Activity
From 11/30/2017 to 12/29/2017
12/29/2017
-
08:11 PM Todo #8245: use delayed compression for sshd
- ...
-
- FreeBSD default sshd config is "compression delayed". [1] This defends against vulnerabilities like CVE-2016-10012 [2...
- 02:58 PM Revision 48a6bb92: Update language selections
12/28/2017
-
11:24 PM Revision 0ccfd70e: Remove old dnssec-keygen style files during upgrade
-
-
-
-
07:07 PM Revision 34300d73: Correct sethelp call on firewall_rules_edit.php, Fixes #8242
-
- PR: https://github.com/pfsense/pfsense/pull/3893
-
- Just like #6621, the Dynamic DNS RFC 2136 Client settings require a HMAC-MD5 key, there's no other algorithm choice.
-
- Applied in changeset commit:34300d739bfd7968e7e693f2a6302d49203ef4d0.
-
- Looks like this was a 2.4-ism that got picked back into RELENG_2_3. I pushed a fix that keeps the formatting.
-
08:21 AM Feature #8243 (New): Sync dashboard settings over xmlrpc
- I'd like to see pfsense being able to sync it's dashboard settings within a firewall cluster by config sync, making i...
-
- We'll get it automatically when we pull in the next quarterly ports branch, no need to go out of our way for every ve...
-
02:21 AM Feature #8240: code source bouton "Save" et "Apply change "
- Hey Jim,
Thanks for your quick answer, ok i will post my ask in the forum.
Have a nice day for all
12/27/2017
-
05:30 PM Bug #8242: Unable to edit firewall rules
- Was found on 2.3.6.a.20171227.0928, and 'target version' should be set to 2.3.6 if possible. (that can only be change...
-
05:01 PM Bug #8242 (Resolved): Unable to edit firewall rules
- Upon trying to edit firewall rules an error was presented
Catchable fatal error: Argument 2 passed to Form_Input:... -
05:00 PM pfSense Packages Todo #8241 (Rejected): Update ntopng to 3.2.2017.12.06
- There's a new release of ntopng on the FreshPorts tree: https://www.freshports.org/net/ntopng/
Please can it be p... -
- Please post support or development questions on the forum, mailing list, or reddit.
The forum has a "French board"... -
- Bonjour,
je suis en train de modifier le fichier config.xml de pfsense depuis un script python pour ajouter des vl... - 02:39 PM Revision f0584e6d: Merge pull request #3887 from JoeriCapens/dhcp-ddns-algorithm-choice
-
- (cherry picked from commit 918ef12c73364f28fe19891e9d13f57f454c897c)
-
-
- If IPsec bypasslan is enabled while the LAN interface is disabled, all traffic bypasses IPsec because it makes an SPD...
-
- Applied in changeset commit:534d7d6996854ed5f2521e7a796fb79aaacd176c.
-
- So far, so good. I no longer see a netstat process hanging around in top while watching the dashboard, the CPU usage ...
-
- Applied in changeset commit:918ef12c73364f28fe19891e9d13f57f454c897c.
-
02:14 AM Bug #8238 (Resolved): A global definition for $cpconfig is missing ...
- https://forum.pfsense.org/index.php?topic=141900.0 => [Captive Portal] Blocking a Previously White-listed MAC Doesn't...
12/26/2017
-
08:22 AM Todo #8237 (Feedback): Import netstat kresolve_list() fix from stable/11 to improve performance on some platforms
- Done. Let me know if I broke something.
-
- When viewing the dashboard on certain platforms, such as the SG-1000, the calls to netstat to gather data can be slow...
-
01:26 AM Feature #8236: Ability to configure "forward-first" and "forward-host" options for more robust domain overrides in DNS Resolver
- Possibly scratch the request for "forward-first" unless the implementer is very familiar with its behavior. In testin...
12/25/2017
-
- It would be great to have the option to configure both forward-first (a simple checkbox) and forward-host (perhaps an...
-
05:40 AM pfSense Packages Bug #8115: After update 2.3.4_1-> 2.4.0 ospf over gre looks broken
- workaround was :
MTU settings for GRE interfaces
new 2.4 version MTU 1376
old 2.3.4 version MTU 1400
in this ... -
03:48 AM Bug #4310: Limiters + HA results in hangs on secondary
- Lars Jorgensen wrote:
> Sander Naudts wrote:
> > Why not change target version to 2.9.9... sorry just little frustr...
12/23/2017
-
11:59 AM Bug #8235: The browser must support cookies to login
- Hello Scott,
Your symptoms are quite strange. Cookies are working in general since years in PFsense.
This should be... -
11:23 AM Bug #8235 (Not a Bug): The browser must support cookies to login
- I updated pfsense to use secure socket that utilizes port 443 to login as the adminstrator. Upon attempting to login ...
12/22/2017
-
- Filed #8234 against core pfSense.
-
- That's not true at all. All you need is a check-box to say "advertise interface IP as DNS server".
-
- The text below the "DNS servers" fields on the DHCP server configuration reads "Leave blank to use the system default...
-
-
- this is useful for mobile users that need to connect with different operating systems. This way there is no need to f...
-
- It appears NAT reflection is slightly broken when targeted at an IP alias which is defined via FQDN (rather than IP a...
-
02:35 AM pfSense Packages Feature #8232 (New): different ssl options based on the sni name
- We have a strange issue with one of our sites on https and Android/Chrome, based on our research and big help of Pi B...
12/21/2017
-
08:56 PM Feature #7281: OpenVPN: Add support for IPv6 dynamic prefix selection
- Actually, turns out that IPv4 addresses are actually preferred over ULA by most OSs, so connections don't use v6 when...
-
07:26 PM Bug #8231 (Resolved): Undefined function while restoring config from older version
- While restoring a 2.1.x config to a fresh 2.4.2 install, it fails with:
PHP Fatal error: Call to undefined function... -
- Basically same way you open a bug, just set the Tracker option to 'Feature' which is actually the same as you did for...
