Project

General

Profile

Activity

From 12/21/2017 to 01/19/2018

01/19/2018

03:41 PM Bug #8287: /var/unbound/test/unbound_server.pem: No such file or directory
I am unable to reproduce it as well.
This occurred while configuring the DNS Resolver after upgrading to 2.4.2_1.
A... Joseph McGuirl
02:22 PM Bug #8287 (Feedback): /var/unbound/test/unbound_server.pem: No such file or directory
I cannot reproduce this as stated using services_unbound.php on SG-1000 or amd64.
What page do you see this error ... Jim Pingle
12:26 AM Bug #8287 (Not a Bug): /var/unbound/test/unbound_server.pem: No such file or directory
2.4.2-RELEASE-p1 (arm) on SG1000
"The following input errors were detected:
The generated config file cannot be p... Joseph McGuirl
03:34 PM Revision 71cf75cb: Merge pull request #3902 from stensonb/fix-typo
Steve Beaver
10:19 AM Revision 7a55c6ae: Add sysutils/devcpu-data
Renato Botelho
10:18 AM Revision 4b90e927: Add sysutils/devcpu-data
Renato Botelho
10:18 AM Revision bd8f5110: Add sysutils/devcpu-data
Renato Botelho
10:17 AM Revision 83aef0ec: Add sysutils/devcpu-data
Renato Botelho
09:35 AM Revision 19e87bb3: fix typos
Bryan Stenson
12:22 AM Bug #6442: DNS Resolver - error
2.4.2-RELEASE-p1 (arm) on SG1000
"The following input errors were detected:
The generated config file cannot be p... Joseph McGuirl

01/18/2018

02:59 PM Bug #8249: pid 77785 (php-fpm), uid 0, was killed: out of swap space
Memory usage of pfSense_getall_interface_addresses("em0")... Pi Ba
12:54 AM Bug #8276: Virtual IPs considered primary when using interface tracking for ipv6
The problem of pfsense considering a VIP over the actual tracked interface IPv6 and never switching is still an issue... Jupiter Vuorikoski

01/17/2018

11:43 PM Feature #8286 (Duplicate): IPsec on Multiwan fail back to Tier1 WAN after it is back UP
IPsec is running on a top of failover gateway group interface. DynDNS client entry updates on behalf of failover gate... Vladimir Lind
10:05 PM Revision b1c01d80: Merge pull request #6400 from loonylion/master
Steve Beaver
06:06 PM Bug #8249: pid 77785 (php-fpm), uid 0, was killed: out of swap space
Ok found at least part of the leak / function call causing it (on my development/test machine)..
Running the code ... Pi Ba
04:04 PM Bug #8231 (Closed): Undefined function while restoring config from older version
Anonymous
03:48 PM Bug #8231: Undefined function while restoring config from older version
I can't close this, but it has been fixed with this commit: https://github.com/pfsense/pfsense/commit/61b6c22a5082eb6... Alistair Francis
12:24 PM Revision 61b6c22a: Merge pull request #3898 from alistair23/alistair/master
Steve Beaver

01/16/2018

08:08 PM Bug #8285 (New): Actions on stale data may result in catastrophic results
It seems that a number of pages in pfSense use links that specify only the index of an item in its category rather th... Mahmoud Al-Qudsi
07:15 PM Revision 8d403391: Change sshd compression to 'delayed' to match current FreeBSD default. Fixes #8245
(cherry picked from commit 4cad9a5bd1666c9bd5ce32b82f9b897dbbe5a5bf) Jim Pingle
07:15 PM Revision 3c73e81d: Change sshd compression to 'delayed' to match current FreeBSD default. Fixes #8245
(cherry picked from commit 4cad9a5bd1666c9bd5ce32b82f9b897dbbe5a5bf) Jim Pingle
07:15 PM Revision 08bdeb89: Change sshd compression to 'delayed' to match current FreeBSD default. Fixes #8245
(cherry picked from commit 4cad9a5bd1666c9bd5ce32b82f9b897dbbe5a5bf) Jim Pingle
07:15 PM Revision 4cad9a5b: Change sshd compression to 'delayed' to match current FreeBSD default. Fixes #8245
Jim Pingle
05:05 PM Revision 900663a4: Add an update source control to RFC2136 dynamic DNS updates. Implements #8278
Jim Pingle
04:07 PM Revision 99f41354: Add localhost to list of interfaces for packet capture. Implements #8257
(cherry picked from commit 618faaf26212de6d2d44627bbe41f0a683f34bed) Jim Pingle
04:07 PM Revision 618faaf2: Add localhost to list of interfaces for packet capture. Implements #8257
Jim Pingle
03:28 PM Bug #8113: MTU setting on bridge, openvpn clients ignored
It's not immediately clear to me what you are doing here. What interfaces make up the bridge? OpenVPN tap (layer2 end... Braden McGrath
03:03 PM Revision 3980a797: Add ospf6d to routing logs.
(cherry picked from commit 163255d64c021508224140f08fb2c261265e465e) Jim Pingle
03:03 PM Revision 36d53a87: Add ospf6d to routing logs.
(cherry picked from commit 163255d64c021508224140f08fb2c261265e465e) Jim Pingle
03:03 PM Revision 1b756c3c: Add ospf6d to routing logs.
(cherry picked from commit 163255d64c021508224140f08fb2c261265e465e) Jim Pingle
03:02 PM Revision 163255d6: Add ospf6d to routing logs.
Jim Pingle
02:08 PM Bug #4031 (Feedback): Notifications mail bomb in some gateway failure circumstances
PR 3768 was merged a while back and it's working well. Could use some additional testing/feedback but it looks good t... Jim Pingle
02:05 PM Bug #6318 (Resolved): IPsec dashboard widget causes GUI failure
This appears to be fixed by other changes to the IPsec status code in recent versions. No new reports of this being c... Jim Pingle
02:02 PM pfSense Packages Bug #6690 (Feedback): SURICATA IPS Issue - Kills VLANS & Traffic Shaper
Still waiting on feedback/new testing on current versions of pfSense and suricata Jim Pingle
01:59 PM Bug #6848 (Feedback): Do not create an IPv4/6 gateway for an interface without according IPv4/6 address
PR was merged several weeks ago Jim Pingle
01:57 PM Bug #7079 (Feedback): ClamAV C-ICAP causing Kernel Panic and System Crash
Still waiting on testing/confirmation feedback on a current version Jim Pingle
01:50 PM Bug #7439 (Feedback): IKE_SA (IKEv2) does not rekey on break before make startegy, just issues IKE_DELETE and connection is closed
We need confirmation that this is still a problem on current versions of strongSwan Jim Pingle
01:42 PM Bug #8249: pid 77785 (php-fpm), uid 0, was killed: out of swap space
I can make a new patch so its back to max 500 requests before a child process is forcibly restarted, although martin ... Chris Collins
01:30 PM Todo #8245 (Feedback): use delayed compression for sshd
Applied in changeset commit:4cad9a5bd1666c9bd5ce32b82f9b897dbbe5a5bf. Jim Pingle
01:27 PM Bug #7735: Switching to wildcard cert fails until reboot
I don't have access to a wildcard certificate to verify this but it's unlikely to be related. Changing a certificate ... Jim Pingle
01:23 PM Bug #7634: When restoring from USB during install, if the config file contains RRD data, the final config.xml on the system will also contain all the RRD infomation
FYI- The PFI/Restore feature was put back in the installer, but this RRD issue likely still persists. It needs retest... Jim Pingle
01:21 PM Bug #7607 (Resolved): Chelsio T4/T5 CXGBE drivers not loaded as ALTq capable in the PfSense UI
Fixed in commit:0ea7b83e8e976469c926140af76a2d29ab0f57a6
See also: #6830 Jim Pingle
12:57 PM Bug #8125: gateway 502 errors proposed fix for high ram systems
Could be a potential problem with the solution in the PR, see #8249 Jim Pingle
12:51 PM Bug #8125 (Feedback): gateway 502 errors proposed fix for high ram systems
PR https://github.com/pfsense/pfsense/pull/3881 was merged a few weeks ago Jim Pingle
12:57 PM Bug #8201 (Duplicate): 502 gateway issues Increase FPM process availability in high ram systems
Duplicate of #8125 Jim Pingle
12:49 PM Bug #8119 (Not a Bug): Site to Site IPsec On a VM Not Routing
Seems more like a configuration issue. pfSense doesn't care if it's running on a VM or bare metal, IPsec wouldn't hav... Jim Pingle
12:48 PM Bug #8117 (Not a Bug): IPSec statuspage shows both connected and connecting tunnel
Given the output I'm not sure it's a bug at all. The main connection could accept another remote, given its configura... Jim Pingle
12:43 PM Bug #8183 (Feedback): pkg, fix, reinstall missing package #3866
PR was merged a few weeks ago Jim Pingle
12:42 PM Bug #8185 (Feedback): status_queues, provide 'realtime' statistics #3792
PR was merged a few weeks ago Jim Pingle
12:41 PM Bug #8182 (Feedback): Support shutdown scripts in /usr/local/etc/rc.d
PR was merged a few weeks ago Jim Pingle
12:36 PM Bug #8276: Virtual IPs considered primary when using interface tracking for ipv6
I'm not sure we've ever officially endorsed that type of setup. The behavior is at best undefined. It's going to need... Jim Pingle
11:20 AM Feature #8278 (Feedback): Add control for source address of RFC2136 updates
Applied in changeset commit:900663a44f41de0af780614df18cc432f8c9eaab. Jim Pingle
10:20 AM Feature #8257 (Feedback): pfSense Diagnostics -> Packet Capture support for loopback interface
Applied in changeset commit:618faaf26212de6d2d44627bbe41f0a683f34bed. Jim Pingle

