Activity

30 days up to

User

Subprojects

Activity

From 02/16/2018 to 03/17/2018

03/17/2018

09:06 PM Bug #4479: Firewall rules won't match GRE interface after applying IPSEC transport encryption on GRE tunnel: Ermal says there is code in Darwin that addresses this. Jim Thompson
07:44 PM Feature #8376 (Rejected): please allow dashes in alias names: currently, characters in alias names are restricted to "a-z, A-Z, 0-9 and _". this is annoying because it's common t... lists b
07:22 PM Revision a7e859b8: fixed code style: Benjamin Schweizer
03:46 PM Bug #8375 (Duplicate): email session encryption fails in a private ca environment: when configuring email notifications, and enabling encryption, message notifications fail if the certificate provided... lists b
03:37 PM Todo #8374 (Rejected): email notification settings should not require password confirmation: the email notification settings page [system -> advanced -> notifications -> e-mail], system_advanced_notifications.p... lists b
03:28 PM Feature #8373 (Duplicate): please provide a mechanism to add certificates to the system's root certificate store: the system root certificate store [/usr/local/share/certs/ca-root-nss.crt] includes a default set of certificates, bu... lists b
03:21 PM Feature #8372 (New): add gui setting to adjust refresh rate for dynamic firewall logs: status -> system logs -> firewall -> dynamic view [status_logs_filter_dynamic.php] appears to refresh approximately e... lists b
02:47 PM Revision d038a5dd: Don't read picture file if it does not exist: Steve Beaver

03/13/2018

11:41 PM Bug #8369 (Rejected): Setting password complexity: This kind of thing should be discussed on the actual forum at https://forum.pfsense.org, on the pfSense subreddit, or... Jim Pingle
11:30 PM Bug #8369 (Rejected): Setting password complexity: Hi All,
This is my first post on this forum, not very sure this is the right page I have to mention this topic.
... Remya Sivan
08:09 PM Bug #8368 (Rejected): Cannot log into webConfigurator from Firefox/Linux after fresh install: There is no such problem with pfSense itself. That is a client side issue. Jim Pingle
07:21 PM Bug #8368: Cannot log into webConfigurator from Firefox/Linux after fresh install: Since this is a live system (on which I rely for Internet access), I cannot easily reproduce the issue with the same ... Michael von Glasow
07:16 PM Bug #8368 (Rejected): Cannot log into webConfigurator from Firefox/Linux after fresh install: To reproduce:
* Install pfSense 2.4.2 from scratch.
* Assign interfaces, configure an IP address and DHCP server ... Michael von Glasow
05:54 PM Bug #8367 (Resolved): Traffic Graph widget shows Inverse view, even when Inverse is set to Off.: Tested in 2.4.3.a.20180313.0000.
When setting the Traffic Graph widget for Inverse=Off, the graph still displays i... George Phillips
01:49 PM pfSense Packages Feature #8203 (Resolved): pfSense-pkg-suricata: extended eve output selectable headers: Jim Pingle
01:46 PM pfSense Packages Feature #8203: pfSense-pkg-suricata: extended eve output selectable headers: This feature has been implemented using code submitted by a package contributer. This issue can be closed.
Bill Bill Meeks
01:35 PM pfSense Packages Bug #7932 (Resolved): 2.4.0 & Snort 3.2.9.5_1 Pass Lists: Jim Pingle
01:31 PM pfSense Packages Bug #7932: 2.4.0 & Snort 3.2.9.5_1 Pass Lists: This issue has been resoved in the 3.2.9.6 Snort package versions. The bogus text was coming from an attempt to use ... Bill Meeks
01:24 PM pfSense Packages Feature #8362: Snort and Suricata Package - Allow for changing URLs, Ports, and Protocols to allow for local Repo of Signature Updates: I will look at adding this feature to both packages. It would likely be just a text box where the admin could enter ... Bill Meeks
01:21 PM pfSense Packages Feature #8311 (Rejected): Suricata persistent blocks: Agreed, Bill. It's not worth the trouble to make them persist. Jim Pingle
01:20 PM pfSense Packages Feature #8311: Suricata persistent blocks: This is not going to happen as there is no need for all the necessary overhead persisting blocks would require. If S... Bill Meeks
07:50 AM Bug #8364: Multiple IPsec child SA entries: James Dekker wrote:... Jim Pingle
05:54 AM Bug #8333: Dynamic DNS updates may fail when using a gateway group as the interface when the default route is down: Well. I setup new one 2440 with latest 2.4.3 And 2 GW with Active/Passive GW group. Looks like DDNS should work becau... Constantine Kormashev
05:46 AM Bug #4479: Firewall rules won't match GRE interface after applying IPSEC transport encryption on GRE tunnel: For reference, the upstream bug opened by Eric: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=226411 Daniel Berteaud
01:08 AM Feature #336: Option to create lagg under assign interfaces: +1
Just bumped into the need to do a fresh install of a LAGG+VLAN setup and could not do it via CLI. Stéphane Lapie

