Activity

30 days up to

User

Subprojects

Activity

From 03/04/2018 to 04/02/2018

04/02/2018

10:10 PM Revision bc12317e: Catch up with ports rename: Renato Botelho
10:09 PM Revision 7068e466: Catch up with ports rename: Renato Botelho
08:41 PM Revision 523849d3: remove whitespace - pt. 2: robjarsen
07:42 PM Revision 37e1aecf: Fix function name typo: Jim Pingle
07:18 PM Revision 00e54150: Add function to detect OCSP Must Staple certs. Ticket #8418 and Ticket #8299: Jim Pingle
06:13 PM Bug #8363: OpenVPN Client Has Needs to be restarted after pfsense restart to be connectable: changing some advanced settings and switching to udp solved my problem. rub man
05:36 PM Bug #8419 (New): webgui, when menubar is fixed to the top of the screen, the last items of long menus cannot be seen/used.: webgui, when menubar is fixed to the top of the screen, the last items of long menus cannot be seen/used.
fix: htt... Pi Ba
05:14 PM Bug #8417: IPv6 bogon list size now too large to fit in standard maximum table size: I think there's also mistake in the description on the settings page that could mislead people. If you've overridden... Ryan Jaeb
12:00 PM Bug #8417 (Feedback): IPv6 bogon list size now too large to fit in standard maximum table size: Applied in changeset commit:2d113b128f270302cc5380669f257e8bd1cb3a15. Renato Botelho
09:51 AM Bug #8417 (Resolved): IPv6 bogon list size now too large to fit in standard maximum table size: The IPv6 bogon list has grown to the point where it can no longer fit inside the stock value for maximum table size (... Jim Pingle
04:45 PM Revision 5ab6ce1d: Fix #8417: - Changed default value for Maximum Table Entries to 400000 in order to
make bogonsv6 to work
- Added code to upgra... Renato Botelho
04:45 PM Revision 2d113b12: Fix #8417: - Changed default value for Maximum Table Entries to 400000 in order to
make bogonsv6 to work
- Added code to upgra... Renato Botelho
02:24 PM Bug #8165: Fragmented at source IPv6 packets (UDP + ICMP Ping) are not forwarded / v2.4.2 AMD64: Mike Nichols wrote:
> Johannes - thanks for you comments.
>
> AFAIK pf is an integral part of FreeBSD so we sti... Kevin A McGrail
12:14 PM Revision 85b10a47: Add copyright version param: Steve Beaver
11:45 AM Feature #8418: OCSP Stapling: Peter Berbec wrote:
> With Letsencrypt offering wildcard, people may get in a situation where the certificate they u... Peter Berbec
11:42 AM Feature #8418 (Resolved): OCSP Stapling: With Letsencrypt offering wildcard, people may get in a situation where the certificate they use has been "ocsp must ... Peter Berbec
11:17 AM Revision 139598eb: Remove Whitespace: I'm aware this is a very large commit. Let me know if you'd rather have it broken down by file type (ie: PHP/shell sc... robjarsen
11:16 AM Revision b93ee0b7: Merge pull request #3923 from robjarsen/tweak/rm-whitespace: Renato Botelho
10:19 AM pfSense Packages Bug #8414: ntopng fails to start with Disable Alerts option: For what it's worth I had found other report. I reported a new issue because #8277 was pre-release and indicates that... Denny Page
08:25 AM pfSense Packages Bug #8414 (Duplicate): ntopng fails to start with Disable Alerts option: Duplicate of #8277 Jim Pingle
12:10 AM pfSense Packages Bug #8414 (Duplicate): ntopng fails to start with Disable Alerts option: Ntopng fails to start (core dumps) with the "Disable Alerts" (-H) option enabled. It starts fine without the option s... Denny Page
08:28 AM pfSense Packages Feature #8416 (Resolved): Mailreport - Minute of the Hour: Any chance of adding *Minute of the Hour* as an option in the schedule, I'd like a bit more granularity if possible.
... Andy Kniveton
08:26 AM pfSense Packages Bug #8277 (Feedback): ntopng service fails to start on 2.4.3: A new version of ntopng is available now on 2.4.4 snapshots which should address this issue. Try it there and let us ... Jim Pingle
03:15 AM Bug #6668: IPSec tunnel + L2TP/IPSec VPN - wrong PSK chosen by pfSense: I tried the patch, without success.
*ipsec.secrets (without patch):*
<WANIP> @<DN> : PSK 0s<PSK-01>
: PSK 0s<PS... Lasse not relevant
12:48 AM Feature #8415 (Duplicate): Add DNS over TLS (RFC 7858) fonctionality to dns resolver and forwarder: See https://tools.ietf.org/html/rfc7858 for the proposed standard. The benefit to the user is out of the box DNS priv... Patrick Roy

04/01/2018

07:34 PM Bug #7719: Dynamic DNS updates not working on interface failover: This is working fine for me both on my edge and in my lab HA setup using he.net DDNS. You might want to take your con... Chris Linstruth
06:41 PM Revision 1ac3c88a: Redmine # 7769: Add support for Azure DNS to DynamicDNS: Martin Grasruck
06:14 PM pfSense Packages Bug #8404 (Duplicate): IPSec pre-shared key: Try the patch on the other ticket and add comments there. Jim Pingle
05:57 PM pfSense Packages Bug #8404: IPSec pre-shared key: Same behavior as described in #6668
As long as the second (side-to-side) is aktiv, the only PSK that will match is... Lasse not relevant
02:57 PM Bug #8165: Fragmented at source IPv6 packets (UDP + ICMP Ping) are not forwarded / v2.4.2 AMD64: Johannes - thanks for you comments.
AFAIK pf is an integral part of FreeBSD so we still have to wait for the Fre... Mike Nichols
07:10 AM Bug #8165: Fragmented at source IPv6 packets (UDP + ICMP Ping) are not forwarded / v2.4.2 AMD64: a possible hint:
Could it be a pf firewalling problem in handling ICMP?
While disabling pf via _pfctl -d_ the tra... Johannes Petrick
01:24 PM Bug #8363: OpenVPN Client Has Needs to be restarted after pfsense restart to be connectable: I also get following error message on first connection try after reboot (when connection fails):
@ioctl(TUNSIFMODE... rub man
12:39 PM Bug #8413: Virtual IP on PPPOE interface no longer working with 2.4.3: Not sure this is a duplicate as it also affects PPPOE interfaces and not just on startup. Also happens when trying to... Foo Barbarian
12:35 PM Bug #8413 (Duplicate): Virtual IP on PPPOE interface no longer working with 2.4.3: Duplicate of #8393 Jim Pingle
12:32 PM Bug #8413 (Duplicate): Virtual IP on PPPOE interface no longer working with 2.4.3: When upgrading from 2.4.2 to 2.4.3 the IP aliases on the PPPOE interface stopped working.
Before upgrading they we... Foo Barbarian
11:46 AM Bug #8381: Cert manager requires fields that aren't necessary: FYI: RFC 5280 obsoletes RFC 3280, but provides the same guidance. I wasn't consistent previously, my apologies. Justin Coffman
11:22 AM Bug #6974: radvd enabled on a disconnected interface kills RA completely on all interfaces: Hi, the fix to this bug breaks radvd for bridge interfaces, which subsequently breaks IPv6 routing within/out of the ... Spencer Hakim
08:59 AM Bug #8412 (Rejected): OpenVPN compression setting ignored: Try "Enable Compression (stub)" which is the closest equivalent in the updated syntax.
Our code is formatting thin... Jim Pingle
04:51 AM Bug #8412 (Rejected): OpenVPN compression setting ignored: Compression setting in the GUI is ignored. Always expects comp-lzo no matter what you select.
Log entry with "No L... Puiu Saptezecisisase
08:46 AM Feature #8402: SSH2 Enforced Key and Username+Password Authentication...: Open PR for this issue: https://github.com/pfsense/pfsense/pull/3922 Jim Pingle

