Activity

30 days up to

User

Subprojects

Activity

From 04/08/2018 to 05/07/2018

05/07/2018

08:58 PM Bug #8450 (Resolved): High Availability Sync / xmlrpc.php removes "remote system username" on backup cluster member: Jim Pingle
08:33 PM Bug #8450: High Availability Sync / xmlrpc.php removes "remote system username" on backup cluster member: Tested on 2.4.4.a.20180507.0753, confirmed resolved. Paighton Bisconer
07:50 PM Revision bcb08ced: Also delete scheduler on cleanup: Matt Underscore
07:28 PM Revision 50d4c4f2: Setters and getters for $aqm/sched params (anticipating a review will request that): Matt Underscore
07:10 PM Revision 15acacb4: Welcome 2.3.5-RELEASE-p2: Renato Botelho
05:59 PM Revision 09b824f8: Merge remote-tracking branch 'origin/RELENG_2_3' into RELENG_2_3_5: Renato Botelho
05:32 PM Revision edd8c491: Add copyright notice logic: Steve Beaver
05:03 PM Revision e45c569d: Merge remote-tracking branch 'origin/RELENG_2_3' into RELENG_2_3_5: Renato Botelho
03:17 PM Feature #6620: CoDel, FQ-CoDel, PIE and FQ-PIE AQMs: PR: https://github.com/pfsense/pfsense/pull/3941 Matt _
03:12 PM Revision c83123b0: Fixed different warnings and errors for PHP 7.2 Migration Illegal String Offsets and undefined constants: Stephen Jones
02:59 PM Revision 1de72f61: Fix command syntax in format_parameters: Matt Underscore
02:09 PM Revision 254581a5: CRLF: Matt Underscore
02:08 PM Revision 926cdf81: PHP7 - Resolve illegal string offset warning: Steve Beaver
02:08 PM Revision 8ac763a0: Fix newlines back: Matt Underscore
02:05 PM Revision dbf56eb4: - Fix an incorrect assumption where I thought the sysctls were measured in ms. they appear to be microseconds instead (thanks Harvy66): - Fix a problem where I was recursively assigning parameters in FormatParameters(), but that was not an ideal method ... Matt Underscore
01:40 PM Revision 58630347: PHP7 - Resolve count() warning: Steve Beaver
01:20 PM Revision d43354d2: PHP7 - Resolve invalid arguemtn and illegal string offset warnings: Steve Beaver
01:15 PM Revision 965eee64: PHP7 - Resolve illegal string offset warning: Steve Beaver
01:13 PM Revision 5b943d25: PHP7 - Resolve count() warning: Steve Beaver
12:59 PM Bug #4479: Firewall rules won't match GRE interface after applying IPSEC transport encryption on GRE tunnel: Does pfSense patch freebsd kernel for some custom/not working on plain kernel? It will take some time until somebody ... Wagner Sartori Junior
12:58 PM Revision 1cf76cb0: PHP7 - Resolved "Cannot create references to/from string offsets": Steve Beaver
12:55 PM Revision 07ada3f1: PHP7 - Resolve error "ese of undefined constant sn": Steve Beaver
12:51 PM Revision aba7f367: Merge branch 'master' of gitlab.netgate.com:pfsense/pfsense: Steve Beaver
12:50 PM Bug #8273: IPv6 GRE tunnel over PPPoE fails on startup: As we're not having traction here, is there a way to manually trigger the GRE interface restart from the command line... Wagner Sartori Junior
09:31 AM pfSense Packages Bug #8501 (Resolved): Incorrect categorization of status/info messages from suricata: Hi, When suricata_check_for_rule_updates.php runs, it unnecessarily logs informational messages as errors - thus caus... Mark Hassman
09:30 AM Bug #8500 (New): Incorrect categorization of status/info messages from phpDynDNS: Hi, When phpDynDNS runs, it unnecessarily logs informational messages as errors - thus causing pfsense to forward mes... Mark Hassman
08:24 AM Bug #8499 (Resolved): IPv6 fragment logging causes panic in some circumstances: From customer ticket #4934.
The system crashes repeatedly with near identical back traces:... Steve Wheeler
07:19 AM Bug #8355 (Not a Bug): Upgrades and packages unavailable after upgrade from 2.3.3_1 to 2.3.4_1: This message only appears if you have enabled a non-standard/third-party unofficial pkg repository, which is unsuppor... Jim Pingle
04:38 AM Revision d237e648: Change back to PHP7 compliance: Matt Underscore
04:20 AM Revision e9685c45: - Fixed a bug where you could not get an ECN-incapable scheduler or AQM to work: noecn was appended in rules.limiter.: - Made a change to an array reference that was breaking my test Matt Underscore

05/06/2018

08:54 PM Bug #8429: radvd/IPv6 broken in 2.4.3 when using a LAN bridge: I have the same issue with LAN bridged over 3 ethernet interfaces. The following error is logged every 16 seconds:
... William Haworth
11:26 AM Bug #8497: route errors ("route has not been found") on current 2.4.4 snapshots: Two reboots since 10am, routes ok. James Snell

05/05/2018

08:42 PM Bug #8469 (Resolved): DHCP Server configuration page errantly expands Dynamic DNS advanced parameters even when none are configured: Jim Pingle
08:36 PM Bug #8469: DHCP Server configuration page errantly expands Dynamic DNS advanced parameters even when none are configured: Got it, the Dynamic DNS settings remained collapsed. Anonymous
08:27 PM Bug #8469: DHCP Server configuration page errantly expands Dynamic DNS advanced parameters even when none are configured: Hello James,
The issue is not whether or not the ddnsdomainkeyalgorithm element contains a value in the config; th... Michael Alden
04:21 PM Bug #8469: DHCP Server configuration page errantly expands Dynamic DNS advanced parameters even when none are configured: Tested on 2.4.3.a.20180308.1837 - from stock pfSense, visited Services > DHCP Server and clicked Save at the bottom. ... Anonymous
07:51 PM Revision eace74f4: Wrote to wrong file.: Matt Underscore
07:43 PM Revision 5fefcdab: Revising my PR as it was not PHP7 compliant.: Matt Underscore
05:55 PM Todo #8394 (Resolved): status.php - Some package password fields are not redacted: Jim Pingle
04:01 PM Todo #8394: status.php - Some package password fields are not redacted: Tested in 2.4.4.a.20180504.1639 .. cannot reproduce, sensitive information is replaced with xxxxx Anonymous
05:19 PM Revision a60a9db9: Add dummynet AQM and scheduler configuration support to pfSense Limiters through the GUI. Only shaper.inc was changed.: Presently, the traffic shaper is versatile however outbound shaping can be tricky. This patch aims to solve that, al... Matt Underscore
03:57 PM Bug #8497: route errors ("route has not been found") on current 2.4.4 snapshots: FYI - I do have routing issues along with this error following a reboot (initial reboot from install was ok).
Rout... James Snell
03:49 PM Bug #8457: Packages do not remove on factory default: On a SG-2440 .. pfSense-CE-memstick-ADI-2.4.3-RELEASE-amd64 installed, Branch set to Latest development snapshots and... Anonymous
02:50 PM Bug #8457: Packages do not remove on factory default: In a VM .. pfSense-CE-2.4.4-DEVELOPMENT-amd64-20180503-1839 installed, synced to master, setup wizard clicked through... Anonymous
10:32 AM Bug #8457: Packages do not remove on factory default: Adding notes: All packages are removed from the menu, but not removed from the system:
stunnel-5.44_1,1 ... Chris Macmahon