03/12/2018

11:44 PM pfSense Packages Bug #8366: Avahi: "Publish DNS Servers" option does nothing: https://github.com/pfsense/FreeBSD-ports/pull/504 Michael Vincent
11:39 PM pfSense Packages Bug #8366 (Resolved): Avahi: "Publish DNS Servers" option does nothing: The "Publish DNS Servers" option is not being used when generating the avahi config which causes the DNS servers to a... Michael Vincent
10:24 PM Revision a55718c8: Fix #8208: When restoring backup, delete packages not present in new config.xml Renato Botelho
10:24 PM Revision 8552be10: Ticket #8208: When restoring backup, set default pkg repository Renato Botelho
10:23 PM Revision 747b31dc: Ticket #8208: When restoring backup, do not call pfSense-upgrade on boot Renato Botelho
10:22 PM Revision 1bedcacc: Do not call get_pkg_info() when it's not going to be used: Renato Botelho
10:22 PM Revision fa5e9db2: Respect default repo: Renato Botelho
10:22 PM Revision b870f03d: Deduplicate build_repo_list() and get_repo_name(): Renato Botelho
07:31 PM Revision e00529a8: Fix miniupnpd build option name for pf.: Jim Pingle
07:30 PM Revision 424a4d37: Fix miniupnpd build option name for pf.: Jim Pingle
05:30 PM Bug #8208 (Feedback): Restoring a config in 2.4.2 with 2.3.X Security/Errata Only repo selected breaks PHP: Applied in changeset commit:a55718c848d8534ba0e0dc87dd50a027aad64512. Renato Botelho
01:49 PM Todo #6647: Enable Additional Security Headers: We have our own internal controls to handle refererring URLS, so that header isn't desirable.
Reading about X-XSS-... Jim Pingle
08:19 AM Bug #6319 (Resolved): DHCP6 DDNS tsig key missing from dhcpv6.conf for reverse zone: Jim Pingle
08:18 AM Feature #6621 (Resolved): Permit DHCP Server Dynamic DNS server key algorithm type selection and use: Jim Pingle
08:18 AM Bug #8106 (Resolved): dhcp6c lock files not removed after unclean shutdown when using "Do not wait for an RA" on IPv6 WAN interface: Jim Pingle
08:08 AM Bug #4310 (Resolved): Limiters + HA results in hangs on secondary: Confirmed working by multiple tests and users. Jim Pingle
08:06 AM Bug #8360 (Resolved): pf rules occasionally contain "!/" where the WAN network/netmask should be: Jim Pingle
06:37 AM Bug #7600: Unable to save DNS Resolver settings: I have also just faced this problem on my 2.3.5-RELEASE-p1 (i386) nanobsd (2g). Interesting is, that adding Host Over... Yaroslav Sokolov

03/11/2018

08:49 AM Feature #8365 (Resolved): Button to copy rules from one interface to another: Hello,
I just wanted to request a feature that i think is very helpful and almost necessary to have. I recently ad... John Amirkhanian

03/10/2018

04:57 PM Bug #8364: Multiple IPsec child SA entries: ... Anonymous
03:30 PM Bug #8364 (Closed): Multiple IPsec child SA entries: Current Base System 2.4.3.a.20180309.1836
Connecting IPSec creates multiple ChildSA's:
Shell Output - ipsec sta... Chris Macmahon
01:02 PM pfSense Packages Bug #8340: Status_Traffic_Totals Error: An update note:
If I go into the package settings and disable graphing, then re-enable it, the problem appears sol... Matthew Drury
04:45 AM Bug #8363 (Closed): OpenVPN Client Has Needs to be restarted after pfsense restart to be connectable: Hi,
This is a weird bug I encountered in last couple of the dev 2.4.3 builds.
The openvpn client interface at b... rub man
12:19 AM Bug #8360: pf rules occasionally contain "!/" where the WAN network/netmask should be: Unable to duplicate after testing most of the day, multiple versions, multiple rule changes and configurations, multi... Paighton Bisconer

03/09/2018

07:30 PM Revision c7500634: Fix one more IGMP ref. Fixes #8356: Jim Pingle
07:15 PM Revision ca5270b6: Correct variable reference for IGMP proxy enable in upgrade code. Fixes #8356: Jim Pingle
01:55 PM Feature #8356 (Resolved): igmp, Add option to disable the igmp service: Jim Pingle
01:54 PM Feature #8356: igmp, Add option to disable the igmp service: Works as expected. With the checkbox unchecked, igmp proxy is disabled and not running. With the checkbox checked, ig... Anonymous
01:30 PM Feature #8356 (Feedback): igmp, Add option to disable the igmp service: Applied in changeset commit:ca5270b6540f374ea63fff912807a07ce2ef99eb. Jim Pingle
01:11 PM Feature #8356 (New): igmp, Add option to disable the igmp service: Jim Pingle
01:06 PM Feature #8356: igmp, Add option to disable the igmp service: With igmp proxy configured on 2.4.2(or p1), upgrade to 2.4.3 (running 2.4.3.a.20180308.1837 here). The config keeps i... Anonymous
11:54 AM Bug #8048: DHCPv6 Configured for LAN without LAN interface: Hit this on 2.4.3.a.20180308.1837. Workaround works. Anonymous
08:51 AM Todo #7762 (Resolved): Add uid check to pfSense-upgrade and exit unless it is run as uid=0: Works Jim Pingle
04:53 AM Todo #7762 (Feedback): Add uid check to pfSense-upgrade and exit unless it is run as uid=0: It was already fixed in commit ee4701adf85a6b5cb2f8d37f5fdeb7a5668eb674 almost a month ago. I forgot to update the ti... Renato Botelho
07:52 AM pfSense Packages Feature #8362 (Closed): Snort and Suricata Package - Allow for changing URLs, Ports, and Protocols to allow for local Repo of Signature Updates: We should have the ability to change the URLs, ports, and protocols used (perhaps even include option for SCP/SFTP) s... Dennis Chow
07:33 AM Feature #8191 (Resolved): IPv6 - Support for configuring multiple DUID types: Jim Pingle
07:31 AM pfSense Packages Bug #8141 (Resolved): ACB uploads a version several times each second/minute when CaptivePortal is active.: Jim Pingle
02:54 AM pfSense Packages Bug #8141: ACB uploads a version several times each second/minute when CaptivePortal is active.: Tested on Current Base System 2.4.3.a.20180308.0950
Confirmed no issues with users in captive portal creating ACB ... Paighton Bisconer
12:50 AM Revision 46ffb68f: Migrate firewall rules to create_interface_list(): Marius Halden
12:31 AM Revision 82f3fd5f: Add support for interface groups in nat rules.: Marius Halden