03/31/2018

09:56 PM Bug #8381 (Assigned): Cert manager requires fields that aren't necessary: Jim Pingle
09:53 PM Bug #8410 (Assigned): unable to use registered services by name and unable to define aliases for registered services using their name: It should be rejecting that input rather than switching to 'any'. The only text allowed in those boxes should be vali... Jim Pingle
02:42 PM Bug #8410 (Resolved): unable to use registered services by name and unable to define aliases for registered services using their name: related to some degree to bug 8409, i've found that i'm unable to create aliases for registered services using their ... lists b
09:49 PM Bug #8409: pfsense alias complains about well known name for non well known port: IIRC it is checking well-known and registered ports, basically anything in /etc/services which are considered keyword... Jim Pingle
09:48 PM Bug #8409 (Assigned): pfsense alias complains about well known name for non well known port: Jim Pingle
02:34 PM Bug #8409 (Resolved): pfsense alias complains about well known name for non well known port: when attempting to add a new port alias [firewall -> aliases -> ports -> add], for example, for mdns [udp port 5353],... lists b
09:45 PM Todo #8411 (Resolved): dnsmasq configuration needs changes for 2.79: Looks like host overrides might need some adjustments with dnsmasq 2.79. It is not in builds yet but once master swit... Jim Pingle
06:06 PM Revision c6ebe69d: filter vip usage, ipv6 vips cause invalid rules because a empty item gets added to the vips list for a interface: Pi Ba
05:36 PM Bug #8393 (Resolved): IPAlias VIPs on localhost are not applied at boot.: Luiz Souza
12:14 PM Bug #8393: IPAlias VIPs on localhost are not applied at boot.: Works for me. Thanks Luiz! Pi Ba
05:02 PM Bug #7719: Dynamic DNS updates not working on interface failover: I have tested Dynamic DNS on 2.4.3 to see if dynamic DNS would finally work for the several multi WAN with HA sites w... Steven Perreau
04:56 PM Bug #6370: IPSEC bound to WAN gateway group and Dynamic DNS doesn't to fail back tunnel to WAN on DDNS update: Tested with 2.3.4 - IPsec still does not fail back to primary until reauth.
A checkbox that forced IPsec to rebuil... Steven Perreau
03:20 PM Bug #6799: Negating ``<interface> net`` when a VIP exists on the interface results in unintended behavior: Understood.
The usual reason is that is what pfBlockerNG's DNSBL does by default - places a 10.10.10.X IP Alias VI... Chris Linstruth
02:51 PM Bug #6799: Negating ``<interface> net`` when a VIP exists on the interface results in unintended behavior: LAN Interface: 172.25.232.1/24
IP Alias VIP on LAN: 10.10.10.10/32
You’ve defined LAN here to include both.
S... Jim Thompson
01:16 PM Bug #8408 (Resolved): invalid rule written due to ipv6 ipalias being present: The following rule is generated due to a IPv6 alias being present, this is supposed to fill a array of vips6 , but ad... Pi Ba
12:00 PM Bug #8407 (Resolved): FRR BGP MD5 support is broken: This is a continuation of #7969
I recently upgraded some systems from 2.3.5 to 2.4.3 and found that FRR BGP MD5 su... Anonymous
11:56 AM Bug #8406 (New): DDNS IPV6 Cloudflare Client does not detect PPOE address: The ISP uses PPPoE for connectivity. The Cloudflare DDNS client properly detects the PPPoE IPv4 address. The Cloudfla... Matthew Vinton
11:52 AM Bug #7969: md5 bgp sessions fail in 2.4.0: I recently upgraded some systems from 2.3.5 to 2.4.3 and found that FRR BGP MD5 support is now broken. When the outgo... Anonymous
08:54 AM pfSense Packages Bug #8405 (Duplicate): pfSense 2.4.3 breaks HAProxy if using VIP: Looks like the same issue as #8393 Jim Pingle
06:59 AM pfSense Packages Bug #8405 (Duplicate): pfSense 2.4.3 breaks HAProxy if using VIP: If using a VIP for HAProxy instead of localhost, the upgrade to 2.4.3 creates the following error. Changing from the ... Rick Strangman
05:46 AM pfSense Packages Bug #8404 (Duplicate): IPSec pre-shared key: After upgrading from 2.4.2_p1 to 2.4.3, just the last added (active) IPSec tunnel <PSK> matches in PHASE-1.
All ot... Lasse not relevant
04:10 AM Revision 36c029a1: Fixes a regression in my previous commit.: IP aliases can be used with CARP vhids too.
Reported by: PiBa
Ticket: #8393
(cherry picked from commit b... Luiz Souza
04:09 AM Revision b0ad46aa: Fixes a regression in my previous commit.: IP aliases can be used with CARP vhids too.
Reported by: PiBa
Ticket: #8393 Luiz Souza
03:17 AM Revision deb4dba6: Enhanced sshdkeyonly Drop-Down List for Clarity...: Enhanced sshdkeyonly drop-down list for clarity, as per https://github.com/pfsense/pfsense/pull/3922#pullrequestrevie... Daniel Koh
03:12 AM Revision c45abaab: Enhanced sshdkeyonly Drop-Down List for Clarity...: Enhanced sshdkeyonly drop-down list for clarity, as per https://github.com/pfsense/pfsense/pull/3922#pullrequestrevie... Daniel Koh