01/15/2018

08:37 PM Revision 8dc33488: Merge pull request #3889 from kangtastic/master
Steve Beaver
08:37 PM Revision f5d55ac6: Merge pull request #3899 from PiBa-NL/20180111-bootup-step-messages
Steve Beaver
08:36 PM Revision 0fc473ad: Merge pull request #3900 from PiBa-NL/20180111-pf-busy
Steve Beaver
08:35 PM Revision d23d1a06: Merge pull request #3901 from earlchew/issue-7357
Steve Beaver
03:25 PM pfSense Packages Bug #8281: letsencrypt cert ca isn't recognised by openvpn client
No. It already works fine with all other services that we're aware of, including HAProxy.
 Jim Pingle
03:19 PM pfSense Packages Bug #8281: letsencrypt cert ca isn't recognised by openvpn client
you're right, It's better using own CA for private vpn
but the issue is about ACME client to put the bundled LE CA... dhia eddine
10:27 AM pfSense Packages Bug #8281 (Rejected): letsencrypt cert ca isn't recognised by openvpn client
Never use a public/globally trusted cert with your VPN. You will allow anyone anywhere with a cert from the same CA a... Jim Pingle
10:20 AM pfSense Packages Bug #8281 (Rejected): letsencrypt cert ca isn't recognised by openvpn client
using LE generated cert for openvpn config
openvpn client can't connect stopping at... dhia eddine
03:24 PM Feature #8284 (Duplicate): Add duplicate option next to OpenVPN servers and clients
It would be very convenient to have a "duplicate" icon next to OpenVPN servers and clients list. Just like the one ne... Ivor Kreso
03:13 PM Bug #7413: status_dhcpv6_leases.php: Some DHCPv6 leases are not displayed in the GUI
The PR has been updated with a second patch addressing the
requested changes and includes further amends e.g. visual... Anders Lind
11:47 AM Bug #8283 (Rejected): multi-wan gateway group with openvpn clients
Prereqs:
1) Need at least 3+ VPN providers
2) at least one of the VPN providers needs to use the TLS private key co... Jon James
10:42 AM Bug #8282 (Resolved): Enabling CODELQ on virtual interface VLAN crashes appliance
I was working to reduce buffer bloat on a client's SG-4860 and I enabled CODELQ on a virtual interface for one of the... Ben Pike
04:51 AM Bug #8280 (Duplicate): Captive Portal Voucher Sync
Hi all,
we just got back from a debug session of a client, which had problems with Voucher Sync of the CP instance... Jens Groh

01/14/2018

09:52 PM Revision f95579a6: Follow-up to syntax, file order and other changes
Notes:
* Those able to check a proper failover configured system please check if
the Pool Staus table shows up in the... Anders Lind
03:04 PM pfSense Packages Feature #8279: Consider adding a new option to the Rule Order
Use case for illustration:
There are two rules to make sure that LAN IPs access pfSense router DNS and not be able... Yuri Weinstein
12:56 PM pfSense Packages Feature #8279 (New): Consider adding a new option to the Rule Order
There are situations when firewall rules order should be either preserved (kept unchanged) or when pfSense rules are ... Yuri Weinstein
04:34 AM Revision 247f5719: [services_dyndns_edit] Clarify use of @ for Cloudflare
Add GUI prompts corresponding to #7357 that allows users to
enter @ for the hostname, and have it replaced with an em... Earl Chew
02:35 AM Bug #8276: Virtual IPs considered primary when using interface tracking for ipv6
This affects the dhcpv6 server as well. Logic needs to be applied to never consider a VIP a primary address. Jupiter Vuorikoski

