2d: Merge pull request #3871 from ykoster/master: Jim Pingle
01:14 PM Revision 55c31005: Stop trying to guess REPO_BRANCH_PREFIX: Renato Botelho
01:11 PM Revision b40ac1b2: Reduce the need to always track branch changes for factory: Renato Botelho
01:11 PM Revision a6e2c666: Remove specific repository for 2.4.2-RC: Renato Botelho
01:08 PM Revision efd01b2c: Point release to 2.4.2: Renato Botelho
01:07 PM Revision fc960e71: Fill REPO_BRANCH_PREFIX on poudriere make.conf: Renato Botelho
01:07 PM Revision 3f7100c1: Use REPO_BRANCH_PREFIX to define POUDRIERE_PORTS_GIT_URL: Renato Botelho
01:05 PM Revision 385e812b: Stop trying to guess REPO_BRANCH_PREFIX: Renato Botelho
01:05 PM Revision 9765570d: Reduce the need to always track branch changes for factory: Renato Botelho
01:01 PM Revision 4d07faca: Remove specific repository for 2.4.2-RC: Renato Botelho
12:49 PM Revision 441d1d4f: Make RELEASE repo branch point to 2.4.2: Renato Botelho
12:41 PM Revision 84a6c526: Fill REPO_BRANCH_PREFIX on poudriere make.conf: Renato Botelho
12:41 PM Revision e60d620b: Use REPO_BRANCH_PREFIX to define POUDRIERE_PORTS_GIT_URL: Renato Botelho
12:40 PM Revision 9a8b9949: Stop trying to guess REPO_BRANCH_PREFIX: Renato Botelho
12:40 PM Revision 3d2dba58: Reduce the need to always track branch changes for factory: Renato Botelho
12:39 PM Revision fd50e40e: Remove specific repository for 2.4.2-RC: Renato Botelho
12:36 PM Revision c1f18417: Fill REPO_BRANCH_PREFIX on poudriere make.conf: Renato Botelho
12:35 PM Revision 6c9689f4: Use REPO_BRANCH_PREFIX to define POUDRIERE_PORTS_GIT_URL: Renato Botelho
12:34 PM Revision 97f3f602: Stop trying to guess REPO_BRANCH_PREFIX: Renato Botelho
12:34 PM Revision 743cc0cc: Reduce the need to always track branch changes for factory: Renato Botelho
12:31 PM Revision 2d982d5b: Remove specific repository for 2.4.2-RC: Renato Botelho
12:09 PM Revision 8ffdcf26: Fill REPO_BRANCH_PREFIX on poudriere make.conf: Renato Botelho
11:48 AM Revision 568caf26: Use REPO_BRANCH_PREFIX to define POUDRIERE_PORTS_GIT_URL: Renato Botelho
11:48 AM Revision 956f71e8: Stop trying to guess REPO_BRANCH_PREFIX: Renato Botelho
11:42 AM Feature #8109 (Duplicate): UPnP & NAT-PMP ACL Aliases: Not sure if it's possible, but being able to use aliases in UPnP & NAT-PMP ACLs would be great.
That way I can jus... Jonny Proud
11:31 AM Revision eacf9c93: Reduce the need to always track branch changes for factory: Renato Botelho
11:16 AM Revision 819e3ba4: Remove specific repository for 2.4.2-RC: Renato Botelho
11:14 AM Revision 8ab2e1ac: It's 2.4.2-RELEASE time: Renato Botelho
11:11 AM Revision 79a33eba: Send images to release-staging when SKIP_FINAL_RSYNC is set: Renato Botelho
11:11 AM Revision 2bf444aa: Send images to release-staging when SKIP_FINAL_RSYNC is set: Renato Botelho
11:11 AM Revision 8a0db282: Send images to release-staging when SKIP_FINAL_RSYNC is set: Renato Botelho
11:11 AM Revision dab621ab: Send images to release-staging when SKIP_FINAL_RSYNC is set: Renato Botelho
11:10 AM Revision 3c489426: Send images to release-staging when SKIP_FINAL_RSYNC is set: Renato Botelho
10:35 AM Bug #8108 (Closed): IPSec NAT issue: Hi,
I was searching to resolve a IPSec NAT issue on my platform and I found this bug on OpenSense (pfSense fork) :... Thomas du Boÿs
06:53 AM Bug #8003: IPsec weirdness with 2.4.1: I've had these problems, as well as duplicate entries in the list, one in the state 'CONNECTING' and one in the state... Ges Ture

11/19/2017

07:44 PM Revision c4212dc6: Prevent Clickjacking in CSRF error page: Yorick Koster
04:11 PM Bug #6812: IPsec filterdns crash: This issue has not surfaced again. I agree with Jim Pingle. Anonymous
01:05 PM Feature #6742: OAuth2 authentication for OpenVPN (and for FreeRadius): +1 on this. Would love to see OAuth2 integration. We have some legacy local AD servers that we leverage today. I'd li... Mike Sith
02:41 AM Bug #5319: Error message "No config named" in charon daemon: Bug is also present in 2.4-rel Vladimir Lind

11/18/2017

11:01 PM Revision 19f3d39a: fix for leftover dhcp6c lock file(s) after unclean shutdown: J L
03:21 PM Bug #8106: dhcp6c lock files not removed after unclean shutdown when using "Do not wait for an RA" on IPv6 WAN interface: Martin Wasley wrote:
> Just do a PR on it Luke, it'll get reviewed there as part of the process.
Done: https://gi... J L
02:55 PM Bug #8106: dhcp6c lock files not removed after unclean shutdown when using "Do not wait for an RA" on IPv6 WAN interface: Just do a PR on it Luke, it'll get reviewed there as part of the process.
Martin Wasley
02:43 PM Bug #8106 (Resolved): dhcp6c lock files not removed after unclean shutdown when using "Do not wait for an RA" on IPv6 WAN interface: When using a WAN connection with IPv6 that requires the "Do not wait for an RA" option if the router has an unclean s... J L
02:53 PM Feature #8107 (Rejected): SG1000 Manually set time: SG1000 has no RTC, would be handy to be able to set the time when access to a NTP server is not available. Richard Rose

11/17/2017

08:21 AM Bug #8105 (Duplicate): Traffic Shaper on VLan, not work.: Duplicate of #8007 - already fixed in 2.4.2 Jim Pingle
08:14 AM Bug #8105 (Duplicate): Traffic Shaper on VLan, not work.: Hi,
I have a coreboot v4.0 APU (AMD G-T40E Processor 2 CPUs) with 3 LANs and on one of them (Re1) 4 Vlans are co... Dino Iavarone
06:27 AM Bug #8104 (Rejected): Pfsense 2.4.1: Not nearly enough information here to form a valid bug report. Please post on the forum, mailing list, or reddit to d... Jim Pingle
01:52 AM Bug #8104 (Rejected): Pfsense 2.4.1: Hi Server I've installed Pfsense 2.4.1 on 2012R2 Hyperv and after a while I've got to remove the PFSense which was co... Landforces turkuaz

11/16/2017

10:11 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM): I also just updated to 2.4.2.a.20171116.0841 and IPv6 looks to be working on my SG-3100. My client machines are gett... Dave Pugh
09:53 PM pfSense Packages Bug #8103 (Resolved): squid monitor using hard coded logs location: Hello,
in /usr/local/www/squid_monitor_data.php log directory is hardcoded, ignoring config.
Line 35
@- $log =... Nano Caiordo
07:50 PM Revision 90e5e32c: Fixed it so it will validate that it is an image uploaded and not something else: Stephen Jones
07:45 PM Revision 06930018: Fixed it so it will validate that it is an image uploaded and not something else: Stephen Jones
06:44 PM Revision 0e7cd50a: Enable pfSense-repo-242: Renato Botelho
06:44 PM Revision dacf190b: Add new 2.4.2-RC repo: Renato Botelho
06:42 PM Revision 0de59d07: Enable pfSense-repo-242: Renato Botelho
06:42 PM Revision d292d1fd: Add new 2.4.2-RC repo: Renato Botelho
06:42 PM Revision 1afb28da: Enable pfSense-repo-242: Renato Botelho
06:42 PM Revision fa0c3302: Add new 2.4.2-RC repo: Renato Botelho
06:40 PM Revision ef2c3373: Change default repo to 2.4.2: Renato Botelho
06:39 PM Revision 15514a9e: Add upgrade notice include file: Steve Beaver
06:39 PM Revision 08da8b84: Add upgrade notice to dashboard: Steve Beaver
06:38 PM Revision 69b8e3b3: Enable pfSense-repo-242: Renato Botelho
06:38 PM Revision e47f7cc1: Create a new repo conf for 2.4.2-RC and make sure stable still points to 2.4.1: Renato Botelho
06:38 PM Revision f6bf038c: Revert "Too soon for 2.4.2 here. It's in RC yet": This reverts commit 0d4732de2d90792e3a7054705fcdeb7face1bcce. Renato Botelho
06:34 PM Revision 7c28ebe6: Enable pfSense-repo-242: Renato Botelho
06:34 PM Revision 28513d71: Create a new repo conf for 2.4.2-RC and make sure stable still points to 2.4.1: Renato Botelho
06:15 PM Revision 4a670606: Add upgrade notice include file: Steve Beaver
06:15 PM Revision 8ba87e85: Add upgrade notice to dashboard: Steve Beaver
05:57 PM Revision 0d4732de: Too soon for 2.4.2 here. It's in RC yet: Renato Botelho
05:36 PM Revision e6649a9c: Welcome 2.4.2-RC: Renato Botelho
05:34 PM Revision 3e496fa4: Bump version to 2.4.3-DEVELOPMENT: Renato Botelho
04:41 PM Revision 7f8d1f31: Revise modal notice header: Steve Beaver
04:37 PM Revision 89053468: Provide a simple mechanism for pakage installer to display a notice to the user. (Such as: Firewall must be rebooted before this package becomes available"): Steve Beaver
02:24 PM Feature #8102 (Rejected): Send an e-mail message when a core dump is generated: I've been in a situation where a recursive alias has caused the filter reload to never complete, but creating a core ... Ugo Bellavance
01:15 PM Feature #8101 (Resolved): Filter loop prevention: When doing aliases, can we have a check if name = value and reject the change or at least show a warning?
Chris Macmahon
12:36 PM Bug #8097 (Resolved): Captive Portal RADIUS bw_up/bw_down can feed a non-integer value to ipfw, resulting in incorrectly parsed throughput values: Jim Pingle
12:29 PM Bug #7975 (Feedback): ESXi 6.5 UEFI boot stops at framebuffer info: The changed that possibly cause this issue was reverted, please check with the next snapshot. Luiz Souza
12:27 PM Bug #7710 (Feedback): IGMP Proxy: The support for all-multicast mode is now implemented.
Please check with the next 2.4.2 snapshot. Luiz Souza
10:34 AM Bug #8098 (Resolved): interfaces_ppps_edit.php: Link paramter fields (bandwidth, mtu, mru, mrru) not shown when a VLAN is the parent: Jim Pingle
09:04 AM Bug #6335 (Resolved): Status > IPsec shows both connected and disconnected with Split Connections enabled: Anonymous
08:32 AM Bug #7896 (Resolved): picture_widget.php: Looks good now, thanks! Jim Pingle
06:09 AM pfSense Packages Bug #8047: XG-2758 - Coreboot Upgrade - Different ROM size: According ADI engineers XG-2758 requires a physical power cycle after upgrade coreboot and because package tries to r... Renato Botelho
03:10 AM Bug #8074: Captive Portal RADIUS WISPr-Bandwith-Up value used incorrectly creating Limited rules: Thanks, yes I must have typed that too fast, fingers going faster than brain :-) Richard Gate

11/15/2017

10:07 PM Revision 00fc2d5e: Fixed #7896 Made sure only images could be uploaded and validated on the server to make sure it is an image and not something else.: Stephen Jones
05:37 PM Revision 48f08ba1: Tweak the formatting of the disk usage section of the system info widget: Jim Pingle
05:31 PM Revision 3bb0275d: Fixed #8098 by converting the '.' in interfaces names to '_' when used to compose an HTML element class name: Steve Beaver
04:49 PM Revision 68eacaa2: fix for broken preselection of select boxes: Peter Schofield
04:20 PM Bug #8100: pfsync Initially Deletes States on Primary for Connections Established through Secondary: Attached complete pcaps of sync interfaces. Chris Linstruth
04:06 PM Bug #8100 (New): pfsync Initially Deletes States on Primary for Connections Established through Secondary: Steps to duplicate:
Create a typical HA pair.
Enter Persistent CARP Maintenance Mode on Primary to initiate a fai... Chris Linstruth
04:20 PM Bug #7896 (Feedback): picture_widget.php: Applied in changeset commit:00fc2d5eeec0954052e54e7da3aa601c0570cfc8. Anonymous
03:00 PM Bug #7896 (Assigned): picture_widget.php: If you save the widget with no picture, it makes a link that says "picture" and that still has the original problem.
... Jim Pingle
03:43 PM Bug #1698 (Resolved): IPSec tunnel from CARP backup interface: Jim Pingle
03:43 PM Bug #1943 (Closed): PPPoE won't reconnect after link loss when using vr(4) NICs on certain ISPs only: This bug was specific to vr(4) and the only major platform using vr(4) NICs is 32-bit only, which is no longer suppor... Jim Pingle
03:40 PM Bug #6200 (Not a Bug): LACP with em driver does not work with cisco active lacp setup: This is working fine on current versions and no additional feedback. Closing. Jim Pingle
03:39 PM Bug #6206 (Resolved): Default icmp6 pass-rules are added even when ipv6 is "disabled" by user: Jim Pingle
03:38 PM Bug #6344 (Resolved): Firewall rules being deleted when separators are added: Jim Pingle
03:37 PM Bug #6990 (Not a Bug): DDNS IPs not updating after a system restart: This is working fine on current versions for myself and others, if there is still a problem with this on 2.4 it may b... Jim Pingle
03:35 PM Bug #7157 (Resolved): Traffic graphs cause the tab to crash when run in the background: Jim Pingle
03:35 PM Bug #7378 (Resolved): pfctl: ix0: driver does not support altq: Jim Pingle
03:34 PM Bug #7606 (Resolved): Using limiters and VLANs on Supermicro Xeon D boards crashes with kernel panic: This appears to be working fine on current versions and no additional feedback from the user. Closing. Jim Pingle
03:32 PM pfSense Packages Bug #7944 (Resolved): Bind XMLRPC Sync Error: Jim Pingle
03:29 PM Bug #1052 (Resolved): Certificate validation of the LDAPS servers is not enforced: This is working fine on current versions and has been for some time now. Closing. Jim Pingle
03:27 PM Bug #682 (Resolved): WAN traffic graph is broken with MLPPP: Jim Pingle
03:27 PM Bug #5550 (Resolved): Viewing NTP service info (/services_ntpd.php) triggers lots of email alerts: This is working fine on current versions and no additional feedback from the user. Closing. Jim Pingle
03:26 PM Bug #4365 (Resolved): ALTQ Traffic Shaping is not working in pfSense 2.2 when run on Hyper-V 2012 R2: Try again on 2.4, if it is possible, it should work there. Jim Pingle
03:25 PM Bug #5958 (Not a Bug): Stale Aliases - upstream DNS changes do not update firewall rules that are based on aliases: This is working fine on current versions and no additional feedback from the user. Closing. Jim Pingle
03:24 PM Bug #6205 (Resolved): VLAN tagging in Hyper-V guest not working?: Lots of changes in FreeBSD for Hyper-V since this went in, try again on 2.4.x. Jim Pingle
03:24 PM Bug #4805 (Resolved): Using FQDN and IP in alias causes static entries to be lost: Jim Pingle
03:23 PM Bug #6423 (Not a Bug): WAN doesn't reconnect on dropped PPPoE session: No sign of any issues with dropped PPPoE sessions on any current version. Jim Pingle
03:22 PM Bug #6487 (Not a Bug): PfSense crashes during boot at configuring LAGG interfacess: Jim Pingle
03:22 PM Bug #6812 (Not a Bug): IPsec filterdns crash: No other reports and it's working fine for others. Either was a temporary glitch or something on that system at the t... Jim Pingle
03:20 PM Bug #6572 (Duplicate): Config sync hangs php-fpm on secondary: From the symptoms, I'd say this is likely either already fixed or the same issue as #7469 Jim Pingle
03:14 PM pfSense Packages Bug #6818 (Not a Bug): WAN traffic graph displays inverted bandwidth columns: Jim Pingle
03:13 PM Bug #7213 (Resolved): Hyper-V install, no disk found: Jim Pingle
03:11 PM Bug #7249 (Resolved): firewall_rules.php & firewall_nat.php: Replaces underscores with spaces in aliase names: Jim Pingle
03:10 PM Bug #7305 (Resolved): widget "squid antivirus status": Jim Pingle
03:10 PM Bug #7372 (Resolved): Cannot filter ICMP Type SKIP: Jim Pingle
03:09 PM Bug #7570 (Not a Bug): openvpn_wizard old error message: Jim Pingle
03:07 PM pfSense Packages Bug #7752 (Not a Bug): Squid 3 reverse proxy - HTTPS==>HTTP fails: Jim Pingle
03:05 PM Bug #7808 (Resolved): Dashboard brakes when adding widgets: There has been some focus on the installed packages widget lately, such as #8035. The widget works fine now and doesn... Jim Pingle
03:03 PM Bug #7817 (Not a Bug): Login CSRF token fail on boot.: I still can't duplicate this here, and it's entirely possible other changes since the original report have addressed ... Jim Pingle
02:56 PM Bug #8010 (Not a Bug): import cert: "The submitted private key does not match the submitted certificate data": Jim Pingle
02:53 PM Bug #8041 (Resolved): Missing download images for i386 platform: Jim Pingle
02:52 PM Bug #8091: Limiters with fractional bandwidth values are not loaded correctly: I fixed the backend of this on #8097 so the pipe bandwidths should be OK, but there is still that weird GUI issue whe... Jim Pingle
02:50 PM Bug #8074 (Duplicate): Captive Portal RADIUS WISPr-Bandwith-Up value used incorrectly creating Limited rules: I didn't notice this one, but the description was not quite right. The real bug is in #8097 and there is a fix in 2.4... Jim Pingle
02:47 PM Bug #8053 (Resolved): Firewall Rule IPv6 Gateway Cannot Be Selected: Jim Pingle
02:38 PM Revision 529fbbfd: Improves bug#6400 further reducing page load time from my previous commit: Moved select box generation code out of interface display loop, meaning it runs once iterating over count(interfaces)... Peter Schofield
02:01 PM Revision 7c4e07c6: Ensure that the value passed to ipfw pipes is always an integer, no matter the source. Fixes #8097: Jim Pingle
02:00 PM pfSense Packages Bug #7935 (Resolved): FFR doesn't save prefix lists to bgpd.conf: It's there, the one box I checked apparently had a stale copy of frr_bgp.inc from earlier dev work. Jim Pingle
11:40 AM Bug #8098: interfaces_ppps_edit.php: Link paramter fields (bandwidth, mtu, mru, mrru) not shown when a VLAN is the parent: Applied in changeset commit:3bb0275d75b47833e4d15a0e7d78883792f7cfd2. Anonymous
11:37 AM Bug #8098 (Feedback): interfaces_ppps_edit.php: Link paramter fields (bandwidth, mtu, mru, mrru) not shown when a VLAN is the parent: Anonymous
10:10 AM Bug #8098 (Resolved): interfaces_ppps_edit.php: Link paramter fields (bandwidth, mtu, mru, mrru) not shown when a VLAN is the parent: On interfaces_ppps_edit.php the linkparam block of options is shown and hidden in some cases, but the interface name ... Jim Pingle
10:33 AM pfSense Packages Feature #8099 (Closed): Add more configuration flexibility to Telegraf: Users should be able to include custom configurations and/or be able to include inputs relevant to their installed pa... Doug Dimick
08:47 AM Bug #8097: Captive Portal RADIUS bw_up/bw_down can feed a non-integer value to ipfw, resulting in incorrectly parsed throughput values: I also changed FreeRADIUS 3.x to use 1000 as its multiplier to match the 1000 used by Captive Portal: https://github.... Jim Pingle
08:10 AM Bug #8097 (Feedback): Captive Portal RADIUS bw_up/bw_down can feed a non-integer value to ipfw, resulting in incorrectly parsed throughput values: Applied in changeset commit:7c4e07c625f21bb67370cffe8a6b3bd0c322fe5b. Jim Pingle
07:52 AM Bug #8097 (Resolved): Captive Portal RADIUS bw_up/bw_down can feed a non-integer value to ipfw, resulting in incorrectly parsed throughput values: The Limiter GUI and Captive Portal GUI locations to set bandwidth up/down enforce that the bandwidth value must be an... Jim Pingle
07:18 AM Bug #8094 (Not a Bug): not able to scroll in sub menu on mobile devices: It's only doing what it's been told to do. System > General Setup, you have top navigation set to "Fixed". Change it ... Jim Pingle
02:39 AM Bug #8094 (Not a Bug): not able to scroll in sub menu on mobile devices: this issue has been since long on the new web GUI where when you open it on any mobile and you want to goto any sub m... Bipin Chandra
04:32 AM Bug #8096 (Duplicate): Special characters not propagated by the config sync engine: Hi,
We use configuration synchronisation between two pfSense boxes to sync a list of firewall aliases and rules. T... Marin Bernard
04:07 AM Bug #8095 (New): Unescaped simple quotes break JavaScript features when the French translation is enabled: Hi,
In pfSense 2.4.1-RELEASE, the French translation includes several strings with unescaped simple quotes, which ... Marin Bernard