05/04/2018

11:31 PM Bug #8498 (Not a Bug): cloudflare Dynamic DNS is not working: cloudflare Dynamic DNS is not working Mohammad Makkawi
06:52 PM Revision 5c4fcabc: Remove references for new classes instances adding a temporary variable. We will revisit it later: Renato Botelho
05:57 PM Revision 769ae881: PHP7 - Resolve illegal offset error: Steve Beaver
05:52 PM Revision 3987186c: PHP7 - Resolve illegal offset error: Steve Beaver
05:51 PM Revision ee6649b0: PHP7 - Resolve illegal offset error: Steve Beaver
05:50 PM Revision 1a5e85f6: PHP7 - Resolve illegal offset error: Steve Beaver
05:49 PM Revision 7272b169: PHP7 - Resolve illegal offset warnings: Steve Beaver
01:46 PM Revision 6ae5d9cb: Check for valid array before call foreach(): Renato Botelho
11:50 AM Revision 5d4cccc8: Add missing FSLABEL definition: Renato Botelho
11:23 AM Revision 70350cb1: Remove ISO from default build, memstick is hybrid: Renato Botelho
11:22 AM Revision bb3aa747: Use mkisoimages.sh to build memstick images after FreeBSD made ISO hybrid: Renato Botelho
11:15 AM Bug #8494 (Resolved): pressing Enter in pftop filter field redirects to another page: Jim Pingle
11:14 AM Bug #8494: pressing Enter in pftop filter field redirects to another page: The issue is not present on latest 2.4.4 snap (2.4.4.a.20180504.0747). Anonymous
11:14 AM Bug #8495 (Resolved): /etc/rc.reboot does not work on latest 2.4.4 snapshot: Jim Pingle
11:12 AM Bug #8495: /etc/rc.reboot does not work on latest 2.4.4 snapshot: Works successfully on latest 2.4.4 snap (2.4.4.a.20180504.0747). Anonymous
08:45 AM Bug #8497 (Resolved): route errors ("route has not been found") on current 2.4.4 snapshots: During boot, the console logs numerous identical errors:... Jim Pingle