03/08/2018

06:44 PM Feature #3882: Add OUI database to the base system, remove dependency on nmap: Why not reuse this: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=blob_plain;f=manuf;hb=HEAD the license... Jon Gerdes
05:49 PM Feature #8191: IPv6 - Support for configuring multiple DUID types: The different DUID types also appear to be formatted and stored in config.xml correctly for each respective option.
... Anonymous
05:04 PM Revision 1dfb84de: Merge pull request #3911 from PiBa-NL/20180304-igmp-disable: Steve Beaver
02:52 PM Bug #7772 (Assigned): Regression of Bug #906: Jim Pingle
02:52 PM Bug #7972 (Resolved): Captive portals do not synchronize voucher data in both directions: Jim Pingle
02:51 PM Bug #8266 (Resolved): Bogus error message occurs on killing OPenVPN connection: Jim Pingle
02:42 PM Todo #6998: Create a port for simplepie to keep it updated and use modular version: This will be a larger factor when it is time for PHP 7 Jim Pingle
02:41 PM Revision 2e08a646: Add sanity check to rule passing out from host to ensure it does not have a blank destination subnet. Fixes #8360: Jim Pingle
02:32 PM Feature #8356 (Feedback): igmp, Add option to disable the igmp service: PR has been merged Jim Pingle
02:26 PM Bug #8302 (Resolved): traffic_graphs.widget.php potential XSS via settings: Jim Pingle
01:45 PM Bug #8302: traffic_graphs.widget.php potential XSS via settings: On 2.4.2 CE, added traffic graph widget to dash, set refresh interval to 1s, saved, backed up config and edited the c... Anonymous
01:13 PM Bug #7604: Bug #6594 is not resolved: Waiting for Internet connection to update pkg metadata and finish package reinstallation: G Black wrote:
> At the moment booting appears to stop with this error, hit Ctrl+C to break out of the process
> ... Adam Piasecki
11:51 AM Bug #8300 (Resolved): diag_system_activity.php: Potential XSS due to encoding of process output: Jim Pingle
11:40 AM Bug #8300: diag_system_activity.php: Potential XSS due to encoding of process output: Running
grep -r '<script>alert(1)</script>' /
from shell on 2.4.2 generated an alert on Diag > System Activity... Anonymous
09:50 AM Bug #8360 (Feedback): pf rules occasionally contain "!/" where the WAN network/netmask should be: Applied in changeset commit:2e08a64666620c8e0dd28eb7c14393bee7b2bfa8. Jim Pingle
08:43 AM Feature #7769: DynDNS: Azure integration, update record in Azure (Dynamic DNS Client): I have a working prototype for Azure DNS in my fork:
The updated files are /etc/inc/dyndns.class, /etc/inc/services.... Martin Grasruck
06:15 AM Bug #7502 (Resolved): Cannot set router lifetime to 0 in radvd: Jim Pingle
05:06 AM Bug #7502: Cannot set router lifetime to 0 in radvd: Tested router lifetime configuration under services_router_advertisements.php
2.4.2_p1 return an error message
2... Denis Karpushin
06:14 AM Bug #8129 (Resolved): NTP Status -> Server time value incorrect for timezone Asia/Kolkata: Jim Pingle
02:19 AM Bug #8129: NTP Status -> Server time value incorrect for timezone Asia/Kolkata: Tested under 2.4.3
Dashboard: Current date/time Thu Mar 8 13:48:09 IST 2018
NTP Status Widget: Server Time 13:48... Denis Karpushin
06:14 AM Bug #8219 (Resolved): No gateway groups on french language: Jim Pingle

03/07/2018

10:37 PM Bug #8219: No gateway groups on french language: Confirmed not working in 2.4.2-p1, confirmed working on Système de base actuel 2.4.3.a.20180224.1931
Can be closed Paighton Bisconer
01:35 PM pfSense Packages Bug #8352 (Resolved): Write certificates to file system after renew not working for ACME v2: Thanks for testing! Jim Pingle
01:34 PM pfSense Packages Bug #8352: Write certificates to file system after renew not working for ACME v2: Jim Pingle wrote:
> Fixed in ACME package version 0.2.3
I updated my package and confirmed this is resolved.
The... tasty ratz
07:57 AM pfSense Packages Bug #8352 (Feedback): Write certificates to file system after renew not working for ACME v2: Fixed in ACME package version 0.2.3 Jim Pingle
07:38 AM pfSense Packages Bug #8352 (Assigned): Write certificates to file system after renew not working for ACME v2: This was a bug upstream in acme.sh that only affects ACME v2. After processing the certificates, the script unintenti... Jim Pingle
12:07 PM Bug #8360 (Assigned): pf rules occasionally contain "!/" where the WAN network/netmask should be: Attached patch should fix it, waiting for confirmation before committing. Jim Pingle
09:40 AM Feature #8361 (Resolved): Add entered name to captive portal status and logs: When using the captive portal with "Authentication: None", it would be useful to log the name the person enters in th... Fredrik Forsell
07:57 AM pfSense Packages Bug #8354 (Feedback): ACME: period at end of key name breaks dns validation method: Fixed in ACME package version 0.2.3 Jim Pingle
07:23 AM Bug #8335: System hang with LACP downlink to UniFi switch: Mike Pastore wrote:
> Jeff Wischkaemper wrote:
> > I have an HP unmanaged switch on the LAN side of the network
> ... Jeff Wischkaemper

03/06/2018

11:40 PM Bug #8335: System hang with LACP downlink to UniFi switch: Jeff Wischkaemper wrote:
> I have an HP unmanaged switch on the LAN side of the network
Can you try a different s... Mike Pastore
07:06 PM Bug #8360 (Resolved): pf rules occasionally contain "!/" where the WAN network/netmask should be: Very similar to #2883
I have been unable to duplicate this but have seen enough tickets/forum posts to warrant a l... Chris Linstruth
03:27 PM Bug #7774: No TCP Reply State Established on GRE in IPsec Transport: For what it is worth, I have reproduced this on stock 12-CURRENT.
-Eric Eric Dombroski
03:26 PM Bug #4479: Firewall rules won't match GRE interface after applying IPSEC transport encryption on GRE tunnel: For what it is worth, I have reproduced this on stock 12-CURRENT.
-Eric Eric Dombroski
11:26 AM Revision c99ac306: Sort poudriere_bulk: Renato Botelho
11:25 AM Revision 517c146f: Enable devel/gdb build: Renato Botelho
09:46 AM Feature #7495: Ability to set TTL for local for Unbound host overrides and dhcp leases: Nothing? This came up in a thread again someone asking how to modify this.
https://forum.pfsense.org/index.php?top... JohnPoz _