01/13/2018

05:00 PM pfSense Packages Bug #8277: ntopng service fails to start on 2.4.3
By the way, I think there's an additional issue in that this warning is triggered on start up:
ntopng has not been... Andrew -
04:51 PM pfSense Packages Bug #8277: ntopng service fails to start on 2.4.3
Thanks. Yes, looking at the ntopng prefs.cpp on GitHub it looks like that command line option has been removed in 3.2... Andrew -
04:01 PM pfSense Packages Bug #8277: ntopng service fails to start on 2.4.3
maybe find some help in forums? https://forum.pfsense.org/index.php?topic=142576.0 Michael Kellogg
05:50 AM pfSense Packages Bug #8277 (Resolved): ntopng service fails to start on 2.4.3
Since the upgrade of the ports tree to ntopng-3.2.2017.12.06, the ntopng service no longer starts.
The system log ... Andrew -
03:26 PM Feature #8278 (Resolved): Add control for source address of RFC2136 updates
Using the local directive in the nsupdate can cause breakage in certain scenarios where the source address of the upd... Chris Linstruth
01:22 AM Bug #8276 (Duplicate): Virtual IPs considered primary when using interface tracking for ipv6
On boot, if you have VIPs configured on an interface that uses interface tracking for its primary IP, the primary ipv... Jupiter Vuorikoski

01/12/2018

07:56 PM Revision c8c7b243: Fix certificate SAN input validation so it does not improperly allow an IP address when FQDN is selected. Fixes #8275
(cherry picked from commit 19a1cf348b07dbaf8fe4d81b8cfc8292b61fd8c3) Jim Pingle
07:56 PM Revision 6a95ae60: Fix certificate SAN input validation so it does not improperly allow an IP address when FQDN is selected. Fixes #8275
(cherry picked from commit 19a1cf348b07dbaf8fe4d81b8cfc8292b61fd8c3) Jim Pingle
07:50 PM Revision 6314fbba: Fix certificate SAN input validation so it does not improperly allow an IP address when FQDN is selected. Fixes #8275
(cherry picked from commit 19a1cf348b07dbaf8fe4d81b8cfc8292b61fd8c3) Jim Pingle
07:49 PM Revision 19a1cf34: Fix certificate SAN input validation so it does not improperly allow an IP address when FQDN is selected. Fixes #8275
Jim Pingle
02:29 PM pfSense Packages Bug #8269 (Resolved): Passing an invalid RRD file to rrd_fetch_json.php via the left= parameter in POST prints the supplied name to the user without encoding
All branches have updated packages and they are all working as expected with the fix in place. Jim Pingle
02:10 PM Bug #8275 (Feedback): Input validation for Certificate SAN (Subject Alternative Name) allows IP addresses to be entered when FQDN/Hostname is selected
Applied in changeset commit:19a1cf348b07dbaf8fe4d81b8cfc8292b61fd8c3. Jim Pingle
02:03 PM Bug #8275: Input validation for Certificate SAN (Subject Alternative Name) allows IP addresses to be entered when FQDN/Hostname is selected
I'm sorry, I completely missed that there's a dropdown that can be used to specify the record type. Mahmoud Al-Qudsi
01:32 PM Bug #8275: Input validation for Certificate SAN (Subject Alternative Name) allows IP addresses to be entered when FQDN/Hostname is selected
The user specifies the SAN type when making entries in the SAN list. If you choose "IP Address" it makes proper entri... Jim Pingle
01:23 PM Bug #8275 (Resolved): Input validation for Certificate SAN (Subject Alternative Name) allows IP addresses to be entered when FQDN/Hostname is selected
As we're all aware, changes to how Chrome (and possibly other browsers in the future) disregard the common name field... Mahmoud Al-Qudsi
02:00 PM Feature #7618: Add support for user-supplied Host-Uniq tag and handle PADM messages in Netgraph PPPoE
We’ll pull the support for this in as soon as FreeBSD accepts it. (It’s too big to carry.) Jim Thompson
08:38 AM pfSense Packages Bug #8214 (Resolved): HOME_NET includes all locally attached Networks
Renato Botelho
08:06 AM pfSense Packages Bug #8214: HOME_NET includes all locally attached Networks
This bug has been resoved in version 4.0.3 of the Suricata package which was moved to release January 12, 2018.
Bill Bill Meeks

01/11/2018

09:50 PM Revision a0f991ec: openvpn, clear route also for /31 for ptp interfaces
Pi Ba
08:57 PM Revision 66e6198f: pf, device-busy, add another item DIOCADDRULE to the list of results to retry
Pi Ba
08:27 PM Revision 1da0c794: bootup, add information about what bootup step is being done
Pi Ba
04:57 PM Feature #8274 (New): Reverse Inverse Traffic Graph View
The live traffic graph inverse view (on the dashboard and in status - traffic graph) by default shows inbound traffic... Mike Gittelman
04:42 PM Revision 3a48e238: Kernel modules failed to build as non-root
Renato Botelho
04:16 PM Bug #8249: pid 77785 (php-fpm), uid 0, was killed: out of swap space
Some fresh numbers from a clean install, wan(dhcp)/lan(static) ssh enabled and thats it..:
After reboot 27MB per pro... Pi Ba
12:39 PM Bug #8249: pid 77785 (php-fpm), uid 0, was killed: out of swap space
p.s. As for widget refresh every second.. thats normal.. once a second 'a' widget is refreshed.. delete all your othe... Pi Ba
12:36 PM Bug #8249: pid 77785 (php-fpm), uid 0, was killed: out of swap space
I might have edited some things.. (its my pfSense testmachine i also develop things on..) so i cant tell for sure if ... Pi Ba
07:22 AM Bug #8249: pid 77785 (php-fpm), uid 0, was killed: out of swap space
I created the original patch to increase the fpm processes, and my processes dont use anywhere near 500meg of ram res... Chris Collins
09:16 AM Bug #8273 (Confirmed): IPv6 GRE tunnel over PPPoE fails on startup
I have a XS4ALL FTTH pppoe connection that provides IPv6. IPv6 works perfectly, however GRE doesn't during initializa... Wagner Sartori Junior
09:15 AM pfSense Packages Bug #7462: HAproxy not rebinding properly after WAN DHCP IP change
I am experiencing the same issue on 2.4.2-RELEASE-p1 with HAproxy 0.54_2. I have changed frontend binding from "WAN a... Michael Duller
08:19 AM Todo #8270: Fix grammatically erroneous repetition
Redundancies from acronyms can be annoying at times, and other times necessary due to familiar terminology or technic... Jim Pingle