-
- Thank you one more time, how/where can I open a feature request? :)
-
- -Yes buying a extra IP would work could point the example2.com there and have a Frontend specifically for that.
-Oth... -
- Thank you very much for your help, now it's clear what happens, but still I have something unclear.
So we have two... -
-
- This reverts commit 373513a56140215c93282252186a938b7cefcf47.
- 03:20 PM Revision 2737a09d: Merge pull request #3881 from marjohn56/Increase-FPM-process-availability-in-high-ram-systems
- 03:19 PM Revision 6b54c8a4: Merge pull request #3792 from PiBa-NL/20170731-status_queues-realtime
- 03:19 PM Revision 07127d13: Merge pull request #3867 from dennypage/master
- 03:18 PM Revision c93231e1: Merge pull request #3866 from PiBa-NL/20171104-pkg-reinstallmissingpackage
- 02:48 PM Revision f53d18a6: Merge pull request #3891 from miken32/patch-1
-
- Basically current haproxy package only supports static ip/subnet aliases.
Workaround available here (Thanks Jerry ... -
12:48 PM pfSense Packages Bug #6449: Email Reports not wait a long command end to send the report.
- can close this issue ,
I had forgotten that ticket ..
tested today with pfsense 2.4.3 daily build and work .
...
12/20/2017
-
03:16 PM pfSense Packages Feature #8230 (New): telegraf automatic input plugins configuration for enabled pfsense package
- Telegraf configuration should be updated for input plugins when corresponding pfSense packages are enabled (e.g. hapr...
-
- it is no more than listening on port 9126 on lan interface, but while disabling any other outputs client.
-
- I think we have a problem with the word 'ALL' here.
Don't configure a CA to check client certificates against if y... -
- But if I use the options like on the screenshot attached, then the pfsense makes the following config:
/var/etc/ha... -
- "Leave all these options empty"
-
- sorry but I think we are talking about different things. So if I use the options like on the screenshot attached, the...
-
-
- p.s.
If you don't want to use client certificates, then just don't configure any of the options related to that.? -
- "If set to 'none', client certificate is not requested. *This is the default.*"
As it is the default you don't nee... -
- Dear All,
I've a strange issue with HAProxy serving HTTPS pages and phones with Android/Chrome. THe issue is the... -
12:16 PM pfSense Packages Bug #7755: Avahi package is not secure by default
- Furthermore, today i sniffed on our branch office`s openvpn Interfaces just to find, that mDNS/bonjour traffic from t...
-
11:13 AM pfSense Packages Bug #8229: syslog-ng stops parsing logs after logrotate run
- I see that syslog-ng 3.13.2 has been released. Perhaps an update is in order.
-
- I'm having trouble on one of my three pfsense boxes with syslog-ng stopping processing logfiles after the logrotate r...
-
07:52 AM Bug #4479: Firewall rules won't match GRE interface after applying IPSEC transport encryption on GRE tunnel
- I can confirm that 2.4.2_1 is still affected. So for now, its not possible to do site to site IPSec tunnel (except in...
-
- This is not a platform for discussion and diagnosis, take the topic to the forum, mailing list, or reddit for assista...
-
07:17 AM Bug #8227: Pfsense - Schedules service
- https://drive.google.com/file/d/1Qj2-4Tk3roiPP0aA0ASeYiJCoI9dyPuU/view?usp=drivesdk
-
- Jim Pingle wrote:
> Schedules are working fine, more likely some input on the page is not correct or it's not being ... -
- Schedules are working fine, more likely some input on the page is not correct or it's not being used properly (e.g. y...
-
- Hi.
I have some trubbel to sett up Schedules in Pfsense 2.4.2-RELEASE (amd64)
built on Mon Nov 20 08:12:56 CST ... -
-
12/19/2017
-
09:51 PM Bug #8222: When trying to add another OPT interface, it's replacing the last existing one
- Using
2.4.3-DEVELOPMENT (amd64)
built on Tue Dec 19 18:22:48 CST 2017
FreeBSD 11.1-RELEASE-p6
I can say ... -
- Using
2.4.3-DEVELOPMENT (amd64)
built on Tue Dec 19 18:22:48 CST 2017
FreeBSD 11.1-RELEASE-p6
I can say ... -
-
05:07 PM Bug #8206: Hosted Openappid rules - syntax error
- Renato Botelho wrote:
> Should be fixed now
Sorry for the delayed confirmation but, as I'm sure you know by now, ... -
- this is rather confusing - i stumbled above some "_dhcp" postfixed gateway entry and was not able to get rid of it - ...
-
05:49 AM Bug #8226 (Resolved): Pass-through MAC automatic additions adds duplicate
- When a user has multiple browser tabs open before logging into the captive portal. Each 'll show the captive portal l...
-
04:14 AM Feature #8168: strongswan dhcp option
- Lars Pedersen wrote:
> Would be nice to have the dhcp plugin for strongswan in pfsense. This feature could be useful...
12/18/2017
- 05:28 PM Revision 11f89751: allow for timezones with half hour increments i.e. asia/kolkata
- 05:23 PM Revision 5946477f: Fixed #8129 Updated to show timezones that have half hour increments i.e. asia/kolkata
- 01:55 PM Revision e34c96a3: Revert "Merge pull request #3868 from loonylion/master"
- Caused issues reported in https://redmine.pfsense.org/issues/8223
This reverts commit 74c55258b21ada7a542965c2470fbaa... - 01:39 PM Revision 32edd5dd: Optimze ICMP description processing
- 01:31 PM Revision 609ef335: Fixes #8219
- Escape single quotes when they arise from ICMP description translations
-
11:30 AM
Bug #8129 (Feedback): NTP Status -> Server time value incorrect for timezone Asia/Kolkata
- Applied in changeset commit:5946477f65f0f7a20504833ac156419875ac2b2b.