03/05/2018

11:01 PM Bug #7972: Captive portals do not synchronize voucher data in both directions: Tested on 2.4.3.a.20180305.1550
Was able to sync expired vouchers in both directions, resolved. Paighton Bisconer
07:13 PM Revision 9c9fa4e2: igmp, Add option to disable the igmp service, bump global.inc version: Pi Ba
01:06 PM Feature #4821: PPPoE WANs do not take full advantage of NIC driver queues for receiving traffic: Not as of a couple of months ago. I contacted pfSense tech support (since I was using their hardware) and was basica... Scott Baugher
03:56 AM Feature #4821: PPPoE WANs do not take full advantage of NIC driver queues for receiving traffic: Took me a while to land on this issue. I'm facing similar issues not being able to utilize my full PPPoE WAN speed. U... Yorick Gersie
11:30 AM Bug #8359 (Not a Bug): Packets from phase1 bound to CARP VIP do not have the right source address: It is working fine here sourcing from a CARP VIP, you likely have some other configuration error causing this (like u... Jim Pingle
10:33 AM Bug #8359 (Not a Bug): Packets from phase1 bound to CARP VIP do not have the right source address: Hello,
I have a cluster with one member having a wan IP of 192.168.0.1. I have configured a CARP VIP of 192.168.0.10... Louis Sautier
11:09 AM Revision 768fb19e: fix log link: (cherry picked from commit 9aa103bac303899471ac71205f0bc078f0718939) Pi Ba
11:09 AM Revision 7849c2f8: Merge pull request #3910 from PiBa-NL/20180304-fix-log-link: Renato Botelho
11:08 AM Revision 600bb470: Merge pull request #3909 from luckman212/setup-wiz-patch-1: Renato Botelho
02:48 AM Bug #8357 (Resolved): Static mapping of dhcp leases on bridge interfaces links to the real interface.: Hello everyone,
I've just discovered pfsense and it's such a great tool that i decided to replace my old dd-wrt ro... Frederic brugmans

03/04/2018

03:49 PM Revision 6b3e3bc5: igmp, Add option to disable the igmp service: Pi Ba
03:39 PM Revision 9aa103ba: fix log link: Pi Ba
09:47 AM Feature #8356 (Resolved): igmp, Add option to disable the igmp service: Add option to disable the igmp service
https://github.com/pfsense/pfsense/pull/3911 Pi Ba
01:25 AM Bug #8355 (Not a Bug): Upgrades and packages unavailable after upgrade from 2.3.3_1 to 2.3.4_1: I was running PFSense 2.3.2 and via the Dashboard, opted to upgrade to the release presented: 2.3.3_1. It wound up u... Brian Davidson

03/03/2018

09:24 PM pfSense Packages Bug #8354 (Resolved): ACME: period at end of key name breaks dns validation method: If a key name contains a period at the end, the DNS validation method fails with an error. When I looked at the DNS k... Isaac McDonald
03:27 PM Revision 3ef5904e: small addition to augment jim-p's 58a2ba621c390362170aa2e377e4b41c8fdce1c6: → luckman212
02:07 PM Bug #8335: System hang with LACP downlink to UniFi switch: I'm experiencing similar symptoms (pfSense hanging frequently), though with different hardware. My configuration hang... Jeff Wischkaemper

03/02/2018

08:41 PM Revision 58a2ba62: Fix quoting on rc.bootup conf_path changes: Jim Pingle
07:01 PM Revision 3614c7da: Force the configuration reload after the initial interface assignment.: Also, always save the assign_complete status. Luiz Souza
04:04 PM Revision 7ae13d1f: Fix the loader settings for the console on SG-2320 and SG-2340.: Luiz Souza
03:55 PM Bug #7413 (Resolved): status_dhcpv6_leases.php: Some DHCPv6 leases are not displayed in the GUI: Works fine now Jim Pingle
03:42 PM Revision 20f8233d: Replace some hardcoded paths.: Luiz Souza
02:23 PM Bug #7604: Bug #6594 is not resolved: Waiting for Internet connection to update pkg metadata and finish package reinstallation: I didn't realize this was a huge issue, but I have a workaround for this.
At the moment booting appears to stop w... G Black
10:29 AM Bug #7153 (Resolved): pkg-utils.inc - register_all_installed_packages() does not handle packages that are missing XML: Works great now, thanks! Jim Pingle
07:00 AM Bug #7153 (Feedback): pkg-utils.inc - register_all_installed_packages() does not handle packages that are missing XML: It was missing to enable install / deinstall scripts, which are responsible to call PHP code that registers it on the... Renato Botelho
09:46 AM Bug #8353 (Resolved): Some automated rules are missing tracking IDs: Works fine Jim Pingle

03/01/2018

03:43 PM Revision 7c1aa62b: Add missing firewall rule tracker info to automatically generated rules. Fixes #8353: Jim Pingle
03:42 PM Revision 74afe67c: Add tracking to enableallowallwan and change to single rule. Ticket #8353: Jim Pingle
02:41 PM Bug #7153 (Assigned): pkg-utils.inc - register_all_installed_packages() does not handle packages that are missing XML: The files look like they are all there but I am still not getting a @<package>@ tag in config.xml for Status_Traffic_... Jim Pingle
09:50 AM Bug #8353 (Feedback): Some automated rules are missing tracking IDs: Applied in changeset commit:7c1aa62bc3890faa8a617a6ea734c703a088c602. Jim Pingle
09:20 AM Bug #8353 (Resolved): Some automated rules are missing tracking IDs: Rules created or edited by users (and any rule before config rev 10.7) have a tracking ID added for correlating log e... Jim Pingle
07:29 AM pfSense Packages Bug #8351 (Duplicate): cosmetic: populated field entries in challenge method display in expandable preview even when not selected: Duplicate of #7829 Jim Pingle
07:29 AM pfSense Packages Bug #8352 (Not a Bug): Write certificates to file system after renew not working for ACME v2: I have tried it on several systems running 0.2.1 and they all work fine, must be something in your specific setup. Pl... Jim Pingle