01/10/2018

10:03 PM Bug #8271 (Closed): <sendpacket> sendmsg on cpsw0: Permission denied
My connectionion went down today. I'm waiting to hear from ISP to see if it's the PPoE server on their end. While tro... Jeffrey Davis
05:41 PM Revision af17dba1: Fixed #8268
Steve Beaver
04:58 PM Revision 498f7e20: Add an option to push a gatewy address to bridged tap clients. Implements #8267
Jim Pingle
04:06 PM Todo #8270 (New): Fix grammatically erroneous repetition
The pfSense web interface has some grammatically incorrect repetition due to, what I suspect to be, a very lackadaisi... Maxwell Cody
03:27 PM pfSense Packages Bug #8269 (Feedback): Passing an invalid RRD file to rrd_fetch_json.php via the left= parameter in POST prints the supplied name to the user without encoding
Fixed pushed to 2.4.x and 2.3.x
pfSense/FreeBSD-ports
devel: commit https://github.com/pfsense/FreeBSD-ports/co... Jim Pingle
03:02 PM pfSense Packages Bug #8269 (Resolved): Passing an invalid RRD file to rrd_fetch_json.php via the left= parameter in POST prints the supplied name to the user without encoding
Passing an invalid RRD file to rrd_fetch_json.php via the left= parameter in POST prints the supplied name without en... Jim Pingle
12:42 PM Bug #7604: Bug #6594 is not resolved: Waiting for Internet connection to update pkg metadata and finish package reinstallation
Can't believe this is still a issue. :( At the very least can we just decrease the timeout to like 3mins? I would thi... Adam Piasecki
11:50 AM Bug #8268: RAMdisk warning pop-up appears when no changes have been made
Applied in changeset commit:af17dba166c9dda46a1974841a6cb0ad44af397c. Anonymous
11:49 AM Bug #8268 (Feedback): RAMdisk warning pop-up appears when no changes have been made
Resolved by correcting before/after logic Anonymous
11:39 AM Bug #8268 (Resolved): RAMdisk warning pop-up appears when no changes have been made
https://forum.pfsense.org/index.php?topic=141402.new;topicseen#new
Looks like an error introduced in PR #3776 Anonymous
11:10 AM Feature #8267 (Feedback): OpenVPN tap bridge configurations without a tunnel network need a route-gateway for routes/redirects
Applied in changeset commit:498f7e20b630ae1429c1e6892402a0256e8859ba. Jim Pingle
10:57 AM Feature #8267 (Resolved): OpenVPN tap bridge configurations without a tunnel network need a route-gateway for routes/redirects
When using a bridged tap configuration, routing through tap to the Internet or other subnets outside of the bridged i... Jim Pingle
01:16 AM Revision 3048dd47: upgrade_config.inc: Remove all restore_rrd() calls
Commit 0869605131ba3e5d7e502af7a799e54f27d2e7f6 removed the
restore_rrd() function. To avoid errors when restoring ol... Alistair Francis

01/09/2018

07:56 PM Bug #8231: Undefined function while restoring config from older version
I sent a PR to fix this: https://github.com/pfsense/pfsense/pull/3898 Alistair Francis
04:33 PM Revision 016260fe: Fixed #8266 by removing JS alerts
Steve Beaver
03:51 PM Bug #8150: upgrade from 2.3* to 2.4* caused new self signed ssl cert to be selected for WebConfig
Who's arguing? No me.
I was trying to point out that something was not working "quite right". Trying to help.
... Oliver Schonrock
03:46 PM Bug #8150: upgrade from 2.3* to 2.4* caused new self signed ssl cert to be selected for WebConfig
Arguing won't help anyone. You won't convince anyone by acting that way, and there is nothing to "win". Clearly you a... Jim Pingle
03:26 PM Bug #8150: upgrade from 2.3* to 2.4* caused new self signed ssl cert to be selected for WebConfig
> I use ACME/Let's Encrypt certs where the certificate has SANs for both nodes + hostname(s) for the CARP VIP, and it... Oliver Schonrock
02:57 PM Bug #8150: upgrade from 2.3* to 2.4* caused new self signed ssl cert to be selected for WebConfig
I use ACME/Let's Encrypt certs where the certificate has SANs for both nodes + hostname(s) for the CARP VIP, and it w... Jim Pingle
02:49 PM Bug #8150: upgrade from 2.3* to 2.4* caused new self signed ssl cert to be selected for WebConfig
Just to clarify...no certs are generated on the pfsense machines here...These are proper certs signed by a CA. Would ... Oliver Schonrock
02:26 PM Bug #8150: upgrade from 2.3* to 2.4* caused new self signed ssl cert to be selected for WebConfig
It's still not a bug. You didn't update the certificate on the secondary properly. The two units share a certificate ... Jim Pingle
01:57 PM Bug #8150: upgrade from 2.3* to 2.4* caused new self signed ssl cert to be selected for WebConfig
Please reopen this bug, because I have managed to reproduce it with more detail.
While replacing the SSLs on this ... Oliver Schonrock
10:40 AM Bug #8266 (Feedback): Bogus error message occurs on killing OPenVPN connection
Applied in changeset commit:016260fe433772839a06233d821992808d80f8cd. Anonymous
10:31 AM Bug #8266 (Resolved): Bogus error message occurs on killing OPenVPN connection
https://forum.pfsense.org/index.php?topic=139073.0 Anonymous
01:44 AM Bug #8265: Relayd port range (alias) not working
Tanks for the explanation. That is a good idea, because in the gui it says "A port alias listed in Firewall -> Aliase... Kilian Ries

01/08/2018

06:50 PM Revision 87489e5c: re-adding changes made to fix bug#6400, includes fixes for bug#8222 and bug#8223 that were introduced with the initial commit of this code.
original pull request was #3868 Peter Schofield
03:53 PM Bug #8265: Relayd port range (alias) not working
relayd does not support port ranges, only single ports, but there isn't any input validation that checks for that inv... Jim Pingle
03:38 PM Bug #8265 (Closed): Relayd port range (alias) not working
Hi,
i just configured a load balancer via relayd and used a port range which i defined via the firewall - alias ta... Kilian Ries
03:52 PM Bug #3330: Load Balancer showing wrong Status when using aliases for the port
Can confirm it is still present in 2.4.2-RELEASE-p1 (amd64). This is really sad, the bug exists for more than 4 years... Kilian Ries
09:26 AM pfSense Packages Bug #8264 (New): Radiusd restart on WAN change results in freeradius not running (and possible solution)
With a PPPoE WAN that sometimes goes down and up, we found each time the radius service stopped.
Our guess is that... Silvio Massina

01/07/2018

04:29 PM Feature #8187: Gateways, allow for configuring a gatewaygroup as the default gateway. #3781
Progress: 100% Pi Ba
02:26 PM Bug #8263 (New): Cannot create a nonlinear `Link Share` service curve because of: "the sum of the child bandwidth higher than parent"
*Problem:*
* Cannot create a nonlinear service curve using `m1` and `d` variables with HFSC Scheduler. Traffic shape... Tom Misztur