05/03/2018

09:10 PM Revision caf4d712: Merge pull request #3781 from PiBa-NL/20170712-defaultgateway-group: Steve Beaver
09:05 PM Revision 65cde57f: Merge pull request #3918 from RepositPower/default-route-preference-in-radvd.conf: Steve Beaver
09:02 PM Revision 1761c8a2: Merge pull request #3927 from peterberbec/master: Steve Beaver
09:02 PM Revision 53a72784: Delete loader.conf.local: Peter Berbec
09:02 PM Revision f8227fe2: Delete IF_URNDIS.KO: Peter Berbec
09:02 PM Revision 267cf2d6: rename: Peter Berbec
09:02 PM Revision 7cb4c2ae: Create loader.conf.locat: Peter Berbec
09:02 PM Revision 7a3cdc11: ndis driver: Peter Berbec
09:02 PM Revision feae1ba4: Add array check: Even though I now set `$ns` equal to `array_unique(get_nameservers()`, just to be safe we check with `is_array($ns)` ... Peter Berbec
09:02 PM Revision 0637a69b: scope error?: Error on reboot.
```
[04-Apr-2018 02:21:54 EST5EDT] PHP Warning: in_array() expects parameter 2 to be array, null g... Peter Berbec
09:02 PM Revision 2d0f86ba: Fixing debug errors.: Peter Berbec
09:02 PM Revision 43a1b4bd: hideCheckbox. The 'o' is important. And use js instead of php like we're supposed to.: Peter Berbec
09:02 PM Revision b458b3d3: Change array index to use php-style: Peter Berbec
09:02 PM Revision 1e238af4: Add fixed suggested by jim-p: Peter Berbec
09:02 PM Revision 0877fe87: Moved out of my root directory :(: Peter Berbec
09:02 PM Revision 80f95a62: Allow ocsp-staple to override: Enable ocsp stapling to on if forced that way through configuration Peter Berbec
09:02 PM Revision 4bdc654b: Change option text: Make it a force-on option
Hide option if ocsp is enabled Peter Berbec
09:02 PM Revision 5067844c: Use cert_get_ocspstaple: Use cert_get_ocspstaple during nginx configuration generation Peter Berbec
09:02 PM Revision 0276ff2e: add cert_get_ocspstaple: Peter Berbec
09:02 PM Revision b7a4321c: Create get_dns_nameservers function: Put code in a function since it gets called in two places. Peter Berbec
09:02 PM Revision 8d76d71a: Steal resolvconf: Steal the nameserver generation code from the resolvconf code Peter Berbec
09:02 PM Revision d7a0bbbe: Improve description, reorder: make ordering proper Peter Berbec
09:02 PM Revision 63a0cb97: Use option properly: Use the option created by the config to control stapling
(and add a missed semicolon!) Peter Berbec
09:02 PM Revision 895a7b90: Add OCSP option in config: Peter Berbec
09:02 PM Revision 2bf437ba: Beginings of enabling SSL Stapling: Add the option. Default to enable Peter Berbec
08:05 PM Feature #8496 (Duplicate): Allow user to backup multiple sections of their configuration: At Diagnostics > Backup & Restore, the user is able to select All or one specific section of the config to back up.
... Anonymous
08:04 PM Revision a08b017c: Redact some more info from the status.php output. Fixes #8394: (cherry picked from commit 21fdf72c0b3caf960512373ad903fe03ccc578ff) Jim Pingle
08:04 PM Revision 34935fb8: Redact some more info from the status.php output. Fixes #8394: (cherry picked from commit 21fdf72c0b3caf960512373ad903fe03ccc578ff) Jim Pingle
07:57 PM Revision 21fdf72c: Redact some more info from the status.php output. Fixes #8394: Jim Pingle
07:19 PM Revision c1d8f66b: Remove 'now' from reboot command, it is no longer accepted or necessary. Fixes #8495: (cherry picked from commit 63642806eb11d2a1d8b203d85252f4afa15876ce) Jim Pingle
07:19 PM Revision 22b43392: Remove 'now' from reboot command, it is no longer accepted or necessary. Fixes #8495: Jim Pingle
06:32 PM Revision cdd30801: Bug #8469 - Modify show_advdns function pageload conditions to allow for ddnsdomainkeyalgorithm default value, i.e., hmac-md5: (cherry picked from commit 3e1b29c7ba3a586cb94268d76ecb78874c2f5007) Michael Alden
05:59 PM Revision 6fd98c6f: Enable build of drm-next-kmod: Renato Botelho
05:31 PM Revision 98dfd103: Backport table size increase for larger bogons. Ticket #8417: Jim Pingle
03:10 PM Todo #8394 (Feedback): status.php - Some package password fields are not redacted: Applied in changeset commit:21fdf72c0b3caf960512373ad903fe03ccc578ff. Jim Pingle
03:04 PM Revision c8febf6e: Revert "Do not assign classes with =& to make PHP 7 happy": This reverts commit e33c96162a33b52a9152ce0b05dba8b25f1dc2b4. Renato Botelho
02:45 PM Revision 6fb33591: Enforce array type for PHP 7.2 Migration: Stephen Jones
02:39 PM Revision ab1387e6: Prevent pressing Enter in the filter field of diag_pftop.php. Fixes #8494: (cherry picked from commit e2654541019b59f544cda76fb0e63ea7a4a5d040) Jim Pingle
02:39 PM Revision e2654541: Prevent pressing Enter in the filter field of diag_pftop.php. Fixes #8494: Jim Pingle
02:30 PM Bug #8495 (Feedback): /etc/rc.reboot does not work on latest 2.4.4 snapshot: Applied in changeset commit:22b43392c24ef1c8fd165a5fa6b30098d127c010. Jim Pingle
02:17 PM Bug #8495 (Resolved): /etc/rc.reboot does not work on latest 2.4.4 snapshot: /etc/rc.reboot calls "/sbin/reboot now" and apparently that has been disabled in 11.2-PRE, see https://github.com/fre... Jim Pingle
01:33 PM Bug #8439 (Not a Bug): Trailing whitespace on username not respected in LDAP filter: After talking with others this is all up to the target server. AD respects the space, for example, while OpenLDAP doe... Jim Pingle
01:32 PM Bug #8469 (Feedback): DHCP Server configuration page errantly expands Dynamic DNS advanced parameters even when none are configured: Jim Pingle
10:05 AM Bug #8493: Assigned OpenVPN interface does not send traffic via right route until reboot: Got it, no more questoins Constantine Kormashev
09:57 AM Bug #8493: Assigned OpenVPN interface does not send traffic via right route until reboot: It's noted in "book section on assignment":https://portal.pfsense.org/docs/book/openvpn/assigning-openvpn-interfaces.... Jim Pingle
09:55 AM Bug #8493: Assigned OpenVPN interface does not send traffic via right route until reboot: Did not know about OpenVPN restart. Perhaps we need some hook for autorestart or warning there, because this is not o... Constantine Kormashev
09:47 AM Bug #8493 (Not a Bug): Assigned OpenVPN interface does not send traffic via right route until reboot: After assignment, you must restart the VPN manually so OpenVPN can reapply the interface setttings which are stripped... Jim Pingle
03:25 AM Bug #8493 (Not a Bug): Assigned OpenVPN interface does not send traffic via right route until reboot: In case of using several OpenVPN instances, e.g. Client (has its own default route) and Server on pfsense, assigned O... Constantine Kormashev
09:50 AM Bug #8494 (Feedback): pressing Enter in pftop filter field redirects to another page: Applied in changeset commit:e2654541019b59f544cda76fb0e63ea7a4a5d040. Jim Pingle
09:35 AM Bug #8494 (Confirmed): pressing Enter in pftop filter field redirects to another page: Jim Pingle
04:40 AM Bug #8494 (Resolved): pressing Enter in pftop filter field redirects to another page: If I press Enter in pftop filter field system redirects me to another page instead showing result in Output frame.
... Constantine Kormashev

05/02/2018

08:51 PM Revision 714c15d7: Cleaner fix for ##8447: (cherry picked from commit 96fa3e3616c1b46cbd23593df8c08cceb23a61e6) Steve Beaver
08:51 PM Revision e3dfbd9c: Fixed #8447: (cherry picked from commit 1d523d1e4e7b16519ed3fd9dfb9e6b4dd84b4285) Steve Beaver
07:52 PM Revision d62d089d: Since OpenVPN user attributes come from RADIUS which keys off username, use that and not common_name which may be empty. Fixes #8480: (cherry picked from commit a2e92e18a35112ec59d18d3555f89668d9e07a11) Jim Pingle
07:52 PM Revision 8228ea91: fix #8441;: ipfw rules must be deleted before cp record delete.
(cherry picked from commit 29a272f7361689c87dd7ad9fc1c903e843a1c... Selman ULUG
07:51 PM Revision 8d06b6c2: Reword bogon block size error text. Ticket #8417: (cherry picked from commit 6ad146e0445961ccba5323cccadcdfddc98e7d55) Jim Pingle
07:51 PM Revision b4bb2544: Correct text for reserved alias name checks against protocols and services. Fixes #8409: (cherry picked from commit a2405c1a8c366e1ad2ececd4f62c577eed31ab7c) Jim Pingle