03/30/2018

11:01 PM Revision 179377b0: Remove Whitespace: I'm aware this is a very large commit. Let me know if you'd rather have it broken down by file type (ie: PHP/shell sc... robjarsen
09:57 PM Bug #8403 (Resolved): system_advanced_admin.php Uses Incorrect/Inconsistent $config sshdkeyonly References...: /usr/local/www/system_advanced_admin.php uses incorrect/inconsistent $config sshdkeyonly references.
- lines 106-1... Daniel Koh
09:50 PM Feature #8402: SSH2 Enforced Key and Username+Password Authentication...: Incorrect target version - should be 2.4.5. Daniel Koh
09:45 PM Feature #8402 (Resolved): SSH2 Enforced Key and Username+Password Authentication...: To allow key _and_ username+password combination (in contrast to key OR password) i.e. if selected in the System>Adva... Daniel Koh
09:28 PM Bug #7731: DynDNS fail to update after connection lose: I was looking forward to running 2.4.3 to see if dynamic DNS would work.
My latest testing on 2.4.3 is ddns still ... Steven Perreau
09:26 PM Bug #8333: Dynamic DNS updates may fail when using a gateway group as the interface when the default route is down: I was looking forward t0 running 2.4.3 to see if dynamic DNS would finally work.
My latest testing on 2.4.3 is ddn... Steven Perreau
08:47 PM Bug #8393: IPAlias VIPs on localhost are not applied at boot.: I forgot about these, I had the 'CARP isn't a interface anymore' thinking in my head.
Should be fixed now.
Thanks! Luiz Souza
03:58 PM Bug #8393: IPAlias VIPs on localhost are not applied at boot.: Hi Luiz,
To have multiple highly available IP's on 1 interface its possible to configure a vip of type "alias" and... Pi Ba
03:23 PM Bug #8393: IPAlias VIPs on localhost are not applied at boot.: Can you please elaborate PiBa ? Luiz Souza
02:50 PM Bug #8393: IPAlias VIPs on localhost are not applied at boot.: Seems now a IPalias under a CARP parent is not applied.? Pi Ba
10:49 AM Bug #8393 (Feedback): IPAlias VIPs on localhost are not applied at boot.: Jim Pingle
06:47 PM Revision 49c1dfc0: Merge pull request #3915 from cxcv/proxyarp: Steve Beaver
06:46 PM Revision 8d26774f: Merge pull request #3916 from robjarsen/tweak/cf-spelling: Steve Beaver
06:45 PM Revision cd4ee470: Merge pull request #3919 from PiBa-NL/20180329-copyright-showonce: Steve Beaver
06:31 PM Revision ec203c03: Fixes a bug where an IP alias on loopback interface is not initialized at boot.: A recent change changed the IP alias setup to only happen on enabled interfaces. As the loopback interfaces do not h... Luiz Souza
06:30 PM Revision 0dc35a48: Allow SSHd Key and Password Combination: Changes to allow key and password combination (in contrast to key OR password) i.e. if selected in the Admin>Advanced... Daniel Koh
06:22 PM Revision d8aea57a: Allow SSHd Key and Password Combination: Changes to allow key and password combination (in contrast to key OR password) i.e. if selected in the Admin>Advanced... Daniel Koh
06:21 PM Revision 52d4dc91: Fixes a bug where an IP alias on loopback interface is not initialized at boot.: A recent change changed the IP alias setup to only happen on enabled interfaces. As the loopback interfaces do not h... Luiz Souza
11:06 AM Bug #8401 (New): Issues related to keys representing alphabetic characters specific to Scandinavian languages and to some other keys.: *Description of problem:* Issues related to keys representing alphabetic characters specific to Scandinavian language... Ricky Tigg
11:00 AM pfSense Packages Bug #8400 (Closed): FreeRadius 3 EAP-TLS Missing O.U. Option: Under Services-->FreeRADIUS-->EAP-->EAP-TLS
The Organizational Unit (O.U.) is missing from the option for:
"Che... Kristopher Kolpin
09:04 AM Bug #8396: Upgrade 2.4.2_1p to 2.4.3 Fails: Sniffer trace showed that files00.netgate.com will resolve to both IPv4 and IPv6. The IPv6 side of that server is no... Larry Westfall
07:07 AM Bug #8396 (Not a Bug): Upgrade 2.4.2_1p to 2.4.3 Fails: Most likely something specific to your system/setup/hardware. Please post on the forum, pfSense subreddit, or mailing... Jim Pingle
07:19 AM Todo #8394: status.php - Some package password fields are not redacted: I can add them to the redacted field list.
That said, these are from packages and the base system status.php can't... Jim Pingle
07:15 AM Bug #8395 (Duplicate): #6677 broke IP Aliases on loopback interfaces: Jim Pingle
07:11 AM Bug #8398 (Not a Bug): No route for openvpn tunnel addresses: OK, but if you can reproduce the original missing route problem, gather as much detail as you can before restarting t... Jim Pingle
07:07 AM Bug #8398: No route for openvpn tunnel addresses: It looks OpenVPN server" > "Advanced Configuration" > "gateway creation" was unrelated to missing routes. Probably o... Vladimir Lind
05:33 AM Bug #8398 (Not a Bug): No route for openvpn tunnel addresses: On SG-1000 - OpenVPN server" > "Advanced Configuration" > "gateway creation" defaults to "Both"
There was no any rou... Vladimir Lind
07:00 AM Bug #8399 (Duplicate): Coreboot: Netgate 701 is this issue exactly. Jim Pingle
05:37 AM Bug #8399 (Duplicate): Coreboot: We have a report of a user with this issue:
The upgrade went smoothly here, but I'm wondering if anyone else is havi... Chris Macmahon
06:59 AM Bug #8397 (Rejected): after upgrade 2.4.2 -> 2.4.3 gui error: Jim Pingle
06:15 AM Bug #8397: after upgrade 2.4.2 -> 2.4.3 gui error: the source guardion encoder component has broken. i removed. we can close.. serkan kasap
03:06 AM Bug #8397 (Rejected): after upgrade 2.4.2 -> 2.4.3 gui error: Fatal error: Cannot redeclare index_groups() (previously declared in /etc/inc/auth.inc:238) in /etc/inc/auth.inc on l... serkan kasap

03/29/2018

09:28 PM pfSense Packages Feature #8362: Snort and Suricata Package - Allow for changing URLs, Ports, and Protocols to allow for local Repo of Signature Updates: This feature was added in the Suricata GUI package v4.0.4_1 pull request posted on GitHub here: https://github.com/pf... Bill Meeks
08:06 PM Bug #8396 (Not a Bug): Upgrade 2.4.2_1p to 2.4.3 Fails: The gui fails with no real messages, the CLI just freezes, it appears to be failing at:
arj: 3.10.22_5 -> 3.10.22_7... Larry Westfall
07:02 PM Bug #8395: #6677 broke IP Aliases on loopback interfaces: Duplicate of #8393. Anonymous
06:28 PM Bug #8395 (Duplicate): #6677 broke IP Aliases on loopback interfaces: The fix for #6677 broke IP Aliases on loopback interfaces (type "Localhost") in that they no longer come up on reboot... Anonymous
04:55 PM Revision 11522a08: copyright, show only when changed md5 changed: Pi Ba
04:47 PM Bug #8393 (Assigned): IPAlias VIPs on localhost are not applied at boot.: Anonymous
04:39 PM Bug #8393: IPAlias VIPs on localhost are not applied at boot.: Works fine for me too, no need to go back into the VIPs and resave. Andy Kniveton
04:18 PM Bug #8393: IPAlias VIPs on localhost are not applied at boot.: That works here. Steve Wheeler
04:16 PM Bug #8393: IPAlias VIPs on localhost are not applied at boot.: We're testing the patch now.
Patch resolves the issue. Anonymous
04:01 PM Bug #8393: IPAlias VIPs on localhost are not applied at boot.: I've noticed that to, can you try the patch?: https://github.com/pfsense/pfsense/pull/3920 Pi Ba
03:56 PM Bug #8393 (Resolved): IPAlias VIPs on localhost are not applied at boot.: An VIP configured like:... Steve Wheeler
04:31 PM Bug #8247: When in bridge / transparent mode, pfSense blocks UDP/4500 & ESP traffic regardless of origin: Fast Forward to a new pfSense 2.4.3 installation in *routed* mode and the same behavior occurs:
* Only one rule in... Travis McMurry
04:22 PM Todo #8394 (Resolved): status.php - Some package password fields are not redacted: Raised an issue with support to do with 2.4.3 and an issue at boot time https://redmine.pfsense.org/issues/8393
Wa... Andy Kniveton
02:26 PM Bug #8335: System hang with LACP downlink to UniFi switch: I can confirm that this is still an issue on pfSense 2.4.3-RELEASE and UnFi firmware -3.9.21.8191- 3.9.27.8537. Mike Pastore
01:37 PM Bug #8392 (Duplicate): Carp on switch ports: We have previously seen this on VMs when run as HA.
When the on-board switch is segregated using VLANs to provide ... Chris Macmahon
11:40 AM Revision 47d45f69: Prepare repos to point to 2.4.3-RELEASE: Renato Botelho
11:39 AM Revision 6d14fe07: Revert "Add 2.4.3-RC repo conf": This reverts commit 663c7586393c9d4bcd17c3312a24088ee3a3eac9. Renato Botelho
11:39 AM Revision 9ca84c27: Prepare repos to point to 2.4.3-RELEASE: Renato Botelho
11:38 AM Revision cbc1286c: Revert "Add 2.4.3-RC repo conf": This reverts commit 72fcd11a4c5f743990eb2f62789fb292e52bbde5. Renato Botelho
11:38 AM Revision 3c5606c6: Prepare repos to point to 2.4.3-RELEASE: Renato Botelho
11:36 AM Revision 409270dc: Revert "Add 2.4.3-RC repo conf": This reverts commit 5c1132bf0d796295b9b56fd93631c606f8ccd660. Renato Botelho
11:35 AM Revision 76645f89: Prepare repos to point to 2.4.3-RELEASE: Renato Botelho
11:34 AM Revision 78b079ae: Revert "Add 2.4.3-RC repo conf": This reverts commit 29c5272404bdb35a3ac64e6bfcefae02c56e9466. Renato Botelho
07:35 AM Feature #8123 (Resolved): Add GoDaddy as a Dynamic DNS provider: PR was merged months ago, submitter has tested and confirmed it works. Jim Pingle