-
11:20 AM Bug #8165: Fragmented at source IPv6 packets (UDP + ICMP Ping) are not forwarded / v2.4.2 AMD64
- Just realised the packet capture example was truncated by one character. Here's what it should look like:
16:56:5... -
10:52 AM Bug #8222: When trying to add another OPT interface, it's replacing the last existing one
- I have revered the OPT naming code to vanilla pfSense; if this bug still occurs it's caused by something else.
-
- This was likely a problem introduced during a recent pull request merge: https://github.com/pfsense/pfsense/pull/3868...
-
- This should now be fixed; I corrected the broken reference.
-
-
07:56 AM
Bug #8223: Cannot delete vlan, I get redirected to an empty page
- PR reverted.
-
07:49 AM
Bug #8223: Cannot delete vlan, I get redirected to an empty page
- Yes. let's back out that PR.
-
- That page doesn't exist, but there is a reference to it: https://github.com/pfsense/pfsense/blob/master/src/usr/local...
-
06:52 AM
Bug #8223 (Closed): Cannot delete vlan, I get redirected to an empty page
- Unable to reproduce
There is no interfaces_vlan_new_prof.php page in pfSense
Suggest you discuss on the forum. -
- I'm actually using a ULA range for the IPv6 Tunnel Network, so that doesn't need to change, but the IPv6 Local networ...
-
- I would love to see this as well.
-
09:53 AM Bug #8003: IPsec weirdness with 2.4.1
- I am also having similar problems on 2.4.2.
One end shows connected, the other end shows disconnected. And - the pfS... -
- I am also having this problem with 2.4.2.
Command line doesn't help either:
swanctl --list-sas
connecting to ... -
- After configuring a remote access OVPN server, with IPv6 address for the tunnel network and the local network, the au...
-
07:40 AM
Bug #8219: No gateway groups on french language
- Applied in changeset commit:609ef33537e10e6faef38bbbeb16e477384a4503.
-
07:32 AM
Bug #8219 (Feedback): No gateway groups on french language
- Corrected by escaping single quote characters when they arise in ICMP descriptions.
12/17/2017
-
09:55 PM pfSense Packages Feature #8224: Add "OU" field to FreeRADIUS page
- Javier Ramirez wrote:
> FreeRADIUS will attempt to *compare* this cert (with an OU) to the details provided in FreeR... -
- It's possible to have FreeRADIUS validate the server/client cert against the CA. However, there's no place in the GUI...
-
- Definitely not anything in pfSense. There is nothing on the firewall that sets a date/time for the backup except for ...
-
04:39 AM Bug #8221: config xml downloads with incorrect creation date on macOS 10.13.
- I think this is actually a problem with the Synology NAS where I store my router XML files. Looks like they have a b...
-
- I haven't tested this thoroughly, but when downloading my config files, the date stamp is in the filename and is corr...
-
- The page I get redirected is : https://192.168.5.2/interfaces_vlan_new_prof.php
404 Not Found
nginx
Using ... -
- Using
2.4.3-DEVELOPMENT (amd64)
built on Fri Dec 15 09:33:08 CST 2017
FreeBSD 11.1-RELEASE-p6
I cannot ... -
12:44 AM Revision c56471a7: Fixes #7413: Some DHCPv6 leases are not displayed in the GUI
- . Better handling/parsing of ISC dhcpv6 leases file and removal of unnecessary properties.
. Experimental Pools/failo...
12/16/2017
-
09:46 PM Bug #8220 (Resolved): UI does not allow multiple MAC for same DHCP address
- The UI does not allow multiple MAC addresses to be assigned the same DHCP address, even when using different hostname...
-
- I have added a PR here: https://github.com/pfsense/pfsense/pull/3892
and updated https://forum.pfsense.org/index.php... -
05:41 PM Bug #8219 (Resolved): No gateway groups on french language
- When in the french language is displayed there is no gateway group options on firewall interface rules.
-
11:11 AM Bug #8217: Traffic Graph widget can not handle more than 4 interfaces
- Ok, it was a bug in the javascript file traffic-graphs.js line #332
I just had to hide the widget (-) .. reload t... -
- If there is more than 4 (four) interfaces, the Traffic Graph widget won't show the statistics graph.
-
- If a gateway-group is created. then change the name of an interface which is a member of that gateway-group. will bre...
-
- Please consider adding prometheus output as output choice for telegraf
-
07:39 AM Bug #8215: rcvif is NULL in ip6_forward - possible regression in 2.4
- I'd like to build a replacement kernel with the change so we can get our VPN working again. Is there a specific guide...
-
- [Bug re-created after previous one was accidentally closed by staff]
Hi, I'm facing random crashes after upgrading... -
04:31 AM pfSense Packages Bug #8214 (Resolved): HOME_NET includes all locally attached Networks
- When selecting a passlist to define the HOME_NET the HOME_NET always contains the locally attached networks of all in...
12/15/2017
-
-
07:04 PM Revision 9ad6899e: make inputs a bit wider for fahrenheit
-
-
-
- also ensure unit labels can be internationalized, and fix some whitespace
-
-
-
04:28 PM pfSense Packages Bug #8213 (New): acl src file not populated from alias
- Trying to use an alias as frontend ACL source IP filter. Alias (7 hosts) resolves correctly in pfSense, HAProxy conf...
- 03:32 PM Revision abe217af: Merge pull request #3890 from JoeriCapens/master
-
03:24 PM Feature #7671: Gateway Monitoring Via Custom Script or Telnet.
- Alright script is done, its pretty basic, See attached. Took Brendon's advice and used the Mark gateway as down optio...
-
- Please post on the forum, mailing list, or reddit to discuss your problem. It is unlikley you have a bug based on the...