07:51 PM Revision 39ee89ab: Correct pconfig_to_address() so its logic matches the input validation used for checking port numbers. Fixes #8410: (cherry picked from commit 885e9b2a1df256f4d50367f96b4d39c1106b2448) Jim Pingle
07:51 PM Revision a8ad9098: Cleaner fix for ##8447: (cherry picked from commit 96fa3e3616c1b46cbd23593df8c08cceb23a61e6) Steve Beaver
07:51 PM Revision ca0ca1c5: Fixed #8447: (cherry picked from commit 1d523d1e4e7b16519ed3fd9dfb9e6b4dd84b4285) Steve Beaver
07:51 PM Revision ef799458: Replace incomplete list of pf reserved words with a list of pf tokens pulled from the pf source. Fixes #8445: Also, move the list to a central location so it does not need to be duplicated.
(cherry picked from commit b20cfb551... Jim Pingle
07:51 PM Revision 1ed92658: fixed code style: (cherry picked from commit a7e859b80d55abfbdcae1918065aaf59baba4900) Benjamin Schweizer
07:51 PM Revision 2d6255e1: avoid firwall rules for proxyarp addresses: (cherry picked from commit 7c0e431a878d63fdb0440dbd2c1fad1e7d379f8c) Benjamin Schweizer
04:48 PM Revision 6dde4c10: Type check for array, Part of php 7.2 migration: Stephen Jones
04:12 PM Revision e3df164a: Added a check to make sure ['ipsec'] was an array, Part of PHP 7.2 Migration: Stephen Jones
03:42 PM Revision d3cc158c: Only alter users/groups via XMLRPC when the primary is set to do so. Fixes #8450: Jim Pingle
03:42 PM Revision ff13ca0d: Only alter users/groups via XMLRPC when the primary is set to do so. Fixes #8450: (cherry picked from commit be4693a1e79d89cfc6ea797fcb7fb56b5052c26d) Jim Pingle
03:41 PM Revision bb24d66e: PHP7 Resolve count() parameter warning: Steve Beaver
12:55 PM Feature #8430 (Resolved): Add DNS Resolver status page: What's there now is enough for this purpose. I haven't yet been able to come up with a good way to represent the data... Jim Pingle
10:50 AM Bug #8450 (Feedback): High Availability Sync / xmlrpc.php removes "remote system username" on backup cluster member: Applied in changeset commit:ff13ca0dfe2e016cb21141f0dbd7cdad44e55a46. Jim Pingle
07:57 AM pfSense Packages Feature #8490: pfSense-pkg-acme: acme_certificates_edit.php - Add ability to specify (vs generate) private key: PR Link: https://github.com/pfsense/FreeBSD-ports/pull/518 Jim Pingle
07:43 AM pfSense Packages Feature #8299 (Resolved): acme: ocsp must-staple: This is in the package and working OK now Jim Pingle

05/01/2018

09:06 PM Revision a2e92e18: Since OpenVPN user attributes come from RADIUS which keys off username, use that and not common_name which may be empty. Fixes #8480: Jim Pingle
06:22 PM Revision f1552738: PHP7 - Resolev undefined constant warning: Steve Beaver
05:47 PM Revision 72f363ed: Fixed #8486 via htmlspecialchars(): (cherry picked from commit 687e50fd439179ba61a518c7b68c91b168e56e50) Steve Beaver
05:47 PM Revision 8d7458f6: Fixed #8485 by POSTing fixed string and looking up the required file name: (cherry picked from commit c29a1fe90f89c1ae392df2ef2092207e282ddc37) Steve Beaver
05:46 PM Revision 5c856a1d: Fixed #8486 via htmlspecialchars(): (cherry picked from commit 687e50fd439179ba61a518c7b68c91b168e56e50) Steve Beaver
05:46 PM Revision 9d918214: Fixed #8485 by POSTing fixed string and looking up the required file name: (cherry picked from commit c29a1fe90f89c1ae392df2ef2092207e282ddc37) Steve Beaver
05:46 PM Revision b662c5e4: Fixed #8486 via htmlspecialchars(): (cherry picked from commit 687e50fd439179ba61a518c7b68c91b168e56e50) Steve Beaver
05:46 PM Revision 48f8b5ad: Fixed #8485 by POSTing fixed string and looking up the required file name: (cherry picked from commit c29a1fe90f89c1ae392df2ef2092207e282ddc37) Steve Beaver
04:20 PM Bug #8480 (Feedback): common/user name not expaned in openvpn.attributes.php (when doing per-user fw rules): Applied in changeset commit:a2e92e18a35112ec59d18d3555f89668d9e07a11. Jim Pingle
11:37 AM Bug #8492 (Duplicate): Enable setting PKCS#12 export password in Certificate Manager: Several use cases exist for using an exported keypair as a .p12 archive, but are complicated by pfSense not setting a... Darren Spruell
08:04 AM pfSense Packages Bug #8491 (Resolved): ACME: DNS-Luadns not working: Hello,
I'm using acme 0.2.8_2 with LuaDNS. If I want to obtain a certificate with the DNS-Luadns method, I should ... Anonymous

04/30/2018

08:14 PM pfSense Packages Feature #8490: pfSense-pkg-acme: acme_certificates_edit.php - Add ability to specify (vs generate) private key: Scott Smith wrote:
> * Like other user-entered data, the user-entered _Private Key_ text would be stored in the co... Michael M
01:36 PM Revision aa6184b6: Enable support for php72 variant: Renato Botelho
01:36 PM Revision b395c4f2: Add a global to keep valid meta package suffixes: Renato Botelho
11:28 AM Revision 88a8b4da: Sort: Renato Botelho
05:27 AM Bug #6880: Multiple DHCP6 WAN connections leads to multiple dhcp6c clients: Luke Hamburg wrote:
> Thanks. I first checked out master and didn't find that commit... then drank some coffee & re... Daniel Helgenberger
03:39 AM Bug #6223: IPsec + OpenBGPD fails with "PF_KEY socket: No buffer space available": Just finish to migrate to FRRouting
IPV4 OK but IPV6 bad dream... fortunately there is a great thing called vtysh ... xavier Lemaire

04/28/2018

05:29 PM pfSense Packages Feature #8490 (Resolved): pfSense-pkg-acme: acme_certificates_edit.php - Add ability to specify (vs generate) private key: I was unable to find a bug/issue/etc on this specific topic, so I'm submitting it as a Feature request.
When a use... Scott Smith
04:58 PM Bug #8489: DHCPv6 Client Failure to Initialize with "Do not wait for RA": Here is a post reboot log file with debug enabled.
Apr 28 14:51:55 dhcp6c 9814 reset a timer on hn1, state=SOLICIT... Daryl Morse

04/24/2018

03:20 PM pfSense Packages Bug #8482 (Closed): Reseting states causes ntop-ng to core dump: Almost certainly nothing we can do about a crash of that nature. You'll have to take that up with ntopng and/or FreeB... Jim Pingle
03:17 PM pfSense Packages Bug #8482 (Closed): Reseting states causes ntop-ng to core dump: Not sure if this is somewhat expected, but reseting states through the "diagnostics" menu causes ntopng to core dump.... Jon Hayward
02:15 PM Revision e33c9616: Do not assign classes with =& to make PHP 7 happy: Renato Botelho
02:08 PM Revision 39f69cb3: Fix syntax removing a continue that is out of scope and making the: function to return instead Renato Botelho
10:17 AM Bug #8481 (Duplicate): Editing multiple entries in multiple browser tabs causes problems or doesn't work: In various places in the web interface, trying to edit multiple entries in browser tabs and saving them one by one do... Eduard Rozenberg
07:56 AM pfSense Packages Bug #8425: telegraf not reporting memory: *UPDATE*: my changes were committed upstream (https://svnweb.freebsd.org/ports?view=revision&revision=468200).
I h... Chipster Cuch
07:42 AM pfSense Packages Bug #8425: telegraf not reporting memory: Telegraf 1.6.1 was released yesterday with the updated godeps that fix various issues. I have submitted my patches up... Chipster Cuch
04:45 AM Bug #8480 (Resolved): common/user name not expaned in openvpn.attributes.php (when doing per-user fw rules): As requested on forums (https://forum.pfsense.org/index.php?topic=146908.0) opening bug report.
It seems there are... Michal Soltys
02:30 AM Bug #8429: radvd/IPv6 broken in 2.4.3 when using a LAN bridge: I'm seeing a similar issue, but I am using a USB ethernet device for the LAN connection:
ioctl(SIOCGIFMEDIA) failed... TJ Synkral
12:13 AM Revision ba1f99cd: Improve/add help messages warning about bad security choices: Sean McBride

04/23/2018

08:14 PM Revision 3f576469: Merge pull request #3938 from CampinCarl/master: Steve Beaver
08:13 PM Revision 2c588398: Merge pull request #3940 from GrantSheehan/add_do_dyndns: Steve Beaver
07:39 PM Revision 43a9b03d: Gateways, allow for configuring a gatewaygroup as the default gateway.: -Avoid changing routes by just visiting a webgui page.
-Avoid change some unneeded events when nothing changed. Pi Ba
04:07 PM Bug #8479 (Duplicate): Firewall stops working (all the traffic passes!) due to an error caused by OpenVPN wizard.: Duplicate of #8391 and #6028