01/06/2018

07:16 PM Revision 77a6cafb: Change get_interface_subnet() to use configured value if available.
Pi Ba
06:33 PM Revision 10a8b5ee: openvpn, fix the ifconfig ip1 ip2 when subnet /31 is used
Pi Ba
06:27 PM Feature #8262: Make each prefix flags configurable separately.
Currently all additional prefixes added to be advertised by radvd inherit flags from the general interface radvd conf... Jupiter Vuorikoski
06:22 PM Feature #8262 (New): Make each prefix flags configurable separately.
Jupiter Vuorikoski
05:14 PM pfSense Packages Feature #8232: different ssl options based on the sni name
Much better, I'll start the functional testing! Zoltan Beck
09:13 AM pfSense Packages Feature #8232: different ssl options based on the sni name
Added commit to remove the double section.
URL: https://github.com/pfsense/FreeBSD-ports/pull/491/commits/83ae379cda... Pi Ba
09:00 AM pfSense Packages Feature #8232: different ssl options based on the sni name
Ah um no sorry. Fix will be added shortly. p.s. are you on IRC #pfSense channel? on freenode Maybe we could talk there. Pi Ba
08:38 AM pfSense Packages Feature #8232: different ssl options based on the sni name
Thank you for your help, I installed as you mentioned. I don't know if it works as expected, but on every frontend I ... Zoltan Beck
12:49 PM Bug #8261: OpenVPN tunnel network handled incorrectly with a /31 tunnel network
Is fixed by: https://github.com/pfsense/pfsense/pull/3895 Pi Ba
12:17 PM Bug #8261 (Resolved): OpenVPN tunnel network handled incorrectly with a /31 tunnel network
When defining the tunnel network to be used in an openvpn site-to-site tunnel, if you define a /31 network, the confi... Jupiter Vuorikoski
04:49 AM Feature #7861: Make "Descriptive name" of certificates editable
Is there any chance you will add this feature? Is there anything I can do?
Lars Möller Lars Möller
12:07 AM Bug #8250: Captive Portal XMLRPC does not use the custom port configured.
** it is not a bug **
Louis Casambre

01/05/2018

09:54 PM Revision 34c3aeac: Encode rangedescr before display in firewall_schedules.php. Fixes #8259
(cherry picked from commit 2f7d3a1f3c9b00a815037e1f4b8a88c938a8f42d) Jim Pingle
09:54 PM Revision cc646dfa: Encode rangedescr before display in firewall_schedules.php. Fixes #8259
(cherry picked from commit 2f7d3a1f3c9b00a815037e1f4b8a88c938a8f42d) Jim Pingle
09:54 PM Revision 55ea766a: Encode rangedescr before display in firewall_schedules.php. Fixes #8259
(cherry picked from commit 2f7d3a1f3c9b00a815037e1f4b8a88c938a8f42d) Jim Pingle
09:53 PM Revision 2f7d3a1f: Encode rangedescr before display in firewall_schedules.php. Fixes #8259
Jim Pingle
09:42 PM Revision 88be34ad: Fix foreach error on hosts that have no dyndns entries.
Jim Pingle
09:37 PM pfSense Packages Bug #8260: Status Traffic Totals is not restored when restoring a backup
Jim Pingle wrote:
> Duplicate of #8068
woops, searched for it but didn't find that one, sorry... Tobias H
09:23 PM pfSense Packages Bug #8260 (Duplicate): Status Traffic Totals is not restored when restoring a backup
Duplicate of #8068 Jim Pingle
09:09 PM pfSense Packages Bug #8260 (Duplicate): Status Traffic Totals is not restored when restoring a backup
When you do a backup and restore it then the plugin "Status_Traffic_Totals" is missing. Configuration of the plugin a... Tobias H
04:52 PM Bug #8165: Fragmented at source IPv6 packets (UDP + ICMP Ping) are not forwarded / v2.4.2 AMD64
Just wanted to file a METOO on this where it seems to be causing issues with IPv6 and UDP especially where we saw it ... Kevin A McGrail
04:00 PM Bug #8259 (Feedback): Range description is not encoded in firewall_schedule.php
Applied in changeset commit:2f7d3a1f3c9b00a815037e1f4b8a88c938a8f42d. Jim Pingle
03:53 PM Bug #8259 (Resolved): Range description is not encoded in firewall_schedule.php
On firewall_schedule.php the rangedescr for time ranges is not encoded before display. However, an invalid entry cann... Jim Pingle
02:58 PM Revision e3c0d75e: Update the Copyright notice for pfSense.
Luiz Souza
02:47 PM pfSense Packages Bug #8258 (Resolved): BIND responds with SERVFAIL when adding/changing records if 'allow-update' is configured for a zone
When a proper functioning bind server is running fine for a zone with 'allow-update' enabled for local-nets it is pos... Marco Verleun
02:45 PM Revision 5391d05c: Sort package entries, remove unused packages (elinks, asterisk).
Luiz Souza
01:50 PM Revision 51796ced: Small cosmetic fix.
Luiz Souza
01:44 PM Revision b8f91b7c: Update the Copyright notice for pfSense.
Luiz Souza
12:56 PM pfSense Packages Feature #7706 (Feedback): Add option to write certificate to the filesystem after renew
This is implemented in ACME package version 0.1.34, though it could use additional testing to ensure it's working in ... Jim Pingle
11:02 AM pfSense Packages Feature #7519 (Resolved): Add support for --listen-v6 to ACME standalone webserver
This is implemented in the ACME package version 0.1.33, for HTTP and TLS standalone entries there is now a checkbox t... Jim Pingle
08:33 AM pfSense Packages Feature #7340 (Resolved): Acme Client nsupdate interface forces a different key-ID for every domain
In ACME package version 0.1.32 there is a separate Key name field which can be used to override the default key name ... Jim Pingle
08:33 AM pfSense Packages Bug #8118 (Resolved): Note default key name when using RFC 2136
In ACME package version 0.1.32 there is a separate Key name field which can be used to override the default key name,... Jim Pingle