-
01:47 PM pfSense Packages Bug #8212 (Not a Bug): Ipsec overwiew
- Hi
At some point I had some IpSec VPNs configured and I deleted them because they were no longer needed, those VPN... -
10:49 AM pfSense Packages Feature #8211 (Resolved): ACME cron job <- log activity
- Please log ACME's cron activity in the system log (normal and error outputs) so we know that there's any issue with i...
-
- Applied in changeset commit:0e13a3a63b28a0b8dc4b86543adaf0506ab1d17c.
-
04:55 AM Bug #8206 (Feedback): Hosted Openappid rules - syntax error
- Should be fixed now
-
12:43 AM Bug #8206: Hosted Openappid rules - syntax error
- Renato knows.
-
01:16 AM Bug #8061: LAN WAN Interfaces missing in Traffichshaper
- I am also confirming this issue on 2.3.5 and now 2.3.5_p1.
We have 22 affected units and they are all using the ig...
12/14/2017
-
- That would require coding support for the BIND package in the base system, which isn't going to happen. If you want t...
-
- The text on the DNS Servers field of the DHCP server configuration pages reads "Leave blank to use the system default...
-
-
-
11:57 AM pfSense Packages Bug #8209 (Closed): Suricat Inline netmap bad packet errors
- Using PFsense 2.4.2 and Suricata 4.0.1_1 I using Inline mode, I see errors like this appearing in the system log rath...
-
- It's still broken with FreeBSD 11.x and OpenBGPD and it's unclear if that combination will be fixed upstream.
If y...
12/13/2017
-
09:55 PM Bug #8208 (Resolved): Restoring a config in 2.4.2 with 2.3.X Security/Errata Only repo selected breaks PHP
- After attempting to repair repos for a failed upgrade, config was exported from 2.3.4-P1 and imported to a fresh inst...
-
09:23 PM Bug #8056: Bridge + CARP crashes/freezes pfSense
- Happens on both e1000 drivers and virtio drivers.
-
- This is observed on pfsense running in a QEMU/KVM host running Ubuntu/"artful".
-
- PF deadlocks once every 3 hours or so. There's a process holding a lock (carp lock, bridge lock)? which then I thin...
-
- Confirmed. For detail, see this.
https://redmine.pfsense.org/issues/8145
-
-
-
-
10:47 AM Bug #8207 (New): 2.4 cannot boot as a Xen VM with more than 7 NICs
- 2.4 does not seem to be able to boot when running as a VM under Xen when the guest is assigned more than 7 NICs. Boo...
-
06:28 AM Revision 3f3641a4: "Save" user selection for DUID type
- It proved confusing for users who entered a DUID as a certain type to
see the resulting DUID file displayed as a "Raw... -
- all pfSense builds are little-endian
12/12/2017
-
-
- otherwise problems occur with saving wrong values when switching between C/F
-
- we only use Fahrenheit for display, don't change the values!
-
-
- still need to update javascript
-
- global variables are really really ugly, this should be wrapped in an anonymous function
-
-
-
-
-
- Also resolve some indent issues, restrict live updates to temperature value only (not unit text)
-
-
- This was originally posted in the forum at https://forum.pfsense.org/index.php?topic=141319.0
-
- There is currently no community knowledge of who the "volunteer maintainer" is for the file hosted at http://files.pf...
-
- https://github.com/pfsense/pfsense/pull/3891
-
- For the dashboard temperature sensor widget, Americans should be able to use their strange units.
Working on a pul... -
-
- It would appear that either you have forwarding mode on and your upstream server returns its own address instead of N...
-
10:19 AM Bug #8204: unbound returning funny ip instead of nothing
- please close the ticket. Problem ist DNS of Provider.
-
- close
-
- where I ask unbount on pfSense for an IP, i.e. 1.1.1.1 it returns 62.138.239.45, 62.138.238.45:...
-
- PR: https://github.com/pfsense/pfsense/pull/3881
-
02:51 AM Bug #8201 (Duplicate): 502 gateway issues Increase FPM process availability in high ram systems
- To reduce chance of nginx gateway error when interacting with FPM backend, this patch does the following, starts up e...
-
- Referencing by number won't automatically create a link between Github and Redmine, you'll have to use the entire URL...
-
- PR #3862
-
- dhcp6c packets are not being tagged with VLAN priority.
Pull request issued:
PR 3862 -
- PR: https://github.com/pfsense/pfsense/pull/3889
-
- If the extended eve output is selected suircate gets configured to log all possible http headers. This might be too m...
-
- Add a check to Copy DUID button on system_advanced_network.php
-
03:09 AM Feature #8202 (Resolved): Captive portal: add support for setting traffic quotas
- Pull request #3453 on github https://github.com/pfsense/pfsense/pull/3453
Add support for traffic quotas to captiv... -
- * "Any configuration changes…"
-
- 2.4.2-RELEASE with BIND 9.11_9 on SG-4860
Steps to reproduce:
1) Install pfSense 2.4.2-RELEASE and the BIND packa... -
- The BIND package has many lists (ACLs, Views, Zones, Zone Domain records, etc.) whose order seems to be fixed permane...
-
01:57 AM pfSense Packages Feature #8198 (Resolved): pfSense-pkg-LCDproc: Add a link status screen for each interface
- see pull request: https://github.com/pfsense/FreeBSD-ports/pull/377
-
- 2.4.2-RELEASE with BIND 9.11_9 on SG-4860
Steps to reproduce:
1) Install pfSense 2.4.2-RELEASE and the BIND packa... -
- see pull request: https://github.com/pfsense/FreeBSD-ports/pull/376
-
- 2.4.2-RELEASE with BIND 9.11_9 on SG-4860
With the BIND package installed and enabled, I see two identical "/usr/l... -
12:22 AM pfSense Packages Bug #8193: Cellular Package Update
- https://github.com/pfsense/FreeBSD-ports/pull/414
-
- Hi,
this is the ticker for a PR for a larger update to the cellular package.