03/25/2018

08:40 PM Revision ef7e8885: Move copyright notice to /conf: Steve Beaver
11:39 AM Bug #8138: Option <spoofmac> is ignored on interfaces without hwaddr: Confirmed. MAC spoofing is broken on bridge interfaces and still broken in 2.4.4a. Testing on CE amd64.
Initially:... Steve Wheeler

03/24/2018

06:33 PM Revision 1ea2a37e: Fix copyright typo: Steve Beaver
12:49 PM Revision 6fb38a04: Further copyright updates: Steve Beaver
12:44 PM Revision c0debf5b: Revisions to copyright text: Steve Beaver
10:51 AM Bug #8389 (Not a Bug): OpenVPN servise status does not update: On the pfSense Dashboard => Service status, see OpenVPN service status.
Regardless if OpenVPN is on or off, status... Yuri Weinstein
08:22 AM Feature #8388 (Resolved): Add DNS over TLS for upstream forwarders to the DNS Resolver: GUI options to set DNS over TLS.
Currently you can do this by adding a stanza to the custom options on unbound.
... Joe Gassner

03/23/2018

03:33 PM Revision 7b73c8ff: Rename RCC-DFF to SG-2220: Renato Botelho
03:33 PM Revision 6ae6d723: Change reported version to installed version rather than product version for more detail: Steve Beaver
03:32 PM Revision 0a031fc7: Rename RCC-DFF to SG-2220: Renato Botelho
10:40 AM Bug #8387 (Closed): Cannot use large CRLs: Attempting to import CRL data for certificate authorities via the "System > Cert. Manager > Certificate Revocation" w... Anonymous
08:19 AM Bug #7958: Upgrade 2.4.0: IP alias with FQDN doesn't work any more: Edgardo Rodriguez wrote:
> Hi,
> I am also having the same issue, and it's quite annoying...
> In my case, filterd... Edgardo Rodriguez
07:21 AM pfSense Packages Feature #5052: Avahi Proxy Package: Add option to disable/control cache size.: could you please add an option to set cache-entries-max=0 (or other arbitrary avahi config options?) - see below, it ... Roland Kletzing

03/22/2018

05:36 PM Bug #7919: Logging not working: #define ENODEV 19 /* Operation not supported by device */
if (memcmp(&(f-... Jim Thompson
04:53 PM Bug #8386 (Not a Bug): Virtual IPs not considered as part of interface net: Every network interface with ips configured has a variable "INTERFACE net" which can be used in firewall rules to sel... Stefan Kooman
02:56 PM Revision 8062e6a4: Change reported version to installed version rather than product version for more detail: Steve Beaver
02:09 PM Bug #8179: Incorrect reverse DNS zone in DHCP server config for non-octet-aligned subnet mask: Alfred Barnat wrote:
>
> This should have been:
> zone 208-209.24.172.in-addr.arpa {
> primary 127.0.0.1;
>}... Yousif Hassan
01:09 PM Feature #8385 (New): Utilize IP addresses from successfully authenticated OpenVPN endpoints to Update Firewall Rules: OpenVPN is extremely useful for providing authentication and encryption for remote branch locations and individual ro... Kristopher Kolpin
12:12 PM Bug #8355: Upgrades and packages unavailable after upgrade from 2.3.3_1 to 2.3.4_1: 2018-03-22@17:11:25 (Thu) Have encountered exactly the same problem :-( Tim Jones
11:55 AM Revision ae78f278: Simplify copyright notice display: Steve Beaver
05:57 AM Feature #8384 (Rejected): Pushbullet notifications would be nice: Jared Shearer

03/21/2018

07:35 PM Revision a1ec79f3: Simplify copyright notice display: Steve Beaver
03:05 PM Bug #8383 (Duplicate): OpenBGPD not working with MD5 passwords: I am using OpenBGPD on 2.3.5 and am peering using an MD5 password to a Cisco device, when I upgraded to 2.4.2, the MD... Matthew Fields
02:48 PM Bug #7969: md5 bgp sessions fail in 2.4.0: I am using OpenBGPD on 2.3.5 and am peering using an MD5 password to a Cisco device, when I upgraded to 2.4.2, the MD... Matthew Fields
02:28 PM Revision 00a1311e: Update obsoleted files: Steve Beaver
02:28 PM Revision 3a910ee1: Make copyright notice downloadable from server: Trigger cpyright notice on completion of setup wizard Steve Beaver
02:25 PM Revision e84812a1: Update obsoleted files: Steve Beaver
02:11 PM Revision c8c15bf5: Make copyright notice downloadable from server: Trigger cpyright notice on completion of setup wizard Steve Beaver

03/20/2018

10:26 PM Revision cd93132e: Bump up the XML config version.: (cherry picked from commit 45b421561d969e73b7df4ab23a3256acce5929eb) Luiz Souza
10:24 PM Revision 45b42156: Bump up the XML config version.: Luiz Souza

