Project

General

Profile

Activity

From 11/06/2017 to 12/05/2017

12/05/2017

11:30 PM Feature #3377: OAuth2 authentication in captive portal
is there further developments on the above feature radius with oauth backend to support google apps id it will be ver... Ponvannan Sankaran
03:42 PM Revision 6ee7e27a: Fix logging for L2TP and PPPoE server login/logout events. Fixes #8164
See https://redmine.pfsense.org/issues/8164 for the reasoning about why it was done this way.
(cherry picked from co... Jim Pingle
03:41 PM Revision 902a31e3: Fix logging for L2TP and PPPoE server login/logout events. Fixes #8164
See https://redmine.pfsense.org/issues/8164 for the reasoning about why it was done this way. Jim Pingle
03:17 PM Feature #8168 (New): strongswan dhcp option
Would be nice to have the dhcp plugin for strongswan in pfsense. This feature could be useful for a simple way to ass... Lars Pedersen
02:32 PM pfSense Packages Bug #8167 (Resolved): FRR OSPF6 range problem (subnet not advertized)
The range statement inside the router ospf6 clause seems to have the opposite effect of what is expected.
FRR docs... Andrew Webster
01:56 PM pfSense Packages Bug #8162 (Duplicate): Add virtual server support to FreeRadius
Duplicate of #8161 Jim Pingle
01:56 PM pfSense Packages Bug #8154 (Resolved): FRR OSPF6 not working
Thanks for testing!
The update/delete interface part is somewhat expected, and unrelated to this issue. The best w... Jim Pingle
01:39 PM pfSense Packages Bug #8154: FRR OSPF6 not working
OSPF3 hello packets now emanating from the interface when the interface is added to the interface list.
Passive mode... Andrew Webster
11:19 AM pfSense Packages Bug #8154 (Feedback): FRR OSPF6 not working
I pushed a fix for this and a couple other syntax issues I found along the way. Hopefully it behaves properly now, gi... Jim Pingle
01:54 PM Bug #8166 (Not a Bug): FRR Interfaces list does not show Interface Description like the rest of pfSense
That's not a package specific bug. It's a byproduct of how the pkg_edit.php select_source control type works. It only... Jim Pingle
01:46 PM Bug #8166 (Not a Bug): FRR Interfaces list does not show Interface Description like the rest of pfSense
This is just a question of standardizing the output so it looks the same everywhere...
On the OSPF Interfaces, and... Andrew Webster
11:37 AM Bug #8165 (Closed): Fragmented at source IPv6 packets (UDP + ICMP Ping) are not forwarded / v2.4.2 AMD64
This issue came to light when I encountered a problem with a SIP phone not receiving SIP Invite messages resulting in... Mike Nichols
10:08 AM Bug #8163 (Not a Bug): dpinger default payload fails 70%
Most likely the device on the other end doesn't like the small payload, in which case you can set the larger size and... Jim Pingle
06:00 AM Bug #8163: dpinger default payload fails 70%
Can you post the ICMP packets transmitted by this HW ? (I need see the packets as they go on wire, packet captures on... Luiz Souza
09:50 AM Bug #8164 (Feedback): PPPoE Server and L2TP Server Login Event Log is not functional
Applied in changeset commit:902a31e3fd419e2fc360ad891ee3a82209264e1a. Jim Pingle
09:25 AM Bug #8164 (Resolved): PPPoE Server and L2TP Server Login Event Log is not functional
Both the PPPoE server and L2TP server rely on vpn.log to track login/logout events. On 2.4.x these logs are not funct... Jim Pingle

12/04/2017

10:30 PM Revision 3b46a9cf: Fix #6319 by setting ptr-domain and key variables correctly for dhcpdzones()
Joeri Capens
09:06 PM Bug #8163: dpinger default payload fails 70%
It's happening with two different links on different vlans on the same *realtek(re)* interface. Marcello Silva Coutinho
09:02 PM Bug #8163 (Not a Bug): dpinger default payload fails 70%
using 2.4.2 on a intel network card with vlan tagged and a monitor ip from first hop after gateway
with default le... Marcello Silva Coutinho
06:57 PM Revision 7662ec2a: Merge pull request #3884 from stilez/patch-71
Steve Beaver
06:56 PM Revision c21b1dd3: Merge pull request #3882 from PiBa-NL/20171130-remove-console-output
Steve Beaver
06:55 PM Revision a283cfe0: Merge pull request #3883 from stilez/patch-70
Steve Beaver
06:54 PM pfSense Packages Bug #8162 (Duplicate): Add virtual server support to FreeRadius
It's great and super convenient that the FreeRadius server is included as a package with pfSense.
I currently use ... Victor Hooi
06:53 PM pfSense Packages Feature #8161 (New): Add virtual server support to FreeRadius
It's great and super convenient that the FreeRadius server is included as a package with pfSense.
I currently use ... Victor Hooi
05:36 PM Feature #8160 (Resolved): Accomodate both RADIUS and pool IP addresses in IPsec
Strongswan now allows multiple dynamic address pools in mobile IPsec.
I was able to coerce it to work by forcing e... Chris Linstruth
04:18 PM Revision 90ac6971: Backported for bug #8159 so sort by index before deleting to delete the correct one
Stephen Jones
04:17 PM Revision aed8febb: Backported for bug #8159 so sort by index before deleting to delete the correct one
Stephen Jones
04:13 PM Revision a96f945a: Revert "Fixed #8159 added a sort by index after a delete call has been made to make sure it lines up correctly."
This reverts commit 1e659e027c5cd9f42a20286f84f0e2967bb01c3c. Stephen Jones
04:09 PM Revision 1e659e02: Fixed #8159 added a sort by index after a delete call has been made to make sure it lines up correctly.
Stephen Jones
04:02 PM Revision c254f9b4: Fixed #8159 added a sort by index after a delete call has been made to make sure it lines up correctly.
Stephen Jones
03:59 PM Revision 581c2d5f: Fixed #8159 added a sort by index after a delete call has been made to make sure it lines up correctly.
Stephen Jones
12:28 PM Bug #7774: No TCP Reply State Established on GRE in IPsec Transport
Is this the same as #4479? Any hopes this can be fixed? I think the other bug report got lost track of. Jorge Albarenque
10:10 AM Bug #8159 (Feedback): services_dnsmasq.php: Deleting a Host Override entry removes the wrong item
Applied in changeset commit:581c2d5f4de0671d5ab2bf30701430351a3cf1d7. Anonymous
08:32 AM Bug #8159: services_dnsmasq.php: Deleting a Host Override entry removes the wrong item
I think there was a recent PR that added sorting. That probably broke the relationship between the list and the indices. Anonymous
08:29 AM Bug #8159 (Resolved): services_dnsmasq.php: Deleting a Host Override entry removes the wrong item
On Services > DNS Forwarder, when there are multiple Host Override entries the wrong item can be deleted from the lis... Jim Pingle
09:46 AM Bug #8153 (Resolved): Post-auth RCE in cert_get_publickey() from certs.inc, used in system_camanager.php and system_certmanager.php
Fixed in current snapshots. Jim Pingle
03:58 AM Bug #6319: DHCP6 DDNS tsig key missing from dhcpv6.conf for reverse zone
YAY! It's working! It's generating a key definition in dhcpdv6.conf now. Bogdan P
01:52 AM pfSense Packages Bug #8047: XG-2758 - Coreboot Upgrade - Different ROM size
It worked just had to unplug the power instead of pushing the red button the back. Tino Zidore
01:38 AM pfSense Packages Bug #8047: XG-2758 - Coreboot Upgrade - Different ROM size
I am experiencing a problem similar to this.
except my XG-2758 is rebooting by it self after upgrade. And it stays... Tino Zidore

12/03/2017

03:57 PM Bug #6319: DHCP6 DDNS tsig key missing from dhcpv6.conf for reverse zone
The attached patch fixes this issue for me. Please test. Joeri Capens
03:48 PM Feature #6621: Permit DHCP Server Dynamic DNS server key algorithm type selection and use
I also ran into this problem after following some bind9 guides which use the newer ddns-confgen command. This tool us... Joeri Capens
03:06 PM Bug #7413: status_dhcpv6_leases.php: Some DHCPv6 leases are not displayed in the GUI
I have made a patch that addresses the issue, but it is
also a rewrite of a large part of the status leases
page, t... Anders Lind
01:00 PM Bug #8015: IPsec VPN Not Reconnecting until complete reboot
I think this must be a duplicate but I'm unable to find another ticket that matches it exactly right now. Possibly th... Steve Wheeler
09:00 AM Bug #8158 (New): IPv6 Track Interface issue with more than one WAN-Gateway and a number of internal interfaces... at least track interface from one interface does not work on regular base
*Configuration*
* WAN interfaces are configured as WAN_KD and WAN_DTAG, the first is getting its configuration from ... Ingo-Stefan Schilling
06:40 AM Bug #8157 (New): Traffic Graph clutter from time to time
When traffic is more occasional with (great) peaks the graph clutters. See attached file. This happens since version ... Ingo-Stefan Schilling

12/02/2017

10:40 PM Bug #8106: dhcp6c lock files not removed after unclean shutdown when using "Do not wait for an RA" on IPv6 WAN interface
J L wrote:
> Martin Wasley wrote:
> > Just do a PR on it Luke, it'll get reviewed there as part of the process.
> ... J L
02:01 PM Bug #8156 (Resolved): Prefix not being included in DNS entry registered by DHCP6 server
I have a static DHCP6 mapping for a host on my network. The configured suffix for that host is ::1. The address is be... Dylan Piergies

12/01/2017

09:40 PM Revision c618a621: Fixed #8112
Steve Beaver
09:07 PM Revision 39ceb5d5: Fix typo
(cherry picked from commit cedfb2bc0442e8f2225b05792a6ef3097a8aebcf) Jim Pingle
09:07 PM Revision cedfb2bc: Fix typo
Jim Pingle
05:44 PM Revision d3e0194e: When retrieving a the modulus for a certificate, private key, or signing request, write the certificate data out to a temp file instead of echoing it through a pipe. Fixes #8153
(cherry picked from commit 6e316e955350ad69d4f86cb332a1a48bfa028e2e) Jim Pingle
05:44 PM Revision 6e316e95: When retrieving a the modulus for a certificate, private key, or signing request, write the certificate data out to a temp file instead of echoing it through a pipe. Fixes #8153
Jim Pingle
05:43 PM Revision 552d7750: When retrieving a public key for a certificate, private key, or signing request, write the certificate data out to a temp file instead of echoing it through a pipe. Fixes #8153
(cherry picked from commit b6dcbd646feb9c7197b4e94a6031b69c2113d679) Jim Pingle
05:41 PM Revision b6dcbd64: When retrieving a public key for a certificate, private key, or signing request, write the certificate data out to a temp file instead of echoing it through a pipe. Fixes #8153
Jim Pingle
03:36 PM Bug #8143 (Resolved): XSS in status_filter_reload.php
This looks good in current snapshots. Jim Pingle
02:48 PM Revision 9038f44c: Revert "Mitigate possible vuln in cert manager"
This reverts commit 1a68f4badd58de8694ac6a4208e11d7265c97df3. Steve Beaver
02:43 PM pfSense Packages Bug #8154 (Resolved): FRR OSPF6 not working
FRR's OSPF6 configuration pages don't appear to be generating the correct output into the /var/etc/frr/ospf6d.conf fi... Andrew Webster
02:30 PM Revision 1a68f4ba: Mitigate possible vuln in cert manager
Steve Beaver
12:00 PM Bug #8153 (Feedback): Post-auth RCE in cert_get_publickey() from certs.inc, used in system_camanager.php and system_certmanager.php
Applied in changeset commit:b6dcbd646feb9c7197b4e94a6031b69c2113d679. Jim Pingle
11:29 AM Bug #8153 (Resolved): Post-auth RCE in cert_get_publickey() from certs.inc, used in system_camanager.php and system_certmanager.php
cert_get_publickey() in source:src/etc/inc/certs.inc takes user input and uses it in a shell command without encoding... Jim Pingle
11:50 AM Revision deb575ab: Add isset, other vars seem to use it
Doesn't seem to have a point though :) Stilez y
11:48 AM Revision d30fa363: typo
Stilez y
11:46 AM Revision d2ec5844: Unbound: Disable IPv6 outgoing queries if IPv6 blocked in firewall, as they can never go anywhere
If IPv6 is disallowed in system->advanced->network, then any IPv6 lookups by Unbound will always be blocked, so there... Stilez y
11:11 AM Revision 7596c4c8: correct %d -> %s
As previous code used a string. Probably makes no difference and a number is simpler but doesn't matter Stilez y
11:08 AM Revision 300010be: Clarify the unexplained numbers in "log verbosity"
At the moment verbosity is a bare list of digits, 0 to 5. No explanation, nothing else. This PR replaces the visible ... Stilez y
10:01 AM Bug #8150: upgrade from 2.3* to 2.4* caused new self signed ssl cert to be selected for WebConfig
Been using pfSense for 10years. Thanks to the team for all their efforts.
For what it's worth, here is the config... Oliver Schonrock
09:18 AM Bug #8150 (Not a Bug): upgrade from 2.3* to 2.4* caused new self signed ssl cert to be selected for WebConfig
The only way that will happen is if the certificate is invalid in some way. Missing entirely, incorrect reference, or... Jim Pingle
02:34 AM Bug #8150 (Not a Bug): upgrade from 2.3* to 2.4* caused new self signed ssl cert to be selected for WebConfig
We recently upgraded several pfsense installs from 2.3.x to 2.4.y.
All these installs had properly signed SSL cer... Oliver Schonrock
09:52 AM Bug #8152 (Not a Bug): No DHCP on WAN with cable modem
I have a similar modem and it works fine here.
With modems that behave in that way you should go to Interfaces > W... Jim Pingle
09:41 AM Bug #8152 (Not a Bug): No DHCP on WAN with cable modem
My cable modem (SagemCom FAST3686v2 - in bridge mode) when rebooting, first assigns an IP address in the 192.168.100.... Andras Gaal
09:21 AM pfSense Packages Bug #8144: Failed coreboot upgrade
Then you may be hitting the issue on the other ticket, read through the discussion on #8047 and leave a comment there. Jim Pingle
02:16 AM pfSense Packages Bug #8144: Failed coreboot upgrade
Now I have tried running the command:
/sbin/poweroff
And have hit the power button and it is still ADI_RCC-01.00.... Tino Zidore
01:55 AM pfSense Packages Bug #8144: Failed coreboot upgrade
When I try to do the upgrade through the web GUI, this is the warning:
WARNING: This operation requires a reboot.
... Tino Zidore
07:31 AM Bug #8151: Changing name on a gateway is not allowed
ok. i`m curious why is it so more complex to do besides renaming other things like Aliasses etc...
what can i do o... Roland Kletzing
07:25 AM Bug #8151: Changing name on a gateway is not allowed
The gateway is referenced by name throughout the configuration in places like firewall rules for policy routing, rout... Jim Pingle
07:23 AM Bug #8151 (Resolved): Changing name on a gateway is not allowed
I want to change the name of a WAN gateway.