01/04/2018

07:27 PM Revision 31bb3fb6: Merge pull request #3893 from JoeriCapens/ddns-rfc2136-algorithm-choice
Jim Pingle
06:49 PM Feature #8257: pfSense Diagnostics -> Packet Capture support for loopback interface
In particular, in order to debug a problem I was having with the HAProxy and Acme packages (#7519), I ultimately ende... Chaos215 Bar2
06:47 PM Feature #8257 (Resolved): pfSense Diagnostics -> Packet Capture support for loopback interface
I can't overstate how useful the GUI Packet Capture feature is for debugging all variety of networking issues, but it... Chaos215 Bar2
06:43 PM pfSense Packages Feature #7519: Add support for --listen-v6 to ACME standalone webserver
Another +1.
I'm using HAProxy to allow multiple hosts behind a router to issue Let's Encrypt certificates, using H... Chaos215 Bar2
06:28 PM Bug #8249: pid 77785 (php-fpm), uid 0, was killed: out of swap space
The number of widgets doesn't really matter, only 1 will be refreshed every second..
Could use ab or wrk for a secon... Pi Ba
12:20 PM Bug #8249: pid 77785 (php-fpm), uid 0, was killed: out of swap space
I can't seem to reproduce this here. I have a box with 2GB of RAM and a 14 dashboard widgets loaded and it never goes... Jim Pingle
04:29 PM Revision a58b6915: Backport changes regarding login page
This commit improves consistency and prevents bugs by:
1) Not displaying the login CSS file in the theme list
2) Ensu... NewEraCracker
01:43 PM Feature #8244: Add Dynamic DNS RFC 2136 Client server key algorithm choice
PR Merged Jim Pingle
01:40 PM Feature #8244 (Feedback): Add Dynamic DNS RFC 2136 Client server key algorithm choice
Applied in changeset commit:ab1112eed9c14f95d32469755c17dc067f903e61. Joeri Capens
10:31 AM Bug #8255 (Resolved): Login page color not honoured
The fix was already in the repo for 2.3.6, I cherry-picked commit:1b2c6dd943e90acd25f00f9539aa606bdf26712f back to RE... Jim Pingle
12:12 AM Bug #8255 (Resolved): Login page color not honoured
Login page color is not honoured and it defaults to default blue always Bipin Chandra
06:37 AM Bug #8256 (Resolved): IPv6 IP Alias VIP not added to Interface Network Macros
Hi,
I opened this Forum post thinking that the issue is with CARP VIP, but later on I figured it out that it's act... Rabi Hanna
04:43 AM pfSense Packages Bug #8194: BIND fails to respond after interface goes down
Just a quick note: As an alternate workaround, I attempted to run the DNS Resolver as the primary DNS server, forward... Chaos215 Bar2
03:14 AM pfSense Packages Bug #8194: BIND fails to respond after interface goes down
Is there anything I can do to help diagnose and/or workaround this issue? This is kind of a showstopper for using the... Chaos215 Bar2

01/03/2018

04:23 PM Feature #7671: Gateway Monitoring Via Custom Script or Telnet.
Well that script didn't really seem to work... New Script attached. Sends emails via smtp to address configured on no... Bridgetowermedia IT
01:28 PM Bug #8124: username/password not used by proxy support
Jim Pingle wrote:
> There was a FreeBSD bug about that, see #6949, but that's been fixed for a while now. If the pro... O 71
09:43 AM pfSense Packages Bug #8254 (Resolved): BIND, Register DHCP static mappings and Subzones
If BIND is configured so that it has master zones for example.com and sub.example.com
(assuming proper delegation fr... name name
06:54 AM Bug #8253 (Rejected): Corrupt video during 2.4.x install on Dell Wyse thin client with AMD Radeon HD 6250
*Problem:*
While installing version 2.4.2 via USB key onto a Wyse D50D or D90D, the video is corrupt from the bootlo... Ronnie Last

01/02/2018

08:49 PM Revision c0305bb8: Add keyalgorithm input validation.
Joeri Capens
08:49 PM Revision 16f8df9a: Delete keytype field from config, remove unnecessary file cleanup.
Joeri Capens
06:32 PM pfSense Packages Feature #8232: different ssl options based on the sni name
Patches are based on top of haproxy-devel package 0.54_2 to apply them do the following:
-Install 'System Patches'... Pi Ba
05:19 PM pfSense Packages Feature #8232: different ssl options based on the sni name
Can you please give us steps how to install this version on pfsense 2.4.2-RELEASE-p1? Zoltan Beck
05:20 PM Bug #8247: When in bridge / transparent mode, pfSense blocks UDP/4500 & ESP traffic regardless of origin
In the days since I created this bug, I continue to observe pfSense filtering out inbound return UDP traffic unless e... Travis McMurry
04:50 PM Revision 5340fd2f: Change how SANs are generated from the CN, considering that not all CNs will produce a valid SAN. Fixes #8252
(cherry picked from commit e562fca2e6b7a2ffbbdfe748f769a8cde9e116dc) Jim Pingle
04:49 PM Revision e562fca2: Change how SANs are generated from the CN, considering that not all CNs will produce a valid SAN. Fixes #8252
Jim Pingle
03:56 PM Revision a6c87161: Do not make a bypasslan IPsec config block when it should be disable/empty. Fixes #8239
(cherry picked from commit fbdf0a084da239ca785360106b3dd8d1390223cf) Jim Pingle
03:56 PM Revision 6a20a5bd: Do not make a bypasslan IPsec config block when it should be disable/empty. Fixes #8239
(cherry picked from commit fbdf0a084da239ca785360106b3dd8d1390223cf) Jim Pingle
03:56 PM Revision 5437463a: Do not make a bypasslan IPsec config block when it should be disable/empty. Fixes #8239
(cherry picked from commit fbdf0a084da239ca785360106b3dd8d1390223cf) Jim Pingle
03:55 PM Revision fbdf0a08: Do not make a bypasslan IPsec config block when it should be disable/empty. Fixes #8239
Jim Pingle
02:24 PM Feature #4899: Additional BOOTP/DHCP Options should allow a force option
Code for consideration should be submitted as a Github pull request. Anonymous
02:01 PM Feature #4899: Additional BOOTP/DHCP Options should allow a force option
Moving this feature request back to the top of the stack. The creator did all the leg work to implement this, why not... Charles Taylor
11:00 AM Bug #8252 (Feedback): Automatic SAN code for certificates does not work properly with additional SANs when the CN contains a space
Applied in changeset commit:e562fca2e6b7a2ffbbdfe748f769a8cde9e116dc. Jim Pingle
10:44 AM Bug #8252 (Resolved): Automatic SAN code for certificates does not work properly with additional SANs when the CN contains a space
When making a certificate, if there is a space in the CN the automatic code that copies the CN to a SAN fails to make... Jim Pingle
10:10 AM Bug #8239 (Feedback): If IPsec bypasslan is enabled while the LAN interface is disabled, all traffic bypasses IPsec
Applied in changeset commit:fbdf0a084da239ca785360106b3dd8d1390223cf. Jim Pingle
09:57 AM Bug #8239 (Confirmed): If IPsec bypasslan is enabled while the LAN interface is disabled, all traffic bypasses IPsec
Jim Pingle

01/01/2018

07:05 PM Bug #8249: pid 77785 (php-fpm), uid 0, was killed: out of swap space
For a easy reproduction do the following:
-Configure dashboard with 1 widget like the "Interfaces" widget.
(It also... Pi Ba
08:32 AM pfSense Packages Bug #8251: Captiveportal + FreeRadius "Last activity" resets to Session start
I also get these errors when the times reset, but I'm not certain if they're related yet. I have reported them all vi... Frotty Zaoldyeck
08:20 AM pfSense Packages Bug #8251 (Feedback): Captiveportal + FreeRadius "Last activity" resets to Session start
Hi again.
I still have the exact same problem I reported before since moving to 2.4: https://redmine.pfsense.org/iss... Frotty Zaoldyeck