03/19/2018

10:00 PM Bug #8381: Cert manager requires fields that aren't necessary: Clarifying that last line:
RFC 3280 defines how the subject of a certificate or CA must be specified. Ideally, the... Justin Coffman
09:46 PM Bug #8381 (Resolved): Cert manager requires fields that aren't necessary: Attempting to generate a CA or certificate via the cert management tool in the web GUI yields the following error:
... Justin Coffman
05:09 PM Revision 27e5ab7d: Fix pkg repo configs: Renato Botelho
01:28 PM Bug #8380 (New): OpenVPN RADIUS password length is not constant: Hi there,
I've been running a production OpenVPN server on pfSense for the past year and I have recently switched ... James Webb
03:08 AM Bug #8379: rules with DSCP never match: Post removed, apologies, will post in forum.
Edit: Now I understand my mistake, I agree, this is #notabug Anonymous
02:51 AM Bug #8379: rules with DSCP never match: This is not a discussion forum. Please start a topic at https://forum.pfsense.org/
I expect this will be closed as... Chris Linstruth
02:27 AM Bug #8379: rules with DSCP never match: Thanks for the followup Chris.
I will do some more testing - I am using VirtIO/vtnet interfaces, is it possible that... Anonymous
12:44 AM Bug #8379: rules with DSCP never match: Could not duplicate on 2.4.2_1:
Set laptop switchport to set dscp 14
Set floating rule to match AF13 and log
... Chris Linstruth
02:53 AM Todo #765: Patch: Add custom DHCP configuration: It seems this is still not integrated in pfSense 2.4. Stéphane Lapie
12:09 AM Revision 07a84ece: missed a few: robjarsen

03/18/2018

11:02 PM Bug #8379: rules with DSCP never match: erno rubbik wrote:
> Hello
>
> I am aware this looks like a duplicate of bug 3726 https://redmine.pfsense.org/iss... Anonymous
05:03 PM Bug #8379: rules with DSCP never match: Hello
I am aware this looks like a duplicate of bug 3726 https://redmine.pfsense.org/issues/3726 but it's not
... erno rubbik
05:00 PM Bug #8379 (Not a Bug): rules with DSCP never match: Hello
I am aware this looks like a duplicate of bug 3726 https://redmine.pfsense.org/issues/3726 but it's not
I... erno rubbik
08:14 PM Revision c5e1ce90: Change CloudFlare to Cloudflare: This commit also includes misc. whitespace removal on the affected files. robjarsen
03:27 PM Bug #8056: Bridge + CARP crashes/freezes pfSense: I have tested this. I could easily trigger it in 2.4.2_1 but could not in current snaps. It looks to be solved.
An... Steve Wheeler
03:03 PM Feature #8378 (Duplicate): allow webconfigurator to be configured to listen on only specified interface[s]: currently, the webconfigurator listens on all network interfaces. please implement a mechanism to allow this to be c... lists b
02:26 PM Bug #8377 (Duplicate): Traffic graph widget mouse over always shows b/s even when the value is in B/s: As the description, the mouse over display is always shown as b/s regardless on the bits/Bytes setting.
Seen in: p... Steve Wheeler

03/17/2018

09:06 PM Bug #4479: Firewall rules won't match GRE interface after applying IPSEC transport encryption on GRE tunnel: Ermal says there is code in Darwin that addresses this. Jim Thompson
07:44 PM Feature #8376 (Rejected): please allow dashes in alias names: currently, characters in alias names are restricted to "a-z, A-Z, 0-9 and _". this is annoying because it's common t... lists b
07:22 PM Revision a7e859b8: fixed code style: Benjamin Schweizer
03:46 PM Bug #8375 (Duplicate): email session encryption fails in a private ca environment: when configuring email notifications, and enabling encryption, message notifications fail if the certificate provided... lists b
03:37 PM Todo #8374 (Rejected): email notification settings should not require password confirmation: the email notification settings page [system -> advanced -> notifications -> e-mail], system_advanced_notifications.p... lists b
03:28 PM Feature #8373 (Duplicate): please provide a mechanism to add certificates to the system's root certificate store: the system root certificate store [/usr/local/share/certs/ca-root-nss.crt] includes a default set of certificates, bu... lists b
03:21 PM Feature #8372 (New): add gui setting to adjust refresh rate for dynamic firewall logs: status -> system logs -> firewall -> dynamic view [status_logs_filter_dynamic.php] appears to refresh approximately e... lists b
02:47 PM Revision d038a5dd: Don't read picture file if it does not exist: Steve Beaver

03/16/2018

07:22 PM Revision 12b8f3c9: Don't read picture file if it does not exist: Steve Beaver
04:30 PM Revision 7c0e431a: avoid firwall rules for proxyarp addresses: Benjamin Schweizer
02:07 PM Revision 29c52724: Add 2.4.3-RC repo conf: Renato Botelho
02:07 PM Revision 727e8b11: Add 2.4.3-RC repo conf: Renato Botelho
02:07 PM Revision 72fcd11a: Add 2.4.3-RC repo conf: Renato Botelho
02:07 PM Revision 663c7586: Add 2.4.3-RC repo conf: Renato Botelho
02:07 PM Revision 5c1132bf: Add 2.4.3-RC repo conf: Renato Botelho
02:00 PM Revision 5366c4bc: Initial steps for 2.4.3-RC: Renato Botelho
01:44 PM Revision b6c92510: Bump version to 2.4.4-DEVELOPMENT: Renato Botelho
01:36 PM Feature #8371 (Assigned): Reduce config.xml size by removing picture widget images to file system: Upgraded with a picture in the widget and it was broken after the upgrade. No sign of the image in /conf/
Missing ... Jim Pingle
12:54 PM Feature #8371: Reduce config.xml size by removing picture widget images to file system: new VM, setup picture, downloaded a backup. reset to factory defaults, restored backup, no Image in the widget: Scree... Chris Macmahon
10:51 AM Feature #8371 (Resolved): Reduce config.xml size by removing picture widget images to file system: Images now saved in /conf
Upgrade_config function writes any images out to file system and truncates the config.xml ... Anonymous
01:23 PM Revision 1f0bbb13: Revise picture widget to store image on file system, not in XML config: Steve Beaver
01:20 PM Revision 9099582c: Merge branch 'master' of gitlab.netgate.com:pfsense/pfsense: Steve Beaver
01:08 PM Revision ee28e293: Revise picture widget to store inamge on file system, not in XML config: Steve Beaver
01:05 PM Feature #4821: PPPoE WANs do not take full advantage of NIC driver queues for receiving traffic: I will but I was hoping that pfSense people would also push FreeBSD on it, since I'm sure they have a much stronger a... Benoit Lelievre
12:46 PM Feature #4821: PPPoE WANs do not take full advantage of NIC driver queues for receiving traffic: Since this is a missing feature in FreeBSD networking, you should lobby there for it to be addressed, not here:
ht... Jim Pingle
12:34 PM Feature #4821: PPPoE WANs do not take full advantage of NIC driver queues for receiving traffic: Now that the Spectre and Meltdown patches are coming out on various OSes this becomes even more critical to fix becau... Benoit Lelievre
10:27 AM Bug #8290 (Resolved): filter.inc, make filter_expand_alias_array() return consistent results between first and second call.: The part of this that was broken in pfSense is OK now, but it looks like haproxy will need to implement its own funct... Jim Pingle
10:26 AM Bug #8333 (Resolved): Dynamic DNS updates may fail when using a gateway group as the interface when the default route is down: Tested and working. Jim Pingle

03/15/2018

06:35 PM Revision feeb0581: Make our rc ready for recently introduced exit code in fsck: Inspired by: https://svnweb.freebsd.org/base?view=revision&revision=331015 Renato Botelho
04:38 PM Revision 1b20a4a6: Apply microcode update on boot: Renato Botelho
11:56 AM Feature #8370 (Closed): Add port number to predefined port drop-down list in NAT Rules: Hi
I'm missing the port numbers for the predefined ports when creating a NAT rule.
When creating a firewall rul... Mischa De Pol
11:55 AM Bug #8364 (Closed): Multiple IPsec child SA entries: This appears to have been triggered by a DNS issue, so if there is any problem it is likely the same as #7413. Jim Pingle
06:58 AM Bug #8208 (Resolved): Restoring a config in 2.4.2 with 2.3.X Security/Errata Only repo selected breaks PHP: Renato Botelho
12:43 AM Revision 0afa4c70: Really fix the typo now.: Luiz Souza
12:38 AM Revision a90f678d: Fix a typo.: Luiz Souza