When editing the name field in the dialog, on save i get
"Changing... Roland Kletzing
06:23 AM Bug #8116: status_graph.php: Premature session termination when monitoring live traffic graphs
We got access to the machine this morning, and tested for ~30 mins could not duplicate the results. This seems loca... Chris Macmahon

11/30/2017

11:02 PM pfSense Packages Bug #8139: LADVD not working on LAGG interfaces
Random User wrote:
> Tom Cosmos wrote:
> > Issue was not occurring before 2.4.
>
> Never ever worked with lagg/... Tom Cosmos
03:17 PM pfSense Packages Bug #8139: LADVD not working on LAGG interfaces
Tom Cosmos wrote:
> Issue was not occurring before 2.4.
Never ever worked with lagg/bridge (Bug #3962). It's eve... Random User
10:48 PM Revision 79330f5d: Merge pull request #3880 from bibz0r/master
Steve Beaver
10:47 PM Revision 761b39f9: Merge pull request #3863 from PiBa-NL/20171103-routes-recursive-alias
Steve Beaver
10:46 PM Revision 7cde5013: Merge pull request #3873 from PiBa-NL/20171121-localauth-translated-problem
Steve Beaver
09:07 PM Feature #8149 (New): NTPsec
Would pfSense integrate NTPsec client/sever support to help protect OpenVPN against MITM attacks? Denial of service c... Richard Yao
08:57 PM Revision 71f0623e: routing, support use of recursive network aliases in static routes
Pi Ba
07:30 PM Revision 9fa718d7: Merge pull request #3823 from PiBa-NL/20170919-bootupcomplete
Steve Beaver
07:17 PM Revision ae6a2218: Merge pull request #3810 from svenauhagen/bugfix/mpd
Steve Beaver
07:15 PM Revision 745bf227: Merge pull request #3801 from cgull/radvd-zero-router-lifetime
Steve Beaver
06:56 PM Revision 42824fc3: notify_monitor, don't write EXITQUEUELOCK debug output to system-console
Pi Ba
01:24 PM pfSense Packages Feature #8148: OpenVPN - Output Windows Client .MSI Installer for GPO deployment
The procedure you linked is for the (paid) OpenVPN Access Server client. There is no MSI for the OpenVPN community cl... Jim Pingle
01:16 PM pfSense Packages Feature #8148 (New): OpenVPN - Output Windows Client .MSI Installer for GPO deployment
First, pfSense is a great product. I appreciate all of the development efforts.
It would be very helpful if the O... Jason Gibbons
12:07 PM Bug #8124: username/password not used by proxy support
Hello,
Thank you for your answer.
Yes it work for HTTP request. You can see the picture "pfsense http and https... O 71
08:14 AM Bug #8124 (Feedback): username/password not used by proxy support
There was a FreeBSD bug about that, see #6949, but that's been fixed for a while now. If the proxy auth works for HTT... Jim Pingle
10:21 AM Bug #8142: OpenVPN client does not remove static route for custom monitor IP
I'll have to try to setup a reproduction scenario in my lab on a vm, but fwiw, I am using the same vpn provider as th... Derek Battams
07:59 AM Bug #8142 (Feedback): OpenVPN client does not remove static route for custom monitor IP
There must be something more to it than that alone, as I can't reproduce the problem by simply setting an alternate m... Jim Pingle
09:37 AM Bug #7266: SNMP does not listen on IPv6 interface
Yes, use net-snmp. This is not the place for discussion or instruction, however. Post a thread on the forum, mailing ... Jim Pingle
08:53 AM Bug #7266: SNMP does not listen on IPv6 interface
@Marcel Hellwig: We just upgraded to pfSense 2.4.2 but snmp is still not listening on IPv6. Is the solution to manual... Stefan Kooman
08:53 AM pfSense Packages Feature #8147: include a serial console file tranfer utility like "kermit" in the installer image
I agree this should be closed, because your recovery process is very good (if it works and people know about it and u... Oliver Schonrock
07:35 AM pfSense Packages Feature #8147 (Closed): include a serial console file tranfer utility like "kermit" in the installer image
The automatic restore looks at the selected disk, runs a disk check, then mounts it and looks in /cf/conf/config.xml ... Jim Pingle
06:47 AM pfSense Packages Feature #8147: include a serial console file tranfer utility like "kermit" in the installer image
Just found this article (I had limited internet access during recovery)
https://doc.pfsense.org/index.php/Automati... Oliver Schonrock
06:36 AM pfSense Packages Feature #8147 (Closed): include a serial console file tranfer utility like "kermit" in the installer image
h3. Scenario
- I updated from 2.3 => 2.4 (FreeBSD 11) and it went badly
- I wanted to recover my config.xml (I kn... Oliver Schonrock
08:24 AM Bug #8137 (Rejected): 2.4.2 openvpn stop working
There is not enough detail here for a proper bug report. Please post on the forum, mailing list, or pfSense subreddit... Jim Pingle
08:22 AM Bug #8134 (Rejected): upgrading sg-8860 unit with online upgrade trashes unit to non-working state (packages, libraries missing and so on)
Unable to reproduce the issue. It works here when we try it and as Clinton said that is a test we run before every re... Jim Pingle
08:16 AM Bug #8133 (Rejected): PPPoE over Vlan is no longer work after update.
Please post on the forum, mailing list, or pfSense subreddit with more detail to discuss the issue before opening a b... Jim Pingle
08:06 AM Bug #8128 (Rejected): Port Forwarding over VPN connections
Jim Pingle
07:52 AM pfSense Packages Bug #8144 (Duplicate): Failed coreboot upgrade
Based on the serial number this appears to be an XG-2758, is that correct?
On that model you have to physically po... Jim Pingle
07:37 AM Bug #8145 (Duplicate): Recurring deadlock during normal operation.
Duplicate of #8056 Jim Pingle
12:00 AM Revision dcf0318a: Merge pull request #3759 from PiBa-NL/20170618-option-disable-dragging
Steve Beaver

11/29/2017

11:18 PM Revision 2c131b10: Increase FPM process availability in high ram systems
To reduce chance of nginx gateway error when interacting with FPM backend, this patch does the following, starts up e... Martin Wasley
11:15 PM Revision 52e91f70: webgui, option to disable dragging of rules
Pi Ba
07:41 PM Revision 04168bdd: Merge pull request #3776 from nazar-pc/ram-disk-reboot-fix
Steve Beaver
06:10 PM Revision 74c55258: Merge pull request #3868 from loonylion/master
Steve Beaver
06:05 PM Revision 2acb4025: Merge pull request #3818 from chewrocca/master
Steve Beaver
06:04 PM Revision d7dc67f9: interfaces_fast.inc: removed accidental rolling 'r' from comment
removed unused parameters from definition of convert_real_interface_to_friendly_interface_name_fast()
interfaces_ass... Peter Schofield
06:03 PM Revision 7dee52b7: Merge branch 'master' into master
Matthew Fine
06:02 PM Revision 12e3bbce: Merge branch 'master' into master
Matthew Fine
05:40 PM Bug #8145: Recurring deadlock during normal operation.
Harry Coin wrote:
> Note also the web interface is not responsive during the deadlock. Basically, any process that ... Harry Coin
02:32 PM Bug #8145: Recurring deadlock during normal operation.
Note also the web interface is not responsive during the deadlock. Basically, any process that doesn't touch the net... Harry Coin
02:26 PM Bug #8145: Recurring deadlock during normal operation.
... Harry Coin
10:28 AM Bug #8145 (Duplicate): Recurring deadlock during normal operation.
At seemingly random intervals during normal operation, intervals as long as several hours and as short as several min... Harry Coin
05:13 PM Revision f2d91ecf: Merge pull request #3870 from jtl999/v2.4.2rc-dhcp6fix
Steve Beaver
05:12 PM Revision f9e1a5dc: Merge pull request #3844 from luckman212/ovpn-gw-patch-2
Steve Beaver
05:06 PM Revision 65a8a5ad: Merge pull request #3769 from PiBa-NL/20170626-phpfpm-status
Steve Beaver
05:05 PM Revision 2dbc276d: Merge pull request #3183 from znerol/feature/master/register-openvpn-cn
Steve Beaver
02:57 PM Revision c1a2c6c8: Changed license as requested and added a missing apostrophe in a comment.
Peter Schofield
02:50 PM Revision 6cce4ec9: Merge pull request #3875 from LedPighp/dyndns_godaddy
Steve Beaver
02:48 PM Revision a84fb545: Changed maximum length of usernames from 16 to 32 characters. This seems to be some old FreeBSD requirement which is not needed anymore.
Andrei Miu
02:47 PM Revision 3a402755: Merge pull request #3872 from jackfagner/patch-1
Steve Beaver
02:35 PM Revision 2730dcce: Merge pull request #3865 from VPSrv/v2_3-patch-1
Steve Beaver
02:15 PM Revision 47741e4c: Merge pull request #3825 from adam820/helptext-cleanup
Steve Beaver
02:14 PM Revision cca4802a: Merge pull request #3824 from cfazendin/ddns_widget
Steve Beaver
02:07 PM Revision 884ea644: Merge pull request #3820 from phil-davis/status-if-disabled
Steve Beaver
02:05 PM Revision f5cd3884: Merge pull request #3819 from PiBa-NL/20170910-show-interface-openvpn
Steve Beaver
01:56 PM Revision 98e865f1: Merge pull request #3802 from svenauhagen/bugfix/ppp
Steve Beaver
01:52 PM Revision 327d7996: Merge pull request #3797 from IknowJoseph/patch-1
Steve Beaver
01:51 PM Revision 2ba7f14f: Remove haproxy-devel from i386
haproxy-devel 1.8.0 doesn't build on i386 with old clang versions. It
produces errors like:
cannot compile this at... Renato Botelho
01:41 PM Revision 258a5feb: Merge pull request #3768 from PiBa-NL/20170625-notices-queue
Steve Beaver
01:38 PM Revision 57a01a3a: Remove haproxy-devel from i386
haproxy-devel 1.8.0 doesn't build on i386 with old clang versions. It
produces errors like:
cannot compile this at... Renato Botelho
01:32 PM Revision c6ce0d99: Merge pull request #3747 from PiBa-NL/20170529-dhcprelay-destination-interface-discovery
Steve Beaver
01:18 PM Revision 5de5c48a: Merge pull request #3738 from PiBa-NL/20170521-oneonone-nat-fix-empty-ip
Steve Beaver
12:49 PM pfSense Packages Feature #8146 (New): Zone Domain Records more powerfull for BIND Zones
Hi guys.
Thanks in advance for your effort.
Please, could you add on the UI?:
* Availability to move the reco... Hernan Nacimiento
08:20 AM Feature #7843 (Feedback): DynamicDNS Widget - Show Description
Applied in changeset commit:4c53dfbe72a0bd25afeb8f8203c0daf008bb41a4. Christopher Fazendin
03:00 AM pfSense Packages Bug #8144: Failed coreboot upgrade
I forgot it was a Netgate coreboot upgrade I tried;-) Tino Zidore
02:59 AM pfSense Packages Bug #8144 (Duplicate): Failed coreboot upgrade
Hi
I have tried to upgrade through the Web GUI and I get this error.... Tino Zidore

11/28/2017

09:41 PM Revision 36ca9be2: Fixed #8143 Remove any html special characters for request variable
Stephen Jones
09:39 PM Revision 11b3b8e6: Fixed #8143 Remove any html special characters for request variable
Stephen Jones
09:30 PM Revision fea5a8af: Fixed #8143 Remove any html special characters for request variable
Stephen Jones
09:28 PM Revision 82b1d76f: Fixed #8143 Remove any html special characters for request variable
Stephen Jones
04:42 PM Revision e9f2afc4: 2.4.2 was released
Renato Botelho
03:40 PM Bug #8143 (Feedback): XSS in status_filter_reload.php
Applied in changeset commit:82b1d76f934d793fe681c9c80da1a8e32cefc1f5. Anonymous
03:17 PM Bug #8143: XSS in status_filter_reload.php
Usually we will push a fix to master and cherry pick it to the latest development and release branches, which right n... Jim Pingle
03:01 PM Bug #8143 (Resolved): XSS in status_filter_reload.php
I am not sure the procedure for pushing fixes like this. If I push it to gitlab will it be public? I wouldn't want to... Anonymous
12:03 PM pfSense Packages Bug #8141: ACB uploads a version several times each second/minute when CaptivePortal is active.
Where can I find a updated version for me to test? klaus johnstad
11:58 AM pfSense Packages Bug #8141 (Feedback): ACB uploads a version several times each second/minute when CaptivePortal is active.
Updated to add an input to ignore uploading a config if it contains 'Syncing vouchers' as the reason. This is default... Anonymous
08:32 AM pfSense Packages Bug #8141: ACB uploads a version several times each second/minute when CaptivePortal is active.
Coincidentally this issue was discovered a couple of days ago and is under investigation. Anonymous
07:52 AM pfSense Packages Bug #8141 (Resolved): ACB uploads a version several times each second/minute when CaptivePortal is active.
When I have CaptivePortal enabled, ACB uploads a copy of my config between once and 5 times every second during peak ... klaus johnstad
11:52 AM Bug #8142 (Resolved): OpenVPN client does not remove static route for custom monitor IP
Since upgrading from 2.3.4 to 2.4.2 I've had this problem with my OpenVPN clients that specify a custom monitoring IP... Derek Battams
05:46 AM Bug #8134: upgrading sg-8860 unit with online upgrade trashes unit to non-working state (packages, libraries missing and so on)
Clinton Cory wrote:
> Installed ADI 2.3.5-RELEASE on SG-8860-1U
> An upgrade displayed for 2.4.1
> Selected the op... Eero Volotinen
03:10 AM pfSense Packages Feature #7519: Add support for --listen-v6 to ACME standalone webserver
+1
I just ran into this today. I tried to get the Lets Encrypt working. I only have an IPv6 DNS name associated ... David Summers
03:04 AM pfSense Packages Bug #8126: ACME standalone HTTP not listening on IPv6
I'm having the exact same problem.
I only have an IPv6 address for the DNS name of my pfsense router.
Once I ha... David Summers