12/31/2017

07:29 PM Bug #8250 (Closed): Captive Portal XMLRPC does not use the custom port configured.
WebGUI is configured to use https through port 8080. However when synchronizing changes to the captive portal the fo... Louis Casambre
06:39 PM Bug #8201: 502 gateway issues Increase FPM process availability in high ram systems
I 'think' this caused a new issue..: https://redmine.pfsense.org/issues/8249 Pi Ba
06:25 PM Bug #8249 (Resolved): pid 77785 (php-fpm), uid 0, was killed: out of swap space
My pfSense box is running out of memory while it should have plenty to do what it does.
2.4.3-DEVELOPMENT (amd64) ... Pi Ba
09:37 AM pfSense Packages Feature #8232: different ssl options based on the sni name
Can you try and test https://github.com/pfsense/FreeBSD-ports/pull/491 ?
It should allow crt-list to be used. This s... Pi Ba
09:12 AM Bug #8248 (Closed): Pfsense hangs - non pingable when removing traffic shaper from interface(s)
When implementing traffic shaping codelq to my WAN and LAN interfaces works fine when setting it initially. The probl... John Beaudoin

12/30/2017

10:08 PM Bug #8247: When in bridge / transparent mode, pfSense blocks UDP/4500 & ESP traffic regardless of origin
sorry about the trailing open-ended sentence. should have edited it out. :) Travis McMurry
09:59 PM Bug #8247 (Not a Bug): When in bridge / transparent mode, pfSense blocks UDP/4500 & ESP traffic regardless of origin
I'm not sure what mechanism is in play, but this is a VPN-specific issue. Forum Post:
https://forum.pfsense.org/i... Travis McMurry
06:21 PM Feature #8246: Allow reordering of interfaces/stats on the dashboard
Thanks, wasn't aware of that feature. Good enough for my needs (ability to have WANs first would be ideal but this is... Eduard Rozenberg
04:07 PM Feature #8246 (Bogus): Allow reordering of interfaces/stats on the dashboard
System > General, Interfaces Sort, check "Sort Alphabetically". Jim Pingle
12:25 PM Feature #8246 (Bogus): Allow reordering of interfaces/stats on the dashboard
It would be really great to be able to change the order of the interfaces showing in dashboard widgets "Interfaces" a... Eduard Rozenberg
12:43 PM Bug #8129: NTP Status -> Server time value incorrect for timezone Asia/Kolkata
I haven't tested yet but the change looks good, thanks! Eduard Rozenberg

12/29/2017

08:11 PM Todo #8245: use delayed compression for sshd
... Art Manion
08:08 PM Todo #8245 (Resolved): use delayed compression for sshd
FreeBSD default sshd config is "compression delayed". [1] This defends against vulnerabilities like CVE-2016-10012 [2... Art Manion
02:58 PM Revision 48a6bb92: Update language selections
Steve Beaver

12/28/2017

11:24 PM Revision 0ccfd70e: Remove old dnssec-keygen style files during upgrade
Joeri Capens
11:01 PM Revision ab1112ee: Add RFC 2136 Client key algorithm choice. Implements #8244
Joeri Capens
10:46 PM Revision 16c260fa: Use consistent variable order, remove unused variable.
Joeri Capens
10:43 PM Revision 7ca8845b: Replace Dynamic DNS dnssec-keygen style files with simpler ddns-confgen style file.
Joeri Capens
07:07 PM Revision 34300d73: Correct sethelp call on firewall_rules_edit.php, Fixes #8242
Jim Pingle
05:45 PM Feature #8244: Add Dynamic DNS RFC 2136 Client server key algorithm choice
PR: https://github.com/pfsense/pfsense/pull/3893 Joeri Capens
04:31 PM Feature #8244 (Resolved): Add Dynamic DNS RFC 2136 Client server key algorithm choice
Just like #6621, the Dynamic DNS RFC 2136 Client settings require a HMAC-MD5 key, there's no other algorithm choice. Joeri Capens
01:20 PM Bug #8242 (Feedback): Unable to edit firewall rules
Applied in changeset commit:34300d739bfd7968e7e693f2a6302d49203ef4d0. Jim Pingle
01:09 PM Bug #8242: Unable to edit firewall rules
Looks like this was a 2.4-ism that got picked back into RELENG_2_3. I pushed a fix that keeps the formatting. Jim Pingle
08:21 AM Feature #8243 (New): Sync dashboard settings over xmlrpc
I'd like to see pfsense being able to sync it's dashboard settings within a firewall cluster by config sync, making i... net core
08:06 AM pfSense Packages Todo #8241 (Rejected): Update ntopng to 3.2.2017.12.06
We'll get it automatically when we pull in the next quarterly ports branch, no need to go out of our way for every ve... Jim Pingle
02:21 AM Feature #8240: code source bouton "Save" et "Apply change "
Hey Jim,
Thanks for your quick answer, ok i will post my ask in the forum.
Have a nice day for all Mehdi BENLAKHAL

12/27/2017

05:30 PM Bug #8242: Unable to edit firewall rules
Was found on 2.3.6.a.20171227.0928, and 'target version' should be set to 2.3.6 if possible. (that can only be change... Pi Ba
05:01 PM Bug #8242 (Resolved): Unable to edit firewall rules
Upon trying to edit firewall rules an error was presented
Catchable fatal error: Argument 2 passed to Form_Input:... Stephen Dorrington
05:00 PM pfSense Packages Todo #8241 (Rejected): Update ntopng to 3.2.2017.12.06
There's a new release of ntopng on the FreshPorts tree: https://www.freshports.org/net/ntopng/
Please can it be p... Andrew -
03:34 PM Feature #8240 (Bogus): code source bouton "Save" et "Apply change "
Please post support or development questions on the forum, mailing list, or reddit.
The forum has a "French board"... Jim Pingle
10:52 AM Feature #8240 (Bogus): code source bouton "Save" et "Apply change "
Bonjour,
je suis en train de modifier le fichier config.xml de pfsense depuis un script python pour ajouter des vl... Mehdi BENLAKHAL
02:39 PM Revision f0584e6d: Merge pull request #3887 from JoeriCapens/dhcp-ddns-algorithm-choice
Steve Beaver
01:32 PM Revision 662096bb: Add missing $cpzone declaration. Fixes #8238
(cherry picked from commit 918ef12c73364f28fe19891e9d13f57f454c897c) Jim Pingle
01:32 PM Revision 918ef12c: Add missing $cpzone declaration. Fixes #8238
Jim Pingle
10:22 AM Bug #8239 (Resolved): If IPsec bypasslan is enabled while the LAN interface is disabled, all traffic bypasses IPsec
If IPsec bypasslan is enabled while the LAN interface is disabled, all traffic bypasses IPsec because it makes an SPD... Jim Pingle
08:50 AM Feature #6621 (Feedback): Permit DHCP Server Dynamic DNS server key algorithm type selection and use
Applied in changeset commit:534d7d6996854ed5f2521e7a796fb79aaacd176c. Joeri Capens
07:41 AM Todo #8237: Import netstat kresolve_list() fix from stable/11 to improve performance on some platforms
So far, so good. I no longer see a netstat process hanging around in top while watching the dashboard, the CPU usage ... Jim Pingle
07:40 AM Bug #8238 (Feedback): A global definition for $cpconfig is missing ...
Applied in changeset commit:918ef12c73364f28fe19891e9d13f57f454c897c. Jim Pingle
02:14 AM Bug #8238 (Resolved): A global definition for $cpconfig is missing ...
https://forum.pfsense.org/index.php?topic=141900.0 => [Captive Portal] Blocking a Previously White-listed MAC Doesn't... Gertjan KROEB