And in the future, if you believe you have found a security problem, the correct proc... Jim Pingle
04:04 PM Bug #8479 (Duplicate): Firewall stops working (all the traffic passes!) due to an error caused by OpenVPN wizard.: Originally published at https://forum.pfsense.org/index.php?topic=147068.0
Guyz, today I've discovered *a very dan... Aleksandar Pesic
09:47 AM Feature #7890 (Rejected): Support for Intel/AMD CPU microcode updates: Jim Thompson
07:57 AM pfSense Packages Bug #8476: OpenVPN Client Export TLS Key Direction Directive Location: As long as we can prove that change will not negatively impact other clients it should be OK to make that change, but... Jim Pingle
02:29 AM Revision 32cb54c3: Merge branch 'master' into add_do_dyndns: Grant Sheehan

04/22/2018

10:27 PM Revision 544674ad: Add DigitalOcean DynDNS client: Grant Sheehan
09:04 PM Feature #8478: Add DynDNS client for DigitalOcean DNS: PR is posted: https://github.com/pfsense/pfsense/pull/3940 Grant Sheehan
05:31 PM Feature #8478 (Resolved): Add DynDNS client for DigitalOcean DNS: Add a DynDNS client for DigitalOcean's DNS service. Grant Sheehan
10:48 AM Bug #8477 (Resolved): Gateway latency, units used inconsistently.: When a gateway alarm is triggered or cleared is is reported in the system log using milliseconds (ms) but the gateway... Steve Wheeler

04/21/2018

02:17 PM pfSense Packages Bug #8476 (Resolved): OpenVPN Client Export TLS Key Direction Directive Location: pfSense Version: pfSense-CE-memstick-2.4.3-RELEASE-amd64.img.gz ( https://nyifiles.pfsense.org/mirror/downloads/pfS... Joshua Katz

04/20/2018

07:56 PM Bug #8463: Performance Regression in 2.4.3 under KVM: If I change the cards from being vtnet to em0 (i.e. remove the VirtIO ethernet card in Proxmox and replace it with th... Anonymous
04:00 PM Bug #8441 (Resolved): Manually disconnecting a captive portal user leaves the IPFW table entry: Jim Pingle
03:49 PM Bug #8441: Manually disconnecting a captive portal user leaves the IPFW table entry: tested on today's snap: 2.4.4.a.20180420.1016
removed item from the captive portal status page.
was removed from ip... Chris Macmahon
03:14 PM Revision 9dd655a0: Enable build of PHP 7.2 flavor: Renato Botelho
03:04 PM Bug #8426 (Resolved): Mobile IPSec login not working after upgrade from 2.4.2p1: Jim Pingle
03:01 PM Bug #8426: Mobile IPSec login not working after upgrade from 2.4.2p1: Was able to confirm fix worked. Chris Macmahon
11:34 AM pfSense Packages Feature #8475 (Closed): syslog-ng TLS configuration support: For syslog-ng to use TLS, it needs access to certificates, and in particular CA certs. For the local cert/key I can ... Orion Poplawski

04/19/2018

11:52 PM Feature #8474 (New): Easier Conversion to HA Pair from Existing Non-HA Firewall: Requesting perhaps a guided wizard built-in to convert an existing well established pfsense 2.4.x configuration (such... Dennis Chow
03:39 PM pfSense Packages Bug #6339: OpenVPN Client Export package option for "Use Microsoft Certificate Storage" does not specify which certificate to use: Not sure if it would be easier to implement, but using this works well for me:... Caleb Hornbeck
12:43 PM Bug #8473 (Closed): Not a bug: a feature patch that's been part implemented.: I'm not inclined to split off those options to their own page. There aren't that many, and I also don't like the idea... Jim Pingle
12:29 PM Bug #8473 (Closed): Not a bug: a feature patch that's been part implemented.: In the last couple of weeks there's been news on DNS privacy. I was JUST about to submit a PR for a bunch of Unbound ... Stilez y
11:09 AM Bug #8472 (Resolved): IPsec with "Split connections" enabled (multiple P2's) - new added P2's are not coming up (between two pfsense's 2.4.3): When a new P2 is created it is not appearing in active SA's.
For example - P2 is added for 10.200.136.0/24|/0 === ... Vladimir Lind
10:09 AM Bug #8470 (Closed): IKEv2 EAP-MSCHAPv2 inconsistent as option (documentation or fix): Docs adjusted. It used to work that way (button on either page) in 2.2.x, but in 2.4 the button only shows on the Mob... Jim Pingle
10:04 AM Bug #8471 (Rejected): Captive portal version 2.4.3: You have some other configuration issue there. Captive Portal works well on 2.4.3, unless you are hitting #8441 in wh... Jim Pingle
09:59 AM Bug #8471 (Rejected): Captive portal version 2.4.3: After updating from 2.4.2 to 2.4.3, captive portal does not work.
Any user is allowed to use the network, even if th... Gerardo Trotta
04:04 AM Bug #8463: Performance Regression in 2.4.3 under KVM: As suggested on reddit I have also done a fresh install of 2.4.3 and then applied the backed up configuration. This ... Anonymous

04/18/2018

08:09 PM Revision 3e1b29c7: Bug #8469 - Modify show_advdns function pageload conditions to allow for ddnsdomainkeyalgorithm default value, i.e., hmac-md5: Michael Alden
04:28 PM Bug #8470 (Closed): IKEv2 EAP-MSCHAPv2 inconsistent as option (documentation or fix): Only if you create a tunnel from the Mobile Clients page instead of from the Tunnels page does the EAP-MSCHAPv2 optio... MIchael K
03:33 PM Bug #8413: Virtual IP on PPPOE interface no longer working with 2.4.3: This is not duplicate of #8393 - I've applied the patches of #8393 and it does not resolve the issue Foo Barbarian
03:21 PM Bug #8469: DHCP Server configuration page errantly expands Dynamic DNS advanced parameters even when none are configured: Pull Request: https://github.com/pfsense/pfsense/pull/3938 Michael Alden
03:05 PM Bug #8469 (Resolved): DHCP Server configuration page errantly expands Dynamic DNS advanced parameters even when none are configured: When saving DHCP Server configuration settings, the Dynamic DNS Key algorithm drop down box (under advanced Dynamic D... Michael Alden
01:38 PM Bug #8468 (Rejected): Status / Queues show mostly NaN: While using shaping on multiple interfaces (and only priq in my situation), many of the columns only show NaN.
For... Kris Lou
03:18 AM Bug #8467: Certificate Manager Cannot Delete/Export: hmm... the issue disappeard. Now exporting the certificate works. The problem might have been related to an upgrade f... Otto Waalkes

04/17/2018

07:42 PM Bug #8457: Packages do not remove on factory default: Assigned to PM for future reassignment. Jim Thompson
07:41 PM Bug #7604: Bug #6594 is not resolved: Waiting for Internet connection to update pkg metadata and finish package reinstallation: Assigned to PM for further re-assignment. Jim Thompson
06:22 PM Bug #8467 (Not a Bug): Certificate Manager Cannot Delete/Export: Can't reproduce it here, either. All entries export fine. Must be a local problem or something wrong with that instal... Jim Pingle
05:41 PM Bug #8467 (Feedback): Certificate Manager Cannot Delete/Export: I am unable to reproduce. The functionality works as expected for me. Please ensure you have JavaScript enabled, and ... Anonymous
05:10 PM Bug #8467 (Not a Bug): Certificate Manager Cannot Delete/Export: Exporting a Certificate Authority is not working. There is no error message. The page just gets reloaded and not down... Otto Waalkes
04:33 PM pfSense Packages Bug #8438: haproxy: can't use ACL for cert with http-response actions: Also:
1. Add "path_dir" to the default list of ACL expressions
2. Your current ACLs are case insensitive (-i) by ... Petr H
06:32 AM pfSense Packages Bug #8438: haproxy: can't use ACL for cert with http-response actions: I've got one minor feature proposal:
Notes/Description/Comments for each ACL or action entry
Normally if I'd us... Petr H
09:04 AM Feature #8316: expiration date when creating new rules: I also would welcome this feature. Christian Rhomberg
07:54 AM pfSense Packages Bug #8466 (Resolved): radiusd crash: Radiusd crash when for a user is set a password in plain text containing " (double qoutes)
After this all users get ... Razvan Petrescu
07:05 AM Feature #4688: Missing TFC Traffic Flow Confidentiality support: Jim Pingle wrote:
> The IPsec stack in FreeBSD was overhauled between FreeBSD 10.x and FreeBSD 11.1, so it's possibl... Lars Pedersen