02/28/2018

10:36 PM pfSense Packages Bug #8352 (Resolved): Write certificates to file system after renew not working for ACME v2: Using v2 acme servers, acme 0.2.1 package on 2.4.2-RELEASE-p1
Checking the box:
Write ACME certificates to /conf/a... tasty ratz
10:31 PM pfSense Packages Bug #8351 (Duplicate): cosmetic: populated field entries in challenge method display in expandable preview even when not selected: I discovered this by trying to get namecheap to work and seeing if their API address worked in the RFC 2136 challen... tasty ratz
10:19 PM pfSense Packages Feature #7706: Add option to write certificate to the filesystem after renew: Jim Pingle wrote:
> Works fine
This appears to be a regression in 0.2.1
With the box checked, no files are act... tasty ratz
10:10 PM Bug #4479: Firewall rules won't match GRE interface after applying IPSEC transport encryption on GRE tunnel: Can someone confirm whether or not this bug explains the following situation?
I have a GRE tunnel set up between O... Eric Dombroski
10:01 PM Feature #6240: vxlan driver: +1 Matt Granzow
05:27 PM Bug #6186: race conditions in service startup: > The more immediate issue is after removing the "exit if booting" check from rc.newwanip(v6) in 2.3, which fixed a v... Abuzer Rafey
04:51 PM Bug #7153 (Feedback): pkg-utils.inc - register_all_installed_packages() does not handle packages that are missing XML: Raady for testing, fix committed in https://github.com/pfsense/FreeBSD-ports/commit/100f4c861366158d7abfd92e945a7a993... Jared Dillard
02:19 PM Bug #7905: OpenVPN Authentication Against Backend Stalls All Server Traffic: PR is at https://github.com/pfsense/pfsense/pull/3908 Jim Pingle
10:48 AM Feature #8348 (Resolved): Add firewall rule tracker ID display to rule list and rule edit page: Works as expected Jim Pingle
09:02 AM Todo #8350 (Resolved): Remove clog in favor of standard syslogd or syslogd alternative with rotation via newsyslog or logrotate: Maintaining clog patches and dealing with clog file format/output is cumbersome and not a strict requirement now that... Jim Pingle
08:28 AM pfSense Packages Bug #8305 (Resolved): acme: "Key Size" value is not passed to acme.sh: Great, thanks for testing! Jim Pingle
08:22 AM pfSense Packages Bug #8305: acme: "Key Size" value is not passed to acme.sh: Jim Pingle wrote:
> It's available on 2.4.2 right now, in ACME package version 0.2.1.
>
> You will need to create... Idar Lund
07:35 AM pfSense Packages Bug #8305: acme: "Key Size" value is not passed to acme.sh: It's available on 2.4.2 right now, in ACME package version 0.2.1.
You will need to create a new certificate entry ... Jim Pingle
12:30 AM pfSense Packages Bug #8305: acme: "Key Size" value is not passed to acme.sh: Jim Pingle wrote:
> Fix committed, will show up in 2.4.3 snaps first, next time the other branches get an ACME updat... Idar Lund
07:32 AM Bug #7995: pfSense Certificate Manager Issues Blank Certificates: Highly unlikely that it's the same issue. Post on the forum, pfSense subreddit, or mailing list to discuss and diagno... Jim Pingle
04:29 AM Bug #7995: pfSense Certificate Manager Issues Blank Certificates: Hi, sorry to necro but this bug still seems to exist in 2.4.2p1.
User Certifactes meant for OpenVPN I just issued ... Sebastian Billmann
05:19 AM Feature #7275: Add help text for DNS Made Easy: Phillip Davis wrote:
> Mentioning the Pull Request is good enough. I usually paste the whole link to it, like this:
... Jim Thompson

02/27/2018

04:56 PM Bug #8056: Bridge + CARP crashes/freezes pfSense: Simon Kristensen wrote:
> I just upgrade my pfsense from 2.3.4-p1 to 2.4.2-Release-p1.
> Now I also have the same i... Simon Kristensen
03:34 PM Feature #8349 (New): Show the actual numerical information (upload/download speeds) in the traffic graph dashboard widget: Hello,
I think that, besides the on hover showed info, it would be useful to have the actual numerical information... Angel Díaz
02:14 PM Revision 9c17359f: Add tracker ID to firewall rule list and edit page. Implements #8348: Jim Pingle
12:01 PM pfSense Packages Bug #8305 (Feedback): acme: "Key Size" value is not passed to acme.sh: Fix committed, will show up in 2.4.3 snaps first, next time the other branches get an ACME update it will work there,... Jim Pingle
11:48 AM pfSense Packages Bug #8305: acme: "Key Size" value is not passed to acme.sh: Turns out this is a quirk in acme.sh and not our code, but I put in a fix on our version since it isn't certain it's ... Jim Pingle
08:20 AM Feature #8348 (Feedback): Add firewall rule tracker ID display to rule list and rule edit page: Applied in changeset commit:9c17359f3e5fdb88c900beae19aaaafdf2f25041. Jim Pingle
08:06 AM Feature #8348 (Resolved): Add firewall rule tracker ID display to rule list and rule edit page: The firewall log output prominently displays the tracker ID and description for a rule, but there is no easy way to c... Jim Pingle

02/26/2018

09:24 PM Revision 003d4152: Merge remote-tracking branch 'upstream/master': Refresh work on bug 7905 Phil DeMonaco
08:30 PM Revision e85af34b: Resolves #7905: Minor correction to the script header. Also switches back to printf
instead of echo -n for more broad base compatibil... Phil DeMonaco
03:41 PM Bug #7905: OpenVPN Authentication Against Backend Stalls All Server Traffic: I've corrected the issue. The problem was caused by the fact that the plugin was stealing the original signal handler... Phil DeMonaco
12:47 PM Revision b8963db6: Fix #7972: Rework the way Captive Portal vouchers are synchronized on HA:
- When voucher use is enabled on primary, do the same... Renato Botelho
12:38 PM Bug #7958: Upgrade 2.4.0: IP alias with FQDN doesn't work any more: Hi,
I am also having the same issue, and it's quite annoying...
In my case, filterdns keeps running but in a "dumb"... Edgardo Rodriguez
12:10 PM Bug #8347 (Not a Bug): NAT with Multiple OpenVPN interfaces: Config issue. You need to assign the interfaces so the NAT rules only apply to the one interface you intend, not all ... Jim Pingle
12:07 PM Bug #8347 (Not a Bug): NAT with Multiple OpenVPN interfaces: We have router with 2 OpenVPN instances:
* server for connecting clients
* client to remote location which connect... Daniel Kucera
08:48 AM pfSense Packages Bug #8251: Captiveportal + FreeRadius "Last activity" resets to Session start: Still an issue. I noticed that with "Interim" accounting mode, the "Last Activity" seems to work.
However simultane... Frotty Zaoldyeck
07:00 AM Bug #7972 (Feedback): Captive portals do not synchronize voucher data in both directions: Applied in changeset commit:b8963db6fc4ab59aae673f229b76495e85cb3b46. Renato Botelho
04:32 AM Bug #8056: Bridge + CARP crashes/freezes pfSense: I just upgrade my pfsense from 2.3.4-p1 to 2.4.2-Release-p1.
Now I also have the same issue.
Any news on this, Lu... Simon Kristensen