11/14/2017

05:25 PM Revision 7b60eb49: Fixed #8053: value vs text on Gateway selector
(cherry picked from commit 947394d291c2341afa24d3829d19721af20723df) Steve Beaver
04:53 PM Revision 947394d2: Fixed #8053: value vs text on Gateway selector Steve Beaver
03:51 PM pfSense Packages Feature #3478 (Resolved): OpenVPN Client Export Utility - save preferred settings: This has been in the export package for a while now. Jim Pingle
03:50 PM pfSense Packages Bug #6305: Quagga problems updating routes / mistakenly showing "kernel"-routes while they are not: If this still happens with Quagga, give FRR a try instead. Jim Pingle
03:49 PM pfSense Packages Bug #6449 (Rejected): Email Reports not wait a long command end to send the report.: This is almost certainly a configuration issue, likely from not using the full path to all commands involved. Follow ... Jim Pingle
03:47 PM pfSense Packages Bug #7470 (Closed): Status Traffic Totals - March 2017 is missing: Must be a quirk in vnstat handling of daylight saving time. The duplicate entries are not present now that DST has en... Jim Pingle
03:44 PM pfSense Packages Bug #7613 (Closed): quagga not starting after upgrade - initial boot: I haven't seen this happen in quite some time. It starts up after every upgrade here, and I upgrade test VMs with qua... Jim Pingle
03:44 PM pfSense Packages Bug #7736 (Resolved): Crahs with Quagga OSPF and the latest 2.4 Beta: Jim Pingle
03:44 PM pfSense Packages Bug #7820 (Closed): 2.4: dnsmasq can no longer handle punycode, compile time options change?: Jim Pingle
03:43 PM pfSense Packages Bug #7859 (Resolved): FRR doesn't use the raw config setting: Jim Pingle
03:43 PM pfSense Packages Bug #7935 (Assigned): FFR doesn't save prefix lists to bgpd.conf: Looks like that line was clobbered, probably by accident when I was making an update recently. I'll check it out again. Jim Pingle
03:41 PM pfSense Packages Bug #7950 (Closed): Quagga not displaying status messages on 2.4-rel: Closing, unable to reproduce. Jim Pingle
03:39 PM pfSense Packages Bug #7952 (Closed): OpenVPN export package for Windows flagged by a few AV's: No further reports, must have been a temporary false positive. Not much we could do about it anyhow. Jim Pingle
02:16 PM Bug #6406 (Resolved): Web process becomes unresponsive producing 502 Bad Gateway nginx: Anonymous
11:51 AM Revision 5228a05a: Enable devel/php-xdebug: Renato Botelho
11:50 AM Revision e065e756: Enable devel/php-xdebug: Renato Botelho
11:32 AM Revision 557f7ad0: Update translation files: Renato Botelho
11:26 AM Revision 3a80a823: Regenerate pot: Renato Botelho
11:23 AM Feature #8082 (Resolved): OpenVPN Redirect Gateway Option Only Works for IPv4: Jim Pingle
11:20 AM Feature #8082: OpenVPN Redirect Gateway Option Only Works for IPv4: On pfSense-netgate-memstick-ADI-2.4.2-DEVELOPMENT-amd64-20171114-0626 works as expected. Anonymous
11:23 AM Bug #8088 (Resolved): vpn_openvpn_client.php: CRL Selection is not saved or used: Jim Pingle
11:11 AM Bug #8088: vpn_openvpn_client.php: CRL Selection is not saved or used: Works as expected in pfSense-netgate-memstick-ADI-2.4.2-DEVELOPMENT-amd64-20171114-0626. Anonymous
11:00 AM Bug #8053 (Feedback): Firewall Rule IPv6 Gateway Cannot Be Selected: Applied in changeset commit:947394d291c2341afa24d3829d19721af20723df. Anonymous
09:16 AM Bug #8053 (Assigned): Firewall Rule IPv6 Gateway Cannot Be Selected: The GUI part appears correct but it's storing an incorrect value into config.xml and the gateway isn't reflected in t... Jim Pingle
08:55 AM Bug #8093 (Not a Bug): webConfigurator LDAP Authentication Issue in High Availability Cluster Configuration: The authentication source for the user manager is not a setting that synchronizes as a part of XMLRPC configuration s... Jim Pingle
08:47 AM Bug #8093 (Not a Bug): webConfigurator LDAP Authentication Issue in High Availability Cluster Configuration: I discovered the following issue in my pfsense 2.4.1 (amd64) high availability configuration.
When I configure an ... Nico Seeburger
04:36 AM Bug #8092 (Resolved): Captive Portal Allowed MAC bandwidth changes: Hi,
I've seen these in all of my pfsense devices.
Allowed Mac address changes in bandwidth doesn't apply.
Tried... Jesnar Miranda

11/13/2017

04:44 PM Revision 37f05e97: Add a separate checkbox for OpenVPN servers to redirect an IPv6 gateway now that OpenVPN has a native flag for it. Implements #8082: While here, since local network boxes are hidden when redirect gateway is enabled, do not use the values in those box... Jim Pingle
04:39 PM Bug #8042: VLAN Priority on dhcpc6c packets is not set. REF #7973: Nic, I can send you the updated dhcp6c client, it all works very nicely along with the PR 3862 Patch ID 6b8680a, it w... Martin Wasley
02:15 PM Bug #8042: VLAN Priority on dhcpc6c packets is not set. REF #7973: Martin Wasley wrote:
> Although VLAN tagging now works, it does not work for dhcp6c. @jimp suggested to @kwillers th... Nicolas Scheffer
04:15 PM Revision 97339595: Fix saving the CRL choice for OpenVPN clients. Fixes #8088: (cherry picked from commit 5bd94e5f2e3a4b694e3cfa91d16dab76078c118b)
(cherry picked from commit 2055285920b2714b71159... Jim Pingle
04:15 PM Revision 20552859: Fix saving the CRL choice for OpenVPN clients. Fixes #8088: (cherry picked from commit 5bd94e5f2e3a4b694e3cfa91d16dab76078c118b) Jim Pingle
04:04 PM Revision 5bd94e5f: Fix saving the CRL choice for OpenVPN clients. Fixes #8088: Jim Pingle
02:28 PM Bug #7425: dhclient not sending option 77: I agree with Nicolas,
we are quite a few to replace the Pfsense binaries to make this scenario work in France.
Re... Eric Scherlinger
02:11 PM Bug #7425: dhclient not sending option 77: Jim Pingle wrote:
> Moving target to 2.4.2 as we need 2.4.1 sooner than anticipated.
This option is mandatory to ... Nicolas Scheffer
02:27 PM pfSense Packages Bug #8047: XG-2758 - Coreboot Upgrade - Different ROM size: Update from the customer in my initial post:
Confirmed. After power cycling, the version reported was 01.00.00.18. Clinton Cory
12:06 PM pfSense Packages Bug #8047: XG-2758 - Coreboot Upgrade - Different ROM size: Update from the customer in my previous comment:
The BIOS now shows the latest version. Apparently a physical shut... Clinton Cory
11:40 AM pfSense Packages Bug #8047: XG-2758 - Coreboot Upgrade - Different ROM size: After powering off/on the equipment, the system shows the latest version number with the proper serial (I had no phys... Jose Luis Duran
10:41 AM pfSense Packages Bug #8047: XG-2758 - Coreboot Upgrade - Different ROM size: Here is an older report from another customer who initially reported this:
After trying to upgrade coreboot from 01.... Clinton Cory
09:56 AM pfSense Packages Bug #8047: XG-2758 - Coreboot Upgrade - Different ROM size: Example report from a customer (serial omitted):
Running 2.4.1 and trying to update Netgate Coreboot from 01.00.00.0... Clinton Cory
09:53 AM pfSense Packages Bug #8047: XG-2758 - Coreboot Upgrade - Different ROM size: Example screenshots attached. Clinton Cory
02:07 PM Bug #8085: DHCP deny client - breaks DHCP pool: I have verified that you generate the config file correctly. After trying to reproduce this again today, it appears t... Ken Bass
01:27 PM Bug #8085: DHCP deny client - breaks DHCP pool: It's not a bug in pfSense - we generate the configuration file correctly. If there is any issue it is one directly in... Jim Pingle
01:20 PM Bug #8085: DHCP deny client - breaks DHCP pool: I don't understand how this is Not a bug - forget about what I was trying to accomplish.
On the main LAN interface... Ken Bass
01:04 PM Bug #8085 (Not a Bug): DHCP deny client - breaks DHCP pool: The GUI places the directives in the correct places, within the specified pools, so there isn't any bug here.
That... Jim Pingle
01:22 PM Bug #8091: Limiters with fractional bandwidth values are not loaded correctly: If you have Limiters configured like that you can edit the values in the config file directly and re-save them in the... Steve Wheeler
12:53 PM Bug #8091 (Resolved): Limiters with fractional bandwidth values are not loaded correctly: IPFW is not loading the /tmp/rules.limiter file correctly in 2.4.X if the specified bandwidth value is not a whole nu... Steve Wheeler
12:33 PM Feature #8090 (Closed): Log Action of traffic when using float rule match to log traffic: It can't log "pass" or "block" because the log wasn't triggered by a pass or block rule. It doesn't have that kind of... Jim Pingle
12:11 PM Feature #8090 (Closed): Log Action of traffic when using float rule match to log traffic: I have a rule in float rules, which is set as follows.
Action: Match
Interface: LAN,DMZ
Family Address: IPV4
Pr... Jonny Proud
11:10 AM Bug #8089: VLAN page breaks after config restore to new hardware.: Sorry Affected Version is 2.4.1 Bridgetowermedia IT
11:09 AM Bug #8089 (New): VLAN page breaks after config restore to new hardware.: The VLAN interface page breaks after restoring a backup from devices using emX interfaces to devices using igbX inter... Bridgetowermedia IT
11:09 AM Bug #8022 (Resolved): radvd receives SIGBUS on SG-3100 (ARM): Renato Botelho
10:36 AM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM): Luiz Souza wrote:
> The regression was fixed.
>
> Thanks for reporting.
Updated, looks good.
Daryl Morse
08:52 AM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM): The regression was fixed.
Thanks for reporting. Luiz Souza
11:00 AM Feature #8082 (Feedback): OpenVPN Redirect Gateway Option Only Works for IPv4: Applied in changeset commit:37f05e979280123760a0d7508c4ea9dccaa2a542. Jim Pingle
10:42 AM Feature #8082 (Assigned): OpenVPN Redirect Gateway Option Only Works for IPv4: There was a ticket for this already at #6483 but that one had some really outdated info so I'll keep this one.
I'v... Jim Pingle
10:58 AM pfSense Packages Feature #7376 (Closed): ACME Package - Please add support Namecheap DNS service: Looks like Namecheap's API is problematic for this use case. acme.sh decided not to attempt supporting it. Aside from... Jim Pingle
10:53 AM pfSense Packages Feature #7377 (Resolved): ACME Certificate DNS-Digitalocean Verification Method: DigitalOcean support is present in the current ACME package. Jim Pingle
10:52 AM pfSense Packages Todo #7658 (Resolved): BGP support in Quagga: Raw config support is there now. If that isn't sufficient, switch to FRR which has a full BGP GUI. Jim Pingle
10:50 AM pfSense Packages Feature #7824 (Resolved): [acme / Let's Encrypt] Bump to the latest acme.sh package: This was merged some time ago and is in the current package. Jim Pingle
10:41 AM Feature #6483 (Duplicate): Add OpenVPN redirect-gateway option for IPv6: OpenVPN has a native flag for this now, closing in favor of #8082 since the info here is outdated and that one is cur... Jim Pingle
10:20 AM Bug #8088 (Feedback): vpn_openvpn_client.php: CRL Selection is not saved or used: Applied in changeset commit:5bd94e5f2e3a4b694e3cfa91d16dab76078c118b. Jim Pingle
10:07 AM Bug #8088 (Resolved): vpn_openvpn_client.php: CRL Selection is not saved or used: When saving an OpenVPN client, the CRL field value is not saved in config.xml and it is not used in the client. Jim Pingle
12:23 AM Bug #8087 (New): Provide Calling-Station-ID to RADIUS backed VPN connections: I'm using Duo 2fa radius proxy to connect to the on board RADIUS server in PFsense and am not getting an IP or a user... Sunrunner20 20

11/12/2017

08:40 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM): Random User wrote:
> Luiz Souza wrote:
> > the new (and working) version will be available in the next 2.4.2 snapsh... Daryl Morse
04:50 PM Bug #8086 (Closed): DHCPv6 no longer working: Upgraded from 2.3 and I no longer have a DHCP v6 address from Comcast.
Attach log file snippet almost looks like d... Ken Bass
04:45 PM Bug #8085 (Not a Bug): DHCP deny client - breaks DHCP pool: I decided that on my LAN I mainly wanted DHCP to be handed out to the static mappings and I wanted the static mapping... Ken Bass
12:21 PM Revision 772a7b3d: refactored interfaces_assign.php to to benefit people with large numbers of VLANs, as requested on the forum at https://forum.pfsense.org/index.php?topic=137391.0. Also contains a minor speedup for interfaces_vlan.php. Modified functions are contained in interfaces_fast.inc. Profiling code is still present but commented out, as is replaced code.: Peter Schofield
07:03 AM Feature #8084 (Duplicate): Implementação do Login Social no Captive Portal: Sugestão de implementação do Login Social no Captive Portal. Valdir Martins

11/11/2017

06:32 PM Bug #8083 (Duplicate): No Auto-reboot after guided ZFS installation: Duplicate of #7307 Jim Pingle
05:42 PM Bug #8083 (Duplicate): No Auto-reboot after guided ZFS installation: vt100
Accept
Install pfSense
Default Keymap
Auto (ZFS)
Proceed with Installation
Stripe - No Redundancy
da1
... Chris Linstruth
05:24 PM Feature #8082 (Resolved): OpenVPN Redirect Gateway Option Only Works for IPv4: The "Redirect Gateway" checkbox on the OpenVPN server settings page appears to only push the "redirect-gateway def1" ... Steve Matos
03:16 PM Bug #8081 (Closed): NICs malfunction: On a firewall with 8 NICs:
igb0: <Intel(R) PRO/1000 Network Connection, Version - 2.5.3-k>
igb1: <Intel(R) PRO/10... Giovanni Berisso
01:38 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM): Luiz Souza wrote:
> the new (and working) version will be available in the next 2.4.2 snapshot.
That commit rende... Random User
10:31 AM Bug #8074: Captive Portal RADIUS WISPr-Bandwith-Up value used incorrectly creating Limited rules: Some more info.
I also get this problem in version 2.4.1
I've been looking at the code in /etc/inc/captiveportal.in... Richard Gate
10:31 AM Bug #8079 (Resolved): XMLRPC Issues with Captive Portal Vouchers: Jim Pingle
10:19 AM Bug #8079: XMLRPC Issues with Captive Portal Vouchers: Tested latest snapshot 2.4.2.a.20171110.1936. Works here. Chris Linstruth
07:52 AM Bug #8080 (Resolved): DHCPv6 + SLAAC SG1000: Thank you James. Luiz Souza
05:43 AM Bug #8080: DHCPv6 + SLAAC SG1000: I can also confirm that after upgrading to the latest 2.4.2 development snapshot that the issue is resolved and radvd... James Webb
05:16 AM Bug #8080: DHCPv6 + SLAAC SG1000: On further inspection after clearing the log file and force restarting radvd, the routing log file simply consists of... James Webb