03/14/2018

11:19 PM Revision 023a911b: Bump up the default config.xml version.: Luiz Souza
11:18 PM Revision f6bf385e: Add a placeholder for a factory update.: Luiz Souza
10:13 PM Bug #8208: Restoring a config in 2.4.2 with 2.3.X Security/Errata Only repo selected breaks PHP: 2.3.4 Config with 2.3.X Errata Repo restored to 2.4 systems will break.
2.3.4 Config with 2.4.X Repo restored to 2.4... Paighton Bisconer
10:08 PM Revision 792b62ec: Add cpuctl module to allow updates to the CPU microcode.: Luiz Souza
10:06 PM Revision 392608c8: Sort the module list.: Luiz Souza
01:50 PM Revision f9b1c128: Fix case where $_POST['if'] == 0 in sprint_info_box(): Steve Beaver
12:51 PM Bug #8056 (Feedback): Bridge + CARP crashes/freezes pfSense: This issue seems to be fixed (again) in my local tests.
Please check with tomorrow's snapshot. Luiz Souza
12:50 PM Bug #8368: Cannot log into webConfigurator from Firefox/Linux after fresh install: Until it's proven to be a bug on pfSense (after discussion on the forum, subreddit, etc) then it doesn't belong here.... Jim Pingle
12:38 PM Bug #8368: Cannot log into webConfigurator from Firefox/Linux after fresh install: I would agree about this being a client side issue if logins were to fail for every web site I visit. However, this i... Michael von Glasow
12:08 PM Feature #6457: Allow ability to configure AWS EC2 AMI via userdata: A means of running a shell script in some manner as root at first launch would be helpful, a la `fetch -o - $USER_SCR... John Burwell

03/13/2018

11:41 PM Bug #8369 (Rejected): Setting password complexity: This kind of thing should be discussed on the actual forum at https://forum.pfsense.org, on the pfSense subreddit, or... Jim Pingle
11:30 PM Bug #8369 (Rejected): Setting password complexity: Hi All,
This is my first post on this forum, not very sure this is the right page I have to mention this topic.
... Remya Sivan
08:09 PM Bug #8368 (Rejected): Cannot log into webConfigurator from Firefox/Linux after fresh install: There is no such problem with pfSense itself. That is a client side issue. Jim Pingle
07:21 PM Bug #8368: Cannot log into webConfigurator from Firefox/Linux after fresh install: Since this is a live system (on which I rely for Internet access), I cannot easily reproduce the issue with the same ... Michael von Glasow
07:16 PM Bug #8368 (Rejected): Cannot log into webConfigurator from Firefox/Linux after fresh install: To reproduce:
* Install pfSense 2.4.2 from scratch.
* Assign interfaces, configure an IP address and DHCP server ... Michael von Glasow
05:54 PM Bug #8367 (Resolved): Traffic Graph widget shows Inverse view, even when Inverse is set to Off.: Tested in 2.4.3.a.20180313.0000.
When setting the Traffic Graph widget for Inverse=Off, the graph still displays i... George Phillips
01:49 PM pfSense Packages Feature #8203 (Resolved): pfSense-pkg-suricata: extended eve output selectable headers: Jim Pingle
01:46 PM pfSense Packages Feature #8203: pfSense-pkg-suricata: extended eve output selectable headers: This feature has been implemented using code submitted by a package contributer. This issue can be closed.
Bill Bill Meeks
01:35 PM pfSense Packages Bug #7932 (Resolved): 2.4.0 & Snort 3.2.9.5_1 Pass Lists: Jim Pingle
01:31 PM pfSense Packages Bug #7932: 2.4.0 & Snort 3.2.9.5_1 Pass Lists: This issue has been resoved in the 3.2.9.6 Snort package versions. The bogus text was coming from an attempt to use ... Bill Meeks
01:24 PM pfSense Packages Feature #8362: Snort and Suricata Package - Allow for changing URLs, Ports, and Protocols to allow for local Repo of Signature Updates: I will look at adding this feature to both packages. It would likely be just a text box where the admin could enter ... Bill Meeks
01:21 PM pfSense Packages Feature #8311 (Rejected): Suricata persistent blocks: Agreed, Bill. It's not worth the trouble to make them persist. Jim Pingle
01:20 PM pfSense Packages Feature #8311: Suricata persistent blocks: This is not going to happen as there is no need for all the necessary overhead persisting blocks would require. If S... Bill Meeks
07:50 AM Bug #8364: Multiple IPsec child SA entries: James Dekker wrote:... Jim Pingle
05:54 AM Bug #8333: Dynamic DNS updates may fail when using a gateway group as the interface when the default route is down: Well. I setup new one 2440 with latest 2.4.3 And 2 GW with Active/Passive GW group. Looks like DDNS should work becau... Constantine Kormashev
05:46 AM Bug #4479: Firewall rules won't match GRE interface after applying IPSEC transport encryption on GRE tunnel: For reference, the upstream bug opened by Eric: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=226411 Daniel Berteaud
01:08 AM Feature #336: Option to create lagg under assign interfaces: +1
Just bumped into the need to do a fresh install of a LAGG+VLAN setup and could not do it via CLI. Stéphane Lapie

03/12/2018

11:44 PM pfSense Packages Bug #8366: Avahi: "Publish DNS Servers" option does nothing: https://github.com/pfsense/FreeBSD-ports/pull/504 Michael Vincent
11:39 PM pfSense Packages Bug #8366 (Resolved): Avahi: "Publish DNS Servers" option does nothing: The "Publish DNS Servers" option is not being used when generating the avahi config which causes the DNS servers to a... Michael Vincent
10:24 PM Revision a55718c8: Fix #8208: When restoring backup, delete packages not present in new config.xml Renato Botelho
10:24 PM Revision 8552be10: Ticket #8208: When restoring backup, set default pkg repository Renato Botelho
10:23 PM Revision 747b31dc: Ticket #8208: When restoring backup, do not call pfSense-upgrade on boot Renato Botelho
10:22 PM Revision 1bedcacc: Do not call get_pkg_info() when it's not going to be used: Renato Botelho
10:22 PM Revision fa5e9db2: Respect default repo: Renato Botelho
10:22 PM Revision b870f03d: Deduplicate build_repo_list() and get_repo_name(): Renato Botelho
07:31 PM Revision e00529a8: Fix miniupnpd build option name for pf.: Jim Pingle
07:30 PM Revision 424a4d37: Fix miniupnpd build option name for pf.: Jim Pingle
05:30 PM Bug #8208 (Feedback): Restoring a config in 2.4.2 with 2.3.X Security/Errata Only repo selected breaks PHP: Applied in changeset commit:a55718c848d8534ba0e0dc87dd50a027aad64512. Renato Botelho
01:49 PM Todo #6647: Enable Additional Security Headers: We have our own internal controls to handle refererring URLS, so that header isn't desirable.
Reading about X-XSS-... Jim Pingle
08:19 AM Bug #6319 (Resolved): DHCP6 DDNS tsig key missing from dhcpv6.conf for reverse zone: Jim Pingle
08:18 AM Feature #6621 (Resolved): Permit DHCP Server Dynamic DNS server key algorithm type selection and use: Jim Pingle
08:18 AM Bug #8106 (Resolved): dhcp6c lock files not removed after unclean shutdown when using "Do not wait for an RA" on IPv6 WAN interface: Jim Pingle
08:08 AM Bug #4310 (Resolved): Limiters + HA results in hangs on secondary: Confirmed working by multiple tests and users. Jim Pingle
08:06 AM Bug #8360 (Resolved): pf rules occasionally contain "!/" where the WAN network/netmask should be: Jim Pingle
06:37 AM Bug #7600: Unable to save DNS Resolver settings: I have also just faced this problem on my 2.3.5-RELEASE-p1 (i386) nanobsd (2g). Interesting is, that adding Host Over... Yaroslav Sokolov