The main changes are:
Add a fixed...
12/11/2017
-
08:51 PM Bug #8192 (New): dpinger - Change in ISP link-local IPv6 address drops connectivity
- When connecting via PPPoE on a DSL connection, the IPv6 link-local address on an ISP's router may change periodically...
-
08:09 PM Feature #7596: Ting Config
- to update this issue, i have pushed the Ting apn settings to upstream and should be added soon.
-
- Sorry about Post 1, I typo'd the type numbers. Post 2 is correct.
-
- There are currently four types of DUID (DHCP Unique Identifier) defined in IETF RFCs - DUID-LLT, DUID-EN, and DUID-LL...
-
- There are currently four types of DUID (DHCP Unique Identifier) defined in IETF RFCs - DUID-LLT, DUID-EN, and DUID-LL...
-
07:06 PM Bug #8122: openvpn client is unable to use OTP (temporary) passwords
- PR implementing this feature https://github.com/pfsense/pfsense/pull/3877
-
- https://github.com/pfsense/FreeBSD-ports/pull/489
Not sure how this got assigned to me when I created it, hopefull... -
- There's some ancient DOM Level 0 code present, and it does not work. This should be updated to use jQuery. Will uploa...
-
-
-
-
-
-
-
-
-
-
04:02 PM pfSense Packages Feature #8190 (Resolved): Enhance RRD_Summary package with historical reporting
- RRD_Summary should allow display of available historical data beyond current and previous month. Created PR https://...
-
-
- PR: https://github.com/pfsense/pfsense/pull/3781
-
- Gateways, allow for configuring a gatewaygroup as the default gateway.
-Avoid changing routes by just visiting a web... -
- An RPZ "selectively intercepts DNS resolution for known-malicious network assets including domain names, IP addresses...
-
-
- ipsec, allow configuration of multiple ike phase1 encryption ciphers (algo/bits/hash/dh)
this is useful for mobile... -
- status_queues, provide 'realtime' statistics
-retrieve 'current' numbers from pfSense
not using qstats provides t... -
- pppoe, allow configuring pppoe on a carp interface so its only active on the master
https://github.com/pfsense/pfsen... -
- change the reference from install_package(.) as this function does not exist.
https://github.com/pfsense/pfsense/pul... -
03:13 PM Bug #8182: Support shutdown scripts in /usr/local/etc/rc.d
- Associated PR is https://github.com/pfsense/pfsense/pull/3867
-
- Support shutdown scripts in /usr/local/etc/rc.d. This allows packages to take critical shutdown actions such as UPS p...
-
03:12 PM pfSense Packages Feature #8181: Quagga OSPF failover mechanism takes too much time to converge in HA environments
- [[https://github.com/pfsense/FreeBSD-ports/pull/413#issuecomment-336879042]]
-
- In order to improve uptime in HA environments, we developed a mechanism to dynamically change OSPF interface costs on...
-
- Another potential PR: https://github.com/pfsense/pfsense/pull/3640
-
- PR: https://github.com/pfsense/pfsense/pull/3887
-
- New PR: https://github.com/pfsense/pfsense/pull/3890
-
-
-
11:25 AM Feature #7671: Gateway Monitoring Via Custom Script or Telnet.
- Interesting.
There is a "Mark Gateway as Down" option in the GUI. If you could figure out how to script that flag... -
- Well it seems that the man behind the curtain of support says that this isn't possible... I refuse to accept that thi...
-
09:29 AM pfSense Packages Bug #8180 (Closed): syslog-ng default log file
- The main problem is that default log file produced by syslog-ng is never handled according rules mentioned under Gene...
-
-
-
- Sounds like a configuration or procedural issue. Post on the forum, mailing list, or reddit and discuss the problem t...
12/10/2017
-
- I have a DHCP server running on pfSense 2.4.2 on an interface with subnet 172.24.208.0 and subnet mask 255.255.254.0....
-
12/09/2017
-
-
07:48 PM
Feature #8178: Allow setting attributes for form elements in package XML
- Good suggestions. The package manager XML thing is something of a nightmare to work on, but this might not be too bad.
-
- I'd like to suggest a couple of enhancements that would make package interfaces easier to work with when enhancing th...
-
- Hit 'create' too soon by mistake. Anyhow:
cron.xml, arping.xml, shellcmd.xml, etc. etc. make reference to ../xsl/... -
-
- Nearly every xml file in the packages collection includes
<!DOCTYPE packagegui SYSTEM "../schema/packages.dtd">
H... -
06:43 PM Bug #8174: DNS server option in wireless missing
- The title should be: "DHCP server option in wireless missing" instead of "DNS server option in wireless missing", unf...
-
- You have a configuration issue, not a bug. Post on the forum, reddit, or mailing list for assistance.
-
- I am using the Pfsense 2.4 with a wireless card.
The dhcp server (enable or disable) option is not available in th... -
- I am using the Pfsense 2.4 with a wireless card.
I had to setup the settings of the wireless interface, but when c... -
11:31 AM Bug #7425: dhclient not sending option 77
- Is this still planned for 2.4.3 ?
-
- Sorry, that's not looking at what I have written... the keyword is raw-option in the config, not RAW.
-
- The lack of available options in dhcp6c prevents pfSense from being used with certain ISPs.
For example, Orange Fr... -
- dhcp6c stores the entirety of the OPTION_CLIENTID option in DHCPv6 datagrams in
its DUID file (named dhcp6c_duid), ex...