11/27/2017

11:55 PM Feature #8140 (Duplicate): Feature Request: Zone Firewall between interfaces
Zone Firewalls are very powerful and solve a lot of the current problems with firewalls using the current non-Zoned f... David Summers
08:33 PM pfSense Packages Bug #8139 (Resolved): LADVD not working on LAGG interfaces
https://forum.pfsense.org/index.php?topic=138119.0
Interfaces in bond reporting in logs as invalid for LADVD
No... Tom Cosmos
12:43 PM Bug #8138 (Resolved): Option <spoofmac> is ignored on interfaces without hwaddr
MAC Address in GUI is not applyed to interface and allways set to random value. This causes a lot of problems if inte... Michael Sh.
11:26 AM Bug #8137 (Rejected): 2.4.2 openvpn stop working
My openvpn setup have worked for multiples years and survive multiple upgrades, but since I have upgrade from 2.4.1 t... Eric D
10:26 AM Bug #8134: upgrading sg-8860 unit with online upgrade trashes unit to non-working state (packages, libraries missing and so on)
Installed ADI 2.3.5-RELEASE on SG-8860-1U
An upgrade displayed for 2.4.1
Selected the option to upgrade and was upg... Clinton Cory
12:43 AM Bug #8134 (Rejected): upgrading sg-8860 unit with online upgrade trashes unit to non-working state (packages, libraries missing and so on)
upgrading sg-8860 unit with online upgrade trashes unit to non-working state (packages, libraries missing and so on)
... Eero Volotinen
09:46 AM Bug #8136 (Resolved): dpinger for WAN DHCPv6 gets fails to update gateway IP
There appears to be an issue with dpinger when the IPv6 link-local address for a native DHCPv6 connection changes.
... Kristopher Kolpin
07:35 AM Bug #7532: SG-1000 autonegotiation 10baseT speed and duplex
10FD still does not work.
Steve found that 100FD works with crossover. I checked manual 100FD on both sides with cro... Constantine Kormashev
05:11 AM Feature #7666: Adding SAN DNS:username to User Certificates that are created via User Manager the same way as it is done via Cert. Manager
Pardon for late reply.
Yes, user certs that are (auto)generated via _System > User manager > Users > Add_ now work w... Reinis Adovics
04:26 AM Bug #8135 (Closed): pfSense deletes itself after upgrade from 2.2.6 to 2.3.5 with haproxy installed
How to reproduce:
# Install 2.2.6 (I used an APU.2C2)
# Install haproxy
# Upgrade to 2.3.5... Tom Mü-Ko
02:31 AM Bug #8079: XMLRPC Issues with Captive Portal Vouchers
Master and slave servers still do not communicate 100% properly in relation to expired/active vouchers and do not upd... Dejan Milojevic

11/26/2017

10:27 PM Bug #8133: PPPoE over Vlan is no longer work after update.
I downgrade to 2.3.3 and everything work. Hoan Bui Huy
10:24 PM Bug #8133 (Rejected): PPPoE over Vlan is no longer work after update.
I got 2 Wans, the first one is running PPPoE without Vlan, another one is running PPPoE over Vlan 0/35. Everything is... Hoan Bui Huy
04:51 PM Bug #8132: OpenVPN tap device support is very limited/buggy
Here is another use case for fixing the issues OpenVPN tap support. If you want to enforce least privilege such that ... Richard Yao
04:30 PM Bug #8132 (Rejected): OpenVPN tap device support is very limited/buggy
I am (ab)using OpenVPN to extend my network across wireless bridges to mitigate both KRACK and future WPA2 exploits o... Richard Yao
04:29 PM Bug #8131 (Rejected): No way to configure static ARP entries on a /31 (need a better way to configure static ARP entries)
Configuration of static ARP entries is done through the DHCP server interface, even if it is not enabled. When using ... Richard Yao
01:40 PM Bug #8130 (New): Status - Monitoring - Area chart displays traffic data differently than Line or Bar charts
When setting a traffic chart to Area, portions of the chart where +Y (inpass) values are relatively high show 0 value... Eduard Rozenberg
01:14 PM Bug #8129 (Resolved): NTP Status -> Server time value incorrect for timezone Asia/Kolkata
When using timezone set to Asia/Kolkata (a timezone on the 1/2 hour), the time showing in the dashboard widget NTP St... Eduard Rozenberg
09:47 AM pfSense Packages Bug #8115: After update 2.3.4_1-> 2.4.0 ospf over gre looks broken
In my case:... Wagner Sartori Junior
09:39 AM pfSense Packages Bug #8115: After update 2.3.4_1-> 2.4.0 ospf over gre looks broken
Hi Wagner .Could you advice on exact cronjob workaround ? Konstantin Pobudzey
09:30 AM pfSense Packages Bug #8115: After update 2.3.4_1-> 2.4.0 ospf over gre looks broken
same here. GRE under ipsec. I setup a cronjob every minute correcting the mtu when needed, my tunnels are up now. I'm... Wagner Sartori Junior
09:41 AM Bug #8125: gateway 502 errors proposed fix for high ram systems
Chris had asked me to do a commit for this, but I was a bit slack in doing so, now done. PR 3881 Martin Wasley
05:33 AM Bug #8124: username/password not used by proxy support
Hello,
I did other tests.
The proxy works with websites in http but not in https. If I do 'fetch -v http: //www... O 71

11/25/2017

10:34 PM pfSense Packages Feature #7519: Add support for --listen-v6 to ACME standalone webserver
Pim, thanks for the info about @ncaddr@. My request was not about the script itself but about the UI, to provide a an... Michael Duller
08:18 AM pfSense Packages Feature #7519: Add support for --listen-v6 to ACME standalone webserver
The acme.sh script also knows the _ncaddr_ variable. If it is set to a specific IPv6 address all works so no modifica... Pim Pish
02:55 PM Bug #8128: Port Forwarding over VPN connections
Please post to the forum at https://forum.pfsense.org/ and return if consensus is reached that it is a bug and not a ... Chris Linstruth
02:37 PM Bug #8128 (Rejected): Port Forwarding over VPN connections
After upgrade from 2.3.4 to 2.4.0, I am unable to port forward SMTP through my VPN interface. I have verified Port Fo... Tyler Yokley
08:16 AM Feature #8127 (Duplicate): searching for certificates
Hi
For easier working - if you have a lot of certificats (users and servers) that there's kind of tab interface or ... Chris Macmahon
07:37 AM pfSense Packages Bug #8126 (Duplicate): ACME standalone HTTP not listening on IPv6
Duplicate of #7519 Jim Pingle
07:07 AM pfSense Packages Bug #8126 (Duplicate): ACME standalone HTTP not listening on IPv6
When I try to register a certificate via the ACME service I have a DNS name that only has an IPv6 record (AAAA). When... Pim Pish

11/24/2017

08:26 PM Revision f810e576: GoDaddy allows a hostname of @
Sam Neely
03:32 PM Bug #8125: gateway 502 errors proposed fix for high ram systems
I’m in favor of incorporating this. Assigned to Beaver for evaluation. Target set to 2.4.3
Thanks, Chris. Jim Thompson
02:42 PM Bug #8125 (Resolved): gateway 502 errors proposed fix for high ram systems
I noticed lately multiple forum threads on gateway 502 errors, when this occurs it is because nginx cannot talk to FP... Chris Collins
10:44 AM Feature #3185: Accommodate a DHCPv6 failover-like mechanism
A tick box to detect if the DHCPv6 server should be running based on interface CARP state and copy of the reservation... Neal Harrington
06:51 AM Bug #8124: username/password not used by proxy support
I add a file, with a packet capture.
Thanks a lot O 71
04:30 AM Bug #8124 (Closed): username/password not used by proxy support
Hello,
I have problem to configure Proxy with authentification. I go in System>Advanced>Miscellaneous and I config... O 71
03:40 AM Bug #8116: status_graph.php: Premature session termination when monitoring live traffic graphs
I tried everything I can, but I cannot find why the GUI gives a "session_Timeout" after around 10 minutes.
I tried... Jimmy Meskens
01:23 AM Revision 456ba14f: Feature #8123: Add GoDaddy as a Dynamic DNS provider
Sam Neely

11/23/2017

07:59 PM Bug #8071: DNSimple support for Dynamic DNS no longer working
The offending file is:
/etc/inc/dyndns.class
pfSense has the ability to edit files from the webpage GUI (Diagnost... Peter Wilson
07:41 PM Feature #8123: Add GoDaddy as a Dynamic DNS provider
Pull request https://github.com/pfsense/pfsense/pull/3875 submitted. Sam Neely
07:21 PM Feature #8123 (Resolved): Add GoDaddy as a Dynamic DNS provider
Add GoDaddy and GoDaddy (v6) to the list of Dynamic DNS providers. Sam Neely
07:04 PM Feature #1831: Captive portal IPv6 support
With the growing demand for IPv6 it is essential that this feature is implemented ASAP.
Do we have a timeline on whe... James Webb
01:14 PM Bug #6400: assign_interfaces.php issues with large numbers of interfaces
I have submitted a pull request that addresses this, waiting on pfSense devs now. Peter Schofield
11:49 AM Bug #8122 (New): openvpn client is unable to use OTP (temporary) passwords
While the upstream OpenVPN client is able to load one-time passwords from the file mentioned by the auth-user-pass pa... Sorin Sbarnea
10:28 AM Bug #7916: There were error(s) loading the rules: pfctl: ix0: driver does not support altq - The line in question reads [0]: | Intel X520-DA2
Same error on 2.4.2 :( Roman Fidi
04:04 AM pfSense Packages Feature #8121: haproxy, allow to generate backends even they don't seem to be used
just a side note: I didn't get it to work, having this action at the bottom of all actions in the generated configura... Thomas Spalinger
03:53 AM pfSense Packages Feature #8121 (New): haproxy, allow to generate backends even they don't seem to be used
I try to use my backends with custom action "use_backend bk_%[hdr(host)]" in the frontend.
The problem is, because t... Thomas Spalinger
03:29 AM Bug #8120 (Resolved): Unable to disable DHCP Server on interface when DNS Resolver "DHCP Registration" is enabled
Subject covers this pretty clearly I think, but I'll elaborate with my repro steps. I chose "all" for affected arch b... Braden McGrath
03:15 AM Bug #8081: NICs malfunction
I'm having a similar problem, which persists into 2.4.2, with igb interfaces. The problem exhibits itself for me wit... Braden McGrath
01:47 AM Bug #8117: IPSec statuspage shows both connected and connecting tunnel
Hello Stephen,
The same connection as in the picture shows up (twice!) as follows in the cli:
bq. con59000: #17... Ges Ture

11/22/2017

08:15 PM pfSense Packages Bug #7965: freeradius 3 with MySQL
new version package. Thx
And new problem with parsing. I use sql module with 1 sql server (NOT 2 servers!)
its lo... Konstantin Ab
07:43 PM Bug #8119 (Not a Bug): Site to Site IPsec On a VM Not Routing
Following the guide at:
https://doc.pfsense.org/index.php/Routing_internet_traffic_through_a_site-to-site_OpenVPN-... Kristopher Kolpin
07:35 PM Bug #7928: LAGG interfaces lose MAC address
Just the re2 NIC or the lagg interface also?
That sounds like a different issue if the parent NIC is actually losi... Steve Wheeler
11:44 AM Bug #7928: LAGG interfaces lose MAC address
Similar issue here with 2.4.1 and 2.4.2. using LAG groups for statefull failover where nic on two generations of APU ... Gareth Jones
11:34 AM pfSense Packages Bug #8118 (Resolved): Note default key name when using RFC 2136
The Acme package assumes the key name _acme-challenge.<domain name> when using the "DNS-NSupdate / RFC 2136" update m... Isaac McDonald
10:52 AM Bug #8117: IPSec statuspage shows both connected and connecting tunnel
One thing to try would be in the command shell or in Diagnostics > Command Prompt type the command `swanctl --list-sa... Anonymous
09:25 AM Bug #8117 (Not a Bug): IPSec statuspage shows both connected and connecting tunnel
The bug started after upgrading from 2.3.4 to v2.4.1. Once in a while a number of IPSec tunnels show up as both conne... Ges Ture
10:00 AM Bug #7975 (Resolved): ESXi 6.5 UEFI boot stops at framebuffer info
Luiz Souza
03:47 AM Bug #7975: ESXi 6.5 UEFI boot stops at framebuffer info
Luiz Souza wrote:
> The changed that possibly cause this issue was reverted, please check with the next snapshot.
... Rich Murphey
09:20 AM Bug #8116: status_graph.php: Premature session termination when monitoring live traffic graphs
Thanks for your help, and I fully understand it is not that simple :)..
As a test, I tried to run same on another ... Jimmy Meskens
09:09 AM Bug #8116: status_graph.php: Premature session termination when monitoring live traffic graphs
As I stated above, if it was the timeout, there would be a log message. There is no log message, so it is not actuall... Jim Pingle
09:01 AM Bug #8116: status_graph.php: Premature session termination when monitoring live traffic graphs
No the connection does not go through the Proxy.
Since all was working fine with 2.3.3, it definitely is something w... Jimmy Meskens
08:35 AM Bug #8116: status_graph.php: Premature session termination when monitoring live traffic graphs
Does your connection to the GUI go through the proxy? Usually that would not be the case if the proxy is on the firew... Jim Pingle
08:33 AM Bug #8116: status_graph.php: Premature session termination when monitoring live traffic graphs
About nr. 5 ( Proxy ), Squid is configured in PFSENSE.
But it is weird that all worked fine with version 2.3.X, and ... Jimmy Meskens
08:27 AM Bug #8116: status_graph.php: Premature session termination when monitoring live traffic graphs
If there is no log message at all, then 5 in that list is the most likely issue. But I've gone through the base syste... Jim Pingle
08:27 AM Bug #8116: status_graph.php: Premature session termination when monitoring live traffic graphs
It worked fine with version 2.3.x but I have the problem since 2.4.x Jimmy Meskens
08:25 AM Bug #8116: status_graph.php: Premature session termination when monitoring live traffic graphs
No there is no timout logged in the log, I can only see when I reconnect again. Jimmy Meskens
08:25 AM Bug #8116 (Feedback): status_graph.php: Premature session termination when monitoring live traffic graphs
This does not appear to be a general issue. I've left that page open for nearly an hour now with the same settings yo... Jim Pingle
06:35 AM Bug #8116: status_graph.php: Premature session termination when monitoring live traffic graphs
Is there a session timeout logged in the main system log when this happens? Jim Pingle
05:15 AM Bug #8116: status_graph.php: Premature session termination when monitoring live traffic graphs
Vladimir Lind wrote:
> During around 5 minutes RRD webpage shows the traffic data, then it shows a "SESSION_TIMEOUT"... Jimmy Meskens
05:06 AM Bug #8116 (Resolved): status_graph.php: Premature session termination when monitoring live traffic graphs
During around 5 minutes RRD webpage shows the traffic data, then it shows a blank screen, and when refresh, logon to ... Vladimir Lind

11/21/2017

09:36 PM Revision 3e90d18b: local authentication option, use key value instead of translated name.
Pi Ba
07:41 PM pfSense Packages Bug #8115: After update 2.3.4_1-> 2.4.0 ospf over gre looks broken
Sorry picture broken . GRE tunnel inside IPSEC Konstantin Pobudzey
07:39 PM pfSense Packages Bug #8115 (Duplicate): After update 2.3.4_1-> 2.4.0 ospf over gre looks broken