11/10/2017

10:07 PM Bug #8079: XMLRPC Issues with Captive Portal Vouchers: That snapshot is not recent enough to contain the changes Jim Pingle
09:34 PM Bug #8079: XMLRPC Issues with Captive Portal Vouchers: Tested in Current Base System 2.4.2.a.20171110.1037
Still produces Errors on Secondary after testing expired vouch... Paighton Bisconer
01:20 PM Bug #8079 (Feedback): XMLRPC Issues with Captive Portal Vouchers: Applied in changeset commit:66dd4fe2ad0c7d63f9da45a9b32bd6c94a78fc44. Jim Pingle
01:14 PM Bug #8079: XMLRPC Issues with Captive Portal Vouchers: Actually #1 is not valid because that section shouldn't sync that way. That typo breaking the sync in that direction ... Jim Pingle
12:01 PM Bug #8079 (Resolved): XMLRPC Issues with Captive Portal Vouchers: Multiple issues with Captive Portal vouchers:
1. Sync of the voucher configuration doesn't work because in /etc/rc... Jim Pingle
08:44 PM Bug #8080: DHCPv6 + SLAAC SG1000: Is there a message in any of the logs about radvd crashing? Jim Pingle
07:04 PM Bug #8080: DHCPv6 + SLAAC SG1000: Hi Jim,
Very good point. It does seem that radvd is NOT running. James Webb
06:58 PM Bug #8080: DHCPv6 + SLAAC SG1000: Is radvd running? This could be a duplicate of #8022
Without router advertisements, clients wouldn't know to conta... Jim Pingle
06:55 PM Bug #8080 (Resolved): DHCPv6 + SLAAC SG1000: Hi,
I recently bought an SG1000 device for use on a corporate network.
I have had quite a bit of experience with ... James Webb
08:20 PM Revision 6bb69034: Fixed #8053 Revised page JavaScript to update gateway selector on IP family change: (cherry picked from commit ae381698db23f260027c27c9aa12694a38c2f9ce) Steve Beaver
08:15 PM Revision ae381698: Fixed #8053 Revised page JavaScript to update gateway selector on IP family change: Steve Beaver
08:15 PM Revision 13f88d0a: Fixed #8053: Revised page JavaScript to update gateway selector on IP family change Steve Beaver
07:08 PM Revision 66dd4fe2: Remove this part, the voucher settings shouldn't be synchronized this way, it's handled via the voucher sync settings on the secondary. Fixes #8079: It was only working before because of this typo, the code shouldn't have been there at all. Jim Pingle
07:00 PM Revision 927a988e: When synchronizing vouchers, avoid allowing null values. Also, fix a missing variable global declaration. Part of ticket #8079: Jim Pingle
06:14 PM Revision ff25106d: Correct voucher config section name. Part of ticket #8079: Jim Pingle
04:33 PM Revision 9605cf97: Use a strict check of array_search() result: Renato Botelho
04:33 PM Revision a82c33f6: Use a strict check of array_search() result: Renato Botelho
04:33 PM Revision 2a6b3b70: Use a strict check of array_search() result: Renato Botelho
04:33 PM Revision bc60e070: Use a strict check of array_search() result: Renato Botelho
04:19 PM Revision 9b750b40: Remove empty items from output: Renato Botelho
04:18 PM Revision 5535d91d: Remove empty items from output: Renato Botelho
04:18 PM Revision 29c728a2: Remove empty items from output: Renato Botelho
04:18 PM Revision c253e352: Remove empty items from output: Renato Botelho
03:15 PM Bug #7426 (Resolved): UDP packet drops: Jim Pingle
02:30 PM Bug #8053: Firewall Rule IPv6 Gateway Cannot Be Selected: Applied in changeset commit:13f88d0a0a7347c7a44ffed7b33afa110cc64174. Anonymous
02:12 PM Bug #8053 (Feedback): Firewall Rule IPv6 Gateway Cannot Be Selected: firewall_rules_edit.php page JavaScript revised to update the gateway list dynamically. Anonymous
02:20 PM Revision 19dab63b: Detect when system is running a newer version than the one available on remote repository: Renato Botelho
02:20 PM Revision ab7813e8: Detect when system is running a newer version than the one available on remote repository: Renato Botelho
02:20 PM Revision f27bd8cd: Detect when system is running a newer version than the one available on remote repository: Renato Botelho
02:20 PM Revision 8d5ff32b: Detect when system is running a newer version than the one available on remote repository: Renato Botelho
02:17 PM Revision 840f28ca: Always do rquery when pkg search is not used: Renato Botelho
02:17 PM Revision fabfe51d: Always do rquery when pkg search is not used: Renato Botelho
02:17 PM Revision be8884da: Always do rquery when pkg search is not used: Renato Botelho
02:17 PM Revision eaed7e74: Always do rquery when pkg search is not used: Renato Botelho
12:52 PM Revision 005be784: Rename 2.3 repositories to keep list sorted in GUI: Renato Botelho
12:51 PM Revision a0494dc8: Rename 2.3 repositories to keep list sorted in GUI: Renato Botelho
12:50 PM Revision a64fe84d: Rename 2.3 repositories to keep list sorted in GUI: Renato Botelho
12:49 PM Revision 89d2b4c3: Rename 2.3 repositories to keep list sorted in GUI: Renato Botelho
12:23 PM Bug #8039 (Resolved): Invalid characters in static IP description will not resolve upon correction: Jim Pingle
12:15 PM Bug #7946 (Resolved): 2.4 Package Manager: Does Not List Installed Packages which have been removed from the repository.: Renato Botelho
11:57 AM Bug #7946: 2.4 Package Manager: Does Not List Installed Packages which have been removed from the repository.: freeradius2 remained at Installed Packages in the WebGUI. Fix confirmed. Anonymous
06:20 AM Bug #7946 (Feedback): 2.4 Package Manager: Does Not List Installed Packages which have been removed from the repository.: Applied in changeset commit:44cb7fee05969601e25376bba8ce1d2be10e4eb7. Renato Botelho
12:10 PM Revision a9b0a7a3: Fix #7946: Display installed packages missing on remote repo to let user to delete it: Renato Botelho
12:09 PM Revision 42b6ca6e: Fix #7946: Display installed packages missing on remote repo to let user to delete it: Renato Botelho
12:09 PM Revision ef1ed439: Fixed #8035: Steve Beaver
12:09 PM Revision a16690c8: Fix #7946: Display installed packages missing on remote repo to let user to delete it: Renato Botelho
12:09 PM Revision 44cb7fee: Fix #7946: Display installed packages missing on remote repo to let user to delete it: Renato Botelho
11:56 AM Revision 388bb779: Fixed #8035: Steve Beaver
11:10 AM Bug #7917 (Resolved): GUI shows "There are no packages currently installed" when repos are unreachable: Renato Botelho
11:03 AM Bug #7917: GUI shows "There are no packages currently installed" when repos are unreachable: installed a package, pulled WAN, went back to Packages and the package showed. Rebooted without WAN, checked again, p... Anonymous
06:15 AM Bug #7917 (Feedback): GUI shows "There are no packages currently installed" when repos are unreachable: I've confirmed fix pushed for #7946 also fix it Renato Botelho
10:40 AM Bug #8022 (Feedback): radvd receives SIGBUS on SG-3100 (ARM): The package was upgraded to recent upstream version (2.17) just to let us discover that the original bug was still pr... Luiz Souza

11/09/2017

10:15 PM Bug #8039: Invalid characters in static IP description will not resolve upon correction: On pfSense-netgate-memstick-ADI-2.4.2-DEVELOPMENT-amd64-20171108-1341 could not reproduce the bad behavior. Anonymous
02:00 PM Bug #8039 (Feedback): Invalid characters in static IP description will not resolve upon correction: Applied in changeset commit:d70eaff5781015294376b42284e728265c56fd8d. Anonymous
07:52 PM Revision d70eaff5: Fixed #8039 Changed to on sanitizing data. This is to help so if the user has previous cookie data it shouldn't try and sanitize it.: Stephen Jones
07:00 PM Bug #8077: Filterlog format does not match documentation or RFC spec: You are of course right, and I am feeling silly. Can't see the wood for the trees.
There is a proper bug report ag... Joash Lewis
04:01 PM Bug #8077: Filterlog format does not match documentation or RFC spec: And that fact is already noted on the page. Immediately under the line you quoted. Jim Pingle
04:01 PM Bug #8077 (Not a Bug): Filterlog format does not match documentation or RFC spec: That is the format of the log in /var/log/filter.log
If it looks different coming across syslogd, that's a differe... Jim Pingle
03:58 PM Bug #8077 (Not a Bug): Filterlog format does not match documentation or RFC spec: The "documentation of the filterlog format":https://doc.pfsense.org/index.php/Filter_Log_Format_for_pfSense_2.2 indic... Joash Lewis
06:32 PM Revision 81fbfd64: Add missiing repo definitions: Renato Botelho
05:10 PM Revision 73568673: Also kill off sshlockout_pf processes when restarting syslogd. Fixes #7984: Jim Pingle
04:49 PM Feature #8078 (New): PPPoE Reconnect Wait Time: When there is an outage (whether accidental or network maintenenace) the PPPoE session will drop. With some ISPs the... Kristopher Kolpin
04:40 PM Revision e00f69c8: Fixed #7966 added a moving average smoothing factor to help out with some of the jagged graphs. Since the quickest update will be every other second this will help make it look smoother. Also added this to the widget and added some functionality to the status page so it can display in two different styles. Setting smoothing to 0 will make the graph the same as before this was added. Raising it will allow for a moving average to be taken into account to smooth out the graphs.: Stephen Jones
03:56 PM Bug #6459 (Resolved): AWS EC2 Instance should skip interface config in setup wizard: Jim Pingle
03:51 PM Bug #6459: AWS EC2 Instance should skip interface config in setup wizard: Tested ok today. Chris Macmahon
03:49 PM Bug #7856 (Resolved): IPsec status does not show all connected mobile clients: Jim Pingle
03:49 PM Bug #8003 (Resolved): IPsec weirdness with 2.4.1: Jim Pingle
03:46 PM Bug #8063 (Resolved): ZFS installs using MBR or geli end up with an empty /boot due to bootpool not being imported: Jim Pingle
03:43 PM Revision 152dd87a: 2.3 specific revision to custom repo system: Provide mechanism to allow for transition to a new package repository server
(cherry picked from commit 00d0c66e6217... Steve Beaver
01:42 PM Revision 10694d88: Fix repo path: Renato Botelho
01:13 PM Revision 7d7398f2: Add consolidate pkg repos to use on all branches: Renato Botelho
01:09 PM Revision 5ccb7e12: Fill default repo dinamically: Renato Botelho
01:08 PM Revision d52ca8eb: Define default repo: Renato Botelho
01:05 PM Revision 15f12d8e: Fill default repo dinamically: Renato Botelho
01:05 PM Revision 5e15203c: Define default repo: Renato Botelho
01:05 PM Revision c92d1db5: Add consolidate pkg repos to use on all branches: Renato Botelho
01:02 PM Revision dab47760: Add consolidate pkg repos to use on all branches: Renato Botelho
01:01 PM Revision d82a9bda: Add consolidate pkg repos to use on all branches: Renato Botelho
12:28 PM Feature #7823 (Resolved): Pull request: Add support for dynamic DNS provider ClouDNS: Jim Pingle
12:20 PM Bug #7966 (Resolved): Live traffic graphs appear to have sampling errors: Jim Pingle
11:59 AM Bug #7966: Live traffic graphs appear to have sampling errors: On pfSense-CE-memstick-ADI-2.4.2-DEVELOPMENT-amd64-20171108-1340 gitsync'd to master, the smoothing slider is availab... Anonymous
10:50 AM Bug #7966 (Feedback): Live traffic graphs appear to have sampling errors: Applied in changeset commit:e00f69c8cd29a58383ac40a8d1e30045449eec14. Anonymous
12:19 PM Bug #7984 (Resolved): restarting syslogd service makes sshlockout_pf process orphans: Jim Pingle
12:14 PM Bug #7984: restarting syslogd service makes sshlockout_pf process orphans: On pfSense-CE-memstick-ADI-2.4.2-DEVELOPMENT-amd64-20171108-1340 gitsync'd to master, works as expected. Anonymous
11:20 AM Bug #7984 (Feedback): restarting syslogd service makes sshlockout_pf process orphans: Applied in changeset commit:73568673ebb45bd3c58cdd638a93b754b09cc654. Jim Pingle
11:09 AM Bug #7984 (Assigned): restarting syslogd service makes sshlockout_pf process orphans: Yeah I see the problem with the restart case, I'll push a fix shortly. Jim Pingle
11:26 AM Bug #8043 (Resolved): Cannot enable IPsec Mobile Client Support when the interface is in french: Jim Pingle
11:21 AM Bug #8043: Cannot enable IPsec Mobile Client Support when the interface is in french: On pfSense-CE-memstick-ADI-2.4.2-DEVELOPMENT-amd64-20171108-1340, set language to French, went to IPSec and checked t... Anonymous
11:25 AM Bug #7786 (Resolved): traffic shaping queue on WAN wont allow total of all child to be 100%: Looks good here, too. Jim Pingle
11:13 AM pfSense Packages Bug #7961 (Resolved): JS Error on Status > Monitoring: Anonymous
11:09 AM pfSense Packages Bug #7961: JS Error on Status > Monitoring: on pfSense-CE-memstick-ADI-2.4.2-DEVELOPMENT-amd64-20171108-1340, went to Status > Monitoring clicked on Settings > D... Anonymous
11:11 AM Bug #8076 (New): User can easily apply an unusable interface configuration after restore: When loading a configuration file from a different device (with other
NICs) to a freshly installed pfSense, it corre... Adrian Zaugg
11:09 AM Bug #8075 (Rejected): OpenVPN binds to wrong interface with no ip on first interface: With two WAN interfaces and with an OpenVPN server on each, bound to its
interface, there is a wrong IP assertion in... Adrian Zaugg
10:57 AM Bug #8032 (Resolved): xmlrpcsync password fails with spaces in password: Works Jim Pingle
10:45 AM Bug #7978 (Resolved): IE 11 - Headers of tables almost not visible when no entries made: Jim Pingle
10:11 AM Bug #7307: ZFS installer - shuts down instead of rebooting: Given that this only happens when using eMMC, and the operator is already present at the hardware to perform the inst... Jim Pingle
09:58 AM Bug #8074: Captive Portal RADIUS WISPr-Bandwith-Up value used incorrectly creating Limited rules: Sorry should have set the Affected Version to 2.4.0 Richard Gate
09:30 AM Bug #8074 (Duplicate): Captive Portal RADIUS WISPr-Bandwith-Up value used incorrectly creating Limited rules: Since pfSense 2.4.0 and the re-write of Captive Portal, the RADIUS WISPr-Bandwidth-Up value is being used incorrectly... Richard Gate
09:14 AM Bug #7969 (Resolved): md5 bgp sessions fail in 2.4.0: Anything at the OS level appears to be fine now. I am able to establish a BGP peering with TCP MD5 and the latest FRR... Jim Pingle
08:15 AM Bug #8035 (Resolved): Installed packages widget does not show updates: Jim Pingle
08:11 AM Bug #8069 (Resolved): Services sorting is incorrect in several cases with multi-instance services: Jim Pingle
07:36 AM Bug #8059 (Resolved): /etc/ssl/openssl.cnf in 2.4.0 and 2.4.1 is broken: Jim Pingle
02:51 AM Bug #8073 (New): Traffic inexplicably not going through IPSEC despite (in theory) matching SPs: I am running a pfSense 2.4.0 twin installation with CARP between the two appliances.
I have been able to successfull... Fulvio Scapin

11/08/2017

07:56 PM Bug #8072: Limiter / Queue mask issues?: EDIT: To clarify. The old method of turning off pfsync and using just the limiters works as expected, however HA is... Damien Montanile
07:53 PM Bug #8072: Limiter / Queue mask issues?: Chris Linstruth wrote:
> It looks like you have your in/out directions mixed up.
>
> When you place Limiters on t... Damien Montanile
07:13 PM Bug #8072: Limiter / Queue mask issues?: And, further, if you want a separate pipe for each IP address you mask on the parent queue and do not set a child que... Chris Linstruth
06:46 PM Bug #8072: Limiter / Queue mask issues?: It looks like you have your in/out directions mixed up.
When you place Limiters on the LAN interface, the IN direc... Chris Linstruth
02:28 PM Bug #8072 (New): Limiter / Queue mask issues?: After upgrading to 2.4 and then again to 2.4.1, I noticed there is what appears to be a new issue as it applies to us... Damien Montanile
04:03 PM Revision e73cc753: Several corrections to service sorting to produce output consistent with user expectations. Fixes #8069: (cherry picked from commit 258fc75b0995a53997927edc5186b1fe8a5b409e)
(cherry picked from commit 8d9037dda9ab473af6df0... Jim Pingle
04:03 PM Revision 8d9037dd: Several corrections to service sorting to produce output consistent with user expectations. Fixes #8069: (cherry picked from commit 258fc75b0995a53997927edc5186b1fe8a5b409e) Jim Pingle
04:01 PM Revision 258fc75b: Several corrections to service sorting to produce output consistent with user expectations. Fixes #8069: Jim Pingle
03:46 PM Bug #8065 (Resolved): A manually configured filesystem layout with a separate /usr fails to properly setup several aspects of the system at boot time: Jim Pingle
03:10 PM Bug #7969: md5 bgp sessions fail in 2.4.0: Tim Economides wrote:
> Somewhat related issue I've first noticed while working with Quagga and FRR - When working w... Jim Pingle
03:03 PM Bug #7969: md5 bgp sessions fail in 2.4.0: Jim Pingle wrote:
> I added the flag to the raw config page. Unfortunately, fixing the other bug meant I had to rena... Tim Economides
02:40 PM Bug #7969: md5 bgp sessions fail in 2.4.0: I added the flag to the raw config page. Unfortunately, fixing the other bug meant I had to rename the fields so the ... Jim Pingle
01:33 PM Bug #7969: md5 bgp sessions fail in 2.4.0: Jim Pingle wrote:
> I just pushed a change to FRR to allow the user to manually choose whether or not they want to u... Tim Economides
12:51 PM Bug #7969: md5 bgp sessions fail in 2.4.0: I just pushed a change to FRR to allow the user to manually choose whether or not they want to use setkey entries for... Jim Pingle
02:06 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM): Dave I experienced exactly the same thing as you did. I don't know how to fix it. I was only setting up ipv6 for fun ... Leif Huhn
12:34 PM Bug #8071 (Resolved): DNSimple support for Dynamic DNS no longer working: It seems that DNSimple has deprecated API v1 so all attempts using the current implementation will fail as unauthoriz... Kevin Loukinen
11:46 AM Bug #8070 (Closed): IKEv2 IPSec tunnel under load crashes pfSense when AES-NI is enabled: I want to refer you to this forumpost: https://forum.pfsense.org/index.php?topic=139146.0
As I said, disabling AES... Jan Jurkus
10:37 AM Bug #8039: Invalid characters in static IP description will not resolve upon correction: The static mapping wouldn't have anything to do with the port forward page.
The error on the port forward page is ... Jim Pingle
10:32 AM Bug #8039: Invalid characters in static IP description will not resolve upon correction: You will have to mark this as 'could not replicate'. I blasted the installation and will have to try again in the fut... Diedrich Guenther
10:25 AM Bug #7995: pfSense Certificate Manager Issues Blank Certificates: It will appear OK after booting, most tests will look fine then. You have to watch the console during boot time, the ... Jim Pingle
10:24 AM Bug #7995: pfSense Certificate Manager Issues Blank Certificates: I'm having the same issue on a freshly upgraded factory configured SG-8860. This happens with my existing CA as well... Gary Graham
10:10 AM Bug #8069 (Feedback): Services sorting is incorrect in several cases with multi-instance services: Applied in changeset commit:258fc75b0995a53997927edc5186b1fe8a5b409e. Jim Pingle
09:59 AM Bug #8069 (Resolved): Services sorting is incorrect in several cases with multi-instance services: On services_status.php, services with multiple instances (e.g. openvpn) appear unsorted in the list.
On the servic... Jim Pingle
09:07 AM Bug #8003: IPsec weirdness with 2.4.1: This has been fixed in 2.4.2 in these commits a65b41a9e455786dd969a1ffcd110fdf195f9031 and 130f3c9266e0b8c626aa6e8991... Anonymous
04:23 AM Bug #8003: IPsec weirdness with 2.4.1: In my case there are more than 300 tunnels. It is very inconvenient to check which ones work and which ones do not wo... Kirill Z
01:14 AM Bug #8003: IPsec weirdness with 2.4.1: I have the same issue on two SG-8860 in a carp setup upgraded from 2.3.4 to 2.4.0 and then 2.4.1. Seven connected ips... Alexander Lindqvist
09:07 AM pfSense Packages Bug #8068 (Resolved): Status Traffic Totals package installation is not recorded in config.xml: The installation of the Status_Traffic_Totals package is not reflected in config.xml, thus it is not present in a bac... Jim Pingle
08:55 AM pfSense Packages Bug #7487 (Resolved): Status Traffic Totals doesnt persist through reboots.: Jim Pingle
07:12 AM pfSense Packages Bug #8067 (Closed): Avahi can't be stopped from registering on unassigned interfaces: Related to #7755.
In the settings page for Avahi, the deny interfaces list shows assigned interfaces only.
I ha... Nathan Phillips
02:58 AM Bug #8059: /etc/ssl/openssl.cnf in 2.4.0 and 2.4.1 is broken: Jim Pingle wrote:
> Applied in changeset commit:3414dea15b2f31099ef2ec962c2062ae95080a0e.
Hi Jim,
Thanks for t... Anonymous
02:04 AM Bug #8066 (New): Static routes not applied when they go out a interface using carp: I have a fw that has a /30 configured on one interface and then a separate /30 ip series applied used carp on the int... Rasmus Fauske