12/08/2017
-
- (cherry picked from commit 9af697ce606ce583f406af6987b579a63b7be9a8)
-
-
- (cherry picked from commit 3e90d18b562fcf2ad60a64cc9458034a121c66a2)
-
04:53 PM Revision 4a29508c: Bug in get_interface_ip
- Global variable $config was not available, and IP was always fetched using find_interface_ip
(cherry picked from com... -
- Global variable $config was not available, and IP was always fetched using find_interface_ip
(cherry picked from com... -
- Global variable $config was not available, and IP was always fetched using find_interface_ip
(cherry picked from com... -
- (cherry picked from commit 45d078c5964b94dd2aa7f1a609fcb47e89eaac49)
-
- (cherry picked from commit 45d078c5964b94dd2aa7f1a609fcb47e89eaac49)
-
- (cherry picked from commit 45d078c5964b94dd2aa7f1a609fcb47e89eaac49)
-
-
12:56 PM Bug #7969: md5 bgp sessions fail in 2.4.0
- Attaching config files from /var/etc/frr
-
- I downloaded the new 2.4.2 and tried to get this working and still was unable to make it work.
The "Type of Pass... -
12:12 PM
Bug #8056: Bridge + CARP crashes/freezes pfSense
- Re-tested a few days ago on 2.4.2 and I can observe the same crash.
Can anyone move this report to status Confirme... -
- PR was merged on 11/29
-
-
- PR https://github.com/pfsense/pfsense/pull/3868 was merged on 11/29
-
-
- Applied in changeset commit:45d078c5964b94dd2aa7f1a609fcb47e89eaac49.
-
- It wasn't quite as simple as changing that one line, but I made a change that should have the same net effect.
12/07/2017
-
-
08:28 PM Feature #7321: DynDNS - Add DreamHost DNS support
- You cannot set the TTL through the API - https://help.dreamhost.com/hc/en-us/articles/217555707-DNS-API-commands
-
- Thanks so much! The logs helped me figure it out. I didn't realize I needed to create the record manually first. Seem...
-
- The logs should appear under Status > System Logs under the "General" section. Most of the log entries will start wi...
-
- I tried to set this up today, but did not have any luck. I selected "Verbose" logging, but I'm not sure where to find...
-
- (cherry picked from commit 2138aad96c7046bff8000cb1febd85f16b9292bb)
-
-
- (cherry picked from commit fe7c4634fd49ae02298f41bc2b6a8030fa99ac07)
-
-
-
- (cherry picked from commit d0bb073b2023c0551e1812f96aa8c6e2d7baba79)
-
-
- In /usr/local/bin/ping_hosts.sh we have
..
# Read in ipsec ping hosts and check the CARP status
if [ -f /var/db/ip... -
- The current way is correct, otherwise you would have to manually specify a limit for all Allowed IP Address entries s...
-
-
-
-
-
-
- 02:38 PM Revision 3b4dad1b: Merge pull request #6319 from JoeriCapens/master
-
- Applied in changeset commit:fe7c4634fd49ae02298f41bc2b6a8030fa99ac07.
-
- It appears that without a session_commit() the session appears to be stale to PHP's session garbage collection. I've ...
-
02:15 PM Feature #8171 (Duplicate): Close TCP connections if associated rule just has been disabled
- Hi !
Sometimes, I need to block a machine to prevent it from having access to the internet.
The problem is that... -
11:20 AM Feature #8170 (New): XMLRPC Sync deletes entires on remote System
- Hello!
I've got a setup of three pfSense instances: c01, c02 and c03.
They share the public IPs via carp.
c01 sy... -
- Duplicate of #7378
-
- Ultimately this was reverted at the time due to instability in the driver with ALTQ enabled.
See: https://forum.pf... -
- Applied in changeset commit:3b46a9cf6968ebe742981b4a55f84e65224fdc38.
12/06/2017
-
07:51 PM Bug #8169 (Not a Bug): Captive Portal Default download/upload
- Since version 2.4.0 the Captive portal service no longer acknowledges either 0 or a blank field in the Allowed IP Add...
-
- Changing auth_check.inc to guiconfig.inc in ifstats.php and bandwidth_by_ip.php seems to correct the behavior. With g...
-
- One more thing, the graph call to ifstats.php that happens when the session fails contains the login page, but still ...
-
- We have confirmed this does happen in some cases but we have not yet definitively narrowed down a specific cause or e...
-
- Ges Ture wrote:
> I've asked for this 3 versions ago :)
Did you create a feature request for it or did you just w... -
05:01 AM Feature #8168: strongswan dhcp option
- I've asked for this 3 versions ago :)
-
- Any follow up? Will this be reported to Strongswan developers?
12/05/2017
-
11:30 PM Feature #3377: OAuth2 authentication in captive portal
- is there further developments on the above feature radius with oauth backend to support google apps id it will be ver...
-
- See https://redmine.pfsense.org/issues/8164 for the reasoning about why it was done this way.
(cherry picked from co... -
- See https://redmine.pfsense.org/issues/8164 for the reasoning about why it was done this way.
-
- Would be nice to have the dhcp plugin for strongswan in pfsense. This feature could be useful for a simple way to ass...
-
02:32 PM pfSense Packages Bug #8167 (Resolved): FRR OSPF6 range problem (subnet not advertized)
- The range statement inside the router ospf6 clause seems to have the opposite effect of what is expected.
FRR docs... -
- Duplicate of #8161
-
- Thanks for testing!
The update/delete interface part is somewhat expected, and unrelated to this issue. The best w... -
- OSPF3 hello packets now emanating from the interface when the interface is added to the interface list.
Passive mode... -
- I pushed a fix for this and a couple other syntax issues I found along the way. Hopefully it behaves properly now, gi...
-
- That's not a package specific bug. It's a byproduct of how the pkg_edit.php select_source control type works. It only...
-
- This is just a question of standardizing the output so it looks the same everywhere...
On the OSPF Interfaces, and... -
- This issue came to light when I encountered a problem with a SIP phone not receiving SIP Invite messages resulting in...
-
- Most likely the device on the other end doesn't like the small payload, in which case you can set the larger size and...