03/11/2018

08:49 AM Feature #8365 (Resolved): Button to copy rules from one interface to another: Hello,
I just wanted to request a feature that i think is very helpful and almost necessary to have. I recently ad... John Amirkhanian

03/10/2018

04:57 PM Bug #8364: Multiple IPsec child SA entries: ... Anonymous
03:30 PM Bug #8364 (Closed): Multiple IPsec child SA entries: Current Base System 2.4.3.a.20180309.1836
Connecting IPSec creates multiple ChildSA's:
Shell Output - ipsec sta... Chris Macmahon
01:02 PM pfSense Packages Bug #8340: Status_Traffic_Totals Error: An update note:
If I go into the package settings and disable graphing, then re-enable it, the problem appears sol... Matthew Drury
04:45 AM Bug #8363 (Closed): OpenVPN Client Has Needs to be restarted after pfsense restart to be connectable: Hi,
This is a weird bug I encountered in last couple of the dev 2.4.3 builds.
The openvpn client interface at b... rub man
12:19 AM Bug #8360: pf rules occasionally contain "!/" where the WAN network/netmask should be: Unable to duplicate after testing most of the day, multiple versions, multiple rule changes and configurations, multi... Paighton Bisconer

03/09/2018

07:30 PM Revision c7500634: Fix one more IGMP ref. Fixes #8356: Jim Pingle
07:15 PM Revision ca5270b6: Correct variable reference for IGMP proxy enable in upgrade code. Fixes #8356: Jim Pingle
01:55 PM Feature #8356 (Resolved): igmp, Add option to disable the igmp service: Jim Pingle
01:54 PM Feature #8356: igmp, Add option to disable the igmp service: Works as expected. With the checkbox unchecked, igmp proxy is disabled and not running. With the checkbox checked, ig... Anonymous
01:30 PM Feature #8356 (Feedback): igmp, Add option to disable the igmp service: Applied in changeset commit:ca5270b6540f374ea63fff912807a07ce2ef99eb. Jim Pingle
01:11 PM Feature #8356 (New): igmp, Add option to disable the igmp service: Jim Pingle
01:06 PM Feature #8356: igmp, Add option to disable the igmp service: With igmp proxy configured on 2.4.2(or p1), upgrade to 2.4.3 (running 2.4.3.a.20180308.1837 here). The config keeps i... Anonymous
11:54 AM Bug #8048: DHCPv6 Configured for LAN without LAN interface: Hit this on 2.4.3.a.20180308.1837. Workaround works. Anonymous
08:51 AM Todo #7762 (Resolved): Add uid check to pfSense-upgrade and exit unless it is run as uid=0: Works Jim Pingle
04:53 AM Todo #7762 (Feedback): Add uid check to pfSense-upgrade and exit unless it is run as uid=0: It was already fixed in commit ee4701adf85a6b5cb2f8d37f5fdeb7a5668eb674 almost a month ago. I forgot to update the ti... Renato Botelho
07:52 AM pfSense Packages Feature #8362 (Closed): Snort and Suricata Package - Allow for changing URLs, Ports, and Protocols to allow for local Repo of Signature Updates: We should have the ability to change the URLs, ports, and protocols used (perhaps even include option for SCP/SFTP) s... Dennis Chow
07:33 AM Feature #8191 (Resolved): IPv6 - Support for configuring multiple DUID types: Jim Pingle
07:31 AM pfSense Packages Bug #8141 (Resolved): ACB uploads a version several times each second/minute when CaptivePortal is active.: Jim Pingle
02:54 AM pfSense Packages Bug #8141: ACB uploads a version several times each second/minute when CaptivePortal is active.: Tested on Current Base System 2.4.3.a.20180308.0950
Confirmed no issues with users in captive portal creating ACB ... Paighton Bisconer
12:50 AM Revision 46ffb68f: Migrate firewall rules to create_interface_list(): Marius Halden
12:31 AM Revision 82f3fd5f: Add support for interface groups in nat rules.: Marius Halden

03/08/2018

06:44 PM Feature #3882: Add OUI database to the base system, remove dependency on nmap: Why not reuse this: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=blob_plain;f=manuf;hb=HEAD the license... Jon Gerdes
05:49 PM Feature #8191: IPv6 - Support for configuring multiple DUID types: The different DUID types also appear to be formatted and stored in config.xml correctly for each respective option.
... Anonymous
05:04 PM Revision 1dfb84de: Merge pull request #3911 from PiBa-NL/20180304-igmp-disable: Steve Beaver
02:52 PM Bug #7772 (Assigned): Regression of Bug #906: Jim Pingle
02:52 PM Bug #7972 (Resolved): Captive portals do not synchronize voucher data in both directions: Jim Pingle
02:51 PM Bug #8266 (Resolved): Bogus error message occurs on killing OPenVPN connection: Jim Pingle
02:42 PM Todo #6998: Create a port for simplepie to keep it updated and use modular version: This will be a larger factor when it is time for PHP 7 Jim Pingle
02:41 PM Revision 2e08a646: Add sanity check to rule passing out from host to ensure it does not have a blank destination subnet. Fixes #8360: Jim Pingle
02:32 PM Feature #8356 (Feedback): igmp, Add option to disable the igmp service: PR has been merged Jim Pingle
02:26 PM Bug #8302 (Resolved): traffic_graphs.widget.php potential XSS via settings: Jim Pingle
01:45 PM Bug #8302: traffic_graphs.widget.php potential XSS via settings: On 2.4.2 CE, added traffic graph widget to dash, set refresh interval to 1s, saved, backed up config and edited the c... Anonymous
01:13 PM Bug #7604: Bug #6594 is not resolved: Waiting for Internet connection to update pkg metadata and finish package reinstallation: G Black wrote:
> At the moment booting appears to stop with this error, hit Ctrl+C to break out of the process
> ... Adam Piasecki
11:51 AM Bug #8300 (Resolved): diag_system_activity.php: Potential XSS due to encoding of process output: Jim Pingle
11:40 AM Bug #8300: diag_system_activity.php: Potential XSS due to encoding of process output: Running
grep -r '<script>alert(1)</script>' /
from shell on 2.4.2 generated an alert on Diag > System Activity... Anonymous
09:50 AM Bug #8360 (Feedback): pf rules occasionally contain "!/" where the WAN network/netmask should be: Applied in changeset commit:2e08a64666620c8e0dd28eb7c14393bee7b2bfa8. Jim Pingle
08:43 AM Feature #7769: DynDNS: Azure integration, update record in Azure (Dynamic DNS Client): I have a working prototype for Azure DNS in my fork:
The updated files are /etc/inc/dyndns.class, /etc/inc/services.... Martin Grasruck
06:15 AM Bug #7502 (Resolved): Cannot set router lifetime to 0 in radvd: Jim Pingle
05:06 AM Bug #7502: Cannot set router lifetime to 0 in radvd: Tested router lifetime configuration under services_router_advertisements.php
2.4.2_p1 return an error message
2... Denis Karpushin
06:14 AM Bug #8129 (Resolved): NTP Status -> Server time value incorrect for timezone Asia/Kolkata: Jim Pingle
02:19 AM Bug #8129: NTP Status -> Server time value incorrect for timezone Asia/Kolkata: Tested under 2.4.3
Dashboard: Current date/time Thu Mar 8 13:48:09 IST 2018
NTP Status Widget: Server Time 13:48... Denis Karpushin
06:14 AM Bug #8219 (Resolved): No gateway groups on french language: Jim Pingle