02/25/2018

07:03 AM Revision 9a18ac7a: Rename the variables on the rest of DHCP functions.: Luiz Souza
06:55 AM Revision dfb6db7a: Remove some dead code, rename variables.: This function is not consumed only by WAN, so use more neutral names to avoid any assumptions. Luiz Souza
06:39 AM Bug #6400 (Closed): assign_interfaces.php issues with large numbers of interfaces: Renato Botelho
06:39 AM Bug #7308 (Resolved): ZFS installer - check storage capabilities: Renato Botelho
12:28 AM Revision 130fe575: Fix my broken code, continue would not work from another loop.: Luiz Souza

02/24/2018

11:05 PM Bug #6400: assign_interfaces.php issues with large numbers of interfaces: Retested With CE 2.4.3.a.20180224.1921 memstick installer and the interface names changed to match the NIC driver bei... Anonymous
10:17 PM Bug #6400: assign_interfaces.php issues with large numbers of interfaces: Tried logging out, WebGUI hung. Tried console menu options 11/16 to get the WebGUI back to no avail. Anonymous
09:59 PM Bug #6400: assign_interfaces.php issues with large numbers of interfaces: With the attached config's (1000-interface-config.xml) interfaces restored to 2.4.3.a.20180224.1542 running with 4G m... Anonymous
10:33 PM Bug #7308: ZFS installer - check storage capabilities: Tested with pfSense-CE-2.4.3-DEVELOPMENT-amd64-20180224-1921.iso and got the attached error with 2G memory, 4G storag... Anonymous
08:22 PM Revision 40a530a1: Filter vm.pmap.pti entries on loader.conf when necessary.: https://forum.pfsense.org/index.php?topic=144390.msg786182#msg786182 Luiz Souza

02/23/2018

09:30 PM Revision 93e287df: Merge remote-tracking branch 'upstream/master': Phil DeMonaco
09:26 PM Revision db30293e: Bug 7905 - Auth Script & Openvpn Config: Replaces the current auth-user-pass-verify directive with the new plugin
call in the config-file generation code.
Al... Phil DeMonaco
05:59 PM Revision 26a38669: Add GUI support to display and set the PTI state.: Luiz Souza
04:11 PM Bug #7905: OpenVPN Authentication Against Backend Stalls All Server Traffic: Note that the event_wait signal, the MULTI_sva, and the WARNING do not appear if the auth request fails. Phil DeMonaco
04:10 PM Bug #7905: OpenVPN Authentication Against Backend Stalls All Server Traffic: I'm really close to having this working on the 2.4.2-RELEASE code base, however, I'm running into an issue and I'm ho... Phil DeMonaco
07:39 AM Feature #8346 (New): Allow pfSense to act as an IPsec VPN client: It would be useful to let pfSense act as a VPN client itself and let it share a mobile style VPN connection to a remo... Michele Di Maria

02/22/2018

07:50 PM pfSense Packages Feature #8345 (Resolved): pfSense-pkg-softflowd: Added additional options now available in softflowd-0.9.9_1: See pull request: https://github.com/pfsense/FreeBSD-ports/pull/501
---
Updated package version to 1.2.3
Inc... Paul Godard
05:59 PM Revision e0ed03f3: Update translation files: Renato Botelho
05:07 PM Revision 37e9cfbd: Regenerate pot: Renato Botelho
01:49 PM Bug #8056: Bridge + CARP crashes/freezes pfSense: I also have exactly the same issue on netgate appliances 8860. I first thought it is a hardware problem and migrated ... Andreas Kaindl
12:51 PM Revision 789cb7f5: Merge pull request #3892 from al-right/master: Renato Botelho
11:26 AM Revision 0152ee69: Enable build of net-mgmt/pfSense-pkg-lldpd: Renato Botelho
11:25 AM Revision 20c85efd: Enable build of net-mgmt/pfSense-pkg-lldpd: Renato Botelho
10:08 AM Bug #8337 (Resolved): System Authservers page Authentication Containers field should be marked required: Field is marked required now Jim Pingle
10:08 AM Bug #8338 (Resolved): Wrong LDAP host is reported when testing system auth server settings: Prints the correct server now Jim Pingle
06:52 AM Bug #7413 (Feedback): status_dhcpv6_leases.php: Some DHCPv6 leases are not displayed in the GUI: PR has been merged Renato Botelho

02/21/2018

08:26 PM Revision 40fd222c: Merge pull request #3906 from phil-davis/system_authservers-authentication-containers-01: Steve Beaver
08:26 PM Revision e8f6e66e: Merge pull request #3907 from phil-davis/auth-server-test-output-01: Steve Beaver
03:17 PM pfSense Packages Feature #7706 (Resolved): Add option to write certificate to the filesystem after renew: Works fine Jim Pingle
03:10 PM Todo #8331 (Resolved): Update Copyright Year on GUI Login page: Jim Pingle
03:08 PM pfSense Packages Bug #8339 (Resolved): quagga: ospfd crashes with assertion since upgrade to quagga-1.2.3: Everyone should have 1.2.4 now Jim Pingle
03:05 PM Bug #8337 (Feedback): System Authservers page Authentication Containers field should be marked required: PR is at https://github.com/pfsense/pfsense/pull/3906 and has been merged Jim Pingle
03:05 PM Bug #8338 (Feedback): Wrong LDAP host is reported when testing system auth server settings: PR is at https://github.com/pfsense/pfsense/pull/3907 and has been merged Jim Pingle
11:53 AM Bug #8344 (Not a Bug): zfs mountroot still broken in 2.4.3.a.20180221.0835: Current snapshots are fine with zfs. Most likely your last update from before this snapshot wiped that out, not the c... Jim Pingle
11:41 AM Bug #8344: zfs mountroot still broken in 2.4.3.a.20180221.0835: (might also have eaten load_dummynet, for the folks who have active limiters)
ROB VANHOOREN
11:38 AM Bug #8344 (Not a Bug): zfs mountroot still broken in 2.4.3.a.20180221.0835: loos' recent commit hosed loader.conf; systems fail reboot at mountroot> b/c opensolaris & zfs ko's don't get loaded.... ROB VANHOOREN
07:29 AM Feature #7321: DynDNS - Add DreamHost DNS support: Dreamhost is not an option in the ACME package. However, I was able to get around this by using the "standalone HTTP ... Corey Boyle
03:39 AM Feature #8289: OpenVPN - configurable username as common name: Greg M wrote:
> Hi!
>
> See here: https://forum.pfsense.org/index.php?topic=136533.msg778977#msg778977
>
> The... Jose Angel Mateo