11/07/2017

11:30 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM): Leif Huhn wrote:
> Dave I formatted over the memory card, but I bet this would work for you:
>
> http://pkg.freeb... Dave Pugh
01:30 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM): Dave I formatted over the memory card, but I bet this would work for you:
http://pkg.freebsd.org/FreeBSD:11:armv6/... Leif Huhn
09:40 PM Bug #8024 (Resolved): static ipv6 config allow invalid addresses: Luiz Souza
07:29 PM Revision 05871043: Reorder reading the product name in pfSense-rc so it happens after all filesystems are mounted. Fixes #8065: Jim Pingle
06:53 PM pfSense Packages Bug #8058: FreeRadius Accounting Bug after upgrade 2.3->2.4: Now it is happening again...for some reason latest activity in captive portal just stops working for some users.
I r... Frotty Zaoldyeck
08:02 AM pfSense Packages Bug #8058 (Closed): FreeRadius Accounting Bug after upgrade 2.3->2.4: Jim Pingle
05:32 PM Revision 00d0c66e: Provide mechanism to allow for transition to a new package repository server: Steve Beaver
03:38 PM Revision 635dcc69: Check for /bootpool and import the bootpool zfs pool if present. Fixes #8063: Jim Pingle
02:58 PM Bug #7969: md5 bgp sessions fail in 2.4.0: Jim Pingle wrote:
> Could be quagga vs frr, I am testing with frr. I'm still not convinced the second SA is doing an... Tim Economides
01:40 PM Bug #8065 (Feedback): A manually configured filesystem layout with a separate /usr fails to properly setup several aspects of the system at boot time: Applied in changeset commit:05871043800e44b40f9d542e5a76f9506259c115. Jim Pingle
01:28 PM Bug #8065: A manually configured filesystem layout with a separate /usr fails to properly setup several aspects of the system at boot time: Renato says the patch looks good.
Further testing shows no problems:
- Affected UFS system is OK
- Regular UFS s... Jim Pingle
01:04 PM Bug #8065 (Resolved): A manually configured filesystem layout with a separate /usr fails to properly setup several aspects of the system at boot time: Choosing a manual installation with a separate /usr slice (ex: boot, /, /usr, /var, swap) fails to setup various aspe... Jim Pingle
01:06 PM Bug #7995 (Closed): pfSense Certificate Manager Issues Blank Certificates: After some more digging based on your later e-mail reply, I believe I found the root cause of this. See #8065
Clos... Jim Pingle
08:26 AM Bug #7995: pfSense Certificate Manager Issues Blank Certificates: I can't seem to replicate that here. I used the exact same inputs you sent via e-mail and it worked as expected on 2.... Jim Pingle
12:37 PM pfSense Packages Bug #8064 (Not a Bug): Freeradius 3 One Time Password (OTP) not working: It works fine, I just tested it multiple times yesterday and even replied to "your forum thread":https://forum.pfsens... Jim Pingle
12:30 PM pfSense Packages Bug #8064 (Not a Bug): Freeradius 3 One Time Password (OTP) not working: Hello,
clean Installation: Pfsense 2.4.1 with freeradius 0.15.2 OTP Google Authentcation is +not+ working
clean I... Anonymous
10:05 AM Bug #8049 (Duplicate): MTU stuck at 1280 for gif0 interface: Looks like a duplicate of #6868 Jim Pingle
10:03 AM Bug #8009 (Duplicate): Can't upgrade from 2.4.0 to 2.4.1: It's hard to tell due to lack of info, but I'm guessing this is a duplicate of #8063, the symptoms seem to match. If ... Jim Pingle
09:55 AM Bug #6223: IPsec + OpenBGPD fails with "PF_KEY socket: No buffer space available": Mitch Claborn wrote:
> What is the process for switching to FRR? Do I just install the FRR package or is there more ... Jim Pingle
09:53 AM Bug #6223: IPsec + OpenBGPD fails with "PF_KEY socket: No buffer space available": What is the process for switching to FRR? Do I just install the FRR package or is there more to it? Mitch Claborn
05:55 AM Bug #6223: IPsec + OpenBGPD fails with "PF_KEY socket: No buffer space available": I can confirm that this is still an issue on 2.4.0
Switching to FRR solved this for me. Andrew Wasilczuk
09:50 AM Bug #8063 (Feedback): ZFS installs using MBR or geli end up with an empty /boot due to bootpool not being imported: Applied in changeset commit:635dcc697a5caed4faebab384baa78809cf1c7b5. Jim Pingle
09:16 AM Bug #8063 (Resolved): ZFS installs using MBR or geli end up with an empty /boot due to bootpool not being imported: The zfs option in the installer can, in a few possible config paths, end up with a broken /boot. It looks like at lea... Jim Pingle
08:00 AM pfSense Packages Bug #8062: Fixes to AWS VPC VPN wizard: Thanks for the code submission! I had to remove those files from this public redmine post because that code is only a... Jim Pingle
05:48 AM pfSense Packages Bug #8062 (Resolved): Fixes to AWS VPC VPN wizard: A mixture of bug fixes and featured for the vpc vpn wizard.
h3. Use FRR BGP instead of OpenBGP
OpenBGP currentl... Andrew Wasilczuk
05:23 AM Feature #7962: Support for Intel 553 network card: Hi, having the same issue. I guess the new driver is needed.
Was fixed in FreeNAS already.
https://bugs.freenas.org... Jose Duarte
04:15 AM Revision 373513a5: Fix a bug in interfaces.php that will cause a failure on first 'Save' of 'OPT1' with some hardware configurations.: Luiz Souza
03:10 AM Revision 1328b154: Add the XML tags to support the switch entries.: Luiz Souza
03:10 AM Revision 3b135582: Remove stray white space.: Luiz Souza

11/06/2017

09:01 PM Revision 9b36e210: fixed the ipsec widget to show splitconnections for ikev2: Stephen Jones
08:54 PM Revision 3414dea1: Restore some customizations to openssl.cnf, otherwise it cannot generate a certificate. Fixes #8059: We set prompt=no, so most of these values will cause an error when openssl commands are run directly. Jim Pingle
08:47 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM): Leif Huhn wrote:
> I compiled 2.17 from ports on raspi2 and it runs on the SG-3100 without SIGBUS.
This issue is ... Dave Pugh
07:18 PM Bug #8061: LAN WAN Interfaces missing in Traffichshaper: Bridges and VLAN interfaces on LAN show up.
a spare interface on the same card shows up
It is just WAN interfaces a... W FM
07:13 PM Bug #8061: LAN WAN Interfaces missing in Traffichshaper: on irc someone else had the same issue.
Also worth noting this is i386 W FM
07:10 PM Bug #8061: LAN WAN Interfaces missing in Traffichshaper: em0@pci0:0:3:0: class=0x020000 card=0x10128086 chip=0x10108086 rev=0x01 hdr=0x00
vendor = 'Intel Corporation... W FM
06:46 PM Bug #8061: LAN WAN Interfaces missing in Traffichshaper: What type of interfaces are those (driver name)?
Perhaps they were supported by the shaper on older versions but t... Jim Pingle
06:38 PM Bug #8061: LAN WAN Interfaces missing in Traffichshaper: firewall_shaper.php
Firewall / Traffic Shaper / By Interface
(sorry for the typo) W FM
06:35 PM Bug #8061 (Resolved): LAN WAN Interfaces missing in Traffichshaper: In 2.3.5 LAN and WAN interface(s) are missing from the list.
see picture attached
If queues are deleted only wa... W FM
06:40 PM Bug #7936 (Resolved): bridge network interface does not support altq on 2.4.0-RELEASE: Luiz Souza
06:38 PM Bug #7940 (Resolved): disabling LAGG causes system reboot on 2.4: Luiz Souza
06:35 PM Bug #7981 (Resolved): PPP interfaces with a VLAN parent do not work with new VLAN names: Luiz Souza
05:48 PM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names: with
2.4.2-DEVELOPMENT (amd64)
built on Mon Nov 06 10:40:15 CST 2017
I confirm there is no more problem wit... Alexandre Paradis
03:25 PM Bug #8060 (Closed): Incorrect translation to Russian language: The main page in the "Version" section should be "Получение" instead of "Полчение". Alexander Ryazantsev
03:10 PM Bug #8059 (Feedback): /etc/ssl/openssl.cnf in 2.4.0 and 2.4.1 is broken: Applied in changeset commit:3414dea15b2f31099ef2ec962c2062ae95080a0e. Jim Pingle
03:00 PM Bug #8059: /etc/ssl/openssl.cnf in 2.4.0 and 2.4.1 is broken: I just pushed a fix for this, but a few important points need to be made:
1. The ACME package works fine serving f... Jim Pingle
02:30 PM Bug #8059 (Confirmed): /etc/ssl/openssl.cnf in 2.4.0 and 2.4.1 is broken: It is not broken, it works fine when you use it in a supported way (read: use the GUI or the ACME package).
Noneth... Jim Pingle
02:02 PM Bug #8059 (Resolved): /etc/ssl/openssl.cnf in 2.4.0 and 2.4.1 is broken: When using dehydrated (https://github.com/lukas2511/dehydrated) instead of the acme package for requesting LetsEncryp... Anonymous
02:59 PM Revision 2807660f: removed extra quote: Stephen Jones
11:57 AM pfSense Packages Bug #8058: FreeRadius Accounting Bug after upgrade 2.3->2.4: Okay, after recreated the client and interfaces, this time with "*" instead of the IP of the client, seemed to have w... Frotty Zaoldyeck
06:57 AM pfSense Packages Bug #8058 (Closed): FreeRadius Accounting Bug after upgrade 2.3->2.4: Hi,
I have been using FreeRadius with my captive portal successfully before freeRadius3 and pfsense 2.4
After the... Frotty Zaoldyeck
09:49 AM Bug #8044 (Resolved): LDAP authentication fails with a globally trusted root CA: Jim Pingle
09:45 AM Bug #8045: Terminal and WebGUI stops responding: Hi,
I have the same setup running (except nmap and snort).
Today I ran into the same issue.
I have a few of thes... Christian Rhomberg
08:34 AM Bug #8003: IPsec weirdness with 2.4.1: Constantine Kormashev wrote:
> Could not reproduce the issue with just one P2 entry. Seems it affects only multiply ... Neal Harrington
05:10 AM Bug #6650 (Resolved): Option needed to disable HSTS: Renato Botelho
03:15 AM Bug #8057 (Closed): don't start dpinger if still one running: It's the 2nd or 3rd time I see multiple instances of dpinger.
You have a pid file and can check for the process befo... Grischa Zengel
01:50 AM Revision 902cbde8: Support shutdown scripts in /usr/local/etc/rc.d. This allows packages to take critical shutdown actions such as: UPS power kill in NUT. Denny Page

11/05/2017

07:16 PM Feature #8030: Unbound: Add support for DNS over TLS to internal clients: I was able to get this to work using the following:
#this prevents port 853 tcp from working. Not sure why? Turnin... Mathew Keith
03:42 PM Bug #7426: UDP packet drops: Tested iperf3 in UDP mode between SG-1000 and SG-2440 (and SG-3100), could not reproduce the bad behavior. Saw a prob... Anonymous
02:47 PM Bug #7786: traffic shaping queue on WAN wont allow total of all child to be 100%: On pfSense-netgate-uFW-recover-2.4.2-DEVELOPMENT-armv6-20171104-1805 unable to reproduce. Created parent queue for 50... Anonymous
02:31 PM Bug #7975: ESXi 6.5 UEFI boot stops at framebuffer info: Booting pfSense-CE-2.4.1-RELEASE-amd64.iso on ESXi 6.0.0 Update 3 (Build 5224934) using UEFI mode.
Machine shutdow... Carlos Montalvo J.
11:15 AM Bug #8056: Bridge + CARP crashes/freezes pfSense: More context: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=200319
This configuration works well on 2.3.3+ (di... Anonymous
10:59 AM Bug #8056 (Resolved): Bridge + CARP crashes/freezes pfSense: Same behavior as the linked bug below: running CARP on a bridge interface and sending any non-trivial amount of traff... Anonymous
08:04 AM Bug #7929 (Resolved): IPSec CA certificate name corrupt if multiple RDNs of the same type are in subject name: Jim Pingle
01:15 AM Bug #7929: IPSec CA certificate name corrupt if multiple RDNs of the same type are in subject name: 2.4.2 17-11-04 could not reproduce the issue
rightca for latest @/DC=jimp/DC=pw/@
rightca for 2.4.1 @/DC=Array/@
A... Constantine Kormashev
05:59 AM Bug #8055 (Closed): pfsense GUI accessible over tun interface address from remote network: Anonymous
05:08 AM Bug #8055: pfsense GUI accessible over tun interface address from remote network: INVALID - please close, additional route path advertised by secondary client. Grzegorz Krzystek
02:40 AM Bug #8055 (Closed): pfsense GUI accessible over tun interface address from remote network: Configuration:
site A pfSense:
lan: 10.76.175.0/24
OpenVPN_TUN: 172.28.10.1/30 (OpenVPN routing 192.168.1.2/32)
... Grzegorz Krzystek
01:28 AM Bug #8003: IPsec weirdness with 2.4.1: Could not reproduce the issue with just one P2 entry. Seems it affects only multiply P2 Constantine Kormashev
12:30 AM Revision 0e2bed22: status_queues, provide 'realtime' statistics: -retrieve 'current' numbers from pfSense
not using qstats provides the following advantages:
-no long lag which requ... Pi Ba

11/04/2017

11:43 PM Bug #6406: Web process becomes unresponsive producing 502 Bad Gateway nginx: Running for 12+hours, dashboard up, IPSec widget (and many others including pfBlocker) loaded, no issues. (2.4.2.a.20... Anonymous
06:54 PM Revision e5960712: pkg, reinstall missing package: change the reference from install_package(.) as this function does not exist. Pi Ba
05:20 PM Bug #8016: 1 pfsense out of several shows 2.4.0 available, not 2.4.1: Followup notes:
* On the FW with the issue, did update from 2.3.4 to 2.4.0. Success
1) After reboot, Dashboard ... Eduard Rozenberg
04:31 PM Bug #7940: disabling LAGG causes system reboot on 2.4: could not replicate on 2.4.2.a.20171103.1355, not on HA though. Anonymous
04:13 PM Bug #7856: IPsec status does not show all connected mobile clients: tested on 2.4.2.a.20171103.1355, not seeing duplicate entries Anonymous
03:33 PM Revision 1b2c6dd9: Backport changes regarding login page: This commit improves consistency and prevents bugs by:
1) Not displaying the login CSS file in the theme list
2) Ensu... NewEraCracker
02:17 PM Bug #7594: "vtnet: driver does not support altq" following upgrade to 2.4 (worked in pfSense 2.3): Just updated to current and traffic shaping is still working for me. Maybe your queue config is triggering something... John Silva
01:03 PM Bug #7969: md5 bgp sessions fail in 2.4.0: Worth noting I have been seeing all of this with openbgpd, so it would be strange if it was specific to routing daemons. Terry Zink
01:01 PM Bug #4607: Bridge+CARP crashes/freezes pfSense: Is the patch for this still included in 2.4? I'm getting freezes that sound eerily similar to the issue described her... Anonymous
11:00 AM Bug #8054: DHCP server accepts trailing dot in domain names, DNS resolver adds another and breaks: To be clear: this happened with a static lease. Jove Too
10:46 AM Bug #8054 (Resolved): DHCP server accepts trailing dot in domain names, DNS resolver adds another and breaks: If you add a trailing dot on the domain name in the "domain name" and "domain search list", this is accepted. The DNS... Jove Too
07:41 AM Feature #8028: Unbound: Add advanced option for qname-minimization: I don't think strict should be an option through the GUI now that I've played with it.
With respect to qname-minim... Mathew Keith
03:17 AM Feature #8028: Unbound: Add advanced option for qname-minimization: Well if going to add options for the -strict in the gui... Needs to have BIG note on it that it WILL BREAK stuff... N... JohnPoz _
07:07 AM Bug #6400: assign_interfaces.php issues with large numbers of interfaces: https://forum.pfsense.org/index.php?topic=137391.msg757023#msg757023
Anonymous
04:55 AM Bug #7973: VLAN Priority Set feature in firewall rules is not functioning: A Pull request has been added address the issue of dhcp6 vlan priority requests
https://github.com/pfsense/pfsen... Kev Willers
12:19 AM Bug #8053 (Resolved): Firewall Rule IPv6 Gateway Cannot Be Selected: When there are multiple IPv6 gateways on a system an IPv6 firewall Rule can only be initially created with either the... Kristopher Kolpin