03/07/2018

10:37 PM Bug #8219: No gateway groups on french language: Confirmed not working in 2.4.2-p1, confirmed working on Système de base actuel 2.4.3.a.20180224.1931
Can be closed Paighton Bisconer
01:35 PM pfSense Packages Bug #8352 (Resolved): Write certificates to file system after renew not working for ACME v2: Thanks for testing! Jim Pingle
01:34 PM pfSense Packages Bug #8352: Write certificates to file system after renew not working for ACME v2: Jim Pingle wrote:
> Fixed in ACME package version 0.2.3
I updated my package and confirmed this is resolved.
The... tasty ratz
07:57 AM pfSense Packages Bug #8352 (Feedback): Write certificates to file system after renew not working for ACME v2: Fixed in ACME package version 0.2.3 Jim Pingle
07:38 AM pfSense Packages Bug #8352 (Assigned): Write certificates to file system after renew not working for ACME v2: This was a bug upstream in acme.sh that only affects ACME v2. After processing the certificates, the script unintenti... Jim Pingle
12:07 PM Bug #8360 (Assigned): pf rules occasionally contain "!/" where the WAN network/netmask should be: Attached patch should fix it, waiting for confirmation before committing. Jim Pingle
09:40 AM Feature #8361 (Resolved): Add entered name to captive portal status and logs: When using the captive portal with "Authentication: None", it would be useful to log the name the person enters in th... Fredrik Forsell
07:57 AM pfSense Packages Bug #8354 (Feedback): ACME: period at end of key name breaks dns validation method: Fixed in ACME package version 0.2.3 Jim Pingle
07:23 AM Bug #8335: System hang with LACP downlink to UniFi switch: Mike Pastore wrote:
> Jeff Wischkaemper wrote:
> > I have an HP unmanaged switch on the LAN side of the network
> ... Jeff Wischkaemper

03/06/2018

11:40 PM Bug #8335: System hang with LACP downlink to UniFi switch: Jeff Wischkaemper wrote:
> I have an HP unmanaged switch on the LAN side of the network
Can you try a different s... Mike Pastore
07:06 PM Bug #8360 (Resolved): pf rules occasionally contain "!/" where the WAN network/netmask should be: Very similar to #2883
I have been unable to duplicate this but have seen enough tickets/forum posts to warrant a l... Chris Linstruth
03:27 PM Bug #7774: No TCP Reply State Established on GRE in IPsec Transport: For what it is worth, I have reproduced this on stock 12-CURRENT.
-Eric Eric Dombroski
03:26 PM Bug #4479: Firewall rules won't match GRE interface after applying IPSEC transport encryption on GRE tunnel: For what it is worth, I have reproduced this on stock 12-CURRENT.
-Eric Eric Dombroski
11:26 AM Revision c99ac306: Sort poudriere_bulk: Renato Botelho
11:25 AM Revision 517c146f: Enable devel/gdb build: Renato Botelho
09:46 AM Feature #7495: Ability to set TTL for local for Unbound host overrides and dhcp leases: Nothing? This came up in a thread again someone asking how to modify this.
https://forum.pfsense.org/index.php?top... JohnPoz _

03/05/2018

11:01 PM Bug #7972: Captive portals do not synchronize voucher data in both directions: Tested on 2.4.3.a.20180305.1550
Was able to sync expired vouchers in both directions, resolved. Paighton Bisconer
07:13 PM Revision 9c9fa4e2: igmp, Add option to disable the igmp service, bump global.inc version: Pi Ba
01:06 PM Feature #4821: PPPoE WANs do not take full advantage of NIC driver queues for receiving traffic: Not as of a couple of months ago. I contacted pfSense tech support (since I was using their hardware) and was basica... Scott Baugher
03:56 AM Feature #4821: PPPoE WANs do not take full advantage of NIC driver queues for receiving traffic: Took me a while to land on this issue. I'm facing similar issues not being able to utilize my full PPPoE WAN speed. U... Yorick Gersie
11:30 AM Bug #8359 (Not a Bug): Packets from phase1 bound to CARP VIP do not have the right source address: It is working fine here sourcing from a CARP VIP, you likely have some other configuration error causing this (like u... Jim Pingle
10:33 AM Bug #8359 (Not a Bug): Packets from phase1 bound to CARP VIP do not have the right source address: Hello,
I have a cluster with one member having a wan IP of 192.168.0.1. I have configured a CARP VIP of 192.168.0.10... Louis Sautier
11:09 AM Revision 768fb19e: fix log link: (cherry picked from commit 9aa103bac303899471ac71205f0bc078f0718939) Pi Ba
11:09 AM Revision 7849c2f8: Merge pull request #3910 from PiBa-NL/20180304-fix-log-link: Renato Botelho
11:08 AM Revision 600bb470: Merge pull request #3909 from luckman212/setup-wiz-patch-1: Renato Botelho
02:48 AM Bug #8357 (Resolved): Static mapping of dhcp leases on bridge interfaces links to the real interface.: Hello everyone,
I've just discovered pfsense and it's such a great tool that i decided to replace my old dd-wrt ro... Frederic brugmans

03/04/2018

03:49 PM Revision 6b3e3bc5: igmp, Add option to disable the igmp service: Pi Ba
03:39 PM Revision 9aa103ba: fix log link: Pi Ba
09:47 AM Feature #8356 (Resolved): igmp, Add option to disable the igmp service: Add option to disable the igmp service
https://github.com/pfsense/pfsense/pull/3911 Pi Ba
01:25 AM Bug #8355 (Not a Bug): Upgrades and packages unavailable after upgrade from 2.3.3_1 to 2.3.4_1: I was running PFSense 2.3.2 and via the Dashboard, opted to upgrade to the release presented: 2.3.3_1. It wound up u... Brian Davidson

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

04/02/2018

04/01/2018

03/31/2018

03/30/2018

03/29/2018

03/28/2018

03/27/2018

03/26/2018

03/25/2018

03/24/2018

03/23/2018

03/22/2018

03/21/2018

03/20/2018

03/19/2018

03/18/2018

03/17/2018

03/16/2018

03/15/2018

03/14/2018

03/13/2018

03/12/2018

03/11/2018

03/10/2018

03/09/2018

03/08/2018

03/07/2018

03/06/2018

03/05/2018

03/04/2018