04:31 AM pfSense Packages Bug #8425: telegraf not reporting memory: *UPDATE*:
Telegraf 1.6.0 final was released today. I have updated the port accordingly, and it includes the memory p... Chipster Cuch
04:21 AM Bug #8465 (Resolved): Lost default gateway after recover from failover with CARP VIP and HA: Both boxes works with SuperMicro Boards which have two interfaces on board and an additional i350 4 Port network card... Tom DL7BJ
03:35 AM Bug #8464 (New): Wireless USB card does not connect to WiFi automatically after reboot/halt: Wireless USB card on Realtek RTL8192SU chipset in BSS mode does not connect to WiFi until wilreless interface is set ... Constantine Kormashev

04/16/2018

04:53 PM Bug #8424: IPv6 stops working completely for interfaces that use interface tracking and have VIPs configured on them: Apparently after more testing, the issue does not manifest after modifying the max table size to mitigate the bogon t... Jupiter Vuorikoski
04:00 PM Bug #8463: Performance Regression in 2.4.3 under KVM: I should also point out under 2.4.3 that IBRS isn't enabled:... Anonymous
01:58 PM Bug #8463 (Closed): Performance Regression in 2.4.3 under KVM: Since upgrading my install to 2.4.3 I have noticed a decrease in the results I get from speedtest.net and fast.com
I... Anonymous
01:45 PM Revision e3957306: Merge pull request #3937 from Bg-Tek/cp_disconnect_not_remove_ipfw_rules: Steve Beaver
01:28 PM Revision 7be90df1: Merge pull request #3912 from mhalden/nat_ifgroups: Steve Beaver
01:25 PM Revision 9ba58425: Merge pull request #3935 from Firminator/patch-1: Steve Beaver
12:42 PM pfSense Packages Bug #8277 (Resolved): ntopng service fails to start on 2.4.3: Jim Pingle
12:10 PM Feature #4688: Missing TFC Traffic Flow Confidentiality support: The IPsec stack in FreeBSD was overhauled between FreeBSD 10.x and FreeBSD 11.1, so it's possible that the behavior i... Jim Pingle
11:13 AM Revision 29a272f7: fix #8441;: ipfw rules must be deleted before cp record delete. Selman ULUG
11:04 AM Bug #8462 (Not a Bug): UI - small gear icon/animation not centered: The small gear icon/animation that appears in the dashboard update widget is not centered, so the animation is a bit ... Eduard Rozenberg
09:28 AM Bug #8122: openvpn client is unable to use OTP (temporary) passwords: As implemented, this script would only be run when the OpenVPN client configuration is re-written, which happens when... Jim Pingle
09:21 AM pfSense Packages Bug #8461 (Closed): open-vm-tools : bug with version 2.4.3: The updated port is already on 2.4.4 snapshots, try it there. If it still has issues, you'll need to replicate them o... Jim Pingle
05:54 AM pfSense Packages Bug #8461 (Closed): open-vm-tools : bug with version 2.4.3: Hello,
I have a very specific bug that appeared with version 2.4.3.
When uploading a file to pfSense using vmwa... Julien Gormotte
09:00 AM Bug #8441 (Feedback): Manually disconnecting a captive portal user leaves the IPFW table entry: Applied in changeset commit:29a272f7361689c87dd7ad9fc1c903e843a1c593. Anonymous

04/15/2018

12:01 PM pfSense Packages Feature #8279: Consider adding a new option to the Rule Order: Two more options:
1 - in pfBlockerNG, Rule Order add option - "Do not change (preserve) existing order"
or
... Yuri Weinstein
01:57 AM Revision 70e0b547: Update system_advanced_admin.php: Firminator

04/14/2018

09:41 PM Feature #4688: Missing TFC Traffic Flow Confidentiality support: Did FreeBSD get TFC support in the last 2 years? Sean McBride
10:51 AM pfSense Packages Bug #8425: telegraf not reporting memory: FWIW: Here is my @port@ setup for the patched Telegraf fixing the memory issue and addressing the new golang deps for... Chipster Cuch
07:02 AM Feature #5544: DHCP static mapping from RADIUS: Michael F wrote:
> it will be a brilliant to set the static DHCP mapping only one time on a RADIUS server & use it f... Michael F
02:28 AM Bug #8122: openvpn client is unable to use OTP (temporary) passwords: I attached a screenshot of the initial implementation as it would make easier to review it.
I know that there are ... Sorin Sbarnea

04/13/2018

07:55 PM Bug #7604: Bug #6594 is not resolved: Waiting for Internet connection to update pkg metadata and finish package reinstallation: Still hitting this in 2.4.3. Anonymous
04:50 PM pfSense Packages Bug #8456 (Resolved): Squid shows Warning on package page after installation: Jim Pingle
04:02 PM pfSense Packages Bug #8456: Squid shows Warning on package page after installation: Tested on 2.4.4.a.20180413.1305, fix works. Anonymous
04:08 PM pfSense Packages Bug #8425: telegraf not reporting memory: *Update*: I worked with an InfluxData dev on this issue and it's indeed upstream. @gopsutil@[1], a golang dependency ... Chipster Cuch
11:02 AM Bug #8460: Ntopng and default SNMP daemon issues: Hello Jim,
Thank you for the reply. Will ping bsd bug tracker. Florin Samareanu
10:51 AM Bug #8460 (Closed): Ntopng and default SNMP daemon issues: Nothing we can do about that. Take it up with bsnmpd in FreeBSD if you want to pursue the issue. You already found th... Jim Pingle
10:48 AM Bug #8460: Ntopng and default SNMP daemon issues: Pcap captures of snmpwalk and when adding pfsense from ntopng interface. Florin Samareanu
10:46 AM Bug #8460 (Closed): Ntopng and default SNMP daemon issues: Hello,
When adding pfsense as a SNMP monitored target in ntopng an error message appears. Switching to net-SNMP fi... Florin Samareanu
10:13 AM Bug #8459 (Rejected): Duplicating IP Addresses on Dhcp Server: It's not at all clear what you're referring to here. Please post on a discussion platform such as the forum, pfSense ... Jim Pingle
08:53 AM Bug #8459 (Rejected): Duplicating IP Addresses on Dhcp Server: I am using Version 2.4.3-RELEASE (amd64)
I use pfsense as a dhcp server on my network, I noticed that after upgradin... Julio Cesar Pereira
09:48 AM pfSense Packages Bug #8454: Arpwatch package break email notifications from other sources: Makes sense since all that sendmail script does is call the internal mail handling.
I see three options:
1. Chang... Yehuda Katz
08:56 AM pfSense Packages Bug #8277 (Feedback): ntopng service fails to start on 2.4.3: Done on 2.4.3 and 2.3.5 Renato Botelho
08:41 AM Feature #8458 (New): Allow reordering of interface widget: It would be nice to be able to reorder the interfaces in the Interface widget. Simon Brezovnik
02:25 AM Revision 9886c24b: Update system_advanced_admin.php: * upper and lowercase fixes
* added missing space Firminator

04/12/2018

07:07 PM Bug #8048: DHCPv6 Configured for LAN without LAN interface: Still hitting this issue in 2.4.4.a.20180412.1121. Can't tell why the <dhcpdv6> section is being added to the configu... Anonymous
04:25 PM Bug #8457: Packages do not remove on factory default: also tested via menu option 4. the Packages I Installed (acme, Nut Ladvd) were not removed
Chris Macmahon
03:47 PM Bug #8457: Packages do not remove on factory default: Tested 2.4.4, hardware reset did not clear the packages like it did on 2.4.3.
Hardware reset worked on 2.4.3, but ... Chris Macmahon
02:41 PM Bug #8457 (Resolved): Packages do not remove on factory default: Install 2.4.2 CE. Upgrade to latest 2.4.4 snap. Install Squid. Factory Default the appliance. The package will remain... Anonymous
04:21 PM Revision fad13c41: For IPsec mobile clients, write out a more specific ipsec.secrets line to help clients find the right key with strongSwan's new lookup code. Fixes #8426: (cherry picked from commit af7c0311b89656198e00ded91c1a2a87f34c331b) Jim Pingle
04:19 PM Revision af7c0311: For IPsec mobile clients, write out a more specific ipsec.secrets line to help clients find the right key with strongSwan's new lookup code. Fixes #8426: Jim Pingle
02:18 PM Bug #8453 (Not a Bug): NAT reflection can't work when NAT port faword set Destination port range: Reflection rules are created properly for port ranges. Please post on the forum, pfSense subreddit, or mailing list f... Jim Pingle
01:51 PM pfSense Packages Bug #8456 (Feedback): Squid shows Warning on package page after installation: Fix pushed Jim Pingle