#
#site1 ( 2.3.4_1 )
logs
Nov 4 09:47:58 ospfd 45632 Packet[DD]: Neighbor 10.10.10.18 MTU 1400 is large... Konstantin Pobudzey
03:44 PM Bug #8114 (Not a Bug): DHCPv6 PD client not working after 2.4.2 upgrade
I was just double checking this and confirmed it was working here on a test box. Thanks for the follow-up. Jim Pingle
03:37 PM Bug #8114: DHCPv6 PD client not working after 2.4.2 upgrade
I'm sorry, somehow I made a mistake in my configuration just before the upgrade (disabled interface tracking). After ... Tim Balmer
02:27 PM Bug #8114 (Not a Bug): DHCPv6 PD client not working after 2.4.2 upgrade
I just upgraded from 2.4.1 to 2.4.2 but after the upgrade IPv6 is not working anymore. After checking the logs I see ... Tim Balmer
03:22 PM Revision db28039e: Fixed #8112
Steve Beaver
02:07 PM Bug #8108 (Closed): IPSec NAT issue
Ivor Kreso
02:07 PM Bug #8108: IPSec NAT issue
Please submit a bug with your problem description as we cannot pull random fixes.
Thank you. Ivor Kreso
01:42 PM Bug #8075: OpenVPN binds to wrong interface with no ip on first interface
Workaround: bind both OpenVPNs to 127.0.0.1 (localhost) (use different ports). Then forward these ports to their resp... robi robi
01:38 PM Bug #8089: VLAN page breaks after config restore to new hardware.
Also related to https://redmine.pfsense.org/issues/8076 robi robi
01:33 PM Bug #8089: VLAN page breaks after config restore to new hardware.
Same here.
Workaround is to replace manually interface names from emX to igbX in config.xml, before restoration. robi robi
01:38 PM Bug #8076: User can easily apply an unusable interface configuration after restore
Also related to https://redmine.pfsense.org/issues/8089 robi robi
01:37 PM Bug #8076: User can easily apply an unusable interface configuration after restore
In the interface setup page, when a mismatch of the network interfaces is detected, there should be options to fix VL... robi robi
12:46 PM Bug #8113 (New): MTU setting on bridge, openvpn clients ignored
I set the MTU field in the GUI for a pair of openvpn clients and the bridge interface to 1492.
However, the 'inter... Harry Coin
10:57 AM Feature #6742: OAuth2 authentication for OpenVPN (and for FreeRadius)
+1 as well! we are building a ton of infrastructure just to tackle with this issue! would be so great to be able to a... Luis Paolini
10:40 AM Revision 5f56dee4: Bug in get_interface_ip
Global variable $config was not available, and IP was always fetched using find_interface_ip Jackson Laskoski
09:30 AM Bug #8112 (Feedback): Internal IP mask is always reset to /32 when editing a 1:1 NAT
Applied in changeset commit:db28039e4e8606cb8fdb4a342e5193f1a8a3db36. Anonymous
08:10 AM Bug #8112 (Confirmed): Internal IP mask is always reset to /32 when editing a 1:1 NAT
Jim Pingle
04:20 AM Bug #8112 (Resolved): Internal IP mask is always reset to /32 when editing a 1:1 NAT
Hi,
Whenever I edit a _1:1_ NAT, the mask of @Internal IP@ is always reset to @/32@, even when it was set to a diffe... Louis Sautier
04:14 AM Bug #8111: Disabled 1:1 NATs are not passed the "disabled" class (not greyed out)
This seems to have been fixed in 2.4. Could we get it backported to 2.3? Louis Sautier
04:06 AM Bug #8111 (Resolved): Disabled 1:1 NATs are not passed the "disabled" class (not greyed out)
Hi,
I noticed that _Port Forward_ NATs get a @disabled@ CSS class in addition to the @fa-times@ icon. This makes the... Louis Sautier

11/20/2017

06:07 PM Bug #8061: LAN WAN Interfaces missing in Traffichshaper
I have the same issue. WAN is nfe0. LAN is em0. Corey Boyle
02:49 PM Bug #8110: undefined functions validate_gateway($_post, $id) and save_gateway($_POST, $realid) in system_gateways_edit.php
The update process does check the integrity, but it's possible some other problem (disk issue, for example) can cause... Jim Pingle
02:47 PM Bug #8110: undefined functions validate_gateway($_post, $id) and save_gateway($_POST, $realid) in system_gateways_edit.php
those functions are NOT present in gwlb.inc in my install, and the file is not damaged. Clearly this is a partial upd... Peter Schofield
01:05 PM Bug #8110: undefined functions validate_gateway($_post, $id) and save_gateway($_POST, $realid) in system_gateways_edit.php
Jim Pingle wrote:
> hose functions are defined in source:src/etc/inc/gwlb.inc which is included through functions.in... Random User
12:53 PM Bug #8110 (Not a Bug): undefined functions validate_gateway($_post, $id) and save_gateway($_POST, $realid) in system_gateways_edit.php
Those functions are defined in source:src/etc/inc/gwlb.inc which is included through functions.inc which is included ... Jim Pingle
12:44 PM Bug #8110 (Not a Bug): undefined functions validate_gateway($_post, $id) and save_gateway($_POST, $realid) in system_gateways_edit.php
While setting up he.net 6 to 4 tunnel as per the howto documented in the wiki, I ran into this while making the edits... Peter Schofield
02:23 PM Revision 1248a2fa: Add -i parameter to define SKIP_FNAL_RSYNC
Renato Botelho
02:23 PM Revision 693b0903: Add -i parameter to define SKIP_FNAL_RSYNC
Renato Botelho
02:21 PM Revision 6d448e2a: Add -i parameter to define SKIP_FNAL_RSYNC
Renato Botelho
02:21 PM Revision 1de3ef87: Add -i parameter to define SKIP_FNAL_RSYNC
Renato Botelho
02:21 PM Revision 158999e9: Add -i parameter to define SKIP_FNAL_RSYNC
Renato Botelho
01:42 PM Revision 196427f9: Add missing %%REPO_BRANCH_PREFIX%%
Renato Botelho
01:42 PM Revision 4b1f7145: Add missing %%REPO_BRANCH_PREFIX%%
Renato Botelho
01:28 PM Revision 98476258: Prevent Clickjacking in CSRF error page
Yorick Koster
01:21 PM Revision 386d89b0: Prevent Clickjacking in CSRF error page
(cherry picked from commit 6026c9dabdd66a154c8a9a5170947ea098959835) Jim Pingle
01:21 PM Revision 6026c9da: Prevent Clickjacking in CSRF error page
Jim Pingle
01:15 PM Revision ae268fd4: Point release to 2.4.2
Renato Botelho
01:14 PM Revision cf34b5d1: Fill REPO_BRANCH_PREFIX on poudriere make.conf
Renato Botelho
01:14 PM Revision 1b3abaab: Use REPO_BRANCH_PREFIX to define POUDRIERE_PORTS_GIT_URL
Renato Botelho
01:14 PM Revision 77c66e2d: Merge pull request #3871 from ykoster/master
Jim Pingle
01:14 PM Revision 55c31005: Stop trying to guess REPO_BRANCH_PREFIX
Renato Botelho
01:11 PM Revision b40ac1b2: Reduce the need to always track branch changes for factory
Renato Botelho
01:11 PM Revision a6e2c666: Remove specific repository for 2.4.2-RC
Renato Botelho
01:08 PM Revision efd01b2c: Point release to 2.4.2
Renato Botelho
01:07 PM Revision fc960e71: Fill REPO_BRANCH_PREFIX on poudriere make.conf
Renato Botelho
01:07 PM Revision 3f7100c1: Use REPO_BRANCH_PREFIX to define POUDRIERE_PORTS_GIT_URL
Renato Botelho
01:05 PM Revision 385e812b: Stop trying to guess REPO_BRANCH_PREFIX
Renato Botelho
01:05 PM Revision 9765570d: Reduce the need to always track branch changes for factory
Renato Botelho
01:01 PM Revision 4d07faca: Remove specific repository for 2.4.2-RC
Renato Botelho
12:49 PM Revision 441d1d4f: Make RELEASE repo branch point to 2.4.2
Renato Botelho
12:41 PM Revision 84a6c526: Fill REPO_BRANCH_PREFIX on poudriere make.conf
Renato Botelho
12:41 PM Revision e60d620b: Use REPO_BRANCH_PREFIX to define POUDRIERE_PORTS_GIT_URL
Renato Botelho
12:40 PM Revision 9a8b9949: Stop trying to guess REPO_BRANCH_PREFIX
Renato Botelho
12:40 PM Revision 3d2dba58: Reduce the need to always track branch changes for factory
Renato Botelho
12:39 PM Revision fd50e40e: Remove specific repository for 2.4.2-RC
Renato Botelho
12:36 PM Revision c1f18417: Fill REPO_BRANCH_PREFIX on poudriere make.conf
Renato Botelho
12:35 PM Revision 6c9689f4: Use REPO_BRANCH_PREFIX to define POUDRIERE_PORTS_GIT_URL
Renato Botelho
12:34 PM Revision 97f3f602: Stop trying to guess REPO_BRANCH_PREFIX
Renato Botelho
12:34 PM Revision 743cc0cc: Reduce the need to always track branch changes for factory
Renato Botelho
12:31 PM Revision 2d982d5b: Remove specific repository for 2.4.2-RC
Renato Botelho
12:09 PM Revision 8ffdcf26: Fill REPO_BRANCH_PREFIX on poudriere make.conf
Renato Botelho
11:48 AM Revision 568caf26: Use REPO_BRANCH_PREFIX to define POUDRIERE_PORTS_GIT_URL
Renato Botelho
11:48 AM Revision 956f71e8: Stop trying to guess REPO_BRANCH_PREFIX
Renato Botelho
11:42 AM Feature #8109 (Duplicate): UPnP & NAT-PMP ACL Aliases
Not sure if it's possible, but being able to use aliases in UPnP & NAT-PMP ACLs would be great.
That way I can jus... Jonny Proud
11:31 AM Revision eacf9c93: Reduce the need to always track branch changes for factory
Renato Botelho
11:16 AM Revision 819e3ba4: Remove specific repository for 2.4.2-RC
Renato Botelho
11:14 AM Revision 8ab2e1ac: It's 2.4.2-RELEASE time
Renato Botelho
11:11 AM Revision 79a33eba: Send images to release-staging when SKIP_FINAL_RSYNC is set
Renato Botelho
11:11 AM Revision 2bf444aa: Send images to release-staging when SKIP_FINAL_RSYNC is set
Renato Botelho
11:11 AM Revision 8a0db282: Send images to release-staging when SKIP_FINAL_RSYNC is set
Renato Botelho
11:11 AM Revision dab621ab: Send images to release-staging when SKIP_FINAL_RSYNC is set
Renato Botelho
11:10 AM Revision 3c489426: Send images to release-staging when SKIP_FINAL_RSYNC is set
Renato Botelho
10:35 AM Bug #8108 (Closed): IPSec NAT issue
Hi,
I was searching to resolve a IPSec NAT issue on my platform and I found this bug on OpenSense (pfSense fork) :... Thomas du Boÿs
06:53 AM Bug #8003: IPsec weirdness with 2.4.1
I've had these problems, as well as duplicate entries in the list, one in the state 'CONNECTING' and one in the state... Ges Ture

11/19/2017

07:44 PM Revision c4212dc6: Prevent Clickjacking in CSRF error page
Yorick Koster
04:11 PM Bug #6812: IPsec filterdns crash
This issue has not surfaced again. I agree with Jim Pingle. Anonymous
01:05 PM Feature #6742: OAuth2 authentication for OpenVPN (and for FreeRadius)
+1 on this. Would love to see OAuth2 integration. We have some legacy local AD servers that we leverage today. I'd li... Mike Sith
02:41 AM Bug #5319: Error message "No config named" in charon daemon
Bug is also present in 2.4-rel Vladimir Lind

11/18/2017

11:01 PM Revision 19f3d39a: fix for leftover dhcp6c lock file(s) after unclean shutdown
J L
03:21 PM Bug #8106: dhcp6c lock files not removed after unclean shutdown when using "Do not wait for an RA" on IPv6 WAN interface
Martin Wasley wrote:
> Just do a PR on it Luke, it'll get reviewed there as part of the process.
Done: https://gi... J L
02:55 PM Bug #8106: dhcp6c lock files not removed after unclean shutdown when using "Do not wait for an RA" on IPv6 WAN interface
Just do a PR on it Luke, it'll get reviewed there as part of the process.
Martin Wasley
02:43 PM Bug #8106 (Resolved): dhcp6c lock files not removed after unclean shutdown when using "Do not wait for an RA" on IPv6 WAN interface
When using a WAN connection with IPv6 that requires the "Do not wait for an RA" option if the router has an unclean s... J L
02:53 PM Feature #8107 (Rejected): SG1000 Manually set time
SG1000 has no RTC, would be handy to be able to set the time when access to a NTP server is not available. Richard Rose

11/17/2017

08:21 AM Bug #8105 (Duplicate): Traffic Shaper on VLan, not work.
Duplicate of #8007 - already fixed in 2.4.2 Jim Pingle
08:14 AM Bug #8105 (Duplicate): Traffic Shaper on VLan, not work.
Hi,
I have a coreboot v4.0 APU (AMD G-T40E Processor 2 CPUs) with 3 LANs and on one of them (Re1) 4 Vlans are co... Dino Iavarone
06:27 AM Bug #8104 (Rejected): Pfsense 2.4.1
Not nearly enough information here to form a valid bug report. Please post on the forum, mailing list, or reddit to d... Jim Pingle
01:52 AM Bug #8104 (Rejected): Pfsense 2.4.1
Hi Server I've installed Pfsense 2.4.1 on 2012R2 Hyperv and after a while I've got to remove the PFSense which was co... Landforces turkuaz

11/16/2017

10:11 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM)
I also just updated to 2.4.2.a.20171116.0841 and IPv6 looks to be working on my SG-3100. My client machines are gett... Dave Pugh
09:53 PM pfSense Packages Bug #8103 (Resolved): squid monitor using hard coded logs location
Hello,
in /usr/local/www/squid_monitor_data.php log directory is hardcoded, ignoring config.
Line 35
@- $log =... Nano Caiordo
07:50 PM Revision 90e5e32c: Fixed it so it will validate that it is an image uploaded and not something else
Stephen Jones
07:45 PM Revision 06930018: Fixed it so it will validate that it is an image uploaded and not something else
Stephen Jones
06:44 PM Revision 0e7cd50a: Enable pfSense-repo-242
Renato Botelho
06:44 PM Revision dacf190b: Add new 2.4.2-RC repo
Renato Botelho
06:42 PM Revision 0de59d07: Enable pfSense-repo-242
Renato Botelho
06:42 PM Revision d292d1fd: Add new 2.4.2-RC repo
Renato Botelho
06:42 PM Revision 1afb28da: Enable pfSense-repo-242
Renato Botelho
06:42 PM Revision fa0c3302: Add new 2.4.2-RC repo
Renato Botelho
06:40 PM Revision ef2c3373: Change default repo to 2.4.2
Renato Botelho
06:39 PM Revision 15514a9e: Add upgrade notice include file
Steve Beaver
06:39 PM Revision 08da8b84: Add upgrade notice to dashboard
Steve Beaver
06:38 PM Revision 69b8e3b3: Enable pfSense-repo-242
Renato Botelho
06:38 PM Revision e47f7cc1: Create a new repo conf for 2.4.2-RC and make sure stable still points to 2.4.1
Renato Botelho
06:38 PM Revision f6bf038c: Revert "Too soon for 2.4.2 here. It's in RC yet"
This reverts commit 0d4732de2d90792e3a7054705fcdeb7face1bcce. Renato Botelho
06:34 PM Revision 7c28ebe6: Enable pfSense-repo-242
Renato Botelho
06:34 PM Revision 28513d71: Create a new repo conf for 2.4.2-RC and make sure stable still points to 2.4.1
Renato Botelho
06:15 PM Revision 4a670606: Add upgrade notice include file
Steve Beaver
06:15 PM Revision 8ba87e85: Add upgrade notice to dashboard
Steve Beaver
05:57 PM Revision 0d4732de: Too soon for 2.4.2 here. It's in RC yet
Renato Botelho
05:36 PM Revision e6649a9c: Welcome 2.4.2-RC
Renato Botelho
05:34 PM Revision 3e496fa4: Bump version to 2.4.3-DEVELOPMENT
Renato Botelho
04:41 PM Revision 7f8d1f31: Revise modal notice header
Steve Beaver
04:37 PM Revision 89053468: Provide a simple mechanism for pakage installer to display a notice to the user. (Such as: Firewall must be rebooted before this package becomes available")
Steve Beaver
02:24 PM Feature #8102 (Rejected): Send an e-mail message when a core dump is generated
I've been in a situation where a recursive alias has caused the filter reload to never complete, but creating a core ... Ugo Bellavance
01:15 PM Feature #8101 (Resolved): Filter loop prevention
When doing aliases, can we have a check if name = value and reject the change or at least show a warning?
 Chris Macmahon
12:36 PM Bug #8097 (Resolved): Captive Portal RADIUS bw_up/bw_down can feed a non-integer value to ipfw, resulting in incorrectly parsed throughput values
Jim Pingle
12:29 PM Bug #7975 (Feedback): ESXi 6.5 UEFI boot stops at framebuffer info
The changed that possibly cause this issue was reverted, please check with the next snapshot. Luiz Souza
12:27 PM Bug #7710 (Feedback): IGMP Proxy
The support for all-multicast mode is now implemented.
Please check with the next 2.4.2 snapshot. Luiz Souza
10:34 AM Bug #8098 (Resolved): interfaces_ppps_edit.php: Link paramter fields (bandwidth, mtu, mru, mrru) not shown when a VLAN is the parent
Jim Pingle
09:04 AM Bug #6335 (Resolved): Status > IPsec shows both connected and disconnected with Split Connections enabled
Anonymous
08:32 AM Bug #7896 (Resolved): picture_widget.php
Looks good now, thanks! Jim Pingle
06:09 AM pfSense Packages Bug #8047: XG-2758 - Coreboot Upgrade - Different ROM size
According ADI engineers XG-2758 requires a physical power cycle after upgrade coreboot and because package tries to r... Renato Botelho
03:10 AM Bug #8074: Captive Portal RADIUS WISPr-Bandwith-Up value used incorrectly creating Limited rules
Thanks, yes I must have typed that too fast, fingers going faster than brain :-) Richard Gate