11/03/2017

09:59 PM Bug #6650: Option needed to disable HSTS: Tested on pfSense-netgate-memstick-ADI-2.4.2-DEVELOPMENT-amd64-20171103-1355.img, works as expected.... Anonymous
09:45 PM Revision 153f09b8: Fixed an issue where it was showing the escaped apostrophes on all info boxes. This will fix the issue of the javascript getting terminated in the ipsec status page in french. and not print it to the user: Stephen Jones
09:05 PM Revision 46b9efdd: Fixed #8043 It didn't like one of the french characters being saved in the config so it would rollback the config and not allow you to enable mobile clients. Added an html entities to replace it with safe characters. Also added some escapes when it tried to print certain words using a ['] and terminating a string in javascript for the ipsec_status page. This is a possibly a potential problem for multiple pages in French.: Stephen Jones
05:46 PM Revision 8c2831e1: Cosmetic changes to repo branch switching: Steve Beaver
05:23 PM Revision 73d5b5d2: Provide a firmware branch selector on the System->Update page to allow the user to change their mind.: On changing the selector, refresh the page to show the revised version information. Steve Beaver
04:38 PM Bug #8050: Enabling bridge while interfaces have link freezes console: This may be an issue on my end, with VMware...it's possible I saw what appeared to be the same issue on the XG-2758 b... Clinton Cory
04:22 PM Bug #8050: Enabling bridge while interfaces have link freezes console: PF was disabled during these tests and no IP assigned to the bridge interface. I had a similar problem with 2.3.5...
... Clinton Cory
03:51 PM Bug #8050: Enabling bridge while interfaces have link freezes console: Same issue with 2.4.1 Clinton Cory
03:32 PM Bug #8050: Enabling bridge while interfaces have link freezes console: Also may be related to changes here:
https://redmine.pfsense.org/issues/7936 Clinton Cory
03:24 PM Bug #8050 (Closed): Enabling bridge while interfaces have link freezes console: Installed 2.4.2-DEV CE (snapshot from about an hour ago) on both a VM and XG-2758.
If you try to create a bridge w... Clinton Cory
04:20 PM Bug #8043 (Feedback): Cannot enable IPsec Mobile Client Support when the interface is in french: Applied in changeset commit:46b9efddca9e78e1eabaf3a849c283f720dc35d7. Anonymous
04:06 PM Bug #8051: XG-2758 - Wrong Interface Assignment: Confirmed the same issue is present with 2.4.2 factory.
This was not a problem with 2.4.1 Clinton Cory
03:28 PM Bug #8051 (Resolved): XG-2758 - Wrong Interface Assignment: 2.4.2-DEV CE (latest from an hour or so ago) installed on XG-2758 and the interfaces do not assign as expected.
http... Clinton Cory
03:39 PM Feature #8052 (Rejected): Separate MTU interface values for IPv4 and IPv6: Some ISPs do not offer IPv6 connetivity yet or offer it via a tunnelling mechanism.
As such, in some cases PMTU di... Kristopher Kolpin
03:27 PM Revision 7e37da2e: When crafting the CA subject for ipsec.conf, handle component values that are arrays. Fixes #7929: Jim Pingle
03:14 PM Bug #8046 (Resolved): ntpd erroneously listens on all interfaces: Jim Pingle
08:30 AM Bug #8046 (Feedback): ntpd erroneously listens on all interfaces: Applied in changeset commit:c2a524405c65f973add431cf18d3efc5c3a8f2ea. Jim Pingle
02:52 PM Bug #7994 (Resolved): system_certmanager.php: Unable to create a wildcard SAN: Jim Pingle
02:52 PM Bug #7885 (Resolved): Cert. Manager should validate EKUs on importing a certificate authority: Jim Pingle
02:52 PM Bug #7733 (Resolved): User Manager deletes non-selected users: Jim Pingle
02:41 PM Bug #7969: md5 bgp sessions fail in 2.4.0: Jim Pingle wrote:
> Could be quagga vs frr, I am testing with frr. I'm still not convinced the second SA is doing an... Tim Economides
02:17 PM Bug #7969: md5 bgp sessions fail in 2.4.0: Could be quagga vs frr, I am testing with frr. I'm still not convinced the second SA is doing anything to help the si... Jim Pingle
02:00 PM Bug #7969: md5 bgp sessions fail in 2.4.0: Jim Pingle wrote:
> I'd be surprised if it was actually working due to that change alone. Maybe you changed somethin... Tim Economides
01:37 PM Bug #7969: md5 bgp sessions fail in 2.4.0: I'd be surprised if it was actually working due to that change alone. Maybe you changed something else unrelated to j... Jim Pingle
01:10 PM Bug #7969: md5 bgp sessions fail in 2.4.0: Jim Pingle wrote:
> Those changes do seem to be corroborated by the "setkey(8) man page":https://www.freebsd.org/cgi... Tim Economides
10:57 AM Bug #7969: md5 bgp sessions fail in 2.4.0: Those changes do seem to be corroborated by the "setkey(8) man page":https://www.freebsd.org/cgi/man.cgi?query=setkey... Jim Pingle
09:21 AM Bug #7969: md5 bgp sessions fail in 2.4.0: Tim Economides wrote:
> All - I did some digging and found that when I built MD5 support into Quagga (code which was... Tim Economides
02:24 PM Bug #8049 (Duplicate): MTU stuck at 1280 for gif0 interface: This is a bug that appears multiple times in past versions of pfSense. Even though the MTU for the 6in4 interface is... Kristopher Kolpin
02:14 PM Bug #8048 (Resolved): DHCPv6 Configured for LAN without LAN interface: Installed the latest 2.4.2-DEV CE snapshot on a VM with a single NIC
At the end of the installer I selected the op... Clinton Cory
01:39 PM Bug #8039: Invalid characters in static IP description will not resolve upon correction: I attempted to replicate this on a SG-2220 running Factory 2.4.2-DEV box but it seems to work just fine. I used stati... Clinton Cory
01:13 PM Revision c2a52440: When ntp is bound to specific interfaces, disable listening on wildcard. Fixes #8046: Jim Pingle
01:03 PM pfSense Packages Bug #8047 (Resolved): XG-2758 - Coreboot Upgrade - Different ROM size: XG-2758s have 8M and 16M ROMs. There is a J24 jumper to set the coreboot BIOS to either 8M or 16M. By default, the XG... Clinton Cory
10:40 AM Bug #7929 (Feedback): IPSec CA certificate name corrupt if multiple RDNs of the same type are in subject name: Applied in changeset commit:7e37da2e9db8dd153e3b8ef2844beb9a9fe24a56. Jim Pingle

11/02/2017

10:29 PM Bug #8015: IPsec VPN Not Reconnecting until complete reboot: Not sure we can do much about this in the current architecture. Jim Thompson
10:20 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM): Leif Huhn wrote:
> I compiled 2.17 from ports on raspi2 and it runs on the SG-3100 without SIGBUS.
We know the po... Jim Thompson
03:29 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM): I compiled 2.17 from ports on raspi2 and it runs on the SG-3100 without SIGBUS. Leif Huhn
02:40 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM): It looks like the radvd version is fairly old:... Leif Huhn
08:38 PM Revision 6b8680a7: Set VLAN Priority on dhcp6c packets: Martin Wasley
06:30 PM Revision 87c67243: Add an option for LDAP servers to use the global root CA list as a peer CA. Fixes #8044: Jim Pingle
06:20 PM Bug #8046 (Resolved): ntpd erroneously listens on all interfaces: Although I have selected only specific interfaces for ntpd to listen on, the service additionally listens to the wild... Alexander Berkes
04:59 PM Bug #8045 (Closed): Terminal and WebGUI stops responding: Running a Netgate APU2 with SSD and 4GB RAM. This started after upgrading from 2.3 to 2.4. After a few days, would tr... Anthony G
04:40 PM Revision d54ff1c2: Disable HSTS for captive portals: Doktor Notor
04:40 PM Revision 7f797833: Add option to disable HSTS for nginx (Bug #6650): Doktor Notor
04:40 PM Revision 42833525: Add option to disable HSTS for nginx (Bug #6650): Doktor Notor
04:40 PM Revision 193f628d: Add option to disable HSTS for nginx (Bug #6650): Doktor Notor
04:39 PM Revision 3ed3a367: Disable HSTS for captive portals: Doktor Notor
04:39 PM Revision a257c4c9: Add option to disable HSTS for nginx (Bug #6650): Doktor Notor
04:39 PM Revision b42a43f7: Add option to disable HSTS for nginx (Bug #6650): Doktor Notor
04:39 PM Revision 3684280d: Add option to disable HSTS for nginx (Bug #6650): Doktor Notor
03:56 PM Bug #7969: md5 bgp sessions fail in 2.4.0: All - I did some digging and found that when I built MD5 support into Quagga (code which was subsequently used in dev... Tim Economides
10:40 AM Bug #7969: md5 bgp sessions fail in 2.4.0: Downgraded my device back to 2.3.4 after taking the trip out to the DC. Working fine now. Definitely 2.4.x related. Terry Zink
03:23 PM Revision fbbd7d2b: Crudely fixed #7786 by eliminating check of parent bandwidth when children are sepcified in %: Steve Beaver
02:10 PM Revision a72dbd2a: pf, retry pfctl -f rule loading when pf is 'busy', don't try and fail to force -d -e as that would also fail at this point in time.: (cherry picked from commit a512609213f2a8fd86c7515c9235e1760d7026ed) Pi Ba
02:10 PM Revision 4ede18de: Merge pull request #3857 from PiBa-NL/20171022-pf-wait-dont-wedge: Renato Botelho
02:07 PM Revision 78089d06: Add filtering to pfTop page: (cherry picked from commit 1008527985c9ca392d62beca66b7a49be840330c) → luckman212
02:07 PM Revision 7f9b646c: Merge pull request #3847 from luckman212/pftop-extras-1: Renato Botelho
02:07 PM Revision 82bd941b: VirtualIP, FIX, VIPs should have a <uniqueid> property inside the config.xml, however if they are added as 'proxy-arp' or 'other' and then modified to ipalias or carp, the uniqueid stays empty.: (cherry picked from commit 807160e9db2e7fe2296d7312d602874290186505) Pi Ba
02:07 PM Revision 7ddc3024: Merge pull request #3842 from PiBa-NL/20171004-vip-uniqueid: Renato Botelho
02:04 PM Revision 7ea5b55b: Merge pull request #3859 from PiBa-NL/20171031-xmlrpc-encodedspace: Renato Botelho
02:03 PM Revision 0e4e4ca1: config, xmlparse throw exception instead of calling die(), so corruption check will properly handle the unlink action of the corrupted config: (cherry picked from commit 6153d6683eb682b936b9865114735fc90d7d64cd) Pi Ba
02:03 PM Revision d7e969dc: Merge pull request #3860 from PiBa-NL/20171031-config-backup-check-exception: Renato Botelho
01:48 PM Bug #8020 (Duplicate): Can't STARTTLS to LDAP server since 2.4.0: I ended up making a new issue for this, see #8044 for the fix. Jim Pingle
01:40 PM Bug #8044 (Feedback): LDAP authentication fails with a globally trusted root CA: Applied in changeset commit:87c67243c2cab5fd3e51d17df96ed5ac04bff799. Jim Pingle
01:28 PM Bug #8044 (Resolved): LDAP authentication fails with a globally trusted root CA: The OpenLDAP client does not automatically look for and trust the global root CA list we have from ca_root_nss, linke... Jim Pingle
01:30 PM Bug #8003: IPsec weirdness with 2.4.1: Marcel Kinzel wrote:
> I can confirm the same issue. As someone already mentioned in the pfSense forum (https://foru... Jorz Ybañez
12:19 PM Feature #8028: Unbound: Add advanced option for qname-minimization: I have been using the
qname-minimisation: yes
Option via adding it to custom option box for a few days now and h... JohnPoz _
11:20 AM Feature #8028: Unbound: Add advanced option for qname-minimization: RFC spec here:
https://tools.ietf.org/html/rfc7816
Should this be ignored if forwarding mode is enabled? I don't ... Mathew Keith
12:16 PM Bug #6650 (Feedback): Option needed to disable HSTS: PR has been merged Renato Botelho
11:53 AM Revision bff36903: Fix #6459: Skip interfaces config in AWS EC2 wizard: Renato Botelho
11:52 AM Revision eb809299: Implement <skip_flavors> tag in wizards to skip specific steps on specific flavors: Renato Botelho
11:51 AM Revision c31dacf2: Set title and description after $stepid changes: Renato Botelho
10:55 AM Bug #7990: SyntaxError: JSON.parse: unexpected character at line 1 column 1 of the JSON data: Do you know when 2.4.2 stable will be released?
Jasjit Chopra
08:57 AM Bug #7990: SyntaxError: JSON.parse: unexpected character at line 1 column 1 of the JSON data: This fix did not make it into 2.4.1 but it is implemented in 2.4.2. Anonymous
06:10 AM Bug #7990: SyntaxError: JSON.parse: unexpected character at line 1 column 1 of the JSON data: This is still not resolved in 2.4.1 - I am seeing the exact same behavior after upgrading to 2.4.1 ! Jasjit Chopra
10:30 AM Bug #7786 (Feedback): traffic shaping queue on WAN wont allow total of all child to be 100%: Applied in changeset commit:fbbd7d2b53492b9d7ce7fb02218de2cdda31ce27. Anonymous
09:34 AM Bug #7940 (Feedback): disabling LAGG causes system reboot on 2.4: Fixed.
The fix will be available on the next snapshot.
Testing this issue is non trivial, but still, I would ap... Luiz Souza
09:33 AM Bug #7856: IPsec status does not show all connected mobile clients: Applied in changeset a65b41a9e455786dd969a1ffcd110fdf195f9031. Anonymous
09:31 AM Bug #7856 (Feedback): IPsec status does not show all connected mobile clients: Anonymous
09:05 AM Bug #8032 (Feedback): xmlrpcsync password fails with spaces in password: PR has been merged Renato Botelho
08:52 AM Bug #7594: "vtnet: driver does not support altq" following upgrade to 2.4 (worked in pfSense 2.3): T S wrote:
> I can confirm that Traffic Shaping is broken on VTNET Interfaces.
> If active the Firewall / PortForwa... T S
08:46 AM Bug #7933: There were error(s) loading the rules: pfctl: vtnet0: driver does not support altq - The line in question reads [0]:: Hello,
the issue still exists with the newest 2.4.2 snapshot (tested yesterday).
Virtualized pfsense with virti... T S
07:10 AM pfSense Packages Bug #7959 (Not a Bug): Dpinger - Probe Interval: Please move discussion to a forum thread and if a real bug is found open a ticket with specific data Renato Botelho
07:00 AM Bug #6459 (Feedback): AWS EC2 Instance should skip interface config in setup wizard: Applied in changeset commit:bff36903ea4f1ca2615e31e2dd9d6927509df82b. Renato Botelho

11/01/2017

09:48 PM Revision a5126092: pf, retry pfctl -f rule loading when pf is 'busy', don't try and fail to force -d -e as that would also fail at this point in time.: Pi Ba
05:42 PM Bug #8043 (Resolved): Cannot enable IPsec Mobile Client Support when the interface is in french: Hello,
I set the interface of my pfSense in french. And if I go in "VPN > IPsec > Mobile Clients", check "Enable I... Manuel Carrera
12:48 PM Bug #8038 (Rejected): Cannot authenticate via LDAP+SSL in 2.4.1: Then that's not an intermediate CA. All you need is the root. Having that non-CA in the CA manager is probably the pr... Jim Pingle
12:36 PM Bug #8038: Cannot authenticate via LDAP+SSL in 2.4.1: DC1 CA is the Root CA cert of the Domain Controller. DC1 is the certificate of the domain controller signed by the Ro... Jimmy Chen
12:14 PM Bug #8038: Cannot authenticate via LDAP+SSL in 2.4.1: There must still be something about the chain that isn't quite right, the same test here works perfectly fine using S... Jim Pingle
12:01 PM Bug #8038: Cannot authenticate via LDAP+SSL in 2.4.1: I tried everything you suggested but the result is still exactly the same. I attached screenshots of the configuratio... Jimmy Chen
11:09 AM Bug #8038 (Feedback): Cannot authenticate via LDAP+SSL in 2.4.1: It works for me here with both a standard CA and with an intermediate CA chain on multiple firewalls and against mult... Jim Pingle
10:38 AM Bug #8037 (Duplicate): status_monitoring.php XSS: Looking back at #7876 it seems like the same base issue but there were two more potential vectors that needed repair,... Jim Pingle
09:29 AM Bug #8040 (Confirmed): diag_dns.php - external links to DNSstuff: From the looks of it, they're having some sort of issue with the site. That server has DNS records but isn't respondi... Jim Pingle
09:24 AM Revision 005f3aa7: Merge pull request #3858 from nagyrobi/patch-25: Renato Botelho
09:19 AM Bug #8041 (Confirmed): Missing download images for i386 platform: Jim Pingle
01:32 AM Bug #8041 (Resolved): Missing download images for i386 platform: Hello...
Could some one comment on this issue please...
I need to download an embedded pfsense image for the i386... Damien Myracle
09:17 AM Bug #8042 (Closed): VLAN Priority on dhcpc6c packets is not set. REF #7973: With the dhcp6c options seems best. In the future, requests for discussion/clarification like this should be on the d... Jim Pingle
02:40 AM Bug #8042 (Closed): VLAN Priority on dhcpc6c packets is not set. REF #7973: Although VLAN tagging now works, it does not work for dhcp6c. @jimp suggested to @kwillers that adding a new floating... Martin Wasley

10/31/2017

10:28 PM Revision 6153d668: config, xmlparse throw exception instead of calling die(), so corruption check will properly handle the unlink action of the corrupted config: Pi Ba
09:16 PM Bug #8040 (Resolved): diag_dns.php - external links to DNSstuff: Links to the external service _private.dnsstuff.com_ appear to be no longer valid.
Phil Biggs
08:03 PM Bug #8039 (Resolved): Invalid characters in static IP description will not resolve upon correction: I created a few dozen static IPs in the DHCP Server. A handful of those had descriptive names such as "Diedrich's lap... Diedrich Guenther
07:34 PM Bug #7940 (Confirmed): disabling LAGG causes system reboot on 2.4: Ok, I found a way to reproduce this.
It is not really related to lagg, it is a race that happens at interface deta... Luiz Souza
07:19 PM Revision 70b70f9d: Fix handling of wildcard CN/SAN entries in certificates. Fixes #7994: Jim Pingle
06:58 PM Revision 9e608d7a: Ensure that a certificate authority entry is capable of acting as a CA when importing. Fixes #7885: Jim Pingle
06:18 PM Revision 09038b21: Reindex the user and group arrays after deleting items, to avoid operating on incorrect array entries. Fixes #7733: (cherry picked from commit 92c27793b4c7f87e89aec3faec5582c17502d6d5)
(cherry picked from commit 106de6365c7407f2325d5... Jim Pingle
06:18 PM Revision 106de636: Reindex the user and group arrays after deleting items, to avoid operating on incorrect array entries. Fixes #7733: (cherry picked from commit 92c27793b4c7f87e89aec3faec5582c17502d6d5) Jim Pingle
06:17 PM Revision 92c27793: Reindex the user and group arrays after deleting items, to avoid operating on incorrect array entries. Fixes #7733: Jim Pingle
05:45 PM Bug #8038 (Rejected): Cannot authenticate via LDAP+SSL in 2.4.1: Same exact configuration that had been working previously in 2.3.x but is now not working after I upgraded to 2.4.1. ... Jimmy Chen
05:10 PM Bug #8037 (Duplicate): status_monitoring.php XSS: If you click the edit icon > display advanced > add view and then enter <script>alert(1)</script> it looks like it do... Anonymous
05:07 PM Bug #7978: IE 11 - Headers of tables almost not visible when no entries made: Confirmed, loaded the new css in 2.4.1 and is working fine now.
no more scrollbars and headers visible for tables wi... Hijmen Schilperoort
04:07 PM Bug #7733: User Manager deletes non-selected users: Jim Pingle wrote:
> This turned out to the same sort of issue as #7682 (on a different page, however), and a similar... Tom Wijnroks
01:30 PM Bug #7733 (Feedback): User Manager deletes non-selected users: Applied in changeset commit:92c27793b4c7f87e89aec3faec5582c17502d6d5. Jim Pingle
01:17 PM Bug #7733: User Manager deletes non-selected users: This turned out to the same sort of issue as #7682 (on a different page, however), and a similar fix addressed the pr... Jim Pingle
03:58 PM Bug #7905 (Confirmed): OpenVPN Authentication Against Backend Stalls All Server Traffic: I was finally able to confirm the problem, I'm looking at that auth_script plugin now, but it will require some signi... Jim Pingle
03:48 PM Revision 67b1afb3: Revert "Make devel points to 2.3.5": This reverts commit dba5f62ab6391ea12c2e06c4bee571cd26342207. Renato Botelho
03:11 PM Revision 07152ca7: Fixed #8035: (cherry picked from commit 9c4e7fd3e155d08911feb0afc527af21d79ce917) Steve Beaver
02:30 PM Bug #7994 (Feedback): system_certmanager.php: Unable to create a wildcard SAN: Applied in changeset commit:70b70f9dd5f52aba4cfb28c3251961ee0b48d359. Jim Pingle
02:25 PM Revision 9c4e7fd3: Fixed #8035: Steve Beaver
02:10 PM Bug #7885 (Feedback): Cert. Manager should validate EKUs on importing a certificate authority: Applied in changeset commit:9e608d7a5215534d2519dc633a46884e2981619d. Jim Pingle
01:42 PM Bug #8033 (Not a Bug): Certmanager import server certificate ignores purpose server: "Netscape Certificate Type"/nsCertType has been deprecated for quite some time as a supported certificate attribute (... Jim Pingle
04:04 AM Bug #8033 (Not a Bug): Certmanager import server certificate ignores purpose server: When importing a certificate generated with tinyca as server certificate (pem) the server setting gets ignored and in... Robert Sailer
11:50 AM Feature #8036: Want to run multiple Mobile Client IKEv2 server instances: There is a minor typo that I seem to be unable to correct. "Neither is possible on iOS." should have been "Neither is... Richard Yao
11:48 AM Feature #8036 (New): Want to run multiple Mobile Client IKEv2 server instances: The Mobile Client IKEv2 server in pfSense should be able to do two things that it presently cannot:
1. Bind to mul... Richard Yao
10:00 AM Feature #8030: Unbound: Add support for DNS over TLS to internal clients: Also it would need significantly more logic here than you've shown thus far. For instance, you can't always assume th... Jim Pingle
09:55 AM Feature #8030: Unbound: Add support for DNS over TLS to internal clients: I'd like to request that this FR be closed. When I created it I did so because I didn't think it was possible to do t... Mathew Keith
09:40 AM Bug #8035 (Feedback): Installed packages widget does not show updates: Applied in changeset commit:9c4e7fd3e155d08911feb0afc527af21d79ce917. Anonymous
07:08 AM Bug #8035 (Resolved): Installed packages widget does not show updates: https://forum.pfsense.org/index.php?topic=138876.0 Anonymous
09:30 AM Bug #8007 (Resolved): Status -> Queues show as (loading) and don't update: Jim Pingle
09:02 AM Bug #8007: Status -> Queues show as (loading) and don't update: Jim Pingle wrote:
> Applied in changeset commit:2d07b58d8cc2c67fbb701cf2d369691ad3ab0074.
Thank you Jim for fixin... Jorz Ybañez
08:42 AM Bug #8034 (Rejected): PHP crashes when trying to modify or add NAT rules in pfSense v.2.4.1: Please post on the forum, reddit, or the mailing list to discuss this in detail before opening a bug report. There ma... Jim Pingle
05:21 AM Bug #8034 (Rejected): PHP crashes when trying to modify or add NAT rules in pfSense v.2.4.1: Hello, I'm running pfSense v2.4.1, upgraded from v2.4.0 yesterday.
Every time I try to add or modify a NAT rule in... Alessandro Bariatti
12:49 AM Revision 2ec76321: xmlrpc, fix usage of space and + character that need different encoding: Pi Ba