-
- Can you post the ICMP packets transmitted by this HW ? (I need see the packets as they go on wire, packet captures on...
-
- Applied in changeset commit:902a31e3fd419e2fc360ad891ee3a82209264e1a.
-
- Both the PPPoE server and L2TP server rely on vpn.log to track login/logout events. On 2.4.x these logs are not funct...
12/04/2017
-
-
09:06 PM Bug #8163: dpinger default payload fails 70%
- It's happening with two different links on different vlans on the same *realtek(re)* interface.
-
- using 2.4.2 on a intel network card with vlan tagged and a monitor ip from first hop after gateway
with default le... - 06:57 PM Revision 7662ec2a: Merge pull request #3884 from stilez/patch-71
- 06:56 PM Revision c21b1dd3: Merge pull request #3882 from PiBa-NL/20171130-remove-console-output
- 06:55 PM Revision a283cfe0: Merge pull request #3883 from stilez/patch-70
-
06:54 PM pfSense Packages Bug #8162 (Duplicate): Add virtual server support to FreeRadius
- It's great and super convenient that the FreeRadius server is included as a package with pfSense.
I currently use ... -
- It's great and super convenient that the FreeRadius server is included as a package with pfSense.
I currently use ... -
05:36 PM Feature #8160 (Resolved): Accomodate both RADIUS and pool IP addresses in IPsec
- Strongswan now allows multiple dynamic address pools in mobile IPsec.
I was able to coerce it to work by forcing e... - 04:18 PM Revision 90ac6971: Backported for bug #8159 so sort by index before deleting to delete the correct one
- 04:17 PM Revision aed8febb: Backported for bug #8159 so sort by index before deleting to delete the correct one
- 04:13 PM Revision a96f945a: Revert "Fixed #8159 added a sort by index after a delete call has been made to make sure it lines up correctly."
- This reverts commit 1e659e027c5cd9f42a20286f84f0e2967bb01c3c.
- 04:09 PM Revision 1e659e02: Fixed #8159 added a sort by index after a delete call has been made to make sure it lines up correctly.
- 04:02 PM Revision c254f9b4: Fixed #8159 added a sort by index after a delete call has been made to make sure it lines up correctly.
- 03:59 PM Revision 581c2d5f: Fixed #8159 added a sort by index after a delete call has been made to make sure it lines up correctly.
-
12:28 PM Bug #7774: No TCP Reply State Established on GRE in IPsec Transport
- Is this the same as #4479? Any hopes this can be fixed? I think the other bug report got lost track of.
-
10:10 AM
Bug #8159 (Feedback): services_dnsmasq.php: Deleting a Host Override entry removes the wrong item
- Applied in changeset commit:581c2d5f4de0671d5ab2bf30701430351a3cf1d7.
-
08:32 AM
Bug #8159: services_dnsmasq.php: Deleting a Host Override entry removes the wrong item
- I think there was a recent PR that added sorting. That probably broke the relationship between the list and the indices.
-
- On Services > DNS Forwarder, when there are multiple Host Override entries the wrong item can be deleted from the lis...
-
- Fixed in current snapshots.
-
03:58 AM Bug #6319: DHCP6 DDNS tsig key missing from dhcpv6.conf for reverse zone
- YAY! It's working! It's generating a key definition in dhcpdv6.conf now.
-
01:52 AM pfSense Packages Bug #8047: XG-2758 - Coreboot Upgrade - Different ROM size
- It worked just had to unplug the power instead of pushing the red button the back.
-
- I am experiencing a problem similar to this.
except my XG-2758 is rebooting by it self after upgrade. And it stays...
12/03/2017
-
- The attached patch fixes this issue for me. Please test.
-
- I also ran into this problem after following some bind9 guides which use the newer ddns-confgen command. This tool us...
-
- I have made a patch that addresses the issue, but it is
also a rewrite of a large part of the status leases
page, t... -
01:00 PM Bug #8015: IPsec VPN Not Reconnecting until complete reboot
- I think this must be a duplicate but I'm unable to find another ticket that matches it exactly right now. Possibly th...
-
09:00 AM Bug #8158 (New): IPv6 Track Interface issue with more than one WAN-Gateway and a number of internal interfaces... at least track interface from one interface does not work on regular base
- *Configuration*
* WAN interfaces are configured as WAN_KD and WAN_DTAG, the first is getting its configuration from ... -
- When traffic is more occasional with (great) peaks the graph clutters. See attached file. This happens since version ...
12/02/2017
-
10:40 PM Bug #8106: dhcp6c lock files not removed after unclean shutdown when using "Do not wait for an RA" on IPv6 WAN interface
- J L wrote:
> Martin Wasley wrote:
> > Just do a PR on it Luke, it'll get reviewed there as part of the process.
> ... -
02:01 PM Bug #8156 (Resolved): Prefix not being included in DNS entry registered by DHCP6 server
- I have a static DHCP6 mapping for a host on my network. The configured suffix for that host is ::1. The address is be...
12/01/2017
- 09:40 PM Revision c618a621: Fixed #8112
-
- (cherry picked from commit cedfb2bc0442e8f2225b05792a6ef3097a8aebcf)
-
-
- (cherry picked from commit 6e316e955350ad69d4f86cb332a1a48bfa028e2e)
-
-
- (cherry picked from commit b6dcbd646feb9c7197b4e94a6031b69c2113d679)
-
-
- This looks good in current snapshots.
- 02:48 PM Revision 9038f44c: Revert "Mitigate possible vuln in cert manager"
- This reverts commit 1a68f4badd58de8694ac6a4208e11d7265c97df3.
-
- FRR's OSPF6 configuration pages don't appear to be generating the correct output into the /var/etc/frr/ospf6d.conf fi...
- 02:30 PM Revision 1a68f4ba: Mitigate possible vuln in cert manager
-
- Applied in changeset commit:b6dcbd646feb9c7197b4e94a6031b69c2113d679.