11/15/2017

10:07 PM Revision 00fc2d5e: Fixed #7896 Made sure only images could be uploaded and validated on the server to make sure it is an image and not something else.
Stephen Jones
05:37 PM Revision 48f08ba1: Tweak the formatting of the disk usage section of the system info widget
Jim Pingle
05:31 PM Revision 3bb0275d: Fixed #8098 by converting the '.' in interfaces names to '_' when used to compose an HTML element class name
Steve Beaver
04:49 PM Revision 68eacaa2: fix for broken preselection of select boxes
Peter Schofield
04:20 PM Bug #8100: pfsync Initially Deletes States on Primary for Connections Established through Secondary
Attached complete pcaps of sync interfaces. Chris Linstruth
04:06 PM Bug #8100 (New): pfsync Initially Deletes States on Primary for Connections Established through Secondary
Steps to duplicate:
Create a typical HA pair.
Enter Persistent CARP Maintenance Mode on Primary to initiate a fai... Chris Linstruth
04:20 PM Bug #7896 (Feedback): picture_widget.php
Applied in changeset commit:00fc2d5eeec0954052e54e7da3aa601c0570cfc8. Anonymous
03:00 PM Bug #7896 (Assigned): picture_widget.php
If you save the widget with no picture, it makes a link that says "picture" and that still has the original problem.
... Jim Pingle
03:43 PM Bug #1698 (Resolved): IPSec tunnel from CARP backup interface
Jim Pingle
03:43 PM Bug #1943 (Closed): PPPoE won't reconnect after link loss when using vr(4) NICs on certain ISPs only
This bug was specific to vr(4) and the only major platform using vr(4) NICs is 32-bit only, which is no longer suppor... Jim Pingle
03:40 PM Bug #6200 (Not a Bug): LACP with em driver does not work with cisco active lacp setup
This is working fine on current versions and no additional feedback. Closing. Jim Pingle
03:39 PM Bug #6206 (Resolved): Default icmp6 pass-rules are added even when ipv6 is "disabled" by user
Jim Pingle
03:38 PM Bug #6344 (Resolved): Firewall rules being deleted when separators are added
Jim Pingle
03:37 PM Bug #6990 (Not a Bug): DDNS IPs not updating after a system restart
This is working fine on current versions for myself and others, if there is still a problem with this on 2.4 it may b... Jim Pingle
03:35 PM Bug #7157 (Resolved): Traffic graphs cause the tab to crash when run in the background
Jim Pingle
03:35 PM Bug #7378 (Resolved): pfctl: ix0: driver does not support altq
Jim Pingle
03:34 PM Bug #7606 (Resolved): Using limiters and VLANs on Supermicro Xeon D boards crashes with kernel panic
This appears to be working fine on current versions and no additional feedback from the user. Closing. Jim Pingle
03:32 PM pfSense Packages Bug #7944 (Resolved): Bind XMLRPC Sync Error
Jim Pingle
03:29 PM Bug #1052 (Resolved): Certificate validation of the LDAPS servers is not enforced
This is working fine on current versions and has been for some time now. Closing. Jim Pingle
03:27 PM Bug #682 (Resolved): WAN traffic graph is broken with MLPPP
Jim Pingle
03:27 PM Bug #5550 (Resolved): Viewing NTP service info (/services_ntpd.php) triggers lots of email alerts
This is working fine on current versions and no additional feedback from the user. Closing. Jim Pingle
03:26 PM Bug #4365 (Resolved): ALTQ Traffic Shaping is not working in pfSense 2.2 when run on Hyper-V 2012 R2
Try again on 2.4, if it is possible, it should work there. Jim Pingle
03:25 PM Bug #5958 (Not a Bug): Stale Aliases - upstream DNS changes do not update firewall rules that are based on aliases
This is working fine on current versions and no additional feedback from the user. Closing. Jim Pingle
03:24 PM Bug #6205 (Resolved): VLAN tagging in Hyper-V guest not working?
Lots of changes in FreeBSD for Hyper-V since this went in, try again on 2.4.x. Jim Pingle
03:24 PM Bug #4805 (Resolved): Using FQDN and IP in alias causes static entries to be lost
Jim Pingle
03:23 PM Bug #6423 (Not a Bug): WAN doesn't reconnect on dropped PPPoE session
No sign of any issues with dropped PPPoE sessions on any current version. Jim Pingle
03:22 PM Bug #6487 (Not a Bug): PfSense crashes during boot at configuring LAGG interfacess
Jim Pingle
03:22 PM Bug #6812 (Not a Bug): IPsec filterdns crash
No other reports and it's working fine for others. Either was a temporary glitch or something on that system at the t... Jim Pingle
03:20 PM Bug #6572 (Duplicate): Config sync hangs php-fpm on secondary
From the symptoms, I'd say this is likely either already fixed or the same issue as #7469 Jim Pingle
03:14 PM pfSense Packages Bug #6818 (Not a Bug): WAN traffic graph displays inverted bandwidth columns
Jim Pingle
03:13 PM Bug #7213 (Resolved): Hyper-V install, no disk found
Jim Pingle
03:11 PM Bug #7249 (Resolved): firewall_rules.php & firewall_nat.php: Replaces underscores with spaces in aliase names
Jim Pingle
03:10 PM Bug #7305 (Resolved): widget "squid antivirus status"
Jim Pingle
03:10 PM Bug #7372 (Resolved): Cannot filter ICMP Type SKIP
Jim Pingle
03:09 PM Bug #7570 (Not a Bug): openvpn_wizard old error message
Jim Pingle
03:07 PM pfSense Packages Bug #7752 (Not a Bug): Squid 3 reverse proxy - HTTPS==>HTTP fails
Jim Pingle
03:05 PM Bug #7808 (Resolved): Dashboard brakes when adding widgets
There has been some focus on the installed packages widget lately, such as #8035. The widget works fine now and doesn... Jim Pingle
03:03 PM Bug #7817 (Not a Bug): Login CSRF token fail on boot.
I still can't duplicate this here, and it's entirely possible other changes since the original report have addressed ... Jim Pingle
02:56 PM Bug #8010 (Not a Bug): import cert: "The submitted private key does not match the submitted certificate data"
Jim Pingle
02:53 PM Bug #8041 (Resolved): Missing download images for i386 platform
Jim Pingle
02:52 PM Bug #8091: Limiters with fractional bandwidth values are not loaded correctly
I fixed the backend of this on #8097 so the pipe bandwidths should be OK, but there is still that weird GUI issue whe... Jim Pingle
02:50 PM Bug #8074 (Duplicate): Captive Portal RADIUS WISPr-Bandwith-Up value used incorrectly creating Limited rules
I didn't notice this one, but the description was not quite right. The real bug is in #8097 and there is a fix in 2.4... Jim Pingle
02:47 PM Bug #8053 (Resolved): Firewall Rule IPv6 Gateway Cannot Be Selected
Jim Pingle
02:38 PM Revision 529fbbfd: Improves bug#6400 further reducing page load time from my previous commit
Moved select box generation code out of interface display loop, meaning it runs once iterating over count(interfaces)... Peter Schofield
02:01 PM Revision 7c4e07c6: Ensure that the value passed to ipfw pipes is always an integer, no matter the source. Fixes #8097
Jim Pingle
02:00 PM pfSense Packages Bug #7935 (Resolved): FFR doesn't save prefix lists to bgpd.conf
It's there, the one box I checked apparently had a stale copy of frr_bgp.inc from earlier dev work. Jim Pingle
11:40 AM Bug #8098: interfaces_ppps_edit.php: Link paramter fields (bandwidth, mtu, mru, mrru) not shown when a VLAN is the parent
Applied in changeset commit:3bb0275d75b47833e4d15a0e7d78883792f7cfd2. Anonymous
11:37 AM Bug #8098 (Feedback): interfaces_ppps_edit.php: Link paramter fields (bandwidth, mtu, mru, mrru) not shown when a VLAN is the parent
Anonymous
10:10 AM Bug #8098 (Resolved): interfaces_ppps_edit.php: Link paramter fields (bandwidth, mtu, mru, mrru) not shown when a VLAN is the parent
On interfaces_ppps_edit.php the linkparam block of options is shown and hidden in some cases, but the interface name ... Jim Pingle
10:33 AM pfSense Packages Feature #8099 (Closed): Add more configuration flexibility to Telegraf
Users should be able to include custom configurations and/or be able to include inputs relevant to their installed pa... Doug Dimick
08:47 AM Bug #8097: Captive Portal RADIUS bw_up/bw_down can feed a non-integer value to ipfw, resulting in incorrectly parsed throughput values
I also changed FreeRADIUS 3.x to use 1000 as its multiplier to match the 1000 used by Captive Portal: https://github.... Jim Pingle
08:10 AM Bug #8097 (Feedback): Captive Portal RADIUS bw_up/bw_down can feed a non-integer value to ipfw, resulting in incorrectly parsed throughput values
Applied in changeset commit:7c4e07c625f21bb67370cffe8a6b3bd0c322fe5b. Jim Pingle
07:52 AM Bug #8097 (Resolved): Captive Portal RADIUS bw_up/bw_down can feed a non-integer value to ipfw, resulting in incorrectly parsed throughput values
The Limiter GUI and Captive Portal GUI locations to set bandwidth up/down enforce that the bandwidth value must be an... Jim Pingle
07:18 AM Bug #8094 (Not a Bug): not able to scroll in sub menu on mobile devices
It's only doing what it's been told to do. System > General Setup, you have top navigation set to "Fixed". Change it ... Jim Pingle
02:39 AM Bug #8094 (Not a Bug): not able to scroll in sub menu on mobile devices
this issue has been since long on the new web GUI where when you open it on any mobile and you want to goto any sub m... Bipin Chandra
04:32 AM Bug #8096 (Duplicate): Special characters not propagated by the config sync engine
Hi,
We use configuration synchronisation between two pfSense boxes to sync a list of firewall aliases and rules. T... Marin Bernard
04:07 AM Bug #8095 (New): Unescaped simple quotes break JavaScript features when the French translation is enabled
Hi,
In pfSense 2.4.1-RELEASE, the French translation includes several strings with unescaped simple quotes, which ... Marin Bernard

11/14/2017

05:25 PM Revision 7b60eb49: Fixed #8053
value vs text on Gateway selector
(cherry picked from commit 947394d291c2341afa24d3829d19721af20723df) Steve Beaver
04:53 PM Revision 947394d2: Fixed #8053
value vs text on Gateway selector Steve Beaver
03:51 PM pfSense Packages Feature #3478 (Resolved): OpenVPN Client Export Utility - save preferred settings
This has been in the export package for a while now. Jim Pingle
03:50 PM pfSense Packages Bug #6305: Quagga problems updating routes / mistakenly showing "kernel"-routes while they are not
If this still happens with Quagga, give FRR a try instead. Jim Pingle
03:49 PM pfSense Packages Bug #6449 (Rejected): Email Reports not wait a long command end to send the report.
This is almost certainly a configuration issue, likely from not using the full path to all commands involved. Follow ... Jim Pingle
03:47 PM pfSense Packages Bug #7470 (Closed): Status Traffic Totals - March 2017 is missing
Must be a quirk in vnstat handling of daylight saving time. The duplicate entries are not present now that DST has en... Jim Pingle
03:44 PM pfSense Packages Bug #7613 (Closed): quagga not starting after upgrade - initial boot
I haven't seen this happen in quite some time. It starts up after every upgrade here, and I upgrade test VMs with qua... Jim Pingle
03:44 PM pfSense Packages Bug #7736 (Resolved): Crahs with Quagga OSPF and the latest 2.4 Beta
Jim Pingle
03:44 PM pfSense Packages Bug #7820 (Closed): 2.4: dnsmasq can no longer handle punycode, compile time options change?
Jim Pingle
03:43 PM pfSense Packages Bug #7859 (Resolved): FRR doesn't use the raw config setting
Jim Pingle
03:43 PM pfSense Packages Bug #7935 (Assigned): FFR doesn't save prefix lists to bgpd.conf
Looks like that line was clobbered, probably by accident when I was making an update recently. I'll check it out again. Jim Pingle
03:41 PM pfSense Packages Bug #7950 (Closed): Quagga not displaying status messages on 2.4-rel
Closing, unable to reproduce. Jim Pingle
03:39 PM pfSense Packages Bug #7952 (Closed): OpenVPN export package for Windows flagged by a few AV's
No further reports, must have been a temporary false positive. Not much we could do about it anyhow. Jim Pingle
02:16 PM Bug #6406 (Resolved): Web process becomes unresponsive producing 502 Bad Gateway nginx
Anonymous
11:51 AM Revision 5228a05a: Enable devel/php-xdebug
Renato Botelho
11:50 AM Revision e065e756: Enable devel/php-xdebug
Renato Botelho
11:32 AM Revision 557f7ad0: Update translation files
Renato Botelho
11:26 AM Revision 3a80a823: Regenerate pot
Renato Botelho
11:23 AM Feature #8082 (Resolved): OpenVPN Redirect Gateway Option Only Works for IPv4
Jim Pingle
11:20 AM Feature #8082: OpenVPN Redirect Gateway Option Only Works for IPv4
On pfSense-netgate-memstick-ADI-2.4.2-DEVELOPMENT-amd64-20171114-0626 works as expected. Anonymous
11:23 AM Bug #8088 (Resolved): vpn_openvpn_client.php: CRL Selection is not saved or used
Jim Pingle
11:11 AM Bug #8088: vpn_openvpn_client.php: CRL Selection is not saved or used
Works as expected in pfSense-netgate-memstick-ADI-2.4.2-DEVELOPMENT-amd64-20171114-0626. Anonymous
11:00 AM Bug #8053 (Feedback): Firewall Rule IPv6 Gateway Cannot Be Selected
Applied in changeset commit:947394d291c2341afa24d3829d19721af20723df. Anonymous
09:16 AM Bug #8053 (Assigned): Firewall Rule IPv6 Gateway Cannot Be Selected
The GUI part appears correct but it's storing an incorrect value into config.xml and the gateway isn't reflected in t... Jim Pingle
08:55 AM Bug #8093 (Not a Bug): webConfigurator LDAP Authentication Issue in High Availability Cluster Configuration
The authentication source for the user manager is not a setting that synchronizes as a part of XMLRPC configuration s... Jim Pingle
08:47 AM Bug #8093 (Not a Bug): webConfigurator LDAP Authentication Issue in High Availability Cluster Configuration
I discovered the following issue in my pfsense 2.4.1 (amd64) high availability configuration.
When I configure an ... Nico Seeburger
04:36 AM Bug #8092 (Resolved): Captive Portal Allowed MAC bandwidth changes
Hi,
I've seen these in all of my pfsense devices.
Allowed Mac address changes in bandwidth doesn't apply.
Tried... Jesnar Miranda