02/20/2018

04:34 PM Feature #7321: DynDNS - Add DreamHost DNS support: @corey I saw your note about adding this to the ACME package. Were you able to do this? I did not see Dreamhost in th... Joshua Kugler
03:24 PM Bug #8341: NAT Port forwarding issues (port collision from internal host): Tried to reproduce in lab. Not successful. Some additional factor must be involved. Beat Siegenthaler
09:54 AM Bug #8341: NAT Port forwarding issues (port collision from internal host): Jim Pingle wrote:
>the only time you'd have a collision is if you forward a port and both the local source port, loc... Beat Siegenthaler
07:17 AM Bug #8341 (Rejected): NAT Port forwarding issues (port collision from internal host): There isn't a way to automatically detect or predict that scenario to prevent it.
Outbound NAT uses random ports a... Jim Pingle
04:37 AM Bug #8341 (Rejected): NAT Port forwarding issues (port collision from internal host): I think this should be omitted by design:
Found following constellation who troubled me for many hours:
PortNAT: ... Beat Siegenthaler
12:25 PM pfSense Packages Bug #8339: quagga: ospfd crashes with assertion since upgrade to quagga-1.2.3: We're aware, we'll have it updated soon.
In the meantime, consider switching to the FRR package. Jim Pingle
11:58 AM pfSense Packages Bug #8339: quagga: ospfd crashes with assertion since upgrade to quagga-1.2.3: quagga 1.2.4 with the fix has been released:
https://savannah.nongnu.org/forum/forum.php?forum_id=9099
https://www.... Nico Weichbrodt
11:12 AM Bug #8336: ESXi 6.5u1 displays superfluous error message with Netgate OVA iamge: Confirming that it occurs (as expected) in 2.4.2_1. Warning text does not change.
Adam Thompson
10:30 AM Bug #7735 (Not a Bug): Switching to wildcard cert fails until reboot: Jim Pingle
10:28 AM Bug #7735: Switching to wildcard cert fails until reboot: I've been unable to reproduce this in the 2.4 stream, so please close either with CAN'T REPRODUCE or FIXED IN 2.4 (or... Adam Thompson
09:04 AM Bug #8343 (Resolved): Gateway Routes (Default Routes) not removed in Kernel when removed from GUI: When I disable the Gateway (default) in System > Routing > Gateways it is still visible as a static route in Diagnost... Sandro Bolliger
08:25 AM Bug #7308 (Feedback): ZFS installer - check storage capabilities: Changed installer to request more space to install on ZFS Renato Botelho

02/19/2018

05:43 PM pfSense Packages Bug #8340 (Rejected): Status_Traffic_Totals Error: While checking in on my traffic totals using the Status_Traffic_Totals package I've gotten an error that I can't fix.... Matthew Drury
04:21 PM Revision e6e7b00c: Trim domain for learned DNS entries. Ticket #6847: If the CN is already an FQDN on the given domain, this prevents the
domain from being present in the record twice (e.... Jim Pingle
03:33 PM pfSense Packages Bug #8339 (Resolved): quagga: ospfd crashes with assertion since upgrade to quagga-1.2.3: Hi, ospfd crashes with an assertion since I upgraded to 1.2.3 (upgraded Quagga_OSPF to 0.6.20_2):... Nico Weichbrodt
01:26 PM Bug #7469 (Resolved): local_sync_accounts() slowness can trigger GUI/XMLRPC failures with many accounts: Renato Botelho
11:44 AM Bug #8298 (Resolved): OpenVPN Wizard protocol defaults to "UDP IPv4 and IPv6 on all interfaces" causing problems: Wizard now has all of the current protocol choices and defaults to the correct selection (UDP on IPv4 only). Jim Pingle
11:30 AM Bug #8261 (Resolved): OpenVPN tunnel network handled incorrectly with a /31 tunnel network: Tunnel networks are calculated properly with /31 now Jim Pingle
10:53 AM Bug #8125 (Resolved): gateway 502 errors proposed fix for high ram systems: Parameters are changing with RAM size as expected, seems to work OK. Jim Pingle
10:52 AM Bug #7772: Regression of Bug #906: Steve Beaver wrote:
> Can you provide simple steps to reproduce please?
I eventually fixed the issue of the left ... Lance Fogle
10:24 AM Feature #6847 (Resolved): Register CN of OpenVPN clients in DNS Resolver: Seems to work OK but needed a minor tweak in the script, see commit:e6e7b00c5c Jim Pingle
09:36 AM Feature #8205 (Resolved): Allow display of temperature in Fahrenheit: Works Jim Pingle
08:24 AM Feature #6886 (Resolved): Allow Dual-Stack IPSec VPN: Tested and working Jim Pingle
08:24 AM Feature #8186 (Resolved): ipsec, allow configuration of multiple ike phase1 encryption ciphers #3711: Jim Pingle
08:08 AM Bug #4310: Limiters + HA results in hangs on secondary: Fabrizio Pappolla wrote:
> Before open a new ticket, i will try here since the error looks really similar. My pfSens... Jim Pingle
05:29 AM Bug #4310: Limiters + HA results in hangs on secondary: Before open a new ticket, i will try here since the error looks really similar. My pfSense got bootloop, the problem ... Fabrizio Pappolla
12:25 AM Revision ab105bf8: Do not wipe the existing file contents. Return the actual data.: Luiz Souza