10/30/2017

08:53 PM Feature #8030: Unbound: Add support for DNS over TLS to internal clients: Edit: I was able to get this to work. info posted below.
Forum link:
https://forum.pfsense.org/index.php?topic=1... Mathew Keith
05:30 PM Feature #8030: Unbound: Add support for DNS over TLS to internal clients: I did some more research on this. A simple checkbox that adds the following lines to the config should do the trick:
... Mathew Keith
11:46 AM Feature #8030: Unbound: Add support for DNS over TLS to internal clients: Also need to add the following lines:
interface: 0.0.0.0@853
interface: ::0@853
The interface address being set ... Mathew Keith
11:43 AM Feature #8030 (Resolved): Unbound: Add support for DNS over TLS to internal clients: Add support for DNS over TLS to internal clients.
A description of the feature can be found here.
https://dnspri... Mathew Keith
08:51 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM): Signs are pointing to a corrupt stack. From https://stackoverflow.com/questions/27577179/signal-sigbus-on-a-line-with... Leif Huhn
08:47 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM): Admittedly the above isn't terribly useful without symbols. Leif Huhn
08:38 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM): I don't know what is happening with gdb but I'm working around it by starting the process before entering gdb.
<pr... Leif Huhn
07:46 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM): That doesn't seem to be it. -n is actually the option to prevent forking, and in fact gdb is unable to debug any prog... Leif Huhn
02:22 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM): Leif Huhn wrote:
> I'm trying to install gdb to debug this but when I run:
>
> pkg add http://pkg.freebsd.org/Fre... Jim Thompson
07:51 PM Bug #8032: xmlrpcsync password fails with spaces in password: Fix: https://github.com/pfsense/pfsense/pull/3859 Pi Ba
06:43 PM Bug #8032 (Resolved): xmlrpcsync password fails with spaces in password: xmlrpcsync fails when there are spaces in the middle of the password. Mentioned this on IRC and got this reponse...
... Ed Byrne
07:35 PM Revision 97882d89: Change a few more instances of using the physical interface to the friendly interface in status_queues.php, which allows root queues to function with the new VLAN interface names. Fixes #8007: (cherry picked from commit 2d07b58d8cc2c67fbb701cf2d369691ad3ab0074) Jim Pingle
07:35 PM Revision 2d07b58d: Change a few more instances of using the physical interface to the friendly interface in status_queues.php, which allows root queues to function with the new VLAN interface names. Fixes #8007: Jim Pingle
06:19 PM Revision 545afa4d: Update the system sysctls to not harvest data from interrupts, point-to-point interfaces and ethernet devices.: The sysctl names changed in FreeBSD 11.
(cherry picked from commit c3938c16e3ba66e6911590653a775423371b4a3a) Luiz Souza
06:17 PM Revision c3938c16: Update the system sysctls to not harvest data from interrupts, point-to-point interfaces and ethernet devices.: The sysctl names changed in FreeBSD 11. Luiz Souza
04:37 PM Bug #7936 (Feedback): bridge network interface does not support altq on 2.4.0-RELEASE: The support for ALTQ is now restored, please check with tomorrow's snapshot. Luiz Souza
04:20 PM Revision c2b91018: Make is_ipaddrv6() compatible with is_ipaddrv4().: Only the IP address must be accepted, address with netmasks do not qualify.
Ticket #8024
(cherry picked from commit... Luiz Souza
04:20 PM Revision deccebcf: Check the correct variable.: All the IPv6 verification code block was being ignored before this commit.
Ticket #8024
(cherry picked from commit ... Luiz Souza
04:15 PM Revision 2f87470c: Make is_ipaddrv6() compatible with is_ipaddrv4().: Only the IP address must be accepted, address with netmasks do not qualify.
Ticket #8024 Luiz Souza
04:12 PM Revision d1630d95: Check the correct variable.: All the IPv6 verification code block was being ignored before this commit.
Ticket #8024 Luiz Souza
03:23 PM Feature #6626: Support for IPv6 firewall entries with dynamic delegated prefix and static host address: I would like to see support for this added as I have switched my home router to use pfSense and run into the same iss... Graham Gudgin
02:58 PM Revision 80392e01: added some security to strip html characters: Stephen Jones
02:50 PM Bug #8007 (Feedback): Status -> Queues show as (loading) and don't update: Applied in changeset commit:2d07b58d8cc2c67fbb701cf2d369691ad3ab0074. Jim Pingle
01:30 PM Bug #8007: Status -> Queues show as (loading) and don't update: Jim Pingle wrote:
> Aha, when I tested in PRIQ it all worked but it doesn't have root queues like HFSC, I'll check o... Jorz Ybañez
01:09 PM Bug #8007 (Assigned): Status -> Queues show as (loading) and don't update: Aha, when I tested in PRIQ it all worked but it doesn't have root queues like HFSC, I'll check on that. Thanks! Jim Pingle
12:33 PM Bug #8007: Status -> Queues show as (loading) and don't update: Jim Pingle wrote:
> Applied in changeset commit:63a480cbf6b24d155421c1cd74f1b0409ae945de.
Still displaying (Loadi... Jorz Ybañez
02:05 PM pfSense Packages Feature #8031 (New): FreeRADIUS copy entry function: Any chance we could have a copy function for FreeRADIUS Clients, MACs and NAS/Clients.
Something like the firewall... Andy Kniveton
12:53 PM Feature #7910: Notification GUI: I agree that this is a very useful addition and commonly requested.
Being able to see what notification will email... Clinton Cory
11:54 AM Bug #8029 (Duplicate): After upgrade to 2.4.1 from 2.3.4 the vlan interface name changed. But mpd5 not work with new vlan iface format.: Duplicate of #7981 and already fixed in 2.4.2 snapshots Jim Pingle
11:38 AM Bug #8029 (Duplicate): After upgrade to 2.4.1 from 2.3.4 the vlan interface name changed. But mpd5 not work with new vlan iface format.: After upgraded I can not connect to PPPOE server from vlan interface. If I change the vlan interface name back to bge... Chunlin Yao
11:33 AM Bug #8024 (Feedback): static ipv6 config allow invalid addresses: Fixed.
Please check with tomorrow's snapshot.
Thanks! Luiz Souza
11:30 AM Feature #8028 (Resolved): Unbound: Add advanced option for qname-minimization: Add support for qname-minimization and maybe qname-minimisation-strict.
This can be implemented in two ways, depen... Mathew Keith
11:26 AM Bug #8001: Invalid FQDN in alias causes alias table to fail *silently*: More specifically, in this case, the FDQN timed out (DNS didn't respond).
Stuart Wyatt
11:25 AM Revision bd1f390d: Do not display logo.css as a valid theme: Renato Botelho
11:25 AM Revision cc2187c3: Do not display logo.css as a valid theme: Renato Botelho
09:16 AM Bug #8000 (Resolved): XSS on index.php via widget sequence parameters: Jim Pingle
09:11 AM Bug #7998 (Resolved): XSS in widgetkey parameter of multi-instance dashboard widgets: Jim Pingle
08:40 AM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names: Marc-Andre Robert wrote:
> Looking into upgrading to 2.4.2. Is there anyway to update using the ISO and not loose my... Jim Pingle
08:19 AM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names: > Version 2.3 and newer
> In 2.3 and newer versions, the update system is pkg-based, changing the available update m... Anonymous
05:14 AM Feature #8027 (Closed): Add second password field for validation when doing encrypted config.xml backup: Currently if we want to encrypt the config.xml file, there is one textbox for password entry. If a typo is made, the... Greg Maub

10/29/2017

04:54 PM Feature #6240: vxlan driver: +1 Josh Van As
12:48 PM Bug #7979 (Resolved): Error setting limiter over 2GB/s: Luiz Souza
10:56 AM Bug #8010: import cert: "The submitted private key does not match the submitted certificate data": That would explain it, but you can't use a password-protected certificate anyhow, so it isn't worth importing. Jim Pingle
10:00 AM Bug #8010: import cert: "The submitted private key does not match the submitted certificate data": Hello again Jim :)
I investigate about my certs and I found the problem: that cert has a password, pfsense doesn't... Pol Hallen
07:00 AM Bug #8024 (Resolved): static ipv6 config allow invalid addresses: I discovered that the ipv6 static address allows user to insert invalid values and allows saving them. Due to this ot... Sorin Sbarnea

10/28/2017

11:56 PM Feature #8023: Redirect to FQDM: Good point.
Would it be acceptable to do all this transparently inside nginx conf leaving the interface as is? If... Derek Schrock
08:16 PM Feature #8023: Redirect to FQDM: The problem with doing this is that you do not know that the hostname exists in DNS and is working properly.
It wo... Jim Pingle
02:00 PM Feature #8023: Redirect to FQDM: Possible fix see attached patch Derek Schrock
01:03 PM Feature #8023 (Closed): Redirect to FQDM: When "WebGUI redirect" is unchecked from System->Advanced pfsense will redirect requests to http to https.
If you ... Derek Schrock
09:52 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM): I'm trying to install gdb to debug this but when I run:
pkg add http://pkg.freebsd.org/FreeBSD:11:armv6/release_1/... Leif Huhn
03:54 PM Bug #7973: VLAN Priority Set feature in firewall rules is not functioning: Jim indeed it was my rule or at least the order that pfSense rules are ordered in rules.debug
Full explanation he... Kev Willers
10:27 AM Revision 04422f4f: It's time for 2.3.5-RELEASE: Renato Botelho
09:06 AM Bug #7984: restarting syslogd service makes sshlockout_pf process orphans: A syslog service 'restart' still leaves the sshlockout_pf running. A 'stop' does end all running sshlockout_pf proces... Pi Ba
06:53 AM Todo #8005 (Resolved): Block direct download of .inc files: Jim Pingle
02:49 AM Todo #8005: Block direct download of .inc files: Could not download one... Constantine Kormashev
04:48 AM Bug #8020: Can't STARTTLS to LDAP server since 2.4.0: Forgot to add, when PfSense attempts to connect on my LDAP server, I see this on the server side:
@TLS: error: acc... Daniel Berteaud
03:16 AM Bug #8003: IPsec weirdness with 2.4.1: Got the same with latest 242.
Can see just 1 SPD P2 entry have to see 2 P2 entries
Can see
!bad_spd.png!
Have... Constantine Kormashev
02:38 AM Bug #7978: IE 11 - Headers of tables almost not visible when no entries made: The same w/o entries
!ie11_w10_wo_entr.png! Constantine Kormashev
02:34 AM Bug #7978: IE 11 - Headers of tables almost not visible when no entries made: Looks fine on latest 2.4.2 win10 ie 11
!ie11_w10.png! Constantine Kormashev
02:27 AM Bug #7979: Error setting limiter over 2GB/s: Tried 4096Mb/s looks fine
@00001: 4.096 Gbit/s 0 ms burst 0
q131073 50 sl. 0 flows (1 buckets) sched 65537 ... Constantine Kormashev

10/27/2017

09:14 PM Bug #7942 (Resolved): QinQ interfaces never show as active: Luiz Souza
09:13 PM Bug #7594 (Resolved): "vtnet: driver does not support altq" following upgrade to 2.4 (worked in pfSense 2.3): Luiz Souza
04:03 PM Bug #7594: "vtnet: driver does not support altq" following upgrade to 2.4 (worked in pfSense 2.3): Tested and working for me. Thanks! John Silva
08:54 PM Revision 748e38fa: Do not print JS when there are input errors on diag_dns.php; fix json_encode syntax. Ticket #7999: (cherry picked from commit f32e9531ae21852ef0b21709b8278d1091d55d56) Jim Pingle
08:54 PM Revision edc0092c: Do not print JS when there are input errors on diag_dns.php; fix json_encode syntax. Ticket #7999: (cherry picked from commit f32e9531ae21852ef0b21709b8278d1091d55d56) Jim Pingle
08:54 PM Revision ff042793: Do not print JS when there are input errors on diag_dns.php; fix json_encode syntax. Ticket #7999: (cherry picked from commit f32e9531ae21852ef0b21709b8278d1091d55d56) Jim Pingle
08:53 PM Revision 0f8cc881: Do not print JS when there are input errors on diag_dns.php; fix json_encode syntax. Ticket #7999: (cherry picked from commit f32e9531ae21852ef0b21709b8278d1091d55d56) Jim Pingle
08:53 PM Revision b9319086: Do not print JS when there are input errors on diag_dns.php; fix json_encode syntax. Ticket #7999: (cherry picked from commit f32e9531ae21852ef0b21709b8278d1091d55d56) Jim Pingle
08:52 PM Revision f32e9531: Do not print JS when there are input errors on diag_dns.php; fix json_encode syntax. Ticket #7999: Jim Pingle
06:12 PM Bug #8022 (Resolved): radvd receives SIGBUS on SG-3100 (ARM): Hi,
I just received my first pfsense box, the SG-3100. I tried to setup IPv6 on the LAN and advertise the network ... Leif Huhn
04:33 PM Revision 284726f1: Simplify logic: Renato Botelho
04:33 PM Revision 9f339e07: Only show copynotice when version changes: Renato Botelho
04:33 PM Revision a3ceaeaf: Add support for copyright notice: Steve Beaver
04:32 PM Revision d09972a9: Simplify logic: Renato Botelho
04:32 PM Revision 2ef48720: Only show copynotice when version changes: Renato Botelho
04:26 PM Revision 66912f58: Fix #7984: Make sure sshlockout_pf stops when syslogd stops: Renato Botelho
04:25 PM Revision fd0d84e9: Fix #7984: Make sure sshlockout_pf stops when syslogd stops: Renato Botelho
04:24 PM Revision 7dee71c3: Add support for copyright notice: Steve Beaver
04:19 PM Revision e8f4a96c: Fix #7984: Make sure sshlockout_pf stops when syslogd stops: Renato Botelho
04:11 PM pfSense Packages Bug #7959: Dpinger - Probe Interval: This would probably be better as a forum discussion...
A probe every 60 seconds is 40,320 bytes per day one-way, 1... Denny Page
04:37 AM pfSense Packages Bug #7959: Dpinger - Probe Interval: Many thanks for your input.
If the size of the packet is only 28 bytes ( 56 bytes calculating the reply as well ) ye... Lampros Papanastasiou
04:07 PM Feature #8021 (Rejected): change default mask values for ipv4 to /24 and ipv6 to /64: There seems to be a few threads where users have issues because mask defaults to /32
Would it be possible when set... JohnPoz _
04:02 PM Bug #8010: import cert: "The submitted private key does not match the submitted certificate data": If they don't match, that isn't a valid combination. Are you certain that actually works? Does the modulus of the key... Jim Pingle
03:33 PM Bug #8010: import cert: "The submitted private key does not match the submitted certificate data": Jim Pingle wrote:
> Are you absolutely certain that the certificate and key match?
I just checked and both don't ... Pol Hallen
11:40 AM Bug #7984 (Feedback): restarting syslogd service makes sshlockout_pf process orphans: Applied in changeset commit:e8f4a96c7dcd0af18eb2d9e95d48f4402d41182d. Renato Botelho
11:10 AM Bug #8020 (Duplicate): Can't STARTTLS to LDAP server since 2.4.0: This setup was running fine until my upgrade to 2.4.0 (and 2.4.1). I'm running an OpenLDAP server (on EL6). This LDAP... Daniel Berteaud
10:56 AM pfSense Packages Bug #7944 (Feedback): Bind XMLRPC Sync Error: PR has been merged. Thanks! Renato Botelho
10:26 AM pfSense Packages Bug #7944: Bind XMLRPC Sync Error: This also seems to affect 2.4.1 as well. Justin Opotzner
09:48 AM Bug #8012 (Resolved): Parse error: syntax error, unexpected '&&' (T_BOOLEAN_AND) in /etc/inc/util.inc on line 1565: Luiz Souza
09:47 AM Bug #7426 (Feedback): UDP packet drops: Fixed. Add nmbclusters set to 500000 on SG-1000 and 1000000 on SG-3100. Luiz Souza
09:00 AM Bug #8019 (Rejected): mobile view 2.4.1: Config issue.
System > General, change Top Navigation.
If that doesn't help, post on the forum, reddit, or mail... Jim Pingle
08:50 AM Bug #8019 (Rejected): mobile view 2.4.1: Hello,
the context menu is not scrollable at the mobile view. So it's not possible to reach all funktion. Ni Ma
08:31 AM Bug #7973: VLAN Priority Set feature in firewall rules is not functioning: Probably an error in your rules, has to be in a floating rule, on the right interface, quick enabled, outbound direct... Jim Pingle
08:22 AM Bug #7973: VLAN Priority Set feature in firewall rules is not functioning: Jim Pingle wrote:
> The "VLAN Prio Set" option on firewall rules is supposed to alter the VLAN priority flag in 802.... Kev Willers
08:08 AM Bug #7973 (Resolved): VLAN Priority Set feature in firewall rules is not functioning: Confirmed as fixed, setting a priority is reflected in the traffic on the wire now. Thanks! Jim Pingle
07:55 AM Bug #8018: Making WAN changes bricks PPPoE config: Apologies - I accidentally clicked submit too soon.
The problem is that making any change and saving the page will... Joe McNolan
07:55 AM Bug #8018 (Rejected): Making WAN changes bricks PPPoE config: Not nearly enough detail here for a bug report we can investigate. Please post on the forum, mailing list, or reddit ... Jim Pingle
07:53 AM Bug #8018 (Rejected): Making WAN changes bricks PPPoE config: We use a pfSense appliance as firewall at a site with a DSL Internet connection.
IPv6 Joe McNolan
06:25 AM Bug #8017 (Duplicate): Changing VLAN assignments breaks parent LAGG interface: Duplicate of #7928 Jim Pingle
05:49 AM Bug #7928: LAGG interfaces lose MAC address: Hi,
I had similar issue with this mb APU1D/T40E, pfsense 2.4.0 fresh install:
all 3 reX interfaces were members in ... Gianluca Toso