11/13/2017

04:44 PM Revision 37f05e97: Add a separate checkbox for OpenVPN servers to redirect an IPv6 gateway now that OpenVPN has a native flag for it. Implements #8082
While here, since local network boxes are hidden when redirect gateway is enabled, do not use the values in those box... Jim Pingle
04:39 PM Bug #8042: VLAN Priority on dhcpc6c packets is not set. REF #7973
Nic, I can send you the updated dhcp6c client, it all works very nicely along with the PR 3862 Patch ID 6b8680a, it w... Martin Wasley
02:15 PM Bug #8042: VLAN Priority on dhcpc6c packets is not set. REF #7973
Martin Wasley wrote:
> Although VLAN tagging now works, it does not work for dhcp6c. @jimp suggested to @kwillers th... Nicolas Scheffer
04:15 PM Revision 97339595: Fix saving the CRL choice for OpenVPN clients. Fixes #8088
(cherry picked from commit 5bd94e5f2e3a4b694e3cfa91d16dab76078c118b)
(cherry picked from commit 2055285920b2714b71159... Jim Pingle
04:15 PM Revision 20552859: Fix saving the CRL choice for OpenVPN clients. Fixes #8088
(cherry picked from commit 5bd94e5f2e3a4b694e3cfa91d16dab76078c118b) Jim Pingle
04:04 PM Revision 5bd94e5f: Fix saving the CRL choice for OpenVPN clients. Fixes #8088
Jim Pingle
02:28 PM Bug #7425: dhclient not sending option 77
I agree with Nicolas,
we are quite a few to replace the Pfsense binaries to make this scenario work in France.
Re... Eric Scherlinger
02:11 PM Bug #7425: dhclient not sending option 77
Jim Pingle wrote:
> Moving target to 2.4.2 as we need 2.4.1 sooner than anticipated.
This option is mandatory to ... Nicolas Scheffer
02:27 PM pfSense Packages Bug #8047: XG-2758 - Coreboot Upgrade - Different ROM size
Update from the customer in my initial post:
Confirmed. After power cycling, the version reported was 01.00.00.18. Clinton Cory
12:06 PM pfSense Packages Bug #8047: XG-2758 - Coreboot Upgrade - Different ROM size
Update from the customer in my previous comment:
The BIOS now shows the latest version. Apparently a physical shut... Clinton Cory
11:40 AM pfSense Packages Bug #8047: XG-2758 - Coreboot Upgrade - Different ROM size
After powering off/on the equipment, the system shows the latest version number with the proper serial (I had no phys... Jose Luis Duran
10:41 AM pfSense Packages Bug #8047: XG-2758 - Coreboot Upgrade - Different ROM size
Here is an older report from another customer who initially reported this:
After trying to upgrade coreboot from 01.... Clinton Cory
09:56 AM pfSense Packages Bug #8047: XG-2758 - Coreboot Upgrade - Different ROM size
Example report from a customer (serial omitted):
Running 2.4.1 and trying to update Netgate Coreboot from 01.00.00.0... Clinton Cory
09:53 AM pfSense Packages Bug #8047: XG-2758 - Coreboot Upgrade - Different ROM size
Example screenshots attached. Clinton Cory
02:07 PM Bug #8085: DHCP deny client - breaks DHCP pool
I have verified that you generate the config file correctly. After trying to reproduce this again today, it appears t... Ken Bass
01:27 PM Bug #8085: DHCP deny client - breaks DHCP pool
It's not a bug in pfSense - we generate the configuration file correctly. If there is any issue it is one directly in... Jim Pingle
01:20 PM Bug #8085: DHCP deny client - breaks DHCP pool
I don't understand how this is Not a bug - forget about what I was trying to accomplish.
On the main LAN interface... Ken Bass
01:04 PM Bug #8085 (Not a Bug): DHCP deny client - breaks DHCP pool
The GUI places the directives in the correct places, within the specified pools, so there isn't any bug here.
That... Jim Pingle
01:22 PM Bug #8091: Limiters with fractional bandwidth values are not loaded correctly
If you have Limiters configured like that you can edit the values in the config file directly and re-save them in the... Steve Wheeler
12:53 PM Bug #8091 (Resolved): Limiters with fractional bandwidth values are not loaded correctly
IPFW is not loading the /tmp/rules.limiter file correctly in 2.4.X if the specified bandwidth value is not a whole nu... Steve Wheeler
12:33 PM Feature #8090 (Closed): Log Action of traffic when using float rule match to log traffic
It can't log "pass" or "block" because the log wasn't triggered by a pass or block rule. It doesn't have that kind of... Jim Pingle
12:11 PM Feature #8090 (Closed): Log Action of traffic when using float rule match to log traffic
I have a rule in float rules, which is set as follows.
Action: Match
Interface: LAN,DMZ
Family Address: IPV4
Pr... Jonny Proud
11:10 AM Bug #8089: VLAN page breaks after config restore to new hardware.
Sorry Affected Version is 2.4.1 Bridgetowermedia IT
11:09 AM Bug #8089 (New): VLAN page breaks after config restore to new hardware.
The VLAN interface page breaks after restoring a backup from devices using emX interfaces to devices using igbX inter... Bridgetowermedia IT
11:09 AM Bug #8022 (Resolved): radvd receives SIGBUS on SG-3100 (ARM)
Renato Botelho
10:36 AM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM)
Luiz Souza wrote:
> The regression was fixed.
>
> Thanks for reporting.
Updated, looks good.
 Daryl Morse
08:52 AM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM)
The regression was fixed.
Thanks for reporting. Luiz Souza
11:00 AM Feature #8082 (Feedback): OpenVPN Redirect Gateway Option Only Works for IPv4
Applied in changeset commit:37f05e979280123760a0d7508c4ea9dccaa2a542. Jim Pingle
10:42 AM Feature #8082 (Assigned): OpenVPN Redirect Gateway Option Only Works for IPv4
There was a ticket for this already at #6483 but that one had some really outdated info so I'll keep this one.
I'v... Jim Pingle
10:58 AM pfSense Packages Feature #7376 (Closed): ACME Package - Please add support Namecheap DNS service
Looks like Namecheap's API is problematic for this use case. acme.sh decided not to attempt supporting it. Aside from... Jim Pingle
10:53 AM pfSense Packages Feature #7377 (Resolved): ACME Certificate DNS-Digitalocean Verification Method
DigitalOcean support is present in the current ACME package. Jim Pingle
10:52 AM pfSense Packages Todo #7658 (Resolved): BGP support in Quagga
Raw config support is there now. If that isn't sufficient, switch to FRR which has a full BGP GUI. Jim Pingle
10:50 AM pfSense Packages Feature #7824 (Resolved): [acme / Let's Encrypt] Bump to the latest acme.sh package
This was merged some time ago and is in the current package. Jim Pingle
10:41 AM Feature #6483 (Duplicate): Add OpenVPN redirect-gateway option for IPv6
OpenVPN has a native flag for this now, closing in favor of #8082 since the info here is outdated and that one is cur... Jim Pingle
10:20 AM Bug #8088 (Feedback): vpn_openvpn_client.php: CRL Selection is not saved or used
Applied in changeset commit:5bd94e5f2e3a4b694e3cfa91d16dab76078c118b. Jim Pingle
10:07 AM Bug #8088 (Resolved): vpn_openvpn_client.php: CRL Selection is not saved or used
When saving an OpenVPN client, the CRL field value is not saved in config.xml and it is not used in the client. Jim Pingle
12:23 AM Bug #8087 (New): Provide Calling-Station-ID to RADIUS backed VPN connections
I'm using Duo 2fa radius proxy to connect to the on board RADIUS server in PFsense and am not getting an IP or a user... Sunrunner20 20

11/12/2017

08:40 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM)
Random User wrote:
> Luiz Souza wrote:
> > the new (and working) version will be available in the next 2.4.2 snapsh... Daryl Morse
04:50 PM Bug #8086 (Closed): DHCPv6 no longer working
Upgraded from 2.3 and I no longer have a DHCP v6 address from Comcast.
Attach log file snippet almost looks like d... Ken Bass
04:45 PM Bug #8085 (Not a Bug): DHCP deny client - breaks DHCP pool
I decided that on my LAN I mainly wanted DHCP to be handed out to the static mappings and I wanted the static mapping... Ken Bass
12:21 PM Revision 772a7b3d: refactored interfaces_assign.php to to benefit people with large numbers of VLANs, as requested on the forum at https://forum.pfsense.org/index.php?topic=137391.0. Also contains a minor speedup for interfaces_vlan.php. Modified functions are contained in interfaces_fast.inc. Profiling code is still present but commented out, as is replaced code.
Peter Schofield
07:03 AM Feature #8084 (Duplicate): Implementação do Login Social no Captive Portal
Sugestão de implementação do Login Social no Captive Portal. Valdir Martins

11/11/2017

06:32 PM Bug #8083 (Duplicate): No Auto-reboot after guided ZFS installation
Duplicate of #7307 Jim Pingle
05:42 PM Bug #8083 (Duplicate): No Auto-reboot after guided ZFS installation
vt100
Accept
Install pfSense
Default Keymap
Auto (ZFS)
Proceed with Installation
Stripe - No Redundancy
da1
... Chris Linstruth
05:24 PM Feature #8082 (Resolved): OpenVPN Redirect Gateway Option Only Works for IPv4
The "Redirect Gateway" checkbox on the OpenVPN server settings page appears to only push the "redirect-gateway def1" ... Steve Matos
03:16 PM Bug #8081 (Closed): NICs malfunction
On a firewall with 8 NICs:
igb0: <Intel(R) PRO/1000 Network Connection, Version - 2.5.3-k>
igb1: <Intel(R) PRO/10... Giovanni Berisso
01:38 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM)
Luiz Souza wrote:
> the new (and working) version will be available in the next 2.4.2 snapshot.
That commit rende... Random User
10:31 AM Bug #8074: Captive Portal RADIUS WISPr-Bandwith-Up value used incorrectly creating Limited rules
Some more info.
I also get this problem in version 2.4.1
I've been looking at the code in /etc/inc/captiveportal.in... Richard Gate
10:31 AM Bug #8079 (Resolved): XMLRPC Issues with Captive Portal Vouchers
Jim Pingle
10:19 AM Bug #8079: XMLRPC Issues with Captive Portal Vouchers
Tested latest snapshot 2.4.2.a.20171110.1936. Works here. Chris Linstruth
07:52 AM Bug #8080 (Resolved): DHCPv6 + SLAAC SG1000
Thank you James. Luiz Souza
05:43 AM Bug #8080: DHCPv6 + SLAAC SG1000
I can also confirm that after upgrading to the latest 2.4.2 development snapshot that the issue is resolved and radvd... James Webb
05:16 AM Bug #8080: DHCPv6 + SLAAC SG1000
On further inspection after clearing the log file and force restarting radvd, the routing log file simply consists of... James Webb