02/18/2018

10:14 PM Revision d0490bd0: Merge branch 'master' of github.com:pdemonaco/pfsense: Because I did something out of order? Phil DeMonaco
10:13 PM Revision 4e74cced: Bug 7905 - Minor Tweaks: Switched to printf over echo to ensure strict POSIX compliance. Also
added some comments regarding the source of two ... Phil DeMonaco
10:13 PM Revision b27ae464: Bug 7905 - New Auth Script: Initial pass at new auth script which will be called by an openvpn
plugin. See https://github.com/pdemonaco/auth-scri... Phil DeMonaco
01:03 AM Revision 5a29b7d6: Bug 7905 - Minor Tweaks: Switched to printf over echo to ensure strict POSIX compliance. Also
added some comments regarding the source of two ... Phil DeMonaco
12:55 AM Revision 1ed23afb: Bug 7905 - New Auth Script: Initial pass at new auth script which will be called by an openvpn
plugin. See https://github.com/pdemonaco/auth-scri... Phil DeMonaco

02/17/2018

07:39 PM Revision 56b72761: Fix the variable name.: Pointy-hat to: me Luiz Souza
11:40 AM Revision 34925626: Report correct auth server host when testing LDAP auth server: Phillip Davis
10:47 AM Bug #7604: Bug #6594 is not resolved: Waiting for Internet connection to update pkg metadata and finish package reinstallation: I've just come across this bug now. Most.. infuriating .. nonsense. In my case I have a working WAN, but you can't se... Steve Allison
10:36 AM Revision 5520839e: Mark authentication containers label as required field: Phillip Davis
05:33 AM Bug #8338 (Resolved): Wrong LDAP host is reported when testing system auth server settings: To reproduce:
1) Add a few authentication servers (some Radius, at least 1 LDAP that is not the first entry in the l... Phillip Davis
04:40 AM Bug #8337 (Resolved): System Authservers page Authentication Containers field should be marked required: Actually the box for entering the container data has the "background" text "*Containers"
Phillip Davis

02/16/2018

10:10 PM Bug #7469: local_sync_accounts() slowness can trigger GUI/XMLRPC failures with many accounts: Tested on Current Base System 2.4.3.a.20180216.1415
Syncing 106 users and adding a 107th took maybe two seconds, n... Paighton Bisconer
10:50 AM Bug #7469 (Feedback): local_sync_accounts() slowness can trigger GUI/XMLRPC failures with many accounts: Applied in changeset commit:dc3bc1f8c9f5040762953b38df499ea5f86d13d5. Renato Botelho
09:58 PM Feature #8186: ipsec, allow configuration of multiple ike phase1 encryption ciphers #3711: Tested on 2.4.3.a.20180216.1415, works as expected. Anonymous
06:16 PM Bug #8266: Bogus error message occurs on killing OPenVPN connection: tested on 2.4.3.a.20180216.1415, no error.
Anonymous
04:54 PM Bug #8336: ESXi 6.5u1 displays superfluous error message with Netgate OVA iamge: Oops. Can someone fix my typo in the title, please? Adam Thompson
04:53 PM Bug #8336 (Closed): ESXi 6.5u1 displays superfluous error message with Netgate OVA iamge: No functional impact.
When pfSense-CE-2.4.2-RELEASE-amd64.ova is deployed and booted on an ESXi 6.5u1 host, the VM... Adam Thompson
04:42 PM Revision dc3bc1f8: Fix #7469: Sort users / groups alphabetically on config.xml Renato Botelho
04:42 PM Revision 90510875: Be more verbose about users/groups sync: Renato Botelho
04:10 PM Revision f7aafd45: Fix typo: Jim Pingle
02:04 PM Bug #8335 (New): System hang with LACP downlink to UniFi switch: I have an RCC-VE 2440 (2015) with igb1 and igb2 aggregated into lagg0 and connected to a UniFi switch. UniFi supports... Mike Pastore
01:49 PM Bug #8334: Forwarding broadcast through firewall can cause broadcast storm: All that I understood, the part I think was a bug was it continuing to accept the packet on the WAN interface when th... Sam Bingner
01:47 PM Bug #8334 (Not a Bug): Forwarding broadcast through firewall can cause broadcast storm: The firewall in this case does not have any knowledge that the packet is broadcast. It does not know the subnet direc... Jim Pingle
01:34 PM Bug #8334 (Not a Bug): Forwarding broadcast through firewall can cause broadcast storm: I had a secondary IP on a windows system to test connectivity to a proprietary system. When it was added to windows,... Sam Bingner
01:31 PM Feature #8205 (Feedback): Allow display of temperature in Fahrenheit: PR was merged back in December Jim Pingle
01:25 PM Feature #8191 (Feedback): IPv6 - Support for configuring multiple DUID types: PR was merged a month ago Jim Pingle
01:16 PM Bug #8261 (Feedback): OpenVPN tunnel network handled incorrectly with a /31 tunnel network: PR was merged two weeks ago Jim Pingle
01:12 PM Bug #8333 (Resolved): Dynamic DNS updates may fail when using a gateway group as the interface when the default route is down: When the interface of a Dynamic DNS entry is set to a gateway group and the default route is down, the update may fai... Jim Pingle
08:19 AM Bug #8231 (Resolved): Undefined function while restoring config from older version: Jim Pingle
07:35 AM Todo #6647: Enable Additional Security Headers: While I am by no means an expert on what specific headers are appropriate... And the webgui really should be limited ... JohnPoz _

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

03/17/2018

03/16/2018

03/15/2018

03/14/2018

03/13/2018

03/12/2018

03/11/2018

03/10/2018

03/09/2018

03/08/2018

03/07/2018

03/06/2018

03/05/2018

03/04/2018

03/03/2018

03/02/2018

03/01/2018

02/28/2018

02/27/2018

02/26/2018

02/25/2018

02/24/2018

02/23/2018

02/22/2018

02/21/2018

02/20/2018

02/19/2018

02/18/2018

02/17/2018

02/16/2018