-
- cert_get_publickey() in source:src/etc/inc/certs.inc takes user input and uses it in a shell command without encoding...
-
11:50 AM Revision deb575ab: Add isset, other vars seem to use it
- Doesn't seem to have a point though :)
-
-
- If IPv6 is disallowed in system->advanced->network, then any IPv6 lookups by Unbound will always be blocked, so there...
-
- As previous code used a string. Probably makes no difference and a number is simpler but doesn't matter
-
- At the moment verbosity is a bare list of digits, 0 to 5. No explanation, nothing else. This PR replaces the visible ...
-
10:01 AM Bug #8150: upgrade from 2.3* to 2.4* caused new self signed ssl cert to be selected for WebConfig
- Been using pfSense for 10years. Thanks to the team for all their efforts.
For what it's worth, here is the config... -
- The only way that will happen is if the certificate is invalid in some way. Missing entirely, incorrect reference, or...
-
- We recently upgraded several pfsense installs from 2.3.x to 2.4.y.
All these installs had properly signed SSL cer... -
- I have a similar modem and it works fine here.
With modems that behave in that way you should go to Interfaces > W... -
09:41 AM Bug #8152 (Not a Bug): No DHCP on WAN with cable modem
- My cable modem (SagemCom FAST3686v2 - in bridge mode) when rebooting, first assigns an IP address in the 192.168.100....
-
- Then you may be hitting the issue on the other ticket, read through the discussion on #8047 and leave a comment there.
-
- Now I have tried running the command:
/sbin/poweroff
And have hit the power button and it is still ADI_RCC-01.00.... -
- When I try to do the upgrade through the web GUI, this is the warning:
WARNING: This operation requires a reboot.
... -
- ok. i`m curious why is it so more complex to do besides renaming other things like Aliasses etc...
what can i do o... -
- The gateway is referenced by name throughout the configuration in places like firewall rules for policy routing, rout...
-
- I want to change the name of a WAN gateway.
When editing the name field in the dialog, on save i get
"Changing... -
- We got access to the machine this morning, and tested for ~30 mins could not duplicate the results. This seems loca...
11/30/2017
-
11:02 PM pfSense Packages Bug #8139: LADVD not working on LAGG interfaces
- Random User wrote:
> Tom Cosmos wrote:
> > Issue was not occurring before 2.4.
>
> Never ever worked with lagg/... -
03:17 PM pfSense Packages Bug #8139: LADVD not working on LAGG interfaces
- Tom Cosmos wrote:
> Issue was not occurring before 2.4.
Never ever worked with lagg/bridge (Bug #3962). It's eve... - 10:48 PM Revision 79330f5d: Merge pull request #3880 from bibz0r/master
- 10:47 PM Revision 761b39f9: Merge pull request #3863 from PiBa-NL/20171103-routes-recursive-alias
- 10:46 PM Revision 7cde5013: Merge pull request #3873 from PiBa-NL/20171121-localauth-translated-problem
-
09:07 PM Feature #8149 (New): NTPsec
- Would pfSense integrate NTPsec client/sever support to help protect OpenVPN against MITM attacks? Denial of service c...
-
- 07:30 PM Revision 9fa718d7: Merge pull request #3823 from PiBa-NL/20170919-bootupcomplete
- 07:17 PM Revision ae6a2218: Merge pull request #3810 from svenauhagen/bugfix/mpd
- 07:15 PM Revision 745bf227: Merge pull request #3801 from cgull/radvd-zero-router-lifetime
-
-
- The procedure you linked is for the (paid) OpenVPN Access Server client. There is no MSI for the OpenVPN community cl...
-
01:16 PM pfSense Packages Feature #8148 (New): OpenVPN - Output Windows Client .MSI Installer for GPO deployment
- First, pfSense is a great product. I appreciate all of the development efforts.
It would be very helpful if the O... -
12:07 PM Bug #8124: username/password not used by proxy support
- Hello,
Thank you for your answer.
Yes it work for HTTP request. You can see the picture "pfsense http and https... -
- There was a FreeBSD bug about that, see #6949, but that's been fixed for a while now. If the proxy auth works for HTT...
-
10:21 AM Bug #8142: OpenVPN client does not remove static route for custom monitor IP
- I'll have to try to setup a reproduction scenario in my lab on a vm, but fwiw, I am using the same vpn provider as th...
-
- There must be something more to it than that alone, as I can't reproduce the problem by simply setting an alternate m...
-
- Yes, use net-snmp. This is not the place for discussion or instruction, however. Post a thread on the forum, mailing ...
-
08:53 AM Bug #7266: SNMP does not listen on IPv6 interface
- @Marcel Hellwig: We just upgraded to pfSense 2.4.2 but snmp is still not listening on IPv6. Is the solution to manual...
-
- I agree this should be closed, because your recovery process is very good (if it works and people know about it and u...
-
- The automatic restore looks at the selected disk, runs a disk check, then mounts it and looks in /cf/conf/config.xml ...
-
- Just found this article (I had limited internet access during recovery)
https://doc.pfsense.org/index.php/Automati... -
- h3. Scenario
- I updated from 2.3 => 2.4 (FreeBSD 11) and it went badly
- I wanted to recover my config.xml (I kn... -
- There is not enough detail here for a proper bug report. Please post on the forum, mailing list, or pfSense subreddit...
-
- Unable to reproduce the issue. It works here when we try it and as Clinton said that is a test we run before every re...
-
- Please post on the forum, mailing list, or pfSense subreddit with more detail to discuss the issue before opening a b...
-
-
- Based on the serial number this appears to be an XG-2758, is that correct?
On that model you have to physically po... -
- Duplicate of #8056
- 12:00 AM Revision dcf0318a: Merge pull request #3759 from PiBa-NL/20170618-option-disable-dragging
Also available in: Atom