11/10/2017

10:07 PM Bug #8079: XMLRPC Issues with Captive Portal Vouchers
That snapshot is not recent enough to contain the changes Jim Pingle
09:34 PM Bug #8079: XMLRPC Issues with Captive Portal Vouchers
Tested in Current Base System 2.4.2.a.20171110.1037
Still produces Errors on Secondary after testing expired vouch... Paighton Bisconer
01:20 PM Bug #8079 (Feedback): XMLRPC Issues with Captive Portal Vouchers
Applied in changeset commit:66dd4fe2ad0c7d63f9da45a9b32bd6c94a78fc44. Jim Pingle
01:14 PM Bug #8079: XMLRPC Issues with Captive Portal Vouchers
Actually #1 is not valid because that section shouldn't sync that way. That typo breaking the sync in that direction ... Jim Pingle
12:01 PM Bug #8079 (Resolved): XMLRPC Issues with Captive Portal Vouchers
Multiple issues with Captive Portal vouchers:
1. Sync of the voucher configuration doesn't work because in /etc/rc... Jim Pingle
08:44 PM Bug #8080: DHCPv6 + SLAAC SG1000
Is there a message in any of the logs about radvd crashing? Jim Pingle
07:04 PM Bug #8080: DHCPv6 + SLAAC SG1000
Hi Jim,
Very good point. It does seem that radvd is NOT running. James Webb
06:58 PM Bug #8080: DHCPv6 + SLAAC SG1000
Is radvd running? This could be a duplicate of #8022
Without router advertisements, clients wouldn't know to conta... Jim Pingle
06:55 PM Bug #8080 (Resolved): DHCPv6 + SLAAC SG1000
Hi,
I recently bought an SG1000 device for use on a corporate network.
I have had quite a bit of experience with ... James Webb
08:20 PM Revision 6bb69034: Fixed #8053 Revised page JavaScript to update gateway selector on IP family change
(cherry picked from commit ae381698db23f260027c27c9aa12694a38c2f9ce) Steve Beaver
08:15 PM Revision ae381698: Fixed #8053 Revised page JavaScript to update gateway selector on IP family change
Steve Beaver
08:15 PM Revision 13f88d0a: Fixed #8053
Revised page JavaScript to update gateway selector on IP family change Steve Beaver
07:08 PM Revision 66dd4fe2: Remove this part, the voucher settings shouldn't be synchronized this way, it's handled via the voucher sync settings on the secondary. Fixes #8079
It was only working before because of this typo, the code shouldn't have been there at all. Jim Pingle
07:00 PM Revision 927a988e: When synchronizing vouchers, avoid allowing null values. Also, fix a missing variable global declaration. Part of ticket #8079
Jim Pingle
06:14 PM Revision ff25106d: Correct voucher config section name. Part of ticket #8079
Jim Pingle
04:33 PM Revision 9605cf97: Use a strict check of array_search() result
Renato Botelho
04:33 PM Revision a82c33f6: Use a strict check of array_search() result
Renato Botelho
04:33 PM Revision 2a6b3b70: Use a strict check of array_search() result
Renato Botelho
04:33 PM Revision bc60e070: Use a strict check of array_search() result
Renato Botelho
04:19 PM Revision 9b750b40: Remove empty items from output
Renato Botelho
04:18 PM Revision 5535d91d: Remove empty items from output
Renato Botelho
04:18 PM Revision 29c728a2: Remove empty items from output
Renato Botelho
04:18 PM Revision c253e352: Remove empty items from output
Renato Botelho
03:15 PM Bug #7426 (Resolved): UDP packet drops
Jim Pingle
02:30 PM Bug #8053: Firewall Rule IPv6 Gateway Cannot Be Selected
Applied in changeset commit:13f88d0a0a7347c7a44ffed7b33afa110cc64174. Anonymous
02:12 PM Bug #8053 (Feedback): Firewall Rule IPv6 Gateway Cannot Be Selected
firewall_rules_edit.php page JavaScript revised to update the gateway list dynamically. Anonymous
02:20 PM Revision 19dab63b: Detect when system is running a newer version than the one available on remote repository
Renato Botelho
02:20 PM Revision ab7813e8: Detect when system is running a newer version than the one available on remote repository
Renato Botelho
02:20 PM Revision f27bd8cd: Detect when system is running a newer version than the one available on remote repository
Renato Botelho
02:20 PM Revision 8d5ff32b: Detect when system is running a newer version than the one available on remote repository
Renato Botelho
02:17 PM Revision 840f28ca: Always do rquery when pkg search is not used
Renato Botelho
02:17 PM Revision fabfe51d: Always do rquery when pkg search is not used
Renato Botelho
02:17 PM Revision be8884da: Always do rquery when pkg search is not used
Renato Botelho
02:17 PM Revision eaed7e74: Always do rquery when pkg search is not used
Renato Botelho
12:52 PM Revision 005be784: Rename 2.3 repositories to keep list sorted in GUI
Renato Botelho
12:51 PM Revision a0494dc8: Rename 2.3 repositories to keep list sorted in GUI
Renato Botelho
12:50 PM Revision a64fe84d: Rename 2.3 repositories to keep list sorted in GUI
Renato Botelho
12:49 PM Revision 89d2b4c3: Rename 2.3 repositories to keep list sorted in GUI
Renato Botelho
12:23 PM Bug #8039 (Resolved): Invalid characters in static IP description will not resolve upon correction
Jim Pingle
12:15 PM Bug #7946 (Resolved): 2.4 Package Manager: Does Not List Installed Packages which have been removed from the repository.
Renato Botelho
11:57 AM Bug #7946: 2.4 Package Manager: Does Not List Installed Packages which have been removed from the repository.
freeradius2 remained at Installed Packages in the WebGUI. Fix confirmed. Anonymous
06:20 AM Bug #7946 (Feedback): 2.4 Package Manager: Does Not List Installed Packages which have been removed from the repository.
Applied in changeset commit:44cb7fee05969601e25376bba8ce1d2be10e4eb7. Renato Botelho
12:10 PM Revision a9b0a7a3: Fix #7946: Display installed packages missing on remote repo to let user to delete it
Renato Botelho
12:09 PM Revision 42b6ca6e: Fix #7946: Display installed packages missing on remote repo to let user to delete it
Renato Botelho
12:09 PM Revision ef1ed439: Fixed #8035
Steve Beaver
12:09 PM Revision a16690c8: Fix #7946: Display installed packages missing on remote repo to let user to delete it
Renato Botelho
12:09 PM Revision 44cb7fee: Fix #7946: Display installed packages missing on remote repo to let user to delete it
Renato Botelho
11:56 AM Revision 388bb779: Fixed #8035
Steve Beaver
11:10 AM Bug #7917 (Resolved): GUI shows "There are no packages currently installed" when repos are unreachable
Renato Botelho
11:03 AM Bug #7917: GUI shows "There are no packages currently installed" when repos are unreachable
installed a package, pulled WAN, went back to Packages and the package showed. Rebooted without WAN, checked again, p... Anonymous
06:15 AM Bug #7917 (Feedback): GUI shows "There are no packages currently installed" when repos are unreachable
I've confirmed fix pushed for #7946 also fix it Renato Botelho
10:40 AM Bug #8022 (Feedback): radvd receives SIGBUS on SG-3100 (ARM)
The package was upgraded to recent upstream version (2.17) just to let us discover that the original bug was still pr... Luiz Souza

11/09/2017

10:15 PM Bug #8039: Invalid characters in static IP description will not resolve upon correction
On pfSense-netgate-memstick-ADI-2.4.2-DEVELOPMENT-amd64-20171108-1341 could not reproduce the bad behavior. Anonymous
02:00 PM Bug #8039 (Feedback): Invalid characters in static IP description will not resolve upon correction
Applied in changeset commit:d70eaff5781015294376b42284e728265c56fd8d. Anonymous
07:52 PM Revision d70eaff5: Fixed #8039 Changed to on sanitizing data. This is to help so if the user has previous cookie data it shouldn't try and sanitize it.
Stephen Jones
07:00 PM Bug #8077: Filterlog format does not match documentation or RFC spec
You are of course right, and I am feeling silly. Can't see the wood for the trees.
There is a proper bug report ag... Joash Lewis
04:01 PM Bug #8077: Filterlog format does not match documentation or RFC spec
And that fact is already noted on the page. Immediately under the line you quoted. Jim Pingle
04:01 PM Bug #8077 (Not a Bug): Filterlog format does not match documentation or RFC spec
That is the format of the log in /var/log/filter.log
If it looks different coming across syslogd, that's a differe... Jim Pingle
03:58 PM Bug #8077 (Not a Bug): Filterlog format does not match documentation or RFC spec
The "documentation of the filterlog format":https://doc.pfsense.org/index.php/Filter_Log_Format_for_pfSense_2.2 indic... Joash Lewis
06:32 PM Revision 81fbfd64: Add missiing repo definitions
Renato Botelho
05:10 PM Revision 73568673: Also kill off sshlockout_pf processes when restarting syslogd. Fixes #7984
Jim Pingle
04:49 PM Feature #8078 (New): PPPoE Reconnect Wait Time
When there is an outage (whether accidental or network maintenenace) the PPPoE session will drop. With some ISPs the... Kristopher Kolpin
04:40 PM Revision e00f69c8: Fixed #7966 added a moving average smoothing factor to help out with some of the jagged graphs. Since the quickest update will be every other second this will help make it look smoother. Also added this to the widget and added some functionality to the status page so it can display in two different styles. Setting smoothing to 0 will make the graph the same as before this was added. Raising it will allow for a moving average to be taken into account to smooth out the graphs.
Stephen Jones
03:56 PM Bug #6459 (Resolved): AWS EC2 Instance should skip interface config in setup wizard
Jim Pingle
03:51 PM Bug #6459: AWS EC2 Instance should skip interface config in setup wizard
Tested ok today. Chris Macmahon
03:49 PM Bug #7856 (Resolved): IPsec status does not show all connected mobile clients
Jim Pingle
03:49 PM Bug #8003 (Resolved): IPsec weirdness with 2.4.1
Jim Pingle
03:46 PM Bug #8063 (Resolved): ZFS installs using MBR or geli end up with an empty /boot due to bootpool not being imported
Jim Pingle
03:43 PM Revision 152dd87a: 2.3 specific revision to custom repo system
Provide mechanism to allow for transition to a new package repository server
(cherry picked from commit 00d0c66e6217... Steve Beaver
01:42 PM Revision 10694d88: Fix repo path
Renato Botelho
01:13 PM Revision 7d7398f2: Add consolidate pkg repos to use on all branches
Renato Botelho
01:09 PM Revision 5ccb7e12: Fill default repo dinamically
Renato Botelho
01:08 PM Revision d52ca8eb: Define default repo
Renato Botelho
01:05 PM Revision 15f12d8e: Fill default repo dinamically
Renato Botelho
01:05 PM Revision 5e15203c: Define default repo
Renato Botelho
01:05 PM Revision c92d1db5: Add consolidate pkg repos to use on all branches
Renato Botelho
01:02 PM Revision dab47760: Add consolidate pkg repos to use on all branches
Renato Botelho
01:01 PM Revision d82a9bda: Add consolidate pkg repos to use on all branches
Renato Botelho
12:28 PM Feature #7823 (Resolved): Pull request: Add support for dynamic DNS provider ClouDNS
Jim Pingle
12:20 PM Bug #7966 (Resolved): Live traffic graphs appear to have sampling errors
Jim Pingle
11:59 AM Bug #7966: Live traffic graphs appear to have sampling errors
On pfSense-CE-memstick-ADI-2.4.2-DEVELOPMENT-amd64-20171108-1340 gitsync'd to master, the smoothing slider is availab... Anonymous
10:50 AM Bug #7966 (Feedback): Live traffic graphs appear to have sampling errors
Applied in changeset commit:e00f69c8cd29a58383ac40a8d1e30045449eec14. Anonymous
12:19 PM Bug #7984 (Resolved): restarting syslogd service makes sshlockout_pf process orphans
Jim Pingle
12:14 PM Bug #7984: restarting syslogd service makes sshlockout_pf process orphans
On pfSense-CE-memstick-ADI-2.4.2-DEVELOPMENT-amd64-20171108-1340 gitsync'd to master, works as expected. Anonymous
11:20 AM Bug #7984 (Feedback): restarting syslogd service makes sshlockout_pf process orphans
Applied in changeset commit:73568673ebb45bd3c58cdd638a93b754b09cc654. Jim Pingle
11:09 AM Bug #7984 (Assigned): restarting syslogd service makes sshlockout_pf process orphans
Yeah I see the problem with the restart case, I'll push a fix shortly. Jim Pingle
11:26 AM Bug #8043 (Resolved): Cannot enable IPsec Mobile Client Support when the interface is in french
Jim Pingle
11:21 AM Bug #8043: Cannot enable IPsec Mobile Client Support when the interface is in french
On pfSense-CE-memstick-ADI-2.4.2-DEVELOPMENT-amd64-20171108-1340, set language to French, went to IPSec and checked t... Anonymous
11:25 AM Bug #7786 (Resolved): traffic shaping queue on WAN wont allow total of all child to be 100%
Looks good here, too. Jim Pingle
11:13 AM pfSense Packages Bug #7961 (Resolved): JS Error on Status > Monitoring
Anonymous
11:09 AM pfSense Packages Bug #7961: JS Error on Status > Monitoring
on pfSense-CE-memstick-ADI-2.4.2-DEVELOPMENT-amd64-20171108-1340, went to Status > Monitoring clicked on Settings > D... Anonymous
11:11 AM Bug #8076 (New): User can easily apply an unusable interface configuration after restore
When loading a configuration file from a different device (with other
NICs) to a freshly installed pfSense, it corre... Adrian Zaugg
11:09 AM Bug #8075 (Rejected): OpenVPN binds to wrong interface with no ip on first interface
With two WAN interfaces and with an OpenVPN server on each, bound to its
interface, there is a wrong IP assertion in... Adrian Zaugg
10:57 AM Bug #8032 (Resolved): xmlrpcsync password fails with spaces in password
Works Jim Pingle
10:45 AM Bug #7978 (Resolved): IE 11 - Headers of tables almost not visible when no entries made
Jim Pingle
10:11 AM Bug #7307: ZFS installer - shuts down instead of rebooting
Given that this only happens when using eMMC, and the operator is already present at the hardware to perform the inst... Jim Pingle
09:58 AM Bug #8074: Captive Portal RADIUS WISPr-Bandwith-Up value used incorrectly creating Limited rules
Sorry should have set the Affected Version to 2.4.0 Richard Gate
09:30 AM Bug #8074 (Duplicate): Captive Portal RADIUS WISPr-Bandwith-Up value used incorrectly creating Limited rules
Since pfSense 2.4.0 and the re-write of Captive Portal, the RADIUS WISPr-Bandwidth-Up value is being used incorrectly... Richard Gate
09:14 AM Bug #7969 (Resolved): md5 bgp sessions fail in 2.4.0
Anything at the OS level appears to be fine now. I am able to establish a BGP peering with TCP MD5 and the latest FRR... Jim Pingle
08:15 AM Bug #8035 (Resolved): Installed packages widget does not show updates
Jim Pingle
08:11 AM Bug #8069 (Resolved): Services sorting is incorrect in several cases with multi-instance services
Jim Pingle
07:36 AM Bug #8059 (Resolved): /etc/ssl/openssl.cnf in 2.4.0 and 2.4.1 is broken
Jim Pingle
02:51 AM Bug #8073 (New): Traffic inexplicably not going through IPSEC despite (in theory) matching SPs
I am running a pfSense 2.4.0 twin installation with CARP between the two appliances.
I have been able to successfull... Fulvio Scapin