10/26/2017

10:48 PM Bug #8017 (Duplicate): Changing VLAN assignments breaks parent LAGG interface: I updated to 2.4.1 tonight forgetting about the PPPoE over VLAN issue so I started changing my WAN interface and then... Samuel Kadolph
07:57 PM Bug #8016 (Closed): 1 pfsense out of several shows 2.4.0 available, not 2.4.1: 1 firewall out of several shows 2.4.0 update available, not 2.4.1.
I tried changing update setting to Next Major Ver... Eduard Rozenberg
07:39 PM Revision ab67b772: Do not build ova: Renato Botelho
07:38 PM Revision 3310ee3a: Do not build ova: Renato Botelho
05:50 PM Bug #8015 (Resolved): IPsec VPN Not Reconnecting until complete reboot: We have multiple IPSec tunnels to our remote sites and Every now and then, some sites will fail to reconnect unless w... Lloyd Virola
04:43 PM Bug #7119: Changing LAGG attributes results in a panic/crash: Steve Wheeler wrote:
> If it didn't actually panic it's probably that MAC address issue. That should be fixed in 2.4... Michael OBrien
04:27 PM Revision dba5f62a: Make devel points to 2.3.5: Renato Botelho
04:24 PM pfSense Packages Bug #7961 (Feedback): JS Error on Status > Monitoring: Anonymous
04:12 PM Revision e2fdf098: Use eval to get proper variable value: Renato Botelho
04:12 PM Revision e81cf8fa: Use eval to get proper variable value: Renato Botelho
03:50 PM Revision 29c1ecb8: Added a description to mobile client to reflect description in phase1: Stephen Jones
01:18 PM Revision 2c357cf2: Make separate definitions for amd64 / i386 repos: Renato Botelho
01:05 PM Revision 7a2a31c3: Make separate definitions for amd64 / i386 repos: Renato Botelho
12:59 PM Revision c6f7774b: Use proper directory for i386: Renato Botelho
12:56 PM Revision 3b52996b: Fill default repo dinamically: Renato Botelho
12:55 PM Revision 09f8cf10: Define default repo: Renato Botelho
12:49 PM Revision 8674b2c7: Use proper directory for i386: Renato Botelho
12:47 PM Revision c7714767: Fill default repo dinamically: Renato Botelho
12:36 PM Bug #7979 (Feedback): Error setting limiter over 2GB/s: Fixed.
The limit is now ~4Gb (4294967295). Luiz Souza
11:53 AM Bug #8013: IPsec MSS clamping value shared for IPv4 and IPv6: Agree this would be good, but it really wants to be part of FreeBSD (upstream).
I've assigned it, but I don't know... Jim Thompson
11:09 AM Revision 9130827b: Define default repo: Renato Botelho
10:59 AM Revision b84d5518: Repo points to 2.3.5 which has default ABI: Renato Botelho
10:59 AM Bug #8014 (Resolved): DynDNS wildcard option doesn't work for provider Loopia: The DynDNS wildcard option doesn't work for provider Loopia.
It seems that this line never results in $this->_dnsW... Kristoffer Ekenstam
10:52 AM Revision 8b41966e: Remove grub2-bhyve: Renato Botelho
10:51 AM Revision 0489a769: Use correct repo conf to install bsdinstaller: Renato Botelho
10:40 AM Revision 46514a47: Revert "Disable ARJ option": This reverts commit 45b843950ddc388837750db28238a81b0fa021e3. Renato Botelho
09:42 AM Revision c4865164: Fix typo in function name: insterface_is_qinq -> interface_is_qinq: Renato Botelho
08:06 AM Bug #8003: IPsec weirdness with 2.4.1: During work 32406 I found HTML was rendered fine but click on button does not expand table
<td colspan="10">
<d... Constantine Kormashev
05:14 AM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names: Luiz Souza wrote:
> Diego Henrique Pagani wrote:
> > Luiz Souza wrote:
> > > Fixed in the last 2.4.2 snapshot.
> ... Diego Henrique Pagani
04:51 AM Revision 2e240da1: Fix a typo.: (cherry picked from commit b0b70737ba38c5b7daca2ba779c5d71159e0ce05) Luiz Souza
04:51 AM Revision b0b70737: Fix a typo.: Luiz Souza
04:11 AM Bug #7989 (Feedback): Cannot update Nano from 2.3.4 to 2.3X snapshots: New versions of pfSense-upgrade force to reinstall itself when version differs from remote repo. It should be enough Renato Botelho
02:05 AM pfSense Packages Bug #7959: Dpinger - Probe Interval: Hmm... this doesn't quite make sense to me.
A probe of 28 bytes every 86 seconds seems a minuscule cost. With a lo... Denny Page
12:02 AM Bug #8012 (Feedback): Parse error: syntax error, unexpected '&&' (T_BOOLEAN_AND) in /etc/inc/util.inc on line 1565: Fixed. I'm restarting the builders, the new snapshots will be ready in a few hours. Luiz Souza

10/25/2017

11:50 PM Bug #8013 (New): IPsec MSS clamping value shared for IPv4 and IPv6: MSS clamping for IPsec can only be set globally. As a result, a value of 1452 for an IPv4 tunnel (required due to my... Kristopher Kolpin
11:04 PM Bug #8012 (Resolved): Parse error: syntax error, unexpected '&&' (T_BOOLEAN_AND) in /etc/inc/util.inc on line 1565: PLATFORM: pfSense-CE-memstick-ADI-2.4.2
VERSION: pfSense: 2.4.2-DEVELOPMENT amd64 Wed Oct 25 18:46:13 CDT 2017
CONT... Chase Turner
10:42 PM Bug #7594 (Feedback): "vtnet: driver does not support altq" following upgrade to 2.4 (worked in pfSense 2.3): Fixed in the next snapshot. Luiz Souza
06:34 AM Bug #7594: "vtnet: driver does not support altq" following upgrade to 2.4 (worked in pfSense 2.3): Hello -- yes, this hit me just now. A bit painful and surprising. For now I deactivated traffic shaping and it seems ... Casey Stone
08:07 PM Revision 2cf468c0: Allow the use of mbuf tags to set the VLAN pcp on output packets.: This is necessary for use with the pf 'set prio'.
Ticket #7973
(cherry picked from commit c2a14eec24fc2b41fb18453a6... Luiz Souza
08:07 PM Revision c2a14eec: Allow the use of mbuf tags to set the VLAN pcp on output packets.: This is necessary for use with the pf 'set prio'.
Ticket #7973 Luiz Souza
07:33 PM Revision 7dae2d55: Use devel repo as default: Renato Botelho
07:33 PM Revision 49e2b19a: added a string SESSION_TIMEOUT to be returned when a widget times out: Stephen Jones
07:31 PM Revision 5f6eca75: Fixed #7978 I added a section in the css that is only parsed by IE10+ and it just sets the margin for tables to 1px instead of 0 this stops it from collapsing: Stephen Jones
06:59 PM Revision b15ac924: The members of a LAGG cannot be assigned, used in VLANs, QinQ, or PPP.: This commit removes the LAGG members from the list of available interfaces.
(cherry picked from commit f2286620e48a4... Luiz Souza
06:58 PM Revision f2286620: The members of a LAGG cannot be assigned, used in VLANs, QinQ, or PPP.: This commit removes the LAGG members from the list of available interfaces. Luiz Souza
06:34 PM Revision 51e4121f: Do not allow direct download of .inc files (unparsed PHP source). Fixes #8005: (cherry picked from commit b1fccd42547201f4dbfe941bcc59c8eac3456364)
(cherry picked from commit 71c70114aa10e594253b9... Jim Pingle
06:34 PM Revision 82405c15: Do not allow direct download of .inc files (unparsed PHP source). Fixes #8005: (cherry picked from commit b1fccd42547201f4dbfe941bcc59c8eac3456364)
(cherry picked from commit 71c70114aa10e594253b9... Jim Pingle
06:34 PM Revision 71c70114: Do not allow direct download of .inc files (unparsed PHP source). Fixes #8005: (cherry picked from commit b1fccd42547201f4dbfe941bcc59c8eac3456364) Jim Pingle
06:33 PM Revision b1fccd42: Do not allow direct download of .inc files (unparsed PHP source). Fixes #8005: Jim Pingle
05:42 PM Bug #7119: Changing LAGG attributes results in a panic/crash: If it didn't actually panic it's probably that MAC address issue. That should be fixed in 2.4.2 snaps now. Please rep... Steve Wheeler
02:17 PM Bug #7119: Changing LAGG attributes results in a panic/crash: > Was this new ticket opened? When I change LAGG interface settings via the pfSense GUI or a command prompt, my pfSen... Michael OBrien
01:48 PM Bug #7119: Changing LAGG attributes results in a panic/crash: Luiz Souza wrote:
> Yes, the messages does not seem related with the original bug (crash at ifconfig laggX destroy).... Michael OBrien
05:25 PM Revision 947ed5e8: Do not return QinQ interfaces in the physical interface list.: (cherry picked from commit e48ae6f294709998cb209489cf02c604846b9539) Luiz Souza
05:25 PM Revision 25312d31: Fix the interface_is_vlan() function.: It now works when only QinQ VLANs exist in the system.
(cherry picked from commit 77eda8d57ed38cf8510d494a4294e7f0d4... Luiz Souza
05:23 PM Revision e48ae6f2: Do not return QinQ interfaces in the physical interface list.: Luiz Souza
05:20 PM Revision 77eda8d5: Fix the interface_is_vlan() function.: It now works when only QinQ VLANs exist in the system. Luiz Souza
05:13 PM Revision 4d23a168: Abort when binary is not found: Renato Botelho
05:12 PM Revision b03a71f1: Do not execute pfSense-upgrade on install media: Renato Botelho
05:00 PM Revision 37171fc6: Abort when binary is not found: Renato Botelho
05:00 PM Revision 20ede87a: Do not execute pfSense-upgrade on install media: Renato Botelho
04:45 PM Bug #8010 (Feedback): import cert: "The submitted private key does not match the submitted certificate data": Are you absolutely certain that the certificate and key match?
That error can only happen if the public key extrac... Jim Pingle
04:00 PM Bug #8010 (Not a Bug): import cert: "The submitted private key does not match the submitted certificate data": Hello, only with 2.4.x (I testing with 2.4.1) I have this error:
The submitted private key does not match the subm... Pol Hallen
04:14 PM Feature #8011 (Rejected): new release notify by email: We have a release announcement mailing list you can use for this, having the firewall send it would be redundant. Jim Pingle
04:12 PM Feature #8011 (Rejected): new release notify by email: available new release notify by email Pol Hallen
03:57 PM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names: Diego Henrique Pagani wrote:
> Luiz Souza wrote:
> > Fixed in the last 2.4.2 snapshot.
>
> I've been using dual-... Luiz Souza
07:55 AM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names: Luiz Souza wrote:
> Fixed in the last 2.4.2 snapshot.
I've been using dual-wan PPP connection, and one is working... Diego Henrique Pagani
04:10 AM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names: Zach Nedwich wrote:
> Luiz Souza wrote:
> > Fixed in the last 2.4.2 snapshot.
>
> I can confirm it is working he... Erik Scheffers
02:30 AM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names: Luiz Souza wrote:
> Fixed in the last 2.4.2 snapshot.
I can confirm it is working here, thanks for your effort. Zach Nedwich
01:02 AM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names: honestly that was not cool to change in a minor update. And to release this bug with 2.4.1 since that obviously alrea... tb o
03:55 PM Bug #7940: disabling LAGG causes system reboot on 2.4: Please, can you post the backtrace of this crash ? (or upload the crashdump text file)
I can't reproduce this cras... Luiz Souza
03:49 PM Bug #7928 (Resolved): LAGG interfaces lose MAC address: Luiz Souza
02:35 PM Bug #7928: LAGG interfaces lose MAC address: Steve Wheeler wrote:
> Confirmed. This appears resolved in 2.4.2.a.20171024.2153
Double-confirmed :) Michael OBrien
08:09 AM Bug #7928: LAGG interfaces lose MAC address: Confirmed. This appears resolved in 2.4.2.a.20171024.2153 Steve Wheeler
03:27 PM Bug #7942 (Feedback): QinQ interfaces never show as active: A few commits were made to address QinQ general issues.
This issue has to tested again. Luiz Souza
03:25 PM Bug #7973 (Feedback): VLAN Priority Set feature in firewall rules is not functioning: This issue is fixed.
The fix will be available in tomorrow's snapshot. Luiz Souza
02:48 PM Revision 7408e572: Fix status_queues.php for the new VLAN interface format. Fixes #8007: (cherry picked from commit 63a480cbf6b24d155421c1cd74f1b0409ae945de) Jim Pingle
02:47 PM Revision 63a480cb: Fix status_queues.php for the new VLAN interface format. Fixes #8007: Jim Pingle
02:40 PM Bug #7978 (Feedback): IE 11 - Headers of tables almost not visible when no entries made: Applied in changeset commit:5f6eca75e90ca2ee93715818b6b72571e9c2ef9b. Anonymous
01:40 PM Todo #8005 (Feedback): Block direct download of .inc files: Applied in changeset commit:b1fccd42547201f4dbfe941bcc59c8eac3456364. Jim Pingle
01:08 PM Bug #7969: md5 bgp sessions fail in 2.4.0: Definitely seems like it's deeper than the routing daemons. I tried the same config with FRR on 2.3.x and 2.4.x and o... Jim Pingle
01:08 PM Bug #7969: md5 bgp sessions fail in 2.4.0: Here is what I see on the lab setup. Both 2.3.4 and 2.4.0. Andrew Dul
11:04 AM Bug #7969: md5 bgp sessions fail in 2.4.0: Jim Pingle wrote:
> Terry Zink wrote:
> > Sure thing. Files attached (ip info scrubbed).
>
> Can you also get th... Terry Zink
10:50 AM Bug #7969: md5 bgp sessions fail in 2.4.0: Terry Zink wrote:
> Sure thing. Files attached (ip info scrubbed).
Can you also get the output of @setkey -D@ and... Jim Pingle
10:44 AM Bug #7969: md5 bgp sessions fail in 2.4.0: Sure thing. Files attached (ip info scrubbed).
Terry Zink
10:29 AM Bug #7969: md5 bgp sessions fail in 2.4.0: Can someone, please, provide the output of 'ifconfig -v' of affected interfaces, 'kldstat' and 'netstat -sp tcp'. Luiz Souza
03:02 AM Bug #7969: md5 bgp sessions fail in 2.4.0: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219453 Jim Thompson
12:05 PM Bug #7999 (Resolved): XSS via 'hostname' parameter in diag_dns.php: works fine now Jim Pingle
11:37 AM Bug #7856 (Assigned): IPsec status does not show all connected mobile clients: On 2.4.2 snapshots, at least with an IKEv1 PSK+Xauth connection it's still only showing one connected client at a time. Jim Pingle
10:00 AM Bug #8007 (Feedback): Status -> Queues show as (loading) and don't update: Applied in changeset commit:63a480cbf6b24d155421c1cd74f1b0409ae945de. Jim Pingle
09:47 AM Bug #8007: Status -> Queues show as (loading) and don't update: The queue names are formed using the underlying interface and this apparently breaks the javascript selection of the ... Jim Pingle
03:43 AM Bug #8007 (Resolved): Status -> Queues show as (loading) and don't update: Has the changed of VLAN interface names to use the ‘dotted’ format broken the Queues page, it was fine with 2.4.0 ?
... Andy Kniveton
09:32 AM Bug #7995: pfSense Certificate Manager Issues Blank Certificates: So you used the exact same input on both systems and it worked on one and failed on the other?
Please take screens... Jim Pingle
09:12 AM Bug #7995: pfSense Certificate Manager Issues Blank Certificates: Hi Jim,
Thanks for taking a look at my issue.
I did a fresh demo install on VirtualBox with 2.4.1. Performed t... Kristopher Kolpin
08:14 AM Bug #8009 (Duplicate): Can't upgrade from 2.4.0 to 2.4.1: Hi,
I have 2 firewalls with different hardware and updating isn't possible from 2.4.0 (clean install) to 2.4.1.
... Raphaël JEUDY
07:30 AM Bug #8008 (Duplicate): PPPoE with MTU/MRU > 1492 (i.e. 1500) broken in 2.4.0: Jim Pingle
06:56 AM Bug #8008: PPPoE with MTU/MRU > 1492 (i.e. 1500) broken in 2.4.0: I believe this may actually be the problem https://redmine.pfsense.org/issues/7981 dean hamstead
06:53 AM Bug #8008: PPPoE with MTU/MRU > 1492 (i.e. 1500) broken in 2.4.0: should be v 2.4.1. dean hamstead
06:45 AM Bug #8008 (Duplicate): PPPoE with MTU/MRU > 1492 (i.e. 1500) broken in 2.4.0: I have just upgraded to 2.4 and my pppoe interface has stopped working.
My provider requires a larger frame, which... dean hamstead
06:05 AM Bug #8006 (Duplicate): 2.4.1 PPPoE client on vlan fails to initialise: Duplicate and already fixed in 2.4.2 snapshots Jim Pingle
01:34 AM Bug #8006: 2.4.1 PPPoE client on vlan fails to initialise: Duplicate of Bug #7981. Kill Bill
01:10 AM Bug #8006: 2.4.1 PPPoE client on vlan fails to initialise: to workaround problem i did
sed -i 's/igb0.640/igb0_640/' /conf/config.xml
and reboot.
Grzegorz Krzystek
12:56 AM Bug #8006 (Duplicate): 2.4.1 PPPoE client on vlan fails to initialise: after upgrade to 2.4.1 i lost internet connectivity.
looks like after after vlan naming change something broken
eve... Grzegorz Krzystek
01:59 AM Revision f3690ad2: Do not attempt to change the MAC address when the interface do not store the vendor MAC address.: (cherry picked from commit 238ee9c6041a18edbe36254609dfb8e82ad8e402) Luiz Souza
01:58 AM Revision 238ee9c6: Do not attempt to change the MAC address when the interface do not store the vendor MAC address.: Luiz Souza
01:09 AM Revision 399f4d33: Fix a bug in interface_is_vlan(), only check QinQ interfaces when they exist.: (cherry picked from commit beabf7e7e3baeabd1dbb58c28d3fc14efd0d89f2) Luiz Souza
01:07 AM Revision beabf7e7: Fix a bug in interface_is_vlan(), only check QinQ interfaces when they exist.: Luiz Souza