01:37 PM pfSense Packages Bug #8456 (Resolved): Squid shows Warning on package page after installation: Install 2.4.2 CE, upgrad to latest 2.4.4 snapshot. Install Squid package, visit Services > Squid and the text (Warnin... Anonymous
01:36 PM pfSense Packages Bug #8277 (Assigned): ntopng service fails to start on 2.4.3: Since it's OK on 2.4.4, we can copy back the new ntopng to 2.4.3 now Jim Pingle
12:38 PM pfSense Packages Bug #8277: ntopng service fails to start on 2.4.3: Tested on 2.4.4.a.20180412.1121, service starts and can be accessed. Anonymous
11:36 AM Bug #8426: Mobile IPSec login not working after upgrade from 2.4.2p1: I tested the diff and can confirm it works again. Thank you so much for fixing this so quickly Jim! Jay2k1 *
11:30 AM Bug #8426 (Feedback): Mobile IPSec login not working after upgrade from 2.4.2p1: Applied in changeset commit:af7c0311b89656198e00ded91c1a2a87f34c331b. Jim Pingle
10:55 AM Bug #8426: Mobile IPSec login not working after upgrade from 2.4.2p1: Well, ipsec.secrets is written out identically on both a working (2.4.2) and non-working (2.4.3, 2.4.4, 2.3.6) setup ... Jim Pingle
10:34 AM Bug #8426 (Confirmed): Mobile IPSec login not working after upgrade from 2.4.2p1: Looks like the PSK for another tunnel is being used instead of the more exact match. It works when it is the only ent... Jim Pingle
07:34 AM pfSense Packages Bug #8454: Arpwatch package break email notifications from other sources: I wouldn't say those are broken. Those cron notifications didn't work at all without the symlink setup by arpwatch. F... Jim Pingle
07:18 AM pfSense Packages Bug #8454 (New): Arpwatch package break email notifications from other sources: Arpwatch replaces /usr/sbin/sendmail with a symlink to a PHP script that specifically mentioned Arpwatch in the messa... Yehuda Katz
07:31 AM Bug #8455 (Not a Bug): IPsec site2site connection not working after upgrade to 2.4.3: Please post on the forum or pfSense subreddit for assistance. Most likely this is not related to IPsec at all, but a ... Jim Pingle
07:29 AM Bug #8455 (Not a Bug): IPsec site2site connection not working after upgrade to 2.4.3: Since the upgrade from 2.4.2p1 to 2.4.3, the connection to the remote ipsec endpoint fails with 04[NET] error writing... Kai Wöstefeld
06:47 AM Bug #8429: radvd/IPv6 broken in 2.4.3 when using a LAN bridge: just to confirm. Having the same problem.
[Apr 12 11:43:32] radvd (88189): polling for 0 second(s), next iface is ... Johannes Ullrich

04/11/2018

09:40 PM Bug #8453 (Not a Bug): NAT reflection can't work when NAT port faword set Destination port range: NAT reflection can't work when NAT port forward set Destination port range.
it can work when setting single NAT p... wisn gsiw
06:35 PM Bug #8417 (Resolved): IPv6 bogon list size now too large to fit in standard maximum table size: Jim Pingle
06:13 PM Bug #8417: IPv6 bogon list size now too large to fit in standard maximum table size: Tested on pfSense CE version: 2.4.4 Built On: Wed Apr 11 14:31:44 CDT 2018 .. after upgrading from 2.4.2. Nothing wro... Anonymous
04:19 PM Bug #8452 (Closed): PPPoE :: Interfaces > WAN: [PPPoE Configuration] Service name :: colon not allowed (invalid character): I have noticed that a colon is not allowed in the "Service name" of a PPPoE configuration under "Interface > WAN".
O... Bouke Henstra
01:15 PM Todo #8451 (Resolved): System Information dashboard widget - Kernel PTI toggle: When editing the System Information dashboard widget, all sections of the widget can be toggled on or off. Since the ... Clinton Cory
02:11 AM Bug #8450: High Availability Sync / xmlrpc.php removes "remote system username" on backup cluster member: OK now we're getting somewhere. I can confirm that there is something to look at here regarding syncing users from th... Chris Linstruth
01:56 AM Bug #8450: High Availability Sync / xmlrpc.php removes "remote system username" on backup cluster member: No, the xmlrpcsync user does not exist on the primary. However, since the "user manager users and groups" checkbox is... Alex S
12:51 AM Bug #8450: High Availability Sync / xmlrpc.php removes "remote system username" on backup cluster member: Does the xmlrpcsync user exist on the primary?
I use a custom user (xmlrpc) for this and it survived the upgrade, ... Chris Linstruth
12:28 AM Bug #8450 (Resolved): High Availability Sync / xmlrpc.php removes "remote system username" on backup cluster member: Two-member cluster:
- Primary: upgraded from 2.4.2-p1 to 2.4.3 using the GUI
- Backup: issue occurs both after an u... Alex S

04/10/2018

08:05 PM Bug #8076: User can easily apply an unusable interface configuration after restore: This is exasperated by the fact that in previous versions of pfSense when you got the "reassign interfaces" page afte... Nate Cartwright
05:47 PM Revision 6ad146e0: Reword bogon block size error text. Ticket #8417: Jim Pingle
01:28 PM Bug #7443: Issues Creating IPv6 Static Mappings: The actual lease works now, so now I am just basically verifying the original bug report. Its cosmetic only but I agr... Chris Collins
12:10 PM Bug #7443: Issues Creating IPv6 Static Mappings: Did this ever get fixed? I ended up at this page trying to diagnose static ipv6 mappings.
I have configured static... Chris Collins
01:08 PM pfSense Packages Bug #8440 (Not a Bug): Suricata 4.0.4_1 disablesid.conf does not disable rule?: Jim Pingle
12:58 PM pfSense Packages Bug #8440: Suricata 4.0.4_1 disablesid.conf does not disable rule?: This is not a bug. The rule being triggered was a flowbit rule. Therefore, the disablesid.conf could not disable the ... Raffi T
08:17 AM Bug #8410 (Resolved): unable to use registered services by name and unable to define aliases for registered services using their name: Jim Pingle
08:17 AM Bug #8409 (Resolved): pfsense alias complains about well known name for non well known port: Jim Pingle
03:31 AM Bug #8448: Log size modification broken: In addition, -after three consecutive size changes- when you start with a very large number, the file doesn't stop gr... Alexandre Pétillon
12:48 AM Revision 41270b74: Delete loader.conf.local: Peter Berbec
12:48 AM Revision 3173cf70: Delete IF_URNDIS.KO: Peter Berbec
12:48 AM Revision c344add2: rename: Peter Berbec
12:47 AM Revision 072e0e93: Create loader.conf.locat: Peter Berbec
12:46 AM Revision a397fd7a: ndis driver: Peter Berbec
12:16 AM Bug #8426: Mobile IPSec login not working after upgrade from 2.4.2p1: Seeing the same error ("The VPN Shared Secret is incorrect.") on iOS. Exact same config worked before the update to 2... Daniel Becker

04/09/2018

08:32 PM Revision aa20508d: Correct text and help for new SSH key/pass options. Ticket #8402: Jim Pingle
08:18 PM Revision a2405c1a: Correct text for reserved alias name checks against protocols and services. Fixes #8409: Jim Pingle
08:11 PM Revision 885e9b2a: Correct pconfig_to_address() so its logic matches the input validation used for checking port numbers. Fixes #8410: Jim Pingle
07:37 PM pfSense Packages Bug #8425: telegraf not reporting memory: Can confirm this same behavior. An upstream bug was also filed: https://github.com/influxdata/telegraf/issues/3750 Chipster Cuch
07:26 PM Bug #8410: unable to use registered services by name and unable to define aliases for registered services using their name: Tested on latest 2.4.4 CE snapshot gitsync'd to master, works as expected. Setting port to other and using the name, ... Anonymous
03:20 PM Bug #8410 (Feedback): unable to use registered services by name and unable to define aliases for registered services using their name: Applied in changeset commit:885e9b2a1df256f4d50367f96b4d39c1106b2448. Jim Pingle
03:09 PM Bug #8410: unable to use registered services by name and unable to define aliases for registered services using their name: @is_port()@ from /etc/inc/util.inc tests a string against known services by name to determine validity, not just numb... Jim Pingle
07:15 PM Bug #8409: pfsense alias complains about well known name for non well known port: Tested on latest 2.4.4 CE snapshot gitsync'd to master, works as expected. Anonymous