11/08/2017

07:56 PM Bug #8072: Limiter / Queue mask issues?
EDIT: To clarify. The old method of turning off pfsync and using just the limiters works as expected, however HA is... Damien Montanile
07:53 PM Bug #8072: Limiter / Queue mask issues?
Chris Linstruth wrote:
> It looks like you have your in/out directions mixed up.
>
> When you place Limiters on t... Damien Montanile
07:13 PM Bug #8072: Limiter / Queue mask issues?
And, further, if you want a separate pipe for each IP address you mask on the parent queue and do not set a child que... Chris Linstruth
06:46 PM Bug #8072: Limiter / Queue mask issues?
It looks like you have your in/out directions mixed up.
When you place Limiters on the LAN interface, the IN direc... Chris Linstruth
02:28 PM Bug #8072 (New): Limiter / Queue mask issues?
After upgrading to 2.4 and then again to 2.4.1, I noticed there is what appears to be a new issue as it applies to us... Damien Montanile
04:03 PM Revision e73cc753: Several corrections to service sorting to produce output consistent with user expectations. Fixes #8069
(cherry picked from commit 258fc75b0995a53997927edc5186b1fe8a5b409e)
(cherry picked from commit 8d9037dda9ab473af6df0... Jim Pingle
04:03 PM Revision 8d9037dd: Several corrections to service sorting to produce output consistent with user expectations. Fixes #8069
(cherry picked from commit 258fc75b0995a53997927edc5186b1fe8a5b409e) Jim Pingle
04:01 PM Revision 258fc75b: Several corrections to service sorting to produce output consistent with user expectations. Fixes #8069
Jim Pingle
03:46 PM Bug #8065 (Resolved): A manually configured filesystem layout with a separate /usr fails to properly setup several aspects of the system at boot time
Jim Pingle
03:10 PM Bug #7969: md5 bgp sessions fail in 2.4.0
Tim Economides wrote:
> Somewhat related issue I've first noticed while working with Quagga and FRR - When working w... Jim Pingle
03:03 PM Bug #7969: md5 bgp sessions fail in 2.4.0
Jim Pingle wrote:
> I added the flag to the raw config page. Unfortunately, fixing the other bug meant I had to rena... Tim Economides
02:40 PM Bug #7969: md5 bgp sessions fail in 2.4.0
I added the flag to the raw config page. Unfortunately, fixing the other bug meant I had to rename the fields so the ... Jim Pingle
01:33 PM Bug #7969: md5 bgp sessions fail in 2.4.0
Jim Pingle wrote:
> I just pushed a change to FRR to allow the user to manually choose whether or not they want to u... Tim Economides
12:51 PM Bug #7969: md5 bgp sessions fail in 2.4.0
I just pushed a change to FRR to allow the user to manually choose whether or not they want to use setkey entries for... Jim Pingle
02:06 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM)
Dave I experienced exactly the same thing as you did. I don't know how to fix it. I was only setting up ipv6 for fun ... Leif Huhn
12:34 PM Bug #8071 (Resolved): DNSimple support for Dynamic DNS no longer working
It seems that DNSimple has deprecated API v1 so all attempts using the current implementation will fail as unauthoriz... Kevin Loukinen
11:46 AM Bug #8070 (Closed): IKEv2 IPSec tunnel under load crashes pfSense when AES-NI is enabled
I want to refer you to this forumpost: https://forum.pfsense.org/index.php?topic=139146.0
As I said, disabling AES... Jan Jurkus
10:37 AM Bug #8039: Invalid characters in static IP description will not resolve upon correction
The static mapping wouldn't have anything to do with the port forward page.
The error on the port forward page is ... Jim Pingle
10:32 AM Bug #8039: Invalid characters in static IP description will not resolve upon correction
You will have to mark this as 'could not replicate'. I blasted the installation and will have to try again in the fut... Diedrich Guenther
10:25 AM Bug #7995: pfSense Certificate Manager Issues Blank Certificates
It will appear OK after booting, most tests will look fine then. You have to watch the console during boot time, the ... Jim Pingle
10:24 AM Bug #7995: pfSense Certificate Manager Issues Blank Certificates
I'm having the same issue on a freshly upgraded factory configured SG-8860. This happens with my existing CA as well... Gary Graham
10:10 AM Bug #8069 (Feedback): Services sorting is incorrect in several cases with multi-instance services
Applied in changeset commit:258fc75b0995a53997927edc5186b1fe8a5b409e. Jim Pingle
09:59 AM Bug #8069 (Resolved): Services sorting is incorrect in several cases with multi-instance services
On services_status.php, services with multiple instances (e.g. openvpn) appear unsorted in the list.
On the servic... Jim Pingle
09:07 AM Bug #8003: IPsec weirdness with 2.4.1
This has been fixed in 2.4.2 in these commits a65b41a9e455786dd969a1ffcd110fdf195f9031 and 130f3c9266e0b8c626aa6e8991... Anonymous
04:23 AM Bug #8003: IPsec weirdness with 2.4.1
In my case there are more than 300 tunnels. It is very inconvenient to check which ones work and which ones do not wo... Kirill Z
01:14 AM Bug #8003: IPsec weirdness with 2.4.1
I have the same issue on two SG-8860 in a carp setup upgraded from 2.3.4 to 2.4.0 and then 2.4.1. Seven connected ips... Alexander Lindqvist
09:07 AM pfSense Packages Bug #8068 (Resolved): Status Traffic Totals package installation is not recorded in config.xml
The installation of the Status_Traffic_Totals package is not reflected in config.xml, thus it is not present in a bac... Jim Pingle
08:55 AM pfSense Packages Bug #7487 (Resolved): Status Traffic Totals doesnt persist through reboots.
Jim Pingle
07:12 AM pfSense Packages Bug #8067 (Closed): Avahi can't be stopped from registering on unassigned interfaces
Related to #7755.
In the settings page for Avahi, the deny interfaces list shows assigned interfaces only.
I ha... Nathan Phillips
02:58 AM Bug #8059: /etc/ssl/openssl.cnf in 2.4.0 and 2.4.1 is broken
Jim Pingle wrote:
> Applied in changeset commit:3414dea15b2f31099ef2ec962c2062ae95080a0e.
Hi Jim,
Thanks for t... Anonymous
02:04 AM Bug #8066 (New): Static routes not applied when they go out a interface using carp
I have a fw that has a /30 configured on one interface and then a separate /30 ip series applied used carp on the int... Rasmus Fauske

11/07/2017

11:30 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM)
Leif Huhn wrote:
> Dave I formatted over the memory card, but I bet this would work for you:
>
> http://pkg.freeb... Dave Pugh
01:30 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM)
Dave I formatted over the memory card, but I bet this would work for you:
http://pkg.freebsd.org/FreeBSD:11:armv6/... Leif Huhn
09:40 PM Bug #8024 (Resolved): static ipv6 config allow invalid addresses
Luiz Souza
07:29 PM Revision 05871043: Reorder reading the product name in pfSense-rc so it happens after all filesystems are mounted. Fixes #8065
Jim Pingle
06:53 PM pfSense Packages Bug #8058: FreeRadius Accounting Bug after upgrade 2.3->2.4
Now it is happening again...for some reason latest activity in captive portal just stops working for some users.
I r... Frotty Zaoldyeck
08:02 AM pfSense Packages Bug #8058 (Closed): FreeRadius Accounting Bug after upgrade 2.3->2.4
Jim Pingle
05:32 PM Revision 00d0c66e: Provide mechanism to allow for transition to a new package repository server
Steve Beaver
03:38 PM Revision 635dcc69: Check for /bootpool and import the bootpool zfs pool if present. Fixes #8063
Jim Pingle
02:58 PM Bug #7969: md5 bgp sessions fail in 2.4.0
Jim Pingle wrote:
> Could be quagga vs frr, I am testing with frr. I'm still not convinced the second SA is doing an... Tim Economides
01:40 PM Bug #8065 (Feedback): A manually configured filesystem layout with a separate /usr fails to properly setup several aspects of the system at boot time
Applied in changeset commit:05871043800e44b40f9d542e5a76f9506259c115. Jim Pingle
01:28 PM Bug #8065: A manually configured filesystem layout with a separate /usr fails to properly setup several aspects of the system at boot time
Renato says the patch looks good.
Further testing shows no problems:
- Affected UFS system is OK
- Regular UFS s... Jim Pingle
01:04 PM Bug #8065 (Resolved): A manually configured filesystem layout with a separate /usr fails to properly setup several aspects of the system at boot time
Choosing a manual installation with a separate /usr slice (ex: boot, /, /usr, /var, swap) fails to setup various aspe... Jim Pingle
01:06 PM Bug #7995 (Closed): pfSense Certificate Manager Issues Blank Certificates
After some more digging based on your later e-mail reply, I believe I found the root cause of this. See #8065
Clos... Jim Pingle
08:26 AM Bug #7995: pfSense Certificate Manager Issues Blank Certificates
I can't seem to replicate that here. I used the exact same inputs you sent via e-mail and it worked as expected on 2.... Jim Pingle
12:37 PM pfSense Packages Bug #8064 (Not a Bug): Freeradius 3 One Time Password (OTP) not working
It works fine, I just tested it multiple times yesterday and even replied to "your forum thread":https://forum.pfsens... Jim Pingle
12:30 PM pfSense Packages Bug #8064 (Not a Bug): Freeradius 3 One Time Password (OTP) not working
Hello,
clean Installation: Pfsense 2.4.1 with freeradius 0.15.2 OTP Google Authentcation is +not+ working
clean I... Anonymous
10:05 AM Bug #8049 (Duplicate): MTU stuck at 1280 for gif0 interface
Looks like a duplicate of #6868 Jim Pingle
10:03 AM Bug #8009 (Duplicate): Can't upgrade from 2.4.0 to 2.4.1
It's hard to tell due to lack of info, but I'm guessing this is a duplicate of #8063, the symptoms seem to match. If ... Jim Pingle
09:55 AM Bug #6223: IPsec + OpenBGPD fails with "PF_KEY socket: No buffer space available"
Mitch Claborn wrote:
> What is the process for switching to FRR? Do I just install the FRR package or is there more ... Jim Pingle
09:53 AM Bug #6223: IPsec + OpenBGPD fails with "PF_KEY socket: No buffer space available"
What is the process for switching to FRR? Do I just install the FRR package or is there more to it? Mitch Claborn
05:55 AM Bug #6223: IPsec + OpenBGPD fails with "PF_KEY socket: No buffer space available"
I can confirm that this is still an issue on 2.4.0
Switching to FRR solved this for me. Andrew Wasilczuk
09:50 AM Bug #8063 (Feedback): ZFS installs using MBR or geli end up with an empty /boot due to bootpool not being imported
Applied in changeset commit:635dcc697a5caed4faebab384baa78809cf1c7b5. Jim Pingle
09:16 AM Bug #8063 (Resolved): ZFS installs using MBR or geli end up with an empty /boot due to bootpool not being imported
The zfs option in the installer can, in a few possible config paths, end up with a broken /boot. It looks like at lea... Jim Pingle
08:00 AM pfSense Packages Bug #8062: Fixes to AWS VPC VPN wizard
Thanks for the code submission! I had to remove those files from this public redmine post because that code is only a... Jim Pingle
05:48 AM pfSense Packages Bug #8062 (Resolved): Fixes to AWS VPC VPN wizard
A mixture of bug fixes and featured for the vpc vpn wizard.
h3. Use FRR BGP instead of OpenBGP
OpenBGP currentl... Andrew Wasilczuk
05:23 AM Feature #7962: Support for Intel 553 network card
Hi, having the same issue. I guess the new driver is needed.
Was fixed in FreeNAS already.
https://bugs.freenas.org... Jose Duarte
04:15 AM Revision 373513a5: Fix a bug in interfaces.php that will cause a failure on first 'Save' of 'OPT1' with some hardware configurations.
Luiz Souza
03:10 AM Revision 1328b154: Add the XML tags to support the switch entries.
Luiz Souza
03:10 AM Revision 3b135582: Remove stray white space.
Luiz Souza

11/06/2017

09:01 PM Revision 9b36e210: fixed the ipsec widget to show splitconnections for ikev2
Stephen Jones
08:54 PM Revision 3414dea1: Restore some customizations to openssl.cnf, otherwise it cannot generate a certificate. Fixes #8059
We set prompt=no, so most of these values will cause an error when openssl commands are run directly. Jim Pingle
08:47 PM Bug #8022: radvd receives SIGBUS on SG-3100 (ARM)
Leif Huhn wrote:
> I compiled 2.17 from ports on raspi2 and it runs on the SG-3100 without SIGBUS.
This issue is ... Dave Pugh
07:18 PM Bug #8061: LAN WAN Interfaces missing in Traffichshaper
Bridges and VLAN interfaces on LAN show up.
a spare interface on the same card shows up
It is just WAN interfaces a... W FM
07:13 PM Bug #8061: LAN WAN Interfaces missing in Traffichshaper
on irc someone else had the same issue.
Also worth noting this is i386 W FM
07:10 PM Bug #8061: LAN WAN Interfaces missing in Traffichshaper
em0@pci0:0:3:0: class=0x020000 card=0x10128086 chip=0x10108086 rev=0x01 hdr=0x00
vendor = 'Intel Corporation... W FM
06:46 PM Bug #8061: LAN WAN Interfaces missing in Traffichshaper
What type of interfaces are those (driver name)?
Perhaps they were supported by the shaper on older versions but t... Jim Pingle
06:38 PM Bug #8061: LAN WAN Interfaces missing in Traffichshaper
firewall_shaper.php
Firewall / Traffic Shaper / By Interface
(sorry for the typo) W FM
06:35 PM Bug #8061 (Resolved): LAN WAN Interfaces missing in Traffichshaper
In 2.3.5 LAN and WAN interface(s) are missing from the list.
see picture attached
If queues are deleted only wa... W FM
06:40 PM Bug #7936 (Resolved): bridge network interface does not support altq on 2.4.0-RELEASE
Luiz Souza
06:38 PM Bug #7940 (Resolved): disabling LAGG causes system reboot on 2.4
Luiz Souza
06:35 PM Bug #7981 (Resolved): PPP interfaces with a VLAN parent do not work with new VLAN names
Luiz Souza
05:48 PM Bug #7981: PPP interfaces with a VLAN parent do not work with new VLAN names
with
2.4.2-DEVELOPMENT (amd64)
built on Mon Nov 06 10:40:15 CST 2017
I confirm there is no more problem wit... Alexandre Paradis
03:25 PM Bug #8060 (Closed): Incorrect translation to Russian language
The main page in the "Version" section should be "Получение" instead of "Полчение". Alexander Ryazantsev
03:10 PM Bug #8059 (Feedback): /etc/ssl/openssl.cnf in 2.4.0 and 2.4.1 is broken
Applied in changeset commit:3414dea15b2f31099ef2ec962c2062ae95080a0e. Jim Pingle
03:00 PM Bug #8059: /etc/ssl/openssl.cnf in 2.4.0 and 2.4.1 is broken
I just pushed a fix for this, but a few important points need to be made:
1. The ACME package works fine serving f... Jim Pingle
02:30 PM Bug #8059 (Confirmed): /etc/ssl/openssl.cnf in 2.4.0 and 2.4.1 is broken
It is not broken, it works fine when you use it in a supported way (read: use the GUI or the ACME package).
Noneth... Jim Pingle
02:02 PM Bug #8059 (Resolved): /etc/ssl/openssl.cnf in 2.4.0 and 2.4.1 is broken
When using dehydrated (https://github.com/lukas2511/dehydrated) instead of the acme package for requesting LetsEncryp... Anonymous
02:59 PM Revision 2807660f: removed extra quote
Stephen Jones
11:57 AM pfSense Packages Bug #8058: FreeRadius Accounting Bug after upgrade 2.3->2.4
Okay, after recreated the client and interfaces, this time with "*" instead of the IP of the client, seemed to have w... Frotty Zaoldyeck
06:57 AM pfSense Packages Bug #8058 (Closed): FreeRadius Accounting Bug after upgrade 2.3->2.4
Hi,
I have been using FreeRadius with my captive portal successfully before freeRadius3 and pfsense 2.4
After the... Frotty Zaoldyeck
09:49 AM Bug #8044 (Resolved): LDAP authentication fails with a globally trusted root CA
Jim Pingle
09:45 AM Bug #8045: Terminal and WebGUI stops responding
Hi,
I have the same setup running (except nmap and snort).
Today I ran into the same issue.
I have a few of thes... Christian Rhomberg
08:34 AM Bug #8003: IPsec weirdness with 2.4.1
Constantine Kormashev wrote:
> Could not reproduce the issue with just one P2 entry. Seems it affects only multiply ... Neal Harrington
05:10 AM Bug #6650 (Resolved): Option needed to disable HSTS
Renato Botelho
03:15 AM Bug #8057 (Closed): don't start dpinger if still one running
It's the 2nd or 3rd time I see multiple instances of dpinger.
You have a pid file and can check for the process befo... Grischa Zengel
01:50 AM Revision 902cbde8: Support shutdown scripts in /usr/local/etc/rc.d. This allows packages to take critical shutdown actions such as
UPS power kill in NUT. Denny Page
 

Also available in: Atom