10/24/2017

10:17 PM Revision edd492df: Revise timeout message: Steve Beaver
10:16 PM Revision b839aa8a: Do no set the MAC address for LAGG interfaces.: Ticket #7928
(cherry picked from commit 9875c1999bd546a6982e6d98309b6fc53db145b6) Luiz Souza
10:15 PM Revision 9875c199: Do no set the MAC address for LAGG interfaces.: Ticket #7928 Luiz Souza
10:04 PM Revision c0339bdc: Provide a mechanism to display a warning if the session times out and the dashboard is no longer updating: Steve Beaver
09:33 PM Todo #8005 (Resolved): Block direct download of .inc files: If a user tries to directly access a file ending in .inc, the browser will offer to download the file. There are no .... Jim Pingle
07:52 PM Revision 8b4c14f5: Encode uses of $widgetkey in various contexts so it isn't echoed back to the user raw. Fixes #7998: (cherry picked from commit e3907730bdcc879f968d5d917ec9ac6567518e58) Jim Pingle
07:50 PM Revision e3907730: Encode uses of $widgetkey in various contexts so it isn't echoed back to the user raw. Fixes #7998: Jim Pingle
07:20 PM Revision a716ff02: Point users to 2.3.5: Renato Botelho
07:16 PM Bug #8003 (Feedback): IPsec weirdness with 2.4.1: These appear to already be fixed on 2.4.2 and are only cosmetic. They may already be covered by See #6335 and #7856 b... Jim Pingle
05:47 PM Bug #8003: IPsec weirdness with 2.4.1: I can confirm the same issue. As someone already mentioned in the pfSense forum (https://forum.pfsense.org/index.php?... Marcel Kinzel
05:33 PM Bug #8003: IPsec weirdness with 2.4.1: Also note....On the picture...Reauth is (-) ... Other side of the tunnel shows 27933 seconds (07:45:33)
Other end of... Mike Sith
04:37 PM Bug #8003 (Resolved): IPsec weirdness with 2.4.1: Just upgraded to 2.4.1 and now my IPsec tunnels are in a funky state.
See the attached picture. 2 Tunnels are up and... Mike Sith
06:41 PM Revision 9211f96c: Copy files to proper place when it's RC: Renato Botelho
06:40 PM Revision 7811052a: Copy files to proper place when it's RC: Renato Botelho
06:39 PM Bug #8004 (New): Error notice for a deleted NAT that had a RULE or an existing NAT which is claimed to have no NAT port...: for detailed reference please see [[https://forum.pfsense.org/index.php?topic=130090.msg716756#msg716756]]
I can s... Ingo-Stefan Schilling
06:17 PM Revision c6adfaa6: Widget instance counter must be numeric. Fixes #8000: (cherry picked from commit 7b973ceb6f72e22ee1b335128fb8d7f655c82879)
(cherry picked from commit 13751e498e0c1023ffcaf... Jim Pingle
06:17 PM Revision 13751e49: Widget instance counter must be numeric. Fixes #8000: (cherry picked from commit 7b973ceb6f72e22ee1b335128fb8d7f655c82879) Jim Pingle
06:17 PM Revision 7b973ceb: Widget instance counter must be numeric. Fixes #8000: Jim Pingle
06:10 PM Revision ef8205f4: Encode hostname parameter contents in javascript for diag_dns.php. Fixes #7999: (cherry picked from commit 43746e1b4ef6fec0e9c915495aa3926a6b97e7a3) Jim Pingle
06:10 PM Revision ab1a2d26: Encode hostname parameter contents in javascript for diag_dns.php. Fixes #7999: (cherry picked from commit 43746e1b4ef6fec0e9c915495aa3926a6b97e7a3) Jim Pingle
06:10 PM Revision 2cececc4: Encode hostname parameter contents in javascript for diag_dns.php. Fixes #7999: (cherry picked from commit 43746e1b4ef6fec0e9c915495aa3926a6b97e7a3) Jim Pingle
06:09 PM Revision cd3e3a5c: Encode hostname parameter contents in javascript for diag_dns.php. Fixes #7999: (cherry picked from commit 43746e1b4ef6fec0e9c915495aa3926a6b97e7a3)
(cherry picked from commit 4aa5f989c8a802638ee9d... Jim Pingle
06:09 PM Revision 4aa5f989: Encode hostname parameter contents in javascript for diag_dns.php. Fixes #7999: (cherry picked from commit 43746e1b4ef6fec0e9c915495aa3926a6b97e7a3) Jim Pingle
06:08 PM Revision 43746e1b: Encode hostname parameter contents in javascript for diag_dns.php. Fixes #7999: Jim Pingle
05:33 PM Bug #7928 (Feedback): LAGG interfaces lose MAC address: A fix was committed to address this issue, please wait until the next 2.4.2 snapshot is ready and let me know if it d... Luiz Souza
02:58 AM Bug #7928: LAGG interfaces lose MAC address: You can also have the problem if you have vlans attached to the lagg interface:
1) create a new vlan
2) assign th... Denis Grilli
05:30 PM Bug #7981 (Feedback): PPP interfaces with a VLAN parent do not work with new VLAN names: Fixed in the last 2.4.2 snapshot. Luiz Souza
05:25 PM Revision 855f0798: Move stable users to 2.4.1 and devel to 2.4.2: Renato Botelho
05:08 PM Revision b47d7ccf: Made it so it doesn't display an error when the session expires it just: stops updating the graph. It will display in the console that it caught
and error when the session expires. Stephen Jones
04:58 PM Revision 80f14795: Move users direct to 2.4.1: Renato Botelho
03:25 PM Bug #7969: md5 bgp sessions fail in 2.4.0: Currently seeing this same issue. Updated to 2.4.0 from 2.3.x and my AWS Direct Connect sessions broke. AWS Support ... Terry Zink
03:10 PM Bug #6099: igmpproxy does not recognize upstream interface: Was this fixed in 2.4.0? I updated to it but my IGMP Proxy service is not working with the same message of: ... Samuel Kadolph
03:00 PM Bug #7998 (Feedback): XSS in widgetkey parameter of multi-instance dashboard widgets: Applied in changeset commit:e3907730bdcc879f968d5d917ec9ac6567518e58. Jim Pingle
12:52 PM Bug #7998 (Resolved): XSS in widgetkey parameter of multi-instance dashboard widgets: Widgets that populate $widgetkey from $_REQUEST are vulnerable to XSS
Test query: /widgets/widgets/interfaces.widg... Jim Pingle
02:13 PM Revision 130f3c92: Fixed #7856 fixed an issue with a slightly different array format. Also: updated the child key and id to be more robust. Stephen Jones
01:30 PM Bug #8000 (Feedback): XSS on index.php via widget sequence parameters: Applied in changeset commit:7b973ceb6f72e22ee1b335128fb8d7f655c82879. Jim Pingle
12:56 PM Bug #8000 (Resolved): XSS on index.php via widget sequence parameters: The widget 'sequence' parameter does not perform sanity checking on the widget instance counter, leading to an XSS as... Jim Pingle
01:20 PM Bug #7999 (Feedback): XSS via 'hostname' parameter in diag_dns.php: Applied in changeset commit:43746e1b4ef6fec0e9c915495aa3926a6b97e7a3. Jim Pingle
12:53 PM Bug #7999 (Resolved): XSS via 'hostname' parameter in diag_dns.php: On diag_dns.php the 'hostname' parameter is sent back to the user without encoding in a JavaScript block, leading to ... Jim Pingle
01:16 PM Bug #8002 (Not a Bug): wan not connected, no updates check: Hello,
I just installed 2.4 and testing it with only opt1 interface: opt1 is lan without internet.
pfsense try to... Pol Hallen
01:15 PM Revision 9e360962: Remove grub2-bhyve: Renato Botelho
01:06 PM Revision 8d90095a: Merge pull request #3811 from trunet/add-cloudns-to-dynamicdns: Steve Beaver
01:00 PM Bug #8001 (Closed): Invalid FQDN in alias causes alias table to fail *silently*: When you have a FQDN in an alias ans the FQDN does not resolve, the alias table creation will not happen and any othe... Stuart Wyatt
12:43 PM Revision 1e845e5b: Use correct repo conf to install bsdinstaller: Renato Botelho
12:32 PM Revision b54a3743: Interface description doesn't fit the console screen: Strip 2 more chars from interface description because with the new font used by 2.4 it goes off screen on VGA console. robi robi
12:12 PM Feature #7997: Clear screen before loading rc.initial shell menu: This is usually a client side issue. You can reset the terminal in screen with Ctrl-A,Z (Ctrl-A, then shift-Z), a 're... Jim Pingle
12:10 PM Feature #7997: Clear screen before loading rc.initial shell menu: Forgot to include the screen-shot. Imaged attached here
!!!!!! Clinton Cory
12:09 PM Feature #7997 (Rejected): Clear screen before loading rc.initial shell menu: I've encountered many instances where screen (or even putty) will output boot information on a single line that's dif... Clinton Cory
11:56 AM Revision 4fc006f2: Add 2.3 repo and set correct path for i386 default: Renato Botelho
11:54 AM Bug #7996: Unnecessary link tag in login page: I'm talking about the main login page. Andy Kniveton
11:50 AM Bug #7996 (Resolved): Unnecessary link tag in login page: Should the <a> & </a> be in the html?
It gives the impression that something will happen if you click on *Login to... Andy Kniveton
10:59 AM pfSense Packages Bug #7661: pfBlockerNG doesn't make a rule for Antarctica: pfBlockerNG is a package. Packages exist independent of versions, they have no target unless there is something versi... Jim Pingle
10:47 AM pfSense Packages Bug #7661: pfBlockerNG doesn't make a rule for Antarctica: Still a problem in 2.4
Can't a target version be set so it might get looked at?
Stuart Wyatt
10:39 AM Revision 0c497210: Use different default repos for amd64 and i386: Renato Botelho
10:38 AM Revision 0a4de12a: Add new repos to lead users to 2.4.0 on amd64: Renato Botelho
10:37 AM Revision e0851756: Use different default repos for amd64 and i386: Renato Botelho
10:33 AM Revision 96d9a1a7: Lead users to 2.4.1: Renato Botelho
10:31 AM Revision 20e44376: Add new repos to lead users to 2.4.0 on amd64: Renato Botelho
10:20 AM Bug #7995 (Feedback): pfSense Certificate Manager Issues Blank Certificates: I can't make this happen on 2.4.0 or 2.4.1 here, I create CA and cert entries multiple times per day when testing thi... Jim Pingle
09:59 AM Bug #7995 (Closed): pfSense Certificate Manager Issues Blank Certificates: Strange issue I'm having with the certificate manager in pfSense 2.4.0 release. I can create a certificate authroity... Kristopher Kolpin
09:51 AM pfSense Packages Bug #7965: freeradius 3 with MySQL: this problem prevents the upgrade of servers to 2.4 Konstantin Ab
09:30 AM Bug #7856 (Feedback): IPsec status does not show all connected mobile clients: Applied in changeset commit:130f3c9266e0b8c626aa6e8991467bb417ff8fd2. Anonymous
09:02 AM Bug #7978: IE 11 - Headers of tables almost not visible when no entries made: Assigned to sjones (Has access to IE11) Anonymous
08:23 AM Bug #7994 (Resolved): system_certmanager.php: Unable to create a wildcard SAN: Trying to create a certificate or CSR with a wildcard in the SAN yields an error. When used as a common name, it is n... Jim Pingle
08:07 AM Feature #7823 (Feedback): Pull request: Add support for dynamic DNS provider ClouDNS: PR merged as requested. Thanks! Anonymous
08:02 AM Bug #7980 (Not a Bug): Support widget is displayed in Times New Roman: An administrator enters HTML formatted text into ProdTrack. That text is displayed exactly as entered on the widget.
... Anonymous
07:36 AM pfSense Packages Bug #7993 (Closed): zabbix 3.4 agent: Hi
The Zabbix agent 3.4.1 won't install on pfsense 2.3.4-RELEASE-p1. It returns:
pfSense-pkg-zabbix-agent34 inst... Tino Zidore
03:05 AM Revision c70811af: Fix the netgraph path for VLAN interfaces.: (cherry picked from commit 1b3d6ddd069c14c3c74b51ac37d2043857912b95) Luiz Souza
03:03 AM Revision 1b3d6ddd: Fix the netgraph path for VLAN interfaces.: Luiz Souza

10/23/2017

09:25 PM Bug #7992: SNMP service causes constant disk activity: Host Resources appears to be the culprit, and I have an empty CD drive like the related bug. Stuart Wyatt
09:14 PM Bug #7992: SNMP service causes constant disk activity: I'll do some tests to see if it's fixed with #6882 fix.
FYI, the CPU usage was low and swap was 0%. All sys info ... Stuart Wyatt
09:07 PM Bug #7992 (Duplicate): SNMP service causes constant disk activity: Most likely a duplicate of #6882 just a different symptom. Give 2.4.1 a try. Jim Pingle
08:22 PM Bug #7992 (Duplicate): SNMP service causes constant disk activity: I've only noticed this since upgrading to 2.4
With the SNMP service enabled, but not being used, the disk is const... Stuart Wyatt
08:17 PM Bug #7209: Something is seriously wrong with firewall aliases: I think I'm seeing the same problem.
I had an alias that wouldn't update. It is an alias made up of a list of oth... Stuart Wyatt
06:56 PM Revision 49f4edb7: Fix RSYNCIP for RELEASE and sign key for RC: Renato Botelho
06:56 PM Revision 383698b4: Fix RSYNCIP for RELEASE and sign key for RC: Renato Botelho
06:23 PM Revision 131f56c2: Move users to 2.3.5: Renato Botelho
06:22 PM Revision d763c618: Bump version to 2.3.6: Renato Botelho
06:22 PM Revision de337fa3: Welcome 2.3.5-RC: Renato Botelho
05:49 PM Bug #7969: md5 bgp sessions fail in 2.4.0: I was able to reproduce this on pfsense 2.3.4 vs 2.4.0 w/ fresh installs, running in virtual box w/ an Arista vEOS VM... Andrew Dul
02:51 PM pfSense Packages Bug #7987: Haproxy Widget: Missing Actions Button: Thanks Jim, your hint was right! I'm not shure how this could happen (maybe through an update ...) but the admin user... Kilian Ries
02:10 PM pfSense Packages Bug #7987: Haproxy Widget: Missing Actions Button: Please discuss the problem on the forum. You probably have unintentionally made a change to your users or groups whic... Jim Pingle
02:06 PM pfSense Packages Bug #7987: Haproxy Widget: Missing Actions Button: I'm working as admin in the pfsens gui - that account should have enough privileges, or? Kilian Ries
07:35 AM pfSense Packages Bug #7987 (Not a Bug): Haproxy Widget: Missing Actions Button: If the actions column is missing, your user does not have access to "WebCfg - Services: HAProxy package" so it does n... Jim Pingle
04:02 AM pfSense Packages Bug #7987: Haproxy Widget: Missing Actions Button: Here is my haproxy configuration:... Kilian Ries
03:06 AM pfSense Packages Bug #7987: Haproxy Widget: Missing Actions Button: There is no information to debug your issue, neither here, not on the forums. A cut off screenshot doesn't really cut... Kill Bill
02:41 AM pfSense Packages Bug #7987 (Not a Bug): Haproxy Widget: Missing Actions Button: Hi,
already opened a thread in the pfsense forum some weeks ago:
https://forum.pfsense.org/index.php?topic=1374... Kilian Ries
01:44 PM Bug #7991 (Closed): Bunch of webGUI fixes for 2.3.5: Before this goes to waste since I cannot see it fixed anywhere... Also see https://forum.pfsense.org/index.php?topic=... Kill Bill
01:38 PM Bug #7307: ZFS installer - shuts down instead of rebooting: This appears to only happen when installing ZFS to eMMC on SG boxes using the ADI image. Installing to SSD reboots no... Jim Pingle
01:13 PM Bug #6335: Status > IPsec shows both connected and disconnected with Split Connections enabled: Assigning to sjones since he's been working on other IPsec status issues Jim Pingle
01:04 PM Bug #6335: Status > IPsec shows both connected and disconnected with Split Connections enabled: This is apparently also happening with IKEv2. If it turns out to be too much trouble, bump back to 2.4.3 Jim Pingle
01:10 PM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names: It wasn't over 1000 VLANs, it was VLAN IDs >1000 (four digit VLAN ID numbers). So if someone used VLAN 1001, 1002, as... Jim Pingle
01:00 PM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names: Jim Pingle wrote:
> NIC drivers with 6 letter names, like mvneta, would break with VLANs >=1000
The ARM thing? Pe... Kill Bill
12:45 PM Bug #7981 (Confirmed): PPP interfaces with a VLAN parent do not work with new VLAN names: Jim Pingle
12:42 PM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names: The VLAN name change was done because NIC drivers with 6 letter names, like mvneta, would break with VLANs >=1000, wh... Jim Pingle
12:37 PM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names: This doesn't work and frankly this is an absolutely horrible change to dump on people in between maintenance versions... Kill Bill
08:39 AM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names: Having the exact same issue, my ISP provides internet over PPPoE on VLAN 6, worked perfectly until I upgraded to 2.4.... Erik Scheffers
03:48 AM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names: Renato Botelho wrote:
> Can you please try again when a new snapshot is available? mpd-5.8_3 contains a fix for that... Zach Nedwich
12:36 PM Bug #7714 (Resolved): NTP Widget Time Display: This has already been fixed on 2.4.1 Jim Pingle
12:36 PM pfSense Packages Bug #6748 (Resolved): rrd_fetch_json.php returns html when user is unauthorized (causes "Error: SyntaxError: Unexpected token <"): This has already been fixed on 2.4.1 Jim Pingle
12:24 PM Bug #7856: IPsec status does not show all connected mobile clients: Looks like there are a couple systems here I have which don't want to print child SAs with this code in place again. ... Jim Pingle
11:33 AM Feature #946: Allow aliases to be used to define IPsec phase 2 networks: Has been over 7 year now, it will be good to have that option?
Is there an update on this? Auric Sosa
08:54 AM Bug #7928: LAGG interfaces lose MAC address: Have the same issue in my configuration. Denis Grilli
08:24 AM Bug #7989 (Confirmed): Cannot update Nano from 2.3.4 to 2.3X snapshots: The difference appears to be in which version of pfSense-repo and pfSense-upgrade are on the box. Depending on the st... Jim Pingle
07:07 AM Bug #7989: Cannot update Nano from 2.3.4 to 2.3X snapshots: You have some weird system. It definitely is a choice here, and for others.
https://forum.pfsense.org/index.php?to... Kill Bill
07:06 AM Bug #7989: Cannot update Nano from 2.3.4 to 2.3X snapshots: Security/Errata is not a choice there. I have Stable, Development or Next Major Version.
Next major version obvio... Steve Wheeler
06:51 AM Bug #7989: Cannot update Nano from 2.3.4 to 2.3X snapshots: You need to select the Security/Errata only branch in update settings. Kill Bill
06:35 AM Bug #7989 (Resolved): Cannot update Nano from 2.3.4 to 2.3X snapshots: Testing using 2.3.4_1 Nano 64bit CE and trying to update to a 2.3.5 snapshot.
I can see the snapshot reported as a... Steve Wheeler
07:24 AM Bug #7990 (Resolved): SyntaxError: JSON.parse: unexpected character at line 1 column 1 of the JSON data: Yes, this should already be fixed by commit:63f686bde3e95eed8d2223d00e5f6403a5ef2d4c Jim Pingle
07:07 AM Bug #7990: SyntaxError: JSON.parse: unexpected character at line 1 column 1 of the JSON data: This was corrected in a recent update. The is in current snapshots and will and will appear in 2.4.1 in the near fut... Anonymous
06:47 AM Bug #7990 (Resolved): SyntaxError: JSON.parse: unexpected character at line 1 column 1 of the JSON data: I have some traffic graphs on my dashboard and they timeout after some time with the error below:
SyntaxError: JSO... Jasjit Chopra
07:18 AM Feature #4769: IPv6 support in the Traffic Shaper Wizard: Is this still accurate? This floating "match" rules are all set for IPv4. Corey Boyle
07:08 AM Bug #7898: PFsense 2.4 RC 9/28/17 update - Traffic Shaper HFSC Priority field missing: Okay i tried using CBQ and an alternative to nested Queues and the Queues do not properly calculate bandwidth see bug... Pushapraj Bhamra
05:34 AM Feature #7988 (New): Compact Theme based on Compact-RED with the default theme colors.: Proposal of new theme compact. Tomas Waldow
03:35 AM Bug #7970: Used Maximum Ram and freeze in new Version: Hello everyone, my problem may have been resolved.
I had a snapshot before installing the vmware tools package. Afte... gamaz uf
02:50 AM Bug #7973: VLAN Priority Set feature in firewall rules is not functioning: Jim Pingle wrote:
> The "VLAN Prio Set" option on firewall rules is supposed to alter the VLAN priority flag in 802.... Kev Willers

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

11/21/2017

11/20/2017

11/19/2017

11/18/2017

11/17/2017

11/16/2017

11/15/2017

11/14/2017

11/13/2017

11/12/2017

11/11/2017

11/10/2017

11/09/2017

11/08/2017

11/07/2017

11/06/2017

11/05/2017

11/04/2017

11/03/2017

11/02/2017

11/01/2017

10/31/2017

10/30/2017

10/29/2017

10/28/2017

10/27/2017

10/26/2017

10/25/2017

10/24/2017

10/23/2017