12/26/2017

08:22 AM Todo #8237 (Feedback): Import netstat kresolve_list() fix from stable/11 to improve performance on some platforms
Done. Let me know if I broke something. Luiz Souza
07:15 AM Todo #8237 (Resolved): Import netstat kresolve_list() fix from stable/11 to improve performance on some platforms
When viewing the dashboard on certain platforms, such as the SG-1000, the calls to netstat to gather data can be slow... Jim Pingle
01:26 AM Feature #8236: Ability to configure "forward-first" and "forward-host" options for more robust domain overrides in DNS Resolver
Possibly scratch the request for "forward-first" unless the implementer is very familiar with its behavior. In testin... Chaos215 Bar2

12/25/2017

11:43 PM Feature #8236 (New): Ability to configure "forward-first" and "forward-host" options for more robust domain overrides in DNS Resolver
It would be great to have the option to configure both forward-first (a simple checkbox) and forward-host (perhaps an... Chaos215 Bar2
05:40 AM pfSense Packages Bug #8115: After update 2.3.4_1-> 2.4.0 ospf over gre looks broken
workaround was :
MTU settings for GRE interfaces
new 2.4 version MTU 1376
old 2.3.4 version MTU 1400
in this ... Konstantin Pobudzey
03:48 AM Bug #4310: Limiters + HA results in hangs on secondary
Lars Jorgensen wrote:
> Sander Naudts wrote:
> > Why not change target version to 2.9.9... sorry just little frustr... Eero Volotinen

12/23/2017

11:59 AM Bug #8235: The browser must support cookies to login
Hello Scott,
Your symptoms are quite strange. Cookies are working in general since years in PFsense.
This should be... Phil Keep
11:23 AM Bug #8235 (Not a Bug): The browser must support cookies to login
I updated pfsense to use secure socket that utilizes port 443 to login as the adminstrator. Upon attempting to login ... Scott Phillips

12/22/2017

10:02 PM pfSense Packages Feature #8210: DHCP servers do not automatically advertise interface IP as DNS server with BIND enabled
Filed #8234 against core pfSense. Chaos215 Bar2
09:55 PM pfSense Packages Feature #8210: DHCP servers do not automatically advertise interface IP as DNS server with BIND enabled
That's not true at all. All you need is a check-box to say "advertise interface IP as DNS server". Chaos215 Bar2
10:01 PM Feature #8234 (Rejected): DHCP server should be able to advertise interface IP automatically even with alternative DNS service
The text below the "DNS servers" fields on the DHCP server configuration reads "Leave blank to use the system default... Chaos215 Bar2
02:42 PM Revision 5a1ee50e: ipsec, multiple phase1 ciphers, make use of 'repeatable' group
Pi Ba
12:58 PM Revision 22dbacd0: ipsec, allow configuration of multiple ike phase1 encryption ciphers (algo/bits/hash/dh)
this is useful for mobile users that need to connect with different operating systems. This way there is no need to f... Pi Ba
12:46 PM Bug #8233 (New): NAT reflection back to originating host broken when using FQDN-based IP aliases
It appears NAT reflection is slightly broken when targeted at an IP alias which is defined via FQDN (rather than IP a... Chaos215 Bar2
02:35 AM pfSense Packages Feature #8232 (New): different ssl options based on the sni name
We have a strange issue with one of our sites on https and Android/Chrome, based on our research and big help of Pi B... Zoltan Beck

12/21/2017

08:56 PM Feature #7281: OpenVPN: Add support for IPv6 dynamic prefix selection
Actually, turns out that IPv4 addresses are actually preferred over ULA by most OSs, so connections don't use v6 when... Corey Boyle
07:26 PM Bug #8231 (Resolved): Undefined function while restoring config from older version
While restoring a 2.1.x config to a fresh 2.4.2 install, it fails with:
PHP Fatal error: Call to undefined function... Massimo Maggi
05:56 PM pfSense Packages Feature #8228: HAProxy ssl verify none
Basically same way you open a bug, just set the Tracker option to 'Feature' which is actually the same as you did for... Pi Ba
05:15 PM pfSense Packages Feature #8228: HAProxy ssl verify none
Thank you one more time, how/where can I open a feature request? :) Zoltan Beck
01:09 PM pfSense Packages Feature #8228: HAProxy ssl verify none
-Yes buying a extra IP would work could point the example2.com there and have a Frontend specifically for that.
-Oth... Pi Ba
07:31 AM pfSense Packages Feature #8228: HAProxy ssl verify none
Thank you very much for your help, now it's clear what happens, but still I have something unclear.
So we have two... Zoltan Beck
04:50 PM Revision facd8c53: Fix the unnecessary 'RAM Disk has settings has changed' reboot every time the miscellaneous settings are saved.
Luiz Souza
04:29 PM Revision f50bb07e: Revert "Fix a bug in interfaces.php that will cause a failure on first 'Save' of 'OPT1' with some hardware configurations."
This reverts commit 373513a56140215c93282252186a938b7cefcf47. Luiz Souza
03:20 PM Revision 2737a09d: Merge pull request #3881 from marjohn56/Increase-FPM-process-availability-in-high-ram-systems
Steve Beaver
03:19 PM Revision 6b54c8a4: Merge pull request #3792 from PiBa-NL/20170731-status_queues-realtime
Steve Beaver
03:19 PM Revision 07127d13: Merge pull request #3867 from dennypage/master
Steve Beaver
03:18 PM Revision c93231e1: Merge pull request #3866 from PiBa-NL/20171104-pkg-reinstallmissingpackage
Steve Beaver
02:48 PM Revision f53d18a6: Merge pull request #3891 from miken32/patch-1
Steve Beaver
02:02 PM pfSense Packages Bug #8213: acl src file not populated from alias
Basically current haproxy package only supports static ip/subnet aliases.
Workaround available here (Thanks Jerry ... Pi Ba
12:48 PM pfSense Packages Bug #6449: Email Reports not wait a long command end to send the report.
can close this issue ,
I had forgotten that ticket ..
tested today with pfsense 2.4.3 daily build and work .
... Luis Couto
 

Also available in: Atom