03:30 PM Bug #8409 (Feedback): pfsense alias complains about well known name for non well known port: Applied in changeset commit:a2405c1a8c366e1ad2ececd4f62c577eed31ab7c. Jim Pingle
04:01 PM pfSense Packages Bug #8438: haproxy: can't use ACL for cert with http-response actions: The haproxy_config_init() is a new function added in the second last commit. Not sure why that wouldn't exist after u... Pi Ba
03:41 PM pfSense Packages Bug #8438: haproxy: can't use ACL for cert with http-response actions: Updated and tested all of the above - looks alright.
Only right after the update I encountered one issue:
- I was... Petr H
12:39 PM pfSense Packages Bug #8438: haproxy: can't use ACL for cert with http-response actions: Okay 0.56 haproxy-devel package is available now through normal pfSense packages. If you can check 'everything' now w... Pi Ba
03:59 PM Bug #8447 (Resolved): Cannot change Gateway in Firewall > Rules: Confirmed here as well. It works as it should now. Switching to IPv4+IPv6 disables the gateway edit control, then swi... Jim Pingle
01:01 PM Bug #8447: Cannot change Gateway in Firewall > Rules: Tested on latest CE snapshot gitsynced to master, works as expected. Editing an IPv4+IPv6 rule's gateway is possible ... Anonymous
09:20 AM Bug #8447: Cannot change Gateway in Firewall > Rules: Applied in changeset commit:1d523d1e4e7b16519ed3fd9dfb9e6b4dd84b4285. Anonymous
09:07 AM Bug #8447 (Feedback): Cannot change Gateway in Firewall > Rules: Should be fixed in the next snapshot. Please confirm here. Anonymous
07:23 AM Bug #8447 (Confirmed): Cannot change Gateway in Firewall > Rules: Confirmed here, too. Create a new rule, Gateway is changeable. Set Address Family to IPv4+IPv6, Gateway field is disa... Jim Pingle
12:05 AM Bug #8447: Cannot change Gateway in Firewall > Rules: Looking at it more there is something here, but it takes more steps to duplicate than you provided.
It works if yo... Chris Linstruth
03:36 PM Feature #8402 (Resolved): SSH2 Enforced Key and Username+Password Authentication...: I made some alterations to the text, cosmetic only. I made sure all the options work as expected here after, looks go... Jim Pingle
01:09 PM Feature #8402: SSH2 Enforced Key and Username+Password Authentication...: New options show up and each works as expected on latest 2.4.4 CE snapshot gitsync'd to master. Anonymous
02:25 PM Revision 96fa3e36: Cleaner fix for ##8447: Steve Beaver
02:17 PM Revision 62ea1dbd: Merge pull request #3904 from Hobby-Student/master: Steve Beaver
02:06 PM Revision 1d523d1e: Fixed #8447: Steve Beaver
01:25 PM Revision b20cfb55: Replace incomplete list of pf reserved words with a list of pf tokens pulled from the pf source. Fixes #8445: Also, move the list to a central location so it does not need to be duplicated. Jim Pingle
01:03 PM Bug #8445 (Resolved): creating an alias named "log" breaks rule processing: Jim Pingle
12:58 PM Bug #8445: creating an alias named "log" breaks rule processing: Tested on latest 2.4.4 CE snapshot gitsync'd to master, works as expected. Anonymous
08:40 AM Bug #8445 (Feedback): creating an alias named "log" breaks rule processing: Applied in changeset commit:b20cfb55125207e21d81a29a107ea77230fbc7fb. Jim Pingle
08:28 AM Bug #8445: creating an alias named "log" breaks rule processing: The list of pf keywords was a lot shorter than it should be, but there isn't a documented list that I could see.
I... Jim Pingle
07:33 AM Bug #8445 (Confirmed): creating an alias named "log" breaks rule processing: It's a reserved keyword in pf but isn't in the list.
Jim Pingle
01:02 PM Todo #8423 (Resolved): Update SimplePie to 1.5.1: Jim Pingle
12:27 PM Todo #8423: Update SimplePie to 1.5.1: Works as expected on 2.4.4.a.20180409.0622. Anonymous
12:04 PM pfSense Packages Bug #8449: FRR 4.0 zebra daemon crashes: Looks like this isn't just specific to BGP. In the forum thread linked above, it is happening on multiple amd64 VMs t... Jim Pingle
11:44 AM pfSense Packages Bug #8449 (Resolved): FRR 4.0 zebra daemon crashes: The zebra daemon in FRR 4.0 won't stay running with a BGP configuration. It crashes on startup. OSPF alone seems to b... Jim Pingle
11:25 AM Bug #8408 (Resolved): invalid rule written due to ipv6 ipalias being present: Problematic test cluster has no errors on a snapshot containing the fix. Looks good here. Jim Pingle
09:11 AM Bug #8448 (Closed): Log size modification broken: From UI, status_log_filter.php.
I want to increase the size of filter.log from 500K to 5G (as an example).
From... Alexandre Pétillon
07:38 AM Feature #8030 (Resolved): Unbound: Add support for DNS over TLS to internal clients: Jim Pingle
07:37 AM Bug #8391 (Resolved): OpenVPN Wizard creates WAN rule with TCP4 instead of protocol TCP, it creates error when loading firewall rules: Jim Pingle
07:36 AM Bug #8444 (Not a Bug): ovpnc as upstream dhcp relay interface: Yeah that does appear to be a limitation. For a site to site, tap should work the same as tun in most cases though, s... Jim Pingle
07:33 AM Bug #8426: Mobile IPSec login not working after upgrade from 2.4.2p1: Yes, I can confirm this issue. Mobile Client ("Roadwarrior") IPSec access no longer works after upgrading to 2.4.3 (w... Jay2k1 *
06:01 AM Feature #8140: Feature Request: Zone Firewall between interfaces: It is high time to move away from interface-based firewalling and move to zone-based firewalling. Zone-based firewall... Jupiter Vuorikoski

04/08/2018

11:54 PM Bug #8447: Cannot change Gateway in Firewall > Rules: Are you sure you are not creating an IPv4+IPv6 rule? You cannot (and have never been able to) set a gateway on those.... Chris Linstruth
11:39 PM Bug #8447 (Resolved): Cannot change Gateway in Firewall > Rules: Open any rule or create a new rule. In the Advanced options, the Gateway cannot be selected. This was working in 2.... Yajasi Support
07:35 PM Bug #8446 (Resolved): QinQ interfaces are assigned incorrectly: When creating a QinQ interface in 2.4.3 it is stored in the config correctly and created as an interface as expected:... Steve Wheeler
03:44 PM Bug #8445 (Resolved): creating an alias named "log" breaks rule processing: i created an ip alias, and named it "log". upon the rules reloading, an error occurred:
There were error(s) loadi... lists b
02:04 PM Bug #8429: radvd/IPv6 broken in 2.4.3 when using a LAN bridge: Same Problem:
RADVD regression on 2.4.3 / radvd can not run on bridge Interface anymore...
https://forum.pfsense.or... neti netwalker
12:13 AM Bug #8429: radvd/IPv6 broken in 2.4.3 when using a LAN bridge: Same issue for me too ....
Netgate SG-4860 - Serial: ********* - Netgate Device ID: *********
*** Welcome to pf... Mat Clarke
01:11 PM pfSense Packages Bug #8438: haproxy: can't use ACL for cert with http-response actions: 2. found&fixed
The plugin 'injects' extra stylesheets, and the setCSSdisplay function searches for a particular st... Pi Ba
11:07 AM pfSense Packages Bug #8438: haproxy: can't use ACL for cert with http-response actions: Re 2: I usually use Firefox @ Windows 10 and yes with some blockers such as NoScript, uBlock and few user scripts in ... Petr H
09:40 AM pfSense Packages Bug #8438: haproxy: can't use ACL for cert with http-response actions: Thanks for testing and reporting about these issues.
1. found&fixed
2. these items seem to work properly for me o... Pi Ba
11:31 AM Bug #8444: ovpnc as upstream dhcp relay interface: This appears to be the expected behaviour as isc-dhcpd cannot bind to adapters with no MAC address.
However you can ... Steve Wheeler
07:32 AM Bug #8335: System hang with LACP downlink to UniFi switch: Some new information:
* It happens when LAGG Protocol is set to Failover.
* It happens when one of the two netwo... Mike Pastore

Also available in: Atom

Project

General

Profile

pfSense

Activity

Activity

05/07/2018

05/06/2018

05/05/2018

05/04/2018

05/03/2018

05/02/2018

05/01/2018

04/30/2018

04/28/2018

04/27/2018

04/26/2018

04/25/2018

04/24/2018

04/23/2018

04/22/2018

04/21/2018

04/20/2018

04/19/2018

04/18/2018

04/17/2018

04/16/2018

04/15/2018

04/14/2018

04/13/2018

04/12/2018

04/11/2018

04/10/2018

04/09/2018

04/08/2018